From 2b57941b856f66edb0c18e642a9ce19698a7cded Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Fri, 1 Dec 2023 09:40:19 -0800 Subject: [PATCH 001/121] [cli] SRP Server Readme update - add srp server auto command (#9669) --- src/cli/README_SRP_SERVER.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/cli/README_SRP_SERVER.md b/src/cli/README_SRP_SERVER.md index ad87182590f..f86e52fbecf 100644 --- a/src/cli/README_SRP_SERVER.md +++ b/src/cli/README_SRP_SERVER.md @@ -8,6 +8,7 @@ See [README_SRP.md](README_SRP.md). - [help](#help) - [addrmode](#addrmode) +- [auto](#auto) - [disable](#disable) - [domain](#domain) - [enable](#enable) @@ -28,6 +29,7 @@ Print SRP server help menu. ```bash > srp server help addrmode +auto disable domain enable @@ -67,6 +69,25 @@ anycast Done ``` +### auto + +Usage: `srp server auto [enable|disable]` + +Enables or disables the auto-enable mode on the SRP server. + +When this mode is enabled, the Border Routing Manager controls if and when to enable or disable the SRP server. + +This command requires that `OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` be enabled. + +```bash +> srp server auto enable +Done + +> srp server auto +Enabled +Done +``` + ### disable Usage: `srp server disable` From b78b71b537ea13419543d14eacbf164b15af6c99 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Fri, 1 Dec 2023 10:14:44 -0800 Subject: [PATCH 002/121] [srp-client] track registered addresses (#9652) This commit enhances the SRP client to track registered addresses when auto host address mode is enabled. A new field `mSrpRegistered` is added to `Ip6::Netif::UnicastAddress` to track whether the address is registered by the SRP client. This optimization ensures that the SRP client only performs registration when there is a change to the list of addresses that need to be registered, preventing unnecessary re-registration and reduces communication overhead, e.g., when a deprecating non-preferred address which is not registered by SRP client is timed out and removed. --- include/openthread/instance.h | 2 +- include/openthread/ip6.h | 1 + src/core/net/netif.cpp | 24 +++++- src/core/net/netif.hpp | 22 ++++- src/core/net/srp_client.cpp | 116 +++++++++++++++++++++------ src/core/net/srp_client.hpp | 4 +- src/core/thread/address_resolver.cpp | 2 +- src/core/thread/mle.hpp | 8 ++ 8 files changed, 145 insertions(+), 34 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index b67b303f17a..3acb6e43739 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (379) +#define OPENTHREAD_API_VERSION (380) /** * @addtogroup api-instance diff --git a/include/openthread/ip6.h b/include/openthread/ip6.h index 850c64c6be2..8b32d7ca4b0 100644 --- a/include/openthread/ip6.h +++ b/include/openthread/ip6.h @@ -189,6 +189,7 @@ typedef struct otNetifAddress unsigned int mScopeOverride : 4; ///< The IPv6 scope of this address. bool mRloc : 1; ///< TRUE if the address is an RLOC, FALSE otherwise. bool mMeshLocal : 1; ///< TRUE if the address is mesh-local, FALSE otherwise. + bool mSrpRegistered : 1; ///< Used by OT core only (indicates whether registered by SRP Client). const struct otNetifAddress *mNext; ///< A pointer to the next network interface address. } otNetifAddress; diff --git a/src/core/net/netif.cpp b/src/core/net/netif.cpp index ff39891e736..1b739afca05 100644 --- a/src/core/net/netif.cpp +++ b/src/core/net/netif.cpp @@ -377,15 +377,29 @@ void Netif::AddUnicastAddress(UnicastAddress &aAddress) return; } -void Netif::RemoveUnicastAddress(const UnicastAddress &aAddress) +void Netif::RemoveUnicastAddress(UnicastAddress &aAddress) { SuccessOrExit(mUnicastAddresses.Remove(aAddress)); + aAddress.mSrpRegistered = false; SignalUnicastAddressChange(kAddressRemoved, aAddress); exit: return; } +void Netif::UpdatePreferredFlagOn(UnicastAddress &aAddress, bool aPreferred) +{ + VerifyOrExit(HasUnicastAddress(aAddress)); + VerifyOrExit(aAddress.mPreferred != aPreferred); + + SignalUnicastAddressChange(kAddressRemoved, aAddress); + aAddress.mPreferred = aPreferred; + SignalUnicastAddressChange(kAddressAdded, aAddress); + +exit: + return; +} + void Netif::SignalUnicastAddressChange(AddressEvent aEvent, const UnicastAddress &aAddress) { Event event; @@ -443,9 +457,10 @@ Error Netif::AddExternalUnicastAddress(const UnicastAddress &aAddress) entry = mExtUnicastAddressPool.Allocate(); VerifyOrExit(entry != nullptr, error = kErrorNoBufs); - *entry = aAddress; - entry->mRloc = false; - entry->mMeshLocal = false; + *entry = aAddress; + entry->mRloc = false; + entry->mMeshLocal = false; + entry->mSrpRegistered = false; mUnicastAddresses.Push(*entry); SignalUnicastAddressChange(kAddressAdded, *entry); @@ -504,6 +519,7 @@ void Netif::ApplyNewMeshLocalPrefix(void) if (address.mMeshLocal) { SignalUnicastAddressChange(kAddressRemoved, address); + address.mSrpRegistered = false; address.GetAddress().SetPrefix(Get().GetMeshLocalPrefix()); SignalUnicastAddressChange(kAddressAdded, address); } diff --git a/src/core/net/netif.hpp b/src/core/net/netif.hpp index 0e50571340f..663eb218ebb 100644 --- a/src/core/net/netif.hpp +++ b/src/core/net/netif.hpp @@ -397,6 +397,14 @@ class Netif : public InstanceLocator, private NonCopyable */ const LinkedList &GetUnicastAddresses(void) const { return mUnicastAddresses; } + /** + * Returns the linked list of unicast addresses. + * + * @returns The linked list of unicast addresses. + * + */ + LinkedList &GetUnicastAddresses(void) { return mUnicastAddresses; } + /** * Adds a unicast address to the network interface. * @@ -421,7 +429,19 @@ class Netif : public InstanceLocator, private NonCopyable * @param[in] aAddress A reference to the unicast address. * */ - void RemoveUnicastAddress(const UnicastAddress &aAddress); + void RemoveUnicastAddress(UnicastAddress &aAddress); + + /** + * Updates the preferred flag on a previously added (internal to OpenThread core) unicast address. + * + * If the address is not added to the network interface or the current preferred flag of @p aAddress is the same as + * the given @p aPreferred, no action is performed. + * + * @param[in] aAddress The unicast address + * @param[in] aPreferred The new value for preferred flag. + * + */ + void UpdatePreferredFlagOn(UnicastAddress &aAddress, bool aPreferred); /** * Indicates whether or not an address is assigned to the interface. diff --git a/src/core/net/srp_client.cpp b/src/core/net/srp_client.cpp index 617091ca1cb..cbc24c4ff0e 100644 --- a/src/core/net/srp_client.cpp +++ b/src/core/net/srp_client.cpp @@ -244,13 +244,13 @@ Client::Client(Instance &aInstance) , mState(kStateStopped) , mTxFailureRetryCount(0) , mShouldRemoveKeyLease(false) - , mAutoHostAddressAddedMeshLocal(false) , mSingleServiceMode(false) #if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE , mServiceKeyRecordEnabled(false) , mUseShortLeaseOption(false) #endif , mUpdateMessageId(0) + , mAutoHostAddressCount(0) , mRetryWaitInterval(kMinRetryWaitInterval) , mTtl(0) , mLease(0) @@ -421,20 +421,11 @@ void Client::HandleNotifierEvents(Events aEvents) } #endif - if (mHostInfo.IsAutoAddressEnabled()) + if (aEvents.ContainsAny(kEventIp6AddressAdded | kEventIp6AddressRemoved | kEventThreadMeshLocalAddrChanged) && + ShouldUpdateHostAutoAddresses()) { - Events::Flags eventFlags = (kEventIp6AddressAdded | kEventIp6AddressRemoved); - - if (mAutoHostAddressAddedMeshLocal) - { - eventFlags |= kEventThreadMeshLocalAddrChanged; - } - - if (aEvents.ContainsAny(eventFlags)) - { - IgnoreError(UpdateHostInfoStateOnAddressChange()); - UpdateState(); - } + IgnoreError(UpdateHostInfoStateOnAddressChange()); + UpdateState(); } } @@ -494,6 +485,13 @@ Error Client::EnableAutoHostAddress(void) VerifyOrExit(!mHostInfo.IsAutoAddressEnabled()); SuccessOrExit(error = UpdateHostInfoStateOnAddressChange()); + for (Ip6::Netif::UnicastAddress &unicastAddress : Get().GetUnicastAddresses()) + { + unicastAddress.mSrpRegistered = false; + } + + mAutoHostAddressCount = 0; + mHostInfo.EnableAutoAddress(); UpdateState(); @@ -515,6 +513,68 @@ Error Client::SetHostAddresses(const Ip6::Address *aAddresses, uint8_t aNumAddre return error; } +bool Client::ShouldUpdateHostAutoAddresses(void) const +{ + bool shouldUpdate = false; + uint16_t registeredCount = 0; + Ip6::Netif::UnicastAddress &ml64 = Get().GetMeshLocal64UnicastAddress(); + + VerifyOrExit(mHostInfo.IsAutoAddressEnabled()); + + // Check all addresses on `ThreadNetif` excluding the mesh local + // EID (`ml64`). If any address should be registered but is not, + // or if any address was registered earlier but no longer should + // be, the host information needs to be re-registered to update + // the addresses. If there is no eligible address, then `ml64` + // should be registered, so its status is checked. Finally, the + // number of addresses that should be registered is verified + // against the previous value `mAutoHostAddressCount` to handle + // the case where an earlier registered address is now removed. + + for (const Ip6::Netif::UnicastAddress &unicastAddress : Get().GetUnicastAddresses()) + { + if (&unicastAddress == &ml64) + { + continue; + } + + if (ShouldHostAutoAddressRegister(unicastAddress) != unicastAddress.mSrpRegistered) + { + ExitNow(shouldUpdate = true); + } + + if (unicastAddress.mSrpRegistered) + { + registeredCount++; + } + } + + if (registeredCount == 0) + { + ExitNow(shouldUpdate = !ml64.mSrpRegistered); + } + + shouldUpdate = (registeredCount != mAutoHostAddressCount); + +exit: + return shouldUpdate; +} + +bool Client::ShouldHostAutoAddressRegister(const Ip6::Netif::UnicastAddress &aUnicastAddress) const +{ + bool shouldRegister = false; + + VerifyOrExit(aUnicastAddress.mValid); + VerifyOrExit(aUnicastAddress.mPreferred); + VerifyOrExit(!aUnicastAddress.GetAddress().IsLinkLocal()); + VerifyOrExit(!Get().IsMeshLocalAddress(aUnicastAddress.GetAddress())); + + shouldRegister = true; + +exit: + return shouldRegister; +} + Error Client::UpdateHostInfoStateOnAddressChange(void) { Error error = kErrorNone; @@ -1244,25 +1304,29 @@ Error Client::AppendHostDescriptionInstruction(Message &aMessage, Info &aInfo) // and mesh-local addresses. If no address is appended, we include // the mesh local EID. - mAutoHostAddressAddedMeshLocal = true; + mAutoHostAddressCount = 0; - for (const Ip6::Netif::UnicastAddress &unicastAddress : Get().GetUnicastAddresses()) + for (Ip6::Netif::UnicastAddress &unicastAddress : Get().GetUnicastAddresses()) { - const Ip6::Address &address = unicastAddress.GetAddress(); - - if (address.IsLinkLocal() || Get().IsMeshLocalAddress(address) || !unicastAddress.mPreferred || - !unicastAddress.mValid) + if (ShouldHostAutoAddressRegister(unicastAddress)) { - continue; + SuccessOrExit(error = AppendAaaaRecord(unicastAddress.GetAddress(), aMessage, aInfo)); + unicastAddress.mSrpRegistered = true; + mAutoHostAddressCount++; + } + else + { + unicastAddress.mSrpRegistered = false; } - - SuccessOrExit(error = AppendAaaaRecord(address, aMessage, aInfo)); - mAutoHostAddressAddedMeshLocal = false; } - if (mAutoHostAddressAddedMeshLocal) + if (mAutoHostAddressCount == 0) { - SuccessOrExit(error = AppendAaaaRecord(Get().GetMeshLocal64(), aMessage, aInfo)); + Ip6::Netif::UnicastAddress &ml64 = Get().GetMeshLocal64UnicastAddress(); + + SuccessOrExit(error = AppendAaaaRecord(ml64.GetAddress(), aMessage, aInfo)); + ml64.mSrpRegistered = true; + mAutoHostAddressCount++; } } else diff --git a/src/core/net/srp_client.hpp b/src/core/net/srp_client.hpp index 5260ea6ac78..32b1ea0de9e 100644 --- a/src/core/net/srp_client.hpp +++ b/src/core/net/srp_client.hpp @@ -1001,6 +1001,8 @@ class Client : public InstanceLocator, private NonCopyable void Pause(void); void HandleNotifierEvents(Events aEvents); void HandleRoleChanged(void); + bool ShouldUpdateHostAutoAddresses(void) const; + bool ShouldHostAutoAddressRegister(const Ip6::Netif::UnicastAddress &aUnicastAddress) const; Error UpdateHostInfoStateOnAddressChange(void); void UpdateServiceStateToRemove(Service &aService); State GetState(void) const { return mState; } @@ -1065,7 +1067,6 @@ class Client : public InstanceLocator, private NonCopyable State mState; uint8_t mTxFailureRetryCount : 4; bool mShouldRemoveKeyLease : 1; - bool mAutoHostAddressAddedMeshLocal : 1; bool mSingleServiceMode : 1; #if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE bool mServiceKeyRecordEnabled : 1; @@ -1073,6 +1074,7 @@ class Client : public InstanceLocator, private NonCopyable #endif uint16_t mUpdateMessageId; + uint16_t mAutoHostAddressCount; uint32_t mRetryWaitInterval; TimeMilli mLeaseRenewTime; diff --git a/src/core/thread/address_resolver.cpp b/src/core/thread/address_resolver.cpp index a779a11588f..28f6483cd94 100644 --- a/src/core/thread/address_resolver.cpp +++ b/src/core/thread/address_resolver.cpp @@ -785,7 +785,7 @@ void AddressResolver::HandleTmf(Coap::Message &aMessage, const SuccessOrExit(error = Tlv::Find(aMessage, target)); SuccessOrExit(error = Tlv::Find(aMessage, meshLocalIid)); - for (const Ip6::Netif::UnicastAddress &address : Get().GetUnicastAddresses()) + for (Ip6::Netif::UnicastAddress &address : Get().GetUnicastAddresses()) { if (address.GetAddress() == target && Get().GetMeshLocal64().GetIid() != meshLocalIid) { diff --git a/src/core/thread/mle.hpp b/src/core/thread/mle.hpp index 8f3e9eaa09d..33d0920cf4d 100644 --- a/src/core/thread/mle.hpp +++ b/src/core/thread/mle.hpp @@ -530,6 +530,14 @@ class Mle : public InstanceLocator, private NonCopyable */ const Ip6::Address &GetMeshLocal64(void) const { return mMeshLocal64.GetAddress(); } + /** + * Returns a reference to the ML-EID as a `Netif::UnicastAddress`. + * + * @returns A reference to the ML-EID. + * + */ + Ip6::Netif::UnicastAddress &GetMeshLocal64UnicastAddress(void) { return mMeshLocal64; } + /** * Returns the Router ID of the Leader. * From c378bd9a254745363ac67f2be8eb8719fa4979e4 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 4 Dec 2023 08:22:47 -0800 Subject: [PATCH 003/121] [meshcop] `MeshCoP::ChannelTlv` to utilize `Mle::ChannelTlvValue` (#9674) This commit introduces `IsValid()` and `SetChannelAndPage()` methods to `Mle::ChannelTlvValue`, enabling its use as value of `MeshCoP::ChannelTlv`. --- src/core/meshcop/dataset.cpp | 12 ++-- src/core/meshcop/dataset_manager_ftd.cpp | 17 +++--- src/core/meshcop/meshcop_tlvs.cpp | 50 +---------------- src/core/meshcop/meshcop_tlvs.hpp | 70 +++--------------------- src/core/thread/mle_tlvs.cpp | 43 +++++++++++++++ src/core/thread/mle_tlvs.hpp | 17 ++++++ 6 files changed, 86 insertions(+), 123 deletions(-) diff --git a/src/core/meshcop/dataset.cpp b/src/core/meshcop/dataset.cpp index 00c8d6d1703..1692696fc76 100644 --- a/src/core/meshcop/dataset.cpp +++ b/src/core/meshcop/dataset.cpp @@ -194,7 +194,7 @@ void Dataset::ConvertTo(Info &aDatasetInfo) const break; case Tlv::kChannel: - aDatasetInfo.SetChannel(As(cur)->GetChannel()); + aDatasetInfo.SetChannel(cur->ReadValueAs().GetChannel()); break; case Tlv::kChannelMask: @@ -304,10 +304,10 @@ Error Dataset::SetFrom(const Info &aDatasetInfo) if (aDatasetInfo.IsChannelPresent()) { - ChannelTlv tlv; - tlv.Init(); - tlv.SetChannel(aDatasetInfo.GetChannel()); - IgnoreError(WriteTlv(tlv)); + ChannelTlvValue channelValue; + + channelValue.SetChannelAndPage(aDatasetInfo.GetChannel()); + IgnoreError(Write(channelValue)); } if (aDatasetInfo.IsChannelMaskPresent()) @@ -527,7 +527,7 @@ Error Dataset::ApplyConfiguration(Instance &aInstance, bool *aIsNetworkKeyUpdate { case Tlv::kChannel: { - uint8_t channel = static_cast(As(cur)->GetChannel()); + uint8_t channel = static_cast(cur->ReadValueAs().GetChannel()); error = mac.SetPanChannel(channel); diff --git a/src/core/meshcop/dataset_manager_ftd.cpp b/src/core/meshcop/dataset_manager_ftd.cpp index 3eec1a8b666..e5423dc3c04 100644 --- a/src/core/meshcop/dataset_manager_ftd.cpp +++ b/src/core/meshcop/dataset_manager_ftd.cpp @@ -82,7 +82,7 @@ Error DatasetManager::HandleSet(Coap::Message &aMessage, const Ip6::MessageInfo StateTlv::State state = StateTlv::kReject; Dataset dataset; Timestamp activeTimestamp; - ChannelTlv channel; + ChannelTlvValue channelValue; uint16_t sessionId; Ip6::NetworkPrefix meshLocalPrefix; NetworkKey networkKey; @@ -116,12 +116,11 @@ Error DatasetManager::HandleSet(Coap::Message &aMessage, const Ip6::MessageInfo VerifyOrExit(Timestamp::Compare(&activeTimestamp, mLocal.GetTimestamp()) > 0); } - // check channel - if (Tlv::FindTlv(aMessage, channel) == kErrorNone) + if (Tlv::Find(aMessage, channelValue) == kErrorNone) { - VerifyOrExit(channel.IsValid()); + VerifyOrExit(channelValue.IsValid()); - if (channel.GetChannel() != Get().GetPanChannel()) + if (channelValue.GetChannel() != Get().GetPanChannel()) { doesAffectConnectivity = true; } @@ -312,10 +311,10 @@ Error ActiveDatasetManager::GenerateLocal(void) if (!dataset.Contains()) { - ChannelTlv tlv; - tlv.Init(); - tlv.SetChannel(Get().GetPanChannel()); - IgnoreError(dataset.WriteTlv(tlv)); + ChannelTlvValue channelValue; + + channelValue.SetChannelAndPage(Get().GetPanChannel()); + IgnoreError(dataset.Write(channelValue)); } if (!dataset.Contains()) diff --git a/src/core/meshcop/meshcop_tlvs.cpp b/src/core/meshcop/meshcop_tlvs.cpp index 446846f45d4..573e6b095a5 100644 --- a/src/core/meshcop/meshcop_tlvs.cpp +++ b/src/core/meshcop/meshcop_tlvs.cpp @@ -65,9 +65,9 @@ bool Tlv::IsValid(const Tlv &aTlv) case Tlv::kMeshLocalPrefix: minLength = sizeof(MeshLocalPrefixTlv::ValueType); break; - case Tlv::kChannel: - isValid = As(aTlv).IsValid(); + VerifyOrExit(aTlv.GetLength() >= sizeof(ChannelTlvValue), isValid = false); + isValid = aTlv.ReadValueAs().IsValid(); break; case Tlv::kNetworkName: isValid = As(aTlv).IsValid(); @@ -90,6 +90,7 @@ bool Tlv::IsValid(const Tlv &aTlv) isValid = (aTlv.GetLength() >= minLength); } +exit: return isValid; } @@ -143,51 +144,6 @@ void SecurityPolicyTlv::SetSecurityPolicy(const SecurityPolicy &aSecurityPolicy) aSecurityPolicy.GetFlags(mFlags, sizeof(mFlags)); } -bool ChannelTlv::IsValid(void) const -{ - bool ret = false; - - VerifyOrExit(GetLength() == sizeof(*this) - sizeof(Tlv)); - VerifyOrExit(mChannelPage < BitSizeOf(uint32_t)); - VerifyOrExit((1U << mChannelPage) & Radio::kSupportedChannelPages); - VerifyOrExit(Radio::kChannelMin <= GetChannel() && GetChannel() <= Radio::kChannelMax); - ret = true; - -exit: - return ret; -} - -void ChannelTlv::SetChannel(uint16_t aChannel) -{ - uint8_t channelPage = OT_RADIO_CHANNEL_PAGE_0; - -#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT - if ((OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MIN <= aChannel) && (aChannel <= OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MAX)) - { - channelPage = OT_RADIO_CHANNEL_PAGE_0; - } -#endif - -#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT - if ((OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN <= aChannel) && (aChannel <= OT_RADIO_915MHZ_OQPSK_CHANNEL_MAX)) - { - channelPage = OT_RADIO_CHANNEL_PAGE_2; - } -#endif - -#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - if ((OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN == aChannel) || - ((OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN < aChannel) && - (aChannel <= OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MAX))) - { - channelPage = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE; - } -#endif - - SetChannelPage(channelPage); - mChannel = BigEndian::HostSwap16(aChannel); -} - const char *StateTlv::StateToString(State aState) { static const char *const kStateStrings[] = { diff --git a/src/core/meshcop/meshcop_tlvs.hpp b/src/core/meshcop/meshcop_tlvs.hpp index c9c324e1b7c..b7b2af3fbf8 100644 --- a/src/core/meshcop/meshcop_tlvs.hpp +++ b/src/core/meshcop/meshcop_tlvs.hpp @@ -54,6 +54,7 @@ #include "net/ip6_address.hpp" #include "radio/radio.hpp" #include "thread/key_manager.hpp" +#include "thread/mle_tlvs.hpp" #include "thread/mle_types.hpp" namespace ot { @@ -245,75 +246,22 @@ typedef UintTlvInfo PeriodTlv; typedef UintTlvInfo ScanDurationTlv; /** - * Defines Commissioner ID TLV constants and type.s + * Defines Commissioner ID TLV constants and types. * */ typedef StringTlvInfo CommissionerIdTlv; /** - * Implements Channel TLV generation and parsing. + * Implements Channel TLV value format. * */ -OT_TOOL_PACKED_BEGIN -class ChannelTlv : public Tlv, public TlvInfo -{ -public: - /** - * Initializes the TLV. - * - */ - void Init(void) - { - SetType(kChannel); - SetLength(sizeof(*this) - sizeof(Tlv)); - } - - /** - * Indicates whether or not the TLV appears to be well-formed. - * - * @retval TRUE If the TLV appears to be well-formed. - * @retval FALSE If the TLV does not appear to be well-formed. - * - */ - bool IsValid(void) const; - - /** - * Returns the ChannelPage value. - * - * @returns The ChannelPage value. - * - */ - uint8_t GetChannelPage(void) const { return mChannelPage; } +typedef Mle::ChannelTlvValue ChannelTlvValue; - /** - * Sets the ChannelPage value. - * - * @param[in] aChannelPage The ChannelPage value. - * - */ - void SetChannelPage(uint8_t aChannelPage) { mChannelPage = aChannelPage; } - - /** - * Returns the Channel value. - * - * @returns The Channel value. - * - */ - uint16_t GetChannel(void) const { return BigEndian::HostSwap16(mChannel); } - - /** - * Sets the Channel value. - * Note: This method also sets the channel page according to the channel value. - * - * @param[in] aChannel The Channel value. - * - */ - void SetChannel(uint16_t aChannel); - -private: - uint8_t mChannelPage; - uint16_t mChannel; -} OT_TOOL_PACKED_END; +/** + * Defines Channel TLV constants and types. + * + */ +typedef SimpleTlvInfo ChannelTlv; /** * Defines PAN ID TLV constants and types. diff --git a/src/core/thread/mle_tlvs.cpp b/src/core/thread/mle_tlvs.cpp index 1908d61d48f..f3081e18ffc 100644 --- a/src/core/thread/mle_tlvs.cpp +++ b/src/core/thread/mle_tlvs.cpp @@ -34,6 +34,8 @@ #include "mle_tlvs.hpp" #include "common/code_utils.hpp" +#include "common/numeric_limits.hpp" +#include "radio/radio.hpp" namespace ot { namespace Mle { @@ -94,5 +96,46 @@ void ConnectivityTlv::SetParentPriority(int8_t aParentPriority) mFlags = static_cast(Preference::To2BitUint(aParentPriority) << kFlagsParentPriorityOffset); } +void ChannelTlvValue::SetChannelAndPage(uint16_t aChannel) +{ + uint8_t channelPage = OT_RADIO_CHANNEL_PAGE_0; + +#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT + if ((OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN <= aChannel) && (aChannel <= OT_RADIO_915MHZ_OQPSK_CHANNEL_MAX)) + { + channelPage = OT_RADIO_CHANNEL_PAGE_2; + } +#endif + +#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT + if ((OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN == aChannel) || + ((OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN < aChannel) && + (aChannel <= OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MAX))) + { + channelPage = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE; + } +#endif + + SetChannelPage(channelPage); + SetChannel(aChannel); +} + +bool ChannelTlvValue::IsValid(void) const +{ + bool isValid = false; + uint16_t channel; + + VerifyOrExit(mChannelPage < BitSizeOf(uint32_t)); + VerifyOrExit((1U << mChannelPage) & Radio::kSupportedChannelPages); + + channel = GetChannel(); + VerifyOrExit((Radio::kChannelMin <= channel) && (channel <= Radio::kChannelMax)); + + isValid = true; + +exit: + return isValid; +} + } // namespace Mle } // namespace ot diff --git a/src/core/thread/mle_tlvs.hpp b/src/core/thread/mle_tlvs.hpp index d4be8ff459c..68f62a49fa8 100644 --- a/src/core/thread/mle_tlvs.hpp +++ b/src/core/thread/mle_tlvs.hpp @@ -1096,6 +1096,23 @@ class ChannelTlvValue */ void SetChannel(uint16_t aChannel) { mChannel = BigEndian::HostSwap16(aChannel); } + /** + * Sets the Channel and determines and sets the Channel Page from the given channel. + * + * @param[in] aChannel The Channel value. + * + */ + void SetChannelAndPage(uint16_t aChannel); + + /** + * Indicates whether or not the Channel and Channel Page values are valid. + * + * @retval TRUE If the Channel and Channel Page values are valid. + * @retval FALSE If the Channel and Channel Page values are not valid. + * + */ + bool IsValid(void) const; + private: uint8_t mChannelPage; uint16_t mChannel; From 2d030c4a8e8b744563daad2eff478808bd042f2a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 08:47:54 -0800 Subject: [PATCH 004/121] github-actions: bump actions/setup-python from 4.7.0 to 4.7.1 (#9677) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 4.7.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/61a6322f88396a6271a6ee3565807d608ecaddd1...65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/otns.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index 9f4feaeeb2c..05ca7e32a05 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -67,7 +67,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: "3.9" - name: Bootstrap @@ -106,7 +106,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: "3.9" - name: Bootstrap @@ -168,7 +168,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: "3.9" - name: Bootstrap From 3d01ffa65c36afbba9c08f0b6602ec4cf797ec22 Mon Sep 17 00:00:00 2001 From: Thomas Date: Mon, 4 Dec 2023 18:28:05 +0100 Subject: [PATCH 005/121] [spinel] add vendor hook for the spinel host side (#9560) Allow out-of-tree compilation of vendor specific changes to the host side of spinel. By setting `OT_SPINEL_VENDOR_HOOK_SOURCE_DIR`, `OT_SPINEL_VENDOR_HOOK_SOURCE` and `OT_SPINEL_VENDOR_HOOK_HEADER`, the corresponding compile flags `OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK` and `OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER` get set which force the use of the `VendorRadioSpinel` class instead of the regular `RadioSpinel` in `src/Posix/platform/radio`. --- src/lib/spinel/CMakeLists.txt | 11 ++++ src/lib/spinel/example_vendor_hook.cpp | 67 +++++++++++++++++++++++ src/lib/spinel/example_vendor_hook.hpp | 59 ++++++++++++++++++++ src/lib/spinel/openthread-spinel-config.h | 20 +++++++ src/lib/spinel/radio_spinel.cpp | 6 ++ src/lib/spinel/radio_spinel.hpp | 20 +++++++ src/posix/platform/CMakeLists.txt | 1 + src/posix/platform/radio.cpp | 2 +- src/posix/platform/radio.hpp | 13 ++++- 9 files changed, 196 insertions(+), 3 deletions(-) create mode 100644 src/lib/spinel/example_vendor_hook.cpp create mode 100644 src/lib/spinel/example_vendor_hook.hpp diff --git a/src/lib/spinel/CMakeLists.txt b/src/lib/spinel/CMakeLists.txt index e6cf16f58fd..8d552cf08cd 100644 --- a/src/lib/spinel/CMakeLists.txt +++ b/src/lib/spinel/CMakeLists.txt @@ -62,6 +62,17 @@ set(COMMON_SOURCES spinel_encoder.cpp ) +set(OT_SPINEL_VENDOR_HOOK_SOURCE "" CACHE STRING "set vendor hook source file for Spinel") +set(OT_SPINEL_VENDOR_HOOK_HEADER "" CACHE STRING "set vendor hook header file for Spinel") +if(OT_SPINEL_VENDOR_HOOK_SOURCE) + target_compile_definitions(openthread-spinel-rcp PUBLIC "OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK=1") + target_compile_definitions(openthread-spinel-ncp PUBLIC "OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK=1") + target_compile_definitions(openthread-spinel-rcp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER=\"${OT_SPINEL_VENDOR_HOOK_HEADER}\"") + target_compile_definitions(openthread-spinel-ncp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER=\"${OT_SPINEL_VENDOR_HOOK_HEADER}\"") + list(APPEND COMMON_SOURCES ${OT_SPINEL_VENDOR_HOOK_SOURCE_DIR}${OT_SPINEL_VENDOR_HOOK_SOURCE}) + list(APPEND COMMON_INCLUDES ${OT_SPINEL_VENDOR_HOOK_SOURCE_DIR}) +endif() + target_include_directories(openthread-radio-spinel PUBLIC ${OT_PUBLIC_INCLUDES} PRIVATE ${COMMON_INCLUDES}) target_include_directories(openthread-spinel-ncp PUBLIC ${OT_PUBLIC_INCLUDES} PRIVATE ${COMMON_INCLUDES}) target_include_directories(openthread-spinel-rcp PUBLIC ${OT_PUBLIC_INCLUDES} PRIVATE ${COMMON_INCLUDES}) diff --git a/src/lib/spinel/example_vendor_hook.cpp b/src/lib/spinel/example_vendor_hook.cpp new file mode 100644 index 00000000000..3c0a73a159a --- /dev/null +++ b/src/lib/spinel/example_vendor_hook.cpp @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file shows how to implement the Radio Spinel vendor hook. + */ + +#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + +#include OPENTRHEAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER +#include "common/log.hpp" +#include "lib/platform/exit_code.h" + +namespace ot { +namespace Spinel { + +otError RadioSpinel::VendorHandleValueIs(spinel_prop_key_t aPropKey) +{ + otError error = OT_ERROR_NONE; + + switch (aPropKey) + { + // TODO: Implement your property get handlers here. + // + // Get handler should retrieve the property value and then encode and write the + // value into the NCP buffer. If the "get" operation itself fails, handler should + // write a `LAST_STATUS` with the error status into the NCP buffer. `OT_ERROR_NO_BUFS` + // should be returned if NCP buffer is full and response cannot be written. + default: + error = OT_ERROR_NOT_FOUND; + break; + } +exit: + return error; +} + +} // namespace Spinel +} // namespace ot + +extern ot::Spinel::RadioSpinel &GetRadioSpinel(void); + +#endif // OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK diff --git a/src/lib/spinel/example_vendor_hook.hpp b/src/lib/spinel/example_vendor_hook.hpp new file mode 100644 index 00000000000..f9dedb6269f --- /dev/null +++ b/src/lib/spinel/example_vendor_hook.hpp @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file shows how to implement the Radio Spinel vendor hook. + */ + +#ifndef SPINEL_EXTENSION_H +#define SPINEL_EXTENSION_H + +#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + +#include +#include "lib/spinel/radio_spinel.hpp" + +namespace ot { +namespace Spinel { + +class VendorRadioSpinel : public ot::Spinel::RadioSpinel +{ +public: + VendorRadioSpinel(void) + : ot::Spinel::RadioSpinel() + { + } + + // Add public/private methods or member variables +}; + +} // namespace Spinel +} // namespace ot + +#endif // OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#endif // SPINEL_EXTENSION_H diff --git a/src/lib/spinel/openthread-spinel-config.h b/src/lib/spinel/openthread-spinel-config.h index 6b3316ac19d..231a8683898 100644 --- a/src/lib/spinel/openthread-spinel-config.h +++ b/src/lib/spinel/openthread-spinel-config.h @@ -89,4 +89,24 @@ #define OPENTHREAD_SPINEL_CONFIG_BROADCAST_IID SPINEL_HEADER_IID_3 #endif +/** + * @def OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + * + * Enables compilation of vendor specific code for Spinel + * + */ +#ifndef OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#define OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK 0 +#endif + +/** + * @def OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER + * + * Header file defining class VendorRadioSpinel + * + */ +#ifndef OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER +#define OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER "lib/spinel/example_vendor_hook.hpp" +#endif + #endif // OPENTHREAD_SPINEL_CONFIG_H_ diff --git a/src/lib/spinel/radio_spinel.cpp b/src/lib/spinel/radio_spinel.cpp index 2cd1deaff8c..7da561ae2cc 100644 --- a/src/lib/spinel/radio_spinel.cpp +++ b/src/lib/spinel/radio_spinel.cpp @@ -747,6 +747,12 @@ void RadioSpinel::HandleValueIs(spinel_prop_key_t aKey, const uint8_t *aBuffer, break; } } +#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + else if (aKey >= SPINEL_PROP_VENDOR__BEGIN && aKey < SPINEL_PROP_VENDOR__END) + { + error = VendorHandleValueIs(aKey); + } +#endif exit: UpdateParseErrorCount(error); diff --git a/src/lib/spinel/radio_spinel.hpp b/src/lib/spinel/radio_spinel.hpp index da0b6521d10..bc0774d327e 100644 --- a/src/lib/spinel/radio_spinel.hpp +++ b/src/lib/spinel/radio_spinel.hpp @@ -1065,6 +1065,26 @@ class RadioSpinel */ void RestoreProperties(void); #endif +#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + /** + * Defines a vendor "set property handler" hook to process vendor spinel properties. + * + * The vendor handler should return `OT_ERROR_NOT_FOUND` status if it does not support "set" operation for the + * given property key. Otherwise, the vendor handler should behave like other property set handlers, i.e., it + * should first decode the value from the input spinel frame and then perform the corresponding set operation. The + * handler should not prepare the spinel response and therefore should not write anything to the NCP buffer. The + * `otError` returned from handler (other than `OT_ERROR_NOT_FOUND`) indicates the error in either parsing of the + * input or the error of the set operation. In case of a successful "set", `NcpBase` set command handler will call + * the `VendorGetPropertyHandler()` for the same property key to prepare the response. + * + * @param[in] aPropKey The spinel property key. + * + * @returns OT_ERROR_NOT_FOUND if it does not support the given property key, otherwise the error in either parsing + * of the input or the "set" operation. + * + */ + otError VendorHandleValueIs(spinel_prop_key_t aPropKey); +#endif private: enum diff --git a/src/posix/platform/CMakeLists.txt b/src/posix/platform/CMakeLists.txt index 6dd32881148..defbf24240f 100644 --- a/src/posix/platform/CMakeLists.txt +++ b/src/posix/platform/CMakeLists.txt @@ -195,6 +195,7 @@ target_include_directories(openthread-posix PRIVATE ${PROJECT_SOURCE_DIR}/src ${PROJECT_SOURCE_DIR}/src/core ${PROJECT_SOURCE_DIR}/third_party/mbedtls/repo/include + ${OT_SPINEL_VENDOR_HOOK_SOURCE_DIR} PUBLIC ${PROJECT_SOURCE_DIR}/src/posix/platform/include ) diff --git a/src/posix/platform/radio.cpp b/src/posix/platform/radio.cpp index 491c6db1f73..44d011606e7 100644 --- a/src/posix/platform/radio.cpp +++ b/src/posix/platform/radio.cpp @@ -296,7 +296,7 @@ void Radio::GetIidListFromRadioUrl(spinel_iid_t (&aIidList)[Spinel::kSpinelHeade } // namespace Posix } // namespace ot -static ot::Spinel::RadioSpinel &GetRadioSpinel(void) { return sRadio.GetRadioSpinel(); } +ot::Spinel::RadioSpinel &GetRadioSpinel(void) { return sRadio.GetRadioSpinel(); } void platformRadioDeinit(void) { GetRadioSpinel().Deinit(); } diff --git a/src/posix/platform/radio.hpp b/src/posix/platform/radio.hpp index 439483f00e1..00c958c2ff1 100644 --- a/src/posix/platform/radio.hpp +++ b/src/posix/platform/radio.hpp @@ -35,6 +35,11 @@ #include "posix/platform/radio_url.hpp" #include "posix/platform/spi_interface.hpp" #include "posix/platform/vendor_interface.hpp" +#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#ifdef OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER +#include OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER +#endif +#endif namespace ot { namespace Posix { @@ -104,8 +109,12 @@ class Radio #error "No Spinel interface is specified!" #endif - RadioUrl mRadioUrl; - Spinel::RadioSpinel mRadioSpinel; + RadioUrl mRadioUrl; +#if OPENTHREAD_ENABLE_SPINEL_VENDOR_HOOK + Spinel::VendorRadioSpinel mRadioSpinel; +#else + Spinel::RadioSpinel mRadioSpinel; +#endif Spinel::SpinelInterface *mSpinelInterface; OT_DEFINE_ALIGNED_VAR(mSpinelInterfaceRaw, kSpinelInterfaceRawSize, uint64_t); From 5cab15840df7dddd9d2578106bde3067ad45bbae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20Bida?= Date: Mon, 4 Dec 2023 21:09:25 +0100 Subject: [PATCH 006/121] [tcat] initial commit of bluetooth-based commissioning (#9210) This commit introduces first implementation of Bluetooth based comissioning for thread devices. Co-authored-by: Arnulf Rupp Co-authored-by: Piotr Jasinski --- etc/cmake/options.cmake | 1 + etc/gn/openthread.gni | 3 + examples/platforms/simulation/CMakeLists.txt | 1 + examples/platforms/simulation/ble.c | 75 +++ include/openthread/BUILD.gn | 3 + include/openthread/ble_secure.h | 434 ++++++++++++++ include/openthread/instance.h | 2 +- include/openthread/platform/ble.h | 293 ++++++++++ include/openthread/tcat.h | 170 ++++++ script/check-simulation-build-cmake | 3 + src/cli/CMakeLists.txt | 1 + src/cli/README.md | 1 + src/cli/README_TCAT.md | 37 ++ src/cli/cli.cpp | 10 + src/cli/cli.hpp | 4 + src/cli/cli_config.h | 10 + src/cli/cli_tcat.cpp | 178 ++++++ src/cli/cli_tcat.hpp | 89 +++ src/core/BUILD.gn | 15 +- src/core/CMakeLists.txt | 5 +- src/core/api/ble_secure_api.cpp | 184 ++++++ src/core/coap/coap_secure.cpp | 11 +- src/core/coap/coap_secure.hpp | 12 +- src/core/common/message.hpp | 3 +- src/core/config/ip6.h | 4 +- .../config/openthread-core-config-check.h | 2 +- .../config/{dtls.h => secure_transport.h} | 22 +- src/core/instance/instance.cpp | 7 +- src/core/instance/instance.hpp | 13 +- src/core/meshcop/commissioner.hpp | 2 +- src/core/meshcop/joiner.hpp | 2 +- .../{dtls.cpp => secure_transport.cpp} | 421 ++++++++++---- .../{dtls.hpp => secure_transport.hpp} | 199 +++++-- src/core/meshcop/tcat_agent.cpp | 516 +++++++++++++++++ src/core/meshcop/tcat_agent.hpp | 374 ++++++++++++ src/core/openthread-core-config.h | 2 +- src/core/radio/ble_secure.cpp | 544 ++++++++++++++++++ src/core/radio/ble_secure.hpp | 489 ++++++++++++++++ src/core/thread/thread_netif.cpp | 2 +- src/core/thread/tmf.cpp | 4 +- src/core/thread/tmf.hpp | 2 +- src/core/utils/heap.hpp | 2 +- src/posix/platform/CMakeLists.txt | 1 + src/posix/platform/ble.cpp | 75 +++ tests/unit/test_platform.cpp | 50 ++ third_party/mbedtls/mbedtls-config.h | 4 + 46 files changed, 4068 insertions(+), 214 deletions(-) create mode 100644 examples/platforms/simulation/ble.c create mode 100644 include/openthread/ble_secure.h create mode 100644 include/openthread/platform/ble.h create mode 100644 include/openthread/tcat.h create mode 100644 src/cli/README_TCAT.md create mode 100644 src/cli/cli_tcat.cpp create mode 100644 src/cli/cli_tcat.hpp create mode 100644 src/core/api/ble_secure_api.cpp rename src/core/config/{dtls.h => secure_transport.h} (79%) rename src/core/meshcop/{dtls.cpp => secure_transport.cpp} (59%) rename src/core/meshcop/{dtls.hpp => secure_transport.hpp} (65%) create mode 100644 src/core/meshcop/tcat_agent.cpp create mode 100644 src/core/meshcop/tcat_agent.hpp create mode 100644 src/core/radio/ble_secure.cpp create mode 100644 src/core/radio/ble_secure.hpp create mode 100644 src/posix/platform/ble.cpp diff --git a/etc/cmake/options.cmake b/etc/cmake/options.cmake index 3b5a155d3ec..45e079dc529 100644 --- a/etc/cmake/options.cmake +++ b/etc/cmake/options.cmake @@ -172,6 +172,7 @@ ot_option(OT_ASSERT OPENTHREAD_CONFIG_ASSERT_ENABLE "assert function OT_ASSERT() ot_option(OT_BACKBONE_ROUTER OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE "backbone router functionality") ot_option(OT_BACKBONE_ROUTER_DUA_NDPROXYING OPENTHREAD_CONFIG_BACKBONE_ROUTER_DUA_NDPROXYING_ENABLE "BBR DUA ND Proxy") ot_option(OT_BACKBONE_ROUTER_MULTICAST_ROUTING OPENTHREAD_CONFIG_BACKBONE_ROUTER_MULTICAST_ROUTING_ENABLE "BBR MR") +ot_option(OT_BLE_TCAT OPENTHREAD_CONFIG_BLE_TCAT_ENABLE "Ble based thread commissioning") ot_option(OT_BORDER_AGENT OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE "border agent") ot_option(OT_BORDER_AGENT_ID OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE "create and save border agent ID") ot_option(OT_BORDER_ROUTER OPENTHREAD_CONFIG_BORDER_ROUTER_ENABLE "border router") diff --git a/etc/gn/openthread.gni b/etc/gn/openthread.gni index 9bbb543d257..277ee830df0 100644 --- a/etc/gn/openthread.gni +++ b/etc/gn/openthread.gni @@ -81,6 +81,9 @@ if (openthread_enable_core_config_args) { # Enable backbone router functionality openthread_config_backbone_router_enable = false + # Enable BLE based commissioning functionality + openthread_config_ble_tcat_enable = false + # Enable border agent support openthread_config_border_agent_enable = false diff --git a/examples/platforms/simulation/CMakeLists.txt b/examples/platforms/simulation/CMakeLists.txt index 439fcb9d46c..945583d70db 100644 --- a/examples/platforms/simulation/CMakeLists.txt +++ b/examples/platforms/simulation/CMakeLists.txt @@ -59,6 +59,7 @@ set(OT_PLATFORM_DEFINES ${OT_PLATFORM_DEFINES} PARENT_SCOPE) add_library(openthread-simulation alarm.c + ble.c crypto.c diag.c dns.c diff --git a/examples/platforms/simulation/ble.c b/examples/platforms/simulation/ble.c new file mode 100644 index 00000000000..2fe3c64535d --- /dev/null +++ b/examples/platforms/simulation/ble.c @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +otError otPlatBleEnable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleDisable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStart(otInstance *aInstance, uint16_t aInterval) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aInterval); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStop(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapDisconnect(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattMtuGet(otInstance *aInstance, uint16_t *aMtu) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aMtu); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattServerIndicate(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHandle); + OT_UNUSED_VARIABLE(aPacket); + return OT_ERROR_NOT_IMPLEMENTED; +} diff --git a/include/openthread/BUILD.gn b/include/openthread/BUILD.gn index e4760c29c08..f779443aab9 100644 --- a/include/openthread/BUILD.gn +++ b/include/openthread/BUILD.gn @@ -41,6 +41,7 @@ source_set("openthread") { public = [ "backbone_router.h", "backbone_router_ftd.h", + "ble_secure.h", "border_agent.h", "border_router.h", "border_routing.h", @@ -84,6 +85,7 @@ source_set("openthread") { "ping_sender.h", "platform/alarm-micro.h", "platform/alarm-milli.h", + "platform/ble.h", "platform/border_routing.h", "platform/crypto.h", "platform/debug_uart.h", @@ -115,6 +117,7 @@ source_set("openthread") { "srp_client_buffers.h", "srp_server.h", "tasklet.h", + "tcat.h", "tcp.h", "tcp_ext.h", "thread.h", diff --git a/include/openthread/ble_secure.h b/include/openthread/ble_secure.h new file mode 100644 index 00000000000..98d015640e3 --- /dev/null +++ b/include/openthread/ble_secure.h @@ -0,0 +1,434 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief + * This file defines the top-level functions for the OpenThread BLE Secure implementation. + * + * @note + * The functions in this module require the build-time feature `OPENTHREAD_CONFIG_BLE_TCAT_ENABLE=1`. + * + * @note + * To enable cipher suite DTLS_PSK_WITH_AES_128_CCM_8, MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * must be enabled in mbedtls-config.h + * To enable cipher suite DTLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, + * MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED must be enabled in mbedtls-config.h. + */ + +#ifndef OPENTHREAD_BLE_SECURE_H_ +#define OPENTHREAD_BLE_SECURE_H_ + +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @addtogroup api-ble-secure + * + * @brief + * This module includes functions that control BLE Secure (TLS over BLE) communication. + * + * The functions in this module are available when BLE Secure API feature + * (`OPENTHREAD_CONFIG_BLE_TCAT_ENABLE`) is enabled. + * + * @{ + * + */ + +/** + * Pointer to call when ble secure connection state changes. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aConnected TRUE, if a secure connection was established, FALSE otherwise. + * @param[in] aBleConnectionOpen TRUE if a BLE connection was established to carry a TLS data stream, FALSE + * otherwise. + * @param[in] aContext A pointer to arbitrary context information. + * + */ +typedef void (*otHandleBleSecureConnect)(otInstance *aInstance, + bool aConnected, + bool aBleConnectionOpen, + void *aContext); + +/** + * Pointer to call when data was received over a BLE Secure TLS connection. + * + */ +typedef otHandleTcatApplicationDataReceive otHandleBleSecureReceive; + +/** + * Starts the BLE Secure service. + * When TLV mode is active, the function @p aReceiveHandler will be called once a complete TLV was received and the + * message offset points to the TLV value. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aConnectHandler A pointer to a function that will be called when the connection + * state changes. + * @param[in] aReceiveHandler A pointer to a function that will be called once data has been received + * over the TLS connection. + * @param[in] aTlvMode A boolean value indicating if line mode shall be activated. + * @param[in] aContext A pointer to arbitrary context information. May be NULL if not used. + * + * @retval OT_ERROR_NONE Successfully started the BLE Secure server. + * @retval OT_ERROR_ALREADY The service was stated already. + * + */ +otError otBleSecureStart(otInstance *aInstance, + otHandleBleSecureConnect aConnectHandler, + otHandleBleSecureReceive aReceiveHandler, + bool aTlvMode, + void *aContext); + +/** + * Enables the TCAT protocol over BLE Secure. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aVendorInfo A pointer to the Vendor Information (must remain valid after the method call, may be + * NULL). + * @param[in] aHandler A pointer to a function that is called when the join operation completes. + * + * @retval OT_ERROR_NONE Successfully started the BLE Secure Joiner role. + * @retval OT_ERROR_INVALID_ARGS @p aElevationPsk or @p aVendorInfo is invalid. + * @retval OT_ERROR_INVALID_STATE The BLE function has not been started or line mode is not selected. + * + */ +otError otBleSecureTcatStart(otInstance *aInstance, const otTcatVendorInfo *aVendorInfo, otHandleTcatJoin aHandler); + +/** + * Stops the BLE Secure server. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + */ +void otBleSecureStop(otInstance *aInstance); + +/** + * Sets the Pre-Shared Key (PSK) and cipher suite + * TLS_PSK_WITH_AES_128_CCM_8. + * + * @note Requires the build-time feature `MBEDTLS_KEY_EXCHANGE_PSK_ENABLED` to be enabled. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aPsk A pointer to the PSK. + * @param[in] aPskLength The PSK length. + * @param[in] aPskIdentity The Identity Name for the PSK. + * @param[in] aPskIdLength The PSK Identity Length. + * + */ +void otBleSecureSetPsk(otInstance *aInstance, + const uint8_t *aPsk, + uint16_t aPskLength, + const uint8_t *aPskIdentity, + uint16_t aPskIdLength); + +/** + * Returns the peer x509 certificate base64 encoded. + * + * @note Requires the build-time features `MBEDTLS_BASE64_C` and + * `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` to be enabled. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[out] aPeerCert A pointer to the base64 encoded certificate buffer. + * @param[in,out] aCertLength On input, the size the max size of @p aPeerCert. + * On output, the length of the base64 encoded peer certificate. + * + * @retval OT_ERROR_NONE Successfully get the peer certificate. + * @retval OT_ERROR_INVALID_ARGS @p aInstance or @p aCertLength is invalid. + * @retval OT_ERROR_INVALID_STATE Not connected yet. + * @retval OT_ERROR_NO_BUFS Can't allocate memory for certificate. + * + */ +otError otBleSecureGetPeerCertificateBase64(otInstance *aInstance, unsigned char *aPeerCert, size_t *aCertLength); + +/** + * Returns an attribute value identified by its OID from the subject + * of the peer x509 certificate. The peer OID is provided in binary format. + * The attribute length is set if the attribute was successfully read or zero + * if unsuccessful. The ASN.1 type as is set as defineded in the ITU-T X.690 standard + * if the attribute was successfully read. + * + * @note Requires the build-time feature + * `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` to be enabled. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aOid A pointer to the OID to be found. + * @param[in] aOidLength The length of the OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * @param[out] aAsn1Type A pointer to the ASN.1 type of the attribute written to the buffer. + * + * @retval OT_ERROR_INVALID_STATE Not connected yet. + * @retval OT_ERROR_INVALID_ARGS Invalid attribute length. + * @retval OT_ERROR_NONE Successfully read attribute. + * @retval OT_ERROR_NO_BUFS Insufficient memory for storing the attribute value. + * + */ +otError otBleSecureGetPeerSubjectAttributeByOid(otInstance *aInstance, + const char *aOid, + size_t aOidLength, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength, + int *aAsn1Type); + +/** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the peer x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @note Requires the build-time feature + * `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` to be enabled. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval OT_ERROR_NONE Successfully read attribute. + * @retval OT_ERROR_INVALID_ARGS Invalid attribute length. + * @retval OT_NOT_FOUND The requested attribute was not found. + * @retval OT_ERROR_NO_BUFS Insufficient memory for storing the attribute value. + * @retval OT_ERROR_INVALID_STATE Not connected yet. + * @retval OT_ERROR_NOT_IMPLEMENTED The value of aThreadOidDescriptor is >127. + * @retval OT_ERROR_PARSE The certificate extensions could not be parsed. + * + */ +otError otBleSecureGetThreadAttributeFromPeerCertificate(otInstance *aInstance, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength); + +/** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the own x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval OT_ERROR_NONE Successfully read attribute. + * @retval OT_ERROR_INVALID_ARGS Invalid attribute length. + * @retval OT_NOT_FOUND The requested attribute was not found. + * @retval OT_ERROR_NO_BUFS Insufficient memory for storing the attribute value. + * @retval OT_ERROR_INVALID_STATE Not connected yet. + * @retval OT_ERROR_NOT_IMPLEMENTED The value of aThreadOidDescriptor is >127. + * @retval OT_ERROR_PARSE The certificate extensions could not be parsed. + * + */ +otError otBleSecureGetThreadAttributeFromOwnCertificate(otInstance *aInstance, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength); + +/** + * Sets the authentication mode for the BLE secure connection. + * + * Disable or enable the verification of peer certificate. + * Must be called before start. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aVerifyPeerCertificate true, to verify the peer certificate. + * + */ +void otBleSecureSetSslAuthMode(otInstance *aInstance, bool aVerifyPeerCertificate); + +/** + * Sets the local device's X509 certificate with corresponding private key for + * TLS session with TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8. + * + * @note Requires `MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=1`. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aX509Cert A pointer to the PEM formatted X509 certificate. + * @param[in] aX509Length The length of certificate. + * @param[in] aPrivateKey A pointer to the PEM formatted private key. + * @param[in] aPrivateKeyLength The length of the private key. + * + */ +void otBleSecureSetCertificate(otInstance *aInstance, + const uint8_t *aX509Cert, + uint32_t aX509Length, + const uint8_t *aPrivateKey, + uint32_t aPrivateKeyLength); + +/** + * Sets the trusted top level CAs. It is needed for validating the + * certificate of the peer. + * + * TLS mode "ECDHE ECDSA with AES 128 CCM 8" for secure BLE. + * + * @note Requires `MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=1`. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aX509CaCertificateChain A pointer to the PEM formatted X509 CA chain. + * @param[in] aX509CaCertChainLength The length of chain. + * + */ +void otBleSecureSetCaCertificateChain(otInstance *aInstance, + const uint8_t *aX509CaCertificateChain, + uint32_t aX509CaCertChainLength); + +/** + * Initializes TLS session with a peer using an already open BLE connection. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @retval OT_ERROR_NONE Successfully started TLS connection. + * + */ +otError otBleSecureConnect(otInstance *aInstance); + +/** + * Stops the BLE and TLS connection. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + */ +void otBleSecureDisconnect(otInstance *aInstance); + +/** + * Indicates whether or not the TLS session is active (connected or conneting). + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @retval TRUE If TLS session is active. + * @retval FALSE If TLS session is not active. + * + */ +bool otBleSecureIsConnectionActive(otInstance *aInstance); + +/** + * Indicates whether or not the TLS session is connected. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @retval TRUE The TLS session is connected. + * @retval FALSE The TLS session is not connected. + * + */ +bool otBleSecureIsConnected(otInstance *aInstance); + +/** + * Indicates whether or not the TCAT agent is enabled. + * + * @retval TRUE The TCAT agent is enabled. + * @retval FALSE The TCAT agent is not enabled. + * + */ +bool otBleSecureIsTcatEnabled(otInstance *aInstance); + +/** + * Indicates whether or not a TCAT command class is authorized. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aCommandClass A command class to check. + * + * @retval TRUE The command class is authorized. + * @retval FALSE The command class is not authorized. + * + */ +bool otBleSecureIsCommandClassAuthorized(otInstance *aInstance, otTcatCommandClass aCommandClass); + +/** + * Sends a secure BLE message. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aMessage A pointer to the message to send. + * + * If the return value is OT_ERROR_NONE, OpenThread takes ownership of @p aMessage, and the caller should no longer + * reference @p aMessage. If the return value is not OT_ERROR_NONE, the caller retains ownership of @p aMessage, + * including freeing @p aMessage if the message buffer is no longer needed. + * + * @retval OT_ERROR_NONE Successfully sent message. + * @retval OT_ERROR_NO_BUFS Failed to allocate buffer memory. + * @retval OT_ERROR_INVALID_STATE TLS connection was not initialized. + * + */ +otError otBleSecureSendMessage(otInstance *aInstance, otMessage *aMessage); + +/** + * Sends a secure BLE data packet. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aBuf A pointer to the data to send as the Value of the TCAT Send Application Data TLV. + * @param[in] aLength A number indicating the length of the data buffer. + * + * @retval OT_ERROR_NONE Successfully sent data. + * @retval OT_ERROR_NO_BUFS Failed to allocate buffer memory. + * @retval OT_ERROR_INVALID_STATE TLS connection was not initialized. + * + */ +otError otBleSecureSend(otInstance *aInstance, uint8_t *aBuf, uint16_t aLength); + +/** + * Sends a secure BLE data packet containing a TCAT Send Application Data TLV. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aBuf A pointer to the data to send as the Value of the TCAT Send Application Data TLV. + * @param[in] aLength A number indicating the length of the data buffer. + * + * @retval OT_ERROR_NONE Successfully sent data. + * @retval OT_ERROR_NO_BUFS Failed to allocate buffer memory. + * @retval OT_ERROR_INVALID_STATE TLS connection was not initialized. + * + */ +otError otBleSecureSendApplicationTlv(otInstance *aInstance, uint8_t *aBuf, uint16_t aLength); + +/** + * Flushes the send buffer. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @retval OT_ERROR_NONE Successfully flushed output buffer. + * @retval OT_ERROR_NO_BUFS Failed to allocate buffer memory. + * @retval OT_ERROR_INVALID_STATE TLS connection was not initialized. + * + */ +otError otBleSecureFlush(otInstance *aInstance); + +/** + * @} + * + */ + +#ifdef __cplusplus +} // extern "C" +#endif + +#endif /* OPENTHREAD_BLE_SECURE_H_ */ diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 3acb6e43739..e32193881a0 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (380) +#define OPENTHREAD_API_VERSION (381) /** * @addtogroup api-instance diff --git a/include/openthread/platform/ble.h b/include/openthread/platform/ble.h new file mode 100644 index 00000000000..bf7e48bc42f --- /dev/null +++ b/include/openthread/platform/ble.h @@ -0,0 +1,293 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief + * This file defines a OpenThread BLE GATT peripheral interface driver. + * + */ + +#ifndef OPENTHREAD_PLATFORM_BLE_H_ +#define OPENTHREAD_PLATFORM_BLE_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +#include + +#include +#include + +/** + * @addtogroup plat-ble + * + * @brief + * This module includes the platform abstraction for BLE Host communication. + * The platform needs to implement Bluetooth LE 4.2 or higher. + * + * @{ + * + */ + +/** + * Time slot duration on PHY layer in microseconds (0.625ms). + * + */ + +#define OT_BLE_TIMESLOT_UNIT 625 + +/** + * Minimum allowed interval for advertising packet in OT_BLE_ADV_INTERVAL_UNIT units (20ms). + * + */ + +#define OT_BLE_ADV_INTERVAL_MIN 0x0020 + +/** + * Maximum allowed interval for advertising packet in OT_BLE_ADV_INTERVAL_UNIT units (10.24s). + * + */ + +#define OT_BLE_ADV_INTERVAL_MAX 0x4000 + +/** + * Default interval for advertising packet (ms). + * + */ + +#define OT_BLE_ADV_INTERVAL_DEFAULT 100 + +/** + * Unit used to calculate interval duration (0.625ms). + * + */ + +#define OT_BLE_ADV_INTERVAL_UNIT OT_BLE_TIMESLOT_UNIT + +/** + * Maximum allowed ATT MTU size (must be >= 23). + * + */ + +#define OT_BLE_ATT_MTU_MAX 67 + +/** + * Default power value for BLE. + */ + +#define OT_BLE_DEFAULT_POWER 0 + +/** + * Represents a BLE packet. + * + */ +typedef struct otBleRadioPacket +{ + uint8_t *mValue; ///< The value of an attribute + uint16_t mLength; ///< Length of the @p mValue. + int8_t mPower; ///< Transmit/receive power in dBm. +} otBleRadioPacket; + +/******************************************************************************* + * @section Bluetooth Low Energy management. + ******************************************************************************/ + +/** + * Enable the Bluetooth Low Energy radio. + * + * @note BLE Device should use the highest ATT_MTU supported that does not + * exceed OT_BLE_ATT_MTU_MAX octets. + * + * @param[in] aInstance The OpenThread instance structure. + * + * @retval OT_ERROR_NONE Successfully enabled. + * @retval OT_ERROR_FAILED The BLE radio could not be enabled. + */ +otError otPlatBleEnable(otInstance *aInstance); + +/** + * Disable the Bluetooth Low Energy radio. + * + * When disabled, the BLE stack will flush event queues and not generate new + * events. The BLE peripheral is turned off or put into a low power sleep + * state. Any dynamic memory used by the stack should be released, + * but static memory may remain reserved. + * + * @param[in] aInstance The OpenThread instance structure. + * + * @retval OT_ERROR_NONE Successfully transitioned to disabled. + * @retval OT_ERROR_FAILED The BLE radio could not be disabled. + * + */ +otError otPlatBleDisable(otInstance *aInstance); + +/**************************************************************************** + * @section Bluetooth Low Energy GAP. + ***************************************************************************/ + +/** + * Starts BLE Advertising procedure. + * + * The BLE device shall use undirected advertising with no filter applied. + * A single BLE Advertising packet must be sent on all advertising + * channels (37, 38 and 39). + * + * @note This function shall be used only for BLE Peripheral role. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aInterval The interval between subsequent advertising packets + * in OT_BLE_ADV_INTERVAL_UNIT units. + * Shall be within OT_BLE_ADV_INTERVAL_MIN and + * OT_BLE_ADV_INTERVAL_MAX range or OT_BLE_ADV_INTERVAL_DEFAULT + * for a default value set at compile time. + * + * @retval OT_ERROR_NONE Advertising procedure has been started. + * @retval OT_ERROR_INVALID_STATE BLE Device is in invalid state. + * @retval OT_ERROR_INVALID_ARGS Invalid interval value has been supplied. + * + */ +otError otPlatBleGapAdvStart(otInstance *aInstance, uint16_t aInterval); + +/** + * Stops BLE Advertising procedure. + * + * @note This function shall be used only for BLE Peripheral role. + * + * @param[in] aInstance The OpenThread instance structure. + * + * @retval OT_ERROR_NONE Advertising procedure has been stopped. + * @retval OT_ERROR_INVALID_STATE BLE Device is in invalid state. + * + */ +otError otPlatBleGapAdvStop(otInstance *aInstance); + +/** + * The BLE driver calls this method to notify OpenThread that a BLE Central Device has + * been connected. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aConnectionId The identifier of the open connection. + * + */ +extern void otPlatBleGapOnConnected(otInstance *aInstance, uint16_t aConnectionId); + +/** + * The BLE driver calls this method to notify OpenThread that the BLE Central Device + * has been disconnected. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aConnectionId The identifier of the closed connection. + * + */ +extern void otPlatBleGapOnDisconnected(otInstance *aInstance, uint16_t aConnectionId); + +/** + * Disconnects BLE connection. + * + * The BLE device shall use the Remote User Terminated Connection (0x13) reason + * code when disconnecting from the peer BLE device.. + * + * @param[in] aInstance The OpenThread instance structure. + * + * @retval OT_ERROR_NONE Disconnection procedure has been started. + * @retval OT_ERROR_INVALID_STATE BLE Device is in invalid state. + * + */ +otError otPlatBleGapDisconnect(otInstance *aInstance); + +/******************************************************************************* + * @section Bluetooth Low Energy GATT Common. + *******************************************************************************/ + +/** + * Reads currently use value of ATT_MTU. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[out] aMtu A pointer to output the current ATT_MTU value. + * + * @retval OT_ERROR_NONE ATT_MTU value has been placed in @p aMtu. + * @retval OT_ERROR_FAILED BLE Device cannot determine its ATT_MTU. + * + */ +otError otPlatBleGattMtuGet(otInstance *aInstance, uint16_t *aMtu); + +/** + * The BLE driver calls this method to notify OpenThread that ATT_MTU has been updated. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aMtu The updated ATT_MTU value. + * + */ +extern void otPlatBleGattOnMtuUpdate(otInstance *aInstance, uint16_t aMtu); + +/******************************************************************************* + * @section Bluetooth Low Energy GATT Server. + ******************************************************************************/ + +/** + * Sends ATT Handle Value Indication. + * + * @note This function shall be used only for GATT Server. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aHandle The handle of the attribute to be indicated. + * @param[in] aPacket A pointer to the packet contains value to be indicated. + * + * @retval OT_ERROR_NONE ATT Handle Value Indication has been sent. + * @retval OT_ERROR_INVALID_STATE BLE Device is in invalid state. + * @retval OT_ERROR_INVALID_ARGS Invalid handle value, data or data length has been supplied. + * @retval OT_ERROR_NO_BUFS No available internal buffer found. + * + */ +otError otPlatBleGattServerIndicate(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket); + +/** + * The BLE driver calls this method to notify OpenThread that an ATT Write Request + * packet has been received. + * + * @note This function shall be used only for GATT Server. + * + * @param[in] aInstance The OpenThread instance structure. + * @param[in] aHandle The handle of the attribute to be written. + * @param[in] aPacket A pointer to the packet contains value to be written to the attribute. + * + */ +extern void otPlatBleGattServerOnWriteRequest(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket); + +/** + * @} + * + */ + +#ifdef __cplusplus +} // end of extern "C" +#endif + +#endif // OPENTHREAD_PLATFORM_BLE_H_ diff --git a/include/openthread/tcat.h b/include/openthread/tcat.h new file mode 100644 index 00000000000..291ce4817f6 --- /dev/null +++ b/include/openthread/tcat.h @@ -0,0 +1,170 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief + * This file defines the top-level functions for the OpenThread TCAT. + * + * @note + * The functions in this module require the build-time feature `OPENTHREAD_CONFIG_BLE_TCAT_ENABLE=1`. + * + * @note + * To enable cipher suite DTLS_PSK_WITH_AES_128_CCM_8, MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + * must be enabled in mbedtls-config.h + * To enable cipher suite DTLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, + * MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED must be enabled in mbedtls-config.h. + */ + +#ifndef OPENTHREAD_TCAT_H_ +#define OPENTHREAD_TCAT_H_ + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @addtogroup api-ble-secure + * + * @brief + * This module includes functions that implement TCAT communication. + * + * The functions in this module are available when TCAT feature + * (`OPENTHREAD_CONFIG_BLE_TCAT_ENABLE`) is enabled. + * + * @{ + * + */ + +#define OT_TCAT_MAX_SERVICE_NAME_LENGTH \ + 15 ///< Maximum string length of a UDP or TCP service name (does not include null char). + +/** + * Represents TCAT status code. + * + */ +typedef enum otTcatStatusCode +{ + OT_TCAT_STATUS_SUCCESS = 0, ///< Command or request was successfully processed + OT_TCAT_STATUS_UNSUPPORTED = 1, ///< Requested command or received TLV is not supported + OT_TCAT_STATUS_PARSE_ERROR = 2, ///< Request / command could not be parsed correctly + OT_TCAT_STATUS_VALUE_ERROR = 3, ///< The value of the transmitted TLV has an error + OT_TCAT_STATUS_GENERAL_ERROR = 4, ///< An error not matching any other category occurred + OT_TCAT_STATUS_BUSY = 5, ///< Command cannot be executed because the resource is busy + OT_TCAT_STATUS_UNDEFINED = 6, ///< The requested value, data or service is not defined (currently) or not present + OT_TCAT_STATUS_HASH_ERROR = 7, ///< The hash value presented by the commissioner was incorrect + OT_TCAT_STATUS_UNAUTHORIZED = 16, ///< Sender does not have sufficient authorization for the given command + +} otTcatStatusCode; + +/** + * Represents TCAT application protocol. + * + */ +typedef enum otTcatApplicationProtocol +{ + OT_TCAT_APPLICATION_PROTOCOL_NONE = 0, ///< Message which has been sent without activating the TCAT agent + OT_TCAT_APPLICATION_PROTOCOL_STATUS = 1, ///< Message directed to a UDP service + OT_TCAT_APPLICATION_PROTOCOL_TCP = 2, ///< Message directed to a TCP service + +} otTcatApplicationProtocol; + +/** + * Represents a TCAT command class. + * + */ +typedef enum otTcatCommandClass +{ + OT_TCAT_COMMAND_CLASS_GENERAL = 0, ///< TCAT commands related to general operations + OT_TCAT_COMMAND_CLASS_COMMISSIONING = 1, ///< TCAT commands related to commissioning + OT_TCAT_COMMAND_CLASS_EXTRACTION = 2, ///< TCAT commands related to key extraction + OT_TCAT_COMMAND_CLASS_DECOMMISSIONING = 3, ///< TCAT commands related to de-commissioning + OT_TCAT_COMMAND_CLASS_APPLICATION = 4, ///< TCAT commands related to application layer + +} otTcatCommandClass; + +/** + * This structure represents a TCAT vendor information. + * + * The content of this structure MUST persist and remain unchanged while a TCAT session is running. + * + */ +typedef struct otTcatVendorInfo +{ + const char *mProvisioningUrl; ///< Provisioning URL path string + const char *mVendorName; ///< Vendor name string + const char *mVendorModel; ///< Vendor model string + const char *mVendorSwVersion; ///< Vendor software version string + const char *mVendorData; ///< Vendor specific data string + const char *mPskdString; ///< Vendor managed pre-shared key for device + const char *mInstallCode; ///< Vendor managed install code string + const char *mDeviceId; ///< Vendor managed device ID string (if NULL: device ID is set to EUI-64 in binary format) + +} otTcatVendorInfo; + +/** + * Pointer to call when application data was received over a TCAT TLS connection. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aMessage A pointer to the message. + * @param[in] aOffset The offset where the application data begins. + * @param[in] aTcatApplicationProtocol The protocol type of the message received. + * @param[in] aServiceName The name of the service the message is direced to. + * @param[in] aContext A pointer to arbitrary context information. + * + */ +typedef void (*otHandleTcatApplicationDataReceive)(otInstance *aInstance, + const otMessage *aMessage, + int32_t aOffset, + otTcatApplicationProtocol aTcatApplicationProtocol, + const char *aServiceName, + void *aContext); + +/** + * Pointer to call to notify the completion of a join operation. + * + * @param[in] aError OT_ERROR_NONE if the join process succeeded. + * OT_ERROR_SECURITY if the join process failed due to security credentials. + * @param[in] aContext A pointer to arbitrary context information. + * + */ +typedef void (*otHandleTcatJoin)(otError aError, void *aContext); + +/** + * @} + * + */ + +#ifdef __cplusplus +} // extern "C" +#endif + +#endif /* OPENTHREAD_TCAT_H_ */ diff --git a/script/check-simulation-build-cmake b/script/check-simulation-build-cmake index ee1e2ffa59d..eaee3716b8d 100755 --- a/script/check-simulation-build-cmake +++ b/script/check-simulation-build-cmake @@ -201,6 +201,9 @@ build_all_features() # Build with RAM settings reset_source "$(dirname "$0")"/cmake-build simulation -DOT_SETTINGS_RAM=ON + + reset_source + "$(dirname "$0")"/cmake-build simulation -DOT_BLE_TCAT=ON } build_nest_common() diff --git a/src/cli/CMakeLists.txt b/src/cli/CMakeLists.txt index 6be47773c03..022de520b06 100644 --- a/src/cli/CMakeLists.txt +++ b/src/cli/CMakeLists.txt @@ -48,6 +48,7 @@ set(COMMON_SOURCES cli_output.cpp cli_srp_client.cpp cli_srp_server.cpp + cli_tcat.cpp cli_tcp.cpp cli_udp.cpp ) diff --git a/src/cli/README.md b/src/cli/README.md index c0b21e49347..20df53e0de0 100644 --- a/src/cli/README.md +++ b/src/cli/README.md @@ -117,6 +117,7 @@ Done - [sntp](#sntp-query-sntp-server-ip-sntp-server-port) - [state](#state) - [srp](README_SRP.md) +- [tcat](README_TCAT.md) - [tcp](README_TCP.md) - [thread](#thread-start) - [timeinqueue](#timeinqueue) diff --git a/src/cli/README_TCAT.md b/src/cli/README_TCAT.md new file mode 100644 index 00000000000..066a5710982 --- /dev/null +++ b/src/cli/README_TCAT.md @@ -0,0 +1,37 @@ +# OpenThread CLI - TCAT Example + +## Command List + +- help [#help] +- start [#start] +- stop [#stop] + +### help + +print help + +```bash +tcat help +help +start +stop +Done +``` + +### start + +Start tcat server and ble advertisement. + +```bash +tcat start +Done +``` + +### stop + +Stop tcat server and ble advertisement. + +```bash +tcat stop +Done +``` diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index cf9fea6ee48..c1443aec76c 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -148,6 +148,9 @@ Interpreter::Interpreter(Instance *aInstance, otCliOutputCallback aCallback, voi #if OPENTHREAD_CONFIG_MLE_LINK_METRICS_INITIATOR_ENABLE , mLinkMetrics(aInstance, *this) #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + , mTcat(aInstance, *this) +#endif #if OPENTHREAD_CONFIG_TMF_ANYCAST_LOCATOR_ENABLE , mLocateInProgress(false) #endif @@ -7240,6 +7243,10 @@ template <> otError Interpreter::Process(Arg aArgs[]) return error; } +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE +template <> otError Interpreter::Process(Arg aArgs[]) { return mTcat.Process(aArgs); } +#endif + #if OPENTHREAD_CONFIG_TCP_ENABLE && OPENTHREAD_CONFIG_CLI_TCP_ENABLE template <> otError Interpreter::Process(Arg aArgs[]) { return mTcp.Process(aArgs); } #endif @@ -8509,6 +8516,9 @@ otError Interpreter::ProcessCommand(Arg aArgs[]) CmdEntry("srp"), #endif CmdEntry("state"), +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + CmdEntry("tcat"), +#endif #if OPENTHREAD_CONFIG_TCP_ENABLE && OPENTHREAD_CONFIG_CLI_TCP_ENABLE CmdEntry("tcp"), #endif diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index 81c5fe7d0af..f95759e718a 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -71,6 +71,7 @@ #include "cli/cli_output.hpp" #include "cli/cli_srp_client.hpp" #include "cli/cli_srp_server.hpp" +#include "cli/cli_tcat.hpp" #include "cli/cli_tcp.hpp" #include "cli/cli_udp.hpp" #if OPENTHREAD_CONFIG_COAP_API_ENABLE @@ -594,6 +595,9 @@ class Interpreter : public OutputImplementer, public Output #if OPENTHREAD_CONFIG_MLE_LINK_METRICS_INITIATOR_ENABLE LinkMetrics mLinkMetrics; #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + Tcat mTcat; +#endif #endif // OPENTHREAD_FTD || OPENTHREAD_MTD #if OPENTHREAD_CONFIG_PING_SENDER_ENABLE diff --git a/src/cli/cli_config.h b/src/cli/cli_config.h index c3762c4a110..ac9b5e1cc3c 100644 --- a/src/cli/cli_config.h +++ b/src/cli/cli_config.h @@ -58,6 +58,16 @@ #define OPENTHREAD_CONFIG_CLI_MAX_LINE_LENGTH 384 #endif +/** + * @def OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + * + * Indicates whether TCAT should be enabled in the CLI tool. + * + */ +#ifndef OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE +#define OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE 1 +#endif + /** * @def OPENTHREAD_CONFIG_CLI_TCP_ENABLE * diff --git a/src/cli/cli_tcat.cpp b/src/cli/cli_tcat.cpp new file mode 100644 index 00000000000..e754bca93ae --- /dev/null +++ b/src/cli/cli_tcat.cpp @@ -0,0 +1,178 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "openthread-core-config.h" + +#include "cli/cli_output.hpp" + +#include "cli/cli_tcat.hpp" + +#include + +#include +#include +#include + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + +#define OT_CLI_TCAT_X509_CERT \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIBmDCCAT+gAwIBAgIEAQIDBDAKBggqhkjOPQQDAjBvMQswCQYDVQQGEwJYWDEQ\r\n" \ + "MA4GA1UECBMHTXlTdGF0ZTEPMA0GA1UEBxMGTXlDaXR5MQ8wDQYDVQQLEwZNeVVu\r\n" \ + "aXQxETAPBgNVBAoTCE15VmVuZG9yMRkwFwYDVQQDExB3d3cubXl2ZW5kb3IuY29t\r\n" \ + "MB4XDTIzMTAxNjEwMzk1NFoXDTI0MTAxNjEwMzk1NFowIjEgMB4GA1UEAxMXbXl2\r\n" \ + "ZW5kb3IuY29tL3RjYXQvbXlkZXYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQB\r\n" \ + "aWwFDNj1bpQIdN+Kp2cHWw55U/+fa+OmZnoy1B4BOT+822jdwPBuyXWAQoBdYdQJ\r\n" \ + "ff4RgmhczyV4PhArPIuAoxYwFDASBgkrBgEEAYLfKgMEBQABAQEBMAoGCCqGSM49\r\n" \ + "BAMCA0cAMEQCIBEHxiEDij26y6V77Q311Gj4CZAuZuPGXZpnzL2BLk7bAiAlFk6G\r\n" \ + "mYGzkcrYyssFI9HlPgrisWoMmgummaTtCuvrEw==\r\n" \ + "-----END CERTIFICATE-----\r\n" + +#define OT_CLI_TCAT_PRIV_KEY \ + "-----BEGIN EC PRIVATE KEY-----\r\n" \ + "MHcCAQEEIDeJ6lVQKiOIBxKwTZp6TkU5QVHt9pvXOR9CGpPBI3DhoAoGCCqGSM49\r\n" \ + "AwEHoUQDQgAEAWlsBQzY9W6UCHTfiqdnB1sOeVP/n2vjpmZ6MtQeATk/vNto3cDw\r\n" \ + "bsl1gEKAXWHUCX3+EYJoXM8leD4QKzyLgA==\r\n" \ + "-----END EC PRIVATE KEY-----\r\n" + +#define OT_CLI_TCAT_TRUSTED_ROOT_CERTIFICATE \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIICCDCCAa2gAwIBAgIJAIKxygBXoH+5MAoGCCqGSM49BAMCMG8xCzAJBgNVBAYT\r\n" \ + "AlhYMRAwDgYDVQQIEwdNeVN0YXRlMQ8wDQYDVQQHEwZNeUNpdHkxDzANBgNVBAsT\r\n" \ + "Bk15VW5pdDERMA8GA1UEChMITXlWZW5kb3IxGTAXBgNVBAMTEHd3dy5teXZlbmRv\r\n" \ + "ci5jb20wHhcNMjMxMDE2MTAzMzE1WhcNMjYxMDE2MTAzMzE1WjBvMQswCQYDVQQG\r\n" \ + "EwJYWDEQMA4GA1UECBMHTXlTdGF0ZTEPMA0GA1UEBxMGTXlDaXR5MQ8wDQYDVQQL\r\n" \ + "EwZNeVVuaXQxETAPBgNVBAoTCE15VmVuZG9yMRkwFwYDVQQDExB3d3cubXl2ZW5k\r\n" \ + "b3IuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdyzPAXGKeZY94OhHAWX\r\n" \ + "HzJfQIjGSyaOzlgL9OEFw2SoUDncLKPGwfPAUSfuMyEkzszNDM0HHkBsDLqu4n25\r\n" \ + "/6MyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU4EynoSw9eDKZEVPkums2\r\n" \ + "IWLAJCowCgYIKoZIzj0EAwIDSQAwRgIhAMYGGL9xShyE6P9wEU+MAYF6W3CzdrwV\r\n" \ + "kuerX1encIH2AiEA5rq490NUobM1Au43roxJq1T6Z43LscPVbGZfULD1Jq0=\r\n" \ + "-----END CERTIFICATE-----\r\n" + +namespace ot { + +namespace Cli { + +otTcatVendorInfo sVendorInfo; +const char kPskdVendor[] = "J01NM3"; +const char kUrl[] = "dummy_url"; + +static void HandleBleSecureReceive(otInstance *aInstance, + const otMessage *aMessage, + int32_t aOffset, + otTcatApplicationProtocol aTcatApplicationProtocol, + const char *aServiceName, + void *aContext) +{ + OT_UNUSED_VARIABLE(aContext); + OT_UNUSED_VARIABLE(aTcatApplicationProtocol); + OT_UNUSED_VARIABLE(aServiceName); + static constexpr int kTextMaxLen = 100; + static constexpr uint8_t kBufPrefixLen = 5; + uint16_t nLen; + uint8_t buf[kTextMaxLen]; + + nLen = otMessageRead(aMessage, (uint16_t)aOffset, buf + kBufPrefixLen, sizeof(buf) - kBufPrefixLen - 1); + + memcpy(buf, "RECV:", kBufPrefixLen); + + buf[nLen + kBufPrefixLen] = 0; + + IgnoreReturnValue(otBleSecureSendApplicationTlv(aInstance, buf, (uint16_t)strlen((char *)buf))); + IgnoreReturnValue(otBleSecureFlush(aInstance)); +} + +template <> otError Tcat::Process(Arg aArgs[]) +{ + OT_UNUSED_VARIABLE(aArgs); + + otError error = OT_ERROR_NONE; + + sVendorInfo.mPskdString = kPskdVendor; + sVendorInfo.mProvisioningUrl = kUrl; + + otBleSecureSetCertificate(GetInstancePtr(), reinterpret_cast(OT_CLI_TCAT_X509_CERT), + sizeof(OT_CLI_TCAT_X509_CERT), reinterpret_cast(OT_CLI_TCAT_PRIV_KEY), + sizeof(OT_CLI_TCAT_PRIV_KEY)); + + otBleSecureSetCaCertificateChain(GetInstancePtr(), + reinterpret_cast(OT_CLI_TCAT_TRUSTED_ROOT_CERTIFICATE), + sizeof(OT_CLI_TCAT_TRUSTED_ROOT_CERTIFICATE)); + + otBleSecureSetSslAuthMode(GetInstancePtr(), true); + + SuccessOrExit(error = otBleSecureStart(GetInstancePtr(), nullptr, HandleBleSecureReceive, true, nullptr)); + SuccessOrExit(error = otBleSecureTcatStart(GetInstancePtr(), &sVendorInfo, nullptr)); + +exit: + return error; +} + +template <> otError Tcat::Process(Arg aArgs[]) +{ + OT_UNUSED_VARIABLE(aArgs); + otError error = OT_ERROR_NONE; + + otBleSecureStop(GetInstancePtr()); + + return error; +} + +otError Tcat::Process(Arg aArgs[]) +{ +#define CmdEntry(aCommandString) \ + { \ + aCommandString, &Tcat::Process \ + } + + static constexpr Command kCommands[] = {CmdEntry("start"), CmdEntry("stop")}; + + static_assert(BinarySearch::IsSorted(kCommands), "kCommands is not sorted"); + + otError error = OT_ERROR_NONE; + const Command *command; + + if (aArgs[0].IsEmpty() || (aArgs[0] == "help")) + { + OutputCommandTable(kCommands); + ExitNow(error = aArgs[0].IsEmpty() ? error : OT_ERROR_NONE); + } + + command = BinarySearch::Find(aArgs[0].GetCString(), kCommands); + VerifyOrExit(command != nullptr); + + error = (this->*command->mHandler)(aArgs + 1); + +exit: + return error; +} + +} // namespace Cli +} // namespace ot +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE diff --git a/src/cli/cli_tcat.hpp b/src/cli/cli_tcat.hpp new file mode 100644 index 00000000000..3f1d0be6e6e --- /dev/null +++ b/src/cli/cli_tcat.hpp @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef CLI_TCAT_HPP_ +#define CLI_TCAT_HPP_ + +#include "openthread-core-config.h" + +#include "cli/cli_output.hpp" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + +namespace ot { + +namespace Cli { + +/** + * Implements the Tcat CLI interpreter. + * + */ +class Tcat : private Output +{ +public: + typedef Utils::CmdLineParser::Arg Arg; + + /** + * Constructor + * + * @param[in] aInstance The OpenThread Instance. + * @param[in] aOutputImplementer An `OutputImplementer`. + * + */ + Tcat(otInstance *aInstance, OutputImplementer &aOutputImplementer) + : Output(aInstance, aOutputImplementer) + { + } + + /** + * Processes a CLI sub-command. + * + * @param[in] aArgs An array of command line arguments. + * + * @retval OT_ERROR_NONE Successfully executed the CLI command. + * @retval OT_ERROR_PENDING The CLI command was successfully started but final result is pending. + * @retval OT_ERROR_INVALID_COMMAND Invalid or unknown CLI command. + * @retval OT_ERROR_INVALID_ARGS Invalid arguments. + * @retval ... Error during execution of the CLI command. + * + */ + otError Process(Arg aArgs[]); + +private: + using Command = CommandEntry; + + template otError Process(Arg aArgs[]); +}; + +} // namespace Cli + +} // namespace ot + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + +#endif // CLI_TCAT_HPP_ diff --git a/src/core/BUILD.gn b/src/core/BUILD.gn index 37843dd2ebb..5263637bdac 100644 --- a/src/core/BUILD.gn +++ b/src/core/BUILD.gn @@ -74,6 +74,10 @@ if (openthread_enable_core_config_args) { defines += [ "OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE=1" ] } + if (openthread_config_ble_tcat_enable) { + defines += [ "OPENTHREAD_CONFIG_BLE_TCAT_ENABLE=1" ] + } + if (openthread_config_border_agent_enable) { defines += [ "OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE=1" ] } @@ -301,6 +305,7 @@ config("core_config") { openthread_core_files = [ "api/backbone_router_api.cpp", "api/backbone_router_ftd_api.cpp", + "api/ble_secure_api.cpp", "api/border_agent_api.cpp", "api/border_router_api.cpp", "api/border_routing_api.cpp", @@ -510,8 +515,6 @@ openthread_core_files = [ "meshcop/dataset_manager_ftd.cpp", "meshcop/dataset_updater.cpp", "meshcop/dataset_updater.hpp", - "meshcop/dtls.cpp", - "meshcop/dtls.hpp", "meshcop/energy_scan_client.cpp", "meshcop/energy_scan_client.hpp", "meshcop/extended_panid.cpp", @@ -530,6 +533,10 @@ openthread_core_files = [ "meshcop/network_name.hpp", "meshcop/panid_query_client.cpp", "meshcop/panid_query_client.hpp", + "meshcop/secure_transport.cpp", + "meshcop/secure_transport.hpp", + "meshcop/tcat_agent.cpp", + "meshcop/tcat_agent.hpp", "meshcop/timestamp.cpp", "meshcop/timestamp.hpp", "net/checksum.cpp", @@ -585,6 +592,8 @@ openthread_core_files = [ "net/tcp6_ext.hpp", "net/udp6.cpp", "net/udp6.hpp", + "radio/ble_secure.cpp", + "radio/ble_secure.hpp", "radio/max_power_table.hpp", "radio/radio.cpp", "radio/radio.hpp", @@ -789,7 +798,6 @@ source_set("libopenthread_core_config") { "config/dns_client.h", "config/dns_dso.h", "config/dnssd_server.h", - "config/dtls.h", "config/history_tracker.h", "config/ip6.h", "config/joiner.h", @@ -811,6 +819,7 @@ source_set("libopenthread_core_config") { "config/platform.h", "config/power_calibration.h", "config/radio_link.h", + "config/secure_transport.h", "config/sntp_client.h", "config/srp_client.h", "config/srp_server.h", diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt index 813979ad7a7..24ceb22715b 100644 --- a/src/core/CMakeLists.txt +++ b/src/core/CMakeLists.txt @@ -33,6 +33,7 @@ set(COMMON_INCLUDES set(COMMON_SOURCES api/backbone_router_api.cpp api/backbone_router_ftd_api.cpp + api/ble_secure_api.cpp api/border_agent_api.cpp api/border_router_api.cpp api/border_routing_api.cpp @@ -148,7 +149,6 @@ set(COMMON_SOURCES meshcop/dataset_manager.cpp meshcop/dataset_manager_ftd.cpp meshcop/dataset_updater.cpp - meshcop/dtls.cpp meshcop/energy_scan_client.cpp meshcop/extended_panid.cpp meshcop/joiner.cpp @@ -158,6 +158,8 @@ set(COMMON_SOURCES meshcop/meshcop_tlvs.cpp meshcop/network_name.cpp meshcop/panid_query_client.cpp + meshcop/secure_transport.cpp + meshcop/tcat_agent.cpp meshcop/timestamp.cpp net/checksum.cpp net/dhcp6_client.cpp @@ -185,6 +187,7 @@ set(COMMON_SOURCES net/tcp6.cpp net/tcp6_ext.cpp net/udp6.cpp + radio/ble_secure.cpp radio/radio.cpp radio/radio_callbacks.cpp radio/radio_platform.cpp diff --git a/src/core/api/ble_secure_api.cpp b/src/core/api/ble_secure_api.cpp new file mode 100644 index 00000000000..d30a7f0aa69 --- /dev/null +++ b/src/core/api/ble_secure_api.cpp @@ -0,0 +1,184 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file implements the OpenThread BLE Secure API. + */ + +#include "openthread-core-config.h" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#include +#include + +#include "common/as_core_type.hpp" +#include "common/code_utils.hpp" +#include "common/locator_getters.hpp" +#include "meshcop/tcat_agent.hpp" +#include "radio/ble_secure.hpp" + +using namespace ot; + +otError otBleSecureStart(otInstance *aInstance, + otHandleBleSecureConnect aConnectHandler, + otHandleBleSecureReceive aReceiveHandler, + bool aTlvMode, + void *aContext) +{ + return AsCoreType(aInstance).Get().Start(aConnectHandler, aReceiveHandler, aTlvMode, aContext); +} + +otError otBleSecureTcatStart(otInstance *aInstance, const otTcatVendorInfo *aVendorInfo, otHandleTcatJoin aHandler) +{ + return AsCoreType(aInstance).Get().TcatStart(AsCoreType(aVendorInfo), aHandler); +} + +void otBleSecureStop(otInstance *aInstance) { AsCoreType(aInstance).Get().Stop(); } + +#ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +void otBleSecureSetPsk(otInstance *aInstance, + const uint8_t *aPsk, + uint16_t aPskLength, + const uint8_t *aPskIdentity, + uint16_t aPskIdLength) +{ + AssertPointerIsNotNull(aPsk); + AssertPointerIsNotNull(aPskIdentity); + OT_ASSERT(aPskLength != 0 && aPskIdLength != 0); + + AsCoreType(aInstance).Get().SetPreSharedKey(aPsk, aPskLength, aPskIdentity, aPskIdLength); +} +#endif // MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +otError otBleSecureGetPeerCertificateBase64(otInstance *aInstance, unsigned char *aPeerCert, size_t *aCertLength) +{ + return AsCoreType(aInstance).Get().GetPeerCertificateBase64(aPeerCert, aCertLength); +} +#endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +otError otBleSecureGetPeerSubjectAttributeByOid(otInstance *aInstance, + const char *aOid, + size_t aOidLength, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength, + int *aAsn1Type) +{ + return AsCoreType(aInstance).Get().GetPeerSubjectAttributeByOid(aOid, aOidLength, aAttributeBuffer, + aAttributeLength, aAsn1Type); +} + +otError otBleSecureGetThreadAttributeFromPeerCertificate(otInstance *aInstance, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) +{ + return AsCoreType(aInstance).Get().GetThreadAttributeFromPeerCertificate( + aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); +} +#endif // defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + +otError otBleSecureGetThreadAttributeFromOwnCertificate(otInstance *aInstance, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) +{ + return AsCoreType(aInstance).Get().GetThreadAttributeFromOwnCertificate( + aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); +} + +void otBleSecureSetSslAuthMode(otInstance *aInstance, bool aVerifyPeerCertificate) +{ + AsCoreType(aInstance).Get().SetSslAuthMode(aVerifyPeerCertificate); +} + +#ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +void otBleSecureSetCertificate(otInstance *aInstance, + const uint8_t *aX509Cert, + uint32_t aX509Length, + const uint8_t *aPrivateKey, + uint32_t aPrivateKeyLength) +{ + OT_ASSERT(aX509Cert != nullptr && aX509Length != 0 && aPrivateKey != nullptr && aPrivateKeyLength != 0); + + AsCoreType(aInstance).Get().SetCertificate(aX509Cert, aX509Length, aPrivateKey, aPrivateKeyLength); +} + +void otBleSecureSetCaCertificateChain(otInstance *aInstance, + const uint8_t *aX509CaCertificateChain, + uint32_t aX509CaCertChainLength) +{ + OT_ASSERT(aX509CaCertificateChain != nullptr && aX509CaCertChainLength != 0); + + AsCoreType(aInstance).Get().SetCaCertificateChain(aX509CaCertificateChain, aX509CaCertChainLength); +} +#endif // MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +otError otBleSecureConnect(otInstance *aInstance) { return AsCoreType(aInstance).Get().Connect(); } + +void otBleSecureDisconnect(otInstance *aInstance) { AsCoreType(aInstance).Get().Disconnect(); } + +bool otBleSecureIsConnectionActive(otInstance *aInstance) +{ + return AsCoreType(aInstance).Get().IsConnectionActive(); +} + +bool otBleSecureIsConnected(otInstance *aInstance) { return AsCoreType(aInstance).Get().IsConnected(); } + +bool otBleSecureIsTcatEnabled(otInstance *aInstance) +{ + return AsCoreType(aInstance).Get().IsTcatEnabled(); +} + +bool otBleSecureIsCommandClassAuthorized(otInstance *aInstance, otTcatCommandClass aCommandClass) +{ + return AsCoreType(aInstance).Get().IsCommandClassAuthorized( + static_cast(aCommandClass)); +} + +otError otBleSecureSendMessage(otInstance *aInstance, otMessage *aMessage) +{ + return AsCoreType(aInstance).Get().SendMessage(AsCoreType(aMessage)); +} + +otError otBleSecureSend(otInstance *aInstance, uint8_t *aBuf, uint16_t aLength) +{ + return AsCoreType(aInstance).Get().Send(aBuf, aLength); +} + +otError otBleSecureSendApplicationTlv(otInstance *aInstance, uint8_t *aBuf, uint16_t aLength) +{ + return AsCoreType(aInstance).Get().SendApplicationTlv(aBuf, aLength); +} + +otError otBleSecureFlush(otInstance *aInstance) { return AsCoreType(aInstance).Get().Flush(); } + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE diff --git a/src/core/coap/coap_secure.cpp b/src/core/coap/coap_secure.cpp index 7d0fbe1b3f5..1077cecc014 100644 --- a/src/core/coap/coap_secure.cpp +++ b/src/core/coap/coap_secure.cpp @@ -28,13 +28,14 @@ #include "coap_secure.hpp" -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE #include "common/locator_getters.hpp" #include "common/log.hpp" #include "common/new.hpp" #include "instance/instance.hpp" -#include "meshcop/dtls.hpp" +#include "meshcop/secure_transport.hpp" + #include "thread/thread_netif.hpp" /** @@ -67,7 +68,7 @@ Error CoapSecure::Start(uint16_t aPort) return error; } -Error CoapSecure::Start(MeshCoP::Dtls::TransportCallback aCallback, void *aContext) +Error CoapSecure::Start(MeshCoP::SecureTransport::TransportCallback aCallback, void *aContext) { Error error = kErrorNone; @@ -98,7 +99,7 @@ Error CoapSecure::Connect(const Ip6::SockAddr &aSockAddr, ConnectedCallback aCal void CoapSecure::SetPsk(const MeshCoP::JoinerPskd &aPskd) { static_assert(static_cast(MeshCoP::JoinerPskd::kMaxLength) <= - static_cast(MeshCoP::Dtls::kPskMaxLength), + static_cast(MeshCoP::SecureTransport::kPskMaxLength), "The maximum length of DTLS PSK is smaller than joiner PSKd"); SuccessOrAssert(mDtls.SetPsk(reinterpret_cast(aPskd.GetAsCString()), aPskd.GetLength())); @@ -224,4 +225,4 @@ void CoapSecure::HandleTransmit(void) } // namespace Coap } // namespace ot -#endif // OPENTHREAD_CONFIG_DTLS_ENABLE +#endif // OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE diff --git a/src/core/coap/coap_secure.hpp b/src/core/coap/coap_secure.hpp index b24e7d0fb2e..50a1d452161 100644 --- a/src/core/coap/coap_secure.hpp +++ b/src/core/coap/coap_secure.hpp @@ -31,12 +31,12 @@ #include "openthread-core-config.h" -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE #include "coap/coap.hpp" #include "common/callback.hpp" -#include "meshcop/dtls.hpp" #include "meshcop/meshcop.hpp" +#include "meshcop/secure_transport.hpp" #include @@ -91,7 +91,7 @@ class CoapSecure : public CoapBase * @retval kErrorAlready Already started. * */ - Error Start(MeshCoP::Dtls::TransportCallback aCallback, void *aContext); + Error Start(MeshCoP::SecureTransport::TransportCallback aCallback, void *aContext); /** * Sets connected callback of this secure CoAP agent. @@ -153,7 +153,7 @@ class CoapSecure : public CoapBase * @returns A reference to the DTLS object. * */ - MeshCoP::Dtls &GetDtls(void) { return mDtls; } + MeshCoP::SecureTransport &GetDtls(void) { return mDtls; } /** * Gets the UDP port of this agent. @@ -409,7 +409,7 @@ class CoapSecure : public CoapBase static void HandleTransmit(Tasklet &aTasklet); void HandleTransmit(void); - MeshCoP::Dtls mDtls; + MeshCoP::SecureTransport mDtls; Callback mConnectedCallback; ot::MessageQueue mTransmitQueue; TaskletContext mTransmitTask; @@ -418,6 +418,6 @@ class CoapSecure : public CoapBase } // namespace Coap } // namespace ot -#endif // OPENTHREAD_CONFIG_DTLS_ENABLE +#endif // OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE #endif // COAP_SECURE_HPP_ diff --git a/src/core/common/message.hpp b/src/core/common/message.hpp index 66153e240e8..d48f719c2a2 100644 --- a/src/core/common/message.hpp +++ b/src/core/common/message.hpp @@ -286,7 +286,8 @@ class Message : public otMessage, public Buffer, public GetProvider kTypeSupervision = 2, ///< A child supervision frame. kTypeMacEmptyData = 3, ///< An empty MAC data frame. kTypeIp4 = 4, ///< A full uncompressed IPv4 packet, for NAT64. - kTypeOther = 5, ///< Other (data) message. + kTypeBle = 5, ///< A BLE payload message. + kTypeOther = 6, ///< Other (data) message. }; /** diff --git a/src/core/config/ip6.h b/src/core/config/ip6.h index 8f349f138f1..82dc45c9547 100644 --- a/src/core/config/ip6.h +++ b/src/core/config/ip6.h @@ -178,8 +178,8 @@ * Define as 1 to enable support for TLS over TCP. * */ -#ifndef OPENTHREAD_CONFIG_TLS_ENABLE -#define OPENTHREAD_CONFIG_TLS_ENABLE OPENTHREAD_CONFIG_TCP_ENABLE +#if (OPENTHREAD_CONFIG_TCP_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE) && !defined(OPENTHREAD_CONFIG_TLS_ENABLE) +#define OPENTHREAD_CONFIG_TLS_ENABLE 1 #endif /** diff --git a/src/core/config/openthread-core-config-check.h b/src/core/config/openthread-core-config-check.h index 5d26a6e0ffc..de4fe15597b 100644 --- a/src/core/config/openthread-core-config-check.h +++ b/src/core/config/openthread-core-config-check.h @@ -122,7 +122,7 @@ #endif #ifdef OPENTHREAD_ENABLE_DTLS -#error "OPENTHREAD_ENABLE_DTLS was replaced by OPENTHREAD_CONFIG_DTLS_ENABLE." +#error "OPENTHREAD_ENABLE_DTLS was replaced by OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE." #endif #ifdef OPENTHREAD_ENABLE_JAM_DETECTION diff --git a/src/core/config/dtls.h b/src/core/config/secure_transport.h similarity index 79% rename from src/core/config/dtls.h rename to src/core/config/secure_transport.h index 09e833788bc..ea6799ff9ae 100644 --- a/src/core/config/dtls.h +++ b/src/core/config/secure_transport.h @@ -28,12 +28,12 @@ /** * @file - * This file includes compile-time configurations for DTLS. + * This file includes compile-time configurations for TLS/DTLS. * */ -#ifndef CONFIG_DTLS_H_ -#define CONFIG_DTLS_H_ +#ifndef CONFIG_SECURE_TRANSPORT_H_ +#define CONFIG_SECURE_TRANSPORT_H_ #include "config/border_agent.h" #include "config/coap.h" @@ -51,15 +51,19 @@ #endif /** - * @def OPENTHREAD_CONFIG_DTLS_ENABLE + * @def OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE * - * Define to 1 to enable DTLS. + * Define to 1 to enable DTLS/TLS. * */ -#ifndef OPENTHREAD_CONFIG_DTLS_ENABLE -#define OPENTHREAD_CONFIG_DTLS_ENABLE \ +#ifndef OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE +#define OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE \ (OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE || OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE || \ - OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || OPENTHREAD_CONFIG_JOINER_ENABLE) + OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || OPENTHREAD_CONFIG_JOINER_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE) #endif -#endif // CONFIG_DTLS_H_ +#if OPENTHREAD_CONFIG_DTLS_ENABLE +#error "OPENTHREAD_CONFIG_DTLS_ENABLE is deprecated please use OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE instead" +#endif + +#endif // CONFIG_SECURE_TRANSPORT_H_ diff --git a/src/core/instance/instance.cpp b/src/core/instance/instance.cpp index 706671a97f7..81e3324a1e1 100644 --- a/src/core/instance/instance.cpp +++ b/src/core/instance/instance.cpp @@ -156,7 +156,7 @@ Instance::Instance(void) #if OPENTHREAD_CONFIG_COMMISSIONER_ENABLE && OPENTHREAD_FTD , mCommissioner(*this) #endif -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE , mTmfSecureAgent(*this) #endif #if OPENTHREAD_CONFIG_JOINER_ENABLE @@ -211,6 +211,9 @@ Instance::Instance(void) #if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE , mApplicationCoapSecure(*this, /* aLayerTwoSecurity */ true) #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + , mApplicationBleSecure(*this) +#endif #if OPENTHREAD_CONFIG_PING_SENDER_ENABLE , mPingSender(*this) #endif @@ -456,7 +459,7 @@ void Instance::GetBufferInfo(BufferInfo &aInfo) Get().GetRequestMessages().GetInfo(aInfo.mCoapQueue); Get().GetCachedResponses().GetInfo(aInfo.mCoapQueue); -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE Get().GetRequestMessages().GetInfo(aInfo.mCoapSecureQueue); Get().GetCachedResponses().GetInfo(aInfo.mCoapSecureQueue); #endif diff --git a/src/core/instance/instance.hpp b/src/core/instance/instance.hpp index 596a5c68cd4..efde7fffbc1 100644 --- a/src/core/instance/instance.hpp +++ b/src/core/instance/instance.hpp @@ -97,6 +97,7 @@ #include "net/sntp_client.hpp" #include "net/srp_client.hpp" #include "net/srp_server.hpp" +#include "radio/ble_secure.hpp" #include "thread/address_resolver.hpp" #include "thread/announce_begin_server.hpp" #include "thread/announce_sender.hpp" @@ -547,7 +548,7 @@ class Instance : public otInstance, private NonCopyable MeshCoP::Commissioner mCommissioner; #endif -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE Tmf::SecureAgent mTmfSecureAgent; #endif @@ -618,6 +619,10 @@ class Instance : public otInstance, private NonCopyable Coap::CoapSecure mApplicationCoapSecure; #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + Ble::BleSecure mApplicationBleSecure; +#endif + #if OPENTHREAD_CONFIG_PING_SENDER_ENABLE Utils::PingSender mPingSender; #endif @@ -830,7 +835,7 @@ template <> inline Ip6::Mpl &Instance::Get(void) { return mIp6.mMpl; } template <> inline Tmf::Agent &Instance::Get(void) { return mTmfAgent; } -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE template <> inline Tmf::SecureAgent &Instance::Get(void) { return mTmfSecureAgent; } #endif @@ -1017,6 +1022,10 @@ template <> inline Nat64::Translator &Instance::Get(void) { return mNat64Transla template <> inline Srp::Server &Instance::Get(void) { return mSrpServer; } #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +template <> inline Ble::BleSecure &Instance::Get(void) { return mApplicationBleSecure; } +#endif + #endif // OPENTHREAD_MTD || OPENTHREAD_FTD #if OPENTHREAD_RADIO || OPENTHREAD_CONFIG_LINK_RAW_ENABLE diff --git a/src/core/meshcop/commissioner.hpp b/src/core/meshcop/commissioner.hpp index b62a8d26922..fda668c442b 100644 --- a/src/core/meshcop/commissioner.hpp +++ b/src/core/meshcop/commissioner.hpp @@ -50,9 +50,9 @@ #include "common/timer.hpp" #include "mac/mac_types.hpp" #include "meshcop/announce_begin_client.hpp" -#include "meshcop/dtls.hpp" #include "meshcop/energy_scan_client.hpp" #include "meshcop/panid_query_client.hpp" +#include "meshcop/secure_transport.hpp" #include "net/ip6_address.hpp" #include "net/udp6.hpp" #include "thread/key_manager.hpp" diff --git a/src/core/meshcop/joiner.hpp b/src/core/meshcop/joiner.hpp index 1b42c6ad344..ce430a73745 100644 --- a/src/core/meshcop/joiner.hpp +++ b/src/core/meshcop/joiner.hpp @@ -49,9 +49,9 @@ #include "common/message.hpp" #include "common/non_copyable.hpp" #include "mac/mac_types.hpp" -#include "meshcop/dtls.hpp" #include "meshcop/meshcop.hpp" #include "meshcop/meshcop_tlvs.hpp" +#include "meshcop/secure_transport.hpp" #include "thread/discover_scanner.hpp" #include "thread/tmf.hpp" diff --git a/src/core/meshcop/dtls.cpp b/src/core/meshcop/secure_transport.cpp similarity index 59% rename from src/core/meshcop/dtls.cpp rename to src/core/meshcop/secure_transport.cpp index e3c2275f169..945f701c6b0 100644 --- a/src/core/meshcop/dtls.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -31,7 +31,7 @@ * This file implements the necessary hooks for mbedTLS. */ -#include "dtls.hpp" +#include "secure_transport.hpp" #include #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED @@ -52,42 +52,43 @@ #include "instance/instance.hpp" #include "thread/thread_netif.hpp" -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE namespace ot { namespace MeshCoP { -RegisterLogModule("Dtls"); +RegisterLogModule("SecTransport"); #if (MBEDTLS_VERSION_NUMBER >= 0x03010000) -const uint16_t Dtls::sGroups[] = {MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, MBEDTLS_SSL_IANA_TLS_GROUP_NONE}; +const uint16_t SecureTransport::sGroups[] = {MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, MBEDTLS_SSL_IANA_TLS_GROUP_NONE}; #else -const mbedtls_ecp_group_id Dtls::sCurves[] = {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}; +const mbedtls_ecp_group_id SecureTransport::sCurves[] = {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}; #endif #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) || defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if (MBEDTLS_VERSION_NUMBER >= 0x03020000) -const uint16_t Dtls::sSignatures[] = {MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256, MBEDTLS_TLS1_3_SIG_NONE}; +const uint16_t SecureTransport::sSignatures[] = {MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256, MBEDTLS_TLS1_3_SIG_NONE}; #else -const int Dtls::sHashes[] = {MBEDTLS_MD_SHA256, MBEDTLS_MD_NONE}; +const int SecureTransport::sHashes[] = {MBEDTLS_MD_SHA256, MBEDTLS_MD_NONE}; #endif #endif -Dtls::Dtls(Instance &aInstance, bool aLayerTwoSecurity) +SecureTransport::SecureTransport(Instance &aInstance, bool aLayerTwoSecurity, bool aDatagramTransport) : InstanceLocator(aInstance) , mState(kStateClosed) , mPskLength(0) , mVerifyPeerCertificate(true) - , mTimer(aInstance, Dtls::HandleTimer, this) + , mTimer(aInstance, SecureTransport::HandleTimer, this) , mTimerIntermediate(0) , mTimerSet(false) , mLayerTwoSecurity(aLayerTwoSecurity) + , mDatagramTransport(aDatagramTransport) , mReceiveMessage(nullptr) , mSocket(aInstance) , mMessageSubType(Message::kSubTypeNone) , mMessageDefaultSubType(Message::kSubTypeNone) { -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED mPreSharedKey = nullptr; mPreSharedKeyIdentity = nullptr; @@ -118,12 +119,15 @@ Dtls::Dtls(Instance &aInstance, bool aLayerTwoSecurity) #endif } -void Dtls::FreeMbedtls(void) +void SecureTransport::FreeMbedtls(void) { #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_free(&mCookieCtx); + if (mDatagramTransport) + { + mbedtls_ssl_cookie_free(&mCookieCtx); + } #endif -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED mbedtls_x509_crt_free(&mCaChain); mbedtls_x509_crt_free(&mOwnCert); @@ -134,13 +138,13 @@ void Dtls::FreeMbedtls(void) mbedtls_ssl_free(&mSsl); } -Error Dtls::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHandler, void *aContext) +Error SecureTransport::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHandler, void *aContext) { Error error; VerifyOrExit(mState == kStateClosed, error = kErrorAlready); - SuccessOrExit(error = mSocket.Open(&Dtls::HandleUdpReceive, this)); + SuccessOrExit(error = mSocket.Open(&SecureTransport::HandleUdpReceive, this)); mConnectedCallback.Set(aConnectedHandler, aContext); mReceiveCallback.Set(aReceiveHandler, aContext); @@ -150,7 +154,7 @@ Error Dtls::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHand return error; } -Error Dtls::Connect(const Ip6::SockAddr &aSockAddr) +Error SecureTransport::Connect(const Ip6::SockAddr &aSockAddr) { Error error; @@ -165,24 +169,30 @@ Error Dtls::Connect(const Ip6::SockAddr &aSockAddr) return error; } -void Dtls::HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo) +void SecureTransport::HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo) { - static_cast(aContext)->HandleUdpReceive(AsCoreType(aMessage), AsCoreType(aMessageInfo)); + static_cast(aContext)->HandleUdpReceive(AsCoreType(aMessage), AsCoreType(aMessageInfo)); } -void Dtls::HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo) +void SecureTransport::HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { switch (mState) { - case Dtls::kStateClosed: + case SecureTransport::kStateClosed: ExitNow(); - case Dtls::kStateOpen: + case SecureTransport::kStateOpen: + IgnoreError(mSocket.Connect(Ip6::SockAddr(aMessageInfo.GetPeerAddr(), aMessageInfo.GetPeerPort()))); + mMessageInfo.SetPeerAddr(aMessageInfo.GetPeerAddr()); mMessageInfo.SetPeerPort(aMessageInfo.GetPeerPort()); mMessageInfo.SetIsHostInterface(aMessageInfo.IsHostInterface()); - mMessageInfo.SetSockAddr(aMessageInfo.GetSockAddr()); + if (Get().HasUnicastAddress(aMessageInfo.GetSockAddr())) + { + mMessageInfo.SetSockAddr(aMessageInfo.GetSockAddr()); + } + mMessageInfo.SetSockPort(aMessageInfo.GetSockPort()); SuccessOrExit(Setup(false)); @@ -196,7 +206,7 @@ void Dtls::HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageI } #ifdef MBEDTLS_SSL_SRV_C - if (mState == Dtls::kStateConnecting) + if (mState == SecureTransport::kStateConnecting) { IgnoreError(SetClientId(mMessageInfo.GetPeerAddr().mFields.m8, sizeof(mMessageInfo.GetPeerAddr().mFields))); } @@ -208,9 +218,9 @@ void Dtls::HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageI return; } -uint16_t Dtls::GetUdpPort(void) const { return mSocket.GetSockName().GetPort(); } +uint16_t SecureTransport::GetUdpPort(void) const { return mSocket.GetSockName().GetPort(); } -Error Dtls::Bind(uint16_t aPort) +Error SecureTransport::Bind(uint16_t aPort) { Error error; @@ -223,7 +233,7 @@ Error Dtls::Bind(uint16_t aPort) return error; } -Error Dtls::Bind(TransportCallback aCallback, void *aContext) +Error SecureTransport::Bind(TransportCallback aCallback, void *aContext) { Error error = kErrorNone; @@ -237,7 +247,7 @@ Error Dtls::Bind(TransportCallback aCallback, void *aContext) return error; } -Error Dtls::Setup(bool aClient) +Error SecureTransport::Setup(bool aClient) { int rval; @@ -248,7 +258,7 @@ Error Dtls::Setup(bool aClient) mbedtls_ssl_init(&mSsl); mbedtls_ssl_config_init(&mConf); -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED mbedtls_x509_crt_init(&mCaChain); mbedtls_x509_crt_init(&mOwnCert); @@ -256,15 +266,20 @@ Error Dtls::Setup(bool aClient) #endif #endif #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_init(&mCookieCtx); + if (mDatagramTransport) + { + mbedtls_ssl_cookie_init(&mCookieCtx); + } #endif - rval = mbedtls_ssl_config_defaults(&mConf, aClient ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT); + rval = mbedtls_ssl_config_defaults( + &mConf, aClient ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, + mDatagramTransport ? MBEDTLS_SSL_TRANSPORT_DATAGRAM : MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); VerifyOrExit(rval == 0); -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE - if (mVerifyPeerCertificate && mCipherSuites[0] == MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8) +#if OPENTHREAD_CONFIG_TLS_API_ENABLE + if (mVerifyPeerCertificate && (mCipherSuites[0] == MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 || + mCipherSuites[0] == MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)) { mbedtls_ssl_conf_authmode(&mConf, MBEDTLS_SSL_VERIFY_REQUIRED); } @@ -313,7 +328,7 @@ Error Dtls::Setup(bool aClient) mbedtls_ssl_conf_dbg(&mConf, HandleMbedtlsDebug, this); #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_COOKIE_C) - if (!aClient) + if (!aClient && mDatagramTransport) { rval = mbedtls_ssl_cookie_setup(&mCookieCtx, Crypto::MbedTls::CryptoSecurePrng, nullptr); VerifyOrExit(rval == 0); @@ -325,17 +340,21 @@ Error Dtls::Setup(bool aClient) rval = mbedtls_ssl_setup(&mSsl, &mConf); VerifyOrExit(rval == 0); - mbedtls_ssl_set_bio(&mSsl, this, &Dtls::HandleMbedtlsTransmit, HandleMbedtlsReceive, nullptr); - mbedtls_ssl_set_timer_cb(&mSsl, this, &Dtls::HandleMbedtlsSetTimer, HandleMbedtlsGetTimer); + mbedtls_ssl_set_bio(&mSsl, this, &SecureTransport::HandleMbedtlsTransmit, HandleMbedtlsReceive, nullptr); + + if (mDatagramTransport) + { + mbedtls_ssl_set_timer_cb(&mSsl, this, &SecureTransport::HandleMbedtlsSetTimer, HandleMbedtlsGetTimer); + } if (mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) { rval = mbedtls_ssl_set_hs_ecjpake_password(&mSsl, mPsk, mPskLength); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - rval = SetApplicationCoapSecureKeys(); + rval = SetApplicationSecureKeys(); } #endif VerifyOrExit(rval == 0); @@ -348,10 +367,10 @@ Error Dtls::Setup(bool aClient) { LogInfo("DTLS started"); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - LogInfo("Application Coap Secure DTLS started"); + LogInfo("Application Secure (D)TLS started"); } #endif @@ -369,14 +388,16 @@ Error Dtls::Setup(bool aClient) return Crypto::MbedTls::MapError(rval); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE -int Dtls::SetApplicationCoapSecureKeys(void) +#if OPENTHREAD_CONFIG_TLS_API_ENABLE +int SecureTransport::SetApplicationSecureKeys(void) { int rval = 0; switch (mCipherSuites[0]) { case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED if (mCaChainSrc != nullptr) { @@ -426,9 +447,9 @@ int Dtls::SetApplicationCoapSecureKeys(void) return rval; } -#endif // OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#endif // OPENTHREAD_CONFIG_TLS_API_ENABLE -void Dtls::Close(void) +void SecureTransport::Close(void) { Disconnect(); @@ -440,7 +461,7 @@ void Dtls::Close(void) mTimer.Stop(); } -void Dtls::Disconnect(void) +void SecureTransport::Disconnect(void) { VerifyOrExit(mState == kStateConnecting || mState == kStateConnected); @@ -457,7 +478,7 @@ void Dtls::Disconnect(void) return; } -Error Dtls::SetPsk(const uint8_t *aPsk, uint8_t aPskLength) +Error SecureTransport::SetPsk(const uint8_t *aPsk, uint8_t aPskLength) { Error error = kErrorNone; @@ -472,13 +493,13 @@ Error Dtls::SetPsk(const uint8_t *aPsk, uint8_t aPskLength) return error; } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -void Dtls::SetCertificate(const uint8_t *aX509Certificate, - uint32_t aX509CertLength, - const uint8_t *aPrivateKey, - uint32_t aPrivateKeyLength) +void SecureTransport::SetCertificate(const uint8_t *aX509Certificate, + uint32_t aX509CertLength, + const uint8_t *aPrivateKey, + uint32_t aPrivateKeyLength) { OT_ASSERT(aX509CertLength > 0); OT_ASSERT(aX509Certificate != nullptr); @@ -491,11 +512,19 @@ void Dtls::SetCertificate(const uint8_t *aX509Certificate, mPrivateKeySrc = aPrivateKey; mPrivateKeyLength = aPrivateKeyLength; - mCipherSuites[0] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8; + if (mDatagramTransport) + { + mCipherSuites[0] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8; + } + else + { + mCipherSuites[0] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; + } + mCipherSuites[1] = 0; } -void Dtls::SetCaCertificateChain(const uint8_t *aX509CaCertificateChain, uint32_t aX509CaCertChainLength) +void SecureTransport::SetCaCertificateChain(const uint8_t *aX509CaCertificateChain, uint32_t aX509CaCertChainLength) { OT_ASSERT(aX509CaCertChainLength > 0); OT_ASSERT(aX509CaCertificateChain != nullptr); @@ -507,7 +536,10 @@ void Dtls::SetCaCertificateChain(const uint8_t *aX509CaCertificateChain, uint32_ #endif // MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -void Dtls::SetPreSharedKey(const uint8_t *aPsk, uint16_t aPskLength, const uint8_t *aPskIdentity, uint16_t aPskIdLength) +void SecureTransport::SetPreSharedKey(const uint8_t *aPsk, + uint16_t aPskLength, + const uint8_t *aPskIdentity, + uint16_t aPskIdLength) { OT_ASSERT(aPsk != nullptr); OT_ASSERT(aPskIdentity != nullptr); @@ -525,7 +557,7 @@ void Dtls::SetPreSharedKey(const uint8_t *aPsk, uint16_t aPskLength, const uint8 #endif #if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -Error Dtls::GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLength, size_t aCertBufferSize) +Error SecureTransport::GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLength, size_t aCertBufferSize) { Error error = kErrorNone; @@ -550,17 +582,153 @@ Error Dtls::GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLeng } #endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -#endif // OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +Error SecureTransport::GetPeerSubjectAttributeByOid(const char *aOid, + size_t aOidLength, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength, + int *aAsn1Type) +{ + Error error = kErrorNone; + const mbedtls_asn1_named_data *data; + size_t length; + size_t attributeBufferSize; + mbedtls_x509_crt *peerCert = const_cast(mbedtls_ssl_get_peer_cert(&mSsl)); + + VerifyOrExit(aAttributeLength != nullptr, error = kErrorInvalidArgs); + attributeBufferSize = *aAttributeLength; + *aAttributeLength = 0; + + VerifyOrExit(aAttributeBuffer != nullptr, error = kErrorNoBufs); + VerifyOrExit(peerCert != nullptr, error = kErrorInvalidState); + data = mbedtls_asn1_find_named_data(&peerCert->subject, aOid, aOidLength); + VerifyOrExit(data != nullptr, error = kErrorNotFound); + length = data->val.len; + VerifyOrExit(length <= attributeBufferSize, error = kErrorNoBufs); + + if (aAttributeLength != nullptr) + { + *aAttributeLength = length; + } + + if (aAsn1Type != nullptr) + { + *aAsn1Type = data->val.tag; + } + + memcpy(aAttributeBuffer, data->val.p, length); + +exit: + return error; +} + +Error SecureTransport::GetThreadAttributeFromPeerCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) +{ + const mbedtls_x509_crt *cert = mbedtls_ssl_get_peer_cert(&mSsl); + + return GetThreadAttributeFromCertificate(cert, aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); +} + +#endif // defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + +Error SecureTransport::GetThreadAttributeFromOwnCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) +{ + const mbedtls_x509_crt *cert = &mOwnCert; + + return GetThreadAttributeFromCertificate(cert, aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); +} + +Error SecureTransport::GetThreadAttributeFromCertificate(const mbedtls_x509_crt *aCert, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) +{ + Error error = kErrorNotFound; + char oid[9] = {0x2B, 0x06, 0x01, 0x04, 0x01, static_cast(0x82), static_cast(0xDF), + 0x2A, 0x00}; // 1.3.6.1.4.1.44970.0 + mbedtls_x509_buf v3_ext; + unsigned char *p, *end, *endExtData; + size_t len; + size_t attributeBufferSize; + mbedtls_x509_buf extnOid; + int ret, isCritical; + + VerifyOrExit(aAttributeLength != nullptr, error = kErrorInvalidArgs); + attributeBufferSize = *aAttributeLength; + *aAttributeLength = 0; + + VerifyOrExit(aCert != nullptr, error = kErrorInvalidState); + v3_ext = aCert->v3_ext; + p = v3_ext.p; + VerifyOrExit(p != nullptr, error = kErrorInvalidState); + end = p + v3_ext.len; + VerifyOrExit(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0, + error = kErrorParse); + VerifyOrExit(end == p + len, error = kErrorParse); + + VerifyOrExit(aThreadOidDescriptor < 128, error = kErrorNotImplemented); + oid[sizeof(oid) - 1] = static_cast(aThreadOidDescriptor); + + while (p < end) + { + isCritical = 0; + VerifyOrExit(mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0, + error = kErrorParse); + endExtData = p + len; + + // Get extension ID + VerifyOrExit(mbedtls_asn1_get_tag(&p, endExtData, &extnOid.len, MBEDTLS_ASN1_OID) == 0, error = kErrorParse); + extnOid.tag = MBEDTLS_ASN1_OID; + extnOid.p = p; + p += extnOid.len; + + // Get optional critical + ret = mbedtls_asn1_get_bool(&p, endExtData, &isCritical); + VerifyOrExit(ret == 0 || ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG, error = kErrorParse); + + // Data should be octet string type + VerifyOrExit(mbedtls_asn1_get_tag(&p, endExtData, &len, MBEDTLS_ASN1_OCTET_STRING) == 0, error = kErrorParse); + VerifyOrExit(endExtData == p + len, error = kErrorParse); + + if (isCritical || extnOid.len != sizeof(oid)) + { + continue; + } + + if (memcmp(extnOid.p, oid, sizeof(oid)) == 0) + { + *aAttributeLength = len; + + if (aAttributeBuffer != nullptr) + { + VerifyOrExit(len <= attributeBufferSize, error = kErrorNoBufs); + memcpy(aAttributeBuffer, p, len); + } + + error = kErrorNone; + break; + } + } + +exit: + return error; +} + +#endif // OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_SSL_SRV_C -Error Dtls::SetClientId(const uint8_t *aClientId, uint8_t aLength) +Error SecureTransport::SetClientId(const uint8_t *aClientId, uint8_t aLength) { int rval = mbedtls_ssl_set_client_transport_id(&mSsl, aClientId, aLength); return Crypto::MbedTls::MapError(rval); } #endif -Error Dtls::Send(Message &aMessage, uint16_t aLength) +Error SecureTransport::Send(Message &aMessage, uint16_t aLength) { Error error = kErrorNone; uint8_t buffer[kApplicationDataMaxLength]; @@ -583,7 +751,7 @@ Error Dtls::Send(Message &aMessage, uint16_t aLength) return error; } -void Dtls::Receive(Message &aMessage) +void SecureTransport::Receive(Message &aMessage) { mReceiveMessage = &aMessage; @@ -592,28 +760,28 @@ void Dtls::Receive(Message &aMessage) mReceiveMessage = nullptr; } -int Dtls::HandleMbedtlsTransmit(void *aContext, const unsigned char *aBuf, size_t aLength) +int SecureTransport::HandleMbedtlsTransmit(void *aContext, const unsigned char *aBuf, size_t aLength) { - return static_cast(aContext)->HandleMbedtlsTransmit(aBuf, aLength); + return static_cast(aContext)->HandleMbedtlsTransmit(aBuf, aLength); } -int Dtls::HandleMbedtlsTransmit(const unsigned char *aBuf, size_t aLength) +int SecureTransport::HandleMbedtlsTransmit(const unsigned char *aBuf, size_t aLength) { Error error; int rval = 0; if (mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) { - LogDebg("HandleMbedtlsTransmit"); + LogDebg("HandleMbedtlsTransmit DTLS"); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - LogDebg("ApplicationCoapSecure HandleMbedtlsTransmit"); + LogDebg("HandleMbedtlsTransmit TLS"); } #endif - error = HandleDtlsSend(aBuf, static_cast(aLength), mMessageSubType); + error = HandleSecureTransportSend(aBuf, static_cast(aLength), mMessageSubType); // Restore default sub type. mMessageSubType = mMessageDefaultSubType; @@ -637,23 +805,23 @@ int Dtls::HandleMbedtlsTransmit(const unsigned char *aBuf, size_t aLength) return rval; } -int Dtls::HandleMbedtlsReceive(void *aContext, unsigned char *aBuf, size_t aLength) +int SecureTransport::HandleMbedtlsReceive(void *aContext, unsigned char *aBuf, size_t aLength) { - return static_cast(aContext)->HandleMbedtlsReceive(aBuf, aLength); + return static_cast(aContext)->HandleMbedtlsReceive(aBuf, aLength); } -int Dtls::HandleMbedtlsReceive(unsigned char *aBuf, size_t aLength) +int SecureTransport::HandleMbedtlsReceive(unsigned char *aBuf, size_t aLength) { int rval; if (mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) { - LogDebg("HandleMbedtlsReceive"); + LogDebg("HandleMbedtlsReceive DTLS"); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - LogDebg("ApplicationCoapSecure HandleMbedtlsReceive"); + LogDebg("HandleMbedtlsReceive TLS"); } #endif @@ -672,9 +840,12 @@ int Dtls::HandleMbedtlsReceive(unsigned char *aBuf, size_t aLength) return rval; } -int Dtls::HandleMbedtlsGetTimer(void *aContext) { return static_cast(aContext)->HandleMbedtlsGetTimer(); } +int SecureTransport::HandleMbedtlsGetTimer(void *aContext) +{ + return static_cast(aContext)->HandleMbedtlsGetTimer(); +} -int Dtls::HandleMbedtlsGetTimer(void) +int SecureTransport::HandleMbedtlsGetTimer(void) { int rval; @@ -682,10 +853,10 @@ int Dtls::HandleMbedtlsGetTimer(void) { LogDebg("HandleMbedtlsGetTimer"); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - LogDebg("ApplicationCoapSecure HandleMbedtlsGetTimer"); + LogDebg("HandleMbedtlsGetTimer"); } #endif @@ -709,21 +880,21 @@ int Dtls::HandleMbedtlsGetTimer(void) return rval; } -void Dtls::HandleMbedtlsSetTimer(void *aContext, uint32_t aIntermediate, uint32_t aFinish) +void SecureTransport::HandleMbedtlsSetTimer(void *aContext, uint32_t aIntermediate, uint32_t aFinish) { - static_cast(aContext)->HandleMbedtlsSetTimer(aIntermediate, aFinish); + static_cast(aContext)->HandleMbedtlsSetTimer(aIntermediate, aFinish); } -void Dtls::HandleMbedtlsSetTimer(uint32_t aIntermediate, uint32_t aFinish) +void SecureTransport::HandleMbedtlsSetTimer(uint32_t aIntermediate, uint32_t aFinish) { if (mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) { - LogDebg("SetTimer"); + LogDebg("SetTimer DTLS"); } -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE else { - LogDebg("ApplicationCoapSecure SetTimer"); + LogDebg("SetTimer TLS"); } #endif @@ -742,42 +913,42 @@ void Dtls::HandleMbedtlsSetTimer(uint32_t aIntermediate, uint32_t aFinish) #if (MBEDTLS_VERSION_NUMBER >= 0x03000000) -void Dtls::HandleMbedtlsExportKeys(void *aContext, - mbedtls_ssl_key_export_type aType, - const unsigned char *aMasterSecret, - size_t aMasterSecretLen, - const unsigned char aClientRandom[32], - const unsigned char aServerRandom[32], - mbedtls_tls_prf_types aTlsPrfType) +void SecureTransport::HandleMbedtlsExportKeys(void *aContext, + mbedtls_ssl_key_export_type aType, + const unsigned char *aMasterSecret, + size_t aMasterSecretLen, + const unsigned char aClientRandom[32], + const unsigned char aServerRandom[32], + mbedtls_tls_prf_types aTlsPrfType) { - static_cast(aContext)->HandleMbedtlsExportKeys(aType, aMasterSecret, aMasterSecretLen, aClientRandom, - aServerRandom, aTlsPrfType); + static_cast(aContext)->HandleMbedtlsExportKeys(aType, aMasterSecret, aMasterSecretLen, + aClientRandom, aServerRandom, aTlsPrfType); } -void Dtls::HandleMbedtlsExportKeys(mbedtls_ssl_key_export_type aType, - const unsigned char *aMasterSecret, - size_t aMasterSecretLen, - const unsigned char aClientRandom[32], - const unsigned char aServerRandom[32], - mbedtls_tls_prf_types aTlsPrfType) +void SecureTransport::HandleMbedtlsExportKeys(mbedtls_ssl_key_export_type aType, + const unsigned char *aMasterSecret, + size_t aMasterSecretLen, + const unsigned char aClientRandom[32], + const unsigned char aServerRandom[32], + mbedtls_tls_prf_types aTlsPrfType) { Crypto::Sha256::Hash kek; Crypto::Sha256 sha256; - unsigned char keyBlock[kDtlsKeyBlockSize]; - unsigned char randBytes[2 * kDtlsRandomBufferSize]; + unsigned char keyBlock[kSecureTransportKeyBlockSize]; + unsigned char randBytes[2 * kSecureTransportRandomBufferSize]; VerifyOrExit(mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8); VerifyOrExit(aType == MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET); - memcpy(randBytes, aServerRandom, kDtlsRandomBufferSize); - memcpy(randBytes + kDtlsRandomBufferSize, aClientRandom, kDtlsRandomBufferSize); + memcpy(randBytes, aServerRandom, kSecureTransportRandomBufferSize); + memcpy(randBytes + kSecureTransportRandomBufferSize, aClientRandom, kSecureTransportRandomBufferSize); // Retrieve the Key block from Master secret mbedtls_ssl_tls_prf(aTlsPrfType, aMasterSecret, aMasterSecretLen, "key expansion", randBytes, sizeof(randBytes), keyBlock, sizeof(keyBlock)); sha256.Start(); - sha256.Update(keyBlock, kDtlsKeyBlockSize); + sha256.Update(keyBlock, kSecureTransportKeyBlockSize); sha256.Finish(kek); LogDebg("Generated KEK"); @@ -789,22 +960,22 @@ void Dtls::HandleMbedtlsExportKeys(mbedtls_ssl_key_export_type aType, #else -int Dtls::HandleMbedtlsExportKeys(void *aContext, - const unsigned char *aMasterSecret, - const unsigned char *aKeyBlock, - size_t aMacLength, - size_t aKeyLength, - size_t aIvLength) +int SecureTransport::HandleMbedtlsExportKeys(void *aContext, + const unsigned char *aMasterSecret, + const unsigned char *aKeyBlock, + size_t aMacLength, + size_t aKeyLength, + size_t aIvLength) { - return static_cast(aContext)->HandleMbedtlsExportKeys(aMasterSecret, aKeyBlock, aMacLength, aKeyLength, - aIvLength); + return static_cast(aContext)->HandleMbedtlsExportKeys(aMasterSecret, aKeyBlock, aMacLength, + aKeyLength, aIvLength); } -int Dtls::HandleMbedtlsExportKeys(const unsigned char *aMasterSecret, - const unsigned char *aKeyBlock, - size_t aMacLength, - size_t aKeyLength, - size_t aIvLength) +int SecureTransport::HandleMbedtlsExportKeys(const unsigned char *aMasterSecret, + const unsigned char *aKeyBlock, + size_t aMacLength, + size_t aKeyLength, + size_t aIvLength) { OT_UNUSED_VARIABLE(aMasterSecret); @@ -826,12 +997,12 @@ int Dtls::HandleMbedtlsExportKeys(const unsigned char *aMasterSecret, #endif // (MBEDTLS_VERSION_NUMBER >= 0x03000000) -void Dtls::HandleTimer(Timer &aTimer) +void SecureTransport::HandleTimer(Timer &aTimer) { - static_cast(static_cast(aTimer).GetContext())->HandleTimer(); + static_cast(static_cast(aTimer).GetContext())->HandleTimer(); } -void Dtls::HandleTimer(void) +void SecureTransport::HandleTimer(void) { switch (mState) { @@ -852,7 +1023,7 @@ void Dtls::HandleTimer(void) } } -void Dtls::Process(void) +void SecureTransport::Process(void) { uint8_t buf[OPENTHREAD_CONFIG_DTLS_MAX_CONTENT_LEN]; bool shouldDisconnect = false; @@ -938,12 +1109,12 @@ void Dtls::Process(void) } } -void Dtls::HandleMbedtlsDebug(void *aContext, int aLevel, const char *aFile, int aLine, const char *aStr) +void SecureTransport::HandleMbedtlsDebug(void *aContext, int aLevel, const char *aFile, int aLine, const char *aStr) { - static_cast(aContext)->HandleMbedtlsDebug(aLevel, aFile, aLine, aStr); + static_cast(aContext)->HandleMbedtlsDebug(aLevel, aFile, aLine, aStr); } -void Dtls::HandleMbedtlsDebug(int aLevel, const char *aFile, int aLine, const char *aStr) +void SecureTransport::HandleMbedtlsDebug(int aLevel, const char *aFile, int aLine, const char *aStr) { OT_UNUSED_VARIABLE(aStr); OT_UNUSED_VARIABLE(aFile); @@ -970,7 +1141,9 @@ void Dtls::HandleMbedtlsDebug(int aLevel, const char *aFile, int aLine, const ch } } -Error Dtls::HandleDtlsSend(const uint8_t *aBuf, uint16_t aLength, Message::SubType aMessageSubType) +Error SecureTransport::HandleSecureTransportSend(const uint8_t *aBuf, + uint16_t aLength, + Message::SubType aMessageSubType) { Error error = kErrorNone; ot::Message *message = nullptr; @@ -1004,4 +1177,4 @@ Error Dtls::HandleDtlsSend(const uint8_t *aBuf, uint16_t aLength, Message::SubTy } // namespace MeshCoP } // namespace ot -#endif // OPENTHREAD_CONFIG_DTLS_ENABLE +#endif // OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE diff --git a/src/core/meshcop/dtls.hpp b/src/core/meshcop/secure_transport.hpp similarity index 65% rename from src/core/meshcop/dtls.hpp rename to src/core/meshcop/secure_transport.hpp index 2a4df728d22..ef51f5e28cf 100644 --- a/src/core/meshcop/dtls.hpp +++ b/src/core/meshcop/secure_transport.hpp @@ -31,17 +31,33 @@ * This file includes definitions for using mbedTLS. */ -#ifndef DTLS_HPP_ -#define DTLS_HPP_ +#ifndef SECURE_TRANSPORT_HPP_ +#define SECURE_TRANSPORT_HPP_ #include "openthread-core-config.h" +#ifdef OPENTHREAD_CONFIG_TLS_API_ENABLE +#error `OPENTHREAD_CONFIG_TLS_API_ENABLE` must not be defined directly, it is determined from `COAP_SECURE_API_ENABLE` and `BLE_TCAT_ENABLE` +#endif + +#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#define OPENTHREAD_CONFIG_TLS_API_ENABLE 1 +#else +#define OPENTHREAD_CONFIG_TLS_API_ENABLE 0 +#endif + #include #include #include #include -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#ifndef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#error OPENTHREAD_CONFIG_BLE_TCAT_ENABLE requires MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#endif +#endif + +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) #include #endif @@ -67,19 +83,20 @@ namespace ot { namespace MeshCoP { -class Dtls : public InstanceLocator +class SecureTransport : public InstanceLocator { public: static constexpr uint8_t kPskMaxLength = 32; ///< Maximum PSK length. /** - * Initializes the DTLS object. + * Initializes the SecureTransport object. * * @param[in] aInstance A reference to the OpenThread instance. * @param[in] aLayerTwoSecurity Specifies whether to use layer two security or not. + * @param[in] aDatagramTransport Specifies if dtls of tls connection should be used. * */ - explicit Dtls(Instance &aInstance, bool aLayerTwoSecurity); + explicit SecureTransport(Instance &aInstance, bool aLayerTwoSecurity, bool aDatagramTransport = true); /** * Pointer is called when a connection is established or torn down. @@ -91,7 +108,7 @@ class Dtls : public InstanceLocator typedef void (*ConnectedHandler)(void *aContext, bool aConnected); /** - * Pointer is called when data is received from the DTLS session. + * Pointer is called when data is received from the session. * * @param[in] aContext A pointer to application-specific context. * @param[in] aBuf A pointer to the received data buffer. @@ -111,14 +128,14 @@ class Dtls : public InstanceLocator typedef Error (*TransportCallback)(void *aContext, ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo); /** - * Opens the DTLS socket. + * Opens the socket. * - * @param[in] aReceiveHandler A pointer to a function that is called to receive DTLS payload. + * @param[in] aReceiveHandler A pointer to a function that is called to receive payload. * @param[in] aConnectedHandler A pointer to a function that is called when connected or disconnected. * @param[in] aContext A pointer to arbitrary context information. * * @retval kErrorNone Successfully opened the socket. - * @retval kErrorAlready The DTLS is already open. + * @retval kErrorAlready The connection is already open. * */ Error Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHandler, void *aContext); @@ -128,8 +145,8 @@ class Dtls : public InstanceLocator * * @param[in] aPort The port to bind. * - * @retval kErrorNone Successfully bound the DTLS socket. - * @retval kErrorInvalidState The DTLS socket is not open. + * @retval kErrorNone Successfully bound the socket. + * @retval kErrorInvalidState The socket is not open. * @retval kErrorAlready Already bound. * */ @@ -144,20 +161,20 @@ class Dtls : public InstanceLocator uint16_t GetUdpPort(void) const; /** - * Binds this DTLS with a transport callback. + * Binds with a transport callback. * * @param[in] aCallback A pointer to a function for sending messages. * @param[in] aContext A pointer to arbitrary context information. * - * @retval kErrorNone Successfully bound the DTLS socket. - * @retval kErrorInvalidState The DTLS socket is not open. + * @retval kErrorNone Successfully bound the socket. + * @retval kErrorInvalidState The socket is not open. * @retval kErrorAlready Already bound. * */ Error Bind(TransportCallback aCallback, void *aContext); /** - * Establishes a DTLS session. + * Establishes a secure session. * * For CoAP Secure API do first: * Set X509 Pk and Cert for use DTLS mode ECDHE ECDSA with AES 128 CCM 8 or @@ -165,38 +182,38 @@ class Dtls : public InstanceLocator * * @param[in] aSockAddr A reference to the remote sockaddr. * - * @retval kErrorNone Successfully started DTLS handshake. - * @retval kErrorInvalidState The DTLS socket is not open. + * @retval kErrorNone Successfully started handshake. + * @retval kErrorInvalidState The socket is not open. * */ Error Connect(const Ip6::SockAddr &aSockAddr); /** - * Indicates whether or not the DTLS session is active. + * Indicates whether or not the session is active. * - * @retval TRUE If DTLS session is active. - * @retval FALSE If DTLS session is not active. + * @retval TRUE If session is active. + * @retval FALSE If session is not active. * */ bool IsConnectionActive(void) const { return mState >= kStateConnecting; } /** - * Indicates whether or not the DTLS session is connected. + * Indicates whether or not the session is connected. * - * @retval TRUE The DTLS session is connected. - * @retval FALSE The DTLS session is not connected. + * @retval TRUE The session is connected. + * @retval FALSE The session is not connected. * */ bool IsConnected(void) const { return mState == kStateConnected; } /** - * Disconnects the DTLS session. + * Disconnects the session. * */ void Disconnect(void); /** - * Closes the DTLS socket. + * Closes the socket. * */ void Close(void); @@ -212,10 +229,10 @@ class Dtls : public InstanceLocator */ Error SetPsk(const uint8_t *aPsk, uint8_t aPskLength); -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED /** - * Sets the Pre-Shared Key (PSK) for DTLS sessions- + * Sets the Pre-Shared Key (PSK) for sessions- * identified by a PSK. * * DTLS mode "PSK with AES 128 CCM 8" for Application CoAPS. @@ -280,8 +297,84 @@ class Dtls : public InstanceLocator Error GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLength, size_t aCertBufferSize); #endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /** - * Set the authentication mode for a dtls connection. + * Returns an attribute value identified by its OID from the subject + * of the peer x509 certificate. The peer OID is provided in binary format. + * The attribute length is set if the attribute was successfully read or zero + * if unsuccessful. The ASN.1 type as is set as defineded in the ITU-T X.690 standard + * if the attribute was successfully read. + * + * @param[in] aOid A pointer to the OID to be found. + * @param[in] aOidLength The length of the OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * @param[out] aAsn1Type A pointer to the ASN.1 type of the attribute written to the buffer. + * + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorInvalidArgs Invalid attribute length. + * @retval kErrorNone Successfully read attribute. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * + */ + Error GetPeerSubjectAttributeByOid(const char *aOid, + size_t aOidLength, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength, + int *aAsn1Type); + + /** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the peer x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval kErrorNone Successfully read attribute. + * @retval kErrorInvalidArgs Invalid attribute length. + * @retval kErrorNotFound The requested attribute was not found. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNotImplemented The value of aThreadOidDescriptor is >127. + * @retval kErrorParse The certificate extensions could not be parsed. + * + */ + Error GetThreadAttributeFromPeerCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength); +#endif // defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + + /** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the own x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval kErrorNone Successfully read attribute. + * @retval kErrorInvalidArgs Invalid attribute length. + * @retval kErrorNotFound The requested attribute was not found. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNotImplemented The value of aThreadOidDescriptor is >127. + * @retval kErrorParse The certificate extensions could not be parsed. + * + */ + Error GetThreadAttributeFromOwnCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength); + + /** + * Set the authentication mode for a connection. * * Disable or enable the verification of peer certificate. * Must called before start. @@ -290,7 +383,7 @@ class Dtls : public InstanceLocator * */ void SetSslAuthMode(bool aVerifyPeerCertificate) { mVerifyPeerCertificate = aVerifyPeerCertificate; } -#endif // OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#endif // OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_SSL_SRV_C /** @@ -306,19 +399,19 @@ class Dtls : public InstanceLocator #endif /** - * Sends data within the DTLS session. + * Sends data within the session. * - * @param[in] aMessage A message to send via DTLS. + * @param[in] aMessage A message to send via connection. * @param[in] aLength Number of bytes in the data buffer. * - * @retval kErrorNone Successfully sent the data via the DTLS session. + * @retval kErrorNone Successfully sent the data via the session. * @retval kErrorNoBufs A message is too long. * */ Error Send(Message &aMessage, uint16_t aLength); /** - * Provides a received DTLS message to the DTLS object. + * Provides a received message to the SecureTransport object. * * @param[in] aMessage A reference to the message. * @@ -335,9 +428,9 @@ class Dtls : public InstanceLocator void SetDefaultMessageSubType(Message::SubType aMessageSubType) { mMessageDefaultSubType = aMessageSubType; } /** - * Returns the DTLS session's peer address. + * Returns the session's peer address. * - * @return DTLS session's message info. + * @return session's message info. * */ const Ip6::MessageInfo &GetMessageInfo(void) const { return mMessageInfo; } @@ -349,34 +442,39 @@ class Dtls : public InstanceLocator { kStateClosed, // UDP socket is closed. kStateOpen, // UDP socket is open. - kStateInitializing, // The DTLS service is initializing. - kStateConnecting, // The DTLS service is establishing a connection. - kStateConnected, // The DTLS service has a connection established. - kStateCloseNotify, // The DTLS service is closing a connection. + kStateInitializing, // The service is initializing. + kStateConnecting, // The service is establishing a connection. + kStateConnected, // The service has a connection established. + kStateCloseNotify, // The service is closing a connection. }; static constexpr uint32_t kGuardTimeNewConnectionMilli = 2000; -#if !OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if !OPENTHREAD_CONFIG_TLS_API_ENABLE static constexpr uint16_t kApplicationDataMaxLength = 1152; #else static constexpr uint16_t kApplicationDataMaxLength = OPENTHREAD_CONFIG_DTLS_APPLICATION_DATA_MAX_LENGTH; #endif - static constexpr size_t kDtlsKeyBlockSize = 40; - static constexpr size_t kDtlsRandomBufferSize = 32; + static constexpr size_t kSecureTransportKeyBlockSize = 40; + static constexpr size_t kSecureTransportRandomBufferSize = 32; void FreeMbedtls(void); Error Setup(bool aClient); -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE /** * Set keys and/or certificates for dtls session dependent of used cipher suite. * * @retval mbedtls error, 0 if successfully. * */ - int SetApplicationCoapSecureKeys(void); + int SetApplicationSecureKeys(void); + + Error GetThreadAttributeFromCertificate(const mbedtls_x509_crt *aCert, + int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength); #endif static void HandleMbedtlsDebug(void *aContext, int aLevel, const char *aFile, int aLine, const char *aStr); @@ -434,8 +532,8 @@ class Dtls : public InstanceLocator static void HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo); - void HandleDtlsReceive(const uint8_t *aBuf, uint16_t aLength); - Error HandleDtlsSend(const uint8_t *aBuf, uint16_t aLength, Message::SubType aMessageSubType); + void HandleSecureTransportReceive(const uint8_t *aBuf, uint16_t aLength); + Error HandleSecureTransportSend(const uint8_t *aBuf, uint16_t aLength, Message::SubType aMessageSubType); void Process(void); @@ -459,7 +557,7 @@ class Dtls : public InstanceLocator #endif #endif -#if OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE +#if OPENTHREAD_CONFIG_TLS_API_ENABLE #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED const uint8_t *mCaChainSrc; uint32_t mCaChainLength; @@ -494,16 +592,19 @@ class Dtls : public InstanceLocator bool mTimerSet : 1; bool mLayerTwoSecurity : 1; + bool mDatagramTransport : 1; Message *mReceiveMessage; Callback mConnectedCallback; Callback mReceiveCallback; + void *mContext; Ip6::MessageInfo mMessageInfo; Ip6::Udp::Socket mSocket; Callback mTransportCallback; + void *mTransportContext; Message::SubType mMessageSubType; Message::SubType mMessageDefaultSubType; @@ -512,4 +613,4 @@ class Dtls : public InstanceLocator } // namespace MeshCoP } // namespace ot -#endif // DTLS_HPP_ +#endif // SECURE_TRANSPORT_HPP_ diff --git a/src/core/meshcop/tcat_agent.cpp b/src/core/meshcop/tcat_agent.cpp new file mode 100644 index 00000000000..f8df7737ee3 --- /dev/null +++ b/src/core/meshcop/tcat_agent.cpp @@ -0,0 +1,516 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file implements the TCAT Agent service. + */ + +#include "tcat_agent.hpp" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#include + +#include "common/array.hpp" +#include "common/code_utils.hpp" +#include "common/debug.hpp" +#include "common/encoding.hpp" +#include "common/locator_getters.hpp" +#include "common/string.hpp" +#include "instance/instance.hpp" +#include "radio/radio.hpp" +#include "thread/thread_netif.hpp" +#include "thread/uri_paths.hpp" +#include "utils/otns.hpp" + +namespace ot { +namespace MeshCoP { + +RegisterLogModule("TcatAgent"); + +bool TcatAgent::VendorInfo::IsValid(void) const +{ + return mProvisioningUrl == nullptr || IsValidUtf8String(mProvisioningUrl) || mPskdString != nullptr; +} + +TcatAgent::TcatAgent(Instance &aInstance) + : InstanceLocator(aInstance) + , mVendorInfo(nullptr) + , mCurrentApplicationProtocol(kApplicationProtocolNone) + , mState(kStateDisabled) + , mAlreadyCommissioned(false) + , mCommissionerHasNetworkName(false) + , mCommissionerHasDomainName(false) + , mCommissionerHasExtendedPanId(false) +{ + mJoinerPskd.Clear(); + mCurrentServiceName[0] = 0; +} + +Error TcatAgent::Start(const TcatAgent::VendorInfo &aVendorInfo, + AppDataReceiveCallback aAppDataReceiveCallback, + JoinCallback aHandler, + void *aContext) +{ + Error error = kErrorNone; + + LogInfo("Starting"); + + VerifyOrExit(aVendorInfo.IsValid(), error = kErrorInvalidArgs); + SuccessOrExit(error = mJoinerPskd.SetFrom(aVendorInfo.mPskdString)); + + mAppDataReceiveCallback.Set(aAppDataReceiveCallback, aContext); + mJoinCallback.Set(aHandler, aContext); + + mVendorInfo = &aVendorInfo; + mCurrentApplicationProtocol = kApplicationProtocolNone; + mState = kStateEnabled; + mAlreadyCommissioned = false; + +exit: + LogError("start TCAT agent", error); + return error; +} + +void TcatAgent::Stop(void) +{ + mCurrentApplicationProtocol = kApplicationProtocolNone; + mState = kStateDisabled; + mAlreadyCommissioned = false; + mAppDataReceiveCallback.Clear(); + mJoinCallback.Clear(); + LogInfo("TCAT agent stopped"); +} + +Error TcatAgent::Connected(MeshCoP::SecureTransport &aTlsContext) +{ + size_t len; + Error error; + + VerifyOrExit(IsEnabled(), error = kErrorInvalidState); + len = sizeof(mCommissionerAuthorizationField); + SuccessOrExit( + error = aTlsContext.GetThreadAttributeFromPeerCertificate( + kCertificateAuthorizationField, reinterpret_cast(&mCommissionerAuthorizationField), &len)); + VerifyOrExit(len == sizeof(mCommissionerAuthorizationField), error = kErrorParse); + VerifyOrExit((mCommissionerAuthorizationField.mHeader & kCommissionerFlag) == 1, error = kErrorParse); + + len = sizeof(mDeviceAuthorizationField); + SuccessOrExit(error = aTlsContext.GetThreadAttributeFromOwnCertificate( + kCertificateAuthorizationField, reinterpret_cast(&mDeviceAuthorizationField), &len)); + VerifyOrExit(len == sizeof(mDeviceAuthorizationField), error = kErrorParse); + VerifyOrExit((mDeviceAuthorizationField.mHeader & kCommissionerFlag) == 0, error = kErrorParse); + + mCommissionerHasDomainName = false; + mCommissionerHasNetworkName = false; + mCommissionerHasExtendedPanId = false; + + len = sizeof(mCommissionerDomainName) - 1; + if (aTlsContext.GetThreadAttributeFromPeerCertificate( + kCertificateDomainName, reinterpret_cast(&mCommissionerDomainName), &len) == kErrorNone) + { + mCommissionerDomainName.m8[len] = '\0'; + mCommissionerHasDomainName = true; + } + + len = sizeof(mCommissionerNetworkName) - 1; + if (aTlsContext.GetThreadAttributeFromPeerCertificate( + kCertificateNetworkName, reinterpret_cast(&mCommissionerNetworkName), &len) == kErrorNone) + { + mCommissionerNetworkName.m8[len] = '\0'; + mCommissionerHasNetworkName = true; + } + + len = sizeof(mCommissionerExtendedPanId); + if (aTlsContext.GetThreadAttributeFromPeerCertificate( + kCertificateExtendedPanId, reinterpret_cast(&mCommissionerExtendedPanId), &len) == kErrorNone) + { + if (len == sizeof(mCommissionerExtendedPanId)) + { + mCommissionerHasExtendedPanId = true; + } + } + + mCurrentApplicationProtocol = kApplicationProtocolNone; + mCurrentServiceName[0] = 0; + mState = kStateConnected; + mAlreadyCommissioned = Get().IsCommissioned(); + LogInfo("TCAT agent connected"); + +exit: + return error; +} + +void TcatAgent::Disconnected(void) +{ + mCurrentApplicationProtocol = kApplicationProtocolNone; + mAlreadyCommissioned = false; + + if (mState != kStateDisabled) + { + mState = kStateEnabled; + } + + LogInfo("TCAT agent disconnected"); +} + +bool TcatAgent::CheckCommandClassAuthorizationFlags(CommandClassFlags aCommissionerCommandClassFlags, + CommandClassFlags aDeviceCommandClassFlags, + Dataset *aDataset) const +{ + bool authorized = false; + bool additionalDeviceRequirementMet = false; + bool domainNamesMatch = false; + bool networkNamesMatch = false; + bool extendedPanIdsMatch = false; + + VerifyOrExit(IsConnected()); + VerifyOrExit(aCommissionerCommandClassFlags & kAccessFlag); + + if (aDeviceCommandClassFlags & kAccessFlag) + { + additionalDeviceRequirementMet = true; + } + + if (aDeviceCommandClassFlags & kPskdFlag) + { + additionalDeviceRequirementMet = true; + } + + if (aDeviceCommandClassFlags & kPskcFlag) + { + additionalDeviceRequirementMet = true; + } + + if (mCommissionerHasNetworkName || mCommissionerHasExtendedPanId) + { + Dataset::Info datasetInfo; + Error datasetError = kErrorNone; + + if (aDataset == nullptr) + { + datasetError = Get().Read(datasetInfo); + } + else + { + aDataset->ConvertTo(datasetInfo); + } + + if (datasetError == kErrorNone) + { + if (datasetInfo.IsNetworkNamePresent() && mCommissionerHasNetworkName && + (datasetInfo.GetNetworkName() == mCommissionerNetworkName)) + { + networkNamesMatch = true; + } + + if (datasetInfo.IsExtendedPanIdPresent() && mCommissionerHasExtendedPanId && + (datasetInfo.GetExtendedPanId() == mCommissionerExtendedPanId)) + { + extendedPanIdsMatch = true; + } + } + } + + if (!networkNamesMatch) + { + VerifyOrExit((aCommissionerCommandClassFlags & kNetworkNameFlag) == 0); + } + else if (aDeviceCommandClassFlags & kNetworkNameFlag) + { + additionalDeviceRequirementMet = true; + } + + if (!extendedPanIdsMatch) + { + VerifyOrExit((aCommissionerCommandClassFlags & kExtendedPanIdFlag) == 0); + } + else if (aDeviceCommandClassFlags & kExtendedPanIdFlag) + { + additionalDeviceRequirementMet = true; + } + +#if (OPENTHREAD_CONFIG_THREAD_VERSION >= OT_THREAD_VERSION_1_2) + VerifyOrExit((aCommissionerCommandClassFlags & kThreadDomainFlag) == 0); +#endif + + if (!domainNamesMatch) + { + VerifyOrExit((aCommissionerCommandClassFlags & kThreadDomainFlag) == 0); + } + else if (aDeviceCommandClassFlags & kThreadDomainFlag) + { + additionalDeviceRequirementMet = true; + } + + if (additionalDeviceRequirementMet) + { + authorized = true; + } + +exit: + return authorized; +} + +bool TcatAgent::IsCommandClassAuthorized(CommandClass aCommandClass) const +{ + bool authorized = false; + + switch (aCommandClass) + { + case kGeneral: + authorized = true; + break; + + case kCommissioning: + authorized = CheckCommandClassAuthorizationFlags(mCommissionerAuthorizationField.mCommissioningFlags, + mDeviceAuthorizationField.mCommissioningFlags, nullptr); + break; + + case kExtraction: + authorized = CheckCommandClassAuthorizationFlags(mCommissionerAuthorizationField.mExtractionFlags, + mDeviceAuthorizationField.mExtractionFlags, nullptr); + break; + + case kTlvDecommissioning: + authorized = CheckCommandClassAuthorizationFlags(mCommissionerAuthorizationField.mDecommissioningFlags, + mDeviceAuthorizationField.mDecommissioningFlags, nullptr); + break; + + case kApplication: + authorized = CheckCommandClassAuthorizationFlags(mCommissionerAuthorizationField.mApplicationFlags, + mDeviceAuthorizationField.mApplicationFlags, nullptr); + break; + + case kInvalid: + authorized = false; + break; + } + + return authorized; +} + +TcatAgent::CommandClass TcatAgent::GetCommandClass(uint8_t aTlvType) const +{ + static constexpr int kGeneralTlvs = 0x1F; + static constexpr int kCommissioningTlvs = 0x3F; + static constexpr int kExtractionTlvs = 0x5F; + static constexpr int kTlvDecommissioningTlvs = 0x7F; + static constexpr int kApplicationTlvs = 0x9F; + + if (aTlvType <= kGeneralTlvs) + { + return kGeneral; + } + else if (aTlvType <= kCommissioningTlvs) + { + return kCommissioning; + } + else if (aTlvType <= kExtractionTlvs) + { + return kExtraction; + } + else if (aTlvType <= kTlvDecommissioningTlvs) + { + return kTlvDecommissioning; + } + else if (aTlvType <= kApplicationTlvs) + { + return kApplication; + } + else + { + return kInvalid; + } +} + +bool TcatAgent::CanProcessTlv(uint8_t aTlvType) const +{ + CommandClass tlvCommandClass = GetCommandClass(aTlvType); + return IsCommandClassAuthorized(tlvCommandClass); +} + +Error TcatAgent::HandleSingleTlv(const Message &aIncommingMessage, Message &aOutgoingMessage) +{ + Error error = kErrorParse; + ot::Tlv tlv; + uint16_t offset = aIncommingMessage.GetOffset(); + uint16_t length; + bool response = false; + + VerifyOrExit(IsConnected(), error = kErrorInvalidState); + SuccessOrExit(error = aIncommingMessage.Read(offset, tlv)); + + if (tlv.IsExtended()) + { + ot::ExtendedTlv extTlv; + SuccessOrExit(error = aIncommingMessage.Read(offset, extTlv)); + length = extTlv.GetLength(); + offset += sizeof(ot::ExtendedTlv); + } + else + { + length = tlv.GetLength(); + offset += sizeof(ot::Tlv); + } + + if (!CanProcessTlv(tlv.GetType())) + { + error = kErrorRejected; + } + else + { + switch (tlv.GetType()) + { + case kTlvDisconnect: + error = kErrorAbort; + break; + + case kTlvSetActiveOperationalDataset: + error = HandleSetActiveOperationalDataset(aIncommingMessage, offset, length); + break; + + case kTlvStartThreadInterface: + error = HandleStartThreadInterface(); + break; + + case kTlvStopThreadInterface: + error = otThreadSetEnabled(&GetInstance(), false); + break; + + case kTlvSendApplicationData: + LogInfo("Application data len:%d, offset:%d", length, offset); + mAppDataReceiveCallback.InvokeIfSet(&GetInstance(), &aIncommingMessage, offset, + MapEnum(mCurrentApplicationProtocol), mCurrentServiceName); + response = true; + error = kErrorNone; + break; + + default: + error = kErrorInvalidCommand; + } + } + + if (!response) + { + StatusCode statusCode; + + switch (error) + { + case kErrorNone: + statusCode = kStatusSuccess; + break; + + case kErrorInvalidState: + statusCode = kStatusUndefined; + break; + + case kErrorParse: + statusCode = kStatusParseError; + break; + + case kErrorInvalidCommand: + statusCode = kStatusUnsupported; + break; + + case kErrorRejected: + statusCode = kStatusUnauthorized; + break; + + case kErrorNotImplemented: + statusCode = kStatusUnsupported; + break; + + default: + statusCode = kStatusGeneralError; + break; + } + + SuccessOrExit(error = ot::Tlv::Append(aOutgoingMessage, statusCode)); + } + +exit: + return error; +} + +Error TcatAgent::HandleSetActiveOperationalDataset(const Message &aIncommingMessage, uint16_t aOffset, uint16_t aLength) +{ + Dataset dataset; + otOperationalDatasetTlvs datasetTlvs; + Error error; + + SuccessOrExit(error = dataset.ReadFromMessage(aIncommingMessage, aOffset, aLength)); + + if (!CheckCommandClassAuthorizationFlags(mCommissionerAuthorizationField.mApplicationFlags, + mDeviceAuthorizationField.mApplicationFlags, &dataset)) + { + error = kErrorRejected; + ExitNow(); + } + + dataset.ConvertTo(datasetTlvs); + error = Get().Save(datasetTlvs); + +exit: + return error; +} + +Error TcatAgent::HandleStartThreadInterface(void) +{ + Error error; + Dataset::Info datasetInfo; + + VerifyOrExit(Get().Read(datasetInfo) == kErrorNone, error = kErrorInvalidState); + VerifyOrExit(datasetInfo.IsNetworkKeyPresent(), error = kErrorInvalidState); + +#if OPENTHREAD_CONFIG_LINK_RAW_ENABLE + VerifyOrExit(!Get().IsEnabled(), error = kErrorInvalidState); +#endif + + Get().Up(); + error = Get().Start(); + +exit: + return error; +} + +#if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_WARN) +void TcatAgent::LogError(const char *aActionText, Error aError) +{ + if (aError != kErrorNone) + { + LogWarn("Failed to %s: %s", aActionText, ErrorToString(aError)); + } +} +#endif + +} // namespace MeshCoP +} // namespace ot + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE diff --git a/src/core/meshcop/tcat_agent.hpp b/src/core/meshcop/tcat_agent.hpp new file mode 100644 index 00000000000..d2dd9f340c8 --- /dev/null +++ b/src/core/meshcop/tcat_agent.hpp @@ -0,0 +1,374 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * Implements the TCAT Agent service. + */ + +#ifndef TCAT_AGENT_HPP_ +#define TCAT_AGENT_HPP_ + +#include "openthread-core-config.h" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#include +#include + +#include "common/as_core_type.hpp" +#include "common/callback.hpp" +#include "common/locator.hpp" +#include "common/log.hpp" +#include "common/message.hpp" +#include "common/non_copyable.hpp" +#include "mac/mac_types.hpp" +#include "meshcop/dataset.hpp" +#include "meshcop/meshcop.hpp" +#include "meshcop/meshcop_tlvs.hpp" +#include "meshcop/secure_transport.hpp" + +namespace ot { + +namespace Ble { +class BleSecure; +} + +namespace MeshCoP { + +class TcatAgent : public InstanceLocator, private NonCopyable +{ +public: + /** + * Pointer to call when application data was received over the TLS connection. + * + * Please see otHandleTcatApplicationDataReceive for details. + * + */ + typedef otHandleTcatApplicationDataReceive AppDataReceiveCallback; + + /** + * Pointer to call to notify the completion of a join operation. + * + * Please see otHandleTcatJoin for details. + * + */ + typedef otHandleTcatJoin JoinCallback; + + /** + * Represents a TCAT command class. + * + */ + enum CommandClass + { + kGeneral = OT_TCAT_COMMAND_CLASS_GENERAL, ///< TCAT commands related to general operations + kCommissioning = OT_TCAT_COMMAND_CLASS_COMMISSIONING, ///< TCAT commands related to commissioning + kExtraction = OT_TCAT_COMMAND_CLASS_EXTRACTION, ///< TCAT commands related to key extraction + kTlvDecommissioning = OT_TCAT_COMMAND_CLASS_DECOMMISSIONING, ///< TCAT commands related to de-commissioning + kApplication = OT_TCAT_COMMAND_CLASS_APPLICATION, ///< TCAT commands related to application layer + kInvalid ///< TCAT command belongs to reserved pool or is invalid + }; + + /** + * The certificate authorization field header type to indicate the type and version of the certificate. + * + */ + enum CertificateAuthorizationFieldHeader : uint8_t + { + kCommissionerFlag = 1 << 0, ///< TCAT commissioner ('1') or device ('0') + kHeaderVersion = 0xD0, ///< Header version (3 bits) + }; + + /** + * The command class flag type to indicate which requirements apply for a given command class. + * + */ + enum CommandClassFlags : uint8_t + { + kAccessFlag = 1 << 0, ///< Access to the command class (device: without without additional requirements). + kPskdFlag = 1 << 1, ///< Access requires proof-of-possession of the device's PSKd + kNetworkNameFlag = 1 << 2, ///< Access requires matching network name + kExtendedPanIdFlag = 1 << 3, ///< Access requires matching XPANID + kThreadDomainFlag = 1 << 4, ///< Access requires matching XPANID + kPskcFlag = 1 << 5, ///< Access requires proof-of-possession of the device's PSKc + }; + + /** + * + * Represents a data structure for storing TCAT Commissioner authorization information in the + * certificate ASN.1 field 1.3.6.1.4.1.44970.3. + * + */ + OT_TOOL_PACKED_BEGIN + struct CertificateAuthorizationField + { + CertificateAuthorizationFieldHeader mHeader; ///< Typ and version + CommandClassFlags mCommissioningFlags; ///< Command class flags + CommandClassFlags mExtractionFlags; ///< Command class flags + CommandClassFlags mDecommissioningFlags; ///< Command class flags + CommandClassFlags mApplicationFlags; ///< Command class flags + + } OT_TOOL_PACKED_END; + + typedef CertificateAuthorizationField CertificateAuthorizationField; + + /** + * Represents the TCAT vendor information. + * + */ + class VendorInfo : public otTcatVendorInfo + { + public: + /** + * Validates whether the TCAT vendor information is valid. + * + * @returns Whether the parameters are valid. + * + */ + bool IsValid(void) const; + }; + + /** + * TCAT TLV Types. + * + */ + enum TlvType : uint8_t + { + // Command Class General + kTlvResponseWithStatus = 1, ///< TCAT response with status value TLV + kTlvResponseWithPayload = 2, ///< TCAT response with payload TLV + kTlvResponseEvent = 3, ///< TCAT response event TLV (reserved) + kTlvGetNetworkName = 8, ///< TCAT network name query TLV + kTlvDisconnect = 9, ///< TCAT disconnect request TLV + kTlvPing = 10, ///< TCAT ping request TLV + kTlvGetDeviceId = 11, ///< TCAT device ID query TLV + kTlvGetExtendedPanID = 12, ///< TCAT extended PAN ID query TLV + kTlvPresentPskdHash = 16, ///< TCAT commissioner rights elevation request TLV using PSKd hash + kTlvPresentPskcHash = 17, ///< TCAT commissioner rights elevation request TLV using PSKc hash + kTlvPresentInstallCodeHash = 18, ///< TCAT commissioner rights elevation request TLV using install code + kTlvRequestRandomNumChallenge = 19, ///< TCAT random number challenge query TLV + kTlvRequestPskdHash = 20, ///< TCAT PSKd hash request TLV + + // Command Class Commissioning + kTlvSetActiveOperationalDataset = 32, ///< TCAT active operational dataset TLV + kTlvSetActiveOperationalDatasetAlternative = 33, ///< TCAT active operational dataset alternative #1 TLV + kTlvGetProvisioningTlvs = 36, ///< TCAT provisioning TLVs query TLV + kTlvGetCommissionerCertificate = 37, ///< TCAT commissioner certificate query TLV + kTlvGetDiagnosticTlvs = 38, ///< TCAT diagnostics TLVs query TLV + kTlvStartThreadInterface = 39, ///< TCAT start thread interface request TLV + kTlvStopThreadInterface = 40, ///< TCAT stop thread interface request TLV + + // Command Class Extraction + kTlvGetActiveOperationalDataset = 64, ///< TCAT active oerational dataset query TLV + kTlvGetActiveOperationalDatasetAlternative = 65, ///< TCAT active oerational dataset alternative #1 query TLV + + // Command Class Decommissioning + kTlvDecommission = 96, ///< TCAT decommission request TLV + + // Command Class Application + kTlvSelectApplicationLayerUdp = 128, ///< TCAT select UDP protocol application layer request TLV + kTlvSelectApplicationLayerTcp = 129, ///< TCAT select TCP protocol application layer request TLV + kTlvSendApplicationData = 130, ///< TCAT send application data TLV + kTlvSendVendorSpecificData = 159, ///< TCAT send vendor specific command or data TLV + + // Command Class CCM + kTlvSetLDevIdOperationalCert = 160, ///< TCAT LDevID operational certificate TLV + kTlvSetLDevIdPrivateKey = 161, ///< TCAT LDevID operational certificate pricate key TLV + kTlvSetDomainCaCert = 162, ///< TCAT domain CA certificate TLV + }; + + /** + * TCAT Response Types. + * + */ + enum StatusCode : uint8_t + { + kStatusSuccess = OT_TCAT_STATUS_SUCCESS, ///< Command or request was successfully processed + kStatusUnsupported = OT_TCAT_STATUS_UNSUPPORTED, ///< Requested command or received TLV is not supported + kStatusParseError = OT_TCAT_STATUS_PARSE_ERROR, ///< Request / command could not be parsed correctly + kStatusValueError = OT_TCAT_STATUS_VALUE_ERROR, ///< The value of the transmitted TLV has an error + kStatusGeneralError = OT_TCAT_STATUS_GENERAL_ERROR, ///< An error not matching any other category occurred + kStatusBusy = OT_TCAT_STATUS_BUSY, ///< Command cannot be executed because the resource is busy + kStatusUndefined = OT_TCAT_STATUS_UNDEFINED, ///< The requested value, data or service is not defined + ///< (currently) or not present + kStatusHashError = OT_TCAT_STATUS_HASH_ERROR, ///< The hash value presented by the commissioner was incorrect + kStatusUnauthorized = + OT_TCAT_STATUS_UNAUTHORIZED, ///< Sender does not have sufficient authorization for the given command + }; + + /** + * Represents TCAT application protocol. + * + */ + enum TcatApplicationProtocol : uint8_t + { + kApplicationProtocolNone = + OT_TCAT_APPLICATION_PROTOCOL_NONE, ///< Message which has been sent without activating the TCAT agent + kApplicationProtocolUdp = OT_TCAT_APPLICATION_PROTOCOL_STATUS, ///< Message directed to a UDP service + kApplicationProtocolTcp = OT_TCAT_APPLICATION_PROTOCOL_TCP, ///< Message directed to a TCP service + }; + + /** + * Represents a TCAT certificate V3 extension attribute (OID 1.3.6.1.4.1.44970.x). + * + */ + enum TcatCertificateAttribute + { + kCertificateDomainName = 1, + kCertificateAuthorizationField = 3, + kCertificateNetworkName = 4, + kCertificateExtendedPanId = 5, + }; + + /** + * Represents TCAT status. + * + */ + enum State : uint8_t + { + kStateDisabled, + kStateEnabled, + kStateConnected, + }; + + /** + * Initializes the Joiner object. + * + * @param[in] aInstance A reference to the OpenThread instance. + * + */ + explicit TcatAgent(Instance &aInstance); + + /** + * Enables the TCAT protocol. + * + * @param[in] aVendorInfo A pointer to the Vendor Information (must remain valid after the method + * call, may be NULL). + * @param[in] aAppDataReceiveCallback A pointer to a function that is called when the user data is received. + * @param[in] aHandler A pointer to a function that is called when the join operation completes. + * @param[in] aContext A context pointer. + * + * @retval kErrorNone Successfully started the TCAT agent. + * @retval kErrorInvalidArgs The aVendorInfo is invalid. + * + */ + Error Start(const VendorInfo &aVendorInfo, + AppDataReceiveCallback aAppDataReceiveCallback, + JoinCallback aHandler, + void *aContext); + + /** + * Stops the TCAT protocol. + * + */ + void Stop(void); + + /** + * Indicates whether or not the TCAT agent is enabled. + * + * @retval TRUE The TCAT agent is enabled. + * @retval FALSE The TCAT agent is not enabled. + * + */ + bool IsEnabled(void) const { return mState != kStateDisabled; } + + /** + * Indicates whether or not the TCAT agent is connected. + * + * @retval TRUE The TCAT agent is connected. + * @retval FALSE The TCAT agent is not connected. + * + */ + bool IsConnected(void) const { return mState == kStateConnected; } + + /** + * Indicates whether or not a command class is authorized. + * + * @param[in] aCommandClass Command class to subject for authorization check. + * + * @retval TRUE The command class is authorized. + * @retval FALSE The command class is not authorized. + * + */ + bool IsCommandClassAuthorized(CommandClass aCommandClass) const; + +private: + Error Connected(MeshCoP::SecureTransport &aTlsContext); + void Disconnected(void); + + Error HandleSingleTlv(const Message &aIncommingMessage, Message &aOutgoingMessage); + Error HandleSetActiveOperationalDataset(const Message &aIncommingMessage, uint16_t aOffset, uint16_t aLength); + Error HandleStartThreadInterface(void); + +#if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_WARN) + void LogError(const char *aActionText, Error aError); +#else + void LogError(const char *, Error) {} +#endif + + bool CheckCommandClassAuthorizationFlags(CommandClassFlags aCommissionerCommandClassFlags, + CommandClassFlags aDeviceCommandClassFlags, + Dataset *aDataset) const; + bool CanProcessTlv(uint8_t aTlvType) const; + CommandClass GetCommandClass(uint8_t aTlvType) const; + + static constexpr uint16_t kJoinerUdpPort = OPENTHREAD_CONFIG_JOINER_UDP_PORT; + + JoinerPskd mJoinerPskd; + const VendorInfo *mVendorInfo; + Callback mJoinCallback; + Callback mAppDataReceiveCallback; + CertificateAuthorizationField mCommissionerAuthorizationField; + CertificateAuthorizationField mDeviceAuthorizationField; + TcatApplicationProtocol mCurrentApplicationProtocol; + NetworkName mCommissionerNetworkName; + NetworkName mCommissionerDomainName; + ExtendedPanId mCommissionerExtendedPanId; + char mCurrentServiceName[OT_TCAT_MAX_SERVICE_NAME_LENGTH + 1]; + State mState; + bool mAlreadyCommissioned : 1; + bool mCommissionerHasNetworkName : 1; + bool mCommissionerHasDomainName : 1; + bool mCommissionerHasExtendedPanId : 1; + + friend class Ble::BleSecure; +}; + +} // namespace MeshCoP + +DefineCoreType(otTcatVendorInfo, MeshCoP::TcatAgent::VendorInfo); + +DefineMapEnum(otTcatApplicationProtocol, MeshCoP::TcatAgent::TcatApplicationProtocol); + +typedef UintTlvInfo ResponseWithStatusTlv; + +} // namespace ot + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#endif // TCAT_AGENT_HPP_ diff --git a/src/core/openthread-core-config.h b/src/core/openthread-core-config.h index ea238fb1f8a..79640a84fb8 100644 --- a/src/core/openthread-core-config.h +++ b/src/core/openthread-core-config.h @@ -88,7 +88,6 @@ #include "config/dns_client.h" #include "config/dns_dso.h" #include "config/dnssd_server.h" -#include "config/dtls.h" #include "config/history_tracker.h" #include "config/ip6.h" #include "config/joiner.h" @@ -109,6 +108,7 @@ #include "config/platform.h" #include "config/power_calibration.h" #include "config/radio_link.h" +#include "config/secure_transport.h" #include "config/sntp_client.h" #include "config/srp_client.h" #include "config/srp_server.h" diff --git a/src/core/radio/ble_secure.cpp b/src/core/radio/ble_secure.cpp new file mode 100644 index 00000000000..fe0a6f5c3c3 --- /dev/null +++ b/src/core/radio/ble_secure.cpp @@ -0,0 +1,544 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "ble_secure.hpp" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#include +#include "common/locator_getters.hpp" +#include "common/log.hpp" +#include "common/tlvs.hpp" +#include "instance/instance.hpp" +#include "meshcop/secure_transport.hpp" + +using namespace ot; + +/** + * @file + * This file implements the secure Ble agent. + */ + +namespace ot { +namespace Ble { + +RegisterLogModule("BleSecure"); + +BleSecure::BleSecure(Instance &aInstance) + : InstanceLocator(aInstance) + , mTls(aInstance, false, false) + , mTcatAgent(aInstance) + , mTlvMode(false) + , mReceivedMessage(nullptr) + , mSendMessage(nullptr) + , mTransmitTask(aInstance) + , mBleState(kStopped) + , mMtuSize(kInitialMtuSize) +{ +} + +Error BleSecure::Start(ConnectCallback aConnectHandler, ReceiveCallback aReceiveHandler, bool aTlvMode, void *aContext) +{ + Error error = kErrorNone; + + VerifyOrExit(mBleState == kStopped, error = kErrorAlready); + + mConnectCallback.Set(aConnectHandler, aContext); + mReceiveCallback.Set(aReceiveHandler, aContext); + mTlvMode = aTlvMode; + mMtuSize = kInitialMtuSize; + + SuccessOrExit(error = otPlatBleEnable(&GetInstance())); + SuccessOrExit(error = otPlatBleGapAdvStart(&GetInstance(), OT_BLE_ADV_INTERVAL_DEFAULT)); + SuccessOrExit(error = mTls.Open(&BleSecure::HandleTlsReceive, &BleSecure::HandleTlsConnected, this)); + SuccessOrExit(error = mTls.Bind(HandleTransport, this)); + +exit: + if (error == kErrorNone) + { + mBleState = kAdvertising; + } + return error; +} + +Error BleSecure::TcatStart(const MeshCoP::TcatAgent::VendorInfo &aVendorInfo, + MeshCoP::TcatAgent::JoinCallback aJoinHandler) +{ + return mTcatAgent.Start(aVendorInfo, mReceiveCallback.GetHandler(), aJoinHandler, mReceiveCallback.GetContext()); +} + +void BleSecure::Stop(void) +{ + VerifyOrExit(mBleState != kStopped); + SuccessOrExit(otPlatBleGapAdvStop(&GetInstance())); + SuccessOrExit(otPlatBleDisable(&GetInstance())); + mBleState = kStopped; + mMtuSize = kInitialMtuSize; + + if (mTcatAgent.IsEnabled()) + { + mTcatAgent.Stop(); + } + + mTls.Close(); + + mTransmitQueue.DequeueAndFreeAll(); + + mConnectCallback.Clear(); + mReceiveCallback.Clear(); + + FreeMessage(mReceivedMessage); + mReceivedMessage = nullptr; + FreeMessage(mSendMessage); + mSendMessage = nullptr; + +exit: + return; +} + +Error BleSecure::Connect(void) +{ + Ip6::SockAddr sockaddr; + + return mTls.Connect(sockaddr); +} + +void BleSecure::Disconnect(void) +{ + if (mTls.IsConnected()) + { + mTls.Disconnect(); + } + + if (mBleState == kConnected) + { + IgnoreReturnValue(otPlatBleGapDisconnect(&GetInstance())); + } +} + +void BleSecure::SetPsk(const MeshCoP::JoinerPskd &aPskd) +{ + static_assert(static_cast(MeshCoP::JoinerPskd::kMaxLength) <= + static_cast(MeshCoP::SecureTransport::kPskMaxLength), + "The maximum length of TLS PSK is smaller than joiner PSKd"); + + SuccessOrAssert(mTls.SetPsk(reinterpret_cast(aPskd.GetAsCString()), aPskd.GetLength())); +} + +#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +Error BleSecure::GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLength) +{ + Error error; + + VerifyOrExit(aCertLength != nullptr, error = kErrorInvalidArgs); + + error = mTls.GetPeerCertificateBase64(aPeerCert, aCertLength, *aCertLength); + +exit: + return error; +} +#endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + +Error BleSecure::SendMessage(ot::Message &aMessage) +{ + Error error = kErrorNone; + + VerifyOrExit(IsConnected(), error = kErrorInvalidState); + if (mSendMessage == nullptr) + { + mSendMessage = Get().Allocate(Message::kTypeBle); + VerifyOrExit(mSendMessage != nullptr, error = kErrorNoBufs); + } + SuccessOrExit(error = mSendMessage->AppendBytesFromMessage(aMessage, 0, aMessage.GetLength())); + SuccessOrExit(error = Flush()); + +exit: + aMessage.Free(); + return error; +} + +Error BleSecure::Send(uint8_t *aBuf, uint16_t aLength) +{ + Error error = kErrorNone; + + VerifyOrExit(IsConnected(), error = kErrorInvalidState); + if (mSendMessage == nullptr) + { + mSendMessage = Get().Allocate(Message::kTypeBle); + VerifyOrExit(mSendMessage != nullptr, error = kErrorNoBufs); + } + SuccessOrExit(error = mSendMessage->AppendBytes(aBuf, aLength)); + +exit: + return error; +} + +Error BleSecure::SendApplicationTlv(uint8_t *aBuf, uint16_t aLength) +{ + Error error = kErrorNone; + if (aLength > Tlv::kBaseTlvMaxLength) + { + ot::ExtendedTlv tlv; + + tlv.SetType(ot::MeshCoP::TcatAgent::kTlvSendApplicationData); + tlv.SetLength(aLength); + SuccessOrExit(error = Send(reinterpret_cast(&tlv), sizeof(tlv))); + } + else + { + ot::Tlv tlv; + + tlv.SetType(ot::MeshCoP::TcatAgent::kTlvSendApplicationData); + tlv.SetLength((uint8_t)aLength); + SuccessOrExit(error = Send(reinterpret_cast(&tlv), sizeof(tlv))); + } + + error = Send(aBuf, aLength); +exit: + return error; +} + +Error BleSecure::Flush(void) +{ + Error error = kErrorNone; + + VerifyOrExit(IsConnected(), error = kErrorInvalidState); + VerifyOrExit(mSendMessage->GetLength() != 0, error = kErrorNone); + + mTransmitQueue.Enqueue(*mSendMessage); + mTransmitTask.Post(); + + mSendMessage = nullptr; + +exit: + return error; +} + +Error BleSecure::HandleBleReceive(uint8_t *aBuf, uint16_t aLength) +{ + ot::Message *message = nullptr; + Ip6::MessageInfo messageInfo; + Error error = kErrorNone; + + if ((message = Get().Allocate(Message::kTypeBle, 0)) == nullptr) + { + error = kErrorNoBufs; + ExitNow(); + } + SuccessOrExit(error = message->AppendBytes(aBuf, aLength)); + + // Cannot call Receive(..) directly because Setup(..) and mState are private + mTls.HandleUdpReceive(*message, messageInfo); + +exit: + FreeMessage(message); + return error; +} + +void BleSecure::HandleBleConnected(uint16_t aConnectionId) +{ + OT_UNUSED_VARIABLE(aConnectionId); + + mBleState = kConnected; + + IgnoreReturnValue(otPlatBleGattMtuGet(&GetInstance(), &mMtuSize)); + + mConnectCallback.InvokeIfSet(&GetInstance(), IsConnected(), true); +} + +void BleSecure::HandleBleDisconnected(uint16_t aConnectionId) +{ + OT_UNUSED_VARIABLE(aConnectionId); + + mBleState = kAdvertising; + mMtuSize = kInitialMtuSize; + + if (IsConnected()) + { + Disconnect(); // Stop TLS connection + } + + mConnectCallback.InvokeIfSet(&GetInstance(), false, false); +} + +Error BleSecure::HandleBleMtuUpdate(uint16_t aMtu) +{ + Error error = kErrorNone; + + if (aMtu <= OT_BLE_ATT_MTU_MAX) + { + mMtuSize = aMtu; + } + else + { + mMtuSize = OT_BLE_ATT_MTU_MAX; + error = kErrorInvalidArgs; + } + + return error; +} + +void BleSecure::HandleTlsConnected(void *aContext, bool aConnected) +{ + return static_cast(aContext)->HandleTlsConnected(aConnected); +} + +void BleSecure::HandleTlsConnected(bool aConnected) +{ + if (aConnected) + { + if (mReceivedMessage == nullptr) + { + mReceivedMessage = Get().Allocate(Message::kTypeBle); + } + + if (mTcatAgent.IsEnabled()) + { + IgnoreReturnValue(mTcatAgent.Connected(mTls)); + } + } + else + { + FreeMessage(mReceivedMessage); + mReceivedMessage = nullptr; + + if (mTcatAgent.IsEnabled()) + { + mTcatAgent.Disconnected(); + } + } + + mConnectCallback.InvokeIfSet(&GetInstance(), aConnected, true); +} + +void BleSecure::HandleTlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength) +{ + return static_cast(aContext)->HandleTlsReceive(aBuf, aLength); +} + +void BleSecure::HandleTlsReceive(uint8_t *aBuf, uint16_t aLength) +{ + VerifyOrExit(mReceivedMessage != nullptr); + + if (!mTlvMode) + { + SuccessOrExit(mReceivedMessage->AppendBytes(aBuf, aLength)); + mReceiveCallback.InvokeIfSet(&GetInstance(), mReceivedMessage, 0, OT_TCAT_APPLICATION_PROTOCOL_NONE, ""); + IgnoreReturnValue(mReceivedMessage->SetLength(0)); + } + else + { + ot::Tlv tlv; + uint32_t requiredBytes = sizeof(Tlv); + uint32_t offset; + + while (aLength > 0) + { + if (mReceivedMessage->GetLength() < requiredBytes) + { + uint32_t missingBytes = requiredBytes - mReceivedMessage->GetLength(); + + if (missingBytes > aLength) + { + SuccessOrExit(mReceivedMessage->AppendBytes(aBuf, aLength)); + break; + } + else + { + SuccessOrExit(mReceivedMessage->AppendBytes(aBuf, (uint16_t)missingBytes)); + aLength -= missingBytes; + aBuf += missingBytes; + } + } + + IgnoreReturnValue(mReceivedMessage->Read(0, tlv)); + + if (tlv.IsExtended()) + { + ot::ExtendedTlv extTlv; + requiredBytes = sizeof(extTlv); + + if (mReceivedMessage->GetLength() < requiredBytes) + { + continue; + } + + IgnoreReturnValue(mReceivedMessage->Read(0, extTlv)); + requiredBytes = extTlv.GetSize(); + offset = sizeof(extTlv); + } + else + { + requiredBytes = tlv.GetSize(); + offset = sizeof(tlv); + } + + if (mReceivedMessage->GetLength() < requiredBytes) + { + continue; + } + + // TLV fully loaded + + if (mTcatAgent.IsEnabled()) + { + ot::Message *message; + Error error = kErrorNone; + + message = Get().Allocate(Message::kTypeBle); + VerifyOrExit(message != nullptr, error = kErrorNoBufs); + + error = mTcatAgent.HandleSingleTlv(*mReceivedMessage, *message); + if (message->GetLength() != 0) + { + IgnoreReturnValue(SendMessage(*message)); + } + + if (error == kErrorAbort) + { + Disconnect(); + Stop(); + ExitNow(); + } + } + else + { + mReceivedMessage->SetOffset((uint16_t)offset); + mReceiveCallback.InvokeIfSet(&GetInstance(), mReceivedMessage, (int32_t)offset, + OT_TCAT_APPLICATION_PROTOCOL_NONE, ""); + } + + SuccessOrExit(mReceivedMessage->SetLength(0)); // also sets the offset to 0 + requiredBytes = sizeof(Tlv); + } + } + +exit: + return; +} + +void BleSecure::HandleTransmit(void) +{ + Error error = kErrorNone; + ot::Message *message = mTransmitQueue.GetHead(); + + VerifyOrExit(message != nullptr); + mTransmitQueue.Dequeue(*message); + + if (mTransmitQueue.GetHead() != nullptr) + { + mTransmitTask.Post(); + } + + SuccessOrExit(error = mTls.Send(*message, message->GetLength())); + +exit: + if (error != kErrorNone) + { + LogNote("Transmit: %s", ErrorToString(error)); + message->Free(); + } + else + { + LogDebg("Transmit: %s", ErrorToString(error)); + } +} + +Error BleSecure::HandleTransport(void *aContext, ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo) +{ + OT_UNUSED_VARIABLE(aMessageInfo); + return static_cast(aContext)->HandleTransport(aMessage); +} + +Error BleSecure::HandleTransport(ot::Message &aMessage) +{ + otBleRadioPacket packet; + uint16_t len = aMessage.GetLength(); + uint16_t offset = 0; + Error error = kErrorNone; + + while (len > 0) + { + if (len <= mMtuSize - kGattOverhead) + { + packet.mLength = len; + } + else + { + packet.mLength = mMtuSize - kGattOverhead; + } + + if (packet.mLength > kPacketBufferSize) + { + packet.mLength = kPacketBufferSize; + } + + IgnoreReturnValue(aMessage.Read(offset, mPacketBuffer, packet.mLength)); + packet.mValue = mPacketBuffer; + packet.mPower = OT_BLE_DEFAULT_POWER; + + SuccessOrExit(error = otPlatBleGattServerIndicate(&GetInstance(), kTxBleHandle, &packet)); + + len -= packet.mLength; + offset += packet.mLength; + } + + aMessage.Free(); +exit: + return error; +} + +} // namespace Ble +} // namespace ot + +void otPlatBleGattServerOnWriteRequest(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket) +{ + OT_UNUSED_VARIABLE(aHandle); // Only a single handle is expected for RX + + VerifyOrExit(aPacket != nullptr); + IgnoreReturnValue(AsCoreType(aInstance).Get().HandleBleReceive(aPacket->mValue, aPacket->mLength)); +exit: + return; +} + +void otPlatBleGapOnConnected(otInstance *aInstance, uint16_t aConnectionId) +{ + AsCoreType(aInstance).Get().HandleBleConnected(aConnectionId); +} + +void otPlatBleGapOnDisconnected(otInstance *aInstance, uint16_t aConnectionId) +{ + AsCoreType(aInstance).Get().HandleBleDisconnected(aConnectionId); +} + +void otPlatBleGattOnMtuUpdate(otInstance *aInstance, uint16_t aMtu) +{ + IgnoreReturnValue(AsCoreType(aInstance).Get().HandleBleMtuUpdate(aMtu)); +} + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE diff --git a/src/core/radio/ble_secure.hpp b/src/core/radio/ble_secure.hpp new file mode 100644 index 00000000000..63a86aacdc5 --- /dev/null +++ b/src/core/radio/ble_secure.hpp @@ -0,0 +1,489 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef BLE_SECURE_HPP_ +#define BLE_SECURE_HPP_ + +#include "openthread-core-config.h" + +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#include + +#include "meshcop/meshcop.hpp" +#include "meshcop/secure_transport.hpp" +#include "meshcop/tcat_agent.hpp" + +/** + * @file + * Includes definitions for the secure BLE agent. + */ + +namespace ot { + +namespace Ble { + +class BleSecure : public InstanceLocator, private NonCopyable +{ +public: + /** + * Pointer to call when the secure BLE connection state changes. + * + * Please see otHandleBleSecureConnect for details. + * + */ + typedef otHandleBleSecureConnect ConnectCallback; + + /** + * Pointer to call when data was received over the TLS connection. + * If line mode is activated the function is called only after EOL has been received. + * + * Please see otHandleBleSecureReceive for details. + * + */ + typedef otHandleBleSecureReceive ReceiveCallback; + + /** + * Represents a TCAT command class. + * + */ + typedef MeshCoP::TcatAgent::CommandClass CommandClass; + + /** + * Constructor initializes the object. + * + * @param[in] aInstance A reference to the OpenThread instance. + * + */ + explicit BleSecure(Instance &aInstance); + + /** + * Starts the secure BLE agent. + * + * @param[in] aConnectHandler A pointer to a function that will be called when the connection + * state changes. + * @param[in] aReceiveHandler A pointer to a function that will be called once data has been received + * over the TLS connection. + * @param[in] aTlvMode A boolean value indicating if line mode shall be activated. + * @param[in] aContext A pointer to arbitrary context information. May be NULL if not used. + * + * @retval kErrorNone Successfully started the BLE agent. + * @retval kErrorAlready Already started. + * + */ + Error Start(ConnectCallback aConnectHandler, ReceiveCallback aReceiveHandler, bool aTlvMode, void *aContext); + + /** + * Enables the TCAT protocol over BLE Secure. + * + * @param[in] aVendorInfo A reference to the Vendor Information (must remain valid after the method call) + * @param[in] aHandler Callback to a function that is called when the join operation completes. + * + * @retval kErrorNone Successfully started the BLE Secure Joiner role. + * @retval kErrorInvalidArgs The aVendorInfo is invalid. + * @retval kErrorInvaidState The BLE function has not been started or line mode is not selected. + * + */ + Error TcatStart(const MeshCoP::TcatAgent::VendorInfo &aVendorInfo, MeshCoP::TcatAgent::JoinCallback aHandler); + + /** + * Stops the secure BLE agent. + * + */ + void Stop(void); + + /** + * Initializes TLS session with a peer using an already open BLE connection. + * + * @retval kErrorNone Successfully started TLS connection. + * + */ + Error Connect(void); + + /** + * Stops the BLE and TLS connection. + * + */ + void Disconnect(void); + + /** + * Indicates whether or not the TLS session is active (connected or conneting). + * + * @retval TRUE If TLS session is active. + * @retval FALSE If TLS session is not active. + * + */ + bool IsConnectionActive(void) const { return mTls.IsConnectionActive(); } + + /** + * Indicates whether or not the TLS session is connected. + * + * @retval TRUE The TLS session is connected. + * @retval FALSE The TLS session is not connected. + * + */ + bool IsConnected(void) const { return mTls.IsConnected(); } + + /** + * Indicates whether or not the TCAT agent is enabled. + * + * @retval TRUE The TCAT agent is enabled. + * @retval FALSE The TCAT agent is not enabled. + * + */ + bool IsTcatEnabled(void) const { return mTcatAgent.IsEnabled(); } + + /** + * Indicates whether or not a TCAT command class is authorized. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aCommandClass A command class to check. + * + * @retval TRUE The command class is authorized. + * @retval FALSE The command class is not authorized. + * + */ + bool IsCommandClassAuthorized(CommandClass aCommandClass) const + { + return mTcatAgent.IsCommandClassAuthorized(aCommandClass); + } + + /** + * Sets the PSK. + * + * @param[in] aPsk A pointer to the PSK. + * @param[in] aPskLength The PSK length. + * + * @retval kErrorNone Successfully set the PSK. + * @retval kErrorInvalidArgs The PSK is invalid. + * + */ + Error SetPsk(const uint8_t *aPsk, uint8_t aPskLength) { return mTls.SetPsk(aPsk, aPskLength); } + + /** + * Sets the PSK. + * + * @param[in] aPskd A Joiner PSKd. + * + */ + void SetPsk(const MeshCoP::JoinerPskd &aPskd); + +#ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + /** + * Sets the Pre-Shared Key (PSK) for TLS sessions identified by a PSK. + * + * TLS mode "TLS with AES 128 CCM 8" for secure BLE. + * + * @param[in] aPsk A pointer to the PSK. + * @param[in] aPskLength The PSK char length. + * @param[in] aPskIdentity The Identity Name for the PSK. + * @param[in] aPskIdLength The PSK Identity Length. + * + */ + void SetPreSharedKey(const uint8_t *aPsk, uint16_t aPskLength, const uint8_t *aPskIdentity, uint16_t aPskIdLength) + { + mTls.SetPreSharedKey(aPsk, aPskLength, aPskIdentity, aPskIdLength); + } +#endif // MBEDTLS_KEY_EXCHANGE_PSK_ENABLED + +#ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + /** + * Sets a X509 certificate with corresponding private key for TLS session. + * + * TLS mode "ECDHE ECDSA with AES 128 CCM 8" for secure BLE. + * + * @param[in] aX509Cert A pointer to the PEM formatted X509 PEM certificate. + * @param[in] aX509Length The length of certificate. + * @param[in] aPrivateKey A pointer to the PEM formatted private key. + * @param[in] aPrivateKeyLength The length of the private key. + * + */ + void SetCertificate(const uint8_t *aX509Cert, + uint32_t aX509Length, + const uint8_t *aPrivateKey, + uint32_t aPrivateKeyLength) + { + mTls.SetCertificate(aX509Cert, aX509Length, aPrivateKey, aPrivateKeyLength); + } + + /** + * Sets the trusted top level CAs. It is needed for validate the certificate of the peer. + * + * TLS mode "ECDHE ECDSA with AES 128 CCM 8" for secure BLE. + * + * @param[in] aX509CaCertificateChain A pointer to the PEM formatted X509 CA chain. + * @param[in] aX509CaCertChainLength The length of chain. + * + */ + void SetCaCertificateChain(const uint8_t *aX509CaCertificateChain, uint32_t aX509CaCertChainLength) + { + mTls.SetCaCertificateChain(aX509CaCertificateChain, aX509CaCertChainLength); + } +#endif // MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + +#if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /** + * Returns the peer x509 certificate base64 encoded. + * + * TLS mode "ECDHE ECDSA with AES 128 CCM 8" for secure BLE. + * + * @param[out] aPeerCert A pointer to the base64 encoded certificate buffer. + * @param[out] aCertLength On input, the size the max size of @p aPeerCert. + * On output, the length of the base64 encoded peer certificate. + * + * @retval kErrorNone Successfully get the peer certificate. + * @retval kErrorInvalidArgs @p aInstance or @p aCertLength is invalid. + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNoBufs Can't allocate memory for certificate. + * + */ + Error GetPeerCertificateBase64(unsigned char *aPeerCert, size_t *aCertLength); +#endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /** + * Returns an attribute value identified by its OID from the subject + * of the peer x509 certificate. The peer OID is provided in binary format. + * The attribute length is set if the attribute was successfully read or zero + * if unsuccessful. The ASN.1 type as is set as defineded in the ITU-T X.690 standard + * if the attribute was successfully read. + * + * @param[in] aOid A pointer to the OID to be found. + * @param[in] aOidLength The length of the OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * @param[out] aAsn1Type A pointer to the ASN.1 type of the attribute written to the buffer. + * + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNone Successfully read attribute. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * + */ + Error GetPeerSubjectAttributeByOid(const char *aOid, + size_t aOidLength, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength, + int *aAsn1Type) + { + return mTls.GetPeerSubjectAttributeByOid(aOid, aOidLength, aAttributeBuffer, aAttributeLength, aAsn1Type); + } + + /** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the peer x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval kErrorNone Successfully read attribute. + * @retval kErrorNotFound The requested attribute was not found. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNotImplemented The value of aThreadOidDescriptor is >127. + * @retval kErrorParse The certificate extensions could not be parsed. + * + */ + Error GetThreadAttributeFromPeerCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) + { + return mTls.GetThreadAttributeFromPeerCertificate(aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); + } +#endif // defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + + /** + * Returns an attribute value for the OID 1.3.6.1.4.1.44970.x from the v3 extensions of + * the own x509 certificate, where the last digit x is set to aThreadOidDescriptor. + * The attribute length is set if the attribute was successfully read or zero if unsuccessful. + * Requires a connection to be active. + * + * @param[in] aThreadOidDescriptor The last digit of the Thread attribute OID. + * @param[out] aAttributeBuffer A pointer to the attribute buffer. + * @param[in,out] aAttributeLength On input, the size the max size of @p aAttributeBuffer. + * On output, the length of the attribute written to the buffer. + * + * @retval kErrorNone Successfully read attribute. + * @retval kErrorNotFound The requested attribute was not found. + * @retval kErrorNoBufs Insufficient memory for storing the attribute value. + * @retval kErrorInvalidState Not connected yet. + * @retval kErrorNotImplemented The value of aThreadOidDescriptor is >127. + * @retval kErrorParse The certificate extensions could not be parsed. + * + */ + Error GetThreadAttributeFromOwnCertificate(int aThreadOidDescriptor, + uint8_t *aAttributeBuffer, + size_t *aAttributeLength) + { + return mTls.GetThreadAttributeFromOwnCertificate(aThreadOidDescriptor, aAttributeBuffer, aAttributeLength); + } + + /** + * Sets the authentication mode for the BLE secure connection. It disables or enables the verification + * of peer certificate. + * + * @param[in] aVerifyPeerCertificate true, if the peer certificate should be verified + * + */ + void SetSslAuthMode(bool aVerifyPeerCertificate) { mTls.SetSslAuthMode(aVerifyPeerCertificate); } + + /** + * Sends a secure BLE message. + * + * @param[in] aMessage A pointer to the message to send. + * + * If the return value is kErrorNone, OpenThread takes ownership of @p aMessage, and the caller should no longer + * reference @p aMessage. If the return value is not kErrorNone, the caller retains ownership of @p aMessage, + * including freeing @p aMessage if the message buffer is no longer needed. + * + * @retval kErrorNone Successfully sent message. + * @retval kErrorNoBufs Failed to allocate buffer memory. + * @retval kErrorInvalidState TLS connection was not initialized. + * + */ + Error SendMessage(Message &aMessage); + + /** + * Sends a secure BLE data packet. + * + * @param[in] aBuf A pointer to the data to send as the Value of the TCAT Send Application Data TLV. + * @param[in] aLength A number indicating the length of the data buffer. + * + * @retval kErrorNone Successfully sent data. + * @retval kErrorNoBufs Failed to allocate buffer memory. + * @retval kErrorInvalidState TLS connection was not initialized. + * + */ + Error Send(uint8_t *aBuf, uint16_t aLength); + + /** + * Sends a secure BLE data packet containing a TCAT Send Application Data TLV. + * + * @param[in] aBuf A pointer to the data to send as the Value of the TCAT Send Application Data TLV. + * @param[in] aLength A number indicating the length of the data buffer. + * + * @retval kErrorNone Successfully sent data. + * @retval kErrorNoBufs Failed to allocate buffer memory. + * @retval kErrorInvalidState TLS connection was not initialized. + * + */ + Error SendApplicationTlv(uint8_t *aBuf, uint16_t aLength); + + /** + * Sends all remaining bytes in the send buffer. + * + * @retval kErrorNone Successfully enqueued data into the output interface. + * @retval kErrorNoBufs Failed to allocate buffer memory. + * @retval kErrorInvalidState TLS connection was not initialized. + * + */ + Error Flush(void); + + /** + * Used to pass data received over a BLE link to the secure BLE server. + * + * @param[in] aBuf A pointer to the data received. + * @param[in] aLength A number indicating the length of the data buffer. + * + */ + Error HandleBleReceive(uint8_t *aBuf, uint16_t aLength); + + /** + * Used to notify the secure BLE server that a BLE Device has been connected. + * + * @param[in] aConnectionId The identifier of the open connection. + * + */ + void HandleBleConnected(uint16_t aConnectionId); + + /** + * Used to notify the secure BLE server that the BLE Device has been disconnected. + * + * @param[in] aConnectionId The identifier of the open connection. + * + */ + void HandleBleDisconnected(uint16_t aConnectionId); + + /** + * Used to notify the secure BLE server that the BLE Device has updated ATT_MTU size. + * + * @param[in] aMtu The updated ATT_MTU value. + * + */ + Error HandleBleMtuUpdate(uint16_t aMtu); + +private: + enum BleState : uint8_t + { + kStopped = 0, // Ble secure not started. + kAdvertising = 1, // Ble secure not advertising. + kConnected = 2, // Ble secure not connected. + }; + + static constexpr uint8_t kInitialMtuSize = 23; // ATT_MTU + static constexpr uint8_t kGattOverhead = 3; // BLE GATT payload fits MTU size - 3 bytes + static constexpr uint8_t kPacketBufferSize = OT_BLE_ATT_MTU_MAX - kGattOverhead; + static constexpr uint16_t kTxBleHandle = 0; // Characteristics Handle for TX (not used) + + static void HandleTlsConnected(void *aContext, bool aConnected); + void HandleTlsConnected(bool aConnected); + + static void HandleTlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength); + void HandleTlsReceive(uint8_t *aBuf, uint16_t aLength); + + void HandleTransmit(void); + + static Error HandleTransport(void *aContext, ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo); + Error HandleTransport(ot::Message &aMessage); + + using TxTask = TaskletIn; + + MeshCoP::SecureTransport mTls; + MeshCoP::TcatAgent mTcatAgent; + Callback mConnectCallback; + Callback mReceiveCallback; + bool mTlvMode; + ot::Message *mReceivedMessage; + ot::Message *mSendMessage; + ot::MessageQueue mTransmitQueue; + TxTask mTransmitTask; + uint8_t mPacketBuffer[kPacketBufferSize]; + BleState mBleState; + uint16_t mMtuSize; +}; + +} // namespace Ble +} // namespace ot + +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + +#endif // BLE_SECURE_HPP_ diff --git a/src/core/thread/thread_netif.cpp b/src/core/thread/thread_netif.cpp index bba16dec63b..8e6848832f8 100644 --- a/src/core/thread/thread_netif.cpp +++ b/src/core/thread/thread_netif.cpp @@ -97,7 +97,7 @@ void ThreadNetif::Down(void) #if OPENTHREAD_CONFIG_DNSSD_SERVER_ENABLE Get().Stop(); #endif -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE Get().Stop(); #endif IgnoreError(Get().Stop()); diff --git a/src/core/thread/tmf.cpp b/src/core/thread/tmf.cpp index 583f6e29d7e..477e4d1edfd 100644 --- a/src/core/thread/tmf.cpp +++ b/src/core/thread/tmf.cpp @@ -271,7 +271,7 @@ Message::Priority Agent::DscpToPriority(uint8_t aDscp) return priority; } -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE SecureAgent::SecureAgent(Instance &aInstance) : Coap::CoapSecure(aInstance) @@ -329,7 +329,7 @@ bool SecureAgent::HandleResource(const char *aUriPath, Message &aMessage, const return didHandle; } -#endif // OPENTHREAD_CONFIG_DTLS_ENABLE +#endif // OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE } // namespace Tmf } // namespace ot diff --git a/src/core/thread/tmf.hpp b/src/core/thread/tmf.hpp index 3b38544442d..c90e24257cf 100644 --- a/src/core/thread/tmf.hpp +++ b/src/core/thread/tmf.hpp @@ -214,7 +214,7 @@ class Agent : public Coap::Coap static Error Filter(const Message &aMessage, const Ip6::MessageInfo &aMessageInfo, void *aContext); }; -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE /** * Implements functionality of the secure TMF agent. diff --git a/src/core/utils/heap.hpp b/src/core/utils/heap.hpp index c4125b14b1b..22868449c4e 100644 --- a/src/core/utils/heap.hpp +++ b/src/core/utils/heap.hpp @@ -227,7 +227,7 @@ class Heap : private NonCopyable size_t GetFreeSize(void) const { return mMemory.mFreeSize; } private: -#if OPENTHREAD_CONFIG_TLS_ENABLE || OPENTHREAD_CONFIG_DTLS_ENABLE +#if OPENTHREAD_CONFIG_TLS_ENABLE || OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE static constexpr uint16_t kMemorySize = OPENTHREAD_CONFIG_HEAP_INTERNAL_SIZE; #else static constexpr uint16_t kMemorySize = OPENTHREAD_CONFIG_HEAP_INTERNAL_SIZE_NO_DTLS; diff --git a/src/posix/platform/CMakeLists.txt b/src/posix/platform/CMakeLists.txt index defbf24240f..e9fb7c83a35 100644 --- a/src/posix/platform/CMakeLists.txt +++ b/src/posix/platform/CMakeLists.txt @@ -125,6 +125,7 @@ endif() add_library(openthread-posix alarm.cpp backtrace.cpp + ble.cpp configuration.cpp config_file.cpp daemon.cpp diff --git a/src/posix/platform/ble.cpp b/src/posix/platform/ble.cpp new file mode 100644 index 00000000000..2fe3c64535d --- /dev/null +++ b/src/posix/platform/ble.cpp @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +otError otPlatBleEnable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleDisable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStart(otInstance *aInstance, uint16_t aInterval) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aInterval); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStop(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapDisconnect(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattMtuGet(otInstance *aInstance, uint16_t *aMtu) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aMtu); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattServerIndicate(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHandle); + OT_UNUSED_VARIABLE(aPacket); + return OT_ERROR_NOT_IMPLEMENTED; +} diff --git a/tests/unit/test_platform.cpp b/tests/unit/test_platform.cpp index 8c339d44368..3617114281d 100644 --- a/tests/unit/test_platform.cpp +++ b/tests/unit/test_platform.cpp @@ -35,6 +35,9 @@ #include #include +#ifdef OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#include +#endif enum { @@ -681,5 +684,52 @@ OT_TOOL_WEAK otPlatMcuPowerState otPlatGetMcuPowerState(otInstance *aInstance) { OT_TOOL_WEAK otError otPlatSetMcuPowerState(otInstance *aInstance, otPlatMcuPowerState aState) { return OT_ERROR_NONE; } #endif // OPENTHREAD_CONFIG_NCP_ENABLE_MCU_POWER_STATE_CONTROL +#ifdef OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +otError otPlatBleEnable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleDisable(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStart(otInstance *aInstance, uint16_t aInterval) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aInterval); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapAdvStop(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGapDisconnect(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattMtuGet(otInstance *aInstance, uint16_t *aMtu) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aMtu); + return OT_ERROR_NOT_IMPLEMENTED; +} + +otError otPlatBleGattServerIndicate(otInstance *aInstance, uint16_t aHandle, const otBleRadioPacket *aPacket) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHandle); + OT_UNUSED_VARIABLE(aPacket); + return OT_ERROR_NOT_IMPLEMENTED; +} +#endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE } // extern "C" diff --git a/third_party/mbedtls/mbedtls-config.h b/third_party/mbedtls/mbedtls-config.h index fcb1739e13c..a3e06ac63ec 100644 --- a/third_party/mbedtls/mbedtls-config.h +++ b/third_party/mbedtls/mbedtls-config.h @@ -92,6 +92,10 @@ #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #endif +#if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE +#endif + #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_BASE64_C #define MBEDTLS_ECDH_C From 93ad60452486474ed8da25cfb6f2a07dd21583f2 Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Tue, 28 Nov 2023 11:22:21 +0100 Subject: [PATCH 007/121] [crypto] add error handling to PBDF2 generate key function (#9655) Add error handling to PBKDF2 generate key function. The PBKDF2 functions may fail and the error should be handled by the caller of the function. --- include/openthread/instance.h | 2 +- include/openthread/platform/crypto.h | 20 ++++++++------ src/core/crypto/crypto_platform.cpp | 39 +++++++++++++++++----------- src/core/meshcop/meshcop.cpp | 4 +-- 4 files changed, 39 insertions(+), 26 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index e32193881a0..ebc3fe122b4 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (381) +#define OPENTHREAD_API_VERSION (382) /** * @addtogroup api-instance diff --git a/include/openthread/platform/crypto.h b/include/openthread/platform/crypto.h index 8762fc2ce60..fe3c0ead536 100644 --- a/include/openthread/platform/crypto.h +++ b/include/openthread/platform/crypto.h @@ -743,14 +743,18 @@ otError otPlatCryptoEcdsaVerifyUsingKeyRef(otCryptoKeyRef aKe * @param[in] aKeyLen Length of generated key in bytes. * @param[out] aKey A pointer to the generated key. * - */ -void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, - uint16_t aPasswordLen, - const uint8_t *aSalt, - uint16_t aSaltLen, - uint32_t aIterationCounter, - uint16_t aKeyLen, - uint8_t *aKey); + * @retval OT_ERROR_NONE A new key-pair was generated successfully. + * @retval OT_ERROR_NO_BUFS Failed to allocate buffer for key generation. + * @retval OT_ERROR_NOT_CAPABLE Feature not supported. + * @retval OT_ERROR_FAILED Failed to generate key. + */ +otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, + uint16_t aPasswordLen, + const uint8_t *aSalt, + uint16_t aSaltLen, + uint32_t aIterationCounter, + uint16_t aKeyLen, + uint8_t *aKey); /** * @} diff --git a/src/core/crypto/crypto_platform.cpp b/src/core/crypto/crypto_platform.cpp index 6c7e54cee6f..0e8126e5be5 100644 --- a/src/core/crypto/crypto_platform.cpp +++ b/src/core/crypto/crypto_platform.cpp @@ -716,13 +716,13 @@ OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *a #if OPENTHREAD_FTD -OT_TOOL_WEAK void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, - uint16_t aPasswordLen, - const uint8_t *aSalt, - uint16_t aSaltLen, - uint32_t aIterationCounter, - uint16_t aKeyLen, - uint8_t *aKey) +OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, + uint16_t aPasswordLen, + const uint8_t *aSalt, + uint16_t aSaltLen, + uint32_t aIterationCounter, + uint16_t aKeyLen, + uint8_t *aKey) { #if (MBEDTLS_VERSION_NUMBER >= 0x03050000) const size_t kBlockSize = MBEDTLS_CMAC_MAX_BLOCK_SIZE; @@ -737,6 +737,8 @@ OT_TOOL_WEAK void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, uint8_t *key = aKey; uint16_t keyLen = aKeyLen; uint16_t useLen = 0; + Error error = kErrorNone; + int ret; OT_ASSERT(aSaltLen <= sizeof(prfInput)); memcpy(prfInput, aSalt, aSaltLen); @@ -757,12 +759,14 @@ OT_TOOL_WEAK void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, prfInput[aSaltLen + 3] = static_cast(blockCounter); // Calculate U_1 - mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, prfInput, aSaltLen + 4, - reinterpret_cast(keyBlock)); + ret = mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, prfInput, aSaltLen + 4, + reinterpret_cast(keyBlock)); + VerifyOrExit(ret == 0, error = MbedTls::MapError(ret)); // Calculate U_2 - mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(keyBlock), kBlockSize, - reinterpret_cast(prfOne)); + ret = mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(keyBlock), kBlockSize, + reinterpret_cast(prfOne)); + VerifyOrExit(ret == 0, error = MbedTls::MapError(ret)); for (uint32_t j = 0; j < kBlockSize / sizeof(long); ++j) { @@ -772,11 +776,13 @@ OT_TOOL_WEAK void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, for (uint32_t i = 1; i < aIterationCounter; ++i) { // Calculate U_{2 * i - 1} - mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(prfOne), kBlockSize, - reinterpret_cast(prfTwo)); + ret = mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(prfOne), + kBlockSize, reinterpret_cast(prfTwo)); + VerifyOrExit(ret == 0, error = MbedTls::MapError(ret)); // Calculate U_{2 * i} - mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(prfTwo), kBlockSize, - reinterpret_cast(prfOne)); + ret = mbedtls_aes_cmac_prf_128(aPassword, aPasswordLen, reinterpret_cast(prfTwo), + kBlockSize, reinterpret_cast(prfOne)); + VerifyOrExit(ret == 0, error = MbedTls::MapError(ret)); for (uint32_t j = 0; j < kBlockSize / sizeof(long); ++j) { @@ -789,6 +795,9 @@ OT_TOOL_WEAK void otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, key += useLen; keyLen -= useLen; } + +exit: + return error; } #endif // #if OPENTHREAD_FTD diff --git a/src/core/meshcop/meshcop.cpp b/src/core/meshcop/meshcop.cpp index 35ad539b544..d2d14c3218a 100644 --- a/src/core/meshcop/meshcop.cpp +++ b/src/core/meshcop/meshcop.cpp @@ -334,8 +334,8 @@ Error GeneratePskc(const char *aPassPhrase, memcpy(salt + saltLen, aNetworkName.GetAsCString(), networkNameLen); saltLen += networkNameLen; - otPlatCryptoPbkdf2GenerateKey(reinterpret_cast(aPassPhrase), passphraseLen, salt, saltLen, 16384, - OT_PSKC_MAX_SIZE, aPskc.m8); + error = otPlatCryptoPbkdf2GenerateKey(reinterpret_cast(aPassPhrase), passphraseLen, salt, saltLen, + 16384, OT_PSKC_MAX_SIZE, aPskc.m8); exit: return error; From e76ddf1050db1d75474046d6b421337572fa0718 Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Tue, 28 Nov 2023 11:29:23 +0100 Subject: [PATCH 008/121] [crypto] remove PSA mbedtls hybrid setup of PBKDF2 function (#9655) Remove PSA mbedtls hybrid setup of the PBKDF2 function. With Mbed TLS 3.5.0 release this function is now supported by PSA implementation. --- src/core/crypto/crypto_platform.cpp | 124 ++++++++++++++++------------ 1 file changed, 72 insertions(+), 52 deletions(-) diff --git a/src/core/crypto/crypto_platform.cpp b/src/core/crypto/crypto_platform.cpp index 0e8126e5be5..4865b08f1a5 100644 --- a/src/core/crypto/crypto_platform.cpp +++ b/src/core/crypto/crypto_platform.cpp @@ -662,58 +662,6 @@ OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *a #endif // #if !OPENTHREAD_RADIO -#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA - -#if !OPENTHREAD_RADIO -#if OPENTHREAD_CONFIG_ECDSA_ENABLE - -OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair) -{ - OT_UNUSED_VARIABLE(aKeyPair); - - return OT_ERROR_NOT_CAPABLE; -} - -OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair, - otPlatCryptoEcdsaPublicKey *aPublicKey) -{ - OT_UNUSED_VARIABLE(aKeyPair); - OT_UNUSED_VARIABLE(aPublicKey); - - return OT_ERROR_NOT_CAPABLE; -} - -OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair, - const otPlatCryptoSha256Hash *aHash, - otPlatCryptoEcdsaSignature *aSignature) -{ - OT_UNUSED_VARIABLE(aKeyPair); - OT_UNUSED_VARIABLE(aHash); - OT_UNUSED_VARIABLE(aSignature); - - return OT_ERROR_NOT_CAPABLE; -} - -OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey, - const otPlatCryptoSha256Hash *aHash, - const otPlatCryptoEcdsaSignature *aSignature) - -{ - OT_UNUSED_VARIABLE(aPublicKey); - OT_UNUSED_VARIABLE(aHash); - OT_UNUSED_VARIABLE(aSignature); - - return OT_ERROR_NOT_CAPABLE; -} -#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE - -#endif // #if !OPENTHREAD_RADIO - -#endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS - -//--------------------------------------------------------------------------------------------------------------------- -// APIs to be used in "hybrid" mode by every OPENTHREAD_CONFIG_CRYPTO_LIB variant until full PSA support is ready - #if OPENTHREAD_FTD OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, @@ -801,3 +749,75 @@ OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, } #endif // #if OPENTHREAD_FTD + +#elif OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA + +#if !OPENTHREAD_RADIO +#if OPENTHREAD_CONFIG_ECDSA_ENABLE + +OT_TOOL_WEAK otError otPlatCryptoEcdsaGenerateKey(otPlatCryptoEcdsaKeyPair *aKeyPair) +{ + OT_UNUSED_VARIABLE(aKeyPair); + + return OT_ERROR_NOT_CAPABLE; +} + +OT_TOOL_WEAK otError otPlatCryptoEcdsaGetPublicKey(const otPlatCryptoEcdsaKeyPair *aKeyPair, + otPlatCryptoEcdsaPublicKey *aPublicKey) +{ + OT_UNUSED_VARIABLE(aKeyPair); + OT_UNUSED_VARIABLE(aPublicKey); + + return OT_ERROR_NOT_CAPABLE; +} + +OT_TOOL_WEAK otError otPlatCryptoEcdsaSign(const otPlatCryptoEcdsaKeyPair *aKeyPair, + const otPlatCryptoSha256Hash *aHash, + otPlatCryptoEcdsaSignature *aSignature) +{ + OT_UNUSED_VARIABLE(aKeyPair); + OT_UNUSED_VARIABLE(aHash); + OT_UNUSED_VARIABLE(aSignature); + + return OT_ERROR_NOT_CAPABLE; +} + +OT_TOOL_WEAK otError otPlatCryptoEcdsaVerify(const otPlatCryptoEcdsaPublicKey *aPublicKey, + const otPlatCryptoSha256Hash *aHash, + const otPlatCryptoEcdsaSignature *aSignature) + +{ + OT_UNUSED_VARIABLE(aPublicKey); + OT_UNUSED_VARIABLE(aHash); + OT_UNUSED_VARIABLE(aSignature); + + return OT_ERROR_NOT_CAPABLE; +} +#endif // #if OPENTHREAD_CONFIG_ECDSA_ENABLE + +#endif // #if !OPENTHREAD_RADIO + +#if OPENTHREAD_FTD + +OT_TOOL_WEAK otError otPlatCryptoPbkdf2GenerateKey(const uint8_t *aPassword, + uint16_t aPasswordLen, + const uint8_t *aSalt, + uint16_t aSaltLen, + uint32_t aIterationCounter, + uint16_t aKeyLen, + uint8_t *aKey) +{ + OT_UNUSED_VARIABLE(aPassword); + OT_UNUSED_VARIABLE(aPasswordLen); + OT_UNUSED_VARIABLE(aSalt); + OT_UNUSED_VARIABLE(aSaltLen); + OT_UNUSED_VARIABLE(aIterationCounter); + OT_UNUSED_VARIABLE(aKeyLen); + OT_UNUSED_VARIABLE(aKey); + + return OT_ERROR_NOT_CAPABLE; +} + +#endif // #if OPENTHREAD_FTD + +#endif // #if OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_MBEDTLS From 19af7118b064bafefa9dffa8c1cfcfd6e3fad459 Mon Sep 17 00:00:00 2001 From: SherySheng Date: Tue, 5 Dec 2023 06:42:51 +0800 Subject: [PATCH 009/121] [telemetry] add api for DHCPv6 PD telemetry (#9645) --- include/openthread/border_routing.h | 26 ++++++++++++++++++ include/openthread/instance.h | 2 +- include/openthread/ip6.h | 2 ++ src/core/api/border_routing_api.cpp | 7 +++++ src/core/border_router/routing_manager.cpp | 32 +++++++++++++++++++++- src/core/border_router/routing_manager.hpp | 17 ++++++++++++ src/core/net/ip6.cpp | 19 +++++++++++-- 7 files changed, 100 insertions(+), 5 deletions(-) diff --git a/include/openthread/border_routing.h b/include/openthread/border_routing.h index 3fd95c6adf3..5236f0d9d18 100644 --- a/include/openthread/border_routing.h +++ b/include/openthread/border_routing.h @@ -118,6 +118,17 @@ typedef struct otBorderRoutingPrefixTableEntry uint32_t mPreferredLifetime; ///< Preferred lifetime of the on-link prefix when `mIsOnLink`. } otBorderRoutingPrefixTableEntry; +/** + * Represents a group of data of platform-generated RA messages processed. + * + */ +typedef struct otPdProcessedRaInfo +{ + uint32_t mNumPlatformRaReceived; ///< The number of platform generated RA handled by ProcessPlatfromGeneratedRa. + uint32_t mNumPlatformPioProcessed; ///< The number of PIO processed for adding OMR prefixes. + uint32_t mLastPlatformRaMsec; ///< The timestamp of last processed RA message. +} otPdProcessedRaInfo; + /** * Represents the state of Border Routing Manager. * @@ -307,6 +318,21 @@ otError otBorderRoutingGetOmrPrefix(otInstance *aInstance, otIp6Prefix *aPrefix) */ otError otBorderRoutingGetPdOmrPrefix(otInstance *aInstance, otBorderRoutingPrefixTableEntry *aPrefixInfo); +/** + * Gets the data of platform generated RA message processed.. + * + * `OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE` must be enabled. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[out] aPrefixInfo A pointer to where the prefix info will be output to. + * + * @retval OT_ERROR_NONE Successfully retrieved the Info. + * @retval OT_ERROR_INVALID_STATE The Border Routing Manager is not initialized yet. + * @retval OT_ERROR_NOT_FOUND There are no valid Info on this BR. + * + */ +otError otBorderRoutingGetPdProcessedRaInfo(otInstance *aInstance, otPdProcessedRaInfo *aPdProcessedRaInfo); + /** * Gets the currently favored Off-Mesh-Routable (OMR) Prefix. * diff --git a/include/openthread/instance.h b/include/openthread/instance.h index ebc3fe122b4..3a668cffe64 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (382) +#define OPENTHREAD_API_VERSION (383) /** * @addtogroup api-instance diff --git a/include/openthread/ip6.h b/include/openthread/ip6.h index 8b32d7ca4b0..8301ff93db5 100644 --- a/include/openthread/ip6.h +++ b/include/openthread/ip6.h @@ -907,6 +907,8 @@ typedef struct otBorderRoutingCounters otPacketsAndBytes mInboundMulticast; ///< The counters for inbound multicast. otPacketsAndBytes mOutboundUnicast; ///< The counters for outbound unicast. otPacketsAndBytes mOutboundMulticast; ///< The counters for outbound multicast. + otPacketsAndBytes mInboundInternet; ///< The counters for inbound Internet when DHCPv6 PD enabled. + otPacketsAndBytes mOutboundInternet; ///< The counters for outbound Internet when DHCPv6 PD enabled. uint32_t mRaRx; ///< The number of received RA packets. uint32_t mRaTxSuccess; ///< The number of RA packets successfully transmitted. uint32_t mRaTxFailure; ///< The number of RA packets failed to transmit. diff --git a/src/core/api/border_routing_api.cpp b/src/core/api/border_routing_api.cpp index 9fbfbcb4b29..b62ee704174 100644 --- a/src/core/api/border_routing_api.cpp +++ b/src/core/api/border_routing_api.cpp @@ -104,6 +104,13 @@ otError otBorderRoutingGetPdOmrPrefix(otInstance *aInstance, otBorderRoutingPref return AsCoreType(aInstance).Get().GetPdOmrPrefix(*aPrefixInfo); } + +otError otBorderRoutingGetPdProcessedRaInfo(otInstance *aInstance, otPdProcessedRaInfo *aPdProcessedRaInfo) +{ + AssertPointerIsNotNull(aPdProcessedRaInfo); + + return AsCoreType(aInstance).Get().GetPdProcessedRaInfo(*aPdProcessedRaInfo); +} #endif otError otBorderRoutingGetFavoredOmrPrefix(otInstance *aInstance, otIp6Prefix *aPrefix, otRoutePreference *aPreference) diff --git a/src/core/border_router/routing_manager.cpp b/src/core/border_router/routing_manager.cpp index e48536819e4..e981af5080f 100644 --- a/src/core/border_router/routing_manager.cpp +++ b/src/core/border_router/routing_manager.cpp @@ -211,6 +211,17 @@ Error RoutingManager::GetPdOmrPrefix(PrefixTableEntry &aPrefixInfo) const VerifyOrExit(IsInitialized(), error = kErrorInvalidState); error = mPdPrefixManager.GetPrefixInfo(aPrefixInfo); +exit: + return error; +} + +Error RoutingManager::GetPdProcessedRaInfo(PdProcessedRaInfo &aPdProcessedRaInfo) +{ + Error error = kErrorNone; + + VerifyOrExit(IsInitialized(), error = kErrorInvalidState); + error = mPdPrefixManager.GetProcessedRaInfo(aPdProcessedRaInfo); + exit: return error; } @@ -3453,6 +3464,9 @@ RoutingManager::PdPrefixManager::PdPrefixManager(Instance &aInstance) : InstanceLocator(aInstance) , mEnabled(false) , mIsRunning(false) + , mNumPlatformPioProcessed(0) + , mNumPlatformRaReceived(0) + , mLastPlatformRaTime(0) , mTimer(aInstance) { mPrefix.Clear(); @@ -3519,6 +3533,20 @@ Error RoutingManager::PdPrefixManager::GetPrefixInfo(PrefixTableEntry &aInfo) co return error; } +Error RoutingManager::PdPrefixManager::GetProcessedRaInfo(PdProcessedRaInfo &aPdProcessedRaInfo) const +{ + Error error = kErrorNone; + + VerifyOrExit(IsRunning() && HasPrefix(), error = kErrorNotFound); + + aPdProcessedRaInfo.mNumPlatformRaReceived = mNumPlatformRaReceived; + aPdProcessedRaInfo.mNumPlatformPioProcessed = mNumPlatformPioProcessed; + aPdProcessedRaInfo.mLastPlatformRaMsec = TimerMilli::GetNow() - mLastPlatformRaTime; + +exit: + return error; +} + void RoutingManager::PdPrefixManager::WithdrawPrefix(void) { VerifyOrExit(HasPrefix()); @@ -3542,6 +3570,8 @@ void RoutingManager::PdPrefixManager::ProcessPlatformGeneratedRa(const uint8_t * VerifyOrExit(IsRunning(), LogWarn("Ignore platform generated RA since PD is disabled or not running.")); packet.Init(aRouterAdvert, aLength); error = Process(Ip6::Nd::RouterAdvertMessage(packet)); + mNumPlatformRaReceived++; + mLastPlatformRaTime = TimerMilli::GetNow(); exit: if (error != kErrorNone) @@ -3568,7 +3598,7 @@ Error RoutingManager::PdPrefixManager::Process(const Ip6::Nd::RouterAdvertMessag { continue; } - + mNumPlatformPioProcessed++; entry.SetFrom(static_cast(option)); if (!IsValidPdPrefix(entry.GetPrefix())) diff --git a/src/core/border_router/routing_manager.hpp b/src/core/border_router/routing_manager.hpp index 10062e8f654..95a86f0e049 100644 --- a/src/core/border_router/routing_manager.hpp +++ b/src/core/border_router/routing_manager.hpp @@ -88,6 +88,7 @@ class RoutingManager : public InstanceLocator typedef otBorderRoutingPrefixTableIterator PrefixTableIterator; ///< Prefix Table Iterator. typedef otBorderRoutingPrefixTableEntry PrefixTableEntry; ///< Prefix Table Entry. typedef otBorderRoutingRouterEntry RouterEntry; ///< Router Entry. + typedef otPdProcessedRaInfo PdProcessedRaInfo; ///< Data of PdProcessedRaInfo. /** * This constant specifies the maximum number of route prefixes that may be published by `RoutingManager` @@ -292,6 +293,18 @@ class RoutingManager : public InstanceLocator * */ Error GetPdOmrPrefix(PrefixTableEntry &aPrefixInfo) const; + + /** + * Returns platform generated RA message processed information. + * + * @param[out] aPdProcessedRaInfo A reference to where the PD processed RA info will be output to. + * + * @retval kErrorNone Successfully retrieved the Info. + * @retval kErrorNotFound There are no valid RA process info on this BR. + * @retval kErrorInvalidState The Border Routing Manager is not initialized yet. + * + */ + Error GetPdProcessedRaInfo(PdProcessedRaInfo &aPdProcessedRaInfo); #endif /** @@ -1178,6 +1191,7 @@ class RoutingManager : public InstanceLocator void ProcessPlatformGeneratedRa(const uint8_t *aRouterAdvert, uint16_t aLength); Error GetPrefixInfo(PrefixTableEntry &aInfo) const; + Error GetProcessedRaInfo(PdProcessedRaInfo &aPdProcessedRaInfo) const; void HandleTimer(void) { WithdrawPrefix(); } static const char *StateToString(Dhcp6PdState aState); @@ -1199,6 +1213,9 @@ class RoutingManager : public InstanceLocator bool mEnabled; bool mIsRunning; + uint32_t mNumPlatformPioProcessed; + uint32_t mNumPlatformRaReceived; + TimeMilli mLastPlatformRaTime; PlatformOmrPrefixTimer mTimer; DiscoveredPrefixTable::Entry mPrefix; }; diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp index d5ddeecad0f..4f3b077e08e 100644 --- a/src/core/net/ip6.cpp +++ b/src/core/net/ip6.cpp @@ -1456,7 +1456,9 @@ Error Ip6::RouteLookup(const Address &aSource, const Address &aDestination) cons #if OPENTHREAD_CONFIG_IP6_BR_COUNTERS_ENABLE void Ip6::UpdateBorderRoutingCounters(const Header &aHeader, uint16_t aMessageLength, bool aIsInbound) { - otPacketsAndBytes *counter = nullptr; + static constexpr uint8_t kPrefixLength = 48; + otPacketsAndBytes *counter = nullptr; + otPacketsAndBytes *internetCounter = nullptr; VerifyOrExit(!aHeader.GetSource().IsLinkLocal()); VerifyOrExit(!aHeader.GetDestination().IsLinkLocal()); @@ -1466,7 +1468,10 @@ void Ip6::UpdateBorderRoutingCounters(const Header &aHeader, uint16_t aMessageLe if (aIsInbound) { VerifyOrExit(!Get().HasUnicastAddress(aHeader.GetSource())); - + if (!aHeader.GetSource().MatchesPrefix(aHeader.GetDestination().GetPrefix().m8, kPrefixLength)) + { + internetCounter = &mBorderRoutingCounters.mInboundInternet; + } if (aHeader.GetDestination().IsMulticast()) { VerifyOrExit(aHeader.GetDestination().IsMulticastLargerThanRealmLocal()); @@ -1480,7 +1485,10 @@ void Ip6::UpdateBorderRoutingCounters(const Header &aHeader, uint16_t aMessageLe else { VerifyOrExit(!Get().HasUnicastAddress(aHeader.GetDestination())); - + if (!aHeader.GetSource().MatchesPrefix(aHeader.GetDestination().GetPrefix().m8, kPrefixLength)) + { + internetCounter = &mBorderRoutingCounters.mOutboundInternet; + } if (aHeader.GetDestination().IsMulticast()) { VerifyOrExit(aHeader.GetDestination().IsMulticastLargerThanRealmLocal()); @@ -1499,6 +1507,11 @@ void Ip6::UpdateBorderRoutingCounters(const Header &aHeader, uint16_t aMessageLe counter->mPackets += 1; counter->mBytes += aMessageLength; } + if (internetCounter) + { + internetCounter->mPackets += 1; + internetCounter->mBytes += aMessageLength; + } } #endif From 11622a1b4a9eccf03627e776c98c32dcac8748b7 Mon Sep 17 00:00:00 2001 From: whd <7058128+superwhd@users.noreply.github.com> Date: Tue, 5 Dec 2023 14:58:23 +0800 Subject: [PATCH 010/121] [posix] expose `platformInfraIfIsRunning()` as `otSysInfraIfIsRunning()` (#9672) When we are switching to another infra netif via `otBorderRoutingInit()`, we may want to read the state of the new infra netif via `otSysInfraIfIsRunning()`. --- src/posix/platform/include/openthread/openthread-system.h | 8 ++++++++ src/posix/platform/infra_if.cpp | 6 +++--- src/posix/platform/platform-posix.h | 8 -------- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/posix/platform/include/openthread/openthread-system.h b/src/posix/platform/include/openthread/openthread-system.h index 29dc3ee80a8..61a07410f68 100644 --- a/src/posix/platform/include/openthread/openthread-system.h +++ b/src/posix/platform/include/openthread/openthread-system.h @@ -246,6 +246,14 @@ void otSysCountInfraNetifAddresses(otSysInfraNetIfAddressCounters *aAddressCount */ void otSysSetInfraNetif(const char *aInfraNetifName, int aIcmp6Socket); +/** + * Returns TRUE if the infrastructure interface is running. + * + * @returns TRUE if the infrastructure interface is running, FALSE if not. + * + */ +bool otSysInfraIfIsRunning(void); + #ifdef __cplusplus } // end of extern "C" #endif diff --git a/src/posix/platform/infra_if.cpp b/src/posix/platform/infra_if.cpp index 626d128228e..6e16b3f7f28 100644 --- a/src/posix/platform/infra_if.cpp +++ b/src/posix/platform/infra_if.cpp @@ -112,7 +112,7 @@ otError otPlatInfraIfDiscoverNat64Prefix(uint32_t aInfraIfIndex) #endif } -bool platformInfraIfIsRunning(void) { return ot::Posix::InfraNetif::Get().IsRunning(); } +bool otSysInfraIfIsRunning(void) { return ot::Posix::InfraNetif::Get().IsRunning(); } const char *otSysGetInfraNetifName(void) { return ot::Posix::InfraNetif::Get().GetNetifName(); } @@ -452,7 +452,7 @@ void InfraNetif::SetUp(void) VerifyOrExit(mNetLinkSocket != -1); #if OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE - SuccessOrDie(otBorderRoutingInit(gInstance, mInfraIfIndex, platformInfraIfIsRunning())); + SuccessOrDie(otBorderRoutingInit(gInstance, mInfraIfIndex, otSysInfraIfIsRunning())); SuccessOrDie(otBorderRoutingSetEnabled(gInstance, /* aEnabled */ true)); #endif @@ -546,7 +546,7 @@ void InfraNetif::ReceiveNetLinkMessage(void) case RTM_NEWLINK: case RTM_DELLINK: #if OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE - SuccessOrDie(otPlatInfraIfStateChanged(gInstance, mInfraIfIndex, platformInfraIfIsRunning())); + SuccessOrDie(otPlatInfraIfStateChanged(gInstance, mInfraIfIndex, otSysInfraIfIsRunning())); #endif break; case NLMSG_ERROR: diff --git a/src/posix/platform/platform-posix.h b/src/posix/platform/platform-posix.h index 0617bfc05c4..912ceb59017 100644 --- a/src/posix/platform/platform-posix.h +++ b/src/posix/platform/platform-posix.h @@ -415,14 +415,6 @@ extern unsigned int gNetifIndex; */ extern otInstance *gInstance; -/** - * Tells if the infrastructure interface is running. - * - * @returns TRUE if the infrastructure interface is running, FALSE if not. - * - */ -bool platformInfraIfIsRunning(void); - /** * Initializes backtrace module. * From 4ed44bc7d58d9a98c6cca13a50d38129045ab3df Mon Sep 17 00:00:00 2001 From: whd <7058128+superwhd@users.noreply.github.com> Date: Tue, 5 Dec 2023 14:59:13 +0800 Subject: [PATCH 011/121] [tests] rename `get_netdata_nat64_prefix()` to `get_netdata_nat64_routes()` (#9678) --- .../nat64/test_multi_border_routers.py | 28 ++++++++-------- .../nat64/test_single_border_router.py | 32 +++++++++---------- .../nat64/test_with_infrastructure_prefix.py | 30 ++++++++--------- .../test_multi_border_routers.py | 16 +++++----- .../test_multi_thread_networks.py | 8 ++--- .../border_router/test_on_link_prefix.py | 10 +++--- .../border_router/test_radvd_coexist.py | 8 ++--- .../test_single_border_router.py | 24 +++++++------- tests/scripts/thread-cert/node.py | 24 +++++++------- 9 files changed, 90 insertions(+), 90 deletions(-) diff --git a/tests/scripts/thread-cert/border_router/nat64/test_multi_border_routers.py b/tests/scripts/thread-cert/border_router/nat64/test_multi_border_routers.py index 46896bc509d..32ef64ab3ce 100755 --- a/tests/scripts/thread-cert/border_router/nat64/test_multi_border_routers.py +++ b/tests/scripts/thread-cert/border_router/nat64/test_multi_border_routers.py @@ -131,8 +131,8 @@ def test(self): self.assertNotEqual(br2_local_nat64_prefix, br2.get_br_favored_nat64_prefix()) br2_infra_nat64_prefix = br2.get_br_favored_nat64_prefix() - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, br2_infra_nat64_prefix) self.assertNotEqual(nat64_prefix, br1_local_nat64_prefix) self.assertDictIncludes(br1.nat64_state, { @@ -151,8 +151,8 @@ def test(self): br2.nat64_set_enabled(False) self.simulator.go(10) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, br1_local_nat64_prefix) self.assertDictIncludes(br1.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, @@ -174,8 +174,8 @@ def test(self): self.simulator.go(10) self.assertEqual(br2_local_nat64_prefix, br2.get_br_favored_nat64_prefix()) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, br1_local_nat64_prefix) self.assertNotEqual(nat64_prefix, br2_local_nat64_prefix) self.assertDictIncludes(br1.nat64_state, { @@ -194,8 +194,8 @@ def test(self): br1.nat64_set_enabled(False) self.simulator.go(10) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(br2_local_nat64_prefix, nat64_prefix) self.assertNotEqual(br1_local_nat64_prefix, nat64_prefix) self.assertDictIncludes(br1.nat64_state, { @@ -214,8 +214,8 @@ def test(self): br1.nat64_set_enabled(True) self.simulator.go(10) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(br2_local_nat64_prefix, nat64_prefix) self.assertNotEqual(br1_local_nat64_prefix, nat64_prefix) self.assertDictIncludes(br1.nat64_state, { @@ -233,8 +233,8 @@ def test(self): # br2.disable_br() self.simulator.go(10) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(br1_local_nat64_prefix, nat64_prefix) self.assertNotEqual(br2_local_nat64_prefix, nat64_prefix) self.assertDictIncludes(br1.nat64_state, { @@ -252,8 +252,8 @@ def test(self): # br2.enable_br() self.simulator.go(10) - self.assertEqual(len(br1.get_netdata_nat64_prefix()), 1) - nat64_prefix = br1.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br1.get_netdata_nat64_routes()), 1) + nat64_prefix = br1.get_netdata_nat64_routes()[0] self.assertEqual(br1_local_nat64_prefix, nat64_prefix) self.assertNotEqual(br2_local_nat64_prefix, nat64_prefix) self.assertDictIncludes(br1.nat64_state, { diff --git a/tests/scripts/thread-cert/border_router/nat64/test_single_border_router.py b/tests/scripts/thread-cert/border_router/nat64/test_single_border_router.py index 82f27ebd111..33d010e5eac 100755 --- a/tests/scripts/thread-cert/border_router/nat64/test_single_border_router.py +++ b/tests/scripts/thread-cert/border_router/nat64/test_single_border_router.py @@ -137,8 +137,8 @@ def test(self): self.simulator.go(5) local_nat64_prefix = br.get_br_nat64_prefix() - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - nat64_prefix = br.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + nat64_prefix = br.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, local_nat64_prefix) # @@ -150,15 +150,15 @@ def test(self): br.register_netdata() self.simulator.go(5) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertNotEqual(local_nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertNotEqual(local_nat64_prefix, br.get_netdata_nat64_routes()[0]) br.remove_route(SMALL_NAT64_PREFIX) br.register_netdata() self.simulator.go(10) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(local_nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(local_nat64_prefix, br.get_netdata_nat64_routes()[0]) # # Case 3. @@ -169,15 +169,15 @@ def test(self): br.register_netdata() self.simulator.go(5) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertNotEqual(local_nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertNotEqual(local_nat64_prefix, br.get_netdata_nat64_routes()[0]) br.remove_route(LARGE_NAT64_PREFIX) br.register_netdata() self.simulator.go(10) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(local_nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(local_nat64_prefix, br.get_netdata_nat64_routes()[0]) # # Case 4. Disable and re-enable border routing on the border router. @@ -186,7 +186,7 @@ def test(self): self.simulator.go(5) # NAT64 prefix is withdrawn from Network Data. - self.assertEqual(len(br.get_netdata_nat64_prefix()), 0) + self.assertEqual(len(br.get_netdata_nat64_routes()), 0) br.enable_br() self.simulator.go(config.BORDER_ROUTER_STARTUP_DELAY) @@ -256,17 +256,17 @@ def test(self): self.simulator.go(5) # NAT64 prefix is withdrawn from Network Data. - self.assertEqual(len(br.get_netdata_nat64_prefix()), 0) + self.assertEqual(len(br.get_netdata_nat64_routes()), 0) br.enable_ether() self.simulator.go(80) # Same NAT64 prefix is advertised to Network Data. - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(nat64_prefix, br.get_netdata_nat64_routes()[0]) # Same NAT64 prefix is advertised to Network Data. - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(nat64_prefix, br.get_netdata_nat64_routes()[0]) if __name__ == '__main__': diff --git a/tests/scripts/thread-cert/border_router/nat64/test_with_infrastructure_prefix.py b/tests/scripts/thread-cert/border_router/nat64/test_with_infrastructure_prefix.py index 905e6f259ea..21ab2ba54da 100755 --- a/tests/scripts/thread-cert/border_router/nat64/test_with_infrastructure_prefix.py +++ b/tests/scripts/thread-cert/border_router/nat64/test_with_infrastructure_prefix.py @@ -94,8 +94,8 @@ def test(self): # Case 1 No infra-derived OMR prefix. BR publishes its local prefix. local_nat64_prefix = br.get_br_nat64_prefix() - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - nat64_prefix = br.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + nat64_prefix = br.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, local_nat64_prefix) self.assertDictIncludes(br.nat64_state, { @@ -112,8 +112,8 @@ def test(self): self.assertNotEqual(favored_nat64_prefix, local_nat64_prefix) infra_nat64_prefix = favored_nat64_prefix - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - nat64_prefix = br.get_netdata_nat64_prefix()[0] + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + nat64_prefix = br.get_netdata_nat64_routes()[0] self.assertEqual(nat64_prefix, infra_nat64_prefix) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, @@ -126,8 +126,8 @@ def test(self): br.register_netdata() self.simulator.go(5) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertNotEqual(infra_nat64_prefix, br.get_netdata_nat64_prefix()[0]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertNotEqual(infra_nat64_prefix, br.get_netdata_nat64_routes()[0]) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_IDLE, 'Translator': NAT64_STATE_NOT_RUNNING @@ -137,7 +137,7 @@ def test(self): br.register_netdata() self.simulator.go(10) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) self.assertEqual(nat64_prefix, infra_nat64_prefix) # Case 4 No change when a smaller prefix in low preference is present @@ -145,8 +145,8 @@ def test(self): br.register_netdata() self.simulator.go(5) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 2) - self.assertEqual(br.get_netdata_nat64_prefix(), [infra_nat64_prefix, SMALL_NAT64_PREFIX]) + self.assertEqual(len(br.get_netdata_nat64_routes()), 2) + self.assertEqual(br.get_netdata_nat64_routes(), [infra_nat64_prefix, SMALL_NAT64_PREFIX]) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, 'Translator': NAT64_STATE_NOT_RUNNING @@ -162,8 +162,8 @@ def test(self): local_nat64_prefix = br.get_br_nat64_prefix() self.assertNotEqual(local_nat64_prefix, infra_nat64_prefix) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(br.get_netdata_nat64_prefix()[0], local_nat64_prefix) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(br.get_netdata_nat64_routes()[0], local_nat64_prefix) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, 'Translator': NAT64_STATE_ACTIVE @@ -174,8 +174,8 @@ def test(self): self.simulator.go(NAT64_PREFIX_REFRESH_DELAY) self.assertEqual(br.get_br_favored_nat64_prefix(), infra_nat64_prefix) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(br.get_netdata_nat64_prefix()[0], infra_nat64_prefix) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(br.get_netdata_nat64_routes()[0], infra_nat64_prefix) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, 'Translator': NAT64_STATE_NOT_RUNNING @@ -188,8 +188,8 @@ def test(self): self.simulator.go(NAT64_PREFIX_REFRESH_DELAY) self.assertEqual(br.get_br_favored_nat64_prefix(), SMALL_NAT64_PREFIX) - self.assertEqual(len(br.get_netdata_nat64_prefix()), 1) - self.assertEqual(br.get_netdata_nat64_prefix()[0], SMALL_NAT64_PREFIX) + self.assertEqual(len(br.get_netdata_nat64_routes()), 1) + self.assertEqual(br.get_netdata_nat64_routes()[0], SMALL_NAT64_PREFIX) self.assertDictIncludes(br.nat64_state, { 'PrefixManager': NAT64_STATE_ACTIVE, 'Translator': NAT64_STATE_NOT_RUNNING diff --git a/tests/scripts/thread-cert/border_router/test_multi_border_routers.py b/tests/scripts/thread-cert/border_router/test_multi_border_routers.py index ab354d17184..b176b89155e 100755 --- a/tests/scripts/thread-cert/border_router/test_multi_border_routers.py +++ b/tests/scripts/thread-cert/border_router/test_multi_border_routers.py @@ -141,10 +141,10 @@ def test(self): self.assertEqual(br1_omr_prefix, br1.get_netdata_omr_prefixes()[0]) # Each BR should independently register an external route for the on-link prefix. - self.assertEqual(len(br1.get_netdata_non_nat64_prefixes()), 2) - self.assertEqual(len(router1.get_netdata_non_nat64_prefixes()), 2) - self.assertEqual(len(br2.get_netdata_non_nat64_prefixes()), 2) - self.assertEqual(len(router2.get_netdata_non_nat64_prefixes()), 2) + self.assertEqual(len(br1.get_netdata_non_nat64_routes()), 2) + self.assertEqual(len(router1.get_netdata_non_nat64_routes()), 2) + self.assertEqual(len(br2.get_netdata_non_nat64_routes()), 2) + self.assertEqual(len(router2.get_netdata_non_nat64_routes()), 2) br1_on_link_prefix = br1.get_br_on_link_prefix() @@ -192,10 +192,10 @@ def test(self): # There should be no changes to the external route for the # on-link prefix, given that the on-link prefix is derived # from the Extended PAN ID. - self.assertEqual(len(br1.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router1.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(br2.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router2.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br1.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router1.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(br2.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router2.get_netdata_non_nat64_routes()), 1) br2_on_link_prefix = br2.get_br_on_link_prefix() diff --git a/tests/scripts/thread-cert/border_router/test_multi_thread_networks.py b/tests/scripts/thread-cert/border_router/test_multi_thread_networks.py index eaa1e13a003..7db19ded748 100755 --- a/tests/scripts/thread-cert/border_router/test_multi_thread_networks.py +++ b/tests/scripts/thread-cert/border_router/test_multi_thread_networks.py @@ -130,10 +130,10 @@ def test(self): # Each BR should independently register an external route for the on-link prefix # and OMR prefix in another Thread Network. - self.assertEqual(br1.get_netdata_non_nat64_prefixes(), ['fc00::/7']) - self.assertEqual(router1.get_netdata_non_nat64_prefixes(), ['fc00::/7']) - self.assertEqual(br2.get_netdata_non_nat64_prefixes(), ['fc00::/7']) - self.assertEqual(router2.get_netdata_non_nat64_prefixes(), ['fc00::/7']) + self.assertEqual(br1.get_netdata_non_nat64_routes(), ['fc00::/7']) + self.assertEqual(router1.get_netdata_non_nat64_routes(), ['fc00::/7']) + self.assertEqual(br2.get_netdata_non_nat64_routes(), ['fc00::/7']) + self.assertEqual(router2.get_netdata_non_nat64_routes(), ['fc00::/7']) self.assertTrue(len(router1.get_ip6_address(config.ADDRESS_TYPE.OMR)) == 1) self.assertTrue(len(router2.get_ip6_address(config.ADDRESS_TYPE.OMR)) == 1) diff --git a/tests/scripts/thread-cert/border_router/test_on_link_prefix.py b/tests/scripts/thread-cert/border_router/test_on_link_prefix.py index 4067236232c..0f56baa776d 100755 --- a/tests/scripts/thread-cert/border_router/test_on_link_prefix.py +++ b/tests/scripts/thread-cert/border_router/test_on_link_prefix.py @@ -126,7 +126,7 @@ def test(self): logging.info("ROUTER1 addrs: %r", router1.get_addrs()) logging.info("HOST addrs: %r", host.get_addrs()) - self.assertEqual(len(br1.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br1.get_netdata_non_nat64_routes()), 1) host_on_link_addr = host.get_matched_ula_addresses(ON_LINK_PREFIX)[0] self.assertTrue(router1.ping(host_on_link_addr)) @@ -166,10 +166,10 @@ def test(self): # but don't remove the external routes for the radvd on-link prefix # immediately, because the SLAAC addresses are still valid. - self.assertEqual(len(br1.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router1.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(br2.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router2.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br1.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router1.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(br2.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router2.get_netdata_non_nat64_routes()), 1) br2_on_link_prefix = br2.get_br_on_link_prefix() diff --git a/tests/scripts/thread-cert/border_router/test_radvd_coexist.py b/tests/scripts/thread-cert/border_router/test_radvd_coexist.py index 2fffd60700f..6dc7a135ecb 100755 --- a/tests/scripts/thread-cert/border_router/test_radvd_coexist.py +++ b/tests/scripts/thread-cert/border_router/test_radvd_coexist.py @@ -102,8 +102,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) self.assertEqual(len(br.get_ip6_address(config.ADDRESS_TYPE.OMR)), 1) self.assertEqual(len(router.get_ip6_address(config.ADDRESS_TYPE.OMR)), 1) @@ -122,8 +122,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) self.assertEqual(len(br.get_ip6_address(config.ADDRESS_TYPE.OMR)), 1) self.assertEqual(len(router.get_ip6_address(config.ADDRESS_TYPE.OMR)), 1) diff --git a/tests/scripts/thread-cert/border_router/test_single_border_router.py b/tests/scripts/thread-cert/border_router/test_single_border_router.py index a660345fcec..fea02fa97d2 100755 --- a/tests/scripts/thread-cert/border_router/test_single_border_router.py +++ b/tests/scripts/thread-cert/border_router/test_single_border_router.py @@ -105,8 +105,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) omr_prefix = br.get_br_omr_prefix() on_link_prefix = br.get_br_on_link_prefix() @@ -145,8 +145,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 2) self.assertEqual(len(router.get_netdata_omr_prefixes()), 2) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) self.assertEqual(len(br.get_ip6_address(config.ADDRESS_TYPE.OMR)), 2) self.assertEqual(len(router.get_ip6_address(config.ADDRESS_TYPE.OMR)), 2) @@ -171,8 +171,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) # The same local OMR and on-link prefix should be re-register. self.assertEqual(br.get_netdata_omr_prefixes(), [omr_prefix]) @@ -223,8 +223,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) # The same local OMR and on-link prefix should be re-registered. self.assertEqual(br.get_netdata_omr_prefixes(), [omr_prefix]) @@ -275,8 +275,8 @@ def test(self): self.assertEqual(len(br.get_netdata_omr_prefixes()), 1) self.assertEqual(len(router.get_netdata_omr_prefixes()), 1) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) # The same local OMR and on-link prefix should be re-registered. self.assertEqual(br.get_netdata_omr_prefixes(), [omr_prefix]) @@ -314,8 +314,8 @@ def test(self): br.start_radvd_service(prefix=config.ONLINK_GUA_PREFIX, slaac=True) self.simulator.go(5) - self.assertEqual(len(br.get_netdata_non_nat64_prefixes()), 1) - self.assertEqual(len(router.get_netdata_non_nat64_prefixes()), 1) + self.assertEqual(len(br.get_netdata_non_nat64_routes()), 1) + self.assertEqual(len(router.get_netdata_non_nat64_routes()), 1) self.assertTrue(router.ping(host.get_ip6_address(config.ADDRESS_TYPE.ONLINK_GUA)[0])) self.assertTrue(router.ping(host.get_ip6_address(config.ADDRESS_TYPE.ONLINK_ULA)[0])) diff --git a/tests/scripts/thread-cert/node.py b/tests/scripts/thread-cert/node.py index 25e254aba34..607d5321447 100755 --- a/tests/scripts/thread-cert/node.py +++ b/tests/scripts/thread-cert/node.py @@ -2177,13 +2177,21 @@ def get_br_on_link_prefix(self): self.send_command(cmd) return self._expect_command_output()[0] - def get_netdata_non_nat64_prefixes(self): - prefixes = [] + def get_netdata_non_nat64_routes(self): + nat64_routes = [] routes = self.get_routes() for route in routes: if 'n' not in route.split(' ')[1]: - prefixes.append(route.split(' ')[0]) - return prefixes + nat64_routes.append(route.split(' ')[0]) + return nat64_routes + + def get_netdata_nat64_routes(self): + nat64_routes = [] + routes = self.get_routes() + for route in routes: + if 'n' in route.split(' ')[1]: + nat64_routes.append(route.split(' ')[0]) + return nat64_routes def get_br_nat64_prefix(self): cmd = 'br nat64prefix local' @@ -2302,14 +2310,6 @@ def get_nat64_counters(self): continue return {'protocol': protocol_counters, 'errors': error_counters} - def get_netdata_nat64_prefix(self): - prefixes = [] - routes = self.get_routes() - for route in routes: - if 'n' in route.split(' ')[1]: - prefixes.append(route.split(' ')[0]) - return prefixes - def get_prefixes(self): return self.get_netdata()['Prefixes'] From 3754174c54757d87c6cdd1e025fca05cf911ddc1 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 5 Dec 2023 10:54:17 -0800 Subject: [PATCH 012/121] [meshcop-tlvs] simplify and enhance `ChannelMaskTlv` (#9675) This commit simplifies `ChannelMaskTlv` generation and parsing. Notably, it ensures that when we read this TLV from a `Message` the TLV value format is validated. The changes include: - `Entry` class representing a channel page entry is now defined as a `private` nested class within `ChannelMaskTlv`. - A shared `EntriesData::Parse()` method is added that validates and parses the entries in the TLV, whether the TLV value resides in a buffer (e.g., within `Dataset`) or in a `Message`. - `ChannelMaskTlv::AppendTo()` method is added to construct entries from a given combined channel mask (for all pages) and append the `ChannelMaskTlv` to a given `Message`. - `Radio::kSupportedChannelPages` is changed to an array (containing all supported pages) instead of mask. - Helper functions added in `Radio`, `SupportsChannelPage()` to verify if a channel page is supported by the radio, and `ChannelMaskForPage()` to obtain the supported channel mask for a given page. --- src/core/meshcop/announce_begin_client.cpp | 11 +- src/core/meshcop/dataset.cpp | 12 +- src/core/meshcop/dataset_manager.cpp | 2 +- src/core/meshcop/dataset_manager_ftd.cpp | 8 +- src/core/meshcop/energy_scan_client.cpp | 13 +- src/core/meshcop/meshcop_tlvs.cpp | 223 +++++++---------- src/core/meshcop/meshcop_tlvs.hpp | 273 +++++---------------- src/core/meshcop/panid_query_client.cpp | 13 +- src/core/radio/radio.cpp | 12 + src/core/radio/radio.hpp | 93 +++++-- src/core/thread/announce_begin_server.cpp | 2 +- src/core/thread/energy_scan_server.cpp | 17 +- src/core/thread/mle_tlvs.cpp | 3 +- src/core/thread/network_diagnostic.cpp | 7 +- src/core/thread/panid_query_server.cpp | 13 +- 15 files changed, 282 insertions(+), 420 deletions(-) diff --git a/src/core/meshcop/announce_begin_client.cpp b/src/core/meshcop/announce_begin_client.cpp index 5d3b9d9c537..07ee2723fd5 100644 --- a/src/core/meshcop/announce_begin_client.cpp +++ b/src/core/meshcop/announce_begin_client.cpp @@ -60,10 +60,9 @@ Error AnnounceBeginClient::SendRequest(uint32_t aChannelMask, uint16_t aPeriod, const Ip6::Address &aAddress) { - Error error = kErrorNone; - MeshCoP::ChannelMaskTlv channelMask; - Tmf::MessageInfo messageInfo(GetInstance()); - Coap::Message *message = nullptr; + Error error = kErrorNone; + Tmf::MessageInfo messageInfo(GetInstance()); + Coap::Message *message = nullptr; VerifyOrExit(Get().IsActive(), error = kErrorInvalidState); VerifyOrExit((message = Get().NewPriorityMessage()) != nullptr, error = kErrorNoBufs); @@ -74,9 +73,7 @@ Error AnnounceBeginClient::SendRequest(uint32_t aChannelMask, SuccessOrExit( error = Tlv::Append(*message, Get().GetSessionId())); - channelMask.Init(); - channelMask.SetChannelMask(aChannelMask); - SuccessOrExit(error = channelMask.AppendTo(*message)); + SuccessOrExit(error = MeshCoP::ChannelMaskTlv::AppendTo(*message, aChannelMask)); SuccessOrExit(error = Tlv::Append(*message, aCount)); SuccessOrExit(error = Tlv::Append(*message, aPeriod)); diff --git a/src/core/meshcop/dataset.cpp b/src/core/meshcop/dataset.cpp index 1692696fc76..b15a407201d 100644 --- a/src/core/meshcop/dataset.cpp +++ b/src/core/meshcop/dataset.cpp @@ -199,9 +199,9 @@ void Dataset::ConvertTo(Info &aDatasetInfo) const case Tlv::kChannelMask: { - uint32_t mask = As(cur)->GetChannelMask(); + uint32_t mask; - if (mask != 0) + if (As(cur)->ReadChannelMask(mask) == kErrorNone) { aDatasetInfo.SetChannelMask(mask); } @@ -312,10 +312,10 @@ Error Dataset::SetFrom(const Info &aDatasetInfo) if (aDatasetInfo.IsChannelMaskPresent()) { - ChannelMaskTlv tlv; - tlv.Init(); - tlv.SetChannelMask(aDatasetInfo.GetChannelMask()); - IgnoreError(WriteTlv(tlv)); + ChannelMaskTlv::Value value; + + ChannelMaskTlv::PrepareValue(value, aDatasetInfo.GetChannelMask()); + IgnoreError(WriteTlv(Tlv::kChannelMask, value.mData, value.mLength)); } if (aDatasetInfo.IsExtendedPanIdPresent()) diff --git a/src/core/meshcop/dataset_manager.cpp b/src/core/meshcop/dataset_manager.cpp index bc316980e15..8bf1cb38a59 100644 --- a/src/core/meshcop/dataset_manager.cpp +++ b/src/core/meshcop/dataset_manager.cpp @@ -228,7 +228,7 @@ Error DatasetManager::GetChannelMask(Mac::ChannelMask &aChannelMask) const channelMaskTlv = As(dataset.FindTlv(Tlv::kChannelMask)); VerifyOrExit(channelMaskTlv != nullptr, error = kErrorNotFound); - VerifyOrExit((mask = channelMaskTlv->GetChannelMask()) != 0); + SuccessOrExit(channelMaskTlv->ReadChannelMask(mask)); aChannelMask.SetMask(mask & Get().GetSupportedChannelMask().GetMask()); diff --git a/src/core/meshcop/dataset_manager_ftd.cpp b/src/core/meshcop/dataset_manager_ftd.cpp index e5423dc3c04..5f74842ef30 100644 --- a/src/core/meshcop/dataset_manager_ftd.cpp +++ b/src/core/meshcop/dataset_manager_ftd.cpp @@ -319,10 +319,10 @@ Error ActiveDatasetManager::GenerateLocal(void) if (!dataset.Contains()) { - ChannelMaskTlv tlv; - tlv.Init(); - tlv.SetChannelMask(Get().GetSupportedChannelMask().GetMask()); - IgnoreError(dataset.WriteTlv(tlv)); + ChannelMaskTlv::Value value; + + ChannelMaskTlv::PrepareValue(value, Get().GetSupportedChannelMask().GetMask()); + IgnoreError(dataset.WriteTlv(Tlv::kChannelMask, value.mData, value.mLength)); } if (!dataset.Contains()) diff --git a/src/core/meshcop/energy_scan_client.cpp b/src/core/meshcop/energy_scan_client.cpp index beea65caacb..41f08388330 100644 --- a/src/core/meshcop/energy_scan_client.cpp +++ b/src/core/meshcop/energy_scan_client.cpp @@ -66,10 +66,9 @@ Error EnergyScanClient::SendQuery(uint32_t aChannelMas otCommissionerEnergyReportCallback aCallback, void *aContext) { - Error error = kErrorNone; - MeshCoP::ChannelMaskTlv channelMask; - Tmf::MessageInfo messageInfo(GetInstance()); - Coap::Message *message = nullptr; + Error error = kErrorNone; + Tmf::MessageInfo messageInfo(GetInstance()); + Coap::Message *message = nullptr; VerifyOrExit(Get().IsActive(), error = kErrorInvalidState); VerifyOrExit((message = Get().NewPriorityMessage()) != nullptr, error = kErrorNoBufs); @@ -80,9 +79,7 @@ Error EnergyScanClient::SendQuery(uint32_t aChannelMas SuccessOrExit( error = Tlv::Append(*message, Get().GetSessionId())); - channelMask.Init(); - channelMask.SetChannelMask(aChannelMask); - SuccessOrExit(error = channelMask.AppendTo(*message)); + SuccessOrExit(error = MeshCoP::ChannelMaskTlv::AppendTo(*message, aChannelMask)); SuccessOrExit(error = Tlv::Append(*message, aCount)); SuccessOrExit(error = Tlv::Append(*message, aPeriod)); @@ -110,7 +107,7 @@ void EnergyScanClient::HandleTmf(Coap::Message &aMessage, cons LogInfo("Received %s", UriToString()); - VerifyOrExit((mask = MeshCoP::ChannelMaskTlv::GetChannelMask(aMessage)) != 0); + SuccessOrExit(MeshCoP::ChannelMaskTlv::FindIn(aMessage, mask)); SuccessOrExit(MeshCoP::Tlv::FindTlv(aMessage, MeshCoP::Tlv::kEnergyList, sizeof(energyListTlv), energyListTlv)); diff --git a/src/core/meshcop/meshcop_tlvs.cpp b/src/core/meshcop/meshcop_tlvs.cpp index 573e6b095a5..151abcd421e 100644 --- a/src/core/meshcop/meshcop_tlvs.cpp +++ b/src/core/meshcop/meshcop_tlvs.cpp @@ -158,191 +158,140 @@ const char *StateTlv::StateToString(State aState) return aState == kReject ? kStateStrings[2] : kStateStrings[aState]; } -bool ChannelMaskBaseTlv::IsValid(void) const +bool ChannelMaskTlv::IsValid(void) const { - const ChannelMaskEntryBase *cur = GetFirstEntry(); - const ChannelMaskEntryBase *end = reinterpret_cast(GetNext()); - bool ret = false; + uint32_t channelMask; - VerifyOrExit(cur != nullptr); - - while (cur < end) - { - uint8_t channelPage; - - VerifyOrExit((cur + 1) <= end && cur->GetNext() <= end); - - channelPage = cur->GetChannelPage(); - -#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - if (channelPage == OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE) -#else - if ((channelPage == OT_RADIO_CHANNEL_PAGE_0) || (channelPage == OT_RADIO_CHANNEL_PAGE_2)) -#endif - { - VerifyOrExit(static_cast(cur)->IsValid()); - } + return (ReadChannelMask(channelMask) == kErrorNone); +} - cur = cur->GetNext(); - } +Error ChannelMaskTlv::ReadChannelMask(uint32_t &aChannelMask) const +{ + EntriesData entriesData; - ret = true; + entriesData.Clear(); + entriesData.mData = &mEntriesStart; + entriesData.mLength = GetLength(); -exit: - return ret; + return entriesData.Parse(aChannelMask); } -const ChannelMaskEntryBase *ChannelMaskBaseTlv::GetFirstEntry(void) const +Error ChannelMaskTlv::FindIn(const Message &aMessage, uint32_t &aChannelMask) { - const ChannelMaskEntryBase *entry = nullptr; + Error error; + EntriesData entriesData; - VerifyOrExit(GetLength() >= sizeof(ChannelMaskEntryBase)); + entriesData.Clear(); + entriesData.mMessage = &aMessage; - entry = reinterpret_cast(GetValue()); - VerifyOrExit(GetLength() >= entry->GetEntrySize(), entry = nullptr); + SuccessOrExit(error = FindTlvValueOffset(aMessage, Tlv::kChannelMask, entriesData.mOffset, entriesData.mLength)); + error = entriesData.Parse(aChannelMask); exit: - return entry; + return error; } -ChannelMaskEntryBase *ChannelMaskBaseTlv::GetFirstEntry(void) { return AsNonConst(AsConst(this)->GetFirstEntry()); } - -void ChannelMaskTlv::SetChannelMask(uint32_t aChannelMask) +Error ChannelMaskTlv::EntriesData::Parse(uint32_t &aChannelMask) { - uint8_t length = 0; - ChannelMaskEntry *entry; - - entry = static_cast(GetFirstEntry()); - -#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT - if (aChannelMask & OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK) - { - OT_ASSERT(entry != nullptr); - entry->Init(); - entry->SetChannelPage(OT_RADIO_CHANNEL_PAGE_2); - entry->SetMask(aChannelMask & OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK); + // Validates and parses the Channel Mask TLV entries for each + // channel page and if successful updates `aChannelMask` to + // return the combined mask for all channel pages supported by + // radio. The entries can be either contained in `mMessage` from + // `mOffset` (when `mMessage` is non-null) or be in a buffer + // `mData`. `mLength` gives the number of bytes for all entries. - length += sizeof(ChannelMaskEntry); + Error error = kErrorParse; + Entry readEntry; + const Entry *entry; + uint16_t size; - entry = static_cast(entry->GetNext()); - } -#endif + aChannelMask = 0; -#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT - if (aChannelMask & OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK) - { - OT_ASSERT(entry != nullptr); - entry->Init(); - entry->SetChannelPage(OT_RADIO_CHANNEL_PAGE_0); - entry->SetMask(aChannelMask & OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK); + VerifyOrExit(mLength > 0); // At least one entry. - length += sizeof(ChannelMaskEntry); - } -#endif - -#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - if (aChannelMask & OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK) + while (mLength > 0) { - OT_ASSERT(entry != nullptr); - entry->Init(); - entry->SetChannelPage(OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE); - entry->SetMask(aChannelMask & OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK); + VerifyOrExit(mLength > kEntryHeaderSize); - length += sizeof(ChannelMaskEntry); - } -#endif + if (mMessage != nullptr) + { + // We first read the entry's header only and after + // validating the entry and that the entry's channel page + // is supported by radio, we read the full `Entry`. - SetLength(length); -} + mMessage->ReadBytes(mOffset, &readEntry, kEntryHeaderSize); + entry = &readEntry; + } + else + { + entry = reinterpret_cast(mData); + } -uint32_t ChannelMaskTlv::GetChannelMask(void) const -{ - const ChannelMaskEntryBase *cur = GetFirstEntry(); - const ChannelMaskEntryBase *end = reinterpret_cast(GetNext()); - uint32_t mask = 0; + size = kEntryHeaderSize + entry->GetMaskLength(); - VerifyOrExit(cur != nullptr); + VerifyOrExit(size <= mLength); - while (cur < end) - { - uint8_t channelPage; + if (Radio::SupportsChannelPage(entry->GetChannelPage())) + { + // Currently supported channel pages all use `uint32_t` + // channel mask. - VerifyOrExit((cur + 1) <= end && cur->GetNext() <= end); + VerifyOrExit(entry->GetMaskLength() == kMaskLength); - channelPage = cur->GetChannelPage(); + if (mMessage != nullptr) + { + IgnoreError(mMessage->Read(mOffset, readEntry)); + } -#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT - if (channelPage == OT_RADIO_CHANNEL_PAGE_2) - { - mask |= static_cast(cur)->GetMask() & OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK; + aChannelMask |= (entry->GetMask() & Radio::ChannelMaskForPage(entry->GetChannelPage())); } -#endif -#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT - if (channelPage == OT_RADIO_CHANNEL_PAGE_0) + mLength -= size; + + if (mMessage != nullptr) { - mask |= static_cast(cur)->GetMask() & OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; + mOffset += size; } -#endif - -#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - if (channelPage == OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE) + else { - mask |= static_cast(cur)->GetMask() & - OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK; + mData += size; } -#endif - - cur = cur->GetNext(); } + error = kErrorNone; + exit: - return mask; + return error; } -uint32_t ChannelMaskTlv::GetChannelMask(const Message &aMessage) +void ChannelMaskTlv::PrepareValue(Value &aValue, uint32_t aChannelMask) { - uint32_t mask = 0; - uint16_t offset; - uint16_t end; + Entry *entry = reinterpret_cast(aValue.mData); - SuccessOrExit(FindTlvValueStartEndOffsets(aMessage, kChannelMask, offset, end)); + aValue.mLength = 0; - while (offset + sizeof(ChannelMaskEntryBase) <= end) + for (uint8_t page : Radio::kSupportedChannelPages) { - ChannelMaskEntry entry; + uint32_t mask = (Radio::ChannelMaskForPage(page) & aChannelMask); - IgnoreError(aMessage.Read(offset, entry)); - VerifyOrExit(offset + entry.GetEntrySize() <= end); - - switch (entry.GetChannelPage()) + if (mask != 0) { -#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT - case OT_RADIO_CHANNEL_PAGE_0: - IgnoreError(aMessage.Read(offset, entry)); - mask |= entry.GetMask() & OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; - break; -#endif - -#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT - case OT_RADIO_CHANNEL_PAGE_2: - IgnoreError(aMessage.Read(offset, entry)); - mask |= entry.GetMask() & OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK; - break; -#endif - -#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - case OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE: - IgnoreError(aMessage.Read(offset, entry)); - mask |= entry.GetMask() & OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK; - break; -#endif + entry->SetChannelPage(page); + entry->SetMaskLength(kMaskLength); + entry->SetMask(mask); + + aValue.mLength += sizeof(Entry); + entry++; } - offset += entry.GetEntrySize(); } +} -exit: - return mask; +Error ChannelMaskTlv::AppendTo(Message &aMessage, uint32_t aChannelMask) +{ + Value value; + + PrepareValue(value, aChannelMask); + return Tlv::Append(aMessage, value.mData, value.mLength); } } // namespace MeshCoP diff --git a/src/core/meshcop/meshcop_tlvs.hpp b/src/core/meshcop/meshcop_tlvs.hpp index b7b2af3fbf8..2f2b1118688 100644 --- a/src/core/meshcop/meshcop_tlvs.hpp +++ b/src/core/meshcop/meshcop_tlvs.hpp @@ -613,258 +613,121 @@ typedef SimpleTlvInfo PendingTimestampTlv; */ typedef UintTlvInfo DelayTimerTlv; -// forward declare ChannelMaskTlv -class ChannelMaskTlv; - /** - * Implements Channel Mask Entry generation and parsing. + * Implements Channel Mask TLV generation and parsing. * */ OT_TOOL_PACKED_BEGIN -class ChannelMaskEntryBase +class ChannelMaskTlv : public Tlv, public TlvInfo { -public: - /** - * Gets the ChannelPage value. - * - * @returns The ChannelPage value. - * - */ - uint8_t GetChannelPage(void) const { return mChannelPage; } - - /** - * Sets the ChannelPage value. - * - * @param[in] aChannelPage The ChannelPage value. - * - */ - void SetChannelPage(uint8_t aChannelPage) { mChannelPage = aChannelPage; } - - /** - * Gets the MaskLength value. - * - * @returns The MaskLength value. - * - */ - uint8_t GetMaskLength(void) const { return mMaskLength; } + static constexpr uint8_t kEntryHeaderSize = 2; // Two bytes: mChannelPage and mMaskLength + static constexpr uint8_t kEntrySize = kEntryHeaderSize + sizeof(uint32_t); +public: /** - * Sets the MaskLength value. - * - * @param[in] aMaskLength The MaskLength value. + * Represents Channel Mask TLV value to append. * */ - void SetMaskLength(uint8_t aMaskLength) { mMaskLength = aMaskLength; } + struct Value + { + static constexpr uint16_t kMaxLength = (kEntrySize * Radio::kNumChannelPages); ///< Max value length. - /** - * Returns the total size of this Channel Mask Entry including the mask. - * - * @returns The total size of this entry (number of bytes). - * - */ - uint16_t GetEntrySize(void) const { return sizeof(ChannelMaskEntryBase) + mMaskLength; } + uint8_t mData[kMaxLength]; ///< Array to store TLV value (encoded as one or more Channel Mask TLV Entry) + uint8_t mLength; ///< Value length in bytes. + }; - /** - * Clears the bit corresponding to @p aChannel in ChannelMask. - * - * @param[in] aChannel The channel in ChannelMask to clear. - * - */ - void ClearChannel(uint8_t aChannel) - { - uint8_t *mask = reinterpret_cast(this) + sizeof(*this); - mask[aChannel / 8] &= ~(0x80 >> (aChannel % 8)); - } + ChannelMaskTlv(void) = delete; /** - * Sets the bit corresponding to @p aChannel in ChannelMask. + * Parses the Channel Mask TLV value and validates that all the included entries are well-formed. * - * @param[in] aChannel The channel in ChannelMask to set. + * @returns TRUE if the TLV is well-formed, FALSE otherwise. * */ - void SetChannel(uint8_t aChannel) - { - uint8_t *mask = reinterpret_cast(this) + sizeof(*this); - mask[aChannel / 8] |= 0x80 >> (aChannel % 8); - } + bool IsValid(void) const; /** - * Indicates whether or not the bit corresponding to @p aChannel in ChannelMask is set. - * - * @param[in] aChannel The channel in ChannelMask to get. + * Parses and retrieves the combined channel mask for all supported channel pages from entries in the TLV. * - */ - bool IsChannelSet(uint8_t aChannel) const - { - const uint8_t *mask = reinterpret_cast(this) + sizeof(*this); - return (aChannel < (mMaskLength * 8)) ? ((mask[aChannel / 8] & (0x80 >> (aChannel % 8))) != 0) : false; - } - - /** - * Gets the next Channel Mask Entry in a Channel Mask TLV. + * @param[out] aChannelMask A reference to return the channel mask. * - * @returns A pointer to next Channel Mask Entry. + * @retval kErrorNone Successfully parsed the TLV value, @p aChannelMask is updated. + * @retval kErrorParse TLV value is not well-formed. * */ - const ChannelMaskEntryBase *GetNext(void) const - { - return reinterpret_cast(reinterpret_cast(this) + GetEntrySize()); - } + Error ReadChannelMask(uint32_t &aChannelMask) const; /** - * Gets the next Channel Mask Entry in a Channel Mask TLV. + * Searches within a given message for Channel Mask TLV, parses and validates the TLV value and returns the + * combined channel mask for all supported channel pages included in the TLV. * - * @returns A pointer to next Channel Mask Entry. + * @param[in] aMessage The message to search in. + * @param[out] aChannelMask A reference to return the channel mask. * - */ - ChannelMaskEntryBase *GetNext(void) { return AsNonConst(AsConst(this)->GetNext()); } - -private: - uint8_t mChannelPage; - uint8_t mMaskLength; -} OT_TOOL_PACKED_END; - -/** - * Implements Channel Mask Entry Page 0 generation and parsing. - * - */ -OT_TOOL_PACKED_BEGIN -class ChannelMaskEntry : public ChannelMaskEntryBase -{ -public: - /** - * Initializes the entry. + * @retval kErrorNone Found the TLV, successfully parsed its value, @p aChannelMask is updated. + * @retval kErrorNotFound No Channel Mask TLV found in the @p aMessage. + * @retval kErrorParse Found the TLV, but failed to parse it. * */ - void Init(void) - { - SetChannelPage(0); - SetMaskLength(sizeof(mMask)); - } + static Error FindIn(const Message &aMessage, uint32_t &aChannelMask); /** - * Indicates whether or not the entry appears to be well-formed. + * Prepares Channel Mask TLV value for appending/writing. * - * @retval TRUE If the entry appears to be well-formed. - * @retval FALSE If the entry does not appear to be well-formed. + * @param[out] aValue A reference to `Value` structure to populate. + * @param[in] aChannelMask The combined channel mask for all supported channel pages. * */ - bool IsValid(void) const { return GetMaskLength() == sizeof(mMask); } + static void PrepareValue(Value &aValue, uint32_t aChannelMask); /** - * Returns the Channel Mask value as a `uint32_t` bit mask. + * Prepares a Channel Mask TLV value and appends the TLV to a given message. * - * @returns The Channel Mask value. + * @param[in] aMessage The message to append to. + * @param[in] aChannelMask The combined channel mask for all supported channel pages. * - */ - uint32_t GetMask(void) const { return Reverse32(BigEndian::HostSwap32(mMask)); } - - /** - * Sets the Channel Mask value. - * - * @param[in] aMask The Channel Mask value. + * @retval kErrorNone Successfully prepared the Channel Mask TLV and appended it to @p aMessage. + * @retval kErrorNoBufs Insufficient available buffers to grow the message. * */ - void SetMask(uint32_t aMask) { mMask = BigEndian::HostSwap32(Reverse32(aMask)); } + static Error AppendTo(Message &aMessage, uint32_t aChannelMask); private: - uint32_t mMask; -} OT_TOOL_PACKED_END; + static constexpr uint8_t kMaskLength = sizeof(uint32_t); -/** - * Implements Channel Mask TLV generation and parsing. - * - */ -OT_TOOL_PACKED_BEGIN -class ChannelMaskBaseTlv : public Tlv, public TlvInfo -{ -public: - /** - * Initializes the TLV. - * - */ - void Init(void) + OT_TOOL_PACKED_BEGIN + class Entry { - SetType(kChannelMask); - SetLength(sizeof(*this) - sizeof(Tlv)); - } - - /** - * Indicates whether or not the TLV appears to be well-formed. - * - * @retval TRUE If the TLV appears to be well-formed. - * @retval FALSE If the TLV does not appear to be well-formed. - * - */ - bool IsValid(void) const; - - /** - * Gets the first Channel Mask Entry in the Channel Mask TLV. - * - * @returns A pointer to first Channel Mask Entry or `nullptr` if not found. - * - */ - const ChannelMaskEntryBase *GetFirstEntry(void) const; - - /** - * Gets the first Channel Mask Entry in the Channel Mask TLV. - * - * @returns A pointer to first Channel Mask Entry or `nullptr` if not found. - * - */ - ChannelMaskEntryBase *GetFirstEntry(void); -} OT_TOOL_PACKED_END; - -/** - * Implements Channel Mask TLV generation and parsing. - * - */ -OT_TOOL_PACKED_BEGIN -class ChannelMaskTlv : public ChannelMaskBaseTlv -{ -public: - /** - * Initializes the TLV. - * - */ - void Init(void) + public: + uint8_t GetChannelPage(void) const { return mChannelPage; } + void SetChannelPage(uint8_t aChannelPage) { mChannelPage = aChannelPage; } + uint8_t GetMaskLength(void) const { return mMaskLength; } + void SetMaskLength(uint8_t aMaskLength) { mMaskLength = aMaskLength; } + uint32_t GetMask(void) const { return Reverse32(BigEndian::HostSwap32(mMask)); } + void SetMask(uint32_t aMask) { mMask = BigEndian::HostSwap32(Reverse32(aMask)); } + + private: + uint8_t mChannelPage; + uint8_t mMaskLength; + uint32_t mMask; + } OT_TOOL_PACKED_END; + + struct EntriesData : public Clearable { - SetType(kChannelMask); - SetLength(sizeof(*this) - sizeof(Tlv)); - memset(mEntries, 0, sizeof(mEntries)); - } - - /** - * Sets the Channel Mask Entries. - * - * @param[in] aChannelMask The Channel Mask value. - * - */ - void SetChannelMask(uint32_t aChannelMask); - - /** - * Returns the Channel Mask value as a `uint32_t` bit mask. - * - * @returns The Channel Mask or 0 if not found. - * - */ - uint32_t GetChannelMask(void) const; + // Represents received Channel Mask TLV Entries data which + // is either contained in `mData` buffer, or in `mMessage` + // at `mOffset`. - /** - * Reads message and returns the Channel Mask value as a `uint32_t` bit mask. - * - * @param[in] aMessage A reference to the message. - * - * @returns The Channel Mask or 0 if not found. - * - */ - static uint32_t GetChannelMask(const Message &aMessage); + Error Parse(uint32_t &aChannelMask); -private: - static constexpr uint8_t kNumMaskEntries = Radio::kNumChannelPages; + const uint8_t *mData; + const Message *mMessage; + uint16_t mOffset; + uint16_t mLength; + }; - ChannelMaskEntry mEntries[kNumMaskEntries]; -} OT_TOOL_PACKED_END; + uint8_t mEntriesStart; +} OT_TOOL_PACKED_BEGIN; /** * Implements Energy List TLV generation and parsing. diff --git a/src/core/meshcop/panid_query_client.cpp b/src/core/meshcop/panid_query_client.cpp index 431e8c2fabe..01a3e9a3996 100644 --- a/src/core/meshcop/panid_query_client.cpp +++ b/src/core/meshcop/panid_query_client.cpp @@ -62,10 +62,9 @@ Error PanIdQueryClient::SendQuery(uint16_t aPanId, otCommissionerPanIdConflictCallback aCallback, void *aContext) { - Error error = kErrorNone; - MeshCoP::ChannelMaskTlv channelMask; - Tmf::MessageInfo messageInfo(GetInstance()); - Coap::Message *message = nullptr; + Error error = kErrorNone; + Tmf::MessageInfo messageInfo(GetInstance()); + Coap::Message *message = nullptr; VerifyOrExit(Get().IsActive(), error = kErrorInvalidState); VerifyOrExit((message = Get().NewPriorityMessage()) != nullptr, error = kErrorNoBufs); @@ -76,9 +75,7 @@ Error PanIdQueryClient::SendQuery(uint16_t aPanId, SuccessOrExit( error = Tlv::Append(*message, Get().GetSessionId())); - channelMask.Init(); - channelMask.SetChannelMask(aChannelMask); - SuccessOrExit(error = channelMask.AppendTo(*message)); + SuccessOrExit(error = MeshCoP::ChannelMaskTlv::AppendTo(*message, aChannelMask)); SuccessOrExit(error = Tlv::Append(*message, aPanId)); @@ -106,7 +103,7 @@ void PanIdQueryClient::HandleTmf(Coap::Message &aMessage, con SuccessOrExit(Tlv::Find(aMessage, panId)); - VerifyOrExit((mask = MeshCoP::ChannelMaskTlv::GetChannelMask(aMessage)) != 0); + SuccessOrExit(MeshCoP::ChannelMaskTlv::FindIn(aMessage, mask)); mCallback.InvokeIfSet(panId, mask); diff --git a/src/core/radio/radio.cpp b/src/core/radio/radio.cpp index bdc46bed339..bd9c8d83afa 100644 --- a/src/core/radio/radio.cpp +++ b/src/core/radio/radio.cpp @@ -36,6 +36,18 @@ namespace ot { +const uint8_t Radio::kSupportedChannelPages[kNumChannelPages] = { +#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT + kChannelPage0, +#endif +#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT + kChannelPage2, +#endif +#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT + OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE, +#endif +}; + #if OPENTHREAD_RADIO void Radio::Init(void) { diff --git a/src/core/radio/radio.hpp b/src/core/radio/radio.hpp index 3321abea47a..fb587563ed9 100644 --- a/src/core/radio/radio.hpp +++ b/src/core/radio/radio.hpp @@ -136,33 +136,33 @@ class Radio : public InstanceLocator, private NonCopyable static constexpr uint32_t kSymbolTime = OT_RADIO_SYMBOL_TIME; static constexpr uint8_t kSymbolsPerOctet = OT_RADIO_SYMBOLS_PER_OCTET; static constexpr uint32_t kPhyUsPerByte = kSymbolsPerOctet * kSymbolTime; + static constexpr uint8_t kChannelPage0 = OT_RADIO_CHANNEL_PAGE_0; + static constexpr uint8_t kChannelPage2 = OT_RADIO_CHANNEL_PAGE_2; #if (OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT && OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT) static constexpr uint16_t kNumChannelPages = 2; static constexpr uint32_t kSupportedChannels = OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK | OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; - static constexpr uint8_t kChannelMin = OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN; - static constexpr uint8_t kChannelMax = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MAX; - static constexpr uint32_t kSupportedChannelPages = OT_RADIO_CHANNEL_PAGE_0_MASK | OT_RADIO_CHANNEL_PAGE_2_MASK; + static constexpr uint8_t kChannelMin = OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN; + static constexpr uint8_t kChannelMax = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MAX; #elif OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT - static constexpr uint16_t kNumChannelPages = 1; - static constexpr uint32_t kSupportedChannels = OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK; - static constexpr uint8_t kChannelMin = OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN; - static constexpr uint8_t kChannelMax = OT_RADIO_915MHZ_OQPSK_CHANNEL_MAX; - static constexpr uint32_t kSupportedChannelPages = OT_RADIO_CHANNEL_PAGE_2_MASK; + static constexpr uint16_t kNumChannelPages = 1; + static constexpr uint32_t kSupportedChannels = OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK; + static constexpr uint8_t kChannelMin = OT_RADIO_915MHZ_OQPSK_CHANNEL_MIN; + static constexpr uint8_t kChannelMax = OT_RADIO_915MHZ_OQPSK_CHANNEL_MAX; #elif OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT - static constexpr uint16_t kNumChannelPages = 1; - static constexpr uint32_t kSupportedChannels = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; - static constexpr uint8_t kChannelMin = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MIN; - static constexpr uint8_t kChannelMax = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MAX; - static constexpr uint32_t kSupportedChannelPages = OT_RADIO_CHANNEL_PAGE_0_MASK; + static constexpr uint16_t kNumChannelPages = 1; + static constexpr uint32_t kSupportedChannels = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; + static constexpr uint8_t kChannelMin = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MIN; + static constexpr uint8_t kChannelMax = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MAX; #elif OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT - static constexpr uint16_t kNumChannelPages = 1; - static constexpr uint32_t kSupportedChannels = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK; - static constexpr uint8_t kChannelMin = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN; - static constexpr uint8_t kChannelMax = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MAX; - static constexpr uint32_t kSupportedChannelPages = (1 << OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE); + static constexpr uint16_t kNumChannelPages = 1; + static constexpr uint32_t kSupportedChannels = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK; + static constexpr uint8_t kChannelMin = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MIN; + static constexpr uint8_t kChannelMax = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MAX; #endif + static const uint8_t kSupportedChannelPages[kNumChannelPages]; + static constexpr int8_t kInvalidRssi = OT_RADIO_RSSI_INVALID; ///< Invalid RSSI value. static constexpr int8_t kDefaultReceiveSensitivity = -110; ///< Default receive sensitivity (in dBm). @@ -771,6 +771,63 @@ class Radio : public InstanceLocator, private NonCopyable */ Error GetRegion(uint16_t &aRegionCode) const { return otPlatRadioGetRegion(GetInstancePtr(), &aRegionCode); } + /** + * Indicates whether a given channel page is supported based on the current configurations. + * + * @param[in] aChannelPage The channel page to check. + * + * @retval TRUE The @p aChannelPage is supported by radio. + * @retval FALASE The @p aChannelPage is not supported by radio. + * + */ + static constexpr bool SupportsChannelPage(uint8_t aChannelPage) + { +#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT && OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT + return (aChannelPage == kChannelPage0) || (aChannelPage == kChannelPage2); +#elif OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT + return (aChannelPage == kChannelPage0); +#elif OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT + return (aChannelPage == kChannelPage2); +#elif OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT + return (aChannelPage == OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE); +#endif + } + + /** + * Returns the channel mask for a given channel page if supported by the radio. + * + * @param[in] aChannelPage The channel page. + * + * @returns The channel mask for @p aChannelPage if page is supported by the radio, otherwise zero. + * + */ + static uint32_t ChannelMaskForPage(uint8_t aChannelPage) + { + uint32_t mask = 0; + +#if OPENTHREAD_CONFIG_RADIO_2P4GHZ_OQPSK_SUPPORT + if (aChannelPage == kChannelPage0) + { + mask = OT_RADIO_2P4GHZ_OQPSK_CHANNEL_MASK; + } +#endif + +#if OPENTHREAD_CONFIG_RADIO_915MHZ_OQPSK_SUPPORT + if (aChannelPage == kChannelPage1) + { + mask = OT_RADIO_915MHZ_OQPSK_CHANNEL_MASK; + } +#endif + +#if OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_SUPPORT + if (aChannelPage == OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_PAGE) + { + mask = OPENTHREAD_CONFIG_PLATFORM_RADIO_PROPRIETARY_CHANNEL_MASK; + } +#endif + return mask; + } + private: otInstance *GetInstancePtr(void) const { return reinterpret_cast(&InstanceLocator::GetInstance()); } diff --git a/src/core/thread/announce_begin_server.cpp b/src/core/thread/announce_begin_server.cpp index 4db912dd2b4..b243d9015df 100644 --- a/src/core/thread/announce_begin_server.cpp +++ b/src/core/thread/announce_begin_server.cpp @@ -71,7 +71,7 @@ void AnnounceBeginServer::HandleTmf(Coap::Message &aMessage, uint16_t period; VerifyOrExit(aMessage.IsPostRequest()); - VerifyOrExit((mask = MeshCoP::ChannelMaskTlv::GetChannelMask(aMessage)) != 0); + SuccessOrExit(MeshCoP::ChannelMaskTlv::FindIn(aMessage, mask)); SuccessOrExit(Tlv::Find(aMessage, count)); SuccessOrExit(Tlv::Find(aMessage, period)); diff --git a/src/core/thread/energy_scan_server.cpp b/src/core/thread/energy_scan_server.cpp index c3901419ce3..25858058065 100644 --- a/src/core/thread/energy_scan_server.cpp +++ b/src/core/thread/energy_scan_server.cpp @@ -63,12 +63,11 @@ EnergyScanServer::EnergyScanServer(Instance &aInstance) template <> void EnergyScanServer::HandleTmf(Coap::Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { - uint8_t count; - uint16_t period; - uint16_t scanDuration; - uint32_t mask; - MeshCoP::Tlv tlv; - MeshCoP::ChannelMaskTlv channelMaskTlv; + uint8_t count; + uint16_t period; + uint16_t scanDuration; + uint32_t mask; + MeshCoP::Tlv tlv; VerifyOrExit(aMessage.IsPostRequest()); @@ -76,15 +75,13 @@ void EnergyScanServer::HandleTmf(Coap::Message &aMessage, const SuccessOrExit(Tlv::Find(aMessage, period)); SuccessOrExit(Tlv::Find(aMessage, scanDuration)); - VerifyOrExit((mask = MeshCoP::ChannelMaskTlv::GetChannelMask(aMessage)) != 0); + SuccessOrExit(MeshCoP::ChannelMaskTlv::FindIn(aMessage, mask)); FreeMessage(mReportMessage); mReportMessage = Get().NewPriorityConfirmablePostMessage(kUriEnergyReport); VerifyOrExit(mReportMessage != nullptr); - channelMaskTlv.Init(); - channelMaskTlv.SetChannelMask(mask); - SuccessOrExit(channelMaskTlv.AppendTo(*mReportMessage)); + SuccessOrExit(MeshCoP::ChannelMaskTlv::AppendTo(*mReportMessage, mask)); tlv.SetType(MeshCoP::Tlv::kEnergyList); SuccessOrExit(mReportMessage->Append(tlv)); diff --git a/src/core/thread/mle_tlvs.cpp b/src/core/thread/mle_tlvs.cpp index f3081e18ffc..f2098f175bf 100644 --- a/src/core/thread/mle_tlvs.cpp +++ b/src/core/thread/mle_tlvs.cpp @@ -125,8 +125,7 @@ bool ChannelTlvValue::IsValid(void) const bool isValid = false; uint16_t channel; - VerifyOrExit(mChannelPage < BitSizeOf(uint32_t)); - VerifyOrExit((1U << mChannelPage) & Radio::kSupportedChannelPages); + VerifyOrExit(Radio::SupportsChannelPage(mChannelPage)); channel = GetChannel(); VerifyOrExit((Radio::kChannelMin <= channel) && (channel <= Radio::kChannelMax)); diff --git a/src/core/thread/network_diagnostic.cpp b/src/core/thread/network_diagnostic.cpp index 634574bc2a9..37f68534cc6 100644 --- a/src/core/thread/network_diagnostic.cpp +++ b/src/core/thread/network_diagnostic.cpp @@ -322,12 +322,9 @@ Error Server::AppendDiagTlv(uint8_t aTlvType, Message &aMessage) tlv.Init(); - for (uint8_t page = 0; page < static_cast(BitSizeOf(Radio::kSupportedChannelPages)); page++) + for (uint8_t page : Radio::kSupportedChannelPages) { - if (Radio::kSupportedChannelPages & (1 << page)) - { - tlv.GetChannelPages()[length++] = page; - } + tlv.GetChannelPages()[length++] = page; } tlv.SetLength(length); diff --git a/src/core/thread/panid_query_server.cpp b/src/core/thread/panid_query_server.cpp index 19c40c40c28..cfa13996133 100644 --- a/src/core/thread/panid_query_server.cpp +++ b/src/core/thread/panid_query_server.cpp @@ -64,7 +64,7 @@ void PanIdQueryServer::HandleTmf(Coap::Message &aMessage, const uint32_t mask; VerifyOrExit(aMessage.IsPostRequest()); - VerifyOrExit((mask = MeshCoP::ChannelMaskTlv::GetChannelMask(aMessage)) != 0); + SuccessOrExit(MeshCoP::ChannelMaskTlv::FindIn(aMessage, mask)); SuccessOrExit(Tlv::Find(aMessage, panId)); @@ -105,17 +105,14 @@ void PanIdQueryServer::HandleScanResult(Mac::ActiveScanResult *aScanResult) void PanIdQueryServer::SendConflict(void) { - Error error = kErrorNone; - MeshCoP::ChannelMaskTlv channelMask; - Tmf::MessageInfo messageInfo(GetInstance()); - Coap::Message *message; + Error error = kErrorNone; + Tmf::MessageInfo messageInfo(GetInstance()); + Coap::Message *message; message = Get().NewPriorityConfirmablePostMessage(kUriPanIdConflict); VerifyOrExit(message != nullptr, error = kErrorNoBufs); - channelMask.Init(); - channelMask.SetChannelMask(mChannelMask); - SuccessOrExit(error = channelMask.AppendTo(*message)); + SuccessOrExit(error = MeshCoP::ChannelMaskTlv::AppendTo(*message, mChannelMask)); SuccessOrExit(error = Tlv::Append(*message, mPanId)); From 001b01ee32d98ffe3c65ced50440c22116e0b7ed Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 5 Dec 2023 13:22:29 -0800 Subject: [PATCH 013/121] [mesh-forwarder] finalize message direct tx on drop or eviction (#9682) This commit adds `FinalizeMessageDirectTx()`, which clears the `DirectTx` flag on a given message, updates the IPv6 counter, and signals other modules about the transmission status(particularly for `MleDiscoverRequest` and `MleChildIdRequest` messages so their internal state can be updated). This commit ensures `FinalizeMessageDirectTx()` is called in various scenarios: - Successful message delivery (all fragments reach destination). - Any fragment transmission failure (frame tx failure) - Message drop due to address query failure or malformed message. - Message drop by queue management. - Message eviction to prioritize higher-priority messages. This commit also updates `DiscoverScanner` to stop an ongoing discover scan if the "MLE Discover Request" message transmission fails with error other than CSMA error. This is necessary because the `DiscoverScanner` reuses the same `Message` instance for tx on different scan channels. If the `Message` is freed (e.g., evicted), the `Message` cannot be reused. Finally, this commit renames `RemoveMessage()` to `EvictMessage()` to clarify the purpose and usage of this method. --- src/core/thread/discover_scanner.cpp | 33 +++++++++----- src/core/thread/discover_scanner.hpp | 2 +- src/core/thread/mesh_forwarder.cpp | 59 ++++++++++++++++---------- src/core/thread/mesh_forwarder.hpp | 3 +- src/core/thread/mesh_forwarder_ftd.cpp | 4 +- src/core/thread/mesh_forwarder_mtd.cpp | 2 +- 6 files changed, 67 insertions(+), 36 deletions(-) diff --git a/src/core/thread/discover_scanner.cpp b/src/core/thread/discover_scanner.cpp index 2425e1e3afe..e3c337cd30c 100644 --- a/src/core/thread/discover_scanner.cpp +++ b/src/core/thread/discover_scanner.cpp @@ -205,7 +205,7 @@ Mac::TxFrame *DiscoverScanner::PrepareDiscoveryRequestFrame(Mac::TxFrame &aFrame return frame; } -void DiscoverScanner::HandleDiscoveryRequestFrameTxDone(Message &aMessage) +void DiscoverScanner::HandleDiscoveryRequestFrameTxDone(Message &aMessage, Error aError) { switch (mState) { @@ -213,15 +213,28 @@ void DiscoverScanner::HandleDiscoveryRequestFrameTxDone(Message &aMessage) break; case kStateScanning: - // Mark the Discovery Request message for direct tx to ensure it - // is not dequeued and freed by `MeshForwarder` and is ready for - // the next scan channel. Also pause message tx on `MeshForwarder` - // while listening to receive Discovery Responses. - aMessage.SetDirectTransmission(); - aMessage.SetTimestampToNow(); - Get().PauseMessageTransmissions(); - mTimer.Start(kDefaultScanDuration); - break; + if ((aError == kErrorNone) || (aError == kErrorChannelAccessFailure)) + { + // Mark the Discovery Request message for direct tx to ensure it + // is not dequeued and freed by `MeshForwarder` and is ready for + // the next scan channel. Also pause message tx on `MeshForwarder` + // while listening to receive Discovery Responses. + aMessage.SetDirectTransmission(); + aMessage.SetTimestampToNow(); + Get().PauseMessageTransmissions(); + mTimer.Start(kDefaultScanDuration); + break; + } + + // If we encounter other error failures (e.g., `kErrorDrop` due + // to queue management dropping the message or if message being + // evicted), `aMessage` may be immediately freed. This prevents + // us from reusing it to request a scan on the next scan channel. + // As a result, we stop the scan operation in such cases. + + mState = kStateScanDone; + + OT_FALL_THROUGH; case kStateScanDone: HandleDiscoverComplete(); diff --git a/src/core/thread/discover_scanner.hpp b/src/core/thread/discover_scanner.hpp index d9bdd13aaf5..4753802eb08 100644 --- a/src/core/thread/discover_scanner.hpp +++ b/src/core/thread/discover_scanner.hpp @@ -165,7 +165,7 @@ class DiscoverScanner : public InstanceLocator, private NonCopyable // Methods used by `MeshForwarder` Mac::TxFrame *PrepareDiscoveryRequestFrame(Mac::TxFrame &aFrame); - void HandleDiscoveryRequestFrameTxDone(Message &aMessage); + void HandleDiscoveryRequestFrameTxDone(Message &aMessage, Error aError); void Stop(void) { HandleDiscoverComplete(); } // Methods used from `Mle` diff --git a/src/core/thread/mesh_forwarder.cpp b/src/core/thread/mesh_forwarder.cpp index 4355447f24f..df1aa2504ca 100644 --- a/src/core/thread/mesh_forwarder.cpp +++ b/src/core/thread/mesh_forwarder.cpp @@ -202,7 +202,7 @@ void MeshForwarder::PrepareEmptyFrame(Mac::TxFrame &aFrame, const Mac::Address & aFrame.SetPayloadLength(0); } -void MeshForwarder::RemoveMessage(Message &aMessage) +void MeshForwarder::EvictMessage(Message &aMessage) { PriorityQueue *queue = aMessage.GetPriorityQueue(); @@ -217,6 +217,8 @@ void MeshForwarder::RemoveMessage(Message &aMessage) } #endif + FinalizeMessageDirectTx(aMessage, kErrorNoBufs); + if (mSendMessage == &aMessage) { mSendMessage = nullptr; @@ -387,7 +389,7 @@ Error MeshForwarder::UpdateEcnOrDrop(Message &aMessage, bool aPreparingToSend) mTxQueueStats.UpdateFor(aMessage); #endif LogMessage(kMessageQueueMgmtDrop, aMessage); - aMessage.ClearDirectTransmission(); + FinalizeMessageDirectTx(aMessage, kErrorDrop); RemoveMessageIfNoPendingTx(aMessage); } @@ -518,7 +520,7 @@ void MeshForwarder::ApplyDirectTxQueueLimit(Message &aMessage) #endif LogMessage(kMessageFullQueueDrop, aMessage); - aMessage.ClearDirectTransmission(); + FinalizeMessageDirectTx(aMessage, kErrorDrop); RemoveMessageIfNoPendingTx(aMessage); exit: @@ -642,6 +644,7 @@ Message *MeshForwarder::PrepareNextDirectTransmission(void) mTxQueueStats.UpdateFor(*curMessage); #endif LogMessage(kMessageDrop, *curMessage, error); + FinalizeMessageDirectTx(*curMessage, error); mSendQueue.DequeueAndFree(*curMessage); continue; } @@ -1261,9 +1264,6 @@ void MeshForwarder::UpdateSendMessage(Error aFrameTxError, Mac::Address &aMacDes txError = aFrameTxError; - mSendMessage->ClearDirectTransmission(); - mSendMessage->SetOffset(0); - if (aNeighbor != nullptr) { aNeighbor->GetLinkInfo().AddMessageTxStatus(mSendMessage->GetTxSuccess()); @@ -1289,39 +1289,54 @@ void MeshForwarder::UpdateSendMessage(Error aFrameTxError, Mac::Address &aMacDes #endif LogMessage(kMessageTransmit, *mSendMessage, txError, &aMacDest); + FinalizeMessageDirectTx(*mSendMessage, txError); + RemoveMessageIfNoPendingTx(*mSendMessage); + +exit: + mScheduleTransmissionTask.Post(); +} - if (mSendMessage->GetType() == Message::kTypeIp6) +void MeshForwarder::FinalizeMessageDirectTx(Message &aMessage, Error aError) +{ + // Finalizes the direct transmission of `aMessage`. This can be + // triggered by successful delivery (all fragments reaching the + // destination), failure of any fragment, queue management + // dropping the message, or eviction of message to accommodate + // higher priority messages. + + VerifyOrExit(aMessage.IsDirectTransmission()); + + aMessage.ClearDirectTransmission(); + aMessage.SetOffset(0); + + if (aError != kErrorNone) { - if (mSendMessage->GetTxSuccess()) - { - mIpCounters.mTxSuccess++; - } - else - { - mIpCounters.mTxFailure++; - } + aMessage.SetTxSuccess(false); + } + + if (aMessage.GetType() == Message::kTypeIp6) + { + aMessage.GetTxSuccess() ? mIpCounters.mTxSuccess++ : mIpCounters.mTxFailure++; } - switch (mSendMessage->GetSubType()) + switch (aMessage.GetSubType()) { case Message::kSubTypeMleDiscoverRequest: // Note that `HandleDiscoveryRequestFrameTxDone()` may update - // `mSendMessage` and mark it again for direct transmission. - Get().HandleDiscoveryRequestFrameTxDone(*mSendMessage); + // `aMessage` and mark it again for direct transmission. + Get().HandleDiscoveryRequestFrameTxDone(aMessage, aError); break; case Message::kSubTypeMleChildIdRequest: - Get().HandleChildIdRequestTxDone(*mSendMessage); + Get().HandleChildIdRequestTxDone(aMessage); break; default: break; } - RemoveMessageIfNoPendingTx(*mSendMessage); - exit: - mScheduleTransmissionTask.Post(); + return; } bool MeshForwarder::RemoveMessageIfNoPendingTx(Message &aMessage) diff --git a/src/core/thread/mesh_forwarder.hpp b/src/core/thread/mesh_forwarder.hpp index c27029d32fb..a640004f9ab 100644 --- a/src/core/thread/mesh_forwarder.hpp +++ b/src/core/thread/mesh_forwarder.hpp @@ -552,7 +552,7 @@ class MeshForwarder : public InstanceLocator, private NonCopyable Message::Priority aPriority); Error HandleDatagram(Message &aMessage, const ThreadLinkInfo &aLinkInfo, const Mac::Address &aMacSource); void ClearReassemblyList(void); - void RemoveMessage(Message &aMessage); + void EvictMessage(Message &aMessage); void HandleDiscoverComplete(void); void HandleReceivedFrame(Mac::RxFrame &aFrame); @@ -564,6 +564,7 @@ class MeshForwarder : public InstanceLocator, private NonCopyable void UpdateNeighborLinkFailures(Neighbor &aNeighbor, Error aError, bool aAllowNeighborRemove, uint8_t aFailLimit); void HandleSentFrame(Mac::TxFrame &aFrame, Error aError); void UpdateSendMessage(Error aFrameTxError, Mac::Address &aMacDest, Neighbor *aNeighbor); + void FinalizeMessageDirectTx(Message &aMessage, Error aError); bool RemoveMessageIfNoPendingTx(Message &aMessage); void HandleTimeTick(void); diff --git a/src/core/thread/mesh_forwarder_ftd.cpp b/src/core/thread/mesh_forwarder_ftd.cpp index 4001bbeb518..e91ceb19de3 100644 --- a/src/core/thread/mesh_forwarder_ftd.cpp +++ b/src/core/thread/mesh_forwarder_ftd.cpp @@ -165,6 +165,7 @@ void MeshForwarder::HandleResolved(const Ip6::Address &aEid, Error aError) if (aError != kErrorNone) { LogMessage(kMessageDrop, message, kErrorAddressQuery); + FinalizeMessageDirectTx(message, kErrorAddressQuery); mSendQueue.DequeueAndFree(message); continue; } @@ -259,7 +260,7 @@ Error MeshForwarder::EvictMessage(Message::Priority aPriority) exit: if ((error == kErrorNone) && (evict != nullptr)) { - RemoveMessage(*evict); + EvictMessage(*evict); } return error; @@ -342,6 +343,7 @@ void MeshForwarder::RemoveDataResponseMessages(void) } LogMessage(kMessageDrop, message); + FinalizeMessageDirectTx(message, kErrorDrop); mSendQueue.DequeueAndFree(message); } } diff --git a/src/core/thread/mesh_forwarder_mtd.cpp b/src/core/thread/mesh_forwarder_mtd.cpp index b88c773cde1..2bdca2b044f 100644 --- a/src/core/thread/mesh_forwarder_mtd.cpp +++ b/src/core/thread/mesh_forwarder_mtd.cpp @@ -68,7 +68,7 @@ Error MeshForwarder::EvictMessage(Message::Priority aPriority) if (message->GetPriority() < static_cast(aPriority)) { - RemoveMessage(*message); + EvictMessage(*message); ExitNow(error = kErrorNone); } From 8e1ce4bd4a5eba0ab68ed93495f45abf3eddd58b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20Bida?= Date: Wed, 6 Dec 2023 23:41:09 +0100 Subject: [PATCH 014/121] [secure-transport] rename `HandleUdpReceive` to `HandleReceive` (#9686) This commit documents `HandleReceive` previously called `HandleUdpReceive`. --- src/core/coap/coap_secure.hpp | 2 +- src/core/meshcop/secure_transport.cpp | 8 ++++---- src/core/meshcop/secure_transport.hpp | 14 +++++++++++--- src/core/radio/ble_secure.cpp | 2 +- 4 files changed, 17 insertions(+), 9 deletions(-) diff --git a/src/core/coap/coap_secure.hpp b/src/core/coap/coap_secure.hpp index 50a1d452161..21255dfe996 100644 --- a/src/core/coap/coap_secure.hpp +++ b/src/core/coap/coap_secure.hpp @@ -382,7 +382,7 @@ class CoapSecure : public CoapBase */ void HandleUdpReceive(ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { - return mDtls.HandleUdpReceive(aMessage, aMessageInfo); + return mDtls.HandleReceive(aMessage, aMessageInfo); } /** diff --git a/src/core/meshcop/secure_transport.cpp b/src/core/meshcop/secure_transport.cpp index 945f701c6b0..886dd96866a 100644 --- a/src/core/meshcop/secure_transport.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -144,7 +144,7 @@ Error SecureTransport::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aCo VerifyOrExit(mState == kStateClosed, error = kErrorAlready); - SuccessOrExit(error = mSocket.Open(&SecureTransport::HandleUdpReceive, this)); + SuccessOrExit(error = mSocket.Open(&SecureTransport::HandleReceive, this)); mConnectedCallback.Set(aConnectedHandler, aContext); mReceiveCallback.Set(aReceiveHandler, aContext); @@ -169,12 +169,12 @@ Error SecureTransport::Connect(const Ip6::SockAddr &aSockAddr) return error; } -void SecureTransport::HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo) +void SecureTransport::HandleReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo) { - static_cast(aContext)->HandleUdpReceive(AsCoreType(aMessage), AsCoreType(aMessageInfo)); + static_cast(aContext)->HandleReceive(AsCoreType(aMessage), AsCoreType(aMessageInfo)); } -void SecureTransport::HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo) +void SecureTransport::HandleReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { switch (mState) { diff --git a/src/core/meshcop/secure_transport.hpp b/src/core/meshcop/secure_transport.hpp index ef51f5e28cf..7ac4b4fc106 100644 --- a/src/core/meshcop/secure_transport.hpp +++ b/src/core/meshcop/secure_transport.hpp @@ -435,7 +435,15 @@ class SecureTransport : public InstanceLocator */ const Ip6::MessageInfo &GetMessageInfo(void) const { return mMessageInfo; } - void HandleUdpReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo); + /** + * Checks and handles a received message provided to the SecureTransport object. If checks based on + * the message info and current connection state pass, the message is processed. + * + * @param[in] aMessage A reference to the message to receive. + * @param[in] aMessageInfo A reference to the message info associated with @p aMessage. + * + */ + void HandleReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo); private: enum State : uint8_t @@ -530,9 +538,9 @@ class SecureTransport : public InstanceLocator static void HandleTimer(Timer &aTimer); void HandleTimer(void); - static void HandleUdpReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo); + static void HandleReceive(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo); - void HandleSecureTransportReceive(const uint8_t *aBuf, uint16_t aLength); + void HandleReceive(const uint8_t *aBuf, uint16_t aLength); Error HandleSecureTransportSend(const uint8_t *aBuf, uint16_t aLength, Message::SubType aMessageSubType); void Process(void); diff --git a/src/core/radio/ble_secure.cpp b/src/core/radio/ble_secure.cpp index fe0a6f5c3c3..5e5224468c6 100644 --- a/src/core/radio/ble_secure.cpp +++ b/src/core/radio/ble_secure.cpp @@ -253,7 +253,7 @@ Error BleSecure::HandleBleReceive(uint8_t *aBuf, uint16_t aLength) SuccessOrExit(error = message->AppendBytes(aBuf, aLength)); // Cannot call Receive(..) directly because Setup(..) and mState are private - mTls.HandleUdpReceive(*message, messageInfo); + mTls.HandleReceive(*message, messageInfo); exit: FreeMessage(message); From 6e7135e4e1f81378908e1e1bb341f049d9796527 Mon Sep 17 00:00:00 2001 From: parag-silabs <111579455+parag-silabs@users.noreply.github.com> Date: Wed, 6 Dec 2023 17:42:37 -0500 Subject: [PATCH 015/121] [spinel] make `kTxWaitUs` configurable during compile time (#9687) It is useful in case RCP needs to wait for longer than the hardcoded value in kTxWaitUs. --- etc/cmake/options.cmake | 1 + script/check-scan-build | 1 + script/cmake-build | 1 + src/lib/spinel/openthread-spinel-config.h | 10 ++++++++++ src/lib/spinel/radio_spinel.hpp | 7 +++++-- 5 files changed, 18 insertions(+), 2 deletions(-) diff --git a/etc/cmake/options.cmake b/etc/cmake/options.cmake index 45e079dc529..b308283f9d9 100644 --- a/etc/cmake/options.cmake +++ b/etc/cmake/options.cmake @@ -322,6 +322,7 @@ ot_multi_option(OT_POWER_SUPPLY OT_POWER_SUPPLY_VALUES OPENTHREAD_CONFIG_DEVICE_ ot_int_option(OT_MLE_MAX_CHILDREN OPENTHREAD_CONFIG_MLE_MAX_CHILDREN "set maximum number of children") ot_int_option(OT_RCP_RESTORATION_MAX_COUNT OPENTHREAD_SPINEL_CONFIG_RCP_RESTORATION_MAX_COUNT "set max RCP restoration count") +ot_int_option(OT_RCP_TX_WAIT_TIME_SECS OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME_SECS "set RCP TX wait TIME in seconds") # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/script/check-scan-build b/script/check-scan-build index ef723faad8a..7e6ad30ff55 100755 --- a/script/check-scan-build +++ b/script/check-scan-build @@ -69,6 +69,7 @@ OT_BUILD_OPTIONS=( "-DOT_PING_SENDER=ON" "-DOT_PLATFORM=external" "-DOT_RCP_RESTORATION_MAX_COUNT=2" + "-DOT_RCP_TX_WAIT_TIME_SECS=5" "-DOT_REFERENCE_DEVICE=ON" "-DOT_SERVICE=ON" "-DOT_SLAAC=ON" diff --git a/script/cmake-build b/script/cmake-build index e457bfcd1fd..5ed2e4e4bc3 100755 --- a/script/cmake-build +++ b/script/cmake-build @@ -102,6 +102,7 @@ OT_POSIX_SIM_COMMON_OPTIONS=( "-DOT_NETDIAG_CLIENT=ON" "-DOT_PING_SENDER=ON" "-DOT_RCP_RESTORATION_MAX_COUNT=2" + "-DOT_RCP_TX_WAIT_TIME_SECS=5" "-DOT_REFERENCE_DEVICE=ON" "-DOT_SERVICE=ON" "-DOT_SNTP_CLIENT=ON" diff --git a/src/lib/spinel/openthread-spinel-config.h b/src/lib/spinel/openthread-spinel-config.h index 231a8683898..ef6d5abd249 100644 --- a/src/lib/spinel/openthread-spinel-config.h +++ b/src/lib/spinel/openthread-spinel-config.h @@ -109,4 +109,14 @@ #define OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER "lib/spinel/example_vendor_hook.hpp" #endif +/** + * @def OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME_SECS + * + * Defines the Tx wait duration in seconds. + * + */ +#ifndef OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME_SECS +#define OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME_SECS 5 +#endif + #endif // OPENTHREAD_SPINEL_CONFIG_H_ diff --git a/src/lib/spinel/radio_spinel.hpp b/src/lib/spinel/radio_spinel.hpp index bc0774d327e..dcac23e9e9f 100644 --- a/src/lib/spinel/radio_spinel.hpp +++ b/src/lib/spinel/radio_spinel.hpp @@ -1105,9 +1105,12 @@ class RadioSpinel kStateTransmitDone, ///< Radio indicated frame transmission is done. }; - static constexpr uint32_t kUsPerMs = 1000; ///< Microseconds per millisecond. + static constexpr uint32_t kUsPerMs = 1000; ///< Microseconds per millisecond. + static constexpr uint32_t kMsPerSec = 1000; ///< Milliseconds per second. + static constexpr uint32_t kUsPerSec = kUsPerMs * kMsPerSec; ///< Microseconds per second. static constexpr uint64_t kTxWaitUs = - 5000000; ///< Maximum time of waiting for `TransmitDone` event, in microseconds. + OPENTHREAD_SPINEL_CONFIG_RCP_TX_WAIT_TIME_SECS * + kUsPerSec; ///< Maximum time of waiting for `TransmitDone` event, in microseconds. typedef otError (RadioSpinel::*ResponseHandler)(const uint8_t *aBuffer, uint16_t aLength); From 76d0c6e6c5e470100f8e09ea0b65906535878e44 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 6 Dec 2023 14:46:16 -0800 Subject: [PATCH 016/121] [coap] remove duplicate method for setting `ConnectedCallback` (#9691) This commit removes `CoapSecure::SetClientConnectedCallback()` which is the same as `SetConnectedCallback()`. --- src/core/api/coap_secure_api.cpp | 2 +- src/core/coap/coap_secure.hpp | 12 ------------ 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/src/core/api/coap_secure_api.cpp b/src/core/api/coap_secure_api.cpp index 86f76b4c948..2ba31a26242 100644 --- a/src/core/api/coap_secure_api.cpp +++ b/src/core/api/coap_secure_api.cpp @@ -171,7 +171,7 @@ void otCoapSecureSetClientConnectedCallback(otInstance *aIns otHandleCoapSecureClientConnect aHandler, void *aContext) { - AsCoreType(aInstance).GetApplicationCoapSecure().SetClientConnectedCallback(aHandler, aContext); + AsCoreType(aInstance).GetApplicationCoapSecure().SetConnectedCallback(aHandler, aContext); } void otCoapSecureSetDefaultHandler(otInstance *aInstance, otCoapRequestHandler aHandler, void *aContext) diff --git a/src/core/coap/coap_secure.hpp b/src/core/coap/coap_secure.hpp index 21255dfe996..e34ce89ea7c 100644 --- a/src/core/coap/coap_secure.hpp +++ b/src/core/coap/coap_secure.hpp @@ -258,18 +258,6 @@ class CoapSecure : public CoapBase } #endif // defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /** - * Sets the connected callback to indicate, when a Client connect to the CoAP Secure server. - * - * @param[in] aCallback A pointer to a function that will be called once DTLS connection is established. - * @param[in] aContext A pointer to arbitrary context information. - * - */ - void SetClientConnectedCallback(ConnectedCallback aCallback, void *aContext) - { - mConnectedCallback.Set(aCallback, aContext); - } - /** * Sets the authentication mode for the CoAP secure connection. It disables or enables the verification * of peer certificate. From 97af6640363e8d339431cff6b7ae1c169ee92802 Mon Sep 17 00:00:00 2001 From: whd <7058128+superwhd@users.noreply.github.com> Date: Thu, 7 Dec 2023 12:57:00 +0800 Subject: [PATCH 017/121] [tests] reduce flakiness of `test_publish_meshcop_service.py` (#9690) --- .../thread-cert/border_router/test_publish_meshcop_service.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/thread-cert/border_router/test_publish_meshcop_service.py b/tests/scripts/thread-cert/border_router/test_publish_meshcop_service.py index d0dafad0a33..67567946e27 100755 --- a/tests/scripts/thread-cert/border_router/test_publish_meshcop_service.py +++ b/tests/scripts/thread-cert/border_router/test_publish_meshcop_service.py @@ -105,6 +105,7 @@ def test(self): br1.set_active_dataset(updateExisting=True, network_name='ot-br1-1') br1.start() self.simulator.go(config.BORDER_ROUTER_STARTUP_DELAY) + self.simulator.go(5) # Needs to wait extra some time to update meshcop service on state changes. self.check_meshcop_service(br1, host) # verify that there are two meshcop services @@ -147,6 +148,7 @@ def test(self): } br1.set_active_dataset(**dataset) + self.simulator.go(10) self.assertEqual(len(host.browse_mdns_services('_meshcop._udp')), 2) self.check_meshcop_service(br1, host) From 5318d421cf9e17bfac4cafbed0e13807dba8153b Mon Sep 17 00:00:00 2001 From: Nouman Bashir <152987466+nbashirfr@users.noreply.github.com> Date: Thu, 7 Dec 2023 06:28:42 +0100 Subject: [PATCH 018/121] [mle] fix uninitialized `mLinkRequestAttempts` (#9689) mLinkRequestAttempts is not initialized to zero causing it to get a random value during power cycle. This causes MTD thread device to send linkrequest after power cycle. Create a thread network with two devices with DUT with mode rn. Reset both devices simultaneously, enable leader and then child device (DUT). Because class member variable mLinkRequestAttempts is not initialized to zero during initialization, it will get random value, and value greater than zero will lead to send a link request message which should not be the case for a MTD device. --- src/core/thread/mle.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/core/thread/mle.cpp b/src/core/thread/mle.cpp index cad9cacd3ab..8910c35d598 100644 --- a/src/core/thread/mle.cpp +++ b/src/core/thread/mle.cpp @@ -92,6 +92,9 @@ Mle::Mle(Instance &aInstance) , mDataRequestAttempts(0) , mAnnounceChannel(0) , mAlternateChannel(0) +#if OPENTHREAD_FTD + , mLinkRequestAttempts(0) +#endif , mRloc16(Mac::kShortAddrInvalid) , mPreviousParentRloc(Mac::kShortAddrInvalid) , mAttachCounter(0) From bf9944887df4efb329b16e44004298e212b246f8 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 7 Dec 2023 08:50:08 -0800 Subject: [PATCH 019/121] [secure-transport] add `SetState()` and log state changes (#9692) This commit adds `SetState()` in `SecureTransport` class which also logs the state changes. New helper methods `IsState{}()` is also added to simplify the code. --- src/core/meshcop/secure_transport.cpp | 105 ++++++++++++++++---------- src/core/meshcop/secure_transport.hpp | 14 ++++ 2 files changed, 79 insertions(+), 40 deletions(-) diff --git a/src/core/meshcop/secure_transport.cpp b/src/core/meshcop/secure_transport.cpp index 886dd96866a..480456e696b 100644 --- a/src/core/meshcop/secure_transport.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -138,17 +138,28 @@ void SecureTransport::FreeMbedtls(void) mbedtls_ssl_free(&mSsl); } +void SecureTransport::SetState(State aState) +{ + VerifyOrExit(mState != aState); + + LogInfo("State: %s -> %s", StateToString(mState), StateToString(aState)); + mState = aState; + +exit: + return; +} + Error SecureTransport::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHandler, void *aContext) { Error error; - VerifyOrExit(mState == kStateClosed, error = kErrorAlready); + VerifyOrExit(IsStateClosed(), error = kErrorAlready); SuccessOrExit(error = mSocket.Open(&SecureTransport::HandleReceive, this)); mConnectedCallback.Set(aConnectedHandler, aContext); mReceiveCallback.Set(aReceiveHandler, aContext); - mState = kStateOpen; + SetState(kStateOpen); exit: return error; @@ -158,7 +169,7 @@ Error SecureTransport::Connect(const Ip6::SockAddr &aSockAddr) { Error error; - VerifyOrExit(mState == kStateOpen, error = kErrorInvalidState); + VerifyOrExit(IsStateOpen(), error = kErrorInvalidState); mMessageInfo.SetPeerAddr(aSockAddr.GetAddress()); mMessageInfo.SetPeerPort(aSockAddr.mPort); @@ -176,12 +187,10 @@ void SecureTransport::HandleReceive(void *aContext, otMessage *aMessage, const o void SecureTransport::HandleReceive(Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { - switch (mState) - { - case SecureTransport::kStateClosed: - ExitNow(); + VerifyOrExit(!IsStateClosed()); - case SecureTransport::kStateOpen: + if (IsStateOpen()) + { IgnoreError(mSocket.Connect(Ip6::SockAddr(aMessageInfo.GetPeerAddr(), aMessageInfo.GetPeerPort()))); mMessageInfo.SetPeerAddr(aMessageInfo.GetPeerAddr()); @@ -196,17 +205,16 @@ void SecureTransport::HandleReceive(Message &aMessage, const Ip6::MessageInfo &a mMessageInfo.SetSockPort(aMessageInfo.GetSockPort()); SuccessOrExit(Setup(false)); - break; - - default: + } + else + { // Once DTLS session is started, communicate only with a peer. VerifyOrExit((mMessageInfo.GetPeerAddr() == aMessageInfo.GetPeerAddr()) && (mMessageInfo.GetPeerPort() == aMessageInfo.GetPeerPort())); - break; } #ifdef MBEDTLS_SSL_SRV_C - if (mState == SecureTransport::kStateConnecting) + if (IsStateConnecting()) { IgnoreError(SetClientId(mMessageInfo.GetPeerAddr().mFields.m8, sizeof(mMessageInfo.GetPeerAddr().mFields))); } @@ -224,7 +232,7 @@ Error SecureTransport::Bind(uint16_t aPort) { Error error; - VerifyOrExit(mState == kStateOpen, error = kErrorInvalidState); + VerifyOrExit(IsStateOpen(), error = kErrorInvalidState); VerifyOrExit(!mTransportCallback.IsSet(), error = kErrorAlready); SuccessOrExit(error = mSocket.Bind(aPort, Ip6::kNetifUnspecified)); @@ -237,7 +245,7 @@ Error SecureTransport::Bind(TransportCallback aCallback, void *aContext) { Error error = kErrorNone; - VerifyOrExit(mState == kStateOpen, error = kErrorInvalidState); + VerifyOrExit(IsStateOpen(), error = kErrorInvalidState); VerifyOrExit(!mSocket.IsBound(), error = kErrorAlready); VerifyOrExit(!mTransportCallback.IsSet(), error = kErrorAlready); @@ -252,9 +260,9 @@ Error SecureTransport::Setup(bool aClient) int rval; // do not handle new connection before guard time expired - VerifyOrExit(mState == kStateOpen, rval = MBEDTLS_ERR_SSL_TIMEOUT); + VerifyOrExit(IsStateOpen(), rval = MBEDTLS_ERR_SSL_TIMEOUT); - mState = kStateInitializing; + SetState(kStateInitializing); mbedtls_ssl_init(&mSsl); mbedtls_ssl_config_init(&mConf); @@ -361,7 +369,6 @@ Error SecureTransport::Setup(bool aClient) mReceiveMessage = nullptr; mMessageSubType = Message::kSubTypeNone; - mState = kStateConnecting; if (mCipherSuites[0] == MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8) { @@ -374,14 +381,14 @@ Error SecureTransport::Setup(bool aClient) } #endif - mState = kStateConnecting; + SetState(kStateConnecting); Process(); exit: - if ((mState == kStateInitializing) && (rval != 0)) + if (IsStateInitializing() && (rval != 0)) { - mState = kStateOpen; + SetState(kStateOpen); FreeMbedtls(); } @@ -453,7 +460,7 @@ void SecureTransport::Close(void) { Disconnect(); - mState = kStateClosed; + SetState(kStateClosed); mTimerSet = false; mTransportCallback.Clear(); @@ -463,10 +470,10 @@ void SecureTransport::Close(void) void SecureTransport::Disconnect(void) { - VerifyOrExit(mState == kStateConnecting || mState == kStateConnected); + VerifyOrExit(IsStateConnectingOrConnected()); mbedtls_ssl_close_notify(&mSsl); - mState = kStateCloseNotify; + SetState(kStateCloseNotify); mTimer.Start(kGuardTimeNewConnectionMilli); mMessageInfo.Clear(); @@ -561,7 +568,7 @@ Error SecureTransport::GetPeerCertificateBase64(unsigned char *aPeerCert, size_t { Error error = kErrorNone; - VerifyOrExit(mState == kStateConnected, error = kErrorInvalidState); + VerifyOrExit(IsStateConnected(), error = kErrorInvalidState); #if (MBEDTLS_VERSION_NUMBER >= 0x03010000) VerifyOrExit(mbedtls_base64_encode(aPeerCert, aCertBufferSize, aCertLength, @@ -1004,22 +1011,15 @@ void SecureTransport::HandleTimer(Timer &aTimer) void SecureTransport::HandleTimer(void) { - switch (mState) + if (IsStateConnectingOrConnected()) { - case kStateConnecting: - case kStateConnected: Process(); - break; - - case kStateCloseNotify: - mState = kStateOpen; + } + else if (IsStateCloseNotify()) + { + SetState(kStateOpen); mTimer.Stop(); mConnectedCallback.InvokeIfSet(false); - break; - - default: - OT_ASSERT(false); - OT_UNREACHABLE_CODE(break); } } @@ -1029,15 +1029,15 @@ void SecureTransport::Process(void) bool shouldDisconnect = false; int rval; - while ((mState == kStateConnecting) || (mState == kStateConnected)) + while (IsStateConnectingOrConnected()) { - if (mState == kStateConnecting) + if (IsStateConnecting()) { rval = mbedtls_ssl_handshake(&mSsl); if (mSsl.MBEDTLS_PRIVATE(state) == MBEDTLS_SSL_HANDSHAKE_OVER) { - mState = kStateConnected; + SetState(kStateConnected); mConnectedCallback.InvokeIfSet(true); } } @@ -1174,6 +1174,31 @@ Error SecureTransport::HandleSecureTransportSend(const uint8_t *aBuf, return error; } +#if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_INFO) + +const char *SecureTransport::StateToString(State aState) +{ + static const char *const kStateStrings[] = { + "Closed", // (0) kStateClosed + "Open", // (1) kStateOpen + "Initializing", // (2) kStateInitializing + "Connecting", // (3) kStateConnecting + "Connected", // (4) kStateConnected + "CloseNotify", // (5) kStateCloseNotify + }; + + static_assert(0 == kStateClosed, "kStateClosed valid is incorrect"); + static_assert(1 == kStateOpen, "kStateOpen valid is incorrect"); + static_assert(2 == kStateInitializing, "kStateInitializing valid is incorrect"); + static_assert(3 == kStateConnecting, "kStateConnecting valid is incorrect"); + static_assert(4 == kStateConnected, "kStateConnected valid is incorrect"); + static_assert(5 == kStateCloseNotify, "kStateCloseNotify valid is incorrect"); + + return kStateStrings[aState]; +} + +#endif + } // namespace MeshCoP } // namespace ot diff --git a/src/core/meshcop/secure_transport.hpp b/src/core/meshcop/secure_transport.hpp index 7ac4b4fc106..ddeb13a8c97 100644 --- a/src/core/meshcop/secure_transport.hpp +++ b/src/core/meshcop/secure_transport.hpp @@ -71,6 +71,7 @@ #include "common/callback.hpp" #include "common/locator.hpp" +#include "common/log.hpp" #include "common/message.hpp" #include "common/random.hpp" #include "common/timer.hpp" @@ -467,6 +468,15 @@ class SecureTransport : public InstanceLocator static constexpr size_t kSecureTransportKeyBlockSize = 40; static constexpr size_t kSecureTransportRandomBufferSize = 32; + bool IsStateClosed(void) const { return mState == kStateClosed; } + bool IsStateOpen(void) const { return mState == kStateOpen; } + bool IsStateInitializing(void) const { return mState == kStateInitializing; } + bool IsStateConnecting(void) const { return mState == kStateConnecting; } + bool IsStateConnected(void) const { return mState == kStateConnected; } + bool IsStateCloseNotify(void) const { return mState == kStateCloseNotify; } + bool IsStateConnectingOrConnected(void) const { return mState == kStateConnecting || mState == kStateConnected; } + void SetState(State aState); + void FreeMbedtls(void); Error Setup(bool aClient); @@ -545,6 +555,10 @@ class SecureTransport : public InstanceLocator void Process(void); +#if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_INFO) + static const char *StateToString(State aState); +#endif + State mState; int mCipherSuites[2]; From 70128e06be8d15c3013847ceac9e58e7db0b8c25 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Fri, 8 Dec 2023 09:57:33 -0800 Subject: [PATCH 020/121] [github-actions] add arm-gcc-13 to build check (#9695) --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5f3d85ab2e3..9ef50e54d79 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -233,6 +233,9 @@ jobs: - gcc_ver: 12 gcc_download_url: https://developer.arm.com/-/media/Files/downloads/gnu/12.2.rel1/binrel/arm-gnu-toolchain-12.2.rel1-x86_64-arm-none-eabi.tar.xz gcc_extract_dir: arm-gnu-toolchain-12.2.rel1-x86_64-arm-none-eabi + - gcc_ver: 13 + gcc_download_url: https://developer.arm.com/-/media/Files/downloads/gnu/13.2.rel1/binrel/arm-gnu-toolchain-13.2.rel1-x86_64-arm-none-eabi.tar.xz + gcc_extract_dir: arm-gnu-toolchain-13.2.Rel1-x86_64-arm-none-eabi steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 From acd16029a72431c85ed9af4edfef2fa82f63b3ce Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Fri, 8 Dec 2023 15:56:13 -0800 Subject: [PATCH 021/121] [cli] add `debug` command (#9587) This commit adds cli `debug` command. This command is specifically designed for testing and debugging purposes. It executes a series of CLI commands to gather information about the device and thread network. --- src/cli/README.md | 47 +++++++++ src/cli/cli.cpp | 156 +++++++++++++++++++++++++++-- src/cli/cli.hpp | 1 + tests/scripts/expect/cli-debug.exp | 35 +++++++ 4 files changed, 229 insertions(+), 10 deletions(-) create mode 100644 tests/scripts/expect/cli-debug.exp diff --git a/src/cli/README.md b/src/cli/README.md index 20df53e0de0..262b9f567dc 100644 --- a/src/cli/README.md +++ b/src/cli/README.md @@ -40,6 +40,7 @@ Done - [counters](#counters) - [csl](#csl) - [dataset](README_DATASET.md) +- [debug](#debug) - [delaytimermin](#delaytimermin) - [detach](#detach) - [deviceprops](#deviceprops) @@ -1049,6 +1050,52 @@ Set time sync parameters Done ``` +### debug + +Executes a series of CLI commands to gather information about the device and thread network. This is intended for debugging. + +The output will display each executed CLI command preceded by "\$", followed by the corresponding command's generated output. + +The generated output encompasses the following information: + +- Version +- Current state +- RLOC16, extended MAC address +- Unicast and multicast IPv6 address list +- Channel +- PAN ID and extended PAN ID +- Network Data +- Partition ID +- Leader Data + +If the device is operating as FTD: + +- Child and neighbor table +- Router table and next hop Info +- Address cache table +- Registered MTD child IPv6 address +- Device properties + +If the device supports and acts as an SRP client: + +- SRP client state +- SRP client services and host info + +If the device supports and acts as an SRP sever: + +- SRP server state and address mode +- SRP server registered hosts and services + +If the device supports TREL: + +- TREL status and peer table + +If the device supports and acts as a border router: + +- BR state +- BR prefixes (OMR, on-link, NAT64) +- Discovered prefix table + ### delaytimermin Get the minimal delay timer (in seconds). diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index c1443aec76c..fb6de4cf422 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -101,6 +101,7 @@ Interpreter::Interpreter(Instance *aInstance, otCliOutputCallback aCallback, voi : OutputImplementer(aCallback, aContext) , Output(aInstance, *this) , mCommandIsPending(false) + , mInternalDebugCommand(false) , mTimer(*aInstance, HandleTimer, this) #if OPENTHREAD_FTD || OPENTHREAD_MTD #if OPENTHREAD_CONFIG_SNTP_CLIENT_ENABLE @@ -166,6 +167,16 @@ Interpreter::Interpreter(Instance *aInstance, otCliOutputCallback aCallback, voi void Interpreter::OutputResult(otError aError) { + if (mInternalDebugCommand) + { + if (aError != OT_ERROR_NONE) + { + OutputLine("Error %u: %s", aError, otThreadErrorToString(aError)); + } + + ExitNow(); + } + OT_ASSERT(mCommandIsPending); VerifyOrExit(aError != OT_ERROR_PENDING); @@ -314,24 +325,30 @@ void Interpreter::ProcessLine(char *aBuf) OT_ASSERT(aBuf != nullptr); - // Ignore the command if another command is pending. - VerifyOrExit(!mCommandIsPending, args[0].Clear()); - mCommandIsPending = true; + if (!mInternalDebugCommand) + { + // Ignore the command if another command is pending. + VerifyOrExit(!mCommandIsPending, args[0].Clear()); + mCommandIsPending = true; - VerifyOrExit(StringLength(aBuf, kMaxLineLength) <= kMaxLineLength - 1, error = OT_ERROR_PARSE); + VerifyOrExit(StringLength(aBuf, kMaxLineLength) <= kMaxLineLength - 1, error = OT_ERROR_PARSE); + } SuccessOrExit(error = Utils::CmdLineParser::ParseCmd(aBuf, args, kMaxArgs)); VerifyOrExit(!args[0].IsEmpty(), mCommandIsPending = false); - LogInput(args); + if (!mInternalDebugCommand) + { + LogInput(args); #if OPENTHREAD_CONFIG_DIAG_ENABLE - if (otDiagIsEnabled(GetInstancePtr()) && (args[0] != "diag") && (args[0] != "factoryreset")) - { - OutputLine("under diagnostics mode, execute 'diag stop' before running any other commands."); - ExitNow(error = OT_ERROR_INVALID_STATE); - } + if (otDiagIsEnabled(GetInstancePtr()) && (args[0] != "diag") && (args[0] != "factoryreset")) + { + OutputLine("under diagnostics mode, execute 'diag stop' before running any other commands."); + ExitNow(error = OT_ERROR_INVALID_STATE); + } #endif + } error = ProcessCommand(args); @@ -7243,6 +7260,124 @@ template <> otError Interpreter::Process(Arg aArgs[]) return error; } +/** + * @cli debug + * @par + * Executes a series of CLI commands to gather information about the device and thread network. This is intended for + * debugging. + * The output will display each executed CLI command preceded by `$`, followed by the corresponding command's + * generated output. + * The generated output encompasses the following information: + * - Version + * - Current state + * - RLOC16, extended MAC address + * - Unicast and multicast IPv6 address list + * - Channel + * - PAN ID and extended PAN ID + * - Network Data + * - Partition ID + * - Leader Data + * @par + * If the device is operating as FTD: + * - Child and neighbor table + * - Router table and next hop info + * - Address cache table + * - Registered MTD child IPv6 address + * - Device properties + * @par + * If the device supports and acts as an SRP client: + * - SRP client state + * - SRP client services and host info + * @par + * If the device supports and acts as an SRP sever: + * - SRP server state and address mode + * - SRP server registered hosts and services + * @par + * If the device supports TREL: + * - TREL status and peer table + * @par + * If the device supports and acts as a border router: + * - BR state + * - BR prefixes (OMR, on-link, NAT64) + * - Discovered prefix table + */ +template <> otError Interpreter::Process(Arg aArgs[]) +{ + static constexpr uint16_t kMaxDebugCommandSize = 30; + + static const char *const kDebugCommands[] = { + "version", + "state", + "rloc16", + "extaddr", + "ipaddrs", + "ipmaddrs", + "channel", + "panid", + "extpanid", + "netdata show", + "netdata show -x", + "partitionid", + "leaderdata", +#if OPENTHREAD_FTD + "child table", + "childip", + "neighbor table", + "router table", + "nexthop", + "eidcache", +#if OPENTHREAD_CONFIG_MLE_DEVICE_PROPERTY_LEADER_WEIGHT_ENABLE + "deviceprops", +#endif +#endif // OPENTHREAD_FTD +#if OPENTHREAD_CONFIG_SRP_CLIENT_ENABLE + "srp client state", + "srp client host", + "srp client service", + "srp client server", +#endif +#if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE + "srp server state", + "srp server addrmode", + "srp server host", + "srp server service", +#endif +#if OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE + "trel", + "trel peers", +#endif +#if OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE + "br state", + "br omrprefix", + "br onlinkprefix", + "br prefixtable", +#if OPENTHREAD_CONFIG_NAT64_BORDER_ROUTING_ENABLE + "br nat64prefix", +#endif +#endif + "bufferinfo", + }; + + char commandString[kMaxDebugCommandSize]; + + OT_UNUSED_VARIABLE(aArgs); + + mInternalDebugCommand = true; + + for (const char *debugCommand : kDebugCommands) + { + strncpy(commandString, debugCommand, sizeof(commandString) - 1); + commandString[sizeof(commandString) - 1] = '\0'; + + OutputLine("$ %s", commandString); + ProcessLine(commandString); + } + + mInternalDebugCommand = false; + + return OT_ERROR_NONE; +} + #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE template <> otError Interpreter::Process(Arg aArgs[]) { return mTcat.Process(aArgs); } #endif @@ -8345,6 +8480,7 @@ otError Interpreter::ProcessCommand(Arg aArgs[]) CmdEntry("csl"), #endif CmdEntry("dataset"), + CmdEntry("debug"), #if OPENTHREAD_FTD CmdEntry("delaytimermin"), #endif diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index f95759e718a..6fb727607b0 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -533,6 +533,7 @@ class Interpreter : public OutputImplementer, public Output UserCommandsEntry mUserCommands[kMaxUserCommandEntries]; bool mCommandIsPending; + bool mInternalDebugCommand; TimerMilliContext mTimer; diff --git a/tests/scripts/expect/cli-debug.exp b/tests/scripts/expect/cli-debug.exp new file mode 100644 index 00000000000..6c5ced74a15 --- /dev/null +++ b/tests/scripts/expect/cli-debug.exp @@ -0,0 +1,35 @@ +#!/usr/bin/expect -f +# +# Copyright (c) 2023, The OpenThread Authors. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. Neither the name of the copyright holder nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +source "tests/scripts/expect/_common.exp" + +spawn_node 1 + +send "debug\n" +expect_line "Done" From ae6eff5f212d88d86448d4c085d52098babe13a9 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Fri, 8 Dec 2023 18:58:32 -0800 Subject: [PATCH 022/121] [docs] SRP README update minor fix (#9702) --- src/cli/README_SRP.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cli/README_SRP.md b/src/cli/README_SRP.md index ce2139fb7b1..0ad7dd48971 100644 --- a/src/cli/README_SRP.md +++ b/src/cli/README_SRP.md @@ -98,7 +98,7 @@ Routes: Services: 44970 5d c002 s 8400 Done -srp client start fded:5114:8263:1fe1:68bc:ec03:c1ad:9325 49154 +> srp client start fded:5114:8263:1fe1:68bc:ec03:c1ad:9325 49154 Done ``` From c08316fad668084de7acd3a2708610181fcdc44d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 09:53:36 -0800 Subject: [PATCH 023/121] github-actions: bump actions/setup-go from 4.1.0 to 5.0.0 (#9706) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0 to 5.0.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/93397bea11091df50f3d7e59dc26a7711a8bcfbe...0c52d547c9bc32b1aa3301fd7a9cb496313a4491) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/otns.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index 05ca7e32a05..945c7394f0a 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -63,7 +63,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: "1.20" - name: Set up Python @@ -102,7 +102,7 @@ jobs: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: "1.20" - name: Set up Python @@ -164,7 +164,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: "1.20" - name: Set up Python From 879fdfa12ba6e285a8f372862e43c9701cc87b90 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 11 Dec 2023 15:28:15 -0800 Subject: [PATCH 024/121] [routing-manager] deprecate OMR/on-mesh prefixes when removed from netdata (#9599) This commit adds `RioAdvertiser` component to `RoutingManager`, which manages the list of prefixes advertised as RIO in emitted RA messages by BR. The RIO prefixes are discovered from on-mesh prefixes in Thread Network Data, including OMR prefixes from `OmrPrefixManager` and other prefixes. Existing code for maintaining the list, appending RIOs, and determining/setting the RIO preference is moved to the `RioAdvertiser` class. The `RioAdvertiser` adds a new mechanism to deprecate prefixes removed from Network Data such that any removed prefix is still advertised as RIO in emitted RA messages up to a deprecation interval of 300 seconds (using a shorter route lifetime in RIO). This mechanism ensures that when an OMR prefix is withdrawn, traffic can still be routed during deprecation time from AIL to Thread devices using the old OMR address. This commit also updates `test_routing_manager` to validate the new behavior. --- src/core/border_router/routing_manager.cpp | 433 ++++++++++++--------- src/core/border_router/routing_manager.hpp | 71 +++- tests/unit/test_routing_manager.cpp | 36 +- 3 files changed, 329 insertions(+), 211 deletions(-) diff --git a/src/core/border_router/routing_manager.cpp b/src/core/border_router/routing_manager.cpp index e981af5080f..cb81f9d7cae 100644 --- a/src/core/border_router/routing_manager.cpp +++ b/src/core/border_router/routing_manager.cpp @@ -72,8 +72,7 @@ RoutingManager::RoutingManager(Instance &aInstance) , mIsEnabled(false) , mInfraIf(aInstance) , mOmrPrefixManager(aInstance) - , mRioPreference(NetworkData::kRoutePreferenceLow) - , mUserSetRioPreference(false) + , mRioAdvertiser(aInstance) , mOnLinkPrefixManager(aInstance) , mDiscoveredPrefixTable(aInstance) , mRoutePublisher(aInstance) @@ -153,45 +152,6 @@ RoutingManager::State RoutingManager::GetState(void) const return state; } -void RoutingManager::SetRouteInfoOptionPreference(RoutePreference aPreference) -{ - LogInfo("User explicitly set RIO Preference to %s", RoutePreferenceToString(aPreference)); - mUserSetRioPreference = true; - UpdateRioPreference(aPreference); -} - -void RoutingManager::ClearRouteInfoOptionPreference(void) -{ - VerifyOrExit(mUserSetRioPreference); - - LogInfo("User cleared explicitly set RIO Preference"); - mUserSetRioPreference = false; - SetRioPreferenceBasedOnRole(); - -exit: - return; -} - -void RoutingManager::SetRioPreferenceBasedOnRole(void) -{ - UpdateRioPreference(Get().IsRouterOrLeader() ? NetworkData::kRoutePreferenceMedium - : NetworkData::kRoutePreferenceLow); -} - -void RoutingManager::UpdateRioPreference(RoutePreference aPreference) -{ - VerifyOrExit(mRioPreference != aPreference); - - LogInfo("RIO Preference changed: %s -> %s", RoutePreferenceToString(mRioPreference), - RoutePreferenceToString(aPreference)); - mRioPreference = aPreference; - - ScheduleRoutingPolicyEvaluation(kAfterRandomDelay); - -exit: - return; -} - Error RoutingManager::GetOmrPrefix(Ip6::Prefix &aPrefix) const { Error error = kErrorNone; @@ -377,12 +337,6 @@ void RoutingManager::Stop(void) SendRouterAdvertisement(kInvalidateAllPrevPrefixes); -#if OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE - mAdvertisedPrefixes.Free(); -#else - mAdvertisedPrefixes.Clear(); -#endif - mDiscoveredPrefixTable.RemoveAllEntries(); mDiscoveredPrefixStaleTimer.Stop(); @@ -457,9 +411,9 @@ void RoutingManager::HandleReceived(const InfraIf::Icmp6Packet &aPacket, const I void RoutingManager::HandleNotifierEvents(Events aEvents) { - if (aEvents.Contains(kEventThreadRoleChanged) && !mUserSetRioPreference) + if (aEvents.Contains(kEventThreadRoleChanged)) { - SetRioPreferenceBasedOnRole(); + mRioAdvertiser.HandleRoleChanged(); } mRoutePublisher.HandleNotifierEvents(aEvents); @@ -620,19 +574,18 @@ void RoutingManager::SendRouterAdvertisement(RouterAdvTxMode aRaTxMode) // - One RA Flags Extensions Option (with stub router flag). // - One PIO for current local on-link prefix. // - At most `kMaxOldPrefixes` for old deprecating on-link prefixes. - // - At most twice `kMaxOnMeshPrefixes` RIO for on-mesh prefixes. - // Factor two is used for RIO to account for entries invalidating - // previous prefixes while adding new ones. + // - At most 3 times `kMaxOnMeshPrefixes` RIO for on-mesh prefixes. + // Factor three is used for RIOs to account for any new prefix + // with older prefixes entries being deprecated and prefixes + // being invalidated. static constexpr uint16_t kMaxRaLength = sizeof(Ip6::Nd::RouterAdvertMessage::Header) + sizeof(Ip6::Nd::RaFlagsExtOption) + sizeof(Ip6::Nd::PrefixInfoOption) + sizeof(Ip6::Nd::PrefixInfoOption) * OnLinkPrefixManager::kMaxOldPrefixes + - 2 * kMaxOnMeshPrefixes * (sizeof(Ip6::Nd::RouteInfoOption) + sizeof(Ip6::Prefix)); + 3 * kMaxOnMeshPrefixes * (sizeof(Ip6::Nd::RouteInfoOption) + sizeof(Ip6::Prefix)); - uint8_t buffer[kMaxRaLength]; - Ip6::Nd::RouterAdvertMessage raMsg(mRaInfo.mHeader, buffer); - NetworkData::Iterator iterator; - NetworkData::OnMeshPrefixConfig prefixConfig; + uint8_t buffer[kMaxRaLength]; + Ip6::Nd::RouterAdvertMessage raMsg(mRaInfo.mHeader, buffer); LogInfo("Preparing RA"); @@ -653,119 +606,13 @@ void RoutingManager::SendRouterAdvertisement(RouterAdvTxMode aRaTxMode) mOnLinkPrefixManager.AppendAsPiosTo(raMsg); - // Determine which previously advertised prefixes need to be - // invalidated. Under `kInvalidateAllPrevPrefixes` mode we need - // to invalidate all. Under `kAdvPrefixesFromNetData` mode, we - // check Network Data entries and invalidate any previously - // advertised prefix that is no longer present in the Network - // Data. We go through all Network Data prefixes and mark the - // ones we find in `mAdvertisedPrefixes` as deleted by setting - // the prefix length to zero). By the end, the remaining entries - // in the array with a non-zero prefix length are invalidated. - - if (aRaTxMode != kInvalidateAllPrevPrefixes) + if (aRaTxMode == kInvalidateAllPrevPrefixes) { - iterator = NetworkData::kIteratorInit; - - while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) - { - if (!prefixConfig.mOnMesh || prefixConfig.mDp || - (prefixConfig.GetPrefix() == mOmrPrefixManager.GetLocalPrefix().GetPrefix())) - { - continue; - } - - mAdvertisedPrefixes.MarkAsDeleted(prefixConfig.GetPrefix()); - } - - if (mOmrPrefixManager.IsLocalAddedInNetData()) - { - mAdvertisedPrefixes.MarkAsDeleted(mOmrPrefixManager.GetLocalPrefix().GetPrefix()); - } + mRioAdvertiser.InvalidatPrevRios(raMsg); } - - for (const OnMeshPrefix &prefix : mAdvertisedPrefixes) - { - if (prefix.GetLength() != 0) - { - SuccessOrAssert(raMsg.AppendRouteInfoOption(prefix, /* aRouteLifetime */ 0, mRioPreference)); - LogRouteInfoOption(prefix, 0, mRioPreference); - } - } - - // Discover and add prefixes from Network Data to advertise as - // RIO in the Router Advertisement message. - - mAdvertisedPrefixes.Clear(); - - if (aRaTxMode == kAdvPrefixesFromNetData) + else { - // `mAdvertisedPrefixes` array has a limited size. We add more - // important prefixes first in the array to ensure they are - // advertised in the RA message. Note that `Add()` method - // will ensure to add a prefix only once (will check if - // prefix is already present in the array). - - // (1) Local OMR prefix. - - if (mOmrPrefixManager.IsLocalAddedInNetData()) - { - mAdvertisedPrefixes.Add(mOmrPrefixManager.GetLocalPrefix().GetPrefix()); - } - - // (2) Favored OMR prefix. - - if (!mOmrPrefixManager.GetFavoredPrefix().IsEmpty() && !mOmrPrefixManager.GetFavoredPrefix().IsDomainPrefix()) - { - mAdvertisedPrefixes.Add(mOmrPrefixManager.GetFavoredPrefix().GetPrefix()); - } - - // (3) All other OMR prefixes. - - iterator = NetworkData::kIteratorInit; - - while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) - { - // Local OMR prefix is added to the array depending on - // `mOmrPrefixManager.IsLocalAddedInNetData()` at step (1). - // As we iterate through the Network Data prefixes, we skip - // over entries matching the local OMR prefix. This - // ensures that we stop including it in emitted RA - // message as soon as we decide to remove it from Network - // Data. Note that upon requesting it to be removed from - // Network Data the change needs to be registered with - // leader and can take some time to be updated in Network - // Data. - - if (prefixConfig.mDp) - { - continue; - } - - if (IsValidOmrPrefix(prefixConfig) && - (prefixConfig.GetPrefix() != mOmrPrefixManager.GetLocalPrefix().GetPrefix())) - { - mAdvertisedPrefixes.Add(prefixConfig.GetPrefix()); - } - } - - // (4) All other on-mesh prefixes (excluding Domain Prefix). - - iterator = NetworkData::kIteratorInit; - - while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) - { - if (prefixConfig.mOnMesh && !prefixConfig.mDp && !IsValidOmrPrefix(prefixConfig)) - { - mAdvertisedPrefixes.Add(prefixConfig.GetPrefix()); - } - } - - for (const OnMeshPrefix &prefix : mAdvertisedPrefixes) - { - SuccessOrAssert(raMsg.AppendRouteInfoOption(prefix, kDefaultOmrPrefixLifetime, mRioPreference)); - LogRouteInfoOption(prefix, kDefaultOmrPrefixLifetime, mRioPreference); - } + mRioAdvertiser.AppendRios(raMsg); } if (raMsg.ContainsAnyOptions()) @@ -831,9 +678,9 @@ bool RoutingManager::IsReceivedRouterAdvertFromManager(const Ip6::Nd::RouterAdve case Ip6::Nd::Option::kTypeRouteInfo: { // RIO (with non-zero lifetime) should match entries from - // `mAdvertisedPrefixes`. We keep track of the number - // of matched RIOs and check after the loop ends that all - // entries were seen. + // `mRioAdvertiser`. We keep track of the number of matched + // RIOs and check after the loop ends that all entries were + // seen. const Ip6::Nd::RouteInfoOption &rio = static_cast(option); @@ -842,7 +689,7 @@ bool RoutingManager::IsReceivedRouterAdvertFromManager(const Ip6::Nd::RouterAdve if (rio.GetRouteLifetime() != 0) { - VerifyOrExit(mAdvertisedPrefixes.Contains(prefix)); + VerifyOrExit(mRioAdvertiser.HasAdvertised(prefix)); rioCount++; } @@ -854,7 +701,7 @@ bool RoutingManager::IsReceivedRouterAdvertFromManager(const Ip6::Nd::RouterAdve } } - VerifyOrExit(rioCount == mAdvertisedPrefixes.GetLength()); + VerifyOrExit(rioCount == mRioAdvertiser.GetAdvertisedRioCount()); isFromManager = true; @@ -1023,16 +870,16 @@ bool RoutingManager::ShouldProcessRouteInfoOption(const Ip6::Nd::RouteInfoOption VerifyOrExit(mOmrPrefixManager.GetLocalPrefix().GetPrefix() != aPrefix); // Ignore OMR prefixes advertised by ourselves or in current Thread Network Data. - // The `mAdvertisedPrefixes` and the OMR prefix set in Network Data should eventually + // The `RioAdvertiser` prefixes and the OMR prefix set in Network Data should eventually // be equal, but there is time that they are not synchronized immediately: - // 1. Network Data could contain more OMR prefixes than `mAdvertisedPrefixes` because + // 1. Network Data could contain more OMR prefixes than `RioAdvertiser` because // we added random delay before Evaluating routing policy when Network Data is changed. - // 2. `mAdvertisedPrefixes` could contain more OMR prefixes than Network Data because + // 2. `RioAdvertiser` prefixes could contain more OMR prefixes than Network Data because // it takes time to sync a new OMR prefix into Network Data (multicast loopback RA // messages are usually faster than Thread Network Data propagation). // They are the reasons why we need both the checks. - VerifyOrExit(!mAdvertisedPrefixes.Contains(aPrefix)); + VerifyOrExit(!mRioAdvertiser.HasAdvertised(aPrefix)); VerifyOrExit(!Get().NetworkDataContainsOmrPrefix(aPrefix)); shouldProcess = true; @@ -2878,39 +2725,243 @@ const char *RoutingManager::OnLinkPrefixManager::StateToString(State aState) } //--------------------------------------------------------------------------------------------------------------------- -// OnMeshPrefixArray +// RioAdvertiser + +RoutingManager::RioAdvertiser::RioAdvertiser(Instance &aInstance) + : InstanceLocator(aInstance) + , mTimer(aInstance) + , mPreference(NetworkData::kRoutePreferenceLow) + , mUserSetPreference(false) +{ +} -void RoutingManager::OnMeshPrefixArray::Add(const OnMeshPrefix &aPrefix) +void RoutingManager::RioAdvertiser::SetPreference(RoutePreference aPreference) { - // Checks if `aPrefix` is already present in the array and if not - // adds it as new entry. + LogInfo("User explicitly set RIO Preference to %s", RoutePreferenceToString(aPreference)); + mUserSetPreference = true; + UpdatePreference(aPreference); +} - Error error; +void RoutingManager::RioAdvertiser::ClearPreference(void) +{ + VerifyOrExit(mUserSetPreference); - VerifyOrExit(!Contains(aPrefix)); + LogInfo("User cleared explicitly set RIO Preference"); + mUserSetPreference = false; + SetPreferenceBasedOnRole(); - error = PushBack(aPrefix); +exit: + return; +} - if (error != kErrorNone) +void RoutingManager::RioAdvertiser::HandleRoleChanged(void) +{ + if (!mUserSetPreference) { - LogWarn("Too many on-mesh prefixes in net data, ignoring prefix %s", aPrefix.ToString().AsCString()); + SetPreferenceBasedOnRole(); } +} + +void RoutingManager::RioAdvertiser::SetPreferenceBasedOnRole(void) +{ + UpdatePreference(Get().IsRouterOrLeader() ? NetworkData::kRoutePreferenceMedium + : NetworkData::kRoutePreferenceLow); +} + +void RoutingManager::RioAdvertiser::UpdatePreference(RoutePreference aPreference) +{ + VerifyOrExit(mPreference != aPreference); + + LogInfo("RIO Preference changed: %s -> %s", RoutePreferenceToString(mPreference), + RoutePreferenceToString(aPreference)); + mPreference = aPreference; + + Get().ScheduleRoutingPolicyEvaluation(kAfterRandomDelay); exit: return; } -void RoutingManager::OnMeshPrefixArray::MarkAsDeleted(const OnMeshPrefix &aPrefix) +void RoutingManager::RioAdvertiser::InvalidatPrevRios(Ip6::Nd::RouterAdvertMessage &aRaMessage) { - // Searches for a matching entry to `aPrefix` and if found marks - // it as deleted by setting prefix length to zero. + for (const RioPrefix &prefix : mPrefixes) + { + AppendRio(prefix.mPrefix, /* aRouteLifetime */ 0, aRaMessage); + } - OnMeshPrefix *entry = Find(aPrefix); +#if OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE + mPrefixes.Free(); +#endif - if (entry != nullptr) + mPrefixes.Clear(); + mTimer.Stop(); +} + +void RoutingManager::RioAdvertiser::AppendRios(Ip6::Nd::RouterAdvertMessage &aRaMessage) +{ + TimeMilli now = TimerMilli::GetNow(); + TimeMilli nextTime = now.GetDistantFuture(); + RioPrefixArray oldPrefixes; + NetworkData::Iterator iterator = NetworkData::kIteratorInit; + NetworkData::OnMeshPrefixConfig prefixConfig; + const OmrPrefixManager &omrPrefixManager = Get().mOmrPrefixManager; + +#if OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE + oldPrefixes.TakeFrom(static_cast(mPrefixes)); +#else + oldPrefixes = mPrefixes; +#endif + + mPrefixes.Clear(); + + // `mPrefixes` array can have a limited size. We add more + // important prefixes first in the array to ensure they are + // advertised in the RA message. Note that `Add()` method + // will ensure to add a prefix only once (will check if + // prefix is already present in the array). + + // (1) Local OMR prefix. + + if (omrPrefixManager.IsLocalAddedInNetData()) { - entry->SetLength(0); + mPrefixes.Add(omrPrefixManager.GetLocalPrefix().GetPrefix()); } + + // (2) Favored OMR prefix. + + if (!omrPrefixManager.GetFavoredPrefix().IsEmpty() && !omrPrefixManager.GetFavoredPrefix().IsDomainPrefix()) + { + mPrefixes.Add(omrPrefixManager.GetFavoredPrefix().GetPrefix()); + } + + // (3) All other OMR prefixes. + + iterator = NetworkData::kIteratorInit; + + while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) + { + // Local OMR prefix is added to the array depending on + // `omrPrefixManager.IsLocalAddedInNetData()` at step (1). + // As we iterate through the Network Data prefixes, we skip + // over entries matching the local OMR prefix. This + // ensures that we start deprecating it in emitted RA + // message as soon as we decide to remove it from Network + // Data. Note that upon requesting it to be removed from + // Network Data the change needs to be registered with + // leader and can take some time to be updated in Network + // Data. + + if (prefixConfig.mDp) + { + continue; + } + + if (IsValidOmrPrefix(prefixConfig) && + (prefixConfig.GetPrefix() != omrPrefixManager.GetLocalPrefix().GetPrefix())) + { + mPrefixes.Add(prefixConfig.GetPrefix()); + } + } + + // (4) All other on-mesh prefixes (excluding Domain Prefix). + + iterator = NetworkData::kIteratorInit; + + while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) + { + if (prefixConfig.mOnMesh && !prefixConfig.mDp && !IsValidOmrPrefix(prefixConfig)) + { + mPrefixes.Add(prefixConfig.GetPrefix()); + } + } + + // Determine deprecating prefixes + + for (RioPrefix &prefix : oldPrefixes) + { + if (mPrefixes.ContainsMatching(prefix.mPrefix)) + { + continue; + } + + if (prefix.mIsDeprecating) + { + if (now >= prefix.mExpirationTime) + { + AppendRio(prefix.mPrefix, /* aRouteLifetime */ 0, aRaMessage); + continue; + } + } + else + { + prefix.mIsDeprecating = true; + prefix.mExpirationTime = now + kDeprecationTime; + } + + if (mPrefixes.PushBack(prefix) != kErrorNone) + { + LogWarn("Too many deprecating on-mesh prefixes, removing %s", prefix.mPrefix.ToString().AsCString()); + AppendRio(prefix.mPrefix, /* aRouteLifetime */ 0, aRaMessage); + } + + nextTime = Min(nextTime, prefix.mExpirationTime); + } + + // Advertise all prefixes in `mPrefixes` + + for (const RioPrefix &prefix : mPrefixes) + { + uint32_t lifetime = kDefaultOmrPrefixLifetime; + + if (prefix.mIsDeprecating) + { + lifetime = TimeMilli::MsecToSec(prefix.mExpirationTime - now); + } + + AppendRio(prefix.mPrefix, lifetime, aRaMessage); + } + + if (nextTime != now.GetDistantFuture()) + { + mTimer.FireAtIfEarlier(nextTime); + } +} + +void RoutingManager::RioAdvertiser::AppendRio(const Ip6::Prefix &aPrefix, + uint32_t aRouteLifetime, + Ip6::Nd::RouterAdvertMessage &aRaMessage) +{ + SuccessOrAssert(aRaMessage.AppendRouteInfoOption(aPrefix, aRouteLifetime, mPreference)); + LogRouteInfoOption(aPrefix, aRouteLifetime, mPreference); +} + +void RoutingManager::RioAdvertiser::HandleTimer(void) +{ + Get().ScheduleRoutingPolicyEvaluation(kImmediately); +} + +void RoutingManager::RioAdvertiser::RioPrefixArray::Add(const Ip6::Prefix &aPrefix) +{ + // Checks if `aPrefix` is already present in the array and if not + // adds it as a new entry. + + Error error; + RioPrefix newEntry; + + VerifyOrExit(!ContainsMatching(aPrefix)); + + newEntry.Clear(); + newEntry.mPrefix = aPrefix; + + error = PushBack(newEntry); + + if (error != kErrorNone) + { + LogWarn("Too many on-mesh prefixes in net data, ignoring prefix %s", aPrefix.ToString().AsCString()); + } + +exit: + return; } //--------------------------------------------------------------------------------------------------------------------- diff --git a/src/core/border_router/routing_manager.hpp b/src/core/border_router/routing_manager.hpp index 95a86f0e049..4f1511c26fc 100644 --- a/src/core/border_router/routing_manager.hpp +++ b/src/core/border_router/routing_manager.hpp @@ -209,7 +209,7 @@ class RoutingManager : public InstanceLocator * @returns The current Route Info Option preference. * */ - RoutePreference GetRouteInfoOptionPreference(void) const { return mRioPreference; } + RoutePreference GetRouteInfoOptionPreference(void) const { return mRioAdvertiser.GetPreference(); } /** * Explicitly sets the preference to use when advertising Route Info Options (RIO) in Router @@ -221,7 +221,7 @@ class RoutingManager : public InstanceLocator * @param[in] aPreference The route preference to use. * */ - void SetRouteInfoOptionPreference(RoutePreference aPreference); + void SetRouteInfoOptionPreference(RoutePreference aPreference) { mRioAdvertiser.SetPreference(aPreference); } /** * Clears a previously set preference value for advertised Route Info Options. @@ -230,7 +230,7 @@ class RoutingManager : public InstanceLocator * in router/leader role and low preference when in child role. * */ - void ClearRouteInfoOptionPreference(void); + void ClearRouteInfoOptionPreference(void) { mRioAdvertiser.ClearPreference(); } /** * Gets the current preference used for published routes in Network Data. @@ -997,18 +997,60 @@ class RoutingManager : public InstanceLocator ExpireTimer mTimer; }; - typedef Ip6::Prefix OnMeshPrefix; + void HandleRioAdvertiserimer(void) { mRioAdvertiser.HandleTimer(); } - class OnMeshPrefixArray : + class RioAdvertiser : public InstanceLocator + { + // Manages the list of prefixes advertised as RIO in emitted + // RA. The RIO prefixes are discovered from on-mesh prefixes in + // network data including OMR prefix from `OmrPrefixManager`. + // It also handles deprecating removed prefixes. + + public: + explicit RioAdvertiser(Instance &aInstance); + + RoutePreference GetPreference(void) const { return mPreference; } + void SetPreference(RoutePreference aPreference); + void ClearPreference(void); + void HandleRoleChanged(void); + void AppendRios(Ip6::Nd::RouterAdvertMessage &aRaMessage); + void InvalidatPrevRios(Ip6::Nd::RouterAdvertMessage &aRaMessage); + bool HasAdvertised(const Ip6::Prefix &aPrefix) const { return mPrefixes.ContainsMatching(aPrefix); } + uint16_t GetAdvertisedRioCount(void) const { return mPrefixes.GetLength(); } + void HandleTimer(void); + + private: + static constexpr uint32_t kDeprecationTime = TimeMilli::SecToMsec(300); + + struct RioPrefix : public Clearable + { + bool Matches(const Ip6::Prefix &aPrefix) const { return (mPrefix == aPrefix); } + + Ip6::Prefix mPrefix; + bool mIsDeprecating; + TimeMilli mExpirationTime; + }; + + struct RioPrefixArray : #if OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE - public Heap::Array + public Heap::Array #else - public Array + public Array #endif - { - public: - void Add(const OnMeshPrefix &aPrefix); - void MarkAsDeleted(const OnMeshPrefix &aPrefix); + { + void Add(const Ip6::Prefix &aPrefix); + }; + + void SetPreferenceBasedOnRole(void); + void UpdatePreference(RoutePreference aPreference); + void AppendRio(const Ip6::Prefix &aPrefix, uint32_t aRouteLifetime, Ip6::Nd::RouterAdvertMessage &aRaMessage); + + using RioTimer = TimerMilliIn; + + RioPrefixArray mPrefixes; + RioTimer mTimer; + RoutePreference mPreference; + bool mUserSetPreference; }; #if OPENTHREAD_CONFIG_NAT64_BORDER_ROUTING_ENABLE @@ -1227,8 +1269,6 @@ class RoutingManager : public InstanceLocator void HandleNotifierEvents(Events aEvents); bool IsInitialized(void) const { return mInfraIf.IsInitialized(); } bool IsEnabled(void) const { return mIsEnabled; } - void SetRioPreferenceBasedOnRole(void); - void UpdateRioPreference(RoutePreference aPreference); Error LoadOrGenerateRandomBrUlaPrefix(void); void EvaluateRoutingPolicy(void); @@ -1276,10 +1316,7 @@ class RoutingManager : public InstanceLocator OmrPrefixManager mOmrPrefixManager; - // List of on-mesh prefixes (discovered from Network Data) which - // were advertised as RIO in the last sent RA message. - OnMeshPrefixArray mAdvertisedPrefixes; - + RioAdvertiser mRioAdvertiser; RoutePreference mRioPreference; bool mUserSetRioPreference; diff --git a/tests/unit/test_routing_manager.cpp b/tests/unit/test_routing_manager.cpp index ef2a53bf17a..39659c43060 100644 --- a/tests/unit/test_routing_manager.cpp +++ b/tests/unit/test_routing_manager.cpp @@ -58,6 +58,9 @@ static const char kInfraIfAddress[] = "fe80::1"; static constexpr uint32_t kValidLitime = 2000; static constexpr uint32_t kPreferredLifetime = 1800; +static constexpr uint32_t kRioValidLifetime = 1800; +static constexpr uint32_t kRioDeprecatingLifetime = 300; + static constexpr uint16_t kMaxRaSize = 800; static constexpr uint16_t kMaxDeprecatingPrefixes = 16; @@ -1382,6 +1385,8 @@ void TestOmrSelection(void) VerifyOrQuit(sRsEmitted); VerifyOrQuit(sRaValidated); VerifyOrQuit(sExpectedRios.SawAll()); + VerifyOrQuit(sExpectedRios[0].mLifetime == kRioValidLifetime); + Log("Received RA was validated"); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1409,17 +1414,20 @@ void TestOmrSelection(void) AdvanceTime(100); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Make sure BR emits RA with new OMR prefix now. + // Make sure BR emits RA with the new OMR prefix now, and deprecates the old OMR prefix. sRaValidated = false; sExpectedPio = kPioAdvertisingLocalOnLink; sExpectedRios.Clear(); sExpectedRios.Add(omrPrefix); + sExpectedRios.Add(localOmr); AdvanceTime(20000); VerifyOrQuit(sRaValidated); VerifyOrQuit(sExpectedRios.SawAll()); + VerifyOrQuit(sExpectedRios[0].mLifetime == kRioValidLifetime); + VerifyOrQuit(sExpectedRios[1].mLifetime <= kRioDeprecatingLifetime); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Check Network Data. We should now see that the local OMR prefix @@ -1437,16 +1445,20 @@ void TestOmrSelection(void) AdvanceTime(100); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Make sure BR emits RA with local OMR prefix again. + // Make sure BR emits RA with local OMR prefix again and start + // deprecating the previously added OMR prefix. sRaValidated = false; sExpectedRios.Clear(); + sExpectedRios.Add(omrPrefix); sExpectedRios.Add(localOmr); AdvanceTime(20000); VerifyOrQuit(sRaValidated); VerifyOrQuit(sExpectedRios.SawAll()); + VerifyOrQuit(sExpectedRios[0].mLifetime <= kRioDeprecatingLifetime); + VerifyOrQuit(sExpectedRios[1].mLifetime == kRioValidLifetime); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Check Network Data. We should see that the local OMR prefix is @@ -1455,6 +1467,21 @@ void TestOmrSelection(void) VerifyOmrPrefixInNetData(localOmr, /* aDefaultRoute */ false); VerifyExternalRouteInNetData(kUlaRoute, kWithAdvPioFlagSet); + //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + // Wait enough for old deprecating OMR prefix deprecating to expire. + + sRaValidated = false; + sExpectedRios.Clear(); + sExpectedRios.Add(omrPrefix); + sExpectedRios.Add(localOmr); + + AdvanceTime(310000); + + VerifyOrQuit(sRaValidated); + VerifyOrQuit(sExpectedRios.SawAll()); + VerifyOrQuit(sExpectedRios[0].mLifetime == 0); + VerifyOrQuit(sExpectedRios[1].mLifetime == kRioValidLifetime); + //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - SuccessOrQuit(sInstance->Get().SetEnabled(false)); @@ -2023,7 +2050,10 @@ void TestDomainPrefixAsOmr(void) VerifyOrQuit(sExpectedRios[1].mPrefix == localOmr); VerifyOrQuit(sExpectedRios[1].mSawInRa); - VerifyOrQuit(sExpectedRios[1].mLifetime == 0); + VerifyOrQuit(sExpectedRios[1].mLifetime <= kRioDeprecatingLifetime); + + // Wait long enough for deprecating RIO prefix to expire + AdvanceTime(3200000); sRaValidated = false; sExpectedPio = kPioAdvertisingLocalOnLink; From 12af0231215d34b751c8dc318fa11d77dbfefb9e Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Mon, 11 Dec 2023 15:28:40 -0800 Subject: [PATCH 025/121] [cli] add aliases for TCP and SRP concepts guides (#9707) * Adding aliases for TCP and SRP concepts guides * TCP and SRP concept guides now referenced by Command Ref CLIs --- src/cli/cli_srp_client.cpp | 11 +++++++++++ src/cli/cli_srp_server.cpp | 5 +++++ src/cli/cli_tcp.cpp | 4 ++++ 3 files changed, 20 insertions(+) diff --git a/src/cli/cli_srp_client.cpp b/src/cli/cli_srp_client.cpp index 58c9ef4573a..30ed8d9143f 100644 --- a/src/cli/cli_srp_client.cpp +++ b/src/cli/cli_srp_client.cpp @@ -81,6 +81,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Indicates the current state of auto-start mode (enabled or disabled). * @sa otSrpClientIsAutoStartModeEnabled + * @sa @srp */ if (aArgs[0].IsEmpty()) { @@ -160,6 +161,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Gets or enables/disables printing callback events from the SRP client. * @sa otSrpClientSetCallback + * @sa @srp */ template <> otError SrpClient::Process(Arg aArgs[]) { @@ -212,6 +214,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Gets or sets the host name of the SRP client. * @sa otSrpClientSetHostName + * @sa @srp */ else if (aArgs[0] == "name") { @@ -286,6 +289,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * Indicates whether auto address mode is enabled. If auto address mode is not * enabled, then the list of SRP client host addresses is returned. * @sa otSrpClientGetHostInfo + * @sa @srp */ if (aArgs[1].IsEmpty()) { @@ -329,6 +333,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * addresses. * @sa otSrpClientEnableAutoHostAddress * @sa otSrpClientSetHostAddresses + * @sa @srp */ else if (aArgs[1] == "auto") { @@ -385,6 +390,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * Removes SRP client host information and all services from the SRP server. * @sa otSrpClientRemoveHostAndServices * @sa otSrpClientSetHostName + * @sa @srp */ else if (aArgs[0] == "remove") { @@ -492,6 +498,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * that is being used by the SRP client. If the client is not running, the address * is unspecified (all zeros) with a port number of 0. * @sa otSrpClientGetServerAddress + * @sa @srp */ if (aArgs[0].IsEmpty()) { @@ -579,6 +586,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Adds a service with a given instance name, service name, and port number. * @sa otSrpClientAddService + * @sa @srp */ else if (aArgs[0] == "add") { @@ -654,6 +662,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * This command is intended for testing only, and requires that * `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` be enabled. * @sa otSrpClientIsServiceKeyRecordEnabled + * @sa @srp */ else if (aArgs[0] == "key") { @@ -846,6 +855,7 @@ void SrpClient::OutputService(uint8_t aIndentSize, const otSrpClientService &aSe * @par * Starts the SRP client operation. * @sa otSrpClientStart + * @sa @srp */ template <> otError SrpClient::Process(Arg aArgs[]) { @@ -871,6 +881,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @endcode * @par api_copy * #otSrpClientIsRunning + * @sa @srp */ template <> otError SrpClient::Process(Arg aArgs[]) { diff --git a/src/cli/cli_srp_server.cpp b/src/cli/cli_srp_server.cpp index 98213d5246e..1dc6d43c719 100644 --- a/src/cli/cli_srp_server.cpp +++ b/src/cli/cli_srp_server.cpp @@ -117,6 +117,7 @@ template <> otError SrpServer::Process(Arg aArgs[]) * This command requires that `OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` be enabled. * @sa otSrpServerIsAutoEnableMode * @sa otSrpServerSetAutoEnableMode + * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -174,6 +175,7 @@ template <> otError SrpServer::Process(Arg aArgs[]) * SRP servers are no longer active within the Thread network. * * `running`: The SRP server is active and can handle service registrations. * @sa otSrpServerGetState + * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -213,6 +215,7 @@ template <> otError SrpServer::Process(Arg aArgs[]) * @par * Enables or disables the SRP server. * @sa otSrpServerSetEnabled + * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -312,6 +315,7 @@ template <> otError SrpServer::Process(Arg aArgs[]) * @sa otSrpServerGetNextHost * @sa otSrpServerHostGetAddresses * @sa otSrpServerHostGetFullName + * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -414,6 +418,7 @@ void SrpServer::OutputHostAddresses(const otSrpServerHost *aHost) * @sa otSrpServerServiceGetInstanceName * @sa otSrpServerServiceGetServiceName * @sa otSrpServerServiceGetSubTypeServiceNameAt + * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { diff --git a/src/cli/cli_tcp.cpp b/src/cli/cli_tcp.cpp index ddfc098db6c..4f3a8d5c761 100644 --- a/src/cli/cli_tcp.cpp +++ b/src/cli/cli_tcp.cpp @@ -324,6 +324,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) * address and port is referred to as "naming the TCP endpoint." This binds the * endpoint for communication. * @sa otTcpBind + * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -369,6 +370,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) * If the connection establishment is successful, the resulting TCP connection * is associated with the example TCP endpoint. * @sa otTcpConnect + * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -449,6 +451,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) * @par * Sends data over the TCP connection associated with the example TCP endpoint * that is provided with the `tcp` CLI. + * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -683,6 +686,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) * Uses the example TCP listener to listen for incoming connections on the * specified IPv6 address and port. * @sa otTcpListen + * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { From fd02db638eeb9b11706cecc671c95388b12aa859 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 12 Dec 2023 12:17:24 -0800 Subject: [PATCH 026/121] [routing-manager] advertise local OMR in RA after present in netdata (#9703) This commit adds `OmrPrefixManager::ShouldAdvertiseLocalAsRio()` which determines whether the local OMR prefix should be advertised as RIO in emitted RAs. To advertise, we must have decided to publish it, and it must already be added and present in the Network Data. This ensures that we only advertise the local OMR prefix in emitted RAs when, as a Border Router, we can accept and route messages using an OMR-based address destination, which requires the prefix to be present in Network Data. Similarly, we stop advertising (and start deprecating) the OMR prefix in RAs as soon as we decide to remove it. After requesting its removal from Network Data, it may still be present in Network Data for a short interval due to delays in registering changes with the leader. --- src/core/border_router/routing_manager.cpp | 59 ++++++++++++++++++---- src/core/border_router/routing_manager.hpp | 2 +- 2 files changed, 49 insertions(+), 12 deletions(-) diff --git a/src/core/border_router/routing_manager.cpp b/src/core/border_router/routing_manager.cpp index cb81f9d7cae..56620e3de81 100644 --- a/src/core/border_router/routing_manager.cpp +++ b/src/core/border_router/routing_manager.cpp @@ -2085,6 +2085,45 @@ void RoutingManager::OmrPrefixManager::Evaluate(void) return; } +bool RoutingManager::OmrPrefixManager::ShouldAdvertiseLocalAsRio(void) const +{ + // Determines whether the local OMR prefix should be advertised as + // RIO in emitted RAs. To advertise, we must have decided to + // publish it, and it must already be added and present in the + // Network Data. This ensures that we only advertise the local + // OMR prefix in emitted RAs when, as a Border Router, we can + // accept and route messages using an OMR-based address + // destination, which requires the prefix to be present in + // Network Data. Similarly, we stop advertising (and start + // deprecating) the OMR prefix in RAs as soon as we decide to + // remove it. After requesting its removal from Network Data, it + // may still be present in Network Data for a short interval due + // to delays in registering changes with the leader. + + bool shouldAdvertise = false; + NetworkData::Iterator iterator = NetworkData::kIteratorInit; + NetworkData::OnMeshPrefixConfig prefixConfig; + + VerifyOrExit(mIsLocalAddedInNetData); + + while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) + { + if (!IsValidOmrPrefix(prefixConfig)) + { + continue; + } + + if (prefixConfig.GetPrefix() == mLocalPrefix.GetPrefix()) + { + shouldAdvertise = true; + break; + } + } + +exit: + return shouldAdvertise; +} + Error RoutingManager::OmrPrefixManager::AddLocalToNetData(void) { Error error = kErrorNone; @@ -2822,7 +2861,7 @@ void RoutingManager::RioAdvertiser::AppendRios(Ip6::Nd::RouterAdvertMessage &aRa // (1) Local OMR prefix. - if (omrPrefixManager.IsLocalAddedInNetData()) + if (omrPrefixManager.ShouldAdvertiseLocalAsRio()) { mPrefixes.Add(omrPrefixManager.GetLocalPrefix().GetPrefix()); } @@ -2840,16 +2879,14 @@ void RoutingManager::RioAdvertiser::AppendRios(Ip6::Nd::RouterAdvertMessage &aRa while (Get().GetNextOnMeshPrefix(iterator, prefixConfig) == kErrorNone) { - // Local OMR prefix is added to the array depending on - // `omrPrefixManager.IsLocalAddedInNetData()` at step (1). - // As we iterate through the Network Data prefixes, we skip - // over entries matching the local OMR prefix. This - // ensures that we start deprecating it in emitted RA - // message as soon as we decide to remove it from Network - // Data. Note that upon requesting it to be removed from - // Network Data the change needs to be registered with - // leader and can take some time to be updated in Network - // Data. + // Decision on whether or not to include the local OMR prefix is + // delegated to `OmrPrefixManager.ShouldAdvertiseLocalAsRio()` + // at step (1). Here as we iterate over the Network Data + // prefixes, we skip entries matching the local OMR prefix. + // In particular, `OmrPrefixManager` may have decided to remove the + // local prefix and not advertise it anymore, but it may still be + // present in the Network Data (due to delay of registering changes + // with leader). if (prefixConfig.mDp) { diff --git a/src/core/border_router/routing_manager.hpp b/src/core/border_router/routing_manager.hpp index 4f1511c26fc..d1d3ef37519 100644 --- a/src/core/border_router/routing_manager.hpp +++ b/src/core/border_router/routing_manager.hpp @@ -909,7 +909,7 @@ class RoutingManager : public InstanceLocator void Stop(void); void Evaluate(void); void UpdateDefaultRouteFlag(bool aDefaultRoute); - bool IsLocalAddedInNetData(void) const { return mIsLocalAddedInNetData; } + bool ShouldAdvertiseLocalAsRio(void) const; const Ip6::Prefix &GetGeneratedPrefix(void) const { return mGeneratedPrefix; } const OmrPrefix &GetLocalPrefix(void) const { return mLocalPrefix; } const FavoredOmrPrefix &GetFavoredPrefix(void) const { return mFavoredPrefix; } From a62e238b7f086a07737e3cb2f0c81c4f2831fd3c Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 12 Dec 2023 17:39:02 -0800 Subject: [PATCH 027/121] [unit-test] make sure `otPlatLog()` is defined as `extern "C"` (#9711) This ensures that the function defined in the unit test would be correctly picked over weak implementations. --- tests/unit/test_routing_manager.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/unit/test_routing_manager.cpp b/tests/unit/test_routing_manager.cpp index 39659c43060..5f1ac2f9675 100644 --- a/tests/unit/test_routing_manager.cpp +++ b/tests/unit/test_routing_manager.cpp @@ -227,6 +227,8 @@ void SendRouterAdvert(const Ip6::Address &aAddress, const Icmp6Packet &aP void SendNeighborAdvert(const Ip6::Address &aAddress, const Ip6::Nd::NeighborAdvertMessage &aNaMessage); void DiscoverNat64Prefix(const Ip6::Prefix &aPrefix); +extern "C" { + #if OPENTHREAD_CONFIG_LOG_OUTPUT == OPENTHREAD_CONFIG_LOG_OUTPUT_PLATFORM_DEFINED void otPlatLog(otLogLevel aLogLevel, otLogRegion aLogRegion, const char *aFormat, ...) { @@ -246,8 +248,6 @@ void otPlatLog(otLogLevel aLogLevel, otLogRegion aLogRegion, const char *aFormat //---------------------------------------------------------------------------------------------------------------------- // `otPlatRadio -extern "C" { - otRadioCaps otPlatRadioGetCaps(otInstance *) { return OT_RADIO_CAPS_ACK_TIMEOUT | OT_RADIO_CAPS_CSMA_BACKOFF; } otError otPlatRadioTransmit(otInstance *, otRadioFrame *) From 35424b375a5346719013ca14a23e1ee9d6efc6a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20Bida?= Date: Wed, 13 Dec 2023 03:28:26 +0100 Subject: [PATCH 028/121] [posix] verify in `otPlatUdpBindToNetif` if Backbone Interface is set. (#9696) Commit adds check to `otPlatUdpBindToNetif` if backbone interface is set to correct value to prevent `setsockopt` from crashing the ot-daemon. --- src/posix/platform/udp.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/posix/platform/udp.cpp b/src/posix/platform/udp.cpp index 6d7c880a378..5726f0ede3c 100644 --- a/src/posix/platform/udp.cpp +++ b/src/posix/platform/udp.cpp @@ -323,6 +323,11 @@ otError otPlatUdpBindToNetif(otUdpSocket *aUdpSocket, otNetifIdentifier aNetifId case OT_NETIF_BACKBONE: { #if OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE + if (otSysGetInfraNetifName() == nullptr || otSysGetInfraNetifName()[0] == '\0') + { + otLogWarnPlat("No backbone interface given, %s fails.", __func__); + ExitNow(error = OT_ERROR_INVALID_ARGS); + } #if __linux__ VerifyOrExit(setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, otSysGetInfraNetifName(), strlen(otSysGetInfraNetifName())) == 0, From 3e9e936d65c1b13ab89cb52feccdf094c151af17 Mon Sep 17 00:00:00 2001 From: Jake Swensen Date: Fri, 8 Dec 2023 17:44:20 +0000 Subject: [PATCH 029/121] [cmake] platform power calibration enable (#9701) Allow selection of the platform power calibration feature at build time. --- etc/cmake/options.cmake | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/cmake/options.cmake b/etc/cmake/options.cmake index b308283f9d9..ecb2d52d3a5 100644 --- a/etc/cmake/options.cmake +++ b/etc/cmake/options.cmake @@ -230,6 +230,7 @@ ot_option(OT_PING_SENDER OPENTHREAD_CONFIG_PING_SENDER_ENABLE "ping sender" ${OT ot_option(OT_PLATFORM_BOOTLOADER_MODE OPENTHREAD_CONFIG_PLATFORM_BOOTLOADER_MODE_ENABLE "platform bootloader mode") ot_option(OT_PLATFORM_KEY_REF OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE "platform key reference secure storage") ot_option(OT_PLATFORM_NETIF OPENTHREAD_CONFIG_PLATFORM_NETIF_ENABLE "platform netif") +ot_option(OT_PLATFORM_POWER_CALIBRATION OPENTHREAD_CONFIG_PLATFORM_POWER_CALIBRATION_ENABLE "power calibration") ot_option(OT_PLATFORM_UDP OPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE "platform UDP") ot_option(OT_REFERENCE_DEVICE OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE "test harness reference device") ot_option(OT_SERVICE OPENTHREAD_CONFIG_TMF_NETDATA_SERVICE_ENABLE "Network Data service") From 83fb6c29b161b19c04097d89e374b9c42ebce174 Mon Sep 17 00:00:00 2001 From: Jake Swensen Date: Fri, 8 Dec 2023 16:34:52 -0600 Subject: [PATCH 030/121] [cmake] posix platform runtime configuration file (#9701) Allow selection of the POSIX runtime configuration file feature at build time. --- src/posix/CMakeLists.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/posix/CMakeLists.txt b/src/posix/CMakeLists.txt index 25634511d31..bc605f67794 100644 --- a/src/posix/CMakeLists.txt +++ b/src/posix/CMakeLists.txt @@ -34,6 +34,8 @@ set(COMMON_INCLUDES ${PROJECT_SOURCE_DIR}/src/posix/platform/include ) +ot_option(OT_PLATFORM_POSIX_CONFIG_FILE OPENTHREAD_POSIX_CONFIG_CONFIGURATION_FILE_ENABLE "posix config file") + set(OT_READLINE_VALUES "readline" "edit" From de67820c3cfd250ee47b30986fb6e4be0ab71f96 Mon Sep 17 00:00:00 2001 From: Jake Swensen Date: Fri, 8 Dec 2023 17:45:11 +0000 Subject: [PATCH 031/121] [cmake] config posix config file runtime location (#9701) OpenThread defines a structure to supply runtime configuration files on a POSIX platform. These runtime configuration files contain factory and product configuration information. They can include information such as radio target power, region, and calibration settings. By default, OpenThread uses an example file located at `src/posix/platform/openthread.conf.example`. However, the file location can be modified by supplying a pre-processor definition. This approach has a few flaws: - The pre-processor definitions are not accessible outside of the OpenThread project structure. - In order to change the values in project, a new header file must be provided, the existing one modified, or the value forcibly set in the OpenThread cmake file. This change introduces OT_POSIX_FACTORY_CONFIG and OT_POSIX_PRODUCT_CONFIG to the project cmake structure. These values allow projects that are using OpenThread as a sub-project to pass in these runtime config paths at compile time. This offers project maintainers flexibility in how their project is configured. --- src/posix/CMakeLists.txt | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/posix/CMakeLists.txt b/src/posix/CMakeLists.txt index bc605f67794..d8081d616c4 100644 --- a/src/posix/CMakeLists.txt +++ b/src/posix/CMakeLists.txt @@ -85,6 +85,19 @@ elseif(OT_APP_CLI) endif() endif() +set(OT_POSIX_FACTORY_CONFIG "" CACHE STRING "OpenThread factory config file") +set(OT_POSIX_PRODUCT_CONFIG "" CACHE STRING "OpenThread product config file") + +if (OT_POSIX_FACTORY_CONFIG) + target_compile_definitions(ot-config INTERFACE "OPENTHREAD_POSIX_CONFIG_FACTORY_CONFIG_FILE=\"${OT_POSIX_FACTORY_CONFIG}\"") + message(STATUS "OT_POSIX_FACTORY_CONFIG=\"${OT_POSIX_FACTORY_CONFIG}\"") +endif() + +if (OT_POSIX_PRODUCT_CONFIG) + target_compile_definitions(ot-config INTERFACE "OPENTHREAD_POSIX_CONFIG_PRODUCT_CONFIG_FILE=\"${OT_POSIX_PRODUCT_CONFIG}\"") + message(STATUS "OT_POSIX_PRODUCT_CONFIG=\"${OT_POSIX_PRODUCT_CONFIG}\"") +endif() + if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME) set(CPACK_GENERATOR "DEB") set(CPACK_DEBIAN_PACKAGE_MAINTAINER "OpenThread Authors (https://github.com/openthread/openthread)") From 266a97b80ab7ce7fea7fc5b0200fdbec0537f40d Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Wed, 13 Dec 2023 12:18:40 -0800 Subject: [PATCH 032/121] [docs] reference groups added and typos fixed (#9709) --- doc/ot_api_doc.h | 2 ++ include/openthread/border_routing.h | 2 +- include/openthread/instance.h | 2 +- src/core/border_router/routing_manager.cpp | 2 +- src/core/border_router/routing_manager.hpp | 4 ++-- 5 files changed, 7 insertions(+), 5 deletions(-) diff --git a/doc/ot_api_doc.h b/doc/ot_api_doc.h index 84e48c8005d..3863a5a73ea 100644 --- a/doc/ot_api_doc.h +++ b/doc/ot_api_doc.h @@ -53,6 +53,7 @@ * @defgroup api-net IPv6 Networking * @{ * + * @defgroup api-ble-secure BLE Secure * @defgroup api-dns DNS * @defgroup api-dnssd-server DNS-SD Server * @defgroup api-icmp6 ICMPv6 @@ -168,6 +169,7 @@ * @{ * * @defgroup plat-alarm Alarm + * @defgroup plat-ble BLE * @defgroup plat-crypto Crypto - Platform * @defgroup plat-dns DNS - Platform * @defgroup plat-entropy Entropy diff --git a/include/openthread/border_routing.h b/include/openthread/border_routing.h index 5236f0d9d18..afd2d7e5f85 100644 --- a/include/openthread/border_routing.h +++ b/include/openthread/border_routing.h @@ -124,7 +124,7 @@ typedef struct otBorderRoutingPrefixTableEntry */ typedef struct otPdProcessedRaInfo { - uint32_t mNumPlatformRaReceived; ///< The number of platform generated RA handled by ProcessPlatfromGeneratedRa. + uint32_t mNumPlatformRaReceived; ///< The number of platform generated RA handled by ProcessPlatformGeneratedRa. uint32_t mNumPlatformPioProcessed; ///< The number of PIO processed for adding OMR prefixes. uint32_t mLastPlatformRaMsec; ///< The timestamp of last processed RA message. } otPdProcessedRaInfo; diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 3a668cffe64..bc60c08a590 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (383) +#define OPENTHREAD_API_VERSION (384) /** * @addtogroup api-instance diff --git a/src/core/border_router/routing_manager.cpp b/src/core/border_router/routing_manager.cpp index 56620e3de81..4173626e4e6 100644 --- a/src/core/border_router/routing_manager.cpp +++ b/src/core/border_router/routing_manager.cpp @@ -3760,7 +3760,7 @@ void RoutingManager::PdPrefixManager::SetEnabled(bool aEnabled) extern "C" void otPlatBorderRoutingProcessIcmp6Ra(otInstance *aInstance, const uint8_t *aMessage, uint16_t aLength) { - AsCoreType(aInstance).Get().ProcessPlatfromGeneratedRa(aMessage, aLength); + AsCoreType(aInstance).Get().ProcessPlatformGeneratedRa(aMessage, aLength); } #endif // OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE diff --git a/src/core/border_router/routing_manager.hpp b/src/core/border_router/routing_manager.hpp index d1d3ef37519..4aef01d91a1 100644 --- a/src/core/border_router/routing_manager.hpp +++ b/src/core/border_router/routing_manager.hpp @@ -283,7 +283,7 @@ class RoutingManager : public InstanceLocator /** * Returns the platform provided off-mesh-routable (OMR) prefix. * - * The prefix is extracted from the platform generated RA messages handled by `ProcessPlatfromGeneratedNd()`. + * The prefix is extracted from the platform generated RA messages handled by `ProcessPlatformGeneratedNd()`. * * @param[out] aPrefixInfo A reference to where the prefix info will be output to. * @@ -517,7 +517,7 @@ class RoutingManager : public InstanceLocator * @param[in] aLength The length of the router advertisement message. * */ - void ProcessPlatfromGeneratedRa(const uint8_t *aRouterAdvert, uint16_t aLength) + void ProcessPlatformGeneratedRa(const uint8_t *aRouterAdvert, uint16_t aLength) { mPdPrefixManager.ProcessPlatformGeneratedRa(aRouterAdvert, aLength); } From ac7f75181c1efe5dc3b7787223ed7e09f2dd54a5 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Thu, 14 Dec 2023 20:54:50 -0800 Subject: [PATCH 033/121] [posix] fix usage of `__linux__` (#9714) Should be checking for definition rather than value. Also prefer `#ifdef` over `#if defined` --- src/posix/platform/daemon.cpp | 2 +- src/posix/platform/multicast_routing.cpp | 2 +- src/posix/platform/netif.cpp | 48 ++++++++++++------------ src/posix/platform/udp.cpp | 2 +- 4 files changed, 27 insertions(+), 27 deletions(-) diff --git a/src/posix/platform/daemon.cpp b/src/posix/platform/daemon.cpp index 5a85b15c2ae..bf905992c46 100644 --- a/src/posix/platform/daemon.cpp +++ b/src/posix/platform/daemon.cpp @@ -104,7 +104,7 @@ int Daemon::OutputFormatV(const char *aFormat, va_list aArguments) VerifyOrExit(mSessionSocket != -1); -#if defined(__linux__) +#ifdef __linux__ // Don't die on SIGPIPE rval = send(mSessionSocket, buf, static_cast(rval), MSG_NOSIGNAL); #else diff --git a/src/posix/platform/multicast_routing.cpp b/src/posix/platform/multicast_routing.cpp index 40af863a65b..a224ae1abbe 100644 --- a/src/posix/platform/multicast_routing.cpp +++ b/src/posix/platform/multicast_routing.cpp @@ -39,7 +39,7 @@ #include #include #include -#if __linux__ +#ifdef __linux__ #include #else #error "Multicast Routing feature is not ported to non-Linux platforms yet." diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index 3d546eb3c1c..40670855467 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -193,18 +193,18 @@ using namespace ot::Posix::Ip6Utils; #endif // OPENTHREAD_TUN_DEVICE -#if defined(__linux__) +#ifdef __linux__ static uint32_t sNetlinkSequence = 0; ///< Netlink message sequence. #endif -#if OPENTHREAD_POSIX_CONFIG_INSTALL_OMR_ROUTES_ENABLE && __linux__ +#if OPENTHREAD_POSIX_CONFIG_INSTALL_OMR_ROUTES_ENABLE && defined(__linux__) static constexpr uint32_t kOmrRoutesPriority = OPENTHREAD_POSIX_CONFIG_OMR_ROUTES_PRIORITY; static constexpr uint8_t kMaxOmrRoutesNum = OPENTHREAD_POSIX_CONFIG_MAX_OMR_ROUTES_NUM; static uint8_t sAddedOmrRoutesNum = 0; static otIp6Prefix sAddedOmrRoutes[kMaxOmrRoutesNum]; #endif -#if OPENTHREAD_POSIX_CONFIG_INSTALL_EXTERNAL_ROUTES_ENABLE && __linux__ +#if OPENTHREAD_POSIX_CONFIG_INSTALL_EXTERNAL_ROUTES_ENABLE && defined(__linux__) static constexpr uint32_t kExternalRoutePriority = OPENTHREAD_POSIX_CONFIG_EXTERNAL_ROUTE_PRIORITY; static constexpr uint8_t kMaxExternalRoutesNum = OPENTHREAD_POSIX_CONFIG_MAX_EXTERNAL_ROUTE_NUM; static uint8_t sAddedExternalRoutesNum = 0; @@ -319,7 +319,7 @@ static uint8_t NetmaskToPrefixLength(const struct sockaddr_in6 *netmask) } #endif -#if defined(__linux__) +#ifdef __linux__ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wcast-align" @@ -432,7 +432,7 @@ static void UpdateUnicastLinux(otInstance *aInstance, const otIp6AddressInfo &aA } #pragma GCC diagnostic pop -#endif // defined(__linux__) +#endif // __linux__ static void UpdateUnicast(otInstance *aInstance, const otIp6AddressInfo &aAddressInfo, bool aIsAdded) { @@ -441,7 +441,7 @@ static void UpdateUnicast(otInstance *aInstance, const otIp6AddressInfo &aAddres assert(gInstance == aInstance); assert(sIpFd >= 0); -#if defined(__linux__) +#ifdef __linux__ UpdateUnicastLinux(aInstance, aAddressInfo, aIsAdded); #elif defined(__APPLE__) || defined(__NetBSD__) || defined(__FreeBSD__) { @@ -569,7 +569,7 @@ static void UpdateLink(otInstance *aInstance) SetLinkState(aInstance, otIp6IsEnabled(aInstance)); } -#if defined(__linux__) +#ifdef __linux__ template otError AddRoute(const uint8_t (&aAddress)[N], uint8_t aPrefixLen, uint32_t aPriority) { constexpr unsigned int kBufSize = 128; @@ -867,7 +867,7 @@ static otError DeleteIp4Route(const otIp4Cidr &aIp4Cidr) return DeleteRoute(aIp4Cidr.mAddress.mFields.m8, aIp4Cidr.mLength); } #endif -#endif // defined(__linux__) +#endif // __linux__ static void processAddressChange(const otIp6AddressInfo *aAddressInfo, bool aIsAdded, void *aContext) { @@ -952,10 +952,10 @@ void platformNetifStateChange(otInstance *aInstance, otChangedFlags aFlags) } if (OT_CHANGED_THREAD_NETDATA & aFlags) { -#if OPENTHREAD_POSIX_CONFIG_INSTALL_OMR_ROUTES_ENABLE && __linux__ +#if OPENTHREAD_POSIX_CONFIG_INSTALL_OMR_ROUTES_ENABLE && defined(__linux__) UpdateOmrRoutes(aInstance); #endif -#if OPENTHREAD_POSIX_CONFIG_INSTALL_EXTERNAL_ROUTES_ENABLE && __linux__ +#if OPENTHREAD_POSIX_CONFIG_INSTALL_EXTERNAL_ROUTES_ENABLE && defined(__linux__) UpdateExternalRoutes(aInstance); #endif #if OPENTHREAD_POSIX_CONFIG_FIREWALL_ENABLE @@ -1182,7 +1182,7 @@ static void logAddrEvent(bool isAdd, const ot::Ip6::Address &aAddress, otError e } } -#if defined(__linux__) +#ifdef __linux__ static void processNetifAddrEvent(otInstance *aInstance, struct nlmsghdr *aNetlinkMessage) { @@ -1324,7 +1324,7 @@ static void processNetifLinkEvent(otInstance *aInstance, struct nlmsghdr *aNetli otLogWarnPlat("[netif] Failed to sync netif state with host: %s", otThreadErrorToString(error)); } } -#endif // defined(__linux__) +#endif // __linux__ #if defined(__APPLE__) || defined(__NetBSD__) || defined(__FreeBSD__) @@ -1558,7 +1558,7 @@ static void processNetifInfoEvent(otInstance *aInstance, struct rt_msghdr *rtm) #endif -#if defined(__linux__) +#ifdef __linux__ #define ERR_RTA(errmsg, requestPayloadLength) \ ((struct rtattr *)((char *)(errmsg)) + NLMSG_ALIGN(sizeof(struct nlmsgerr)) + NLMSG_ALIGN(requestPayloadLength)) @@ -1632,7 +1632,7 @@ static void HandleNetlinkResponse(struct nlmsghdr *msg) return; } -#endif // defined(__linux__) +#endif // __linux__ static void processNetlinkEvent(otInstance *aInstance) { @@ -1641,7 +1641,7 @@ static void processNetlinkEvent(otInstance *aInstance) union { -#if defined(__linux__) +#ifdef __linux__ nlmsghdr nlMsg; #else rt_msghdr rtMsg; @@ -1651,7 +1651,7 @@ static void processNetlinkEvent(otInstance *aInstance) length = recv(sNetlinkFd, msgBuffer.buffer, sizeof(msgBuffer.buffer), 0); -#if defined(__linux__) +#ifdef __linux__ #define HEADER_SIZE sizeof(nlmsghdr) #else #define HEADER_SIZE sizeof(rt_msghdr) @@ -1664,7 +1664,7 @@ static void processNetlinkEvent(otInstance *aInstance) ExitNow(); } -#if defined(__linux__) +#ifdef __linux__ for (struct nlmsghdr *msg = &msgBuffer.nlMsg; NLMSG_OK(msg, static_cast(length)); msg = NLMSG_NEXT(msg, length)) { @@ -1680,7 +1680,7 @@ static void processNetlinkEvent(otInstance *aInstance) #endif switch (msg->nlmsg_type) { -#if defined(__linux__) +#ifdef __linux__ case NLMSG_DONE: // NLMSG_DONE indicates the end of the netlink message, exits now ExitNow(); @@ -1705,7 +1705,7 @@ static void processNetlinkEvent(otInstance *aInstance) break; #endif -#if !defined(__linux__) +#ifndef __linux__ case RTM_IFINFO: processNetifInfoEvent(aInstance, msg); break; @@ -1742,7 +1742,7 @@ static void mldListenerInit(void) memcpy(&mreq6.ipv6mr_multiaddr, kMLDv2MulticastAddress.mFields.m8, sizeof(kMLDv2MulticastAddress.mFields.m8)); VerifyOrDie(setsockopt(sMLDMonitorFd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq6, sizeof(mreq6)) == 0, OT_EXIT_FAILURE); -#if defined(__linux__) +#ifdef __linux__ VerifyOrDie(setsockopt(sMLDMonitorFd, SOL_SOCKET, SO_BINDTODEVICE, gNetifName, static_cast(strnlen(gNetifName, IFNAMSIZ))) == 0, OT_EXIT_FAILURE); @@ -1827,7 +1827,7 @@ static void processMLDEvent(otInstance *aInstance) } #endif -#if defined(__linux__) +#ifdef __linux__ static void SetAddrGenModeToNone(void) { struct @@ -2004,7 +2004,7 @@ static void platformConfigureTunDevice(otPlatformConfig *aPlatformConfig) static void platformConfigureNetLink(void) { -#if defined(__linux__) +#ifdef __linux__ sNetlinkFd = SocketWithCloseExec(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE, kSocketNonBlock); #elif defined(__APPLE__) || defined(__NetBSD__) || defined(__FreeBSD__) sNetlinkFd = SocketWithCloseExec(PF_ROUTE, SOCK_RAW, 0, kSocketNonBlock); @@ -2032,7 +2032,7 @@ static void platformConfigureNetLink(void) } #endif -#if defined(__linux__) +#ifdef __linux__ { struct sockaddr_nl sa; @@ -2084,7 +2084,7 @@ void platformNetifInit(otPlatformConfig *aPlatformConfig) mldListenerInit(); #endif -#if __linux__ +#ifdef __linux__ SetAddrGenModeToNone(); #endif } diff --git a/src/posix/platform/udp.cpp b/src/posix/platform/udp.cpp index 5726f0ede3c..4161672ebac 100644 --- a/src/posix/platform/udp.cpp +++ b/src/posix/platform/udp.cpp @@ -328,7 +328,7 @@ otError otPlatUdpBindToNetif(otUdpSocket *aUdpSocket, otNetifIdentifier aNetifId otLogWarnPlat("No backbone interface given, %s fails.", __func__); ExitNow(error = OT_ERROR_INVALID_ARGS); } -#if __linux__ +#ifdef __linux__ VerifyOrExit(setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, otSysGetInfraNetifName(), strlen(otSysGetInfraNetifName())) == 0, error = OT_ERROR_FAILED); From 551df11ec1373e6d67d2fa29f9b158c654d1f868 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Mon, 18 Dec 2023 10:35:26 -0800 Subject: [PATCH 034/121] [posix] fix circular dependency on `OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE` (#9719) --- .../platform/openthread-core-posix-config.h | 2 + src/posix/platform/openthread-posix-config.h | 34 --------- .../platform/openthread-posix-daemon-config.h | 72 +++++++++++++++++++ 3 files changed, 74 insertions(+), 34 deletions(-) create mode 100644 src/posix/platform/openthread-posix-daemon-config.h diff --git a/src/posix/platform/openthread-core-posix-config.h b/src/posix/platform/openthread-core-posix-config.h index 2b3297a0a85..ebe784f4563 100644 --- a/src/posix/platform/openthread-core-posix-config.h +++ b/src/posix/platform/openthread-core-posix-config.h @@ -34,6 +34,8 @@ #ifndef OPENTHREAD_CORE_POSIX_CONFIG_H_ #define OPENTHREAD_CORE_POSIX_CONFIG_H_ +#include "openthread-posix-daemon-config.h" + #ifndef OPENTHREAD_CONFIG_NUM_MESSAGE_BUFFERS #define OPENTHREAD_CONFIG_NUM_MESSAGE_BUFFERS 256 #endif diff --git a/src/posix/platform/openthread-posix-config.h b/src/posix/platform/openthread-posix-config.h index cc8afe5cbee..87dbfe418c5 100644 --- a/src/posix/platform/openthread-posix-config.h +++ b/src/posix/platform/openthread-posix-config.h @@ -51,40 +51,6 @@ #define OPENTHREAD_POSIX_CONFIG_RCP_PTY_ENABLE 1 #endif -/** - * @def OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME - * - * Define socket basename used by POSIX app daemon. - * - */ -#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME -#ifdef __linux__ -#define OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME "/run/openthread-%s" -#else -#define OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME "/tmp/openthread-%s" -#endif -#endif - -/** - * @def OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE - * - * Define to 1 to enable POSIX daemon. - * - */ -#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE -#define OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE 0 -#endif - -/** - * @def OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE - * - * Define to 1 to enable CLI for the posix daemon. - * - */ -#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE -#define OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE 1 -#endif - /** * @def OPENTHREAD_POSIX_CONFIG_RCP_BUS * diff --git a/src/posix/platform/openthread-posix-daemon-config.h b/src/posix/platform/openthread-posix-daemon-config.h new file mode 100644 index 00000000000..d7e8b6c3330 --- /dev/null +++ b/src/posix/platform/openthread-posix-daemon-config.h @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef OPENTHREAD_POSIX_DAEMON_CONFIG_H_ +#define OPENTHREAD_POSIX_DAEMON_CONFIG_H_ + +/** + * @file + * @brief + * This file includes the POSIX daemon specific configurations. + */ + +/** + * @def OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME + * + * Define socket basename used by POSIX app daemon. + * + */ +#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME +#ifdef __linux__ +#define OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME "/run/openthread-%s" +#else +#define OPENTHREAD_POSIX_CONFIG_DAEMON_SOCKET_BASENAME "/tmp/openthread-%s" +#endif +#endif + +/** + * @def OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE + * + * Define to 1 to enable POSIX daemon. + * + */ +#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE +#define OPENTHREAD_POSIX_CONFIG_DAEMON_ENABLE 0 +#endif + +/** + * @def OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE + * + * Define to 1 to enable CLI for the posix daemon. + * + */ +#ifndef OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE +#define OPENTHREAD_POSIX_CONFIG_DAEMON_CLI_ENABLE 1 +#endif + +#endif // OPENTHREAD_POSIX_DAEMON_CONFIG_H_ From cca77a7948bd408704eee93e83c81b22511d8d58 Mon Sep 17 00:00:00 2001 From: Zhanglong Xia Date: Tue, 19 Dec 2023 02:37:31 +0800 Subject: [PATCH 035/121] [posix] prevent implicit conversion of `aUrl` to `RadioUrl` (#9722) When compiling `mRadioUrl=aUrl` in `Radio::Init()`, some compilers may implicitly convert `aUrl` to a temporary `RadioUrl` object and then copy the temporary `RadioUrl` to `mRadioUrl` via a default copy constructor. The pointer members of `mRadioUrl` point to the content of the temporary `RadioUrl`, and it eventually causes the program to access the memory that has been released, which causes the program to crash. This commit disables the compiler from implicitly converting `aUrl` to a `RadioUrl` object and deletes the default copy and move constructors. --- src/posix/platform/radio.cpp | 2 +- src/posix/platform/radio_url.cpp | 2 +- src/posix/platform/radio_url.hpp | 15 ++++++++++++++- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/src/posix/platform/radio.cpp b/src/posix/platform/radio.cpp index 44d011606e7..8828f9bee21 100644 --- a/src/posix/platform/radio.cpp +++ b/src/posix/platform/radio.cpp @@ -71,7 +71,7 @@ void Radio::Init(const char *aUrl) spinel_iid_t iidList[Spinel::kSpinelHeaderMaxNumIid]; struct ot::Spinel::RadioSpinelCallbacks callbacks; - mRadioUrl = aUrl; + mRadioUrl.Init(aUrl); VerifyOrDie(mRadioUrl.GetPath() != nullptr, OT_EXIT_INVALID_ARGUMENTS); memset(&callbacks, 0, sizeof(callbacks)); diff --git a/src/posix/platform/radio_url.cpp b/src/posix/platform/radio_url.cpp index bd34d9c65cc..db0c13461c1 100644 --- a/src/posix/platform/radio_url.cpp +++ b/src/posix/platform/radio_url.cpp @@ -135,7 +135,7 @@ const char *otSysGetRadioUrlHelpString(void) namespace ot { namespace Posix { -RadioUrl::RadioUrl(const char *aUrl) +void RadioUrl::Init(const char *aUrl) { if (aUrl != nullptr) { diff --git a/src/posix/platform/radio_url.hpp b/src/posix/platform/radio_url.hpp index 32b2c4c16ab..02460705bd3 100644 --- a/src/posix/platform/radio_url.hpp +++ b/src/posix/platform/radio_url.hpp @@ -52,7 +52,20 @@ class RadioUrl : public ot::Url::Url * @param[in] aUrl The null-terminated URL string. * */ - RadioUrl(const char *aUrl); + explicit RadioUrl(const char *aUrl) { Init(aUrl); }; + + /** + * Initializes the radio URL. + * + * @param[in] aUrl The null-terminated URL string. + * + */ + void Init(const char *aUrl); + + RadioUrl(const RadioUrl &) = delete; + RadioUrl(RadioUrl &&) = delete; + RadioUrl &operator=(const RadioUrl &) = delete; + RadioUrl &operator=(RadioUrl &&) = delete; private: enum From 5ceb5873c7202c1a8d00fcc1f3ab058453a78634 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 10:49:19 -0800 Subject: [PATCH 036/121] github-actions: bump docker/login-action from 2.2.0 to 3.0.0 (#9723) Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/465a07811f14bebb1938fbed4728c6a1ff8901fc...343f7c4344506bcbf9b4de18042ae17996df046d) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 8cce3c7f423..09f37e77298 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -91,7 +91,7 @@ jobs: - name: Login to DockerHub if: success() && github.repository == 'openthread/openthread' && github.event_name != 'pull_request' - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} From 824359178113c541149c1c0146ce5f9032fcd5db Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Mon, 18 Dec 2023 14:48:21 -0800 Subject: [PATCH 037/121] [spinel] fix `OPENTHREAD_ENABLE_SPINEL_VENDOR_HOOK` (#9718) `OPENTHREAD_ENABLE_SPINEL_VENDOR_HOOK` was not consistent with the intended `OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK`. Rename `OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK` to `OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE` for consistency with other configs. --- src/lib/spinel/CMakeLists.txt | 4 ++-- src/lib/spinel/example_vendor_hook.cpp | 4 ++-- src/lib/spinel/example_vendor_hook.hpp | 4 ++-- src/lib/spinel/openthread-spinel-config.h | 6 +++--- src/lib/spinel/radio_spinel.cpp | 2 +- src/lib/spinel/radio_spinel.hpp | 2 +- src/posix/platform/radio.hpp | 4 ++-- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/lib/spinel/CMakeLists.txt b/src/lib/spinel/CMakeLists.txt index 8d552cf08cd..47de4d44175 100644 --- a/src/lib/spinel/CMakeLists.txt +++ b/src/lib/spinel/CMakeLists.txt @@ -65,8 +65,8 @@ set(COMMON_SOURCES set(OT_SPINEL_VENDOR_HOOK_SOURCE "" CACHE STRING "set vendor hook source file for Spinel") set(OT_SPINEL_VENDOR_HOOK_HEADER "" CACHE STRING "set vendor hook header file for Spinel") if(OT_SPINEL_VENDOR_HOOK_SOURCE) - target_compile_definitions(openthread-spinel-rcp PUBLIC "OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK=1") - target_compile_definitions(openthread-spinel-ncp PUBLIC "OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK=1") + target_compile_definitions(openthread-spinel-rcp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE=1") + target_compile_definitions(openthread-spinel-ncp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE=1") target_compile_definitions(openthread-spinel-rcp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER=\"${OT_SPINEL_VENDOR_HOOK_HEADER}\"") target_compile_definitions(openthread-spinel-ncp PUBLIC "OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER=\"${OT_SPINEL_VENDOR_HOOK_HEADER}\"") list(APPEND COMMON_SOURCES ${OT_SPINEL_VENDOR_HOOK_SOURCE_DIR}${OT_SPINEL_VENDOR_HOOK_SOURCE}) diff --git a/src/lib/spinel/example_vendor_hook.cpp b/src/lib/spinel/example_vendor_hook.cpp index 3c0a73a159a..c43961b7986 100644 --- a/src/lib/spinel/example_vendor_hook.cpp +++ b/src/lib/spinel/example_vendor_hook.cpp @@ -30,7 +30,7 @@ * This file shows how to implement the Radio Spinel vendor hook. */ -#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE #include OPENTRHEAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER #include "common/log.hpp" @@ -64,4 +64,4 @@ otError RadioSpinel::VendorHandleValueIs(spinel_prop_key_t aPropKey) extern ot::Spinel::RadioSpinel &GetRadioSpinel(void); -#endif // OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#endif // OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE diff --git a/src/lib/spinel/example_vendor_hook.hpp b/src/lib/spinel/example_vendor_hook.hpp index f9dedb6269f..df35e8bc3a3 100644 --- a/src/lib/spinel/example_vendor_hook.hpp +++ b/src/lib/spinel/example_vendor_hook.hpp @@ -33,7 +33,7 @@ #ifndef SPINEL_EXTENSION_H #define SPINEL_EXTENSION_H -#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE #include #include "lib/spinel/radio_spinel.hpp" @@ -55,5 +55,5 @@ class VendorRadioSpinel : public ot::Spinel::RadioSpinel } // namespace Spinel } // namespace ot -#endif // OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#endif // OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE #endif // SPINEL_EXTENSION_H diff --git a/src/lib/spinel/openthread-spinel-config.h b/src/lib/spinel/openthread-spinel-config.h index ef6d5abd249..75dd496ceae 100644 --- a/src/lib/spinel/openthread-spinel-config.h +++ b/src/lib/spinel/openthread-spinel-config.h @@ -90,13 +90,13 @@ #endif /** - * @def OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK + * @def OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE * * Enables compilation of vendor specific code for Spinel * */ -#ifndef OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK -#define OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK 0 +#ifndef OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE +#define OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE 0 #endif /** diff --git a/src/lib/spinel/radio_spinel.cpp b/src/lib/spinel/radio_spinel.cpp index 7da561ae2cc..495a9bb1ce3 100644 --- a/src/lib/spinel/radio_spinel.cpp +++ b/src/lib/spinel/radio_spinel.cpp @@ -747,7 +747,7 @@ void RadioSpinel::HandleValueIs(spinel_prop_key_t aKey, const uint8_t *aBuffer, break; } } -#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE else if (aKey >= SPINEL_PROP_VENDOR__BEGIN && aKey < SPINEL_PROP_VENDOR__END) { error = VendorHandleValueIs(aKey); diff --git a/src/lib/spinel/radio_spinel.hpp b/src/lib/spinel/radio_spinel.hpp index dcac23e9e9f..594ce9126c2 100644 --- a/src/lib/spinel/radio_spinel.hpp +++ b/src/lib/spinel/radio_spinel.hpp @@ -1065,7 +1065,7 @@ class RadioSpinel */ void RestoreProperties(void); #endif -#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE /** * Defines a vendor "set property handler" hook to process vendor spinel properties. * diff --git a/src/posix/platform/radio.hpp b/src/posix/platform/radio.hpp index 00c958c2ff1..49cdfdf3d67 100644 --- a/src/posix/platform/radio.hpp +++ b/src/posix/platform/radio.hpp @@ -35,7 +35,7 @@ #include "posix/platform/radio_url.hpp" #include "posix/platform/spi_interface.hpp" #include "posix/platform/vendor_interface.hpp" -#if OPENTHREAD_SPINEL_CONFIG_ENABLE_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE #ifdef OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER #include OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_HEADER #endif @@ -110,7 +110,7 @@ class Radio #endif RadioUrl mRadioUrl; -#if OPENTHREAD_ENABLE_SPINEL_VENDOR_HOOK +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE Spinel::VendorRadioSpinel mRadioSpinel; #else Spinel::RadioSpinel mRadioSpinel; From 3400692b03044b9c673d3e015c24f9c0cd7cb404 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Tue, 19 Dec 2023 08:07:47 -0800 Subject: [PATCH 038/121] [config] fix typos in config docs (#9725) --- src/core/config/dnssd_server.h | 2 +- src/core/config/srp_client.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/config/dnssd_server.h b/src/core/config/dnssd_server.h index 8d6bb46d4e6..ffcfb5556e6 100644 --- a/src/core/config/dnssd_server.h +++ b/src/core/config/dnssd_server.h @@ -48,7 +48,7 @@ /** * @def OPENTHREAD_CONFIG_DNSSD_SERVER_PORT * - * Define the the DNS-SD Server port. + * Define the DNS-SD Server port. * */ #ifndef OPENTHREAD_CONFIG_DNSSD_SERVER_PORT diff --git a/src/core/config/srp_client.h b/src/core/config/srp_client.h index ca609abeb43..40f3f9321ed 100644 --- a/src/core/config/srp_client.h +++ b/src/core/config/srp_client.h @@ -274,7 +274,7 @@ * @def OPENTHREAD_CONFIG_SRP_CLIENT_RETRY_WAIT_INTERVAL_JITTER * * Specifies jitter (in msec) for retry wait interval. If the current retry wait interval is smaller than the jitter - * then the the wait interval itself is used as jitter (e.g., with jitter 500 msec and if retry interval is 300ms + * then the wait interval itself is used as jitter (e.g., with jitter 500 msec and if retry interval is 300ms * the retry interval is then randomly selected from [0, 2*300] ms). * */ From eec54ef46d24d4c34347c5adb9d855f9fba5c053 Mon Sep 17 00:00:00 2001 From: Eduardo Montoya Date: Tue, 19 Dec 2023 17:37:16 +0100 Subject: [PATCH 039/121] [github-actions] avoid `dependabot` pull requests in forks (#9728) OpenThread forks typically inherit all commits in the repo, including the `dependabot` changes, so it's not needed to generate the same PRs in the forks as well. --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index b4cb6e3b232..3c49053984c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -29,6 +29,7 @@ version: 2 updates: - package-ecosystem: "github-actions" + if: github.repository == "openthread/openthread" directory: "/" schedule: interval: "weekly" From a492d04a31d675d38c115cf248a6b4416a386811 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 19 Dec 2023 10:45:46 -0800 Subject: [PATCH 040/121] [dns-types] add template variants of reading DNS names or labels (#9720) This commit introduces template variants for `ReadName()` and other related methods, allowing flexible reading of DNS names and labels from messages into a given array buffer. This simplifies the code and improves readability. Additionally, this commit defines new types, `Dns::Name::Buffer` and `Dns::Name::LabelBuffer`, as arrays of char with fixed sizes to hold DNS names and labels, respectively. --- src/core/net/dns_types.hpp | 125 +++++++++++++++++++++++++++++++++ src/core/net/dnssd_server.cpp | 58 +++++++-------- src/core/net/dnssd_server.hpp | 10 ++- src/core/net/srp_server.cpp | 68 +++++++++--------- src/core/net/srp_server.hpp | 6 ++ tests/unit/test_dns.cpp | 74 +++++++++---------- tests/unit/test_dns_client.cpp | 22 +++--- 7 files changed, 245 insertions(+), 118 deletions(-) diff --git a/src/core/net/dns_types.hpp b/src/core/net/dns_types.hpp index 9f8a93093a1..a8fb88a158e 100644 --- a/src/core/net/dns_types.hpp +++ b/src/core/net/dns_types.hpp @@ -511,8 +511,24 @@ class Name : public Clearable */ static constexpr uint8_t kMaxLabelLength = kMaxLabelSize - 1; + /** + * Dot character separating labels in a name. + * + */ static constexpr char kLabelSeparatorChar = '.'; + /** + * Represents a string buffer (with `kMaxNameSize`) intended to hold a DNS name. + * + */ + typedef char Buffer[kMaxNameSize]; + + /** + * Represents a string buffer (with `kMaxLabelSize`) intended to hold a DNS label. + * + */ + typedef char LabelBuffer[kMaxLabelSize]; + /** * Represents the name type. * @@ -821,6 +837,35 @@ class Name : public Clearable */ static Error ReadName(const Message &aMessage, uint16_t &aOffset, char *aNameBuffer, uint16_t aNameBufferSize); + /** + * Reads a full name from a message. + * + * On successful read, the read name follows "...", i.e., a sequence of labels separated by + * dot '.' character. The read name will ALWAYS end with a dot. + * + * Verifies that the labels after the first label in message do not contain any dot character. If they do, + * returns `kErrorParse`. + * + * @tparam kNameBufferSize Size of the string buffer array. + * + * @param[in] aMessage The message to read the name from. `aMessage.GetOffset()` MUST point to + * the start of DNS header (this is used to handle compressed names). + * @param[in,out] aOffset On input, the offset in @p aMessage pointing to the start of the name field. + * On exit (when parsed successfully), @p aOffset is updated to point to the byte + * after the end of name field. + * @param[out] aNameBuffer Reference to a name string buffer to output the read name. + * + * @retval kErrorNone Successfully read the name, @p aNameBuffer and @p Offset are updated. + * @retval kErrorParse Name could not be parsed (invalid format). + * @retval kErrorNoBufs Name could not fit in @p aNameBuffer. + * + */ + template + static Error ReadName(const Message &aMessage, uint16_t &aOffset, char (&aNameBuffer)[kNameBufferSize]) + { + return ReadName(aMessage, aOffset, aNameBuffer, kNameBufferSize); + } + /** * Compares a single name label from a message with a given label string. * @@ -946,6 +991,30 @@ class Name : public Clearable */ static Error ExtractLabels(const char *aName, const char *aSuffixName, char *aLabels, uint16_t aLabelsSize); + /** + * Extracts label(s) from a full name by checking that it contains a given suffix name (e.g., suffix name can be + * a domain name) and removing it. + * + * Both @p aName and @p aSuffixName must be full DNS name and end with ('.'), otherwise the behavior of this method + * is undefined. + * + * @tparam kLabelsBufferSize Size of the buffer string. + * + * @param[in] aName The full name to extract labels from. + * @param[in] aSuffixName The suffix name (e.g. can be domain name). + * @param[out] aLabelsBuffer A buffer to copy the extracted labels. + * + * @retval kErrorNone Successfully extracted the labels, @p aLabels is updated. + * @retval kErrorParse @p aName does not contain @p aSuffixName. + * @retval kErrorNoBufs Could not fit the labels in @p aLabels. + * + */ + template + static Error ExtractLabels(const char *aName, const char *aSuffixName, char (&aLabels)[kLabelsBufferSize]) + { + return ExtractLabels(aName, aSuffixName, aLabels, kLabelsBufferSize); + } + /** * Tests if a DNS name is a sub-domain of a given domain. * @@ -1660,6 +1729,36 @@ class PtrRecord : public ResourceRecord char *aNameBuffer, uint16_t aNameBufferSize) const; + /** + * Parses and reads the PTR name from a message. + * + * This is a template variation of the previous method with name and label buffer sizes as template parameters. + * + * @tparam kLabelBufferSize The size of label buffer. + * @tparam kNameBufferSize The size of name buffer. + * + * @param[in] aMessage The message to read from. `aMessage.GetOffset()` MUST point to the start of + * DNS header. + * @param[in,out] aOffset On input, the offset in @p aMessage to the start of PTR name field. + * On exit, when successfully read, @p aOffset is updated to point to the byte + * after the entire PTR record (skipping over the record). + * @param[out] aLabelBuffer A char array buffer to output the first label as a null-terminated C string. + * @param[out] aNameBuffer A char array to output the rest of name (after first label). + * + * @retval kErrorNone The PTR name was read successfully. @p aOffset, @aLabelBuffer and @aNameBuffer are updated. + * @retval kErrorParse The PTR record in @p aMessage could not be parsed (invalid format). + * @retval kErrorNoBufs Either label or name could not fit in the related given buffers. + * + */ + template + Error ReadPtrName(const Message &aMessage, + uint16_t &aOffset, + char (&aLabelBuffer)[kLabelBufferSize], + char (&aNameBuffer)[kNameBufferSize]) const + { + return ReadPtrName(aMessage, aOffset, aLabelBuffer, kLabelBufferSize, aNameBuffer, kNameBufferSize); + } + } OT_TOOL_PACKED_END; /** @@ -1868,6 +1967,32 @@ class SrvRecord : public ResourceRecord /* aSkipRecord */ true); } + /** + * Parses and reads the SRV target host name from a message. + * + * Also verifies that the SRV record is well-formed (e.g., the record data length `GetLength()` matches + * the SRV encoded name). + * + * @tparam kNameBufferSize Size of the name buffer. + * + * @param[in] aMessage The message to read from. `aMessage.GetOffset()` MUST point to the start of + * DNS header. + * @param[in,out] aOffset On input, the offset in @p aMessage to start of target host name field. + * On exit when successfully read, @p aOffset is updated to point to the byte + * after the entire SRV record (skipping over the record). + * @param[out] aNameBuffer A char array to output the read name as a null-terminated C string + * + * @retval kErrorNone The host name was read successfully. @p aOffset and @p aNameBuffer are updated. + * @retval kErrorParse The SRV record in @p aMessage could not be parsed (invalid format). + * @retval kErrorNoBufs Name could not fit in @p aNameBuffer. + * + */ + template + Error ReadTargetHostName(const Message &aMessage, uint16_t &aOffset, char (&aNameBuffer)[kNameBufferSize]) const + { + return ReadTargetHostName(aMessage, aOffset, aNameBuffer, kNameBufferSize); + } + private: uint16_t mPriority; uint16_t mWeight; diff --git a/src/core/net/dnssd_server.cpp b/src/core/net/dnssd_server.cpp index ea59c08d515..33aabbd66b0 100644 --- a/src/core/net/dnssd_server.cpp +++ b/src/core/net/dnssd_server.cpp @@ -412,12 +412,12 @@ Error Server::Response::ParseQueryName(void) // Parses and validates the query name and updates // the name compression offsets. - Error error = kErrorNone; - DnsName name; - uint16_t offset; + Error error = kErrorNone; + Name::Buffer name; + uint16_t offset; offset = sizeof(Header); - SuccessOrExit(error = Name::ReadName(*mMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Name::ReadName(*mMessage, offset, name)); switch (mType) { @@ -446,9 +446,9 @@ Error Server::Response::ParseQueryName(void) while (true) { - DnsLabel label; - uint8_t labelLength = sizeof(label); - uint16_t comapreOffset; + Name::LabelBuffer label; + uint8_t labelLength = sizeof(label); + uint16_t comapreOffset; SuccessOrExit(error = Name::ReadLabel(*mMessage, offset, label, labelLength)); @@ -472,7 +472,7 @@ Error Server::Response::ParseQueryName(void) return error; } -void Server::Response::ReadQueryName(DnsName &aName) const { Server::ReadQueryName(*mMessage, aName); } +void Server::Response::ReadQueryName(Name::Buffer &aName) const { Server::ReadQueryName(*mMessage, aName); } bool Server::Response::QueryNameMatches(const char *aName) const { return Server::QueryNameMatches(*mMessage, aName); } @@ -526,12 +526,12 @@ Error Server::Response::AppendSrvRecord(const char *aHostName, uint16_t aWeight, uint16_t aPort) { - Error error = kErrorNone; - SrvRecord srvRecord; - uint16_t recordOffset; - DnsName hostLabels; + Error error = kErrorNone; + SrvRecord srvRecord; + uint16_t recordOffset; + Name::Buffer hostLabels; - SuccessOrExit(error = Name::ExtractLabels(aHostName, kDefaultDomainName, hostLabels, sizeof(hostLabels))); + SuccessOrExit(error = Name::ExtractLabels(aHostName, kDefaultDomainName, hostLabels)); srvRecord.Init(); srvRecord.SetTtl(aTtl); @@ -674,7 +674,7 @@ uint8_t Server::GetNameLength(const char *aName) #if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_INFO) void Server::Response::Log(void) const { - DnsName name; + Name::Buffer name; ReadQueryName(name); LogInfo("%s query for '%s'", QueryTypeToString(mType), name); @@ -830,16 +830,16 @@ bool Server::Response::QueryNameMatchesService(const Srp::Server::Service &aServ #if OPENTHREAD_CONFIG_DNS_UPSTREAM_QUERY_ENABLE bool Server::ShouldForwardToUpstream(const Request &aRequest) { - bool shouldForward = false; - uint16_t readOffset; - DnsName name; + bool shouldForward = false; + uint16_t readOffset; + Name::Buffer name; VerifyOrExit(aRequest.mHeader.IsRecursionDesiredFlagSet()); readOffset = sizeof(Header); for (uint16_t i = 0; i < aRequest.mHeader.GetQuestionCount(); i++) { - SuccessOrExit(Name::ReadName(*aRequest.mMessage, readOffset, name, sizeof(name))); + SuccessOrExit(Name::ReadName(*aRequest.mMessage, readOffset, name)); readOffset += sizeof(Question); VerifyOrExit(!Name::IsSubDomainOf(name, kDefaultDomainName)); @@ -915,7 +915,7 @@ void Server::ResolveByProxy(Response &aResponse, const Ip6::MessageInfo &aMessag { ProxyQuery *query; ProxyQueryInfo info; - DnsName name; + Name::Buffer name; VerifyOrExit(mQuerySubscribe.IsSet()); @@ -950,11 +950,11 @@ void Server::ResolveByProxy(Response &aResponse, const Ip6::MessageInfo &aMessag return; } -void Server::ReadQueryName(const Message &aQuery, DnsName &aName) +void Server::ReadQueryName(const Message &aQuery, Name::Buffer &aName) { uint16_t offset = sizeof(Header); - IgnoreError(Name::ReadName(aQuery, offset, aName, sizeof(aName))); + IgnoreError(Name::ReadName(aQuery, offset, aName)); } bool Server::QueryNameMatches(const Message &aQuery, const char *aName) @@ -979,20 +979,20 @@ void Server::ProxyQueryInfo::UpdateIn(ProxyQuery &aQuery) const aQuery.Write(aQuery.GetLength() - sizeof(ProxyQueryInfo), *this); } -Error Server::Response::ExtractServiceInstanceLabel(const char *aInstanceName, DnsLabel &aLabel) +Error Server::Response::ExtractServiceInstanceLabel(const char *aInstanceName, Name::LabelBuffer &aLabel) { - uint16_t offset; - DnsName serviceName; + uint16_t offset; + Name::Buffer serviceName; offset = mOffsets.mServiceName; - IgnoreError(Name::ReadName(*mMessage, offset, serviceName, sizeof(serviceName))); + IgnoreError(Name::ReadName(*mMessage, offset, serviceName)); - return Name::ExtractLabels(aInstanceName, serviceName, aLabel, sizeof(aLabel)); + return Name::ExtractLabels(aInstanceName, serviceName, aLabel); } void Server::RemoveQueryAndPrepareResponse(ProxyQuery &aQuery, const ProxyQueryInfo &aInfo, Response &aResponse) { - DnsName name; + Name::Buffer name; mProxyQueries.Dequeue(aQuery); aInfo.RemoveFrom(aQuery); @@ -1021,7 +1021,7 @@ void Server::Response::Answer(const ServiceInstanceInfo &aInstanceInfo, const Ip if (mType == kPtrQuery) { - DnsLabel instanceLabel; + Name::LabelBuffer instanceLabel; SuccessOrExit(error = ExtractServiceInstanceLabel(aInstanceInfo.mFullName, instanceLabel)); mSection = kAnswerSection; @@ -1148,7 +1148,7 @@ const otDnssdQuery *Server::GetNextQuery(const otDnssdQuery *aQuery) const return (query == nullptr) ? mProxyQueries.GetHead() : query->GetNext(); } -Server::DnsQueryType Server::GetQueryTypeAndName(const otDnssdQuery *aQuery, char (&aName)[Name::kMaxNameSize]) +Server::DnsQueryType Server::GetQueryTypeAndName(const otDnssdQuery *aQuery, Dns::Name::Buffer &aName) { const ProxyQuery *query = static_cast(aQuery); ProxyQueryInfo info; diff --git a/src/core/net/dnssd_server.hpp b/src/core/net/dnssd_server.hpp index de01d5534ea..3b6b67993b9 100644 --- a/src/core/net/dnssd_server.hpp +++ b/src/core/net/dnssd_server.hpp @@ -258,7 +258,7 @@ class Server : public InstanceLocator, private NonCopyable * @returns The DNS-SD query type. * */ - static DnsQueryType GetQueryTypeAndName(const otDnssdQuery *aQuery, char (&aName)[Name::kMaxNameSize]); + static DnsQueryType GetQueryTypeAndName(const otDnssdQuery *aQuery, Dns::Name::Buffer &aName); /** * Returns the counters of the DNS-SD server. @@ -297,8 +297,6 @@ class Server : public InstanceLocator, private NonCopyable static constexpr uint16_t kMaxConcurrentUpstreamQueries = 32; typedef Header::Response ResponseCode; - typedef char DnsName[Name::kMaxNameSize]; - typedef char DnsLabel[Name::kMaxLabelSize]; typedef Message ProxyQuery; typedef MessageQueue ProxyQueryList; @@ -347,7 +345,7 @@ class Server : public InstanceLocator, private NonCopyable void SetResponseCode(ResponseCode aResponseCode) { mHeader.SetResponseCode(aResponseCode); } ResponseCode AddQuestionsFrom(const Request &aRequest); Error ParseQueryName(void); - void ReadQueryName(DnsName &aName) const; + void ReadQueryName(Name::Buffer &aName) const; bool QueryNameMatches(const char *aName) const; Error AppendQueryName(void); Error AppendPtrRecord(const char *aInstanceLabel, uint32_t aTtl); @@ -367,7 +365,7 @@ class Server : public InstanceLocator, private NonCopyable void Send(const Ip6::MessageInfo &aMessageInfo); void Answer(const HostInfo &aHostInfo, const Ip6::MessageInfo &aMessageInfo); void Answer(const ServiceInstanceInfo &aInstanceInfo, const Ip6::MessageInfo &aMessageInfo); - Error ExtractServiceInstanceLabel(const char *aInstanceName, DnsLabel &aLabel); + Error ExtractServiceInstanceLabel(const char *aInstanceName, Name::LabelBuffer &aLabel); #if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE Error ResolveBySrp(void); bool QueryNameMatchesService(const Srp::Server::Service &aService) const; @@ -408,7 +406,7 @@ class Server : public InstanceLocator, private NonCopyable void ResolveByProxy(Response &aResponse, const Ip6::MessageInfo &aMessageInfo); void RemoveQueryAndPrepareResponse(ProxyQuery &aQuery, const ProxyQueryInfo &aInfo, Response &aResponse); void Finalize(ProxyQuery &aQuery, ResponseCode aResponseCode); - static void ReadQueryName(const Message &aQuery, DnsName &aName); + static void ReadQueryName(const Message &aQuery, Name::Buffer &aName); static bool QueryNameMatches(const Message &aQuery, const char *aName); #if OPENTHREAD_CONFIG_DNS_UPSTREAM_QUERY_ENABLE diff --git a/src/core/net/srp_server.cpp b/src/core/net/srp_server.cpp index aaaaaa71f85..946b84163e6 100644 --- a/src/core/net/srp_server.cpp +++ b/src/core/net/srp_server.cpp @@ -796,13 +796,13 @@ void Server::ProcessDnsUpdate(Message &aMessage, MessageMetadata &aMetadata) Error Server::ProcessZoneSection(const Message &aMessage, MessageMetadata &aMetadata) const { - Error error = kErrorNone; - char name[Dns::Name::kMaxNameSize]; - uint16_t offset = aMetadata.mOffset; + Error error = kErrorNone; + Dns::Name::Buffer name; + uint16_t offset = aMetadata.mOffset; VerifyOrExit(aMetadata.mDnsHeader.GetZoneRecordCount() == 1, error = kErrorParse); - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name)); // TODO: return `Dns::kResponseNotAuth` for not authorized zone names. VerifyOrExit(StringMatch(name, GetDomain(), kStringCaseInsensitiveMatch), error = kErrorSecurity); SuccessOrExit(error = aMessage.Read(offset, aMetadata.mDnsZone)); @@ -861,10 +861,10 @@ Error Server::ProcessHostDescriptionInstruction(Host &aHost, for (uint16_t numRecords = aMetadata.mDnsHeader.GetUpdateRecordCount(); numRecords > 0; numRecords--) { - char name[Dns::Name::kMaxNameSize]; + Dns::Name::Buffer name; Dns::ResourceRecord record; - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name)); SuccessOrExit(error = aMessage.Read(offset, record)); @@ -952,9 +952,9 @@ Error Server::ProcessServiceDiscoveryInstructions(Host &aHost, for (uint16_t numRecords = aMetadata.mDnsHeader.GetUpdateRecordCount(); numRecords > 0; numRecords--) { - char serviceName[Dns::Name::kMaxNameSize]; - char instanceLabel[Dns::Name::kMaxLabelSize]; - char instanceServiceName[Dns::Name::kMaxNameSize]; + Dns::Name::Buffer serviceName; + Dns::Name::LabelBuffer instanceLabel; + Dns::Name::Buffer instanceServiceName; String instanceName; Dns::PtrRecord ptrRecord; const char *subServiceName; @@ -962,7 +962,7 @@ Error Server::ProcessServiceDiscoveryInstructions(Host &aHost, bool isSubType; bool isDelete; - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, serviceName, sizeof(serviceName))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, serviceName)); VerifyOrExit(Dns::Name::IsSubDomainOf(serviceName, GetDomain()), error = kErrorSecurity); error = Dns::ResourceRecord::ReadRecord(aMessage, offset, ptrRecord); @@ -977,8 +977,7 @@ Error Server::ProcessServiceDiscoveryInstructions(Host &aHost, SuccessOrExit(error); - SuccessOrExit(error = ptrRecord.ReadPtrName(aMessage, offset, instanceLabel, sizeof(instanceLabel), - instanceServiceName, sizeof(instanceServiceName))); + SuccessOrExit(error = ptrRecord.ReadPtrName(aMessage, offset, instanceLabel, instanceServiceName)); instanceName.Append("%s.%s", instanceLabel, instanceServiceName); // Class None indicates "Delete an RR from an RRset". @@ -1076,11 +1075,11 @@ Error Server::ProcessServiceDescriptionInstructions(Host &aHost, for (uint16_t numRecords = aMetadata.mDnsHeader.GetUpdateRecordCount(); numRecords > 0; numRecords--) { - char name[Dns::Name::kMaxNameSize]; + Dns::Name::Buffer name; Dns::ResourceRecord record; Service *service; - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name)); SuccessOrExit(error = aMessage.Read(offset, record)); if (record.GetClass() == Dns::ResourceRecord::kClassAny) @@ -1102,9 +1101,8 @@ Error Server::ProcessServiceDescriptionInstructions(Host &aHost, if (record.GetType() == Dns::ResourceRecord::kTypeSrv) { - Dns::SrvRecord srvRecord; - char hostName[Dns::Name::kMaxNameSize]; - uint16_t hostNameLength = sizeof(hostName); + Dns::SrvRecord srvRecord; + Dns::Name::Buffer hostName; VerifyOrExit(record.GetClass() == aMetadata.mDnsZone.GetClass(), error = kErrorFailed); @@ -1113,7 +1111,7 @@ Error Server::ProcessServiceDescriptionInstructions(Host &aHost, SuccessOrExit(error = aMessage.Read(offset, srvRecord)); offset += sizeof(srvRecord); - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, hostName, hostNameLength)); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, hostName)); VerifyOrExit(Dns::Name::IsSubDomainOf(name, GetDomain()), error = kErrorSecurity); VerifyOrExit(aHost.Matches(hostName), error = kErrorFailed); @@ -1179,22 +1177,22 @@ bool Server::IsValidDeleteAllRecord(const Dns::ResourceRecord &aRecord) Error Server::ProcessAdditionalSection(Host *aHost, const Message &aMessage, MessageMetadata &aMetadata) const { - Error error = kErrorNone; - Dns::OptRecord optRecord; - Dns::LeaseOption leaseOption; - Dns::SigRecord sigRecord; - char name[2]; // The root domain name (".") is expected. - uint16_t offset = aMetadata.mOffset; - uint16_t sigOffset; - uint16_t sigRdataOffset; - char signerName[Dns::Name::kMaxNameSize]; - uint16_t signatureLength; + Error error = kErrorNone; + Dns::OptRecord optRecord; + Dns::LeaseOption leaseOption; + Dns::SigRecord sigRecord; + char name[2]; // The root domain name (".") is expected. + uint16_t offset = aMetadata.mOffset; + uint16_t sigOffset; + uint16_t sigRdataOffset; + Dns::Name::Buffer signerName; + uint16_t signatureLength; VerifyOrExit(aMetadata.mDnsHeader.GetAdditionalRecordCount() == 2, error = kErrorFailed); // EDNS(0) Update Lease Option. - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name)); SuccessOrExit(error = aMessage.Read(offset, optRecord)); SuccessOrExit(error = leaseOption.ReadFrom(aMessage, offset + sizeof(optRecord), optRecord.GetLength())); @@ -1221,7 +1219,7 @@ Error Server::ProcessAdditionalSection(Host *aHost, const Message &aMessage, Mes // SIG(0). sigOffset = offset; - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name, sizeof(name))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, name)); SuccessOrExit(error = aMessage.Read(offset, sigRecord)); VerifyOrExit(sigRecord.IsValid(), error = kErrorParse); @@ -1232,7 +1230,7 @@ Error Server::ProcessAdditionalSection(Host *aHost, const Message &aMessage, Mes // implemented because the end device may not be able to get // the synchronized date/time. - SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, signerName, sizeof(signerName))); + SuccessOrExit(error = Dns::Name::ReadName(aMessage, offset, signerName)); signatureLength = sigRecord.GetLength() - (offset - sigRdataOffset); offset += signatureLength; @@ -1383,9 +1381,9 @@ void Server::InformUpdateHandlerOrCommit(Error aError, Host &aHost, const Messag for (const Heap::String &subType : service.mSubTypes) { - char label[Dns::Name::kMaxLabelSize]; + Dns::Name::LabelBuffer label; - IgnoreError(Service::ParseSubTypeServiceName(subType.AsCString(), label, sizeof(label))); + IgnoreError(Service::ParseSubTypeServiceName(subType.AsCString(), label)); LogInfo(" sub-type: %s", label); } } @@ -1892,9 +1890,9 @@ void Server::Service::Log(Action aAction) const for (const Heap::String &subType : mSubTypes) { - char label[Dns::Name::kMaxLabelSize]; + Dns::Name::LabelBuffer label; - IgnoreError(ParseSubTypeServiceName(subType.AsCString(), label, sizeof(label))); + IgnoreError(ParseSubTypeServiceName(subType.AsCString(), label)); LogInfo(" sub-type: %s", subType.AsCString()); } } diff --git a/src/core/net/srp_server.hpp b/src/core/net/srp_server.hpp index bb73c154a97..c506416eca4 100644 --- a/src/core/net/srp_server.hpp +++ b/src/core/net/srp_server.hpp @@ -407,6 +407,12 @@ class Server : public InstanceLocator, private NonCopyable bool Matches(const char *aInstanceName) const; void Log(Action aAction) const; + template + static Error ParseSubTypeServiceName(const char *aSubTypeServiceName, char (&aLabel)[kLabelSize]) + { + return ParseSubTypeServiceName(aSubTypeServiceName, aLabel, kLabelSize); + } + Service *mNext; Heap::String mInstanceName; Heap::String mInstanceLabel; diff --git a/tests/unit/test_dns.cpp b/tests/unit/test_dns.cpp index a8408aad487..8e6ef0dd8a4 100644 --- a/tests/unit/test_dns.cpp +++ b/tests/unit/test_dns.cpp @@ -56,20 +56,20 @@ void TestDnsName(void) const char *mExpectedReadName; }; - Instance *instance; - MessagePool *messagePool; - Message *message; - uint8_t buffer[kMaxSize]; - uint16_t len; - uint16_t offset; - char label[Dns::Name::kMaxLabelSize]; - uint8_t labelLength; - char name[Dns::Name::kMaxNameSize]; - const char *subDomain; - const char *domain; - const char *domain2; - const char *fullName; - const char *suffixName; + Instance *instance; + MessagePool *messagePool; + Message *message; + uint8_t buffer[kMaxSize]; + uint16_t len; + uint16_t offset; + Dns::Name::LabelBuffer label; + uint8_t labelLength; + Dns::Name::Buffer name; + const char *subDomain; + const char *domain; + const char *domain2; + const char *fullName; + const char *suffixName; static const uint8_t kEncodedName1[] = {7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 3, 'c', 'o', 'm', 0}; static const uint8_t kEncodedName2[] = {3, 'f', 'o', 'o', 1, 'a', 2, 'b', 'b', 3, 'e', 'd', 'u', 0}; @@ -254,42 +254,42 @@ void TestDnsName(void) fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "default.service.arpa."; - SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); fullName = "my.service._ipps._tcp.default.service.arpa."; suffixName = "_ipps._tcp.default.service.arpa."; - SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); VerifyOrQuit(strcmp(name, "my.service") == 0); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "DeFault.SerVice.ARPA."; - SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "efault.service.arpa."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "xdefault.service.arpa."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = ".default.service.arpa."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "default.service.arp."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "default.service.arpa."; suffixName = "default.service.arpa."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "efault.service.arpa."; suffixName = "default.service.arpa."; - VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name, sizeof(name)) == kErrorParse); + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "default.service.arpa."; @@ -342,7 +342,7 @@ void TestDnsName(void) // Read entire name offset = 0; - SuccessOrQuit(Dns::Name::ReadName(*message, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); printf("Read name =\"%s\"\n", name); @@ -633,7 +633,7 @@ void TestDnsCompressedName(void) "Name::ReadLabel() failed at end of the name"); offset = name1Offset; - SuccessOrQuit(Dns::Name::ReadName(*message, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); printf("Read name =\"%s\"\n", name); VerifyOrQuit(strcmp(name, kExpectedReadName1) == 0, "Name::ReadName() did not return expected name"); VerifyOrQuit(offset == name1Offset + sizeof(kEncodedName), "Name::ReadName() returned incorrect offset"); @@ -690,7 +690,7 @@ void TestDnsCompressedName(void) "Name::ReadLabel() failed at end of the name"); offset = name2Offset; - SuccessOrQuit(Dns::Name::ReadName(*message, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); printf("Read name =\"%s\"\n", name); VerifyOrQuit(strcmp(name, kExpectedReadName2) == 0, "Name::ReadName() did not return expected name"); VerifyOrQuit(offset == name2Offset + kName2EncodedSize, "Name::ReadName() returned incorrect offset"); @@ -747,7 +747,7 @@ void TestDnsCompressedName(void) "Name::ReadLabel() failed at end of the name"); offset = name3Offset; - SuccessOrQuit(Dns::Name::ReadName(*message, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); printf("Read name =\"%s\"\n", name); VerifyOrQuit(strcmp(name, kExpectedReadName3) == 0, "Name::ReadName() did not return expected name"); VerifyOrQuit(offset == name3Offset + kName3EncodedSize, "Name::ReadName() returned incorrect offset"); @@ -801,7 +801,7 @@ void TestDnsCompressedName(void) // `ReadName()` for name-4 should still succeed since only the first label contains dot char offset = name4Offset; - SuccessOrQuit(Dns::Name::ReadName(*message, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); printf("Read name =\"%s\"\n", name); VerifyOrQuit(strcmp(name, kExpectedReadName4) == 0, "Name::ReadName() did not return expected name"); VerifyOrQuit(offset == name4Offset + kName4EncodedSize, "Name::ParseName() returned incorrect offset"); @@ -848,11 +848,11 @@ void TestDnsCompressedName(void) SuccessOrQuit(Dns::Name::CompareName(*message2, offset, dnsName4)); offset = 0; - SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name)); printf("- Name1 after `AppendTo()`: \"%s\"\n", name); - SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name)); printf("- Name2 after `AppendTo()`: \"%s\"\n", name); - SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name, sizeof(name))); + SuccessOrQuit(Dns::Name::ReadName(*message2, offset, name)); printf("- Name3 after `AppendTo()`: \"%s\"\n", name); // `ReadName()` for name-4 will fail due to first label containing dot char. @@ -913,9 +913,9 @@ void TestHeaderAndResourceRecords(void) Dns::ResourceRecord record; Ip6::Address hostAddress; - char label[Dns::Name::kMaxLabelSize]; - char name[Dns::Name::kMaxNameSize]; - uint8_t buffer[kMaxSize]; + Dns::Name::LabelBuffer label; + Dns::Name::Buffer name; + uint8_t buffer[kMaxSize]; printf("================================================================\n"); printf("TestHeaderAndResourceRecords()\n"); @@ -1050,7 +1050,7 @@ void TestHeaderAndResourceRecords(void) SuccessOrQuit(Dns::ResourceRecord::ReadRecord(*message, offset, ptrRecord)); VerifyOrQuit(ptrRecord.GetTtl() == kTtl, "Read PTR is incorrect"); - SuccessOrQuit(ptrRecord.ReadPtrName(*message, offset, label, sizeof(label), name, sizeof(name))); + SuccessOrQuit(ptrRecord.ReadPtrName(*message, offset, label, name)); VerifyOrQuit(strcmp(label, instanceLabel) == 0, "Inst label is incorrect"); VerifyOrQuit(strcmp(name, kServiceName) == 0); @@ -1077,7 +1077,7 @@ void TestHeaderAndResourceRecords(void) VerifyOrQuit(numRecords == prevNumRecords - 1, "Incorrect num records"); SuccessOrQuit(Dns::ResourceRecord::ReadRecord(*message, offset, ptrRecord)); VerifyOrQuit(ptrRecord.GetTtl() == kTtl, "Read PTR is incorrect"); - SuccessOrQuit(ptrRecord.ReadPtrName(*message, offset, label, sizeof(label), name, sizeof(name))); + SuccessOrQuit(ptrRecord.ReadPtrName(*message, offset, label, name)); printf(" \"%s\" PTR %u %d inst:\"%s\" at \"%s\"\n", kServiceName, ptrRecord.GetTtl(), ptrRecord.GetLength(), label, name); } @@ -1125,7 +1125,7 @@ void TestHeaderAndResourceRecords(void) VerifyOrQuit(srvRecord.GetPort() == kSrvPort); VerifyOrQuit(srvRecord.GetWeight() == kSrvWeight); VerifyOrQuit(srvRecord.GetPriority() == kSrvPriority); - SuccessOrQuit(srvRecord.ReadTargetHostName(*message, offset, name, sizeof(name))); + SuccessOrQuit(srvRecord.ReadTargetHostName(*message, offset, name)); VerifyOrQuit(strcmp(name, kHostName) == 0); printf(" \"%s\" SRV %u %d %d %d %d \"%s\"\n", instanceName, srvRecord.GetTtl(), srvRecord.GetLength(), srvRecord.GetPort(), srvRecord.GetWeight(), srvRecord.GetPriority(), name); diff --git a/tests/unit/test_dns_client.cpp b/tests/unit/test_dns_client.cpp index 59efab72df2..74c5598c036 100644 --- a/tests/unit/test_dns_client.cpp +++ b/tests/unit/test_dns_client.cpp @@ -357,10 +357,10 @@ struct BrowseInfo { void Reset(void) { mCallbackCount = 0; } - uint16_t mCallbackCount; - Error mError; - char mServiceName[Dns::Name::kMaxNameSize]; - uint16_t mNumInstances; + uint16_t mCallbackCount; + Error mError; + Dns::Name::Buffer mServiceName; + uint16_t mNumInstances; }; static BrowseInfo sBrowseInfo; @@ -384,8 +384,8 @@ void BrowseCallback(otError aError, const otDnsBrowseResponse *aResponse, void * for (uint16_t index = 0;; index++) { - char instLabel[Dns::Name::kMaxLabelSize]; - Error error; + Dns::Name::LabelBuffer instLabel; + Error error; error = response.GetServiceInstance(index, instLabel, sizeof(instLabel)); @@ -423,7 +423,7 @@ struct ResolveServiceInfo uint16_t mCallbackCount; Error mError; Dns::Client::ServiceInfo mInfo; - char mNameBuffer[Dns::Name::kMaxNameSize]; + Dns::Name::Buffer mNameBuffer; uint8_t mTxtBuffer[kMaxTxtBuffer]; Ip6::Address mHostAddresses[kMaxHostAddresses]; uint8_t mNumHostAddresses; @@ -434,8 +434,8 @@ static ResolveServiceInfo sResolveServiceInfo; void ServiceCallback(otError aError, const otDnsServiceResponse *aResponse, void *aContext) { const Dns::Client::ServiceResponse &response = AsCoreType(aResponse); - char instLabel[Dns::Name::kMaxLabelSize]; - char serviceName[Dns::Name::kMaxNameSize]; + Dns::Name::LabelBuffer instLabel; + Dns::Name::Buffer serviceName; Log("ServiceCallback"); Log(" Error: %s", ErrorToString(aError)); @@ -912,8 +912,8 @@ void TestDnsClient(void) //---------------------------------------------------------------------------------------------------------------------- -char sLastSubscribeName[Dns::Name::kMaxNameSize]; -char sLastUnsubscribeName[Dns::Name::kMaxNameSize]; +Dns::Name::Buffer sLastSubscribeName; +Dns::Name::Buffer sLastUnsubscribeName; void QuerySubscribe(void *aContext, const char *aFullName) { From 55cc30b482b3047e2ee923e2437f179eb9547d21 Mon Sep 17 00:00:00 2001 From: Li Cao Date: Thu, 21 Dec 2023 03:27:33 +0800 Subject: [PATCH 041/121] [spinel] add spinel net role DISABLED (#9731) This commit adds net role 'DISABLED' into `spinel_net_role_t` to differentiate between 'DISABLED' and 'DETACHED' status of NCP. Since this is only used for NCP and not related with RCP, the `RCP_API_VERSION` is not updated. --- src/lib/spinel/spinel.c | 8 +++----- src/lib/spinel/spinel.h | 2 ++ 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/lib/spinel/spinel.c b/src/lib/spinel/spinel.c index 82ea5555626..c85d2444cf4 100644 --- a/src/lib/spinel/spinel.c +++ b/src/lib/spinel/spinel.c @@ -1500,11 +1500,9 @@ const char *spinel_prop_key_to_cstr(spinel_prop_key_t prop_key) const char *spinel_net_role_to_cstr(uint8_t net_role) { static const struct spinel_cstr spinel_net_cstr[] = { - {SPINEL_NET_ROLE_DETACHED, "NET_ROLE_DETACHED"}, - {SPINEL_NET_ROLE_CHILD, "NET_ROLE_CHILD"}, - {SPINEL_NET_ROLE_ROUTER, "NET_ROLE_ROUTER"}, - {SPINEL_NET_ROLE_LEADER, "NET_ROLE_LEADER"}, - {0, NULL}, + {SPINEL_NET_ROLE_DETACHED, "NET_ROLE_DETACHED"}, {SPINEL_NET_ROLE_CHILD, "NET_ROLE_CHILD"}, + {SPINEL_NET_ROLE_ROUTER, "NET_ROLE_ROUTER"}, {SPINEL_NET_ROLE_LEADER, "NET_ROLE_LEADER"}, + {SPINEL_NET_ROLE_DISABLED, "NET_ROLE_DISABLED"}, {0, NULL}, }; return spinel_to_cstr(spinel_net_cstr, net_role); diff --git a/src/lib/spinel/spinel.h b/src/lib/spinel/spinel.h index 5d8094db49f..d91a039ac46 100644 --- a/src/lib/spinel/spinel.h +++ b/src/lib/spinel/spinel.h @@ -598,6 +598,7 @@ typedef enum SPINEL_NET_ROLE_CHILD = 1, SPINEL_NET_ROLE_ROUTER = 2, SPINEL_NET_ROLE_LEADER = 3, + SPINEL_NET_ROLE_DISABLED = 4, } spinel_net_role_t; typedef enum @@ -2296,6 +2297,7 @@ enum * SPINEL_NET_ROLE_CHILD = 1, * SPINEL_NET_ROLE_ROUTER = 2, * SPINEL_NET_ROLE_LEADER = 3, + * SPINEL_NET_ROLE_DISABLED = 4, * */ SPINEL_PROP_NET_ROLE = SPINEL_PROP_NET__BEGIN + 3, From 1d126effb92b754eda0a379eb082f6ce8e259c00 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Wed, 20 Dec 2023 11:32:00 -0800 Subject: [PATCH 042/121] [factory-diags] fix usage of `OPENTHREAD_RADIO` (#9736) --- src/core/diags/factory_diags.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/diags/factory_diags.cpp b/src/core/diags/factory_diags.cpp index 249594f77a4..78845f1aab6 100644 --- a/src/core/diags/factory_diags.cpp +++ b/src/core/diags/factory_diags.cpp @@ -846,7 +846,7 @@ Error Diags::ProcessCmd(uint8_t aArgsLength, char *aArgs[], char *aOutput, size_ // This `rcp` command is for debugging and testing only, building only when NDEBUG is not defined // so that it will be excluded from release build. -#if !defined(NDEBUG) && defined(OPENTHREAD_RADIO) +#if OPENTHREAD_RADIO && !defined(NDEBUG) if (aArgsLength > 0 && !strcmp(aArgs[0], "rcp")) { aArgs++; From 16596a38c3617da1ccc4aec81e41dc911b8e5bd3 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Wed, 20 Dec 2023 12:51:50 -0800 Subject: [PATCH 043/121] [docs] create config variables list (#9721) --- doc/ot_config_doc.h | 89 ++++++++++++++++++++++++++ src/core/config/announce_sender.h | 17 ++++- src/core/config/backbone_router.h | 15 +++++ src/core/config/border_agent.h | 15 +++++ src/core/config/border_router.h | 15 +++++ src/core/config/border_routing.h | 15 +++++ src/core/config/channel_manager.h | 15 +++++ src/core/config/channel_monitor.h | 15 +++++ src/core/config/child_supervision.h | 15 +++++ src/core/config/coap.h | 15 +++++ src/core/config/commissioner.h | 15 +++++ src/core/config/crypto.h | 15 +++++ src/core/config/dataset_updater.h | 15 +++++ src/core/config/dhcp6_client.h | 15 +++++ src/core/config/dhcp6_server.h | 15 +++++ src/core/config/diag.h | 15 +++++ src/core/config/dns_client.h | 15 +++++ src/core/config/dns_dso.h | 15 +++++ src/core/config/dnssd_server.h | 15 +++++ src/core/config/history_tracker.h | 15 +++++ src/core/config/ip6.h | 15 +++++ src/core/config/joiner.h | 15 +++++ src/core/config/link_metrics_manager.h | 15 +++++ src/core/config/link_quality.h | 15 +++++ src/core/config/link_raw.h | 15 +++++ src/core/config/logging.h | 15 +++++ src/core/config/mac.h | 15 +++++ src/core/config/mesh_diag.h | 15 +++++ src/core/config/mesh_forwarder.h | 15 +++++ src/core/config/misc.h | 15 +++++ src/core/config/mle.h | 15 +++++ src/core/config/nat64.h | 15 +++++ src/core/config/netdata_publisher.h | 15 +++++ src/core/config/network_diagnostic.h | 15 +++++ src/core/config/parent_search.h | 15 +++++ src/core/config/ping_sender.h | 15 +++++ src/core/config/platform.h | 15 +++++ src/core/config/power_calibration.h | 15 +++++ src/core/config/radio_link.h | 15 +++++ src/core/config/secure_transport.h | 15 +++++ src/core/config/sntp_client.h | 15 +++++ src/core/config/srp_client.h | 15 +++++ src/core/config/srp_server.h | 15 +++++ src/core/config/time_sync.h | 15 +++++ src/core/config/tmf.h | 16 +++++ 45 files changed, 751 insertions(+), 1 deletion(-) create mode 100644 doc/ot_config_doc.h diff --git a/doc/ot_config_doc.h b/doc/ot_config_doc.h new file mode 100644 index 00000000000..16909d6bd64 --- /dev/null +++ b/doc/ot_config_doc.h @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief + * This file defines the Doxygen group structure for OpenThread documentation. + */ + +/** + * @defgroup config Config Variables + * @brief + * This module lists all OpenThread configuration variables. + * + * @{ + * + * @defgroup config-announce-sender Announce Sender + * @defgroup config-backbone-router Backbone Router Services + * @defgroup config-border-agent Border Agent + * @defgroup config-border-router Border Router + * @defgroup config-border-routing Border Routing Manager + * @defgroup config-channel-manager Channel Manager + * @defgroup config-channel-monitor Channel Monitor + * @defgroup config-child-supervision Child Supervision + * @defgroup config-coap CoAP + * @defgroup config-commissioner Commissioner + * @defgroup config-crypto Crypto Backend Library + * @defgroup config-dataset-updater Dataset Updater + * @defgroup config-dhcpv6-client DHCPv6 Client + * @defgroup config-dhcpv6-server DHCPv6 Server + * @defgroup config-diag DIAG Service + * @defgroup config-dns-client DNS Client + * @defgroup config-dns-dso DNS Stateful Operations + * @defgroup config-dnssd-server DNS-SD Server + * @defgroup config-history-tracker History Tracker + * @defgroup config-ip6 IP6 Service + * @defgroup config-joiner Joiner + * @defgroup config-link-metrics-manager Link Metrics Manager + * @defgroup config-link-quality Link Quality + * @defgroup config-link-raw Link Raw Service + * @defgroup config-logging Logging Service + * @defgroup config-mac MAC + * @defgroup config-mesh-diag Mesh Diagnostic + * @defgroup config-mesh-forwarder Mesh Forwarder + * @defgroup config-misc Miscellaneous Constants + * @defgroup config-mle MLE Service + * @defgroup config-nat64 NAT64 + * @defgroup config-netdata-publisher Network Data Publisher + * @defgroup config-network-diagnostic Network Diagnostics + * @defgroup config-parent-search Parent Search + * @defgroup config-ping-sender Ping Sender + * @defgroup config-platform Platform Specific Services + * @defgroup config-power-calibration Power Calibration + * @defgroup config-radio-link Radio Links + * @defgroup config-secure-transport Secure Transport + * @defgroup config-sntp-client SNTP Client + * @defgroup config-srp-client SRP Client + * @defgroup config-srp-server SRP Server + * @defgroup config-time-sync Time Sync Service + * @defgroup config-tmf Thread Management Framework Service + * + * @} + * + */ diff --git a/src/core/config/announce_sender.h b/src/core/config/announce_sender.h index b71d88e7a8a..7d6b8ae28d1 100644 --- a/src/core/config/announce_sender.h +++ b/src/core/config/announce_sender.h @@ -28,13 +28,23 @@ /** * @file - * This file includes compile-time configurations for the DNS Client. + * This file includes compile-time configurations for the Announce Sender. * */ #ifndef CONFIG_ANNOUNCE_SENDER_H_ #define CONFIG_ANNOUNCE_SENDER_H_ +/** + * @addtogroup config-announce-sender + * + * @brief + * This module includes configuration variables for the Announce Sender. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_ANNOUNCE_SENDER_ENABLE * @@ -90,4 +100,9 @@ #define OPENTHREAD_CONFIG_ANNOUNCE_SENDER_JITTER_INTERVAL 500 #endif +/** + * @} + * + */ + #endif // CONFIG_ANNOUNCE_SENDER_H_ diff --git a/src/core/config/backbone_router.h b/src/core/config/backbone_router.h index e2bdbd3389c..398e0059c96 100644 --- a/src/core/config/backbone_router.h +++ b/src/core/config/backbone_router.h @@ -35,6 +35,16 @@ #ifndef CONFIG_BACKBONE_ROUTER_H_ #define CONFIG_BACKBONE_ROUTER_H_ +/** + * @addtogroup config-backbone-router + * + * @brief + * This module includes configuration variables for Backbone Router services. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE * @@ -113,4 +123,9 @@ #define OPENTHREAD_CONFIG_NDPROXY_TABLE_ENTRY_NUM 250 #endif +/** + * @} + * + */ + #endif // CONFIG_BACKBONE_ROUTER_H_ diff --git a/src/core/config/border_agent.h b/src/core/config/border_agent.h index c7bb8df3a58..5769fe17775 100644 --- a/src/core/config/border_agent.h +++ b/src/core/config/border_agent.h @@ -35,6 +35,16 @@ #ifndef CONFIG_BORDER_AGENT_H_ #define CONFIG_BORDER_AGENT_H_ +/** + * @addtogroup config-border-agent + * + * @brief + * This module includes configuration variables for Border Agent. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE * @@ -65,4 +75,9 @@ #define OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_BORDER_AGENT_H_ diff --git a/src/core/config/border_router.h b/src/core/config/border_router.h index 543ea8feda7..d1586742db1 100644 --- a/src/core/config/border_router.h +++ b/src/core/config/border_router.h @@ -35,6 +35,16 @@ #ifndef CONFIG_BORDER_ROUTER_H_ #define CONFIG_BORDER_ROUTER_H_ +/** + * @addtogroup config-border-router + * + * @brief + * This module includes configuration variables for Border Router services. + * + * @{ + * + */ + #include /** @@ -83,4 +93,9 @@ #define OPENTHREAD_CONFIG_BORDER_ROUTER_SIGNAL_NETWORK_DATA_FULL OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE #endif +/** + * @} + * + */ + #endif // CONFIG_BORDER_ROUTER_H_ diff --git a/src/core/config/border_routing.h b/src/core/config/border_routing.h index 4640a081acd..344cde4a5b9 100644 --- a/src/core/config/border_routing.h +++ b/src/core/config/border_routing.h @@ -35,6 +35,16 @@ #ifndef CONFIG_BORDER_ROUTING_H_ #define CONFIG_BORDER_ROUTING_H_ +/** + * @addtogroup config-border-routing + * + * @brief + * This module includes configuration variables for Border Routing Manager. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE * @@ -162,4 +172,9 @@ #define OPENTHREAD_CONFIG_BORDER_ROUTING_MOCK_PLAT_APIS_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_BORDER_ROUTING_H_ diff --git a/src/core/config/channel_manager.h b/src/core/config/channel_manager.h index 0057b664bc7..7c481c25df4 100644 --- a/src/core/config/channel_manager.h +++ b/src/core/config/channel_manager.h @@ -35,6 +35,16 @@ #ifndef CONFIG_CHANNEL_MANAGER_H_ #define CONFIG_CHANNEL_MANAGER_H_ +/** + * @addtogroup config-channel-manager + * + * @brief + * This module includes configuration variables for Channel Manager. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_CHANNEL_MANAGER_ENABLE * @@ -136,4 +146,9 @@ #define OPENTHREAD_CONFIG_CHANNEL_MANAGER_CCA_FAILURE_THRESHOLD (0xffff * 14 / 100) #endif +/** + * @} + * + */ + #endif // CONFIG_CHANNEL_MANAGER_H_ diff --git a/src/core/config/channel_monitor.h b/src/core/config/channel_monitor.h index 92b263e61a6..312b168e7a6 100644 --- a/src/core/config/channel_monitor.h +++ b/src/core/config/channel_monitor.h @@ -35,6 +35,16 @@ #ifndef CONFIG_CHANNEL_MONITOR_H_ #define CONFIG_CHANNEL_MONITOR_H_ +/** + * @addtogroup config-channel-monitor + * + * @brief + * This module includes configuration variables for Channel Monitor. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_CHANNEL_MONITOR_ENABLE * @@ -92,4 +102,9 @@ #define OPENTHREAD_CONFIG_CHANNEL_MONITOR_SAMPLE_WINDOW 960 #endif +/** + * @} + * + */ + #endif // CONFIG_CHANNEL_MONITOR_H_ diff --git a/src/core/config/child_supervision.h b/src/core/config/child_supervision.h index 94e8ec63a83..a0729498ced 100644 --- a/src/core/config/child_supervision.h +++ b/src/core/config/child_supervision.h @@ -35,6 +35,16 @@ #ifndef CONFIG_CHILD_SUPERVISION_H_ #define CONFIG_CHILD_SUPERVISION_H_ +/** + * @addtogroup config-child-supervision + * + * @brief + * This module includes configuration variables for Child Supervision. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_CHILD_SUPERVISION_INTERVAL * @@ -86,4 +96,9 @@ #define OPENTHREAD_CONFIG_CHILD_SUPERVISION_OLDER_VERSION_CHILD_DEFAULT_INTERVAL 129 #endif +/** + * @} + * + */ + #endif // CONFIG_CHILD_SUPERVISION_H_ diff --git a/src/core/config/coap.h b/src/core/config/coap.h index c3ee709e419..518da3976a9 100644 --- a/src/core/config/coap.h +++ b/src/core/config/coap.h @@ -35,6 +35,16 @@ #ifndef CONFIG_COAP_H_ #define CONFIG_COAP_H_ +/** + * @addtogroup config-coap + * + * @brief + * This module includes configuration variables for CoAP. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_COAP_SERVER_MAX_CACHED_RESPONSES * @@ -97,4 +107,9 @@ #define OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_COAP_H_ diff --git a/src/core/config/commissioner.h b/src/core/config/commissioner.h index ff43adb363c..9a8d9617d0f 100644 --- a/src/core/config/commissioner.h +++ b/src/core/config/commissioner.h @@ -35,6 +35,16 @@ #ifndef CONFIG_COMMISSIONER_H_ #define CONFIG_COMMISSIONER_H_ +/** + * @addtogroup config-commissioner + * + * @brief + * This module includes configuration variables for the Commissioner. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_COMMISSIONER_ENABLE * @@ -66,4 +76,9 @@ #define OPENTHREAD_CONFIG_COMMISSIONER_JOINER_SESSION_TIMEOUT 30 #endif +/** + * @} + * + */ + #endif // CONFIG_COMMISSIONER_H_ diff --git a/src/core/config/crypto.h b/src/core/config/crypto.h index b7fb5c35495..b60520cc94e 100644 --- a/src/core/config/crypto.h +++ b/src/core/config/crypto.h @@ -29,6 +29,16 @@ #ifndef CONFIG_CRYPTO_H_ #define CONFIG_CRYPTO_H_ +/** + * @addtogroup config-crypto + * + * @brief + * This module includes configuration variables for the Crypto Backend Library. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_CRYPTO_LIB * @@ -95,4 +105,9 @@ #endif // OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PLATFORM +/** + * @} + * + */ + #endif // CONFIG_CRYPTO_H_ diff --git a/src/core/config/dataset_updater.h b/src/core/config/dataset_updater.h index 40557485aa9..2543afe95a3 100644 --- a/src/core/config/dataset_updater.h +++ b/src/core/config/dataset_updater.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DATASET_UPDATER_H_ #define CONFIG_DATASET_UPDATER_H_ +/** + * @addtogroup config-dataset-updater + * + * @brief + * This module includes configuration variables for Dataset Updater. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DATASET_UPDATER_ENABLE * @@ -67,4 +77,9 @@ #define OPENTHREAD_CONFIG_DATASET_UPDATER_DEFAULT_RETRY_WAIT_INTERVAL 1500 #endif +/** + * @} + * + */ + #endif // CONFIG_DATASET_UPDATER_H_ diff --git a/src/core/config/dhcp6_client.h b/src/core/config/dhcp6_client.h index 9b50636e1fe..2bf1b6ab1a5 100644 --- a/src/core/config/dhcp6_client.h +++ b/src/core/config/dhcp6_client.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DHCP6_CLIENT_H_ #define CONFIG_DHCP6_CLIENT_H_ +/** + * @addtogroup config-dhcpv6-client + * + * @brief + * This module includes configuration variables for the DHCPv6 client. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DHCP6_CLIENT_ENABLE * @@ -65,4 +75,9 @@ #define OPENTHREAD_CONFIG_DHCP6_CLIENT_NUM_PREFIXES 4 #endif +/** + * @} + * + */ + #endif // CONFIG_DHCP6_CLIENT_H_ diff --git a/src/core/config/dhcp6_server.h b/src/core/config/dhcp6_server.h index d833c6d5d83..8e01fb41177 100644 --- a/src/core/config/dhcp6_server.h +++ b/src/core/config/dhcp6_server.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DHCP6_SERVER_H_ #define CONFIG_DHCP6_SERVER_H_ +/** + * @addtogroup config-dhcpv6-server + * + * @brief + * This module includes configuration variables for the DHCPv6 server. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DHCP6_SERVER_ENABLE * @@ -55,4 +65,9 @@ #define OPENTHREAD_CONFIG_DHCP6_SERVER_NUM_PREFIXES 4 #endif +/** + * @} + * + */ + #endif // CONFIG_DHCP6_SERVER_H_ diff --git a/src/core/config/diag.h b/src/core/config/diag.h index a38d547d20a..03261c70524 100644 --- a/src/core/config/diag.h +++ b/src/core/config/diag.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DIAG_H_ #define CONFIG_DIAG_H_ +/** + * @addtogroup config-diag + * + * @brief + * This module includes configuration variables for the DIAG service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DIAG_ENABLE * @@ -75,4 +85,9 @@ #define OPENTHREAD_CONFIG_DIAG_CMD_LINE_BUFFER_SIZE 256 #endif +/** + * @} + * + */ + #endif // CONFIG_DIAG_H_ diff --git a/src/core/config/dns_client.h b/src/core/config/dns_client.h index d727261d8fe..6db961d4b13 100644 --- a/src/core/config/dns_client.h +++ b/src/core/config/dns_client.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DNS_CLIENT_H_ #define CONFIG_DNS_CLIENT_H_ +/** + * @addtogroup config-dns-client + * + * @brief + * This module includes configuration variables for the DNS client. + * + * @{ + * + */ + #include "config/ip6.h" #include "config/srp_client.h" @@ -181,4 +191,9 @@ #define OPENTHREAD_CONFIG_DNS_CLIENT_OVER_TCP_QUERY_MAX_SIZE 1024 #endif +/** + * @} + * + */ + #endif // CONFIG_DNS_CLIENT_H_ diff --git a/src/core/config/dns_dso.h b/src/core/config/dns_dso.h index 8b7d5a52954..9b5ed576101 100644 --- a/src/core/config/dns_dso.h +++ b/src/core/config/dns_dso.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DNS_DSO_H_ #define CONFIG_DNS_DSO_H_ +/** + * @addtogroup config-dns-dso + * + * @brief + * This module includes configuration variables for DNS Stateful Operations. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DNS_DSO_ENABLE * @@ -87,4 +97,9 @@ #define OPENTHREAD_CONFIG_DNS_DSO_MOCK_PLAT_APIS_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_DNS_DSO_H_ diff --git a/src/core/config/dnssd_server.h b/src/core/config/dnssd_server.h index ffcfb5556e6..36b5620f3c3 100644 --- a/src/core/config/dnssd_server.h +++ b/src/core/config/dnssd_server.h @@ -35,6 +35,16 @@ #ifndef CONFIG_DNSSD_SERVER_H_ #define CONFIG_DNSSD_SERVER_H_ +/** + * @addtogroup config-dnssd-server + * + * @brief + * This module includes configuration variables for the DNS-SD server. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_DNSSD_SERVER_ENABLE * @@ -98,4 +108,9 @@ #define OPENTHREAD_CONFIG_DNS_UPSTREAM_QUERY_MOCK_PLAT_APIS_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_DNSSD_SERVER_H_ diff --git a/src/core/config/history_tracker.h b/src/core/config/history_tracker.h index 591474a3ffd..3da4ae88182 100644 --- a/src/core/config/history_tracker.h +++ b/src/core/config/history_tracker.h @@ -35,6 +35,16 @@ #ifndef CONFIG_HISTORY_TRACKER_H_ #define CONFIG_HISTORY_TRACKER_H_ +/** + * @addtogroup config-history-tracker + * + * @brief + * This module includes configuration variables for History Tracker. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_HISTORY_TRACKER_ENABLE * @@ -163,4 +173,9 @@ #define OPENTHREAD_CONFIG_HISTORY_TRACKER_EXTERNAL_ROUTE_LIST_SIZE 32 #endif +/** + * @} + * + */ + #endif // CONFIG_HISTORY_TRACKER_H_ diff --git a/src/core/config/ip6.h b/src/core/config/ip6.h index 82dc45c9547..94cfaa5b736 100644 --- a/src/core/config/ip6.h +++ b/src/core/config/ip6.h @@ -35,6 +35,16 @@ #ifndef CONFIG_IP6_H_ #define CONFIG_IP6_H_ +/** + * @addtogroup config-ip6 + * + * @brief + * This module includes configuration variables for the IP6 service. + * + * @{ + * + */ + #include "config/border_routing.h" /** @@ -202,4 +212,9 @@ #define OPENTHREAD_CONFIG_IP6_BR_COUNTERS_ENABLE OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE #endif +/** + * @} + * + */ + #endif // CONFIG_IP6_H_ diff --git a/src/core/config/joiner.h b/src/core/config/joiner.h index c01dc3056e7..fdf2bef7f66 100644 --- a/src/core/config/joiner.h +++ b/src/core/config/joiner.h @@ -35,6 +35,16 @@ #ifndef CONFIG_JOINER_H_ #define CONFIG_JOINER_H_ +/** + * @addtogroup config-joiner + * + * @brief + * This module includes configuration variables for the Joiner. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_JOINER_ENABLE * @@ -55,4 +65,9 @@ #define OPENTHREAD_CONFIG_JOINER_MAX_CANDIDATES 2 #endif +/** + * @} + * + */ + #endif // CONFIG_JOINER_H_ diff --git a/src/core/config/link_metrics_manager.h b/src/core/config/link_metrics_manager.h index 96fed110124..8ce73119ac4 100644 --- a/src/core/config/link_metrics_manager.h +++ b/src/core/config/link_metrics_manager.h @@ -35,6 +35,16 @@ #ifndef CONFIG_LINK_METRICS_MANAGER_H_ #define CONFIG_LINK_METRICS_MANAGER_H_ +/** + * @addtogroup config-link-metrics-manager + * + * @brief + * This module includes configuration variables for Link Metrics Manager. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_LINK_METRICS_MANAGER_ENABLE * @@ -55,4 +65,9 @@ #define OPENTHREAD_CONFIG_LINK_METRICS_MANAGER_ON_BY_DEFAULT 0 #endif +/** + * @} + * + */ + #endif // CONFIG_LINK_METRICS_MANAGER_H_ diff --git a/src/core/config/link_quality.h b/src/core/config/link_quality.h index f85c1a14978..2ed1d514f56 100644 --- a/src/core/config/link_quality.h +++ b/src/core/config/link_quality.h @@ -35,6 +35,16 @@ #ifndef CONFIG_LINK_QUALITY_H_ #define CONFIG_LINK_QUALITY_H_ +/** + * @addtogroup config-link-quality + * + * @brief + * This module includes configuration variables for the Link Quality service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_CCA_FAILURE_RATE_AVERAGING_WINDOW * @@ -74,4 +84,9 @@ #define OPENTHREAD_CONFIG_IPV6_TX_ERR_RATE_AVERAGING_WINDOW 128 #endif +/** + * @} + * + */ + #endif // CONFIG_LINK_QUALITY_H_ diff --git a/src/core/config/link_raw.h b/src/core/config/link_raw.h index 6c2ceebeb81..dd7dae2fd4f 100644 --- a/src/core/config/link_raw.h +++ b/src/core/config/link_raw.h @@ -35,6 +35,16 @@ #ifndef CONFIG_LINK_RAW_H_ #define CONFIG_LINK_RAW_H_ +/** + * @addtogroup config-link-raw + * + * @brief + * This module includes configuration variables for the Link Raw service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_LINK_RAW_ENABLE * @@ -45,4 +55,9 @@ #define OPENTHREAD_CONFIG_LINK_RAW_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_LINK_RAW_H_ diff --git a/src/core/config/logging.h b/src/core/config/logging.h index aacec6984f6..c3d6602ea2b 100644 --- a/src/core/config/logging.h +++ b/src/core/config/logging.h @@ -35,6 +35,16 @@ #ifndef CONFIG_LOGGING_H_ #define CONFIG_LOGGING_H_ +/** + * @addtogroup config-logging + * + * @brief + * This module includes configuration variables for the Logging service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_LOG_OUTPUT * @@ -184,4 +194,9 @@ #define OPENTHREAD_CONFIG_LOG_MAX_SIZE 150 #endif +/** + * @} + * + */ + #endif // CONFIG_LOGGING_H_ diff --git a/src/core/config/mac.h b/src/core/config/mac.h index d0cefa6249f..ec7e2f9d29b 100644 --- a/src/core/config/mac.h +++ b/src/core/config/mac.h @@ -35,6 +35,16 @@ #ifndef CONFIG_MAC_H_ #define CONFIG_MAC_H_ +/** + * @addtogroup config-mac + * + * @brief + * This module includes configuration variables for MAC. + * + * @{ + * + */ + #include "config/time_sync.h" /** @@ -587,4 +597,9 @@ #define OPENTHREAD_CONFIG_MAC_DATA_POLL_TIMEOUT 100 #endif +/** + * @} + * + */ + #endif // CONFIG_MAC_H_ diff --git a/src/core/config/mesh_diag.h b/src/core/config/mesh_diag.h index 4049255feb7..962cca878e1 100644 --- a/src/core/config/mesh_diag.h +++ b/src/core/config/mesh_diag.h @@ -35,6 +35,16 @@ #ifndef CONFIG_MESH_DIAG_H_ #define CONFIG_MESH_DIAG_H_ +/** + * @addtogroup config-mesh-diag + * + * @brief + * This module includes configuration variables for Mesh Diagnostic. + * + * @{ + * + */ + #include "config/border_routing.h" /** @@ -59,4 +69,9 @@ #define OPENTHREAD_CONFIG_MESH_DIAG_RESPONSE_TIMEOUT 5000 #endif +/** + * @} + * + */ + #endif // CONFIG_MESH_DIAG_H_ diff --git a/src/core/config/mesh_forwarder.h b/src/core/config/mesh_forwarder.h index c5e12d48b9a..f4a83a69037 100644 --- a/src/core/config/mesh_forwarder.h +++ b/src/core/config/mesh_forwarder.h @@ -34,6 +34,16 @@ #ifndef CONFIG_MESH_FORWARDER_H_ #define CONFIG_MESH_FORWARDER_H_ +/** + * @addtogroup config-mesh-forwarder + * + * @brief + * This module includes configuration variables for the Mesh Forwarder. + * + * @{ + * + */ + #include "config/border_router.h" /** @@ -200,4 +210,9 @@ #define OPENTHREAD_CONFIG_TX_QUEUE_STATISTICS_HISTOGRAM_BIN_INTERVAL 10 #endif +/** + * @} + * + */ + #endif // CONFIG_MESH_FORWARDER_H_ diff --git a/src/core/config/misc.h b/src/core/config/misc.h index c9be7ec5e44..c39fa841090 100644 --- a/src/core/config/misc.h +++ b/src/core/config/misc.h @@ -34,6 +34,16 @@ #ifndef CONFIG_MISC_H_ #define CONFIG_MISC_H_ +/** + * @addtogroup config-misc + * + * @brief + * This module includes configuration variables for Miscellaneous constants. + * + * @{ + * + */ + #include "config/coap.h" #include "config/srp_server.h" @@ -572,4 +582,9 @@ #define OPENTHREAD_CONFIG_OPERATIONAL_DATASET_AUTO_INIT 0 #endif +/** + * @} + * + */ + #endif // CONFIG_MISC_H_ diff --git a/src/core/config/mle.h b/src/core/config/mle.h index 7a7915a140e..0810c010efc 100644 --- a/src/core/config/mle.h +++ b/src/core/config/mle.h @@ -35,6 +35,16 @@ #ifndef CONFIG_MLE_H_ #define CONFIG_MLE_H_ +/** + * @addtogroup config-mle + * + * @brief + * This module includes configuration variables for the MLE service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_MLE_MAX_ROUTERS * @@ -338,4 +348,9 @@ #define OPENTHREAD_CONFIG_MLE_LINK_METRICS_SERIES_MTD 2 #endif +/** + * @} + * + */ + #endif // CONFIG_MLE_H_ diff --git a/src/core/config/nat64.h b/src/core/config/nat64.h index fff5883b072..f2a7a2b0ab4 100644 --- a/src/core/config/nat64.h +++ b/src/core/config/nat64.h @@ -35,6 +35,16 @@ #ifndef CONFIG_NAT64_H_ #define CONFIG_NAT64_H_ +/** + * @addtogroup config-nat64 + * + * @brief + * This module includes configuration variables for NAT64. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_NAT64_TRANSLATOR_ENABLE * @@ -75,4 +85,9 @@ #define OPENTHREAD_CONFIG_NAT64_BORDER_ROUTING_ENABLE 0 #endif +/** + * @} + * + */ + #endif diff --git a/src/core/config/netdata_publisher.h b/src/core/config/netdata_publisher.h index ee8fe583a79..1286852a16a 100644 --- a/src/core/config/netdata_publisher.h +++ b/src/core/config/netdata_publisher.h @@ -35,6 +35,16 @@ #ifndef CONFIG_NETDATA_PUBLISHER_H_ #define CONFIG_NETDATA_PUBLISHER_H_ +/** + * @addtogroup config-netdata-publisher + * + * @brief + * This module includes configuration variables for Network Data Publisher. + * + * @{ + * + */ + #include "config/border_router.h" #include "config/border_routing.h" #include "config/srp_server.h" @@ -156,4 +166,9 @@ #define OPENTHREAD_CONFIG_NETDATA_PUBLISHER_MAX_PREFIX_ENTRIES 3 #endif +/** + * @} + * + */ + #endif // CONFIG_NETDATA_PUBLISHER_H_ diff --git a/src/core/config/network_diagnostic.h b/src/core/config/network_diagnostic.h index 2aaf26018a7..ccf128d3832 100644 --- a/src/core/config/network_diagnostic.h +++ b/src/core/config/network_diagnostic.h @@ -35,6 +35,16 @@ #ifndef CONFIG_NETWORK_DIAGNOSTIC_H_ #define CONFIG_NETWORK_DIAGNOSTIC_H_ +/** + * @addtogroup config-network-diagnostic + * + * @brief + * This module includes configuration variables for Network Diagnostics. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_NET_DIAG_VENDOR_NAME * @@ -82,4 +92,9 @@ #define OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE 0 #endif +/** + * @} + * + */ + #endif // CONFIG_NETWORK_DIAGNOSTIC_H_ diff --git a/src/core/config/parent_search.h b/src/core/config/parent_search.h index 9c78bc02626..c5a978bba42 100644 --- a/src/core/config/parent_search.h +++ b/src/core/config/parent_search.h @@ -35,6 +35,16 @@ #ifndef CONFIG_PARENT_SEARCH_H_ #define CONFIG_PARENT_SEARCH_H_ +/** + * @addtogroup config-parent-search + * + * @brief + * This module includes configuration variables for Parent Search. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_PARENT_SEARCH_ENABLE * @@ -93,4 +103,9 @@ #define OPENTHREAD_CONFIG_PARENT_SEARCH_RSS_THRESHOLD -65 #endif +/** + * @} + * + */ + #endif // CONFIG_PARENT_SEARCH_H_ diff --git a/src/core/config/ping_sender.h b/src/core/config/ping_sender.h index d655b1dc837..7c5d25df635 100644 --- a/src/core/config/ping_sender.h +++ b/src/core/config/ping_sender.h @@ -35,6 +35,16 @@ #ifndef CONFIG_PING_SENDER_H_ #define CONFIG_PING_SENDER_H_ +/** + * @addtogroup config-ping-sender + * + * @brief + * This module includes configuration variables for Ping Sender. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_PING_SENDER_ENABLE * @@ -89,4 +99,9 @@ #define OPENTHREAD_CONFIG_PING_SENDER_DEFAULT_COUNT 1 #endif +/** + * @} + * + */ + #endif // CONFIG_PING_SENDER_H_ diff --git a/src/core/config/platform.h b/src/core/config/platform.h index 9fa475bdf62..927abb0864b 100644 --- a/src/core/config/platform.h +++ b/src/core/config/platform.h @@ -35,6 +35,16 @@ #ifndef CONFIG_PLATFORM_H_ #define CONFIG_PLATFORM_H_ +/** + * @addtogroup config-platform + * + * @brief + * This module includes configuration variables for platform-specific services. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_PLATFORM_INFO * @@ -186,4 +196,9 @@ #endif #endif +/** + * @} + * + */ + #endif // CONFIG_PLATFORM_H_ diff --git a/src/core/config/power_calibration.h b/src/core/config/power_calibration.h index 56e9467e2c5..2b79684e220 100644 --- a/src/core/config/power_calibration.h +++ b/src/core/config/power_calibration.h @@ -35,6 +35,16 @@ #ifndef CONFIG_POWER_CALIBRATION_H_ #define CONFIG_POWER_CALIBRATION_H_ +/** + * @addtogroup config-power-calibration + * + * @brief + * This module includes configuration variables for Power Calibration. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_POWER_CALIBRATION_ENABLE * @@ -65,4 +75,9 @@ #define OPENTHREAD_CONFIG_POWER_CALIBRATION_NUM_CALIBRATED_POWER_ENTRIES 6 #endif +/** + * @} + * + */ + #endif // CONFIG_POWER_CALIBRATION_H_ diff --git a/src/core/config/radio_link.h b/src/core/config/radio_link.h index 14e9a129236..d56f9dbeb8c 100644 --- a/src/core/config/radio_link.h +++ b/src/core/config/radio_link.h @@ -35,6 +35,16 @@ #ifndef CONFIG_RADIO_LINK_H_ #define CONFIG_RADIO_LINK_H_ +/** + * @addtogroup config-radio-link + * + * @brief + * This module includes configuration variables for radio links. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_RADIO_LINK_IEEE_802_15_4_ENABLE * @@ -93,4 +103,9 @@ #define OPENTHREAD_CONFIG_MULTI_RADIO_FRAG_TAG_TIMEOUT (20 * 1000) #endif +/** + * @} + * + */ + #endif // CONFIG_RADIO_LINK_H_ diff --git a/src/core/config/secure_transport.h b/src/core/config/secure_transport.h index ea6799ff9ae..854700d913d 100644 --- a/src/core/config/secure_transport.h +++ b/src/core/config/secure_transport.h @@ -35,6 +35,16 @@ #ifndef CONFIG_SECURE_TRANSPORT_H_ #define CONFIG_SECURE_TRANSPORT_H_ +/** + * @addtogroup config-secure-transport + * + * @brief + * This module includes configuration variables for Secure Transport. + * + * @{ + * + */ + #include "config/border_agent.h" #include "config/coap.h" #include "config/commissioner.h" @@ -66,4 +76,9 @@ #error "OPENTHREAD_CONFIG_DTLS_ENABLE is deprecated please use OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE instead" #endif +/** + * @} + * + */ + #endif // CONFIG_SECURE_TRANSPORT_H_ diff --git a/src/core/config/sntp_client.h b/src/core/config/sntp_client.h index bd8d5fa5a07..48079a82bd7 100644 --- a/src/core/config/sntp_client.h +++ b/src/core/config/sntp_client.h @@ -35,6 +35,16 @@ #ifndef CONFIG_SNTP_CLIENT_H_ #define CONFIG_SNTP_CLIENT_H_ +/** + * @addtogroup config-sntp-client + * + * @brief + * This module includes configuration variables for the SNTP Client. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_SNTP_CLIENT_ENABLE * @@ -65,4 +75,9 @@ #define OPENTHREAD_CONFIG_SNTP_CLIENT_MAX_RETRANSMIT 2 #endif +/** + * @} + * + */ + #endif // CONFIG_SNTP_CLIENT_H_ diff --git a/src/core/config/srp_client.h b/src/core/config/srp_client.h index 40f3f9321ed..cf3d6a2341b 100644 --- a/src/core/config/srp_client.h +++ b/src/core/config/srp_client.h @@ -35,6 +35,16 @@ #ifndef CONFIG_SRP_CLIENT_H_ #define CONFIG_SRP_CLIENT_H_ +/** + * @addtogroup config-srp-client + * + * @brief + * This module includes configuration variables for the SRP Client. + * + * @{ + * + */ + #include "config/misc.h" /** @@ -402,4 +412,9 @@ #define OPENTHREAD_CONFIG_SRP_CLIENT_BUFFERS_TXT_BUFFER_SIZE 64 #endif +/** + * @} + * + */ + #endif // CONFIG_SRP_CLIENT_H_ diff --git a/src/core/config/srp_server.h b/src/core/config/srp_server.h index 5b76ec3ee5e..0ae6ef9a946 100644 --- a/src/core/config/srp_server.h +++ b/src/core/config/srp_server.h @@ -35,6 +35,16 @@ #ifndef CONFIG_SRP_SERVER_H_ #define CONFIG_SRP_SERVER_H_ +/** + * @addtogroup config-srp-server + * + * @brief + * This module includes configuration variables for the SRP Server. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_SRP_SERVER_ENABLE * @@ -109,4 +119,9 @@ #define OPENTHREAD_CONFIG_SRP_SERVER_SERVICE_UPDATE_TIMEOUT ((4 * 250u) + 250u) #endif +/** + * @} + * + */ + #endif // CONFIG_SRP_SERVER_H_ diff --git a/src/core/config/time_sync.h b/src/core/config/time_sync.h index c56d32d2808..43d232c37e2 100644 --- a/src/core/config/time_sync.h +++ b/src/core/config/time_sync.h @@ -35,6 +35,16 @@ #ifndef CONFIG_TIME_SYNC_H_ #define CONFIG_TIME_SYNC_H_ +/** + * @addtogroup config-time-sync + * + * @brief + * This module includes configuration variables for the Time Sync service. + * + * @{ + * + */ + /** * @def OPENTHREAD_CONFIG_TIME_SYNC_ENABLE * @@ -94,4 +104,9 @@ #define OPENTHREAD_CONFIG_TIME_SYNC_JUMP_NOTIF_MIN_US 10000 #endif +/** + * @} + * + */ + #endif // CONFIG_TIME_SYNC_H_ diff --git a/src/core/config/tmf.h b/src/core/config/tmf.h index 42d3a70dc14..18a397dd5a0 100644 --- a/src/core/config/tmf.h +++ b/src/core/config/tmf.h @@ -35,6 +35,17 @@ #ifndef CONFIG_TMF_H_ #define CONFIG_TMF_H_ +/** + * @addtogroup config-tmf + * + * @brief + * This module includes configuration variables for the Thread Management + * Framework service. + * + * @{ + * + */ + #include "config/border_router.h" /** @@ -247,4 +258,9 @@ #error "Thread 1.2 or higher version is required for OPENTHREAD_CONFIG_TMF_PROXY_MLR_ENABLE" #endif +/** + * @} + * + */ + #endif // CONFIG_TMF_H_ From 51a682ec0e71ba471502083ed869679e71fbf29d Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 20 Dec 2023 14:20:58 -0800 Subject: [PATCH 044/121] [dns] add `Name::Matches()` to compare DNS names (#9734) This commit adds `Name::Matches()` method which compares a `Name` instance (which can be from a C string or encoded in a `Message`) with a given set of labels and domain name strings. This method allows the caller to specify name components separately, enabling scenarios like comparing "service instance name" with separate instance label, service type, and domain strings. Unit test `test_dns` is also updated to validate the behavior of the newly added method. --- src/core/net/dns_types.cpp | 62 ++++++++++++++++++++++++++++++++++++++ src/core/net/dns_types.hpp | 20 ++++++++++++ tests/unit/test_dns.cpp | 47 +++++++++++++++++++++++++++++ 3 files changed, 129 insertions(+) diff --git a/src/core/net/dns_types.cpp b/src/core/net/dns_types.cpp index aa19c73bf00..30e99182988 100644 --- a/src/core/net/dns_types.cpp +++ b/src/core/net/dns_types.cpp @@ -100,6 +100,68 @@ Error Header::ResponseCodeToError(Response aResponse) return error; } +bool Name::Matches(const char *aFirstLabels, const char *aSecondLabels, const char *aDomain) const +{ + bool matches = false; + const char *namePtr; + Buffer nameBuffer; + + VerifyOrExit(!IsEmpty()); + + if (IsFromCString()) + { + namePtr = mString; + } + else + { + uint16_t offset = mOffset; + + SuccessOrExit(ReadName(*mMessage, offset, nameBuffer)); + namePtr = nameBuffer; + } + + if (aFirstLabels != nullptr) + { + matches = CompareAndSkipLabels(namePtr, aFirstLabels, kLabelSeparatorChar); + VerifyOrExit(matches); + } + + if (aSecondLabels != nullptr) + { + matches = CompareAndSkipLabels(namePtr, aSecondLabels, kLabelSeparatorChar); + VerifyOrExit(matches); + } + + matches = CompareAndSkipLabels(namePtr, aDomain, kNullChar); + +exit: + return matches; +} + +bool Name::CompareAndSkipLabels(const char *&aNamePtr, const char *aLabels, char aExpectedNextChar) +{ + // Compares `aNamePtr` to the label string `aLabels` followed by + // the `aExpectedNextChar`(using case-insensitive match). Upon + // successful comparison, `aNamePtr` is advanced to point after + // the matched portion. + + bool matches = false; + uint16_t len = StringLength(aLabels, kMaxNameSize); + + VerifyOrExit(len < kMaxNameSize); + + VerifyOrExit(StringStartsWith(aNamePtr, aLabels, kStringCaseInsensitiveMatch)); + aNamePtr += len; + + VerifyOrExit(*aNamePtr == aExpectedNextChar); + aNamePtr++; + + matches = true; + +exit: + return matches; +} + Error Name::AppendTo(Message &aMessage) const { Error error; diff --git a/src/core/net/dns_types.hpp b/src/core/net/dns_types.hpp index a8fb88a158e..f857f831947 100644 --- a/src/core/net/dns_types.hpp +++ b/src/core/net/dns_types.hpp @@ -662,6 +662,25 @@ class Name : public Clearable return *mMessage; } + /** + * Matches the `Name` with a given set of labels and domain name. + * + * This method allows the caller to specify name components separately, enabling scenarios like comparing "service + * instance name" with separate instance label, service type, and domain strings. + * + * @p aFirstLabels or @p aSecondLabels can be `nullptr` if not needed. But if non-null, these strings MUST NOT + * end with dot. @p aDomain MUST NOT be `nullptr` and MUST always end with a dot `.` character. + * + * @param[in] aFirstLabels A string of dot separated labels, MUST NOT end with dot. Can be `nullptr`. + * @param[in] aSecondLabels A string of dot separated labels, MUST NOT end with dot. Can be `nullptr`. + * @param[in] aDomain Domain name. MUST end with dot. + * + * @retval TRUE The name matches the given labels. + * @retval FALSE The name does not match the given labels. + * + */ + bool Matches(const char *aFirstLabels, const char *aSecondLabels, const char *aDomain) const; + /** * Encodes and appends the name to a message. * @@ -1094,6 +1113,7 @@ class Name : public Clearable { } + static bool CompareAndSkipLabels(const char *&aNamePtr, const char *aLabels, char aExpectedNextChar); static Error AppendLabel(const char *aLabel, uint8_t aLength, Message &aMessage); const char *mString; // String containing the name or `nullptr` if name is not from string. diff --git a/tests/unit/test_dns.cpp b/tests/unit/test_dns.cpp index 8e6ef0dd8a4..d07a05abd7c 100644 --- a/tests/unit/test_dns.cpp +++ b/tests/unit/test_dns.cpp @@ -56,6 +56,15 @@ void TestDnsName(void) const char *mExpectedReadName; }; + struct TestMatches + { + const char *mFullName; + const char *mFirstLabels; + const char *mSecondLabels; + const char *mDomain; + bool mShouldMatch; + }; + Instance *instance; MessagePool *messagePool; Message *message; @@ -139,6 +148,25 @@ void TestDnsName(void) static const char kBadLabel[] = "badlabel"; static const char kBadName[] = "bad.name"; + static const TestMatches kTestMatches[] = { + {"foo.bar.local.", "foo", "bar", "local.", true}, + {"foo.bar.local.", "foo.bar", nullptr, "local.", true}, + {"foo.bar.local.", nullptr, "foo.bar", "local.", true}, + {"foo.bar.local.", nullptr, nullptr, "foo.bar.local.", true}, + {"foo.bar.local.", "foo", "ba", "local.", false}, + {"foo.bar.local.", "fooooo", "bar", "local.", false}, + {"foo.bar.local.", "foo", "bar", "locall.", false}, + {"foo.bar.local.", "f", "bar", "local.", false}, + {"foo.bar.local.", "foo", "barr", "local.", false}, + {"foo.bar.local.", "foo", "bar", ".local.", false}, + {"My Lovely Instance._mt._udp.local.", "mY lovely instancE", "_mt._udp", "local.", true}, + {"My Lovely Instance._mt._udp.local.", "mY lovely instancE._mt", "_udp", "local.", true}, + {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp", "default.service.arpa.", true}, + {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp", "default.service.arpa", false}, + {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp.", "default.service.arpa.", false}, + {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub.", "_srv._udp", "default.service.arpa.", false}, + }; + printf("================================================================\n"); printf("TestDnsName()\n"); @@ -496,6 +524,25 @@ void TestDnsName(void) VerifyOrQuit(memcmp(buffer, test.mEncodedData, len) == 0, "Encoded name data does not match expected data"); } + printf("----------------------------------------------------------------\n"); + printf("Name::Matches() variations\n"); + + for (const TestMatches &test : kTestMatches) + { + Dns::Name name; + + printf(" \"%s\"\n", test.mFullName); + + name.Set(test.mFullName); + VerifyOrQuit(name.Matches(test.mFirstLabels, test.mSecondLabels, test.mDomain) == test.mShouldMatch); + + IgnoreError(message->SetLength(0)); + SuccessOrQuit(name.AppendTo(*message)); + + name.SetFromMessage(*message, 0); + VerifyOrQuit(name.Matches(test.mFirstLabels, test.mSecondLabels, test.mDomain) == test.mShouldMatch); + } + message->Free(); testFreeInstance(instance); } From 1e82c4e9620e6ab708e94263641674052af9ec30 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Wed, 20 Dec 2023 14:44:41 -0800 Subject: [PATCH 045/121] [cmake] always define `OPENTHREAD_FTD/MTD/RADIO` (#9733) --- src/cli/ftd.cmake | 2 ++ src/cli/mtd.cmake | 2 ++ src/cli/radio.cmake | 2 ++ src/core/ftd.cmake | 2 ++ src/core/mtd.cmake | 2 ++ src/core/radio.cmake | 2 ++ src/core/radio_cli.cmake | 2 ++ src/lib/spinel/CMakeLists.txt | 12 ++++++++++++ src/ncp/ftd.cmake | 2 ++ src/ncp/mtd.cmake | 2 ++ src/ncp/radio.cmake | 2 ++ src/posix/platform/CMakeLists.txt | 1 + tests/fuzz/CMakeLists.txt | 2 ++ tests/unit/CMakeLists.txt | 4 ++++ 14 files changed, 39 insertions(+) diff --git a/src/cli/ftd.cmake b/src/cli/ftd.cmake index df9b37a3bae..7b6f08a0075 100644 --- a/src/cli/ftd.cmake +++ b/src/cli/ftd.cmake @@ -31,6 +31,8 @@ add_library(openthread-cli-ftd) target_compile_definitions(openthread-cli-ftd PRIVATE OPENTHREAD_FTD=1 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 ) target_compile_options(openthread-cli-ftd PRIVATE diff --git a/src/cli/mtd.cmake b/src/cli/mtd.cmake index b5eb1db0fdc..733bfaaa913 100644 --- a/src/cli/mtd.cmake +++ b/src/cli/mtd.cmake @@ -30,7 +30,9 @@ add_library(openthread-cli-mtd) target_compile_definitions(openthread-cli-mtd PRIVATE + OPENTHREAD_FTD=0 OPENTHREAD_MTD=1 + OPENTHREAD_RADIO=0 ) target_compile_options(openthread-cli-mtd PRIVATE diff --git a/src/cli/radio.cmake b/src/cli/radio.cmake index 28320d6a3d3..449f9961203 100644 --- a/src/cli/radio.cmake +++ b/src/cli/radio.cmake @@ -30,6 +30,8 @@ add_library(openthread-cli-radio) target_compile_definitions(openthread-cli-radio PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 OPENTHREAD_RADIO=1 OPENTHREAD_RADIO_CLI=1 ) diff --git a/src/core/ftd.cmake b/src/core/ftd.cmake index dd6dae2f49e..074c4362c5c 100644 --- a/src/core/ftd.cmake +++ b/src/core/ftd.cmake @@ -30,6 +30,8 @@ add_library(openthread-ftd) target_compile_definitions(openthread-ftd PRIVATE OPENTHREAD_FTD=1 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 ) target_compile_options(openthread-ftd PRIVATE diff --git a/src/core/mtd.cmake b/src/core/mtd.cmake index e9b831c24d2..ae8d9e3ef63 100644 --- a/src/core/mtd.cmake +++ b/src/core/mtd.cmake @@ -29,7 +29,9 @@ add_library(openthread-mtd) target_compile_definitions(openthread-mtd PRIVATE + OPENTHREAD_FTD=0 OPENTHREAD_MTD=1 + OPENTHREAD_RADIO=0 ) target_compile_options(openthread-mtd PRIVATE diff --git a/src/core/radio.cmake b/src/core/radio.cmake index 95ae9153320..a416052027e 100644 --- a/src/core/radio.cmake +++ b/src/core/radio.cmake @@ -29,6 +29,8 @@ add_library(openthread-radio) target_compile_definitions(openthread-radio PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 OPENTHREAD_RADIO=1 OPENTHREAD_RADIO_CLI=0 ) diff --git a/src/core/radio_cli.cmake b/src/core/radio_cli.cmake index 31e7b6dae3c..cec70bfa94f 100644 --- a/src/core/radio_cli.cmake +++ b/src/core/radio_cli.cmake @@ -29,6 +29,8 @@ add_library(openthread-radio-cli) target_compile_definitions(openthread-radio-cli PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 OPENTHREAD_RADIO=1 OPENTHREAD_RADIO_CLI=1 ) diff --git a/src/lib/spinel/CMakeLists.txt b/src/lib/spinel/CMakeLists.txt index 47de4d44175..b8be41c829b 100644 --- a/src/lib/spinel/CMakeLists.txt +++ b/src/lib/spinel/CMakeLists.txt @@ -30,11 +30,23 @@ add_library(openthread-radio-spinel) add_library(openthread-spinel-ncp) add_library(openthread-spinel-rcp) +target_compile_definitions(openthread-radio-spinel PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 +) + target_compile_definitions(openthread-spinel-ncp PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 PUBLIC OPENTHREAD_SPINEL_CONFIG_OPENTHREAD_MESSAGE_ENABLE=1 ) target_compile_definitions(openthread-spinel-rcp PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 PUBLIC OPENTHREAD_SPINEL_CONFIG_OPENTHREAD_MESSAGE_ENABLE=0 ) diff --git a/src/ncp/ftd.cmake b/src/ncp/ftd.cmake index 43b5f4f8065..fbf230a4f6a 100644 --- a/src/ncp/ftd.cmake +++ b/src/ncp/ftd.cmake @@ -30,6 +30,8 @@ add_library(openthread-ncp-ftd) target_compile_definitions(openthread-ncp-ftd PRIVATE OPENTHREAD_FTD=1 + OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 OPENTHREAD_CONFIG_NCP_HDLC_ENABLE=1 ) diff --git a/src/ncp/mtd.cmake b/src/ncp/mtd.cmake index 6d8de8e14b4..5bcf3783e8a 100644 --- a/src/ncp/mtd.cmake +++ b/src/ncp/mtd.cmake @@ -29,7 +29,9 @@ add_library(openthread-ncp-mtd) target_compile_definitions(openthread-ncp-mtd PRIVATE + OPENTHREAD_FTD=0 OPENTHREAD_MTD=1 + OPENTHREAD_RADIO=0 OPENTHREAD_CONFIG_NCP_HDLC_ENABLE=1 ) diff --git a/src/ncp/radio.cmake b/src/ncp/radio.cmake index 1350a28e857..23ec4e06e9e 100644 --- a/src/ncp/radio.cmake +++ b/src/ncp/radio.cmake @@ -29,6 +29,8 @@ add_library(openthread-rcp) target_compile_definitions(openthread-rcp PRIVATE + OPENTHREAD_FTD=0 + OPENTHREAD_MTD=0 OPENTHREAD_RADIO=1 OPENTHREAD_RADIO_CLI=0 ) diff --git a/src/posix/platform/CMakeLists.txt b/src/posix/platform/CMakeLists.txt index e9fb7c83a35..e4795834ff9 100644 --- a/src/posix/platform/CMakeLists.txt +++ b/src/posix/platform/CMakeLists.txt @@ -185,6 +185,7 @@ target_compile_definitions(openthread-posix PRIVATE OPENTHREAD_FTD=1 OPENTHREAD_MTD=0 + OPENTHREAD_RADIO=0 ) target_compile_options(openthread-posix PRIVATE diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index 39ca67b23d4..c2d5da2b76f 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -33,6 +33,8 @@ set(COMMON_INCLUDES set(COMMON_COMPILE_OPTIONS -DOPENTHREAD_FTD=1 + -DOPENTHREAD_MTD=0 + -DOPENTHREAD_RADIO=0 -DOPENTHREAD_SPINEL_CONFIG_OPENTHREAD_MESSAGE_ENABLE=1 ) diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index e14e30ad5bd..f44ffaeea73 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -39,10 +39,14 @@ set(COMMON_INCLUDES_RCP set(COMMON_COMPILE_OPTIONS -DOPENTHREAD_FTD=1 + -DOPENTHREAD_MTD=0 + -DOPENTHREAD_RADIO=0 -DOPENTHREAD_SPINEL_CONFIG_OPENTHREAD_MESSAGE_ENABLE=1 ) set(COMMON_COMPILE_OPTIONS_RCP + -DOPENTHREAD_FTD=0 + -DOPENTHREAD_MTD=0 -DOPENTHREAD_RADIO=1 -DOPENTHREAD_SPINEL_CONFIG_OPENTHREAD_MESSAGE_ENABLE=1 -DOPENTHREAD_CONFIG_PLATFORM_UDP_ENABLE=0 From 8167fb36269f0683740168114483301ebde08385 Mon Sep 17 00:00:00 2001 From: SherySheng Date: Tue, 26 Dec 2023 23:47:47 +0800 Subject: [PATCH 046/121] [posix] ignore required anycast address (#9717) Ignore Required Anycast address when it is added to or deleted from wpan0 interface in openthread. --- include/openthread/instance.h | 2 +- include/openthread/ip6.h | 13 +++++----- src/posix/platform/netif.cpp | 49 +++++++++++++++++++++++++++++++++++ 3 files changed, 57 insertions(+), 7 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index bc60c08a590..2fa848528a5 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (384) +#define OPENTHREAD_API_VERSION (385) /** * @addtogroup api-instance diff --git a/include/openthread/ip6.h b/include/openthread/ip6.h index 8301ff93db5..cb4d124918c 100644 --- a/include/openthread/ip6.h +++ b/include/openthread/ip6.h @@ -52,12 +52,13 @@ extern "C" { * */ -#define OT_IP6_PREFIX_SIZE 8 ///< Size of an IPv6 prefix (bytes) -#define OT_IP6_PREFIX_BITSIZE (OT_IP6_PREFIX_SIZE * 8) ///< Size of an IPv6 prefix (bits) -#define OT_IP6_IID_SIZE 8 ///< Size of an IPv6 Interface Identifier (bytes) -#define OT_IP6_ADDRESS_SIZE 16 ///< Size of an IPv6 address (bytes) -#define OT_IP6_HEADER_SIZE 40 ///< Size of an IPv6 header (bytes) -#define OT_IP6_HEADER_PROTO_OFFSET 6 ///< Offset of the proto field in the IPv6 header (bytes) +#define OT_IP6_PREFIX_SIZE 8 ///< Size of an IPv6 prefix (bytes) +#define OT_IP6_PREFIX_BITSIZE (OT_IP6_PREFIX_SIZE * 8) ///< Size of an IPv6 prefix (bits) +#define OT_IP6_IID_SIZE 8 ///< Size of an IPv6 Interface Identifier (bytes) +#define OT_IP6_ADDRESS_SIZE 16 ///< Size of an IPv6 address (bytes) +#define OT_IP6_ADDRESS_BITSIZE (OT_IP6_ADDRESS_SIZE * 8) ///< Size of an IPv6 address (bits) +#define OT_IP6_HEADER_SIZE 40 ///< Size of an IPv6 header (bytes) +#define OT_IP6_HEADER_PROTO_OFFSET 6 ///< Offset of the proto field in the IPv6 header (bytes) /** * @struct otIp6InterfaceIdentifier diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index 40670855467..f41d8463d08 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -1080,6 +1080,46 @@ static otError tryProcessIcmp6RaMessage(otInstance *aInstance, const uint8_t *da } #endif // OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE +#ifdef __linux__ +/** + * Returns whether the address is a required anycast address (RFC2373, 2.6.1). + * + */ +static bool isRequiredAnycast(const uint8_t *aAddress, uint8_t aPrefixLength) +{ + bool isRequiredAnycast = false; + uint8_t firstBytePos = aPrefixLength / 8; + uint8_t remainingBits = aPrefixLength % 8; + + if (aPrefixLength == OT_IP6_ADDRESS_BITSIZE) + { + ExitNow(); + } + + if (remainingBits != 0) + { + if ((aAddress[firstBytePos] & ((1 << remainingBits) - 1)) != 0) + { + ExitNow(); + } + firstBytePos++; + } + + for (int i = firstBytePos; i < OT_IP6_ADDRESS_SIZE; ++i) + { + if (aAddress[i] != 0) + { + ExitNow(); + } + } + + isRequiredAnycast = true; + +exit: + return isRequiredAnycast; +} +#endif // __linux__ + static void processTransmit(otInstance *aInstance) { otMessage *message = nullptr; @@ -1213,6 +1253,15 @@ static void processNetifAddrEvent(otInstance *aInstance, struct nlmsghdr *aNetli addr6.sin6_family = AF_INET6; memcpy(&addr6.sin6_addr, RTA_DATA(rta), sizeof(addr6.sin6_addr)); + // Linux allows adding an IPv6 required anycast address to an interface, + // which blocks openthread deriving an address by SLAAC and will cause routing issues. + // Ignore the required anycast addresses here to allow OpenThread stack generate one when necessary, + // and Linux will prefer the non-required anycast address on the interface. + if (isRequiredAnycast(addr.GetBytes(), ifaddr->ifa_prefixlen)) + { + continue; + } + if (aNetlinkMessage->nlmsg_type == RTM_NEWADDR) { if (!addr.IsMulticast()) From 6751122f0ae44cbe51e539e434fbf126a7b1ac43 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 26 Dec 2023 07:51:38 -0800 Subject: [PATCH 047/121] [heap-data] add `Matches()` to compare `Heap::Data` with a given buffer (#9740) Also updates the unit test to validate the new method. --- src/core/common/heap_data.cpp | 19 +++++++++++++++++++ src/core/common/heap_data.hpp | 12 ++++++++++++ tests/unit/test_heap_string.cpp | 12 ++++++++++++ 3 files changed, 43 insertions(+) diff --git a/src/core/common/heap_data.cpp b/src/core/common/heap_data.cpp index d12686e2c55..9c09e5903d0 100644 --- a/src/core/common/heap_data.cpp +++ b/src/core/common/heap_data.cpp @@ -78,6 +78,25 @@ void Data::SetFrom(Data &&aData) TakeFrom(aData); } +bool Data::Matches(const uint8_t *aBuffer, uint16_t aLength) const +{ + bool matches = false; + + VerifyOrExit(aLength == mData.GetLength()); + + if (IsNull()) + { + matches = (aLength == 0); + } + else + { + matches = mData.MatchesBytesIn(aBuffer); + } + +exit: + return matches; +} + void Data::Free(void) { Heap::Free(mData.GetBytes()); diff --git a/src/core/common/heap_data.hpp b/src/core/common/heap_data.hpp index 9fbbe3d4201..f0b0823ed22 100644 --- a/src/core/common/heap_data.hpp +++ b/src/core/common/heap_data.hpp @@ -169,6 +169,18 @@ class Data */ void CopyBytesTo(uint8_t *aBuffer) const { return mData.CopyBytesTo(aBuffer); } + /** + * Compares the `Data` content with the bytes from a given buffer. + * + * @param[in] aBuffer A pointer to a buffer to compare with the data. + * @param[in] aLength The length of @p aBuffer. + * + * @retval TRUE The `Data` content matches the bytes in @p aBuffer. + * @retval FALSE The `Data` content does not match the byes in @p aBuffer. + * + */ + bool Matches(const uint8_t *aBuffer, uint16_t aLength) const; + /** * Frees any buffer allocated by the `Heap::Data`. * diff --git a/tests/unit/test_heap_string.cpp b/tests/unit/test_heap_string.cpp index cc72d5af24c..3feb4b65f9a 100644 --- a/tests/unit/test_heap_string.cpp +++ b/tests/unit/test_heap_string.cpp @@ -171,11 +171,15 @@ void VerifyData(const Heap::Data &aData, const uint8_t *aBytes, uint16_t aLength PrintData(aData); + VerifyOrQuit(aData.Matches(aBytes, aLength)); + VerifyOrQuit(!aData.Matches(aBytes, aLength + 1)); + if (aLength == 0) { VerifyOrQuit(aData.IsNull()); VerifyOrQuit(aData.GetBytes() == nullptr); VerifyOrQuit(aData.GetLength() == 0); + VerifyOrQuit(aData.Matches(nullptr, 0)); } else { @@ -186,6 +190,10 @@ void VerifyData(const Heap::Data &aData, const uint8_t *aBytes, uint16_t aLength aData.CopyBytesTo(buffer); VerifyOrQuit(memcmp(buffer, aBytes, aLength) == 0, "CopyBytesTo() failed"); + + VerifyOrQuit(aData.Matches(buffer, aLength)); + buffer[aLength - 1]++; + VerifyOrQuit(!aData.Matches(buffer, aLength)); } } @@ -223,6 +231,10 @@ void TestHeapData(void) printf("After constructor\n"); VerifyData(data, nullptr, 0); + VerifyOrQuit(data.Matches(nullptr, 0)); + VerifyOrQuit(data.Matches(kData1, 0)); + VerifyOrQuit(!data.Matches(kData1, 1)); + printf("------------------------------------------------------------------------------------\n"); printf("SetFrom(aBuffer, aLength)\n"); From 3f99b118d41f1a054f4512e391e7d39f30cf3503 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 27 Dec 2023 22:10:53 -0800 Subject: [PATCH 048/121] [dns] clarify trailing dot in `Name::ExtractLabels()` (#9743) This commit updates `ExtractLabels()` documentation to clarify that name and suffix name can include or exclude the trailing dot but both inputs must follow the same style. It also updates `test_dns` unit test to validate this behavior. --- src/core/net/dns_types.hpp | 20 ++++++++++---------- tests/unit/test_dns.cpp | 26 ++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/src/core/net/dns_types.hpp b/src/core/net/dns_types.hpp index f857f831947..f678831dadb 100644 --- a/src/core/net/dns_types.hpp +++ b/src/core/net/dns_types.hpp @@ -992,14 +992,14 @@ class Name : public Clearable static Error CompareName(const Message &aMessage, uint16_t &aOffset, const Name &aName); /** - * Extracts label(s) from a full name by checking that it contains a given suffix name (e.g., suffix name can be + * Extracts label(s) from a name by checking that it contains a given suffix name (e.g., suffix name can be * a domain name) and removing it. * - * Both @p aName and @p aSuffixName must be full DNS name and end with ('.'), otherwise the behavior of this method - * is undefined. + * Both @p aName and @p aSuffixName MUST follow the same style regarding inclusion of trailing dot ('.'). Otherwise + * `kErrorParse` is returned. * - * @param[in] aName The full name to extract labels from. - * @param[in] aSuffixName The suffix name (e.g. can be domain name). + * @param[in] aName The name to extract labels from. + * @param[in] aSuffixName The suffix name (e.g., can be domain name). * @param[out] aLabels Pointer to buffer to copy the extracted labels. * @param[in] aLabelsSize Size of @p aLabels buffer. * @@ -1011,16 +1011,16 @@ class Name : public Clearable static Error ExtractLabels(const char *aName, const char *aSuffixName, char *aLabels, uint16_t aLabelsSize); /** - * Extracts label(s) from a full name by checking that it contains a given suffix name (e.g., suffix name can be + * Extracts label(s) from a name by checking that it contains a given suffix name (e.g., suffix name can be * a domain name) and removing it. * - * Both @p aName and @p aSuffixName must be full DNS name and end with ('.'), otherwise the behavior of this method - * is undefined. + * Both @p aName and @p aSuffixName MUST follow the same style regarding inclusion of trailing dot ('.'). Otherwise + * `kErrorParse` is returned. * * @tparam kLabelsBufferSize Size of the buffer string. * - * @param[in] aName The full name to extract labels from. - * @param[in] aSuffixName The suffix name (e.g. can be domain name). + * @param[in] aName The name to extract labels from. + * @param[in] aSuffixName The suffix name (e.g., can be domain name). * @param[out] aLabelsBuffer A buffer to copy the extracted labels. * * @retval kErrorNone Successfully extracted the labels, @p aLabels is updated. diff --git a/tests/unit/test_dns.cpp b/tests/unit/test_dns.cpp index d07a05abd7c..0eeb7c24063 100644 --- a/tests/unit/test_dns.cpp +++ b/tests/unit/test_dns.cpp @@ -285,6 +285,19 @@ void TestDnsName(void) SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); + fullName = "my-service._ipps._tcp.default.service.arpa"; + suffixName = "default.service.arpa"; + SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); + VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); + + fullName = "my-service._ipps._tcp.default.service.arpa"; + suffixName = "default.service.arpa."; + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + + fullName = "my-service._ipps._tcp.default.service.arpa."; + suffixName = "default.service.arpa"; + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + fullName = "my.service._ipps._tcp.default.service.arpa."; suffixName = "_ipps._tcp.default.service.arpa."; SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); @@ -295,10 +308,19 @@ void TestDnsName(void) SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); + fullName = "my-service._ipps._tcp.default.service.arpa"; + suffixName = "DeFault.SerVice.ARPA"; + SuccessOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name)); + VerifyOrQuit(strcmp(name, "my-service._ipps._tcp") == 0); + fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "efault.service.arpa."; VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + fullName = "my-service._ipps._tcp.default.service.arpa"; + suffixName = "efault.service.arpa"; + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + fullName = "my-service._ipps._tcp.default.service.arpa."; suffixName = "xdefault.service.arpa."; VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); @@ -315,6 +337,10 @@ void TestDnsName(void) suffixName = "default.service.arpa."; VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + fullName = "default.service.arpa"; + suffixName = "default.service.arpa"; + VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); + fullName = "efault.service.arpa."; suffixName = "default.service.arpa."; VerifyOrQuit(Dns::Name::ExtractLabels(fullName, suffixName, name) == kErrorParse); From 666a9bd076adfee873fafc5354e0b309cb4f6dda Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 28 Dec 2023 18:26:35 -0800 Subject: [PATCH 049/121] [dns] add `Name::ComapreMultipleLabels()` and update `Matches()` (#9744) This commit introduces a new method, `Name::CompareMultipleLabels()`, to efficiently parse and compare multiple DNS name labels directly from a message. This is then used to optimize `Name::Matches()` eliminating the need to read the entire name into a separate buffer. This commit also updates `Name::Matches()` method to treat the first label as a single label allowing it to include dot character (which is useful for service instance label). Additionally, `test_dns` unit test is updated to validate the functionality of the new methods. --- src/core/net/dns_types.cpp | 62 ++++++++++------ src/core/net/dns_types.hpp | 46 +++++++++--- tests/unit/test_dns.cpp | 144 +++++++++++++++++++++++++++++++------ 3 files changed, 204 insertions(+), 48 deletions(-) diff --git a/src/core/net/dns_types.cpp b/src/core/net/dns_types.cpp index 30e99182988..eecc9ff29f7 100644 --- a/src/core/net/dns_types.cpp +++ b/src/core/net/dns_types.cpp @@ -100,40 +100,41 @@ Error Header::ResponseCodeToError(Response aResponse) return error; } -bool Name::Matches(const char *aFirstLabels, const char *aSecondLabels, const char *aDomain) const +bool Name::Matches(const char *aFirstLabel, const char *aLabels, const char *aDomain) const { - bool matches = false; - const char *namePtr; - Buffer nameBuffer; + bool matches = false; VerifyOrExit(!IsEmpty()); if (IsFromCString()) { - namePtr = mString; + const char *namePtr = mString; + + if (aFirstLabel != nullptr) + { + matches = CompareAndSkipLabels(namePtr, aFirstLabel, kLabelSeparatorChar); + VerifyOrExit(matches); + } + + matches = CompareAndSkipLabels(namePtr, aLabels, kLabelSeparatorChar); + VerifyOrExit(matches); + + matches = CompareAndSkipLabels(namePtr, aDomain, kNullChar); } else { uint16_t offset = mOffset; - SuccessOrExit(ReadName(*mMessage, offset, nameBuffer)); - namePtr = nameBuffer; - } - - if (aFirstLabels != nullptr) - { - matches = CompareAndSkipLabels(namePtr, aFirstLabels, kLabelSeparatorChar); - VerifyOrExit(matches); - } + if (aFirstLabel != nullptr) + { + SuccessOrExit(CompareLabel(*mMessage, offset, aFirstLabel)); + } - if (aSecondLabels != nullptr) - { - matches = CompareAndSkipLabels(namePtr, aSecondLabels, kLabelSeparatorChar); - VerifyOrExit(matches); + SuccessOrExit(CompareMultipleLabels(*mMessage, offset, aLabels)); + SuccessOrExit(CompareName(*mMessage, offset, aDomain)); + matches = true; } - matches = CompareAndSkipLabels(namePtr, aDomain, kNullChar); - exit: return matches; } @@ -431,6 +432,27 @@ Error Name::CompareLabel(const Message &aMessage, uint16_t &aOffset, const char return error; } +Error Name::CompareMultipleLabels(const Message &aMessage, uint16_t &aOffset, const char *aLabels) +{ + Error error; + LabelIterator iterator(aMessage, aOffset); + + while (true) + { + SuccessOrExit(error = iterator.GetNextLabel()); + VerifyOrExit(iterator.CompareLabel(aLabels, !kIsSingleLabel), error = kErrorNotFound); + + if (*aLabels == kNullChar) + { + aOffset = iterator.mNextLabelOffset; + ExitNow(); + } + } + +exit: + return error; +} + Error Name::CompareName(const Message &aMessage, uint16_t &aOffset, const char *aName) { Error error; diff --git a/src/core/net/dns_types.hpp b/src/core/net/dns_types.hpp index f678831dadb..5428713aa27 100644 --- a/src/core/net/dns_types.hpp +++ b/src/core/net/dns_types.hpp @@ -666,20 +666,27 @@ class Name : public Clearable * Matches the `Name` with a given set of labels and domain name. * * This method allows the caller to specify name components separately, enabling scenarios like comparing "service - * instance name" with separate instance label, service type, and domain strings. + * instance name" with separate instance label (which can include dot character), service type, and domain strings. * - * @p aFirstLabels or @p aSecondLabels can be `nullptr` if not needed. But if non-null, these strings MUST NOT - * end with dot. @p aDomain MUST NOT be `nullptr` and MUST always end with a dot `.` character. + * @p aFirstLabel can be `nullptr` if not needed. But if non-null, it is treated as a single label and can itself + * include dot `.` character. * - * @param[in] aFirstLabels A string of dot separated labels, MUST NOT end with dot. Can be `nullptr`. - * @param[in] aSecondLabels A string of dot separated labels, MUST NOT end with dot. Can be `nullptr`. + * The @p aLabels MUST NOT be `nullptr` and MUST follow "..", i.e., a sequence of one or + * more labels separated by dot '.' char, and it MUST NOT end with dot `.`. + * + * @p aDomain MUST NOT be `nullptr` and MUST have at least one label and MUST always end with a dot `.` character. + * + * If the above conditions are not satisfied, the behavior of this method is undefined. + * + * @param[in] aFirstLabel A first label to check. Can be `nullptr`. + * @param[in] aLabels A string of dot separated labels, MUST NOT end with dot. * @param[in] aDomain Domain name. MUST end with dot. * - * @retval TRUE The name matches the given labels. - * @retval FALSE The name does not match the given labels. + * @retval TRUE The name matches the given components. + * @retval FALSE The name does not match the given components. * */ - bool Matches(const char *aFirstLabels, const char *aSecondLabels, const char *aDomain) const; + bool Matches(const char *aFirstLabel, const char *aLabels, const char *aDomain) const; /** * Encodes and appends the name to a message. @@ -909,6 +916,29 @@ class Name : public Clearable */ static Error CompareLabel(const Message &aMessage, uint16_t &aOffset, const char *aLabel); + /** + * Parses and compares multiple name labels from a message. + * + * Can be used to read and compare a group of labels from an encoded DNS name in a message with possibly more + * labels remaining to read. + * + * The @p aLabels must follow "..", i.e., a sequence of labels separated by dot '.' char. + * + * @param[in] aMessage The message to read the labels from to compare. `aMessage.GetOffset()` MUST point + * to the start of DNS header (this is used to handle compressed names). + * @param[in,out] aOffset On input, the offset in @p aMessage pointing to the start of the labels to read. + * On exit and only when all labels are successfully read and match @p aLabels, + * @p aOffset is updated to point to the start of the next label. + * @param[in] aLabels A pointer to a null terminated string containing the labels to compare with. + * + * @retval kErrorNone The labels from @p aMessage matches @p aLabels. @p aOffset is updated. + * @retval kErrorNotFound The labels from @p aMessage does not match @p aLabel (note that @p aOffset is not + * updated in this case). + * @retval kErrorParse Name could not be parsed (invalid format). + * + */ + static Error CompareMultipleLabels(const Message &aMessage, uint16_t &aOffset, const char *aLabels); + /** * Parses and compares a full name from a message with a given name. * diff --git a/tests/unit/test_dns.cpp b/tests/unit/test_dns.cpp index 0eeb7c24063..4566cde9ca7 100644 --- a/tests/unit/test_dns.cpp +++ b/tests/unit/test_dns.cpp @@ -59,8 +59,8 @@ void TestDnsName(void) struct TestMatches { const char *mFullName; - const char *mFirstLabels; - const char *mSecondLabels; + const char *mFirstLabel; + const char *mLabels; const char *mDomain; bool mShouldMatch; }; @@ -79,6 +79,7 @@ void TestDnsName(void) const char *domain2; const char *fullName; const char *suffixName; + Dns::Name dnsName; static const uint8_t kEncodedName1[] = {7, 'e', 'x', 'a', 'm', 'p', 'l', 'e', 3, 'c', 'o', 'm', 0}; static const uint8_t kEncodedName2[] = {3, 'f', 'o', 'o', 1, 'a', 2, 'b', 'b', 3, 'e', 'd', 'u', 0}; @@ -150,9 +151,7 @@ void TestDnsName(void) static const TestMatches kTestMatches[] = { {"foo.bar.local.", "foo", "bar", "local.", true}, - {"foo.bar.local.", "foo.bar", nullptr, "local.", true}, {"foo.bar.local.", nullptr, "foo.bar", "local.", true}, - {"foo.bar.local.", nullptr, nullptr, "foo.bar.local.", true}, {"foo.bar.local.", "foo", "ba", "local.", false}, {"foo.bar.local.", "fooooo", "bar", "local.", false}, {"foo.bar.local.", "foo", "bar", "locall.", false}, @@ -160,11 +159,8 @@ void TestDnsName(void) {"foo.bar.local.", "foo", "barr", "local.", false}, {"foo.bar.local.", "foo", "bar", ".local.", false}, {"My Lovely Instance._mt._udp.local.", "mY lovely instancE", "_mt._udp", "local.", true}, - {"My Lovely Instance._mt._udp.local.", "mY lovely instancE._mt", "_udp", "local.", true}, - {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp", "default.service.arpa.", true}, - {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp", "default.service.arpa", false}, - {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub", "_srv._udp.", "default.service.arpa.", false}, - {"_s1._sub._srv._udp.default.service.arpa.", "_s1._sub.", "_srv._udp", "default.service.arpa.", false}, + {"My Lovely Instance._mt._udp.local.", nullptr, "mY lovely instancE._mt._udp", "local.", true}, + {"_s1._sub._srv._udp.default.service.arpa.", "_s1", "_sub._srv._udp", "default.service.arpa.", true}, }; printf("================================================================\n"); @@ -555,20 +551,48 @@ void TestDnsName(void) for (const TestMatches &test : kTestMatches) { - Dns::Name name; - printf(" \"%s\"\n", test.mFullName); - name.Set(test.mFullName); - VerifyOrQuit(name.Matches(test.mFirstLabels, test.mSecondLabels, test.mDomain) == test.mShouldMatch); + dnsName.Set(test.mFullName); + VerifyOrQuit(dnsName.Matches(test.mFirstLabel, test.mLabels, test.mDomain) == test.mShouldMatch); IgnoreError(message->SetLength(0)); - SuccessOrQuit(name.AppendTo(*message)); + SuccessOrQuit(dnsName.AppendTo(*message)); - name.SetFromMessage(*message, 0); - VerifyOrQuit(name.Matches(test.mFirstLabels, test.mSecondLabels, test.mDomain) == test.mShouldMatch); + dnsName.SetFromMessage(*message, 0); + VerifyOrQuit(dnsName.Matches(test.mFirstLabel, test.mLabels, test.mDomain) == test.mShouldMatch); } + IgnoreError(message->SetLength(0)); + dnsName.SetFromMessage(*message, 0); + SuccessOrQuit(Dns::Name::AppendLabel("Name.With.Dot", *message)); + SuccessOrQuit(Dns::Name::AppendName("_srv._udp.local.", *message)); + + VerifyOrQuit(dnsName.Matches("Name.With.Dot", "_srv._udp", "local.")); + VerifyOrQuit(dnsName.Matches("nAme.with.dOT", "_srv._udp", "local.")); + VerifyOrQuit(dnsName.Matches("Name.With.Dot", "_srv", "_udp.local.")); + + VerifyOrQuit(!dnsName.Matches("Name", "With.Dot._srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.", "With.Dot._srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With", "Dot._srv._udp", "local.")); + + VerifyOrQuit(!dnsName.Matches("Name.With.Dott", "_srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot.", "_srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot", "_srv._tcp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot", "_srv._udp", "arpa.")); + + offset = 0; + SuccessOrQuit(Dns::Name::ReadName(*message, offset, name)); + dnsName.Set(name); + + VerifyOrQuit(dnsName.Matches("Name.With.Dot", "_srv._udp", "local.")); + VerifyOrQuit(dnsName.Matches("nAme.with.dOT", "_srv._udp", "local.")); + VerifyOrQuit(dnsName.Matches("Name.With.Dot", "_srv", "_udp.local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dott", "_srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot.", "_srv._udp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot", "_srv._tcp", "local.")); + VerifyOrQuit(!dnsName.Matches("Name.With.Dot", "_srv._udp", "arpa.")); + message->Free(); testFreeInstance(instance); } @@ -601,6 +625,13 @@ void TestDnsCompressedName(void) static const char *kName3Labels[] = {"ISI", "ARPA"}; static const char *kName4Labels[] = {"Human.Readable", "F", "ISI", "ARPA"}; + static const char *kName1MultiLabels[] = {"F.ISI", "ARPA"}; + static const char *kName2MultiLabels1[] = {"FOO", "F.ISI.ARPA."}; + static const char *kName2MultiLabels2[] = {"FOO.F.", "ISI.ARPA."}; + + static const char kName1BadMultiLabels[] = "F.ISI.ARPA.MORE"; + static const char kName2BadMultiLabels[] = "FOO.F.IS"; + static const char kExpectedReadName1[] = "F.ISI.ARPA."; static const char kExpectedReadName2[] = "FOO.F.ISI.ARPA."; static const char kExpectedReadName3[] = "ISI.ARPA."; @@ -712,11 +743,35 @@ void TestDnsCompressedName(void) VerifyOrQuit(offset == name1Offset + sizeof(kEncodedName), "Name::ReadName() returned incorrect offset"); offset = name1Offset; - for (const char *nameLabel : kName1Labels) { SuccessOrQuit(Dns::Name::CompareLabel(*message, offset, nameLabel)); } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name1Offset; + for (const char *nameLabel : kName1Labels) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabel)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name1Offset; + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kExpectedReadName1)); + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name1Offset; + VerifyOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kBadName) == kErrorNotFound); + + offset = name1Offset; + VerifyOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kName1BadMultiLabels) == kErrorNotFound); + + offset = name1Offset; + for (const char *nameLabels : kName1MultiLabels) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabels)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); offset = name1Offset; SuccessOrQuit(Dns::Name::CompareName(*message, offset, kExpectedReadName1)); @@ -769,11 +824,42 @@ void TestDnsCompressedName(void) VerifyOrQuit(offset == name2Offset + kName2EncodedSize, "Name::ReadName() returned incorrect offset"); offset = name2Offset; - for (const char *nameLabel : kName2Labels) { SuccessOrQuit(Dns::Name::CompareLabel(*message, offset, nameLabel)); } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name2Offset; + for (const char *nameLabel : kName2Labels) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabel)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name2Offset; + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kExpectedReadName2)); + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name2Offset; + VerifyOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kBadName) == kErrorNotFound); + + offset = name2Offset; + VerifyOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kName2BadMultiLabels) == kErrorNotFound); + + offset = name2Offset; + for (const char *nameLabels : kName2MultiLabels1) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabels)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name2Offset; + for (const char *nameLabels : kName2MultiLabels2) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabels)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); offset = name2Offset; SuccessOrQuit(Dns::Name::CompareName(*message, offset, kExpectedReadName2)); @@ -826,11 +912,22 @@ void TestDnsCompressedName(void) VerifyOrQuit(offset == name3Offset + kName3EncodedSize, "Name::ReadName() returned incorrect offset"); offset = name3Offset; - for (const char *nameLabel : kName3Labels) { SuccessOrQuit(Dns::Name::CompareLabel(*message, offset, nameLabel)); } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name3Offset; + for (const char *nameLabel : kName3Labels) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabel)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name3Offset; + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, kExpectedReadName3)); + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); offset = name3Offset; SuccessOrQuit(Dns::Name::CompareName(*message, offset, kExpectedReadName3)); @@ -880,11 +977,18 @@ void TestDnsCompressedName(void) VerifyOrQuit(offset == name4Offset + kName4EncodedSize, "Name::ParseName() returned incorrect offset"); offset = name4Offset; - for (const char *nameLabel : kName4Labels) { SuccessOrQuit(Dns::Name::CompareLabel(*message, offset, nameLabel)); } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); + + offset = name4Offset; + for (const char *nameLabel : kName4Labels) + { + SuccessOrQuit(Dns::Name::CompareMultipleLabels(*message, offset, nameLabel)); + } + SuccessOrQuit(Dns::Name::CompareName(*message, offset, ".")); offset = name4Offset; SuccessOrQuit(Dns::Name::CompareName(*message, offset, *message, offset), "Name::CompareName() with itself failed"); From ee745130c7035c5ea3268b5869cca90a5e434eee Mon Sep 17 00:00:00 2001 From: SherySheng Date: Thu, 4 Jan 2024 09:35:17 +0800 Subject: [PATCH 050/121] [telemetry] add upstream DNS metrics (#9729) --- include/openthread/dnssd_server.h | 29 +++++++++++++++++++++-------- include/openthread/instance.h | 2 +- src/core/net/dnssd_server.cpp | 9 ++++++++- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/include/openthread/dnssd_server.h b/include/openthread/dnssd_server.h index 98f83d6940d..c008e326607 100644 --- a/include/openthread/dnssd_server.h +++ b/include/openthread/dnssd_server.h @@ -147,20 +147,33 @@ typedef enum OT_DNSSD_QUERY_TYPE_RESOLVE_HOST = 3, ///< Service type resolve hostname. } otDnssdQueryType; +/** + * Represents the count of queries, responses, failures handled by upstream DNS server. + * + * Requires `OPENTHREAD_CONFIG_DNS_UPSTREAM_QUERY_ENABLE`. + */ +typedef struct otUpstreamDnsCounters +{ + uint32_t mQueries; ///< The number of queries forwarded. + uint32_t mResponses; ///< The number of responses forwarded. + uint32_t mFailures; ///< The number of upstream DNS failures. +} otUpstreamDnsCounters; + /** * Contains the counters of DNS-SD server. * */ typedef struct otDnssdCounters { - uint32_t mSuccessResponse; ///< The number of successful responses - uint32_t mServerFailureResponse; ///< The number of server failure responses - uint32_t mFormatErrorResponse; ///< The number of format error responses - uint32_t mNameErrorResponse; ///< The number of name error responses - uint32_t mNotImplementedResponse; ///< The number of 'not implemented' responses - uint32_t mOtherResponse; ///< The number of other responses - - uint32_t mResolvedBySrp; ///< The number of queries completely resolved by the local SRP server + uint32_t mSuccessResponse; ///< The number of successful responses. + uint32_t mServerFailureResponse; ///< The number of server failure responses. + uint32_t mFormatErrorResponse; ///< The number of format error responses. + uint32_t mNameErrorResponse; ///< The number of name error responses. + uint32_t mNotImplementedResponse; ///< The number of 'not implemented' responses. + uint32_t mOtherResponse; ///< The number of other responses. + uint32_t mResolvedBySrp; ///< The number of queries resolved by the local SRP server. + otUpstreamDnsCounters mUpstreamDnsCounters; ///< The number of queries, responses, + ///< failures handled by upstream DNS server. } otDnssdCounters; /** diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 2fa848528a5..e394abc960f 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (385) +#define OPENTHREAD_API_VERSION (386) /** * @addtogroup api-instance diff --git a/src/core/net/dnssd_server.cpp b/src/core/net/dnssd_server.cpp index 33aabbd66b0..385eb88f3a3 100644 --- a/src/core/net/dnssd_server.cpp +++ b/src/core/net/dnssd_server.cpp @@ -866,6 +866,10 @@ void Server::OnUpstreamQueryDone(UpstreamQueryTransaction &aQueryTransaction, Me { error = mSocket.SendTo(*aResponseMessage, aQueryTransaction.GetMessageInfo()); } + else + { + error = kErrorResponseTimeout; + } ResetUpstreamQueryTransaction(aQueryTransaction, error); @@ -886,7 +890,7 @@ Server::UpstreamQueryTransaction *Server::AllocateUpstreamQueryTransaction(const } } - VerifyOrExit(newTxn != nullptr); + VerifyOrExit(newTxn != nullptr, mCounters.mUpstreamDnsCounters.mFailures++); newTxn->Init(aMessageInfo); LogInfo("Upstream query transaction %d initialized.", static_cast(newTxn - mUpstreamQueryTransactions)); @@ -905,6 +909,7 @@ Error Server::ResolveByUpstream(const Request &aRequest) VerifyOrExit(txn != nullptr, error = kErrorNoBufs); otPlatDnsStartUpstreamQuery(&GetInstance(), txn, aRequest.mMessage); + mCounters.mUpstreamDnsCounters.mQueries++; exit: return error; @@ -1277,10 +1282,12 @@ void Server::ResetUpstreamQueryTransaction(UpstreamQueryTransaction &aTxn, Error OT_UNUSED_VARIABLE(index); if (aError == kErrorNone) { + mCounters.mUpstreamDnsCounters.mResponses++; LogInfo("Upstream query transaction %d completed.", index); } else { + mCounters.mUpstreamDnsCounters.mFailures++; LogWarn("Upstream query transaction %d closed: %s.", index, ErrorToString(aError)); } aTxn.Reset(); From d02c4be8210e2d915456f8b84a687d7812f667f1 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Thu, 4 Jan 2024 16:45:40 -0800 Subject: [PATCH 051/121] [cli] add Doxygen tags for history commands (#9751) --- include/openthread/history_tracker.h | 4 +- include/openthread/instance.h | 2 +- src/cli/README_HISTORY.md | 2 +- src/cli/cli.cpp | 2 +- src/cli/cli_history.cpp | 701 +++++++++++++++++++++++++++ 5 files changed, 706 insertions(+), 5 deletions(-) diff --git a/include/openthread/history_tracker.h b/include/openthread/history_tracker.h index 08dc8d9c283..72a0c4a2da9 100644 --- a/include/openthread/history_tracker.h +++ b/include/openthread/history_tracker.h @@ -426,8 +426,8 @@ const otHistoryTrackerExternalRouteInfo *otHistoryTrackerIterateExternalRouteHis /** * Converts a given entry age to a human-readable string. * - * The entry age string follows the format "::." for hours, minutes, seconds and millisecond (if - * shorter than one day) or "
days ::." (if longer than one day). + * The entry age string follows the format `hours:minutes:seconds:milliseconds` (if + * shorter than one day) or `days:hours:minutes:seconds`(if longer than one day). * * If the resulting string does not fit in @p aBuffer (within its @p aSize characters), the string will be truncated * but the outputted string is always null-terminated. diff --git a/include/openthread/instance.h b/include/openthread/instance.h index e394abc960f..6394f343e3d 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (386) +#define OPENTHREAD_API_VERSION (387) /** * @addtogroup api-instance diff --git a/src/cli/README_HISTORY.md b/src/cli/README_HISTORY.md index 3fa681a276b..21f2dc5e326 100644 --- a/src/cli/README_HISTORY.md +++ b/src/cli/README_HISTORY.md @@ -345,7 +345,7 @@ Usage `history router [list] []` Print the route table history. Each item provides: -- Event (`Added`, `Removed`, `NextHopChnaged`, `CostChanged`) +- Event (`Added`, `Removed`, `NextHopChanged`, `CostChanged`) - Router ID and RLOC16 of router - Next Hop (Router ID and RLOC16) - `none` if no next hop. - Path cost (old `->` new) - `inf` to indicate infinite path cost. diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index fb6de4cf422..ba34e59b47d 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -4149,7 +4149,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) * @par api_copy * #otThreadSetLinkMode * @cparam mode [@ca{rdn}] - * - `-`: -: no flags set (rx-off-when-idle, minimal Thread device, stable network data) + * - `-`: no flags set (rx-off-when-idle, minimal Thread device, stable network data) * - `r`: rx-on-when-idle * - `d`: Full Thread Device * - `n`: Full Network Data diff --git a/src/cli/cli_history.cpp b/src/cli/cli_history.cpp index b44a74fc346..82d75557a21 100644 --- a/src/cli/cli_history.cpp +++ b/src/cli/cli_history.cpp @@ -71,6 +71,62 @@ otError History::ParseArgs(Arg aArgs[], bool &aIsList, uint16_t &aNumEntries) co return aArgs[0].IsEmpty() ? OT_ERROR_NONE : OT_ERROR_INVALID_ARGS; } +/** + * @cli history ipaddr + * @code + * history ipaddr + * | Age | Event | Address / Prefix Length | Origin |Scope| P | V | R | + * +----------------------+---------+---------------------------------------------+--------+-----+---+---+---+ + * | 00:00:04.991 | Removed | 2001:dead:beef:cafe:c4cb:caba:8d55:e30b/64 | slaac | 14 | Y | Y | N | + * | 00:00:44.647 | Added | 2001:dead:beef:cafe:c4cb:caba:8d55:e30b/64 | slaac | 14 | Y | Y | N | + * | 00:01:07.199 | Added | fd00:0:0:0:0:0:0:1/64 | manual | 14 | Y | Y | N | + * | 00:02:17.885 | Added | fdde:ad00:beef:0:0:ff:fe00:fc00/64 | thread | 3 | N | Y | N | + * | 00:02:17.885 | Added | fdde:ad00:beef:0:0:ff:fe00:5400/64 | thread | 3 | N | Y | Y | + * | 00:02:20.107 | Removed | fdde:ad00:beef:0:0:ff:fe00:5400/64 | thread | 3 | N | Y | Y | + * | 00:02:21.575 | Added | fdde:ad00:beef:0:0:ff:fe00:5400/64 | thread | 3 | N | Y | Y | + * | 00:02:21.575 | Added | fdde:ad00:beef:0:ecea:c4fc:ad96:4655/64 | thread | 3 | N | Y | N | + * | 00:02:23.904 | Added | fe80:0:0:0:3c12:a4d2:fbe0:31ad/64 | thread | 2 | Y | Y | N | + * Done + * @endcode + * @code + * history ipaddr list 5 + * 00:00:20.327 -> event:Removed address:2001:dead:beef:cafe:c4cb:caba:8d55:e30b prefixlen:64 origin:slaac scope:14 preferred:yes valid:yes rloc:no + * 00:00:59.983 -> event:Added address:2001:dead:beef:cafe:c4cb:caba:8d55:e30b prefixlen:64 origin:slaac scope:14 preferred:yes valid:yes rloc:no + * 00:01:22.535 -> event:Added address:fd00:0:0:0:0:0:0:1 prefixlen:64 origin:manual scope:14 preferred:yes valid:yes rloc:no + * 00:02:33.221 -> event:Added address:fdde:ad00:beef:0:0:ff:fe00:fc00 prefixlen:64 origin:thread scope:3 preferred:no valid:yes rloc:no + * 00:02:33.221 -> event:Added address:fdde:ad00:beef:0:0:ff:fe00:5400 prefixlen:64 origin:thread scope:3 preferred:no valid:yes rloc:yes + * Done + * @endcode + * @cparam history ipaddr [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the unicast IPv6 address history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Event: Possible values are `Added` or `Removed`. + * * Address/Prefix Length: Unicast address with its prefix length (in bits). + * * Origin: Possible value are `thread`, `slaac`, `dhcp6`, or `manual`. + * * Scope: IPv6 address scope. + * * P: Preferred flag. + * * V: Valid flag. + * * RLOC (R): This flag indicates if the IPv6 address is a routing locator. + * @note + * All commands under `history` require the `OPENTHREAD_CONFIG_HISTORY_TRACKER_ENABLE` + * feature to be enabled. + * @sa otHistoryTrackerEntryAgeToString + * @sa otHistoryTrackerIterateUnicastAddressHistory + */ template <> otError History::Process(Arg aArgs[]) { otError error; @@ -134,6 +190,54 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history ipmaddr + * @code + * history ipmaddr + * | Age | Event | Multicast Address | Origin | + * +----------------------+--------------+-----------------------------------------+--------+ + * | 00:00:08.592 | Unsubscribed | ff05:0:0:0:0:0:0:1 | Manual | + * | 00:01:25.353 | Subscribed | ff05:0:0:0:0:0:0:1 | Manual | + * | 00:01:54.953 | Subscribed | ff03:0:0:0:0:0:0:2 | Thread | + * | 00:01:54.953 | Subscribed | ff02:0:0:0:0:0:0:2 | Thread | + * | 00:01:59.329 | Subscribed | ff33:40:fdde:ad00:beef:0:0:1 | Thread | + * | 00:01:59.329 | Subscribed | ff32:40:fdde:ad00:beef:0:0:1 | Thread | + * | 00:02:01.129 | Subscribed | ff03:0:0:0:0:0:0:fc | Thread | + * | 00:02:01.129 | Subscribed | ff03:0:0:0:0:0:0:1 | Thread | + * | 00:02:01.129 | Subscribed | ff02:0:0:0:0:0:0:1 | Thread | + * Done + * @endcode + * @code + * history ipmaddr list + * 00:00:25.447 -> event:Unsubscribed address:ff05:0:0:0:0:0:0:1 origin:Manual + * 00:01:42.208 -> event:Subscribed address:ff05:0:0:0:0:0:0:1 origin:Manual + * 00:02:11.808 -> event:Subscribed address:ff03:0:0:0:0:0:0:2 origin:Thread + * 00:02:11.808 -> event:Subscribed address:ff02:0:0:0:0:0:0:2 origin:Thread + * 00:02:16.184 -> event:Subscribed address:ff33:40:fdde:ad00:beef:0:0:1 origin:Thread + * 00:02:16.184 -> event:Subscribed address:ff32:40:fdde:ad00:beef:0:0:1 origin:Thread + * 00:02:17.984 -> event:Subscribed address:ff03:0:0:0:0:0:0:fc origin:Thread + * 00:02:17.984 -> event:Subscribed address:ff03:0:0:0:0:0:0:1 origin:Thread + * 00:02:17.984 -> event:Subscribed address:ff02:0:0:0:0:0:0:1 origin:Thread + * Done + * @endcode + * @cparam history ipmaddr [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the multicast IPv6 address history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Event: Possible values are `Subscribed` or `Unsubscribed`. + * * Multicast Address + * * Origin: Possible values are `Thread` or `Manual`. + * @sa otHistoryTrackerEntryAgeToString + * @sa otHistoryTrackerIterateMulticastAddressHistory + */ template <> otError History::Process(Arg aArgs[]) { static const char *const kEventStrings[] = { @@ -191,6 +295,62 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history neighbor + * @code + * history neighbor + * | Age | Type | Event | Extended Address | RLOC16 | Mode | Ave RSS | + * +----------------------+--------+-----------+------------------+--------+------+---------+ + * | 00:00:29.233 | Child | Added | ae5105292f0b9169 | 0x8404 | - | -20 | + * | 00:01:38.368 | Child | Removed | ae5105292f0b9169 | 0x8401 | - | -20 | + * | 00:04:27.181 | Child | Changed | ae5105292f0b9169 | 0x8401 | - | -20 | + * | 00:04:51.236 | Router | Added | 865c7ca38a5fa960 | 0x9400 | rdn | -20 | + * | 00:04:51.587 | Child | Removed | 865c7ca38a5fa960 | 0x8402 | rdn | -20 | + * | 00:05:22.764 | Child | Changed | ae5105292f0b9169 | 0x8401 | rn | -20 | + * | 00:06:40.764 | Child | Added | 4ec99efc874a1841 | 0x8403 | r | -20 | + * | 00:06:44.060 | Child | Added | 865c7ca38a5fa960 | 0x8402 | rdn | -20 | + * | 00:06:49.515 | Child | Added | ae5105292f0b9169 | 0x8401 | - | -20 | + * Done + * @endcode + * @code + * history neighbor list + * 00:00:34.753 -> type:Child event:Added extaddr:ae5105292f0b9169 rloc16:0x8404 mode:- rss:-20 + * 00:01:43.888 -> type:Child event:Removed extaddr:ae5105292f0b9169 rloc16:0x8401 mode:- rss:-20 + * 00:04:32.701 -> type:Child event:Changed extaddr:ae5105292f0b9169 rloc16:0x8401 mode:- rss:-20 + * 00:04:56.756 -> type:Router event:Added extaddr:865c7ca38a5fa960 rloc16:0x9400 mode:rdn rss:-20 + * 00:04:57.107 -> type:Child event:Removed extaddr:865c7ca38a5fa960 rloc16:0x8402 mode:rdn rss:-20 + * 00:05:28.284 -> type:Child event:Changed extaddr:ae5105292f0b9169 rloc16:0x8401 mode:rn rss:-20 + * 00:06:46.284 -> type:Child event:Added extaddr:4ec99efc874a1841 rloc16:0x8403 mode:r rss:-20 + * 00:06:49.580 -> type:Child event:Added extaddr:865c7ca38a5fa960 rloc16:0x8402 mode:rdn rss:-20 + * 00:06:55.035 -> type:Child event:Added extaddr:ae5105292f0b9169 rloc16:0x8401 mode:- rss:-20 + * Done + * @endcode + * @cparam history neighbor [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the neighbor history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Type: `Child` or `Router`. + * * Event: Possible values are `Added`, `Removed`, or `Changed`. + * * Extended Address + * * RLOC16 + * * Mode: MLE link mode. Possible values: + * * `-`: no flags set (rx-off-when-idle, minimal Thread device, + * stable network data). + * * `r`: rx-on-when-idle + * * `d`: Full Thread Device. + * * `n`: Full Network Data + * * Ave RSS: Average number of frames (in dBm) received from the neighbor at the + * time the entry was recorded. + * @sa otHistoryTrackerIterateNeighborHistory + */ template <> otError History::Process(Arg aArgs[]) { static const char *const kEventString[] = { @@ -256,6 +416,87 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history router + * @code + * history router + * | Age | Event | ID (RLOC16) | Next Hop | Path Cost | + * +----------------------+----------------+-------------+-------------+------------+ + * | 00:00:05.258 | NextHopChanged | 7 (0x1c00) | 34 (0x8800) | inf -> 3 | + * | 00:00:08.604 | NextHopChanged | 34 (0x8800) | 34 (0x8800) | inf -> 2 | + * | 00:00:08.604 | Added | 7 (0x1c00) | none | inf -> inf | + * | 00:00:11.931 | Added | 34 (0x8800) | none | inf -> inf | + * | 00:00:14.948 | Removed | 59 (0xec00) | none | inf -> inf | + * | 00:00:14.948 | Removed | 54 (0xd800) | none | inf -> inf | + * | 00:00:14.948 | Removed | 34 (0x8800) | none | inf -> inf | + * | 00:00:14.948 | Removed | 7 (0x1c00) | none | inf -> inf | + * | 00:00:54.795 | NextHopChanged | 59 (0xec00) | 34 (0x8800) | 1 -> 5 | + * | 00:02:33.735 | NextHopChanged | 54 (0xd800) | none | 15 -> inf | + * | 00:03:10.915 | CostChanged | 54 (0xd800) | 34 (0x8800) | 13 -> 15 | + * | 00:03:45.716 | NextHopChanged | 54 (0xd800) | 34 (0x8800) | 15 -> 13 | + * | 00:03:46.188 | CostChanged | 54 (0xd800) | 59 (0xec00) | 13 -> 15 | + * | 00:04:19.124 | CostChanged | 54 (0xd800) | 59 (0xec00) | 11 -> 13 | + * | 00:04:52.008 | CostChanged | 54 (0xd800) | 59 (0xec00) | 9 -> 11 | + * | 00:05:23.176 | CostChanged | 54 (0xd800) | 59 (0xec00) | 7 -> 9 | + * | 00:05:51.081 | CostChanged | 54 (0xd800) | 59 (0xec00) | 5 -> 7 | + * | 00:06:48.721 | CostChanged | 54 (0xd800) | 59 (0xec00) | 3 -> 5 | + * | 00:07:13.792 | NextHopChanged | 54 (0xd800) | 59 (0xec00) | 1 -> 3 | + * | 00:09:28.681 | NextHopChanged | 7 (0x1c00) | 34 (0x8800) | inf -> 3 | + * | 00:09:31.882 | Added | 7 (0x1c00) | none | inf -> inf | + * | 00:09:51.240 | NextHopChanged | 54 (0xd800) | 54 (0xd800) | inf -> 1 | + * | 00:09:54.204 | Added | 54 (0xd800) | none | inf -> inf | + * | 00:10:20.645 | NextHopChanged | 34 (0x8800) | 34 (0x8800) | inf -> 2 | + * | 00:10:24.242 | NextHopChanged | 59 (0xec00) | 59 (0xec00) | inf -> 1 | + * | 00:10:24.242 | Added | 34 (0x8800) | none | inf -> inf | + * | 00:10:41.900 | NextHopChanged | 59 (0xec00) | none | 1 -> inf | + * | 00:10:42.480 | Added | 3 (0x0c00) | 3 (0x0c00) | inf -> inf | + * | 00:10:43.614 | Added | 59 (0xec00) | 59 (0xec00) | inf -> 1 | + * Done + * @endcode + * @code + * history router list 20 + * 00:00:06.959 -> event:NextHopChanged router:7(0x1c00) nexthop:34(0x8800) old-cost:inf new-cost:3 + * 00:00:10.305 -> event:NextHopChanged router:34(0x8800) nexthop:34(0x8800) old-cost:inf new-cost:2 + * 00:00:10.305 -> event:Added router:7(0x1c00) nexthop:none old-cost:inf new-cost:inf + * 00:00:13.632 -> event:Added router:34(0x8800) nexthop:none old-cost:inf new-cost:inf + * 00:00:16.649 -> event:Removed router:59(0xec00) nexthop:none old-cost:inf new-cost:inf + * 00:00:16.649 -> event:Removed router:54(0xd800) nexthop:none old-cost:inf new-cost:inf + * 00:00:16.649 -> event:Removed router:34(0x8800) nexthop:none old-cost:inf new-cost:inf + * 00:00:16.649 -> event:Removed router:7(0x1c00) nexthop:none old-cost:inf new-cost:inf + * 00:00:56.496 -> event:NextHopChanged router:59(0xec00) nexthop:34(0x8800) old-cost:1 new-cost:5 + * 00:02:35.436 -> event:NextHopChanged router:54(0xd800) nexthop:none old-cost:15 new-cost:inf + * 00:03:12.616 -> event:CostChanged router:54(0xd800) nexthop:34(0x8800) old-cost:13 new-cost:15 + * 00:03:47.417 -> event:NextHopChanged router:54(0xd800) nexthop:34(0x8800) old-cost:15 new-cost:13 + * 00:03:47.889 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:13 new-cost:15 + * 00:04:20.825 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:11 new-cost:13 + * 00:04:53.709 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:9 new-cost:11 + * 00:05:24.877 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:7 new-cost:9 + * 00:05:52.782 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:5 new-cost:7 + * 00:06:50.422 -> event:CostChanged router:54(0xd800) nexthop:59(0xec00) old-cost:3 new-cost:5 + * 00:07:15.493 -> event:NextHopChanged router:54(0xd800) nexthop:59(0xec00) old-cost:1 new-cost:3 + * 00:09:30.382 -> event:NextHopChanged router:7(0x1c00) nexthop:34(0x8800) old-cost:inf new-cost:3 + * Done + * @endcode + * @cparam history router [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the route-table history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Event: Possible values are `Added`, `Removed`, `NextHopChanged`, or `CostChanged`. + * * ID (RLOC16): Router ID and RLOC16 of the router. + * * Next Hop: Router ID and RLOC16 of the next hop. If there is no next hop, + * `none` is shown. + * * Path Cost: old cost `->` new cost. A value of `inf` indicates an infinite + * path cost. + * @sa otHistoryTrackerIterateRouterHistory + */ template <> otError History::Process(Arg aArgs[]) { static const char *const kEventString[] = { @@ -342,6 +583,61 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history netinfo + * @code + * history netinfo + * | Age | Role | Mode | RLOC16 | Partition ID | + * +----------------------+----------+------+--------+--------------+ + * | 00:00:10.069 | router | rdn | 0x6000 | 151029327 | + * | 00:02:09.337 | child | rdn | 0x2001 | 151029327 | + * | 00:02:09.338 | child | rdn | 0x2001 | 151029327 | + * | 00:07:40.806 | child | - | 0x2001 | 151029327 | + * | 00:07:42.297 | detached | - | 0x6000 | 0 | + * | 00:07:42.968 | disabled | - | 0x6000 | 0 | + * Done + * @endcode + * @code + * history netinfo list + * 00:00:59.467 -> role:router mode:rdn rloc16:0x6000 partition-id:151029327 + * 00:02:58.735 -> role:child mode:rdn rloc16:0x2001 partition-id:151029327 + * 00:02:58.736 -> role:child mode:rdn rloc16:0x2001 partition-id:151029327 + * 00:08:30.204 -> role:child mode:- rloc16:0x2001 partition-id:151029327 + * 00:08:31.695 -> role:detached mode:- rloc16:0x6000 partition-id:0 + * 00:08:32.366 -> role:disabled mode:- rloc16:0x6000 partition-id:0 + * Done + * @endcode + * @code + * history netinfo 2 + * | Age | Role | Mode | RLOC16 | Partition ID | + * +----------------------+----------+------+--------+--------------+ + * | 00:02:05.451 | router | rdn | 0x6000 | 151029327 | + * | 00:04:04.719 | child | rdn | 0x2001 | 151029327 | + * Done + * @endcode + * @cparam history netinfo [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the network info history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Role: Device role. Possible values are `router`, `child`, `detached`, or `disabled`. + * * Mode: MLE link mode. Possible values: + * * `-`: no flags set (rx-off-when-idle, minimal Thread device, + * stable network data). + * * `r`: rx-on-when-idle + * * `d`: Full Thread Device. + * * `n`: Full Network Data + * * RLOC16 + * * Partition ID. + * @sa otHistoryTrackerIterateNetInfoHistory + */ template <> otError History::Process(Arg aArgs[]) { otError error; @@ -385,10 +681,324 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history rx + * @code + * history rx + * | Age | Type | Len | Chksum | Sec | Prio | RSS |Dir | Neighb | Radio | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xbd26 | no | net | -20 | RX | 0x4800 | 15.4 | + * | 00:00:07.640 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | HopOpts | 44 | 0x0000 | yes | norm | -20 | RX | 0x4800 | 15.4 | + * | 00:00:09.263 | src: [fdde:ad00:beef:0:0:ff:fe00:4800]:0 | + * | | dst: [ff03:0:0:0:0:0:0:2]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 12 | 0x3f7d | yes | net | -20 | RX | 0x4800 | 15.4 | + * | 00:00:09.302 | src: [fdde:ad00:beef:0:0:ff:fe00:4800]:61631 | + * | | dst: [fdde:ad00:beef:0:0:ff:fe00:4801]:61631 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | ICMP6(EchoReqst) | 16 | 0x942c | yes | norm | -20 | RX | 0x4800 | 15.4 | + * | 00:00:09.304 | src: [fdde:ad00:beef:0:ac09:a16b:3204:dc09]:0 | + * | | dst: [fdde:ad00:beef:0:dc0e:d6b3:f180:b75b]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | HopOpts | 44 | 0x0000 | yes | norm | -20 | RX | 0x4800 | 15.4 | + * | 00:00:09.304 | src: [fdde:ad00:beef:0:0:ff:fe00:4800]:0 | + * | | dst: [ff03:0:0:0:0:0:0:2]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0x2e37 | no | net | -20 | RX | 0x4800 | 15.4 | + * | 00:00:21.622 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xe177 | no | net | -20 | RX | 0x4800 | 15.4 | + * | 00:00:26.640 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 165 | 0x82ee | yes | net | -20 | RX | 0x4800 | 15.4 | + * | 00:00:30.000 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 93 | 0x52df | no | net | -20 | RX | unknwn | 15.4 | + * | 00:00:30.480 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0x5ccf | no | net | -20 | RX | unknwn | 15.4 | + * | 00:00:30.772 | src: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * Done + * @endcode + * @code + * history rx list 4 + * 00:00:13.368 + type:UDP len:50 checksum:0xbd26 sec:no prio:net rss:-20 from:0x4800 radio:15.4 + src:[fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 + dst:[ff02:0:0:0:0:0:0:1]:19788 + * 00:00:14.991 + type:HopOpts len:44 checksum:0x0000 sec:yes prio:norm rss:-20 from:0x4800 radio:15.4 + src:[fdde:ad00:beef:0:0:ff:fe00:4800]:0 + dst:[ff03:0:0:0:0:0:0:2]:0 + * 00:00:15.030 + type:UDP len:12 checksum:0x3f7d sec:yes prio:net rss:-20 from:0x4800 radio:15.4 + src:[fdde:ad00:beef:0:0:ff:fe00:4800]:61631 + dst:[fdde:ad00:beef:0:0:ff:fe00:4801]:61631 + * 00:00:15.032 + type:ICMP6(EchoReqst) len:16 checksum:0x942c sec:yes prio:norm rss:-20 from:0x4800 radio:15.4 + src:[fdde:ad00:beef:0:ac09:a16b:3204:dc09]:0 + dst:[fdde:ad00:beef:0:dc0e:d6b3:f180:b75b]:0 + * Done + * @endcode + * @cparam history rx [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the IPv6 message RX history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Type: + * * IPv6 message type, such as `UDP`, `TCP`, `HopOpts`, and `ICMP6` (and its subtype). + * * `src`: Source IPv6 address and port number. + * * `dst`: Destination IPv6 address and port number (port number is valid + for UDP/TCP, otherwise it is 0). + * * Len: IPv6 payload length (excluding the IPv6 header). + * * Chksum: Message checksum (valid for UDP, TCP, or ICMP6 messages). + * * Sec: Indicates if link-layer security was used. + * * Prio: Message priority. Possible values are `low`, `norm`, `high`, or + * `net` (for Thread control messages). + * * RSS: Received Signal Strength (in dBm), averaged over all received fragment + * frames that formed the message. For TX history, `NA` (not applicable) + is displayed. + * * Dir: Shows whether the message was sent (`TX`) or received (`RX`). A failed + * transmission is indicated with `TX-F` in table format or + * `tx-success:no` in list format. Examples of a failed transmission + * include a `tx`getting aborted and no `ack` getting sent from the peer for + * any of the message fragments. + * * Neighb: Short address (RLOC16) of the neighbor with whom the message was + * sent/received. If the frame was broadcast, it is shown as + * `bcast` in table format or `0xffff` in list format. If the short + * address of the neighbor is not available, it is shown as `unknwn` in + * table format or `0xfffe` in list format. + * * Radio: Radio link on which the message was sent/received (useful when + `OPENTHREAD_CONFIG_MULTI_RADIO` is enabled). Can be `15.4`, `trel`, + or `all` (if sent on all radio links). + * @sa otHistoryTrackerIterateRxHistory + */ template <> otError History::Process(Arg aArgs[]) { return ProcessRxTxHistory(kRx, aArgs); } +/** + * @cli history rxtx + * @code + * history rxtx + * | Age | Type | Len | Chksum | Sec | Prio | RSS |Dir | Neighb | Radio | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | HopOpts | 44 | 0x0000 | yes | norm | -20 | RX | 0x0800 | 15.4 | + * | 00:00:09.267 | src: [fdde:ad00:beef:0:0:ff:fe00:800]:0 | + * | | dst: [ff03:0:0:0:0:0:0:2]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 12 | 0x6c6b | yes | net | -20 | RX | 0x0800 | 15.4 | + * | 00:00:09.290 | src: [fdde:ad00:beef:0:0:ff:fe00:800]:61631 | + * | | dst: [fdde:ad00:beef:0:0:ff:fe00:801]:61631 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | ICMP6(EchoReqst) | 16 | 0xc6a2 | yes | norm | -20 | RX | 0x0800 | 15.4 | + * | 00:00:09.292 | src: [fdde:ad00:beef:0:efe8:4910:cf95:dee9]:0 | + * | | dst: [fdde:ad00:beef:0:af4c:3644:882a:3698]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | ICMP6(EchoReply) | 16 | 0xc5a2 | yes | norm | NA | TX | 0x0800 | 15.4 | + * | 00:00:09.292 | src: [fdde:ad00:beef:0:af4c:3644:882a:3698]:0 | + * | | dst: [fdde:ad00:beef:0:efe8:4910:cf95:dee9]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xaa0d | yes | net | NA | TX | 0x0800 | 15.4 | + * | 00:00:09.294 | src: [fdde:ad00:beef:0:0:ff:fe00:801]:61631 | + * | | dst: [fdde:ad00:beef:0:0:ff:fe00:800]:61631 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | HopOpts | 44 | 0x0000 | yes | norm | -20 | RX | 0x0800 | 15.4 | + * | 00:00:09.296 | src: [fdde:ad00:beef:0:0:ff:fe00:800]:0 | + * | | dst: [ff03:0:0:0:0:0:0:2]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xc1d8 | no | net | -20 | RX | 0x0800 | 15.4 | + * | 00:00:09.569 | src: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0x3cb1 | no | net | -20 | RX | 0x0800 | 15.4 | + * | 00:00:16.519 | src: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xeda0 | no | net | -20 | RX | 0x0800 | 15.4 | + * | 00:00:20.599 | src: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:1]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 165 | 0xbdfa | yes | net | -20 | RX | 0x0800 | 15.4 | + * | 00:00:21.059 | src: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * | | dst: [fe80:0:0:0:8893:c2cc:d983:1e1c]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 64 | 0x1c11 | no | net | NA | TX | 0x0800 | 15.4 | + * | 00:00:21.062 | src: [fe80:0:0:0:8893:c2cc:d983:1e1c]:19788 | + * | | dst: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 93 | 0xedff | no | net | -20 | RX | unknwn | 15.4 | + * | 00:00:21.474 | src: [fe80:0:0:0:54d9:5153:ffc6:df26]:19788 | + * | | dst: [fe80:0:0:0:8893:c2cc:d983:1e1c]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 44 | 0xd383 | no | net | NA | TX | bcast | 15.4 | + * | 00:00:21.811 | src: [fe80:0:0:0:8893:c2cc:d983:1e1c]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:2]:19788 | + * Done + * @endcode + * @code + * history rxtx list 5 + * 00:00:02.100 + type:UDP len:50 checksum:0xd843 sec:no prio:net rss:-20 from:0x0800 radio:15.4 + src:[fe80:0:0:0:54d9:5153:ffc6:df26]:19788 + dst:[ff02:0:0:0:0:0:0:1]:19788 + * 00:00:15.331 + type:HopOpts len:44 checksum:0x0000 sec:yes prio:norm rss:-20 from:0x0800 radio:15.4 + src:[fdde:ad00:beef:0:0:ff:fe00:800]:0 + dst:[ff03:0:0:0:0:0:0:2]:0 + * 00:00:15.354 + type:UDP len:12 checksum:0x6c6b sec:yes prio:net rss:-20 from:0x0800 radio:15.4 + src:[fdde:ad00:beef:0:0:ff:fe00:800]:61631 + dst:[fdde:ad00:beef:0:0:ff:fe00:801]:61631 + * 00:00:15.356 + type:ICMP6(EchoReqst) len:16 checksum:0xc6a2 sec:yes prio:norm rss:-20 from:0x0800 radio:15.4 + src:[fdde:ad00:beef:0:efe8:4910:cf95:dee9]:0 + dst:[fdde:ad00:beef:0:af4c:3644:882a:3698]:0 + * 00:00:15.356 + type:ICMP6(EchoReply) len:16 checksum:0xc5a2 sec:yes prio:norm tx-success:yes to:0x0800 radio:15.4 + src:[fdde:ad00:beef:0:af4c:3644:882a:3698]:0 + dst:[fdde:ad00:beef:0:efe8:4910:cf95:dee9]:0 + * Done + * @endcode + * @cparam history rxtx [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the combined IPv6 message RX and TX history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Type: + * * IPv6 message type, such as `UDP`, `TCP`, `HopOpts`, and `ICMP6` (and its subtype). + * * `src`: Source IPv6 address and port number. + * * `dst`: Destination IPv6 address and port number (port number is valid + for UDP/TCP, otherwise it is 0). + * * Len: IPv6 payload length (excluding the IPv6 header). + * * Chksum: Message checksum (valid for UDP, TCP, or ICMP6 messages). + * * Sec: Indicates if link-layer security was used. + * * Prio: Message priority. Possible values are `low`, `norm`, `high`, or + * `net` (for Thread control messages). + * * RSS: Received Signal Strength (in dBm), averaged over all received fragment + * frames that formed the message. For TX history, `NA` (not applicable) + is displayed. + * * Dir: Shows whether the message was sent (`TX`) or received (`RX`). A failed + * transmission is indicated with `TX-F` in table format or + * `tx-success:no` in list format. Examples of a failed transmission + * include a `tx`getting aborted and no `ack` getting sent from the peer for + * any of the message fragments. + * * Neighb: Short address (RLOC16) of the neighbor with whom the message was + * sent/received. If the frame was broadcast, it is shown as + * `bcast` in table format or `0xffff` in list format. If the short + * address of the neighbor is not available, it is shown as `unknwn` in + * table format or `0xfffe` in list format. + * * Radio: Radio link on which the message was sent/received (useful when + `OPENTHREAD_CONFIG_MULTI_RADIO` is enabled). Can be `15.4`, `trel`, + or `all` (if sent on all radio links). + * @sa otHistoryTrackerIterateRxHistory + * @sa otHistoryTrackerIterateTxHistory + */ template <> otError History::Process(Arg aArgs[]) { return ProcessRxTxHistory(kRxTx, aArgs); } +/** + * @cli history tx + * @code + * history tx + * | Age | Type | Len | Chksum | Sec | Prio | RSS |Dir | Neighb | Radio | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | ICMP6(EchoReply) | 16 | 0x932c | yes | norm | NA | TX | 0x4800 | 15.4 | + * | 00:00:18.798 | src: [fdde:ad00:beef:0:dc0e:d6b3:f180:b75b]:0 | + * | | dst: [fdde:ad00:beef:0:ac09:a16b:3204:dc09]:0 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 50 | 0xce87 | yes | net | NA | TX | 0x4800 | 15.4 | + * | 00:00:18.800 | src: [fdde:ad00:beef:0:0:ff:fe00:4801]:61631 | + * | | dst: [fdde:ad00:beef:0:0:ff:fe00:4800]:61631 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 64 | 0xf7ba | no | net | NA | TX | 0x4800 | 15.4 | + * | 00:00:39.499 | src: [fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 | + * | | dst: [fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 | + * +----------------------+------------------+-------+--------+-----+------+------+----+--------+-------+ + * | | UDP | 44 | 0x26d4 | no | net | NA | TX | bcast | 15.4 | + * | 00:00:40.256 | src: [fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 | + * | | dst: [ff02:0:0:0:0:0:0:2]:19788 | + * Done + * @endcode + * @code + * history tx list + * 00:00:23.957 + type:ICMP6(EchoReply) len:16 checksum:0x932c sec:yes prio:norm tx-success:yes to:0x4800 radio:15.4 + src:[fdde:ad00:beef:0:dc0e:d6b3:f180:b75b]:0 + dst:[fdde:ad00:beef:0:ac09:a16b:3204:dc09]:0 + * 00:00:23.959 + type:UDP len:50 checksum:0xce87 sec:yes prio:net tx-success:yes to:0x4800 radio:15.4 + src:[fdde:ad00:beef:0:0:ff:fe00:4801]:61631 + dst:[fdde:ad00:beef:0:0:ff:fe00:4800]:61631 + * 00:00:44.658 + type:UDP len:64 checksum:0xf7ba sec:no prio:net tx-success:yes to:0x4800 radio:15.4 + src:[fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 + dst:[fe80:0:0:0:d03d:d3e7:cc5e:7cd7]:19788 + * 00:00:45.415 + type:UDP len:44 checksum:0x26d4 sec:no prio:net tx-success:yes to:0xffff radio:15.4 + src:[fe80:0:0:0:a4a5:bbac:a8e:bd07]:19788 + dst:[ff02:0:0:0:0:0:0:2]:19788 + * Done + * @endcode + * @cparam history tx [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the IPv6 message TX history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Type: + * * IPv6 message type, such as `UDP`, `TCP`, `HopOpts`, and `ICMP6` (and its subtype). + * * `src`: Source IPv6 address and port number. + * * `dst`: Destination IPv6 address and port number (port number is valid + for UDP/TCP, otherwise it is 0). + * * Len: IPv6 payload length (excluding the IPv6 header). + * * Chksum: Message checksum (valid for UDP, TCP, or ICMP6 messages). + * * Sec: Indicates if link-layer security was used. + * * Prio: Message priority. Possible values are `low`, `norm`, `high`, or + * `net` (for Thread control messages). + * * RSS: Received Signal Strength (in dBm), averaged over all received fragment + * frames that formed the message. For TX history, `NA` (not applicable) + is displayed. + * * Dir: Shows whether the message was sent (`TX`) or received (`RX`). A failed + * transmission is indicated with `TX-F` in table format or + * `tx-success:no` in list format. Examples of a failed transmission + * include a `tx`getting aborted and no `ack` getting sent from the peer for + * any of the message fragments. + * * Neighb: Short address (RLOC16) of the neighbor with whom the message was + * sent/received. If the frame was broadcast, it is shown as + * `bcast` in table format or `0xffff` in list format. If the short + * address of the neighbor is not available, it is shown as `unknwn` in + * table format or `0xfffe` in list format. + * * Radio: Radio link on which the message was sent/received (useful when + `OPENTHREAD_CONFIG_MULTI_RADIO` is enabled). Can be `15.4`, `trel`, + or `all` (if sent on all radio links). + * @sa otHistoryTrackerIterateTxHistory + */ template <> otError History::Process(Arg aArgs[]) { return ProcessRxTxHistory(kTx, aArgs); } const char *History::MessagePriorityToString(uint8_t aPriority) @@ -636,6 +1246,58 @@ void History::OutputRxTxEntryTableFormat(const otHistoryTrackerMessageInfo &aInf OutputLine("| %20s | dst: %-70s |", "", addrString); } +/** + * @cli history prefix + * @code + * history prefix + * | Age | Event | Prefix | Flags | Pref | RLOC16 | + * +----------------------+---------+---------------------------------------------+-----------+------+--------+ + * | 00:00:10.663 | Added | fd00:1111:2222:3333::/64 | paro | med | 0x5400 | + * | 00:01:02.054 | Removed | fd00:dead:beef:1::/64 | paros | high | 0x5400 | + * | 00:01:21.136 | Added | fd00:abba:cddd:0::/64 | paos | med | 0x5400 | + * | 00:01:45.144 | Added | fd00:dead:beef:1::/64 | paros | high | 0x3c00 | + * | 00:01:50.944 | Added | fd00:dead:beef:1::/64 | paros | high | 0x5400 | + * | 00:01:59.887 | Added | fd00:dead:beef:1::/64 | paros | med | 0x8800 | + * Done + * @endcode + * @code + * history prefix list + * 00:04:12.487 -> event:Added prefix:fd00:1111:2222:3333::/64 flags:paro pref:med rloc16:0x5400 + * 00:05:03.878 -> event:Removed prefix:fd00:dead:beef:1::/64 flags:paros pref:high rloc16:0x5400 + * 00:05:22.960 -> event:Added prefix:fd00:abba:cddd:0::/64 flags:paos pref:med rloc16:0x5400 + * 00:05:46.968 -> event:Added prefix:fd00:dead:beef:1::/64 flags:paros pref:high rloc16:0x3c00 + * 00:05:52.768 -> event:Added prefix:fd00:dead:beef:1::/64 flags:paros pref:high rloc16:0x5400 + * 00:06:01.711 -> event:Added prefix:fd00:dead:beef:1::/64 flags:paros pref:med rloc16:0x8800 + * Done + * @endcode + * @cparam history prefix [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the network data for the mesh prefix history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Event: Possible values are `Added` or `Removed`. + * * Prefix + * * Flags/meaning: + * * `p`: Preferred flag + * * `a`: Stateless IPv6 address auto-configuration flag. + * * `d`: DHCPv6 IPv6 address configuration flag. + * * `c`: DHCPv6 other-configuration flag. + * * `r`: Default route flag. + * * `o`: On mesh flag. + * * `s`: Stable flag. + * * `n`: Nd Dns flag. + * * `D`: Domain prefix flag. + * * Pref: Preference. Values can be either `high`, `med`, or `low`. + * * RLOC16 + * @sa otHistoryTrackerIterateOnMeshPrefixHistory + */ template <> otError History::Process(Arg aArgs[]) { otError error; @@ -686,6 +1348,45 @@ template <> otError History::Process(Arg aArgs[]) return error; } +/** + * @cli history route + * @code + * history route + * | Age | Event | Route | Flags | Pref | RLOC16 | + * +----------------------+---------+---------------------------------------------+-----------+------+--------+ + * | 00:00:05.456 | Removed | fd00:1111:0::/48 | s | med | 0x3c00 | + * | 00:00:29.310 | Added | fd00:1111:0::/48 | s | med | 0x3c00 | + * | 00:00:42.822 | Added | fd00:1111:0::/48 | s | med | 0x5400 | + * | 00:01:27.688 | Added | fd00:aaaa:bbbb:cccc::/64 | s | med | 0x8800 | + * Done + * @endcode + * @code + * history route list 2 + * 00:00:48.704 -> event:Removed route:fd00:1111:0::/48 flags:s pref:med rloc16:0x3c00 + * 00:01:12.558 -> event:Added route:fd00:1111:0::/48 flags:s pref:med rloc16:0x3c00 + * Done + * @endcode + * @cparam history route [@ca{list}] [@ca{num-entries}] + * * Use the `list` option to display the output in list format. Otherwise, + * the output is shown in table format. + * * Use the `num-entries` option to limit the output to the number of + * most-recent entries specified. If this option is not used, all stored + * entries are shown in the output. + * @par + * Displays the network data external-route history in table or list format. + * @par + * Each table or list entry provides: + * * Age: Time elapsed since the command was issued, and given in the format: + * `hours`:`minutes`:`seconds`:`milliseconds` + * * Event: Possible values are `Added` or `Removed`. + * * Route + * * Flags/meaning: + * * `s`: Stable flag. + * * `n`: NAT64 flag. + * * Pref: Preference. Values can be either `high`, `med`, or `low`. + * * RLOC16 + * @sa otHistoryTrackerIterateExternalRouteHistory + */ template <> otError History::Process(Arg aArgs[]) { otError error; From 519740236373311e4a96a5aab8f99cde7af98061 Mon Sep 17 00:00:00 2001 From: Yang Liu Date: Fri, 5 Jan 2024 14:10:24 +0800 Subject: [PATCH 052/121] [trel] add config for peer table size and packet pool size (#9750) --- src/core/BUILD.gn | 1 + src/core/config/trel.h | 66 ++++++++++++++++++++ src/core/openthread-core-config.h | 1 + src/core/radio/trel_interface.hpp | 5 +- src/posix/platform/openthread-posix-config.h | 10 +++ src/posix/platform/trel.cpp | 11 ++-- 6 files changed, 87 insertions(+), 7 deletions(-) create mode 100644 src/core/config/trel.h diff --git a/src/core/BUILD.gn b/src/core/BUILD.gn index 5263637bdac..f4fa5db94a5 100644 --- a/src/core/BUILD.gn +++ b/src/core/BUILD.gn @@ -825,6 +825,7 @@ source_set("libopenthread_core_config") { "config/srp_server.h", "config/time_sync.h", "config/tmf.h", + "config/trel.h", "openthread-core-config.h", ] public_configs = [ diff --git a/src/core/config/trel.h b/src/core/config/trel.h new file mode 100644 index 00000000000..8d378ee033a --- /dev/null +++ b/src/core/config/trel.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2024, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file includes compile-time configurations for TREL. + * + */ + +#ifndef CONFIG_TREL_H_ +#define CONFIG_TREL_H_ + +/** + * @addtogroup config-trel + * + * @brief + * This module includes configuration variables for TREL. + * + * @{ + * + */ + +/** + * @def OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE + * + * Specifies the capacity of TREL peer table. Only non-zero value + * will be directly used for setting the TREL peer table capacity. + * Zero value lets the size to be determined by the OT stack itself + * which is derived based on other configurations such as a child + * table size, neighbor table size, etc. + */ +#ifndef OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE +#define OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE (0) +#endif + +/** + * @} + * + */ + +#endif // CONFIG_TREL_H_ diff --git a/src/core/openthread-core-config.h b/src/core/openthread-core-config.h index 79640a84fb8..498eb627c8e 100644 --- a/src/core/openthread-core-config.h +++ b/src/core/openthread-core-config.h @@ -114,6 +114,7 @@ #include "config/srp_server.h" #include "config/time_sync.h" #include "config/tmf.h" +#include "config/trel.h" #undef OPENTHREAD_CORE_CONFIG_H_IN diff --git a/src/core/radio/trel_interface.hpp b/src/core/radio/trel_interface.hpp index 9ef09b2dd43..3d48368a583 100644 --- a/src/core/radio/trel_interface.hpp +++ b/src/core/radio/trel_interface.hpp @@ -229,9 +229,12 @@ class Interface : public InstanceLocator bool IsFilterEnabled(void) const { return mFiltered; } private: +#if OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE != 0 + static constexpr uint16_t kPeerTableSize = OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE; +#else static constexpr uint16_t kPeerTableExtraEntries = 32; static constexpr uint16_t kPeerTableSize = Mle::kMaxRouters + Mle::kMaxChildren + kPeerTableExtraEntries; - +#endif static const char kTxtRecordExtAddressKey[]; static const char kTxtRecordExtPanIdKey[]; diff --git a/src/posix/platform/openthread-posix-config.h b/src/posix/platform/openthread-posix-config.h index 87dbfe418c5..f39c6f2ac7c 100644 --- a/src/posix/platform/openthread-posix-config.h +++ b/src/posix/platform/openthread-posix-config.h @@ -419,4 +419,14 @@ #define OPENTHREAD_POSIX_CONFIG_EXIT_ON_INFRA_NETIF_LOST_ENABLE 1 #endif +/** + * @def OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE + * + * This setting configures the capacity of TREL packet pool for transmission. + * + */ +#ifndef OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE +#define OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE 5 +#endif + #endif // OPENTHREAD_PLATFORM_CONFIG_H_ diff --git a/src/posix/platform/trel.cpp b/src/posix/platform/trel.cpp index a925cb84ca9..4e5ed53ec16 100644 --- a/src/posix/platform/trel.cpp +++ b/src/posix/platform/trel.cpp @@ -51,20 +51,19 @@ #if OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE -#define TREL_MAX_PACKET_SIZE 1400 -#define TREL_PACKET_POOL_SIZE 5 +static constexpr uint16_t kMaxPacketSize = 1400; // The max size of a TREL packet. typedef struct TxPacket { struct TxPacket *mNext; - uint8_t mBuffer[TREL_MAX_PACKET_SIZE]; + uint8_t mBuffer[kMaxPacketSize]; uint16_t mLength; otSockAddr mDestSockAddr; } TxPacket; -static uint8_t sRxPacketBuffer[TREL_MAX_PACKET_SIZE]; +static uint8_t sRxPacketBuffer[kMaxPacketSize]; static uint16_t sRxPacketLength; -static TxPacket sTxPacketPool[TREL_PACKET_POOL_SIZE]; +static TxPacket sTxPacketPool[OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE]; static TxPacket *sFreeTxPacketHead; // A singly linked list of free/available `TxPacket` from pool. static TxPacket *sTxPacketQueueTail; // A circular linked list for queued tx packets. @@ -456,7 +455,7 @@ void otPlatTrelSend(otInstance *aInstance, VerifyOrExit(sEnabled); - assert(aUdpPayloadLen <= TREL_MAX_PACKET_SIZE); + assert(aUdpPayloadLen <= kMaxPacketSize); // We try to send the packet immediately. If it fails (e.g., // network is down) `SendPacket()` returns `OT_ERROR_ABORT`. If From 09d07a7c6aa632161c9c0a5e1c04de6d213a3b8a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jan 2024 17:23:20 -0800 Subject: [PATCH 053/121] Bump pycryptodome from 3.17 to 3.19.1 in /tests/scripts/thread-cert (#9755) Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.17 to 3.19.1. - [Release notes](https://github.com/Legrandin/pycryptodome/releases) - [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst) - [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.17.0...v3.19.1) --- updated-dependencies: - dependency-name: pycryptodome dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tests/scripts/thread-cert/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/thread-cert/requirements.txt b/tests/scripts/thread-cert/requirements.txt index 99b97972c05..8afe42ded56 100644 --- a/tests/scripts/thread-cert/requirements.txt +++ b/tests/scripts/thread-cert/requirements.txt @@ -16,7 +16,7 @@ ptyprocess==0.7.0 # via pexpect py==1.11.0 # via pyshark -pycryptodome==3.17 +pycryptodome==3.19.1 # via -r requirements.in pyshark==0.4.6 # via -r requirements.in From d81c6fab98df8fbeb0f3611ce5ec4c131c84cbce Mon Sep 17 00:00:00 2001 From: Yang Liu Date: Sat, 6 Jan 2024 14:10:27 +0800 Subject: [PATCH 054/121] [telemetry] add API for TREL telemetry (#9710) Create OT API to support trel telemetry which is supported through platform API and also add cli support to get/reset trel counters. Metrics we are adding are: - trel_frames_tx - trel_bytes_tx - trel_frames_rx - trel_bytes_rx - trel_frames_tx_failed - num_trel_peers Metrics already supported through API: - trel_enabled --- examples/platforms/simulation/trel.c | 23 +++++++-- include/openthread/instance.h | 2 +- include/openthread/platform/trel.h | 29 +++++++++++ include/openthread/trel.h | 35 ++++++++++++++ src/cli/cli.cpp | 48 +++++++++++++++++++ src/cli/cli.hpp | 3 ++ src/core/api/trel_api.cpp | 12 +++++ src/core/radio/trel_interface.cpp | 4 ++ src/core/radio/trel_interface.hpp | 28 +++++++++++ src/posix/platform/trel.cpp | 42 +++++++++++++--- .../border_router/test_trel_connectivity.py | 17 +++++++ tests/scripts/thread-cert/node.py | 24 ++++++++++ tests/unit/test_platform.cpp | 4 ++ tests/unit/test_platform.h | 1 + 14 files changed, 261 insertions(+), 11 deletions(-) diff --git a/examples/platforms/simulation/trel.c b/examples/platforms/simulation/trel.c index 3413c9351b8..cfc34ac9bc4 100644 --- a/examples/platforms/simulation/trel.c +++ b/examples/platforms/simulation/trel.c @@ -73,10 +73,11 @@ static uint16_t sPortOffset = 0; static bool sEnabled = false; static uint16_t sUdpPort; -static bool sServiceRegistered = false; -static uint16_t sServicePort; -static uint8_t sServiceTxtLength; -static char sServiceTxtData[TREL_MAX_SERVICE_TXT_DATA_LEN]; +static bool sServiceRegistered = false; +static uint16_t sServicePort; +static uint8_t sServiceTxtLength; +static char sServiceTxtData[TREL_MAX_SERVICE_TXT_DATA_LEN]; +static otPlatTrelCounters sCounters; #if DEBUG_LOG static void dumpBuffer(const void *aBuffer, uint16_t aLength) @@ -388,6 +389,8 @@ void otPlatTrelSend(otInstance *aInstance, #if DEBUG_LOG fprintf(stderr, "\r\n[trel-sim] otPlatTrelSend(len:%u, port:%u)\r\n", aUdpPayloadLen, aDestSockAddr->mPort); #endif + ++sCounters.mTxPackets; + sCounters.mTxBytes += aUdpPayloadLen; } //--------------------------------------------------------------------------------------------------------------------- @@ -473,6 +476,18 @@ void platformTrelProcess(otInstance *aInstance, const fd_set *aReadFdSet, const } } +const otPlatTrelCounters *otPlatTrelGetCounters(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return &sCounters; +} + +void otPlatTrelResetCounters(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + memset(&sCounters, 0, sizeof(sCounters)); +} + //--------------------------------------------------------------------------------------------------------------------- // This is added for RCP build to be built ok diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 6394f343e3d..05c7ce4f0f8 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (387) +#define OPENTHREAD_API_VERSION (388) /** * @addtogroup api-instance diff --git a/include/openthread/platform/trel.h b/include/openthread/platform/trel.h index b372fded542..f9e068f7797 100644 --- a/include/openthread/platform/trel.h +++ b/include/openthread/platform/trel.h @@ -197,6 +197,35 @@ void otPlatTrelSend(otInstance *aInstance, */ extern void otPlatTrelHandleReceived(otInstance *aInstance, uint8_t *aBuffer, uint16_t aLength); +/** + * Represents a group of TREL related counters in the platform layer. + * + */ +typedef struct otPlatTrelCounters +{ + uint64_t mTxPackets; ///< Number of packets successfully transmitted through TREL. + uint64_t mTxBytes; ///< Sum of size of packets successfully transmitted through TREL. + uint64_t mTxFailure; ///< Number of packet transmission failures through TREL. + uint64_t mRxPackets; ///< Number of packets received through TREL. + uint64_t mRxBytes; ///< Sum of size of packets received through TREL. +} otPlatTrelCounters; + +/** + * Gets the pointer to the TREL counters in the platform layer. + * + * @param[in] aInstance The OpenThread instance structure. + * + */ +const otPlatTrelCounters *otPlatTrelGetCounters(otInstance *aInstance); + +/** + * Resets the TREL counters in the platform layer. + * + * @param[in] aInstance The OpenThread instance structure. + * + */ +void otPlatTrelResetCounters(otInstance *aInstance); + /** * @} * diff --git a/include/openthread/trel.h b/include/openthread/trel.h index 2358ea26a11..e9a0bf00ab5 100644 --- a/include/openthread/trel.h +++ b/include/openthread/trel.h @@ -39,6 +39,7 @@ #include #include #include +#include "openthread/platform/trel.h" #ifdef __cplusplus extern "C" { @@ -123,6 +124,16 @@ void otTrelInitPeerIterator(otInstance *aInstance, otTrelPeerIterator *aIterator */ const otTrelPeer *otTrelGetNextPeer(otInstance *aInstance, otTrelPeerIterator *aIterator); +/** + * Returns the number of TREL peers. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @returns The number of TREL peers. + * + */ +uint16_t otTrelGetNumberOfPeers(otInstance *aInstance); + /** * Sets the filter mode (enables/disables filtering). * @@ -149,6 +160,30 @@ void otTrelSetFilterEnabled(otInstance *aInstance, bool aEnable); */ bool otTrelIsFilterEnabled(otInstance *aInstance); +/** + * Represents a group of TREL related counters. + * + */ +typedef otPlatTrelCounters otTrelCounters; + +/** + * Gets the TREL counters. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @returns A pointer to the TREL counters. + * + */ +const otTrelCounters *otTrelGetCounters(otInstance *aInstance); + +/** + * Resets the TREL counters. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + */ +void otTrelResetCounters(otInstance *aInstance); + /** * @} * diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index ba34e59b47d..f288740bdfc 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -7800,6 +7800,41 @@ template <> otError Interpreter::Process(Arg aArgs[]) } } } + /** + * @cli trel counters + * @code + * trel counters + * Inbound: Packets 32 Bytes 4000 + * Outbound: Packets 4 Bytes 320 Failures 1 + * Done + * @endcode + * @par api_copy + * #otTrelGetCounters + */ + else if (aArgs[0] == "counters") + { + if (aArgs[1].IsEmpty()) + { + OutputTrelCounters(*otTrelGetCounters(GetInstancePtr())); + } + /** + * @cli trel counters reset + * @code + * trel counters reset + * Done + * @endcode + * @par api_copy + * #otTrelResetCounters + */ + else if ((aArgs[1] == "reset") && aArgs[2].IsEmpty()) + { + otTrelResetCounters(GetInstancePtr()); + } + else + { + error = OT_ERROR_INVALID_ARGS; + } + } else { error = OT_ERROR_INVALID_ARGS; @@ -7808,6 +7843,19 @@ template <> otError Interpreter::Process(Arg aArgs[]) exit: return error; } + +void Interpreter::OutputTrelCounters(const otTrelCounters &aCounters) +{ + Uint64StringBuffer u64StringBuffer; + + OutputFormat("Inbound: Packets %s ", Uint64ToString(aCounters.mRxPackets, u64StringBuffer)); + OutputLine("Bytes %s", Uint64ToString(aCounters.mRxBytes, u64StringBuffer)); + + OutputFormat("Outbound: Packets %s ", Uint64ToString(aCounters.mTxPackets, u64StringBuffer)); + OutputFormat("Bytes %s ", Uint64ToString(aCounters.mTxBytes, u64StringBuffer)); + OutputLine("Failures %s", Uint64ToString(aCounters.mTxFailure, u64StringBuffer)); +} + #endif template <> otError Interpreter::Process(Arg aArgs[]) diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index 6fb727607b0..7b687dfb087 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -483,6 +483,9 @@ class Interpreter : public OutputImplementer, public Output void OutputChildTableEntry(uint8_t aIndentSize, const otNetworkDiagChildEntry &aChildEntry); #endif +#if OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE + void OutputTrelCounters(const otTrelCounters &aCounters); +#endif #if OPENTHREAD_CONFIG_NAT64_TRANSLATOR_ENABLE void OutputNat64Counters(const otNat64Counters &aCounters); #endif diff --git a/src/core/api/trel_api.cpp b/src/core/api/trel_api.cpp index 687c1169ccf..09344d3d143 100644 --- a/src/core/api/trel_api.cpp +++ b/src/core/api/trel_api.cpp @@ -60,6 +60,11 @@ const otTrelPeer *otTrelGetNextPeer(otInstance *aInstance, otTrelPeerIterator *a return AsCoreType(aInstance).Get().GetNextPeer(*aIterator); } +uint16_t otTrelGetNumberOfPeers(otInstance *aInstance) +{ + return AsCoreType(aInstance).Get().GetNumberOfPeers(); +} + void otTrelSetFilterEnabled(otInstance *aInstance, bool aEnable) { AsCoreType(aInstance).Get().SetFilterEnabled(aEnable); @@ -70,4 +75,11 @@ bool otTrelIsFilterEnabled(otInstance *aInstance) return AsCoreType(aInstance).Get().IsFilterEnabled(); } +const otTrelCounters *otTrelGetCounters(otInstance *aInstance) +{ + return AsCoreType(aInstance).Get().GetCounters(); +} + +void otTrelResetCounters(otInstance *aInstance) { AsCoreType(aInstance).Get().ResetCounters(); } + #endif // OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE diff --git a/src/core/radio/trel_interface.cpp b/src/core/radio/trel_interface.cpp index d2534773356..dc94b45115a 100644 --- a/src/core/radio/trel_interface.cpp +++ b/src/core/radio/trel_interface.cpp @@ -352,6 +352,10 @@ void Interface::RemovePeerEntry(Peer &aEntry) mPeerTable.PopBack(); } +const Counters *Interface::GetCounters(void) const { return otPlatTrelGetCounters(&GetInstance()); } + +void Interface::ResetCounters(void) { otPlatTrelResetCounters(&GetInstance()); } + Error Interface::Send(const Packet &aPacket, bool aIsDiscovery) { Error error = kErrorNone; diff --git a/src/core/radio/trel_interface.hpp b/src/core/radio/trel_interface.hpp index 3d48368a583..c5750bcf815 100644 --- a/src/core/radio/trel_interface.hpp +++ b/src/core/radio/trel_interface.hpp @@ -59,6 +59,12 @@ class Link; extern "C" void otPlatTrelHandleReceived(otInstance *aInstance, uint8_t *aBuffer, uint16_t aLength); extern "C" void otPlatTrelHandleDiscoveredPeerInfo(otInstance *aInstance, const otPlatTrelPeerInfo *aInfo); +/** + * Represents a group of TREL counters. + * + */ +typedef otTrelCounters Counters; + /** * Represents a TREL link interface. * @@ -205,6 +211,14 @@ class Interface : public InstanceLocator */ const Peer *GetNextPeer(PeerIterator &aIterator) const; + /** + * Returns the number of TREL peers. + * + * @returns The number of TREL peers. + * + */ + uint16_t GetNumberOfPeers(void) const { return mPeerTable.GetLength(); } + /** * Sets the filter mode (enables/disables filtering). * @@ -228,6 +242,20 @@ class Interface : public InstanceLocator */ bool IsFilterEnabled(void) const { return mFiltered; } + /** + * Gets the TREL counters. + * + * The counters are initialized to zero when the TREL platform is initialized. + * + */ + const Counters *GetCounters(void) const; + + /** + * Resets the TREL counters. + * + */ + void ResetCounters(void); + private: #if OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE != 0 static constexpr uint16_t kPeerTableSize = OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE; diff --git a/src/posix/platform/trel.cpp b/src/posix/platform/trel.cpp index 4e5ed53ec16..ea06bca8869 100644 --- a/src/posix/platform/trel.cpp +++ b/src/posix/platform/trel.cpp @@ -61,11 +61,12 @@ typedef struct TxPacket otSockAddr mDestSockAddr; } TxPacket; -static uint8_t sRxPacketBuffer[kMaxPacketSize]; -static uint16_t sRxPacketLength; -static TxPacket sTxPacketPool[OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE]; -static TxPacket *sFreeTxPacketHead; // A singly linked list of free/available `TxPacket` from pool. -static TxPacket *sTxPacketQueueTail; // A circular linked list for queued tx packets. +static uint8_t sRxPacketBuffer[kMaxPacketSize]; +static uint16_t sRxPacketLength; +static TxPacket sTxPacketPool[OPENTHREAD_POSIX_CONFIG_TREL_TX_PACKET_POOL_SIZE]; +static TxPacket *sFreeTxPacketHead; // A singly linked list of free/available `TxPacket` from pool. +static TxPacket *sTxPacketQueueTail; // A circular linked list for queued tx packets. +static otPlatTrelCounters sCounters; static char sInterfaceName[IFNAMSIZ + 1]; static bool sInitialized = false; @@ -186,11 +187,19 @@ static otError SendPacket(const uint8_t *aBuffer, uint16_t aLength, const otSock error = OT_ERROR_INVALID_STATE; } } + else + { + ++sCounters.mTxPackets; + sCounters.mTxBytes += aLength; + } exit: otLogDebgPlat("[trel] SendPacket([%s]:%u) err:%s pkt:%s", Ip6AddrToString(&aDestSockAddr->mAddress), aDestSockAddr->mPort, otThreadErrorToString(error), BufferToString(aBuffer, aLength)); - + if (error != OT_ERROR_NONE) + { + ++sCounters.mTxFailure; + } return error; } @@ -218,6 +227,8 @@ static void ReceivePacket(int aSocket, otInstance *aInstance) if (sEnabled) { + ++sCounters.mRxPackets; + sCounters.mRxBytes += sRxPacketLength; otPlatTrelHandleReceived(aInstance, sRxPacketBuffer, sRxPacketLength); } } @@ -305,6 +316,8 @@ static void EnqueuePacket(const uint8_t *aBuffer, uint16_t aLength, const otSock return; } +static void ResetCounters() { memset(&sCounters, 0, sizeof(sCounters)); } + //--------------------------------------------------------------------------------------------------------------------- // trelDnssd // @@ -485,6 +498,21 @@ void otPlatTrelRegisterService(otInstance *aInstance, uint16_t aPort, const uint return; } +// We keep counters at the platform layer because TREL failures can only be captured accurately within +// the platform layer as the platform sometimes only queues the packet and the packet will be sent later +// and the error is only known after sent. +const otPlatTrelCounters *otPlatTrelGetCounters(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + return &sCounters; +} + +void otPlatTrelResetCounters(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + ResetCounters(); +} + //--------------------------------------------------------------------------------------------------------------------- // platformTrel system @@ -506,6 +534,8 @@ void platformTrelInit(const char *aTrelUrl) InitPacketQueue(); sInitialized = true; + + ResetCounters(); } void platformTrelDeinit(void) diff --git a/tests/scripts/thread-cert/border_router/test_trel_connectivity.py b/tests/scripts/thread-cert/border_router/test_trel_connectivity.py index 33487d83614..20ed039322e 100755 --- a/tests/scripts/thread-cert/border_router/test_trel_connectivity.py +++ b/tests/scripts/thread-cert/border_router/test_trel_connectivity.py @@ -143,6 +143,23 @@ def test(self): self.assertTrue(med1.ping(router2_mleid)) self.assertTrue(sed1.ping(router2_mleid)) + counters = br1.get_trel_counters() + print('br1 trel counters', counters) + self.assertTrue(counters['Inbound']['packets'] > 0) + self.assertTrue(counters['Inbound']['bytes'] > 0) + self.assertTrue(counters['Outbound']['packets'] > 0) + self.assertTrue(counters['Outbound']['bytes'] > 0) + self.assertTrue(counters['Outbound']['failures'] >= 0) + + br1.reset_trel_counters() + counters = br1.get_trel_counters() + print('br1 trel counters after reset', counters) + self.assertTrue(counters['Inbound']['packets'] == 0) + self.assertTrue(counters['Inbound']['bytes'] == 0) + self.assertTrue(counters['Outbound']['packets'] == 0) + self.assertTrue(counters['Outbound']['bytes'] == 0) + self.assertTrue(counters['Outbound']['failures'] == 0) + def verify(self, pv: PacketVerifier): pkts: PacketFilter = pv.pkts BR1_RLOC16 = pv.vars['BR1_RLOC16'] diff --git a/tests/scripts/thread-cert/node.py b/tests/scripts/thread-cert/node.py index 607d5321447..b1b94082f77 100755 --- a/tests/scripts/thread-cert/node.py +++ b/tests/scripts/thread-cert/node.py @@ -1390,6 +1390,30 @@ def is_trel_enabled(self) -> Union[None, bool]: raise + def get_trel_counters(self): + cmd = 'trel counters' + self.send_command(cmd) + result = self._expect_command_output() + + counters = {} + for line in result: + m = re.match(r'(\w+)\:[^\d]+(\d+)[^\d]+(\d+)(?:[^\d]+(\d+))?', line) + if m: + groups = m.groups() + sub_counters = { + 'packets': int(groups[1]), + 'bytes': int(groups[2]), + } + if groups[3]: + sub_counters['failures'] = int(groups[3]) + counters[groups[0]] = sub_counters + return counters + + def reset_trel_counters(self): + cmd = 'trel counters reset' + self.send_command(cmd) + self._expect_done() + def _encode_txt_entry(self, entry): """Encodes the TXT entry to the DNS-SD TXT record format as a HEX string. diff --git a/tests/unit/test_platform.cpp b/tests/unit/test_platform.cpp index 3617114281d..2ede8e8e8e1 100644 --- a/tests/unit/test_platform.cpp +++ b/tests/unit/test_platform.cpp @@ -424,6 +424,10 @@ OT_TOOL_WEAK void otPlatTrelDisable(otInstance *) {} OT_TOOL_WEAK void otPlatTrelSend(otInstance *, const uint8_t *, uint16_t, const otSockAddr *) {} OT_TOOL_WEAK void otPlatTrelRegisterService(otInstance *, uint16_t, const uint8_t *, uint8_t) {} + +OT_TOOL_WEAK const otPlatTrelCounters *otPlatTrelGetCounters(otInstance *) { return nullptr; } + +OT_TOOL_WEAK void otPlatTrelResetCounters(otInstance *) {} #endif #if OPENTHREAD_CONFIG_MLE_LINK_METRICS_SUBJECT_ENABLE diff --git a/tests/unit/test_platform.h b/tests/unit/test_platform.h index 97a9d79d999..7197feb7e35 100644 --- a/tests/unit/test_platform.h +++ b/tests/unit/test_platform.h @@ -40,6 +40,7 @@ #include #include #include +#include #include "common/code_utils.hpp" #include "instance/instance.hpp" From f40eeeb1459551707ff3adc314e82842956cab03 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Mon, 8 Jan 2024 13:55:25 -0800 Subject: [PATCH 055/121] [docs] fixed some common typos (#9752) --- include/openthread/coap.h | 2 +- include/openthread/dns_client.h | 2 +- include/openthread/instance.h | 2 +- include/openthread/tcp.h | 2 +- include/openthread/thread.h | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/openthread/coap.h b/include/openthread/coap.h index 4b7149adbec..d5d02060b4d 100644 --- a/include/openthread/coap.h +++ b/include/openthread/coap.h @@ -357,7 +357,7 @@ typedef void (*otCoapResponseHandler)(void *aContext, typedef void (*otCoapRequestHandler)(void *aContext, otMessage *aMessage, const otMessageInfo *aMessageInfo); /** - * Pointer is called when a CoAP message with an block-wise transfer option is received. + * Pointer is called when a CoAP message with a block-wise transfer option is received. * * Is available when OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE configuration * is enabled. diff --git a/include/openthread/dns_client.h b/include/openthread/dns_client.h index 0fd3458045e..49dcdfdb3f2 100644 --- a/include/openthread/dns_client.h +++ b/include/openthread/dns_client.h @@ -408,7 +408,7 @@ otError otDnsBrowseResponseGetServiceName(const otDnsBrowseResponse *aResponse, * MUST only be used from `otDnsBrowseCallback`. * * The response may include multiple service instance records. @p aIndex can be used to iterate through the list. Index - * zero gives the the first record. When we reach end of the list, `OT_ERROR_NOT_FOUND` is returned. + * zero gives the first record. When we reach end of the list, `OT_ERROR_NOT_FOUND` is returned. * * Note that this function gets the service instance label and not the full service instance name which is of the form * `..`. diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 05c7ce4f0f8..1a97f96e5c8 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (388) +#define OPENTHREAD_API_VERSION (389) /** * @addtogroup api-instance diff --git a/include/openthread/tcp.h b/include/openthread/tcp.h index caa0d4efdc2..649a4b47220 100644 --- a/include/openthread/tcp.h +++ b/include/openthread/tcp.h @@ -231,7 +231,7 @@ typedef void (*otTcpDisconnected)(otTcpEndpoint *aEndpoint, otTcpDisconnectedRea /** * Represents a TCP endpoint. * - * An TCP endpoint acts an endpoint of TCP connection. It can be used to + * A TCP endpoint acts an endpoint of TCP connection. It can be used to * initiate TCP connections, and, once a TCP connection is established, send * data to and receive data from the connection peer. * diff --git a/include/openthread/thread.h b/include/openthread/thread.h index cb0d6bda244..b077001e4b7 100644 --- a/include/openthread/thread.h +++ b/include/openthread/thread.h @@ -238,7 +238,7 @@ typedef void (*otDetachGracefullyCallback)(void *aContext); * @param[in] aEnabled TRUE if Thread is enabled, FALSE otherwise. * * @retval OT_ERROR_NONE Successfully started Thread protocol operation. - * @retval OT_ERROR_INVALID_STATE The network interface was not not up. + * @retval OT_ERROR_INVALID_STATE The network interface was not up. * */ otError otThreadSetEnabled(otInstance *aInstance, bool aEnabled); From 29177dbbae087c9ff441e9a4294f523a77fac979 Mon Sep 17 00:00:00 2001 From: Li Cao Date: Wed, 10 Jan 2024 06:41:22 +0800 Subject: [PATCH 056/121] [cli] separate ping sender as a module (#9756) --- src/cli/BUILD.gn | 2 + src/cli/CMakeLists.txt | 1 + src/cli/cli.cpp | 206 +-------------------------------- src/cli/cli.hpp | 19 +-- src/cli/cli_ping.cpp | 256 +++++++++++++++++++++++++++++++++++++++++ src/cli/cli_ping.hpp | 99 ++++++++++++++++ 6 files changed, 367 insertions(+), 216 deletions(-) create mode 100644 src/cli/cli_ping.cpp create mode 100644 src/cli/cli_ping.hpp diff --git a/src/cli/BUILD.gn b/src/cli/BUILD.gn index b7ef7312a56..318a4d0b904 100644 --- a/src/cli/BUILD.gn +++ b/src/cli/BUILD.gn @@ -57,6 +57,8 @@ openthread_cli_sources = [ "cli_network_data.hpp", "cli_output.cpp", "cli_output.hpp", + "cli_ping.cpp", + "cli_ping.hpp", "cli_srp_client.cpp", "cli_srp_client.hpp", "cli_srp_server.cpp", diff --git a/src/cli/CMakeLists.txt b/src/cli/CMakeLists.txt index 022de520b06..f36439f26eb 100644 --- a/src/cli/CMakeLists.txt +++ b/src/cli/CMakeLists.txt @@ -46,6 +46,7 @@ set(COMMON_SOURCES cli_mac_filter.cpp cli_network_data.cpp cli_output.cpp + cli_ping.cpp cli_srp_client.cpp cli_srp_server.cpp cli_tcat.cpp diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index f288740bdfc..eecfeecf20f 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -152,6 +152,9 @@ Interpreter::Interpreter(Instance *aInstance, otCliOutputCallback aCallback, voi #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE , mTcat(aInstance, *this) #endif +#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE + , mPing(aInstance, *this) +#endif #if OPENTHREAD_CONFIG_TMF_ANYCAST_LOCATOR_ENABLE , mLocateInProgress(false) #endif @@ -447,57 +450,6 @@ otError Interpreter::ParseJoinerDiscerner(Arg &aArg, otJoinerDiscerner &aDiscern return error; } -#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - -otError Interpreter::ParsePingInterval(const Arg &aArg, uint32_t &aInterval) -{ - otError error = OT_ERROR_NONE; - const char *string = aArg.GetCString(); - const uint32_t msFactor = 1000; - uint32_t factor = msFactor; - - aInterval = 0; - - while (*string) - { - if ('0' <= *string && *string <= '9') - { - // In the case of seconds, change the base of already calculated value. - if (factor == msFactor) - { - aInterval *= 10; - } - - aInterval += static_cast(*string - '0') * factor; - - // In the case of milliseconds, change the multiplier factor. - if (factor != msFactor) - { - factor /= 10; - } - } - else if (*string == '.') - { - // Accept only one dot character. - VerifyOrExit(factor == msFactor, error = OT_ERROR_INVALID_ARGS); - - // Start analyzing hundreds of milliseconds. - factor /= 10; - } - else - { - ExitNow(error = OT_ERROR_INVALID_ARGS); - } - - string++; - } - -exit: - return error; -} - -#endif // OPENTHREAD_CONFIG_PING_SENDER_ENABLE - otError Interpreter::ParsePreference(const Arg &aArg, otRoutePreference &aPreference) { otError error = OT_ERROR_NONE; @@ -5550,55 +5502,6 @@ template <> otError Interpreter::Process(Arg *aArgs) #endif #if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - -void Interpreter::HandlePingReply(const otPingSenderReply *aReply, void *aContext) -{ - static_cast(aContext)->HandlePingReply(aReply); -} - -void Interpreter::HandlePingReply(const otPingSenderReply *aReply) -{ - OutputFormat("%u bytes from ", static_cast(aReply->mSize + sizeof(otIcmp6Header))); - OutputIp6Address(aReply->mSenderAddress); - OutputLine(": icmp_seq=%u hlim=%u time=%ums", aReply->mSequenceNumber, aReply->mHopLimit, aReply->mRoundTripTime); -} - -void Interpreter::HandlePingStatistics(const otPingSenderStatistics *aStatistics, void *aContext) -{ - static_cast(aContext)->HandlePingStatistics(aStatistics); -} - -void Interpreter::HandlePingStatistics(const otPingSenderStatistics *aStatistics) -{ - OutputFormat("%u packets transmitted, %u packets received.", aStatistics->mSentCount, aStatistics->mReceivedCount); - - if ((aStatistics->mSentCount != 0) && !aStatistics->mIsMulticast && - aStatistics->mReceivedCount <= aStatistics->mSentCount) - { - uint32_t packetLossRate = - 1000 * (aStatistics->mSentCount - aStatistics->mReceivedCount) / aStatistics->mSentCount; - - OutputFormat(" Packet loss = %lu.%u%%.", ToUlong(packetLossRate / 10), - static_cast(packetLossRate % 10)); - } - - if (aStatistics->mReceivedCount != 0) - { - uint32_t avgRoundTripTime = 1000 * aStatistics->mTotalRoundTripTime / aStatistics->mReceivedCount; - - OutputFormat(" Round-trip min/avg/max = %u/%u.%u/%u ms.", aStatistics->mMinRoundTripTime, - static_cast(avgRoundTripTime / 1000), static_cast(avgRoundTripTime % 1000), - aStatistics->mMaxRoundTripTime); - } - - OutputNewLine(); - - if (!mPingIsAsync) - { - OutputResult(OT_ERROR_NONE); - } -} - /** * @cli ping * @code @@ -5634,108 +5537,7 @@ void Interpreter::HandlePingStatistics(const otPingSenderStatistics *aStatistics * Note: The command will return InvalidState when the preferred NAT64 prefix is unavailable. * @sa otPingSenderPing */ -template <> otError Interpreter::Process(Arg aArgs[]) -{ - otError error = OT_ERROR_NONE; - otPingSenderConfig config; - bool async = false; - bool nat64SynthesizedAddress; - - /** - * @cli ping stop - * @code - * ping stop - * Done - * @endcode - * @par - * Stop sending ICMPv6 Echo Requests. - * @sa otPingSenderStop - */ - if (aArgs[0] == "stop") - { - otPingSenderStop(GetInstancePtr()); - ExitNow(); - } - else if (aArgs[0] == "async") - { - async = true; - aArgs++; - } - - memset(&config, 0, sizeof(config)); - - if (aArgs[0] == "-I") - { - SuccessOrExit(error = aArgs[1].ParseAsIp6Address(config.mSource)); - -#if !OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE - VerifyOrExit(otIp6HasUnicastAddress(GetInstancePtr(), &config.mSource), error = OT_ERROR_INVALID_ARGS); -#endif - aArgs += 2; - } - - if (aArgs[0] == "-m") - { - config.mMulticastLoop = true; - aArgs++; - } - - SuccessOrExit(error = ParseToIp6Address(GetInstancePtr(), aArgs[0], config.mDestination, nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) - { - OutputFormat("Pinging synthesized IPv6 address: "); - OutputIp6AddressLine(config.mDestination); - } - - if (!aArgs[1].IsEmpty()) - { - SuccessOrExit(error = aArgs[1].ParseAsUint16(config.mSize)); - } - - if (!aArgs[2].IsEmpty()) - { - SuccessOrExit(error = aArgs[2].ParseAsUint16(config.mCount)); - } - - if (!aArgs[3].IsEmpty()) - { - SuccessOrExit(error = ParsePingInterval(aArgs[3], config.mInterval)); - } - - if (!aArgs[4].IsEmpty()) - { - SuccessOrExit(error = aArgs[4].ParseAsUint8(config.mHopLimit)); - config.mAllowZeroHopLimit = (config.mHopLimit == 0); - } - - if (!aArgs[5].IsEmpty()) - { - uint32_t timeout; - - SuccessOrExit(error = ParsePingInterval(aArgs[5], timeout)); - VerifyOrExit(timeout <= NumericLimits::kMax, error = OT_ERROR_INVALID_ARGS); - config.mTimeout = static_cast(timeout); - } - - VerifyOrExit(aArgs[6].IsEmpty(), error = OT_ERROR_INVALID_ARGS); - - config.mReplyCallback = Interpreter::HandlePingReply; - config.mStatisticsCallback = Interpreter::HandlePingStatistics; - config.mCallbackContext = this; - - SuccessOrExit(error = otPingSenderPing(GetInstancePtr(), &config)); - - mPingIsAsync = async; - - if (!async) - { - error = OT_ERROR_PENDING; - } - -exit: - return error; -} - +template <> otError Interpreter::Process(Arg aArgs[]) { return mPing.Process(aArgs); } #endif // OPENTHREAD_CONFIG_PING_SENDER_ENABLE /** diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index 7b687dfb087..94798f22acf 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -69,6 +69,7 @@ #include "cli/cli_mac_filter.hpp" #include "cli/cli_network_data.hpp" #include "cli/cli_output.hpp" +#include "cli/cli_ping.hpp" #include "cli/cli_srp_client.hpp" #include "cli/cli_srp_server.hpp" #include "cli/cli_tcat.hpp" @@ -117,6 +118,7 @@ class Interpreter : public OutputImplementer, public Output friend class Joiner; friend class LinkMetrics; friend class NetworkData; + friend class PingSender; friend class SrpClient; friend class SrpServer; #endif @@ -382,9 +384,6 @@ class Interpreter : public OutputImplementer, public Output void OutputPrompt(void); void OutputResult(otError aError); -#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - otError ParsePingInterval(const Arg &aArg, uint32_t &aInterval); -#endif static otError ParseJoinerDiscerner(Arg &aArg, otJoinerDiscerner &aDiscerner); #if OPENTHREAD_CONFIG_BORDER_ROUTER_ENABLE static otError ParsePrefix(Arg aArgs[], otBorderRouterConfig &aConfig); @@ -458,10 +457,6 @@ class Interpreter : public OutputImplementer, public Output void OutputMultiRadioInfo(const otMultiRadioNeighborInfo &aMultiRadioInfo); #endif -#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - static void HandlePingReply(const otPingSenderReply *aReply, void *aContext); - static void HandlePingStatistics(const otPingSenderStatistics *aStatistics, void *aContext); -#endif static void HandleActiveScanResult(otActiveScanResult *aResult, void *aContext); static void HandleEnergyScanResult(otEnergyScanResult *aResult, void *aContext); static void HandleLinkPcapReceive(const otRadioFrame *aFrame, bool aIsTx, void *aContext); @@ -497,10 +492,6 @@ class Interpreter : public OutputImplementer, public Output static void HandleSntpResponse(void *aContext, uint64_t aTime, otError aResult); #endif -#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - void HandlePingReply(const otPingSenderReply *aReply); - void HandlePingStatistics(const otPingSenderStatistics *aStatistics); -#endif void HandleActiveScanResult(otActiveScanResult *aResult); void HandleEnergyScanResult(otEnergyScanResult *aResult); void HandleLinkPcapReceive(const otRadioFrame *aFrame, bool aIsTx); @@ -602,11 +593,11 @@ class Interpreter : public OutputImplementer, public Output #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE Tcat mTcat; #endif -#endif // OPENTHREAD_FTD || OPENTHREAD_MTD - #if OPENTHREAD_CONFIG_PING_SENDER_ENABLE - bool mPingIsAsync : 1; + PingSender mPing; #endif +#endif // OPENTHREAD_FTD || OPENTHREAD_MTD + #if OPENTHREAD_CONFIG_TMF_ANYCAST_LOCATOR_ENABLE bool mLocateInProgress : 1; #endif diff --git a/src/cli/cli_ping.cpp b/src/cli/cli_ping.cpp new file mode 100644 index 00000000000..80868c7890f --- /dev/null +++ b/src/cli/cli_ping.cpp @@ -0,0 +1,256 @@ +/* + * Copyright (c) 2024, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file implements the CLI interpreter for Ping Sender function. + */ + +#include "cli_ping.hpp" + +#include + +#include "cli/cli.hpp" +#include "cli/cli_output.hpp" +#include "common/code_utils.hpp" + +#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE + +namespace ot { +namespace Cli { + +PingSender::PingSender(otInstance *aInstance, OutputImplementer &aOutputImplementer) + : Output(aInstance, aOutputImplementer) + , mPingIsAsync(false) +{ +} + +otError PingSender::Process(Arg aArgs[]) +{ + otError error = OT_ERROR_NONE; + otPingSenderConfig config; + bool async = false; + bool nat64SynthesizedAddress; + + /** + * @cli ping stop + * @code + * ping stop + * Done + * @endcode + * @par + * Stop sending ICMPv6 Echo Requests. + * @sa otPingSenderStop + */ + if (aArgs[0] == "stop") + { + otPingSenderStop(GetInstancePtr()); + ExitNow(); + } + else if (aArgs[0] == "async") + { + async = true; + aArgs++; + } + + memset(&config, 0, sizeof(config)); + + if (aArgs[0] == "-I") + { + SuccessOrExit(error = aArgs[1].ParseAsIp6Address(config.mSource)); + +#if !OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE + VerifyOrExit(otIp6HasUnicastAddress(GetInstancePtr(), &config.mSource), error = OT_ERROR_INVALID_ARGS); +#endif + aArgs += 2; + } + + if (aArgs[0] == "-m") + { + config.mMulticastLoop = true; + aArgs++; + } + + SuccessOrExit(error = Interpreter::GetInterpreter().ParseToIp6Address( + GetInstancePtr(), aArgs[0], config.mDestination, nat64SynthesizedAddress)); + if (nat64SynthesizedAddress) + { + OutputFormat("Pinging synthesized IPv6 address: "); + OutputIp6AddressLine(config.mDestination); + } + + if (!aArgs[1].IsEmpty()) + { + SuccessOrExit(error = aArgs[1].ParseAsUint16(config.mSize)); + } + + if (!aArgs[2].IsEmpty()) + { + SuccessOrExit(error = aArgs[2].ParseAsUint16(config.mCount)); + } + + if (!aArgs[3].IsEmpty()) + { + SuccessOrExit(error = ParsePingInterval(aArgs[3], config.mInterval)); + } + + if (!aArgs[4].IsEmpty()) + { + SuccessOrExit(error = aArgs[4].ParseAsUint8(config.mHopLimit)); + config.mAllowZeroHopLimit = (config.mHopLimit == 0); + } + + if (!aArgs[5].IsEmpty()) + { + uint32_t timeout; + + SuccessOrExit(error = ParsePingInterval(aArgs[5], timeout)); + VerifyOrExit(timeout <= NumericLimits::kMax, error = OT_ERROR_INVALID_ARGS); + config.mTimeout = static_cast(timeout); + } + + VerifyOrExit(aArgs[6].IsEmpty(), error = OT_ERROR_INVALID_ARGS); + + config.mReplyCallback = PingSender::HandlePingReply; + config.mStatisticsCallback = PingSender::HandlePingStatistics; + config.mCallbackContext = this; + + SuccessOrExit(error = otPingSenderPing(GetInstancePtr(), &config)); + + mPingIsAsync = async; + + if (!async) + { + error = OT_ERROR_PENDING; + } + +exit: + return error; +} + +otError PingSender::ParsePingInterval(const Arg &aArg, uint32_t &aInterval) +{ + otError error = OT_ERROR_NONE; + const char *string = aArg.GetCString(); + const uint32_t msFactor = 1000; + uint32_t factor = msFactor; + + aInterval = 0; + + while (*string) + { + if ('0' <= *string && *string <= '9') + { + // In the case of seconds, change the base of already calculated value. + if (factor == msFactor) + { + aInterval *= 10; + } + + aInterval += static_cast(*string - '0') * factor; + + // In the case of milliseconds, change the multiplier factor. + if (factor != msFactor) + { + factor /= 10; + } + } + else if (*string == '.') + { + // Accept only one dot character. + VerifyOrExit(factor == msFactor, error = OT_ERROR_INVALID_ARGS); + + // Start analyzing hundreds of milliseconds. + factor /= 10; + } + else + { + ExitNow(error = OT_ERROR_INVALID_ARGS); + } + + string++; + } + +exit: + return error; +} + +void PingSender::HandlePingReply(const otPingSenderReply *aReply, void *aContext) +{ + static_cast(aContext)->HandlePingReply(aReply); +} + +void PingSender::HandlePingReply(const otPingSenderReply *aReply) +{ + OutputFormat("%u bytes from ", static_cast(aReply->mSize + sizeof(otIcmp6Header))); + OutputIp6Address(aReply->mSenderAddress); + OutputLine(": icmp_seq=%u hlim=%u time=%ums", aReply->mSequenceNumber, aReply->mHopLimit, aReply->mRoundTripTime); +} + +void PingSender::HandlePingStatistics(const otPingSenderStatistics *aStatistics, void *aContext) +{ + static_cast(aContext)->HandlePingStatistics(aStatistics); +} + +void PingSender::HandlePingStatistics(const otPingSenderStatistics *aStatistics) +{ + OutputFormat("%u packets transmitted, %u packets received.", aStatistics->mSentCount, aStatistics->mReceivedCount); + + if ((aStatistics->mSentCount != 0) && !aStatistics->mIsMulticast && + aStatistics->mReceivedCount <= aStatistics->mSentCount) + { + uint32_t packetLossRate = + 1000 * (aStatistics->mSentCount - aStatistics->mReceivedCount) / aStatistics->mSentCount; + + OutputFormat(" Packet loss = %lu.%u%%.", ToUlong(packetLossRate / 10), + static_cast(packetLossRate % 10)); + } + + if (aStatistics->mReceivedCount != 0) + { + uint32_t avgRoundTripTime = 1000 * aStatistics->mTotalRoundTripTime / aStatistics->mReceivedCount; + + OutputFormat(" Round-trip min/avg/max = %u/%u.%u/%u ms.", aStatistics->mMinRoundTripTime, + static_cast(avgRoundTripTime / 1000), static_cast(avgRoundTripTime % 1000), + aStatistics->mMaxRoundTripTime); + } + + OutputNewLine(); + + if (!mPingIsAsync) + { + OutputResult(OT_ERROR_NONE); + } +} + +void PingSender::OutputResult(otError aError) { Interpreter::GetInterpreter().OutputResult(aError); } + +} // namespace Cli +} // namespace ot + +#endif // OPENTHREAD_CONFIG_PING_SENDER_ENABLE diff --git a/src/cli/cli_ping.hpp b/src/cli/cli_ping.hpp new file mode 100644 index 00000000000..e517506bd6f --- /dev/null +++ b/src/cli/cli_ping.hpp @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2024, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file contains definitions for the CLI interpreter for Ping Sneder function. + */ + +#ifndef CLI_PING_SENDER_HPP_ +#define CLI_PING_SENDER_HPP_ + +#include "openthread-core-config.h" + +#include + +#include "cli/cli_output.hpp" + +#if OPENTHREAD_CONFIG_PING_SENDER_ENABLE + +namespace ot { +namespace Cli { + +/** + * Implements the Ping Sender CLI interpreter. + * + */ + +class PingSender : private Output +{ +public: + typedef Utils::CmdLineParser::Arg Arg; + + /** + * Constructor + * + * @param[in] aInstance The OpenThread Instance. + * @param[in] aOutputImplementer An `OutputImplementer`. + * + */ + PingSender(otInstance *aInstance, OutputImplementer &aOutputImplementer); + + /** + * Processes a CLI sub-command. + * + * @param[in] aArgs An array of command line arguments. + * + * @retval OT_ERROR_NONE Successfully executed the CLI command. + * @retval OT_ERROR_PENDING The CLI command was successfully started but final result is pending. + * @retval OT_ERROR_INVALID_COMMAND Invalid or unknown CLI command. + * @retval OT_ERROR_INVALID_ARGS Invalid arguments. + * @retval ... Error during execution of the CLI command. + * + */ + otError Process(Arg aArgs[]); + +private: + otError ParsePingInterval(const Arg &aArg, uint32_t &aInterval); + + static void HandlePingReply(const otPingSenderReply *aReply, void *aContext); + void HandlePingReply(const otPingSenderReply *aReply); + static void HandlePingStatistics(const otPingSenderStatistics *aStatistics, void *aContext); + void HandlePingStatistics(const otPingSenderStatistics *aStatistics); + + void OutputResult(otError aError); + + bool mPingIsAsync : 1; +}; + +} // namespace Cli +} // namespace ot + +#endif // OPENTHREAD_CONFIG_PING_SENDER_ENABLE + +#endif // CLI_PING_SENDER_HPP_ From 83d3800db3ce5b7a59d18e535da20b7201070984 Mon Sep 17 00:00:00 2001 From: gavinmcgovern <81183035+gavinmcgovern@users.noreply.github.com> Date: Tue, 9 Jan 2024 22:48:00 -0800 Subject: [PATCH 057/121] [docs] add Aqara to who supports list (#9758) --- README.md | 2 +- doc/images/ot-contrib-aqara.png | Bin 0 -> 5568 bytes 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 doc/images/ot-contrib-aqara.png diff --git a/README.md b/README.md index 0c4a4f58aec..ba4fb108e87 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ More information about Thread can be found at [threadgroup.org](http://threadgro # Who supports OpenThread? -AmazonARMCascodaEeroEspressifGoogleInfineonMMB NetworksNabu CasaNanoleafNordicNXPQorvoQualcommSamsungSilicon LabsSTMicroelectronicsSynopsysTelink SemiconductorTexas InstrumentsZephyr Project +AmazonAqaraARMCascodaEeroEspressifGoogleInfineonMMB NetworksNabu CasaNanoleafNordicNXPQorvoQualcommSamsungSilicon LabsSTMicroelectronicsSynopsysTelink SemiconductorTexas InstrumentsZephyr Project # Getting started diff --git a/doc/images/ot-contrib-aqara.png b/doc/images/ot-contrib-aqara.png new file mode 100644 index 0000000000000000000000000000000000000000..7fed684758aff791f252da26c36605affe22eef3 GIT binary patch literal 5568 zcmX9?2RzjO|3BF$aXJ#&LRKfTiHszh>~z*$$mZ;wY~su_N=9__wMXV5ijZ+-6Pb~{ zvVQOW|9d<>_x?OSkI#MX^ZC4! z5Rw-TDk^#pRa7|LJX}!@&+Q=)f#jfM1&vNUc%-hO+E8pXn=1T{5r0!jv~Br)nBWWZ z{Ku5ojB{n|OWseP^xZ_HkE%_*-Q2$u36JT?LX>jYa^O!2yG~N>$1&fQpXu>CyfM>6 zN55uYY{n+0G~z6t79E$h{(fvf781^^bX(mXb=@;1^@VHDw4oI7Nhf+xW~4E?g-%P~({OPFcG)WOzR z;_ke|eDwR()Z2FQ#xkz%-+Lc_Z{`oN7I^ocuxIXfDhAUo2Ht2rJvD0kvFPCsSQ{?2 zWp|E?ir*QZi(cW$)Dy{#-Y8?v=0dgt>WqUOhaW*dg$-QmIc6sPhzV2gcW+H%d*^~)w>%i@2dVdJ{PP9h>6WP7fp*M5j-kCTe}gy!?BNZOk~hZ%PK=FZ|yd0enfng7;IGci&prsIfI zEkhGFmFjhwgdFxtl^k3P5u00JTQBzYxDKzDB10uX$iRYz1#wQ)qHvIb=1aWeT2?C+Xp!ECL42TtvRi}zW%H1 z>_=tQ&&Tih?)FQC^(=&`7m$=1LCws}^vumQ1Nm;>rn|4AGCqV7!-N)4MMg$aLE=sH z^yr!3@HfVIw!O=0`Xzb-Zas-?pBFu@zow<5`w@^x9yb)P&yy*kz3^5oj+wk~a+3A; z+S+Bs|A>y;bA$+0f~c_YjY^EdM|GiYXwpT|K_V_lD@OGadLU;=XxXFD?exe!Q`Y-E zVOi$Jm9FmYjx-??PH}O=&GSf_Yn%uK{S7v@jfupW8LL;CMS4%4($R4!l11JpAtfc9 z`}K?L&!0aCza2Yp1;MT3KsO&Bj^tJsS652#TnPyY--tx=mX;PJeR#vikKs{Klv-JL z$gP5p?YFkKNv@!e?!j=y`IVJ0UIuDV^$0D#fal!}jg48_x_nsWCr{W$fBaBEqxl8W zG`~64&aJOszRIujVmUA1N?>4M=-_e$9xsINRg78aNfQ6y6&4m&VkD?tj7>{ZD=g3x zSnmjU`jlg)HHfv|c~af7GV4RRMZJxg+4Y0{{qdF%4#mJ|n@Z+_f&%R&T~2zWxjD;s zB9Ti?AG2IpR79@E4SV_G#mY7}9IDTU&C+@#nqjM~O!DDL)Aus5GbGDbdr{J3Of^}H$E%*aS}{Y`p0Q}yb`cy(0rOh+V5Wn0@UpS+KkSEd3hYg6m_ zU#Io8wW?Ba5ncWjs{pOqw99<$8almS zYLsub!M(t2ljibeyFd=@5do$+5o3$~AtqjiFBM-tMN=|cHn@?@gj@uvyFT~y6nAU1 zj9bZ*^@b`Q|GL`Z;p*z@yEPZ4HdFupy&x4ewHQkqD?L4=wY3!yaPT}+%$5TDKo3vk zOxAc)QbP3}kI!#t7~`Z>d`&k#KEAbv{}0DFkcq=V`!a4znI`ou-bW%in|FGJ5a@v$ zTL%Xe{QUf{`WE%{^+^^N7u}Wz*j{PyQml4$bt!3T#+v0B#J)uy{+X`u+eJm}`^vME zQBZ^{afXgpqdQY?87c|D!?D87UmdC@CW}cvCq1rVWnpGs7N{(}>j!3Y}VZN@c)wnOHr)u!3JIlqW+871V($I9C zo(86Vu~U68(B2NgczMmOj=W2#lM)qmF?~J&W7H}&ik+F6iDz@$UDC!Yv;ba=uc>#P zb*W=(_Wo@gL7I-kIUZo*wfH(!qOM#o%zpI>nS!pUuEv(Ml0qoR$dJLot>csIL?V%y zmDTB0Pk8tx>@x-5t@gPn4i*;2Dkxw+cjEiU6vqrPswf)$fB-o@K0cPhfM1`J-&r64 zeSICeEcVRHt*tc&;qT)unh(+`s;CWXghy)95@acAsDvOYD8Nx|xXJ;q6=Jf2WvaqmA zaM{e<97ovTDK+}*1x2~K-d^ZoXJw7s*w~N^cmSB)b{S=7m#NkBtxiKnCy^Ks0BGE` z?MyxJft_6;!8z~GAD8(qE;zKZwwAco3htP~q-5lsE^Ab6-G*<-=9FU^4W zEGv*C?oW@p6Idn3du9Ch1S(r*gAS)hZe@mCoYh;|0uDqOp5?w3(9+Q0oG>q5clbU! zN>7Pi9>|r9i_RB-VzJm5{7wWVUG(5NkWN+hxY*d|-(LfOsLIL7%HkSo)$~&d#NjEC zvXJxRD1l!N4i1w0VZu*ab3XeR8jg(cXR45+_ScC1Yk2hn0ziR$;1Pn4pWoKsUv}oB zcV8LpAB%by7~0ryvgFn+wM!8(2l@@i+D<93;p->Da+6n3fCT#@;5i423qM~&&A+ouN z%ulKV4qdv@9v&Xdzfb=D#j&jd<#}KolRucOkVr5GiguN}{NqRS|AO7!#oX2Ee_S^j z{sk~Zc*edyRvA$lY+#TwzWJfN{3eC{n2_wds;ZO~G8>$*bC|WR$nfkeolT|hHB;%u@&meJfC~8Th-rp1E%maKYWXce|D+CMKArK1AN< zIyyQUD+ z`pTeG!hEo&htkH@cE2~k-+yjzb%bJ2Bt=mxAZSliRJ7~a>wy8C?k|zl;^={zN#@qA z4x0Ey04xLo@kR2Vs55w$W0QvfNm%M629b{Ch5NK5AH2Lk{LOaf^SxvVrArZ!bQG z02qvuA%;R6;WG6mX=>_a3Pqj+IW-h&(+nJ0yQ$8Igl%Js?!KIy+|>oGD4P}NzFphI zuFB0%h=o_*oKi}E&d=Kn{ZePa^7H!yl;etPe6*lTXD5gG01vuEzdJ3wuLq^F*faXb z*^|%)Pjq#4Go@VF7h2ZWpLdh+lYhh;2{zG2b1~xJ>&^qcHbCz#k2x11)QI(UgTl(L zuA3Ego~GoxW0ki4q!Yu#cUE|Ccb%AyPEN8_H*Wywv&WSK-Pk zDiPCU*kXqU@89WP_TOn|cbmF=^+VBq{P+=Bh;W}*?cPaAVVHMxj1x=NEYf|4{0{6F z&@C%JC#T<>7Kwd}9T`u99T@tLj(n>VZyX;TwWr*C#Jp*bLak9}XJlNneUhx9T63>F z@_s(zQOW7)DRbZM&d$1Ix=L-{PqK$9zIPll%JYo`Y0vYCnM_|nQ;DY!;_lMq0YXte z=o>D2#3d${{H$loS6&)$$Jf{QW`)^va&qQc4rgqe|9KOIebksn;355dCs;VmH zO%c-yC0&J|ZqgM%z8c(qhR>Yq+u89(f3k^ANT~fxfH5(3n+C5A-)vD(rlh3wJ)HKr z{+mO_qiYGnq&-prj7{~5zrTOSRHNth&D?t-GfRR#78b1QfFQbzwZOaYCf!m{P;i@T zC&|WFgOCDlFRCrS6Sit-W#!@ysn&Vd37WF3w6xMJy^fYulAd%j>ZNJ2jWglJRmP?H zH6kAMnzYb?rS0s%!bT!q#N&p7A4STj&z9@h+_xj!;;lzVhwDW}?&ZKLsIrSbZGAo> z28&Up=;7t(M?Zi0OCKJYE$Ph7H^~yyCW@3DzjX1^l$Q4Quw!kPsRg7$*8MwAO>M0; z68T0AS!*^pICySjqkrYgjWyUJc%SxtOmACQuU;jkrKL6A=E>-@?#JC#--TTF zaCDyjn6^EWC64Cg;v$h?NqCI02fPTpQTww{5Dfwk#?kSInvWh?0}U~j3uj?v<>KQ* zb=5_#x7t`WdPGW3dSNh$qov|g^{yQ5d>pu5m4YGWuSj+{+|FGv6^CPqkB^tQWtg3x z%JkA$8`2J78uvH5*g@XsPtK4Ed1s>y_xVLdO@6RNgBzFax3*gXqN02sKI=vb;)#wi zxfz+6(LB^Ks`uq(JWdXrTmJ6v?^AfLK_JD2g_&jQ-abCI>gq4eZov~4aWbAu@r31w z@bIm{dlwSN2!C(yyJE|m8Z>;|GWti@A78Ni+KT4iCng*vC`SyrG8tmJT)xzmsewQu zYT58AxjyLRKuk8Ps=8X6rL3zjZ!KEM7M zT3s#P)zhN_;@PLHlZW(FWSmTK|KMhOZ-){VQ;G9j`g%PNzFRC2JS9CJg9RRDKHu^m z0i0~qD+AT7bDn&@BUWZ!3w3mKoGVCD3GAdr2dICJX1W^hc`0?Xf3Kq*H zE`D`sAlGT9H1B74L%!Jh}Iy%{GTZm;8y6l2KJz7XIH88k8<%q1R%rXd1Art52?fNqt4!91O zh_8Kpo!Z%wF#em0ual^$seJ*9v{0`kBU75|{!z>6WCoa*eAQh53iu=STKfHhp-@Xv zv{90;e4ZLVFFgznB?mV5+p5>x$_kZ>i_07^#}X5_L_}y6&-M(v+x?0?9*H3k5X~Zn zQOCProHH;mfUxc$!y4@Zs%??rzH;Tt+~VTh6^_PdxR>4C>McnBD^a9YR#uq)n)baX z2YY*=nnjml--dSn49(7F1qd1v;3!nJ#qw!$7n@g7U}B;c+@vECJrXeS9QT0K$VyB9 zBQ9TG-}ng(Z~_)NW{Ih<;=UyE+n=$zxJlpG+S`-(?RLfkW=MXfK|BkgV9Hf+r3_hx zBtZE<%}fb)gm6YJu=9VjFriGa!>luQvpqD@8}v?8YpY_5hlz Date: Wed, 10 Jan 2024 15:17:28 +0800 Subject: [PATCH 058/121] [ncp] differentiate DETACHED role and DISABLED role (#9760) --- src/ncp/ncp_base_mtd.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/ncp/ncp_base_mtd.cpp b/src/ncp/ncp_base_mtd.cpp index f5b06dd55ce..fc233a657cd 100644 --- a/src/ncp/ncp_base_mtd.cpp +++ b/src/ncp/ncp_base_mtd.cpp @@ -536,6 +536,9 @@ template <> otError NcpBase::HandlePropertyGet(void) switch (otThreadGetDeviceRole(mInstance)) { case OT_DEVICE_ROLE_DISABLED: + role = SPINEL_NET_ROLE_DISABLED; + break; + case OT_DEVICE_ROLE_DETACHED: role = SPINEL_NET_ROLE_DETACHED; break; From b28bb1d1e04cf22ccd6e1d75f5a225fa6db5ed43 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 10 Jan 2024 10:37:03 -0800 Subject: [PATCH 059/121] [srp] update config for auto-start mode to be enabled by default (#9738) Config `OPENTHREAD_CONFIG_SRP_CLIENT_AUTO_START_DEFAULT_MODE` is changed to use `1` by default (unless explicitly overridden in project configs). It also updates related test scripts to utilize auto-start mode or explicitly disable it for manual SRP client control, reflecting this default change. --- src/core/config/srp_client.h | 2 +- .../border_router/test_plat_udp_accessiblity.py | 1 + tests/scripts/thread-cert/node.py | 2 +- tests/scripts/thread-cert/test_dnssd.py | 4 ---- .../thread-cert/test_srp_auto_host_address.py | 4 +--- .../thread-cert/test_srp_auto_start_mode.py | 4 +--- .../thread-cert/test_srp_client_change_lease.py | 4 ++-- .../test_srp_client_save_server_info.py | 2 -- tests/scripts/thread-cert/test_srp_lease.py | 8 ++++---- .../thread-cert/test_srp_name_conflicts.py | 16 +++++++++------- .../test_srp_register_500_services.py | 4 +--- .../test_srp_register_single_service.py | 3 ++- .../thread-cert/test_srp_server_reboot_port.py | 4 +--- tests/scripts/thread-cert/test_srp_ttl.py | 3 ++- tests/toranj/cli/test-400-srp-client-server.py | 3 +-- tools/otci/tests/test_otci.py | 2 -- 16 files changed, 27 insertions(+), 39 deletions(-) diff --git a/src/core/config/srp_client.h b/src/core/config/srp_client.h index cf3d6a2341b..34c9abfb64b 100644 --- a/src/core/config/srp_client.h +++ b/src/core/config/srp_client.h @@ -79,7 +79,7 @@ * */ #ifndef OPENTHREAD_CONFIG_SRP_CLIENT_AUTO_START_DEFAULT_MODE -#define OPENTHREAD_CONFIG_SRP_CLIENT_AUTO_START_DEFAULT_MODE 0 +#define OPENTHREAD_CONFIG_SRP_CLIENT_AUTO_START_DEFAULT_MODE 1 #endif /** diff --git a/tests/scripts/thread-cert/border_router/test_plat_udp_accessiblity.py b/tests/scripts/thread-cert/border_router/test_plat_udp_accessiblity.py index 5ed84bc0b0c..ea491a97f65 100755 --- a/tests/scripts/thread-cert/border_router/test_plat_udp_accessiblity.py +++ b/tests/scripts/thread-cert/border_router/test_plat_udp_accessiblity.py @@ -74,6 +74,7 @@ def test(self): router.start() self.simulator.go(config.ROUTER_STARTUP_DELAY) self.assertEqual('router', router.get_state()) + router.srp_client_stop() # Router1 can ping to/from the Host on infra link. self.assertTrue(router.ping(br.get_rloc())) diff --git a/tests/scripts/thread-cert/node.py b/tests/scripts/thread-cert/node.py index b1b94082f77..5359848e892 100755 --- a/tests/scripts/thread-cert/node.py +++ b/tests/scripts/thread-cert/node.py @@ -1262,7 +1262,7 @@ def srp_client_enable_auto_start_mode(self): self._expect_done() def srp_client_disable_auto_start_mode(self): - self.send_command(f'srp client autostart able') + self.send_command(f'srp client autostart disable') self._expect_done() def srp_client_get_server_address(self): diff --git a/tests/scripts/thread-cert/test_dnssd.py b/tests/scripts/thread-cert/test_dnssd.py index 0110c1efb1b..38c4f85ef39 100755 --- a/tests/scripts/thread-cert/test_dnssd.py +++ b/tests/scripts/thread-cert/test_dnssd.py @@ -237,10 +237,6 @@ def _config_srp_client_services(self, weight, addrs, subtypes=''): - client.netdata_show() - srp_server_port = client.get_srp_server_port() - - client.srp_client_start(server.get_mleid(), srp_server_port) client.srp_client_set_host_name(hostname) client.srp_client_set_host_address(*addrs) client.srp_client_add_service(instancename, SERVICE + subtypes, port, priority, weight) diff --git a/tests/scripts/thread-cert/test_srp_auto_host_address.py b/tests/scripts/thread-cert/test_srp_auto_host_address.py index f714e6c4ad0..88d0718aa59 100755 --- a/tests/scripts/thread-cert/test_srp_auto_host_address.py +++ b/tests/scripts/thread-cert/test_srp_auto_host_address.py @@ -86,10 +86,8 @@ def test(self): self.simulator.go(5) #------------------------------------------------------------------- - # Enable auto start mode on SRP client + # Check auto start mode on SRP client - self.assertEqual(client.srp_client_get_state(), 'Disabled') - client.srp_client_enable_auto_start_mode() self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') self.simulator.go(2) diff --git a/tests/scripts/thread-cert/test_srp_auto_start_mode.py b/tests/scripts/thread-cert/test_srp_auto_start_mode.py index 8fbcdda2dc3..ee0cfabcd76 100755 --- a/tests/scripts/thread-cert/test_srp_auto_start_mode.py +++ b/tests/scripts/thread-cert/test_srp_auto_start_mode.py @@ -107,10 +107,8 @@ def test(self): self.simulator.go(5) #------------------------------------------------------------------- - # Enable auto start mode on client and check that server1 is selected + # Check auto start mode on client and check that server1 is selected - self.assertEqual(client.srp_client_get_state(), 'Disabled') - client.srp_client_enable_auto_start_mode() self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') self.simulator.go(2) diff --git a/tests/scripts/thread-cert/test_srp_client_change_lease.py b/tests/scripts/thread-cert/test_srp_client_change_lease.py index 37b03d3dfc0..e55df644865 100755 --- a/tests/scripts/thread-cert/test_srp_client_change_lease.py +++ b/tests/scripts/thread-cert/test_srp_client_change_lease.py @@ -89,7 +89,6 @@ def test(self): self.assertEqual(server.get_state(), 'leader') self.simulator.go(5) - client.srp_server_set_enabled(False) client.start() self.simulator.go(config.ROUTER_STARTUP_DELAY) self.assertEqual(client.get_state(), 'router') @@ -98,9 +97,10 @@ def test(self): # 1. Register a single service and verify that it works. # + self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') + client.srp_client_set_host_name('my-host') client.srp_client_set_host_address('2001::1') - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) client.srp_client_add_service('my-service', '_ipps._tcp', 12345) self.simulator.go(2) diff --git a/tests/scripts/thread-cert/test_srp_client_save_server_info.py b/tests/scripts/thread-cert/test_srp_client_save_server_info.py index cb277e5fc68..5018aad08da 100755 --- a/tests/scripts/thread-cert/test_srp_client_save_server_info.py +++ b/tests/scripts/thread-cert/test_srp_client_save_server_info.py @@ -105,8 +105,6 @@ def test(self): client.srp_client_set_host_address('2001::1') client.srp_client_add_service('my-service', '_ipps._tcp', 12345) - self.assertEqual(client.srp_client_get_state(), 'Disabled') - client.srp_client_enable_auto_start_mode() self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') self.simulator.go(WAIT_TIME) diff --git a/tests/scripts/thread-cert/test_srp_lease.py b/tests/scripts/thread-cert/test_srp_lease.py index 6d147117c86..b259c21a567 100755 --- a/tests/scripts/thread-cert/test_srp_lease.py +++ b/tests/scripts/thread-cert/test_srp_lease.py @@ -83,7 +83,6 @@ def test(self): self.assertEqual(server.get_state(), 'leader') self.simulator.go(5) - client.srp_server_set_enabled(False) client.start() self.simulator.go(config.ROUTER_STARTUP_DELAY) self.assertEqual(client.get_state(), 'router') @@ -92,9 +91,10 @@ def test(self): # 1. Register a single service and verify that it works. # + self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') + client.srp_client_set_host_name('my-host') client.srp_client_set_host_address('2001::1') - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) client.srp_client_add_service('my-service', '_ipps._tcp', 12345) self.simulator.go(2) @@ -113,7 +113,7 @@ def test(self): self.assertEqual(server.srp_server_get_service('my-service', '_ipps._tcp')['deleted'], 'true') # Start the client again, the same service should be successfully registered. - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) + client.srp_client_enable_auto_start_mode() self.simulator.go(2) self.check_host_and_service(server, client) @@ -131,7 +131,7 @@ def test(self): self.assertEqual(len(server.srp_server_get_services()), 0) # Start the client again, the same service should be successfully registered. - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) + client.srp_client_enable_auto_start_mode() self.simulator.go(2) self.check_host_and_service(server, client) diff --git a/tests/scripts/thread-cert/test_srp_name_conflicts.py b/tests/scripts/thread-cert/test_srp_name_conflicts.py index 4451eab2dae..984547f70ab 100755 --- a/tests/scripts/thread-cert/test_srp_name_conflicts.py +++ b/tests/scripts/thread-cert/test_srp_name_conflicts.py @@ -101,9 +101,10 @@ def test(self): # 1. Register a single service and verify that it works. # + self.assertEqual(client_1.srp_client_get_auto_start_mode(), 'Enabled') + client_1.srp_client_set_host_name('my-host-1') client_1.srp_client_set_host_address('2001::1') - client_1.srp_client_start(server.get_addrs()[0], client_1.get_srp_server_port()) client_1.srp_client_add_service('my-service-1', '_ipps._tcp', 12345) self.simulator.go(2) @@ -139,9 +140,10 @@ def test(self): # 2. Register with the same host name from the second client and it should fail. # + self.assertEqual(client_2.srp_client_get_auto_start_mode(), 'Enabled') + client_2.srp_client_set_host_name('my-host-1') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-2', '_ipps._tcp', 12345) self.simulator.go(2) @@ -160,9 +162,9 @@ def test(self): # 3. Register with the same service name from the second client and it should fail. # + client_2.srp_client_enable_auto_start_mode() client_2.srp_client_set_host_name('my-host-2') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-1', '_ipps._tcp', 12345) self.simulator.go(2) @@ -182,9 +184,9 @@ def test(self): # from the second client and it should pass. # + client_2.srp_client_enable_auto_start_mode() client_2.srp_client_set_host_name('my-host-2') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-1', '_ipps2._tcp', 12345) self.simulator.go(2) @@ -209,9 +211,9 @@ def test(self): # 5. Register with different host & service instance name, it should succeed. # + client_2.srp_client_enable_auto_start_mode() client_2.srp_client_set_host_name('my-host-2') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-2', '_ipps._tcp', 12345) self.simulator.go(2) @@ -241,9 +243,9 @@ def test(self): client_1.srp_client_remove_service('my-service-1', '_ipps._tcp') self.simulator.go(2) + client_2.srp_client_enable_auto_start_mode() client_2.srp_client_set_host_name('my-host-2') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-1', '_ipps._tcp', 12345) self.simulator.go(2) @@ -284,10 +286,10 @@ def test(self): # Client 2 registers the same host & service instance name with Client 1. client_2.srp_client_stop() + client_2.srp_client_enable_auto_start_mode() client_2.srp_client_clear_host() client_2.srp_client_set_host_name('my-host-1') client_2.srp_client_set_host_address('2001::2') - client_2.srp_client_start(server.get_addrs()[0], client_2.get_srp_server_port()) client_2.srp_client_add_service('my-service-1', '_ipps._tcp', 12345) self.simulator.go(2) diff --git a/tests/scripts/thread-cert/test_srp_register_500_services.py b/tests/scripts/thread-cert/test_srp_register_500_services.py index 54719ddc9b5..e69fc3e2f7d 100644 --- a/tests/scripts/thread-cert/test_srp_register_500_services.py +++ b/tests/scripts/thread-cert/test_srp_register_500_services.py @@ -132,13 +132,11 @@ def clients(): for fed in feds(): self.assertEqual(fed.get_state(), 'child') - server_addr = server.get_rloc() - for clientid in CLIENT_IDS: client = self.nodes[clientid] + self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') client.srp_client_set_host_name(f'client{clientid}') client.srp_client_set_host_address(f'2001::{clientid}') - client.srp_client_start(server_addr, client.get_srp_server_port()) for instanceid in INSTANCE_IDS: client.srp_client_add_service(f'client{clientid}_{instanceid}', SERVICE_NAME, SERVICE_PORT) diff --git a/tests/scripts/thread-cert/test_srp_register_single_service.py b/tests/scripts/thread-cert/test_srp_register_single_service.py index 621ad578c8f..33d298b721b 100755 --- a/tests/scripts/thread-cert/test_srp_register_single_service.py +++ b/tests/scripts/thread-cert/test_srp_register_single_service.py @@ -89,9 +89,10 @@ def test(self): # 1. Register a single service and verify that it works. # + self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') + client.srp_client_set_host_name('my-host') client.srp_client_set_host_address('2001::1') - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) client.srp_client_add_service('my-service', '_ipps._tcp', 12345, 0, 0, ['abc', 'def=', 'xyz=XYZ']) self.simulator.go(2) diff --git a/tests/scripts/thread-cert/test_srp_server_reboot_port.py b/tests/scripts/thread-cert/test_srp_server_reboot_port.py index 411b598a51f..d78dc118bab 100755 --- a/tests/scripts/thread-cert/test_srp_server_reboot_port.py +++ b/tests/scripts/thread-cert/test_srp_server_reboot_port.py @@ -84,11 +84,9 @@ def test(self): self.assertEqual(server.get_state(), 'router') # - # 1. Enable auto start mode on client and check that server is used. + # 1. Check auto start mode on client and check that server is used. # - self.assertEqual(client.srp_client_get_state(), 'Disabled') - client.srp_client_enable_auto_start_mode() self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') self.simulator.go(2) self.assertEqual(client.srp_client_get_state(), 'Enabled') diff --git a/tests/scripts/thread-cert/test_srp_ttl.py b/tests/scripts/thread-cert/test_srp_ttl.py index 93cc818817e..9c3a149dbf5 100755 --- a/tests/scripts/thread-cert/test_srp_ttl.py +++ b/tests/scripts/thread-cert/test_srp_ttl.py @@ -85,9 +85,10 @@ def test(self): self.simulator.go(config.ROUTER_STARTUP_DELAY) self.assertEqual(client.get_state(), 'router') + self.assertEqual(client.srp_client_get_auto_start_mode(), 'Enabled') + client.srp_client_set_host_name('my-host') client.srp_client_set_host_address('2001::1') - client.srp_client_start(server.get_addrs()[0], client.get_srp_server_port()) client.srp_client_add_service('my-service', '_ipps._tcp', 12345) self.simulator.go(2) diff --git a/tests/toranj/cli/test-400-srp-client-server.py b/tests/toranj/cli/test-400-srp-client-server.py index a74d261536c..e65d6fffbb7 100755 --- a/tests/toranj/cli/test-400-srp-client-server.py +++ b/tests/toranj/cli/test-400-srp-client-server.py @@ -61,11 +61,10 @@ verify(server.srp_server_get_state() == 'disabled') verify(server.srp_server_get_addr_mode() == 'unicast') verify(client.srp_client_get_state() == 'Disabled') -verify(client.srp_client_get_auto_start_mode() == 'Disabled') +verify(client.srp_client_get_auto_start_mode() == 'Enabled') # Start server and client and register single service server.srp_server_enable() -client.srp_client_enable_auto_start_mode() client.srp_client_set_host_name('host') client.srp_client_set_host_address('fd00::cafe') diff --git a/tools/otci/tests/test_otci.py b/tools/otci/tests/test_otci.py index 8e5a598c588..011c8a3796d 100644 --- a/tools/otci/tests/test_otci.py +++ b/tools/otci/tests/test_otci.py @@ -406,8 +406,6 @@ def _test_otci_srp(self, client: OTCI, server: OTCI): self.assertEqual([], server.srp_server_get_hosts()) self.assertEqual('running', server.srp_server_get_state()) - self.assertFalse(client.srp_client_get_autostart()) - client.srp_client_enable_autostart() self.assertTrue(client.srp_client_get_autostart()) client.wait(3) self.assertTrue(client.srp_client_get_state()) From 2b0e2af98a5cd3ef7e5134debf43bbb48264c1ea Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 11 Jan 2024 08:41:17 -0800 Subject: [PATCH 060/121] [test] move heap plat APIs in unit test under `extern "C"` block (#9766) --- tests/unit/test_routing_manager.cpp | 59 +++++++++++++++-------------- 1 file changed, 30 insertions(+), 29 deletions(-) diff --git a/tests/unit/test_routing_manager.cpp b/tests/unit/test_routing_manager.cpp index 5f1ac2f9675..6fc0a37d5dc 100644 --- a/tests/unit/test_routing_manager.cpp +++ b/tests/unit/test_routing_manager.cpp @@ -342,6 +342,36 @@ otError otPlatInfraIfSendIcmp6Nd(uint32_t aInfraIfIndex, return OT_ERROR_NONE; } +//---------------------------------------------------------------------------------------------------------------------- + +Array sHeapAllocatedPtrs; + +#if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE + +void *otPlatCAlloc(size_t aNum, size_t aSize) +{ + void *ptr = calloc(aNum, aSize); + + SuccessOrQuit(sHeapAllocatedPtrs.PushBack(ptr)); + + return ptr; +} + +void otPlatFree(void *aPtr) +{ + if (aPtr != nullptr) + { + void **entry = sHeapAllocatedPtrs.Find(aPtr); + + VerifyOrQuit(entry != nullptr, "A heap allocated item is freed twice"); + sHeapAllocatedPtrs.Remove(*entry); + } + + free(aPtr); +} + +#endif + } // extern "C" //--------------------------------------------------------------------------------------------------------------------- @@ -536,35 +566,6 @@ void ValidateRouterAdvert(const Icmp6Packet &aPacket) //---------------------------------------------------------------------------------------------------------------------- -Array sHeapAllocatedPtrs; - -#if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE - -void *otPlatCAlloc(size_t aNum, size_t aSize) -{ - void *ptr = calloc(aNum, aSize); - - SuccessOrQuit(sHeapAllocatedPtrs.PushBack(ptr)); - - return ptr; -} - -void otPlatFree(void *aPtr) -{ - if (aPtr != nullptr) - { - void **entry = sHeapAllocatedPtrs.Find(aPtr); - - VerifyOrQuit(entry != nullptr, "A heap allocated item is freed twice"); - sHeapAllocatedPtrs.Remove(*entry); - } - - free(aPtr); -} -#endif - -//---------------------------------------------------------------------------------------------------------------------- - void LogRouterAdvert(const Icmp6Packet &aPacket) { Ip6::Nd::RouterAdvertMessage raMsg(aPacket); From 2a2545348db1a48517dfb0dcc0971e86a860d899 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Thu, 11 Jan 2024 08:41:30 -0800 Subject: [PATCH 061/121] [dtls] fix `OPENTHREAD_CONFIG_DTLS_ENABLE` check (#9767) --- src/core/config/secure_transport.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/config/secure_transport.h b/src/core/config/secure_transport.h index 854700d913d..eb636baa7fc 100644 --- a/src/core/config/secure_transport.h +++ b/src/core/config/secure_transport.h @@ -72,7 +72,7 @@ OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || OPENTHREAD_CONFIG_JOINER_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE) #endif -#if OPENTHREAD_CONFIG_DTLS_ENABLE +#ifdef OPENTHREAD_CONFIG_DTLS_ENABLE #error "OPENTHREAD_CONFIG_DTLS_ENABLE is deprecated please use OPENTHREAD_CONFIG_SECURE_TRANSPORT_ENABLE instead" #endif From 5576e0ce0d24f559fe8e938687536568a68643aa Mon Sep 17 00:00:00 2001 From: SherySheng Date: Fri, 12 Jan 2024 02:13:24 +0800 Subject: [PATCH 062/121] [cli] add pd state (#9757) --- src/cli/README_BR.md | 32 ++++++++++++++++++++++ src/cli/cli_br.cpp | 63 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) diff --git a/src/cli/README_BR.md b/src/cli/README_BR.md index dcc174cfa9c..189de8a6f09 100644 --- a/src/cli/README_BR.md +++ b/src/cli/README_BR.md @@ -12,6 +12,7 @@ Usage : `br [command] ...` - [nat64prefix](#nat64prefix) - [omrprefix](#omrprefix) - [onlinkprefix](#onlinkprefix) +- [pd](#pd) - [prefixtable](#prefixtable) - [rioprf](#rioprf) - [routeprf](#routeprf) @@ -33,6 +34,7 @@ disable enable omrprefix onlinkprefix +pd prefixtable rioprf routeprf @@ -176,6 +178,36 @@ fd14:1078:b3d5:b0b0:0:0::/96 Done ``` +### pd + +Usage: `br pd [enable|disable]` + +Enable/Disable the DHCPv6 PD. + +```bash +> br pd enable +Done + +> br pd disable +Done +``` + +Usage: `br pd state` + +Get the state of DHCPv6 PD. + +`OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE` is required. + +- `disabled`: DHCPv6 PD is disabled on the border router. +- `stopped`: DHCPv6 PD in enabled but won't try to request and publish a prefix. +- `running`: DHCPv6 PD is enabled and will try to request and publish a prefix. + +```bash +> br pd state +running +Done +``` + ### prefixtable Usage: `br prefixtable` diff --git a/src/cli/cli_br.cpp b/src/cli/cli_br.cpp index bd4d0dfe57d..9c77c7d07f5 100644 --- a/src/cli/cli_br.cpp +++ b/src/cli/cli_br.cpp @@ -435,6 +435,66 @@ template <> otError Br::Process(Arg aArgs[]) return error; } +#if OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE +template <> otError Br::Process(Arg aArgs[]) +{ + otError error = OT_ERROR_NONE; + + /** + * @cli br pd (enable,disable) + * @code + * br pd enable + * Done + * @endcode + * @code + * br pd disable + * Done + * @endcode + * @cparam br pd @ca{enable|disable} + * @par api_copy + * #otBorderRoutingDhcp6PdSetEnabled + * + */ + if (Interpreter::GetInterpreter().ProcessEnableDisable(aArgs, otBorderRoutingDhcp6PdSetEnabled) == OT_ERROR_NONE) + { + } + /** + * @cli br pd state + * @code + * br pd state + * running + * Done + * @endcode + * @par api_copy + * #otBorderRoutingDhcp6PdGetState + */ + else if (aArgs[0] == "state") + { + static const char *const kDhcpv6PdStateStrings[] = { + "disabled", // (0) OT_BORDER_ROUTING_DHCP6_PD_STATE_DISABLED + "stopped", // (1) OT_BORDER_ROUTING_DHCP6_PD_STATE_STOPPED + "running", // (2) OT_BORDER_ROUTING_DHCP6_PD_STATE_RUNNING + }; + + static_assert(0 == OT_BORDER_ROUTING_DHCP6_PD_STATE_DISABLED, + "OT_BORDER_ROUTING_DHCP6_PD_STATE_DISABLED value is not expected!"); + static_assert(1 == OT_BORDER_ROUTING_DHCP6_PD_STATE_STOPPED, + "OT_BORDER_ROUTING_DHCP6_PD_STATE_STOPPED value is not expected!"); + static_assert(2 == OT_BORDER_ROUTING_DHCP6_PD_STATE_RUNNING, + "OT_BORDER_ROUTING_DHCP6_PD_STATE_RUNNING value is not expected!"); + + OutputLine("%s", Stringify(otBorderRoutingDhcp6PdGetState(GetInstancePtr()), kDhcpv6PdStateStrings)); + } + else + { + ExitNow(error = OT_ERROR_INVALID_COMMAND); + } + +exit: + return error; +} +#endif // OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE + /** * @cli br routers * @code @@ -638,6 +698,9 @@ otError Br::Process(Arg aArgs[]) #endif CmdEntry("omrprefix"), CmdEntry("onlinkprefix"), +#if OPENTHREAD_CONFIG_BORDER_ROUTING_DHCP6_PD_ENABLE + CmdEntry("pd"), +#endif CmdEntry("prefixtable"), CmdEntry("rioprf"), CmdEntry("routeprf"), From 557ecf925f9b2ddcd2f9a163d001ab26a28f9a94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20Bida?= Date: Thu, 11 Jan 2024 20:04:55 +0100 Subject: [PATCH 063/121] [srp] simplify crypto `ReadOrGenerateKey` in srp client (#9764) In method `ReadOrGenerateKey` removing call to `GetPublicKey` which was unnecessary operation (value was't used afterward). --- src/core/net/srp_client.cpp | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/src/core/net/srp_client.cpp b/src/core/net/srp_client.cpp index cbc24c4ff0e..fc4a417b55c 100644 --- a/src/core/net/srp_client.cpp +++ b/src/core/net/srp_client.cpp @@ -961,19 +961,16 @@ Error Client::ReadOrGenerateKey(Crypto::Ecdsa::P256::KeyPairAsRef &aKeyRef) if (error == kErrorNone) { - Crypto::Ecdsa::P256::PublicKey publicKey; - - if (keyPair.GetPublicKey(publicKey) == kErrorNone) + if (aKeyRef.ImportKeyPair(keyPair) != kErrorNone) { - SuccessOrExit(error = aKeyRef.ImportKeyPair(keyPair)); - IgnoreError(Get().Delete()); - ExitNow(); + SuccessOrExit(error = aKeyRef.Generate()); } IgnoreError(Get().Delete()); } - - error = aKeyRef.Generate(); - + else + { + SuccessOrExit(error = aKeyRef.Generate()); + } exit: return error; } From 71aed827d513c4b54094529967527f2030b55bea Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Fri, 12 Jan 2024 02:57:29 +0100 Subject: [PATCH 064/121] [posix] only add IPv4 route if NAT64 is enabled (#9762) Currently, when netlink informs that the network interface is up, an IPv4 route is added if a valid one is specified. However, elsewhere we only add/update the route when NAT64 is actually enabled. Since IPv4 route is not useful when NAT64 is not enabled, apply the same logic when the network interface is started. This avoids warnings when NAT64 is compiled in but disabled: incoming message is an IPv4 datagram but no NAT64 prefix configured, drop --- src/posix/platform/netif.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index f41d8463d08..6361f751f83 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -1357,7 +1357,7 @@ static void processNetifLinkEvent(otInstance *aInstance, struct nlmsghdr *aNetli } #if OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE && OPENTHREAD_CONFIG_NAT64_TRANSLATOR_ENABLE - if (isUp && sActiveNat64Cidr.mLength > 0) + if (isUp && otNat64GetTranslatorState(gInstance) == OT_NAT64_STATE_ACTIVE) { // Recover NAT64 route. if ((error = AddIp4Route(sActiveNat64Cidr, kNat64RoutePriority)) != OT_ERROR_NONE) From 6be1901dfa5b33a625b68cbf06fe37fc445517c4 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Fri, 12 Jan 2024 10:55:41 -0800 Subject: [PATCH 065/121] [tcat] define config defaults (#9768) --- src/cli/cli_config.h | 10 ++++++++++ src/core/config/ip6.h | 5 +++-- src/core/config/misc.h | 10 ++++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/cli/cli_config.h b/src/cli/cli_config.h index ac9b5e1cc3c..0eb9b2d088e 100644 --- a/src/cli/cli_config.h +++ b/src/cli/cli_config.h @@ -196,4 +196,14 @@ #define OPENTHREAD_CONFIG_CLI_REGISTER_IP6_RECV_CALLBACK 0 #endif +/** + * @def OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE + * + * Define to 1 to enable BLE secure support. + * + */ +#ifndef OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE +#define OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE 0 +#endif + #endif // CONFIG_CLI_H_ diff --git a/src/core/config/ip6.h b/src/core/config/ip6.h index 94cfaa5b736..26319003312 100644 --- a/src/core/config/ip6.h +++ b/src/core/config/ip6.h @@ -46,6 +46,7 @@ */ #include "config/border_routing.h" +#include "config/misc.h" /** * @def OPENTHREAD_CONFIG_IP6_MAX_EXT_UCAST_ADDRS @@ -188,8 +189,8 @@ * Define as 1 to enable support for TLS over TCP. * */ -#if (OPENTHREAD_CONFIG_TCP_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE) && !defined(OPENTHREAD_CONFIG_TLS_ENABLE) -#define OPENTHREAD_CONFIG_TLS_ENABLE 1 +#ifndef OPENTHREAD_CONFIG_TLS_ENABLE +#define OPENTHREAD_CONFIG_TLS_ENABLE (OPENTHREAD_CONFIG_TCP_ENABLE || OPENTHREAD_CONFIG_BLE_TCAT_ENABLE) #endif /** diff --git a/src/core/config/misc.h b/src/core/config/misc.h index c39fa841090..b04e32ea683 100644 --- a/src/core/config/misc.h +++ b/src/core/config/misc.h @@ -582,6 +582,16 @@ #define OPENTHREAD_CONFIG_OPERATIONAL_DATASET_AUTO_INIT 0 #endif +/** + * @def OPENTHREAD_CONFIG_BLE_TCAT_ENABLE + * + * Define to 1 to enable TCAT over BLE support. + * + */ +#ifndef OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#define OPENTHREAD_CONFIG_BLE_TCAT_ENABLE 0 +#endif + /** * @} * From f1e74a036b5bd2e9dd6565161ab806cc854dc0b4 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Fri, 12 Jan 2024 10:56:06 -0800 Subject: [PATCH 066/121] [github-actions] bump actions/upload-artifact and actions/download-artifact (#9769) - actions/upload-artifact from 3.1.3 to 4.0.0 - actions/download-artifact from 3.0.2 to 4.1.1 --- .github/workflows/otbr.yml | 26 +++++++++++++----------- .github/workflows/otns.yml | 16 ++++++++------- .github/workflows/posix.yml | 22 ++++++++++---------- .github/workflows/simulation-1.1.yml | 30 +++++++++++++++------------- .github/workflows/simulation-1.2.yml | 30 +++++++++++++++------------- .github/workflows/toranj.yml | 6 ++++-- .github/workflows/unit.yml | 6 ++++-- 7 files changed, 75 insertions(+), 61 deletions(-) diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index 62cddbf5029..09f78b57d62 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -86,11 +86,11 @@ jobs: export CI_ENV="$(bash <(curl -s https://codecov.io/env)) -e GITHUB_ACTIONS -e COVERAGE" echo "CI_ENV=${CI_ENV}" sudo -E ./script/test cert_suite ./tests/scripts/thread-cert/backbone/*.py || (sudo chmod a+r *.log *.json *.pcap && false) - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-thread-1-3-backbone-docker path: /tmp/coverage/ - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: thread-1-3-backbone-results @@ -103,7 +103,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-thread-1-3-backbone path: tmp/coverage.info @@ -143,7 +143,7 @@ jobs: cert_scripts: ./tests/scripts/thread-cert/border_router/nat64/*.py packet_verification: 1 nat64: 1 - description: "nat64 openthread" + description: "nat64" - otbr_mdns: "avahi" otbr_trel: 0 cert_scripts: ./tests/scripts/thread-cert/border_router/*.py @@ -162,7 +162,7 @@ jobs: packet_verification: 1 nat64: 0 use_core_firewall: 1 - description: "core firewall" + description: "core-firewall" name: BR ${{ matrix.description }} (${{ matrix.otbr_mdns }}, TREL=${{matrix.otbr_trel}}) env: REFERENCE_DEVICE: 1 @@ -206,14 +206,14 @@ jobs: export CI_ENV="$(bash <(curl -s https://codecov.io/env)) -e GITHUB_ACTIONS -e COVERAGE" echo "CI_ENV=${CI_ENV}" sudo -E ./script/test cert_suite ${{ matrix.cert_scripts }} || (sudo chmod a+r *.log *.json *.pcap && false) - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: - name: cov-thread-border-router-docker + name: cov-br-docker-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: /tmp/coverage/ - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: - name: thread-border-router-results + name: br-results-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: | *.pcap *.json @@ -223,9 +223,9 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: - name: cov-thread-border-router + name: cov-br-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: tmp/coverage.info upload-coverage: @@ -240,9 +240,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage continue-on-error: true run: | diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index 945c7394f0a..207d10098f4 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -82,7 +82,7 @@ jobs: cd /tmp/otns ./script/test py-unittests ) - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: unittests-pcaps @@ -92,7 +92,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-otns-unittests path: tmp/coverage.info @@ -121,7 +121,7 @@ jobs: cd /tmp/otns ./script/test py-examples ) - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: examples-pcaps @@ -131,7 +131,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-otns-examples path: tmp/coverage.info @@ -183,7 +183,7 @@ jobs: cd /tmp/otns ./script/test stress-tests ${{ matrix.suite }} ) - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: stress-tests-${{ matrix.suite }}-pcaps @@ -193,7 +193,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-otns-stress-tests-${{ matrix.suite }} path: tmp/coverage.info @@ -214,9 +214,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Upload Coverage run: | script/test upload_codecov diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index b019a255a8d..46853113d36 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -75,7 +75,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_RCP=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED_RCP == '1' }} with: name: core-expect-rcp @@ -84,7 +84,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-expects-linux-1 path: tmp/coverage.info @@ -107,13 +107,13 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_TUN=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED_TUN == '1' }} with: name: core-expect-linux path: | ./ot-core-dump/* - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: syslog-expect-linux @@ -121,7 +121,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-expects-linux-2 path: tmp/coverage.info @@ -153,7 +153,7 @@ jobs: - name: Run run: | MAX_JOBS=$(getconf _NPROCESSORS_ONLN) ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: thread-cert @@ -161,7 +161,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-thread-cert path: tmp/coverage.info @@ -211,7 +211,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-pty-linux-${{ matrix.DAEMON }} path: tmp/coverage.info @@ -278,7 +278,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-rcp-stack-reset path: tmp/coverage.info @@ -301,9 +301,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage run: | script/test combine_coverage diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index 3705ceb4dde..fb74fb94ae0 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -76,7 +76,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: packet-verification-pcaps @@ -86,7 +86,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-packet-verification path: tmp/coverage.info @@ -121,7 +121,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: cli-ftd-thread-cert @@ -129,7 +129,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-cli-ftd path: tmp/coverage.info @@ -171,7 +171,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: cli-mtd-thread-cert @@ -179,7 +179,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-cli-mtd-${{ matrix.message_use_heap }} path: tmp/coverage.info @@ -214,7 +214,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: cli-time-sync-thread-cert @@ -222,7 +222,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-cli-time-sync path: tmp/coverage.info @@ -254,7 +254,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_CLI=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED_CLI == '1' }} with: name: core-expect-cli @@ -263,7 +263,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-expects path: tmp/coverage.info @@ -312,7 +312,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-ot-commissioner path: tmp/coverage.info @@ -343,7 +343,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: ot_testing @@ -351,7 +351,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-multiple-instance path: tmp/coverage.info @@ -378,9 +378,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage run: | script/test combine_coverage diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index d88be6c5c8e..8d4b5a1fdae 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -95,12 +95,12 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: thread-1-3-${{ matrix.compiler.c }}-${{ matrix.arch }}-pcaps path: "*.pcap" - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-packet-verification-thread-1-3 @@ -109,7 +109,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage "${{ matrix.compiler.gcov }}" - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-thread-1-3-${{ matrix.compiler.c }}-${{ matrix.arch }} path: tmp/coverage.info @@ -165,14 +165,14 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: packet-verification-low-power-pcaps path: | *.pcap *.json - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-packet-verification-low-power @@ -181,7 +181,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-packet-verification-low-power path: tmp/coverage.info @@ -218,7 +218,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: packet-verification-1.1-on-1.3-pcaps @@ -228,7 +228,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-packet-verification-1-1-on-1-3 path: tmp/coverage.info @@ -262,7 +262,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-expect-1-3 @@ -271,7 +271,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-expects path: tmp/coverage.info @@ -320,12 +320,12 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: name: thread-1-3-posix-pcaps path: "*.pcap" - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-thread-1-3-posix @@ -334,7 +334,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-thread-1-3-posix path: tmp/coverage.info @@ -359,9 +359,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage run: | script/test combine_coverage diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index 16e9e92e89e..0f9b292aa48 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -111,7 +111,7 @@ jobs: if: "matrix.TORANJ_RADIO != 'multi'" run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: "matrix.TORANJ_RADIO != 'multi'" with: name: cov-toranj-cli-${{ matrix.TORANJ_RADIO }} @@ -174,9 +174,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage run: | script/test combine_coverage diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 1df2df5376b..9862c8bdf16 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -93,7 +93,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: cov-unit-tests path: tmp/coverage.info @@ -114,9 +114,11 @@ jobs: - name: Bootstrap run: | sudo apt-get --no-install-recommends install -y lcov - - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: path: coverage/ + pattern: cov-* + merge-multiple: true - name: Combine Coverage run: | script/test combine_coverage From f621312a454eb7ba77daf233dea57efee3a4caea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Jan 2024 18:05:34 -0800 Subject: [PATCH 067/121] github-actions: bump geekyeggo/delete-artifact from 2.0.0 to 4.1.0 (#9774) Bumps [geekyeggo/delete-artifact](https://github.com/geekyeggo/delete-artifact) from 2.0.0 to 4.1.0. - [Release notes](https://github.com/geekyeggo/delete-artifact/releases) - [Changelog](https://github.com/GeekyEggo/delete-artifact/blob/main/CHANGELOG.md) - [Commits](https://github.com/geekyeggo/delete-artifact/compare/54ab544f12cdb7b71613a16a2b5a37a9ade990af...65041433121f7239077fa20be14c0690f70569de) --- updated-dependencies: - dependency-name: geekyeggo/delete-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/otbr.yml | 2 +- .github/workflows/posix.yml | 2 +- .github/workflows/simulation-1.1.yml | 2 +- .github/workflows/simulation-1.2.yml | 2 +- .github/workflows/toranj.yml | 2 +- .github/workflows/unit.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index 09f78b57d62..16a0e813a7c 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -260,7 +260,7 @@ jobs: needs: upload-coverage runs-on: ubuntu-20.04 steps: - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 46853113d36..57f69e97af4 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -324,7 +324,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index fb74fb94ae0..80e2bc7bb21 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -401,7 +401,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index 8d4b5a1fdae..3b0e8f24df5 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -382,7 +382,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index 0f9b292aa48..d9a851180c2 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -197,7 +197,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 9862c8bdf16..8a7f7ff9b67 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -137,7 +137,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af # v2.0.0 + - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: name: cov-* useGlob: true From 4a6ebf0983289b67332334aa94812edf1a381e24 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Wed, 17 Jan 2024 07:04:35 -0800 Subject: [PATCH 068/121] [github-actions] add write permissions for geekyeggo/delete-artifact (#9780) --- .github/workflows/otbr.yml | 2 ++ .github/workflows/posix.yml | 2 ++ .github/workflows/simulation-1.1.yml | 2 ++ .github/workflows/simulation-1.2.yml | 2 ++ .github/workflows/toranj.yml | 2 ++ .github/workflows/unit.yml | 2 ++ 6 files changed, 12 insertions(+) diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index 16a0e813a7c..ae4202c31ad 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -259,6 +259,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 with: diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 57f69e97af4..775b8636ab5 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -318,6 +318,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index 80e2bc7bb21..0a3308c2bc0 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -395,6 +395,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index 3b0e8f24df5..e3cd040d2b7 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -376,6 +376,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index d9a851180c2..62af5b7ea0c 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -191,6 +191,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 8a7f7ff9b67..93d0bbf4b0e 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -131,6 +131,8 @@ jobs: delete-coverage-artifacts: needs: upload-coverage runs-on: ubuntu-20.04 + permissions: + actions: write steps: - name: Harden Runner uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 From f75e2bb567bd4cbe7a0c8f79979e06ebaf0e4c1e Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 17 Jan 2024 07:23:20 -0800 Subject: [PATCH 069/121] [net-diag] handle `MleCounterTlv` in `AppendDiagTlv()` (#9777) Adds support for responding to `MleCounterTlv` in `AppendDiagTlv()` Processing the TLV is a received response is already implemented and supported. Updates `test-020-net-diag` to check query of MLE counters TLV. --- src/core/thread/network_diagnostic.cpp | 9 +++++++++ tests/toranj/cli/test-020-net-diag-vendor-info.py | 5 +++++ 2 files changed, 14 insertions(+) diff --git a/src/core/thread/network_diagnostic.cpp b/src/core/thread/network_diagnostic.cpp index 37f68534cc6..c331dc42829 100644 --- a/src/core/thread/network_diagnostic.cpp +++ b/src/core/thread/network_diagnostic.cpp @@ -299,6 +299,15 @@ Error Server::AppendDiagTlv(uint8_t aTlvType, Message &aMessage) error = AppendMacCounters(aMessage); break; + case Tlv::kMleCounters: + { + MleCountersTlv tlv; + + tlv.Init(Get().GetCounters()); + error = tlv.AppendTo(aMessage); + break; + } + case Tlv::kVendorName: error = Tlv::Append(aMessage, GetVendorName()); break; diff --git a/tests/toranj/cli/test-020-net-diag-vendor-info.py b/tests/toranj/cli/test-020-net-diag-vendor-info.py index 6f205cd2585..f923dde1941 100755 --- a/tests/toranj/cli/test-020-net-diag-vendor-info.py +++ b/tests/toranj/cli/test-020-net-diag-vendor-info.py @@ -68,6 +68,7 @@ VENDOR_MODEL_TLV = 26 VENDOR_SW_VERSION_TLV = 27 THREAD_STACK_VERSION_TLV = 28 +MLE_COUNTERS_TLV = 34 #- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Check setting vendor name, model, ans sw version @@ -176,6 +177,10 @@ else: verify(False) +result = r2.cli('networkdiagnostic get', r1_rloc, MLE_COUNTERS_TLV) +print(len(result) >= 1) +verify(result[1].startswith("MLE Counters:")) + # ----------------------------------------------------------------------------------------------------------------------- # Test finished From a0b9ac74f1b467df5722ea8613a2dcb690b93fd4 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Thu, 18 Jan 2024 15:22:25 -0800 Subject: [PATCH 070/121] [github-actions] remove use of geekyeggo/delete-artifact (#9785) Simply set retention to 1 day for coverage artifacts. --- .github/workflows/otbr.yml | 15 ++++----------- .github/workflows/otns.yml | 2 ++ .github/workflows/posix.yml | 20 ++++---------------- .github/workflows/simulation-1.1.yml | 23 +++++++---------------- .github/workflows/simulation-1.2.yml | 21 +++++---------------- .github/workflows/toranj.yml | 17 +---------------- .github/workflows/unit.yml | 18 +----------------- 7 files changed, 24 insertions(+), 92 deletions(-) diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index ae4202c31ad..d964cddd9cb 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -90,6 +90,7 @@ jobs: with: name: cov-thread-1-3-backbone-docker path: /tmp/coverage/ + retention-days: 1 - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: @@ -107,6 +108,7 @@ jobs: with: name: cov-thread-1-3-backbone path: tmp/coverage.info + retention-days: 1 thread-border-router: runs-on: ubuntu-20.04 @@ -210,6 +212,7 @@ jobs: with: name: cov-br-docker-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: /tmp/coverage/ + retention-days: 1 - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 if: ${{ failure() }} with: @@ -227,6 +230,7 @@ jobs: with: name: cov-br-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: tmp/coverage.info + retention-days: 1 upload-coverage: needs: @@ -255,14 +259,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index 207d10098f4..d21f7ad56bf 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -96,6 +96,7 @@ jobs: with: name: cov-otns-unittests path: tmp/coverage.info + retention-days: 1 examples: name: Examples @@ -197,6 +198,7 @@ jobs: with: name: cov-otns-stress-tests-${{ matrix.suite }} path: tmp/coverage.info + retention-days: 1 upload-coverage: needs: diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 775b8636ab5..efdb085f819 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -88,6 +88,7 @@ jobs: with: name: cov-expects-linux-1 path: tmp/coverage.info + retention-days: 1 - name: Run TUN Mode run: | sudo rm /etc/apt/sources.list.d/* && sudo apt-get update @@ -125,6 +126,7 @@ jobs: with: name: cov-expects-linux-2 path: tmp/coverage.info + retention-days: 1 thread-cert: runs-on: ubuntu-20.04 @@ -215,6 +217,7 @@ jobs: with: name: cov-pty-linux-${{ matrix.DAEMON }} path: tmp/coverage.info + retention-days: 1 pty-macos: name: pty-macos OT_DAEMON=${{ matrix.OT_DAEMON }} @@ -282,6 +285,7 @@ jobs: with: name: cov-rcp-stack-reset path: tmp/coverage.info + retention-days: 1 upload-coverage: needs: @@ -314,19 +318,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index 0a3308c2bc0..eedc18ca685 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -90,6 +90,7 @@ jobs: with: name: cov-packet-verification path: tmp/coverage.info + retention-days: 1 cli-ftd: runs-on: ubuntu-20.04 @@ -133,6 +134,7 @@ jobs: with: name: cov-cli-ftd path: tmp/coverage.info + retention-days: 1 cli-mtd: name: cli-mtd MESSAGE_USE_HEAP=${{ matrix.message_use_heap }} @@ -183,6 +185,7 @@ jobs: with: name: cov-cli-mtd-${{ matrix.message_use_heap }} path: tmp/coverage.info + retention-days: 1 cli-time-sync: runs-on: ubuntu-20.04 @@ -226,6 +229,7 @@ jobs: with: name: cov-cli-time-sync path: tmp/coverage.info + retention-days: 1 expects: runs-on: ubuntu-20.04 @@ -267,6 +271,7 @@ jobs: with: name: cov-expects path: tmp/coverage.info + retention-days: 1 ot-commissioner: runs-on: ubuntu-22.04 @@ -316,6 +321,7 @@ jobs: with: name: cov-ot-commissioner path: tmp/coverage.info + retention-days: 1 multiple-instance: runs-on: ubuntu-20.04 @@ -355,6 +361,7 @@ jobs: with: name: cov-multiple-instance path: tmp/coverage.info + retention-days: 1 upload-coverage: needs: @@ -391,19 +398,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index e3cd040d2b7..7e94ff8d4a2 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -113,6 +113,7 @@ jobs: with: name: cov-thread-1-3-${{ matrix.compiler.c }}-${{ matrix.arch }} path: tmp/coverage.info + retention-days: 1 packet-verification-low-power: runs-on: ubuntu-20.04 @@ -185,6 +186,7 @@ jobs: with: name: cov-packet-verification-low-power path: tmp/coverage.info + retention-days: 1 packet-verification-1-1-on-1-3: runs-on: ubuntu-20.04 @@ -232,6 +234,7 @@ jobs: with: name: cov-packet-verification-1-1-on-1-3 path: tmp/coverage.info + retention-days: 1 expects: runs-on: ubuntu-20.04 @@ -275,6 +278,7 @@ jobs: with: name: cov-expects path: tmp/coverage.info + retention-days: 1 thread-1-3-posix: runs-on: ubuntu-20.04 @@ -338,6 +342,7 @@ jobs: with: name: cov-thread-1-3-posix path: tmp/coverage.info + retention-days: 1 upload-coverage: needs: @@ -372,19 +377,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index 62af5b7ea0c..bb69395da3f 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -116,6 +116,7 @@ jobs: with: name: cov-toranj-cli-${{ matrix.TORANJ_RADIO }} path: tmp/coverage.info + retention-days: 1 toranj-unittest: name: toranj-unittest @@ -187,19 +188,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 93d0bbf4b0e..70293674fc1 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -97,7 +97,7 @@ jobs: with: name: cov-unit-tests path: tmp/coverage.info - + retention-days: 1 upload-coverage: needs: unit-tests @@ -127,19 +127,3 @@ jobs: with: files: final.info fail_ci_if_error: true - - delete-coverage-artifacts: - needs: upload-coverage - runs-on: ubuntu-20.04 - permissions: - actions: write - steps: - - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: geekyeggo/delete-artifact@65041433121f7239077fa20be14c0690f70569de # v4.1.0 - with: - name: cov-* - useGlob: true From 00076aff3ae571db7c90509ec9dc293457098c35 Mon Sep 17 00:00:00 2001 From: Li Cao Date: Sat, 20 Jan 2024 06:16:28 +0800 Subject: [PATCH 071/121] [posix] fix netlink address deletion on posix (#9779) --- src/posix/platform/netif.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index 6361f751f83..ac1da79cd08 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -375,7 +375,7 @@ static void UpdateUnicastLinux(otInstance *aInstance, const otIp6AddressInfo &aA memset(&req, 0, sizeof(req)); req.nh.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg)); - req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE | NLM_F_EXCL; + req.nh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | (aIsAdded ? (NLM_F_CREATE | NLM_F_EXCL) : 0); req.nh.nlmsg_type = aIsAdded ? RTM_NEWADDR : RTM_DELADDR; req.nh.nlmsg_pid = 0; req.nh.nlmsg_seq = ++sNetlinkSequence; From 6ca49027f569f51f7bfe3829fbb17201efff28d3 Mon Sep 17 00:00:00 2001 From: Kangping Date: Tue, 23 Jan 2024 00:31:35 +0800 Subject: [PATCH 072/121] [posix] use /dev/socket/ot-daemon for OT daemon socket (#9776) Android traditioanlly use /dev/socket/ directory for unix sockets of system services. This commit changes ot-daemon to use "/dev/socket/ot-daemon". In additional, this disables the .lock file which is not needed for Android and can't be created along with the socket file Resolves comments in aosp/2891476 --- src/posix/platform/daemon.cpp | 47 +++++++++++++++++++++++++++++------ src/posix/platform/daemon.hpp | 1 + 2 files changed, 40 insertions(+), 8 deletions(-) diff --git a/src/posix/platform/daemon.cpp b/src/posix/platform/daemon.cpp index bf905992c46..245ad480bca 100644 --- a/src/posix/platform/daemon.cpp +++ b/src/posix/platform/daemon.cpp @@ -28,6 +28,9 @@ #include "posix/platform/daemon.hpp" +#if defined(__ANDROID__) && !OPENTHREAD_CONFIG_ANDROID_NDK_ENABLE +#include +#endif #include #include #include @@ -169,10 +172,28 @@ void Daemon::InitializeSessionSocket(void) } } -void Daemon::SetUp(void) +#if defined(__ANDROID__) && !OPENTHREAD_CONFIG_ANDROID_NDK_ENABLE +void Daemon::createListenSocketOrDie(void) +{ + Filename socketFile; + + // Don't use OPENTHREAD_POSIX_DAEMON_SOCKET_NAME because android_get_control_socket + // below already assumes parent /dev/socket dir + GetFilename(socketFile, "ot-daemon/%s.sock"); + + // This returns the init-managed stream socket which is already bind to + // /dev/socket/ot-daemon/.sock + mListenSocket = android_get_control_socket(socketFile); + if (mListenSocket == -1) + { + DieNowWithMessage("android_get_control_socket", OT_EXIT_ERROR_ERRNO); + } +} +#else +void Daemon::createListenSocketOrDie(void) { struct sockaddr_un sockname; - int ret; + int ret; class AllowAllGuard { @@ -180,7 +201,7 @@ void Daemon::SetUp(void) AllowAllGuard(void) { const char *allowAll = getenv("OT_DAEMON_ALLOW_ALL"); - mAllowAll = (allowAll != nullptr && strcmp("1", allowAll) == 0); + mAllowAll = (allowAll != nullptr && strcmp("1", allowAll) == 0); if (mAllowAll) { @@ -196,13 +217,10 @@ void Daemon::SetUp(void) } private: - bool mAllowAll = false; - mode_t mMode = 0; + bool mAllowAll = false; + mode_t mMode = 0; }; - // This allows implementing pseudo reset. - VerifyOrExit(mListenSocket == -1); - mListenSocket = SocketWithCloseExec(AF_UNIX, SOCK_STREAM, 0, kSocketNonBlock); if (mListenSocket == -1) @@ -246,6 +264,16 @@ void Daemon::SetUp(void) { DieNowWithMessage("bind", OT_EXIT_ERROR_ERRNO); } +} +#endif // defined(__ANDROID__) && !OPENTHREAD_CONFIG_ANDROID_NDK_ENABLE + +void Daemon::SetUp(void) +{ + int ret; + + // This allows implementing pseudo reset. + VerifyOrExit(mListenSocket == -1); + createListenSocketOrDie(); // // only accept 1 connection. @@ -281,6 +309,8 @@ void Daemon::TearDown(void) mSessionSocket = -1; } +#if !defined(__ANDROID__) || OPENTHREAD_CONFIG_ANDROID_NDK_ENABLE + // The `mListenSocket` is managed by `init` on Android if (mListenSocket != -1) { close(mListenSocket); @@ -302,6 +332,7 @@ void Daemon::TearDown(void) close(mDaemonLock); mDaemonLock = -1; } +#endif } void Daemon::Update(otSysMainloopContext &aContext) diff --git a/src/posix/platform/daemon.hpp b/src/posix/platform/daemon.hpp index 4fdd3b3f8ae..deba85b436a 100644 --- a/src/posix/platform/daemon.hpp +++ b/src/posix/platform/daemon.hpp @@ -49,6 +49,7 @@ class Daemon : public Mainloop::Source, private NonCopyable private: int OutputFormat(const char *aFormat, ...); int OutputFormatV(const char *aFormat, va_list aArguments); + void createListenSocketOrDie(void); void InitializeSessionSocket(void); int mListenSocket = -1; From fab2c9ac2d90e81702ce82a13f9d5f7849f32114 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jan 2024 09:07:19 -0800 Subject: [PATCH 073/121] github-actions: bump actions/upload-artifact from 3.1.3 to 4.2.0 (#9788) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.2.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3.1.3...694cdabd8bdb0f10b2cea11669e1bf5453eed0a6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/fuzz.yml | 2 +- .github/workflows/otbr.yml | 12 ++++++------ .github/workflows/otns.yml | 12 ++++++------ .github/workflows/posix.yml | 18 +++++++++--------- .github/workflows/scorecards.yml | 2 +- .github/workflows/simulation-1.1.yml | 26 +++++++++++++------------- .github/workflows/simulation-1.2.yml | 26 +++++++++++++------------- .github/workflows/toranj.yml | 2 +- .github/workflows/unit.yml | 2 +- 9 files changed, 51 insertions(+), 51 deletions(-) diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 932742765d1..6d7f847cbb5 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -61,7 +61,7 @@ jobs: fuzz-seconds: 1800 dry-run: false - name: Upload Crash - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: failure() with: name: artifacts diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index d964cddd9cb..2440a320e88 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -86,12 +86,12 @@ jobs: export CI_ENV="$(bash <(curl -s https://codecov.io/env)) -e GITHUB_ACTIONS -e COVERAGE" echo "CI_ENV=${CI_ENV}" sudo -E ./script/test cert_suite ./tests/scripts/thread-cert/backbone/*.py || (sudo chmod a+r *.log *.json *.pcap && false) - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-thread-1-3-backbone-docker path: /tmp/coverage/ retention-days: 1 - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: thread-1-3-backbone-results @@ -104,7 +104,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-thread-1-3-backbone path: tmp/coverage.info @@ -208,12 +208,12 @@ jobs: export CI_ENV="$(bash <(curl -s https://codecov.io/env)) -e GITHUB_ACTIONS -e COVERAGE" echo "CI_ENV=${CI_ENV}" sudo -E ./script/test cert_suite ${{ matrix.cert_scripts }} || (sudo chmod a+r *.log *.json *.pcap && false) - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-br-docker-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: /tmp/coverage/ retention-days: 1 - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: br-results-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} @@ -226,7 +226,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-br-${{ matrix.description }}-${{ matrix.otbr_mdns }}-${{matrix.otbr_trel}} path: tmp/coverage.info diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index d21f7ad56bf..c6ee0a657a1 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -82,7 +82,7 @@ jobs: cd /tmp/otns ./script/test py-unittests ) - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: unittests-pcaps @@ -92,7 +92,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-otns-unittests path: tmp/coverage.info @@ -122,7 +122,7 @@ jobs: cd /tmp/otns ./script/test py-examples ) - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: examples-pcaps @@ -132,7 +132,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-otns-examples path: tmp/coverage.info @@ -184,7 +184,7 @@ jobs: cd /tmp/otns ./script/test stress-tests ${{ matrix.suite }} ) - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: stress-tests-${{ matrix.suite }}-pcaps @@ -194,7 +194,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-otns-stress-tests-${{ matrix.suite }} path: tmp/coverage.info diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index efdb085f819..947625f489c 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -75,7 +75,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_RCP=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED_RCP == '1' }} with: name: core-expect-rcp @@ -84,7 +84,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-expects-linux-1 path: tmp/coverage.info @@ -108,13 +108,13 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_TUN=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED_TUN == '1' }} with: name: core-expect-linux path: | ./ot-core-dump/* - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: syslog-expect-linux @@ -122,7 +122,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-expects-linux-2 path: tmp/coverage.info @@ -155,7 +155,7 @@ jobs: - name: Run run: | MAX_JOBS=$(getconf _NPROCESSORS_ONLN) ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: thread-cert @@ -163,7 +163,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-thread-cert path: tmp/coverage.info @@ -213,7 +213,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-pty-linux-${{ matrix.DAEMON }} path: tmp/coverage.info @@ -281,7 +281,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-rcp-stack-reset path: tmp/coverage.info diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 76ce1c9d707..850571bc3d1 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -87,7 +87,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.0 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v3.1.0 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index eedc18ca685..9109c1b7162 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -76,7 +76,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: packet-verification-pcaps @@ -86,7 +86,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-packet-verification path: tmp/coverage.info @@ -122,7 +122,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: cli-ftd-thread-cert @@ -130,7 +130,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-cli-ftd path: tmp/coverage.info @@ -173,7 +173,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: cli-mtd-thread-cert @@ -181,7 +181,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-cli-mtd-${{ matrix.message_use_heap }} path: tmp/coverage.info @@ -217,7 +217,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: cli-time-sync-thread-cert @@ -225,7 +225,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-cli-time-sync path: tmp/coverage.info @@ -258,7 +258,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED_CLI=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED_CLI == '1' }} with: name: core-expect-cli @@ -267,7 +267,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-expects path: tmp/coverage.info @@ -317,7 +317,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-ot-commissioner path: tmp/coverage.info @@ -349,7 +349,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: ot_testing @@ -357,7 +357,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-multiple-instance path: tmp/coverage.info diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index 7e94ff8d4a2..651bd9fe217 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -95,12 +95,12 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: thread-1-3-${{ matrix.compiler.c }}-${{ matrix.arch }}-pcaps path: "*.pcap" - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-packet-verification-thread-1-3 @@ -109,7 +109,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage "${{ matrix.compiler.gcov }}" - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-thread-1-3-${{ matrix.compiler.c }}-${{ matrix.arch }} path: tmp/coverage.info @@ -166,14 +166,14 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: packet-verification-low-power-pcaps path: | *.pcap *.json - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-packet-verification-low-power @@ -182,7 +182,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-packet-verification-low-power path: tmp/coverage.info @@ -220,7 +220,7 @@ jobs: - name: Run run: | ./script/test cert_suite ./tests/scripts/thread-cert/Cert_*.py ./tests/scripts/thread-cert/test_*.py - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: packet-verification-1.1-on-1.3-pcaps @@ -230,7 +230,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-packet-verification-1-1-on-1-3 path: tmp/coverage.info @@ -265,7 +265,7 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-expect-1-3 @@ -274,7 +274,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-expects path: tmp/coverage.info @@ -324,12 +324,12 @@ jobs: CRASHED=$(./script/test check_crash | tail -1) [[ $CRASHED -eq "1" ]] && echo "Crashed!" || echo "Not crashed." echo "CRASHED=$CRASHED" >> $GITHUB_ENV - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() }} with: name: thread-1-3-posix-pcaps path: "*.pcap" - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: ${{ failure() && env.CRASHED == '1' }} with: name: core-thread-1-3-posix @@ -338,7 +338,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-thread-1-3-posix path: tmp/coverage.info diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index bb69395da3f..59dac8dd7c7 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -111,7 +111,7 @@ jobs: if: "matrix.TORANJ_RADIO != 'multi'" run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 if: "matrix.TORANJ_RADIO != 'multi'" with: name: cov-toranj-cli-${{ matrix.TORANJ_RADIO }} diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 70293674fc1..3308f91b984 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -93,7 +93,7 @@ jobs: - name: Generate Coverage run: | ./script/test generate_coverage gcc - - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: cov-unit-tests path: tmp/coverage.info From 84e0e77ce2ad66c90062fd73ac4935c2e94e3ddd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Baczma=C5=84ski?= Date: Tue, 23 Jan 2024 01:37:22 +0100 Subject: [PATCH 074/121] [radio] add API for resetting CSL parameters (#9772) Add `ResetCsl` and `otPlatRadioResetCsl` This allows handling stack reset as separate call instead of using `kShortAddrInvalid` as `otShortAddress` and `nullptr` as `otExtAddress` which can be difficult to handle on vendor's side. Default implementation still calls `otPlatRadioEnableCsl(aInstance,0, Mac::kShortAddrInvalid, nullptr)` So no action is needed if vendor has already implemented handling this case. Signed-off-by: Maciej Baczmanski --- examples/platforms/simulation/radio.c | 13 ++++++++++--- include/openthread/instance.h | 2 +- include/openthread/platform/radio.h | 20 +++++++++++++++++--- src/core/radio/radio.cpp | 2 +- src/core/radio/radio.hpp | 17 ++++++++++++++++- src/core/radio/radio_platform.cpp | 7 +++++++ tests/unit/test_platform.cpp | 2 ++ 7 files changed, 54 insertions(+), 9 deletions(-) diff --git a/examples/platforms/simulation/radio.c b/examples/platforms/simulation/radio.c index 6ba2a5dcfb5..03808b5afc1 100644 --- a/examples/platforms/simulation/radio.c +++ b/examples/platforms/simulation/radio.c @@ -1331,11 +1331,18 @@ otError otPlatRadioEnableCsl(otInstance *aInstance, OT_UNUSED_VARIABLE(aShortAddr); OT_UNUSED_VARIABLE(aExtAddr); - otError error = OT_ERROR_NONE; - sCslPeriod = aCslPeriod; - return error; + return OT_ERROR_NONE; +} + +otError otPlatRadioResetCsl(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + + sCslPeriod = 0; + + return OT_ERROR_NONE; } void otPlatRadioUpdateCslSampleTime(otInstance *aInstance, uint32_t aCslSampleTime) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 1a97f96e5c8..58f33e64d82 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (389) +#define OPENTHREAD_API_VERSION (390) /** * @addtogroup api-instance diff --git a/include/openthread/platform/radio.h b/include/openthread/platform/radio.h index e2bc3db762b..9f6bd31a65e 100644 --- a/include/openthread/platform/radio.h +++ b/include/openthread/platform/radio.h @@ -1132,9 +1132,9 @@ otError otPlatRadioGetCoexMetrics(otInstance *aInstance, otRadioCoexMetrics *aCo * * @note Platforms should use CSL peer addresses to include CSL IE when generating enhanced acks. * - * @retval kErrorNotImplemented Radio driver doesn't support CSL. - * @retval kErrorFailed Other platform specific errors. - * @retval kErrorNone Successfully enabled or disabled CSL. + * @retval OT_ERROR_NOT_IMPLEMENTED Radio driver doesn't support CSL. + * @retval OT_ERROR_FAILED Other platform specific errors. + * @retval OT_ERROR_NONE Successfully enabled or disabled CSL. * */ otError otPlatRadioEnableCsl(otInstance *aInstance, @@ -1142,6 +1142,20 @@ otError otPlatRadioEnableCsl(otInstance *aInstance, otShortAddress aShortAddr, const otExtAddress *aExtAddr); +/** + * Reset CSL receiver in the platform. + * + * @note Defaults to `otPlatRadioEnableCsl(aInstance,0, Mac::kShortAddrInvalid, nullptr);` + * + * @param[in] aInstance The OpenThread instance structure. + * + * @retval OT_ERROR_NOT_IMPLEMENTED Radio driver doesn't support CSL. + * @retval OT_ERROR_FAILED Other platform specific errors. + * @retval OT_ERROR_NONE Successfully disabled CSL. + * + */ +otError otPlatRadioResetCsl(otInstance *aInstance); + /** * Update CSL sample time in radio driver. * diff --git a/src/core/radio/radio.cpp b/src/core/radio/radio.cpp index bd9c8d83afa..2356e1418e6 100644 --- a/src/core/radio/radio.cpp +++ b/src/core/radio/radio.cpp @@ -53,7 +53,7 @@ void Radio::Init(void) { #if OPENTHREAD_CONFIG_RADIO_LINK_IEEE_802_15_4_ENABLE #if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE - SuccessOrAssert(EnableCsl(0, Mac::kShortAddrInvalid, nullptr)); + SuccessOrAssert(ResetCsl()); #endif EnableSrcMatch(false); diff --git a/src/core/radio/radio.hpp b/src/core/radio/radio.hpp index fb587563ed9..18051615ddb 100644 --- a/src/core/radio/radio.hpp +++ b/src/core/radio/radio.hpp @@ -523,7 +523,8 @@ class Radio : public InstanceLocator, private NonCopyable */ Error ReceiveAt(uint8_t aChannel, uint32_t aStart, uint32_t aDuration); - /** Enables CSL sampling in radio. + /** + * Enables CSL sampling in radio. * * @param[in] aCslPeriod CSL period, 0 for disabling CSL. * @param[in] aShortAddr The short source address of CSL receiver's peer. @@ -537,6 +538,16 @@ class Radio : public InstanceLocator, private NonCopyable * */ Error EnableCsl(uint32_t aCslPeriod, otShortAddress aShortAddr, const otExtAddress *aExtAddr); + + /** + * Resets CSL receiver in radio. + * + * @retval kErrorNotImplemented Radio driver doesn't support CSL. + * @retval kErrorFailed Other platform specific errors. + * @retval kErrorNone Successfully disabled CSL. + * + */ + Error ResetCsl(void); #endif // OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE #if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE || OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE @@ -958,6 +969,8 @@ inline Error Radio::EnableCsl(uint32_t aCslPeriod, otShortAddress aShortAddr, co { return otPlatRadioEnableCsl(GetInstancePtr(), aCslPeriod, aShortAddr, aExtAddr); } + +inline Error Radio::ResetCsl(void) { return otPlatRadioResetCsl(GetInstancePtr()); } #endif #if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE || OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE @@ -1064,6 +1077,8 @@ inline Error Radio::EnableCsl(uint32_t, otShortAddress aShortAddr, const otExtAd { return kErrorNotImplemented; } + +inline Error Radio::ResetCsl(void) { return kErrorNotImplemented; } #endif #if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE || OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE diff --git a/src/core/radio/radio_platform.cpp b/src/core/radio/radio_platform.cpp index b71a0fb0e31..6dcb85de5f0 100644 --- a/src/core/radio/radio_platform.cpp +++ b/src/core/radio/radio_platform.cpp @@ -250,6 +250,13 @@ OT_TOOL_WEAK uint32_t otPlatRadioGetBusSpeed(otInstance *aInstance) return 0; } +#if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE +OT_TOOL_WEAK otError otPlatRadioResetCsl(otInstance *aInstance) +{ + return otPlatRadioEnableCsl(aInstance, 0, Mac::kShortAddrInvalid, nullptr); +} +#endif + OT_TOOL_WEAK uint8_t otPlatRadioGetCslAccuracy(otInstance *aInstance) { OT_UNUSED_VARIABLE(aInstance); diff --git a/tests/unit/test_platform.cpp b/tests/unit/test_platform.cpp index 2ede8e8e8e1..43f6224cbeb 100644 --- a/tests/unit/test_platform.cpp +++ b/tests/unit/test_platform.cpp @@ -404,6 +404,8 @@ OT_TOOL_WEAK otError otPlatRadioEnableCsl(otInstance *, uint32_t, otShortAddress return OT_ERROR_NONE; } +OT_TOOL_WEAK otError otPlatRadioResetCsl(otInstance *) { return OT_ERROR_NONE; } + OT_TOOL_WEAK void otPlatRadioUpdateCslSampleTime(otInstance *, uint32_t) {} OT_TOOL_WEAK uint8_t otPlatRadioGetCslAccuracy(otInstance *) From 7761b81d23b10b3d5ee21b8504c67535cde10896 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 22 Jan 2024 23:08:29 -0800 Subject: [PATCH 075/121] [cli] use `static constexpr` for constants instead of of `enum` (#9789) --- src/cli/cli.hpp | 12 ++++-------- src/cli/cli_coap.hpp | 7 ++----- src/cli/cli_coap_secure.hpp | 11 ++++------- src/cli/cli_commissioner.hpp | 5 +---- src/cli/cli_srp_client.hpp | 7 ++----- src/cli/cli_udp.cpp | 5 +---- 6 files changed, 14 insertions(+), 33 deletions(-) diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index 94798f22acf..f69807110cc 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -277,14 +277,10 @@ class Interpreter : public OutputImplementer, public Output static Interpreter *sInterpreter; private: - enum - { - kIndentSize = 4, - kMaxArgs = 32, - kMaxAutoAddresses = 8, - kMaxLineLength = OPENTHREAD_CONFIG_CLI_MAX_LINE_LENGTH, - kMaxUserCommandEntries = OPENTHREAD_CONFIG_CLI_MAX_USER_CMD_ENTRIES, - }; + static constexpr uint8_t kIndentSize = 4; + static constexpr uint16_t kMaxArgs = 32; + static constexpr uint16_t kMaxLineLength = OPENTHREAD_CONFIG_CLI_MAX_LINE_LENGTH; + static constexpr uint16_t kMaxUserCommandEntries = OPENTHREAD_CONFIG_CLI_MAX_USER_CMD_ENTRIES; static constexpr uint32_t kNetworkDiagnosticTimeoutMsecs = 5000; static constexpr uint32_t kLocateTimeoutMsecs = 2500; diff --git a/src/cli/cli_coap.hpp b/src/cli/cli_coap.hpp index f3357fcc5ba..2b4184a51af 100644 --- a/src/cli/cli_coap.hpp +++ b/src/cli/cli_coap.hpp @@ -78,11 +78,8 @@ class Coap : private Output otError Process(Arg aArgs[]); private: - enum - { - kMaxUriLength = 32, - kMaxBufferSize = 16 - }; + static constexpr uint16_t kMaxUriLength = 32; + static constexpr uint16_t kMaxBufferSize = 16; using Command = CommandEntry; diff --git a/src/cli/cli_coap_secure.hpp b/src/cli/cli_coap_secure.hpp index 2165642bd25..dd26ebf6c00 100644 --- a/src/cli/cli_coap_secure.hpp +++ b/src/cli/cli_coap_secure.hpp @@ -84,13 +84,10 @@ class CoapSecure : private Output otError Process(Arg aArgs[]); private: - enum - { - kMaxUriLength = 32, - kMaxBufferSize = 16, - kPskMaxLength = 32, - kPskIdMaxLength = 32 - }; + static constexpr uint16_t kMaxUriLength = 32; + static constexpr uint16_t kMaxBufferSize = 16; + static constexpr uint8_t kPskMaxLength = 32; + static constexpr uint8_t kPskIdMaxLength = 32; using Command = CommandEntry; diff --git a/src/cli/cli_commissioner.hpp b/src/cli/cli_commissioner.hpp index 8969bd7620a..162c6da5b84 100644 --- a/src/cli/cli_commissioner.hpp +++ b/src/cli/cli_commissioner.hpp @@ -81,10 +81,7 @@ class Commissioner : private Output otError Process(Arg aArgs[]); private: - enum - { - kDefaultJoinerTimeout = 120, ///< Default timeout for Joiners, in seconds. - }; + static constexpr uint32_t kDefaultJoinerTimeout = 120; ///< Default timeout for Joiners, in seconds. using Command = CommandEntry; diff --git a/src/cli/cli_srp_client.hpp b/src/cli/cli_srp_client.hpp index 5d96a1366f1..93e7fe35f85 100644 --- a/src/cli/cli_srp_client.hpp +++ b/src/cli/cli_srp_client.hpp @@ -80,11 +80,8 @@ class SrpClient : private Output otError Process(Arg aArgs[]); private: - enum : uint8_t - { - kMaxHostAddresses = OPENTHREAD_CONFIG_SRP_CLIENT_BUFFERS_MAX_HOST_ADDRESSES, - kIndentSize = 4, - }; + static constexpr uint8_t kIndentSize = 4; + static constexpr uint8_t kMaxHostAddresses = OPENTHREAD_CONFIG_SRP_CLIENT_BUFFERS_MAX_HOST_ADDRESSES; using Command = CommandEntry; diff --git a/src/cli/cli_udp.cpp b/src/cli/cli_udp.cpp index 0ec70ccea7d..1651debb2cc 100644 --- a/src/cli/cli_udp.cpp +++ b/src/cli/cli_udp.cpp @@ -399,10 +399,7 @@ otError UdpExample::PrepareAutoGeneratedPayload(otMessage &aMessage, uint16_t aP otError UdpExample::PrepareHexStringPayload(otMessage &aMessage, const char *aHexString) { - enum : uint8_t - { - kBufferSize = 50, - }; + static constexpr uint16_t kBufferSize = 50; otError error; uint8_t buf[kBufferSize]; From 7a2983b01c81009d4be26b3db8a6c7d2257aaa6e Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Tue, 23 Jan 2024 10:07:51 -0800 Subject: [PATCH 076/121] [docs] add TREL config group (#9791) --- doc/ot_config_doc.h | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/ot_config_doc.h b/doc/ot_config_doc.h index 16909d6bd64..564950bce3c 100644 --- a/doc/ot_config_doc.h +++ b/doc/ot_config_doc.h @@ -83,6 +83,7 @@ * @defgroup config-srp-server SRP Server * @defgroup config-time-sync Time Sync Service * @defgroup config-tmf Thread Management Framework Service + * @defgroup config-trel TREL * * @} * From ab28127a2a9e7b7212e1bd943d3f55a4d9db5f4a Mon Sep 17 00:00:00 2001 From: Zhangwx Date: Thu, 25 Jan 2024 07:05:36 +0800 Subject: [PATCH 077/121] [spinel] fix passing an unexpected transmit error to mac layer (#9745) For the Spinel layer, when the state is transmitting, if the received Spinel frame fails parsing, the current implementation passes the `OT_ERROR_PARSE` error code to the sub_mac layer via the tx done handler. This causes an assert because the error code `OT_ERROR_PARSE` is not a valid one for `SubMac::HandleTransmitDone`. Additionally, I believe that when the received Spinel frame fails parsing, we should not trigger a transmit done to the sub_mac layer, as the `TxFrame` and the `AckFrame` may not be valid for further processing. In this corner case, I suggest considering ignoring the parsing-failed received packets, waiting for the tx timeout, and then raising a tx timeout failure to recover the RCP. This might be a reasonable approach. --- src/lib/spinel/radio_spinel.cpp | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/lib/spinel/radio_spinel.cpp b/src/lib/spinel/radio_spinel.cpp index 495a9bb1ce3..15d90b542c2 100644 --- a/src/lib/spinel/radio_spinel.cpp +++ b/src/lib/spinel/radio_spinel.cpp @@ -1763,8 +1763,18 @@ void RadioSpinel::HandleTransmitDone(uint32_t aCommand, } exit: - mState = kStateTransmitDone; - mTxError = error; + // A parse error indicates an RCP misbehavior, so recover the RCP immediately. + mState = kStateTransmitDone; + if (error != OT_ERROR_PARSE) + { + mTxError = error; + } + else + { + mTxError = kErrorAbort; + HandleRcpTimeout(); + RecoverFromRcpFailure(); + } UpdateParseErrorCount(error); LogIfFail("Handle transmit done failed", error); } From b2c8147a31c410f4859e1ffb87df1d4a0ed51738 Mon Sep 17 00:00:00 2001 From: whd <7058128+superwhd@users.noreply.github.com> Date: Fri, 26 Jan 2024 01:28:06 +0800 Subject: [PATCH 078/121] [border-agent] enable `otBorderAgentGetId` API when Border Agent is enabled (#9794) This could simplify the build configuration by omitting `OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE`. --- src/core/common/settings.cpp | 6 +++--- src/core/common/settings.hpp | 6 +++--- src/core/config/border_agent.h | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/core/common/settings.cpp b/src/core/common/settings.cpp index 504eb7c5662..3e1f860eebb 100644 --- a/src/core/common/settings.cpp +++ b/src/core/common/settings.cpp @@ -106,7 +106,7 @@ void SettingsBase::SrpServerInfo::Log(Action aAction) const } #endif -#if OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE +#if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE && OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE void SettingsBase::BorderAgentId::Log(Action aAction) const { char buffer[sizeof(BorderAgentId) * 2 + 1]; @@ -115,7 +115,7 @@ void SettingsBase::BorderAgentId::Log(Action aAction) const sw.AppendHexBytes(GetId().mId, sizeof(BorderAgentId)); LogInfo("%s BorderAgentId {id:%s}", ActionToString(aAction), buffer); } -#endif // OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE +#endif // OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE && OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE #endif // OT_SHOULD_LOG_AT(OT_LOG_LEVEL_INFO) @@ -531,7 +531,7 @@ void Settings::Log(Action aAction, Error aError, Key aKey, const void *aValue) break; #endif -#if OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE +#if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE && OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE case kKeyBorderAgentId: reinterpret_cast(aValue)->Log(aAction); break; diff --git a/src/core/common/settings.hpp b/src/core/common/settings.hpp index 199eb9fe037..9716cb87abb 100644 --- a/src/core/common/settings.hpp +++ b/src/core/common/settings.hpp @@ -767,7 +767,7 @@ class SettingsBase : public InstanceLocator } OT_TOOL_PACKED_END; #endif // OPENTHREAD_CONFIG_SRP_SERVER_ENABLE && OPENTHREAD_CONFIG_SRP_SERVER_PORT_SWITCH_ENABLE -#if OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE +#if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE && OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE /** * Represents the Border Agent ID. * @@ -784,7 +784,7 @@ class SettingsBase : public InstanceLocator * Initializes the `BorderAgentId` object. * */ - void Init(void) { mId = {}; } + void Init(void) { memset(&mId, 0, sizeof(mId)); } /** * Returns the Border Agent ID. @@ -813,7 +813,7 @@ class SettingsBase : public InstanceLocator MeshCoP::BorderAgent::Id mId; } OT_TOOL_PACKED_END; -#endif // OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE +#endif // OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE && OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE protected: explicit SettingsBase(Instance &aInstance) diff --git a/src/core/config/border_agent.h b/src/core/config/border_agent.h index 5769fe17775..9be5db10765 100644 --- a/src/core/config/border_agent.h +++ b/src/core/config/border_agent.h @@ -72,7 +72,7 @@ * */ #ifndef OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE -#define OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE 0 +#define OPENTHREAD_CONFIG_BORDER_AGENT_ID_ENABLE 1 #endif /** From 81106dff8803b58e3138ab21f584145dfa8abcbc Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 25 Jan 2024 14:47:49 -0800 Subject: [PATCH 079/121] [coap-secure] introduce maximum connection attempt limit for CoAP agent (#9694) This commit introduces a new feature in `SecureTransport` and `CoapSecure` that allows us to specify the maximum number of allowed connection attempts before the socket is automatically closed and the CoAP agent is stopped. This can be used to enhance security by preventing attacks and excessive retries. This commit also adds a callback mechanism to notify when the limit is reached and the CoAP agent is stopped. --- src/core/coap/coap_secure.cpp | 42 +++++++++++++++++++++------ src/core/coap/coap_secure.hpp | 30 +++++++++++++++++++ src/core/meshcop/secure_transport.cpp | 40 +++++++++++++++++++++++-- src/core/meshcop/secure_transport.hpp | 31 ++++++++++++++++++++ 4 files changed, 132 insertions(+), 11 deletions(-) diff --git a/src/core/coap/coap_secure.cpp b/src/core/coap/coap_secure.cpp index 1077cecc014..875d6c0f653 100644 --- a/src/core/coap/coap_secure.cpp +++ b/src/core/coap/coap_secure.cpp @@ -55,14 +55,14 @@ CoapSecure::CoapSecure(Instance &aInstance, bool aLayerTwoSecurity) { } -Error CoapSecure::Start(uint16_t aPort) -{ - Error error = kErrorNone; +Error CoapSecure::Start(uint16_t aPort) { return Start(aPort, /* aMaxAttempts */ 0, nullptr, nullptr); } - mConnectedCallback.Clear(); +Error CoapSecure::Start(uint16_t aPort, uint16_t aMaxAttempts, AutoStopCallback aCallback, void *aContext) +{ + Error error; - SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this)); - SuccessOrExit(error = mDtls.Bind(aPort)); + SuccessOrExit(error = Open(aMaxAttempts, aCallback, aContext)); + error = mDtls.Bind(aPort); exit: return error; @@ -70,12 +70,25 @@ Error CoapSecure::Start(uint16_t aPort) Error CoapSecure::Start(MeshCoP::SecureTransport::TransportCallback aCallback, void *aContext) { - Error error = kErrorNone; + Error error; + + SuccessOrExit(error = Open(/* aMaxAttemps */ 0, nullptr, nullptr)); + error = mDtls.Bind(aCallback, aContext); + +exit: + return error; +} + +Error CoapSecure::Open(uint16_t aMaxAttempts, AutoStopCallback aCallback, void *aContext) +{ + Error error = kErrorAlready; + SuccessOrExit(mDtls.SetMaxConnectionAttempts(aMaxAttempts, HandleDtlsAutoClose, this)); + mAutoStopCallback.Set(aCallback, aContext); mConnectedCallback.Clear(); + SuccessOrExit(mDtls.Open(HandleDtlsReceive, HandleDtlsConnected, this)); - SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this)); - SuccessOrExit(error = mDtls.Bind(aCallback, aContext)); + error = kErrorNone; exit: return error; @@ -172,6 +185,17 @@ void CoapSecure::HandleDtlsConnected(void *aContext, bool aConnected) void CoapSecure::HandleDtlsConnected(bool aConnected) { mConnectedCallback.InvokeIfSet(aConnected); } +void CoapSecure::HandleDtlsAutoClose(void *aContext) +{ + return static_cast(aContext)->HandleDtlsAutoClose(); +} + +void CoapSecure::HandleDtlsAutoClose(void) +{ + Stop(); + mAutoStopCallback.InvokeIfSet(); +} + void CoapSecure::HandleDtlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength) { return static_cast(aContext)->HandleDtlsReceive(aBuf, aLength); diff --git a/src/core/coap/coap_secure.hpp b/src/core/coap/coap_secure.hpp index e34ce89ea7c..5461523053b 100644 --- a/src/core/coap/coap_secure.hpp +++ b/src/core/coap/coap_secure.hpp @@ -61,6 +61,15 @@ class CoapSecure : public CoapBase */ typedef void (*ConnectedCallback)(bool aConnected, void *aContext); + /** + * Callback to notify when the agent is automatically stopped due to reaching the maximum number of connection + * attempts. + * + * @param[in] aContext A pointer to arbitrary context information. + * + */ + typedef void (*AutoStopCallback)(void *aContext); + /** * Initializes the object. * @@ -81,6 +90,21 @@ class CoapSecure : public CoapBase */ Error Start(uint16_t aPort); + /** + * Starts the secure CoAP agent and sets the maximum number of allowed connection attempts before stopping the + * agent automatically. + * + * @param[in] aPort The local UDP port to bind to. + * @param[in] aMaxAttempts Maximum number of allowed connection request attempts. Zero indicates no limit. + * @param[in] aCallback Callback to notify if max number of attempts has reached and agent is stopped. + * @param[in] aContext A pointer to arbitrary context to use with `AutoStopCallback`. + * + * @retval kErrorNone Successfully started the CoAP agent. + * @retval kErrorAlready Already started. + * + */ + Error Start(uint16_t aPort, uint16_t aMaxAttempts, AutoStopCallback aCallback, void *aContext); + /** * Starts the secure CoAP agent, but do not use socket to transmit/receive messages. * @@ -382,6 +406,8 @@ class CoapSecure : public CoapBase const Ip6::MessageInfo &GetMessageInfo(void) const { return mDtls.GetMessageInfo(); } private: + Error Open(uint16_t aMaxAttempts, AutoStopCallback aCallback, void *aContext); + static Error Send(CoapBase &aCoapBase, ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo) { return static_cast(aCoapBase).Send(aMessage, aMessageInfo); @@ -391,6 +417,9 @@ class CoapSecure : public CoapBase static void HandleDtlsConnected(void *aContext, bool aConnected); void HandleDtlsConnected(bool aConnected); + static void HandleDtlsAutoClose(void *aContext); + void HandleDtlsAutoClose(void); + static void HandleDtlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength); void HandleDtlsReceive(uint8_t *aBuf, uint16_t aLength); @@ -399,6 +428,7 @@ class CoapSecure : public CoapBase MeshCoP::SecureTransport mDtls; Callback mConnectedCallback; + Callback mAutoStopCallback; ot::MessageQueue mTransmitQueue; TaskletContext mTransmitTask; }; diff --git a/src/core/meshcop/secure_transport.cpp b/src/core/meshcop/secure_transport.cpp index 480456e696b..8db0a9fe275 100644 --- a/src/core/meshcop/secure_transport.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -83,6 +83,8 @@ SecureTransport::SecureTransport(Instance &aInstance, bool aLayerTwoSecurity, bo , mTimerSet(false) , mLayerTwoSecurity(aLayerTwoSecurity) , mDatagramTransport(aDatagramTransport) + , mMaxConnectionAttempts(0) + , mRemainingConnectionAttempts(0) , mReceiveMessage(nullptr) , mSocket(aInstance) , mMessageSubType(Message::kSubTypeNone) @@ -159,18 +161,39 @@ Error SecureTransport::Open(ReceiveHandler aReceiveHandler, ConnectedHandler aCo mConnectedCallback.Set(aConnectedHandler, aContext); mReceiveCallback.Set(aReceiveHandler, aContext); + + mRemainingConnectionAttempts = mMaxConnectionAttempts; + SetState(kStateOpen); exit: return error; } +Error SecureTransport::SetMaxConnectionAttempts(uint16_t aMaxAttempts, AutoCloseCallback aCallback, void *aContext) +{ + Error error = kErrorNone; + + VerifyOrExit(IsStateClosed(), error = kErrorInvalidState); + + mMaxConnectionAttempts = aMaxAttempts; + mAutoCloseCallback.Set(aCallback, aContext); + +exit: + return error; +} + Error SecureTransport::Connect(const Ip6::SockAddr &aSockAddr) { Error error; VerifyOrExit(IsStateOpen(), error = kErrorInvalidState); + if (mRemainingConnectionAttempts > 0) + { + mRemainingConnectionAttempts--; + } + mMessageInfo.SetPeerAddr(aSockAddr.GetAddress()); mMessageInfo.SetPeerPort(aSockAddr.mPort); @@ -191,6 +214,11 @@ void SecureTransport::HandleReceive(Message &aMessage, const Ip6::MessageInfo &a if (IsStateOpen()) { + if (mRemainingConnectionAttempts > 0) + { + mRemainingConnectionAttempts--; + } + IgnoreError(mSocket.Connect(Ip6::SockAddr(aMessageInfo.GetPeerAddr(), aMessageInfo.GetPeerPort()))); mMessageInfo.SetPeerAddr(aMessageInfo.GetPeerAddr()); @@ -388,8 +416,16 @@ Error SecureTransport::Setup(bool aClient) exit: if (IsStateInitializing() && (rval != 0)) { - SetState(kStateOpen); - FreeMbedtls(); + if ((mMaxConnectionAttempts > 0) && (mRemainingConnectionAttempts == 0)) + { + Close(); + mAutoCloseCallback.InvokeIfSet(); + } + else + { + SetState(kStateOpen); + FreeMbedtls(); + } } return Crypto::MbedTls::MapError(rval); diff --git a/src/core/meshcop/secure_transport.hpp b/src/core/meshcop/secure_transport.hpp index ddeb13a8c97..229fdab6932 100644 --- a/src/core/meshcop/secure_transport.hpp +++ b/src/core/meshcop/secure_transport.hpp @@ -128,6 +128,15 @@ class SecureTransport : public InstanceLocator */ typedef Error (*TransportCallback)(void *aContext, ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo); + /** + * Callback to notify when the socket is automatically closed due to reaching the maximum number of connection + * attempts (set from `SetMaxConnectionAttempts()`). + * + * @param[in] aContext A pointer to arbitrary context information. + * + */ + typedef void (*AutoCloseCallback)(void *aContext); + /** * Opens the socket. * @@ -141,6 +150,24 @@ class SecureTransport : public InstanceLocator */ Error Open(ReceiveHandler aReceiveHandler, ConnectedHandler aConnectedHandler, void *aContext); + /** + * Sets the maximum number of allowed connection requests before socket is automatically closed. + * + * This method can be called when socket is closed. Otherwise `kErrorInvalidSatet` is returned. + * + * If @p aMaxAttempts is zero, no limit is applied and connections are allowed until the socket is closed. This is + * the default behavior if `SetMaxConnectionAttempts()` is not called. + * + * @param[in] aMaxAttempts Maximum number of allowed connection attempts. + * @param[in] aCallback Callback to notify when max number of attempts has reached and socket is closed. + * @param[in] aContext A pointer to arbitrary context to use with `AutoCloseCallback`. + * + * @retval kErrorNone Successfully set the maximum allowed connection attempts and callback. + * @retval kErrorInvalidState Socket is not closed. + * + */ + Error SetMaxConnectionAttempts(uint16_t aMaxAttempts, AutoCloseCallback aCallback, void *aContext); + /** * Binds this DTLS to a UDP port. * @@ -616,6 +643,10 @@ class SecureTransport : public InstanceLocator bool mLayerTwoSecurity : 1; bool mDatagramTransport : 1; + uint16_t mMaxConnectionAttempts; + uint16_t mRemainingConnectionAttempts; + Callback mAutoCloseCallback; + Message *mReceiveMessage; Callback mConnectedCallback; From dacdc7d36f0ad5b8b04b69c1e06efe22cd1993b8 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 25 Jan 2024 15:14:58 -0800 Subject: [PATCH 080/121] [ip6] add method for creating/parsing IPv4-mapped IPv6 address (#9799) The IPv4-mapped IPv6 address is useful in certain platform/public APIs where we need to support both IPv6 or IPv4 address. We can use IPv4-mapped IPv6 address to represent an IPv4 address. This commit adds simple helper functions to validate, create and parse such addresses. --- include/openthread/instance.h | 2 +- include/openthread/nat64.h | 24 +++++++++++++++++++++ src/core/api/nat64_api.cpp | 10 +++++++++ src/core/net/ip4_types.cpp | 11 ++++++++++ src/core/net/ip4_types.hpp | 11 ++++++++++ src/core/net/ip6_address.cpp | 12 +++++++++++ src/core/net/ip6_address.hpp | 21 ++++++++++++++++++ tests/unit/test_ip_address.cpp | 39 ++++++++++++++++++++++++++++++++++ 8 files changed, 129 insertions(+), 1 deletion(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 58f33e64d82..47de8daef2b 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (390) +#define OPENTHREAD_API_VERSION (391) /** * @addtogroup api-instance diff --git a/include/openthread/nat64.h b/include/openthread/nat64.h index 930c4c34233..61fe1b697b7 100644 --- a/include/openthread/nat64.h +++ b/include/openthread/nat64.h @@ -416,6 +416,30 @@ bool otIp4IsAddressEqual(const otIp4Address *aFirst, const otIp4Address *aSecond */ void otIp4ExtractFromIp6Address(uint8_t aPrefixLength, const otIp6Address *aIp6Address, otIp4Address *aIp4Address); +/** + * Extracts the IPv4 address from a given IPv4-mapped IPv6 address. + * + * An IPv4-mapped IPv6 address consists of an 80-bit prefix of zeros, the next 16 bits set to ones, and the remaining, + * least-significant 32 bits contain the IPv4 address, e.g., `::ffff:192.0.2.128` representing `192.0.2.128`. + * + * @param[in] aIp6Address An IPv6 address to extract IPv4 from. + * @param[out] aIp4Address An IPv4 address to output the extracted address. + * + * @retval OT_ERROR_NONE Extracted the IPv4 address successfully. @p aIp4Address is updated. + * @retval OT_ERROR_PARSE The @p aIp6Address does not follow the IPv4-mapped IPv6 address format. + * + */ +otError otIp4FromIp4MappedIp6Address(const otIp6Address *aIp6Address, otIp4Address *aIp4Address); + +/** + * Converts a given IP4 address to an IPv6 address following the IPv4-mapped IPv6 address format. + * + * @param[in] aIp4Address An IPv4 address to convert. + * @param[out] aIp6Address An IPv6 address to set. + * + */ +void otIp4ToIp4MappedIp6Address(const otIp4Address *aIp4Address, otIp6Address *aIp6Address); + #define OT_IP4_ADDRESS_STRING_SIZE 17 ///< Length of 000.000.000.000 plus a suffix NUL /** diff --git a/src/core/api/nat64_api.cpp b/src/core/api/nat64_api.cpp index 02aa785b45a..f2130e6bcef 100644 --- a/src/core/api/nat64_api.cpp +++ b/src/core/api/nat64_api.cpp @@ -140,6 +140,16 @@ void otIp4ExtractFromIp6Address(uint8_t aPrefixLength, const otIp6Address *aIp6A AsCoreType(aIp4Address).ExtractFromIp6Address(aPrefixLength, AsCoreType(aIp6Address)); } +otError otIp4FromIp4MappedIp6Address(const otIp6Address *aIp6Address, otIp4Address *aIp4Address) +{ + return AsCoreType(aIp4Address).ExtractFromIp4MappedIp6Address(AsCoreType(aIp6Address)); +} + +void otIp4ToIp4MappedIp6Address(const otIp4Address *aIp4Address, otIp6Address *aIp6Address) +{ + AsCoreType(aIp6Address).SetToIp4Mapped(AsCoreType(aIp4Address)); +} + otError otIp4AddressFromString(const char *aString, otIp4Address *aAddress) { AssertPointerIsNotNull(aString); diff --git a/src/core/net/ip4_types.cpp b/src/core/net/ip4_types.cpp index 7f03a3e0e46..472dee003c5 100644 --- a/src/core/net/ip4_types.cpp +++ b/src/core/net/ip4_types.cpp @@ -66,6 +66,17 @@ Error Address::FromString(const char *aString, char aTerminatorChar) return error; } +Error Address::ExtractFromIp4MappedIp6Address(const Ip6::Address &aIp6Address) +{ + Error error = kErrorNone; + + VerifyOrExit(aIp6Address.IsIp4Mapped(), error = kErrorParse); + SetBytes(&aIp6Address.GetBytes()[12]); + +exit: + return error; +} + void Address::ExtractFromIp6Address(uint8_t aPrefixLength, const Ip6::Address &aIp6Address) { // The prefix length must be 32, 40, 48, 56, 64, 96. IPv4 bytes are added diff --git a/src/core/net/ip4_types.hpp b/src/core/net/ip4_types.hpp index 8095a818aaf..169fe3dcffa 100644 --- a/src/core/net/ip4_types.hpp +++ b/src/core/net/ip4_types.hpp @@ -122,6 +122,17 @@ class Address : public otIp4Address, public Equatable
, public Clearable */ void SetBytes(const uint8_t *aBuffer) { memcpy(mFields.m8, aBuffer, kSize); } + /** + * Sets the IPv4 address from a given IPv4-mapped IPv6 address. + * + * @param[in] aIp6Address An IPv6 address. + * + * @retval kErrorNone Set the IPv4 address successfully. + * @retval kErrorPase The @p aIp6Address does not follow the IPv4-mapped IPv6 address format. + * + */ + Error ExtractFromIp4MappedIp6Address(const Ip6::Address &aIp6Address); + /** * Sets the IPv4 address by performing NAT64 address translation from a given IPv6 address as specified * in RFC 6052. diff --git a/src/core/net/ip6_address.cpp b/src/core/net/ip6_address.cpp index 4c092267ecd..8e5cdc869de 100644 --- a/src/core/net/ip6_address.cpp +++ b/src/core/net/ip6_address.cpp @@ -388,6 +388,18 @@ bool Address::IsRealmLocalAllMplForwarders(void) const { return (*this == GetRea void Address::SetToRealmLocalAllMplForwarders(void) { *this = GetRealmLocalAllMplForwarders(); } +bool Address::IsIp4Mapped(void) const +{ + return (mFields.m32[0] == 0) && (mFields.m32[1] == 0) && (mFields.m32[2] == BigEndian::HostSwap32(0xffff)); +} + +void Address::SetToIp4Mapped(const Ip4::Address &aIp4Address) +{ + Clear(); + mFields.m16[5] = 0xffff; + memcpy(&mFields.m8[12], aIp4Address.GetBytes(), sizeof(Ip4::Address)); +} + bool Address::MatchesPrefix(const Prefix &aPrefix) const { return Prefix::MatchLength(mFields.m8, aPrefix.GetBytes(), aPrefix.GetBytesSize()) >= aPrefix.GetLength(); diff --git a/src/core/net/ip6_address.hpp b/src/core/net/ip6_address.hpp index b066557de6d..d7dfe49691d 100644 --- a/src/core/net/ip6_address.hpp +++ b/src/core/net/ip6_address.hpp @@ -808,6 +808,27 @@ class Address : public otIp6Address, public Equatable
, public Clearable SetToLocator(aNetworkPrefix, aAloc16); } + /** + * Indicates whether or not the IPv6 address follows the IPv4-mapped format. + * + * An IPv4-mapped IPv6 address consists of an 80-bit prefix of zeros, the next 16 bits set to ones, and the + * remaining, least-significant 32 bits contain the IPv4 address, e.g., `::ffff:192.0.2.128` representing + * `192.0.2.128` IPv4 address. + * + * @retval TRUE If the IPv6 address follows the IPv4-mapped format. + * @retval FALSE If the IPv6 address does not follow the IPv4-mapped format. + * + */ + bool IsIp4Mapped(void) const; + + /** + * Sets the IPv6 address to follow the IPv4-mapped IPv6 address for a given IPv4 address. + * + * @param[in] aIp4Address An IPv4 address. + * + */ + void SetToIp4Mapped(const Ip4::Address &aIp4Address); + /** * Returns the Network Prefix of the IPv6 address (most significant 64 bits of the address). * diff --git a/tests/unit/test_ip_address.cpp b/tests/unit/test_ip_address.cpp index 746ac02c0d4..221002652ec 100644 --- a/tests/unit/test_ip_address.cpp +++ b/tests/unit/test_ip_address.cpp @@ -758,6 +758,44 @@ void TestIp6PrefixTidy(void) } } +void TestIp4MappedIp6Address(void) +{ + const uint8_t kIp4Address[] = {192, 0, 2, 33}; + + const char *kInvalidIp4MappedFormats[] = { + "8000::ffff:192.0.2.23", "0:400::ffff:192.0.2.23", "0:0:1::ffff:192.0.2.23", "0:0:0:4:0:ffff:192.0.2.23", + "0:0:0:0:1:ffff:192.0.2.23", "::fffe:192.0.2.23", "::efff:192.0.2.23", + }; + + Ip4::Address expectedIp4Address; + Ip4::Address ip4Address; + Ip6::Address expectedIp6Address; + Ip6::Address ip6Address; + + printf("\nTestIp4MappedIp6Address()\n"); + + expectedIp4Address.SetBytes(kIp4Address); + + SuccessOrQuit(expectedIp6Address.FromString("::ffff:192.0.2.33")); + ip6Address.SetToIp4Mapped(expectedIp4Address); + + printf("IPv4-mapped IPv6 address: %s\n", ip6Address.ToString().AsCString()); + + VerifyOrQuit(ip6Address.IsIp4Mapped()); + VerifyOrQuit(ip6Address == expectedIp6Address); + + SuccessOrQuit(ip4Address.ExtractFromIp4MappedIp6Address(ip6Address)); + VerifyOrQuit(ip4Address == expectedIp4Address); + + for (const char *invalidIp4MappedAddr : kInvalidIp4MappedFormats) + { + SuccessOrQuit(ip6Address.FromString(invalidIp4MappedAddr)); + printf("Invalid IPv4-mapped IPv6 address: %s -> %s\n", invalidIp4MappedAddr, ip6Address.ToString().AsCString()); + VerifyOrQuit(!ip6Address.IsIp4Mapped()); + VerifyOrQuit(ip4Address.ExtractFromIp4MappedIp6Address(ip6Address) != kErrorNone); + } +} + void TestIp4Ip6Translation(void) { struct TestCase @@ -884,6 +922,7 @@ int main(void) ot::TestIp6PrefixFromString(); ot::TestIp6Prefix(); ot::TestIp6PrefixTidy(); + ot::TestIp4MappedIp6Address(); ot::TestIp4Ip6Translation(); ot::TestIp4Cidr(); ot::TestIp4CidrFromString(); From f718ad7a097c54b05f05f602f41d7d4139e25cd1 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Fri, 26 Jan 2024 15:59:49 -0800 Subject: [PATCH 081/121] [coap-secure] fix and test to validate max connection attempt limit (#9803) This commit contains the following - It fixes `SecureTransport` to ensure we do the max connection attempt check when transitioning from `kStateCloseNotify`. - It adds new public `otCoapSecure` APIs to start the agent with a given max connection attempts, and to check the agent's state, whether it is connected, connecting or closed. - It adds CLI commands under `coaps` for the new APIs. - It adds `test-026-coaps-conn-limit.py` to validate the max connection attempt limit of CoAP secure agent. --- include/openthread/coap_secure.h | 40 +++++++ include/openthread/instance.h | 2 +- src/cli/README_COAPS.md | 37 ++++++- src/cli/cli_coap_secure.cpp | 46 +++++++- src/cli/cli_coap_secure.hpp | 1 + src/core/api/coap_secure_api.cpp | 11 ++ src/core/coap/coap_secure.hpp | 13 ++- src/core/meshcop/secure_transport.cpp | 15 ++- src/core/meshcop/secure_transport.hpp | 9 ++ tests/toranj/cli/test-026-coaps-conn-limit.py | 104 ++++++++++++++++++ ...openthread-core-toranj-config-simulation.h | 4 + tests/toranj/start.sh | 1 + 12 files changed, 269 insertions(+), 14 deletions(-) create mode 100755 tests/toranj/cli/test-026-coaps-conn-limit.py diff --git a/include/openthread/coap_secure.h b/include/openthread/coap_secure.h index 6a96ea3d754..25b56bf40f7 100644 --- a/include/openthread/coap_secure.h +++ b/include/openthread/coap_secure.h @@ -76,6 +76,15 @@ extern "C" { */ typedef void (*otHandleCoapSecureClientConnect)(bool aConnected, void *aContext); +/** + * Callback function pointer to notify when the CoAP secure agent is automatically stopped due to reaching the maximum + * number of connection attempts. + * + * @param[in] aContext A pointer to arbitrary context information. + * + */ +typedef void (*otCoapSecureAutoStopCallback)(void *aContext); + /** * Starts the CoAP Secure service. * @@ -87,6 +96,26 @@ typedef void (*otHandleCoapSecureClientConnect)(bool aConnected, void *aContext) */ otError otCoapSecureStart(otInstance *aInstance, uint16_t aPort); +/** + * Starts the CoAP secure service and sets the maximum number of allowed connection attempts before stopping the + * agent automatically. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aPort The local UDP port to bind to. + * @param[in] aMaxAttempts Maximum number of allowed connection request attempts. Zero indicates no limit. + * @param[in] aCallback Callback to notify if max number of attempts has reached and agent is stopped. + * @param[in] aContext A pointer to arbitrary context to use with @p aCallback. + * + * @retval OT_ERROR_NONE Successfully started the CoAP agent. + * @retval OT_ERROR_ALREADY Already started. + * + */ +otError otCoapSecureStartWithMaxConnAttempts(otInstance *aInstance, + uint16_t aPort, + uint16_t aMaxAttempts, + otCoapSecureAutoStopCallback aCallback, + void *aContext); + /** * Stops the CoAP Secure server. * @@ -230,6 +259,17 @@ bool otCoapSecureIsConnected(otInstance *aInstance); */ bool otCoapSecureIsConnectionActive(otInstance *aInstance); +/** + * Indicates whether or not the DTLS session is closed. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @retval TRUE The DTLS session is closed. + * @retval FALSE The DTLS session is not closed. + * + */ +bool otCoapSecureIsClosed(otInstance *aInstance); + /** * Sends a CoAP request block-wise over secure DTLS connection. * diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 47de8daef2b..f94151c367e 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (391) +#define OPENTHREAD_API_VERSION (392) /** * @addtogroup api-instance diff --git a/src/cli/README_COAPS.md b/src/cli/README_COAPS.md index c8c91fa62fc..6316fb496dc 100644 --- a/src/cli/README_COAPS.md +++ b/src/cli/README_COAPS.md @@ -87,6 +87,9 @@ coaps response sent - [delete](#delete-uri-path-type-payload) - [disconnect](#disconnect) - [get](#get-uri-path-type) +- [isclosed](#isclosed) +- [isconnactive](#isconnactive) +- [isconnected](#isconnected) - [post](#post-uri-path-type-payload) - [psk](#psk-psk-pskid) - [put](#put-uri-path-type-payload) @@ -102,11 +105,13 @@ coaps response sent ```bash > coaps help -help connect delete disconnect get +isclosed +isconnactive +isconnected post psk put @@ -251,6 +256,36 @@ Stops the application coaps service. Done ``` +### isconnected + +Indicates whether or not the CoAP secure service is connected. + +```bash +> coaps isconnected +yes +Done +``` + +### isconnactive + +Indicates whether or not the CoAP secure service connection is active (already connected or establishing a connection). + +```bash +> coaps isconnactive +yes +Done +``` + +### isclosed + +Indicates whether or not the CoAP secure service is closed. + +```bash +> coaps isclosed +no +Done +``` + ### x509 Set DTLS ciphersuite to `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8`. diff --git a/src/cli/cli_coap_secure.cpp b/src/cli/cli_coap_secure.cpp index 518e9075d53..e22352ff20a 100644 --- a/src/cli/cli_coap_secure.cpp +++ b/src/cli/cli_coap_secure.cpp @@ -149,8 +149,9 @@ template <> otError CoapSecure::Process(Arg aArgs[]) template <> otError CoapSecure::Process(Arg aArgs[]) { - otError error = OT_ERROR_NONE; - bool verifyPeerCert = true; + otError error = OT_ERROR_NONE; + bool verifyPeerCert = true; + uint16_t maxConnAttempts = 0; if (!aArgs[0].IsEmpty()) { @@ -158,9 +159,13 @@ template <> otError CoapSecure::Process(Arg aArgs[]) { verifyPeerCert = false; } + else if (aArgs[0] == "true") + { + verifyPeerCert = true; + } else { - VerifyOrExit(aArgs[0] == "true", error = OT_ERROR_INVALID_ARGS); + SuccessOrExit(error = aArgs[0].ParseAsUint16(maxConnAttempts)); } } @@ -171,7 +176,8 @@ template <> otError CoapSecure::Process(Arg aArgs[]) otCoapSecureSetDefaultHandler(GetInstancePtr(), &CoapSecure::DefaultHandler, this); #endif - error = otCoapSecureStart(GetInstancePtr(), OT_DEFAULT_COAP_SECURE_PORT); + error = otCoapSecureStartWithMaxConnAttempts(GetInstancePtr(), OT_DEFAULT_COAP_SECURE_PORT, maxConnAttempts, + nullptr, nullptr); exit: return error; @@ -200,6 +206,32 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return OT_ERROR_NONE; } +template <> otError CoapSecure::Process(Arg aArgs[]) +{ + return ProcessIsRequest(aArgs, otCoapSecureIsClosed); +} + +template <> otError CoapSecure::Process(Arg aArgs[]) +{ + return ProcessIsRequest(aArgs, otCoapSecureIsConnected); +} + +template <> otError CoapSecure::Process(Arg aArgs[]) +{ + return ProcessIsRequest(aArgs, otCoapSecureIsConnectionActive); +} + +otError CoapSecure::ProcessIsRequest(Arg aArgs[], bool (*IsChecker)(otInstance *)) +{ + otError error = OT_ERROR_NONE; + + VerifyOrExit(aArgs[0].IsEmpty(), error = OT_ERROR_INVALID_ARGS); + OutputLine("%s", IsChecker(GetInstancePtr()) ? "yes" : "no"); + +exit: + return error; +} + template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_GET); } template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_POST); } @@ -442,11 +474,13 @@ otError CoapSecure::Process(Arg aArgs[]) } static constexpr Command kCommands[] = { - CmdEntry("connect"), CmdEntry("delete"), CmdEntry("disconnect"), CmdEntry("get"), CmdEntry("post"), + CmdEntry("connect"), CmdEntry("delete"), CmdEntry("disconnect"), CmdEntry("get"), + CmdEntry("isclosed"), CmdEntry("isconnactive"), CmdEntry("isconnected"), CmdEntry("post"), #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED CmdEntry("psk"), #endif - CmdEntry("put"), CmdEntry("resource"), CmdEntry("set"), CmdEntry("start"), CmdEntry("stop"), + CmdEntry("put"), CmdEntry("resource"), CmdEntry("set"), CmdEntry("start"), + CmdEntry("stop"), #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED CmdEntry("x509"), #endif diff --git a/src/cli/cli_coap_secure.hpp b/src/cli/cli_coap_secure.hpp index dd26ebf6c00..a09dfed027c 100644 --- a/src/cli/cli_coap_secure.hpp +++ b/src/cli/cli_coap_secure.hpp @@ -103,6 +103,7 @@ class CoapSecure : private Output template otError Process(Arg aArgs[]); otError ProcessRequest(Arg aArgs[], otCoapCode aCoapCode); + otError ProcessIsRequest(Arg aArgs[], bool (*IsChecker)(otInstance *)); void Stop(void); diff --git a/src/core/api/coap_secure_api.cpp b/src/core/api/coap_secure_api.cpp index 2ba31a26242..e5ac4c01467 100644 --- a/src/core/api/coap_secure_api.cpp +++ b/src/core/api/coap_secure_api.cpp @@ -50,6 +50,15 @@ otError otCoapSecureStart(otInstance *aInstance, uint16_t aPort) return AsCoreType(aInstance).GetApplicationCoapSecure().Start(aPort); } +otError otCoapSecureStartWithMaxConnAttempts(otInstance *aInstance, + uint16_t aPort, + uint16_t aMaxAttempts, + otCoapSecureAutoStopCallback aCallback, + void *aContext) +{ + return AsCoreType(aInstance).GetApplicationCoapSecure().Start(aPort, aMaxAttempts, aCallback, aContext); +} + #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED void otCoapSecureSetCertificate(otInstance *aInstance, const uint8_t *aX509Cert, @@ -122,6 +131,8 @@ bool otCoapSecureIsConnectionActive(otInstance *aInstance) return AsCoreType(aInstance).GetApplicationCoapSecure().IsConnectionActive(); } +bool otCoapSecureIsClosed(otInstance *aInstance) { return AsCoreType(aInstance).GetApplicationCoapSecure().IsClosed(); } + void otCoapSecureStop(otInstance *aInstance) { AsCoreType(aInstance).GetApplicationCoapSecure().Stop(); } #if OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE diff --git a/src/core/coap/coap_secure.hpp b/src/core/coap/coap_secure.hpp index 5461523053b..0565ef56200 100644 --- a/src/core/coap/coap_secure.hpp +++ b/src/core/coap/coap_secure.hpp @@ -65,10 +65,8 @@ class CoapSecure : public CoapBase * Callback to notify when the agent is automatically stopped due to reaching the maximum number of connection * attempts. * - * @param[in] aContext A pointer to arbitrary context information. - * */ - typedef void (*AutoStopCallback)(void *aContext); + typedef otCoapSecureAutoStopCallback AutoStopCallback; /** * Initializes the object. @@ -165,6 +163,15 @@ class CoapSecure : public CoapBase */ bool IsConnected(void) const { return mDtls.IsConnected(); } + /** + * Indicates whether or not the DTLS session is closed. + * + * @retval TRUE The DTLS session is closed + * @retval FALSE The DTLS session is not closed. + * + */ + bool IsClosed(void) const { return mDtls.IsClosed(); } + /** * Stops the DTLS connection. * diff --git a/src/core/meshcop/secure_transport.cpp b/src/core/meshcop/secure_transport.cpp index 8db0a9fe275..acb7b5d96e8 100644 --- a/src/core/meshcop/secure_transport.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -1053,9 +1053,18 @@ void SecureTransport::HandleTimer(void) } else if (IsStateCloseNotify()) { - SetState(kStateOpen); - mTimer.Stop(); - mConnectedCallback.InvokeIfSet(false); + if ((mMaxConnectionAttempts > 0) && (mRemainingConnectionAttempts == 0)) + { + Close(); + mConnectedCallback.InvokeIfSet(false); + mAutoCloseCallback.InvokeIfSet(); + } + else + { + SetState(kStateOpen); + mTimer.Stop(); + mConnectedCallback.InvokeIfSet(false); + } } } diff --git a/src/core/meshcop/secure_transport.hpp b/src/core/meshcop/secure_transport.hpp index 229fdab6932..4641ef537e2 100644 --- a/src/core/meshcop/secure_transport.hpp +++ b/src/core/meshcop/secure_transport.hpp @@ -234,6 +234,15 @@ class SecureTransport : public InstanceLocator */ bool IsConnected(void) const { return mState == kStateConnected; } + /** + * Indicates whether or not the session is closed. + * + * @retval TRUE The session is closed. + * @retval FALSE The session is not closed. + * + */ + bool IsClosed(void) const { return mState == kStateClosed; } + /** * Disconnects the session. * diff --git a/tests/toranj/cli/test-026-coaps-conn-limit.py b/tests/toranj/cli/test-026-coaps-conn-limit.py new file mode 100755 index 00000000000..6684dbe0035 --- /dev/null +++ b/tests/toranj/cli/test-026-coaps-conn-limit.py @@ -0,0 +1,104 @@ +#!/usr/bin/env python3 +# +# Copyright (c) 2024, The OpenThread Authors. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. Neither the name of the copyright holder nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +from cli import verify +from cli import verify_within +import cli +import time + +# ----------------------------------------------------------------------------------------------------------------------- +# Test description: +# +# Validate CoaP secure agent related to the maximum number of allowed connection attempts before the socket is a +# automatically closed and the agent is stopped. +# +# +# Network topology +# +# r1 ---- r2 +# + +test_name = __file__[:-3] if __file__.endswith('.py') else __file__ +print('-' * 120) +print('Starting \'{}\''.format(test_name)) + +# ----------------------------------------------------------------------------------------------------------------------- +# Creating `cli.Node` instances + +speedup = 40 +cli.Node.set_time_speedup_factor(speedup) + +r1 = cli.Node() +r2 = cli.Node() + +# ----------------------------------------------------------------------------------------------------------------------- +# Form topology + +r1.form('coaps-conn-lmt') +r2.join(r1) + +verify(r1.get_state() == 'leader') +verify(r2.get_state() == 'router') + +# ----------------------------------------------------------------------------------------------------------------------- +# Test Implementation + +r1.cli('coaps psk RIGHT 1234') + +# Set max connection attempts to 3 +r1.cli('coaps start 3') + +r1_mleid = r1.get_mleid_ip_addr() + +r2.cli('coaps psk WRONG 1234') +r2.cli('coaps start') + +# First connection attempt +r2.cli('coaps connect', r1_mleid) +time.sleep(0.1) +verify(r1.cli('coaps isconnactive')[-1] == 'no') +verify(r1.cli('coaps isclosed')[-1] == 'no') + +# Second connection attempt +r2.cli('coaps connect', r1_mleid) +time.sleep(0.1) +verify(r1.cli('coaps isconnactive')[-1] == 'no') +verify(r1.cli('coaps isclosed')[-1] == 'no') + +# Third connection attempt +r2.cli('coaps connect', r1_mleid) +time.sleep(0.1) +verify(r1.cli('coaps isconnactive')[-1] == 'no') +verify(r1.cli('coaps isclosed')[-1] == 'yes') + +# ----------------------------------------------------------------------------------------------------------------------- +# Test finished + +cli.Node.finalize_all_nodes() + +print('\'{}\' passed.'.format(test_name)) diff --git a/tests/toranj/openthread-core-toranj-config-simulation.h b/tests/toranj/openthread-core-toranj-config-simulation.h index 8a1063c5cbd..facfce9de0b 100644 --- a/tests/toranj/openthread-core-toranj-config-simulation.h +++ b/tests/toranj/openthread-core-toranj-config-simulation.h @@ -45,6 +45,10 @@ #endif +#define OPENTHREAD_CONFIG_COAP_API_ENABLE 1 + +#define OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE 1 + #define OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE 0 #define OPENTHREAD_CONFIG_PLATFORM_FLASH_API_ENABLE 1 diff --git a/tests/toranj/start.sh b/tests/toranj/start.sh index 3e07304e63e..742a0498a68 100755 --- a/tests/toranj/start.sh +++ b/tests/toranj/start.sh @@ -190,6 +190,7 @@ if [ "$TORANJ_CLI" = 1 ]; then run cli/test-023-mesh-diag.py run cli/test-024-mle-adv-imax-change.py run cli/test-025-mesh-local-prefix-change.py + run cli/test-026-coaps-conn-limit.py run cli/test-400-srp-client-server.py run cli/test-601-channel-manager-channel-change.py # Skip the "channel-select" test on a TREL only radio link, since it From bf587dd09005abc49a5595f8691afb9512fac9c1 Mon Sep 17 00:00:00 2001 From: parag-silabs <111579455+parag-silabs@users.noreply.github.com> Date: Fri, 26 Jan 2024 19:01:35 -0500 Subject: [PATCH 082/121] [multipan] Fix for multipan use case to handle tx timeout. (#9781) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There are two changes: 1. Address the issue of handling tx timeout in case of multipan enabled. When RCP recovery initiates due to a timeout, the SPINEL attempts to transition to the Rx state and switch channels to initialize the RCP. However, these actions should be ignored when operating as Multiprotocol RCP, as another host/protocol might be scanning, and encountering the Rx state or channel switch could result in an error. Considering such scenarios, ignore the error rather than assert it for multipan. 2. Make the CMake option OT_MULTIPAN_RCP depend on the compile time value OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE, rather than being initialized to OFF. --- etc/cmake/options.cmake | 2 +- src/lib/spinel/radio_spinel.cpp | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/etc/cmake/options.cmake b/etc/cmake/options.cmake index ecb2d52d3a5..05176dea26f 100644 --- a/etc/cmake/options.cmake +++ b/etc/cmake/options.cmake @@ -218,6 +218,7 @@ ot_option(OT_MESH_DIAG OPENTHREAD_CONFIG_MESH_DIAG_ENABLE "mesh diag") ot_option(OT_MESSAGE_USE_HEAP OPENTHREAD_CONFIG_MESSAGE_USE_HEAP_ENABLE "heap allocator for message buffers") ot_option(OT_MLE_LONG_ROUTES OPENTHREAD_CONFIG_MLE_LONG_ROUTES_ENABLE "MLE long routes extension (experimental)") ot_option(OT_MLR OPENTHREAD_CONFIG_MLR_ENABLE "Multicast Listener Registration (MLR)") +ot_option(OT_MULTIPAN_RCP OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE "enable multi-PAN RCP") ot_option(OT_MULTIPLE_INSTANCE OPENTHREAD_CONFIG_MULTIPLE_INSTANCE_ENABLE "multiple instances") ot_option(OT_NAT64_BORDER_ROUTING OPENTHREAD_CONFIG_NAT64_BORDER_ROUTING_ENABLE "border routing NAT64") ot_option(OT_NAT64_TRANSLATOR OPENTHREAD_CONFIG_NAT64_TRANSLATOR_ENABLE "NAT64 translator support") @@ -248,7 +249,6 @@ ot_option(OT_UDP_FORWARD OPENTHREAD_CONFIG_UDP_FORWARD_ENABLE "UDP forward") ot_option(OT_UPTIME OPENTHREAD_CONFIG_UPTIME_ENABLE "uptime") option(OT_DOC "build OpenThread documentation") -option(OT_MULTIPAN_RCP "Multi-PAN RCP" OFF) message(STATUS "- - - - - - - - - - - - - - - - ") # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/lib/spinel/radio_spinel.cpp b/src/lib/spinel/radio_spinel.cpp index 15d90b542c2..6b03b5b30e9 100644 --- a/src/lib/spinel/radio_spinel.cpp +++ b/src/lib/spinel/radio_spinel.cpp @@ -2138,12 +2138,22 @@ void RadioSpinel::RecoverFromRcpFailure(void) case kStateSleep: break; case kStateReceive: +#if OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE + // In case multiple PANs are running, don't force RCP to receive state. + IgnoreError(Set(SPINEL_PROP_MAC_RAW_STREAM_ENABLED, SPINEL_DATATYPE_BOOL_S, true)); +#else SuccessOrDie(Set(SPINEL_PROP_MAC_RAW_STREAM_ENABLED, SPINEL_DATATYPE_BOOL_S, true)); +#endif mState = kStateReceive; break; case kStateTransmitting: case kStateTransmitDone: +#if OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE + // In case multiple PANs are running, don't force RCP to receive state. + IgnoreError(Set(SPINEL_PROP_MAC_RAW_STREAM_ENABLED, SPINEL_DATATYPE_BOOL_S, true)); +#else SuccessOrDie(Set(SPINEL_PROP_MAC_RAW_STREAM_ENABLED, SPINEL_DATATYPE_BOOL_S, true)); +#endif mTxError = OT_ERROR_ABORT; mState = kStateTransmitDone; break; @@ -2168,7 +2178,12 @@ void RadioSpinel::RestoreProperties(void) SuccessOrDie(Set(SPINEL_PROP_MAC_15_4_PANID, SPINEL_DATATYPE_UINT16_S, mPanId)); SuccessOrDie(Set(SPINEL_PROP_MAC_15_4_SADDR, SPINEL_DATATYPE_UINT16_S, mShortAddress)); SuccessOrDie(Set(SPINEL_PROP_MAC_15_4_LADDR, SPINEL_DATATYPE_EUI64_S, mExtendedAddress.m8)); +#if OPENTHREAD_CONFIG_MULTIPAN_RCP_ENABLE + // In case multiple PANs are running, don't force RCP to change channel. + IgnoreError(Set(SPINEL_PROP_PHY_CHAN, SPINEL_DATATYPE_UINT8_S, mChannel)); +#else SuccessOrDie(Set(SPINEL_PROP_PHY_CHAN, SPINEL_DATATYPE_UINT8_S, mChannel)); +#endif if (mMacKeySet) { From 4dae833c54b0268a6bc1f805722fad917524db8f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jan 2024 09:41:19 -0800 Subject: [PATCH 083/121] github-actions: bump github/codeql-action from 2.22.5 to 3.23.2 (#9810) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 3.23.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/74483a38d39275f33fcff5f35b679b5ca4a26a99...b7bf0a3ed3ecfa44160715d7c442788f65f0f923) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/scorecards.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 17044aa7184..9348dc4ddff 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -66,7 +66,7 @@ jobs: sudo apt-get --no-install-recommends install -y ninja-build libreadline-dev libncurses-dev - name: Initialize CodeQL - uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/init@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3.23.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -80,6 +80,6 @@ jobs: ./script/test build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/analyze@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3.23.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 850571bc3d1..5fd261bfaf5 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -95,6 +95,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.1.27 + uses: github/codeql-action/upload-sarif@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v2.1.27 with: sarif_file: results.sarif From c73829fdbf5b0019dc611e913674021492c3fa9e Mon Sep 17 00:00:00 2001 From: Rongli Sun Date: Tue, 30 Jan 2024 08:02:50 +0800 Subject: [PATCH 084/121] [net-diag] add Eui64Tlv support (#9795) --- include/openthread/instance.h | 2 +- include/openthread/netdiag.h | 57 +++++++++++---------- src/cli/cli.cpp | 24 ++++++--- src/core/thread/network_diagnostic.cpp | 13 +++++ src/core/thread/network_diagnostic_tlvs.hpp | 7 +++ 5 files changed, 67 insertions(+), 36 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index f94151c367e..cab6333a30f 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (392) +#define OPENTHREAD_API_VERSION (393) /** * @addtogroup api-instance diff --git a/include/openthread/netdiag.h b/include/openthread/netdiag.h index 040ad75d1e4..95559525715 100644 --- a/include/openthread/netdiag.h +++ b/include/openthread/netdiag.h @@ -66,33 +66,35 @@ extern "C" { enum { - OT_NETWORK_DIAGNOSTIC_TLV_EXT_ADDRESS = 0, ///< MAC Extended Address TLV - OT_NETWORK_DIAGNOSTIC_TLV_SHORT_ADDRESS = 1, ///< Address16 TLV - OT_NETWORK_DIAGNOSTIC_TLV_MODE = 2, ///< Mode TLV - OT_NETWORK_DIAGNOSTIC_TLV_TIMEOUT = 3, ///< Timeout TLV (the maximum polling time period for SEDs) - OT_NETWORK_DIAGNOSTIC_TLV_CONNECTIVITY = 4, ///< Connectivity TLV - OT_NETWORK_DIAGNOSTIC_TLV_ROUTE = 5, ///< Route64 TLV - OT_NETWORK_DIAGNOSTIC_TLV_LEADER_DATA = 6, ///< Leader Data TLV - OT_NETWORK_DIAGNOSTIC_TLV_NETWORK_DATA = 7, ///< Network Data TLV - OT_NETWORK_DIAGNOSTIC_TLV_IP6_ADDR_LIST = 8, ///< IPv6 Address List TLV - OT_NETWORK_DIAGNOSTIC_TLV_MAC_COUNTERS = 9, ///< MAC Counters TLV - OT_NETWORK_DIAGNOSTIC_TLV_BATTERY_LEVEL = 14, ///< Battery Level TLV - OT_NETWORK_DIAGNOSTIC_TLV_SUPPLY_VOLTAGE = 15, ///< Supply Voltage TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHILD_TABLE = 16, ///< Child Table TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHANNEL_PAGES = 17, ///< Channel Pages TLV - OT_NETWORK_DIAGNOSTIC_TLV_TYPE_LIST = 18, ///< Type List TLV - OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT = 19, ///< Max Child Timeout TLV - OT_NETWORK_DIAGNOSTIC_TLV_VERSION = 24, ///< Version TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME = 25, ///< Vendor Name TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_MODEL = 26, ///< Vendor Model TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_SW_VERSION = 27, ///< Vendor SW Version TLV - OT_NETWORK_DIAGNOSTIC_TLV_THREAD_STACK_VERSION = 28, ///< Thread Stack Version TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHILD = 29, ///< Child TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHILD_IP6_ADDR_LIST = 30, ///< Child IPv6 Address List TLV - OT_NETWORK_DIAGNOSTIC_TLV_ROUTER_NEIGHBOR = 31, ///< Router Neighbor TLV - OT_NETWORK_DIAGNOSTIC_TLV_ANSWER = 32, ///< Answer TLV - OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID = 33, ///< Query ID TLV - OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS = 34, ///< MLE Counters TLV + OT_NETWORK_DIAGNOSTIC_TLV_EXT_ADDRESS = 0, ///< MAC Extended Address TLV + OT_NETWORK_DIAGNOSTIC_TLV_SHORT_ADDRESS = 1, ///< Address16 TLV + OT_NETWORK_DIAGNOSTIC_TLV_MODE = 2, ///< Mode TLV + OT_NETWORK_DIAGNOSTIC_TLV_TIMEOUT = 3, ///< Timeout TLV (the maximum polling time period for SEDs) + OT_NETWORK_DIAGNOSTIC_TLV_CONNECTIVITY = 4, ///< Connectivity TLV + OT_NETWORK_DIAGNOSTIC_TLV_ROUTE = 5, ///< Route64 TLV + OT_NETWORK_DIAGNOSTIC_TLV_LEADER_DATA = 6, ///< Leader Data TLV + OT_NETWORK_DIAGNOSTIC_TLV_NETWORK_DATA = 7, ///< Network Data TLV + OT_NETWORK_DIAGNOSTIC_TLV_IP6_ADDR_LIST = 8, ///< IPv6 Address List TLV + OT_NETWORK_DIAGNOSTIC_TLV_MAC_COUNTERS = 9, ///< MAC Counters TLV + OT_NETWORK_DIAGNOSTIC_TLV_BATTERY_LEVEL = 14, ///< Battery Level TLV + OT_NETWORK_DIAGNOSTIC_TLV_SUPPLY_VOLTAGE = 15, ///< Supply Voltage TLV + OT_NETWORK_DIAGNOSTIC_TLV_CHILD_TABLE = 16, ///< Child Table TLV + OT_NETWORK_DIAGNOSTIC_TLV_CHANNEL_PAGES = 17, ///< Channel Pages TLV + OT_NETWORK_DIAGNOSTIC_TLV_TYPE_LIST = 18, ///< Type List TLV + OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT = 19, ///< Max Child Timeout TLV + OT_NETWORK_DIAGNOSTIC_TLV_EUI64 = 23, ///< EUI64 TLV + OT_NETWORK_DIAGNOSTIC_TLV_VERSION = 24, ///< Version TLV (version number for the protocols and features) + OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME = 25, ///< Vendor Name TLV + OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_MODEL = 26, ///< Vendor Model TLV + OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_SW_VERSION = 27, ///< Vendor SW Version TLV + OT_NETWORK_DIAGNOSTIC_TLV_THREAD_STACK_VERSION = + 28, ///< Thread Stack Version TLV (version identifier as UTF-8 string for Thread stack codebase/commit/version) + OT_NETWORK_DIAGNOSTIC_TLV_CHILD = 29, ///< Child TLV + OT_NETWORK_DIAGNOSTIC_TLV_CHILD_IP6_ADDR_LIST = 30, ///< Child IPv6 Address List TLV + OT_NETWORK_DIAGNOSTIC_TLV_ROUTER_NEIGHBOR = 31, ///< Router Neighbor TLV + OT_NETWORK_DIAGNOSTIC_TLV_ANSWER = 32, ///< Answer TLV + OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID = 33, ///< Query ID TLV + OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS = 34, ///< MLE Counters TLV }; @@ -275,6 +277,7 @@ typedef struct otNetworkDiagTlv union { otExtAddress mExtAddress; + otExtAddress mEui64; uint16_t mAddr16; otLinkModeConfig mMode; uint32_t mTimeout; diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index eecfeecf20f..78c1ee80788 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -7778,9 +7778,9 @@ template <> otError Interpreter::Process(Arg aArgs[]) /** * @cli networkdiagnostic get * @code - * networkdiagnostic get fdde:ad00:beef:0:0:ff:fe00:fc00 0 1 6e + * networkdiagnostic get fdde:ad00:beef:0:0:ff:fe00:fc00 0 1 6 23 * DIAG_GET.rsp/ans: 00080e336e1c41494e1c01020c000608640b0f674074c503 - * Ext Address: '0e336e1c41494e1c' + * Ext Address: 0e336e1c41494e1c * Rloc16: 0x0c00 * Leader Data: * PartitionId: 0x640b0f67 @@ -7788,6 +7788,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) * DataVersion: 116 * StableDataVersion: 197 * LeaderRouterId: 0x03 + * EUI64: 18b4300000000004 * Done * @endcode * @code @@ -7797,7 +7798,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) * Rloc16: 0x0c00 * Done * DIAG_GET.rsp/ans: 00083efcdb7e3f9eb0f201021800 - * Ext Address: '3efcdb7e3f9eb0f2' + * Ext Address: 3efcdb7e3f9eb0f2 * Rloc16: 0x1800 * Done * @endcode @@ -7820,10 +7821,12 @@ template <> otError Interpreter::Process(Arg aArgs[]) * - `16`: Child Table TLV * - `17`: Channel Pages TLV * - `19`: Max Child Timeout TLV + * - `23`: EUI64 TLV + * - `24`: Version TLV (version number for the protocols and features) * - `25`: Vendor Name TLV * - `26`: Vendor Model TLV * - `27`: Vendor SW Version TLV - * - `28`: Thread Stack Version TLV + * - `28`: Thread Stack Version TLV (version identifier as UTF-8 string for Thread stack codebase/commit/version) * - `29`: Child TLV * - `34`: MLE Counters TLV * @par @@ -7848,8 +7851,9 @@ template <> otError Interpreter::Process(Arg aArgs[]) * @cparam networkdiagnostic reset @ca{addr} @ca{type(s)} * @par * Sends a network diagnostic request to reset the specified Type Length Values (TLVs) - * on the specified address(es). The only supported TLV value at this time for this - * command is `9` (MAC Counters TLV). + * on the specified address(es). This command only supports the + * following TLV values: `9` (MAC Counters TLV) or `34` (MLE + * Counters TLV) * @sa otThreadSendDiagnosticReset */ else if (aArgs[0] == "reset") @@ -7912,7 +7916,7 @@ void Interpreter::HandleDiagnosticGetResponse(otError aError, switch (diagTlv.mType) { case OT_NETWORK_DIAGNOSTIC_TLV_EXT_ADDRESS: - OutputFormat("Ext Address: '"); + OutputFormat("Ext Address: "); OutputExtAddressLine(diagTlv.mData.mExtAddress); break; case OT_NETWORK_DIAGNOSTIC_TLV_SHORT_ADDRESS: @@ -7938,7 +7942,7 @@ void Interpreter::HandleDiagnosticGetResponse(otError aError, OutputLeaderData(kIndentSize, diagTlv.mData.mLeaderData); break; case OT_NETWORK_DIAGNOSTIC_TLV_NETWORK_DATA: - OutputFormat("Network Data: '"); + OutputFormat("Network Data: "); OutputBytesLine(diagTlv.mData.mNetworkData.m8, diagTlv.mData.mNetworkData.mCount); break; case OT_NETWORK_DIAGNOSTIC_TLV_IP6_ADDR_LIST: @@ -7979,6 +7983,10 @@ void Interpreter::HandleDiagnosticGetResponse(otError aError, case OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT: OutputLine("Max Child Timeout: %lu", ToUlong(diagTlv.mData.mMaxChildTimeout)); break; + case OT_NETWORK_DIAGNOSTIC_TLV_EUI64: + OutputFormat("EUI64: "); + OutputExtAddressLine(diagTlv.mData.mEui64); + break; case OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME: OutputLine("Vendor Name: %s", diagTlv.mData.mVendorName); break; diff --git a/src/core/thread/network_diagnostic.cpp b/src/core/thread/network_diagnostic.cpp index c331dc42829..724b6a9cb5f 100644 --- a/src/core/thread/network_diagnostic.cpp +++ b/src/core/thread/network_diagnostic.cpp @@ -267,6 +267,15 @@ Error Server::AppendDiagTlv(uint8_t aTlvType, Message &aMessage) error = Tlv::Append(aMessage, Get().GetDeviceMode().Get()); break; + case Tlv::kEui64: + { + Mac::ExtAddress eui64; + + Get().GetIeeeEui64(eui64); + error = Tlv::Append(aMessage, eui64); + break; + } + case Tlv::kVersion: error = Tlv::Append(aMessage, kThreadVersion); break; @@ -1196,6 +1205,10 @@ Error Client::GetNextDiagTlv(const Coap::Message &aMessage, Iterator &aIterator, SuccessOrExit(error = Tlv::Read(aMessage, offset, aTlvInfo.mData.mMaxChildTimeout)); break; + case Tlv::kEui64: + SuccessOrExit(error = Tlv::Read(aMessage, offset, AsCoreType(&aTlvInfo.mData.mEui64))); + break; + case Tlv::kVersion: SuccessOrExit(error = Tlv::Read(aMessage, offset, aTlvInfo.mData.mVersion)); break; diff --git a/src/core/thread/network_diagnostic_tlvs.hpp b/src/core/thread/network_diagnostic_tlvs.hpp index e867e0fa0ed..2efa744f469 100644 --- a/src/core/thread/network_diagnostic_tlvs.hpp +++ b/src/core/thread/network_diagnostic_tlvs.hpp @@ -84,6 +84,7 @@ class Tlv : public ot::Tlv kChannelPages = OT_NETWORK_DIAGNOSTIC_TLV_CHANNEL_PAGES, kTypeList = OT_NETWORK_DIAGNOSTIC_TLV_TYPE_LIST, kMaxChildTimeout = OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT, + kEui64 = OT_NETWORK_DIAGNOSTIC_TLV_EUI64, kVersion = OT_NETWORK_DIAGNOSTIC_TLV_VERSION, kVendorName = OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME, kVendorModel = OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_MODEL, @@ -199,6 +200,12 @@ typedef TlvInfo ChildTableTlv; */ typedef UintTlvInfo MaxChildTimeoutTlv; +/** + * Defines Eui64 TLV constants and types. + * + */ +typedef SimpleTlvInfo Eui64Tlv; + /** * Defines Version TLV constants and types. * From bdb580763b2b7c1a4a4328626b845e6b89121a7c Mon Sep 17 00:00:00 2001 From: Zhangwx Date: Wed, 31 Jan 2024 03:09:17 +0800 Subject: [PATCH 085/121] [spinel] fix set rx on when idle for RCP (#9812) In #9554, a new radio capability is introduced: `RX_ON_WHEN_IDLE`. On the RCP scenario, if recoverd, there will be an error: ``` OPENTHREAD:[W] P-RadioSpinel-: Error processing result: NotImplemented OPENTHREAD:[W] P-RadioSpinel-: Error waiting response: NotImplemented ``` When set the rx on when idle on Host to RCP, no `Set property handler` will be found due to the target handler was surround by the macro `OPENTHREAD_MTD || OPENTHREAD_FTD`. This `rx on when idle` capability should not only be used for MTD and FTD, but also used for RADIO on a NCP. This PR fixes it. --- src/ncp/ncp_base_dispatcher.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ncp/ncp_base_dispatcher.cpp b/src/ncp/ncp_base_dispatcher.cpp index e653f83115f..48bd97e82a7 100644 --- a/src/ncp/ncp_base_dispatcher.cpp +++ b/src/ncp/ncp_base_dispatcher.cpp @@ -433,7 +433,9 @@ NcpBase::PropertyHandler NcpBase::FindSetPropertyHandler(spinel_prop_key_t aKey) OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_MAC_PROMISCUOUS_MODE), #if OPENTHREAD_MTD || OPENTHREAD_FTD OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_MAC_DATA_POLL_PERIOD), +#endif OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_MAC_RX_ON_WHEN_IDLE_MODE), +#if OPENTHREAD_MTD || OPENTHREAD_FTD OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_NET_IF_UP), OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_NET_STACK_UP), OT_NCP_SET_HANDLER_ENTRY(SPINEL_PROP_NET_ROLE), From 176be056446c14e6c724cedc7485cfeebdf8e431 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Wed, 31 Jan 2024 11:07:51 -0800 Subject: [PATCH 086/121] [cli] commissioner commands (#9798) --- src/cli/cli_commissioner.cpp | 228 +++++++++++++++++++++++++++++++++++ 1 file changed, 228 insertions(+) diff --git a/src/cli/cli_commissioner.cpp b/src/cli/cli_commissioner.cpp index d8fa14a099d..b7c04d3b7f8 100644 --- a/src/cli/cli_commissioner.cpp +++ b/src/cli/cli_commissioner.cpp @@ -40,6 +40,24 @@ namespace ot { namespace Cli { +/** + * @cli commissioner announce + * @code + * commissioner announce 0x00050000 2 32 fdde:ad00:beef:0:0:ff:fe00:c00 + * Done + * @endcode + * @cparam commissioner announce @ca{mask} @ca{count} @ca{period} @ca{destination} + * * `mask`: Bitmask that identifies channels for sending MLE `Announce` messages. + * * `count`: Number of MLE `Announce` transmissions per channel. + * * `period`: Number of milliseconds between successive MLE `Announce` transmissions. + * * `destination`: Destination IPv6 address for the message. The message may be multicast. + * @par + * Sends an Announce Begin message. + * @note Use this command only after successfully starting the %Commissioner role + * with the `commissioner start` command. + * @csa{commissioner start} + * @sa otCommissionerAnnounceBegin + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error; @@ -59,6 +77,27 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner energy + * @code + * commissioner energy 0x00050000 2 32 1000 fdde:ad00:beef:0:0:ff:fe00:c00 + * Done + * Energy: 00050000 0 0 0 0 + * @endcode + * @cparam commissioner energy @ca{mask} @ca{count} @ca{period} @ca{scanDuration} @ca{destination} + * * `mask`: Bitmask that identifies channels for performing IEEE 802.15.4 energy scans. + * * `count`: Number of IEEE 802.15.4 energy scans per channel. + * * `period`: Number of milliseconds between successive IEEE 802.15.4 energy scans. + * * `scanDuration`: Scan duration in milliseconds to use when + * performing an IEEE 802.15.4 energy scan. + * * `destination`: Destination IPv6 address for the message. The message may be multicast. + * @par + * Sends an Energy Scan Query message. Command output is printed as it is received. + * @note Use this command only after successfully starting the %Commissioner role + * with the `commissioner start` command. + * @csa{commissioner start} + * @sa otCommissionerEnergyScan + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error; @@ -88,6 +127,20 @@ template <> otError Commissioner::Process(Arg aArgs[]) const otExtAddress *addrPtr = nullptr; otJoinerDiscerner discerner; + /** + * @cli commissioner joiner table + * @code + * commissioner joiner table + * | ID | PSKd | Expiration | + * +-----------------------+----------------------------------+------------+ + * | * | J01NME | 81015 | + * | d45e64fa83f81cf7 | J01NME | 101204 | + * | 0x0000000000000abc/12 | J01NME | 114360 | + * Done + * @endcode + * @par + * Lists all %Joiner entries in table format. + */ if (aArgs[0] == "table") { uint16_t iter = 0; @@ -152,6 +205,29 @@ template <> otError Commissioner::Process(Arg aArgs[]) SuccessOrExit(error); } + /** + * @cli commissioner joiner add + * @code + * commissioner joiner add d45e64fa83f81cf7 J01NME + * Done + * @endcode + * @code + * commissioner joiner add 0xabc/12 J01NME + * Done + * @endcode + * @cparam commissioner joiner add @ca{eui64}|@ca{discerner pksd} [@ca{timeout}] + * * `eui64`: IEEE EUI-64 of the %Joiner. To match any joiner, use `*`. + * * `discerner`: The %Joiner discerner in the format `number/length`. + * * `pksd`: Pre-Shared Key for the joiner. + * * `timeout`: The %Joiner timeout in seconds. + * @par + * Adds a joiner entry. + * @note Use this command only after successfully starting the %Commissioner role + * with the `commissioner start` command. + * @csa{commissioner start} + * @sa otCommissionerAddJoiner + * @sa otCommissionerAddJoinerWithDiscerner + */ if (aArgs[0] == "add") { uint32_t timeout = kDefaultJoinerTimeout; @@ -171,6 +247,27 @@ template <> otError Commissioner::Process(Arg aArgs[]) { error = otCommissionerAddJoiner(GetInstancePtr(), addrPtr, aArgs[2].GetCString(), timeout); } + /** + * @cli commissioner joiner remove + * @code + * commissioner joiner remove d45e64fa83f81cf7 + * Done + * @endcode + * @code + * commissioner joiner remove 0xabc/12 + * Done + * @endcode + * @cparam commissioner joiner remove @ca{eui64}|@ca{discerner} + * * `eui64`: IEEE EUI-64 of the joiner. To match any joiner, use `*`. + * * `discerner`: The joiner discerner in the format `number/length`. + * @par + * Removes a %Joiner entry. + * @note Use this command only after successfully starting the %Commissioner role + * with the `commissioner start` command. + * @csa{commissioner start} + * @sa otCommissionerRemoveJoiner + * @sa otCommissionerRemoveJoinerWithDiscerner + */ } else if (aArgs[0] == "remove") { @@ -192,6 +289,25 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner mgmtget + * @code + * commissioner mgmtget locator sessionid + * Done + * @endcode + * @cparam commissioner mgmtget [locator] [sessionid] [steeringdata] [joinerudpport] [-x @ca{TLVs}] + * * `locator`: Border Router RLOC16. + * * `sessionid`: Session ID of the %Commissioner. + * * `steeringdata`: Steering data. + * * `joinerudpport`: %Joiner UDP port. + * * `TLVs`: The set of TLVs to be retrieved. + * @par + * Sends a `MGMT_GET` (Management Get) message to the Leader. + * Variable values that have been set using the `commissioner mgmtset` command are returned. + * @sa otCommissionerSendMgmtGet + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -239,6 +355,25 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner mgmtset + * @code + * commissioner mgmtset joinerudpport 9988 + * Done + * @endcode + * @cparam commissioner mgmtset [locator @ca{locator}] [sessionid @ca{sessionid}] [steeringdata @ca{steeringdata}] [joinerudpport @ca{joinerudpport}] [-x @ca{TLVs}] + * * `locator`: Border Router RLOC16. + * * `sessionid`: Session ID of the %Commissioner. + * * `steeringdata`: Steering data. + * * `joinerudpport`: %Joiner UDP port. + * * `TLVs`: The set of TLVs to be retrieved. + * @par + * Sends a `MGMT_SET` (Management Set) message to the Leader, and sets the + * variables to the values specified. + * @sa otCommissionerSendMgmtSet + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error; @@ -301,6 +436,25 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner panid + * @code + * commissioner panid 0xdead 0x7fff800 fdde:ad00:beef:0:0:ff:fe00:c00 + * Done + * Conflict: dead, 00000800 + * @endcode + * @cparam commissioner panid @ca{panid} @ca{mask} @ca{destination} + * * `paind`: PAN ID to use to check for conflicts. + * * `mask`; Bitmask that identifies channels to perform IEEE 802.15.4 + * Active Scans. + * * `destination`: IPv6 destination address for the message. The message may be multicast. + * @par + * Sends a PAN ID query. Command output is returned as it is received. + * @note Use this command only after successfully starting the %Commissioner role + * with the `commissioner start` command. + * @csa{commissioner start} + * @sa otCommissionerPanIdQuery + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error; @@ -318,6 +472,17 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner provisioningurl + * @code + * commissioner provisioningurl http://github.com/openthread/openthread + * Done + * @endcode + * @cparam commissioner provisioningurl @ca{provisioningurl} + * @par + * Sets the %Commissioner provisioning URL. + * @sa otCommissionerSetProvisioningUrl + */ template <> otError Commissioner::Process(Arg aArgs[]) { // If aArgs[0] is empty, `GetCString() will return `nullptr` @@ -325,6 +490,17 @@ template <> otError Commissioner::Process(Arg aArgs[]) return otCommissionerSetProvisioningUrl(GetInstancePtr(), aArgs[0].GetCString()); } +/** + * @cli commissioner sessionid + * @code + * commissioner sessionid + * 0 + * Done + * @endcode + * @par + * Gets the current %Commissioner session ID. + * @sa otCommissionerGetSessionId + */ template <> otError Commissioner::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -334,6 +510,22 @@ template <> otError Commissioner::Process(Arg aArgs[]) return OT_ERROR_NONE; } +/** + * @cli commissioner id (get,set) + * @code + * commissioner id OpenThread Commissioner + * Done + * @endcode + * @code + * commissioner id + * OpenThread Commissioner + * Done + * @endcode + * @cparam commissioner id @ca{name} + * @par + * Gets or sets the OpenThread %Commissioner ID name. + * @sa otCommissionerSetId + */ template <> otError Commissioner::Process(Arg aArgs[]) { otError error; @@ -351,6 +543,20 @@ template <> otError Commissioner::Process(Arg aArgs[]) return error; } +/** + * @cli commissioner start + * @code + * commissioner start + * Commissioner: petitioning + * Done + * Commissioner: active + * @endcode + * @par + * Starts the Thread %Commissioner role. + * @note The `commissioner` commands are available only when + * `OPENTHREAD_CONFIG_COMMISSIONER_ENABLE` and `OPENTHREAD_FTD` are set. + * @sa otCommissionerStart + */ template <> otError Commissioner::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -422,6 +628,16 @@ void Commissioner::HandleJoinerEvent(otCommissionerJoinerEvent aEvent, OutputNewLine(); } +/** + * @cli commissioner stop + * @code + * commissioner stop + * Done + * @endcode + * @par + * Stops the Thread %Commissioner role. + * @sa otCommissionerStop + */ template <> otError Commissioner::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -429,6 +645,18 @@ template <> otError Commissioner::Process(Arg aArgs[]) return otCommissionerStop(GetInstancePtr()); } +/** + * @cli commissioner state + * @code + * commissioner state + * active + * Done + * @endcode + * @par + * Returns the current state of the %Commissioner. Possible values are + * `active`, `disabled`, or `petition` (petitioning to become %Commissioner). + * @sa otCommissionerState + */ template <> otError Commissioner::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); From 75abc7c871e18b5c41c22f998b9e5cdbb7868d84 Mon Sep 17 00:00:00 2001 From: hemanth-silabs <50145824+hemanth-silabs@users.noreply.github.com> Date: Wed, 31 Jan 2024 15:17:26 -0500 Subject: [PATCH 087/121] [key-manager] check if the key is present before exporting the key (#9814) While trying to read the Pskc or networkkey, we check if the keyref is valid. We instead need to check if the key is present. There is a possibility that the persistent data was erased before trying to read the key, which might result in asserts. --- src/core/thread/key_manager.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/thread/key_manager.cpp b/src/core/thread/key_manager.cpp index 4d734442a33..3d9337d93aa 100644 --- a/src/core/thread/key_manager.cpp +++ b/src/core/thread/key_manager.cpp @@ -516,7 +516,7 @@ void KeyManager::HandleKeyRotationTimer(void) void KeyManager::GetNetworkKey(NetworkKey &aNetworkKey) const { #if OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE - if (Crypto::Storage::IsKeyRefValid(mNetworkKeyRef)) + if (Crypto::Storage::HasKey(mNetworkKeyRef)) { size_t keyLen; @@ -535,7 +535,7 @@ void KeyManager::GetNetworkKey(NetworkKey &aNetworkKey) const void KeyManager::GetPskc(Pskc &aPskc) const { #if OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE - if (Crypto::Storage::IsKeyRefValid(mPskcRef)) + if (Crypto::Storage::HasKey(mPskcRef)) { size_t keyLen; From 456c448284486abe2a9118a9fdaa468fe2383fcd Mon Sep 17 00:00:00 2001 From: gytxxsy Date: Thu, 1 Feb 2024 07:56:24 +0800 Subject: [PATCH 088/121] [spinel] allow registering callback to restore vendor properties (#9773) urrently the `RadioSpinel::RestoreProperties` only restores some properties defined in `spinel.h`. But if `OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE` is selected, users may set some properties of RCP via vendor command. So the radio spinel should allow users to register a callback to restore the vendor properties of RCP. --- src/lib/spinel/radio_spinel.cpp | 20 ++++++++++++++++++++ src/lib/spinel/radio_spinel.hpp | 23 +++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/src/lib/spinel/radio_spinel.cpp b/src/lib/spinel/radio_spinel.cpp index 6b03b5b30e9..b41fde34266 100644 --- a/src/lib/spinel/radio_spinel.cpp +++ b/src/lib/spinel/radio_spinel.cpp @@ -122,6 +122,10 @@ RadioSpinel::RadioSpinel(void) , mTxRadioEndUs(UINT64_MAX) , mRadioTimeRecalcStart(UINT64_MAX) , mRadioTimeOffset(UINT64_MAX) +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE + , mVendorRestorePropertiesCallback(nullptr) + , mVendorRestorePropertiesContext(nullptr) +#endif { memset(mIidList, SPINEL_HEADER_INVALID_IID, sizeof(mIidList)); memset(&mRadioSpinelMetrics, 0, sizeof(mRadioSpinelMetrics)); @@ -759,6 +763,15 @@ void RadioSpinel::HandleValueIs(spinel_prop_key_t aKey, const uint8_t *aBuffer, LogIfFail("Failed to handle ValueIs", error); } +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE +void RadioSpinel::SetVendorRestorePropertiesCallback(otRadioSpinelVendorRestorePropertiesCallback aCallback, + void *aContext) +{ + mVendorRestorePropertiesCallback = aCallback; + mVendorRestorePropertiesContext = aContext; +} +#endif + otError RadioSpinel::ParseRadioFrame(otRadioFrame &aFrame, const uint8_t *aBuffer, uint16_t aLength, @@ -2267,6 +2280,13 @@ void RadioSpinel::RestoreProperties(void) SuccessOrDie(Set(SPINEL_PROP_MAC_RX_ON_WHEN_IDLE_MODE, SPINEL_DATATYPE_BOOL_S, mRxOnWhenIdle)); } +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE + if (mVendorRestorePropertiesCallback) + { + mVendorRestorePropertiesCallback(mVendorRestorePropertiesContext); + } +#endif + CalcRcpTimeOffset(); } #endif // OPENTHREAD_SPINEL_CONFIG_RCP_RESTORATION_MAX_COUNT > 0 diff --git a/src/lib/spinel/radio_spinel.hpp b/src/lib/spinel/radio_spinel.hpp index 594ce9126c2..7cdd1f8def8 100644 --- a/src/lib/spinel/radio_spinel.hpp +++ b/src/lib/spinel/radio_spinel.hpp @@ -1084,6 +1084,24 @@ class RadioSpinel * */ otError VendorHandleValueIs(spinel_prop_key_t aPropKey); + + /** + * A callback type for restoring vendor properties. + * + */ + typedef void (*otRadioSpinelVendorRestorePropertiesCallback)(void *context); + + /** + * Registers a callback to restore vendor properties. + * + * This function is used to register a callback for vendor properties recovery. When an event which needs to restore + * properties occurs (such as an unexpected RCP reset), the user can restore the vendor properties via the callback. + * + * @param[in] aCallback The callback. + * @param[in] aContext The context. + * + */ + void SetVendorRestorePropertiesCallback(otRadioSpinelVendorRestorePropertiesCallback aCallback, void *aContext); #endif private: @@ -1331,6 +1349,11 @@ class RadioSpinel MaxPowerTable mMaxPowerTable; otRadioSpinelMetrics mRadioSpinelMetrics; + +#if OPENTHREAD_SPINEL_CONFIG_VENDOR_HOOK_ENABLE + otRadioSpinelVendorRestorePropertiesCallback mVendorRestorePropertiesCallback; + void *mVendorRestorePropertiesContext; +#endif }; } // namespace Spinel From ce8bbfe05a888632b3908c2e0f330e150ed7e456 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Wed, 31 Jan 2024 22:56:47 -0800 Subject: [PATCH 089/121] [codecov] enable use of `CODECOV_TOKEN` (#9819) --- .github/workflows/otbr.yml | 2 ++ .github/workflows/posix.yml | 2 ++ .github/workflows/simulation-1.1.yml | 2 ++ .github/workflows/simulation-1.2.yml | 2 ++ .github/workflows/toranj.yml | 2 ++ .github/workflows/unit.yml | 2 ++ 6 files changed, 12 insertions(+) diff --git a/.github/workflows/otbr.yml b/.github/workflows/otbr.yml index 2440a320e88..4ba7ea6c3e4 100644 --- a/.github/workflows/otbr.yml +++ b/.github/workflows/otbr.yml @@ -256,6 +256,8 @@ jobs: - name: Upload Coverage continue-on-error: true uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 947625f489c..51ffcffebdb 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -315,6 +315,8 @@ jobs: script/test combine_coverage - name: Upload Coverage uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index 9109c1b7162..ddd8ba36bac 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -395,6 +395,8 @@ jobs: script/test combine_coverage - name: Upload Coverage uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index 651bd9fe217..2159ed51da9 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -374,6 +374,8 @@ jobs: script/test combine_coverage - name: Upload Coverage uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index 59dac8dd7c7..3ff41855d75 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -185,6 +185,8 @@ jobs: script/test combine_coverage - name: Upload Coverage uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 3308f91b984..3cbbe2a3da0 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -124,6 +124,8 @@ jobs: script/test combine_coverage - name: Upload Coverage uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: files: final.info fail_ci_if_error: true From fffb489b2694a5f87800367ee4894f8e81fa7006 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 1 Feb 2024 11:28:00 -0800 Subject: [PATCH 090/121] [netdata-publisher] remove SRP unicast on anycast entry added by a BR (#9807) This commit updates how the `NetworkData::Publisher` handles "DNS/SRP Service Unicast Address" entries. Specifically, when a "DNS/SRP Service Anycast" entry is added by another BR, the publisher will set the desired count of unicast entries to zero. This effectively removes any previously added unicast entry. This new behavior is only applied when the address and port are included in the Server TLV data in a "DNS/SRP Service Unicast Address" entry. The `test_netdata_publisher` has been updated to verify this new behavior. --- src/core/thread/network_data_publisher.cpp | 21 ++++++++++++- .../thread-cert/test_netdata_publisher.py | 31 +++++++++++++++++++ 2 files changed, 51 insertions(+), 1 deletion(-) diff --git a/src/core/thread/network_data_publisher.cpp b/src/core/thread/network_data_publisher.cpp index 6094eddef34..ec925b824f3 100644 --- a/src/core/thread/network_data_publisher.cpp +++ b/src/core/thread/network_data_publisher.cpp @@ -658,10 +658,29 @@ void Publisher::DnsSrpServiceEntry::Process(void) desiredNumEntries = kDesiredNumAnycast; break; - case kTypeUnicast: case kTypeUnicastMeshLocalEid: + { + Service::DnsSrpAnycast::Info anycastInfo; + CountUnicastEntries(numEntries, numPreferredEntries); desiredNumEntries = kDesiredNumUnicast; + + if (Get().FindPreferredDnsSrpAnycastInfo(anycastInfo) == kErrorNone) + { + // If there is any anycast entry in netdata, we set the + // desired number of unicast entries (with address added + // in server TLV) to zero to remove any added unicast + // entry. + + desiredNumEntries = 0; + } + + break; + } + + case kTypeUnicast: + desiredNumEntries = kDesiredNumUnicast; + CountUnicastEntries(numEntries, numPreferredEntries); break; } diff --git a/tests/scripts/thread-cert/test_netdata_publisher.py b/tests/scripts/thread-cert/test_netdata_publisher.py index f1a1c5d359b..7192e6f4351 100755 --- a/tests/scripts/thread-cert/test_netdata_publisher.py +++ b/tests/scripts/thread-cert/test_netdata_publisher.py @@ -304,6 +304,37 @@ def test(self): node.srp_server_set_enabled(False) self.assertEqual(node.srp_server_get_state(), 'disabled') + #--------------------------------------------------------------------------------- + # DNS/SRP unicast and anycast entry + + # Verify that publishing an anycast entry will update the limit + # for the unicast MLE-EID address entry and all are removed. + + num = 0 + for node in routers: + node.netdata_publish_dnssrp_unicast_mleid(DNSSRP_PORT) + self.simulator.go(WAIT_TIME) + num += 1 + services = leader.get_services() + self.assertEqual(len(services), min(num, DESIRED_NUM_DNSSRP_UNCIAST)) + self.verify_unicast_services(services) + + leader.netdata_publish_dnssrp_anycast(ANYCAST_SEQ_NUM) + self.simulator.go(WAIT_TIME) + services = leader.get_services() + self.assertEqual(len(services), 1) + self.verify_anycast_services(services) + + leader.netdata_unpublish_dnssrp() + self.simulator.go(WAIT_TIME) + + services = leader.get_services() + self.assertEqual(len(services), min(num, DESIRED_NUM_DNSSRP_UNCIAST)) + self.verify_unicast_services(services) + + for node in routers: + node.netdata_unpublish_dnssrp() + #--------------------------------------------------------------------------------- # DNS/SRP entries: Verify publisher preference when removing # entries. From 686eb30e9a0f069dcc24640cc816768c92ace798 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 1 Feb 2024 11:58:47 -0800 Subject: [PATCH 091/121] [common] add `ClearAllBytes()` template function (#9818) This commit introduces the `ClearAllBytes()` template function to zero out all bytes within an object. This replaces `memset(0)` calls in OT core modules, simplifying code and improving safety by automatically using the correct object size. --- src/cli/cli.cpp | 10 +++++----- src/cli/cli_coap.cpp | 26 +++++++++++++------------- src/cli/cli_coap_secure.cpp | 10 +++++----- src/cli/cli_commissioner.cpp | 4 ++-- src/cli/cli_dataset.cpp | 10 +++++----- src/cli/cli_dns.cpp | 2 +- src/cli/cli_joiner.cpp | 2 +- src/cli/cli_link_metrics.cpp | 6 +++--- src/cli/cli_output.hpp | 16 ++++++++++++++++ src/cli/cli_ping.cpp | 2 +- src/cli/cli_tcp.cpp | 4 ++-- src/cli/cli_udp.cpp | 4 ++-- src/core/common/clearable.hpp | 19 ++++++++++++++++++- src/core/common/message.cpp | 2 +- src/core/common/settings.hpp | 4 ++-- src/core/diags/factory_diags.hpp | 5 ++--- src/core/mac/mac.cpp | 4 ++-- src/core/mac/mac.hpp | 3 ++- src/core/mac/mac_frame.cpp | 4 ++-- src/core/meshcop/commissioner.cpp | 4 ++-- src/core/meshcop/dataset.cpp | 2 +- src/core/meshcop/dataset_local.cpp | 2 +- src/core/meshcop/joiner.cpp | 2 +- src/core/meshcop/meshcop.cpp | 5 +++-- src/core/meshcop/secure_transport.cpp | 17 +++++++++-------- src/core/net/dhcp6_client.cpp | 2 +- src/core/net/dhcp6_server.cpp | 2 +- src/core/net/dns_client.cpp | 4 ++-- src/core/net/ip6.hpp | 2 +- src/core/net/ip6_mpl.cpp | 2 +- src/core/net/tcp6.cpp | 14 +++++++------- src/core/radio/trel_link.cpp | 6 +++--- src/core/thread/child.cpp | 4 ++-- src/core/thread/discover_scanner.cpp | 2 +- src/core/thread/mesh_forwarder.hpp | 2 +- src/core/thread/mle.cpp | 4 ++-- src/core/thread/mle_tlvs.cpp | 3 ++- src/core/thread/mle_types.hpp | 8 +------- src/core/thread/network_diagnostic.cpp | 2 +- src/core/thread/radio_selector.cpp | 2 +- src/core/thread/router.cpp | 4 ++-- src/core/thread/router_table.hpp | 3 +-- src/core/utils/channel_monitor.cpp | 4 ++-- src/core/utils/history_tracker.cpp | 2 +- src/core/utils/slaac_address.cpp | 2 +- 45 files changed, 136 insertions(+), 107 deletions(-) diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index 78c1ee80788..45403340947 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -163,7 +163,7 @@ Interpreter::Interpreter(Instance *aInstance, otCliOutputCallback aCallback, voi #if (OPENTHREAD_FTD || OPENTHREAD_MTD) && OPENTHREAD_CONFIG_CLI_REGISTER_IP6_RECV_CALLBACK otIp6SetReceiveCallback(GetInstancePtr(), &Interpreter::HandleIp6Receive, this); #endif - memset(&mUserCommands, 0, sizeof(mUserCommands)); + ClearAllBytes(mUserCommands); OutputPrompt(); } @@ -2668,7 +2668,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) otCacheEntryIterator iterator; otCacheEntryInfo entry; - memset(&iterator, 0, sizeof(iterator)); + ClearAllBytes(iterator); while (true) { @@ -4078,7 +4078,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) otError error = OT_ERROR_NONE; otLinkModeConfig linkMode; - memset(&linkMode, 0, sizeof(otLinkModeConfig)); + ClearAllBytes(linkMode); if (aArgs[0].IsEmpty()) { @@ -5662,7 +5662,7 @@ otError Interpreter::ParsePrefix(Arg aArgs[], otBorderRouterConfig &aConfig) { otError error = OT_ERROR_NONE; - memset(&aConfig, 0, sizeof(otBorderRouterConfig)); + ClearAllBytes(aConfig); SuccessOrExit(error = aArgs[0].ParseAsIp6Prefix(aConfig.mPrefix)); aArgs++; @@ -6089,7 +6089,7 @@ otError Interpreter::ParseRoute(Arg aArgs[], otExternalRouteConfig &aConfig) { otError error = OT_ERROR_NONE; - memset(&aConfig, 0, sizeof(otExternalRouteConfig)); + ClearAllBytes(aConfig); SuccessOrExit(error = aArgs[0].ParseAsIp6Prefix(aConfig.mPrefix)); aArgs++; diff --git a/src/cli/cli_coap.cpp b/src/cli/cli_coap.cpp index 7f71781510c..f69800b8ef1 100644 --- a/src/cli/cli_coap.cpp +++ b/src/cli/cli_coap.cpp @@ -58,15 +58,15 @@ Coap::Coap(otInstance *aInstance, OutputImplementer &aOutputImplementer) , mBlockCount(1) #endif { - memset(&mResource, 0, sizeof(mResource)); + ClearAllBytes(mResource); #if OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE - memset(&mRequestAddr, 0, sizeof(mRequestAddr)); - memset(&mSubscriberSock, 0, sizeof(mSubscriberSock)); - memset(&mRequestToken, 0, sizeof(mRequestToken)); - memset(&mSubscriberToken, 0, sizeof(mSubscriberToken)); - memset(&mRequestUri, 0, sizeof(mRequestUri)); + ClearAllBytes(mRequestAddr); + ClearAllBytes(mSubscriberSock); + ClearAllBytes(mRequestToken); + ClearAllBytes(mSubscriberToken); + ClearAllBytes(mRequestUri); #endif - memset(&mUriPath, 0, sizeof(mUriPath)); + ClearAllBytes(mUriPath); strncpy(mResourceContent, "0", sizeof(mResourceContent)); mResourceContent[sizeof(mResourceContent) - 1] = '\0'; } @@ -78,7 +78,7 @@ otError Coap::CancelResourceSubscription(void) otMessage *message = nullptr; otMessageInfo messageInfo; - memset(&messageInfo, 0, sizeof(messageInfo)); + ClearAllBytes(messageInfo); messageInfo.mPeerAddr = mRequestAddr; messageInfo.mPeerPort = OT_DEFAULT_COAP_PORT; @@ -94,8 +94,8 @@ otError Coap::CancelResourceSubscription(void) SuccessOrExit(error = otCoapMessageAppendUriPathOptions(message, mRequestUri)); SuccessOrExit(error = otCoapSendRequest(GetInstancePtr(), message, &messageInfo, &Coap::HandleResponse, this)); - memset(&mRequestAddr, 0, sizeof(mRequestAddr)); - memset(&mRequestUri, 0, sizeof(mRequestUri)); + ClearAllBytes(mRequestAddr); + ClearAllBytes(mRequestUri); mRequestTokenLength = 0; exit: @@ -110,7 +110,7 @@ otError Coap::CancelResourceSubscription(void) void Coap::CancelSubscriber(void) { - memset(&mSubscriberSock, 0, sizeof(mSubscriberSock)); + ClearAllBytes(mSubscriberSock); mSubscriberTokenLength = 0; } #endif // OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE @@ -207,7 +207,7 @@ template <> otError Coap::Process(Arg aArgs[]) if (mSubscriberTokenLength > 0) { // Notify the subscriber - memset(&messageInfo, 0, sizeof(messageInfo)); + ClearAllBytes(messageInfo); messageInfo.mPeerAddr = mSubscriberSock.mAddress; messageInfo.mPeerPort = mSubscriberSock.mPort; @@ -494,7 +494,7 @@ otError Coap::ProcessRequest(Arg aArgs[], otCoapCode aCoapCode) SuccessOrExit(error = otMessageAppend(message, aArgs[3].GetCString(), payloadLength)); } - memset(&messageInfo, 0, sizeof(messageInfo)); + ClearAllBytes(messageInfo); messageInfo.mPeerAddr = coapDestinationIp; messageInfo.mPeerPort = OT_DEFAULT_COAP_PORT; diff --git a/src/cli/cli_coap_secure.cpp b/src/cli/cli_coap_secure.cpp index e22352ff20a..d977443d152 100644 --- a/src/cli/cli_coap_secure.cpp +++ b/src/cli/cli_coap_secure.cpp @@ -56,10 +56,10 @@ CoapSecure::CoapSecure(otInstance *aInstance, OutputImplementer &aOutputImplemen , mBlockCount(1) #endif { - memset(&mResource, 0, sizeof(mResource)); - memset(&mPsk, 0, sizeof(mPsk)); - memset(&mPskId, 0, sizeof(mPskId)); - memset(&mUriPath, 0, sizeof(mUriPath)); + ClearAllBytes(mResource); + ClearAllBytes(mPsk); + ClearAllBytes(mPskId); + ClearAllBytes(mUriPath); strncpy(mResourceContent, "0", sizeof(mResourceContent)); mResourceContent[sizeof(mResourceContent) - 1] = '\0'; } @@ -398,7 +398,7 @@ template <> otError CoapSecure::Process(Arg aArgs[]) otError error; otSockAddr sockaddr; - memset(&sockaddr, 0, sizeof(sockaddr)); + ClearAllBytes(sockaddr); SuccessOrExit(error = aArgs[0].ParseAsIp6Address(sockaddr.mAddress)); sockaddr.mPort = OT_DEFAULT_COAP_SECURE_PORT; diff --git a/src/cli/cli_commissioner.cpp b/src/cli/cli_commissioner.cpp index b7c04d3b7f8..03aa8389ae0 100644 --- a/src/cli/cli_commissioner.cpp +++ b/src/cli/cli_commissioner.cpp @@ -186,7 +186,7 @@ template <> otError Commissioner::Process(Arg aArgs[]) VerifyOrExit(!aArgs[1].IsEmpty(), error = OT_ERROR_INVALID_ARGS); - memset(&discerner, 0, sizeof(discerner)); + ClearAllBytes(discerner); if (aArgs[1] == "*") { @@ -383,7 +383,7 @@ template <> otError Commissioner::Process(Arg aArgs[]) VerifyOrExit(!aArgs[0].IsEmpty(), error = OT_ERROR_INVALID_ARGS); - memset(&dataset, 0, sizeof(dataset)); + ClearAllBytes(dataset); for (; !aArgs->IsEmpty(); aArgs++) { diff --git a/src/cli/cli_dataset.cpp b/src/cli/cli_dataset.cpp index 32a4372ecf8..cfd47a18c6f 100644 --- a/src/cli/cli_dataset.cpp +++ b/src/cli/cli_dataset.cpp @@ -526,7 +526,7 @@ otError Dataset::ProcessCommand(const ComponentMapper &aMapper, Arg aArgs[]) } else { - memset(&dataset, 0, sizeof(dataset)); + ClearAllBytes(dataset); SuccessOrExit(error = (this->*aMapper.mParse)(aArgs, dataset)); dataset.mComponents.*aMapper.mIsPresentPtr = true; SuccessOrExit(error = otDatasetUpdateTlvs(&dataset, &sDatasetTlvs)); @@ -716,7 +716,7 @@ template <> otError Dataset::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); - memset(&sDatasetTlvs, 0, sizeof(sDatasetTlvs)); + ClearAllBytes(sDatasetTlvs); return OT_ERROR_NONE; } @@ -765,7 +765,7 @@ template <> otError Dataset::Process(Arg aArgs[]) uint8_t tlvs[128]; uint8_t tlvsLength = 0; - memset(&dataset, 0, sizeof(dataset)); + ClearAllBytes(dataset); for (Arg *arg = &aArgs[1]; !arg->IsEmpty();) { @@ -853,7 +853,7 @@ template <> otError Dataset::Process(Arg aArgs[]) bool destAddrSpecified = false; otIp6Address address; - memset(&datasetComponents, 0, sizeof(datasetComponents)); + ClearAllBytes(datasetComponents); for (Arg *arg = &aArgs[1]; !arg->IsEmpty(); arg++) { @@ -1003,7 +1003,7 @@ otError Dataset::ParseSecurityPolicy(otSecurityPolicy &aSecurityPolicy, Arg *&aA otSecurityPolicy policy; uint8_t versionThreshold; - memset(&policy, 0, sizeof(policy)); + ClearAllBytes(policy); SuccessOrExit(error = aArgs->ParseAsUint16(policy.mRotationTime)); aArgs++; diff --git a/src/cli/cli_dns.cpp b/src/cli/cli_dns.cpp index c532a0f6f0a..7aef47976ca 100644 --- a/src/cli/cli_dns.cpp +++ b/src/cli/cli_dns.cpp @@ -418,7 +418,7 @@ otError Dns::GetDnsConfig(Arg aArgs[], otDnsQueryConfig *&aConfig) bool recursionDesired; bool nat64SynthesizedAddress; - memset(aConfig, 0, sizeof(otDnsQueryConfig)); + ClearAllBytes(*aConfig); VerifyOrExit(!aArgs[0].IsEmpty(), aConfig = nullptr); diff --git a/src/cli/cli_joiner.cpp b/src/cli/cli_joiner.cpp index cf84968edaf..805087989fe 100644 --- a/src/cli/cli_joiner.cpp +++ b/src/cli/cli_joiner.cpp @@ -78,7 +78,7 @@ template <> otError Joiner::Process(Arg aArgs[]) { otJoinerDiscerner discerner; - memset(&discerner, 0, sizeof(discerner)); + ClearAllBytes(discerner); /** * @cli joiner discerner clear diff --git a/src/cli/cli_link_metrics.cpp b/src/cli/cli_link_metrics.cpp index b8c284611d4..93cc8c575ad 100644 --- a/src/cli/cli_link_metrics.cpp +++ b/src/cli/cli_link_metrics.cpp @@ -138,7 +138,7 @@ template <> otError LinkMetrics::Process(Arg aArgs[]) SuccessOrExit(error = aArgs[0].ParseAsIp6Address(address)); - memset(&seriesFlags, 0, sizeof(otLinkMetricsSeriesFlags)); + ClearAllBytes(seriesFlags); /** * @cli linkmetrics mgmt forward @@ -171,7 +171,7 @@ template <> otError LinkMetrics::Process(Arg aArgs[]) uint8_t seriesId; otLinkMetrics linkMetrics; - memset(&linkMetrics, 0, sizeof(otLinkMetrics)); + ClearAllBytes(linkMetrics); SuccessOrExit(error = aArgs[2].ParseAsUint8(seriesId)); VerifyOrExit(!aArgs[3].IsEmpty(), error = OT_ERROR_INVALID_ARGS); @@ -368,7 +368,7 @@ otError LinkMetrics::ParseLinkMetricsFlags(otLinkMetrics &aLinkMetrics, const Ar VerifyOrExit(!aFlags.IsEmpty(), error = OT_ERROR_INVALID_ARGS); - memset(&aLinkMetrics, 0, sizeof(aLinkMetrics)); + ClearAllBytes(aLinkMetrics); for (const char *arg = aFlags.GetCString(); *arg != '\0'; arg++) { diff --git a/src/cli/cli_output.hpp b/src/cli/cli_output.hpp index 8941f7e5757..3029108cfa1 100644 --- a/src/cli/cli_output.hpp +++ b/src/cli/cli_output.hpp @@ -45,6 +45,7 @@ #include "common/binary_search.hpp" #include "common/num_utils.hpp" #include "common/string.hpp" +#include "common/type_traits.hpp" #include "utils/parse_cmdline.hpp" namespace ot { @@ -527,6 +528,21 @@ class Output } } + /** + * Clears (sets to zero) all bytes of a given object. + * + * @tparam ObjectType The object type. + * + * @param[in] aObject A reference to the object of type `ObjectType` to clear all its bytes. + * + */ + template static void ClearAllBytes(ObjectType &aObject) + { + static_assert(!TypeTraits::IsPointer::kValue, "ObjectType must not be a pointer"); + + memset(reinterpret_cast(&aObject), 0, sizeof(ObjectType)); + } + protected: void OutputFormatV(const char *aFormat, va_list aArguments); diff --git a/src/cli/cli_ping.cpp b/src/cli/cli_ping.cpp index 80868c7890f..e8e76215788 100644 --- a/src/cli/cli_ping.cpp +++ b/src/cli/cli_ping.cpp @@ -78,7 +78,7 @@ otError PingSender::Process(Arg aArgs[]) aArgs++; } - memset(&config, 0, sizeof(config)); + ClearAllBytes(config); if (aArgs[0] == "-I") { diff --git a/src/cli/cli_tcp.cpp b/src/cli/cli_tcp.cpp index 4f3a8d5c761..eadb27bb8cb 100644 --- a/src/cli/cli_tcp.cpp +++ b/src/cli/cli_tcp.cpp @@ -219,7 +219,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) { otTcpEndpointInitializeArgs endpointArgs; - memset(&endpointArgs, 0x00, sizeof(endpointArgs)); + ClearAllBytes(endpointArgs); endpointArgs.mEstablishedCallback = HandleTcpEstablishedCallback; if (mUseCircularSendBuffer) { @@ -241,7 +241,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) { otTcpListenerInitializeArgs listenerArgs; - memset(&listenerArgs, 0x00, sizeof(listenerArgs)); + ClearAllBytes(listenerArgs); listenerArgs.mAcceptReadyCallback = HandleTcpAcceptReadyCallback; listenerArgs.mAcceptDoneCallback = HandleTcpAcceptDoneCallback; listenerArgs.mContext = this; diff --git a/src/cli/cli_udp.cpp b/src/cli/cli_udp.cpp index 1651debb2cc..7114564168d 100644 --- a/src/cli/cli_udp.cpp +++ b/src/cli/cli_udp.cpp @@ -47,7 +47,7 @@ UdpExample::UdpExample(otInstance *aInstance, OutputImplementer &aOutputImplemen : Output(aInstance, aOutputImplementer) , mLinkSecurityEnabled(true) { - memset(&mSocket, 0, sizeof(mSocket)); + ClearAllBytes(mSocket); } /** @@ -258,7 +258,7 @@ template <> otError UdpExample::Process(Arg aArgs[]) otMessageInfo messageInfo; otMessageSettings messageSettings = {mLinkSecurityEnabled, OT_MESSAGE_PRIORITY_NORMAL}; - memset(&messageInfo, 0, sizeof(messageInfo)); + ClearAllBytes(messageInfo); // Possible argument formats: // diff --git a/src/core/common/clearable.hpp b/src/core/common/clearable.hpp index f91c15f41f3..bc1b1f6371e 100644 --- a/src/core/common/clearable.hpp +++ b/src/core/common/clearable.hpp @@ -38,8 +38,25 @@ #include +#include "common/type_traits.hpp" + namespace ot { +/** + * Clears (sets to zero) all bytes of a given object. + * + * @tparam ObjectType The object type. + * + * @param[in] aObject A reference to the object of type `ObjectType` to clear all its bytes. + * + */ +template void ClearAllBytes(ObjectType &aObject) +{ + static_assert(!TypeTraits::IsPointer::kValue, "ObjectType must not be a pointer"); + + memset(reinterpret_cast(&aObject), 0, sizeof(ObjectType)); +} + /** * Defines a `Clearable` object which provides `Clear()` method. * @@ -52,7 +69,7 @@ namespace ot { template class Clearable { public: - void Clear(void) { memset(reinterpret_cast(static_cast(this)), 0, sizeof(Type)); } + void Clear(void) { ClearAllBytes(*static_cast(this)); } }; } // namespace ot diff --git a/src/core/common/message.cpp b/src/core/common/message.cpp index 1c7028d0fa9..50e1fcc459c 100644 --- a/src/core/common/message.cpp +++ b/src/core/common/message.cpp @@ -75,7 +75,7 @@ Message *MessagePool::Allocate(Message::Type aType, uint16_t aReserveHeader, con VerifyOrExit((message = static_cast(NewBuffer(aSettings.GetPriority()))) != nullptr); - memset(message, 0, sizeof(*message)); + ClearAllBytes(*message); message->SetMessagePool(this); message->SetType(aType); message->SetReserved(aReserveHeader); diff --git a/src/core/common/settings.hpp b/src/core/common/settings.hpp index 9716cb87abb..1f5a33adb90 100644 --- a/src/core/common/settings.hpp +++ b/src/core/common/settings.hpp @@ -417,7 +417,7 @@ class SettingsBase : public InstanceLocator */ void Init(void) { - memset(this, 0, sizeof(*this)); + ClearAllBytes(*this); SetVersion(kThreadVersion1p1); } @@ -784,7 +784,7 @@ class SettingsBase : public InstanceLocator * Initializes the `BorderAgentId` object. * */ - void Init(void) { memset(&mId, 0, sizeof(mId)); } + void Init(void) { ClearAllBytes(mId); } /** * Returns the Border Agent ID. diff --git a/src/core/diags/factory_diags.hpp b/src/core/diags/factory_diags.hpp index 5d015d278f2..1b72a15639e 100644 --- a/src/core/diags/factory_diags.hpp +++ b/src/core/diags/factory_diags.hpp @@ -42,6 +42,7 @@ #include +#include "common/clearable.hpp" #include "common/error.hpp" #include "common/locator.hpp" #include "common/non_copyable.hpp" @@ -131,10 +132,8 @@ class Diags : public InstanceLocator, private NonCopyable Error (Diags::*mCommand)(uint8_t aArgsLength, char *aArgs[], char *aOutput, size_t aOutputMaxLen); }; - struct Stats + struct Stats : public Clearable { - void Clear(void) { memset(this, 0, sizeof(*this)); } - uint32_t mReceivedPackets; uint32_t mSentPackets; int8_t mFirstRssi; diff --git a/src/core/mac/mac.cpp b/src/core/mac/mac.cpp index 15f560631c3..04e235cc5dd 100644 --- a/src/core/mac/mac.cpp +++ b/src/core/mac/mac.cpp @@ -234,7 +234,7 @@ Error Mac::ConvertBeaconToActiveScanResult(const RxFrame *aBeaconFrame, ActiveSc uint16_t payloadLength; #endif - memset(&aResult, 0, sizeof(ActiveScanResult)); + ClearAllBytes(aResult); VerifyOrExit(aBeaconFrame != nullptr, error = kErrorInvalidArgs); @@ -2153,7 +2153,7 @@ const uint32_t *Mac::GetIndirectRetrySuccessHistogram(uint8_t &aNumberOfEntries) } #endif -void Mac::ResetRetrySuccessHistogram() { memset(&mRetryHistogram, 0, sizeof(mRetryHistogram)); } +void Mac::ResetRetrySuccessHistogram() { ClearAllBytes(mRetryHistogram); } #endif // OPENTHREAD_CONFIG_MAC_RETRY_SUCCESS_HISTOGRAM_ENABLE uint8_t Mac::ComputeLinkMargin(int8_t aRss) const { return ot::ComputeLinkMargin(GetNoiseFloor(), aRss); } diff --git a/src/core/mac/mac.hpp b/src/core/mac/mac.hpp index 1b2ae6c673f..6f95ab7d3e5 100644 --- a/src/core/mac/mac.hpp +++ b/src/core/mac/mac.hpp @@ -39,6 +39,7 @@ #include #include +#include "common/clearable.hpp" #include "common/locator.hpp" #include "common/log.hpp" #include "common/non_copyable.hpp" @@ -496,7 +497,7 @@ class Mac : public InstanceLocator, private NonCopyable * Resets mac counters * */ - void ResetCounters(void) { memset(&mCounters, 0, sizeof(mCounters)); } + void ResetCounters(void) { ClearAllBytes(mCounters); } /** * Returns the MAC counter. diff --git a/src/core/mac/mac_frame.cpp b/src/core/mac/mac_frame.cpp index 47debefb3da..3e84465be23 100644 --- a/src/core/mac/mac_frame.cpp +++ b/src/core/mac/mac_frame.cpp @@ -1385,7 +1385,7 @@ void TxFrame::GenerateImmAck(const RxFrame &aFrame, bool aIsFramePending) uint16_t fcf = static_cast(kTypeAck) | aFrame.GetVersion(); mChannel = aFrame.mChannel; - memset(&mInfo.mTxInfo, 0, sizeof(mInfo.mTxInfo)); + ClearAllBytes(mInfo.mTxInfo); if (aIsFramePending) { @@ -1449,7 +1449,7 @@ Error TxFrame::GenerateEnhAck(const RxFrame &aRxFrame, bool aIsFramePending, con // Prepare the ack frame mChannel = aRxFrame.mChannel; - memset(&mInfo.mTxInfo, 0, sizeof(mInfo.mTxInfo)); + ClearAllBytes(mInfo.mTxInfo); InitMacHeader(kTypeAck, kVersion2015, addrs, panIds, static_cast(securityLevel), static_cast(keyIdMode)); diff --git a/src/core/meshcop/commissioner.cpp b/src/core/meshcop/commissioner.cpp index 3009a474296..92a52c12ea5 100644 --- a/src/core/meshcop/commissioner.cpp +++ b/src/core/meshcop/commissioner.cpp @@ -72,7 +72,7 @@ Commissioner::Commissioner(Instance &aInstance) , mPanIdQuery(aInstance) , mState(kStateDisabled) { - memset(reinterpret_cast(mJoiners), 0, sizeof(mJoiners)); + ClearAllBytes(mJoiners); mCommissionerAloc.InitAsThreadOriginMeshLocal(); mCommissionerAloc.mPreferred = true; @@ -476,7 +476,7 @@ Error Commissioner::AddJoiner(const Mac::ExtAddress *aEui64, void Commissioner::Joiner::CopyToJoinerInfo(otJoinerInfo &aJoiner) const { - memset(&aJoiner, 0, sizeof(aJoiner)); + ClearAllBytes(aJoiner); switch (mType) { diff --git a/src/core/meshcop/dataset.cpp b/src/core/meshcop/dataset.cpp index b15a407201d..15c547ba948 100644 --- a/src/core/meshcop/dataset.cpp +++ b/src/core/meshcop/dataset.cpp @@ -159,7 +159,7 @@ Dataset::Dataset(void) : mUpdateTime(0) , mLength(0) { - memset(mTlvs, 0, sizeof(mTlvs)); + ClearAllBytes(mTlvs); } void Dataset::Clear(void) { mLength = 0; } diff --git a/src/core/meshcop/dataset_local.cpp b/src/core/meshcop/dataset_local.cpp index 4c971c7bbb1..edb8108715d 100644 --- a/src/core/meshcop/dataset_local.cpp +++ b/src/core/meshcop/dataset_local.cpp @@ -152,7 +152,7 @@ Error DatasetLocal::Read(otOperationalDatasetTlvs &aDataset) const Dataset dataset; Error error; - memset(&aDataset, 0, sizeof(aDataset)); + ClearAllBytes(aDataset); SuccessOrExit(error = Read(dataset)); dataset.ConvertTo(aDataset); diff --git a/src/core/meshcop/joiner.cpp b/src/core/meshcop/joiner.cpp index 50b02e9239c..fb0f3e61cbc 100644 --- a/src/core/meshcop/joiner.cpp +++ b/src/core/meshcop/joiner.cpp @@ -68,7 +68,7 @@ Joiner::Joiner(Instance &aInstance) { SetIdFromIeeeEui64(); mDiscerner.Clear(); - memset(mJoinerRouters, 0, sizeof(mJoinerRouters)); + ClearAllBytes(mJoinerRouters); } void Joiner::SetIdFromIeeeEui64(void) diff --git a/src/core/meshcop/meshcop.cpp b/src/core/meshcop/meshcop.cpp index d2d14c3218a..b30fe274cec 100644 --- a/src/core/meshcop/meshcop.cpp +++ b/src/core/meshcop/meshcop.cpp @@ -34,6 +34,7 @@ #include "meshcop.hpp" +#include "common/clearable.hpp" #include "common/crc16.hpp" #include "common/debug.hpp" #include "common/locator_getters.hpp" @@ -191,7 +192,7 @@ void SteeringData::Init(uint8_t aLength) { OT_ASSERT(aLength <= kMaxLength); mLength = aLength; - memset(m8, 0, sizeof(m8)); + ClearAllBytes(m8); } void SteeringData::SetToPermitAllJoiners(void) @@ -324,7 +325,7 @@ Error GeneratePskc(const char *aPassPhrase, (networkNameLen <= OT_NETWORK_NAME_MAX_SIZE), error = kErrorInvalidArgs); - memset(salt, 0, sizeof(salt)); + ClearAllBytes(salt); memcpy(salt, saltPrefix, sizeof(saltPrefix) - 1); saltLen += static_cast(sizeof(saltPrefix) - 1); diff --git a/src/core/meshcop/secure_transport.cpp b/src/core/meshcop/secure_transport.cpp index acb7b5d96e8..530ba5cea7f 100644 --- a/src/core/meshcop/secure_transport.cpp +++ b/src/core/meshcop/secure_transport.cpp @@ -41,6 +41,7 @@ #include #include "common/as_core_type.hpp" +#include "common/clearable.hpp" #include "common/code_utils.hpp" #include "common/debug.hpp" #include "common/encoding.hpp" @@ -105,19 +106,19 @@ SecureTransport::SecureTransport(Instance &aInstance, bool aLayerTwoSecurity, bo mOwnCertLength = 0; mPrivateKeySrc = nullptr; mPrivateKeyLength = 0; - memset(&mCaChain, 0, sizeof(mCaChain)); - memset(&mOwnCert, 0, sizeof(mOwnCert)); - memset(&mPrivateKey, 0, sizeof(mPrivateKey)); + ClearAllBytes(mCaChain); + ClearAllBytes(mOwnCert); + ClearAllBytes(mPrivateKey); #endif #endif - memset(mCipherSuites, 0, sizeof(mCipherSuites)); - memset(mPsk, 0, sizeof(mPsk)); - memset(&mSsl, 0, sizeof(mSsl)); - memset(&mConf, 0, sizeof(mConf)); + ClearAllBytes(mCipherSuites); + ClearAllBytes(mPsk); + ClearAllBytes(mSsl); + ClearAllBytes(mConf); #ifdef MBEDTLS_SSL_COOKIE_C - memset(&mCookieCtx, 0, sizeof(mCookieCtx)); + ClearAllBytes(mCookieCtx); #endif } diff --git a/src/core/net/dhcp6_client.cpp b/src/core/net/dhcp6_client.cpp index 680ea049e1c..e206ff66481 100644 --- a/src/core/net/dhcp6_client.cpp +++ b/src/core/net/dhcp6_client.cpp @@ -57,7 +57,7 @@ Client::Client(Instance &aInstance) , mStartTime(0) , mIdentityAssociationCurrent(nullptr) { - memset(mIdentityAssociations, 0, sizeof(mIdentityAssociations)); + ClearAllBytes(mIdentityAssociations); } bool Client::MatchNetifAddressWithPrefix(const Ip6::Netif::UnicastAddress &aNetifAddress, const Ip6::Prefix &aIp6Prefix) diff --git a/src/core/net/dhcp6_server.cpp b/src/core/net/dhcp6_server.cpp index c268e1c6f53..7fd072cf4d5 100644 --- a/src/core/net/dhcp6_server.cpp +++ b/src/core/net/dhcp6_server.cpp @@ -56,7 +56,7 @@ Server::Server(Instance &aInstance) , mPrefixAgentsCount(0) , mPrefixAgentsMask(0) { - memset(mPrefixAgents, 0, sizeof(mPrefixAgents)); + ClearAllBytes(mPrefixAgents); } Error Server::UpdateService(void) diff --git a/src/core/net/dns_client.cpp b/src/core/net/dns_client.cpp index 366a657a40a..95a87b7bfcb 100644 --- a/src/core/net/dns_client.cpp +++ b/src/core/net/dns_client.cpp @@ -799,7 +799,7 @@ Error Client::InitTcpSocket(void) Error error; otTcpEndpointInitializeArgs endpointArgs; - memset(&endpointArgs, 0x00, sizeof(endpointArgs)); + ClearAllBytes(endpointArgs); endpointArgs.mSendDoneCallback = HandleTcpSendDoneCallback; endpointArgs.mEstablishedCallback = HandleTcpEstablishedCallback; endpointArgs.mReceiveAvailableCallback = HandleTcpReceiveAvailableCallback; @@ -1634,7 +1634,7 @@ void Client::ResolveHostAddressIfNeeded(Query &aQuery, const Message &aResponseM PopulateResponse(response, aQuery, aResponseMessage); - memset(&serviceInfo, 0, sizeof(serviceInfo)); + ClearAllBytes(serviceInfo); serviceInfo.mHostNameBuffer = hostName; serviceInfo.mHostNameBufferSize = sizeof(hostName); SuccessOrExit(response.ReadServiceInfo(Response::kAnswerSection, Name(aQuery, kNameOffsetInQuery), serviceInfo)); diff --git a/src/core/net/ip6.hpp b/src/core/net/ip6.hpp index 1c700b590b5..53330b359e5 100644 --- a/src/core/net/ip6.hpp +++ b/src/core/net/ip6.hpp @@ -350,7 +350,7 @@ class Ip6 : public InstanceLocator, private NonCopyable * Resets the Border Routing counters. * */ - void ResetBorderRoutingCounters(void) { memset(&mBorderRoutingCounters, 0, sizeof(mBorderRoutingCounters)); } + void ResetBorderRoutingCounters(void) { ClearAllBytes(mBorderRoutingCounters); } #endif private: diff --git a/src/core/net/ip6_mpl.cpp b/src/core/net/ip6_mpl.cpp index 78922ef6f25..61be9ea1120 100644 --- a/src/core/net/ip6_mpl.cpp +++ b/src/core/net/ip6_mpl.cpp @@ -52,7 +52,7 @@ Mpl::Mpl(Instance &aInstance) , mRetransmissionTimer(aInstance) #endif { - memset(mSeedSet, 0, sizeof(mSeedSet)); + ClearAllBytes(mSeedSet); } void MplOption::Init(SeedIdLength aSeedIdLength) diff --git a/src/core/net/tcp6.cpp b/src/core/net/tcp6.cpp index d9712a3c642..470e92ac5ba 100644 --- a/src/core/net/tcp6.cpp +++ b/src/core/net/tcp6.cpp @@ -81,7 +81,7 @@ Error Tcp::Endpoint::Initialize(Instance &aInstance, const otTcpEndpointInitiali Error error; struct tcpcb &tp = GetTcb(); - memset(&tp, 0x00, sizeof(tp)); + ClearAllBytes(tp); SuccessOrExit(error = aInstance.Get().mEndpoints.Add(*this)); @@ -92,8 +92,8 @@ Error Tcp::Endpoint::Initialize(Instance &aInstance, const otTcpEndpointInitiali mReceiveAvailableCallback = aArgs.mReceiveAvailableCallback; mDisconnectedCallback = aArgs.mDisconnectedCallback; - memset(mTimers, 0x00, sizeof(mTimers)); - memset(&mSockAddr, 0x00, sizeof(mSockAddr)); + ClearAllBytes(mTimers); + ClearAllBytes(mSockAddr); mPendingCallbacks = 0; /* @@ -549,7 +549,7 @@ Error Tcp::Listener::Initialize(Instance &aInstance, const otTcpListenerInitiali mAcceptReadyCallback = aArgs.mAcceptReadyCallback; mAcceptDoneCallback = aArgs.mAcceptDoneCallback; - memset(tpl, 0x00, sizeof(struct tcpcb_listen)); + ClearAllBytes(*tpl); tpl->instance = &aInstance; exit: @@ -579,7 +579,7 @@ Error Tcp::Listener::StopListening(void) { struct tcpcb_listen *tpl = &GetTcbListen(); - memset(&tpl->laddr, 0x00, sizeof(tpl->laddr)); + ClearAllBytes(tpl->laddr); tpl->lport = 0; tpl->t_state = TCP6S_CLOSED; return kErrorNone; @@ -670,7 +670,7 @@ Error Tcp::HandleMessage(ot::Ip6::Header &aIp6Header, Message &aMessage, Message otLinkedBuffer *priorHead = lbuf_head(&tp->sendbuf); size_t priorBacklog = endpoint->GetSendBufferBytes() - endpoint->GetInFlightBytes(); - memset(&sig, 0x00, sizeof(sig)); + ClearAllBytes(sig); nextAction = tcp_input(ip6Header, tcpHeader, &aMessage, tp, nullptr, &sig); if (nextAction != RELOOKUP_REQUIRED) { @@ -685,7 +685,7 @@ Error Tcp::HandleMessage(ot::Ip6::Header &aIp6Header, Message &aMessage, Message { struct tcpcb_listen *tpl = &listener->GetTcbListen(); - memset(&sig, 0x00, sizeof(sig)); + ClearAllBytes(sig); nextAction = tcp_input(ip6Header, tcpHeader, &aMessage, nullptr, tpl, &sig); OT_ASSERT(nextAction != RELOOKUP_REQUIRED); if (sig.accepted_connection != nullptr) diff --git a/src/core/radio/trel_link.cpp b/src/core/radio/trel_link.cpp index b97676549c8..0b479874a87 100644 --- a/src/core/radio/trel_link.cpp +++ b/src/core/radio/trel_link.cpp @@ -55,9 +55,9 @@ Link::Link(Instance &aInstance) , mTimer(aInstance) , mInterface(aInstance) { - memset(&mTxFrame, 0, sizeof(mTxFrame)); - memset(&mRxFrame, 0, sizeof(mRxFrame)); - memset(mAckFrameBuffer, 0, sizeof(mAckFrameBuffer)); + ClearAllBytes(mTxFrame); + ClearAllBytes(mRxFrame); + ClearAllBytes(mAckFrameBuffer); mTxFrame.mPsdu = &mTxPacketBuffer[kMaxHeaderSize]; mTxFrame.SetLength(0); diff --git a/src/core/thread/child.cpp b/src/core/thread/child.cpp index 008173b6d9b..92a0b0566d5 100644 --- a/src/core/thread/child.cpp +++ b/src/core/thread/child.cpp @@ -112,14 +112,14 @@ void Child::Clear(void) { Instance &instance = GetInstance(); - memset(reinterpret_cast(this), 0, sizeof(Child)); + ClearAllBytes(*this); Init(instance); } void Child::ClearIp6Addresses(void) { mMeshLocalIid.Clear(); - memset(mIp6Address, 0, sizeof(mIp6Address)); + ClearAllBytes(mIp6Address); #if OPENTHREAD_FTD && OPENTHREAD_CONFIG_TMF_PROXY_MLR_ENABLE mMlrToRegisterMask.Clear(); mMlrRegisteredMask.Clear(); diff --git a/src/core/thread/discover_scanner.cpp b/src/core/thread/discover_scanner.cpp index e3c337cd30c..3a59651d81a 100644 --- a/src/core/thread/discover_scanner.cpp +++ b/src/core/thread/discover_scanner.cpp @@ -325,7 +325,7 @@ void DiscoverScanner::HandleDiscoveryResponse(Mle::RxInfo &aRxInfo) const // Find MLE Discovery TLV SuccessOrExit(error = Tlv::FindTlvValueStartEndOffsets(aRxInfo.mMessage, Tlv::kDiscovery, offset, end)); - memset(&result, 0, sizeof(result)); + ClearAllBytes(result); result.mDiscover = true; result.mPanId = linkInfo->mPanId; result.mChannel = linkInfo->mChannel; diff --git a/src/core/thread/mesh_forwarder.hpp b/src/core/thread/mesh_forwarder.hpp index a640004f9ab..8c3a7907cea 100644 --- a/src/core/thread/mesh_forwarder.hpp +++ b/src/core/thread/mesh_forwarder.hpp @@ -306,7 +306,7 @@ class MeshForwarder : public InstanceLocator, private NonCopyable * Resets the IP level counters. * */ - void ResetCounters(void) { memset(&mIpCounters, 0, sizeof(mIpCounters)); } + void ResetCounters(void) { ClearAllBytes(mIpCounters); } #if OPENTHREAD_CONFIG_TX_QUEUE_STATISTICS_ENABLE /** diff --git a/src/core/thread/mle.cpp b/src/core/thread/mle.cpp index 8910c35d598..ef5fe7efb1a 100644 --- a/src/core/thread/mle.cpp +++ b/src/core/thread/mle.cpp @@ -265,7 +265,7 @@ void Mle::Stop(StopMode aMode) void Mle::ResetCounters(void) { - memset(&mCounters, 0, sizeof(mCounters)); + ClearAllBytes(mCounters); #if OPENTHREAD_CONFIG_UPTIME_ENABLE mLastUpdatedTimestamp = Get().GetUptime(); #endif @@ -5097,7 +5097,7 @@ void Mle::ParentCandidate::Clear(void) { Instance &instance = GetInstance(); - memset(reinterpret_cast(this), 0, sizeof(ParentCandidate)); + ClearAllBytes(*this); Init(instance); } diff --git a/src/core/thread/mle_tlvs.cpp b/src/core/thread/mle_tlvs.cpp index f2098f175bf..8c0ac134b3e 100644 --- a/src/core/thread/mle_tlvs.cpp +++ b/src/core/thread/mle_tlvs.cpp @@ -33,6 +33,7 @@ #include "mle_tlvs.hpp" +#include "common/clearable.hpp" #include "common/code_utils.hpp" #include "common/numeric_limits.hpp" #include "radio/radio.hpp" @@ -47,7 +48,7 @@ void RouteTlv::Init(void) SetType(kRoute); SetLength(sizeof(*this) - sizeof(Tlv)); mRouterIdMask.Clear(); - memset(mRouteData, 0, sizeof(mRouteData)); + ClearAllBytes(mRouteData); } bool RouteTlv::IsValid(void) const diff --git a/src/core/thread/mle_types.hpp b/src/core/thread/mle_types.hpp index ffc6a428722..fd08cdccddd 100644 --- a/src/core/thread/mle_types.hpp +++ b/src/core/thread/mle_types.hpp @@ -434,15 +434,9 @@ class LeaderData : public otLeaderData, public Clearable }; OT_TOOL_PACKED_BEGIN -class RouterIdSet : public Equatable +class RouterIdSet : public Equatable, public Clearable { public: - /** - * Clears the Router Id Set. - * - */ - void Clear(void) { memset(mRouterIdSet, 0, sizeof(mRouterIdSet)); } - /** * Indicates whether or not a Router ID bit is set. * diff --git a/src/core/thread/network_diagnostic.cpp b/src/core/thread/network_diagnostic.cpp index 724b6a9cb5f..43c1ea736d8 100644 --- a/src/core/thread/network_diagnostic.cpp +++ b/src/core/thread/network_diagnostic.cpp @@ -212,7 +212,7 @@ Error Server::AppendMacCounters(Message &aMessage) MacCountersTlv tlv; const otMacCounters &counters = Get().GetCounters(); - memset(&tlv, 0, sizeof(tlv)); + ClearAllBytes(tlv); tlv.Init(); tlv.SetIfInUnknownProtos(counters.mRxOther); diff --git a/src/core/thread/radio_selector.cpp b/src/core/thread/radio_selector.cpp index ea7ea74de3e..4268bb09250 100644 --- a/src/core/thread/radio_selector.cpp +++ b/src/core/thread/radio_selector.cpp @@ -63,7 +63,7 @@ RadioSelector::RadioSelector(Instance &aInstance) void RadioSelector::NeighborInfo::PopulateMultiRadioInfo(MultiRadioInfo &aInfo) { - memset(&aInfo, 0, sizeof(MultiRadioInfo)); + ClearAllBytes(aInfo); #if OPENTHREAD_CONFIG_RADIO_LINK_IEEE_802_15_4_ENABLE if (GetSupportedRadioTypes().Contains(Mac::kRadioTypeIeee802154)) diff --git a/src/core/thread/router.cpp b/src/core/thread/router.cpp index d16d635e540..e130b69ab3e 100644 --- a/src/core/thread/router.cpp +++ b/src/core/thread/router.cpp @@ -71,7 +71,7 @@ void Router::Clear(void) { Instance &instance = GetInstance(); - memset(reinterpret_cast(this), 0, sizeof(Router)); + ClearAllBytes(*this); Init(instance); } @@ -92,7 +92,7 @@ void Parent::Clear(void) { Instance &instance = GetInstance(); - memset(reinterpret_cast(this), 0, sizeof(Parent)); + ClearAllBytes(*this); Init(instance); } diff --git a/src/core/thread/router_table.hpp b/src/core/thread/router_table.hpp index bf11573a2e8..8f2b8f207bd 100644 --- a/src/core/thread/router_table.hpp +++ b/src/core/thread/router_table.hpp @@ -465,7 +465,7 @@ class RouterTable : public InstanceLocator, private NonCopyable void HandleTableChanged(void); void LogRouteTable(void) const; - class RouterIdMap + class RouterIdMap : public Clearable { public: // The `RouterIdMap` tracks which Router IDs are allocated. @@ -474,7 +474,6 @@ class RouterTable : public InstanceLocator, private NonCopyable // remaining reuse delay time (in seconds). RouterIdMap(void) { Clear(); } - void Clear(void) { memset(mIndexes, 0, sizeof(mIndexes)); } bool IsAllocated(uint8_t aRouterId) const { return (mIndexes[aRouterId] & kAllocatedFlag); } uint8_t GetIndex(uint8_t aRouterId) const { return (mIndexes[aRouterId] & kIndexMask); } void SetIndex(uint8_t aRouterId, uint8_t aIndex) { mIndexes[aRouterId] = kAllocatedFlag | aIndex; } diff --git a/src/core/utils/channel_monitor.cpp b/src/core/utils/channel_monitor.cpp index b707a79b636..f10dd93c29a 100644 --- a/src/core/utils/channel_monitor.cpp +++ b/src/core/utils/channel_monitor.cpp @@ -66,7 +66,7 @@ ChannelMonitor::ChannelMonitor(Instance &aInstance) , mSampleCount(0) , mTimer(aInstance) { - memset(mChannelOccupancy, 0, sizeof(mChannelOccupancy)); + ClearAllBytes(mChannelOccupancy); } Error ChannelMonitor::Start(void) @@ -98,7 +98,7 @@ void ChannelMonitor::Clear(void) { mChannelMaskIndex = 0; mSampleCount = 0; - memset(mChannelOccupancy, 0, sizeof(mChannelOccupancy)); + ClearAllBytes(mChannelOccupancy); LogDebg("Clearing data"); } diff --git a/src/core/utils/history_tracker.cpp b/src/core/utils/history_tracker.cpp index 74d8cfb8553..1b2a4fd2772 100644 --- a/src/core/utils/history_tracker.cpp +++ b/src/core/utils/history_tracker.cpp @@ -61,7 +61,7 @@ HistoryTracker::HistoryTracker(Instance &aInstance) mTimer.Start(kAgeCheckPeriod); #if OPENTHREAD_FTD && (OPENTHREAD_CONFIG_HISTORY_TRACKER_ROUTER_LIST_SIZE > 0) - memset(mRouterEntries, 0, sizeof(mRouterEntries)); + ClearAllBytes(mRouterEntries); #endif } diff --git a/src/core/utils/slaac_address.cpp b/src/core/utils/slaac_address.cpp index 7420bdf1a62..f7870ee9cb7 100644 --- a/src/core/utils/slaac_address.cpp +++ b/src/core/utils/slaac_address.cpp @@ -56,7 +56,7 @@ Slaac::Slaac(Instance &aInstance) , mEnabled(true) , mFilter(nullptr) { - memset(mAddresses, 0, sizeof(mAddresses)); + ClearAllBytes(mAddresses); } void Slaac::Enable(void) From 21cd366b50e030a23eafb65cfedceb28fb4d2595 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 1 Feb 2024 19:04:54 -0800 Subject: [PATCH 092/121] [routing-manager] fix `IsDeprecated()` to handle large preferred lifetime (#9822) This commit fixes `DiscoveredPrefixTable::Entry::IsDeprecated()` to properly handle larger preferred lifetime values. It uses the method `CalculateExpireDelay()` to handle time delay calculation, avoiding overflow. The `test_routing_manager` test has also been updated to check for larger preferred/valid lifetime values. --- src/core/border_router/routing_manager.cpp | 2 +- tests/unit/test_routing_manager.cpp | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/core/border_router/routing_manager.cpp b/src/core/border_router/routing_manager.cpp index 4173626e4e6..81f2d9abbbf 100644 --- a/src/core/border_router/routing_manager.cpp +++ b/src/core/border_router/routing_manager.cpp @@ -1838,7 +1838,7 @@ bool RoutingManager::DiscoveredPrefixTable::Entry::IsDeprecated(void) const { OT_ASSERT(IsOnLinkPrefix()); - return mLastUpdateTime + TimeMilli::SecToMsec(GetPreferredLifetime()) <= TimerMilli::GetNow(); + return mLastUpdateTime + CalculateExpireDelay(GetPreferredLifetime()) <= TimerMilli::GetNow(); } RoutingManager::RoutePreference RoutingManager::DiscoveredPrefixTable::Entry::GetPreference(void) const diff --git a/tests/unit/test_routing_manager.cpp b/tests/unit/test_routing_manager.cpp index 6fc0a37d5dc..df7c2b22536 100644 --- a/tests/unit/test_routing_manager.cpp +++ b/tests/unit/test_routing_manager.cpp @@ -38,6 +38,7 @@ #include "border_router/routing_manager.hpp" #include "common/arg_macros.hpp" #include "common/array.hpp" +#include "common/numeric_limits.hpp" #include "common/time.hpp" #include "instance/instance.hpp" #include "net/icmp6.hpp" @@ -57,6 +58,7 @@ static const char kInfraIfAddress[] = "fe80::1"; static constexpr uint32_t kValidLitime = 2000; static constexpr uint32_t kPreferredLifetime = 1800; +static constexpr uint32_t kInfiniteLifetime = NumericLimits::kMax; static constexpr uint32_t kRioValidLifetime = 1800; static constexpr uint32_t kRioDeprecatingLifetime = 300; @@ -1876,7 +1878,7 @@ void TestLocalOnLinkPrefixDeprecation(void) // Send an RA from router A with a new on-link (PIO) which is preferred over // the local on-link prefix. - SendRouterAdvert(routerAddressA, {Pio(onLinkPrefix, kValidLitime, kPreferredLifetime)}); + SendRouterAdvert(routerAddressA, {Pio(onLinkPrefix, kInfiniteLifetime, kInfiniteLifetime)}); //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Check that the local on-link prefix is now deprecating in the new RA. From b6e6b726ed1d90bc594f563b6e25498b7727c309 Mon Sep 17 00:00:00 2001 From: Yakun Xu Date: Sat, 3 Feb 2024 01:01:46 +0800 Subject: [PATCH 093/121] [ci] fix artifact name conflict (#9827) --- .github/workflows/posix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 51ffcffebdb..395267d109a 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -215,7 +215,7 @@ jobs: ./script/test generate_coverage gcc - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: - name: cov-pty-linux-${{ matrix.DAEMON }} + name: cov-pty-linux-${{ matrix.OT_DAEMON }} path: tmp/coverage.info retention-days: 1 From 890da2c1b8e61a980490eb40ebb8b258d7f736dd Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Fri, 2 Feb 2024 09:03:51 -0800 Subject: [PATCH 094/121] [trel] fix typo in `OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE` (#9823) --- src/core/radio/trel_interface.hpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/radio/trel_interface.hpp b/src/core/radio/trel_interface.hpp index c5750bcf815..70b4eb0b51c 100644 --- a/src/core/radio/trel_interface.hpp +++ b/src/core/radio/trel_interface.hpp @@ -257,8 +257,8 @@ class Interface : public InstanceLocator void ResetCounters(void); private: -#if OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE != 0 - static constexpr uint16_t kPeerTableSize = OPENTHREAD_COFNIG_TREL_PEER_TABLE_SIZE; +#if OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE != 0 + static constexpr uint16_t kPeerTableSize = OPENTHREAD_CONFIG_TREL_PEER_TABLE_SIZE; #else static constexpr uint16_t kPeerTableExtraEntries = 32; static constexpr uint16_t kPeerTableSize = Mle::kMaxRouters + Mle::kMaxChildren + kPeerTableExtraEntries; From b5b9a62db757109c1b2d1462990ffc38ea1f4449 Mon Sep 17 00:00:00 2001 From: Yakun Xu Date: Sat, 3 Feb 2024 03:43:31 +0800 Subject: [PATCH 095/121] [ncp] set message origin to host untrusted (#9825) The IPv6 packets received from host is from a different network stack, which is untrusted. --- src/ncp/ncp_base_mtd.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ncp/ncp_base_mtd.cpp b/src/ncp/ncp_base_mtd.cpp index fc233a657cd..badc6a5e408 100644 --- a/src/ncp/ncp_base_mtd.cpp +++ b/src/ncp/ncp_base_mtd.cpp @@ -2269,6 +2269,7 @@ template <> otError NcpBase::HandlePropertySet(void) // STREAM_NET requires layer 2 security. message = otIp6NewMessageFromBuffer(mInstance, framePtr, frameLen, nullptr); VerifyOrExit(message != nullptr, error = OT_ERROR_NO_BUFS); + otMessageSetOrigin(message, OT_MESSAGE_ORIGIN_HOST_UNTRUSTED); error = otIp6Send(mInstance, message); @@ -3303,6 +3304,7 @@ template <> otError NcpBase::HandlePropertySet( // STREAM_NET_INSECURE packets are not secured at layer 2. message = otIp6NewMessageFromBuffer(mInstance, framePtr, frameLen, &msgSettings); VerifyOrExit(message != nullptr, error = OT_ERROR_NO_BUFS); + otMessageSetOrigin(message, OT_MESSAGE_ORIGIN_HOST_UNTRUSTED); // Ensure the insecure message is forwarded using direct transmission. otMessageSetDirectTransmission(message, true); From 74c833b6236ac1dab3673fb8ebd705eca662d2b4 Mon Sep 17 00:00:00 2001 From: Yakun Xu Date: Sat, 3 Feb 2024 04:37:46 +0800 Subject: [PATCH 096/121] [ip6] always deliver multicast to host (#9824) This commit always delivers multicast traffic to host. Without this change, host will not be able to receive link-local and mesh-local multicast traffic, even the host subscribes to some multicast addresses in these scopes. Note that this does not change the host forwarding rules, as link-local and mesh-local traffic are not supposed to be forwarded to adjacent links. --- src/core/net/ip6.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp index 4f3b077e08e..2334aa712a7 100644 --- a/src/core/net/ip6.cpp +++ b/src/core/net/ip6.cpp @@ -1121,7 +1121,8 @@ Error Ip6::HandleDatagram(OwnedPtr aMessagePtr, const void *aLinkMessag } #endif - forwardHost = header.GetDestination().IsMulticastLargerThanRealmLocal(); + // Always forward multicast packets to host network stack + forwardHost = true; if ((aMessagePtr->IsOriginThreadNetif() || aMessagePtr->GetMulticastLoop()) && Get().IsMulticastSubscribed(header.GetDestination())) From cf357d70be94e6f3f21d07b3c16e29bb7ec5cc7e Mon Sep 17 00:00:00 2001 From: Yakun Xu Date: Sat, 3 Feb 2024 04:38:15 +0800 Subject: [PATCH 097/121] [posix] do not enable loop back to host (#9826) There's no clear use case for looping back packets to host. And it would probably result in host processing duplicate messages. This commit disables looping packets back to host. --- src/posix/platform/netif.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index ac1da79cd08..4db22bf6af3 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -1164,7 +1164,6 @@ static void processTransmit(otInstance *aInstance) message = otIp6NewMessage(aInstance, &settings); #endif VerifyOrExit(message != nullptr, error = OT_ERROR_NO_BUFS); - otMessageSetLoopbackToHostAllowed(message, true); otMessageSetOrigin(message, OT_MESSAGE_ORIGIN_HOST_UNTRUSTED); } From 0c0cedc48136927a49e0ace11faf0b14bdd3ebff Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 5 Feb 2024 10:23:57 -0800 Subject: [PATCH 098/121] [ip6] `SelectSourceAddress()` rule 1 on preferring same address (#9830) This commit moves the check for rule 1 on preferring same address as the destination before the `(bestAddr == nullptr)` check. This ensures that rule 1 will be correctly applied even when the address happens to be first one in the `GetUnicastAddresses()` list. --- src/core/net/ip6.cpp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp index 2334aa712a7..3637b900883 100644 --- a/src/core/net/ip6.cpp +++ b/src/core/net/ip6.cpp @@ -1330,18 +1330,18 @@ const Address *Ip6::SelectSourceAddress(const Address &aDestination) const overrideScope = destScope; } - if (bestAddr == nullptr) - { - // Rule 0: Prefer any address - bestAddr = &addr; - bestMatchLen = matchLen; - } - else if (addr.GetAddress() == aDestination) + if (addr.GetAddress() == aDestination) { // Rule 1: Prefer same address bestAddr = &addr; ExitNow(); } + + if (bestAddr == nullptr) + { + bestAddr = &addr; + bestMatchLen = matchLen; + } else if (addr.GetScope() < bestAddr->GetScope()) { // Rule 2: Prefer appropriate scope From df683aa5ae7df01f650867b50c32542f6cb1af48 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 10:31:53 -0800 Subject: [PATCH 099/121] github-actions: bump step-security/harden-runner from 2.6.1 to 2.7.0 (#9831) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/eb238b55efaa70779f274895e782ed17c84f2895...63c24ba6bd7ba022e95695ff85de572c04a18142) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 28 ++++++++++++++-------------- .github/workflows/codeql.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/fuzz.yml | 2 +- .github/workflows/makefile-check.yml | 2 +- .github/workflows/otci.yml | 2 +- .github/workflows/otns.yml | 6 +++--- .github/workflows/posix.yml | 12 ++++++------ .github/workflows/simulation-1.1.yml | 16 ++++++++-------- .github/workflows/simulation-1.2.yml | 12 ++++++------ .github/workflows/size.yml | 2 +- .github/workflows/toranj.yml | 8 ++++---- .github/workflows/unit.yml | 6 +++--- .github/workflows/version.yml | 2 +- 14 files changed, 51 insertions(+), 51 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9ef50e54d79..007430e320f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -71,7 +71,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -104,7 +104,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -144,7 +144,7 @@ jobs: CXX: ${{ matrix.compiler_cpp }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -163,7 +163,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -182,7 +182,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -238,7 +238,7 @@ jobs: gcc_extract_dir: arm-gnu-toolchain-13.2.Rel1-x86_64-arm-none-eabi steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -279,7 +279,7 @@ jobs: CXX: g++-${{ matrix.gcc_ver }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -312,7 +312,7 @@ jobs: CXX: clang++-${{ matrix.clang_ver }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -350,7 +350,7 @@ jobs: LDFLAGS: -m32 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -378,7 +378,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -414,7 +414,7 @@ jobs: CXX: ${{ matrix.CXX }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -438,7 +438,7 @@ jobs: image: openthread/environment steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9348dc4ddff..158892fe465 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 09f37e77298..c336a2ba94a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -55,7 +55,7 @@ jobs: - docker_name: environment steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 6d7f847cbb5..97cb4b53f33 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/makefile-check.yml b/.github/workflows/makefile-check.yml index 2f504475731..83bce98ca41 100644 --- a/.github/workflows/makefile-check.yml +++ b/.github/workflows/makefile-check.yml @@ -48,7 +48,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/otci.yml b/.github/workflows/otci.yml index ece75a0dd16..37a014914d8 100644 --- a/.github/workflows/otci.yml +++ b/.github/workflows/otci.yml @@ -57,7 +57,7 @@ jobs: REAL_DEVICE: 0 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index c6ee0a657a1..5cf5f786874 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -58,7 +58,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -160,7 +160,7 @@ jobs: STRESS_LEVEL: ${{ matrix.stress_level }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -208,7 +208,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 395267d109a..7ab0ef2c745 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -52,7 +52,7 @@ jobs: CXXFLAGS: -DCLI_COAP_SECURE_USE_COAP_DEFAULT_HANDLER=1 -DOPENTHREAD_CONFIG_MLE_MAX_CHILDREN=15 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -137,7 +137,7 @@ jobs: VIRTUAL_TIME: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -181,7 +181,7 @@ jobs: OT_READLINE: 'readline' steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -231,7 +231,7 @@ jobs: OT_READLINE: 'off' steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -261,7 +261,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -295,7 +295,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/simulation-1.1.yml b/.github/workflows/simulation-1.1.yml index ddd8ba36bac..9f64444c20b 100644 --- a/.github/workflows/simulation-1.1.yml +++ b/.github/workflows/simulation-1.1.yml @@ -55,7 +55,7 @@ jobs: MULTIPLY: 3 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -104,7 +104,7 @@ jobs: VIRTUAL_TIME: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -155,7 +155,7 @@ jobs: MESSAGE_USE_HEAP: ${{ matrix.message_use_heap }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -199,7 +199,7 @@ jobs: VIRTUAL_TIME: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -239,7 +239,7 @@ jobs: THREAD_VERSION: 1.1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -279,7 +279,7 @@ jobs: THREAD_VERSION: 1.1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -332,7 +332,7 @@ jobs: CXXFLAGS: "-DOPENTHREAD_CONFIG_LOG_PREPEND_UPTIME=0" steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -375,7 +375,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/simulation-1.2.yml b/.github/workflows/simulation-1.2.yml index 2159ed51da9..35a0f0d36c9 100644 --- a/.github/workflows/simulation-1.2.yml +++ b/.github/workflows/simulation-1.2.yml @@ -66,7 +66,7 @@ jobs: arch: ["m32", "m64"] steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -128,7 +128,7 @@ jobs: INTER_OP_BBR: 0 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -199,7 +199,7 @@ jobs: MULTIPLY: 3 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -244,7 +244,7 @@ jobs: VIRTUAL_TIME: 0 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -293,7 +293,7 @@ jobs: INTER_OP: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -354,7 +354,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/size.yml b/.github/workflows/size.yml index f0a364df35a..7b0358b64ae 100644 --- a/.github/workflows/size.yml +++ b/.github/workflows/size.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/toranj.yml b/.github/workflows/toranj.yml index 3ff41855d75..29f2d8b2147 100644 --- a/.github/workflows/toranj.yml +++ b/.github/workflows/toranj.yml @@ -59,7 +59,7 @@ jobs: TORANJ_EVENT_NAME: ${{ github.event_name }} steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -90,7 +90,7 @@ jobs: TORANJ_CLI: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -123,7 +123,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -165,7 +165,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index 3cbbe2a3da0..672aac37cb7 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -67,7 +67,7 @@ jobs: COVERAGE: 1 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -104,7 +104,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml index 41a4e8db906..5b6d3e79c95 100644 --- a/.github/workflows/version.yml +++ b/.github/workflows/version.yml @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs From 70b6c53bc17f714336de586f4a80de5f5f2a81d1 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 5 Feb 2024 11:30:34 -0800 Subject: [PATCH 100/121] [ip6] mesh-local addresses as preferred, platform control flag on host stack (#9815) This commit updates mesh-local addresses to be marked as preferred (reverting the change from #6532). This ensures that mesh-local addresses are not skipped over in `Ip6::SelectSourceAddress()`. The intention behind #6532 was to ensure that mesh-local addresses, when added to the platform host IPv6 stack (such as lwIP or the Linux kernel), are not preferred and therefore not selected by the host stack as the source address of application layer traffic unless explicitly assigned. This PR delegates this responsibility to the platform code and updates `posix/platform/netif` to change the preferred flag for mesh-local addresses when adding them on the platform IPv6 stack. To make this easier, the `otIp6AddressInfo` is updated to include `mMeshLocal` to indicate whether or not the address is mesh-local. `otNetifAddress` already provides such a variable. --- include/openthread/instance.h | 2 +- include/openthread/ip6.h | 1 + src/core/net/netif.cpp | 6 ++++-- src/core/net/netif.hpp | 4 +--- src/core/thread/mle.cpp | 2 +- src/posix/platform/netif.cpp | 11 ++++++----- 6 files changed, 14 insertions(+), 12 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index cab6333a30f..8eeb08f431a 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (393) +#define OPENTHREAD_API_VERSION (394) /** * @addtogroup api-instance diff --git a/include/openthread/ip6.h b/include/openthread/ip6.h index cb4d124918c..7f54b737617 100644 --- a/include/openthread/ip6.h +++ b/include/openthread/ip6.h @@ -479,6 +479,7 @@ typedef struct otIp6AddressInfo uint8_t mPrefixLength; ///< The prefix length of mAddress if it is a unicast address. uint8_t mScope : 4; ///< The scope of this address. bool mPreferred : 1; ///< Whether this is a preferred address. + bool mMeshLocal : 1; ///< Whether this is a mesh-local unicast/anycast address. } otIp6AddressInfo; /** diff --git a/src/core/net/netif.cpp b/src/core/net/netif.cpp index 1b739afca05..3e103312bf6 100644 --- a/src/core/net/netif.cpp +++ b/src/core/net/netif.cpp @@ -253,6 +253,7 @@ void Netif::SignalMulticastAddressChange(AddressEvent aEvent, const MulticastAdd info.mPrefixLength = kMulticastPrefixLength; info.mScope = aAddress.GetAddress().GetScope(); info.mPreferred = false; + info.mMeshLocal = false; mAddressCallback.Invoke(&info, aEvent); } @@ -427,6 +428,7 @@ void Netif::SignalUnicastAddressChange(AddressEvent aEvent, const UnicastAddress info.mPrefixLength = aAddress.mPrefixLength; info.mScope = aAddress.GetScope(); info.mPreferred = aAddress.mPreferred; + info.mMeshLocal = aAddress.mMeshLocal; mAddressCallback.Invoke(&info, aEvent); } @@ -539,12 +541,12 @@ void Netif::ApplyNewMeshLocalPrefix(void) //--------------------------------------------------------------------------------------------------------------------- // Netif::UnicastAddress -void Netif::UnicastAddress::InitAsThreadOrigin(bool aPreferred) +void Netif::UnicastAddress::InitAsThreadOrigin(void) { Clear(); mPrefixLength = NetworkPrefix::kLength; mAddressOrigin = kOriginThread; - mPreferred = aPreferred; + mPreferred = true; mValid = true; } diff --git a/src/core/net/netif.hpp b/src/core/net/netif.hpp index 663eb218ebb..a736df8e4e5 100644 --- a/src/core/net/netif.hpp +++ b/src/core/net/netif.hpp @@ -116,10 +116,8 @@ class Netif : public InstanceLocator, private NonCopyable * Clears and initializes the unicast address as a preferred, valid, thread-origin address with * 64-bit prefix length. * - * @param[in] aPreferred Whether to initialize as a preferred address. - * */ - void InitAsThreadOrigin(bool aPreferred = false); + void InitAsThreadOrigin(void); /** * Clears and initializes the unicast address as a valid (but not preferred), thread-origin, diff --git a/src/core/thread/mle.cpp b/src/core/thread/mle.cpp index ef5fe7efb1a..7eeb25dcadf 100644 --- a/src/core/thread/mle.cpp +++ b/src/core/thread/mle.cpp @@ -123,7 +123,7 @@ Mle::Mle(Instance &aInstance) mParentCandidate.Clear(); ResetCounters(); - mLinkLocal64.InitAsThreadOrigin(/* aPreferred */ true); + mLinkLocal64.InitAsThreadOrigin(); mLinkLocal64.GetAddress().SetToLinkLocalAddress(Get().GetExtAddress()); mMeshLocal64.InitAsThreadOriginMeshLocal(); diff --git a/src/posix/platform/netif.cpp b/src/posix/platform/netif.cpp index 4db22bf6af3..d3b3024976b 100644 --- a/src/posix/platform/netif.cpp +++ b/src/posix/platform/netif.cpp @@ -388,7 +388,7 @@ static void UpdateUnicastLinux(otInstance *aInstance, const otIp6AddressInfo &aA AddRtAttr(&req.nh, sizeof(req), IFA_LOCAL, aAddressInfo.mAddress, sizeof(*aAddressInfo.mAddress)); - if (!aAddressInfo.mPreferred) + if (!aAddressInfo.mPreferred || aAddressInfo.mMeshLocal) { struct ifa_cacheinfo cacheinfo; @@ -456,12 +456,13 @@ static void UpdateUnicast(otInstance *aInstance, const otIp6AddressInfo &aAddres ifr6.ifra_prefixmask.sin6_family = AF_INET6; ifr6.ifra_prefixmask.sin6_len = sizeof(ifr6.ifra_prefixmask); InitNetaskWithPrefixLength(&ifr6.ifra_prefixmask.sin6_addr, aAddressInfo.mPrefixLength); - ifr6.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; - ifr6.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; + ifr6.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; + ifr6.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; #if defined(__APPLE__) - ifr6.ifra_lifetime.ia6t_expire = ND6_INFINITE_LIFETIME; - ifr6.ifra_lifetime.ia6t_preferred = (aAddressInfo.mPreferred ? ND6_INFINITE_LIFETIME : 0); + ifr6.ifra_lifetime.ia6t_expire = ND6_INFINITE_LIFETIME; + ifr6.ifra_lifetime.ia6t_preferred = + (aAddressInfo.mPreferred && !aAddressInfo.mMeshLocal ? ND6_INFINITE_LIFETIME : 0); #endif rval = ioctl(sIpFd, aIsAdded ? SIOCAIFADDR_IN6 : SIOCDIFADDR_IN6, &ifr6); From ffe2f5257989b2e72fbb0ac96e06098312a2671f Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Tue, 6 Feb 2024 08:37:19 -0800 Subject: [PATCH 101/121] [cli] add Doxygen tags to CoAP commands (#9821) --- src/cli/cli_coap.cpp | 230 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 230 insertions(+) diff --git a/src/cli/cli_coap.cpp b/src/cli/cli_coap.cpp index f69800b8ef1..f3b966f31bd 100644 --- a/src/cli/cli_coap.cpp +++ b/src/cli/cli_coap.cpp @@ -142,6 +142,17 @@ void Coap::PrintPayload(otMessage *aMessage) } #if OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE +/** + * @cli coap cancel + * @code + * coap cancel + * Done + * @endcode + * @par + * Cancels an existing observation subscription to a remote resource on the CoAP server. + * @note This command is available only when `OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE` is set. + * @csa{coap observe} + */ template <> otError Coap::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -150,6 +161,23 @@ template <> otError Coap::Process(Arg aArgs[]) } #endif +/** + * @cli coap resource (get,set) + * @code + * coap resource test-resource + * Done + * @endcode + * @code + * coap resource + * test-resource + * Done + * @endcode + * @cparam coap resource [@ca{uri-path}] + * @par + * Gets or sets the URI path of the CoAP server resource. + * @sa otCoapAddResource + * @sa otCoapAddBlockWiseResource + */ template <> otError Coap::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -189,6 +217,20 @@ template <> otError Coap::Process(Arg aArgs[]) return error; } +/** + * @cli coap set + * @code + * coap set Testing123 + * Done + * @endcode + * @cparam coap set @ca{new-content} + * @par + * Sets the content sent by the resource on the CoAP server. + * If a CoAP client is observing the resource, a notification is sent to that client. + * @csa{coap observe} + * @sa otCoapMessageInit + * @sa otCoapNewMessage + */ template <> otError Coap::Process(Arg aArgs[]) { #if OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE @@ -250,6 +292,15 @@ template <> otError Coap::Process(Arg aArgs[]) return error; } +/** + * @cli coap start + * @code + * coap start + * Done + * @endcode + * @par api_copy + * #otCoapStart + */ template <> otError Coap::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -257,6 +308,15 @@ template <> otError Coap::Process(Arg aArgs[]) return otCoapStart(GetInstancePtr(), OT_DEFAULT_COAP_PORT); } +/** + * @cli coap stop + * @code + * coap stop + * Done + * @endcode + * @par api_copy + * #otCoapStop + */ template <> otError Coap::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -270,6 +330,53 @@ template <> otError Coap::Process(Arg aArgs[]) return otCoapStop(GetInstancePtr()); } +/** + * @cli coap parameters(get,set) + * @code + * coap parameters request + * Transmission parameters for request: + * ACK_TIMEOUT=1000 ms, ACK_RANDOM_FACTOR=255/254, MAX_RETRANSMIT=2 + * Done + * @endcode + * @code + * coap parameters request default + * Transmission parameters for request: + * default + * Done + * @endcode + * @code + * coap parameters request 1000 255 254 2 + * Transmission parameters for request: + * ACK_TIMEOUT=1000 ms, ACK_RANDOM_FACTOR=255/254, MAX_RETRANSMIT=2 + * Done + * @endcode + * @cparam coap parameters @ca{type} [@ca{default} | @ca{ack_timeout ack_random_factor_numerator ack_random_factor_denominator max_retransmit}] + * * `type`: `request` for CoAP requests, or `response` for CoAP responses. + If no more parameters are given, the command prints the current configuration. + * * `default`: Sets the transmission parameters to + the following default values: + * * `ack_timeout`: 2000 milliseconds + * * `ack_random_factor_numerator`: 3 + * * `ack_random_factor_denominator`: 2 + * * `max_retransmit`: 4 + * * `ack_timeout`: The `ACK_TIMEOUT` (0-UINT32_MAX) in milliseconds. + Refer to RFC7252. + * * `ack_random_factor_numerator`: + The `ACK_RANDOM_FACTOR` numerator, with possible values + of 0-255. Refer to RFC7252. + * * `ack_random_factor_denominator`: + * The `ACK_RANDOM_FACTOR` denominator, with possible values + * of 0-255. Refer to RFC7252. + * * `max_retransmit`: The `MAX_RETRANSMIT` (0-255). Refer to RFC7252. + * @par + * Gets current CoAP parameter values if the command is run with no optional + * parameters. + * @par + * Sets the CoAP parameters either to their default values or to the values + * you specify, depending on the syntax chosen. + */ template <> otError Coap::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -328,15 +435,138 @@ template <> otError Coap::Process(Arg aArgs[]) return error; } +/** + * @cli coap get + * @code + * coap get fdde:ad00:beef:0:2780:9423:166c:1aac test-resource + * Done + * @endcode + * @code + * coap get fdde:ad00:beef:0:2780:9423:166c:1aac test-resource block-1024 + * Done + * @endcode + * @cparam coap get @ca{address} @ca{uri-path} [@ca{type}] + * * `address`: IPv6 address of the CoAP server. + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * if the response should be transferred block-wise. Valid + * values are: `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * @par + * Gets information about the specified CoAP resource on the CoAP server. + */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_GET); } +/** + * @cli coap post + * @code + * coap post fdde:ad00:beef:0:2780:9423:166c:1aac test-resource con hellothere + * Done + * @endcode + * @code + * coap post fdde:ad00:beef:0:2780:9423:166c:1aac test-resource block-1024 10 + * Done + * @endcode + * @cparam coap post @ca{address} @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `address`: IPv6 address of the CoAP server. + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * to send blocks with a randomly generated number of bytes + * for the payload. Valid values are: + * `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * * `payload`: CoAP payload request, which if used is either a string or an + * integer, depending on the `type`. If the `type` is `con` or `non-con`, + * the `payload` parameter is optional. If you leave out the + * `payload` parameter, an empty payload is sent. However, If you use the + * `payload` parameter, its value must be a string, such as + * `hellothere`. If the `type` is `block-`, + * the value of the`payload` parameter must be an integer that specifies + * the number of blocks to send. The `block-` type requires + * `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. + * @par + * Creates the specified CoAP resource. + */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_POST); } +/** + * @cli coap put + * @code + * coap put fdde:ad00:beef:0:2780:9423:166c:1aac test-resource con hellothere + * Done + * @endcode + * @code + * coap put fdde:ad00:beef:0:2780:9423:166c:1aac test-resource block-1024 10 + * Done + * @endcode + * @cparam coap put @ca{address} @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `address`: IPv6 address of the CoAP server. + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * to send blocks with a randomly generated number of bytes + * for the payload. Valid values are: + * `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * * `payload`: CoAP payload request, which if used is either a string or an + * integer, depending on the `type`. If the `type` is `con` or `non-con`, + * the `payload` parameter is optional. If you leave out the + * `payload` parameter, an empty payload is sent. However, If you use the + * `payload` parameter, its value must be a string, such as + * `hellothere`. If the `type` is `block-`, + * the value of the`payload` parameter must be an integer that specifies + * the number of blocks to send. The `block-` type requires + * `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. + * @par + * Modifies the specified CoAP resource. + */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_PUT); } +/** + * @cli coap delete + * @code + * coap delete fdde:ad00:beef:0:2780:9423:166c:1aac test-resource con hellothere + * Done + * @endcode + * @cparam coap delete @ca{address} @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `address`: IPv6 address of the CoAP server. + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `payload`: The CoAP payload string. For example, `hellothere`. + * @par + * Deletes the specified CoAP resource. + */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_DELETE); } #if OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE +/** + * @cli coap observe + * @code + * coap observe fdde:ad00:beef:0:2780:9423:166c:1aac test-resource + * Done + * @endcode + * @cparam coap observe @ca{address} @ca{uri-path} [@ca{type}] + * * `address`: IPv6 address of the CoAP server. + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default). + * @par + * Triggers a subscription request which allows the CoAP client to + * observe the specified resource on the CoAP server for possible changes + * in its state. + * @note This command is available only when `OPENTHREAD_CONFIG_COAP_OBSERVE_API_ENABLE` is set. + */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_GET, /* aCoapObserve */ true); From aa8dfe10bd0489a64c8d5c9f6d98c4f9d6ba4dce Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 7 Feb 2024 10:38:57 -0800 Subject: [PATCH 102/121] [ip6] simplify `Ip6::SelectSourceAddress()` (#9832) This commit simplifies `Ip6::SelectSourceAddress()` by adding a new boolean `newAddrIsPreferred` tracking whether the new address is preferred over the previously chosen one as we iterate over all addresses. --- src/core/net/ip6.cpp | 58 +++++++++++++------------------------------- 1 file changed, 17 insertions(+), 41 deletions(-) diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp index 3637b900883..3a6472a3fb1 100644 --- a/src/core/net/ip6.cpp +++ b/src/core/net/ip6.cpp @@ -1309,6 +1309,7 @@ const Address *Ip6::SelectSourceAddress(const Address &aDestination) const for (const Netif::UnicastAddress &addr : Get().GetUnicastAddresses()) { + bool newAddrIsPreferred = false; uint8_t matchLen; uint8_t overrideScope; @@ -1339,71 +1340,46 @@ const Address *Ip6::SelectSourceAddress(const Address &aDestination) const if (bestAddr == nullptr) { - bestAddr = &addr; - bestMatchLen = matchLen; + newAddrIsPreferred = true; } else if (addr.GetScope() < bestAddr->GetScope()) { // Rule 2: Prefer appropriate scope - if (addr.GetScope() >= overrideScope) - { - bestAddr = &addr; - bestMatchLen = matchLen; - } - else - { - continue; - } + newAddrIsPreferred = (addr.GetScope() >= overrideScope); } else if (addr.GetScope() > bestAddr->GetScope()) { - if (bestAddr->GetScope() < overrideScope) - { - bestAddr = &addr; - bestMatchLen = matchLen; - } - else - { - continue; - } + newAddrIsPreferred = (bestAddr->GetScope() < overrideScope); } else if (addr.mPreferred != bestAddr->mPreferred) { // Rule 3: Avoid deprecated addresses - - if (addr.mPreferred) - { - bestAddr = &addr; - bestMatchLen = matchLen; - } - else - { - continue; - } + newAddrIsPreferred = addr.mPreferred; } else if (matchLen > bestMatchLen) { // Rule 6: Prefer matching label // Rule 7: Prefer public address // Rule 8: Use longest prefix matching - bestAddr = &addr; - bestMatchLen = matchLen; + + newAddrIsPreferred = true; } else if ((matchLen == bestMatchLen) && (destIsRloc == Get().IsRoutingLocator(addr.GetAddress()))) { // Additional rule: Prefer RLOC source for RLOC destination, EID source for anything else - bestAddr = &addr; - bestMatchLen = matchLen; - } - else - { - continue; + newAddrIsPreferred = true; } - // infer destination scope based on prefix match - if (bestMatchLen >= bestAddr->mPrefixLength) + if (newAddrIsPreferred) { - destScope = bestAddr->GetScope(); + bestAddr = &addr; + bestMatchLen = matchLen; + + // Infer destination scope based on prefix match + if (bestMatchLen >= bestAddr->mPrefixLength) + { + destScope = bestAddr->GetScope(); + } } } From 869c2ded9c1e360ed47b852e2e4584336daf56e9 Mon Sep 17 00:00:00 2001 From: Jonathan Hui Date: Wed, 7 Feb 2024 13:09:43 -0800 Subject: [PATCH 103/121] [mbedtls] update to 2.28.7 (#9835) --- third_party/mbedtls/README.md | 4 +- third_party/mbedtls/repo/.gitattributes | 2 + .../mbedtls/repo/.github/issue_template.md | 2 +- .../repo/.github/pull_request_template.md | 33 +- third_party/mbedtls/repo/.gitignore | 13 + third_party/mbedtls/repo/.pylintrc | 4 + third_party/mbedtls/repo/.readthedocs.yaml | 26 + third_party/mbedtls/repo/.travis.yml | 54 +- third_party/mbedtls/repo/.uncrustify.cfg | 240 + .../mbedtls/repo/3rdparty/everest/.gitignore | 1 - .../mbedtls/repo/3rdparty/everest/README.md | 2 +- .../everest/include/everest/everest.h | 4 +- .../everest/include/everest/vs2010/inttypes.h | 2 +- .../everest/include/everest/vs2010/stdbool.h | 2 +- .../3rdparty/everest/include/everest/x25519.h | 2 +- .../everest/library/Hacl_Curve25519_joined.c | 2 +- .../repo/3rdparty/everest/library/everest.c | 5 - .../repo/3rdparty/everest/library/x25519.c | 2 +- third_party/mbedtls/repo/BRANCHES.md | 43 +- third_party/mbedtls/repo/BUGS.md | 6 +- third_party/mbedtls/repo/CMakeLists.txt | 121 +- third_party/mbedtls/repo/CONTRIBUTING.md | 63 +- third_party/mbedtls/repo/ChangeLog | 363 +- .../mbedtls/repo/ChangeLog.d/00README.md | 3 + .../mbedtls/repo/DartConfiguration.tcl | 2 +- third_party/mbedtls/repo/LICENSE | 351 + third_party/mbedtls/repo/Makefile | 26 +- third_party/mbedtls/repo/README.md | 34 +- third_party/mbedtls/repo/SECURITY.md | 121 +- third_party/mbedtls/repo/SUPPORT.md | 9 +- third_party/mbedtls/repo/configs/README.txt | 2 +- .../repo/configs/config-ccm-psk-dtls1_2.h | 98 + .../repo/configs/config-ccm-psk-tls1_2.h | 72 +- .../mbedtls/repo/configs/config-mini-tls1_1.h | 32 +- .../mbedtls/repo/configs/config-no-entropy.h | 20 +- .../mbedtls/repo/configs/config-suite-b.h | 35 +- .../repo/configs/config-symmetric-only.h | 18 +- .../mbedtls/repo/configs/config-thread.h | 23 +- third_party/mbedtls/repo/docs/.gitignore | 2 + third_party/mbedtls/repo/docs/Makefile | 40 + .../mbed-crypto-storage-specification.md | 161 +- .../psa-crypto-implementation-structure.md | 2 +- .../testing/driver-interface-test-strategy.md | 12 +- .../testing/psa-storage-format-testing.md | 6 +- .../architecture/testing/test-framework.md | 14 +- third_party/mbedtls/repo/docs/conf.py | 34 + .../mbedtls/repo/docs/getting_started.md | 894 - third_party/mbedtls/repo/docs/index.rst | 20 + .../docs/proposed/psa-driver-interface.md | 2 +- third_party/mbedtls/repo/docs/requirements.in | 2 + .../mbedtls/repo/docs/requirements.txt | 66 + .../mbedtls/repo/doxygen/input/doc_encdec.h | 16 +- .../mbedtls/repo/doxygen/input/doc_hashing.h | 14 +- .../mbedtls/repo/doxygen/input/doc_mainpage.h | 85 +- .../mbedtls/repo/doxygen/input/doc_rng.h | 14 +- .../mbedtls/repo/doxygen/input/doc_ssltls.h | 14 +- .../mbedtls/repo/doxygen/input/doc_tcpip.h | 14 +- .../mbedtls/repo/doxygen/input/doc_x509.h | 14 +- .../mbedtls/repo/doxygen/mbedtls.doxyfile | 1912 +- .../mbedtls/repo/include/CMakeLists.txt | 2 +- .../mbedtls/repo/include/mbedtls/aes.h | 162 +- .../mbedtls/repo/include/mbedtls/aesni.h | 97 +- .../mbedtls/repo/include/mbedtls/arc4.h | 31 +- .../mbedtls/repo/include/mbedtls/aria.h | 91 +- .../mbedtls/repo/include/mbedtls/asn1.h | 150 +- .../mbedtls/repo/include/mbedtls/asn1write.h | 127 +- .../mbedtls/repo/include/mbedtls/base64.h | 24 +- .../mbedtls/repo/include/mbedtls/bignum.h | 338 +- .../mbedtls/repo/include/mbedtls/blowfish.h | 79 +- .../mbedtls/repo/include/mbedtls/bn_mul.h | 105 +- .../mbedtls/repo/include/mbedtls/camellia.h | 89 +- .../mbedtls/repo/include/mbedtls/ccm.h | 71 +- .../mbedtls/repo/include/mbedtls/certs.h | 36 +- .../mbedtls/repo/include/mbedtls/chacha20.h | 53 +- .../mbedtls/repo/include/mbedtls/chachapoly.h | 88 +- .../repo/include/mbedtls/check_config.h | 98 +- .../mbedtls/repo/include/mbedtls/cipher.h | 297 +- .../repo/include/mbedtls/cipher_internal.h | 78 +- .../mbedtls/repo/include/mbedtls/cmac.h | 55 +- .../mbedtls/repo/include/mbedtls/compat-1.3.h | 70 +- .../mbedtls/repo/include/mbedtls/config.h | 479 +- .../mbedtls/repo/include/mbedtls/config_psa.h | 87 +- .../repo/include/mbedtls/constant_time.h | 20 +- .../mbedtls/repo/include/mbedtls/ctr_drbg.h | 87 +- .../mbedtls/repo/include/mbedtls/debug.h | 119 +- .../mbedtls/repo/include/mbedtls/des.h | 156 +- .../mbedtls/repo/include/mbedtls/dhm.h | 1109 +- .../mbedtls/repo/include/mbedtls/ecdh.h | 109 +- .../mbedtls/repo/include/mbedtls/ecdsa.h | 150 +- .../mbedtls/repo/include/mbedtls/ecjpake.h | 75 +- .../mbedtls/repo/include/mbedtls/ecp.h | 294 +- .../repo/include/mbedtls/ecp_internal.h | 68 +- .../mbedtls/repo/include/mbedtls/entropy.h | 54 +- .../repo/include/mbedtls/entropy_poll.h | 40 +- .../mbedtls/repo/include/mbedtls/error.h | 49 +- .../mbedtls/repo/include/mbedtls/gcm.h | 103 +- .../mbedtls/repo/include/mbedtls/havege.h | 23 +- .../mbedtls/repo/include/mbedtls/hkdf.h | 38 +- .../mbedtls/repo/include/mbedtls/hmac_drbg.h | 91 +- third_party/mbedtls/repo/include/mbedtls/md.h | 82 +- .../mbedtls/repo/include/mbedtls/md2.h | 67 +- .../mbedtls/repo/include/mbedtls/md4.h | 71 +- .../mbedtls/repo/include/mbedtls/md5.h | 71 +- .../repo/include/mbedtls/md_internal.h | 19 +- .../include/mbedtls/memory_buffer_alloc.h | 37 +- .../mbedtls/repo/include/mbedtls/net.h | 14 +- .../repo/include/mbedtls/net_sockets.h | 57 +- .../mbedtls/repo/include/mbedtls/nist_kw.h | 45 +- .../mbedtls/repo/include/mbedtls/oid.h | 85 +- .../mbedtls/repo/include/mbedtls/padlock.h | 44 +- .../mbedtls/repo/include/mbedtls/pem.h | 37 +- third_party/mbedtls/repo/include/mbedtls/pk.h | 283 +- .../repo/include/mbedtls/pk_internal.h | 86 +- .../mbedtls/repo/include/mbedtls/pkcs11.h | 95 +- .../mbedtls/repo/include/mbedtls/pkcs12.h | 118 +- .../mbedtls/repo/include/mbedtls/pkcs5.h | 102 +- .../mbedtls/repo/include/mbedtls/platform.h | 106 +- .../repo/include/mbedtls/platform_time.h | 28 +- .../repo/include/mbedtls/platform_util.h | 80 +- .../mbedtls/repo/include/mbedtls/poly1305.h | 45 +- .../mbedtls/repo/include/mbedtls/psa_util.h | 278 +- .../mbedtls/repo/include/mbedtls/ripemd160.h | 73 +- .../mbedtls/repo/include/mbedtls/rsa.h | 362 +- .../repo/include/mbedtls/rsa_internal.h | 50 +- .../mbedtls/repo/include/mbedtls/sha1.h | 71 +- .../mbedtls/repo/include/mbedtls/sha256.h | 77 +- .../mbedtls/repo/include/mbedtls/sha512.h | 79 +- .../mbedtls/repo/include/mbedtls/ssl.h | 765 +- .../mbedtls/repo/include/mbedtls/ssl_cache.h | 42 +- .../repo/include/mbedtls/ssl_ciphersuites.h | 108 +- .../mbedtls/repo/include/mbedtls/ssl_cookie.h | 33 +- .../repo/include/mbedtls/ssl_internal.h | 508 +- .../mbedtls/repo/include/mbedtls/ssl_ticket.h | 34 +- .../mbedtls/repo/include/mbedtls/threading.h | 39 +- .../mbedtls/repo/include/mbedtls/timing.h | 32 +- .../mbedtls/repo/include/mbedtls/version.h | 40 +- .../mbedtls/repo/include/mbedtls/x509.h | 113 +- .../mbedtls/repo/include/mbedtls/x509_crl.h | 52 +- .../mbedtls/repo/include/mbedtls/x509_crt.h | 288 +- .../mbedtls/repo/include/mbedtls/x509_csr.h | 89 +- .../mbedtls/repo/include/mbedtls/xtea.h | 45 +- third_party/mbedtls/repo/include/psa/crypto.h | 1128 +- .../include/psa/crypto_builtin_composites.h | 33 +- .../include/psa/crypto_builtin_primitives.h | 29 +- .../mbedtls/repo/include/psa/crypto_compat.h | 280 +- .../mbedtls/repo/include/psa/crypto_config.h | 23 +- .../repo/include/psa/crypto_driver_common.h | 14 +- .../psa/crypto_driver_contexts_composites.h | 30 +- .../psa/crypto_driver_contexts_primitives.h | 32 +- .../mbedtls/repo/include/psa/crypto_extra.h | 141 +- .../repo/include/psa/crypto_platform.h | 26 +- .../repo/include/psa/crypto_se_driver.h | 83 +- .../mbedtls/repo/include/psa/crypto_sizes.h | 88 +- .../mbedtls/repo/include/psa/crypto_struct.h | 168 +- .../mbedtls/repo/include/psa/crypto_types.h | 110 +- .../mbedtls/repo/include/psa/crypto_values.h | 414 +- third_party/mbedtls/repo/library/.gitignore | 1 - .../mbedtls/repo/library/CMakeLists.txt | 24 +- third_party/mbedtls/repo/library/Makefile | 8 + third_party/mbedtls/repo/library/aes.c | 1846 +- third_party/mbedtls/repo/library/aesni.c | 568 +- third_party/mbedtls/repo/library/arc4.c | 103 +- third_party/mbedtls/repo/library/aria.c | 715 +- third_party/mbedtls/repo/library/asn1parse.c | 475 +- third_party/mbedtls/repo/library/asn1write.c | 446 +- third_party/mbedtls/repo/library/base64.c | 216 +- third_party/mbedtls/repo/library/bignum.c | 2648 +- .../mbedtls/repo/library/bignum_internal.h | 71 + third_party/mbedtls/repo/library/blowfish.c | 367 +- third_party/mbedtls/repo/library/camellia.c | 843 +- third_party/mbedtls/repo/library/ccm.c | 460 +- third_party/mbedtls/repo/library/certs.c | 1942 +- third_party/mbedtls/repo/library/chacha20.c | 316 +- third_party/mbedtls/repo/library/chachapoly.c | 461 +- .../repo/library/check_crypto_config.h | 52 +- third_party/mbedtls/repo/library/cipher.c | 1494 +- .../mbedtls/repo/library/cipher_wrap.c | 715 +- third_party/mbedtls/repo/library/cmac.c | 762 +- third_party/mbedtls/repo/library/common.h | 250 +- .../mbedtls/repo/library/constant_time.c | 515 +- .../repo/library/constant_time_internal.h | 122 +- .../repo/library/constant_time_invasive.h | 20 +- third_party/mbedtls/repo/library/ctr_drbg.c | 764 +- third_party/mbedtls/repo/library/debug.c | 353 +- third_party/mbedtls/repo/library/des.c | 696 +- third_party/mbedtls/repo/library/dhm.c | 658 +- third_party/mbedtls/repo/library/ecdh.c | 634 +- third_party/mbedtls/repo/library/ecdsa.c | 837 +- third_party/mbedtls/repo/library/ecjpake.c | 928 +- third_party/mbedtls/repo/library/ecp.c | 2697 +- third_party/mbedtls/repo/library/ecp_curves.c | 1240 +- .../mbedtls/repo/library/ecp_invasive.h | 26 +- third_party/mbedtls/repo/library/entropy.c | 529 +- .../mbedtls/repo/library/entropy_poll.c | 160 +- third_party/mbedtls/repo/library/error.c | 112 +- third_party/mbedtls/repo/library/gcm.c | 805 +- third_party/mbedtls/repo/library/havege.c | 83 +- third_party/mbedtls/repo/library/hkdf.c | 128 +- third_party/mbedtls/repo/library/hmac_drbg.c | 483 +- third_party/mbedtls/repo/library/md.c | 588 +- third_party/mbedtls/repo/library/md2.c | 211 +- third_party/mbedtls/repo/library/md4.c | 392 +- third_party/mbedtls/repo/library/md5.c | 419 +- .../repo/library/memory_buffer_alloc.c | 571 +- third_party/mbedtls/repo/library/mps_common.h | 50 +- third_party/mbedtls/repo/library/mps_error.h | 42 +- third_party/mbedtls/repo/library/mps_reader.c | 350 +- third_party/mbedtls/repo/library/mps_reader.h | 166 +- third_party/mbedtls/repo/library/mps_trace.c | 61 +- third_party/mbedtls/repo/library/mps_trace.h | 117 +- .../mbedtls/repo/library/net_sockets.c | 506 +- third_party/mbedtls/repo/library/nist_kw.c | 541 +- third_party/mbedtls/repo/library/oid.c | 466 +- third_party/mbedtls/repo/library/padlock.c | 94 +- third_party/mbedtls/repo/library/pem.c | 469 +- third_party/mbedtls/repo/library/pk.c | 596 +- third_party/mbedtls/repo/library/pk_wrap.c | 810 +- third_party/mbedtls/repo/library/pkcs11.c | 191 +- third_party/mbedtls/repo/library/pkcs12.c | 410 +- third_party/mbedtls/repo/library/pkcs5.c | 385 +- third_party/mbedtls/repo/library/pkparse.c | 1348 +- third_party/mbedtls/repo/library/pkwrite.c | 479 +- third_party/mbedtls/repo/library/platform.c | 214 +- .../mbedtls/repo/library/platform_util.c | 64 +- third_party/mbedtls/repo/library/poly1305.c | 365 +- third_party/mbedtls/repo/library/psa_crypto.c | 4889 +-- .../mbedtls/repo/library/psa_crypto_aead.c | 339 +- .../mbedtls/repo/library/psa_crypto_aead.h | 28 +- .../mbedtls/repo/library/psa_crypto_cipher.c | 457 +- .../mbedtls/repo/library/psa_crypto_cipher.h | 116 +- .../mbedtls/repo/library/psa_crypto_client.c | 67 +- .../mbedtls/repo/library/psa_crypto_core.h | 193 +- .../repo/library/psa_crypto_driver_wrappers.c | 1487 +- .../repo/library/psa_crypto_driver_wrappers.h | 82 +- .../mbedtls/repo/library/psa_crypto_ecp.c | 430 +- .../mbedtls/repo/library/psa_crypto_ecp.h | 80 +- .../mbedtls/repo/library/psa_crypto_hash.c | 287 +- .../mbedtls/repo/library/psa_crypto_hash.h | 54 +- .../repo/library/psa_crypto_invasive.h | 20 +- .../mbedtls/repo/library/psa_crypto_its.h | 28 +- .../mbedtls/repo/library/psa_crypto_mac.c | 408 +- .../mbedtls/repo/library/psa_crypto_mac.h | 50 +- .../repo/library/psa_crypto_random_impl.h | 61 +- .../mbedtls/repo/library/psa_crypto_rsa.c | 477 +- .../mbedtls/repo/library/psa_crypto_rsa.h | 78 +- .../mbedtls/repo/library/psa_crypto_se.c | 303 +- .../mbedtls/repo/library/psa_crypto_se.h | 51 +- .../repo/library/psa_crypto_slot_management.c | 439 +- .../repo/library/psa_crypto_slot_management.h | 79 +- .../mbedtls/repo/library/psa_crypto_storage.c | 430 +- .../mbedtls/repo/library/psa_crypto_storage.h | 137 +- .../mbedtls/repo/library/psa_its_file.c | 241 +- third_party/mbedtls/repo/library/ripemd160.c | 452 +- third_party/mbedtls/repo/library/rsa.c | 2350 +- .../mbedtls/repo/library/rsa_internal.c | 351 +- third_party/mbedtls/repo/library/sha1.c | 508 +- third_party/mbedtls/repo/library/sha256.c | 456 +- third_party/mbedtls/repo/library/sha512.c | 439 +- third_party/mbedtls/repo/library/ssl_cache.c | 216 +- .../mbedtls/repo/library/ssl_ciphersuites.c | 289 +- third_party/mbedtls/repo/library/ssl_cli.c | 3919 +- third_party/mbedtls/repo/library/ssl_cookie.c | 185 +- third_party/mbedtls/repo/library/ssl_msg.c | 4844 ++- third_party/mbedtls/repo/library/ssl_srv.c | 3969 +- third_party/mbedtls/repo/library/ssl_ticket.c | 348 +- third_party/mbedtls/repo/library/ssl_tls.c | 5828 ++- .../mbedtls/repo/library/ssl_tls13_keys.c | 316 +- .../mbedtls/repo/library/ssl_tls13_keys.h | 104 +- third_party/mbedtls/repo/library/threading.c | 114 +- third_party/mbedtls/repo/library/timing.c | 362 +- third_party/mbedtls/repo/library/version.c | 30 +- .../mbedtls/repo/library/version_features.c | 50 +- third_party/mbedtls/repo/library/x509.c | 893 +- .../mbedtls/repo/library/x509_create.c | 316 +- third_party/mbedtls/repo/library/x509_crl.c | 632 +- third_party/mbedtls/repo/library/x509_crt.c | 2682 +- third_party/mbedtls/repo/library/x509_csr.c | 292 +- .../mbedtls/repo/library/x509write_crt.c | 536 +- .../mbedtls/repo/library/x509write_csr.c | 313 +- third_party/mbedtls/repo/library/xtea.c | 180 +- third_party/mbedtls/repo/programs/.gitignore | 3 - .../repo/programs/aes/crypt_and_hash.c | 503 +- .../mbedtls/repo/programs/fuzz/Makefile | 4 +- .../mbedtls/repo/programs/fuzz/README.md | 6 +- .../mbedtls/repo/programs/fuzz/common.c | 48 +- .../mbedtls/repo/programs/fuzz/common.h | 30 +- .../mbedtls/repo/programs/fuzz/fuzz_client.c | 115 +- .../repo/programs/fuzz/fuzz_dtlsclient.c | 87 +- .../repo/programs/fuzz/fuzz_dtlsserver.c | 138 +- .../mbedtls/repo/programs/fuzz/fuzz_privkey.c | 64 +- .../mbedtls/repo/programs/fuzz/fuzz_pubkey.c | 69 +- .../mbedtls/repo/programs/fuzz/fuzz_server.c | 150 +- .../mbedtls/repo/programs/fuzz/fuzz_x509crl.c | 21 +- .../mbedtls/repo/programs/fuzz/fuzz_x509crt.c | 21 +- .../mbedtls/repo/programs/fuzz/fuzz_x509csr.c | 21 +- .../mbedtls/repo/programs/fuzz/onefile.c | 21 +- .../mbedtls/repo/programs/hash/generic_sum.c | 192 +- .../mbedtls/repo/programs/hash/hello.c | 49 +- .../mbedtls/repo/programs/pkey/dh_client.c | 233 +- .../mbedtls/repo/programs/pkey/dh_genprime.c | 151 +- .../mbedtls/repo/programs/pkey/dh_server.c | 274 +- .../repo/programs/pkey/ecdh_curve25519.c | 246 +- .../mbedtls/repo/programs/pkey/ecdsa.c | 183 +- .../mbedtls/repo/programs/pkey/gen_key.c | 371 +- .../mbedtls/repo/programs/pkey/key_app.c | 271 +- .../repo/programs/pkey/key_app_writer.c | 356 +- .../mbedtls/repo/programs/pkey/mpi_demo.c | 100 +- .../mbedtls/repo/programs/pkey/pk_decrypt.c | 135 +- .../mbedtls/repo/programs/pkey/pk_encrypt.c | 145 +- .../mbedtls/repo/programs/pkey/pk_sign.c | 143 +- .../mbedtls/repo/programs/pkey/pk_verify.c | 115 +- .../mbedtls/repo/programs/pkey/rsa_decrypt.c | 185 +- .../mbedtls/repo/programs/pkey/rsa_encrypt.c | 159 +- .../mbedtls/repo/programs/pkey/rsa_genkey.c | 154 +- .../mbedtls/repo/programs/pkey/rsa_sign.c | 163 +- .../mbedtls/repo/programs/pkey/rsa_sign_pss.c | 144 +- .../mbedtls/repo/programs/pkey/rsa_verify.c | 119 +- .../repo/programs/pkey/rsa_verify_pss.c | 118 +- .../repo/programs/psa/crypto_examples.c | 346 +- .../repo/programs/psa/key_ladder_demo.c | 631 +- .../repo/programs/psa/key_ladder_demo.sh | 34 +- .../repo/programs/psa/psa_constant_names.c | 41 +- .../repo/programs/random/gen_entropy.c | 77 +- .../programs/random/gen_random_ctr_drbg.c | 114 +- .../repo/programs/random/gen_random_havege.c | 78 +- .../mbedtls/repo/programs/ssl/dtls_client.c | 303 +- .../mbedtls/repo/programs/ssl/dtls_server.c | 359 +- .../mbedtls/repo/programs/ssl/mini_client.c | 133 +- .../mbedtls/repo/programs/ssl/ssl_client1.c | 278 +- .../mbedtls/repo/programs/ssl/ssl_client2.c | 2552 +- .../repo/programs/ssl/ssl_context_info.c | 974 +- .../repo/programs/ssl/ssl_fork_server.c | 360 +- .../repo/programs/ssl/ssl_mail_client.c | 710 +- .../repo/programs/ssl/ssl_pthread_server.c | 415 +- .../mbedtls/repo/programs/ssl/ssl_server.c | 332 +- .../mbedtls/repo/programs/ssl/ssl_server2.c | 3398 +- .../programs/ssl/ssl_test_common_source.c | 281 +- .../mbedtls/repo/programs/ssl/ssl_test_lib.c | 254 +- .../mbedtls/repo/programs/ssl/ssl_test_lib.h | 91 +- .../mbedtls/repo/programs/test/benchmark.c | 1124 +- .../test/cmake_subproject/cmake_subproject.c | 30 +- .../mbedtls/repo/programs/test/dlopen.c | 108 +- .../mbedtls/repo/programs/test/dlopen_demo.sh | 37 +- .../programs/test/generate_cpp_dummy_build.sh | 27 +- .../programs/test/query_compile_time_config.c | 44 +- .../mbedtls/repo/programs/test/query_config.c | 1498 +- .../mbedtls/repo/programs/test/query_config.h | 24 +- .../mbedtls/repo/programs/test/selftest.c | 462 +- .../mbedtls/repo/programs/test/udp_proxy.c | 867 +- .../repo/programs/test/udp_proxy_wrapper.sh | 14 +- .../mbedtls/repo/programs/test/zeroize.c | 72 +- .../mbedtls/repo/programs/util/pem2der.c | 225 +- .../mbedtls/repo/programs/util/strerror.c | 64 +- .../mbedtls/repo/programs/wince_main.c | 30 +- .../mbedtls/repo/programs/x509/cert_app.c | 399 +- .../mbedtls/repo/programs/x509/cert_req.c | 300 +- .../mbedtls/repo/programs/x509/cert_write.c | 706 +- .../mbedtls/repo/programs/x509/crl_app.c | 102 +- .../mbedtls/repo/programs/x509/load_roots.c | 172 +- .../mbedtls/repo/programs/x509/req_app.c | 102 +- third_party/mbedtls/repo/scripts/abi_check.py | 310 +- .../mbedtls/repo/scripts/apidoc_full.sh | 14 +- .../repo/scripts/assemble_changelog.py | 105 +- .../mbedtls/repo/scripts/bump_version.sh | 18 +- .../mbedtls/repo/scripts/ci.requirements.txt | 6 +- .../mbedtls/repo/scripts/code_style.py | 222 + third_party/mbedtls/repo/scripts/config.pl | 13 +- third_party/mbedtls/repo/scripts/config.py | 63 +- .../mbedtls/repo/scripts/data_files/error.fmt | 110 +- .../repo/scripts/data_files/query_config.fmt | 38 +- .../scripts/data_files/version_features.fmt | 38 +- third_party/mbedtls/repo/scripts/ecc-heap.sh | 37 +- third_party/mbedtls/repo/scripts/footprint.sh | 18 +- .../mbedtls/repo/scripts/generate_errors.pl | 18 +- .../mbedtls/repo/scripts/generate_features.pl | 18 +- .../repo/scripts/generate_psa_constants.py | 14 +- .../repo/scripts/generate_query_config.pl | 21 +- .../repo/scripts/generate_visualc_files.pl | 14 +- third_party/mbedtls/repo/scripts/lcov.sh | 69 + .../repo/scripts/maintainer.requirements.txt | 3 +- .../mbedtls/repo/scripts/massif_max.pl | 14 +- .../repo/scripts/mbedtls_dev/__init__.py | 3 + .../mbedtls_dev/asymmetric_key_data.py | 13 +- .../repo/scripts/mbedtls_dev/build_tree.py | 56 + .../scripts/mbedtls_dev/c_build_helper.py | 50 +- .../scripts/mbedtls_dev/crypto_knowledge.py | 439 +- .../scripts/mbedtls_dev/macro_collector.py | 48 +- .../repo/scripts/mbedtls_dev/psa_storage.py | 25 +- .../repo/scripts/mbedtls_dev/test_case.py | 21 +- .../mbedtls_dev/test_data_generation.py | 197 + .../repo/scripts/mbedtls_dev/typing_util.py | 13 +- third_party/mbedtls/repo/scripts/memory.sh | 14 +- .../mbedtls/repo/scripts/min_requirements.py | 39 +- .../mbedtls/repo/scripts/output_env.sh | 42 +- third_party/mbedtls/repo/scripts/rename.pl | 20 +- .../repo/scripts/tmp_ignore_makefiles.sh | 14 +- third_party/mbedtls/repo/tests/.gitignore | 2 - third_party/mbedtls/repo/tests/CMakeLists.txt | 113 +- third_party/mbedtls/repo/tests/Makefile | 10 +- .../mbedtls/repo/tests/compat-in-docker.sh | 28 +- third_party/mbedtls/repo/tests/compat.sh | 315 +- .../configs/config-wrapper-malloc-0-null.h | 37 - .../repo/tests/configs/user-config-for-test.h | 54 +- .../tests/configs/user-config-malloc-0-null.h | 22 + .../configs/user-config-zeroize-memset.h | 17 + .../mbedtls/repo/tests/context-info.sh | 14 +- .../mbedtls/repo/tests/data_files/Makefile | 531 +- .../repo/tests/data_files/Readme-x509.txt | 8 +- .../data_files/base64/def_b64_too_big_1.txt | 2 +- .../data_files/cert_example_multi_nocn.crt | 23 +- .../repo/tests/data_files/crl-ec-sha1.pem | 14 +- .../repo/tests/data_files/crl-ec-sha256.pem | 14 +- .../data_files/crl-rsa-pss-sha1-badsign.pem | 22 +- .../tests/data_files/crl-rsa-pss-sha1.pem | 22 +- .../tests/data_files/crl-rsa-pss-sha224.pem | 28 +- .../tests/data_files/crl-rsa-pss-sha256.pem | 28 +- .../tests/data_files/crl-rsa-pss-sha384.pem | 28 +- .../tests/data_files/crl-rsa-pss-sha512.pem | 28 +- .../mbedtls/repo/tests/data_files/crl.pem | 16 +- .../repo/tests/data_files/crl_cat_ec-rsa.pem | 32 +- .../repo/tests/data_files/crl_cat_rsa-ec.pem | 32 +- .../repo/tests/data_files/dh.optlen.der | Bin 0 -> 530 bytes .../repo/tests/data_files/dir-maxpath/long.sh | 14 +- .../repo/tests/data_files/ec_256_long_prv.der | Bin 0 -> 121 bytes .../repo/tests/data_files/ec_521_prv.der | Bin 0 -> 223 bytes .../repo/tests/data_files/ec_521_pub.der | Bin 0 -> 158 bytes .../tests/data_files/ec_521_short_prv.der | Bin 0 -> 223 bytes .../repo/tests/data_files/ec_bp512_prv.der | Bin 0 -> 221 bytes .../repo/tests/data_files/ec_bp512_pub.der | Bin 0 -> 158 bytes .../mbedtls/repo/tests/data_files/ec_pub.der | Bin 75 -> 75 bytes .../mbedtls/repo/tests/data_files/mpi_10 | 1 - .../mbedtls/repo/tests/data_files/mpi_16 | 1 + .../{ => parse_input}/bitstring-in-dn.pem | 0 .../parse_input/cert_example_multi.crt | 17 + .../parse_input/cert_example_multi_nocn.crt | 13 + .../tests/data_files/parse_input/cert_md2.crt | 20 + .../tests/data_files/parse_input/cert_md4.crt | 20 + .../tests/data_files/parse_input/cert_md5.crt | 20 + .../data_files/parse_input/cert_sha1.crt | 20 + .../data_files/parse_input/cert_sha224.crt | 20 + .../data_files/parse_input/cert_sha256.crt | 20 + .../data_files/parse_input/cert_sha384.crt | 20 + .../data_files/parse_input/cert_sha512.crt | 20 + .../{ => parse_input}/cert_v1_with_ext.crt | 0 .../cli-rsa-sha256-badalg.crt.der | Bin .../data_files/parse_input/crl-ec-sha1.pem | 10 + .../{ => parse_input}/crl-ec-sha224.pem | 0 .../data_files/parse_input/crl-ec-sha256.pem | 10 + .../{ => parse_input}/crl-ec-sha384.pem | 0 .../{ => parse_input}/crl-ec-sha512.pem | 0 .../data_files/{ => parse_input}/crl-idp.pem | 0 .../{ => parse_input}/crl-idpnc.pem | 0 .../crl-malformed-trailing-spaces.pem | 0 .../parse_input/crl-rsa-pss-sha1.pem | 14 + .../parse_input/crl-rsa-pss-sha224.pem | 16 + .../parse_input/crl-rsa-pss-sha256.pem | 16 + .../parse_input/crl-rsa-pss-sha384.pem | 16 + .../parse_input/crl-rsa-pss-sha512.pem | 16 + .../data_files/parse_input/crl_expired.pem | 11 + .../data_files/{ => parse_input}/crl_md2.pem | 0 .../data_files/{ => parse_input}/crl_md4.pem | 0 .../data_files/{ => parse_input}/crl_md5.pem | 0 .../data_files/{ => parse_input}/crl_sha1.pem | 0 .../{ => parse_input}/crl_sha224.pem | 0 .../data_files/parse_input/crl_sha256.pem | 11 + .../{ => parse_input}/crl_sha384.pem | 0 .../{ => parse_input}/crl_sha512.pem | 0 .../parse_input/keyUsage.decipherOnly.crt | 14 + .../{ => parse_input}/multiple_san.crt | 0 .../non-ascii-string-in-issuer.crt | 0 .../{ => parse_input}/server1-ms.req.sha256 | 0 .../parse_input/server1.cert_type.crt | 20 + .../tests/data_files/parse_input/server1.crt | 20 + .../{ => parse_input}/server1.crt.der | Bin .../{ => parse_input}/server1.ext_ku.crt | 0 .../parse_input/server1.key_usage.crt | 20 + .../parse_input/server1.req.commas.sha256 | 16 + .../data_files/parse_input/server1.req.md4 | 16 + .../data_files/parse_input/server1.req.md5 | 16 + .../data_files/parse_input/server1.req.sha1 | 16 + .../data_files/parse_input/server1.req.sha224 | 16 + .../data_files/parse_input/server1.req.sha256 | 16 + .../data_files/parse_input/server1.req.sha384 | 16 + .../data_files/parse_input/server1.req.sha512 | 16 + .../server1_pathlen_int_max-1.crt | 0 .../server1_pathlen_int_max.crt | 0 .../tests/data_files/parse_input/server2.crt | 20 + .../{ => parse_input}/server2.crt.der | Bin .../tests/data_files/parse_input/server3.crt | 17 + .../tests/data_files/parse_input/server4.crt | 18 + .../{ => parse_input}/server5-fan.crt | 0 .../parse_input/server5-non-compliant.crt | 12 + .../server5-nonprintable_othername.crt | 12 + .../{ => parse_input}/server5-othername.crt | 0 .../data_files/parse_input/server5-sha1.crt | 14 + .../data_files/parse_input/server5-sha224.crt | 14 + .../data_files/parse_input/server5-sha384.crt | 14 + .../data_files/parse_input/server5-sha512.crt | 14 + .../server5-unsupported_othername.crt | 0 .../tests/data_files/parse_input/server5.crt | 14 + .../{ => parse_input}/server5.req.sha1 | 0 .../{ => parse_input}/server5.req.sha224 | 0 .../{ => parse_input}/server5.req.sha256 | 0 .../{ => parse_input}/server5.req.sha384 | 0 .../{ => parse_input}/server5.req.sha512 | 0 .../{ => parse_input}/server7_all_space.crt | 0 .../data_files/parse_input/server7_int-ca.crt | 47 + .../{ => parse_input}/server7_pem_space.crt | 0 .../server7_trailing_space.crt | 0 .../data_files/parse_input/server9-sha224.crt | 20 + .../data_files/parse_input/server9-sha256.crt | 20 + .../data_files/parse_input/server9-sha384.crt | 20 + .../data_files/parse_input/server9-sha512.crt | 20 + .../tests/data_files/parse_input/server9.crt | 19 + .../{ => parse_input}/server9.req.sha1 | 0 .../{ => parse_input}/server9.req.sha224 | 0 .../{ => parse_input}/server9.req.sha256 | 0 .../{ => parse_input}/server9.req.sha384 | 0 .../{ => parse_input}/server9.req.sha512 | 0 .../{ => parse_input}/test-ca-any_policy.crt | 0 .../test-ca-any_policy_ec.crt | 0 .../test-ca-any_policy_with_qualifier.crt | 0 .../test-ca-any_policy_with_qualifier_ec.crt | 0 .../test-ca-multi_policy.crt | 0 .../test-ca-multi_policy_ec.crt | 0 .../test-ca-unsupported_policy.crt | 0 .../test-ca-unsupported_policy_ec.crt | 0 .../tests/data_files/parse_input/test-ca.crt | 20 + .../{ => parse_input}/test-ca.crt.der | Bin .../mbedtls/repo/tests/data_files/print_c.pl | 14 +- .../repo/tests/data_files/rsa4096_prv.der | Bin 0 -> 2349 bytes .../repo/tests/data_files/rsa4096_pub.der | Bin 0 -> 550 bytes .../repo/tests/data_files/server1-nospace.crt | 25 +- .../repo/tests/data_files/server1-v1.crt | 34 +- .../repo/tests/data_files/server1.commas.crt | 20 + .../repo/tests/data_files/server1.key.der | Bin 0 -> 1190 bytes .../repo/tests/data_files/server1.pubkey.der | Bin 0 -> 294 bytes .../tests/data_files/server1.req.sha256.ext | 17 + .../tests/data_files/server10-badsign.crt | 16 +- .../tests/data_files/server10-bs_int3.pem | 32 +- .../repo/tests/data_files/server10.crt | 16 +- .../tests/data_files/server10_int3-bs.pem | 32 +- .../data_files/server10_int3_int-ca2.crt | 54 +- .../data_files/server10_int3_int-ca2_ca.crt | 138 +- .../server10_int3_spurious_int-ca2.crt | 70 +- .../tests/data_files/server2-v1-chain.crt | 68 +- .../repo/tests/data_files/server2-v1.crt | 34 +- .../repo/tests/data_files/server2.ku-ds.crt | 27 +- .../tests/data_files/server2.ku-ds_ke.crt | 27 +- .../repo/tests/data_files/server2.ku-ka.crt | 27 +- .../repo/tests/data_files/server2.ku-ke.crt | 27 +- .../mbedtls/repo/tests/data_files/server3.crt | 26 +- .../mbedtls/repo/tests/data_files/server4.crt | 31 +- .../repo/tests/data_files/server5-badsign.crt | 18 +- .../repo/tests/data_files/server5-der0.crt | Bin 547 -> 548 bytes .../repo/tests/data_files/server5-der1a.crt | Bin 548 -> 549 bytes .../repo/tests/data_files/server5-der1b.crt | Bin 548 -> 549 bytes .../repo/tests/data_files/server5-der2.crt | Bin 549 -> 550 bytes .../repo/tests/data_files/server5-der4.crt | Bin 551 -> 552 bytes .../repo/tests/data_files/server5-der8.crt | Bin 555 -> 556 bytes .../repo/tests/data_files/server5-der9.crt | Bin 556 -> 557 bytes .../tests/data_files/server5-selfsigned.crt | 20 +- .../repo/tests/data_files/server5-sha1.crt | 18 +- .../repo/tests/data_files/server5-sha224.crt | 18 +- .../repo/tests/data_files/server5-sha384.crt | 18 +- .../repo/tests/data_files/server5-sha512.crt | 18 +- .../tests/data_files/server5-ss-forgeca.crt | 10 +- .../mbedtls/repo/tests/data_files/server5.crt | 16 +- .../repo/tests/data_files/server5.crt.der | Bin 547 -> 547 bytes .../data_files/server5.crt.openssl.v3_ext | 3 + .../repo/tests/data_files/server5.eku-cli.crt | 22 +- .../repo/tests/data_files/server5.eku-cs.crt | 22 +- .../tests/data_files/server5.eku-cs_any.crt | 22 +- .../repo/tests/data_files/server5.eku-srv.crt | 22 +- .../tests/data_files/server5.eku-srv_cli.crt | 22 +- .../repo/tests/data_files/server5.ku-ds.crt | 23 +- .../repo/tests/data_files/server5.ku-ka.crt | 23 +- .../repo/tests/data_files/server5.ku-ke.crt | 23 +- .../repo/tests/data_files/server5.req.ku.sha1 | 6 +- .../tests/data_files/server6-ss-child.crt | 22 +- .../server6-ss-child.crt.openssl.v3_ext | 4 + .../mbedtls/repo/tests/data_files/server6.crt | 16 +- .../repo/tests/data_files/server7-badsign.crt | 52 +- .../repo/tests/data_files/server7-expired.crt | 48 +- .../repo/tests/data_files/server7-future.crt | 48 +- .../mbedtls/repo/tests/data_files/server7.crt | 36 +- .../tests/data_files/server7_int-ca-exp.crt | 50 +- .../repo/tests/data_files/server7_int-ca.crt | 52 +- .../tests/data_files/server7_int-ca_ca2.crt | 76 +- .../data_files/server7_spurious_int-ca.crt | 74 +- .../mbedtls/repo/tests/data_files/server8.crt | 31 +- .../repo/tests/data_files/server8_int-ca2.crt | 53 +- .../tests/data_files/server9-bad-mgfhash.crt | 37 +- .../tests/data_files/server9-bad-saltlen.crt | 37 +- .../repo/tests/data_files/server9-badsign.crt | 26 +- .../tests/data_files/server9-defaults.crt | 27 +- .../repo/tests/data_files/server9-sha224.crt | 37 +- .../repo/tests/data_files/server9-sha256.crt | 37 +- .../repo/tests/data_files/server9-sha384.crt | 37 +- .../repo/tests/data_files/server9-sha512.crt | 37 +- .../repo/tests/data_files/server9-with-ca.crt | 110 +- .../mbedtls/repo/tests/data_files/server9.crt | 26 +- .../repo/tests/data_files/test-ca-v1.crt | 34 +- .../mbedtls/repo/tests/data_files/test-ca.crt | 18 +- .../mbedtls/repo/tests/data_files/test-ca.key | 52 +- .../repo/tests/data_files/test-ca.opensslconf | 19 +- .../repo/tests/data_files/test-ca.req.sha256 | 16 + .../tests/data_files/test-ca.req_ec.sha256 | 9 + .../repo/tests/data_files/test-ca2.ku-crl.crt | 20 +- .../test-ca2.ku-crl.crt.openssl.v3_ext | 4 + .../repo/tests/data_files/test-ca2.ku-crt.crt | 20 +- .../test-ca2.ku-crt.crt.openssl.v3_ext | 4 + .../tests/data_files/test-ca2.ku-crt_crl.crt | 20 +- .../test-ca2.ku-crt_crl.crt.openssl.v3_ext | 4 + .../repo/tests/data_files/test-ca2.ku-ds.crt | 20 +- .../test-ca2.ku-ds.crt.openssl.v3_ext | 4 + .../repo/tests/data_files/test-ca2.req.sha256 | 9 + .../test-ca2_cat-future-invalid.crt | 42 +- .../test-ca2_cat-future-present.crt | 46 +- .../data_files/test-ca2_cat-past-invalid.crt | 16 +- .../data_files/test-ca2_cat-past-present.crt | 24 +- .../test-ca2_cat-present-future.crt | 46 +- .../data_files/test-ca2_cat-present-past.crt | 24 +- .../repo/tests/data_files/test-ca_cat12.crt | 42 +- .../repo/tests/data_files/test-ca_cat21.crt | 42 +- .../repo/tests/data_files/test-int-ca-exp.crt | 14 +- .../repo/tests/data_files/test-int-ca.crt | 16 +- .../repo/tests/data_files/test-int-ca2.crt | 22 +- .../tests/data_files/test-int-ca3-badsign.crt | 16 +- .../repo/tests/data_files/test-int-ca3.crt | 16 +- .../repo/tests/docker/bionic/Dockerfile | 18 +- .../mbedtls/repo/tests/git-scripts/README.md | 8 +- .../repo/tests/git-scripts/pre-commit.sh | 14 +- .../repo/tests/git-scripts/pre-push.sh | 14 +- .../tests/include/baremetal-override/time.h | 6 + .../repo/tests/include/spe/crypto_spe.h | 119 +- .../repo/tests/include/test/arguments.h | 31 + .../repo/tests/include/test/asn1_helpers.h | 20 +- .../repo/tests/include/test/constant_flow.h | 20 +- .../repo/tests/include/test/drivers/aead.h | 22 +- .../repo/tests/include/test/drivers/cipher.h | 20 +- .../include/test/drivers/config_test_driver.h | 15 +- .../crypto_config_test_driver_extension.h | 44 +- .../repo/tests/include/test/drivers/hash.h | 30 +- .../include/test/drivers/key_management.h | 46 +- .../repo/tests/include/test/drivers/mac.h | 46 +- .../tests/include/test/drivers/signature.h | 34 +- .../repo/tests/include/test/drivers/size.h | 16 +- .../tests/include/test/drivers/test_driver.h | 14 +- .../include/test/fake_external_rng_for_test.h | 18 +- .../mbedtls/repo/tests/include/test/helpers.h | 174 +- .../mbedtls/repo/tests/include/test/macros.h | 279 +- .../tests/include/test/psa_crypto_helpers.h | 157 +- .../tests/include/test/psa_exercise_key.h | 42 +- .../repo/tests/include/test/psa_helpers.h | 16 +- .../mbedtls/repo/tests/include/test/random.h | 46 +- .../repo/tests/include/test/ssl_helpers.h | 526 + .../mbedtls/repo/tests/make-in-docker.sh | 18 +- .../repo/tests/scripts/all-in-docker.sh | 18 +- third_party/mbedtls/repo/tests/scripts/all.sh | 898 +- .../repo/tests/scripts/analyze_outcomes.py | 114 +- .../repo/tests/scripts/basic-build-test.sh | 57 +- .../repo/tests/scripts/basic-in-docker.sh | 22 +- .../repo/tests/scripts/check-doxy-blocks.pl | 16 +- .../tests/scripts/check-generated-files.sh | 37 +- .../repo/tests/scripts/check-python-files.sh | 29 +- .../mbedtls/repo/tests/scripts/check_files.py | 82 +- .../mbedtls/repo/tests/scripts/check_names.py | 170 +- .../repo/tests/scripts/check_test_cases.py | 58 +- .../mbedtls/repo/tests/scripts/curves.pl | 144 - .../repo/tests/scripts/depends-hashes.pl | 101 - .../repo/tests/scripts/depends-pkalgs.pl | 107 - .../mbedtls/repo/tests/scripts/depends.py | 560 + .../mbedtls/repo/tests/scripts/docker_env.sh | 18 +- .../mbedtls/repo/tests/scripts/doxygen.sh | 20 +- .../repo/tests/scripts/gen_ctr_drbg.pl | 14 +- .../repo/tests/scripts/gen_gcm_decrypt.pl | 14 +- .../repo/tests/scripts/gen_gcm_encrypt.pl | 14 +- .../scripts/gen_pkcs1_v21_sign_verify.pl | 14 +- .../repo/tests/scripts/generate-afl-tests.sh | 18 +- .../tests/scripts/generate_bignum_tests.py | 246 + .../repo/tests/scripts/generate_psa_tests.py | 497 +- .../repo/tests/scripts/generate_test_code.py | 327 +- .../repo/tests/scripts/key-exchanges.pl | 76 - .../repo/tests/scripts/list-identifiers.sh | 14 +- .../scripts/list_internal_identifiers.py | 16 +- .../tests/scripts/psa_collect_statuses.py | 22 +- .../mbedtls/repo/tests/scripts/recursion.pl | 16 +- .../repo/tests/scripts/run-test-suites.pl | 39 +- .../repo/tests/scripts/scripts_path.py | 13 +- .../scripts/set_psa_test_dependencies.py | 14 +- .../mbedtls/repo/tests/scripts/tcp_client.pl | 14 +- .../repo/tests/scripts/test-ref-configs.pl | 107 +- .../repo/tests/scripts/test_config_script.py | 13 +- .../tests/scripts/test_generate_test_code.py | 334 +- .../repo/tests/scripts/test_psa_compliance.py | 20 +- .../tests/scripts/test_psa_constant_names.py | 34 +- .../repo/tests/scripts/test_zeroize.gdb | 14 +- .../repo/tests/scripts/travis-log-failure.sh | 14 +- .../mbedtls/repo/tests/src/asn1_helpers.c | 62 +- .../mbedtls/repo/tests/src/drivers/hash.c | 142 +- .../tests/src/drivers/platform_builtin_keys.c | 55 +- .../repo/tests/src/drivers/test_driver_aead.c | 110 +- .../tests/src/drivers/test_driver_cipher.c | 248 +- .../src/drivers/test_driver_key_management.c | 501 +- .../repo/tests/src/drivers/test_driver_mac.c | 272 +- .../tests/src/drivers/test_driver_signature.c | 332 +- .../repo/tests/src/drivers/test_driver_size.c | 41 +- .../external_timing_for_test.c | 339 + .../tests/src/external_timing/timing_alt.h | 118 + .../tests/src/fake_external_rng_for_test.c | 29 +- third_party/mbedtls/repo/tests/src/helpers.c | 406 +- .../repo/tests/src/psa_crypto_helpers.c | 166 +- .../mbedtls/repo/tests/src/psa_exercise_key.c | 1094 +- third_party/mbedtls/repo/tests/src/random.c | 118 +- .../repo/tests/src/test_helpers/ssl_helpers.c | 1804 + .../repo/tests/src/threading_helpers.c | 115 +- .../mbedtls/repo/tests/ssl-opt-in-docker.sh | 28 +- third_party/mbedtls/repo/tests/ssl-opt.sh | 720 +- .../repo/tests/suites/helpers.function | 129 +- .../repo/tests/suites/host_test.function | 737 +- .../repo/tests/suites/main_test.function | 142 +- .../repo/tests/suites/test_suite_aes.ecb.data | 9 + .../repo/tests/suites/test_suite_aes.function | 751 +- .../tests/suites/test_suite_arc4.function | 18 +- .../tests/suites/test_suite_aria.function | 540 +- .../suites/test_suite_asn1parse.function | 647 +- .../tests/suites/test_suite_asn1write.data | 42 +- .../suites/test_suite_asn1write.function | 556 +- .../tests/suites/test_suite_base64.function | 156 +- .../tests/suites/test_suite_bignum.function | 1772 + .../suites/test_suite_bignum.generated.data | 975 + .../tests/suites/test_suite_bignum.misc.data | 1963 + .../tests/suites/test_suite_blowfish.function | 385 +- .../tests/suites/test_suite_camellia.function | 386 +- .../repo/tests/suites/test_suite_ccm.function | 531 +- .../tests/suites/test_suite_chacha20.function | 115 +- .../suites/test_suite_chachapoly.function | 362 +- .../tests/suites/test_suite_cipher.aes.data | 96 +- .../tests/suites/test_suite_cipher.aria.data | 2 +- .../suites/test_suite_cipher.blowfish.data | 138 +- .../suites/test_suite_cipher.camellia.data | 90 +- .../tests/suites/test_suite_cipher.ccm.data | 192 +- .../suites/test_suite_cipher.chacha20.data | 24 + .../suites/test_suite_cipher.chachapoly.data | 20 + .../tests/suites/test_suite_cipher.des.data | 120 +- .../tests/suites/test_suite_cipher.function | 1514 +- .../tests/suites/test_suite_cipher.gcm.data | 1008 +- .../repo/tests/suites/test_suite_cmac.data | 19 +- .../tests/suites/test_suite_cmac.function | 375 +- .../suites/test_suite_constant_time.data | 11 + .../suites/test_suite_constant_time.function | 48 + .../suites/test_suite_constant_time_hmac.data | 15 + .../test_suite_constant_time_hmac.function | 101 + .../tests/suites/test_suite_ctr_drbg.function | 319 +- .../repo/tests/suites/test_suite_debug.data | 17 +- .../tests/suites/test_suite_debug.function | 178 +- .../repo/tests/suites/test_suite_des.function | 220 +- .../repo/tests/suites/test_suite_dhm.data | 79 +- .../repo/tests/suites/test_suite_dhm.function | 417 +- .../tests/suites/test_suite_ecdh.function | 733 +- .../repo/tests/suites/test_suite_ecdsa.data | 60 + .../tests/suites/test_suite_ecdsa.function | 906 +- .../repo/tests/suites/test_suite_ecjpake.data | 6 +- .../tests/suites/test_suite_ecjpake.function | 294 +- .../repo/tests/suites/test_suite_ecp.data | 108 + .../repo/tests/suites/test_suite_ecp.function | 1883 +- .../tests/suites/test_suite_entropy.function | 428 +- .../tests/suites/test_suite_error.function | 8 +- .../repo/tests/suites/test_suite_gcm.function | 283 +- .../tests/suites/test_suite_hkdf.function | 104 +- .../suites/test_suite_hmac_drbg.function | 254 +- .../repo/tests/suites/test_suite_md.data | 592 +- .../repo/tests/suites/test_suite_md.function | 366 +- .../repo/tests/suites/test_suite_mdx.function | 80 +- .../test_suite_memory_buffer_alloc.function | 217 +- .../repo/tests/suites/test_suite_mpi.data | 1892 - .../repo/tests/suites/test_suite_mpi.function | 1644 - .../repo/tests/suites/test_suite_mps.function | 917 +- .../repo/tests/suites/test_suite_net.function | 60 +- .../tests/suites/test_suite_nist_kw.function | 351 +- .../repo/tests/suites/test_suite_oid.data | 48 + .../repo/tests/suites/test_suite_oid.function | 92 +- .../repo/tests/suites/test_suite_pem.data | 5 + .../repo/tests/suites/test_suite_pem.function | 40 +- .../repo/tests/suites/test_suite_pk.data | 46 +- .../repo/tests/suites/test_suite_pk.function | 1521 +- .../repo/tests/suites/test_suite_pkcs12.data | 36 + .../tests/suites/test_suite_pkcs12.function | 179 +- .../tests/suites/test_suite_pkcs1_v15.data | 28 +- .../suites/test_suite_pkcs1_v15.function | 345 +- .../suites/test_suite_pkcs1_v21.function | 309 +- .../repo/tests/suites/test_suite_pkcs5.data | 88 +- .../tests/suites/test_suite_pkcs5.function | 106 +- .../repo/tests/suites/test_suite_pkparse.data | 10 +- .../tests/suites/test_suite_pkparse.function | 97 +- .../repo/tests/suites/test_suite_pkwrite.data | 108 +- .../tests/suites/test_suite_pkwrite.function | 206 +- .../suites/test_suite_platform_printf.data | 114 + .../test_suite_platform_printf.function | 89 + .../tests/suites/test_suite_poly1305.function | 102 +- .../tests/suites/test_suite_psa_crypto.data | 22 +- .../suites/test_suite_psa_crypto.function | 6282 +-- .../test_suite_psa_crypto_attributes.function | 149 +- ...test_suite_psa_crypto_driver_wrappers.data | 272 +- ..._suite_psa_crypto_driver_wrappers.function | 1953 +- .../suites/test_suite_psa_crypto_entropy.data | 2 +- .../test_suite_psa_crypto_entropy.function | 274 +- ...est_suite_psa_crypto_generate_key.function | 35 +- .../test_suite_psa_crypto_hash.function | 107 +- .../suites/test_suite_psa_crypto_init.data | 3 + .../test_suite_psa_crypto_init.function | 236 +- .../test_suite_psa_crypto_metadata.function | 802 +- ...st_suite_psa_crypto_not_supported.function | 40 +- .../test_suite_psa_crypto_op_fail.function | 381 + ...st_suite_psa_crypto_op_fail.generated.data | 32526 ++++++++++++++++ .../test_suite_psa_crypto_op_fail.misc.data | 45 + .../test_suite_psa_crypto_persistent_key.data | 5 + ...t_suite_psa_crypto_persistent_key.function | 320 +- ...st_suite_psa_crypto_se_driver_hal.function | 1476 +- ...te_psa_crypto_se_driver_hal_mocks.function | 593 +- ..._suite_psa_crypto_slot_management.function | 1027 +- ...ite_psa_crypto_storage_format.current.data | 7934 +++- ...t_suite_psa_crypto_storage_format.function | 394 +- ...st_suite_psa_crypto_storage_format.v0.data | 8220 +++- .../repo/tests/suites/test_suite_psa_its.data | 51 +- .../tests/suites/test_suite_psa_its.function | 274 +- .../tests/suites/test_suite_random.function | 190 +- .../repo/tests/suites/test_suite_rsa.data | 294 +- .../repo/tests/suites/test_suite_rsa.function | 2430 +- .../tests/suites/test_suite_shax.function | 244 +- .../repo/tests/suites/test_suite_ssl.data | 1907 +- .../repo/tests/suites/test_suite_ssl.function | 4614 +-- .../suites/test_suite_ssl_decrypt.function | 328 + .../suites/test_suite_ssl_decrypt.misc.data | 1087 + .../tests/suites/test_suite_timing.function | 60 +- .../repo/tests/suites/test_suite_version.data | 6 +- .../tests/suites/test_suite_version.function | 62 +- .../tests/suites/test_suite_x509parse.data | 460 +- .../suites/test_suite_x509parse.function | 1256 +- .../tests/suites/test_suite_x509write.data | 81 +- .../suites/test_suite_x509write.function | 531 +- .../tests/suites/test_suite_xtea.function | 50 +- .../repo/visualc/VS2010/mbedTLS.vcxproj | 3 + 844 files changed, 149276 insertions(+), 97742 deletions(-) create mode 100644 third_party/mbedtls/repo/.gitattributes create mode 100644 third_party/mbedtls/repo/.readthedocs.yaml create mode 100644 third_party/mbedtls/repo/.uncrustify.cfg create mode 100644 third_party/mbedtls/repo/configs/config-ccm-psk-dtls1_2.h create mode 100644 third_party/mbedtls/repo/docs/Makefile create mode 100644 third_party/mbedtls/repo/docs/conf.py delete mode 100644 third_party/mbedtls/repo/docs/getting_started.md create mode 100644 third_party/mbedtls/repo/docs/index.rst create mode 100644 third_party/mbedtls/repo/docs/requirements.in create mode 100644 third_party/mbedtls/repo/docs/requirements.txt create mode 100644 third_party/mbedtls/repo/library/bignum_internal.h create mode 100755 third_party/mbedtls/repo/scripts/code_style.py create mode 100755 third_party/mbedtls/repo/scripts/lcov.sh create mode 100644 third_party/mbedtls/repo/scripts/mbedtls_dev/__init__.py create mode 100644 third_party/mbedtls/repo/scripts/mbedtls_dev/build_tree.py create mode 100644 third_party/mbedtls/repo/scripts/mbedtls_dev/test_data_generation.py delete mode 100644 third_party/mbedtls/repo/tests/configs/config-wrapper-malloc-0-null.h create mode 100644 third_party/mbedtls/repo/tests/configs/user-config-malloc-0-null.h create mode 100644 third_party/mbedtls/repo/tests/configs/user-config-zeroize-memset.h create mode 100644 third_party/mbedtls/repo/tests/data_files/dh.optlen.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_256_long_prv.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_521_prv.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_521_pub.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_521_short_prv.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_bp512_prv.der create mode 100644 third_party/mbedtls/repo/tests/data_files/ec_bp512_pub.der delete mode 100644 third_party/mbedtls/repo/tests/data_files/mpi_10 create mode 100644 third_party/mbedtls/repo/tests/data_files/mpi_16 rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/bitstring-in-dn.pem (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi_nocn.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_md2.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_md4.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_md5.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha1.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha224.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha256.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha384.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha512.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/cert_v1_with_ext.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/cli-rsa-sha256-badalg.crt.der (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha1.pem rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-ec-sha224.pem (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha256.pem rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-ec-sha384.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-ec-sha512.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-idp.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-idpnc.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl-malformed-trailing-spaces.pem (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha1.pem create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha224.pem create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha256.pem create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha384.pem create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha512.pem create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl_expired.pem rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_md2.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_md4.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_md5.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_sha1.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_sha224.pem (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha256.pem rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_sha384.pem (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/crl_sha512.pem (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/keyUsage.decipherOnly.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/multiple_san.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/non-ascii-string-in-issuer.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server1-ms.req.sha256 (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.cert_type.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server1.crt.der (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server1.ext_ku.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.key_usage.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.commas.sha256 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md4 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md5 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha1 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha224 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha256 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha384 create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha512 rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server1_pathlen_int_max-1.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server1_pathlen_int_max.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server2.crt.der (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server3.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server4.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5-fan.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-non-compliant.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-nonprintable_othername.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5-othername.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha1.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha224.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha384.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha512.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5-unsupported_othername.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server5.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5.req.sha1 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5.req.sha224 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5.req.sha256 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5.req.sha384 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server5.req.sha512 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server7_all_space.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server7_int-ca.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server7_pem_space.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server7_trailing_space.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha224.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha256.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha384.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha512.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/server9.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server9.req.sha1 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server9.req.sha224 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server9.req.sha256 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server9.req.sha384 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/server9.req.sha512 (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-any_policy.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-any_policy_ec.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-any_policy_with_qualifier.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-any_policy_with_qualifier_ec.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-multi_policy.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-multi_policy_ec.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-unsupported_policy.crt (100%) rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca-unsupported_policy_ec.crt (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt rename third_party/mbedtls/repo/tests/data_files/{ => parse_input}/test-ca.crt.der (100%) create mode 100644 third_party/mbedtls/repo/tests/data_files/rsa4096_prv.der create mode 100644 third_party/mbedtls/repo/tests/data_files/rsa4096_pub.der create mode 100644 third_party/mbedtls/repo/tests/data_files/server1.commas.crt create mode 100644 third_party/mbedtls/repo/tests/data_files/server1.key.der create mode 100644 third_party/mbedtls/repo/tests/data_files/server1.pubkey.der create mode 100644 third_party/mbedtls/repo/tests/data_files/server1.req.sha256.ext create mode 100644 third_party/mbedtls/repo/tests/data_files/server5.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca.req.sha256 create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca.req_ec.sha256 create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext create mode 100644 third_party/mbedtls/repo/tests/data_files/test-ca2.req.sha256 create mode 100644 third_party/mbedtls/repo/tests/include/baremetal-override/time.h create mode 100644 third_party/mbedtls/repo/tests/include/test/arguments.h create mode 100644 third_party/mbedtls/repo/tests/include/test/ssl_helpers.h delete mode 100755 third_party/mbedtls/repo/tests/scripts/curves.pl delete mode 100755 third_party/mbedtls/repo/tests/scripts/depends-hashes.pl delete mode 100755 third_party/mbedtls/repo/tests/scripts/depends-pkalgs.pl create mode 100755 third_party/mbedtls/repo/tests/scripts/depends.py create mode 100755 third_party/mbedtls/repo/tests/scripts/generate_bignum_tests.py delete mode 100755 third_party/mbedtls/repo/tests/scripts/key-exchanges.pl create mode 100644 third_party/mbedtls/repo/tests/src/external_timing/external_timing_for_test.c create mode 100644 third_party/mbedtls/repo/tests/src/external_timing/timing_alt.h create mode 100644 third_party/mbedtls/repo/tests/src/test_helpers/ssl_helpers.c create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_bignum.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_bignum.generated.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_bignum.misc.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_constant_time.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_constant_time.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.function delete mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_mpi.data delete mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_mpi.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.generated.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.misc.data create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.function create mode 100644 third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.misc.data diff --git a/third_party/mbedtls/README.md b/third_party/mbedtls/README.md index 2af292dd4e8..176bf938888 100644 --- a/third_party/mbedtls/README.md +++ b/third_party/mbedtls/README.md @@ -2,11 +2,11 @@ ## URL -https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.28.0 +https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.28.7 ## Version -2.28.0 +2.28.7 ## License diff --git a/third_party/mbedtls/repo/.gitattributes b/third_party/mbedtls/repo/.gitattributes new file mode 100644 index 00000000000..ceb59d7d030 --- /dev/null +++ b/third_party/mbedtls/repo/.gitattributes @@ -0,0 +1,2 @@ +# Classify all '.function' files as C for syntax highlighting purposes +*.function linguist-language=C diff --git a/third_party/mbedtls/repo/.github/issue_template.md b/third_party/mbedtls/repo/.github/issue_template.md index 370066f4865..d4573a4356b 100644 --- a/third_party/mbedtls/repo/.github/issue_template.md +++ b/third_party/mbedtls/repo/.github/issue_template.md @@ -20,7 +20,7 @@ github issues for questions. **OS** Mbed OS|linux|windows| -**mbed TLS build:** +**Mbed TLS build:** Version: x.x.x or git commit id OS version: x.x.x Configuration: please attach config.h file where possible diff --git a/third_party/mbedtls/repo/.github/pull_request_template.md b/third_party/mbedtls/repo/.github/pull_request_template.md index c5804436a49..94fb0202a98 100644 --- a/third_party/mbedtls/repo/.github/pull_request_template.md +++ b/third_party/mbedtls/repo/.github/pull_request_template.md @@ -1,36 +1,19 @@ -Notes: -* Pull requests cannot be accepted until the PR follows the [contributing guidelines](../CONTRIBUTING.md). In particular, each commit must have at least one `Signed-off-by:` line from the committer to certify that the contribution is made under the terms of the [Developer Certificate of Origin](../dco.txt). -* This is just a template, so feel free to use/remove the unnecessary things ## Description -A few sentences describing the overall goals of the pull request's commits. +Please write a few sentences describing the overall goals of the pull request's commits. -## Status -**READY/IN DEVELOPMENT/HOLD** -## Requires Backporting -When there is a bug fix, it should be backported to all maintained and supported branches. -Changes do not have to be backported if: -- This PR is a new feature\enhancement -- This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch -Yes | NO -Which branch? +## Gatekeeper checklist -## Migrations -If there is any API change, what's the incentive and logic for it. +- [ ] **changelog** provided, or not required +- [ ] **backport** done, or not required +- [ ] **tests** provided, or not required -YES | NO -## Additional comments -Any additional information that could be of interest -## Todos -- [ ] Tests -- [ ] Documentation -- [ ] Changelog updated -- [ ] Backported +## Notes for the submitter +Please refer to the [contributing guidelines](../CONTRIBUTING.md), especially the +checklist for PR contributors. -## Steps to test or reproduce -Outline the steps to test or reproduce the PR here. diff --git a/third_party/mbedtls/repo/.gitignore b/third_party/mbedtls/repo/.gitignore index 9b185c6ece7..54b3c5496df 100644 --- a/third_party/mbedtls/repo/.gitignore +++ b/third_party/mbedtls/repo/.gitignore @@ -1,5 +1,7 @@ # Random seed file created by test scripts and sample programs seedfile +# MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework +00000000ffffff52.psa_its # CMake build artifacts: CMakeCache.txt @@ -23,6 +25,14 @@ coverage-summary.txt # generated by scripts/memory.sh massif-* +# Eclipse project files +.cproject +.project +/.settings + +# Unix-like build artifacts: +*.o + # MSVC build artifacts: *.exe *.pdb @@ -60,3 +70,6 @@ massif-* /TAGS /cscope*.out /tags + +# Clangd compilation database +compile_commands.json diff --git a/third_party/mbedtls/repo/.pylintrc b/third_party/mbedtls/repo/.pylintrc index d217ff69c5c..10c93f8791e 100644 --- a/third_party/mbedtls/repo/.pylintrc +++ b/third_party/mbedtls/repo/.pylintrc @@ -73,3 +73,7 @@ reports=no # Allow unused variables if their name starts with an underscore. # [unused-argument] dummy-variables-rgx=_.* + +[SIMILARITIES] +# Ignore imports when computing similarities. +ignore-imports=yes diff --git a/third_party/mbedtls/repo/.readthedocs.yaml b/third_party/mbedtls/repo/.readthedocs.yaml new file mode 100644 index 00000000000..47bec7686ee --- /dev/null +++ b/third_party/mbedtls/repo/.readthedocs.yaml @@ -0,0 +1,26 @@ +# .readthedocs.yaml +# Read the Docs configuration file +# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details + +# Required +version: 2 + +# Set the version of Python and other tools you might need +build: + os: ubuntu-20.04 + tools: + python: "3.9" + jobs: + pre_build: + - ./scripts/apidoc_full.sh + - breathe-apidoc -o docs/api apidoc/xml + +# Build documentation in the docs/ directory with Sphinx +sphinx: + builder: dirhtml + configuration: docs/conf.py + +# Optionally declare the Python requirements required to build your docs +python: + install: + - requirements: docs/requirements.txt diff --git a/third_party/mbedtls/repo/.travis.yml b/third_party/mbedtls/repo/.travis.yml index 33546073bf7..3b4132e0564 100644 --- a/third_party/mbedtls/repo/.travis.yml +++ b/third_party/mbedtls/repo/.travis.yml @@ -1,52 +1,24 @@ -language: c -compiler: gcc -sudo: false -cache: ccache - -jobs: - include: - - name: basic checks and reference configurations - addons: - apt: - packages: - - gnutls-bin - - doxygen - - graphviz - - gcc-arm-none-eabi - - libnewlib-arm-none-eabi - - gcc-arm-linux-gnueabi - - libc6-dev-armel-cross - language: python # Needed to get pip for Python 3 - python: 3.5 # version from Ubuntu 16.04 - install: - - scripts/min_requirements.py - script: - - tests/scripts/all.sh -k 'check_*' - - tests/scripts/all.sh -k test_default_out_of_box - - tests/scripts/all.sh -k test_ref_configs - - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus +# Declare python as our language. This way we get our chosen Python version, +# and pip is available. Gcc and clang are available anyway. +dist: jammy +os: linux +language: python +python: 3.10 - - name: full configuration - script: - - tests/scripts/all.sh -k test_full_cmake_gcc_asan +cache: ccache - - name: Windows - os: windows - script: - - scripts/windows_msbuild.bat v141 # Visual Studio 2017 +branches: + only: + coverity_scan -after_failure: -- tests/scripts/travis-log-failure.sh +install: + - $PYTHON scripts/min_requirements.py env: global: - SEED=1 - - secure: "FrI5d2s+ckckC17T66c8jm2jV6i2DkBPU5nyWzwbedjmEBeocREfQLd/x8yKpPzLDz7ghOvr+/GQvsPPn0dVkGlNzm3Q+hGHc/ujnASuUtGrcuMM+0ALnJ3k4rFr9xEvjJeWb4SmhJO5UCAZYvTItW4k7+bj9L+R6lt3TzQbXzg=" - + - secure: "GF/Fde5fkm15T/RNykrjrPV5Uh1KJ70cP308igL6Xkk3eJmqkkmWCe9JqRH12J3TeWw2fu9PYPHt6iFSg6jasgqysfUyg+W03knRT5QNn3h5eHgt36cQJiJr6t3whPrRaiM6U9omE0evm+c0cAwlkA3GGSMw8Z+na4EnKI6OFCo=" addons: - apt: - packages: - - gnutls-bin coverity_scan: project: name: "ARMmbed/mbedtls" diff --git a/third_party/mbedtls/repo/.uncrustify.cfg b/third_party/mbedtls/repo/.uncrustify.cfg new file mode 100644 index 00000000000..8dc9db0497d --- /dev/null +++ b/third_party/mbedtls/repo/.uncrustify.cfg @@ -0,0 +1,240 @@ +# Configuration options for Uncrustify specifying the Mbed TLS code style. +# +# Note: The code style represented by this file has not yet been introduced +# to Mbed TLS. +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + + +# Wrap lines at 100 characters +code_width = 100 + +# Allow splitting long for statements between the condition statements +ls_for_split_full = true + +# Allow splitting function calls between arguments +ls_func_split_full = true + +input_tab_size = 4 + +# Spaces-only indentation +indent_with_tabs = 0 + +indent_columns = 4 + +# Indent 'case' 1 level from 'switch' +indent_switch_case = indent_columns + +# Line-up strings broken by '\' +indent_align_string = true + +# Braces on the same line (Egyptian-style braces) +nl_enum_brace = remove +nl_union_brace = remove +nl_struct_brace = remove +nl_do_brace = remove +nl_if_brace = remove +nl_for_brace = remove +nl_else_brace = remove +nl_while_brace = remove +nl_switch_brace = remove + +# Braces on same line as keywords that follow them - 'else' and the 'while' in 'do {} while ()'; +nl_brace_else = remove +nl_brace_while = remove +# Space before else on the same line +sp_brace_else = add +# If else is on the same line as '{', force exactly 1 space between them +sp_else_brace = force + +# Functions are the exception and have braces on the next line +nl_fcall_brace = add +nl_fdef_brace = add + +# Force exactly one space between ')' and '{' in statements +sp_sparen_brace = force + +# At least 1 space around assignment +sp_assign = add + +# Remove spaces around the preprocessor '##' token-concatenate +sp_pp_concat = ignore + +# At least 1 space around '||' and '&&' +sp_bool = add + +# But no space after the '!' operator +sp_not = remove + +# No space after the bitwise-not '~' operator +sp_inv = remove + +# No space after the addressof '&' operator +sp_addr = remove + +# No space around the member '.' and '->' operators +sp_member = remove + +# No space after the dereference '*' operator +sp_deref = remove + +# No space after a unary negation '-' +sp_sign = remove + +# No space between the '++'/'--' operator and its operand +sp_incdec = remove + +# At least 1 space around comparison operators +sp_compare = add + +# Remove spaces inside all kinds of parentheses: + +# Remove spaces inside parentheses +sp_inside_paren = remove + +# No spaces inside statement parentheses +sp_inside_sparen = remove + +# No spaces inside cast parentheses '( char )x' -> '(char)x' +sp_inside_paren_cast = remove + +# No spaces inside function parentheses +sp_inside_fparen = remove +# (The case where the function has no parameters/arguments) +sp_inside_fparens = remove + +# No spaces inside the first parentheses in a function type +sp_inside_tparen = remove + +# (Uncrustify >= 0.74.0) No spaces inside parens in for statements +sp_inside_for = remove + +# Remove spaces between nested parentheses '( (' -> '((' +sp_paren_paren = remove +# (Uncrustify >= 0.74.0) +sp_sparen_paren = remove + +# Remove spaces between ')' and adjacent '(' +sp_cparen_oparen = remove + +# (Uncrustify >= 0.73.0) space between 'do' and '{' +sp_do_brace_open = force + +# (Uncrustify >= 0.73.0) space between '}' and 'while' +sp_brace_close_while = force + +# At least 1 space before a '*' pointer star +sp_before_ptr_star = add + +# Remove spaces between pointer stars +sp_between_ptr_star = remove + +# No space after a pointer star +sp_after_ptr_star = remove + +# But allow a space in the case of e.g. char * const x; +sp_after_ptr_star_qualifier = ignore + +# Remove space after star in a function return type +sp_after_ptr_star_func = remove + +# At least 1 space after a type in variable definition etc +sp_after_type = add + +# Force exactly 1 space between a statement keyword (e.g. 'if') and an opening parenthesis +sp_before_sparen = force + +# Remove a space before a ';' +sp_before_semi = remove +# (Uncrustify >= 0.73.0) Remove space before a semi in a non-empty for +sp_before_semi_for = remove +# (Uncrustify >= 0.73.0) Remove space in empty first statement of a for +sp_before_semi_for_empty = remove +# (Uncrustify >= 0.74.0) Remove space in empty middle statement of a for +sp_between_semi_for_empty = remove + +# Add a space after a ';' (unless a comment follows) +sp_after_semi = add +# (Uncrustify >= 0.73.0) Add a space after a semi in non-empty for statements +sp_after_semi_for = add +# (Uncrustify >= 0.73.0) No space after final semi in empty for statements +sp_after_semi_for_empty = remove + +# Remove spaces on the inside of square brackets '[]' +sp_inside_square = remove + +# Must have at least 1 space after a comma +sp_after_comma = add + +# Must not have a space before a comma +sp_before_comma = remove + +# No space before the ':' in a case statement +sp_before_case_colon = remove + +# Must have space after a cast - '(char)x' -> '(char) x' +sp_after_cast = add + +# No space between 'sizeof' and '(' +sp_sizeof_paren = remove + +# At least 1 space inside '{ }' +sp_inside_braces = add + +# At least 1 space inside '{ }' in an enum +sp_inside_braces_enum = add + +# At least 1 space inside '{ }' in a struct +sp_inside_braces_struct = add + +# At least 1 space between a function return type and the function name +sp_type_func = add + +# No space between a function name and its arguments/parameters +sp_func_proto_paren = remove +sp_func_def_paren = remove +sp_func_call_paren = remove + +# No space between '__attribute__' and '(' +sp_attribute_paren = remove + +# No space between 'defined' and '(' in preprocessor conditions +sp_defined_paren = remove + +# At least 1 space between a macro's name and its definition +sp_macro = add +sp_macro_func = add + +# Force exactly 1 space between a '}' and the name of a typedef if on the same line +sp_brace_typedef = force + +# At least 1 space before a '\' line continuation +sp_before_nl_cont = add + +# At least 1 space around '?' and ':' in ternary statements +sp_cond_colon = add +sp_cond_question = add + +# Space between #else/#endif and comment afterwards +sp_endif_cmt = add + +# Remove newlines at the start of a file +nl_start_of_file = remove + +# At least 1 newline at the end of a file +nl_end_of_file = add +nl_end_of_file_min = 1 + +# Add braces in single-line statements +mod_full_brace_do = add +mod_full_brace_for = add +mod_full_brace_if = add +mod_full_brace_while = add + +# Remove parentheses from return statements +mod_paren_on_return = remove + +# Disable removal of leading spaces in a multi-line comment if the first and +# last lines are the same length +cmt_multi_check_last = false diff --git a/third_party/mbedtls/repo/3rdparty/everest/.gitignore b/third_party/mbedtls/repo/3rdparty/everest/.gitignore index 6eb25f66ad5..f3c7a7c5da6 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/.gitignore +++ b/third_party/mbedtls/repo/3rdparty/everest/.gitignore @@ -1,2 +1 @@ -*.o Makefile diff --git a/third_party/mbedtls/repo/3rdparty/everest/README.md b/third_party/mbedtls/repo/3rdparty/everest/README.md index 0e254666260..bcf12c0c057 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/README.md +++ b/third_party/mbedtls/repo/3rdparty/everest/README.md @@ -2,4 +2,4 @@ The files in this directory stem from [Project Everest](https://project-everest. This is a formally verified implementation of Curve25519-based handshakes. The C code is automatically derived from the (verified) [original implementation](https://github.com/project-everest/hacl-star/tree/master/code/curve25519) in the [F* language](https://github.com/fstarlang/fstar) by [KreMLin](https://github.com/fstarlang/kremlin). In addition to the improved safety and security of the implementation, it is also significantly faster than the default implementation of Curve25519 in mbedTLS. -The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explictly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later). +The caveat is that not all platforms are supported, although the version in `everest/library/legacy` should work on most systems. The main issue is that some platforms do not provide a 128-bit integer type and KreMLin therefore has to use additional (also verified) code to simulate them, resulting in less of a performance gain overall. Explicitly supported platforms are currently `x86` and `x86_64` using gcc or clang, and Visual C (2010 and later). diff --git a/third_party/mbedtls/repo/3rdparty/everest/include/everest/everest.h b/third_party/mbedtls/repo/3rdparty/everest/include/everest/everest.h index 58065001f47..392e7924a92 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/include/everest/everest.h +++ b/third_party/mbedtls/repo/3rdparty/everest/include/everest/everest.h @@ -96,7 +96,7 @@ int mbedtls_everest_make_params( mbedtls_ecdh_context_everest *ctx, size_t *olen void *p_rng ); /** - * \brief This function parses and processes a TLS ServerKeyExhange + * \brief This function parses and processes a TLS ServerKeyExchange * payload. * * This is the first function used by a TLS client for ECDHE @@ -116,7 +116,7 @@ int mbedtls_everest_read_params( mbedtls_ecdh_context_everest *ctx, const unsigned char **buf, const unsigned char *end ); /** - * \brief This function parses and processes a TLS ServerKeyExhange + * \brief This function parses and processes a TLS ServerKeyExchange * payload. * * This is the first function used by a TLS client for ECDHE diff --git a/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/inttypes.h b/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/inttypes.h index d53f87f21d3..77003be0b01 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/inttypes.h +++ b/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/inttypes.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _INTTYPES_H_VS2010 diff --git a/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/stdbool.h b/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/stdbool.h index 5b7039c4f46..dcae6d80ad1 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/stdbool.h +++ b/third_party/mbedtls/repo/3rdparty/everest/include/everest/vs2010/stdbool.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _STDBOOL_H_VS2010 diff --git a/third_party/mbedtls/repo/3rdparty/everest/include/everest/x25519.h b/third_party/mbedtls/repo/3rdparty/everest/include/everest/x25519.h index 7a973dcf010..ef314d2f3bd 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/include/everest/x25519.h +++ b/third_party/mbedtls/repo/3rdparty/everest/include/everest/x25519.h @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef MBEDTLS_X25519_H diff --git a/third_party/mbedtls/repo/3rdparty/everest/library/Hacl_Curve25519_joined.c b/third_party/mbedtls/repo/3rdparty/everest/library/Hacl_Curve25519_joined.c index ee62be1ceb4..b7d0c929c97 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/library/Hacl_Curve25519_joined.c +++ b/third_party/mbedtls/repo/3rdparty/everest/library/Hacl_Curve25519_joined.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/third_party/mbedtls/repo/3rdparty/everest/library/everest.c b/third_party/mbedtls/repo/3rdparty/everest/library/everest.c index 82c4e03adb5..fefc6a2ce4d 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/library/everest.c +++ b/third_party/mbedtls/repo/3rdparty/everest/library/everest.c @@ -28,12 +28,7 @@ #include "everest/x25519.h" #include "everest/everest.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) diff --git a/third_party/mbedtls/repo/3rdparty/everest/library/x25519.c b/third_party/mbedtls/repo/3rdparty/everest/library/x25519.c index 9faa9ab7d86..83064dc6194 100644 --- a/third_party/mbedtls/repo/3rdparty/everest/library/x25519.c +++ b/third_party/mbedtls/repo/3rdparty/everest/library/x25519.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/third_party/mbedtls/repo/BRANCHES.md b/third_party/mbedtls/repo/BRANCHES.md index ee91f76bb8b..28a2c6a5caa 100644 --- a/third_party/mbedtls/repo/BRANCHES.md +++ b/third_party/mbedtls/repo/BRANCHES.md @@ -2,10 +2,10 @@ At any point in time, we have a number of maintained branches consisting of: -- The [`master`](https://github.com/ARMmbed/mbedtls/tree/master) branch: +- The [`master`](https://github.com/Mbed-TLS/mbedtls/tree/master) branch: this always contains the latest release, including all publicly available security fixes. -- The [`development`](https://github.com/ARMmbed/mbedtls/tree/development) branch: +- The [`development`](https://github.com/Mbed-TLS/mbedtls/tree/development) branch: this is where new features land, as well as bug fixes and security fixes. - One or more long-time support (LTS) branches: @@ -16,7 +16,12 @@ API compatibility in the `master` branch between major version changes. We also maintain ABI compatibility within LTS branches; see the next section for details. -## Backwards Compatibility +Every major version will become an LTS branch when the next major version is +released. We may occasionally create LTS branches from other releases at our +discretion. +When a new LTS branch is created, it usually remains supported for three years. + +## Backwards Compatibility for application code We maintain API compatibility in released versions of Mbed TLS. If you have code that's working and secure with Mbed TLS x.y.z and does not rely on @@ -24,6 +29,14 @@ undocumented features, then you should be able to re-compile it without modification with any later release x.y'.z' with the same major version number, and your code will still build, be secure, and work. +Note that this guarantee only applies if you either use the default +compile-time configuration (`mbedtls/config.h`) or the same modified +compile-time configuration. Changing compile-time configuration options can +result in an incompatible API or ABI, although features will generally not +affect unrelated features (for example, enabling or disabling a +cryptographic algorithm does not break code that does not use that +algorithm). + There are rare exceptions: code that was relying on something that became insecure in the meantime (for example, crypto that was found to be weak) may need to be changed. In case security comes in conflict with backwards @@ -40,15 +53,29 @@ had to break ABI compatibility in an LTS branch, but we occasionally had to increase code size for a security fix.) For contributors, see the [Backwards Compatibility section of -CONTRIBUTING](CONTRIBUTING.md#cackwords-compatibility). +CONTRIBUTING](CONTRIBUTING.md#backwards-compatibility). + +## Backward compatibility for the key store + +We maintain backward compatibility with previous versions of the +PSA Crypto persistent storage since Mbed TLS 2.25.0, provided that the +storage backend (PSA ITS implementation) is configured in a compatible way. +We intend to maintain this backward compatibility throughout a major version +of Mbed TLS (for example, all Mbed TLS 3.y versions will be able to read +keys written under any Mbed TLS 3.x with x <= y). + +Mbed TLS 3.x can also read keys written by Mbed TLS 2.25.0 through 2.28.x +LTS, but future major version upgrades (for example from 2.28.x/3.x to 4.y) +may require the use of an upgrade tool. ## Current Branches The following branches are currently maintained: -- [master](https://github.com/ARMmbed/mbedtls/tree/master) -- [`development`](https://github.com/ARMmbed/mbedtls/) -- [`mbedtls-2.28`](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.28) - maintained until at least the end of 2024. +- [master](https://github.com/Mbed-TLS/mbedtls/tree/master) +- [`development`](https://github.com/Mbed-TLS/mbedtls/) +- [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) + maintained until at least the end of 2024, see + . Users are urged to always use the latest version of a maintained branch. diff --git a/third_party/mbedtls/repo/BUGS.md b/third_party/mbedtls/repo/BUGS.md index e8705ffbce3..47bde07a239 100644 --- a/third_party/mbedtls/repo/BUGS.md +++ b/third_party/mbedtls/repo/BUGS.md @@ -1,6 +1,6 @@ ## Known issues -Known issues in Mbed TLS are [tracked on GitHub](https://github.com/ARMmbed/mbedtls/issues). +Known issues in Mbed TLS are [tracked on GitHub](https://github.com/Mbed-TLS/mbedtls/issues). ## Reporting a bug @@ -9,12 +9,12 @@ If you think you've found a bug in Mbed TLS, please follow these steps: 1. Make sure you're using the latest version of a [maintained branch](BRANCHES.md): `master`, `development`, or a long-time support branch. -2. Check [GitHub](https://github.com/ARMmbed/mbedtls/issues) to see if +2. Check [GitHub](https://github.com/Mbed-TLS/mbedtls/issues) to see if your issue has already been reported. If not, … 3. If the issue is a security risk (for example: buffer overflow, data leak), please report it confidentially as described in [`SECURITY.md`](SECURITY.md). If not, … -4. Please [create an issue on on GitHub](https://github.com/ARMmbed/mbedtls/issues). +4. Please [create an issue on on GitHub](https://github.com/Mbed-TLS/mbedtls/issues). Please do not use GitHub for support questions. If you want to know how to do something with Mbed TLS, please see [`SUPPORT.md`](SUPPORT.md) for available documentation and support channels. diff --git a/third_party/mbedtls/repo/CMakeLists.txt b/third_party/mbedtls/repo/CMakeLists.txt index 14ca7b69625..b001bb70a1a 100644 --- a/third_party/mbedtls/repo/CMakeLists.txt +++ b/third_party/mbedtls/repo/CMakeLists.txt @@ -6,9 +6,9 @@ # command but rather at the target level using the # target_include_directories command. That way, it is easier to guarantee # that targets are built using the proper list of include directories. -# + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include +# + Use the PUBLIC and PRIVATE keywords to specify the scope of include # directories. That way, a target linking to a library (using the -# target_link_librairies command) inherits from the library PUBLIC include +# target_link_libraries command) inherits from the library PUBLIC include # directories and not from the PRIVATE ones. # + Note: there is currently one remaining include_directories command in the # CMake files. It is related to ZLIB support which is planned to be removed. @@ -34,18 +34,18 @@ cmake_policy(SET CMP0011 NEW) cmake_policy(SET CMP0012 NEW) if(TEST_CPP) - project("mbed TLS" C CXX) + project("Mbed TLS" C CXX) else() - project("mbed TLS" C) + project("Mbed TLS" C) endif() # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) -option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF) -option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) +option(USE_PKCS11_HELPER_LIBRARY "Build Mbed TLS with the pkcs11-helper library." OFF) +option(ENABLE_ZLIB_SUPPORT "Build Mbed TLS with zlib library." OFF) -option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) +option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) @@ -57,9 +57,9 @@ string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}") # the test suites currently have compile errors with MSVC if(CMAKE_COMPILER_IS_MSVC) - option(ENABLE_TESTING "Build mbed TLS tests." OFF) + option(ENABLE_TESTING "Build Mbed TLS tests." OFF) else() - option(ENABLE_TESTING "Build mbed TLS tests." ON) + option(ENABLE_TESTING "Build Mbed TLS tests." ON) endif() # Warning string - created as a list for compatibility with CMake 2.8 @@ -135,37 +135,38 @@ if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) FORCE) endif() +# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).") +set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).") + # Create a symbolic link from ${base_name} in the binary directory # to the corresponding path in the source directory. +# Note: Copies the file(s) on Windows. function(link_to_source base_name) - # Get OS dependent path to use in `execute_process` - if (CMAKE_HOST_WIN32) - #mklink is an internal command of cmd.exe it can only work with \ - string(REPLACE "/" "\\" link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}") - string(REPLACE "/" "\\" target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}") - else() - set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}") - set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}") - endif() + set(link "${CMAKE_CURRENT_BINARY_DIR}/${base_name}") + set(target "${CMAKE_CURRENT_SOURCE_DIR}/${base_name}") if (NOT EXISTS ${link}) if (CMAKE_HOST_UNIX) - set(command ln -s ${target} ${link}) + execute_process(COMMAND ln -s ${target} ${link} + RESULT_VARIABLE result + ERROR_VARIABLE output) + + if (NOT ${result} EQUAL 0) + message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}") + endif() else() if (IS_DIRECTORY ${target}) - set(command cmd.exe /c mklink /j ${link} ${target}) + file(GLOB_RECURSE files FOLLOW_SYMLINKS RELATIVE ${target} "${target}/*") + foreach(file IN LISTS files) + if(NOT IS_DIRECTORY "${target}/${file}") + configure_file("${target}/${file}" "${link}/${file}" COPYONLY) + endif() + endforeach(file) else() - set(command cmd.exe /c mklink /h ${link} ${target}) + configure_file(${target} ${link} COPYONLY) endif() endif() - - execute_process(COMMAND ${command} - RESULT_VARIABLE result - ERROR_VARIABLE output) - - if (NOT ${result} EQUAL 0) - message(FATAL_ERROR "Could not create symbolic link for: ${target} --> ${output}") - endif() endif() endfunction(link_to_source) @@ -222,12 +223,14 @@ if(CMAKE_COMPILER_IS_CLANG) endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts") + set(CMAKE_C_FLAGS_RELEASE "-Ohz") + set(CMAKE_C_FLAGS_DEBUG "--debug -On") endif(CMAKE_COMPILER_IS_IAR) if(CMAKE_COMPILER_IS_MSVC) - # Strictest warnings - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3") + # Strictest warnings, UTF-8 source and execution charset + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /utf-8") endif(CMAKE_COMPILER_IS_MSVC) if(MBEDTLS_FATAL_WARNINGS) @@ -243,6 +246,10 @@ if(MBEDTLS_FATAL_WARNINGS) set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error=cpp") endif(UNSAFE_BUILD) endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) + + if (CMAKE_COMPILER_IS_IAR) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") + endif(CMAKE_COMPILER_IS_IAR) endif(MBEDTLS_FATAL_WARNINGS) if(CMAKE_BUILD_TYPE STREQUAL "Coverage") @@ -286,12 +293,37 @@ add_subdirectory(library) # to define the test executables. # if(ENABLE_TESTING OR ENABLE_PROGRAMS) - file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) + file(GLOB MBEDTLS_TEST_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) target_include_directories(mbedtls_test PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library) + + file(GLOB MBEDTLS_TEST_HELPER_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c) + add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES}) + target_include_directories(mbedtls_test_helpers + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include) + + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() endif() if(ENABLE_PROGRAMS) @@ -310,22 +342,15 @@ if(ENABLE_TESTING) # additional convenience targets for Unix only if(UNIX) - ADD_CUSTOM_TARGET(covtest - COMMAND make test - COMMAND programs/test/selftest - COMMAND tests/compat.sh - COMMAND tests/ssl-opt.sh - ) - + # For coverage testing: + # 1. Build with: + # cmake -D CMAKE_BUILD_TYPE=Coverage /path/to/source && make + # 2. Run the relevant tests for the part of the code you're interested in. + # For the reference coverage measurement, see + # tests/scripts/basic-build-test.sh + # 3. Run scripts/lcov.sh to generate an HTML report. ADD_CUSTOM_TARGET(lcov - COMMAND rm -rf Coverage - COMMAND lcov --capture --initial --directory library/CMakeFiles/mbedtls.dir -o files.info - COMMAND lcov --capture --directory library/CMakeFiles/mbedtls.dir -o tests.info - COMMAND lcov --add-tracefile files.info --add-tracefile tests.info -o all.info - COMMAND lcov --remove all.info -o final.info '*.h' - COMMAND gendesc tests/Descriptions.txt -o descriptions - COMMAND genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --no-branch-coverage -o Coverage final.info - COMMAND rm -f files.info tests.info all.info final.info descriptions + COMMAND scripts/lcov.sh ) ADD_CUSTOM_TARGET(memcheck diff --git a/third_party/mbedtls/repo/CONTRIBUTING.md b/third_party/mbedtls/repo/CONTRIBUTING.md index b3a9547a512..f9dd499d203 100644 --- a/third_party/mbedtls/repo/CONTRIBUTING.md +++ b/third_party/mbedtls/repo/CONTRIBUTING.md @@ -1,39 +1,40 @@ Contributing ============ -We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions: +We gratefully accept bug reports and contributions from the community. All PRs are reviewed by the project team / community, and may need some modifications to +be accepted. - - As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted. - - The contribution should not break API or ABI, unless there is a real justification for that. If there is an API change, the contribution, if accepted, will be merged only when there will be a major release. +Quick Checklist for PR contributors +----------------------------------- +More details on all of these points may be found in the sections below. + +- [Sign-off](#license-and-copyright): all commits must be signed off. +- [Tests](#tests): please ensure the PR includes adequate tests. +- [Changelog](#documentation): if needed, please provide a changelog entry. +- [Backports](#long-term-support-branches): provide a backport if needed (it's fine to wait until the main PR is accepted). Coding Standards ---------------- -- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. -- The code should be written in a clean and readable style. +- Contributions should include tests, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. Please check that your contribution passes basic tests before submission, and check the CI results after making a pull request. +- The code should be written in a clean and readable style, and must follow [our coding standards](https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards/). - The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs. - The code should be secure, and will be reviewed from a security point of view as well. Making a Contribution --------------------- -1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls) around a feature idea or a bug. -1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis. +1. [Check for open issues](https://github.com/Mbed-TLS/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org) around a feature idea or a bug. +1. Fork the [Mbed TLS repository on GitHub](https://github.com/Mbed-TLS/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/Mbed-TLS/mbedtls/tree/development) as a basis. 1. Write a test which shows that the bug was fixed or that the feature works as expected. 1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :) 1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it. -1. All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. -1. Ensure that each commit has at least one `Signed-off-by:` line from the committer. If anyone else contributes to the commit, they should also add their own `Signed-off-by:` line. By adding this line, contributor(s) certify that the contribution is made under the terms of the [Developer Certificate of Origin](dco.txt). The contribution licensing is described in the [License section of the README](README.md#License). Backwards Compatibility ----------------------- The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches, as described in [BRANCHES.md](BRANCHES.md). -To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change. - -Where changes to an existing interface are necessary, functions in the public interface which need to be changed, are marked as 'deprecated'. This is done with the preprocessor symbols `MBEDTLS_DEPRECATED_WARNING` and `MBEDTLS_DEPRECATED_REMOVED`. Then, a new function with a new name but similar if not identical behaviour to the original function containing the necessary changes should be created alongside the existing deprecated function. +To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change. If there is an API change, the contribution, if accepted, will be merged only when there is a major release. -When a build is made with the deprecation preprocessor symbols defined, a compiler warning will be generated to warn a user that the function will be removed at some point in the future, notifying users that they should change from the older deprecated function to the newer function at their own convenience. - -Therefore, no changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. As described above, if a function needs to be changed, a new function needs to be created alongside it, with a new name, and whatever change is necessary, such as a new parameter or the addition of a return value. +No changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. Where changes to an existing interface are necessary, functions in the public interface which need to be changed are marked as 'deprecated'. If there is a strong reason to replace an existing function with one that has a slightly different interface (different prototype, or different documented behavior), create a new function with a new name with the desired interface. Keep the old function, but mark it as deprecated. Periodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library. @@ -47,23 +48,18 @@ When backporting to these branches please observe the following rules: 1. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted. 1. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts. -It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors. +It would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/Mbed-TLS/mbedtls/tree/development) by contributors. The list of maintained branches can be found in the [Current Branches section of BRANCHES.md](BRANCHES.md#current-branches). -Currently maintained LTS branches are: -1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7) -1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) - - Tests ----- As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist. -Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function. +Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_rsa.c`). These files are generated from a `function file` (e.g. `suites/test_suite_rsa.function`) and a `data file` (e.g. `suites/test_suite_rsa.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function. -[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://tls.mbed.org/kb/development/test_suites). +[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://mbed-tls.readthedocs.io/en/latest/kb/development/test_suites/). A test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library. @@ -73,7 +69,7 @@ Continuous Integration Tests ---------------------------- Once a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures. -It is advised to enable the [githooks scripts](https://github.com/ARMmbed/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible. +It is advised to enable the [githooks scripts](https://github.com/Mbed-TLS/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible. Documentation ------------- @@ -82,5 +78,20 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out 1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation. 1. Complex parts in the code should include comments. 1. If needed, a Readme file is advised. -1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description. -1. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution. +1. If a [Knowledge Base (KB)](https://mbed-tls.readthedocs.io/en/latest/kb/) article should be added, write this as a comment in the PR description. +1. A [ChangeLog](https://github.com/Mbed-TLS/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution. + +License and Copyright +--------------------- + +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under. + +Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. + +All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". + +The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors". + +When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and is submitted under both the Apache-2.0 AND GPL-2.0-or-later licenses. + +This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line. diff --git a/third_party/mbedtls/repo/ChangeLog b/third_party/mbedtls/repo/ChangeLog index 021012a0269..5434e5509b1 100644 --- a/third_party/mbedtls/repo/ChangeLog +++ b/third_party/mbedtls/repo/ChangeLog @@ -1,4 +1,346 @@ -mbed TLS ChangeLog (Sorted per branch, date) +Mbed TLS ChangeLog (Sorted per branch, date) + += Mbed TLS 2.28.7 branch released 2024-01-26 + +Security + * Fix a timing side channel in private key RSA operations. This side channel + could be sufficient for an attacker to recover the plaintext. A local + attacker or a remote attacker who is close to the victim on the network + might have precise enough timing measurements to exploit this. It requires + the attacker to send a large number of messages for decryption. For + details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported + by Hubert Kario, Red Hat. + * Fix a failure to validate input when writing x509 extensions lengths which + could result in an integer overflow, causing a zero-length buffer to be + allocated to hold the extension. The extension would then be copied into + the buffer, causing a heap buffer overflow. + += Mbed TLS 2.28.6 branch released 2023-11-06 + +Changes + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later + license. Users may choose which license they take the code under. + += Mbed TLS 2.28.5 branch released 2023-10-05 + +Features + * The documentation of mbedtls_ecp_group now describes the optimized + representation of A for some curves. Fixes #8045. + +Security + * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should + review the size of the output buffer passed to this function, and note + that the output after decryption may include CBC padding. Consider moving + to the new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext() + which checks for overflow of the output buffer and reports the actual + length of the output. + * Improve padding calculations in CBC decryption, NIST key unwrapping and + RSA OAEP decryption. With the previous implementation, some compilers + (notably recent versions of Clang and IAR) could produce non-constant + time code, which could allow a padding oracle attack if the attacker + has access to precise timing measurements. + * Fix a buffer overread when parsing short TLS application data records in + ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz. + +Bugfix + * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when + using ECC key. The certificate was rejected by some crypto frameworks. + Fixes #2924. + * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA + signature can silently return an incorrect result in low memory conditions. + * Fix IAR compiler warnings. Fixes #7873, #4300. + * Fix an issue when parsing an otherName subject alternative name into a + mbedtls_x509_san_other_name struct. The type-id of the otherName was not + copied to the struct. This meant that the struct had incomplete + information about the otherName SAN and contained uninitialized memory. + * Fix the detection of HardwareModuleName otherName SANs. These were being + detected by comparing the wrong field and the check was erroneously + inverted. + * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not + MBEDTLS_ECDSA_VERIFY_ALT, causing ecdsa verify to fail. Fixes #7498. + * Functions in the ssl_cache module now return a negative MBEDTLS_ERR_xxx + error code on failure. Before, they returned 1 to indicate failure in + some cases involving a missing entry or a full cache. + +Changes + * In configurations with ARIA or Camellia but not AES, the value of + MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might + suggest. This did not affect any library code, because this macro was + only used in relation with CMAC which does not support these ciphers. + Its value is now 16 if ARIA or Camellia are present. This may affect + application code that uses this macro. + += Mbed TLS 2.28.4 branch released 2023-08-04 + +Features + * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by + setting the CMake variable of the same name at configuration time. + +Bugfix + * Fix crypt_and_hash decryption fail when used with a stream cipher + mode of operation, due to the input not being a multiple of the block + size. Resolves #7417. + * Fix a bug where mbedtls_x509_string_to_names() would return success + when given a invalid name string, if it did not contain '=' or ','. + * Fix missing PSA initialization in sample programs when + MBEDTLS_USE_PSA_CRYPTO is enabled. + * Fix clang and armclang compilation error when targeting certain Arm + M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23, + SecurCore SC000). Fixes #1077. + * Fixed an issue that caused compile errors when using CMake and the IAR + toolchain. + * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516. + * Fix builds on Windows with clang. + * Fix compilation warnings in aes.c for certain combinations + of configuration options. + * Fix a compilation error on some platforms when including mbedtls/ssl.h + with all TLS support disabled. Fixes #6628. + +Changes + * Update test data to avoid failures of unit tests after 2023-08-07, and + update expiring certififcates in the certs module. + += Mbed TLS 2.28.3 branch released 2023-03-28 + +Features + * Use HOSTCC (if it is set) when compiling C code during generation of the + configuration-independent files. This allows them to be generated when + CC is set for cross compilation. + * AES-NI is now supported with Visual Studio. + * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM + is disabled, when compiling with GCC or Clang or a compatible compiler + for a target CPU that supports the requisite instructions (for example + gcc -m32 -msse2 -maes -mpclmul). (Generic x86 builds with GCC-like + compilers still require MBEDTLS_HAVE_ASM and a 64-bit target.) + +Security + * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on + builds that couldn't compile the GCC-style assembly implementation + (most notably builds with Visual Studio), leaving them vulnerable to + timing side-channel attacks. There is now an intrinsics-based AES-NI + implementation as a fallback for when the assembly one cannot be used. + +Bugfix + * Fix a build issue on Windows where the source and build directory could + not be on different drives (#5751). + * Fix possible integer overflow in mbedtls_timing_hardclock(), which + could cause a crash for certain platforms & compiler options. + * Fix IAR compiler warnings. Fixes #6924. + * Fix a bug in the build where directory names containing spaces were + causing generate_errors.pl to error out resulting in a build failure. + Fixes issue #6879. + * Fix compile error where MBEDTLS_RSA_C and MBEDTLS_X509_CRT_WRITE_C are + defined, but MBEDTLS_PK_RSA_ALT_SUPPORT is not defined. Fixes #3174. + * Fix a build issue when defining MBEDTLS_TIMING_ALT and MBEDTLS_SELF_TEST. + The library would not link if the user didn't provide an external self-test + function. The self-test is now provided regardless of the choice of + internal/alternative timing implementation. Fixes #6923. + * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers + whose binary representation is longer than 20 bytes. This was already + forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being + enforced also at code level. + * Fix potential undefined behavior in mbedtls_mpi_sub_abs(). Reported by + Pascal Cuoq using TrustInSoft Analyzer in #6701; observed independently by + Aaron Ucko under Valgrind. + * Fix behavior of certain sample programs which could, when run with no + arguments, access uninitialized memory in some cases. Fixes #6700 (which + was found by TrustInSoft Analyzer during REDOCS'22) and #1120. + * Fix build errors in test programs when MBEDTLS_CERTS_C is disabled. + Fixes #6243. + * Fix parsing of X.509 SubjectAlternativeName extension. Previously, + malformed alternative name components were not caught during initial + certificate parsing, but only on subsequent calls to + mbedtls_x509_parse_subject_alt_name(). Fixes #2838. + * Fix bug in conversion from OID to string in + mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed + correctly. + * Reject OIDs with overlong-encoded subidentifiers when converting + them to a string. + * Reject OIDs with subidentifier values exceeding UINT_MAX. Such + subidentifiers can be valid, but Mbed TLS cannot currently handle them. + * Reject OIDs that have unterminated subidentifiers, or (equivalently) + have the most-significant bit set in their last byte. + * Silence a warning about an unused local variable in bignum.c on + some architectures. Fixes #7166. + * Silence warnings from clang -Wdocumentation about empty \retval + descriptions, which started appearing with Clang 15. Fixes #6960. + * Fix undefined behavior in mbedtls_ssl_read() and mbedtls_ssl_write() if + len argument is 0 and buffer is NULL. + +Changes + * The C code follows a new coding style. This is transparent for users but + affects contributors and maintainers of local patches. For more + information, see + https://mbed-tls.readthedocs.io/en/latest/kb/how-to/rewrite-branch-for-coding-style/ + * Changed the default MBEDTLS_ECP_WINDOW_SIZE from 6 to 2. + As tested in issue 6790, the correlation between this define and + RSA decryption performance has changed lately due to security fixes. + To fix the performance degradation when using default values the + window was reduced from 6 to 2, a value that gives the best or close + to best results when tested on Cortex-M4 and Intel i7. + += Mbed TLS 2.28.2 branch released 2022-12-14 + +Security + * Fix potential heap buffer overread and overwrite in DTLS if + MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and + MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. + * Fix an issue where an adversary with access to precise enough information + about memory accesses (typically, an untrusted operating system attacking + a secure enclave) could recover an RSA private key after observing the + victim performing a single private-key operation if the window size used + for the exponentiation was 3 or smaller. Found and reported by Zili KOU, + Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks + and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation + and Test in Europe 2023. + +Bugfix + * Fix a long-standing build failure when building x86 PIC code with old + gcc (4.x). The code will be slower, but will compile. We do however + recommend upgrading to a more recent compiler instead. Fixes #1910. + * Fix support for little-endian Microblaze when MBEDTLS_HAVE_ASM is defined. + Contributed by Kazuyuki Kimura to fix #2020. + * Use double quotes to include private header file psa_crypto_cipher.h. + Fixes 'file not found with include' error + when building with Xcode. + * Fix handling of broken symlinks when loading certificates using + mbedtls_x509_crt_parse_path(). Instead of returning an error as soon as a + broken link is encountered, skip the broken link and continue parsing + other certificate files. Contributed by Eduardo Silva in #2602. + * Fix a compilation error when using CMake with an IAR toolchain. + Fixes #5964. + * Fix bugs and missing dependencies when building and testing + configurations with only one encryption type enabled in TLS 1.2. + * Provide the missing definition of mbedtls_setbuf() in some configurations + with MBEDTLS_PLATFORM_C disabled. Fixes #6118, #6196. + * Fix compilation errors when trying to build with + PSA drivers for AEAD (GCM, CCM, Chacha20-Poly1305). + * Fix memory leak in ssl_parse_certificate_request() caused by + mbedtls_x509_get_name() not freeing allocated objects in case of error. + Change mbedtls_x509_get_name() to clean up allocated objects on error. + * Fix checks on PK in check_config.h for builds with PSA and RSA. This does + not change which builds actually work, only moving a link-time error to + an early check. + * Fix ECDSA verification, where it was not always validating the + public key. This bug meant that it was possible to verify a + signature with an invalid public key, in some cases. Reported by + Guido Vranken using Cryptofuzz in #4420. + * Fix a possible null pointer dereference if a memory allocation fails + in TLS PRF code. Reported by Michael Madsen in #6516. + * Fix a bug in which mbedtls_x509_crt_info() would produce non-printable + bytes when parsing certificates containing a binary RFC 4108 + HardwareModuleName as a Subject Alternative Name extension. Hardware + serial numbers are now rendered in hex format. Fixes #6262. + * Fix bug in error reporting in dh_genprime.c where upon failure, + the error code returned by mbedtls_mpi_write_file() is overwritten + and therefore not printed. + * In the bignum module, operations of the form (-A) - (+A) or (-A) - (-A) + with A > 0 created an unintended representation of the value 0 which was + not processed correctly by some bignum operations. Fix this. This had no + consequence on cryptography code, but might affect applications that call + bignum directly and use negative numbers. + * Fix undefined behavior (typically harmless in practice) of + mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() + when both operands are 0 and the left operand is represented with 0 limbs. + * Fix undefined behavior (typically harmless in practice) when some bignum + functions receive the most negative value of mbedtls_mpi_sint. Credit + to OSS-Fuzz. Fixes #6597. + * Fix undefined behavior (typically harmless in practice) in PSA ECB + encryption and decryption. + += Mbed TLS 2.28.1 branch released 2022-07-11 + +Default behavior changes + * mbedtls_cipher_set_iv will now fail with ChaCha20 and ChaCha20+Poly1305 + for IV lengths other than 12. The library was silently overwriting this + length with 12, but did not inform the caller about it. Fixes #4301. + +Features + * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you may list the PSA crypto + feature requirements in the file named by the new macro + MBEDTLS_PSA_CRYPTO_CONFIG_FILE instead of the default psa/crypto_config.h. + Furthermore you may name an additional file to include after the main + file with the macro MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE. + +Security + * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage + module before freeing them. These buffers contain secret key material, and + could thus potentially leak the key through freed heap. + * Fix a potential heap buffer overread in TLS 1.2 server-side when + MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with + mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite + is selected. This may result in an application crash or potentially an + information leak. + * Fix a buffer overread in DTLS ClientHello parsing in servers with + MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client + or a man-in-the-middle could cause a DTLS server to read up to 255 bytes + after the end of the SSL input buffer. The buffer overread only happens + when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on + the exact configuration: 258 bytes if using mbedtls_ssl_cookie_check(), + and possibly up to 571 bytes with a custom cookie check function. + Reported by the Cybeats PSI Team. + +Bugfix + * Fix a memory leak if mbedtls_ssl_config_defaults() is called twice. + * Fix several bugs (warnings, compiler and linker errors, test failures) + in reduced configurations when MBEDTLS_USE_PSA_CRYPTO is enabled. + * Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was + enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the + client would fail to check that the curve selected by the server for + ECDHE was indeed one that was offered. As a result, the client would + accept any curve that it supported, even if that curve was not allowed + according to its configuration. Fixes #5291. + * Fix unit tests that used 0 as the file UID. This failed on some + implementations of PSA ITS. Fixes #3838. + * Fix API violation in mbedtls_md_process() test by adding a call to + mbedtls_md_starts(). Fixes #2227. + * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests + to catch bad uses of time.h. + * Fix the library search path when building a shared library with CMake + on Windows. + * Fix bug in the alert sending function mbedtls_ssl_send_alert_message() + potentially leading to corrupted alert messages being sent in case + the function needs to be re-called after initially returning + MBEDTLS_SSL_WANT_WRITE. Fixes #1916. + * In configurations with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled but none of + MBEDTLS_SSL_HW_RECORD_ACCEL, MBEDTLS_SSL_EXPORT_KEYS or MBEDTLS_DEBUG_C, + DTLS handshakes using CID would crash due to a null pointer dereference. + Fix this. Fixes #3998. + * Fix incorrect documentation of mbedtls_x509_crt_profile. The previous + documentation stated that the `allowed_pks` field applies to signatures + only, but in fact it does apply to the public key type of the end entity + certificate, too. Fixes #1992. + * Fix PSA cipher multipart operations using ARC4. Previously, an IV was + required but discarded. Now, an IV is rejected, as it should be. + * Fix undefined behavior in mbedtls_asn1_find_named_data(), where val is + not NULL and val_len is zero. + * psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when + applicable. Fixes #5735. + * Fix a bug in the x25519 example program where the removal of + MBEDTLS_ECDH_LEGACY_CONTEXT caused the program not to run. Fixes #4901 and + #3191. + * Encode X.509 dates before 1/1/2000 as UTCTime rather than + GeneralizedTime. Fixes #5465. + * Fix order value of curve x448. + * Fix string representation of DNs when outputting values containing commas + and other special characters, conforming to RFC 1779. Fixes #769. + * Silence a warning from GCC 12 in the selftest program. Fixes #5974. + * Fix mbedtls_asn1_write_mpi() writing an incorrect encoding of 0. + * Fix resource leaks in mbedtls_pk_parse_public_key() in low + memory conditions. + * Fix server connection identifier setting for outgoing encrypted records + on DTLS 1.2 session resumption. After DTLS 1.2 session resumption with + connection identifier, the Mbed TLS client now properly sends the server + connection identifier in encrypted record headers. Fix #5872. + * Fix a null pointer dereference when performing some operations on zero + represented with 0 limbs (specifically mbedtls_mpi_mod_int() dividing + by 2, and mbedtls_mpi_write_string() in base 2). + * Fix record sizes larger than 16384 being sometimes accepted despite being + non-compliant. This could not lead to a buffer overflow. In particular, + application data size was already checked correctly. + +Changes + * Assume source files are in UTF-8 when using MSVC with CMake. = mbed TLS 2.28.0 branch released 2021-12-17 @@ -174,16 +516,17 @@ Security * It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is too small, leading to buffer overflows in ECC operations. Fail the build in such a case. - * An adversary with access to precise enough information about memory - accesses (typically, an untrusted operating system attacking a secure - enclave) could recover an RSA private key after observing the victim - performing a single private-key operation. Found and reported by + * Fix an issue where an adversary with access to precise enough information + about memory accesses (typically, an untrusted operating system attacking + a secure enclave) could recover an RSA private key after observing the + victim performing a single private-key operation. Found and reported by Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. - * An adversary with access to precise enough timing information (typically, a - co-located process) could recover a Curve25519 or Curve448 static ECDH key - after inputting a chosen public key and observing the victim performing the - corresponding private-key operation. Found and reported by Leila Batina, - Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. + * Fix an issue where an adversary with access to precise enough timing + information (typically, a co-located process) could recover a Curve25519 + or Curve448 static ECDH key after inputting a chosen public key and + observing the victim performing the corresponding private-key operation. + Found and reported by Leila Batina, Lukas Chmielewski, Björn Haase, Niels + Samwel and Peter Schwabe. Bugfix * Add printf function attributes to mbedtls_debug_print_msg to ensure we diff --git a/third_party/mbedtls/repo/ChangeLog.d/00README.md b/third_party/mbedtls/repo/ChangeLog.d/00README.md index d2ea73d1c21..2fbc989dee4 100644 --- a/third_party/mbedtls/repo/ChangeLog.d/00README.md +++ b/third_party/mbedtls/repo/ChangeLog.d/00README.md @@ -21,6 +21,9 @@ We generally don't include changelog entries for: * Performance improvements, unless they are particularly significant. * Changes to parts of the code base that users don't interact with directly, such as test code and test data. +* Fixes for compiler warnings. Releases typically contain a number of fixes + of this kind, so we will only mention them in the Changelog if they are + particularly significant. Until Mbed TLS 2.24.0, we required changelog entries in more cases. Looking at older changelog entries is good practice for how to write a diff --git a/third_party/mbedtls/repo/DartConfiguration.tcl b/third_party/mbedtls/repo/DartConfiguration.tcl index dfa0f071819..af0578a5816 100644 --- a/third_party/mbedtls/repo/DartConfiguration.tcl +++ b/third_party/mbedtls/repo/DartConfiguration.tcl @@ -1,4 +1,4 @@ Site: localhost -BuildName: mbed TLS-test +BuildName: Mbed TLS-test CoverageCommand: /usr/bin/gcov MemoryCheckCommand: /usr/bin/valgrind diff --git a/third_party/mbedtls/repo/LICENSE b/third_party/mbedtls/repo/LICENSE index d6456956733..776ac77eaf5 100644 --- a/third_party/mbedtls/repo/LICENSE +++ b/third_party/mbedtls/repo/LICENSE @@ -1,3 +1,10 @@ +Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) +OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. +This means that users may choose which of these licenses they take the code +under. + +The full text of each of these licenses is given below. + Apache License Version 2.0, January 2004 @@ -200,3 +207,347 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + + +=============================================================================== + + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/third_party/mbedtls/repo/Makefile b/third_party/mbedtls/repo/Makefile index 6a8b2300773..1efe89dd9fb 100644 --- a/third_party/mbedtls/repo/Makefile +++ b/third_party/mbedtls/repo/Makefile @@ -3,7 +3,7 @@ PREFIX=mbedtls_ .SILENT: -.PHONY: all no_test programs lib tests install uninstall clean test check covtest lcov apidoc apidoc_clean +.PHONY: all no_test programs lib tests install uninstall clean test check lcov apidoc apidoc_clean all: programs tests $(MAKE) post_build @@ -100,23 +100,15 @@ check: lib tests test: check ifndef WINDOWS -# note: for coverage testing, build with: -# make CFLAGS='--coverage -g3 -O0' -covtest: - $(MAKE) check - programs/test/selftest - tests/compat.sh - tests/ssl-opt.sh - +# For coverage testing: +# 1. Build with: +# make CFLAGS='--coverage -g3 -O0' LDFLAGS='--coverage' +# 2. Run the relevant tests for the part of the code you're interested in. +# For the reference coverage measurement, see +# tests/scripts/basic-build-test.sh +# 3. Run scripts/lcov.sh to generate an HTML report. lcov: - rm -rf Coverage - lcov --capture --initial --directory library -o files.info - lcov --rc lcov_branch_coverage=1 --capture --directory library -o tests.info - lcov --rc lcov_branch_coverage=1 --add-tracefile files.info --add-tracefile tests.info -o all.info - lcov --rc lcov_branch_coverage=1 --remove all.info -o final.info '*.h' - gendesc tests/Descriptions.txt -o descriptions - genhtml --title "mbed TLS" --description-file descriptions --keep-descriptions --legend --branch-coverage -o Coverage final.info - rm -f files.info tests.info all.info final.info descriptions + scripts/lcov.sh apidoc: mkdir -p apidoc diff --git a/third_party/mbedtls/repo/README.md b/third_party/mbedtls/repo/README.md index eb3829cd8c2..bbd1fb206a9 100644 --- a/third_party/mbedtls/repo/README.md +++ b/third_party/mbedtls/repo/README.md @@ -17,7 +17,9 @@ We provide some non-standard configurations focused on specific use cases in the Documentation ------------- -Documentation for the Mbed TLS interfaces in the default library configuration is available as part of the [Mbed TLS documentation](https://tls.mbed.org/api/). +The main Mbed TLS documentation is available via [ReadTheDocs](https://mbed-tls.readthedocs.io/). + +Documentation for the PSA Cryptography API is available [on GitHub](https://arm-software.github.io/psa-api/crypto/). To generate a local copy of the library documentation in HTML format, tailored to your compile-time configuration: @@ -46,7 +48,7 @@ You need the following tools to build the library with the provided makefiles: * GNU Make or a build tool that CMake supports. * A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work. -* Python 3 to generate the test code. +* Python 3.6 or later to generate the test code. * Perl to run the tests. ### Make @@ -77,9 +79,9 @@ Setting the variable `SHARED` in your environment will build shared libraries in Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -Wextra`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overridden from the command line. -Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue. +Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/) for articles on your platform or issue. -In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb). +In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/). ### CMake @@ -185,17 +187,19 @@ For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, ad - `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations. - `tests/compat.sh` tests interoperability of every ciphersuite with other implementations. - `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations. -- `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled +- `tests/scripts/depends.py` test builds in configurations with a single curve, key exchange, hash, cipher, or pkalg on. - `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc). +Instead of manually installing the required versions of all tools required for testing, it is possible to use the Docker images from our CI systems, as explained in [our testing infrastructure repository](https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start). + Porting Mbed TLS ---------------- Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful: -- [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS) -- [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on) -- [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls) +- [Porting Mbed TLS to a new environment or OS](https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS/) +- [What external dependencies does Mbed TLS rely on?](https://mbed-tls.readthedocs.io/en/latest/kb/development/what-external-dependencies-does-mbedtls-rely-on/) +- [How do I configure Mbed TLS](https://mbed-tls.readthedocs.io/en/latest/kb/compiling-and-building/how-do-i-configure-mbedtls/) Mbed TLS is mostly written in portable C99; however, it has a few platform requirements that go beyond the standard, but are met by most modern architectures: @@ -208,11 +212,11 @@ Mbed TLS is mostly written in portable C99; however, it has a few platform requi PSA cryptography API -------------------- -### PSA API design +### PSA API Arm's [Platform Security Architecture (PSA)](https://developer.arm.com/architectures/security-architectures/platform-security-architecture) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. -The [PSA cryptography API](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. +The [PSA cryptography API](https://arm-software.github.io/psa-api/crypto/) provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform. The design goals of the PSA cryptography API include: @@ -224,10 +228,6 @@ The design goals of the PSA cryptography API include: Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially. -### PSA API documentation - -A browsable copy of the PSA Cryptography API documents is available on the [PSA cryptography interfaces documentation portal](https://armmbed.github.io/mbed-crypto/psa/#application-programming-interface) in [PDF](https://armmbed.github.io/mbed-crypto/PSA_Cryptography_API_Specification.pdf) and [HTML](https://armmbed.github.io/mbed-crypto/html/index.html) formats. - ### PSA implementation in Mbed TLS Mbed TLS includes a reference implementation of the PSA Cryptography API. @@ -235,7 +235,7 @@ This implementation is not yet as mature as the rest of the library. Some parts The X.509 and TLS code can use PSA cryptography for a limited subset of operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `config.h`. -There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/ARMmbed/mbed-crypto/labels/compliance) for an up-to-date list. +There are currently a few deviations where the library does not yet implement the latest version of the specification. Please refer to the [compliance issues on Github](https://github.com/Mbed-TLS/mbed-crypto/labels/compliance) for an up-to-date list. ### Upcoming features @@ -249,7 +249,7 @@ Future releases of this library will include: License ------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 OR GPL-2.0-or-later licenses. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. Contributing ------------ @@ -260,5 +260,5 @@ Contact ------- * To report a security vulnerability in Mbed TLS, please email . For more information, see [`SECURITY.md`](SECURITY.md). -* To report a bug or request a feature in Mbed TLS, please [file an issue on GitHub](https://github.com/ARMmbed/mbedtls/issues/new/choose). +* To report a bug or request a feature in Mbed TLS, please [file an issue on GitHub](https://github.com/Mbed-TLS/mbedtls/issues/new/choose). * Please see [`SUPPORT.md`](SUPPORT.md) for other channels for discussion and support about Mbed TLS. diff --git a/third_party/mbedtls/repo/SECURITY.md b/third_party/mbedtls/repo/SECURITY.md index bd18f6c5db1..732335b233b 100644 --- a/third_party/mbedtls/repo/SECURITY.md +++ b/third_party/mbedtls/repo/SECURITY.md @@ -1,4 +1,4 @@ -## Reporting Vulneratibilities +## Reporting Vulnerabilities If you think you have found an Mbed TLS security vulnerability, then please send an email to the security team at @@ -6,7 +6,7 @@ send an email to the security team at ## Security Incident Handling Process -Our security process is detailled in our +Our security process is detailed in our [security center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/). @@ -18,3 +18,120 @@ goes public. Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md), get security fixes. Users are urged to always use the latest version of a maintained branch. + +## Threat model + +We classify attacks based on the capabilities of the attacker. + +### Remote attacks + +In this section, we consider an attacker who can observe and modify data sent +over the network. This includes observing the content and timing of individual +packets, as well as suppressing or delaying legitimate messages, and injecting +messages. + +Mbed TLS aims to fully protect against remote attacks and to enable the user +application in providing full protection against remote attacks. Said +protection is limited to providing security guarantees offered by the protocol +being implemented. (For example Mbed TLS alone won't guarantee that the +messages will arrive without delay, as the TLS protocol doesn't guarantee that +either.) + +**Warning!** Block ciphers do not yet achieve full protection against attackers +who can measure the timing of packets with sufficient precision. For details +and workarounds see the [Block Ciphers](#block-ciphers) section. + +### Local attacks + +In this section, we consider an attacker who can run software on the same +machine. The attacker has insufficient privileges to directly access Mbed TLS +assets such as memory and files. + +#### Timing attacks + +The attacker is able to observe the timing of instructions executed by Mbed TLS +by leveraging shared hardware that both Mbed TLS and the attacker have access +to. Typical attack vectors include cache timings, memory bus contention and +branch prediction. + +Mbed TLS provides limited protection against timing attacks. The cost of +protecting against timing attacks widely varies depending on the granularity of +the measurements and the noise present. Therefore the protection in Mbed TLS is +limited. We are only aiming to provide protection against **publicly +documented attack techniques**. + +As attacks keep improving, so does Mbed TLS's protection. Mbed TLS is moving +towards a model of fully timing-invariant code, but has not reached this point +yet. + +**Remark:** Timing information can be observed over the network or through +physical side channels as well. Remote and physical timing attacks are covered +in the [Remote attacks](remote-attacks) and [Physical +attacks](physical-attacks) sections respectively. + +**Warning!** Block ciphers do not yet achieve full protection. For +details and workarounds see the [Block Ciphers](#block-ciphers) section. + +#### Local non-timing side channels + +The attacker code running on the platform has access to some sensor capable of +picking up information on the physical state of the hardware while Mbed TLS is +running. This could for example be an analogue-to-digital converter on the +platform that is located unfortunately enough to pick up the CPU noise. + +Mbed TLS doesn't make any security guarantees against local non-timing-based +side channel attacks. If local non-timing attacks are present in a use case or +a user application's threat model, they need to be mitigated by the platform. + +#### Local fault injection attacks + +Software running on the same hardware can affect the physical state of the +device and introduce faults. + +Mbed TLS doesn't make any security guarantees against local fault injection +attacks. If local fault injection attacks are present in a use case or a user +application's threat model, they need to be mitigated by the platform. + +### Physical attacks + +In this section, we consider an attacker who has access to physical information +about the hardware Mbed TLS is running on and/or can alter the physical state +of the hardware (e.g. power analysis, radio emissions or fault injection). + +Mbed TLS doesn't make any security guarantees against physical attacks. If +physical attacks are present in a use case or a user application's threat +model, they need to be mitigated by physical countermeasures. + +### Caveats + +#### Out-of-scope countermeasures + +Mbed TLS has evolved organically and a well defined threat model hasn't always +been present. Therefore, Mbed TLS might have countermeasures against attacks +outside the above defined threat model. + +The presence of such countermeasures don't mean that Mbed TLS provides +protection against a class of attacks outside of the above described threat +model. Neither does it mean that the failure of such a countermeasure is +considered a vulnerability. + +#### Block ciphers + +Currently there are four block ciphers in Mbed TLS: AES, CAMELLIA, ARIA and +DES. The pure software implementation in Mbed TLS implementation uses lookup +tables, which are vulnerable to timing attacks. + +These timing attacks can be physical, local or depending on network latency +even a remote. The attacks can result in key recovery. + +**Workarounds:** + +- Turn on hardware acceleration for AES. This is supported only on selected + architectures and currently only available for AES. See configuration options + `MBEDTLS_AESNI_C` and `MBEDTLS_PADLOCK_C` for details. +- Add a secure alternative implementation (typically hardware acceleration) for + the vulnerable cipher. See the [Alternative Implementations +Guide](docs/architecture/alternative-implementations.md) for more information. +- Use cryptographic mechanisms that are not based on block ciphers. In + particular, for authenticated encryption, use ChaCha20/Poly1305 instead of + block cipher modes. For random generation, use HMAC\_DRBG instead of CTR\_DRBG. diff --git a/third_party/mbedtls/repo/SUPPORT.md b/third_party/mbedtls/repo/SUPPORT.md index 1bc0695a4eb..b550e08e5d5 100644 --- a/third_party/mbedtls/repo/SUPPORT.md +++ b/third_party/mbedtls/repo/SUPPORT.md @@ -2,14 +2,15 @@ Here are some useful sources of information about using Mbed TLS: +- [ReadTheDocs](https://mbed-tls.readthedocs.io/); - API documentation, see the [Documentation section of the - README](README.md#License); + README](README.md#documentation); - the `docs` directory in the source tree; -- the [Mbed TLS knowledge Base](https://tls.mbed.org/kb); +- the [Mbed TLS Knowledge Base](https://mbed-tls.readthedocs.io/en/latest/kb/); - the [Mbed TLS mailing-list - archives](https://lists.trustedfirmware.org/pipermail/mbed-tls/). + archives](https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/). ## Asking Questions If you can't find your answer in the above sources, please use the [Mbed TLS -mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls). +mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org). diff --git a/third_party/mbedtls/repo/configs/README.txt b/third_party/mbedtls/repo/configs/README.txt index 933fa7f21d8..d2f9bcb0084 100644 --- a/third_party/mbedtls/repo/configs/README.txt +++ b/third_party/mbedtls/repo/configs/README.txt @@ -23,4 +23,4 @@ them, you can pick one of the following methods: make Note that the second method also works if you want to keep your custom -configuration file outside the mbed TLS tree. +configuration file outside the Mbed TLS tree. diff --git a/third_party/mbedtls/repo/configs/config-ccm-psk-dtls1_2.h b/third_party/mbedtls/repo/configs/config-ccm-psk-dtls1_2.h new file mode 100644 index 00000000000..3ae9149dad6 --- /dev/null +++ b/third_party/mbedtls/repo/configs/config-ccm-psk-dtls1_2.h @@ -0,0 +1,98 @@ +/** + * \file config-ccm-psk-dtls1_2.h + * + * \brief Small configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +/* + * Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites + * + * Distinguishing features: + * - Optimized for small code size, low bandwidth (on an unreliable transport), + * and low RAM usage. + * - No asymmetric cryptography (no certificates, no Diffie-Hellman key + * exchange). + * - Fully modern and secure (provided the pre-shared keys are generated and + * stored securely). + * - Very low record overhead with CCM-8. + * - Includes several optional DTLS features typically used in IoT. + * + * See README.txt for usage instructions. + */ +#ifndef MBEDTLS_CONFIG_H +#define MBEDTLS_CONFIG_H + +/* System support */ +//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ +/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ + +/* Mbed TLS modules */ +#define MBEDTLS_AES_C +#define MBEDTLS_CCM_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_CTR_DRBG_C +#define MBEDTLS_ENTROPY_C +#define MBEDTLS_MD_C +#define MBEDTLS_NET_C +#define MBEDTLS_SHA256_C +#define MBEDTLS_SSL_CLI_C +#define MBEDTLS_SSL_COOKIE_C +#define MBEDTLS_SSL_SRV_C +#define MBEDTLS_SSL_TLS_C +#define MBEDTLS_TIMING_C + +/* TLS protocol feature support */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_2 +#define MBEDTLS_SSL_PROTO_DTLS +#define MBEDTLS_SSL_DTLS_ANTI_REPLAY +#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT +#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE +#define MBEDTLS_SSL_DTLS_CONNECTION_ID +#define MBEDTLS_SSL_DTLS_HELLO_VERIFY +#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH + +/* + * Use only CCM_8 ciphersuites, and + * save ROM and a few bytes of RAM by specifying our own ciphersuite list + */ +#define MBEDTLS_SSL_CIPHERSUITES \ + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See comments in "mbedtls/ssl.h".) + * The optimal size here depends on the typical size of records. + */ +#define MBEDTLS_SSL_MAX_CONTENT_LEN 256 + +/* Save RAM at the expense of ROM */ +#define MBEDTLS_AES_ROM_TABLES + +/* Save some RAM by adjusting to your exact needs */ +#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ + +/* + * You should adjust this to the exact number of sources you're using: default + * is the "platform_entropy_poll" source plus a weak clock source, but you may + * want to add other ones. Minimum is 3 for the entropy test suite. + */ +#define MBEDTLS_ENTROPY_MAX_SOURCES 3 + +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + +/* Error messages and TLS debugging traces + * (huge code size increase, needed for tests/ssl-opt.sh) */ +//#define MBEDTLS_DEBUG_C +//#define MBEDTLS_ERROR_C + +#include "mbedtls/check_config.h" + +#endif /* MBEDTLS_CONFIG_H */ diff --git a/third_party/mbedtls/repo/configs/config-ccm-psk-tls1_2.h b/third_party/mbedtls/repo/configs/config-ccm-psk-tls1_2.h index c58d150d9d3..d609835fede 100644 --- a/third_party/mbedtls/repo/configs/config-ccm-psk-tls1_2.h +++ b/third_party/mbedtls/repo/configs/config-ccm-psk-tls1_2.h @@ -5,27 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites + * * Distinguishing features: - * - no bignum, no PK, no X509 - * - fully modern and secure (provided the pre-shared keys have high entropy) - * - very low record overhead with CCM-8 - * - optimized for low RAM usage + * - Optimized for small code size, low bandwidth (on a reliable transport), + * and low RAM usage. + * - No asymmetric cryptography (no certificates, no Diffie-Hellman key + * exchange). + * - Fully modern and secure (provided the pre-shared keys are generated and + * stored securely). + * - Very low record overhead with CCM-8. * * See README.txt for usage instructions. */ @@ -36,11 +28,7 @@ //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */ /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */ -/* mbed TLS feature support */ -#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_2 - -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_CCM_C #define MBEDTLS_CIPHER_C @@ -53,6 +41,25 @@ #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C +/* TLS protocol feature support */ +#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#define MBEDTLS_SSL_PROTO_TLS1_2 + +/* + * Use only CCM_8 ciphersuites, and + * save ROM and a few bytes of RAM by specifying our own ciphersuite list + */ +#define MBEDTLS_SSL_CIPHERSUITES \ + MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ + MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 + +/* + * Save RAM at the expense of interoperability: do this only if you control + * both ends of the connection! (See comments in "mbedtls/ssl.h".) + * The optimal size here depends on the typical size of records. + */ +#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 + /* Save RAM at the expense of ROM */ #define MBEDTLS_AES_ROM_TABLES @@ -66,20 +73,15 @@ */ #define MBEDTLS_ENTROPY_MAX_SOURCES 2 -/* - * Use only CCM_8 ciphersuites, and - * save ROM and a few bytes of RAM by specifying our own ciphersuite list - */ -#define MBEDTLS_SSL_CIPHERSUITES \ - MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \ - MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C -/* - * Save RAM at the expense of interoperability: do this only if you control - * both ends of the connection! (See comments in "mbedtls/ssl.h".) - * The optimal size here depends on the typical size of records. - */ -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +/* Error messages and TLS debugging traces + * (huge code size increase, needed for tests/ssl-opt.sh) */ +//#define MBEDTLS_DEBUG_C +//#define MBEDTLS_ERROR_C #include "mbedtls/check_config.h" diff --git a/third_party/mbedtls/repo/configs/config-mini-tls1_1.h b/third_party/mbedtls/repo/configs/config-mini-tls1_1.h index 638c1e260a0..20a137ae5b4 100644 --- a/third_party/mbedtls/repo/configs/config-mini-tls1_1.h +++ b/third_party/mbedtls/repo/configs/config-mini-tls1_1.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the @@ -33,13 +21,13 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_PKCS1_V15 #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED #define MBEDTLS_SSL_PROTO_TLS1_1 -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C @@ -71,6 +59,20 @@ /* For testing with compat.sh */ #define MBEDTLS_FS_IO +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + +/* With MBEDTLS_PSA_CRYPTO_C, importing an RSA key requires MBEDTLS_PK_WRITE_C */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +#define MBEDTLS_PK_WRITE_C +#endif #include "mbedtls/check_config.h" +/* Error messages and TLS debugging traces + * (huge code size increase, needed for tests/ssl-opt.sh) */ +//#define MBEDTLS_DEBUG_C +//#define MBEDTLS_ERROR_C + #endif /* MBEDTLS_CONFIG_H */ diff --git a/third_party/mbedtls/repo/configs/config-no-entropy.h b/third_party/mbedtls/repo/configs/config-no-entropy.h index 04c1213f915..d11251d43c3 100644 --- a/third_party/mbedtls/repo/configs/config-no-entropy.h +++ b/third_party/mbedtls/repo/configs/config-no-entropy.h @@ -5,23 +5,11 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration of features that do not require an entropy source - * Distinguishing reatures: + * Distinguishing features: * - no entropy module * - no TLS protocol implementation available due to absence of an entropy * source @@ -36,7 +24,7 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_REMOVE_ARC4_CIPHERSUITES @@ -53,7 +41,7 @@ #define MBEDTLS_X509_CHECK_KEY_USAGE #define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/third_party/mbedtls/repo/configs/config-suite-b.h b/third_party/mbedtls/repo/configs/config-suite-b.h index 9cad3827390..58fa691970e 100644 --- a/third_party/mbedtls/repo/configs/config-suite-b.h +++ b/third_party/mbedtls/repo/configs/config-suite-b.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) @@ -40,13 +28,13 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_PROTO_TLS1_2 -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C @@ -103,12 +91,27 @@ /* * Save RAM at the expense of interoperability: do this only if you control - * both ends of the connection! (See coments in "mbedtls/ssl.h".) + * both ends of the connection! (See comments in "mbedtls/ssl.h".) * The minimum size here depends on the certificate chain used as well as the * typical size of records. */ #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + +/* With USE_PSA_CRYPTO, some PK operations also need PK_WRITE */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define MBEDTLS_PK_WRITE_C +#endif + +/* Error messages and TLS debugging traces + * (huge code size increase, needed for tests/ssl-opt.sh) */ +//#define MBEDTLS_DEBUG_C +//#define MBEDTLS_ERROR_C + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/third_party/mbedtls/repo/configs/config-symmetric-only.h b/third_party/mbedtls/repo/configs/config-symmetric-only.h index f05a0d7cb84..6a6dc482618 100644 --- a/third_party/mbedtls/repo/configs/config-symmetric-only.h +++ b/third_party/mbedtls/repo/configs/config-symmetric-only.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_H @@ -28,7 +16,7 @@ #define MBEDTLS_HAVE_TIME #define MBEDTLS_HAVE_TIME_DATE -/* Mbed Crypto feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_MODE_CFB #define MBEDTLS_CIPHER_MODE_CTR @@ -45,7 +33,7 @@ #define MBEDTLS_USE_PSA_CRYPTO #define MBEDTLS_VERSION_FEATURES -/* Mbed Crypto modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ARC4_C #define MBEDTLS_ASN1_PARSE_C diff --git a/third_party/mbedtls/repo/configs/config-thread.h b/third_party/mbedtls/repo/configs/config-thread.h index 8464fcb1bda..f232d8396ec 100644 --- a/third_party/mbedtls/repo/configs/config-thread.h +++ b/third_party/mbedtls/repo/configs/config-thread.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -38,7 +26,7 @@ /* System support */ #define MBEDTLS_HAVE_ASM -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_NIST_OPTIM @@ -50,7 +38,7 @@ #define MBEDTLS_SSL_DTLS_HELLO_VERIFY #define MBEDTLS_SSL_EXPORT_KEYS -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C @@ -86,6 +74,11 @@ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 +/* These defines are present so that the config modifying scripts can enable + * them during tests/scripts/test-ref-configs.pl */ +//#define MBEDTLS_USE_PSA_CRYPTO +//#define MBEDTLS_PSA_CRYPTO_C + #include "mbedtls/check_config.h" #endif /* MBEDTLS_CONFIG_H */ diff --git a/third_party/mbedtls/repo/docs/.gitignore b/third_party/mbedtls/repo/docs/.gitignore index 23f832b734c..11f197bc357 100644 --- a/third_party/mbedtls/repo/docs/.gitignore +++ b/third_party/mbedtls/repo/docs/.gitignore @@ -1,2 +1,4 @@ *.html *.pdf +_build/ +api/ diff --git a/third_party/mbedtls/repo/docs/Makefile b/third_party/mbedtls/repo/docs/Makefile new file mode 100644 index 00000000000..47510f984de --- /dev/null +++ b/third_party/mbedtls/repo/docs/Makefile @@ -0,0 +1,40 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line, and also +# from the environment for the first two. +SPHINXOPTS ?= +SPHINXBUILD ?= sphinx-build +SOURCEDIR = . +BUILDDIR = _build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help clean apidoc breathe_apidoc Makefile + +# Intercept the 'clean' target so we can do the right thing for apidoc as well +clean: + @# Clean the apidoc + $(MAKE) -C .. apidoc_clean + @# Clean the breathe-apidoc generated files + rm -rf ./api + @# Clean the sphinx docs + @$(SPHINXBUILD) -M clean "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +apidoc: + @# Generate doxygen from source using the main Makefile + $(MAKE) -C .. apidoc + +breathe_apidoc: apidoc + @# Remove existing files - breathe-apidoc skips them if they're present + rm -rf ./api + @# Generate RST file structure with breathe-apidoc + breathe-apidoc -o ./api ../apidoc/xml + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile breathe_apidoc + @# Build the relevant target with sphinx + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/third_party/mbedtls/repo/docs/architecture/mbed-crypto-storage-specification.md b/third_party/mbedtls/repo/docs/architecture/mbed-crypto-storage-specification.md index 914bca3bbdf..2b99f775e43 100644 --- a/third_party/mbedtls/repo/docs/architecture/mbed-crypto-storage-specification.md +++ b/third_party/mbedtls/repo/docs/architecture/mbed-crypto-storage-specification.md @@ -1,7 +1,9 @@ -Mbed Crypto storage specification +Mbed TLS storage specification ================================= -This document specifies how Mbed Crypto uses storage. +This document specifies how Mbed TLS uses storage. +Key storage was originally introduced in a product called Mbed Crypto, which was re-distributed via Mbed TLS and has since been merged into Mbed TLS. +This document contains historical information both from before and after this merge. Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore: @@ -112,7 +114,7 @@ Information about each key is stored in a dedicated file designated by the key i The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-1.0.0). * Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value. -* PSA service integration: the key file name is `(uint32_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. +* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. ### Key file format for 1.0.0 @@ -120,7 +122,11 @@ The layout is identical to [0.1.0](#key-file-format-for-0.1.0) so far. However n ### Nonvolatile random seed file format for 1.0.0 -[Identical to 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0). +The nonvolatile random seed file contains a seed for the random generator. If present, it is rewritten at each boot as part of the random generator initialization. + +The file format is just the seed as a byte string with no metadata or encoding of any kind. + +This is unchanged since [the feature was introduced in Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0). ### File namespace on a PSA platform for 1.0.0 @@ -167,7 +173,21 @@ Tags: mbedcrypto-1.1.0 Released in early June 2019.
Integrated in Mbed OS 5.13. -Identical to [1.0.0](#mbed-crypto-1.0.0) except for some changes in the key file format. +Changes since [1.0.0](#mbed-crypto-1.0.0): + +* The stdio backend for storage has been replaced by an implementation of [PSA ITS over stdio](#file-namespace-on-stdio-for-1.1.0). +* [Some changes in the key file format](#key-file-format-for-1.1.0). + +### File namespace on stdio for 1.1.0 + +Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23. + +An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory). + +* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present. +* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a non-key file (currently: only the [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-1.0.0)). The contents of the file are: + * Magic header (8 bytes): `"PSA\0ITS\0"` + * File contents. ### Key file format for 1.1.0 @@ -314,3 +334,134 @@ The layout of a key file is: * For an opaque key (unified driver interface): driver-specific opaque key blob. * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness. * Any trailing data is rejected on load. + +Mbed TLS 2.25.0 +--------------- + +Tags: `mbedtls-2.25.0`, `mbedtls-2.26.0`, `mbedtls-2.27.0`, `mbedtls-2.28.0` (continued in early 3.x releases) + +First released in December 2020. + +Note: this is the first version that is officially supported. The version number is still 0. + +Backward compatibility commitments: we promise backward compatibility for stored keys when Mbed TLS is upgraded from x to y if x >= 2.25 and y < 4. See [`BRANCHES.md`](../../BRANCHES.md) for more details. + +Supported integrations: + +* [PSA platform](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0) +* [library using PSA ITS](#file-namespace-on-its-as-a-library-on-mbed-tls-2.25.0) +* [library using C stdio](#file-namespace-on-stdio-for-mbed-tls-2.25.0) + +Supported features: + +* [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner](#key-names-for-mbed-tls-2.25.0). Keys can be: + * Transparent, stored in the export format. + * Opaque, using the unified driver interface with statically registered drivers (`MBEDTLS_PSA_CRYPTO_DRIVERS`). The driver determines the content of the opaque key blob. + * Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material. +* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only. + +### Changes introduced in Mbed TLS 2.25.0 + +* The numerical encodings of `psa_key_type_t`, `psa_key_usage_t` and `psa_algorithm_t` have changed. + +### File namespace on a PSA platform on Mbed TLS 2.25.0 + +Assumption: ITS provides a 64-bit file identifier namespace. The Crypto service can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +Assumption: the owner identifier is a nonzero value of type `int32_t`. + +* Files 0 through 0xfffeffff: unused. +* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0). +* Files 0x100000000 through 0xffffffffffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0). The upper 32 bits determine the owner. + +### File namespace on ITS as a library on Mbed TLS 2.25.0 + +Assumption: ITS provides a 64-bit file identifier namespace. The entity using the crypto library can use arbitrary file identifiers and no other part of the system accesses the same file identifier namespace. + +This is a library integration, so there is no owner. The key file identifier is identical to the key identifier. + +* File 0: unused. +* Files 1 through 0xfffeffff: [content](#key-file-format-for-mbed-tls-2.25.0) of the [key whose identifier is the file identifier](#key-names-for-mbed-tls-2.25.0). +* Files 0xffff0000 through 0xffffffff: reserved for internal use of the crypto library or crypto service. See [non-key files](#non-key-files-on-mbed-tls-2.25.0). +* Files 0x100000000 through 0xffffffffffffffff: unused. + +### File namespace on stdio for Mbed TLS 2.25.0 + +Assumption: C stdio, allowing names containing lowercase letters, digits and underscores, of length up to 23. + +An undocumented build-time configuration value `PSA_ITS_STORAGE_PREFIX` allows storing the key files in a directory other than the current directory. This value is simply prepended to the file name (so it must end with a directory separator to put the keys in a different directory). + +* `PSA_ITS_STORAGE_PREFIX "tempfile.psa_its"`: used as a temporary file. Must be writable. May be overwritten or deleted if present. +* `sprintf(PSA_ITS_STORAGE_PREFIX "%016llx.psa_its", key_id)`: a key or non-key file. The `key_id` in the name is the 64-bit file identifier, which is the [key identifier](#key-names-for-mbed-tls-2.25.0) for a key file or some reserved identifier for a [non-key file](#non-key-files-on-mbed-tls-2.25.0). The contents of the file are: + * Magic header (8 bytes): `"PSA\0ITS\0"` + * File contents. + +### Key names for Mbed TLS 2.25.0 + +Information about each key is stored in a dedicated file designated by the key identifier. In integrations where there is no concept of key owner (in particular, in library integrations), the key identifier is exactly the key identifier as defined in the PSA Cryptography API specification (`psa_key_id_t`). In integrations where there is a concept of key owner (integration into a service for example), the key identifier is made of an owner identifier (its semantics and type are integration specific) and of the key identifier (`psa_key_id_t`) from the key owner point of view. + +The way in which the file name is constructed from the key identifier depends on the storage backend. The content of the file is described [below](#key-file-format-for-mbed-tls-2.25.0). + +* Library integration: the key file name is just the key identifier as defined in the PSA crypto specification. This is a 32-bit value which must be in the range 0x00000001..0x3fffffff (`PSA_KEY_ID_USER_MIN`..`PSA_KEY_ID_USER_MAX`). +* PSA service integration: the key file name is `(uint64_t)owner_uid << 32 | key_id` where `key_id` is the key identifier from the owner point of view and `owner_uid` (of type `int32_t`) is the calling partition identifier provided to the server by the partition manager. This is a 64-bit value. + +### Key file format for Mbed TLS 2.25.0 + +All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated. + +The layout of a key file is: + +* magic (8 bytes): `"PSA\0KEY\0"`. +* version (4 bytes): 0. +* lifetime (4 bytes): `psa_key_lifetime_t` value. +* type (2 bytes): `psa_key_type_t` value. +* bits (2 bytes): `psa_key_bits_t` value. +* policy usage flags (4 bytes): `psa_key_usage_t` value. +* policy usage algorithm (4 bytes): `psa_algorithm_t` value. +* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value. +* key material length (4 bytes). +* key material: + * For a transparent key: output of `psa_export_key`. + * For an opaque key (unified driver interface): driver-specific opaque key blob. + * For an opaque key (key in a dynamic secure element): slot number (8 bytes), in platform endianness. +* Any trailing data is rejected on load. + +### Non-key files on Mbed TLS 2.25.0 + +File identifiers that are outside the range of persistent key identifiers are reserved for internal use by the library. The only identifiers currently in use have the owner id (top 32 bits) set to 0. + +* Files 0xfffffe02 through 0xfffffeff (`PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + lifetime`): dynamic secure element driver storage. The content of the file is the secure element driver's persistent data. +* File 0xffffff52 (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`): [nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0). +* File 0xffffff54 (`PSA_CRYPTO_ITS_TRANSACTION_UID`): [transaction file](#transaction-file-format-for-mbed-tls-2.25.0). +* Other files are unused and reserved for future use. + +### Nonvolatile random seed file format for Mbed TLS 2.25.0 + +[Identical to Mbed Crypto 0.1.0](#nonvolatile-random-seed-file-format-for-0.1.0). + +### Transaction file format for Mbed TLS 2.25.0 + +The transaction file contains data about an ongoing action that cannot be completed atomically. It exists only if there is an ongoing transaction. + +All integers are encoded in platform endianness. + +All currently existing transactions concern a key in a dynamic secure element. + +The layout of a transaction file is: + +* type (2 bytes): the [transaction type](#transaction-types-on-mbed-tls-2.25.0). +* unused (2 bytes) +* lifetime (4 bytes): `psa_key_lifetime_t` value that corresponds to a key in a secure element. +* slot number (8 bytes): `psa_key_slot_number_t` value. This is the unique designation of the key for the secure element driver. +* key identifier (4 bytes in a library integration, 8 bytes on a PSA platform): the internal representation of the key identifier. On a PSA platform, this encodes the key owner in the same way as [in file identifiers for key files](#file-namespace-on-a-psa-platform-on-mbed-tls-2.25.0)). + +#### Transaction types on Mbed TLS 2.25.0 + +* 0x0001: key creation. The following locations may or may not contain data about the key that is being created: + * The slot in the secure element designated by the slot number. + * The file containing the key metadata designated by the key identifier. + * The driver persistent data. +* 0x0002: key destruction. The following locations may or may not still contain data about the key that is being destroyed: + * The slot in the secure element designated by the slot number. + * The file containing the key metadata designated by the key identifier. + * The driver persistent data. diff --git a/third_party/mbedtls/repo/docs/architecture/psa-crypto-implementation-structure.md b/third_party/mbedtls/repo/docs/architecture/psa-crypto-implementation-structure.md index cd4d427bf2e..6a0a0953c00 100644 --- a/third_party/mbedtls/repo/docs/architecture/psa-crypto-implementation-structure.md +++ b/third_party/mbedtls/repo/docs/architecture/psa-crypto-implementation-structure.md @@ -1,4 +1,4 @@ -PSA Cryptograpy API implementation and PSA driver interface +PSA Cryptography API implementation and PSA driver interface =========================================================== ## Introduction diff --git a/third_party/mbedtls/repo/docs/architecture/testing/driver-interface-test-strategy.md b/third_party/mbedtls/repo/docs/architecture/testing/driver-interface-test-strategy.md index 086fc1adbbe..380fd39c43c 100644 --- a/third_party/mbedtls/repo/docs/architecture/testing/driver-interface-test-strategy.md +++ b/third_party/mbedtls/repo/docs/architecture/testing/driver-interface-test-strategy.md @@ -1,6 +1,6 @@ -# Mbed Crypto driver interface test strategy +# Mbed TLS driver interface test strategy -This document describes the test strategy for the driver interfaces in Mbed Crypto. Mbed Crypto has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed Crypto itself; testing drivers is out of scope. +This document describes the test strategy for the driver interfaces in Mbed TLS. Mbed TLS has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed TLS itself; testing drivers is out of scope. The driver interfaces are standardized through PSA Cryptography functional specifications. @@ -16,9 +16,9 @@ Drivers exposing this interface need to be registered at compile time by declari #### Dynamic secure element driver interface -The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers. +The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed TLS and one or more third-party drivers. -The SE interface consists of one function provided by Mbed Crypto (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed Crypto, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function. +The SE interface consists of one function provided by Mbed TLS (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed TLS, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function. ### SE driver interface unit tests @@ -57,7 +57,7 @@ For each API function that can lead to a driver call (more precisely, for each d #### SE driver outputs -For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed Crypto handles the outputs. +For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed TLS handles the outputs. * Correct outputs. * Incorrect outputs such as an invalid output length. @@ -87,7 +87,7 @@ Creating or removing a key in a secure element involves multiple storage modific * This must be done for each possible flow, including error cases (e.g. a key creation that fails midway due to `OUT_OF_MEMORY`). * The recovery during `psa_crypto_init` can itself be interrupted. Test those interruptions too. * Two things need to be tested: the key that is being created or destroyed, and the driver's persistent storage. -* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERRROR_DOES_NOT_EXIST`). +* Check both that the storage has the expected content (this can be done by e.g. using a key that is supposed to be present) and does not have any unexpected content (for keys, this can be done by checking that `psa_open_key` fails with `PSA_ERROR_DOES_NOT_EXIST`). This requires instrumenting the storage implementation, either to force it to fail at each point or to record successive storage states and replay each of them. Each `psa_its_xxx` function call is assumed to be atomic. diff --git a/third_party/mbedtls/repo/docs/architecture/testing/psa-storage-format-testing.md b/third_party/mbedtls/repo/docs/architecture/testing/psa-storage-format-testing.md index e293985cf8c..a5c1fd137d3 100644 --- a/third_party/mbedtls/repo/docs/architecture/testing/psa-storage-format-testing.md +++ b/third_party/mbedtls/repo/docs/architecture/testing/psa-storage-format-testing.md @@ -34,20 +34,20 @@ Use a similar approach for files other than keys where possible and relevant. Test cases should normally not be removed from the code base: if something has worked before, it should keep working in future versions, so we should keep testing it. -This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review may be assisted by a tool that compares the old and the new version, in the same way that `abi-check.py` compares the library's API and ABI. +This cannot be enforced solely by looking at a single version of Mbed TLS, since there would be no indication that more test cases used to exist. It can only be enforced through review of library changes. The review is be assisted by a tool that compares the old and the new version, which is implemented in `scripts/abi_check.py`. This tool fails the CI if load-and-check test case disappears (changed test cases are raised as false positives). If the way certain keys are stored changes, and we don't deliberately decide to stop supporting old keys (which should only be done by retiring a version of the storage format), then we should keep the corresponding test cases in load-only mode: create a file with the expected content, load it and check the data that it contains. ## Storage architecture overview -The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifer (a 64-bit number) to file content (a byte array). These files include: +The PSA subsystem provides storage on top of the PSA trusted storage interface. The state of the storage is a mapping from file identifier (a 64-bit number) to file content (a byte array). These files include: * [Key files](#key-storage) (files containing one key's metadata and, except for some secure element keys, key material). * The [random generator injected seed or state file](#random-generator-state) (`PSA_CRYPTO_ITS_RANDOM_SEED_UID`). * [Storage transaction file](#storage-transaction-resumption). * [Driver state files](#driver-state-files). -For a more detailed description, refer to the [Mbed Crypto storage specification](../mbed-crypto-storage-specification.md). +For a more detailed description, refer to the [Mbed TLS storage specification](../mbed-crypto-storage-specification.md). In addition, Mbed TLS includes an implementation of the PSA trusted storage interface on top of C stdio. This document addresses the test strategy for [PSA ITS over file](#psa-its-over-file) in a separate section below. diff --git a/third_party/mbedtls/repo/docs/architecture/testing/test-framework.md b/third_party/mbedtls/repo/docs/architecture/testing/test-framework.md index c4178fa1709..8baa3901f0a 100644 --- a/third_party/mbedtls/repo/docs/architecture/testing/test-framework.md +++ b/third_party/mbedtls/repo/docs/architecture/testing/test-framework.md @@ -6,7 +6,7 @@ This document is incomplete. You can help by expanding it. ## Unit tests -See +See ### Unit test descriptions @@ -30,17 +30,23 @@ Each test case has a description which succinctly describes for a human audience #### SSL test case descriptions -Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_tests`. +Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_test`. The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, the description must be written on the same line as `run_test`, in double quotes, for the sake of `check_test_cases.py`. +### SSL cipher suite tests + +Each test case in `compat.sh` has a description which succinctly describes for a human audience what the test does. The test description is `$TITLE` defined in `run_client`. + +The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, failure cause in `compat.sh` is not classified as `ssl-opt.sh`, so the information of failed log files are followed as prompt. + ## Running tests ### Outcome file #### Generating an outcome file -Unit tests and `ssl-opt.sh` record the outcome of each test case in a **test outcome file**. This feature is enabled if the environment variable `MBEDTLS_TEST_OUTCOME_FILE` is set. Set it to the path of the desired file. +Unit tests, `ssl-opt.sh` and `compat.sh` record the outcome of each test case in a **test outcome file**. This feature is enabled if the environment variable `MBEDTLS_TEST_OUTCOME_FILE` is set. Set it to the path of the desired file. If you run `all.sh --outcome-file test-outcome.csv`, this collects the outcome of all the test cases in `test-outcome.csv`. @@ -52,7 +58,7 @@ The outcome file has 6 fields: * **Platform**: a description of the platform, e.g. `Linux-x86_64` or `Linux-x86_64-gcc7-msan`. * **Configuration**: a unique description of the configuration (`config.h`). -* **Test suite**: `test_suite_xxx` or `ssl-opt`. +* **Test suite**: `test_suite_xxx`, `ssl-opt` or `compat`. * **Test case**: the description of the test case. * **Result**: one of `PASS`, `SKIP` or `FAIL`. * **Cause**: more information explaining the result. diff --git a/third_party/mbedtls/repo/docs/conf.py b/third_party/mbedtls/repo/docs/conf.py new file mode 100644 index 00000000000..41c50c7f256 --- /dev/null +++ b/third_party/mbedtls/repo/docs/conf.py @@ -0,0 +1,34 @@ +# Configuration file for the Sphinx documentation builder. +# +# For the full list of built-in configuration values, see the documentation: +# https://www.sphinx-doc.org/en/master/usage/configuration.html + +# -- Project information ----------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information +import glob + +project = 'Mbed TLS Versioned' +copyright = '2023, Mbed TLS Contributors' +author = 'Mbed TLS Contributors' + +# -- General configuration --------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration + +extensions = ['breathe', 'sphinx.ext.graphviz'] + +templates_path = ['_templates'] +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] + +breathe_projects = { + 'mbedtls-versioned': '../apidoc/xml' +} +breathe_default_project = 'mbedtls-versioned' + +primary_domain = 'c' +highlight_language = 'c' + +# -- Options for HTML output ------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output + +html_theme = 'sphinx_rtd_theme' +html_static_path = ['_static'] diff --git a/third_party/mbedtls/repo/docs/getting_started.md b/third_party/mbedtls/repo/docs/getting_started.md deleted file mode 100644 index fdbf0e9bae1..00000000000 --- a/third_party/mbedtls/repo/docs/getting_started.md +++ /dev/null @@ -1,894 +0,0 @@ -## Getting started with Mbed Crypto - -### What is Mbed Crypto? - -Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including: -* Key management -* Hashing -* Symmetric cryptography -* Asymmetric cryptography -* Message authentication (MAC) -* Key generation and derivation -* Authenticated encryption with associated data (AEAD) - -The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C. - -The Mbed Crypto library is distributed under the Apache License, version 2.0. - -#### Platform Security Architecture (PSA) - -Arm's Platform Security Architecture (PSA) is a holistic set of threat models, -security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that enables you to design security into both hardware and firmware consistently. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives. - -### Using Mbed Crypto - -* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library) -* [Building the Mbed Crypto library](#building-the-mbed-crypto-library) -* [Using the Mbed Crypto library](#using-the-mbed-crypto-library) -* [Importing a key](#importing-a-key) -* [Signing a message using RSA](#signing-a-message-using-RSA) -* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers) -* [Hashing a message](#hashing-a-message) -* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key) -* [Generating a random value](#generating-a-random-value) -* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message) -* [Generating and exporting keys](#generating-and-exporting-keys) -* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library) - -### Getting the Mbed Crypto library - -Mbed Crypto releases are available in the [public GitHub repository](https://github.com/ARMmbed/mbed-crypto). - -### Building the Mbed Crypto library - -**Prerequisites to building the library with the provided makefiles:** -* GNU Make. -* A C toolchain (compiler, linker, archiver). -* Python 2 or Python 3 (either works) to generate the test code. -* Perl to run the tests. - -If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. - -To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`); for example: -``` -make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar -``` -The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. - -To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. - -### Using the Mbed Crypto library - -To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library. - -### Importing a key - -To use a key for cryptography operations in Mbed Crypto, you need to first -import it. The import operation returns the identifier of the key for use -with other function calls. - -**Prerequisites to importing keys:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -This example shows how to import a key: -```C -void import_a_key(const uint8_t *key, size_t key_len) -{ - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Import an AES key...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Set key attributes */ - psa_set_key_usage_flags(&attributes, 0); - psa_set_key_algorithm(&attributes, 0); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - - /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); - return; - } - printf("Imported a key\n"); - - /* Free the attributes */ - psa_reset_key_attributes(&attributes); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -### Signing a message using RSA - -Mbed Crypto supports encrypting, decrypting, signing and verifying messages using public key signature algorithms, such as RSA or ECDSA. - -**Prerequisites to performing asymmetric signature operations:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Have a valid key with appropriate attributes set: - * Usage flag `PSA_KEY_USAGE_SIGN_HASH` to allow signing. - * Usage flag `PSA_KEY_USAGE_VERIFY_HASH` to allow signature verification. - * Algorithm set to the desired signature algorithm. - -This example shows how to sign a hash that has already been calculated: -```C -void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) -{ - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f, - 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, - 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, - 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; - uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0}; - size_t signature_length; - psa_key_id_t key_id; - - printf("Sign a message...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Set key attributes */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); - psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW); - psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); - psa_set_key_bits(&attributes, 1024); - - /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); - return; - } - - /* Sign message using the key */ - status = psa_sign_hash(key_id, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, - hash, sizeof(hash), - signature, sizeof(signature), - &signature_length); - if (status != PSA_SUCCESS) { - printf("Failed to sign\n"); - return; - } - - printf("Signed a message\n"); - - /* Free the attributes */ - psa_reset_key_attributes(&attributes); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -### Using symmetric ciphers - -Mbed Crypto supports encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). - -**Prerequisites to working with the symmetric cipher API:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Have a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption. - -**To encrypt a message with a symmetric cipher:** -1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. -1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. -1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommend calling `psa_cipher_generate_iv()`, unless you require a specific IV value. -1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. - -This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining) mode with no padding (assuming all prerequisites have been fulfilled): -```c -void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) -{ - enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), - }; - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - uint8_t plaintext[block_size] = SOME_PLAINTEXT; - uint8_t iv[block_size]; - size_t iv_len; - uint8_t output[block_size]; - size_t output_len; - psa_key_id_t key_id; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - - printf("Encrypt with cipher...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) - { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Encrypt the plaintext */ - status = psa_cipher_encrypt_setup(&operation, key_id, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); - return; - } - status = psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); - if (status != PSA_SUCCESS) { - printf("Failed to generate IV\n"); - return; - } - status = psa_cipher_update(&operation, plaintext, sizeof(plaintext), - output, sizeof(output), &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); - return; - } - status = psa_cipher_finish(&operation, output + output_len, - sizeof(output) - output_len, &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); - return; - } - printf("Encrypted plaintext\n"); - - /* Clean up cipher operation context */ - psa_cipher_abort(&operation); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -**To decrypt a message with a symmetric cipher:** -1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. -1. Call `psa_cipher_decrypt_setup()` to specify the algorithm and the key to be used. -1. Call `psa_cipher_set_iv()` with the IV for the decryption. -1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_cipher_finish()` to end the operation and output the decrypted message. - -This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding -(assuming all prerequisites have been fulfilled): -```c -void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) -{ - enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), - }; - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - uint8_t ciphertext[block_size] = SOME_CIPHERTEXT; - uint8_t iv[block_size] = ENCRYPTED_WITH_IV; - uint8_t output[block_size]; - size_t output_len; - psa_key_id_t key_id; - - printf("Decrypt with cipher...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) - { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Decrypt the ciphertext */ - status = psa_cipher_decrypt_setup(&operation, key_id, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); - return; - } - status = psa_cipher_set_iv(&operation, iv, sizeof(iv)); - if (status != PSA_SUCCESS) { - printf("Failed to set IV\n"); - return; - } - status = psa_cipher_update(&operation, ciphertext, sizeof(ciphertext), - output, sizeof(output), &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); - return; - } - status = psa_cipher_finish(&operation, output + output_len, - sizeof(output) - output_len, &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); - return; - } - printf("Decrypted ciphertext\n"); - - /* Clean up cipher operation context */ - psa_cipher_abort(&operation); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -#### Handling cipher operation contexts - -After you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`, you can terminate the operation at any time by calling `psa_cipher_abort()`. - -The call to `psa_cipher_abort()` frees any resources associated with the operation, except for the operation structure itself. - -Mbed Crypto implicitly calls `psa_cipher_abort()` when: -* A call to `psa_cipher_generate_iv()`, `psa_cipher_set_iv()` or `psa_cipher_update()` fails (returning any status other than `PSA_SUCCESS`). -* A call to `psa_cipher_finish()` succeeds or fails. - -After an implicit or explicit call to `psa_cipher_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling either `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()` again. - -You must call `psa_cipher_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`). - -Making multiple sequential calls to `psa_cipher_abort()` on an operation that is terminated (either implicitly or explicitly) is safe and has no effect. - -### Hashing a message - -Mbed Crypto lets you compute and verify hashes using various hashing -algorithms. - -**Prerequisites to working with the hash APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**To calculate a hash:** -1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. -1. Initialize the operation structure to zero or to `PSA_HASH_OPERATION_INIT`. -1. Call `psa_hash_setup()` to specify the hash algorithm. -1. Call `psa_hash_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. - -This example shows how to calculate the SHA-256 hash of a message: -```c - psa_status_t status; - psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - unsigned char input[] = { 'a', 'b', 'c' }; - unsigned char actual_hash[PSA_HASH_MAX_SIZE]; - size_t actual_hash_len; - - printf("Hash a message...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Compute hash of message */ - status = psa_hash_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); - return; - } - status = psa_hash_update(&operation, input, sizeof(input)); - if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); - return; - } - status = psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), - &actual_hash_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish hash operation\n"); - return; - } - - printf("Hashed a message\n"); - - /* Clean up hash operation context */ - psa_hash_abort(&operation); - - mbedtls_psa_crypto_free(); -``` - -This example shows how to verify the SHA-256 hash of a message: -```c - psa_status_t status; - psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - unsigned char input[] = { 'a', 'b', 'c' }; - unsigned char expected_hash[] = { - 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, - 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, - 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad - }; - size_t expected_hash_len = PSA_HASH_LENGTH(alg); - - printf("Verify a hash...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Verify message hash */ - status = psa_hash_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); - return; - } - status = psa_hash_update(&operation, input, sizeof(input)); - if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); - return; - } - status = psa_hash_verify(&operation, expected_hash, expected_hash_len); - if (status != PSA_SUCCESS) { - printf("Failed to verify hash\n"); - return; - } - - printf("Verified a hash\n"); - - /* Clean up hash operation context */ - psa_hash_abort(&operation); - - mbedtls_psa_crypto_free(); -``` - -The API provides the macro `PSA_HASH_LENGTH`, which returns the expected hash length (in bytes) for the specified algorithm. - -#### Handling hash operation contexts - -After a successful call to `psa_hash_setup()`, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself. - -Mbed Crypto implicitly calls `psa_hash_abort()` when: -1. A call to `psa_hash_update()` fails (returning any status other than `PSA_SUCCESS`). -1. A call to `psa_hash_finish()` succeeds or fails. -1. A call to `psa_hash_verify()` succeeds or fails. - -After an implicit or explicit call to `psa_hash_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling `psa_hash_setup()` again. - -You must call `psa_hash_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_hash_setup()`) . - -Making multiple sequential calls to `psa_hash_abort()` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect. - -### Generating a random value - -Mbed Crypto can generate random data. - -**Prerequisites to generating random data:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**Note:** To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`. - -This example shows how to generate ten bytes of random data by calling `psa_generate_random()`: -```C - psa_status_t status; - uint8_t random[10] = { 0 }; - - printf("Generate random...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - status = psa_generate_random(random, sizeof(random)); - if (status != PSA_SUCCESS) { - printf("Failed to generate a random value\n"); - return; - } - - printf("Generated random data\n"); - - /* Clean up */ - mbedtls_psa_crypto_free(); -``` - -### Deriving a new key from an existing key - -Mbed Crypto provides a key derivation API that lets you derive new keys from -existing ones. The key derivation API has functions to take inputs, including -other keys and data, and functions to generate outputs, such as new keys or -other data. - -You must first initialize and set up a key derivation context, -provided with a key and, optionally, other data. Then, use the key derivation context to either read derived data to a buffer or send derived data directly to a key slot. - -See the documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for -information about which inputs to pass when, and when you can obtain which outputs. - -**Prerequisites to working with the key derivation APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Use a key with the appropriate attributes set: - * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) - * Key type set to `PSA_KEY_TYPE_DERIVE`. - * Algorithm set to a key derivation algorithm - (for example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). - -**To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF -with a given key, salt and info:** - -1. Set up the key derivation context using the `psa_key_derivation_setup()` -function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Provide an optional salt with `psa_key_derivation_input_bytes()`. -1. Provide info with `psa_key_derivation_input_bytes()`. -1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that - can be used for key derivation. -1. Set the key attributes desired for the new derived key. We'll set - the `PSA_KEY_USAGE_ENCRYPT` usage flag and the `PSA_ALG_CTR` algorithm for this - example. -1. Derive the key by calling `psa_key_derivation_output_key()`. -1. Clean up the key derivation context. - -At this point, the derived key slot holds a new 128-bit AES-CTR encryption key -derived from the key, salt and info provided: -```C - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - static const unsigned char key[] = { - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b }; - static const unsigned char salt[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; - static const unsigned char info[] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, - 0xf7, 0xf8, 0xf9 }; - psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - psa_key_derivation_operation_t operation = - PSA_KEY_DERIVATION_OPERATION_INIT; - size_t derived_bits = 128; - size_t capacity = PSA_BITS_TO_BYTES(derived_bits); - psa_key_id_t base_key; - psa_key_id_t derived_key; - - printf("Derive a key (HKDF)...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key for use in key derivation. If such a key has already been - * generated or imported, you can skip this part. */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key(&attributes, key, sizeof(key), &base_key); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Derive a key */ - status = psa_key_derivation_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin key derivation\n"); - return; - } - status = psa_key_derivation_set_capacity(&operation, capacity); - if (status != PSA_SUCCESS) { - printf("Failed to set capacity\n"); - return; - } - status = psa_key_derivation_input_bytes(&operation, - PSA_KEY_DERIVATION_INPUT_SALT, - salt, sizeof(salt)); - if (status != PSA_SUCCESS) { - printf("Failed to input salt (extract)\n"); - return; - } - status = psa_key_derivation_input_key(&operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - base_key); - if (status != PSA_SUCCESS) { - printf("Failed to input key (extract)\n"); - return; - } - status = psa_key_derivation_input_bytes(&operation, - PSA_KEY_DERIVATION_INPUT_INFO, - info, sizeof(info)); - if (status != PSA_SUCCESS) { - printf("Failed to input info (expand)\n"); - return; - } - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CTR); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_key_derivation_output_key(&attributes, &operation, - &derived_key); - if (status != PSA_SUCCESS) { - printf("Failed to derive key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - printf("Derived key\n"); - - /* Clean up key derivation operation */ - psa_key_derivation_abort(&operation); - - /* Destroy the keys */ - psa_destroy_key(derived_key); - psa_destroy_key(base_key); - - mbedtls_psa_crypto_free(); -``` - -### Authenticating and encrypting or decrypting a message - -Mbed Crypto provides a simple way to authenticate and encrypt with associated data (AEAD), supporting the `PSA_ALG_CCM` algorithm. - -**Prerequisites to working with the AEAD cipher APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* The key attributes for the key used for derivation must have the `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT` usage flags. - -This example shows how to authenticate and encrypt a message: -```C - psa_status_t status; - static const uint8_t key[] = { - 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; - static const uint8_t nonce[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B }; - static const uint8_t additional_data[] = { - 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, - 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; - static const uint8_t input_data[] = { - 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, - 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, - 0xD2, 0xD7, 0xC2 }; - uint8_t *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - size_t tag_length = 16; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Authenticate encrypt...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - output_size = sizeof(input_data) + tag_length; - output_data = (uint8_t *)malloc(output_size); - if (!output_data) { - printf("Out of memory\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CCM); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &key_id); - psa_reset_key_attributes(&attributes); - - /* Authenticate and encrypt */ - status = psa_aead_encrypt(key_id, PSA_ALG_CCM, - nonce, sizeof(nonce), - additional_data, sizeof(additional_data), - input_data, sizeof(input_data), - output_data, output_size, - &output_length); - if (status != PSA_SUCCESS) { - printf("Failed to authenticate and encrypt\n"); - return; - } - - printf("Authenticated and encrypted\n"); - - /* Clean up */ - free(output_data); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -This example shows how to authenticate and decrypt a message: - -```C - psa_status_t status; - static const uint8_t key_data[] = { - 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; - static const uint8_t nonce[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B }; - static const uint8_t additional_data[] = { - 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, - 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; - static const uint8_t input_data[] = { - 0x20, 0x30, 0xE0, 0x36, 0xED, 0x09, 0xA0, 0x45, 0xAF, 0x3C, 0xBA, 0xEE, - 0x0F, 0xC8, 0x48, 0xAF, 0xCD, 0x89, 0x54, 0xF4, 0xF6, 0x3F, 0x28, 0x9A, - 0xA1, 0xDD, 0xB2, 0xB8, 0x09, 0xCD, 0x7C, 0xE1, 0x46, 0xE9, 0x98 }; - uint8_t *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Authenticate decrypt...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - output_size = sizeof(input_data); - output_data = (uint8_t *)malloc(output_size); - if (!output_data) { - printf("Out of memory\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CCM); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key_data, sizeof(key_data), &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Authenticate and decrypt */ - status = psa_aead_decrypt(key_id, PSA_ALG_CCM, - nonce, sizeof(nonce), - additional_data, sizeof(additional_data), - input_data, sizeof(input_data), - output_data, output_size, - &output_length); - if (status != PSA_SUCCESS) { - printf("Failed to authenticate and decrypt %ld\n", status); - return; - } - - printf("Authenticated and decrypted\n"); - - /* Clean up */ - free(output_data); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -### Generating and exporting keys - -Mbed Crypto provides a simple way to generate a key or key pair. - -**Prerequisites to using key generation and export APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**To generate an ECDSA key:** -1. Set the desired key attributes for key generation by calling - `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as - `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). You only want to export the public key, not the key pair (or private key); therefore, do not set `PSA_KEY_USAGE_EXPORT`. -1. Generate a key by calling `psa_generate_key()`. -1. Export the generated public key by calling `psa_export_public_key()`: -```C - enum { - key_bits = 256, - }; - psa_status_t status; - size_t exported_length = 0; - static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)]; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Generate a key pair...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Generate a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); - psa_set_key_type(&attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); - psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key(&attributes, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to generate key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - status = psa_export_public_key(key_id, exported, sizeof(exported), - &exported_length); - if (status != PSA_SUCCESS) { - printf("Failed to export public key %ld\n", status); - return; - } - - printf("Exported a public key\n"); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -### More about the PSA Crypto API - -For more information about the PSA Crypto API, please see the [PSA Cryptography API Specification](https://armmbed.github.io/mbed-crypto/html/index.html). diff --git a/third_party/mbedtls/repo/docs/index.rst b/third_party/mbedtls/repo/docs/index.rst new file mode 100644 index 00000000000..33a97223d2c --- /dev/null +++ b/third_party/mbedtls/repo/docs/index.rst @@ -0,0 +1,20 @@ +.. Mbed TLS Versioned documentation master file, created by + sphinx-quickstart on Thu Feb 23 18:13:44 2023. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Mbed TLS API documentation +========================== + +.. doxygenpage:: index + :project: mbedtls-versioned + +.. toctree:: + :caption: Contents + :maxdepth: 1 + + Home + api/grouplist.rst + api/filelist.rst + api/structlist.rst + api/unionlist.rst diff --git a/third_party/mbedtls/repo/docs/proposed/psa-driver-interface.md b/third_party/mbedtls/repo/docs/proposed/psa-driver-interface.md index 23274c74fcf..65601a41652 100644 --- a/third_party/mbedtls/repo/docs/proposed/psa-driver-interface.md +++ b/third_party/mbedtls/repo/docs/proposed/psa-driver-interface.md @@ -237,7 +237,7 @@ The entry points that implement each step of a multi-part operation are grouped 1. The core calls the `xxx_setup` entry point for this operation family. If this fails, the core destroys the operation context object without calling any other driver entry point on it. 1. The core calls other entry points that manipulate the operation context object, respecting the constraints. 1. If any entry point fails, the core calls the driver's `xxx_abort` entry point for this operation family, then destroys the operation context object without calling any other driver entry point on it. -1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_fnish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`. +1. If a “finish” entry point fails, the core destroys the operation context object without calling any other driver entry point on it. The finish entry points are: *prefix*`_mac_sign_finish`, *prefix*`_mac_verify_finish`, *prefix*`_cipher_finish`, *prefix*`_aead_finish`, *prefix*`_aead_verify`. If a driver implements a multi-part operation but not the corresponding single-part operation, the core calls the driver's multipart operation entry points to perform the single-part operation. diff --git a/third_party/mbedtls/repo/docs/requirements.in b/third_party/mbedtls/repo/docs/requirements.in new file mode 100644 index 00000000000..a523188c384 --- /dev/null +++ b/third_party/mbedtls/repo/docs/requirements.in @@ -0,0 +1,2 @@ +sphinx-rtd-theme +breathe diff --git a/third_party/mbedtls/repo/docs/requirements.txt b/third_party/mbedtls/repo/docs/requirements.txt new file mode 100644 index 00000000000..4b9f3a6b3f3 --- /dev/null +++ b/third_party/mbedtls/repo/docs/requirements.txt @@ -0,0 +1,66 @@ +# +# This file is autogenerated by pip-compile with Python 3.9 +# by the following command: +# +# pip-compile requirements.in +# +alabaster==0.7.13 + # via sphinx +babel==2.12.1 + # via sphinx +breathe==4.35.0 + # via -r requirements.in +certifi==2022.12.7 + # via requests +charset-normalizer==3.1.0 + # via requests +docutils==0.17.1 + # via + # breathe + # sphinx + # sphinx-rtd-theme +idna==3.4 + # via requests +imagesize==1.4.1 + # via sphinx +importlib-metadata==6.0.0 + # via sphinx +jinja2==3.1.2 + # via sphinx +markupsafe==2.1.2 + # via jinja2 +packaging==23.0 + # via sphinx +pygments==2.14.0 + # via sphinx +requests==2.28.2 + # via sphinx +snowballstemmer==2.2.0 + # via sphinx +sphinx==4.5.0 + # via + # breathe + # sphinx-rtd-theme +sphinx-rtd-theme==1.2.0 + # via -r requirements.in +sphinxcontrib-applehelp==1.0.4 + # via sphinx +sphinxcontrib-devhelp==1.0.2 + # via sphinx +sphinxcontrib-htmlhelp==2.0.1 + # via sphinx +sphinxcontrib-jquery==2.0.0 + # via sphinx-rtd-theme +sphinxcontrib-jsmath==1.0.1 + # via sphinx +sphinxcontrib-qthelp==1.0.3 + # via sphinx +sphinxcontrib-serializinghtml==1.1.5 + # via sphinx +urllib3==1.26.15 + # via requests +zipp==3.15.0 + # via importlib-metadata + +# The following packages are considered to be unsafe in a requirements file: +# setuptools diff --git a/third_party/mbedtls/repo/doxygen/input/doc_encdec.h b/third_party/mbedtls/repo/doxygen/input/doc_encdec.h index 46fb04fe38c..e29f40fcb4c 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_encdec.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_encdec.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** @@ -38,7 +26,7 @@ * All symmetric encryption algorithms are accessible via the generic cipher layer * (see \c mbedtls_cipher_setup()). * - * The asymmetric encryptrion algorithms are accessible via the generic public + * The asymmetric encryption algorithms are accessible via the generic public * key layer (see \c mbedtls_pk_init()). * * The following algorithms are provided: diff --git a/third_party/mbedtls/repo/doxygen/input/doc_hashing.h b/third_party/mbedtls/repo/doxygen/input/doc_hashing.h index aaa0c7890d6..aff7dfa0b09 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_hashing.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_hashing.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/third_party/mbedtls/repo/doxygen/input/doc_mainpage.h b/third_party/mbedtls/repo/doxygen/input/doc_mainpage.h index 5a0f3ecaff7..f22ca106d37 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_mainpage.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_mainpage.h @@ -6,89 +6,14 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** - * @mainpage mbed TLS v2.28.0 source code documentation + * @mainpage Mbed TLS v2.28.7 API Documentation * - * This documentation describes the internal structure of mbed TLS. It was + * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in - * mbed TLS's source code using Doxygen. (See - * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen) - * - * mbed TLS has a simple setup: it provides the ingredients for an SSL/TLS - * implementation. These ingredients are listed as modules in the - * \ref mainpage_modules "Modules section". This "Modules section" introduces - * the high-level module concepts used throughout this documentation.\n - * Some examples of mbed TLS usage can be found in the \ref mainpage_examples - * "Examples section". - * - * @section mainpage_modules Modules - * - * mbed TLS supports SSLv3 up to TLSv1.2 communication by providing the - * following: - * - TCP/IP communication functions: listen, connect, accept, read/write. - * - SSL/TLS communication functions: init, handshake, read/write. - * - X.509 functions: CRT, CRL and key handling - * - Random number generation - * - Hashing - * - Encryption/decryption - * - * Above functions are split up neatly into logical interfaces. These can be - * used separately to provide any of the above functions or to mix-and-match - * into an SSL server/client solution that utilises a X.509 PKI. Examples of - * such implementations are amply provided with the source code. - * - * Note that mbed TLS does not provide a control channel or (multiple) session - * handling without additional work from the developer. - * - * @section mainpage_examples Examples - * - * Example server setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - session handling functions - * - * \b Setup: - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup the listening TCP socket (TCP/IP interface) - * - Accept incoming client connection (TCP/IP interface) - * - Initialise as an SSL-server (SSL/TLS interface) - * - Set parameters, e.g. authentication, ciphers, CA-chain, key exchange - * - Set callback functions RNG, IO, session handling - * - Perform an SSL-handshake (SSL/TLS interface) - * - Read/write data (SSL/TLS interface) - * - Close and cleanup (all interfaces) - * - * Example client setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - X.509 trusted CA certificates - * - * \b Setup: - * - Load the trusted CA certificates (X.509 interface) - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup a TCP/IP connection (TCP/IP interface) - * - Initialise as an SSL-client (SSL/TLS interface) - * - Set parameters, e.g. authentication mode, ciphers, CA-chain, session - * - Set callback functions RNG, IO - * - Perform an SSL-handshake (SSL/TLS interface) - * - Verify the server certificate (SSL/TLS interface) - * - Write/read data (SSL/TLS interface) - * - Close and cleanup (all interfaces) + * Mbed TLS's source code using Doxygen. (See + * https://www.doxygen.nl for more information on Doxygen) */ diff --git a/third_party/mbedtls/repo/doxygen/input/doc_rng.h b/third_party/mbedtls/repo/doxygen/input/doc_rng.h index b298d3ba118..5470b751305 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_rng.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_rng.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/third_party/mbedtls/repo/doxygen/input/doc_ssltls.h b/third_party/mbedtls/repo/doxygen/input/doc_ssltls.h index 6961124e469..5757574f3b1 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_ssltls.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_ssltls.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/third_party/mbedtls/repo/doxygen/input/doc_tcpip.h b/third_party/mbedtls/repo/doxygen/input/doc_tcpip.h index a705de1463f..f8d8c6905bf 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_tcpip.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_tcpip.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/third_party/mbedtls/repo/doxygen/input/doc_x509.h b/third_party/mbedtls/repo/doxygen/input/doc_x509.h index 90496750182..945830f1103 100644 --- a/third_party/mbedtls/repo/doxygen/input/doc_x509.h +++ b/third_party/mbedtls/repo/doxygen/input/doc_x509.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/third_party/mbedtls/repo/doxygen/mbedtls.doxyfile b/third_party/mbedtls/repo/doxygen/mbedtls.doxyfile index efd9ac6edf4..2c710406bea 100644 --- a/third_party/mbedtls/repo/doxygen/mbedtls.doxyfile +++ b/third_party/mbedtls/repo/doxygen/mbedtls.doxyfile @@ -1,1911 +1,55 @@ -# Doxyfile 1.8.4 - -# This file describes the settings to be used by the documentation system -# doxygen (www.doxygen.org) for a project. -# -# All text after a double hash (##) is considered a comment and is placed -# in front of the TAG it is preceding . -# All text after a hash (#) is considered a comment and will be ignored. -# The format is: -# TAG = value [value, ...] -# For lists items can also be appended using: -# TAG += value [value, ...] -# Values that contain spaces should be placed between quotes (" "). - -#--------------------------------------------------------------------------- -# Project related configuration options -#--------------------------------------------------------------------------- - -# This tag specifies the encoding used for all characters in the config file -# that follow. The default is UTF-8 which is also the encoding used for all -# text before the first occurrence of this tag. Doxygen uses libiconv (or the -# iconv built into libc) for the transcoding. See -# http://www.gnu.org/software/libiconv for the list of possible encodings. - -DOXYFILE_ENCODING = UTF-8 - -# The PROJECT_NAME tag is a single word (or sequence of words) that should -# identify the project. Note that if you do not use Doxywizard you need -# to put quotes around the project name if it contains spaces. - -PROJECT_NAME = "mbed TLS v2.28.0" - -# The PROJECT_NUMBER tag can be used to enter a project or revision number. -# This could be handy for archiving the generated documentation or -# if some version control system is used. - -PROJECT_NUMBER = - -# Using the PROJECT_BRIEF tag one can provide an optional one line description -# for a project that appears at the top of each page and should give viewer -# a quick idea about the purpose of the project. Keep the description short. - -PROJECT_BRIEF = - -# With the PROJECT_LOGO tag one can specify an logo or icon that is -# included in the documentation. The maximum height of the logo should not -# exceed 55 pixels and the maximum width should not exceed 200 pixels. -# Doxygen will copy the logo to the output directory. - -PROJECT_LOGO = - -# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) -# base path where the generated documentation will be put. -# If a relative path is entered, it will be relative to the location -# where doxygen was started. If left blank the current directory will be used. - +PROJECT_NAME = "Mbed TLS v2.28.7" OUTPUT_DIRECTORY = ../apidoc/ - -# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create -# 4096 sub-directories (in 2 levels) under the output directory of each output -# format and will distribute the generated files over these directories. -# Enabling this option can be useful when feeding doxygen a huge amount of -# source files, where putting all generated files in the same directory would -# otherwise cause performance problems for the file system. - -CREATE_SUBDIRS = NO - -# The OUTPUT_LANGUAGE tag is used to specify the language in which all -# documentation generated by doxygen is written. Doxygen will use this -# information to generate all constant output in the proper language. -# The default language is English, other supported languages are: -# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional, -# Croatian, Czech, Danish, Dutch, Esperanto, Farsi, Finnish, French, German, -# Greek, Hungarian, Italian, Japanese, Japanese-en (Japanese with English -# messages), Korean, Korean-en, Latvian, Lithuanian, Norwegian, Macedonian, -# Persian, Polish, Portuguese, Romanian, Russian, Serbian, Serbian-Cyrillic, -# Slovak, Slovene, Spanish, Swedish, Ukrainian, and Vietnamese. - -OUTPUT_LANGUAGE = English - -# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will -# include brief member descriptions after the members that are listed in -# the file and class documentation (similar to JavaDoc). -# Set to NO to disable this. - -BRIEF_MEMBER_DESC = YES - -# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend -# the brief description of a member or function before the detailed description. -# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the -# brief descriptions will be completely suppressed. - -REPEAT_BRIEF = YES - -# This tag implements a quasi-intelligent brief description abbreviator -# that is used to form the text in various listings. Each string -# in this list, if found as the leading text of the brief description, will be -# stripped from the text and the result after processing the whole list, is -# used as the annotated text. Otherwise, the brief description is used as-is. -# If left blank, the following values are used ("$name" is automatically -# replaced with the name of the entity): "The $name class" "The $name widget" -# "The $name file" "is" "provides" "specifies" "contains" -# "represents" "a" "an" "the" - -ABBREVIATE_BRIEF = "The $name class" \ - "The $name widget" \ - "The $name file" \ - is \ - provides \ - specifies \ - contains \ - represents \ - a \ - an \ - the - -# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then -# Doxygen will generate a detailed section even if there is only a brief -# description. - -ALWAYS_DETAILED_SEC = NO - -# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all -# inherited members of a class in the documentation of that class as if those -# members were ordinary class members. Constructors, destructors and assignment -# operators of the base classes will not be shown. - -INLINE_INHERITED_MEMB = NO - -# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full -# path before files name in the file list and in the header files. If set -# to NO the shortest path that makes the file name unique will be used. - FULL_PATH_NAMES = NO - -# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag -# can be used to strip a user-defined part of the path. Stripping is -# only done if one of the specified strings matches the left-hand part of -# the path. The tag can be used to show relative paths in the file list. -# If left blank the directory from which doxygen is run is used as the -# path to strip. Note that you specify absolute paths here, but also -# relative paths, which will be relative from the directory where doxygen is -# started. - -STRIP_FROM_PATH = - -# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of -# the path mentioned in the documentation of a class, which tells -# the reader which header file to include in order to use a class. -# If left blank only the name of the header file containing the class -# definition is used. Otherwise one should specify the include paths that -# are normally passed to the compiler using the -I flag. - -STRIP_FROM_INC_PATH = - -# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter -# (but less readable) file names. This can be useful if your file system -# doesn't support long names like on DOS, Mac, or CD-ROM. - -SHORT_NAMES = NO - -# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen -# will interpret the first line (until the first dot) of a JavaDoc-style -# comment as the brief description. If set to NO, the JavaDoc -# comments will behave just like regular Qt-style comments -# (thus requiring an explicit @brief command for a brief description.) - -JAVADOC_AUTOBRIEF = NO - -# If the QT_AUTOBRIEF tag is set to YES then Doxygen will -# interpret the first line (until the first dot) of a Qt-style -# comment as the brief description. If set to NO, the comments -# will behave just like regular Qt-style comments (thus requiring -# an explicit \brief command for a brief description.) - -QT_AUTOBRIEF = NO - -# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen -# treat a multi-line C++ special comment block (i.e. a block of //! or /// -# comments) as a brief description. This used to be the default behaviour. -# The new default is to treat a multi-line C++ comment block as a detailed -# description. Set this tag to YES if you prefer the old behaviour instead. - -MULTILINE_CPP_IS_BRIEF = NO - -# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented -# member inherits the documentation from any documented member that it -# re-implements. - -INHERIT_DOCS = YES - -# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce -# a new page for each member. If set to NO, the documentation of a member will -# be part of the file/class/namespace that contains it. - -SEPARATE_MEMBER_PAGES = NO - -# The TAB_SIZE tag can be used to set the number of spaces in a tab. -# Doxygen uses this value to replace tabs by spaces in code fragments. - -TAB_SIZE = 8 - -# This tag can be used to specify a number of aliases that acts -# as commands in the documentation. An alias has the form "name=value". -# For example adding "sideeffect=\par Side Effects:\n" will allow you to -# put the command \sideeffect (or @sideeffect) in the documentation, which -# will result in a user-defined paragraph with heading "Side Effects:". -# You can put \n's in the value part of an alias to insert newlines. - -ALIASES = - -# This tag can be used to specify a number of word-keyword mappings (TCL only). -# A mapping has the form "name=value". For example adding -# "class=itcl::class" will allow you to use the command class in the -# itcl::class meaning. - -TCL_SUBST = - -# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C -# sources only. Doxygen will then generate output that is more tailored for C. -# For instance, some of the names that are used will be different. The list -# of all members will be omitted, etc. - OPTIMIZE_OUTPUT_FOR_C = YES - -# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java -# sources only. Doxygen will then generate output that is more tailored for -# Java. For instance, namespaces will be presented as packages, qualified -# scopes will look different, etc. - -OPTIMIZE_OUTPUT_JAVA = NO - -# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran -# sources only. Doxygen will then generate output that is more tailored for -# Fortran. - -OPTIMIZE_FOR_FORTRAN = NO - -# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL -# sources. Doxygen will then generate output that is tailored for -# VHDL. - -OPTIMIZE_OUTPUT_VHDL = NO - -# Doxygen selects the parser to use depending on the extension of the files it -# parses. With this tag you can assign which parser to use for a given -# extension. Doxygen has a built-in mapping, but you can override or extend it -# using this tag. The format is ext=language, where ext is a file extension, -# and language is one of the parsers supported by doxygen: IDL, Java, -# Javascript, CSharp, C, C++, D, PHP, Objective-C, Python, Fortran, VHDL, C, -# C++. For instance to make doxygen treat .inc files as Fortran files (default -# is PHP), and .f files as C (default is Fortran), use: inc=Fortran f=C. Note -# that for custom extensions you also need to set FILE_PATTERNS otherwise the -# files are not read by doxygen. - -EXTENSION_MAPPING = - -# If MARKDOWN_SUPPORT is enabled (the default) then doxygen pre-processes all -# comments according to the Markdown format, which allows for more readable -# documentation. See http://daringfireball.net/projects/markdown/ for details. -# The output of markdown processing is further processed by doxygen, so you -# can mix doxygen, HTML, and XML commands with Markdown formatting. -# Disable only in case of backward compatibilities issues. - -MARKDOWN_SUPPORT = YES - -# When enabled doxygen tries to link words that correspond to documented -# classes, or namespaces to their corresponding documentation. Such a link can -# be prevented in individual cases by by putting a % sign in front of the word -# or globally by setting AUTOLINK_SUPPORT to NO. - -AUTOLINK_SUPPORT = YES - -# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want -# to include (a tag file for) the STL sources as input, then you should -# set this tag to YES in order to let doxygen match functions declarations and -# definitions whose arguments contain STL classes (e.g. func(std::string); v.s. -# func(std::string) {}). This also makes the inheritance and collaboration -# diagrams that involve STL classes more complete and accurate. - -BUILTIN_STL_SUPPORT = NO - -# If you use Microsoft's C++/CLI language, you should set this option to YES to -# enable parsing support. - -CPP_CLI_SUPPORT = NO - -# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only. -# Doxygen will parse them like normal C++ but will assume all classes use public -# instead of private inheritance when no explicit protection keyword is present. - -SIP_SUPPORT = NO - -# For Microsoft's IDL there are propget and propput attributes to indicate -# getter and setter methods for a property. Setting this option to YES (the -# default) will make doxygen replace the get and set methods by a property in -# the documentation. This will only work if the methods are indeed getting or -# setting a simple type. If this is not the case, or you want to show the -# methods anyway, you should set this option to NO. - -IDL_PROPERTY_SUPPORT = YES - -# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC -# tag is set to YES, then doxygen will reuse the documentation of the first -# member in the group (if any) for the other members of the group. By default -# all members of a group must be documented explicitly. - -DISTRIBUTE_GROUP_DOC = NO - -# Set the SUBGROUPING tag to YES (the default) to allow class member groups of -# the same type (for instance a group of public functions) to be put as a -# subgroup of that type (e.g. under the Public Functions section). Set it to -# NO to prevent subgrouping. Alternatively, this can be done per class using -# the \nosubgrouping command. - -SUBGROUPING = YES - -# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and -# unions are shown inside the group in which they are included (e.g. using -# @ingroup) instead of on a separate page (for HTML and Man pages) or -# section (for LaTeX and RTF). - -INLINE_GROUPED_CLASSES = NO - -# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and -# unions with only public data fields or simple typedef fields will be shown -# inline in the documentation of the scope in which they are defined (i.e. file, -# namespace, or group documentation), provided this scope is documented. If set -# to NO (the default), structs, classes, and unions are shown on a separate -# page (for HTML and Man pages) or section (for LaTeX and RTF). - -INLINE_SIMPLE_STRUCTS = NO - -# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum -# is documented as struct, union, or enum with the name of the typedef. So -# typedef struct TypeS {} TypeT, will appear in the documentation as a struct -# with name TypeT. When disabled the typedef will appear as a member of a file, -# namespace, or class. And the struct will be named TypeS. This can typically -# be useful for C code in case the coding convention dictates that all compound -# types are typedef'ed and only the typedef is referenced, never the tag name. - -TYPEDEF_HIDES_STRUCT = NO - -# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This -# cache is used to resolve symbols given their name and scope. Since this can -# be an expensive process and often the same symbol appear multiple times in -# the code, doxygen keeps a cache of pre-resolved symbols. If the cache is too -# small doxygen will become slower. If the cache is too large, memory is wasted. -# The cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid -# range is 0..9, the default is 0, corresponding to a cache size of 2^16 = 65536 -# symbols. - -LOOKUP_CACHE_SIZE = 0 - -#--------------------------------------------------------------------------- -# Build related configuration options -#--------------------------------------------------------------------------- - -# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in -# documentation are documented, even if no documentation was available. -# Private class members and static file members will be hidden unless -# the EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES - EXTRACT_ALL = YES - -# If the EXTRACT_PRIVATE tag is set to YES all private members of a class -# will be included in the documentation. - EXTRACT_PRIVATE = YES - -# If the EXTRACT_PACKAGE tag is set to YES all members with package or internal -# scope will be included in the documentation. - -EXTRACT_PACKAGE = NO - -# If the EXTRACT_STATIC tag is set to YES all static members of a file -# will be included in the documentation. - EXTRACT_STATIC = YES - -# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs) -# defined locally in source files will be included in the documentation. -# If set to NO only classes defined in header files are included. - -EXTRACT_LOCAL_CLASSES = YES - -# This flag is only useful for Objective-C code. When set to YES local -# methods, which are defined in the implementation section but not in -# the interface are included in the documentation. -# If set to NO (the default) only methods in the interface are included. - -EXTRACT_LOCAL_METHODS = YES - -# If this flag is set to YES, the members of anonymous namespaces will be -# extracted and appear in the documentation as a namespace called -# 'anonymous_namespace{file}', where file will be replaced with the base -# name of the file that contains the anonymous namespace. By default -# anonymous namespaces are hidden. - -EXTRACT_ANON_NSPACES = YES - -# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all -# undocumented members of documented classes, files or namespaces. -# If set to NO (the default) these members will be included in the -# various overviews, but no documentation section is generated. -# This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_MEMBERS = NO - -# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all -# undocumented classes that are normally visible in the class hierarchy. -# If set to NO (the default) these classes will be included in the various -# overviews. This option has no effect if EXTRACT_ALL is enabled. - -HIDE_UNDOC_CLASSES = NO - -# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all -# friend (class|struct|union) declarations. -# If set to NO (the default) these declarations will be included in the -# documentation. - -HIDE_FRIEND_COMPOUNDS = NO - -# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any -# documentation blocks found inside the body of a function. -# If set to NO (the default) these blocks will be appended to the -# function's detailed documentation block. - -HIDE_IN_BODY_DOCS = NO - -# The INTERNAL_DOCS tag determines if documentation -# that is typed after a \internal command is included. If the tag is set -# to NO (the default) then the documentation will be excluded. -# Set it to YES to include the internal documentation. - -INTERNAL_DOCS = NO - -# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate -# file names in lower-case letters. If set to YES upper-case letters are also -# allowed. This is useful if you have classes or files whose names only differ -# in case and if your file system supports case sensitive file names. Windows -# and Mac users are advised to set this option to NO. - CASE_SENSE_NAMES = NO - -# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen -# will show members with their full class and namespace scopes in the -# documentation. If set to YES the scope will be hidden. - -HIDE_SCOPE_NAMES = NO - -# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen -# will put a list of the files that are included by a file in the documentation -# of that file. - -SHOW_INCLUDE_FILES = YES - -# If the FORCE_LOCAL_INCLUDES tag is set to YES then Doxygen -# will list include files with double quotes in the documentation -# rather than with sharp brackets. - -FORCE_LOCAL_INCLUDES = NO - -# If the INLINE_INFO tag is set to YES (the default) then a tag [inline] -# is inserted in the documentation for inline members. - -INLINE_INFO = YES - -# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen -# will sort the (detailed) documentation of file and class members -# alphabetically by member name. If set to NO the members will appear in -# declaration order. - -SORT_MEMBER_DOCS = YES - -# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the -# brief documentation of file, namespace and class members alphabetically -# by member name. If set to NO (the default) the members will appear in -# declaration order. - -SORT_BRIEF_DOCS = NO - -# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen -# will sort the (brief and detailed) documentation of class members so that -# constructors and destructors are listed first. If set to NO (the default) -# the constructors will appear in the respective orders defined by -# SORT_MEMBER_DOCS and SORT_BRIEF_DOCS. -# This tag will be ignored for brief docs if SORT_BRIEF_DOCS is set to NO -# and ignored for detailed docs if SORT_MEMBER_DOCS is set to NO. - -SORT_MEMBERS_CTORS_1ST = NO - -# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the -# hierarchy of group names into alphabetical order. If set to NO (the default) -# the group names will appear in their defined order. - -SORT_GROUP_NAMES = NO - -# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be -# sorted by fully-qualified names, including namespaces. If set to -# NO (the default), the class list will be sorted only by class name, -# not including the namespace part. -# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. -# Note: This option applies only to the class list, not to the -# alphabetical list. - -SORT_BY_SCOPE_NAME = NO - -# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to -# do proper type resolution of all parameters of a function it will reject a -# match between the prototype and the implementation of a member function even -# if there is only one candidate or it is obvious which candidate to choose -# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen -# will still accept a match between prototype and implementation in such cases. - -STRICT_PROTO_MATCHING = NO - -# The GENERATE_TODOLIST tag can be used to enable (YES) or -# disable (NO) the todo list. This list is created by putting \todo -# commands in the documentation. - -GENERATE_TODOLIST = YES - -# The GENERATE_TESTLIST tag can be used to enable (YES) or -# disable (NO) the test list. This list is created by putting \test -# commands in the documentation. - -GENERATE_TESTLIST = YES - -# The GENERATE_BUGLIST tag can be used to enable (YES) or -# disable (NO) the bug list. This list is created by putting \bug -# commands in the documentation. - -GENERATE_BUGLIST = YES - -# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or -# disable (NO) the deprecated list. This list is created by putting -# \deprecated commands in the documentation. - -GENERATE_DEPRECATEDLIST= YES - -# The ENABLED_SECTIONS tag can be used to enable conditional -# documentation sections, marked by \if section-label ... \endif -# and \cond section-label ... \endcond blocks. - -ENABLED_SECTIONS = - -# The MAX_INITIALIZER_LINES tag determines the maximum number of lines -# the initial value of a variable or macro consists of for it to appear in -# the documentation. If the initializer consists of more lines than specified -# here it will be hidden. Use a value of 0 to hide initializers completely. -# The appearance of the initializer of individual variables and macros in the -# documentation can be controlled using \showinitializer or \hideinitializer -# command in the documentation regardless of this setting. - -MAX_INITIALIZER_LINES = 30 - -# Set the SHOW_USED_FILES tag to NO to disable the list of files generated -# at the bottom of the documentation of classes and structs. If set to YES the -# list will mention the files that were used to generate the documentation. - -SHOW_USED_FILES = YES - -# Set the SHOW_FILES tag to NO to disable the generation of the Files page. -# This will remove the Files entry from the Quick Index and from the -# Folder Tree View (if specified). The default is YES. - -SHOW_FILES = YES - -# Set the SHOW_NAMESPACES tag to NO to disable the generation of the -# Namespaces page. -# This will remove the Namespaces entry from the Quick Index -# and from the Folder Tree View (if specified). The default is YES. - -SHOW_NAMESPACES = YES - -# The FILE_VERSION_FILTER tag can be used to specify a program or script that -# doxygen should invoke to get the current version for each file (typically from -# the version control system). Doxygen will invoke the program by executing (via -# popen()) the command , where is the value of -# the FILE_VERSION_FILTER tag, and is the name of an input file -# provided by doxygen. Whatever the program writes to standard output -# is used as the file version. See the manual for examples. - -FILE_VERSION_FILTER = - -# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed -# by doxygen. The layout file controls the global structure of the generated -# output files in an output format independent way. To create the layout file -# that represents doxygen's defaults, run doxygen with the -l option. -# You can optionally specify a file name after the option, if omitted -# DoxygenLayout.xml will be used as the name of the layout file. - -LAYOUT_FILE = - -# The CITE_BIB_FILES tag can be used to specify one or more bib files -# containing the references data. This must be a list of .bib files. The -# .bib extension is automatically appended if omitted. Using this command -# requires the bibtex tool to be installed. See also -# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style -# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this -# feature you need bibtex and perl available in the search path. Do not use -# file names with spaces, bibtex cannot handle them. - -CITE_BIB_FILES = - -#--------------------------------------------------------------------------- -# configuration options related to warning and progress messages -#--------------------------------------------------------------------------- - -# The QUIET tag can be used to turn on/off the messages that are generated -# by doxygen. Possible values are YES and NO. If left blank NO is used. - -QUIET = NO - -# The WARNINGS tag can be used to turn on/off the warning messages that are -# generated by doxygen. Possible values are YES and NO. If left blank -# NO is used. - -WARNINGS = YES - -# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings -# for undocumented members. If EXTRACT_ALL is set to YES then this flag will -# automatically be disabled. - -WARN_IF_UNDOCUMENTED = YES - -# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for -# potential errors in the documentation, such as not documenting some -# parameters in a documented function, or documenting parameters that -# don't exist or using markup commands wrongly. - -WARN_IF_DOC_ERROR = YES - -# The WARN_NO_PARAMDOC option can be enabled to get warnings for -# functions that are documented, but have no documentation for their parameters -# or return value. If set to NO (the default) doxygen will only warn about -# wrong or incomplete parameter documentation, but not about the absence of -# documentation. - -WARN_NO_PARAMDOC = NO - -# The WARN_FORMAT tag determines the format of the warning messages that -# doxygen can produce. The string should contain the $file, $line, and $text -# tags, which will be replaced by the file and line number from which the -# warning originated and the warning text. Optionally the format may contain -# $version, which will be replaced by the version of the file (if it could -# be obtained via FILE_VERSION_FILTER) - -WARN_FORMAT = "$file:$line: $text" - -# The WARN_LOGFILE tag can be used to specify a file to which warning -# and error messages should be written. If left blank the output is written -# to stderr. - -WARN_LOGFILE = - -#--------------------------------------------------------------------------- -# configuration options related to the input files -#--------------------------------------------------------------------------- - -# The INPUT tag can be used to specify the files and/or directories that contain -# documented source files. You may enter file names like "myfile.cpp" or -# directories like "/usr/src/myproject". Separate the files or directories -# with spaces. - INPUT = ../include input - -# This tag can be used to specify the character encoding of the source files -# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is -# also the default input encoding. Doxygen uses libiconv (or the iconv built -# into libc) for the transcoding. See http://www.gnu.org/software/libiconv for -# the list of possible encodings. - -INPUT_ENCODING = UTF-8 - -# If the value of the INPUT tag contains directories, you can use the -# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank the following patterns are tested: -# *.c *.cc *.cxx *.cpp *.c++ *.d *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh -# *.hxx *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.dox *.py -# *.f90 *.f *.for *.vhd *.vhdl - FILE_PATTERNS = *.h - -# The RECURSIVE tag can be used to turn specify whether or not subdirectories -# should be searched for input files as well. Possible values are YES and NO. -# If left blank NO is used. - RECURSIVE = YES - -# The EXCLUDE tag can be used to specify files and/or directories that should be -# excluded from the INPUT source files. This way you can easily exclude a -# subdirectory from a directory tree whose root is specified with the INPUT tag. -# Note that relative paths are relative to the directory from which doxygen is -# run. - -EXCLUDE = - -# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or -# directories that are symbolic links (a Unix file system feature) are excluded -# from the input. - EXCLUDE_SYMLINKS = YES - -# If the value of the INPUT tag contains directories, you can use the -# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude -# certain files from those directories. Note that the wildcards are matched -# against the file with absolute path, so to exclude all test directories -# for example use the pattern */test/* - EXCLUDE_PATTERNS = *_internal.h *_wrap.h - -# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names -# (namespaces, classes, functions, etc.) that should be excluded from the -# output. The symbol name can be a fully qualified name, a word, or if the -# wildcard * is used, a substring. Examples: ANamespace, AClass, -# AClass::ANamespace, ANamespace::*Test - -EXCLUDE_SYMBOLS = - -# The EXAMPLE_PATH tag can be used to specify one or more files or -# directories that contain example code fragments that are included (see -# the \include command). - -EXAMPLE_PATH = - -# If the value of the EXAMPLE_PATH tag contains directories, you can use the -# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp -# and *.h) to filter out the source-files in the directories. If left -# blank all files are included. - -EXAMPLE_PATTERNS = * - -# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be -# searched for input files to be used with the \include or \dontinclude -# commands irrespective of the value of the RECURSIVE tag. -# Possible values are YES and NO. If left blank NO is used. - -EXAMPLE_RECURSIVE = NO - -# The IMAGE_PATH tag can be used to specify one or more files or -# directories that contain image that are included in the documentation (see -# the \image command). - -IMAGE_PATH = - -# The INPUT_FILTER tag can be used to specify a program that doxygen should -# invoke to filter for each input file. Doxygen will invoke the filter program -# by executing (via popen()) the command , where -# is the value of the INPUT_FILTER tag, and is the name of an -# input file. Doxygen will then use the output that the filter program writes -# to standard output. -# If FILTER_PATTERNS is specified, this tag will be ignored. -# Note that the filter must not add or remove lines; it is applied before the -# code is scanned, but not when the output code is generated. If lines are added -# or removed, the anchors will not be placed correctly. - -INPUT_FILTER = - -# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern -# basis. -# Doxygen will compare the file name with each pattern and apply the -# filter if there is a match. -# The filters are a list of the form: -# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further -# info on how filters are used. If FILTER_PATTERNS is empty or if -# non of the patterns match the file name, INPUT_FILTER is applied. - -FILTER_PATTERNS = - -# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using -# INPUT_FILTER) will be used to filter the input files when producing source -# files to browse (i.e. when SOURCE_BROWSER is set to YES). - -FILTER_SOURCE_FILES = NO - -# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file -# pattern. A pattern will override the setting for FILTER_PATTERN (if any) -# and it is also possible to disable source filtering for a specific pattern -# using *.ext= (so without naming a filter). This option only has effect when -# FILTER_SOURCE_FILES is enabled. - -FILTER_SOURCE_PATTERNS = - -# If the USE_MD_FILE_AS_MAINPAGE tag refers to the name of a markdown file that -# is part of the input, its contents will be placed on the main page -# (index.html). This can be useful if you have a project on for instance GitHub -# and want reuse the introduction page also for the doxygen output. - -USE_MDFILE_AS_MAINPAGE = - -#--------------------------------------------------------------------------- -# configuration options related to source browsing -#--------------------------------------------------------------------------- - -# If the SOURCE_BROWSER tag is set to YES then a list of source files will -# be generated. Documented entities will be cross-referenced with these sources. -# Note: To get rid of all source code in the generated output, make sure also -# VERBATIM_HEADERS is set to NO. - SOURCE_BROWSER = YES - -# Setting the INLINE_SOURCES tag to YES will include the body -# of functions and classes directly in the documentation. - -INLINE_SOURCES = NO - -# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct -# doxygen to hide any special comment blocks from generated source code -# fragments. Normal C, C++ and Fortran comments will always remain visible. - -STRIP_CODE_COMMENTS = YES - -# If the REFERENCED_BY_RELATION tag is set to YES -# then for each documented function all documented -# functions referencing it will be listed. - REFERENCED_BY_RELATION = YES - -# If the REFERENCES_RELATION tag is set to YES -# then for each documented function all documented entities -# called/used by that function will be listed. - REFERENCES_RELATION = YES - -# If the REFERENCES_LINK_SOURCE tag is set to YES (the default) -# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from -# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will -# link to the source code. -# Otherwise they will link to the documentation. - -REFERENCES_LINK_SOURCE = YES - -# If the USE_HTAGS tag is set to YES then the references to source code -# will point to the HTML generated by the htags(1) tool instead of doxygen -# built-in source browser. The htags tool is part of GNU's global source -# tagging system (see http://www.gnu.org/software/global/global.html). You -# will need version 4.8.6 or higher. - -USE_HTAGS = NO - -# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen -# will generate a verbatim copy of the header file for each class for -# which an include is specified. Set to NO to disable this. - -VERBATIM_HEADERS = YES - -#--------------------------------------------------------------------------- -# configuration options related to the alphabetical class index -#--------------------------------------------------------------------------- - -# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index -# of all compounds will be generated. Enable this if the project -# contains a lot of classes, structs, unions or interfaces. - ALPHABETICAL_INDEX = NO - -# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then -# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns -# in which this list will be split (can be a number in the range [1..20]) - -COLS_IN_ALPHA_INDEX = 5 - -# In case all classes in a project start with a common prefix, all -# classes will be put under the same header in the alphabetical index. -# The IGNORE_PREFIX tag can be used to specify one or more prefixes that -# should be ignored while generating the index headers. - -IGNORE_PREFIX = - -#--------------------------------------------------------------------------- -# configuration options related to the HTML output -#--------------------------------------------------------------------------- - -# If the GENERATE_HTML tag is set to YES (the default) Doxygen will -# generate HTML output. - -GENERATE_HTML = YES - -# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `html' will be used as the default path. - HTML_OUTPUT = . - -# The HTML_FILE_EXTENSION tag can be used to specify the file extension for -# each generated HTML page (for example: .htm,.php,.asp). If it is left blank -# doxygen will generate files with .html extension. - -HTML_FILE_EXTENSION = .html - -# The HTML_HEADER tag can be used to specify a personal HTML header for -# each generated HTML page. If it is left blank doxygen will generate a -# standard header. Note that when using a custom header you are responsible -# for the proper inclusion of any scripts and style sheets that doxygen -# needs, which is dependent on the configuration options used. -# It is advised to generate a default header using "doxygen -w html -# header.html footer.html stylesheet.css YourConfigFile" and then modify -# that header. Note that the header is subject to change so you typically -# have to redo this when upgrading to a newer version of doxygen or when -# changing the value of configuration settings such as GENERATE_TREEVIEW! - -HTML_HEADER = - -# The HTML_FOOTER tag can be used to specify a personal HTML footer for -# each generated HTML page. If it is left blank doxygen will generate a -# standard footer. - -HTML_FOOTER = - -# The HTML_STYLESHEET tag can be used to specify a user-defined cascading -# style sheet that is used by each HTML page. It can be used to -# fine-tune the look of the HTML output. If left blank doxygen will -# generate a default style sheet. Note that it is recommended to use -# HTML_EXTRA_STYLESHEET instead of this one, as it is more robust and this -# tag will in the future become obsolete. - -HTML_STYLESHEET = - -# The HTML_EXTRA_STYLESHEET tag can be used to specify an additional -# user-defined cascading style sheet that is included after the standard -# style sheets created by doxygen. Using this option one can overrule -# certain style aspects. This is preferred over using HTML_STYLESHEET -# since it does not replace the standard style sheet and is therefor more -# robust against future updates. Doxygen will copy the style sheet file to -# the output directory. - -HTML_EXTRA_STYLESHEET = - -# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or -# other source files which should be copied to the HTML output directory. Note -# that these files will be copied to the base HTML output directory. Use the -# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these -# files. In the HTML_STYLESHEET file, use the file name only. Also note that -# the files will be copied as-is; there are no commands or markers available. - -HTML_EXTRA_FILES = - -# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. -# Doxygen will adjust the colors in the style sheet and background images -# according to this color. Hue is specified as an angle on a colorwheel, -# see http://en.wikipedia.org/wiki/Hue for more information. -# For instance the value 0 represents red, 60 is yellow, 120 is green, -# 180 is cyan, 240 is blue, 300 purple, and 360 is red again. -# The allowed range is 0 to 359. - -HTML_COLORSTYLE_HUE = 220 - -# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of -# the colors in the HTML output. For a value of 0 the output will use -# grayscales only. A value of 255 will produce the most vivid colors. - -HTML_COLORSTYLE_SAT = 100 - -# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to -# the luminance component of the colors in the HTML output. Values below -# 100 gradually make the output lighter, whereas values above 100 make -# the output darker. The value divided by 100 is the actual gamma applied, -# so 80 represents a gamma of 0.8, The value 220 represents a gamma of 2.2, -# and 100 does not change the gamma. - -HTML_COLORSTYLE_GAMMA = 80 - -# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML -# page will contain the date and time when the page was generated. Setting -# this to NO can help when comparing the output of multiple runs. - HTML_TIMESTAMP = YES - -# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML -# documentation will contain sections that can be hidden and shown after the -# page has loaded. - -HTML_DYNAMIC_SECTIONS = NO - -# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of -# entries shown in the various tree structured indices initially; the user -# can expand and collapse entries dynamically later on. Doxygen will expand -# the tree to such a level that at most the specified number of entries are -# visible (unless a fully collapsed tree already exceeds this amount). -# So setting the number of entries 1 will produce a full collapsed tree by -# default. 0 is a special value representing an infinite number of entries -# and will result in a full expanded tree by default. - -HTML_INDEX_NUM_ENTRIES = 100 - -# If the GENERATE_DOCSET tag is set to YES, additional index files -# will be generated that can be used as input for Apple's Xcode 3 -# integrated development environment, introduced with OSX 10.5 (Leopard). -# To create a documentation set, doxygen will generate a Makefile in the -# HTML output directory. Running make will produce the docset in that -# directory and running "make install" will install the docset in -# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find -# it at startup. -# See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html -# for more information. - -GENERATE_DOCSET = NO - -# When GENERATE_DOCSET tag is set to YES, this tag determines the name of the -# feed. A documentation feed provides an umbrella under which multiple -# documentation sets from a single provider (such as a company or product suite) -# can be grouped. - -DOCSET_FEEDNAME = "Doxygen generated docs" - -# When GENERATE_DOCSET tag is set to YES, this tag specifies a string that -# should uniquely identify the documentation set bundle. This should be a -# reverse domain-name style string, e.g. com.mycompany.MyDocSet. Doxygen -# will append .docset to the name. - -DOCSET_BUNDLE_ID = org.doxygen.Project - -# When GENERATE_PUBLISHER_ID tag specifies a string that should uniquely -# identify the documentation publisher. This should be a reverse domain-name -# style string, e.g. com.mycompany.MyDocSet.documentation. - -DOCSET_PUBLISHER_ID = org.doxygen.Publisher - -# The GENERATE_PUBLISHER_NAME tag identifies the documentation publisher. - -DOCSET_PUBLISHER_NAME = Publisher - -# If the GENERATE_HTMLHELP tag is set to YES, additional index files -# will be generated that can be used as input for tools like the -# Microsoft HTML help workshop to generate a compiled HTML help file (.chm) -# of the generated HTML documentation. - -GENERATE_HTMLHELP = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can -# be used to specify the file name of the resulting .chm file. You -# can add a path in front of the file if the result should not be -# written to the html output directory. - -CHM_FILE = - -# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can -# be used to specify the location (absolute path including file name) of -# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run -# the HTML help compiler on the generated index.hhp. - -HHC_LOCATION = - -# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag -# controls if a separate .chi index file is generated (YES) or that -# it should be included in the master .chm file (NO). - -GENERATE_CHI = NO - -# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING -# is used to encode HtmlHelp index (hhk), content (hhc) and project file -# content. - -CHM_INDEX_ENCODING = - -# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag -# controls whether a binary table of contents is generated (YES) or a -# normal table of contents (NO) in the .chm file. - -BINARY_TOC = NO - -# The TOC_EXPAND flag can be set to YES to add extra items for group members -# to the contents of the HTML help documentation and to the tree view. - -TOC_EXPAND = NO - -# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and -# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated -# that can be used as input for Qt's qhelpgenerator to generate a -# Qt Compressed Help (.qch) of the generated HTML documentation. - -GENERATE_QHP = NO - -# If the QHG_LOCATION tag is specified, the QCH_FILE tag can -# be used to specify the file name of the resulting .qch file. -# The path specified is relative to the HTML output folder. - -QCH_FILE = - -# The QHP_NAMESPACE tag specifies the namespace to use when generating -# Qt Help Project output. For more information please see -# http://doc.trolltech.com/qthelpproject.html#namespace - -QHP_NAMESPACE = org.doxygen.Project - -# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating -# Qt Help Project output. For more information please see -# http://doc.trolltech.com/qthelpproject.html#virtual-folders - -QHP_VIRTUAL_FOLDER = doc - -# If QHP_CUST_FILTER_NAME is set, it specifies the name of a custom filter to -# add. For more information please see -# http://doc.trolltech.com/qthelpproject.html#custom-filters - -QHP_CUST_FILTER_NAME = - -# The QHP_CUST_FILT_ATTRS tag specifies the list of the attributes of the -# custom filter to add. For more information please see -# -# Qt Help Project / Custom Filters. - -QHP_CUST_FILTER_ATTRS = - -# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this -# project's -# filter section matches. -# -# Qt Help Project / Filter Attributes. - -QHP_SECT_FILTER_ATTRS = - -# If the GENERATE_QHP tag is set to YES, the QHG_LOCATION tag can -# be used to specify the location of Qt's qhelpgenerator. -# If non-empty doxygen will try to run qhelpgenerator on the generated -# .qhp file. - -QHG_LOCATION = - -# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files -# will be generated, which together with the HTML files, form an Eclipse help -# plugin. To install this plugin and make it available under the help contents -# menu in Eclipse, the contents of the directory containing the HTML and XML -# files needs to be copied into the plugins directory of eclipse. The name of -# the directory within the plugins directory should be the same as -# the ECLIPSE_DOC_ID value. After copying Eclipse needs to be restarted before -# the help appears. - -GENERATE_ECLIPSEHELP = NO - -# A unique identifier for the eclipse help plugin. When installing the plugin -# the directory name containing the HTML and XML files should also have -# this name. - -ECLIPSE_DOC_ID = org.doxygen.Project - -# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) -# at top of each HTML page. The value NO (the default) enables the index and -# the value YES disables it. Since the tabs have the same information as the -# navigation tree you can set this option to NO if you already set -# GENERATE_TREEVIEW to YES. - -DISABLE_INDEX = NO - -# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index -# structure should be generated to display hierarchical information. -# If the tag value is set to YES, a side panel will be generated -# containing a tree-like index structure (just like the one that -# is generated for HTML Help). For this to work a browser that supports -# JavaScript, DHTML, CSS and frames is required (i.e. any modern browser). -# Windows users are probably better off using the HTML help feature. -# Since the tree basically has the same information as the tab index you -# could consider to set DISABLE_INDEX to NO when enabling this option. - -GENERATE_TREEVIEW = NO - -# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values -# (range [0,1..20]) that doxygen will group on one line in the generated HTML -# documentation. Note that a value of 0 will completely suppress the enum -# values from appearing in the overview section. - -ENUM_VALUES_PER_LINE = 4 - -# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be -# used to set the initial width (in pixels) of the frame in which the tree -# is shown. - -TREEVIEW_WIDTH = 250 - -# When the EXT_LINKS_IN_WINDOW option is set to YES doxygen will open -# links to external symbols imported via tag files in a separate window. - -EXT_LINKS_IN_WINDOW = NO - -# Use this tag to change the font size of Latex formulas included -# as images in the HTML documentation. The default is 10. Note that -# when you change the font size after a successful doxygen run you need -# to manually remove any form_*.png images from the HTML output directory -# to force them to be regenerated. - -FORMULA_FONTSIZE = 10 - -# Use the FORMULA_TRANPARENT tag to determine whether or not the images -# generated for formulas are transparent PNGs. Transparent PNGs are -# not supported properly for IE 6.0, but are supported on all modern browsers. -# Note that when changing this option you need to delete any form_*.png files -# in the HTML output before the changes have effect. - -FORMULA_TRANSPARENT = YES - -# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax -# (see http://www.mathjax.org) which uses client side Javascript for the -# rendering instead of using prerendered bitmaps. Use this if you do not -# have LaTeX installed or if you want to formulas look prettier in the HTML -# output. When enabled you may also need to install MathJax separately and -# configure the path to it using the MATHJAX_RELPATH option. - -USE_MATHJAX = NO - -# When MathJax is enabled you can set the default output format to be used for -# the MathJax output. Supported types are HTML-CSS, NativeMML (i.e. MathML) and -# SVG. The default value is HTML-CSS, which is slower, but has the best -# compatibility. - -MATHJAX_FORMAT = HTML-CSS - -# When MathJax is enabled you need to specify the location relative to the -# HTML output directory using the MATHJAX_RELPATH option. The destination -# directory should contain the MathJax.js script. For instance, if the mathjax -# directory is located at the same level as the HTML output directory, then -# MATHJAX_RELPATH should be ../mathjax. The default value points to -# the MathJax Content Delivery Network so you can quickly see the result without -# installing MathJax. -# However, it is strongly recommended to install a local -# copy of MathJax from http://www.mathjax.org before deployment. - -MATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest - -# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension -# names that should be enabled during MathJax rendering. - -MATHJAX_EXTENSIONS = - -# The MATHJAX_CODEFILE tag can be used to specify a file with javascript -# pieces of code that will be used on startup of the MathJax code. - -MATHJAX_CODEFILE = - -# When the SEARCHENGINE tag is enabled doxygen will generate a search box -# for the HTML output. The underlying search engine uses javascript -# and DHTML and should work on any modern browser. Note that when using -# HTML help (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets -# (GENERATE_DOCSET) there is already a search function so this one should -# typically be disabled. For large projects the javascript based search engine -# can be slow, then enabling SERVER_BASED_SEARCH may provide a better solution. - -SEARCHENGINE = NO - -# When the SERVER_BASED_SEARCH tag is enabled the search engine will be -# implemented using a web server instead of a web client using Javascript. -# There are two flavours of web server based search depending on the -# EXTERNAL_SEARCH setting. When disabled, doxygen will generate a PHP script for -# searching and an index file used by the script. When EXTERNAL_SEARCH is -# enabled the indexing and searching needs to be provided by external tools. -# See the manual for details. - -SERVER_BASED_SEARCH = NO - -# When EXTERNAL_SEARCH is enabled doxygen will no longer generate the PHP -# script for searching. Instead the search results are written to an XML file -# which needs to be processed by an external indexer. Doxygen will invoke an -# external search engine pointed to by the SEARCHENGINE_URL option to obtain -# the search results. Doxygen ships with an example indexer (doxyindexer) and -# search engine (doxysearch.cgi) which are based on the open source search -# engine library Xapian. See the manual for configuration details. - -EXTERNAL_SEARCH = NO - -# The SEARCHENGINE_URL should point to a search engine hosted by a web server -# which will returned the search results when EXTERNAL_SEARCH is enabled. -# Doxygen ships with an example search engine (doxysearch) which is based on -# the open source search engine library Xapian. See the manual for configuration -# details. - -SEARCHENGINE_URL = - -# When SERVER_BASED_SEARCH and EXTERNAL_SEARCH are both enabled the unindexed -# search data is written to a file for indexing by an external tool. With the -# SEARCHDATA_FILE tag the name of this file can be specified. - -SEARCHDATA_FILE = searchdata.xml - -# When SERVER_BASED_SEARCH AND EXTERNAL_SEARCH are both enabled the -# EXTERNAL_SEARCH_ID tag can be used as an identifier for the project. This is -# useful in combination with EXTRA_SEARCH_MAPPINGS to search through multiple -# projects and redirect the results back to the right project. - -EXTERNAL_SEARCH_ID = - -# The EXTRA_SEARCH_MAPPINGS tag can be used to enable searching through doxygen -# projects other than the one defined by this configuration file, but that are -# all added to the same external search index. Each project needs to have a -# unique id set via EXTERNAL_SEARCH_ID. The search mapping then maps the id -# of to a relative location where the documentation can be found. -# The format is: EXTRA_SEARCH_MAPPINGS = id1=loc1 id2=loc2 ... - -EXTRA_SEARCH_MAPPINGS = - -#--------------------------------------------------------------------------- -# configuration options related to the LaTeX output -#--------------------------------------------------------------------------- - -# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will -# generate Latex output. - +SEARCHENGINE = YES GENERATE_LATEX = NO - -# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `latex' will be used as the default path. - -LATEX_OUTPUT = latex - -# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be -# invoked. If left blank `latex' will be used as the default command name. -# Note that when enabling USE_PDFLATEX this option is only used for -# generating bitmaps for formulas in the HTML output, but not in the -# Makefile that is written to the output directory. - -LATEX_CMD_NAME = latex - -# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to -# generate index for LaTeX. If left blank `makeindex' will be used as the -# default command name. - -MAKEINDEX_CMD_NAME = makeindex - -# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact -# LaTeX documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_LATEX = YES - -# The PAPER_TYPE tag can be used to set the paper type that is used -# by the printer. Possible values are: a4, letter, legal and -# executive. If left blank a4 will be used. - -PAPER_TYPE = a4wide - -# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX -# packages that should be included in the LaTeX output. - -EXTRA_PACKAGES = - -# The LATEX_HEADER tag can be used to specify a personal LaTeX header for -# the generated latex document. The header should contain everything until -# the first chapter. If it is left blank doxygen will generate a -# standard header. Notice: only use this tag if you know what you are doing! - -LATEX_HEADER = - -# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for -# the generated latex document. The footer should contain everything after -# the last chapter. If it is left blank doxygen will generate a -# standard footer. Notice: only use this tag if you know what you are doing! - -LATEX_FOOTER = - -# The LATEX_EXTRA_FILES tag can be used to specify one or more extra images -# or other source files which should be copied to the LaTeX output directory. -# Note that the files will be copied as-is; there are no commands or markers -# available. - -LATEX_EXTRA_FILES = - -# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated -# is prepared for conversion to pdf (using ps2pdf). The pdf file will -# contain links (just like the HTML output) instead of page references -# This makes the output suitable for online browsing using a pdf viewer. - -PDF_HYPERLINKS = YES - -# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of -# plain latex in the generated Makefile. Set this option to YES to get a -# higher quality PDF documentation. - -USE_PDFLATEX = YES - -# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode. -# command to the generated LaTeX files. This will instruct LaTeX to keep -# running if errors occur, instead of asking the user for help. -# This option is also used when generating formulas in HTML. - -LATEX_BATCHMODE = NO - -# If LATEX_HIDE_INDICES is set to YES then doxygen will not -# include the index chapters (such as File Index, Compound Index, etc.) -# in the output. - -LATEX_HIDE_INDICES = NO - -# If LATEX_SOURCE_CODE is set to YES then doxygen will include -# source code with syntax highlighting in the LaTeX output. -# Note that which sources are shown also depends on other settings -# such as SOURCE_BROWSER. - -LATEX_SOURCE_CODE = NO - -# The LATEX_BIB_STYLE tag can be used to specify the style to use for the -# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See -# http://en.wikipedia.org/wiki/BibTeX for more info. - -LATEX_BIB_STYLE = plain - -#--------------------------------------------------------------------------- -# configuration options related to the RTF output -#--------------------------------------------------------------------------- - -# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output -# The RTF output is optimized for Word 97 and may not look very pretty with -# other RTF readers or editors. - -GENERATE_RTF = NO - -# The RTF_OUTPUT tag is used to specify where the RTF docs will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `rtf' will be used as the default path. - -RTF_OUTPUT = rtf - -# If the COMPACT_RTF tag is set to YES Doxygen generates more compact -# RTF documents. This may be useful for small projects and may help to -# save some trees in general. - -COMPACT_RTF = NO - -# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated -# will contain hyperlink fields. The RTF file will -# contain links (just like the HTML output) instead of page references. -# This makes the output suitable for online browsing using WORD or other -# programs which support those fields. -# Note: wordpad (write) and others do not support links. - -RTF_HYPERLINKS = NO - -# Load style sheet definitions from file. Syntax is similar to doxygen's -# config file, i.e. a series of assignments. You only have to provide -# replacements, missing definitions are set to their default value. - -RTF_STYLESHEET_FILE = - -# Set optional variables used in the generation of an rtf document. -# Syntax is similar to doxygen's config file. - -RTF_EXTENSIONS_FILE = - -#--------------------------------------------------------------------------- -# configuration options related to the man page output -#--------------------------------------------------------------------------- - -# If the GENERATE_MAN tag is set to YES (the default) Doxygen will -# generate man pages - -GENERATE_MAN = NO - -# The MAN_OUTPUT tag is used to specify where the man pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `man' will be used as the default path. - -MAN_OUTPUT = man - -# The MAN_EXTENSION tag determines the extension that is added to -# the generated man pages (default is the subroutine's section .3) - -MAN_EXTENSION = .3 - -# If the MAN_LINKS tag is set to YES and Doxygen generates man output, -# then it will generate one additional man file for each entity -# documented in the real man page(s). These additional files -# only source the real man page, but without them the man command -# would be unable to find the correct page. The default is NO. - -MAN_LINKS = NO - -#--------------------------------------------------------------------------- -# configuration options related to the XML output -#--------------------------------------------------------------------------- - -# If the GENERATE_XML tag is set to YES Doxygen will -# generate an XML file that captures the structure of -# the code including all documentation. - -GENERATE_XML = NO - -# The XML_OUTPUT tag is used to specify where the XML pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be -# put in front of it. If left blank `xml' will be used as the default path. - -XML_OUTPUT = xml - -# The XML_SCHEMA tag can be used to specify an XML schema, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -#XML_SCHEMA = - -# The XML_DTD tag can be used to specify an XML DTD, -# which can be used by a validating XML parser to check the -# syntax of the XML files. - -#XML_DTD = - -# If the XML_PROGRAMLISTING tag is set to YES Doxygen will -# dump the program listings (including syntax highlighting -# and cross-referencing information) to the XML output. Note that -# enabling this will significantly increase the size of the XML output. - -XML_PROGRAMLISTING = YES - -#--------------------------------------------------------------------------- -# configuration options related to the DOCBOOK output -#--------------------------------------------------------------------------- - -# If the GENERATE_DOCBOOK tag is set to YES Doxygen will generate DOCBOOK files -# that can be used to generate PDF. - -GENERATE_DOCBOOK = NO - -# The DOCBOOK_OUTPUT tag is used to specify where the DOCBOOK pages will be put. -# If a relative path is entered the value of OUTPUT_DIRECTORY will be put in -# front of it. If left blank docbook will be used as the default path. - -DOCBOOK_OUTPUT = docbook - -#--------------------------------------------------------------------------- -# configuration options for the AutoGen Definitions output -#--------------------------------------------------------------------------- - -# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will -# generate an AutoGen Definitions (see autogen.sf.net) file -# that captures the structure of the code including all -# documentation. Note that this feature is still experimental -# and incomplete at the moment. - -GENERATE_AUTOGEN_DEF = NO - -#--------------------------------------------------------------------------- -# configuration options related to the Perl module output -#--------------------------------------------------------------------------- - -# If the GENERATE_PERLMOD tag is set to YES Doxygen will -# generate a Perl module file that captures the structure of -# the code including all documentation. Note that this -# feature is still experimental and incomplete at the -# moment. - -GENERATE_PERLMOD = NO - -# If the PERLMOD_LATEX tag is set to YES Doxygen will generate -# the necessary Makefile rules, Perl scripts and LaTeX code to be able -# to generate PDF and DVI output from the Perl module output. - -PERLMOD_LATEX = NO - -# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be -# nicely formatted so it can be parsed by a human reader. -# This is useful -# if you want to understand what is going on. -# On the other hand, if this -# tag is set to NO the size of the Perl module output will be much smaller -# and Perl will parse it just the same. - -PERLMOD_PRETTY = YES - -# The names of the make variables in the generated doxyrules.make file -# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX. -# This is useful so different doxyrules.make files included by the same -# Makefile don't overwrite each other's variables. - -PERLMOD_MAKEVAR_PREFIX = - -#--------------------------------------------------------------------------- -# Configuration options related to the preprocessor -#--------------------------------------------------------------------------- - -# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will -# evaluate all C-preprocessor directives found in the sources and include -# files. - -ENABLE_PREPROCESSING = YES - -# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro -# names in the source code. If set to NO (the default) only conditional -# compilation will be performed. Macro expansion can be done in a controlled -# way by setting EXPAND_ONLY_PREDEF to YES. - -MACRO_EXPANSION = NO - -# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES -# then the macro expansion is limited to the macros specified with the -# PREDEFINED and EXPAND_AS_DEFINED tags. - -EXPAND_ONLY_PREDEF = NO - -# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files -# pointed to by INCLUDE_PATH will be searched when a #include is found. - -SEARCH_INCLUDES = YES - -# The INCLUDE_PATH tag can be used to specify one or more directories that -# contain include files that are not input files but should be processed by -# the preprocessor. - +GENERATE_XML = YES +MACRO_EXPANSION = YES +EXPAND_ONLY_PREDEF = YES INCLUDE_PATH = ../include - -# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard -# patterns (like *.h and *.hpp) to filter out the header-files in the -# directories. If left blank, the patterns specified with FILE_PATTERNS will -# be used. - -INCLUDE_FILE_PATTERNS = - -# The PREDEFINED tag can be used to specify one or more macro names that -# are defined before the preprocessor is started (similar to the -D option of -# gcc). The argument of the tag is a list of macros of the form: name -# or name=definition (no spaces). If the definition and the = are -# omitted =1 is assumed. To prevent a macro definition from being -# undefined via #undef or recursively expanded use the := operator -# instead of the = operator. - -PREDEFINED = WIN32 \ - NTLM \ - USE_LZO \ - ENABLE_FRAGMENT \ - P2MP \ - P2MP_SERVER \ - USE_CRYPTO \ - USE_SSL \ - ENABLE_PLUGIN \ - ENABLE_MANAGEMENT \ - ENABLE_OCC \ - HAVE_GETTIMEOFDAY - -# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then -# this tag can be used to specify a list of macro names that should be expanded. -# The macro definition that is found in the sources will be used. -# Use the PREDEFINED tag if you want to use a different macro definition that -# overrules the definition found in the source code. - -EXPAND_AS_DEFINED = - -# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then -# doxygen's preprocessor will remove all references to function-like macros -# that are alone on a line, have an all uppercase name, and do not end with a -# semicolon, because these will confuse the parser if not removed. - -SKIP_FUNCTION_MACROS = YES - -#--------------------------------------------------------------------------- -# Configuration::additions related to external references -#--------------------------------------------------------------------------- - -# The TAGFILES option can be used to specify one or more tagfiles. For each -# tag file the location of the external documentation should be added. The -# format of a tag file without this location is as follows: -# -# TAGFILES = file1 file2 ... -# Adding location for the tag files is done as follows: -# -# TAGFILES = file1=loc1 "file2 = loc2" ... -# where "loc1" and "loc2" can be relative or absolute paths -# or URLs. Note that each tag file must have a unique name (where the name does -# NOT include the path). If a tag file is not located in the directory in which -# doxygen is run, you must also specify the path to the tagfile here. - -TAGFILES = - -# When a file name is specified after GENERATE_TAGFILE, doxygen will create -# a tag file that is based on the input files it reads. - -GENERATE_TAGFILE = - -# If the ALLEXTERNALS tag is set to YES all external classes will be listed -# in the class index. If set to NO only the inherited external classes -# will be listed. - -ALLEXTERNALS = NO - -# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed -# in the modules index. If set to NO, only the current project's groups will -# be listed. - -EXTERNAL_GROUPS = YES - -# If the EXTERNAL_PAGES tag is set to YES all external pages will be listed -# in the related pages index. If set to NO, only the current project's -# pages will be listed. - -EXTERNAL_PAGES = YES - -# The PERL_PATH should be the absolute path and name of the perl script -# interpreter (i.e. the result of `which perl'). - -PERL_PATH = /usr/bin/perl - -#--------------------------------------------------------------------------- -# Configuration options related to the dot tool -#--------------------------------------------------------------------------- - -# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will -# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base -# or super classes. Setting the tag to NO turns the diagrams off. Note that -# this option also works with HAVE_DOT disabled, but it is recommended to -# install and use dot, since it yields more powerful graphs. - CLASS_DIAGRAMS = NO - -# You can define message sequence charts within doxygen comments using the \msc -# command. Doxygen will then run the mscgen tool (see -# http://www.mcternan.me.uk/mscgen/) to produce the chart and insert it in the -# documentation. The MSCGEN_PATH tag allows you to specify the directory where -# the mscgen tool resides. If left empty the tool is assumed to be found in the -# default search path. - -MSCGEN_PATH = - -# If set to YES, the inheritance and collaboration graphs will hide -# inheritance and usage relations if the target is undocumented -# or is not a class. - -HIDE_UNDOC_RELATIONS = YES - -# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is -# available from the path. This tool is part of Graphviz, a graph visualization -# toolkit from AT&T and Lucent Bell Labs. The other options in this section -# have no effect if this option is set to NO (the default) - HAVE_DOT = YES - -# The DOT_NUM_THREADS specifies the number of dot invocations doxygen is -# allowed to run in parallel. When set to 0 (the default) doxygen will -# base this on the number of processors available in the system. You can set it -# explicitly to a value larger than 0 to get control over the balance -# between CPU load and processing speed. - -DOT_NUM_THREADS = 0 - -# By default doxygen will use the Helvetica font for all dot files that -# doxygen generates. When you want a differently looking font you can specify -# the font name using DOT_FONTNAME. You need to make sure dot is able to find -# the font, which can be done by putting it in a standard location or by setting -# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the -# directory containing the font. - -DOT_FONTNAME = Helvetica - -# The DOT_FONTSIZE tag can be used to set the size of the font of dot graphs. -# The default size is 10pt. - -DOT_FONTSIZE = 10 - -# By default doxygen will tell dot to use the Helvetica font. -# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to -# set the path where dot can find it. - -DOT_FONTPATH = - -# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect inheritance relations. Setting this tag to YES will force the -# CLASS_DIAGRAMS tag to NO. - -CLASS_GRAPH = YES - -# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for each documented class showing the direct and -# indirect implementation dependencies (inheritance, containment, and -# class references variables) of the class with other documented classes. - -COLLABORATION_GRAPH = YES - -# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen -# will generate a graph for groups, showing the direct groups dependencies - -GROUP_GRAPHS = YES - -# If the UML_LOOK tag is set to YES doxygen will generate inheritance and -# collaboration diagrams in a style similar to the OMG's Unified Modeling -# Language. - -UML_LOOK = NO - -# If the UML_LOOK tag is enabled, the fields and methods are shown inside -# the class node. If there are many fields or methods and many nodes the -# graph may become too big to be useful. The UML_LIMIT_NUM_FIELDS -# threshold limits the number of items for each type to make the size more -# manageable. Set this to 0 for no limit. Note that the threshold may be -# exceeded by 50% before the limit is enforced. - -UML_LIMIT_NUM_FIELDS = 10 - -# If set to YES, the inheritance and collaboration graphs will show the -# relations between templates and their instances. - -TEMPLATE_RELATIONS = NO - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT -# tags are set to YES then doxygen will generate a graph for each documented -# file showing the direct and indirect include dependencies of the file with -# other documented files. - -INCLUDE_GRAPH = YES - -# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and -# HAVE_DOT tags are set to YES then doxygen will generate a graph for each -# documented header file showing the documented files that directly or -# indirectly include this file. - -INCLUDED_BY_GRAPH = YES - -# If the CALL_GRAPH and HAVE_DOT options are set to YES then -# doxygen will generate a call dependency graph for every global function -# or class method. Note that enabling this option will significantly increase -# the time of a run. So in most cases it will be better to enable call graphs -# for selected functions only using the \callgraph command. - -CALL_GRAPH = NO - -# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then -# doxygen will generate a caller dependency graph for every global function -# or class method. Note that enabling this option will significantly increase -# the time of a run. So in most cases it will be better to enable caller -# graphs for selected functions only using the \callergraph command. - -CALLER_GRAPH = NO - -# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen -# will generate a graphical hierarchy of all classes instead of a textual one. - -GRAPHICAL_HIERARCHY = YES - -# If the DIRECTORY_GRAPH and HAVE_DOT tags are set to YES -# then doxygen will show the dependencies a directory has on other directories -# in a graphical way. The dependency relations are determined by the #include -# relations between the files in the directories. - -DIRECTORY_GRAPH = YES - -# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images -# generated by dot. Possible values are svg, png, jpg, or gif. -# If left blank png will be used. If you choose svg you need to set -# HTML_FILE_EXTENSION to xhtml in order to make the SVG files -# visible in IE 9+ (other browsers do not have this requirement). - -DOT_IMAGE_FORMAT = png - -# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to -# enable generation of interactive SVG images that allow zooming and panning. -# Note that this requires a modern browser other than Internet Explorer. -# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you -# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files -# visible. Older versions of IE do not have SVG support. - -INTERACTIVE_SVG = NO - -# The tag DOT_PATH can be used to specify the path where the dot tool can be -# found. If left blank, it is assumed the dot tool can be found in the path. - -DOT_PATH = - -# The DOTFILE_DIRS tag can be used to specify one or more directories that -# contain dot files that are included in the documentation (see the -# \dotfile command). - -DOTFILE_DIRS = - -# The MSCFILE_DIRS tag can be used to specify one or more directories that -# contain msc files that are included in the documentation (see the -# \mscfile command). - -MSCFILE_DIRS = - -# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of -# nodes that will be shown in the graph. If the number of nodes in a graph -# becomes larger than this value, doxygen will truncate the graph, which is -# visualized by representing a node as a red box. Note that doxygen if the -# number of direct children of the root node in a graph is already larger than -# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note -# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH. - DOT_GRAPH_MAX_NODES = 200 - -# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the -# graphs generated by dot. A depth value of 3 means that only nodes reachable -# from the root by following a path via at most 3 edges will be shown. Nodes -# that lay further from the root node will be omitted. Note that setting this -# option to 1 or 2 may greatly reduce the computation time needed for large -# code bases. Also note that the size of a graph can be further restricted by -# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction. - MAX_DOT_GRAPH_DEPTH = 1000 - -# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent -# background. This is disabled by default, because dot on Windows does not -# seem to support this out of the box. Warning: Depending on the platform used, -# enabling this option may lead to badly anti-aliased labels on the edges of -# a graph (i.e. they become hard to read). - DOT_TRANSPARENT = YES -# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output -# files in one run (i.e. multiple -o and -T options on the command line). This -# makes dot run faster, but since only newer versions of dot (>1.8.10) -# support this, this feature is disabled by default. - -DOT_MULTI_TARGETS = NO - -# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will -# generate a legend page explaining the meaning of the various boxes and -# arrows in the dot generated graphs. - -GENERATE_LEGEND = YES - -# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will -# remove the intermediate dot files that are used to generate -# the various graphs. +# We mostly use \retval declarations to document which error codes a function +# can return. The reader can follow the hyperlink to the definition of the +# constant to get the generic documentation of that error code. If we don't +# have anything to say about the specific error code for the specific +# function, we can leave the description part of the \retval command blank. +# This is perfectly valid as far as Doxygen is concerned. However, with +# Clang >=15, the -Wdocumentation option emits a warning for empty +# descriptions. +# https://github.com/Mbed-TLS/mbedtls/issues/6960 +# https://github.com/llvm/llvm-project/issues/60315 +# As a workaround, you can write something like +# \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription +# This avoids writing redundant text and keeps Clang happy. +ALIASES += emptydescription="" + +# Define away Mbed TLS macros that make parsing definitions difficult. +# MBEDTLS_DEPRECATED is not included in this list as it's important to +# display deprecated status in the documentation. +PREDEFINED = "MBEDTLS_CHECK_RETURN_CRITICAL=" \ + "MBEDTLS_CHECK_RETURN_TYPICAL=" \ + "MBEDTLS_CHECK_RETURN_OPTIONAL=" \ + "MBEDTLS_PRINTF_ATTRIBUTE(a,b)=" \ + "__DOXYGEN__" \ -DOT_CLEANUP = YES diff --git a/third_party/mbedtls/repo/include/CMakeLists.txt b/third_party/mbedtls/repo/include/CMakeLists.txt index 62c0f620afb..11b417bd333 100644 --- a/third_party/mbedtls/repo/include/CMakeLists.txt +++ b/third_party/mbedtls/repo/include/CMakeLists.txt @@ -1,4 +1,4 @@ -option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON) +option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) diff --git a/third_party/mbedtls/repo/include/mbedtls/aes.h b/third_party/mbedtls/repo/include/mbedtls/aes.h index e280dbb1c66..2623a42fed6 100644 --- a/third_party/mbedtls/repo/include/mbedtls/aes.h +++ b/third_party/mbedtls/repo/include/mbedtls/aes.h @@ -22,19 +22,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AES_H @@ -72,7 +60,7 @@ /** AES hardware accelerator failed. */ #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -88,8 +76,7 @@ extern "C" { /** * \brief The AES context-type definition. */ -typedef struct mbedtls_aes_context -{ +typedef struct mbedtls_aes_context { int nr; /*!< The number of rounds. */ uint32_t *rk; /*!< AES round keys. */ uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can @@ -107,8 +94,7 @@ mbedtls_aes_context; /** * \brief The AES XTS context-type definition. */ -typedef struct mbedtls_aes_xts_context -{ +typedef struct mbedtls_aes_xts_context { mbedtls_aes_context crypt; /*!< The AES context to use for AES block encryption or decryption. */ mbedtls_aes_context tweak; /*!< The AES context used for tweak @@ -128,7 +114,7 @@ typedef struct mbedtls_aes_xts_context * * \param ctx The AES context to initialize. This must not be \c NULL. */ -void mbedtls_aes_init( mbedtls_aes_context *ctx ); +void mbedtls_aes_init(mbedtls_aes_context *ctx); /** * \brief This function releases and clears the specified AES context. @@ -137,7 +123,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx ); * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_free( mbedtls_aes_context *ctx ); +void mbedtls_aes_free(mbedtls_aes_context *ctx); #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -148,7 +134,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ); * * \param ctx The AES XTS context to initialize. This must not be \c NULL. */ -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); +void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx); /** * \brief This function releases and clears the specified AES XTS context. @@ -157,7 +143,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); * If this is \c NULL, this function does nothing. * Otherwise, the context must have been at least initialized. */ -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); +void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx); #endif /* MBEDTLS_CIPHER_MODE_XTS */ /** @@ -176,8 +162,8 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits); /** * \brief This function sets the decryption key. @@ -195,8 +181,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits); #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -216,9 +202,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function prepares an XTS context for decryption and @@ -237,9 +223,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits); #endif /* MBEDTLS_CIPHER_MODE_XTS */ /** @@ -266,10 +252,10 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -314,12 +300,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, * on failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -359,12 +345,12 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, * length is larger than 2^20 blocks (16 MiB). */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, + int mode, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -408,13 +394,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an AES-CFB8 encryption or decryption @@ -453,12 +439,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /*MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) @@ -508,12 +494,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -564,7 +550,7 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, * for example, with 96-bit random nonces, you should not encrypt * more than 2**32 messages with the same key. * - * Note that for both stategies, sizes are measured in blocks and + * Note that for both strategies, sizes are measured in blocks and * that an AES block is 16 bytes. * * \warning Upon return, \p stream_block contains sensitive data. Its @@ -591,13 +577,13 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ /** @@ -612,9 +598,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal AES block decryption function. This is only @@ -628,9 +614,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, * \return \c 0 on success. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -648,9 +634,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, * \param input Plaintext block. * \param output Output (ciphertext) block. */ -MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Deprecated internal AES block decryption function @@ -662,9 +648,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, * \param input Ciphertext block. * \param output Output (plaintext) block. */ -MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -678,7 +664,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, * \return \c 1 on failure. */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_aes_self_test( int verbose ); +int mbedtls_aes_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/aesni.h b/third_party/mbedtls/repo/include/mbedtls/aesni.h index c1d22f59af3..b636c100ae0 100644 --- a/third_party/mbedtls/repo/include/mbedtls/aesni.h +++ b/third_party/mbedtls/repo/include/mbedtls/aesni.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H @@ -36,13 +24,57 @@ #define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_CLMUL 0x00000002u -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ - ( defined(__amd64__) || defined(__x86_64__) ) && \ - ! defined(MBEDTLS_HAVE_X86_64) +#if !defined(MBEDTLS_HAVE_X86_64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + defined(_M_X64) || defined(_M_AMD64)) && \ + !defined(_M_ARM64EC) #define MBEDTLS_HAVE_X86_64 #endif -#if defined(MBEDTLS_HAVE_X86_64) +#if !defined(MBEDTLS_HAVE_X86) && \ + (defined(__i386__) || defined(_M_IX86)) +#define MBEDTLS_HAVE_X86 +#endif + +#if defined(MBEDTLS_AESNI_C) && \ + (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86)) + +/* Can we do AESNI with intrinsics? + * (Only implemented with certain compilers, only for certain targets.) + * + * NOTE: MBEDTLS_AESNI_HAVE_INTRINSICS and MBEDTLS_AESNI_HAVE_CODE are internal + * macros that may change in future releases. + */ +#undef MBEDTLS_AESNI_HAVE_INTRINSICS +#if defined(_MSC_VER) +/* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support + * VS 2013 and up for other reasons anyway, so no need to check the version. */ +#define MBEDTLS_AESNI_HAVE_INTRINSICS +#endif +/* GCC-like compilers: currently, we only support intrinsics if the requisite + * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2` + * or `clang -maes -mpclmul`). */ +#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__) +#define MBEDTLS_AESNI_HAVE_INTRINSICS +#endif + +/* Choose the implementation of AESNI, if one is available. */ +#undef MBEDTLS_AESNI_HAVE_CODE +/* To minimize disruption when releasing the intrinsics-based implementation, + * favor the assembly-based implementation if it's available. We intend to + * revise this in a later release of Mbed TLS 3.x. In the long run, we will + * likely remove the assembly implementation. */ +#if defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64) +/* Can we do AESNI with inline assembly? + * (Only implemented with gas syntax, only for 64-bit.) + */ +#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly +#elif defined(MBEDTLS_AESNI_HAVE_INTRINSICS) +#define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics +#endif + +#if defined(MBEDTLS_AESNI_HAVE_CODE) #ifdef __cplusplus extern "C" { @@ -59,7 +91,7 @@ extern "C" { * * \return 1 if CPU has support for the feature, 0 otherwise */ -int mbedtls_aesni_has_support( unsigned int what ); +int mbedtls_aesni_has_support(unsigned int what); /** * \brief Internal AES-NI AES-ECB block encryption and decryption @@ -74,10 +106,10 @@ int mbedtls_aesni_has_support( unsigned int what ); * * \return 0 on success (cannot fail) */ -int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal GCM multiplication: c = a * b in GF(2^128) @@ -92,9 +124,9 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, * \note Both operands and result are bit strings interpreted as * elements of GF(2^128) as per the GCM spec. */ -void mbedtls_aesni_gcm_mult( unsigned char c[16], - const unsigned char a[16], - const unsigned char b[16] ); +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]); /** * \brief Internal round key inversion. This function computes @@ -107,9 +139,9 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], * \param fwdkey Original round keys (for encryption) * \param nr Number of rounds (that is, number of round keys minus one) */ -void mbedtls_aesni_inverse_key( unsigned char *invkey, - const unsigned char *fwdkey, - int nr ); +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, + int nr); /** * \brief Internal key expansion for encryption @@ -123,14 +155,15 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey, * * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ -int mbedtls_aesni_setkey_enc( unsigned char *rk, - const unsigned char *key, - size_t bits ); +int mbedtls_aesni_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits); #ifdef __cplusplus } #endif -#endif /* MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ +#endif /* MBEDTLS_AESNI_C && (MBEDTLS_HAVE_X86_64 || MBEDTLS_HAVE_X86) */ #endif /* MBEDTLS_AESNI_H */ diff --git a/third_party/mbedtls/repo/include/mbedtls/arc4.h b/third_party/mbedtls/repo/include/mbedtls/arc4.h index f4b0f9f3508..1f813aa6bb6 100644 --- a/third_party/mbedtls/repo/include/mbedtls/arc4.h +++ b/third_party/mbedtls/repo/include/mbedtls/arc4.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_ARC4_H @@ -53,8 +41,7 @@ extern "C" { * security risk. We recommend considering stronger ciphers instead. * */ -typedef struct mbedtls_arc4_context -{ +typedef struct mbedtls_arc4_context { int x; /*!< permutation index */ int y; /*!< permutation index */ unsigned char m[256]; /*!< permutation table */ @@ -75,7 +62,7 @@ mbedtls_arc4_context; * instead. * */ -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); +void mbedtls_arc4_init(mbedtls_arc4_context *ctx); /** * \brief Clear ARC4 context @@ -87,7 +74,7 @@ void mbedtls_arc4_init( mbedtls_arc4_context *ctx ); * instead. * */ -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); +void mbedtls_arc4_free(mbedtls_arc4_context *ctx); /** * \brief ARC4 key schedule @@ -101,8 +88,8 @@ void mbedtls_arc4_free( mbedtls_arc4_context *ctx ); * instead. * */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ); +void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key, + unsigned int keylen); /** * \brief ARC4 cipher function @@ -119,8 +106,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, * instead. * */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ); +int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) @@ -134,7 +121,7 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned * instead. * */ -int mbedtls_arc4_self_test( int verbose ); +int mbedtls_arc4_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/aria.h b/third_party/mbedtls/repo/include/mbedtls/aria.h index 226e2dbf3c8..e360aa64c1e 100644 --- a/third_party/mbedtls/repo/include/mbedtls/aria.h +++ b/third_party/mbedtls/repo/include/mbedtls/aria.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ARIA_H @@ -44,11 +32,11 @@ #define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */ #define MBEDTLS_ARIA_BLOCKSIZE 16 /**< ARIA block size in bytes. */ -#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */ +#define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maximum number of rounds in ARIA. */ #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C ) +#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x005C) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C @@ -76,8 +64,7 @@ extern "C" { /** * \brief The ARIA context-type definition. */ -typedef struct mbedtls_aria_context -{ +typedef struct mbedtls_aria_context { unsigned char nr; /*!< The number of rounds (12, 14 or 16) */ /*! The ARIA round keys. */ uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4]; @@ -96,7 +83,7 @@ mbedtls_aria_context; * * \param ctx The ARIA context to initialize. This must not be \c NULL. */ -void mbedtls_aria_init( mbedtls_aria_context *ctx ); +void mbedtls_aria_init(mbedtls_aria_context *ctx); /** * \brief This function releases and clears the specified ARIA context. @@ -105,7 +92,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx ); * case this function returns immediately. If it is not \c NULL, * it must point to an initialized ARIA context. */ -void mbedtls_aria_free( mbedtls_aria_context *ctx ); +void mbedtls_aria_free(mbedtls_aria_context *ctx); /** * \brief This function sets the encryption key. @@ -122,9 +109,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function sets the decryption key. @@ -141,9 +128,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief This function performs an ARIA single-block encryption or @@ -165,9 +152,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, - const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ); +int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, + const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -211,12 +198,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -261,13 +248,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -275,10 +262,6 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, * \brief This function performs an ARIA-CTR encryption or decryption * operation. * - * This function performs the operation defined in the \p mode - * parameter (encrypt/decrypt), on the input data buffer - * defined in the \p input parameter. - * * Due to the nature of CTR, you must use the same key schedule * for both encryption and decryption operations. Therefore, you * must use the context initialized with mbedtls_aria_setkey_enc() @@ -321,7 +304,7 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, * for example, with 96-bit random nonces, you should not encrypt * more than 2**32 messages with the same key. * - * Note that for both stategies, sizes are measured in blocks and + * Note that for both strategies, sizes are measured in blocks and * that an ARIA block is 16 bytes. * * \warning Upon return, \p stream_block contains sensitive data. Its @@ -348,13 +331,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_SELF_TEST) @@ -363,7 +346,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, * * \return \c 0 on success, or \c 1 on failure. */ -int mbedtls_aria_self_test( int verbose ); +int mbedtls_aria_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/asn1.h b/third_party/mbedtls/repo/include/mbedtls/asn1.h index 10f7905b7e6..c676fd3662c 100644 --- a/third_party/mbedtls/repo/include/mbedtls/asn1.h +++ b/third_party/mbedtls/repo/include/mbedtls/asn1.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_H #define MBEDTLS_ASN1_H @@ -61,7 +49,7 @@ /** Buffer too small when writing ASN.1 data structure. */ #define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C -/* \} name */ +/** \} name ASN1 Error codes */ /** * \name DER constants @@ -97,15 +85,15 @@ /* Slightly smaller way to check if tag is a string tag * compared to canonical implementation. */ -#define MBEDTLS_ASN1_IS_STRING_TAG( tag ) \ - ( ( tag ) < 32u && ( \ - ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING ) | \ - ( 1u << MBEDTLS_ASN1_UTF8_STRING ) | \ - ( 1u << MBEDTLS_ASN1_T61_STRING ) | \ - ( 1u << MBEDTLS_ASN1_IA5_STRING ) | \ - ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) | \ - ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) | \ - ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) ) +#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ + ((tag) < 32u && ( \ + ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \ + (1u << MBEDTLS_ASN1_UTF8_STRING) | \ + (1u << MBEDTLS_ASN1_T61_STRING) | \ + (1u << MBEDTLS_ASN1_IA5_STRING) | \ + (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ + (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \ + (1u << MBEDTLS_ASN1_BIT_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in @@ -121,8 +109,7 @@ #define MBEDTLS_ASN1_TAG_PC_MASK 0x20 #define MBEDTLS_ASN1_TAG_VALUE_MASK 0x1F -/* \} name */ -/* \} addtogroup asn1_module */ +/** \} name DER constants */ /** Returns the size of the binary string, without the trailing \\0 */ #define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1) @@ -134,12 +121,12 @@ * 'unsigned char *oid' here! */ #define MBEDTLS_OID_CMP(oid_str, oid_buf) \ - ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \ - memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) + ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) || \ + memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0) #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len) \ - ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) || \ - memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 ) + ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) || \ + memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0) #ifdef __cplusplus extern "C" { @@ -153,8 +140,7 @@ extern "C" { /** * Type-length-value structure that allows for ASN1 using DER. */ -typedef struct mbedtls_asn1_buf -{ +typedef struct mbedtls_asn1_buf { int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */ size_t len; /**< ASN1 length, in octets. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ @@ -164,8 +150,7 @@ mbedtls_asn1_buf; /** * Container for ASN1 bit strings. */ -typedef struct mbedtls_asn1_bitstring -{ +typedef struct mbedtls_asn1_bitstring { size_t len; /**< ASN1 length, in octets. */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char *p; /**< Raw ASN1 data for the bit string */ @@ -175,8 +160,7 @@ mbedtls_asn1_bitstring; /** * Container for a sequence of ASN.1 items */ -typedef struct mbedtls_asn1_sequence -{ +typedef struct mbedtls_asn1_sequence { mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ struct mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */ } @@ -185,8 +169,7 @@ mbedtls_asn1_sequence; /** * Container for a sequence or list of 'named' ASN.1 data items */ -typedef struct mbedtls_asn1_named_data -{ +typedef struct mbedtls_asn1_named_data { mbedtls_asn1_buf oid; /**< The object identifier. */ mbedtls_asn1_buf val; /**< The named value. */ struct mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */ @@ -210,11 +193,11 @@ mbedtls_asn1_named_data; * \return 0 if successful. * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element * would end beyond \p end. - * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. */ -int mbedtls_asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ); +int mbedtls_asn1_get_len(unsigned char **p, + const unsigned char *end, + size_t *len); /** * \brief Get the tag and length of the element. @@ -235,11 +218,11 @@ int mbedtls_asn1_get_len( unsigned char **p, * with the requested tag. * \return #MBEDTLS_ERR_ASN1_OUT_OF_DATA if the ASN.1 element * would end beyond \p end. - * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparseable. + * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable. */ -int mbedtls_asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ); +int mbedtls_asn1_get_tag(unsigned char **p, + const unsigned char *end, + size_t *len, int tag); /** * \brief Retrieve a boolean ASN.1 tag and its value. @@ -256,9 +239,9 @@ int mbedtls_asn1_get_tag( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BOOLEAN. */ -int mbedtls_asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_bool(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve an integer ASN.1 tag and its value. @@ -277,9 +260,9 @@ int mbedtls_asn1_get_bool( unsigned char **p, * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. */ -int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_int(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve an enumerated ASN.1 tag and its value. @@ -298,9 +281,9 @@ int mbedtls_asn1_get_int( unsigned char **p, * \return #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does * not fit in an \c int. */ -int mbedtls_asn1_get_enum( unsigned char **p, - const unsigned char *end, - int *val ); +int mbedtls_asn1_get_enum(unsigned char **p, + const unsigned char *end, + int *val); /** * \brief Retrieve a bitstring ASN.1 tag and its value. @@ -319,8 +302,8 @@ int mbedtls_asn1_get_enum( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BIT STRING. */ -int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, - mbedtls_asn1_bitstring *bs ); +int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs); /** * \brief Retrieve a bitstring ASN.1 tag without unused bits and its @@ -340,9 +323,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 BIT STRING. */ -int mbedtls_asn1_get_bitstring_null( unsigned char **p, - const unsigned char *end, - size_t *len ); +int mbedtls_asn1_get_bitstring_null(unsigned char **p, + const unsigned char *end, + size_t *len); /** * \brief Parses and splits an ASN.1 "SEQUENCE OF ". @@ -391,10 +374,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p, * \return An ASN.1 error code if the input does not start with * a valid ASN.1 SEQUENCE. */ -int mbedtls_asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_sequence *cur, - int tag ); +int mbedtls_asn1_get_sequence_of(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_sequence *cur, + int tag); /** * \brief Free a heap-allocated linked list presentation of * an ASN.1 sequence, including the first element. @@ -416,7 +399,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, * be \c NULL, in which case this functions returns * immediately. */ -void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); +void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq); /** * \brief Traverse an ASN.1 SEQUENCE container and @@ -458,7 +441,7 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); * on a successful invocation. * \param end The end of the ASN.1 SEQUENCE container. * \param tag_must_mask A mask to be applied to the ASN.1 tags found within - * the SEQUENCE before comparing to \p tag_must_value. + * the SEQUENCE before comparing to \p tag_must_val. * \param tag_must_val The required value of each ASN.1 tag found in the * SEQUENCE, after masking with \p tag_must_mask. * Mismatching tags lead to an error. @@ -467,7 +450,7 @@ void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ); * while a value of \c 0xFF for \p tag_must_mask means * that \p tag_must_val is the only allowed tag. * \param tag_may_mask A mask to be applied to the ASN.1 tags found within - * the SEQUENCE before comparing to \p tag_may_value. + * the SEQUENCE before comparing to \p tag_may_val. * \param tag_may_val The desired value of each ASN.1 tag found in the * SEQUENCE, after masking with \p tag_may_mask. * Mismatching tags will be silently ignored. @@ -508,9 +491,9 @@ int mbedtls_asn1_traverse_sequence_of( const unsigned char *end, unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_may_mask, unsigned char tag_may_val, - int (*cb)( void *ctx, int tag, - unsigned char* start, size_t len ), - void *ctx ); + int (*cb)(void *ctx, int tag, + unsigned char *start, size_t len), + void *ctx); #if defined(MBEDTLS_BIGNUM_C) /** @@ -531,9 +514,9 @@ int mbedtls_asn1_traverse_sequence_of( * not fit in an \c int. * \return An MPI error code if the parsed value is too large. */ -int mbedtls_asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ); +int mbedtls_asn1_get_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X); #endif /* MBEDTLS_BIGNUM_C */ /** @@ -552,9 +535,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int mbedtls_asn1_get_alg( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ); +int mbedtls_asn1_get_alg(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params); /** * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no @@ -571,9 +554,9 @@ int mbedtls_asn1_get_alg( unsigned char **p, * * \return 0 if successful or a specific ASN.1 or MPI error code. */ -int mbedtls_asn1_get_alg_null( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg ); +int mbedtls_asn1_get_alg_null(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg); /** * \brief Find a specific named_data entry in a sequence or list based on @@ -585,8 +568,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p, * * \return NULL if not found, or a pointer to the existing entry. */ -mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, - const char *oid, size_t len ); +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list, + const char *oid, size_t len); /** * \brief Free a mbedtls_asn1_named_data entry @@ -595,7 +578,7 @@ mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data * * This function calls mbedtls_free() on * `entry->oid.p` and `entry->val.p`. */ -void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); +void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry); /** * \brief Free all entries in a mbedtls_asn1_named_data list. @@ -605,7 +588,10 @@ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry ); * mbedtls_free() on each list element and * sets \c *head to \c NULL. */ -void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ); +void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head); + +/** \} name Functions to parse ASN.1 data structures */ +/** \} addtogroup asn1_module */ #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/asn1write.h b/third_party/mbedtls/repo/include/mbedtls/asn1write.h index 44afae0e560..a12bf039bef 100644 --- a/third_party/mbedtls/repo/include/mbedtls/asn1write.h +++ b/third_party/mbedtls/repo/include/mbedtls/asn1write.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H @@ -33,11 +21,11 @@ #define MBEDTLS_ASN1_CHK_ADD(g, f) \ do \ { \ - if( ( ret = (f) ) < 0 ) \ - return( ret ); \ + if ((ret = (f)) < 0) \ + return ret; \ else \ - (g) += ret; \ - } while( 0 ) + (g) += ret; \ + } while (0) #ifdef __cplusplus extern "C" { @@ -55,8 +43,8 @@ extern "C" { * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, - size_t len ); +int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, + size_t len); /** * \brief Write an ASN.1 tag in ASN.1 format. * @@ -69,8 +57,8 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, - unsigned char tag ); +int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, + unsigned char tag); /** * \brief Write raw buffer data. @@ -85,12 +73,12 @@ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); +int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size); #if defined(MBEDTLS_BIGNUM_C) /** - * \brief Write a arbitrary-precision number (#MBEDTLS_ASN1_INTEGER) + * \brief Write an arbitrary-precision number (#MBEDTLS_ASN1_INTEGER) * in ASN.1 format. * * \note This function works backwards in data buffer. @@ -103,8 +91,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, - const mbedtls_mpi *X ); +int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, + const mbedtls_mpi *X); #endif /* MBEDTLS_BIGNUM_C */ /** @@ -119,7 +107,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); +int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start); /** * \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data @@ -135,8 +123,8 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len ); +int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len); /** * \brief Write an AlgorithmIdentifier sequence in ASN.1 format. @@ -153,10 +141,31 @@ int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, - unsigned char *start, - const char *oid, size_t oid_len, - size_t par_len ); +int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, + unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len); + +/** + * \brief Write an AlgorithmIdentifier sequence in ASN.1 format. + * + * \note This function works backwards in data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param oid The OID of the algorithm to write. + * \param oid_len The length of the algorithm's OID. + * \param par_len The length of the parameters, which must be already written. + * \param has_par If there are any parameters. If 0, par_len must be 0. If 1 + * and \p par_len is 0, NULL parameters are added. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. + */ +int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p, + unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len, int has_par); /** * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value @@ -171,8 +180,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, - int boolean ); +int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, + int boolean); /** * \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value @@ -188,7 +197,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); +int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val); /** * \brief Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value @@ -203,7 +212,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); * \return The number of bytes written to \p p on success. * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ); +int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val); /** * \brief Write a string in ASN.1 format using a specific @@ -222,9 +231,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ); * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, - int tag, const char *text, - size_t text_len ); +int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, + int tag, const char *text, + size_t text_len); /** * \brief Write a string in ASN.1 format using the PrintableString @@ -241,9 +250,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_printable_string( unsigned char **p, - unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_printable_string(unsigned char **p, + unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a UTF8 string in ASN.1 format using the UTF8String @@ -260,8 +269,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a string in ASN.1 format using the IA5String @@ -278,8 +287,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len); /** * \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and @@ -295,8 +304,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ); +int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits); /** * \brief This function writes a named bitstring tag @@ -315,10 +324,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_named_bitstring( unsigned char **p, - unsigned char *start, - const unsigned char *buf, - size_t bits ); +int mbedtls_asn1_write_named_bitstring(unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits); /** * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) @@ -334,8 +343,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p, * \return The number of bytes written to \p p on success. * \return A negative error code on failure. */ -int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); +int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size); /** * \brief Create or find a specific named_data entry for writing in a @@ -358,10 +367,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, * \return A pointer to the new / existing entry on success. * \return \c NULL if if there was a memory allocation error. */ -mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, - const char *oid, size_t oid_len, - const unsigned char *val, - size_t val_len ); +mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list, + const char *oid, size_t oid_len, + const unsigned char *val, + size_t val_len); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/base64.h b/third_party/mbedtls/repo/include/mbedtls/base64.h index cf4149e731d..cc460471daf 100644 --- a/third_party/mbedtls/repo/include/mbedtls/base64.h +++ b/third_party/mbedtls/repo/include/mbedtls/base64.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H @@ -58,8 +46,8 @@ extern "C" { * \note Call this function with dlen = 0 to obtain the * required buffer size in *olen */ -int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ); +int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen); /** * \brief Decode a base64-formatted buffer @@ -78,8 +66,8 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, * \note Call this function with *dst = NULL or dlen = 0 to obtain * the required buffer size in *olen */ -int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ); +int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen); #if defined(MBEDTLS_SELF_TEST) /** @@ -87,7 +75,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_base64_self_test( int verbose ); +int mbedtls_base64_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/bignum.h b/third_party/mbedtls/repo/include/mbedtls/bignum.h index 9d2cff3275a..fb0ca15ffcc 100644 --- a/third_party/mbedtls/repo/include/mbedtls/bignum.h +++ b/third_party/mbedtls/repo/include/mbedtls/bignum.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_H #define MBEDTLS_BIGNUM_H @@ -55,9 +43,9 @@ #define MBEDTLS_MPI_CHK(f) \ do \ { \ - if( ( ret = (f) ) != 0 ) \ - goto cleanup; \ - } while( 0 ) + if ((ret = (f)) != 0) \ + goto cleanup; \ + } while (0) /* * Maximum size MPIs are allowed to grow to in number of limbs. @@ -66,7 +54,7 @@ #if !defined(MBEDTLS_MPI_WINDOW_SIZE) /* - * Maximum window size used for modular exponentiation. Default: 6 + * Maximum window size used for modular exponentiation. Default: 2 * Minimum value: 1. Maximum value: 6. * * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used @@ -74,7 +62,7 @@ * * Reduction in size, reduces speed. */ -#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */ +#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ #endif /* !MBEDTLS_MPI_WINDOW_SIZE */ #if !defined(MBEDTLS_MPI_MAX_SIZE) @@ -88,7 +76,7 @@ #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ #endif /* !MBEDTLS_MPI_MAX_SIZE */ -#define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ +#define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */ /* * When reading from files with mbedtls_mpi_read_file() and writing to files with @@ -108,9 +96,11 @@ * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + * LabelSize + 6 */ -#define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS ) +#define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS) #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 -#define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) +#define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \ + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \ + MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6) /* * Define the base integer type, architecture-wise. @@ -124,64 +114,78 @@ */ #if !defined(MBEDTLS_HAVE_INT32) #if defined(_MSC_VER) && defined(_M_AMD64) - /* Always choose 64-bit when using MSC */ +/* Always choose 64-bit when using MSC */ #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* !MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #elif defined(__GNUC__) && ( \ - defined(__amd64__) || defined(__x86_64__) || \ - defined(__ppc64__) || defined(__powerpc64__) || \ - defined(__ia64__) || defined(__alpha__) || \ - ( defined(__sparc__) && defined(__arch64__) ) || \ - defined(__s390x__) || defined(__mips64) || \ - defined(__aarch64__) ) + defined(__amd64__) || defined(__x86_64__) || \ + defined(__ppc64__) || defined(__powerpc64__) || \ + defined(__ia64__) || defined(__alpha__) || \ + (defined(__sparc__) && defined(__arch64__)) || \ + defined(__s390x__) || defined(__mips64) || \ + defined(__aarch64__)) #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - /* mbedtls_t_udbl defined as 128-bit unsigned int */ - typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); +/* mbedtls_t_udbl defined as 128-bit unsigned int */ +typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #elif defined(__ARMCC_VERSION) && defined(__aarch64__) - /* - * __ARMCC_VERSION is defined for both armcc and armclang and - * __aarch64__ is only defined by armclang when compiling 64-bit code - */ +/* + * __ARMCC_VERSION is defined for both armcc and armclang and + * __aarch64__ is only defined by armclang when compiling 64-bit code + */ #if !defined(MBEDTLS_HAVE_INT64) #define MBEDTLS_HAVE_INT64 #endif /* !MBEDTLS_HAVE_INT64 */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - /* mbedtls_t_udbl defined as 128-bit unsigned int */ - typedef __uint128_t mbedtls_t_udbl; +/* mbedtls_t_udbl defined as 128-bit unsigned int */ +typedef __uint128_t mbedtls_t_udbl; #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #elif defined(MBEDTLS_HAVE_INT64) - /* Force 64-bit integers with unknown compiler */ - typedef int64_t mbedtls_mpi_sint; - typedef uint64_t mbedtls_mpi_uint; +/* Force 64-bit integers with unknown compiler */ +typedef int64_t mbedtls_mpi_sint; +typedef uint64_t mbedtls_mpi_uint; #endif #endif /* !MBEDTLS_HAVE_INT32 */ #if !defined(MBEDTLS_HAVE_INT64) - /* Default to 32-bit compilation */ +/* Default to 32-bit compilation */ #if !defined(MBEDTLS_HAVE_INT32) #define MBEDTLS_HAVE_INT32 #endif /* !MBEDTLS_HAVE_INT32 */ - typedef int32_t mbedtls_mpi_sint; - typedef uint32_t mbedtls_mpi_uint; +typedef int32_t mbedtls_mpi_sint; +typedef uint32_t mbedtls_mpi_uint; #if !defined(MBEDTLS_NO_UDBL_DIVISION) - typedef uint64_t mbedtls_t_udbl; +typedef uint64_t mbedtls_t_udbl; #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_HAVE_INT64 */ +/** \typedef mbedtls_mpi_uint + * \brief The type of machine digits in a bignum, called _limbs_. + * + * This is always an unsigned integer type with no padding bits. The size + * is platform-dependent. + */ + +/** \typedef mbedtls_mpi_sint + * \brief The signed type corresponding to #mbedtls_mpi_uint. + * + * This is always a signed integer type with no padding bits. The size + * is platform-dependent. + */ + #ifdef __cplusplus extern "C" { #endif @@ -189,11 +193,28 @@ extern "C" { /** * \brief MPI structure */ -typedef struct mbedtls_mpi -{ - int s; /*!< Sign: -1 if the mpi is negative, 1 otherwise */ - size_t n; /*!< total # of limbs */ - mbedtls_mpi_uint *p; /*!< pointer to limbs */ +typedef struct mbedtls_mpi { + /** Sign: -1 if the mpi is negative, 1 otherwise. + * + * The number 0 must be represented with `s = +1`. Although many library + * functions treat all-limbs-zero as equivalent to a valid representation + * of 0 regardless of the sign bit, there are exceptions, so bignum + * functions and external callers must always set \c s to +1 for the + * number zero. + * + * Note that this implies that calloc() or `... = {0}` does not create + * a valid MPI representation. You must call mbedtls_mpi_init(). + */ + int s; + + /** Total number of limbs in \c p. */ + size_t n; + + /** Pointer to limbs. + * + * This may be \c NULL if \c n is 0. + */ + mbedtls_mpi_uint *p; } mbedtls_mpi; @@ -205,7 +226,7 @@ mbedtls_mpi; * * \param X The MPI context to initialize. This must not be \c NULL. */ -void mbedtls_mpi_init( mbedtls_mpi *X ); +void mbedtls_mpi_init(mbedtls_mpi *X); /** * \brief This function frees the components of an MPI context. @@ -214,7 +235,7 @@ void mbedtls_mpi_init( mbedtls_mpi *X ); * in which case this function is a no-op. If it is * not \c NULL, it must point to an initialized MPI. */ -void mbedtls_mpi_free( mbedtls_mpi *X ); +void mbedtls_mpi_free(mbedtls_mpi *X); /** * \brief Enlarge an MPI to the specified number of limbs. @@ -229,7 +250,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); +int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs); /** * \brief This function resizes an MPI downwards, keeping at least the @@ -246,7 +267,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); * (this can only happen when resizing up). * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); +int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs); /** * \brief Make a copy of an MPI. @@ -261,7 +282,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Swap the contents of two MPIs. @@ -269,7 +290,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); * \param X The first MPI. It must be initialized. * \param Y The second MPI. It must be initialized. */ -void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); +void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y); /** * \brief Perform a safe conditional copy of MPI which doesn't @@ -280,7 +301,7 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); * \param Y The MPI to be assigned from. This must point to an * initialized MPI. * \param assign The condition deciding whether to perform the - * assignment or not. Possible values: + * assignment or not. Must be either 0 or 1: * * \c 1: Perform the assignment `X = Y`. * * \c 0: Keep the original value of \p X. * @@ -291,11 +312,15 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); * information through branch prediction and/or memory access * patterns analysis). * + * \warning If \p assign is neither 0 nor 1, the result of this function + * is indeterminate, and the resulting value in \p X might be + * neither its original value nor the value in \p Y. + * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); +int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign); /** * \brief Perform a safe conditional swap which doesn't @@ -303,24 +328,28 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned * * \param X The first MPI. This must be initialized. * \param Y The second MPI. This must be initialized. - * \param assign The condition deciding whether to perform - * the swap or not. Possible values: + * \param swap The condition deciding whether to perform + * the swap or not. Must be either 0 or 1: * * \c 1: Swap the values of \p X and \p Y. * * \c 0: Keep the original values of \p X and \p Y. * * \note This function is equivalent to - * if( assign ) mbedtls_mpi_swap( X, Y ); + * if( swap ) mbedtls_mpi_swap( X, Y ); * except that it avoids leaking any information about whether - * the assignment was done or not (the above code may leak + * the swap was done or not (the above code may leak * information through branch prediction and/or memory access * patterns analysis). * + * \warning If \p swap is neither 0 nor 1, the result of this function + * is indeterminate, and both \p X and \p Y might end up with + * values different to either of the original ones. + * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. * */ -int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign ); +int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap); /** * \brief Store integer value in MPI. @@ -332,7 +361,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char as * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); +int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z); /** * \brief Get a specific bit from an MPI. @@ -344,7 +373,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); * of \c X is unset or set. * \return A negative error code on failure. */ -int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); +int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos); /** * \brief Modify a specific bit in an MPI. @@ -361,7 +390,7 @@ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); +int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val); /** * \brief Return the number of bits of value \c 0 before the @@ -375,7 +404,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); * \return The number of bits of value \c 0 before the least significant * bit of value \c 1 in \p X. */ -size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); +size_t mbedtls_mpi_lsb(const mbedtls_mpi *X); /** * \brief Return the number of bits up to and including the most @@ -389,7 +418,7 @@ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); * \return The number of bits up to and including the most * significant bit of value \c 1. */ -size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); +size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X); /** * \brief Return the total size of an MPI value in bytes. @@ -404,7 +433,7 @@ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); * \return The least number of bytes capable of storing * the absolute value of \p X. */ -size_t mbedtls_mpi_size( const mbedtls_mpi *X ); +size_t mbedtls_mpi_size(const mbedtls_mpi *X); /** * \brief Import an MPI from an ASCII string. @@ -416,7 +445,7 @@ size_t mbedtls_mpi_size( const mbedtls_mpi *X ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); +int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s); /** * \brief Export an MPI to an ASCII string. @@ -440,8 +469,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); * size of \p buf required for a successful call. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, - char *buf, size_t buflen, size_t *olen ); +int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen); #if defined(MBEDTLS_FS_IO) /** @@ -465,7 +494,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, * is too small. * \return Another negative error code on failure. */ -int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); +int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin); /** * \brief Export an MPI into an opened file. @@ -482,8 +511,8 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, - int radix, FILE *fout ); +int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, + int radix, FILE *fout); #endif /* MBEDTLS_FS_IO */ /** @@ -492,14 +521,14 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, * \param X The destination MPI. This must point to an initialized MPI. * \param buf The input buffer. This must be a readable buffer of length * \p buflen Bytes. - * \param buflen The length of the input buffer \p p in Bytes. + * \param buflen The length of the input buffer \p buf in Bytes. * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, - size_t buflen ); +int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, + size_t buflen); /** * \brief Import X from unsigned binary data, little endian @@ -507,14 +536,14 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, * \param X The destination MPI. This must point to an initialized MPI. * \param buf The input buffer. This must be a readable buffer of length * \p buflen Bytes. - * \param buflen The length of the input buffer \p p in Bytes. + * \param buflen The length of the input buffer \p buf in Bytes. * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, - const unsigned char *buf, size_t buflen ); +int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, + const unsigned char *buf, size_t buflen); /** * \brief Export X into unsigned binary data, big endian. @@ -531,8 +560,8 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, * large enough to hold the value of \p X. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, - size_t buflen ); +int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, + size_t buflen); /** * \brief Export X into unsigned binary data, little endian. @@ -549,8 +578,8 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, * large enough to hold the value of \p X. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ); +int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen); /** * \brief Perform a left-shift on an MPI: X <<= count @@ -562,7 +591,7 @@ int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); +int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count); /** * \brief Perform a right-shift on an MPI: X >>= count @@ -574,7 +603,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); +int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count); /** * \brief Compare the absolute values of two MPIs. @@ -586,7 +615,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); * \return \c -1 if `|X|` is lesser than `|Y|`. * \return \c 0 if `|X|` is equal to `|Y|`. */ -int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Compare two MPIs. @@ -598,7 +627,7 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); * \return \c -1 if \p X is lesser than \p Y. * \return \c 0 if \p X is equal to \p Y. */ -int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); +int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y); /** * \brief Check if an MPI is less than the other in constant time. @@ -615,8 +644,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of * the two input MPIs is not the same. */ -int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, - unsigned *ret ); +int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y, + unsigned *ret); /** * \brief Compare an MPI with an integer. @@ -628,7 +657,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y, * \return \c -1 if \p X is lesser than \p z. * \return \c 0 if \p X is equal to \p z. */ -int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); +int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z); /** * \brief Perform an unsigned addition of MPIs: X = |A| + |B| @@ -641,8 +670,8 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| @@ -656,8 +685,8 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed addition of MPIs: X = A + B @@ -670,8 +699,8 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed subtraction of MPIs: X = A - B @@ -684,8 +713,8 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a signed addition of an MPI and an integer: X = A + b @@ -698,8 +727,8 @@ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a signed subtraction of an MPI and an integer: @@ -713,8 +742,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a multiplication of two MPIs: X = A * B @@ -728,8 +757,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a multiplication of an MPI with an unsigned integer: @@ -744,8 +773,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, - mbedtls_mpi_uint b ); +int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_uint b); /** * \brief Perform a division with remainder of two MPIs: @@ -753,11 +782,11 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, * * \param Q The destination MPI for the quotient. * This may be \c NULL if the value of the - * quotient is not needed. + * quotient is not needed. This must not alias A or B. * \param R The destination MPI for the remainder value. * This may be \c NULL if the value of the - * remainder is not needed. - * \param A The dividend. This must point to an initialized MPi. + * remainder is not needed. This must not alias A or B. + * \param A The dividend. This must point to an initialized MPI. * \param B The divisor. This must point to an initialized MPI. * * \return \c 0 if successful. @@ -765,8 +794,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a division with remainder of an MPI by an integer: @@ -774,10 +803,10 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * * \param Q The destination MPI for the quotient. * This may be \c NULL if the value of the - * quotient is not needed. + * quotient is not needed. This must not alias A. * \param R The destination MPI for the remainder value. * This may be \c NULL if the value of the - * remainder is not needed. + * remainder is not needed. This must not alias A. * \param A The dividend. This must point to an initialized MPi. * \param b The divisor. * @@ -786,8 +815,8 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a modular reduction. R = A mod B @@ -806,8 +835,8 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failure. * */ -int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Perform a modular reduction with respect to an integer. @@ -825,13 +854,14 @@ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, - mbedtls_mpi_sint b ); +int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, + mbedtls_mpi_sint b); /** * \brief Perform a sliding-window exponentiation: X = A^E mod N * * \param X The destination MPI. This must point to an initialized MPI. + * This must not alias E or N. * \param A The base of the exponentiation. * This must point to an initialized MPI. * \param E The exponent MPI. This must point to an initialized MPI. @@ -854,9 +884,9 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, * \return Another negative error code on different kinds of failures. * */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *prec_RR ); +int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *prec_RR); /** * \brief Fill an MPI with a number of random bytes. @@ -875,9 +905,9 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * as a big-endian representation of an MPI; this can * be relevant in applications like deterministic ECDSA. */ -int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Generate a random number uniformly in a range. * @@ -911,11 +941,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, * for all usual cryptographic applications. * \return Another negative error code on failure. */ -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_random(mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Compute the greatest common divisor: G = gcd(A, B) @@ -928,8 +958,8 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, - const mbedtls_mpi *B ); +int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, + const mbedtls_mpi *B); /** * \brief Compute the modular inverse: X = A^-1 mod N @@ -944,11 +974,11 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than * or equal to one. - * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse - * with respect to \p N. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular + * inverse with respect to \p N. */ -int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *N ); +int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *N); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -975,9 +1005,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return Another negative error code on other kinds of failure. */ -MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -989,7 +1019,7 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * generate yourself and that are supposed to be prime, then * \p rounds should be at least the half of the security * strength of the cryptographic algorithm. On the other hand, - * if \p X is chosen uniformly or non-adversially (as is the + * if \p X is chosen uniformly or non-adversarially (as is the * case when mbedtls_mpi_gen_prime calls this function), then * \p rounds can be much lower. * @@ -997,7 +1027,7 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * This must point to an initialized MPI. * \param rounds The number of bases to perform the Miller-Rabin primality * test for. The probability of returning 0 on a composite is - * at most 2-2*\p rounds. + * at most 2-2*\p rounds . * \param f_rng The RNG function to use. This must not be \c NULL. * \param p_rng The RNG parameter to be passed to \p f_rng. * This may be \c NULL if \p f_rng doesn't use @@ -1008,9 +1038,9 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. * \return Another negative error code on other kinds of failure. */ -int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Flags for mbedtls_mpi_gen_prime() * @@ -1041,9 +1071,9 @@ typedef enum { * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between * \c 3 and #MBEDTLS_MPI_MAX_BITS. */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_SELF_TEST) @@ -1052,7 +1082,7 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_mpi_self_test( int verbose ); +int mbedtls_mpi_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/blowfish.h b/third_party/mbedtls/repo/include/mbedtls/blowfish.h index 77dca70d314..7979670b7ae 100644 --- a/third_party/mbedtls/repo/include/mbedtls/blowfish.h +++ b/third_party/mbedtls/repo/include/mbedtls/blowfish.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BLOWFISH_H #define MBEDTLS_BLOWFISH_H @@ -41,7 +29,7 @@ #define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 ) +#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0016) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 @@ -65,8 +53,7 @@ extern "C" { /** * \brief Blowfish context structure */ -typedef struct mbedtls_blowfish_context -{ +typedef struct mbedtls_blowfish_context { uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ uint32_t S[4][256]; /*!< key dependent S-boxes */ } @@ -82,7 +69,7 @@ mbedtls_blowfish_context; * \param ctx The Blowfish context to be initialized. * This must not be \c NULL. */ -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); +void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx); /** * \brief Clear a Blowfish context. @@ -92,7 +79,7 @@ void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); * returns immediately. If it is not \c NULL, it must * point to an initialized Blowfish context. */ -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); +void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx); /** * \brief Perform a Blowfish key schedule operation. @@ -106,8 +93,8 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, const unsigned char *key, + unsigned int keybits); /** * \brief Perform a Blowfish-ECB block encryption/decryption operation. @@ -125,10 +112,10 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ); +int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx, + int mode, + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -159,12 +146,12 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -185,7 +172,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or * #MBEDTLS_BLOWFISH_DECRYPT for decryption. * \param length The length of the input data in Bytes. - * \param iv_off The offset in the initialiation vector. + * \param iv_off The offset in the initialization vector. * The value pointed to must be smaller than \c 8 Bytes. * It is updated by this function to support the aforementioned * streaming usage. @@ -199,13 +186,13 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /*MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -246,7 +233,7 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, * The recommended way to ensure uniqueness is to use a message * counter. * - * Note that for both stategies, sizes are measured in blocks and + * Note that for both strategies, sizes are measured in blocks and * that a Blowfish block is 8 bytes. * * \warning Upon return, \p stream_block contains sensitive data. Its @@ -272,13 +259,13 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ); +int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/bn_mul.h b/third_party/mbedtls/repo/include/mbedtls/bn_mul.h index 31137cd4c23..fc0c3cf3189 100644 --- a/third_party/mbedtls/repo/include/mbedtls/bn_mul.h +++ b/third_party/mbedtls/repo/include/mbedtls/bn_mul.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Multiply source vector [s] with b, add result @@ -51,39 +39,40 @@ */ #if defined(MBEDTLS_HAVE_INT32) -#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) +#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \ + ((mbedtls_mpi_uint) (a) << 0) | \ + ((mbedtls_mpi_uint) (b) << 8) | \ + ((mbedtls_mpi_uint) (c) << 16) | \ + ((mbedtls_mpi_uint) (d) << 24) -#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ - MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \ + MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0) -#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ), \ - MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h ) +#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \ + MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d), \ + MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h) #else /* 64-bits */ -#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \ - ( (mbedtls_mpi_uint) (a) << 0 ) | \ - ( (mbedtls_mpi_uint) (b) << 8 ) | \ - ( (mbedtls_mpi_uint) (c) << 16 ) | \ - ( (mbedtls_mpi_uint) (d) << 24 ) | \ - ( (mbedtls_mpi_uint) (e) << 32 ) | \ - ( (mbedtls_mpi_uint) (f) << 40 ) | \ - ( (mbedtls_mpi_uint) (g) << 48 ) | \ - ( (mbedtls_mpi_uint) (h) << 56 ) +#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \ + ((mbedtls_mpi_uint) (a) << 0) | \ + ((mbedtls_mpi_uint) (b) << 8) | \ + ((mbedtls_mpi_uint) (c) << 16) | \ + ((mbedtls_mpi_uint) (d) << 24) | \ + ((mbedtls_mpi_uint) (e) << 32) | \ + ((mbedtls_mpi_uint) (f) << 40) | \ + ((mbedtls_mpi_uint) (g) << 48) | \ + ((mbedtls_mpi_uint) (h) << 56) -#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ) \ - MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d) \ + MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0) -#define MBEDTLS_BYTES_TO_T_UINT_2( a, b ) \ - MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 ) +#define MBEDTLS_BYTES_TO_T_UINT_2(a, b) \ + MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0) #endif /* bits in mbedtls_mpi_uint */ +/* *INDENT-OFF* */ #if defined(MBEDTLS_HAVE_ASM) #ifndef asm @@ -94,13 +83,29 @@ #if defined(__GNUC__) && \ ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) +/* + * GCC < 5.0 treated the x86 ebx (which is used for the GOT) as a + * fixed reserved register when building as PIC, leading to errors + * like: bn_mul.h:46:13: error: PIC register clobbered by 'ebx' in 'asm' + * + * This is fixed by an improved register allocator in GCC 5+. From the + * release notes: + * Register allocation improvements: Reuse of the PIC hard register, + * instead of using a fixed register, was implemented on x86/x86-64 + * targets. This improves generated PIC code performance as more hard + * registers can be used. + */ +#if defined(__GNUC__) && __GNUC__ < 5 && defined(__PIC__) +#define MULADDC_CANNOT_USE_EBX +#endif + /* * Disable use of the i386 assembly code below if option -O0, to disable all * compiler optimisations, is passed, detected with __OPTIMIZE__ * This is done as the number of registers used in the assembly code doesn't * work with the -O0 option. */ -#if defined(__i386__) && defined(__OPTIMIZE__) +#if defined(__i386__) && defined(__OPTIMIZE__) && !defined(MULADDC_CANNOT_USE_EBX) #define MULADDC_INIT \ asm( \ @@ -563,10 +568,20 @@ "andi r7, r6, 0xffff \n\t" \ "bsrli r6, r6, 16 \n\t" -#define MULADDC_CORE \ +#if(__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) +#define MULADDC_LHUI \ + "lhui r9, r3, 0 \n\t" \ + "addi r3, r3, 2 \n\t" \ + "lhui r8, r3, 0 \n\t" +#else +#define MULADDC_LHUI \ "lhui r8, r3, 0 \n\t" \ "addi r3, r3, 2 \n\t" \ - "lhui r9, r3, 0 \n\t" \ + "lhui r9, r3, 0 \n\t" +#endif + +#define MULADDC_CORE \ + MULADDC_LHUI \ "addi r3, r3, 2 \n\t" \ "mul r10, r9, r6 \n\t" \ "mul r11, r8, r7 \n\t" \ @@ -650,6 +665,15 @@ #if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7) #if defined(__thumb__) && !defined(__thumb2__) +#if !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* + * Thumb 1 ISA. This code path has only been tested successfully on gcc; + * it does not compile on clang or armclang. + * + * Other compilers which define __GNUC__ may not work. The above macro + * attempts to exclude these untested compilers. + */ #define MULADDC_INIT \ asm( \ @@ -704,6 +728,8 @@ "r6", "r7", "r8", "r9", "cc" \ ); +#endif /* Compiler is gcc */ + #elif (__ARM_ARCH >= 6) && \ defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1) @@ -975,4 +1001,5 @@ #endif /* C (generic) */ #endif /* C (longlong) */ +/* *INDENT-ON* */ #endif /* bn_mul.h */ diff --git a/third_party/mbedtls/repo/include/mbedtls/camellia.h b/third_party/mbedtls/repo/include/mbedtls/camellia.h index 925a623e47e..be8c5152c51 100644 --- a/third_party/mbedtls/repo/include/mbedtls/camellia.h +++ b/third_party/mbedtls/repo/include/mbedtls/camellia.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CAMELLIA_H #define MBEDTLS_CAMELLIA_H @@ -37,7 +25,7 @@ #define MBEDTLS_CAMELLIA_DECRYPT 0 #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 ) +#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0024) #endif /* !MBEDTLS_DEPRECATED_REMOVED */ /** Bad input data. */ #define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 @@ -61,8 +49,7 @@ extern "C" { /** * \brief CAMELLIA context structure */ -typedef struct mbedtls_camellia_context -{ +typedef struct mbedtls_camellia_context { int nr; /*!< number of rounds */ uint32_t rk[68]; /*!< CAMELLIA round keys */ } @@ -78,7 +65,7 @@ mbedtls_camellia_context; * \param ctx The CAMELLIA context to be initialized. * This must not be \c NULL. */ -void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); +void mbedtls_camellia_init(mbedtls_camellia_context *ctx); /** * \brief Clear a CAMELLIA context. @@ -87,7 +74,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); * in which case this function returns immediately. If it is not * \c NULL, it must be initialized. */ -void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); +void mbedtls_camellia_free(mbedtls_camellia_context *ctx); /** * \brief Perform a CAMELLIA key schedule operation for encryption. @@ -101,9 +88,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief Perform a CAMELLIA key schedule operation for decryption. @@ -117,9 +104,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits); /** * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. @@ -136,10 +123,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -170,12 +157,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) @@ -216,13 +203,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -232,7 +219,7 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, * *note Due to the nature of CTR mode, you should use the same * key for both encryption and decryption. In particular, calls * to this function should be preceded by a key-schedule via - * mbedtls_camellia_setkey_enc() regardless of whether \p mode + * mbedtls_camellia_setkey_enc() regardless of whether the mode * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. * * \warning You must never reuse a nonce value with the same key. Doing so @@ -273,7 +260,7 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, * encrypted: for example, with 96-bit random nonces, you should * not encrypt more than 2**32 messages with the same key. * - * Note that for both stategies, sizes are measured in blocks and + * Note that for both strategies, sizes are measured in blocks and * that a CAMELLIA block is \c 16 Bytes. * * \warning Upon return, \p stream_block contains sensitive data. Its @@ -300,13 +287,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_SELF_TEST) @@ -316,7 +303,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_camellia_self_test( int verbose ); +int mbedtls_camellia_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ccm.h b/third_party/mbedtls/repo/include/mbedtls/ccm.h index ece5a901cb6..adb14cc636f 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ccm.h +++ b/third_party/mbedtls/repo/include/mbedtls/ccm.h @@ -29,19 +29,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CCM_H @@ -76,8 +64,7 @@ extern "C" { * \brief The CCM context-type definition. The CCM context is passed * to the APIs called. */ -typedef struct mbedtls_ccm_context -{ +typedef struct mbedtls_ccm_context { mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ } mbedtls_ccm_context; @@ -93,7 +80,7 @@ mbedtls_ccm_context; * * \param ctx The CCM context to initialize. This must not be \c NULL. */ -void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); +void mbedtls_ccm_init(mbedtls_ccm_context *ctx); /** * \brief This function initializes the CCM context set in the @@ -108,10 +95,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits); /** * \brief This function releases and clears the specified CCM context @@ -120,7 +107,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, * \param ctx The CCM context to clear. If this is \c NULL, the function * has no effect. Otherwise, this must be initialized. */ -void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); +void mbedtls_ccm_free(mbedtls_ccm_context *ctx); /** * \brief This function encrypts a buffer using CCM. @@ -158,11 +145,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len); /** * \brief This function encrypts a buffer using CCM*. @@ -206,11 +193,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \return \c 0 on success. * \return A CCM or cipher-specific error code on failure. */ -int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len); /** * \brief This function performs a CCM authenticated decryption of a @@ -243,11 +230,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return A cipher-specific error code on calculation failure. */ -int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len); /** * \brief This function performs a CCM* authenticated decryption of a @@ -288,11 +275,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return A cipher-specific error code on calculation failure. */ -int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ); +int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len); #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) /** @@ -301,7 +288,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ccm_self_test( int verbose ); +int mbedtls_ccm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/certs.h b/third_party/mbedtls/repo/include/mbedtls/certs.h index c93c741c7ff..8a1f2935304 100644 --- a/third_party/mbedtls/repo/include/mbedtls/certs.h +++ b/third_party/mbedtls/repo/include/mbedtls/certs.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H @@ -37,11 +25,11 @@ extern "C" { /* List of all PEM-encoded CA certificates, terminated by NULL; * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded * otherwise. */ -extern const char * mbedtls_test_cas[]; +extern const char *mbedtls_test_cas[]; extern const size_t mbedtls_test_cas_len[]; /* List of all DER-encoded CA certificates, terminated by NULL */ -extern const unsigned char * mbedtls_test_cas_der[]; +extern const unsigned char *mbedtls_test_cas_der[]; extern const size_t mbedtls_test_cas_der_len[]; #if defined(MBEDTLS_PEM_PARSE_C) @@ -112,9 +100,9 @@ extern const size_t mbedtls_test_ca_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_ca_crt; -extern const char * mbedtls_test_ca_key; -extern const char * mbedtls_test_ca_pwd; +extern const char *mbedtls_test_ca_crt; +extern const char *mbedtls_test_ca_key; +extern const char *mbedtls_test_ca_pwd; extern const size_t mbedtls_test_ca_crt_len; extern const size_t mbedtls_test_ca_key_len; extern const size_t mbedtls_test_ca_pwd_len; @@ -181,9 +169,9 @@ extern const size_t mbedtls_test_srv_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_srv_crt; -extern const char * mbedtls_test_srv_key; -extern const char * mbedtls_test_srv_pwd; +extern const char *mbedtls_test_srv_crt; +extern const char *mbedtls_test_srv_key; +extern const char *mbedtls_test_srv_pwd; extern const size_t mbedtls_test_srv_crt_len; extern const size_t mbedtls_test_srv_key_len; extern const size_t mbedtls_test_srv_pwd_len; @@ -236,9 +224,9 @@ extern const size_t mbedtls_test_cli_crt_rsa_len; /* Config-dependent dispatch between EC and RSA * (RSA if enabled, otherwise EC) */ -extern const char * mbedtls_test_cli_crt; -extern const char * mbedtls_test_cli_key; -extern const char * mbedtls_test_cli_pwd; +extern const char *mbedtls_test_cli_crt; +extern const char *mbedtls_test_cli_key; +extern const char *mbedtls_test_cli_pwd; extern const size_t mbedtls_test_cli_crt_len; extern const size_t mbedtls_test_cli_key_len; extern const size_t mbedtls_test_cli_pwd_len; diff --git a/third_party/mbedtls/repo/include/mbedtls/chacha20.h b/third_party/mbedtls/repo/include/mbedtls/chacha20.h index 03b48714780..0c0d6a1157a 100644 --- a/third_party/mbedtls/repo/include/mbedtls/chacha20.h +++ b/third_party/mbedtls/repo/include/mbedtls/chacha20.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHA20_H @@ -60,8 +48,7 @@ extern "C" { #if !defined(MBEDTLS_CHACHA20_ALT) -typedef struct mbedtls_chacha20_context -{ +typedef struct mbedtls_chacha20_context { uint32_t state[16]; /*! The state (before round operations). */ uint8_t keystream8[64]; /*! Leftover keystream bytes. */ size_t keystream_bytes_used; /*! Number of keystream bytes already used. */ @@ -87,7 +74,7 @@ mbedtls_chacha20_context; * \param ctx The ChaCha20 context to initialize. * This must not be \c NULL. */ -void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); +void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx); /** * \brief This function releases and clears the specified @@ -98,7 +85,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); * \c NULL, it must point to an initialized context. * */ -void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); +void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx); /** * \brief This function sets the encryption/decryption key. @@ -116,8 +103,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); * \return \c 0 on success. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL. */ -int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, - const unsigned char key[32] ); +int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx, + const unsigned char key[32]); /** * \brief This function sets the nonce and initial counter value. @@ -138,9 +125,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is * NULL. */ -int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, - const unsigned char nonce[12], - uint32_t counter ); +int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx, + const unsigned char nonce[12], + uint32_t counter); /** * \brief This function encrypts or decrypts data. @@ -171,10 +158,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, - size_t size, - const unsigned char *input, - unsigned char *output ); +int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx, + size_t size, + const unsigned char *input, + unsigned char *output); /** * \brief This function encrypts or decrypts data with ChaCha20 and @@ -204,12 +191,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chacha20_crypt( const unsigned char key[32], - const unsigned char nonce[12], - uint32_t counter, - size_t size, - const unsigned char* input, - unsigned char* output ); +int mbedtls_chacha20_crypt(const unsigned char key[32], + const unsigned char nonce[12], + uint32_t counter, + size_t size, + const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) /** @@ -218,7 +205,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32], * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_chacha20_self_test( int verbose ); +int mbedtls_chacha20_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/chachapoly.h b/third_party/mbedtls/repo/include/mbedtls/chachapoly.h index c4ec7b5f2a9..1156d7db81b 100644 --- a/third_party/mbedtls/repo/include/mbedtls/chachapoly.h +++ b/third_party/mbedtls/repo/include/mbedtls/chachapoly.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHAPOLY_H @@ -50,8 +38,7 @@ extern "C" { #endif -typedef enum -{ +typedef enum { MBEDTLS_CHACHAPOLY_ENCRYPT, /**< The mode value for performing encryption. */ MBEDTLS_CHACHAPOLY_DECRYPT /**< The mode value for performing decryption. */ } @@ -61,8 +48,7 @@ mbedtls_chachapoly_mode_t; #include "mbedtls/chacha20.h" -typedef struct mbedtls_chachapoly_context -{ +typedef struct mbedtls_chachapoly_context { mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */ mbedtls_poly1305_context poly1305_ctx; /**< The Poly1305 context. */ uint64_t aad_len; /**< The length (bytes) of the Additional Authenticated Data. */ @@ -118,7 +104,7 @@ mbedtls_chachapoly_context; * * \param ctx The ChachaPoly context to initialize. Must not be \c NULL. */ -void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); +void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx); /** * \brief This function releases and clears the specified @@ -127,7 +113,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); * \param ctx The ChachaPoly context to clear. This may be \c NULL, in which * case this function is a no-op. */ -void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); +void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx); /** * \brief This function sets the ChaCha20-Poly1305 @@ -140,8 +126,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, - const unsigned char key[32] ); +int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx, + const unsigned char key[32]); /** * \brief This function starts a ChaCha20-Poly1305 encryption or @@ -161,16 +147,16 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, * \param ctx The ChaCha20-Poly1305 context. This must be initialized * and bound to a key. * \param nonce The nonce/IV to use for the message. - * This must be a redable buffer of length \c 12 Bytes. + * This must be a readable buffer of length \c 12 Bytes. * \param mode The operation to perform: #MBEDTLS_CHACHAPOLY_ENCRYPT or * #MBEDTLS_CHACHAPOLY_DECRYPT (discouraged, see warning). * * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, - const unsigned char nonce[12], - mbedtls_chachapoly_mode_t mode ); +int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx, + const unsigned char nonce[12], + mbedtls_chachapoly_mode_t mode); /** * \brief This function feeds additional data to be authenticated @@ -211,9 +197,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, * if the operations has not been started or has been * finished, or if the AAD has been finished. */ -int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, - const unsigned char *aad, - size_t aad_len ); +int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx, + const unsigned char *aad, + size_t aad_len); /** * \brief Thus function feeds data to be encrypted or decrypted @@ -246,10 +232,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, * finished. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, - size_t len, - const unsigned char *input, - unsigned char *output ); +int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx, + size_t len, + const unsigned char *input, + unsigned char *output); /** * \brief This function finished the ChaCha20-Poly1305 operation and @@ -267,8 +253,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, * finished. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, - unsigned char mac[16] ); +int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx, + unsigned char mac[16]); /** * \brief This function performs a complete ChaCha20-Poly1305 @@ -299,14 +285,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ); +int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]); /** * \brief This function performs a complete ChaCha20-Poly1305 @@ -333,14 +319,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, * if the data was not authentic. * \return Another negative error code on other kinds of failure. */ -int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char tag[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char tag[16], + const unsigned char *input, + unsigned char *output); #if defined(MBEDTLS_SELF_TEST) /** @@ -349,7 +335,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_chachapoly_self_test( int verbose ); +int mbedtls_chachapoly_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/check_config.h b/third_party/mbedtls/repo/include/mbedtls/check_config.h index 396fe7dfc2b..96081feb6a5 100644 --- a/third_party/mbedtls/repo/include/mbedtls/check_config.h +++ b/third_party/mbedtls/repo/include/mbedtls/check_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -28,13 +16,14 @@ #ifndef MBEDTLS_CHECK_CONFIG_H #define MBEDTLS_CHECK_CONFIG_H +/* *INDENT-OFF* */ /* * We assume CHAR_BIT is 8 in many places. In practice, this is true on our * target platforms, so not an issue, but let's just be extra sure. */ #include #if CHAR_BIT != 8 -#error "mbed TLS requires a platform with 8-bit chars" +#error "Mbed TLS requires a platform with 8-bit chars" #endif #if defined(_WIN32) @@ -68,10 +57,6 @@ #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" #endif -#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM) -#error "MBEDTLS_AESNI_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" #endif @@ -143,6 +128,11 @@ #error "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED defined, but MBEDTLS_ECDH_LEGACY_CONTEXT not disabled" #endif +#if defined(MBEDTLS_ECP_RESTARTABLE) && \ + !defined(MBEDTLS_ECP_C) +#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif @@ -173,7 +163,11 @@ #endif #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C) -#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites" +#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PKCS5_C) && !defined(MBEDTLS_MD_C) +#error "MBEDTLS_PKCS5_C defined, but not all prerequisites" #endif #if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \ @@ -214,11 +208,32 @@ #error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too" #endif +#if defined(MBEDTLS_CCM_C) && ( \ + !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) +#error "MBEDTLS_CCM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C) +#error "MBEDTLS_CCM_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_GCM_C) && ( \ - !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) + !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C) +#error "MBEDTLS_GCM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C) +#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C) +#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT) #error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites" #endif @@ -338,11 +353,11 @@ #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites" +#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites" #endif #if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites" +#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites" #endif #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM) @@ -500,6 +515,20 @@ #error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" #endif +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\ + defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously" +#endif + #if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\ !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) #error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" @@ -619,6 +648,17 @@ #error "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined, but it cannot coexist with MBEDTLS_USE_PSA_CRYPTO." #endif +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) && \ + !defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_ECDSA_C) +#error "MBEDTLS_PK_C in configuration with MBEDTLS_USE_PSA_CRYPTO and \ + MBEDTLS_ECDSA_C requires MBEDTLS_PK_WRITE_C to be defined." +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) && \ + !( defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) ) +#error "MBEDTLS_PSA_CRYPTO_C with MBEDTLS_RSA_C requires MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" @@ -761,20 +801,25 @@ !defined(MBEDTLS_SSL_PROTO_TLS1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" +#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequisites" #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ !defined(MBEDTLS_SSL_PROTO_TLS1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" +#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites" #endif #if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_TICKET_C) && \ + !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) +#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \ !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1) #error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" @@ -889,6 +934,10 @@ #error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) +#error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" +#endif + /* * Avoid warning from -pedantic. This is a convenient place for this * workaround since this is included by every single file before the @@ -896,4 +945,5 @@ */ typedef int mbedtls_iso_c_forbids_empty_translation_units; +/* *INDENT-ON* */ #endif /* MBEDTLS_CHECK_CONFIG_H */ diff --git a/third_party/mbedtls/repo/include/mbedtls/cipher.h b/third_party/mbedtls/repo/include/mbedtls/cipher.h index 6d83da8827e..db73c1b537e 100644 --- a/third_party/mbedtls/repo/include/mbedtls/cipher.h +++ b/third_party/mbedtls/repo/include/mbedtls/cipher.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_H @@ -49,7 +37,7 @@ #define MBEDTLS_CIPHER_MODE_STREAM #endif -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -83,16 +71,16 @@ extern "C" { /** * \brief Supported cipher types. * - * \warning RC4 and DES are considered weak ciphers and their use - * constitutes a security risk. Arm recommends considering stronger + * \warning RC4 and DES/3DES are considered weak ciphers and their use + * constitutes a security risk. We recommend considering stronger * ciphers instead. */ typedef enum { MBEDTLS_CIPHER_ID_NONE = 0, /**< Placeholder to mark the end of cipher ID lists. */ MBEDTLS_CIPHER_ID_NULL, /**< The identity cipher, treated as a stream cipher. */ MBEDTLS_CIPHER_ID_AES, /**< The AES cipher. */ - MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */ - MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */ + MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. \warning DES is considered weak. */ + MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. \warning 3DES is considered weak. */ MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */ MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */ @@ -103,8 +91,8 @@ typedef enum { /** * \brief Supported {cipher type, cipher mode} pairs. * - * \warning RC4 and DES are considered weak ciphers and their use - * constitutes a security risk. Arm recommends considering stronger + * \warning RC4 and DES/3DES are considered weak ciphers and their use + * constitutes a security risk. We recommend considering stronger * ciphers instead. */ typedef enum { @@ -140,12 +128,12 @@ typedef enum { MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */ MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */ MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */ - MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */ - MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */ - MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */ - MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */ - MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */ - MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */ + MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. \warning DES is considered weak. */ + MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. \warning DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. \warning 3DES is considered weak. */ MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */ MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */ MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */ @@ -226,11 +214,11 @@ typedef enum { enum { /** Undefined key length. */ MBEDTLS_KEY_LENGTH_NONE = 0, - /** Key length, in bits (including parity), for DES keys. */ + /** Key length, in bits (including parity), for DES keys. \warning DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES = 64, - /** Key length in bits, including parity, for DES in two-key EDE. */ + /** Key length in bits, including parity, for DES in two-key EDE. \warning 3DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES_EDE = 128, - /** Key length in bits, including parity, for DES in three-key EDE. */ + /** Key length in bits, including parity, for DES in three-key EDE. \warning 3DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES_EDE3 = 192, }; @@ -273,8 +261,7 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * Cipher information. Allows calling cipher functions * in a generic way. */ -typedef struct mbedtls_cipher_info_t -{ +typedef struct mbedtls_cipher_info_t { /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ @@ -290,7 +277,7 @@ typedef struct mbedtls_cipher_info_t unsigned int key_bitlen; /** Name of the cipher. */ - const char * name; + const char *name; /** IV or nonce size, in Bytes. * For ciphers that accept variable IV sizes, @@ -315,8 +302,7 @@ typedef struct mbedtls_cipher_info_t /** * Generic cipher context. */ -typedef struct mbedtls_cipher_context_t -{ +typedef struct mbedtls_cipher_context_t { /** Information about the associated cipher. */ const mbedtls_cipher_info_t *cipher_info; @@ -332,8 +318,8 @@ typedef struct mbedtls_cipher_context_t /** Padding functions to use, if relevant for * the specific cipher mode. */ - void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); - int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); + void (*add_padding)(unsigned char *output, size_t olen, size_t data_len); + int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len); #endif /** Buffer for input that has not been processed yet. */ @@ -383,7 +369,7 @@ typedef struct mbedtls_cipher_context_t * \return A statically-allocated array of cipher identifiers * of type cipher_type_t. The last entry is zero. */ -const int *mbedtls_cipher_list( void ); +const int *mbedtls_cipher_list(void); /** * \brief This function retrieves the cipher-information @@ -396,7 +382,7 @@ const int *mbedtls_cipher_list( void ); * given \p cipher_name. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name); /** * \brief This function retrieves the cipher-information @@ -408,7 +394,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher * given \p cipher_type. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type); /** * \brief This function retrieves the cipher-information @@ -424,16 +410,16 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher * given \p cipher_id. * \return \c NULL if the associated cipher information is not found. */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, - int key_bitlen, - const mbedtls_cipher_mode_t mode ); +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, + int key_bitlen, + const mbedtls_cipher_mode_t mode); /** - * \brief This function initializes a \p cipher_context as NONE. + * \brief This function initializes a \p ctx as NONE. * * \param ctx The context to be initialized. This must not be \c NULL. */ -void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); +void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx); /** * \brief This function frees and clears the cipher-specific @@ -444,14 +430,33 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); * function has no effect, otherwise this must point to an * initialized context. */ -void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); +void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx); /** - * \brief This function initializes a cipher context for + * \brief This function prepares a cipher context for * use with the given cipher primitive. * - * \param ctx The context to initialize. This must be initialized. + * \warning In CBC mode, if mbedtls_cipher_set_padding_mode() is not called: + * - If MBEDTLS_CIPHER_PADDING_PKCS7 is enabled, the + * context will use PKCS7 padding. + * - Otherwise the context uses no padding and the input + * must be a whole number of blocks. + * + * \note After calling this function, you should call + * mbedtls_cipher_setkey() and, if the mode uses padding, + * mbedtls_cipher_set_padding_mode(), then for each + * message to encrypt or decrypt with this key, either: + * - mbedtls_cipher_crypt() for one-shot processing with + * non-AEAD modes; + * - mbedtls_cipher_auth_encrypt_ext() or + * mbedtls_cipher_auth_decrypt_ext() for one-shot + * processing with AEAD modes or NIST_KW; + * - for multi-part processing, see the documentation of + * mbedtls_cipher_reset(). + * + * \param ctx The context to prepare. This must be initialized by + * a call to mbedtls_cipher_init() first. * \param cipher_info The cipher to use. * * \return \c 0 on success. @@ -464,8 +469,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * In future versions, the caller will be required to call * mbedtls_cipher_init() on the structure first. */ -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ); +int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -489,9 +494,9 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * cipher-specific context fails. */ -int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info, - size_t taglen ); +int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info, + size_t taglen); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -503,11 +508,12 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, * \return \c 0 if \p ctx has not been initialized. */ static inline unsigned int mbedtls_cipher_get_block_size( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } return ctx->cipher_info->block_size; } @@ -522,11 +528,12 @@ static inline unsigned int mbedtls_cipher_get_block_size( * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. */ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_MODE_NONE; + } return ctx->cipher_info->mode; } @@ -542,14 +549,16 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( * \return The actual size if an IV has been set. */ static inline int mbedtls_cipher_get_iv_size( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } - if( ctx->iv_size != 0 ) + if (ctx->iv_size != 0) { return (int) ctx->iv_size; + } return (int) ctx->cipher_info->iv_size; } @@ -563,12 +572,13 @@ static inline int mbedtls_cipher_get_iv_size( * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. */ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_CIPHER_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_CIPHER_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_CIPHER_NONE; + } return ctx->cipher_info->type; } @@ -583,11 +593,12 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( * \return NULL if \p ctx has not been not initialized. */ static inline const char *mbedtls_cipher_get_name( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); - if( ctx->cipher_info == NULL ) + MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); + if (ctx->cipher_info == NULL) { return 0; + } return ctx->cipher_info->name; } @@ -598,16 +609,17 @@ static inline const char *mbedtls_cipher_get_name( * \param ctx The context of the cipher. This must be initialized. * * \return The key length of the cipher in bits. - * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been + * \return #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been * initialized. */ static inline int mbedtls_cipher_get_key_bitlen( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_KEY_LENGTH_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_KEY_LENGTH_NONE; + } return (int) ctx->cipher_info->key_bitlen; } @@ -621,12 +633,13 @@ static inline int mbedtls_cipher_get_key_bitlen( * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. */ static inline mbedtls_operation_t mbedtls_cipher_get_operation( - const mbedtls_cipher_context_t *ctx ) + const mbedtls_cipher_context_t *ctx) { MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_OPERATION_NONE ); - if( ctx->cipher_info == NULL ) + ctx != NULL, MBEDTLS_OPERATION_NONE); + if (ctx->cipher_info == NULL) { return MBEDTLS_OPERATION_NONE; + } return ctx->operation; } @@ -647,18 +660,16 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, - const unsigned char *key, - int key_bitlen, - const mbedtls_operation_t operation ); +int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** * \brief This function sets the padding mode, for cipher modes * that use padding. * - * The default passing mode is PKCS7 padding. - * * \param ctx The generic cipher context. This must be initialized and * bound to a cipher information structure. * \param mode The padding mode. @@ -669,8 +680,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * does not support padding. */ -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t mode ); +int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode); #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /** @@ -691,20 +702,42 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * parameter-verification failure. */ -int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, - size_t iv_len ); +int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, + size_t iv_len); /** * \brief This function resets the cipher state. * - * \param ctx The generic cipher context. This must be initialized. + * \note With non-AEAD ciphers, the order of calls for each message + * is as follows: + * 1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce. + * 2. mbedtls_cipher_reset() + * 3. mbedtls_cipher_update() one or more times + * 4. mbedtls_cipher_finish() + * . + * This sequence can be repeated to encrypt or decrypt multiple + * messages with the same key. + * + * \note With AEAD ciphers, the order of calls for each message + * is as follows: + * 1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce. + * 2. mbedtls_cipher_reset() + * 3. mbedtls_cipher_update_ad() + * 4. mbedtls_cipher_update() one or more times + * 5. mbedtls_cipher_check_tag() (for decryption) or + * mbedtls_cipher_write_tag() (for encryption). + * . + * This sequence can be repeated to encrypt or decrypt multiple + * messages with the same key. + * + * \param ctx The generic cipher context. This must be bound to a key. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on * parameter-verification failure. */ -int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); +int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /** @@ -721,8 +754,8 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, - const unsigned char *ad, size_t ad_len ); +int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, + const unsigned char *ad, size_t ad_len); #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /** @@ -759,10 +792,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, * unsupported mode for a cipher. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, - size_t ilen, unsigned char *output, - size_t *olen ); +int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, + size_t ilen, unsigned char *output, + size_t *olen); /** * \brief The generic cipher finalization function. If data still @@ -773,7 +806,7 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, * \param ctx The generic cipher context. This must be initialized and * bound to a key. * \param output The buffer to write data to. This needs to be a writable - * buffer of at least \p block_size Bytes. + * buffer of at least block_size Bytes. * \param olen The length of the data written to the \p output buffer. * This may not be \c NULL. * @@ -786,8 +819,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, * while decrypting. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output, size_t *olen ); +int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output, size_t *olen); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /** @@ -806,8 +839,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, - unsigned char *tag, size_t tag_len ); +int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, + unsigned char *tag, size_t tag_len); /** * \brief This function checks the tag for AEAD ciphers. @@ -822,8 +855,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, * \return \c 0 on success. * \return A specific error code on failure. */ -int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, - const unsigned char *tag, size_t tag_len ); +int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, + const unsigned char *tag, size_t tag_len); #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /** @@ -859,13 +892,13 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, * while decrypting. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ); +int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen); #if defined(MBEDTLS_CIPHER_MODE_AEAD) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -917,13 +950,13 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; +int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt( + mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len); /** * \brief The generic authenticated decryption (AEAD) function. @@ -976,13 +1009,13 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) - MBEDTLS_DEPRECATED; +int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt( + mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len); #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ @@ -1032,12 +1065,12 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ); +int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len); /** * \brief The authenticated encryption (AEAD/NIST_KW) function. @@ -1088,12 +1121,12 @@ int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ); +int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len); #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/cipher_internal.h b/third_party/mbedtls/repo/include/mbedtls/cipher_internal.h index 2484c01c7a4..c98abab6872 100644 --- a/third_party/mbedtls/repo/include/mbedtls/cipher_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/cipher_internal.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H @@ -43,82 +31,79 @@ extern "C" { /** * Base cipher information. The non-mode specific functions and values. */ -struct mbedtls_cipher_base_t -{ +struct mbedtls_cipher_base_t { /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ mbedtls_cipher_id_t cipher; /** Encrypt using ECB */ - int (*ecb_func)( void *ctx, mbedtls_operation_t mode, - const unsigned char *input, unsigned char *output ); + int (*ecb_func)(void *ctx, mbedtls_operation_t mode, + const unsigned char *input, unsigned char *output); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** Encrypt using CBC */ - int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); + int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length, + unsigned char *iv, const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_CFB) /** Encrypt using CFB (Full length) */ - int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, - unsigned char *output ); + int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_OFB) /** Encrypt using OFB (Full length) */ - int (*ofb_func)( void *ctx, size_t length, size_t *iv_off, - unsigned char *iv, - const unsigned char *input, - unsigned char *output ); + int (*ofb_func)(void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, + const unsigned char *input, + unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_CTR) /** Encrypt using CTR */ - int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ); + int (*ctr_func)(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) /** Encrypt or decrypt using XTS. */ - int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length, - const unsigned char data_unit[16], - const unsigned char *input, unsigned char *output ); + int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length, + const unsigned char data_unit[16], + const unsigned char *input, unsigned char *output); #endif #if defined(MBEDTLS_CIPHER_MODE_STREAM) /** Encrypt using STREAM */ - int (*stream_func)( void *ctx, size_t length, - const unsigned char *input, unsigned char *output ); + int (*stream_func)(void *ctx, size_t length, + const unsigned char *input, unsigned char *output); #endif /** Set key for encryption purposes */ - int (*setkey_enc_func)( void *ctx, const unsigned char *key, - unsigned int key_bitlen ); + int (*setkey_enc_func)(void *ctx, const unsigned char *key, + unsigned int key_bitlen); /** Set key for decryption purposes */ - int (*setkey_dec_func)( void *ctx, const unsigned char *key, - unsigned int key_bitlen); + int (*setkey_dec_func)(void *ctx, const unsigned char *key, + unsigned int key_bitlen); /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + void * (*ctx_alloc_func)(void); /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + void (*ctx_free_func)(void *ctx); }; -typedef struct -{ +typedef struct { mbedtls_cipher_type_t type; const mbedtls_cipher_info_t *info; } mbedtls_cipher_definition_t; #if defined(MBEDTLS_USE_PSA_CRYPTO) -typedef enum -{ +typedef enum { MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ /* use raw key material internally imported */ @@ -131,8 +116,7 @@ typedef enum /* destroyed when the context is freed. */ } mbedtls_cipher_psa_key_ownership; -typedef struct -{ +typedef struct { psa_algorithm_t alg; psa_key_id_t slot; mbedtls_cipher_psa_key_ownership slot_state; diff --git a/third_party/mbedtls/repo/include/mbedtls/cmac.h b/third_party/mbedtls/repo/include/mbedtls/cmac.h index 8934886af74..89634dc9274 100644 --- a/third_party/mbedtls/repo/include/mbedtls/cmac.h +++ b/third_party/mbedtls/repo/include/mbedtls/cmac.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CMAC_H @@ -45,7 +33,11 @@ extern "C" { #define MBEDTLS_AES_BLOCK_SIZE 16 #define MBEDTLS_DES3_BLOCK_SIZE 8 -#if defined(MBEDTLS_AES_C) + +/* Although the CMAC module does not support ARIA or CAMELLIA, we adjust the value of + * MBEDTLS_CIPHER_BLKSIZE_MAX to reflect these ciphers. + * This is done to avoid confusion, given the general-purpose name of the macro. */ +#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ #else #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */ @@ -56,8 +48,7 @@ extern "C" { /** * The CMAC context structure. */ -struct mbedtls_cmac_context_t -{ +struct mbedtls_cmac_context_t { /** The internal state of the CMAC algorithm. */ unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; @@ -103,8 +94,8 @@ struct mbedtls_cmac_context_t * \return \c 0 on success. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, - const unsigned char *key, size_t keybits ); +int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, + const unsigned char *key, size_t keybits); /** * \brief This function feeds an input buffer into an ongoing CMAC @@ -128,8 +119,8 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, size_t ilen ); +int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, size_t ilen); /** * \brief This function finishes an ongoing CMAC operation, and @@ -147,8 +138,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output ); +int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output); /** * \brief This function starts a new CMAC operation with the same @@ -166,7 +157,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); +int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx); /** * \brief This function calculates the full generic CMAC @@ -195,10 +186,10 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA * if parameter verification fails. */ -int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output); #if defined(MBEDTLS_AES_C) /** @@ -218,12 +209,12 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, * * \return \c 0 on success. */ -int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, - const unsigned char *input, size_t in_len, - unsigned char output[16] ); +int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len, + const unsigned char *input, size_t in_len, + unsigned char output[16]); #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) +#if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)) /** * \brief The CMAC checkup routine. * @@ -237,7 +228,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_cmac_self_test( int verbose ); +int mbedtls_cmac_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/compat-1.3.h b/third_party/mbedtls/repo/include/mbedtls/compat-1.3.h index 40177512cab..de8f625a621 100644 --- a/third_party/mbedtls/repo/include/mbedtls/compat-1.3.h +++ b/third_party/mbedtls/repo/include/mbedtls/compat-1.3.h @@ -1,26 +1,14 @@ /** * \file compat-1.3.h * - * \brief Compatibility definitions for using mbed TLS with client code written + * \brief Compatibility definitions for using Mbed TLS with client code written * for the PolarSSL naming conventions. * * \deprecated Use the new names directly instead */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -29,7 +17,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #warning "Including compat-1.3.h is deprecated" @@ -597,7 +585,8 @@ #define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 #endif #if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION -#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION +#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION \ + MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION #endif #if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE @@ -1382,8 +1371,8 @@ #define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED #define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED #define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED -#define SSL_BUFFER_LEN ( ( ( MBEDTLS_SSL_IN_BUFFER_LEN ) < ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) \ - ? ( MBEDTLS_SSL_IN_BUFFER_LEN ) : ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) +#define SSL_BUFFER_LEN (((MBEDTLS_SSL_IN_BUFFER_LEN) < (MBEDTLS_SSL_OUT_BUFFER_LEN)) \ + ? (MBEDTLS_SSL_IN_BUFFER_LEN) : (MBEDTLS_SSL_OUT_BUFFER_LEN)) #define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES #define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT #define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED @@ -1554,10 +1543,14 @@ #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA @@ -1565,8 +1558,10 @@ #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 -#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 #define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA #define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 #define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 @@ -1578,10 +1573,14 @@ #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA @@ -1591,10 +1590,14 @@ #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 -#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 +#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ + MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 #define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA @@ -2492,7 +2495,8 @@ #define x509write_crt_free mbedtls_x509write_crt_free #define x509write_crt_init mbedtls_x509write_crt_init #define x509write_crt_pem mbedtls_x509write_crt_pem -#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier +#define x509write_crt_set_authority_key_identifier \ + mbedtls_x509write_crt_set_authority_key_identifier #define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints #define x509write_crt_set_extension mbedtls_x509write_crt_set_extension #define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key diff --git a/third_party/mbedtls/repo/include/mbedtls/config.h b/third_party/mbedtls/repo/include/mbedtls/config.h index 87b4e9192e7..ac2146ea114 100644 --- a/third_party/mbedtls/repo/include/mbedtls/config.h +++ b/third_party/mbedtls/repo/include/mbedtls/config.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_H @@ -51,7 +39,7 @@ * include/mbedtls/bn_mul.h * * Required by: - * MBEDTLS_AESNI_C + * MBEDTLS_AESNI_C (on some platforms) * MBEDTLS_PADLOCK_C * * Comment to disable the use of assembly code. @@ -128,7 +116,12 @@ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and * MBEDTLS_PLATFORM_STD_TIME. * - * Comment if your system does not support time functions + * Comment if your system does not support time functions. + * + * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing + * interface - timing.c will include time.h on suitable platforms + * regardless of the setting of MBEDTLS_HAVE_TIME, unless + * MBEDTLS_TIMING_ALT is used. See timing.c for more information. */ #define MBEDTLS_HAVE_TIME @@ -158,19 +151,51 @@ * * Enable the memory allocation layer. * - * By default mbed TLS uses the system-provided calloc() and free(). + * By default Mbed TLS uses the system-provided calloc() and free(). * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * - * Enabling MBEDTLS_PLATFORM_MEMORY without the + * Enabling #MBEDTLS_PLATFORM_MEMORY without the * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and * free() function pointer at runtime. * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the * alternate function at compile time. * + * An overview of how the value of mbedtls_calloc is determined: + * + * - if !MBEDTLS_PLATFORM_MEMORY + * - mbedtls_calloc = calloc + * - if MBEDTLS_PLATFORM_MEMORY + * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO + * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. + * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? + * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; + * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; + * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - if MBEDTLS_PLATFORM_STD_CALLOC is present: + * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; + * - if !MBEDTLS_PLATFORM_STD_CALLOC: + * - MBEDTLS_PLATFORM_STD_CALLOC = calloc + * + * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. + * - if !MBEDTLS_PLATFORM_STD_CALLOC + * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc + * + * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. + * + * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. + * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. + * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, + * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * * Requires: MBEDTLS_PLATFORM_C * * Enable this layer to allow use of alternative memory allocators. @@ -199,10 +224,10 @@ /** * \def MBEDTLS_PLATFORM_EXIT_ALT * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the * function in the platform abstraction layer. * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will * provide a function "mbedtls_platform_set_printf()" that allows you to set an * alternative printf function pointer. * @@ -228,6 +253,45 @@ //#define MBEDTLS_PLATFORM_NV_SEED_ALT //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(). This replaces the default implementation in + * platform_util.c. + * + * mbedtls_platform_zeroize() is a widely used function across the library to + * zero a block of memory. The implementation is expected to be secure in the + * sense that it has been written to prevent the compiler from removing calls + * to mbedtls_platform_zeroize() as part of redundant code elimination + * optimizations. However, it is difficult to guarantee that calls to + * mbedtls_platform_zeroize() will not be optimized by the compiler as older + * versions of the C language standards do not provide a secure implementation + * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to + * configure their own implementation of mbedtls_platform_zeroize(), for + * example by using directives specific to their compiler, features from newer + * C standards (e.g using memset_s() in C11) or calling a secure memset() from + * their system (e.g explicit_bzero() in BSD). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT + /** * \def MBEDTLS_DEPRECATED_WARNING * @@ -321,10 +385,10 @@ */ //#define MBEDTLS_CHECK_PARAMS_ASSERT -/* \} name SECTION: System support */ +/** \} name SECTION: System support */ /** - * \name SECTION: mbed TLS feature support + * \name SECTION: Mbed TLS feature support * * This section sets support for features that are or are not needed * within the modules that are enabled. @@ -347,7 +411,7 @@ /** * \def MBEDTLS_AES_ALT * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternate core implementation of a symmetric crypto, an arithmetic or hash * module (e.g. platform specific assembly optimized implementations). Keep * in mind that the function prototypes should remain the same. @@ -355,7 +419,7 @@ * This replaces the whole module. If you only want to replace one of the * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer * provide the "struct mbedtls_aes_context" definition and omit the base * function declarations and implementations. "aes_alt.h" will be included from * "aes.h" to include the new function definitions. @@ -395,7 +459,7 @@ //#define MBEDTLS_XTEA_ALT /* - * When replacing the elliptic curve module, pleace consider, that it is + * When replacing the elliptic curve module, please consider, that it is * implemented with two .c files: * - ecp.c * - ecp_curves.c @@ -408,14 +472,14 @@ /** * \def MBEDTLS_MD2_PROCESS_ALT * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you * alternate core implementation of symmetric crypto or hash function. Keep in * mind that function prototypes should remain the same. * - * This replaces only one function. The header file from mbed TLS is still + * This replaces only one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will * no longer provide the mbedtls_sha1_process() function, but it will still provide * the other function (using your mbedtls_sha1_process() function) and the definition * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible @@ -475,11 +539,11 @@ * * Expose a part of the internal interface of the Elliptic Curve Point module. * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternative core implementation of elliptic curve arithmetic. Keep in mind * that function prototypes should remain the same. * - * This partially replaces one function. The header file from mbed TLS is still + * This partially replaces one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation * is still present and it is used for group structures not supported by the * alternative. @@ -503,11 +567,11 @@ * implement optimized set up and tear down instructions. * * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() + * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() * function, but will use your mbedtls_internal_ecp_double_jac() if the group * for the operation is supported by your implementation (i.e. your * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the - * group is not supported by your implementation, then the original mbed TLS + * group is not supported by your implementation, then the original Mbed TLS * implementation of ecp_double_jac() is used instead, unless this fallback * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). @@ -538,7 +602,7 @@ /** * \def MBEDTLS_TEST_NULL_ENTROPY * - * Enables testing and use of mbed TLS without any configured entropy sources. + * Enables testing and use of Mbed TLS without any configured entropy sources. * This permits use of the library on platforms before an entropy source has * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the * MBEDTLS_ENTROPY_NV_SEED switches). @@ -555,7 +619,7 @@ /** * \def MBEDTLS_ENTROPY_HARDWARE_ALT * - * Uncomment this macro to let mbed TLS use your own implementation of a + * Uncomment this macro to let Mbed TLS use your own implementation of a * hardware entropy collector. * * Your function must be called \c mbedtls_hardware_poll(), have the same @@ -781,6 +845,18 @@ */ #define MBEDTLS_REMOVE_3DES_CIPHERSUITES +/** + * Enable the verified implementations of ECDH primitives from Project Everest + * (currently only Curve25519). This feature changes the layout of ECDH + * contexts and therefore is a compatibility break for applications that access + * fields of a mbedtls_ecdh_context structure directly. See also + * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. + * + * The Everest code is provided under the Apache 2.0 license only; therefore enabling this + * option is not compatible with taking the library under the GPL v2.0-or-later license. + */ +//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -854,12 +930,37 @@ * This is useful in non-threaded environments if you want to avoid blocking * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. * - * Uncomment this macro to enable restartable ECC computations. + * This option: + * - Adds xxx_restartable() variants of existing operations in the + * following modules, with corresponding restart context types: + * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), + * linear combination (muladd); + * - ECDSA: signature generation & verification; + * - PK: signature generation & verification; + * - X509: certificate chain verification. + * - Adds mbedtls_ecdh_enable_restart() in the ECDH module. + * - Changes the behaviour of TLS 1.2 clients (not servers) when using the + * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC + * computations restartable: + * - ECDH operations from the key exchange, only for Short Weierstrass + * curves; + * - verification of the server's key exchange signature; + * - verification of the server's certificate chain; + * - generation of the client's signature if client authentication is used, + * with an ECC key/certificate. + * + * \note In the cases above, the usual SSL/TLS functions, such as + * mbedtls_ssl_handshake(), can now return + * MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS. * * \note This option only works with the default software implementation of * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT - * and MBEDTLS_ECDH_LEGACY_CONTEXT. + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT, + * MBEDTLS_ECDH_LEGACY_CONTEXT, and MBEDTLS_USE_PSA_CRYPTO. + * + * Requires: MBEDTLS_ECP_C + * + * Uncomment this macro to enable restartable ECC computations. */ //#define MBEDTLS_ECP_RESTARTABLE @@ -1324,7 +1425,7 @@ * Include backtrace information with each allocated block. * * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C - * GLIBC-compatible backtrace() an backtrace_symbols() support + * GLIBC-compatible backtrace() and backtrace_symbols() support * * Uncomment this macro to include backtrace information */ @@ -1428,8 +1529,8 @@ * ); * ``` * The \c context value is initialized to 0 before the first call. - * The function must fill the \c output buffer with \p output_size bytes - * of random data and set \c *output_length to \p output_size. + * The function must fill the \c output buffer with \c output_size bytes + * of random data and set \c *output_length to \c output_size. * * Requires: MBEDTLS_PSA_CRYPTO_C * @@ -1493,7 +1594,7 @@ * Enable an implementation of SHA-256 that has lower ROM footprint but also * lower performance. * - * The default implementation is meant to be a reasonnable compromise between + * The default implementation is meant to be a reasonable compromise between * performance and size. This version optimizes more aggressively for size at * the expense of performance. Eg on Cortex-M4 it reduces the size of * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about @@ -1529,7 +1630,7 @@ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate + * If you choose not to send the alert messages, Mbed TLS can still communicate * with other servers, only debugging of failures is harder. * * The advantage of not sending alert messages, is that no information is given @@ -1615,6 +1716,8 @@ * saved after the handshake to allow for more efficient serialization, so if * you don't need this feature you'll save RAM by disabling it. * + * Requires: MBEDTLS_GCM_C or MBEDTLS_CCM_C or MBEDTLS_CHACHAPOLY_C + * * Comment to disable the context serialization APIs. */ #define MBEDTLS_SSL_CONTEXT_SERIALIZATION @@ -1658,7 +1761,7 @@ * Enable support for RFC 7627: Session Hash and Extended Master Secret * Extension. * - * This was introduced as "the proper fix" to the Triple Handshake familiy of + * This was introduced as "the proper fix" to the Triple Handshake family of * attacks, but it is recommended to always use it (even if you disable * renegotiation), since it actually fixes a more fundamental issue in the * original SSL/TLS design, and has implications beyond Triple Handshake. @@ -1704,7 +1807,7 @@ * \note This option has no influence on the protection against the * triple handshake attack. Even if it is disabled, Mbed TLS will * still ensure that certificates do not change during renegotiation, - * for exaple by keeping a hash of the peer's certificate. + * for example by keeping a hash of the peer's certificate. * * Comment this macro to disable storing the peer's certificate * after the handshake. @@ -1909,7 +2012,7 @@ * unless you know for sure amplification cannot be a problem in the * environment in which your server operates. * - * \warning Disabling this can ba a security risk! (see above) + * \warning Disabling this can be a security risk! (see above) * * Requires: MBEDTLS_SSL_PROTO_DTLS * @@ -2053,6 +2156,23 @@ */ //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH +/** + * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake + * signature and ciphersuite selection. Without this build-time option, SHA-1 + * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. + * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by + * default. At the time of writing, there is no practical attack on the use + * of SHA-1 in handshake signatures, hence this option is turned on by default + * to preserve compatibility with existing peers, but the general + * warning applies nonetheless: + * + * \warning SHA-1 is considered a weak message digest and its use constitutes + * a security risk. If possible, we recommend avoiding dependencies + * on it, and considering stronger message digests instead. + * + */ +//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE + /** * \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN * @@ -2162,8 +2282,19 @@ * This setting allows support for cryptographic mechanisms through the PSA * API to be configured separately from support through the mbedtls API. * - * Uncomment this to enable use of PSA Crypto configuration settings which - * can be found in include/psa/crypto_config.h. + * When this option is disabled, the PSA API exposes the cryptographic + * mechanisms that can be implemented on top of the `mbedtls_xxx` API + * configured with `MBEDTLS_XXX` symbols. + * + * When this option is enabled, the PSA API exposes the cryptographic + * mechanisms requested by the `PSA_WANT_XXX` symbols defined in + * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are + * automatically enabled if required (i.e. if no PSA driver provides the + * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols + * in config.h. + * + * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies + * an alternative header to include instead of include/psa/crypto_config.h. * * If you enable this option and write your own configuration file, you must * include mbedtls/config_psa.h in your configuration file. The default @@ -2289,26 +2420,44 @@ * Uncomment to enable use of ZLIB */ //#define MBEDTLS_ZLIB_SUPPORT -/* \} name SECTION: mbed TLS feature support */ +/** \} name SECTION: Mbed TLS feature support */ /** - * \name SECTION: mbed TLS modules + * \name SECTION: Mbed TLS modules * - * This section enables or disables entire modules in mbed TLS + * This section enables or disables entire modules in Mbed TLS * \{ */ /** * \def MBEDTLS_AESNI_C * - * Enable AES-NI support on x86-64. + * Enable AES-NI support on x86-64 or x86-32. + * + * \note AESNI is only supported with certain compilers and target options: + * - Visual Studio 2013: supported. + * - GCC, x86-64, target not explicitly supporting AESNI: + * requires MBEDTLS_HAVE_ASM. + * - GCC, x86-32, target not explicitly supporting AESNI: + * not supported. + * - GCC, x86-64 or x86-32, target supporting AESNI: supported. + * For this assembly-less implementation, you must currently compile + * `library/aesni.c` and `library/aes.c` with machine options to enable + * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or + * `clang -maes -mpclmul`. + * - Non-x86 targets: this option is silently ignored. + * - Other compilers: this option is silently ignored. + * + * \note + * Above, "GCC" includes compatible compilers such as Clang. + * The limitations on target support are likely to be relaxed in the future. * * Module: library/aesni.c * Caller: library/aes.c * - * Requires: MBEDTLS_HAVE_ASM + * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) * - * This modules adds support for the AES-NI instructions on x86-64 + * This modules adds support for the AES-NI instructions on x86. */ #define MBEDTLS_AESNI_C @@ -2409,7 +2558,7 @@ * MBEDTLS_TLS_PSK_WITH_RC4_128_SHA * * \warning ARC4 is considered a weak cipher and its use constitutes a - * security risk. If possible, we recommend avoidng dependencies on + * security risk. If possible, we recommend avoiding dependencies on * it, and considering stronger ciphers instead. * */ @@ -2722,7 +2871,7 @@ * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers instead. */ #define MBEDTLS_DES_C @@ -2902,7 +3051,7 @@ * * Requires: MBEDTLS_MD_C * - * Uncomment to enable the HMAC_DRBG random number geerator. + * Uncomment to enable the HMAC_DRBG random number generator. */ #define MBEDTLS_HMAC_DRBG_C @@ -2997,7 +3146,7 @@ * Module: library/memory_buffer_alloc.c * * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) * * Enable this module to enable the buffer memory allocator. */ @@ -3014,7 +3163,7 @@ * * \note See also our Knowledge Base article about porting to a new * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS * * Module: library/net_sockets.c * @@ -3096,7 +3245,7 @@ /** * \def MBEDTLS_PK_C * - * Enable the generic public (asymetric) key layer. + * Enable the generic public (asymmetric) key layer. * * Module: library/pk.c * Caller: library/ssl_tls.c @@ -3112,7 +3261,7 @@ /** * \def MBEDTLS_PK_PARSE_C * - * Enable the generic public (asymetric) key parser. + * Enable the generic public (asymmetric) key parser. * * Module: library/pkparse.c * Caller: library/x509_crt.c @@ -3127,7 +3276,7 @@ /** * \def MBEDTLS_PK_WRITE_C * - * Enable the generic public (asymetric) key writer. + * Enable the generic public (asymmetric) key writer. * * Module: library/pkwrite.c * Caller: library/x509write.c @@ -3384,7 +3533,8 @@ * Module: library/ssl_ticket.c * Caller: * - * Requires: MBEDTLS_CIPHER_C + * Requires: MBEDTLS_CIPHER_C && + * ( MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C ) */ #define MBEDTLS_SSL_TICKET_C @@ -3436,11 +3586,11 @@ * \def MBEDTLS_THREADING_C * * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that + * By default Mbed TLS assumes it is used in a non-threaded environment or that * contexts are not shared between threads. If you do intend to use contexts * between threads, you will need to enable this layer to prevent race * conditions. See also our Knowledge Base article about threading: - * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading + * https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading * * Module: library/threading.c * @@ -3450,7 +3600,7 @@ * You will have to enable either MBEDTLS_THREADING_ALT or * MBEDTLS_THREADING_PTHREAD. * - * Enable this layer to allow use of mutexes within mbed TLS + * Enable this layer to allow use of mutexes within Mbed TLS */ //#define MBEDTLS_THREADING_C @@ -3466,9 +3616,13 @@ * your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * + * \note The timing module will include time.h on suitable platforms + * regardless of the setting of MBEDTLS_HAVE_TIME, unless + * MBEDTLS_TIMING_ALT is used. See timing.c for more information. + * * \note See also our Knowledge Base article about porting to a new * environment: - * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS + * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS * * Module: library/timing.c * Caller: library/havege.c @@ -3598,7 +3752,88 @@ */ #define MBEDTLS_XTEA_C -/* \} name SECTION: mbed TLS modules */ +/** \} name SECTION: Mbed TLS modules */ + +/** + * \name SECTION: General configuration options + * + * This section contains Mbed TLS build settings that are not associated + * with a particular module. + * + * \{ + */ + +/** + * \def MBEDTLS_CONFIG_FILE + * + * If defined, this is a header which will be included instead of + * `"mbedtls/config.h"`. + * This header file specifies the compile-time configuration of Mbed TLS. + * Unlike other configuration options, this one must be defined on the + * compiler command line: a definition in `config.h` would have no effect. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_CONFIG_FILE "mbedtls/config.h" + +/** + * \def MBEDTLS_USER_CONFIG_FILE + * + * If defined, this is a header which will be included after + * `"mbedtls/config.h"` or #MBEDTLS_CONFIG_FILE. + * This allows you to modify the default configuration, including the ability + * to undefine options that are enabled by default. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_USER_CONFIG_FILE "/dev/null" + +/** + * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE + * + * If defined, this is a header which will be included instead of + * `"psa/crypto_config.h"`. + * This header file specifies which cryptographic mechanisms are available + * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and + * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" + +/** + * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE + * + * If defined, this is a header which will be included after + * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. + * This allows you to modify the default configuration, including the ability + * to undefine options that are enabled by default. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" + +/** \} name SECTION: General configuration options */ /** * \name SECTION: Module configuration options @@ -3609,14 +3844,18 @@ * * Our advice is to enable options and change their values here * only if you have a good reason and know the consequences. - * - * Please check the respective header file for documentation on these - * parameters (to prevent duplicate documentation). * \{ */ +/* The Doxygen documentation here is used when a user comments out a + * setting and runs doxygen themselves. On the other hand, when we typeset + * the full documentation including disabled settings, the documentation + * in specific modules' header files is used if present. When editing this + * file, make sure that each option is documented in exactly one place, + * plus optionally a same-line Doxygen comment here if there is a Doxygen + * comment in the specific module. */ /* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */ +//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ /* CTR_DRBG options */ @@ -3647,8 +3886,29 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ + +/** \def MBEDTLS_PLATFORM_STD_CALLOC + * + * Default allocator to use, can be undefined. + * It must initialize the allocated buffer memory to zeroes. + * The size of the buffer is the product of the two parameters. + * The calloc function returns either a null pointer or a pointer to the allocated space. + * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. + * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. + */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc + +/** \def MBEDTLS_PLATFORM_STD_FREE + * + * Default free to use, can be undefined. + * NULL is a valid parameter, and the function must do nothing. + * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). + */ +//#define MBEDTLS_PLATFORM_STD_FREE free //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ @@ -3661,10 +3921,10 @@ //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ @@ -3937,72 +4197,7 @@ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ -/** - * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake - * signature and ciphersuite selection. Without this build-time option, SHA-1 - * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes. - * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by - * default. At the time of writing, there is no practical attack on the use - * of SHA-1 in handshake signatures, hence this option is turned on by default - * to preserve compatibility with existing peers, but the general - * warning applies nonetheless: - * - * \warning SHA-1 is considered a weak message digest and its use constitutes - * a security risk. If possible, we recommend avoiding dependencies - * on it, and considering stronger message digests instead. - * - */ -//#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE - -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/** - * Enable the verified implementations of ECDH primitives from Project Everest - * (currently only Curve25519). This feature changes the layout of ECDH - * contexts and therefore is a compatibility break for applications that access - * fields of a mbedtls_ecdh_context structure directly. See also - * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. - */ -//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - -/* \} name SECTION: Customisation configuration options */ +/** \} name SECTION: Module configuration options */ /* Target and application specific configurations * diff --git a/third_party/mbedtls/repo/include/mbedtls/config_psa.h b/third_party/mbedtls/repo/include/mbedtls/config_psa.h index 189f6c21734..205d30343c4 100644 --- a/third_party/mbedtls/repo/include/mbedtls/config_psa.h +++ b/third_party/mbedtls/repo/include/mbedtls/config_psa.h @@ -7,33 +7,29 @@ * those definitions to define symbols used in the library code. * * Users and integrators should not edit this file, please edit - * include/mbedtls/config.h for MBETLS_XXX settings or + * include/mbedtls/config.h for MBEDTLS_XXX settings or * include/psa/crypto_config.h for PSA_WANT_XXX settings. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_PSA_H #define MBEDTLS_CONFIG_PSA_H #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) +#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE +#else #include "psa/crypto_config.h" +#endif #endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ +#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) +#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE +#endif + #ifdef __cplusplus extern "C" { #endif @@ -102,6 +98,10 @@ extern "C" { #if defined(PSA_WANT_ALG_HKDF) #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 #define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ @@ -264,12 +264,11 @@ extern "C" { #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ - (defined(PSA_WANT_ALG_XTS) && !defined(MBEDTLS_PSA_ACCEL_ALG_XTS)) || \ defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ (defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) #define PSA_HAVE_SOFT_BLOCK_MODE 1 #endif @@ -393,15 +392,8 @@ extern "C" { #endif #endif /* PSA_WANT_ALG_OFB */ -#if defined(PSA_WANT_ALG_XTS) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_XTS) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1 -#define MBEDTLS_CIPHER_MODE_XTS -#endif -#endif /* PSA_WANT_ALG_XTS */ - -#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 #endif @@ -446,6 +438,8 @@ extern "C" { #if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) #if defined(PSA_WANT_KEY_TYPE_CHACHA20) #define MBEDTLS_CHACHAPOLY_C +#define MBEDTLS_CHACHA20_C +#define MBEDTLS_POLY1305_C #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 #endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ @@ -483,7 +477,7 @@ extern "C" { #if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) /* * Curve448 is not yet supported via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/4249). + * (https://github.com/Mbed-TLS/mbedtls/issues/4249). */ #error "Curve448 is not yet supported via the PSA API in Mbed TLS." #define MBEDTLS_ECP_DP_CURVE448_ENABLED @@ -537,7 +531,7 @@ extern "C" { #if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) /* * SECP224K1 is buggy via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/3541). + * (https://github.com/Mbed-TLS/mbedtls/issues/3541). */ #error "SECP224K1 is buggy via the PSA API in Mbed TLS." #define MBEDTLS_ECP_DP_SECP224K1_ENABLED @@ -615,7 +609,7 @@ extern "C" { #if defined(MBEDTLS_MD_C) #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 #define PSA_WANT_ALG_HMAC 1 -#define PSA_WANT_KEY_TYPE_HMAC +#define PSA_WANT_KEY_TYPE_HMAC 1 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 @@ -751,76 +745,71 @@ extern "C" { #define PSA_WANT_ALG_OFB 1 #endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) -#define MBEDTLS_PSA_BUILTIN_ALG_XTS 1 -#define PSA_WANT_ALG_XTS 1 -#endif - #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 #endif #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 #endif #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 #endif #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 -#define PSA_WANT_ECC_MONTGOMERY_255 +#define PSA_WANT_ECC_MONTGOMERY_255 1 #endif -/* Curve448 is not yet supported via the PSA API (https://github.com/ARMmbed/mbedtls/issues/4249) */ +/* Curve448 is not yet supported via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/4249) */ #if 0 && defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 -#define PSA_WANT_ECC_MONTGOMERY_448 +#define PSA_WANT_ECC_MONTGOMERY_448 1 #endif #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 -#define PSA_WANT_ECC_SECP_R1_192 +#define PSA_WANT_ECC_SECP_R1_192 1 #endif #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 -#define PSA_WANT_ECC_SECP_R1_224 +#define PSA_WANT_ECC_SECP_R1_224 1 #endif #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 -#define PSA_WANT_ECC_SECP_R1_256 +#define PSA_WANT_ECC_SECP_R1_256 1 #endif #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 -#define PSA_WANT_ECC_SECP_R1_384 +#define PSA_WANT_ECC_SECP_R1_384 1 #endif #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 -#define PSA_WANT_ECC_SECP_R1_521 +#define PSA_WANT_ECC_SECP_R1_521 1 #endif #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 -#define PSA_WANT_ECC_SECP_K1_192 +#define PSA_WANT_ECC_SECP_K1_192 1 #endif -/* SECP224K1 is buggy via the PSA API (https://github.com/ARMmbed/mbedtls/issues/3541) */ +/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ #if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 -#define PSA_WANT_ECC_SECP_K1_224 +#define PSA_WANT_ECC_SECP_K1_224 1 #endif #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) #define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 -#define PSA_WANT_ECC_SECP_K1_256 +#define PSA_WANT_ECC_SECP_K1_256 1 #endif #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/third_party/mbedtls/repo/include/mbedtls/constant_time.h b/third_party/mbedtls/repo/include/mbedtls/constant_time.h index c5de57a01f0..7226ae1bcd2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/constant_time.h +++ b/third_party/mbedtls/repo/include/mbedtls/constant_time.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_H @@ -38,8 +26,8 @@ * \return Zero if the content of the two buffer is the same, * otherwise non-zero. */ -int mbedtls_ct_memcmp( const void *a, - const void *b, - size_t n ); +int mbedtls_ct_memcmp(const void *a, + const void *b, + size_t n); #endif /* MBEDTLS_CONSTANT_TIME_H */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ctr_drbg.h b/third_party/mbedtls/repo/include/mbedtls/ctr_drbg.h index dc4adc896d4..eb72f9ee97c 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ctr_drbg.h +++ b/third_party/mbedtls/repo/include/mbedtls/ctr_drbg.h @@ -23,19 +23,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CTR_DRBG_H @@ -80,8 +68,8 @@ */ #endif -#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ -#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */ +#define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8) /**< The key size for the DRBG operation, in bits. */ +#define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE) /**< The seed length, calculated as (counter + AES key). */ /** * \name SECTION: Module settings @@ -138,7 +126,7 @@ /**< The maximum size of seed or reseed buffer in bytes. */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #define MBEDTLS_CTR_DRBG_PR_OFF 0 /**< Prediction resistance is disabled. */ @@ -164,14 +152,13 @@ extern "C" { * the entropy source does not provide enough material to form a nonce. * See the documentation of mbedtls_ctr_drbg_seed() for more information. */ -#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 +#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2 #endif /** * \brief The CTR_DRBG context structure. */ -typedef struct mbedtls_ctr_drbg_context -{ +typedef struct mbedtls_ctr_drbg_context { unsigned char counter[16]; /*!< The counter (V). */ int reseed_counter; /*!< The reseed counter. * This is the number of requests that have @@ -199,7 +186,7 @@ typedef struct mbedtls_ctr_drbg_context * Callbacks (Entropy) */ int (*f_entropy)(void *, unsigned char *, size_t); - /*!< The entropy callback function. */ + /*!< The entropy callback function. */ void *p_entropy; /*!< The context for the entropy function. */ @@ -228,7 +215,7 @@ mbedtls_ctr_drbg_context; * * \param ctx The CTR_DRBG context to initialize. */ -void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); +void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx); /** * \brief This function seeds and sets up the CTR_DRBG @@ -329,11 +316,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ); * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. */ -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ); +int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len); /** * \brief This function resets CTR_DRBG context to the state immediately @@ -341,7 +328,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, * * \param ctx The CTR_DRBG context to clear. */ -void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); +void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx); /** * \brief This function turns prediction resistance on or off. @@ -356,8 +343,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ); * \param ctx The CTR_DRBG context. * \param resistance #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF. */ -void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, - int resistance ); +void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, + int resistance); /** * \brief This function sets the amount of entropy grabbed on each @@ -383,8 +370,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, * and at most the maximum length accepted by the * entropy function that is set in the context. */ -void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, - size_t len ); +void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, + size_t len); /** * \brief This function sets the amount of entropy grabbed @@ -405,8 +392,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * if the initial seeding has already taken place. */ -int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, - size_t len ); +int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, + size_t len); /** * \brief This function sets the reseed interval. @@ -420,8 +407,8 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, * \param ctx The CTR_DRBG context. * \param interval The reseed interval. */ -void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, - int interval ); +void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, + int interval); /** * \brief This function reseeds the CTR_DRBG context, that is @@ -443,8 +430,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure. */ -int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ); +int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, size_t len); /** * \brief This function updates the state of the CTR_DRBG context. @@ -466,9 +453,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. * \return An error from the underlying AES cipher on failure. */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ); +int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len); /** * \brief This function updates a CTR_DRBG instance with additional @@ -501,9 +488,9 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. */ -int mbedtls_ctr_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, size_t add_len ); +int mbedtls_ctr_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len); /** * \brief This function uses CTR_DRBG to generate random data. @@ -529,11 +516,11 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure. */ -int mbedtls_ctr_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ); +int mbedtls_ctr_drbg_random(void *p_rng, + unsigned char *output, size_t output_len); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -557,7 +544,7 @@ int mbedtls_ctr_drbg_random( void *p_rng, MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, - size_t add_len ); + size_t add_len); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -573,7 +560,7 @@ MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed * failure. */ -int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); +int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path); /** * \brief This function reads and updates a seed file. The seed @@ -589,7 +576,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing * seed file is too large. */ -int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ); +int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #if defined(MBEDTLS_SELF_TEST) @@ -600,7 +587,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ctr_drbg_self_test( int verbose ); +int mbedtls_ctr_drbg_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/debug.h b/third_party/mbedtls/repo/include/mbedtls/debug.h index 3c08244f3da..c29c40eee7a 100644 --- a/third_party/mbedtls/repo/include/mbedtls/debug.h +++ b/third_party/mbedtls/repo/include/mbedtls/debug.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DEBUG_H #define MBEDTLS_DEBUG_H @@ -36,47 +24,47 @@ #if defined(MBEDTLS_DEBUG_C) -#define MBEDTLS_DEBUG_STRIP_PARENS( ... ) __VA_ARGS__ +#define MBEDTLS_DEBUG_STRIP_PARENS(...) __VA_ARGS__ -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) \ - mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, \ - MBEDTLS_DEBUG_STRIP_PARENS args ) +#define MBEDTLS_SSL_DEBUG_MSG(level, args) \ + mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__, \ + MBEDTLS_DEBUG_STRIP_PARENS args) -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \ - mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ) +#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) \ + mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret) -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \ - mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ) +#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) \ + mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len) #if defined(MBEDTLS_BIGNUM_C) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \ - mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ) +#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) \ + mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X) #endif #if defined(MBEDTLS_ECP_C) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \ - mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ) +#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) \ + mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X) #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \ - mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) +#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) \ + mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt) #endif #if defined(MBEDTLS_ECDH_C) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ - mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) +#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) \ + mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr) #endif #else /* MBEDTLS_DEBUG_C */ -#define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) -#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0) +#define MBEDTLS_SSL_DEBUG_RET(level, text, ret) do { } while (0) +#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len) do { } while (0) +#define MBEDTLS_SSL_DEBUG_MPI(level, text, X) do { } while (0) +#define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0) +#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0) +#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0) #endif /* MBEDTLS_DEBUG_C */ @@ -96,7 +84,7 @@ #if __has_attribute(format) #if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ - __attribute__((__format__ (gnu_printf, string_index, first_to_check))) + __attribute__((__format__(gnu_printf, string_index, first_to_check))) #else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ __attribute__((format(printf, string_index, first_to_check))) @@ -124,10 +112,12 @@ #include #define MBEDTLS_PRINTF_SIZET PRIuPTR #define MBEDTLS_PRINTF_LONGLONG "I64d" -#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#else \ + /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #define MBEDTLS_PRINTF_SIZET "zu" #define MBEDTLS_PRINTF_LONGLONG "lld" -#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#endif \ + /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #ifdef __cplusplus extern "C" { @@ -139,7 +129,7 @@ extern "C" { * discarded. * (Default value: 0 = No debug ) * - * \param threshold theshold level of messages to filter on. Messages at a + * \param threshold threshold level of messages to filter on. Messages at a * higher level will be discarded. * - Debug levels * - 0 No debug @@ -148,7 +138,7 @@ extern "C" { * - 3 Informational * - 4 Verbose */ -void mbedtls_debug_set_threshold( int threshold ); +void mbedtls_debug_set_threshold(int threshold); /** * \brief Print a message to the debug output. This function is always used @@ -165,9 +155,9 @@ void mbedtls_debug_set_threshold( int threshold ); * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); +void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); /** * \brief Print the return value of a function to the debug output. This @@ -184,9 +174,9 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ); +void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret); /** * \brief Output a buffer of size len bytes to the debug output. This function @@ -205,9 +195,9 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ); +void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len); #if defined(MBEDTLS_BIGNUM_C) /** @@ -226,9 +216,9 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ); +void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X); #endif #if defined(MBEDTLS_ECP_C) @@ -248,9 +238,9 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ); +void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X); #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -269,14 +259,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ); +void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt); #endif #if defined(MBEDTLS_ECDH_C) -typedef enum -{ +typedef enum { MBEDTLS_DEBUG_ECDH_Q, MBEDTLS_DEBUG_ECDH_QP, MBEDTLS_DEBUG_ECDH_Z, @@ -298,10 +287,10 @@ typedef enum * \attention This function is intended for INTERNAL usage within the * library only. */ -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ); +void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr); #endif #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/des.h b/third_party/mbedtls/repo/include/mbedtls/des.h index 325aab53644..031b9cf2718 100644 --- a/third_party/mbedtls/repo/include/mbedtls/des.h +++ b/third_party/mbedtls/repo/include/mbedtls/des.h @@ -3,25 +3,13 @@ * * \brief DES block cipher * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_DES_H @@ -60,21 +48,23 @@ extern "C" { /** * \brief DES context structure * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ -typedef struct mbedtls_des_context -{ +typedef struct mbedtls_des_context { uint32_t sk[32]; /*!< DES subkeys */ } mbedtls_des_context; /** * \brief Triple-DES context structure + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ -typedef struct mbedtls_des3_context -{ +typedef struct mbedtls_des3_context { uint32_t sk[96]; /*!< 3DES subkeys */ } mbedtls_des3_context; @@ -88,36 +78,44 @@ mbedtls_des3_context; * * \param ctx DES context to be initialized * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_init( mbedtls_des_context *ctx ); +void mbedtls_des_init(mbedtls_des_context *ctx); /** * \brief Clear DES context * * \param ctx DES context to be cleared * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_free( mbedtls_des_context *ctx ); +void mbedtls_des_free(mbedtls_des_context *ctx); /** * \brief Initialize Triple-DES context * * \param ctx DES3 context to be initialized + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ -void mbedtls_des3_init( mbedtls_des3_context *ctx ); +void mbedtls_des3_init(mbedtls_des3_context *ctx); /** * \brief Clear Triple-DES context * * \param ctx DES3 context to be cleared + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ -void mbedtls_des3_free( mbedtls_des3_context *ctx ); +void mbedtls_des3_free(mbedtls_des3_context *ctx); /** * \brief Set key parity on the given key to odd. @@ -127,11 +125,11 @@ void mbedtls_des3_free( mbedtls_des3_context *ctx ); * * \param key 8-byte secret key * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Check that key parity on the given key is odd. @@ -143,12 +141,12 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ); * * \return 0 is parity was ok, 1 if parity was not correct. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Check that key is not a weak or semi-weak DES key @@ -157,12 +155,12 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI * * \return 0 if no weak key was found, 1 if a weak key was identified. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief DES key schedule (56-bit, encryption) @@ -172,12 +170,12 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); * * \return 0 * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief DES key schedule (56-bit, decryption) @@ -187,12 +185,12 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB * * \return 0 * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -201,10 +199,14 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB * \param key 16-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); /** * \brief Triple-DES key schedule (112-bit, decryption) @@ -213,10 +215,14 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, * \param key 16-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ); +int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -225,10 +231,14 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, * \param key 24-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); /** * \brief Triple-DES key schedule (168-bit, decryption) @@ -237,10 +247,14 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, * \param key 24-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ); +int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); /** * \brief DES-ECB block encryption/decryption @@ -251,14 +265,14 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, * * \return 0 if successful * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -279,17 +293,17 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, * \param input buffer holding the input data * \param output buffer holding the output data * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); +int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ /** @@ -300,11 +314,15 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, * \param output 64-bit output block * * \return 0 if successful + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -326,14 +344,18 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, * \param output buffer holding the output data * * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); +int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ /** @@ -344,12 +366,12 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, * \param SK Round keys * \param key Base key * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ -void mbedtls_des_setkey( uint32_t SK[32], - const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); +void mbedtls_des_setkey(uint32_t SK[32], + const unsigned char key[MBEDTLS_DES_KEY_SIZE]); #if defined(MBEDTLS_SELF_TEST) @@ -359,7 +381,7 @@ void mbedtls_des_setkey( uint32_t SK[32], * \return 0 if successful, or 1 if the test failed */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_des_self_test( int verbose ); +int mbedtls_des_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/dhm.h b/third_party/mbedtls/repo/include/mbedtls/dhm.h index c4b15a2c452..b61e4d4ef95 100644 --- a/third_party/mbedtls/repo/include/mbedtls/dhm.h +++ b/third_party/mbedtls/repo/include/mbedtls/dhm.h @@ -45,19 +45,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DHM_H @@ -108,8 +96,7 @@ extern "C" { /** * \brief The DHM context structure. */ -typedef struct mbedtls_dhm_context -{ +typedef struct mbedtls_dhm_context { size_t len; /*!< The size of \p P in Bytes. */ mbedtls_mpi P; /*!< The prime modulus. */ mbedtls_mpi G; /*!< The generator. */ @@ -133,7 +120,7 @@ mbedtls_dhm_context; * * \param ctx The DHM context to initialize. */ -void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); +void mbedtls_dhm_init(mbedtls_dhm_context *ctx); /** * \brief This function parses the DHM parameters in a @@ -157,9 +144,9 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, - unsigned char **p, - const unsigned char *end ); +int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, + unsigned char **p, + const unsigned char *end); /** * \brief This function generates a DHM key pair and exports its @@ -193,10 +180,10 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function sets the prime modulus and generator. @@ -213,9 +200,9 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, - const mbedtls_mpi *P, - const mbedtls_mpi *G ); +int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, + const mbedtls_mpi *P, + const mbedtls_mpi *G); /** * \brief This function imports the raw public value of the peer. @@ -233,8 +220,8 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, - const unsigned char *input, size_t ilen ); +int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, + const unsigned char *input, size_t ilen); /** * \brief This function creates a DHM key pair and exports @@ -260,10 +247,10 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function derives and exports the shared secret @@ -291,10 +278,10 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ -int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, - unsigned char *output, size_t output_size, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function frees and clears the components @@ -304,7 +291,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, * in which case this function is a no-op. If it is not \c NULL, * it must point to an initialized DHM context. */ -void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); +void mbedtls_dhm_free(mbedtls_dhm_context *ctx); #if defined(MBEDTLS_ASN1_PARSE_C) /** @@ -321,8 +308,8 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error * code on failure. */ -int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, - size_t dhminlen ); +int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, + size_t dhminlen); #if defined(MBEDTLS_FS_IO) /** @@ -337,7 +324,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX * error code on failure. */ -int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); +int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -349,7 +336,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_dhm_self_test( int verbose ); +int mbedtls_dhm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus @@ -426,7 +413,7 @@ int mbedtls_dhm_self_test( int verbose ); "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ - "CF9DE5384E71B81C0AC4DFFE0C10E64F" ) + "CF9DE5384E71B81C0AC4DFFE0C10E64F") /** * The hexadecimal presentation of the chosen generator of the 2048-bit MODP @@ -445,7 +432,7 @@ int mbedtls_dhm_self_test( int verbose ); "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" \ "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269" \ "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" \ - "81BC087F2A7065B384B890D3191F2BFA" ) + "81BC087F2A7065B384B890D3191F2BFA") /** * The hexadecimal presentation of the prime underlying the 2048-bit MODP @@ -470,7 +457,7 @@ int mbedtls_dhm_self_test( int verbose ); "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ - "15728E5A8AACAA68FFFFFFFFFFFFFFFF" ) + "15728E5A8AACAA68FFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 2048-bit MODP @@ -478,7 +465,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_2048_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") /** * The hexadecimal presentation of the prime underlying the 3072-bit MODP @@ -502,7 +489,7 @@ int mbedtls_dhm_self_test( int verbose ); "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ - "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" ) + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 3072-bit MODP @@ -510,7 +497,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_3072_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") /** * The hexadecimal presentation of the prime underlying the 4096-bit MODP @@ -540,7 +527,7 @@ int mbedtls_dhm_self_test( int verbose ); "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" \ "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" \ "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" \ - "FFFFFFFFFFFFFFFF" ) + "FFFFFFFFFFFFFFFF") /** * The hexadecimal presentation of the chosen generator of the 4096-bit MODP @@ -548,7 +535,7 @@ int mbedtls_dhm_self_test( int verbose ); * Diffie-Hellman groups for Internet Key Exchange (IKE). */ #define MBEDTLS_DHM_RFC3526_MODP_4096_G \ - MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" ) + MBEDTLS_DEPRECATED_STRING_CONSTANT("02") #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -557,546 +544,546 @@ int mbedtls_dhm_self_test( int verbose ); */ #define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ - 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ - 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ - 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ - 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ - 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ - 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ - 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ - 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ - 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ - 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ - 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ + 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ + 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ + 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ + 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ + 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ + 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ + 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ + 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ + 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ + 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ + 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ + 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ + 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ + 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ - 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ - 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ - 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ - 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ - 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ - 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ - 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ - 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ - 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ - 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ - 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ - 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ - 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ - 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ - 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ - 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ - 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ - 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ - 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ - 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ - 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ - 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ - 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ - 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ - 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ - 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ - 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ - 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ - 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ - 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \ - 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \ - 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \ - 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \ - 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \ - 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \ - 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \ - 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \ - 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \ - 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \ - 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \ - 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \ - 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \ - 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \ - 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \ - 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \ - 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \ + 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \ + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \ + 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \ + 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \ + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \ + 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \ + 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \ + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \ + 0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \ + 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \ + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \ + 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \ + 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \ + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \ + 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \ + 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \ + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \ + 0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \ + 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \ + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \ + 0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \ + 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \ + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \ + 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \ + 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \ + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \ + 0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \ + 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \ + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \ + 0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \ + 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \ + 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \ + 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \ + 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \ + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \ + 0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \ + 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \ + 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \ + 0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \ + 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \ + 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \ + 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \ + 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \ + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \ + 0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01, \ + 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, \ + 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, \ + 0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C, \ + 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, \ + 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, \ + 0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9, \ + 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, \ + 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, \ + 0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2, \ + 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, \ + 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, \ + 0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C, \ + 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, \ + 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, \ + 0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F, \ + 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, } #define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ - 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ - 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ - 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ - 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ - 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ - 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ - 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ - 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ - 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ - 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ - 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ - 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ - 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ - 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ - 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ - 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ - 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ - 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ - 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ - 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ - 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ - 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ - 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ - 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ - 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ - 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ - 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ - 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ - 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ - 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ - 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ - 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ + 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ + 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ + 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ + 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ + 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ + 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ + 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ + 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ + 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ + 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ + 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ + 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ + 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ + 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ + 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ + 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ + 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ + 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ + 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ + 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ + 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ + 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ + 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ + 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ + 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ + 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ + 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ + 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ + 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ + 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ + 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ + 0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 } #define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN { \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ - 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ - 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ - 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ - 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ - 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ - 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ - 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ - 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ - 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ - 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ - 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ - 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ - 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ - 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ - 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ - 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ - 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ - 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ - 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ - 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ - 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ - 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ - 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ - 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ - 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ - 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ - 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ - 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ - 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ - 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ - 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ - 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ - 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ - 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ - 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ - 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ - 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ - 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ - 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ - 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ - 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ - 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ - 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ - 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ - 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ - 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ - 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ - 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ - 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ - 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ - 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ - 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ - 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ - 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ - 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ - 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ - 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ - 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ - 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ - 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ - 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ - 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ - 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ - 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \ - 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \ - 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \ - 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \ - 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \ - 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \ - 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \ - 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \ - 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \ - 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \ - 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \ - 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \ - 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \ - 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \ - 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \ - 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \ - 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \ - 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \ - 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \ - 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \ - 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \ - 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \ - 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \ - 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \ - 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \ - 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \ - 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \ - 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \ - 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \ - 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \ - 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \ - 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \ - 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ + 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \ + 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \ + 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \ + 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \ + 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \ + 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \ + 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \ + 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \ + 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \ + 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \ + 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \ + 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \ + 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \ + 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \ + 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \ + 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \ + 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \ + 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \ + 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \ + 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \ + 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \ + 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \ + 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \ + 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \ + 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \ + 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \ + 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \ + 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \ + 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \ + 0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \ + 0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \ + 0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \ + 0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \ + 0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \ + 0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \ + 0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \ + 0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \ + 0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \ + 0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \ + 0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \ + 0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \ + 0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \ + 0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \ + 0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \ + 0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \ + 0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \ + 0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \ + 0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \ + 0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \ + 0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \ + 0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \ + 0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \ + 0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \ + 0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \ + 0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \ + 0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \ + 0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \ + 0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \ + 0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \ + 0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \ + 0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \ + 0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \ + 0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \ + 0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \ + 0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \ + 0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \ + 0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \ + 0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \ + 0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \ + 0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \ + 0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \ + 0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \ + 0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \ + 0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \ + 0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \ + 0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \ + 0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \ + 0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \ + 0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \ + 0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \ + 0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \ + 0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \ + 0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \ + 0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \ + 0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \ + 0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \ + 0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \ + 0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \ + 0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \ + 0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \ + 0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \ + 0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \ + 0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \ + 0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \ + 0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \ + 0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \ + 0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \ + 0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \ + 0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \ + 0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \ + 0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \ + 0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \ + 0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \ + 0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \ + 0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \ + 0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \ + 0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \ + 0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \ + 0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \ + 0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \ + 0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \ + 0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \ + 0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \ + 0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \ + 0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \ + 0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \ + 0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \ + 0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \ + 0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \ + 0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \ + 0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \ + 0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \ + 0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \ + 0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \ + 0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \ + 0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \ + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } #define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 } diff --git a/third_party/mbedtls/repo/include/mbedtls/ecdh.h b/third_party/mbedtls/repo/include/mbedtls/ecdh.h index 05855cdf10b..6cc6cb92a77 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ecdh.h +++ b/third_party/mbedtls/repo/include/mbedtls/ecdh.h @@ -14,19 +14,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDH_H @@ -52,8 +40,7 @@ extern "C" { /** * Defines the source of the imported EC key. */ -typedef enum -{ +typedef enum { MBEDTLS_ECDH_OURS, /**< Our key. */ MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */ } mbedtls_ecdh_side; @@ -65,8 +52,7 @@ typedef enum * Later versions of the library may add new variants, therefore users should * not make any assumptions about them. */ -typedef enum -{ +typedef enum { MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) @@ -81,8 +67,7 @@ typedef enum * should not make any assumptions about the structure of * mbedtls_ecdh_context_mbed. */ -typedef struct mbedtls_ecdh_context_mbed -{ +typedef struct mbedtls_ecdh_context_mbed { mbedtls_ecp_group grp; /*!< The elliptic curve used. */ mbedtls_mpi d; /*!< The private key. */ mbedtls_ecp_point Q; /*!< The public key. */ @@ -101,8 +86,7 @@ typedef struct mbedtls_ecdh_context_mbed * should not be shared between multiple threads. * \brief The ECDH context structure. */ -typedef struct mbedtls_ecdh_context -{ +typedef struct mbedtls_ecdh_context { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) mbedtls_ecp_group grp; /*!< The elliptic curve used. */ mbedtls_mpi d; /*!< The private key. */ @@ -119,24 +103,23 @@ typedef struct mbedtls_ecdh_context #endif /* MBEDTLS_ECP_RESTARTABLE */ #else uint8_t point_format; /*!< The format of point export in TLS messages - as defined in RFC 4492. */ + as defined in RFC 4492. */ mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */ mbedtls_ecdh_variant var; /*!< The ECDH implementation/structure used. */ - union - { + union { mbedtls_ecdh_context_mbed mbed_ecdh; #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) mbedtls_ecdh_context_everest everest_ecdh; #endif } ctx; /*!< Implementation-specific context. The - context in use is specified by the \c var - field. */ + context in use is specified by the \c var + field. */ #if defined(MBEDTLS_ECP_RESTARTABLE) uint8_t restart_enabled; /*!< The flag for restartable mode. Functions of - an alternative implementation not supporting - restartable mode must return - MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error - if this flag is set. */ + an alternative implementation not supporting + restartable mode must return + MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error + if this flag is set. */ #endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ } @@ -149,7 +132,7 @@ mbedtls_ecdh_context; * * \return \c 1 if the group can be used, \c 0 otherwise */ -int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); +int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid); /** * \brief This function generates an ECDH keypair on an elliptic @@ -176,9 +159,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ); * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function computes the shared secret. @@ -214,17 +197,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function initializes an ECDH context. * * \param ctx The ECDH context to initialize. This must not be \c NULL. */ -void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx); /** * \brief This function sets up the ECDH context with the information @@ -242,8 +225,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); * * \return \c 0 on success. */ -int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, - mbedtls_ecp_group_id grp_id ); +int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, + mbedtls_ecp_group_id grp_id); /** * \brief This function frees a context. @@ -252,7 +235,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, * case this function does nothing. If it is not \c NULL, * it must point to an initialized ECDH context. */ -void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx); /** * \brief This function generates an EC key pair and exports its @@ -279,10 +262,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function parses the ECDHE parameters in a @@ -308,9 +291,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, - const unsigned char *end ); +int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, + const unsigned char **buf, + const unsigned char *end); /** * \brief This function sets up an ECDH context from an EC key. @@ -331,9 +314,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ); +int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side); /** * \brief This function generates a public key and exports it @@ -361,10 +344,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function parses and processes the ECDHE payload of a @@ -385,8 +368,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ); +int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen); /** * \brief This function derives and exports the shared secret. @@ -418,10 +401,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ -int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -436,7 +419,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, * * \param ctx The ECDH context to use. This must be initialized. */ -void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ); +void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/ecdsa.h b/third_party/mbedtls/repo/include/mbedtls/ecdsa.h index 264a638bb52..34a6b13d2e5 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ecdsa.h +++ b/third_party/mbedtls/repo/include/mbedtls/ecdsa.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDSA_H @@ -56,13 +44,13 @@ * * For each of r and s, the value (V) may include an extra initial "0" bit. */ -#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) \ - ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) + \ - /*T,L of r,s*/ 2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) + \ - /*V of r,s*/ ( ( bits ) + 8 ) / 8 ) ) +#define MBEDTLS_ECDSA_MAX_SIG_LEN(bits) \ + (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) + \ + /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) + \ + /*V of r,s*/ ((bits) + 8) / 8)) /** The maximal size of an ECDSA signature in Bytes. */ -#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS ) +#define MBEDTLS_ECDSA_MAX_LEN MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS) #ifdef __cplusplus extern "C" { @@ -105,8 +93,7 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx; /** * \brief General context for resuming ECDSA operations */ -typedef struct -{ +typedef struct { mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and shared administrative info */ mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */ @@ -131,7 +118,7 @@ typedef void mbedtls_ecdsa_restart_ctx; * * \return \c 1 if the group can be used, \c 0 otherwise */ -int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); +int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid); /** * \brief This function computes the ECDSA signature of a @@ -169,12 +156,12 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ); * \return An \c MBEDTLS_ERR_ECP_XXX * or \c MBEDTLS_MPI_XXX error code on failure. */ -int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -228,10 +215,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -267,19 +254,20 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, * \param md_alg The hash algorithm used to hash the original data. * \param f_rng_blind The RNG function used for blinding. This must not be * \c NULL. - * \param p_rng_blind The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng doesn't need a context parameter. + * \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This + * may be \c NULL if \p f_rng_blind doesn't need + * a context parameter. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind ); +int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** @@ -309,15 +297,13 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, * This must be initialized. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the signature - * is invalid. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX - * error code on failure for any other reason. + * error code on failure. */ -int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, const mbedtls_mpi *r, - const mbedtls_mpi *s); +int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, + const mbedtls_mpi *s); /** * \brief This function computes the ECDSA signature and writes it @@ -347,7 +333,7 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param md_alg The message digest that was used to hash the message. * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. + * buffer of length \p hlen Bytes. * \param hlen The length of the hash \p hash in Bytes. * \param sig The buffer to which to write the signature. This must be a * writable buffer of length at least twice as large as the @@ -367,12 +353,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function computes the ECDSA signature and writes it @@ -389,7 +375,7 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param md_alg The message digest that was used to hash the message. * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. + * buffer of length \p hlen Bytes. * \param hlen The length of the hash \p hash in Bytes. * \param sig The buffer to which to write the signature. This must be a * writable buffer of length at least twice as large as the @@ -413,16 +399,16 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecdsa_restart_ctx *rs_ctx ); +int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -456,7 +442,7 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, * and have a group and private key bound to it, for example * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. + * buffer of length \p hlen Bytes. * \param hlen The length of the hash \p hash in Bytes. * \param sig The buffer to which to write the signature. This must be a * writable buffer of length at least twice as large as the @@ -471,10 +457,10 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED; +int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -493,7 +479,7 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to use. This must be initialized * and have a group and public key bound to it. * \param hash The message hash that was signed. This must be a readable - * buffer of length \p size Bytes. + * buffer of length \p hlen Bytes. * \param hlen The size of the hash \p hash. * \param sig The signature to read and verify. This must be a readable * buffer of length \p slen Bytes. @@ -506,9 +492,9 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * error code on failure for any other reason. */ -int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen ); +int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen); /** * \brief This function reads and verifies an ECDSA signature, @@ -523,7 +509,7 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to use. This must be initialized * and have a group and public key bound to it. * \param hash The message hash that was signed. This must be a readable - * buffer of length \p size Bytes. + * buffer of length \p hlen Bytes. * \param hlen The size of the hash \p hash. * \param sig The signature to read and verify. This must be a readable * buffer of length \p slen Bytes. @@ -541,10 +527,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX * error code on failure for any other reason. */ -int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen, - mbedtls_ecdsa_restart_ctx *rs_ctx ); +int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx); /** * \brief This function generates an ECDSA keypair on the given curve. @@ -562,8 +548,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. */ -int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief This function sets up an ECDSA context from an EC key pair. @@ -580,8 +566,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. */ -int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, - const mbedtls_ecp_keypair *key ); +int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, + const mbedtls_ecp_keypair *key); /** * \brief This function initializes an ECDSA context. @@ -589,7 +575,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to initialize. * This must not be \c NULL. */ -void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); +void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx); /** * \brief This function frees an ECDSA context. @@ -598,7 +584,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); * in which case this function does nothing. If it * is not \c NULL, it must be initialized. */ -void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); +void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -607,7 +593,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); * \param ctx The restart context to initialize. * This must not be \c NULL. */ -void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); +void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx); /** * \brief Free the components of a restart context. @@ -616,7 +602,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); * in which case this function does nothing. If it * is not \c NULL, it must be initialized. */ -void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ); +void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/ecjpake.h b/third_party/mbedtls/repo/include/mbedtls/ecjpake.h index 891705d8c4f..1a9844249c7 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ecjpake.h +++ b/third_party/mbedtls/repo/include/mbedtls/ecjpake.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECJPAKE_H #define MBEDTLS_ECJPAKE_H @@ -68,11 +56,10 @@ typedef enum { * (KeyExchange) as defined by the Thread spec. * * In order to benefit from this symmetry, we choose a different naming - * convetion from the Thread v1.0 spec. Correspondance is indicated in the + * convention from the Thread v1.0 spec. Correspondence is indicated in the * description as a pair C: client name, S: server name */ -typedef struct mbedtls_ecjpake_context -{ +typedef struct mbedtls_ecjpake_context { const mbedtls_md_info_t *md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ mbedtls_ecjpake_role role; /**< Are we client or server? */ @@ -100,7 +87,7 @@ typedef struct mbedtls_ecjpake_context * \param ctx The ECJPAKE context to initialize. * This must not be \c NULL. */ -void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); +void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx); /** * \brief Set up an ECJPAKE context for use. @@ -123,12 +110,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, - mbedtls_ecjpake_role role, - mbedtls_md_type_t hash, - mbedtls_ecp_group_id curve, - const unsigned char *secret, - size_t len ); +int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, + mbedtls_ecjpake_role role, + mbedtls_md_type_t hash, + mbedtls_ecp_group_id curve, + const unsigned char *secret, + size_t len); /** * \brief Check if an ECJPAKE context is ready for use. @@ -139,7 +126,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, * \return \c 0 if the context is ready for use. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise. */ -int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); +int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx); /** * \brief Generate and write the first round message @@ -160,10 +147,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Read and process the first round message @@ -179,9 +166,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ); +int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len); /** * \brief Generate and write the second round message @@ -201,10 +188,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Read and process the second round message @@ -219,9 +206,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ); +int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len); /** * \brief Derive the shared secret @@ -241,10 +228,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This clears an ECJPAKE context and frees any @@ -254,7 +241,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, * in which case this function does nothing. If it is not * \c NULL, it must point to an initialized ECJPAKE context. */ -void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); +void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -263,7 +250,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_ecjpake_self_test( int verbose ); +int mbedtls_ecjpake_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ecp.h b/third_party/mbedtls/repo/include/mbedtls/ecp.h index 0924341e002..e4e40c003c7 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ecp.h +++ b/third_party/mbedtls/repo/include/mbedtls/ecp.h @@ -16,19 +16,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_H @@ -42,6 +30,11 @@ #include "mbedtls/bignum.h" +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + /* * ECP error codes */ @@ -117,8 +110,7 @@ extern "C" { * - Add the curve to the ecp_supported_curves array in ecp.c. * - Add the curve to applicable profiles in x509_crt.c if applicable. */ -typedef enum -{ +typedef enum { MBEDTLS_ECP_DP_NONE = 0, /*!< Curve not defined. */ MBEDTLS_ECP_DP_SECP192R1, /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */ MBEDTLS_ECP_DP_SECP224R1, /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */ @@ -145,8 +137,7 @@ typedef enum /* * Curve types */ -typedef enum -{ +typedef enum { MBEDTLS_ECP_TYPE_NONE = 0, MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS, /* y^2 = x^3 + a x + b */ MBEDTLS_ECP_TYPE_MONTGOMERY, /* y^2 = x^3 + a x^2 + x */ @@ -155,8 +146,7 @@ typedef enum /** * Curve information, for use by other modules. */ -typedef struct mbedtls_ecp_curve_info -{ +typedef struct mbedtls_ecp_curve_info { mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ uint16_t bit_size; /*!< The curve size in bits. */ @@ -174,8 +164,7 @@ typedef struct mbedtls_ecp_curve_info * Otherwise, \p X and \p Y are its standard (affine) * coordinates. */ -typedef struct mbedtls_ecp_point -{ +typedef struct mbedtls_ecp_point { mbedtls_mpi X; /*!< The X coordinate of the ECP point. */ mbedtls_mpi Y; /*!< The Y coordinate of the ECP point. */ mbedtls_mpi Z; /*!< The Z coordinate of the ECP point. */ @@ -218,7 +207,7 @@ mbedtls_ecp_point; #if !defined(MBEDTLS_ECP_ALT) /* - * default mbed TLS elliptic curve arithmetic implementation + * default Mbed TLS elliptic curve arithmetic implementation * * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an * alternative implementation for the whole module and it will replace this @@ -240,6 +229,27 @@ mbedtls_ecp_point; * odd prime as mbedtls_ecp_mul() requires an odd number, and * mbedtls_ecdsa_sign() requires that it is prime for blinding purposes. * + * The default implementation only initializes \p A without setting it to the + * authentic value for curves with A = -3(SECP256R1, etc), in which + * case you need to load \p A by yourself when using domain parameters directly, + * for example: + * \code + * mbedtls_mpi_init(&A); + * mbedtls_ecp_group_init(&grp); + * CHECK_RETURN(mbedtls_ecp_group_load(&grp, grp_id)); + * if (mbedtls_ecp_group_a_is_minus_3(&grp)) { + * CHECK_RETURN(mbedtls_mpi_sub_int(&A, &grp.P, 3)); + * } else { + * CHECK_RETURN(mbedtls_mpi_copy(&A, &grp.A)); + * } + * + * do_something_with_a(&A); + * + * cleanup: + * mbedtls_mpi_free(&A); + * mbedtls_ecp_group_free(&grp); + * \endcode + * * For Montgomery curves, we do not store \p A, but (A + 2) / 4, * which is the quantity used in the formulas. Additionally, \p nbits is * not the size of \p N but the required size for private keys. @@ -257,12 +267,14 @@ mbedtls_ecp_point; * identical. * */ -typedef struct mbedtls_ecp_group -{ +typedef struct mbedtls_ecp_group { mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */ - mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For - Montgomery curves: (A + 2) / 4. */ + mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. Note that + \p A is not set to the authentic value in some cases. + Refer to detailed description of ::mbedtls_ecp_group if + using domain parameters in the structure. + For Montgomery curves: (A + 2) / 4. */ mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation. For Montgomery curves: unused. */ mbedtls_ecp_point G; /*!< The generator of the subgroup used. */ @@ -309,13 +321,13 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_MAX_BITS 1 #endif -#define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 ) -#define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 ) +#define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8) +#define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1) #if !defined(MBEDTLS_ECP_WINDOW_SIZE) /* * Maximum "window" size used for point multiplication. - * Default: a point where higher memory usage yields disminishing performance + * Default: a point where higher memory usage yields diminishing performance * returns. * Minimum value: 2. Maximum value: 7. * @@ -351,7 +363,7 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up. */ #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #else /* MBEDTLS_ECP_ALT */ #include "ecp_alt.h" @@ -376,8 +388,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx; /** * \brief General context for resuming ECC operations */ -typedef struct -{ +typedef struct { unsigned ops_done; /*!< current ops count */ unsigned depth; /*!< call depth (0 = top-level) */ mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */ @@ -403,18 +414,18 @@ typedef struct * \return \c 0 if doing \p ops basic ops is still allowed, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise. */ -int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, - mbedtls_ecp_restart_ctx *rs_ctx, - unsigned ops ); +int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops); /* Utility macro for checking and updating ops budget */ -#define MBEDTLS_ECP_BUDGET( ops ) \ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \ - (unsigned) (ops) ) ); +#define MBEDTLS_ECP_BUDGET(ops) \ + MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \ + (unsigned) (ops))); #else /* MBEDTLS_ECP_RESTARTABLE */ -#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */ +#define MBEDTLS_ECP_BUDGET(ops) /* no-op; for compatibility */ /* We want to declare restartable versions of existing functions anyway */ typedef void mbedtls_ecp_restart_ctx; @@ -429,8 +440,7 @@ typedef void mbedtls_ecp_restart_ctx; * \note Members are deliberately in the same order as in the * ::mbedtls_ecdsa_context structure. */ -typedef struct mbedtls_ecp_keypair -{ +typedef struct mbedtls_ecp_keypair { mbedtls_ecp_group grp; /*!< Elliptic curve and base point */ mbedtls_mpi d; /*!< our secret value */ mbedtls_ecp_point Q; /*!< our public value */ @@ -506,7 +516,7 @@ mbedtls_ecp_keypair; * * \note This setting is currently ignored by Curve25519. */ -void mbedtls_ecp_set_max_ops( unsigned max_ops ); +void mbedtls_ecp_set_max_ops(unsigned max_ops); /** * \brief Check if restart is enabled (max_ops != 0) @@ -514,13 +524,13 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops ); * \return \c 0 if \c max_ops == 0 (restart disabled) * \return \c 1 otherwise (restart enabled) */ -int mbedtls_ecp_restart_is_enabled( void ); +int mbedtls_ecp_restart_is_enabled(void); #endif /* MBEDTLS_ECP_RESTARTABLE */ /* * Get the type of a curve */ -mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); +mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp); /** * \brief This function retrieves the information defined in @@ -534,7 +544,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ); * * \return A statically allocated array. The last entry is 0. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void); /** * \brief This function retrieves the list of internal group @@ -550,7 +560,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ); * \return A statically allocated array, * terminated with MBEDTLS_ECP_DP_NONE. */ -const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void); /** * \brief This function retrieves curve information from an internal @@ -561,7 +571,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ); * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id); /** * \brief This function retrieves curve information from a TLS @@ -572,7 +582,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id); /** * \brief This function retrieves curve information from a @@ -583,14 +593,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i * \return The associated curve information on success. * \return NULL on failure. */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ); +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name); /** * \brief This function initializes a point as zero. * * \param pt The point to initialize. */ -void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); +void mbedtls_ecp_point_init(mbedtls_ecp_point *pt); /** * \brief This function initializes an ECP group context @@ -601,21 +611,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ); * mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group() * functions. */ -void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ); +void mbedtls_ecp_group_init(mbedtls_ecp_group *grp); /** * \brief This function initializes a key pair as an invalid one. * * \param key The key pair to initialize. */ -void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ); +void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key); /** * \brief This function frees the components of a point. * * \param pt The point to free. */ -void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); +void mbedtls_ecp_point_free(mbedtls_ecp_point *pt); /** * \brief This function frees the components of an ECP group. @@ -624,7 +634,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized ECP group. */ -void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); +void mbedtls_ecp_group_free(mbedtls_ecp_group *grp); /** * \brief This function frees the components of a key pair. @@ -633,7 +643,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized ECP key pair. */ -void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); +void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key); #if defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -642,7 +652,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); * \param ctx The restart context to initialize. This must * not be \c NULL. */ -void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); +void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx); /** * \brief Free the components of a restart context. @@ -651,7 +661,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); * case this function returns immediately. If it is not * \c NULL, it must point to an initialized restart context. */ -void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); +void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx); #endif /* MBEDTLS_ECP_RESTARTABLE */ /** @@ -665,7 +675,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code for other kinds of failure. */ -int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); +int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q); /** * \brief This function copies the contents of group \p src into @@ -678,8 +688,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, - const mbedtls_ecp_group *src ); +int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, + const mbedtls_ecp_group *src); /** * \brief This function sets a point to the point at infinity. @@ -690,7 +700,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); +int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt); /** * \brief This function checks if a point is the point at infinity. @@ -701,7 +711,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); * \return \c 0 if the point is non-zero. * \return A negative error code on failure. */ -int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); +int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt); /** * \brief This function compares two points. @@ -715,8 +725,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); * \return \c 0 if the points are equal. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal. */ -int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ); +int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q); /** * \brief This function imports a non-zero point from two ASCII @@ -730,8 +740,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_MPI_XXX error code on failure. */ -int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, - const char *x, const char *y ); +int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, + const char *x, const char *y); /** * \brief This function exports a point into unsigned binary data. @@ -758,10 +768,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, * or the export for the given group is not implemented. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *P, - int format, size_t *olen, - unsigned char *buf, size_t buflen ); +int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *P, + int format, size_t *olen, + unsigned char *buf, size_t buflen); /** * \brief This function imports a point from unsigned binary data. @@ -785,9 +795,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the * given group is not implemented. */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P, - const unsigned char *buf, size_t ilen ); +int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P, + const unsigned char *buf, size_t ilen); /** * \brief This function imports a point from a TLS ECPoint record. @@ -807,9 +817,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, * failure. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t len); /** * \brief This function exports a point as a TLS ECPoint record @@ -833,10 +843,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, * is too small to hold the exported point. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt, - int format, size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt, + int format, size_t *olen, + unsigned char *buf, size_t blen); /** * \brief This function sets up an ECP group context @@ -855,7 +865,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, * correspond to a known group. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); +int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id); /** * \brief This function sets up an ECP group context from a TLS @@ -874,8 +884,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); * recognized. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, - const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len); /** * \brief This function extracts an elliptic curve group ID from a @@ -895,9 +905,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, * recognized. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, - const unsigned char **buf, - size_t len ); +int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, + const unsigned char **buf, + size_t len); /** * \brief This function exports an elliptic curve as a TLS * ECParameters record as defined in RFC 4492, Section 5.4. @@ -916,9 +926,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, * buffer is too small to hold the exported group. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, - size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, + size_t *olen, + unsigned char *buf, size_t blen); /** * \brief This function performs a scalar multiplication of a point @@ -956,9 +966,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief This function performs multiplication of a point by @@ -990,12 +1000,32 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * operations was reached: see \c mbedtls_ecp_set_max_ops(). * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ); +int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +/** + * \brief This function checks if domain parameter A of the curve is + * \c -3. + * + * \note This function is only defined for short Weierstrass curves. + * It may not be included in builds without any short + * Weierstrass curve. + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * + * \return \c 1 if A = -3. + * \return \c 0 Otherwise. + */ +static inline int mbedtls_ecp_group_a_is_minus_3(const mbedtls_ecp_group *grp) +{ + return grp->A.p == NULL; +} + /** * \brief This function performs multiplication and addition of two * points by integers: \p R = \p m * \p P + \p n * \p Q @@ -1031,9 +1061,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * designate a short Weierstrass curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); +int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q); /** * \brief This function performs multiplication and addition of two @@ -1076,10 +1106,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_muladd_restartable( - mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q, - mbedtls_ecp_restart_ctx *rs_ctx ); + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ /** @@ -1088,7 +1118,7 @@ int mbedtls_ecp_muladd_restartable( * * It only checks that the point is non-zero, has * valid coordinates and lies on the curve. It does not verify - * that it is indeed a multiple of \p G. This additional + * that it is indeed a multiple of \c G. This additional * check is computationally more expensive, is not required * by standards, and should not be necessary if the group * used has a small cofactor. In particular, it is useless for @@ -1109,11 +1139,11 @@ int mbedtls_ecp_muladd_restartable( * a valid public key for the given curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt ); +int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt); /** - * \brief This function checks that an \p mbedtls_mpi is a + * \brief This function checks that an \c mbedtls_mpi is a * valid private key for this curve. * * \note This function uses bare components rather than an @@ -1131,8 +1161,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, * private key for the given curve. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, - const mbedtls_mpi *d ); +int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, + const mbedtls_mpi *d); /** * \brief This function generates a private key. @@ -1149,10 +1179,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates a keypair with a configurable base @@ -1181,11 +1211,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates an ECP keypair. @@ -1210,10 +1240,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, - mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d, + mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function generates an ECP key. @@ -1228,9 +1258,9 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief This function reads an elliptic curve private key. @@ -1250,8 +1280,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * the group is not implemented. * \return Another negative error code on different kinds of failure. */ -int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - const unsigned char *buf, size_t buflen ); +int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + const unsigned char *buf, size_t buflen); /** * \brief This function exports an elliptic curve private key. @@ -1269,8 +1299,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * the group is not implemented. * \return Another negative error code on different kinds of failure. */ -int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, - unsigned char *buf, size_t buflen ); +int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, + unsigned char *buf, size_t buflen); /** * \brief This function checks that the keypair objects @@ -1289,8 +1319,8 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, * \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX * error code on calculation failure. */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, - const mbedtls_ecp_keypair *prv ); +int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, + const mbedtls_ecp_keypair *prv); #if defined(MBEDTLS_SELF_TEST) @@ -1300,7 +1330,7 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_ecp_self_test( int verbose ); +int mbedtls_ecp_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ecp_internal.h b/third_party/mbedtls/repo/include/mbedtls/ecp_internal.h index 6a47a8ff27e..f6af5cbca62 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ecp_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/ecp_internal.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -76,7 +64,7 @@ * * \return Non-zero if successful. */ -unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ); +unsigned char mbedtls_internal_ecp_grp_capable(const mbedtls_ecp_group *grp); /** * \brief Initialise the Elliptic Curve Point module extension. @@ -93,7 +81,7 @@ unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp ); * * \return 0 if successful. */ -int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ); +int mbedtls_internal_ecp_init(const mbedtls_ecp_group *grp); /** * \brief Frees and deallocates the Elliptic Curve Point module @@ -101,7 +89,7 @@ int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ); * * \param grp The pointer to the group the module was initialised for. */ -void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ); +void mbedtls_internal_ecp_free(const mbedtls_ecp_group *grp); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) @@ -121,9 +109,11 @@ void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ); * * \return 0 if successful. */ -int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_internal_ecp_randomize_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng); #endif #if defined(MBEDTLS_ECP_ADD_MIXED_ALT) @@ -166,9 +156,9 @@ int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp, * * \return 0 if successful. */ -int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ); +int mbedtls_internal_ecp_add_mixed(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q); #endif /** @@ -191,8 +181,8 @@ int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp, * \return 0 if successful. */ #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) -int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, const mbedtls_ecp_point *P ); +int mbedtls_internal_ecp_double_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, const mbedtls_ecp_point *P); #endif /** @@ -221,8 +211,8 @@ int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp, * an error if one of the points is zero. */ #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) -int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *T[], size_t t_len ); +int mbedtls_internal_ecp_normalize_jac_many(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *T[], size_t t_len); #endif /** @@ -239,8 +229,8 @@ int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * \return 0 if successful. */ #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) -int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt ); +int mbedtls_internal_ecp_normalize_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt); #endif #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -248,9 +238,12 @@ int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp, #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) -int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, mbedtls_ecp_point *S, const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d ); +int mbedtls_internal_ecp_double_add_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + mbedtls_ecp_point *S, + const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *d); #endif /** @@ -269,9 +262,11 @@ int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp, * \return 0 if successful */ #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) -int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_internal_ecp_randomize_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P, int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng); #endif /** @@ -285,8 +280,8 @@ int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp, * \return 0 if successful */ #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) -int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *P ); +int mbedtls_internal_ecp_normalize_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P); #endif #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ @@ -294,4 +289,3 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp, #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #endif /* ecp_internal.h */ - diff --git a/third_party/mbedtls/repo/include/mbedtls/entropy.h b/third_party/mbedtls/repo/include/mbedtls/entropy.h index deb3c50300b..096bff8bcb2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/entropy.h +++ b/third_party/mbedtls/repo/include/mbedtls/entropy.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_H #define MBEDTLS_ENTROPY_H @@ -75,7 +63,7 @@ #define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) #define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ @@ -105,15 +93,14 @@ extern "C" { * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise */ typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len, - size_t *olen); + size_t *olen); /** * \brief Entropy source state */ -typedef struct mbedtls_entropy_source_state -{ +typedef struct mbedtls_entropy_source_state { mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ - void * p_source; /**< The callback data pointer */ + void *p_source; /**< The callback data pointer */ size_t size; /**< Amount received in bytes */ size_t threshold; /**< Minimum bytes required before release */ int strong; /**< Is the source strong? */ @@ -123,8 +110,7 @@ mbedtls_entropy_source_state; /** * \brief Entropy context structure */ -typedef struct mbedtls_entropy_context -{ +typedef struct mbedtls_entropy_context { int accumulator_started; /* 0 after init. * 1 after the first update. * -1 after free. */ @@ -152,14 +138,14 @@ mbedtls_entropy_context; * * \param ctx Entropy context to initialize */ -void mbedtls_entropy_init( mbedtls_entropy_context *ctx ); +void mbedtls_entropy_init(mbedtls_entropy_context *ctx); /** * \brief Free the data in the context * * \param ctx Entropy context to free */ -void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); +void mbedtls_entropy_free(mbedtls_entropy_context *ctx); /** * \brief Adds an entropy source to poll @@ -178,9 +164,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); * * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES */ -int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, - mbedtls_entropy_f_source_ptr f_source, void *p_source, - size_t threshold, int strong ); +int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong); /** * \brief Trigger an extra gather poll for the accumulator @@ -190,7 +176,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, * * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); +int mbedtls_entropy_gather(mbedtls_entropy_context *ctx); /** * \brief Retrieve entropy from the accumulator @@ -203,7 +189,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ); * * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); +int mbedtls_entropy_func(void *data, unsigned char *output, size_t len); /** * \brief Add data to the accumulator manually @@ -215,8 +201,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ); * * \return 0 if successful */ -int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, - const unsigned char *data, size_t len ); +int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx, + const unsigned char *data, size_t len); #if defined(MBEDTLS_ENTROPY_NV_SEED) /** @@ -227,7 +213,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, * * \return 0 if successful */ -int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); +int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx); #endif /* MBEDTLS_ENTROPY_NV_SEED */ #if defined(MBEDTLS_FS_IO) @@ -241,7 +227,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ); * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ); +int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path); /** * \brief Read and update a seed file. Seed is added to this @@ -255,7 +241,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED */ -int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ); +int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #if defined(MBEDTLS_SELF_TEST) @@ -267,7 +253,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char * * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_entropy_self_test( int verbose ); +int mbedtls_entropy_self_test(int verbose); #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) /** @@ -283,7 +269,7 @@ int mbedtls_entropy_self_test( int verbose ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_entropy_source_self_test( int verbose ); +int mbedtls_entropy_source_self_test(int verbose); #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/entropy_poll.h b/third_party/mbedtls/repo/include/mbedtls/entropy_poll.h index e1d7491aa21..d7147b976b0 100644 --- a/third_party/mbedtls/repo/include/mbedtls/entropy_poll.h +++ b/third_party/mbedtls/repo/include/mbedtls/entropy_poll.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H @@ -48,16 +36,16 @@ extern "C" { * \brief Entropy poll callback that provides 0 entropy. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) - int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_null_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) /** * \brief Platform-specific entropy poll callback */ -int mbedtls_platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_platform_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_HAVEGE_C) @@ -66,29 +54,29 @@ int mbedtls_platform_entropy_poll( void *data, * * Requires an HAVEGE state as its data pointer. */ -int mbedtls_havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_havege_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_TIMING_C) /** * \brief mbedtls_timing_hardclock-based entropy poll callback */ -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_hardclock_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) /** * \brief Entropy poll callback for a hardware source * - * \warning This is not provided by mbed TLS! + * \warning This is not provided by Mbed TLS! * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h. * * \note This must accept NULL as its first argument. */ -int mbedtls_hardware_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_hardware_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) @@ -97,8 +85,8 @@ int mbedtls_hardware_poll( void *data, * * \note This must accept NULL as its first argument. */ -int mbedtls_nv_seed_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); +int mbedtls_nv_seed_poll(void *data, + unsigned char *output, size_t len, size_t *olen); #endif #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/error.h b/third_party/mbedtls/repo/include/mbedtls/error.h index 50f25385080..7a183733eeb 100644 --- a/third_party/mbedtls/repo/include/mbedtls/error.h +++ b/third_party/mbedtls/repo/include/mbedtls/error.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H @@ -30,7 +18,7 @@ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -127,15 +115,15 @@ extern "C" { * Wrapper macro for mbedtls_error_add(). See that function for * more details. */ -#define MBEDTLS_ERROR_ADD( high, low ) \ - mbedtls_error_add( high, low, __FILE__, __LINE__ ) +#define MBEDTLS_ERROR_ADD(high, low) \ + mbedtls_error_add(high, low, __FILE__, __LINE__) #if defined(MBEDTLS_TEST_HOOKS) /** * \brief Testing hook called before adding/combining two error codes together. * Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS. */ -extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif /** @@ -156,29 +144,30 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); * \param file file where this error code addition occurred. * \param line line where this error code addition occurred. */ -static inline int mbedtls_error_add( int high, int low, - const char *file, int line ) +static inline int mbedtls_error_add(int high, int low, + const char *file, int line) { #if defined(MBEDTLS_TEST_HOOKS) - if( *mbedtls_test_hook_error_add != NULL ) - ( *mbedtls_test_hook_error_add )( high, low, file, line ); + if (*mbedtls_test_hook_error_add != NULL) { + (*mbedtls_test_hook_error_add)(high, low, file, line); + } #endif - (void)file; - (void)line; + (void) file; + (void) line; - return( high + low ); + return high + low; } /** - * \brief Translate a mbed TLS error code into a string representation, - * Result is truncated if necessary and always includes a terminating - * null byte. + * \brief Translate an Mbed TLS error code into a string representation. + * The result is truncated if necessary and always includes a + * terminating null byte. * * \param errnum error code * \param buffer buffer to place representation in * \param buflen length of the buffer */ -void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); +void mbedtls_strerror(int errnum, char *buffer, size_t buflen); /** * \brief Translate the high-level part of an Mbed TLS error code into a string @@ -193,7 +182,7 @@ void mbedtls_strerror( int errnum, char *buffer, size_t buflen ); * \return The string representation of the error code, or \c NULL if the error * code is unknown. */ -const char * mbedtls_high_level_strerr( int error_code ); +const char *mbedtls_high_level_strerr(int error_code); /** * \brief Translate the low-level part of an Mbed TLS error code into a string @@ -208,7 +197,7 @@ const char * mbedtls_high_level_strerr( int error_code ); * \return The string representation of the error code, or \c NULL if the error * code is unknown. */ -const char * mbedtls_low_level_strerr( int error_code ); +const char *mbedtls_low_level_strerr(int error_code); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/gcm.h b/third_party/mbedtls/repo/include/mbedtls/gcm.h index 9723a17b65f..1ad0e9e96f4 100644 --- a/third_party/mbedtls/repo/include/mbedtls/gcm.h +++ b/third_party/mbedtls/repo/include/mbedtls/gcm.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_GCM_H @@ -63,8 +51,7 @@ extern "C" { /** * \brief The GCM context structure. */ -typedef struct mbedtls_gcm_context -{ +typedef struct mbedtls_gcm_context { mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ uint64_t HL[16]; /*!< Precalculated HTable low. */ uint64_t HH[16]; /*!< Precalculated HTable high. */ @@ -74,8 +61,8 @@ typedef struct mbedtls_gcm_context unsigned char y[16]; /*!< The Y working value. */ unsigned char buf[16]; /*!< The buf working value. */ int mode; /*!< The operation to perform: - #MBEDTLS_GCM_ENCRYPT or - #MBEDTLS_GCM_DECRYPT. */ + #MBEDTLS_GCM_ENCRYPT or + #MBEDTLS_GCM_DECRYPT. */ } mbedtls_gcm_context; @@ -94,7 +81,7 @@ mbedtls_gcm_context; * * \param ctx The GCM context to initialize. This must not be \c NULL. */ -void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); +void mbedtls_gcm_init(mbedtls_gcm_context *ctx); /** * \brief This function associates a GCM context with a @@ -112,10 +99,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); * \return \c 0 on success. * \return A cipher-specific error code on failure. */ -int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ); +int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits); /** * \brief This function performs GCM encryption or decryption of a buffer. @@ -168,17 +155,17 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, * not valid or a cipher-specific error code if the encryption * or decryption failed. */ -int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, - int mode, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *input, - unsigned char *output, - size_t tag_len, - unsigned char *tag ); +int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag); /** * \brief This function performs a GCM authenticated decryption of a @@ -213,16 +200,16 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, * not valid or a cipher-specific error code if the decryption * failed. */ -int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *tag, - size_t tag_len, - const unsigned char *input, - unsigned char *output ); +int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output); /** * \brief This function starts a GCM encryption or decryption @@ -241,12 +228,12 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, * * \return \c 0 on success. */ -int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ); +int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len); /** * \brief This function feeds an input buffer into an ongoing GCM @@ -273,10 +260,10 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ -int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ); +int mbedtls_gcm_update(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *input, + unsigned char *output); /** * \brief This function finishes the GCM operation and generates @@ -294,9 +281,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ -int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ); +int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, + unsigned char *tag, + size_t tag_len); /** * \brief This function clears a GCM context and the underlying @@ -305,7 +292,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, * \param ctx The GCM context to clear. If this is \c NULL, the call has * no effect. Otherwise, this must be initialized. */ -void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); +void mbedtls_gcm_free(mbedtls_gcm_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -315,7 +302,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_gcm_self_test( int verbose ); +int mbedtls_gcm_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/havege.h b/third_party/mbedtls/repo/include/mbedtls/havege.h index 7d27039e8c7..cdaf8a89ae8 100644 --- a/third_party/mbedtls/repo/include/mbedtls/havege.h +++ b/third_party/mbedtls/repo/include/mbedtls/havege.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HAVEGE_H #define MBEDTLS_HAVEGE_H @@ -40,8 +28,7 @@ extern "C" { /** * \brief HAVEGE state structure */ -typedef struct mbedtls_havege_state -{ +typedef struct mbedtls_havege_state { uint32_t PT1, PT2, offset[2]; uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; uint32_t WALK[8192]; @@ -53,14 +40,14 @@ mbedtls_havege_state; * * \param hs HAVEGE state to be initialized */ -void mbedtls_havege_init( mbedtls_havege_state *hs ); +void mbedtls_havege_init(mbedtls_havege_state *hs); /** * \brief Clear HAVEGE state * * \param hs HAVEGE state to be cleared */ -void mbedtls_havege_free( mbedtls_havege_state *hs ); +void mbedtls_havege_free(mbedtls_havege_state *hs); /** * \brief HAVEGE rand function @@ -71,7 +58,7 @@ void mbedtls_havege_free( mbedtls_havege_state *hs ); * * \return 0 */ -int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len ); +int mbedtls_havege_random(void *p_rng, unsigned char *output, size_t len); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/hkdf.h b/third_party/mbedtls/repo/include/mbedtls/hkdf.h index 223004b8ede..103f329b8fa 100644 --- a/third_party/mbedtls/repo/include/mbedtls/hkdf.h +++ b/third_party/mbedtls/repo/include/mbedtls/hkdf.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H @@ -39,7 +27,7 @@ */ /** Bad input parameters to function. */ #define MBEDTLS_ERR_HKDF_BAD_INPUT_DATA -0x5F80 -/* \} name */ +/** \} name */ #ifdef __cplusplus extern "C" { @@ -69,10 +57,10 @@ extern "C" { * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, - size_t salt_len, const unsigned char *ikm, size_t ikm_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len ); +int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, + size_t salt_len, const unsigned char *ikm, size_t ikm_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); /** * \brief Take the input keying material \p ikm and extract from it a @@ -98,10 +86,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk ); +int mbedtls_hkdf_extract(const mbedtls_md_info_t *md, + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk); /** * \brief Expand the supplied \p prk into several additional pseudorandom @@ -129,9 +117,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying * MD layer. */ -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, - size_t prk_len, const unsigned char *info, - size_t info_len, unsigned char *okm, size_t okm_len ); +int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk, + size_t prk_len, const unsigned char *info, + size_t info_len, unsigned char *okm, size_t okm_len); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/hmac_drbg.h b/third_party/mbedtls/repo/include/mbedtls/hmac_drbg.h index 79132d4d910..d531382f6c9 100644 --- a/third_party/mbedtls/repo/include/mbedtls/hmac_drbg.h +++ b/third_party/mbedtls/repo/include/mbedtls/hmac_drbg.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H @@ -74,7 +62,7 @@ #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */ #define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */ @@ -86,8 +74,7 @@ extern "C" { /** * HMAC_DRBG context. */ -typedef struct mbedtls_hmac_drbg_context -{ +typedef struct mbedtls_hmac_drbg_context { /* Working state: the key K is not stored explicitly, * but is implied by the HMAC context */ mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */ @@ -129,7 +116,7 @@ typedef struct mbedtls_hmac_drbg_context * * \param ctx HMAC_DRBG context to be initialized. */ -void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); +void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx); /** * \brief HMAC_DRBG initial seeding. @@ -187,8 +174,8 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * \param len The length of the personalization string. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * and also at most - * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 - * where \p entropy_len is the entropy length + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2 + * where \c entropy_len is the entropy length * described above. * * \return \c 0 if successful. @@ -199,15 +186,15 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ); * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * if the call to \p f_entropy failed. */ -int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ); +int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len); /** - * \brief Initilisation of simpified HMAC_DRBG (never reseeds). + * \brief Initialisation of simplified HMAC_DRBG (never reseeds). * * This function is meant for use in algorithms that need a pseudorandom * input such as deterministic ECDSA. @@ -234,9 +221,9 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough * memory to allocate context data. */ -int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - const unsigned char *data, size_t data_len ); +int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + const unsigned char *data, size_t data_len); /** * \brief This function turns prediction resistance on or off. @@ -251,8 +238,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * \param ctx The HMAC_DRBG context. * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF. */ -void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, - int resistance ); +void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, + int resistance); /** * \brief This function sets the amount of entropy grabbed on each @@ -263,8 +250,8 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx * \param ctx The HMAC_DRBG context. * \param len The amount of entropy to grab, in bytes. */ -void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, - size_t len ); +void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, + size_t len); /** * \brief Set the reseed interval. @@ -278,8 +265,8 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, * \param ctx The HMAC_DRBG context. * \param interval The reseed interval. */ -void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, - int interval ); +void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, + int interval); /** * \brief This function updates the state of the HMAC_DRBG context. @@ -298,8 +285,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, * \return \c 0 on success, or an error from the underlying * hash calculation. */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); +int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t add_len); /** * \brief This function reseeds the HMAC_DRBG context, that is @@ -317,16 +304,16 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, * \param len The length of the additional data. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * and also at most - * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len - * where \p entropy_len is the entropy length + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len + * where \c entropy_len is the entropy length * (see mbedtls_hmac_drbg_set_entropy_len()). * * \return \c 0 if successful. * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * if a call to the entropy function failed. */ -int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len ); +int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len); /** * \brief This function updates an HMAC_DRBG instance with additional @@ -359,10 +346,10 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT. */ -int mbedtls_hmac_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, - size_t add_len ); +int mbedtls_hmac_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, + size_t add_len); /** * \brief This function uses HMAC_DRBG to generate random data. @@ -391,7 +378,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST. */ -int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); +int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len); /** * \brief This function resets HMAC_DRBG context to the state immediately @@ -399,9 +386,9 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len * * \param ctx The HMAC_DRBG context to free. */ -void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); +void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -421,7 +408,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); */ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); + const unsigned char *additional, size_t add_len); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -437,7 +424,7 @@ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed * failure. */ -int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); +int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path); /** * \brief This function reads and updates a seed file. The seed @@ -453,7 +440,7 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing * seed file is too large. */ -int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ); +int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ @@ -464,7 +451,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch * \return \c 0 if successful. * \return \c 1 if the test failed. */ -int mbedtls_hmac_drbg_self_test( int verbose ); +int mbedtls_hmac_drbg_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/md.h b/third_party/mbedtls/repo/include/mbedtls/md.h index 84fafd2ac77..7b4311307ce 100644 --- a/third_party/mbedtls/repo/include/mbedtls/md.h +++ b/third_party/mbedtls/repo/include/mbedtls/md.h @@ -1,4 +1,4 @@ - /** +/** * \file md.h * * \brief This file contains the generic message-digest wrapper. @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_H @@ -92,8 +80,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t; /** * The generic message-digest context. */ -typedef struct mbedtls_md_context_t -{ +typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ const mbedtls_md_info_t *md_info; @@ -115,7 +102,7 @@ typedef struct mbedtls_md_context_t * message-digest enumeration #mbedtls_md_type_t. * The last entry is 0. */ -const int *mbedtls_md_list( void ); +const int *mbedtls_md_list(void); /** * \brief This function returns the message-digest information @@ -126,7 +113,7 @@ const int *mbedtls_md_list( void ); * \return The message-digest information associated with \p md_name. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); /** * \brief This function returns the message-digest information @@ -137,7 +124,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ); * \return The message-digest information associated with \p md_type. * \return NULL if the associated message-digest information is not found. */ -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); +const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type); /** * \brief This function initializes a message-digest context without @@ -147,7 +134,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ); * context for mbedtls_md_setup() for binding it to a * message-digest algorithm. */ -void mbedtls_md_init( mbedtls_md_context_t *ctx ); +void mbedtls_md_init(mbedtls_md_context_t *ctx); /** * \brief This function clears the internal structure of \p ctx and @@ -162,9 +149,9 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx ); * You must not call this function if you have not called * mbedtls_md_init(). */ -void mbedtls_md_free( mbedtls_md_context_t *ctx ); +void mbedtls_md_free(mbedtls_md_context_t *ctx); -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) #else @@ -188,7 +175,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ); * failure. * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED; +int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx, + const mbedtls_md_info_t *md_info) MBEDTLS_DEPRECATED; #undef MBEDTLS_DEPRECATED #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -212,10 +200,10 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_ * \return #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ); +int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac); /** - * \brief This function clones the state of an message-digest + * \brief This function clones the state of a message-digest * context. * * \note You must call mbedtls_md_setup() on \c dst before calling @@ -234,8 +222,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_clone( mbedtls_md_context_t *dst, - const mbedtls_md_context_t *src ); +int mbedtls_md_clone(mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src); /** * \brief This function extracts the message-digest size from the @@ -246,7 +234,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, * * \return The size of the message-digest output in Bytes. */ -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); +unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info); /** * \brief This function extracts the message-digest type from the @@ -257,7 +245,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ); * * \return The type of the message digest. */ -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); +mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info); /** * \brief This function extracts the message-digest name from the @@ -268,7 +256,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ); * * \return The name of the message digest. */ -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info); /** * \brief This function starts a message-digest computation. @@ -284,7 +272,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_starts( mbedtls_md_context_t *ctx ); +int mbedtls_md_starts(mbedtls_md_context_t *ctx); /** * \brief This function feeds an input buffer into an ongoing @@ -303,7 +291,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ); +int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen); /** * \brief This function finishes the digest operation, @@ -324,7 +312,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); +int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output); /** * \brief This function calculates the message-digest of a buffer, @@ -345,8 +333,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output); #if defined(MBEDTLS_FS_IO) /** @@ -367,8 +355,8 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, - unsigned char *output ); +int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, + unsigned char *output); #endif /* MBEDTLS_FS_IO */ /** @@ -390,8 +378,8 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, - size_t keylen ); +int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, + size_t keylen); /** * \brief This function feeds an input buffer into an ongoing HMAC @@ -413,8 +401,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, - size_t ilen ); +int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, + size_t ilen); /** * \brief This function finishes the HMAC operation, and writes @@ -435,7 +423,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); +int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output); /** * \brief This function prepares to authenticate a new message with @@ -453,7 +441,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); +int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx); /** * \brief This function calculates the full generic HMAC @@ -478,13 +466,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ); * failure. */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); +int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output); /* Internal use */ MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ); +int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/md2.h b/third_party/mbedtls/repo/include/mbedtls/md2.h index 7f3d5cf446c..afcf3a3ee2a 100644 --- a/third_party/mbedtls/repo/include/mbedtls/md2.h +++ b/third_party/mbedtls/repo/include/mbedtls/md2.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_MD2_H @@ -55,8 +43,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md2_context -{ +typedef struct mbedtls_md2_context { unsigned char cksum[16]; /*!< checksum of the data block */ unsigned char state[48]; /*!< intermediate digest state */ unsigned char buffer[16]; /*!< data block being processed */ @@ -78,7 +65,7 @@ mbedtls_md2_context; * stronger message digests instead. * */ -void mbedtls_md2_init( mbedtls_md2_context *ctx ); +void mbedtls_md2_init(mbedtls_md2_context *ctx); /** * \brief Clear MD2 context @@ -90,7 +77,7 @@ void mbedtls_md2_init( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md2_free( mbedtls_md2_context *ctx ); +void mbedtls_md2_free(mbedtls_md2_context *ctx); /** * \brief Clone (the state of) an MD2 context @@ -103,8 +90,8 @@ void mbedtls_md2_free( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ); +void mbedtls_md2_clone(mbedtls_md2_context *dst, + const mbedtls_md2_context *src); /** * \brief MD2 context setup @@ -118,7 +105,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, * stronger message digests instead. * */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); +int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx); /** * \brief MD2 process buffer @@ -134,9 +121,9 @@ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md2_update_ret(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD2 final digest @@ -151,8 +138,8 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, - unsigned char output[16] ); +int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx, + unsigned char output[16]); /** * \brief MD2 process data block (internal use only) @@ -166,7 +153,7 @@ int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); +int mbedtls_internal_md2_process(mbedtls_md2_context *ctx); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -186,7 +173,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md2_starts(mbedtls_md2_context *ctx); /** * \brief MD2 process buffer @@ -202,9 +189,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md2_update(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD2 final digest @@ -219,8 +206,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md2_finish(mbedtls_md2_context *ctx, + unsigned char output[16]); /** * \brief MD2 process data block (internal use only) @@ -234,7 +221,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md2_process(mbedtls_md2_context *ctx); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -251,9 +238,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md2_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md2_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -275,9 +262,9 @@ int mbedtls_md2_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md2(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -294,7 +281,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md2_self_test( int verbose ); +int mbedtls_md2_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/md4.h b/third_party/mbedtls/repo/include/mbedtls/md4.h index 0238c6723a6..b827ffecb15 100644 --- a/third_party/mbedtls/repo/include/mbedtls/md4.h +++ b/third_party/mbedtls/repo/include/mbedtls/md4.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_MD4_H @@ -56,8 +44,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md4_context -{ +typedef struct mbedtls_md4_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -78,7 +65,7 @@ mbedtls_md4_context; * stronger message digests instead. * */ -void mbedtls_md4_init( mbedtls_md4_context *ctx ); +void mbedtls_md4_init(mbedtls_md4_context *ctx); /** * \brief Clear MD4 context @@ -90,7 +77,7 @@ void mbedtls_md4_init( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md4_free( mbedtls_md4_context *ctx ); +void mbedtls_md4_free(mbedtls_md4_context *ctx); /** * \brief Clone (the state of) an MD4 context @@ -103,8 +90,8 @@ void mbedtls_md4_free( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ); +void mbedtls_md4_clone(mbedtls_md4_context *dst, + const mbedtls_md4_context *src); /** * \brief MD4 context setup @@ -117,7 +104,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, * constitutes a security risk. We recommend considering * stronger message digests instead. */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); +int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx); /** * \brief MD4 process buffer @@ -133,9 +120,9 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md4_update_ret(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD4 final digest @@ -150,8 +137,8 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, - unsigned char output[16] ); +int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx, + unsigned char output[16]); /** * \brief MD4 process data block (internal use only) @@ -166,8 +153,8 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -187,7 +174,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md4_starts(mbedtls_md4_context *ctx); /** * \brief MD4 process buffer @@ -203,9 +190,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md4_update(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD4 final digest @@ -220,8 +207,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md4_finish(mbedtls_md4_context *ctx, + unsigned char output[16]); /** * \brief MD4 process data block (internal use only) @@ -236,8 +223,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -256,9 +243,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx, * stronger message digests instead. * */ -int mbedtls_md4_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md4_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -280,9 +267,9 @@ int mbedtls_md4_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md4(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -299,7 +286,7 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md4_self_test( int verbose ); +int mbedtls_md4_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/md5.h b/third_party/mbedtls/repo/include/mbedtls/md5.h index 73e4dd2c2a7..fdc530a16b3 100644 --- a/third_party/mbedtls/repo/include/mbedtls/md5.h +++ b/third_party/mbedtls/repo/include/mbedtls/md5.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD5_H #define MBEDTLS_MD5_H @@ -55,8 +43,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_md5_context -{ +typedef struct mbedtls_md5_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -77,7 +64,7 @@ mbedtls_md5_context; * stronger message digests instead. * */ -void mbedtls_md5_init( mbedtls_md5_context *ctx ); +void mbedtls_md5_init(mbedtls_md5_context *ctx); /** * \brief Clear MD5 context @@ -89,7 +76,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md5_free( mbedtls_md5_context *ctx ); +void mbedtls_md5_free(mbedtls_md5_context *ctx); /** * \brief Clone (the state of) an MD5 context @@ -102,8 +89,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -void mbedtls_md5_clone( mbedtls_md5_context *dst, - const mbedtls_md5_context *src ); +void mbedtls_md5_clone(mbedtls_md5_context *dst, + const mbedtls_md5_context *src); /** * \brief MD5 context setup @@ -117,7 +104,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, * stronger message digests instead. * */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); +int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx); /** * \brief MD5 process buffer @@ -133,9 +120,9 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD5 final digest @@ -150,8 +137,8 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, - unsigned char output[16] ); +int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, + unsigned char output[16]); /** * \brief MD5 process data block (internal use only) @@ -166,8 +153,8 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -187,7 +174,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx); /** * \brief MD5 process buffer @@ -203,9 +190,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx ); * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief MD5 final digest @@ -220,8 +207,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx, + unsigned char output[16]); /** * \brief MD5 process data block (internal use only) @@ -236,8 +223,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -256,9 +243,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx, * stronger message digests instead. * */ -int mbedtls_md5_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +int mbedtls_md5_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -280,9 +267,9 @@ int mbedtls_md5_ret( const unsigned char *input, * stronger message digests instead. * */ -MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input, - size_t ilen, - unsigned char output[16] ); +MBEDTLS_DEPRECATED void mbedtls_md5(const unsigned char *input, + size_t ilen, + unsigned char output[16]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -299,7 +286,7 @@ MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input, * stronger message digests instead. * */ -int mbedtls_md5_self_test( int verbose ); +int mbedtls_md5_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/md_internal.h b/third_party/mbedtls/repo/include/mbedtls/md_internal.h index f33cdf6086d..239fdd9ba23 100644 --- a/third_party/mbedtls/repo/include/mbedtls/md_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/md_internal.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H @@ -42,10 +30,9 @@ extern "C" { * Message digest information. * Allows message digest functions to be called in a generic way. */ -struct mbedtls_md_info_t -{ +struct mbedtls_md_info_t { /** Name of the message digest */ - const char * name; + const char *name; /** Digest identifier */ mbedtls_md_type_t type; diff --git a/third_party/mbedtls/repo/include/mbedtls/memory_buffer_alloc.h b/third_party/mbedtls/repo/include/mbedtls/memory_buffer_alloc.h index 233977252a3..34013b9bc43 100644 --- a/third_party/mbedtls/repo/include/mbedtls/memory_buffer_alloc.h +++ b/third_party/mbedtls/repo/include/mbedtls/memory_buffer_alloc.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H @@ -42,12 +30,13 @@ #define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #define MBEDTLS_MEMORY_VERIFY_NONE 0 #define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0) #define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1) -#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE) +#define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | \ + MBEDTLS_MEMORY_VERIFY_FREE) #ifdef __cplusplus extern "C" { @@ -68,12 +57,12 @@ extern "C" { * \param buf buffer to use as heap * \param len size of the buffer */ -void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ); +void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len); /** * \brief Free the mutex for thread-safety and clear remaining memory */ -void mbedtls_memory_buffer_alloc_free( void ); +void mbedtls_memory_buffer_alloc_free(void); /** * \brief Determine when the allocator should automatically verify the state @@ -83,7 +72,7 @@ void mbedtls_memory_buffer_alloc_free( void ); * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC, * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS */ -void mbedtls_memory_buffer_set_verify( int verify ); +void mbedtls_memory_buffer_set_verify(int verify); #if defined(MBEDTLS_MEMORY_DEBUG) /** @@ -92,7 +81,7 @@ void mbedtls_memory_buffer_set_verify( int verify ); * Prints out a list of 'still allocated' blocks and their stack * trace if MBEDTLS_MEMORY_BACKTRACE is defined. */ -void mbedtls_memory_buffer_alloc_status( void ); +void mbedtls_memory_buffer_alloc_status(void); /** * \brief Get the peak heap usage so far @@ -102,12 +91,12 @@ void mbedtls_memory_buffer_alloc_status( void ); * into smaller blocks but larger than the requested size. * \param max_blocks Peak number of blocks in use, including free and used */ -void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); +void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks); /** * \brief Reset peak statistics */ -void mbedtls_memory_buffer_alloc_max_reset( void ); +void mbedtls_memory_buffer_alloc_max_reset(void); /** * \brief Get the current heap usage @@ -117,7 +106,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void ); * into smaller blocks but larger than the requested size. * \param cur_blocks Current number of blocks in use, including free and used */ -void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); +void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks); #endif /* MBEDTLS_MEMORY_DEBUG */ /** @@ -131,7 +120,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) * * \return 0 if verified, 1 otherwise */ -int mbedtls_memory_buffer_alloc_verify( void ); +int mbedtls_memory_buffer_alloc_verify(void); #if defined(MBEDTLS_SELF_TEST) /** @@ -139,7 +128,7 @@ int mbedtls_memory_buffer_alloc_verify( void ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_memory_buffer_alloc_self_test( int verbose ); +int mbedtls_memory_buffer_alloc_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/net.h b/third_party/mbedtls/repo/include/mbedtls/net.h index 66921887da0..805ce339da2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/net.h +++ b/third_party/mbedtls/repo/include/mbedtls/net.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" diff --git a/third_party/mbedtls/repo/include/mbedtls/net_sockets.h b/third_party/mbedtls/repo/include/mbedtls/net_sockets.h index ceb7d5f6527..2d3fe3f9493 100644 --- a/third_party/mbedtls/repo/include/mbedtls/net_sockets.h +++ b/third_party/mbedtls/repo/include/mbedtls/net_sockets.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NET_SOCKETS_H #define MBEDTLS_NET_SOCKETS_H @@ -95,8 +83,7 @@ extern "C" { * (eg two file descriptors for combined IPv4 + IPv6 support, or additional * structures for hand-made UDP demultiplexing). */ -typedef struct mbedtls_net_context -{ +typedef struct mbedtls_net_context { int fd; /**< The underlying file descriptor */ } mbedtls_net_context; @@ -107,7 +94,7 @@ mbedtls_net_context; * * \param ctx Context to initialize */ -void mbedtls_net_init( mbedtls_net_context *ctx ); +void mbedtls_net_init(mbedtls_net_context *ctx); /** * \brief Initiate a connection with host:port in the given protocol @@ -124,7 +111,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx ); * * \note Sets the socket in connected mode even with UDP. */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto ); +int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto); /** * \brief Create a receiving socket on bind_ip:port in the chosen @@ -144,7 +131,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char * \note Regardless of the protocol, opens the sockets and binds it. * In addition, make the socket listening if protocol is TCP. */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ); +int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto); /** * \brief Accept a connection from a remote client @@ -164,9 +151,9 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char * MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to * non-blocking and accept() would block. */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ); +int mbedtls_net_accept(mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len); /** * \brief Check and wait for the context to be ready for read/write @@ -193,7 +180,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx, * \return Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE * on success or timeout, or a negative return code otherwise. */ -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); +int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout); /** * \brief Set the socket blocking @@ -202,7 +189,7 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ); * * \return 0 if successful, or a non-zero error code */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ); +int mbedtls_net_set_block(mbedtls_net_context *ctx); /** * \brief Set the socket non-blocking @@ -211,7 +198,7 @@ int mbedtls_net_set_block( mbedtls_net_context *ctx ); * * \return 0 if successful, or a non-zero error code */ -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); +int mbedtls_net_set_nonblock(mbedtls_net_context *ctx); /** * \brief Portable usleep helper @@ -221,7 +208,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ); * \note Real amount of time slept will not be less than * select()'s timeout granularity (typically, 10ms). */ -void mbedtls_net_usleep( unsigned long usec ); +void mbedtls_net_usleep(unsigned long usec); /** * \brief Read at most 'len' characters. If no error occurs, @@ -235,7 +222,7 @@ void mbedtls_net_usleep( unsigned long usec ); * or a non-zero error code; with a non-blocking socket, * MBEDTLS_ERR_SSL_WANT_READ indicates read() would block. */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); +int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len); /** * \brief Write at most 'len' characters. If no error occurs, @@ -249,7 +236,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ); * or a non-zero error code; with a non-blocking socket, * MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block. */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); +int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len); /** * \brief Read at most 'len' characters, blocking for at most @@ -277,22 +264,30 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ); * non-blocking. Handling timeouts with non-blocking reads * requires a different strategy. */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ); +int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout); /** * \brief Closes down the connection and free associated data * * \param ctx The context to close + * + * \note This function frees and clears data associated with the + * context but does not free the memory pointed to by \p ctx. + * This memory is the responsibility of the caller. */ -void mbedtls_net_close( mbedtls_net_context *ctx ); +void mbedtls_net_close(mbedtls_net_context *ctx); /** * \brief Gracefully shutdown the connection and free associated data * * \param ctx The context to free + * + * \note This function frees and clears data associated with the + * context but does not free the memory pointed to by \p ctx. + * This memory is the responsibility of the caller. */ -void mbedtls_net_free( mbedtls_net_context *ctx ); +void mbedtls_net_free(mbedtls_net_context *ctx); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/nist_kw.h b/third_party/mbedtls/repo/include/mbedtls/nist_kw.h index 7f3e64a525d..a2479b01762 100644 --- a/third_party/mbedtls/repo/include/mbedtls/nist_kw.h +++ b/third_party/mbedtls/repo/include/mbedtls/nist_kw.h @@ -17,19 +17,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NIST_KW_H @@ -47,8 +35,7 @@ extern "C" { #endif -typedef enum -{ +typedef enum { MBEDTLS_KW_MODE_KW = 0, MBEDTLS_KW_MODE_KWP = 1 } mbedtls_nist_kw_mode_t; @@ -80,7 +67,7 @@ typedef struct { * \param ctx The key wrapping context to initialize. * */ -void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); +void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx); /** * \brief This function initializes the key wrapping context set in the @@ -98,11 +85,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ); * which are not supported. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits, - const int is_wrap ); +int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits, + const int is_wrap); /** * \brief This function releases and clears the specified key wrapping context @@ -110,7 +97,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, * * \param ctx The key wrapping context to clear. */ -void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); +void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx); /** * \brief This function encrypts a buffer using key wrapping. @@ -133,9 +120,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ); * \return \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t* out_len, size_t out_size ); +int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size); /** * \brief This function decrypts a buffer using key wrapping. @@ -160,9 +147,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m * \return \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext. * \return cipher-specific error code on failure of the underlying cipher. */ -int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t* out_len, size_t out_size); +int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size); #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) @@ -172,7 +159,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_nist_kw_self_test( int verbose ); +int mbedtls_nist_kw_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/oid.h b/third_party/mbedtls/repo/include/mbedtls/oid.h index 1c39186a491..8da1ce852aa 100644 --- a/third_party/mbedtls/repo/include/mbedtls/oid.h +++ b/third_party/mbedtls/repo/include/mbedtls/oid.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_OID_H #define MBEDTLS_OID_H @@ -82,10 +70,10 @@ #define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */ #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ #define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ - MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ + MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ #define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ #define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \ - MBEDTLS_OID_ORG_ANSI_X9_62 + MBEDTLS_OID_ORG_ANSI_X9_62 /* * ISO Identified organization OID parts @@ -96,15 +84,18 @@ #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ -#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM +#define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_ORG_CERTICOM #define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */ -#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST +#define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_ORG_TELETRUST /* * ISO ITU OID parts */ #define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */ -#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ +#define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \ + MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ #define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */ #define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ @@ -122,7 +113,8 @@ * { iso(1) identified-organization(3) dod(6) internet(1) * security(5) mechanisms(5) pkix(7) } */ -#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01" +#define MBEDTLS_OID_INTERNET MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \ + "\x01" #define MBEDTLS_OID_PKIX MBEDTLS_OID_INTERNET "\x05\x05\x07" /* @@ -143,7 +135,7 @@ #define MBEDTLS_OID_AT_GIVEN_NAME MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ #define MBEDTLS_OID_AT_INITIALS MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ #define MBEDTLS_OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ -#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */ +#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributeType:= {id-at 45} */ #define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ #define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ @@ -254,7 +246,8 @@ #define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ #define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ -#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ @@ -277,7 +270,8 @@ /* * Encryption algorithms */ -#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ +#define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_AES MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */ @@ -439,8 +433,7 @@ extern "C" { /** * \brief Base OID descriptor structure */ -typedef struct mbedtls_oid_descriptor_t -{ +typedef struct mbedtls_oid_descriptor_t { const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ const char *name; /*!< official name (e.g. from RFC) */ @@ -458,7 +451,7 @@ typedef struct mbedtls_oid_descriptor_t * \return Length of the string written (excluding final NULL) or * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error */ -int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid ); +int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid); /** * \brief Translate an X.509 extension OID into local values @@ -468,7 +461,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); +int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type); /** * \brief Translate an X.509 attribute type OID into the short name @@ -479,7 +472,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type ); * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name ); +int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name); /** * \brief Translate PublicKeyAlgorithm OID into pk_type @@ -489,7 +482,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg ); +int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg); /** * \brief Translate pk_type into PublicKeyAlgorithm OID @@ -500,8 +493,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg, + const char **oid, size_t *olen); #if defined(MBEDTLS_ECP_C) /** @@ -512,7 +505,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id ); +int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id); /** * \brief Translate EC group identifier into NamedCurve OID @@ -523,8 +516,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id, + const char **oid, size_t *olen); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_MD_C) @@ -537,8 +530,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg ); +int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg); /** * \brief Translate SignatureAlgorithm OID into description @@ -548,7 +541,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid, * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate md_type and pk_type into SignatureAlgorithm OID @@ -560,8 +553,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const char **oid, size_t *olen); /** * \brief Translate hash algorithm OID into md_type @@ -571,7 +564,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg ); +int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg); /** * \brief Translate hmac algorithm OID into md_type @@ -581,7 +574,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac ); +int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac); #endif /* MBEDTLS_MD_C */ /** @@ -592,7 +585,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_ * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate certificate policies OID into description @@ -602,7 +595,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc ); +int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc); /** * \brief Translate md_type into hash algorithm OID @@ -613,7 +606,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen ); +int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen); #if defined(MBEDTLS_CIPHER_C) /** @@ -624,7 +617,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_ * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg ); +int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg); #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_PKCS12_C) @@ -638,8 +631,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type * * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ -int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, - mbedtls_cipher_type_t *cipher_alg ); +int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, + mbedtls_cipher_type_t *cipher_alg); #endif /* MBEDTLS_PKCS12_C */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/padlock.h b/third_party/mbedtls/repo/include/mbedtls/padlock.h index 624d02dff55..0821105f1a6 100644 --- a/third_party/mbedtls/repo/include/mbedtls/padlock.h +++ b/third_party/mbedtls/repo/include/mbedtls/padlock.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H @@ -44,9 +32,12 @@ #endif /* Some versions of ASan result in errors about not enough registers */ -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ +#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__i386__) && \ !defined(MBEDTLS_HAVE_ASAN) +#define MBEDTLS_VIA_PADLOCK_HAVE_CODE + #ifndef MBEDTLS_HAVE_X86 #define MBEDTLS_HAVE_X86 #endif @@ -74,7 +65,7 @@ extern "C" { * * \return non-zero if CPU has support for the feature, 0 otherwise */ -int mbedtls_padlock_has_support( int feature ); +int mbedtls_padlock_has_support(int feature); /** * \brief Internal PadLock AES-ECB block en(de)cryption @@ -89,10 +80,10 @@ int mbedtls_padlock_has_support( int feature ); * * \return 0 if success, 1 if operation failed */ -int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); +int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Internal PadLock AES-CBC buffer en(de)cryption @@ -109,17 +100,18 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, * * \return 0 if success, 1 if operation failed */ -int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); +int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output); #ifdef __cplusplus } #endif -#endif /* HAVE_X86 */ +#endif /* MBEDTLS_PADLOCK_C && MBEDTLS_HAVE_ASM && + __GNUC__ && __i386__ && !MBEDTLS_HAVE_ASAN */ #endif /* padlock.h */ diff --git a/third_party/mbedtls/repo/include/mbedtls/pem.h b/third_party/mbedtls/repo/include/mbedtls/pem.h index dfb4ff218e6..ffe6e473dad 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pem.h +++ b/third_party/mbedtls/repo/include/mbedtls/pem.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H @@ -54,7 +42,7 @@ #define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /** Bad input parameters to function. */ #define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 -/* \} name */ +/** \} name PEM Error codes */ #ifdef __cplusplus extern "C" { @@ -64,8 +52,7 @@ extern "C" { /** * \brief PEM context structure */ -typedef struct mbedtls_pem_context -{ +typedef struct mbedtls_pem_context { unsigned char *buf; /*!< buffer for decoded data */ size_t buflen; /*!< length of the buffer */ unsigned char *info; /*!< buffer for extra header information */ @@ -77,7 +64,7 @@ mbedtls_pem_context; * * \param ctx context to be initialized */ -void mbedtls_pem_init( mbedtls_pem_context *ctx ); +void mbedtls_pem_init(mbedtls_pem_context *ctx); /** * \brief Read a buffer for PEM information and store the resulting @@ -101,17 +88,17 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx ); * * \return 0 on success, or a specific PEM error code */ -int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, - const unsigned char *data, - const unsigned char *pwd, - size_t pwdlen, size_t *use_len ); +int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer, + const unsigned char *data, + const unsigned char *pwd, + size_t pwdlen, size_t *use_len); /** * \brief PEM context memory freeing * * \param ctx context to be freed */ -void mbedtls_pem_free( mbedtls_pem_context *ctx ); +void mbedtls_pem_free(mbedtls_pem_context *ctx); #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_PEM_WRITE_C) @@ -141,9 +128,9 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx ); * the required minimum size of \p buf. * \return Another PEM or BASE64 error code on other kinds of failure. */ -int mbedtls_pem_write_buffer( const char *header, const char *footer, - const unsigned char *der_data, size_t der_len, - unsigned char *buf, size_t buf_len, size_t *olen ); +int mbedtls_pem_write_buffer(const char *header, const char *footer, + const unsigned char *der_data, size_t der_len, + unsigned char *buf, size_t buf_len, size_t *olen); #endif /* MBEDTLS_PEM_WRITE_C */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/pk.h b/third_party/mbedtls/repo/include/mbedtls/pk.h index 8f2abf2a608..a8c0c377e9b 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pk.h +++ b/third_party/mbedtls/repo/include/mbedtls/pk.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_H @@ -47,7 +35,7 @@ #include "psa/crypto.h" #endif -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -107,8 +95,7 @@ typedef enum { * \brief Options for RSASSA-PSS signature verification. * See \c mbedtls_rsa_rsassa_pss_verify_ext() */ -typedef struct mbedtls_pk_rsassa_pss_options -{ +typedef struct mbedtls_pk_rsassa_pss_options { mbedtls_md_type_t mgf1_hash_id; int expected_salt_len; @@ -128,7 +115,7 @@ typedef struct mbedtls_pk_rsassa_pss_options */ #define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0 -#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \ +#if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \ MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE /* For RSA, the signature can be as large as the bignum module allows. * For RSA_ALT, the signature size is not necessarily tied to what the @@ -162,15 +149,14 @@ typedef struct mbedtls_pk_rsassa_pss_options * types, lengths (represented by up to 2 bytes), and potential leading * zeros of the INTEGERs and the SEQUENCE. */ #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE -#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 ) +#define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11) #endif #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ /** * \brief Types for interfacing with the debug module */ -typedef enum -{ +typedef enum { MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_ECP, @@ -179,8 +165,7 @@ typedef enum /** * \brief Item to send to the debug module */ -typedef struct mbedtls_pk_debug_item -{ +typedef struct mbedtls_pk_debug_item { mbedtls_pk_debug_type type; const char *name; void *value; @@ -197,64 +182,38 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; /** * \brief Public key container */ -typedef struct mbedtls_pk_context -{ - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * pk_ctx; /**< Underlying public key context */ +typedef struct mbedtls_pk_context { + const mbedtls_pk_info_t *pk_info; /**< Public key information */ + void *pk_ctx; /**< Underlying public key context */ } mbedtls_pk_context; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** * \brief Context for resuming operations */ -typedef struct -{ - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * rs_ctx; /**< Underlying restart context */ +typedef struct { + const mbedtls_pk_info_t *pk_info; /**< Public key information */ + void *rs_ctx; /**< Underlying restart context */ } mbedtls_pk_restart_ctx; #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* Now we can declare functions that take a pointer to that */ typedef void mbedtls_pk_restart_ctx; #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ -#if defined(MBEDTLS_RSA_C) -/** - * Quick access to an RSA context inside a PK context. - * - * \warning You must make sure the PK context actually holds an RSA context - * before using this function! - */ -static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) -{ - return( (mbedtls_rsa_context *) (pk).pk_ctx ); -} -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_ECP_C) -/** - * Quick access to an EC context inside a PK context. - * - * \warning You must make sure the PK context actually holds an EC context - * before using this function! - */ -static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) -{ - return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); -} -#endif /* MBEDTLS_ECP_C */ - #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /** * \brief Types for RSA-alt abstraction */ -typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ); -typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ); -typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); +typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len); +typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, unsigned char *sig); +typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx); #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** @@ -264,7 +223,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); * * \return The PK info associated with the type or NULL if not found. */ -const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); +const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type); /** * \brief Initialize a #mbedtls_pk_context (as NONE). @@ -272,7 +231,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); * \param ctx The context to initialize. * This must not be \c NULL. */ -void mbedtls_pk_init( mbedtls_pk_context *ctx ); +void mbedtls_pk_init(mbedtls_pk_context *ctx); /** * \brief Free the components of a #mbedtls_pk_context. @@ -285,7 +244,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ); * PSA key and you still need to call psa_destroy_key() * independently if you want to destroy that key. */ -void mbedtls_pk_free( mbedtls_pk_context *ctx ); +void mbedtls_pk_free(mbedtls_pk_context *ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** @@ -294,7 +253,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx ); * \param ctx The context to initialize. * This must not be \c NULL. */ -void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); +void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx); /** * \brief Free the components of a restart context @@ -302,7 +261,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); * \param ctx The context to clear. It must have been initialized. * If this is \c NULL, this function does nothing. */ -void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); +void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** @@ -320,7 +279,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); * \note For contexts holding an RSA-alt key, use * \c mbedtls_pk_setup_rsa_alt() instead. */ -int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); +int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -351,8 +310,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); * ECC key pair. * \return #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure. */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, - const psa_key_id_t key ); +int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, + const psa_key_id_t key); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) @@ -371,10 +330,10 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, * * \note This function replaces \c mbedtls_pk_setup() for RSA-alt. */ -int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, - mbedtls_pk_rsa_alt_decrypt_func decrypt_func, - mbedtls_pk_rsa_alt_sign_func sign_func, - mbedtls_pk_rsa_alt_key_len_func key_len_func ); +int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func); #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /** @@ -384,7 +343,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, * * \return Key size in bits, or 0 on error */ -size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); +size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx); /** * \brief Get the length in bytes of the underlying key @@ -393,9 +352,9 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); * * \return Key length in bytes, or 0 on error */ -static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) +static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx) { - return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 ); + return (mbedtls_pk_get_bitlen(ctx) + 7) / 8; } /** @@ -410,7 +369,7 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) * been initialized but not set up, or that has been * cleared with mbedtls_pk_free(). */ -int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); +int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type); /** * \brief Verify signature (including padding if relevant). @@ -424,21 +383,26 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); * * \return 0 on success (signature is valid), * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid - * signature in sig but its length is less than \p siglen, + * signature in \p sig but its length is less than \p sig_len, * or a specific error code. * * \note For RSA keys, the default padding type is PKCS#1 v1.5. * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... ) * to verify RSASSA_PSS signatures. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function, + * if the key might be an ECC (ECDSA) key. + * * \note If hash_len is 0, then the length associated with md_alg * is used instead, or an error returned if it is invalid. * * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0 */ -int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); +int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** * \brief Restartable version of \c mbedtls_pk_verify() @@ -460,11 +424,11 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - mbedtls_pk_restart_ctx *rs_ctx ); +int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx); /** * \brief Verify signature, with options. @@ -483,7 +447,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be * used for this type of signatures, * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid - * signature in sig but its length is less than \p siglen, + * signature in \p sig but its length is less than \p sig_len, * or a specific error code. * * \note If hash_len is 0, then the length associated with md_alg @@ -495,10 +459,10 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, * to a mbedtls_pk_rsassa_pss_options structure, * otherwise it must be NULL. */ -int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, - mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); +int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** * \brief Make signature, including padding if relevant. @@ -530,10 +494,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE. */ -int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Restartable version of \c mbedtls_pk_sign() @@ -563,12 +527,12 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_pk_restart_ctx *rs_ctx ); +int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx); /** * \brief Decrypt message (including padding if relevant). @@ -587,10 +551,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, * * \return 0 on success, or a specific error code. */ -int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Encrypt message (including padding if relevant). @@ -608,10 +572,10 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, * * \return 0 on success, or a specific error code. */ -int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** * \brief Check if a public-private pair of keys matches. @@ -625,7 +589,7 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid. * \return Another non-zero value if the keys do not match. */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ); +int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv); /** * \brief Export debug information @@ -635,7 +599,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte * * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA */ -int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ); +int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items); /** * \brief Access the type name @@ -644,7 +608,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item * * \return Type name on success, or "invalid PK" */ -const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); +const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx); /** * \brief Get the key type @@ -654,7 +618,54 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); * \return Type on success. * \return #MBEDTLS_PK_NONE for a context that has not been set up. */ -mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); +mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx); + +#if defined(MBEDTLS_RSA_C) +/** + * Quick access to an RSA context inside a PK context. + * + * \warning This function can only be used when the type of the context, as + * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA. + * Ensuring that is the caller's responsibility. + * Alternatively, you can check whether this function returns NULL. + * + * \return The internal RSA context held by the PK context, or NULL. + */ +static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk) +{ + switch (mbedtls_pk_get_type(&pk)) { + case MBEDTLS_PK_RSA: + return (mbedtls_rsa_context *) (pk).pk_ctx; + default: + return NULL; + } +} +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_ECP_C) +/** + * Quick access to an EC context inside a PK context. + * + * \warning This function can only be used when the type of the context, as + * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY, + * #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA. + * Ensuring that is the caller's responsibility. + * Alternatively, you can check whether this function returns NULL. + * + * \return The internal EC context held by the PK context, or NULL. + */ +static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk) +{ + switch (mbedtls_pk_get_type(&pk)) { + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + return (mbedtls_ecp_keypair *) (pk).pk_ctx; + default: + return NULL; + } +} +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PK_PARSE_C) /** \ingroup pk_module */ @@ -686,9 +697,9 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ); +int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen); /** \ingroup pk_module */ /** @@ -712,8 +723,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen ); +int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen); #if defined(MBEDTLS_FS_IO) /** \ingroup pk_module */ @@ -737,8 +748,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *password ); +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *password); /** \ingroup pk_module */ /** @@ -757,7 +768,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, * * \return 0 if successful, or a specific PK or PEM error code */ -int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ); +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_PK_PARSE_C */ @@ -775,7 +786,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) * \return length of data written if successful, or a specific * error code */ -int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_key_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); /** * \brief Write a public key to a SubjectPublicKeyInfo DER structure @@ -790,7 +801,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_ * \return length of data written if successful, or a specific * error code */ -int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -803,7 +814,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, si * * \return 0 if successful, or a specific error code */ -int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); /** * \brief Write a private key to a PKCS#1 or SEC1 PEM string @@ -815,7 +826,7 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, si * * \return 0 if successful, or a specific error code */ -int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size ); +int mbedtls_pk_write_key_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */ @@ -835,8 +846,8 @@ int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_ * * \return 0 if successful, or a specific PK error code */ -int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk ); +int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk); #endif /* MBEDTLS_PK_PARSE_C */ #if defined(MBEDTLS_PK_WRITE_C) @@ -850,8 +861,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * * \return the length written or a negative error code */ -int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, - const mbedtls_pk_context *key ); +int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key); #endif /* MBEDTLS_PK_WRITE_C */ /* @@ -859,7 +870,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, * know you do. */ #if defined(MBEDTLS_FS_IO) -int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -883,9 +894,9 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ); * \return \c 0 if successful. * \return An Mbed TLS error code otherwise. */ -int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_id_t *key, - psa_algorithm_t hash_alg ); +int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, + psa_key_id_t *key, + psa_algorithm_t hash_alg); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/pk_internal.h b/third_party/mbedtls/repo/include/mbedtls/pk_internal.h index 47f7767700c..15165acdf80 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pk_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/pk_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_WRAP_H @@ -31,8 +19,7 @@ #include "mbedtls/pk.h" -struct mbedtls_pk_info_t -{ +struct mbedtls_pk_info_t { /** Public key type */ mbedtls_pk_type_t type; @@ -40,75 +27,74 @@ struct mbedtls_pk_info_t const char *name; /** Get key size in bits */ - size_t (*get_bitlen)( const void * ); + size_t (*get_bitlen)(const void *); /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ - int (*can_do)( mbedtls_pk_type_t type ); + int (*can_do)(mbedtls_pk_type_t type); /** Verify signature */ - int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); + int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); /** Make signature */ - int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Verify signature (restartable) */ - int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ); + int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx); /** Make signature (restartable) */ - int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, void *rs_ctx ); + int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, void *rs_ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Decrypt message */ - int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Encrypt message */ - int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** Check public-private key pair */ - int (*check_pair_func)( const void *pub, const void *prv ); + int (*check_pair_func)(const void *pub, const void *prv); /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); + void * (*ctx_alloc_func)(void); /** Free the given context */ - void (*ctx_free_func)( void *ctx ); + void (*ctx_free_func)(void *ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Allocate the restart context */ - void * (*rs_alloc_func)( void ); + void *(*rs_alloc_func)(void); /** Free the restart context */ - void (*rs_free_func)( void *rs_ctx ); + void (*rs_free_func)(void *rs_ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Interface with the debug module */ - void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items ); + void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); }; #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* Container for RSA-alt */ -typedef struct -{ +typedef struct { void *key; mbedtls_pk_rsa_alt_decrypt_func decrypt_func; mbedtls_pk_rsa_alt_sign_func sign_func; diff --git a/third_party/mbedtls/repo/include/mbedtls/pkcs11.h b/third_party/mbedtls/repo/include/mbedtls/pkcs11.h index 3530ee16889..25d1dd1edd2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pkcs11.h +++ b/third_party/mbedtls/repo/include/mbedtls/pkcs11.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS11_H #define MBEDTLS_PKCS11_H @@ -36,7 +24,7 @@ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -50,10 +38,9 @@ extern "C" { /** * Context for PKCS #11 private keys. */ -typedef struct mbedtls_pkcs11_context -{ - pkcs11h_certificate_t pkcs11h_cert; - int len; +typedef struct mbedtls_pkcs11_context { + pkcs11h_certificate_t pkcs11h_cert; + int len; } mbedtls_pkcs11_context; #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -69,10 +56,10 @@ typedef struct mbedtls_pkcs11_context * \deprecated This function is deprecated and will be removed in a * future version of the library. */ -MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx); /** - * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. + * Fill in a Mbed TLS certificate, based on the given PKCS11 helper certificate. * * \deprecated This function is deprecated and will be removed in a * future version of the library. @@ -82,8 +69,8 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ); * * \return 0 on success. */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, - pkcs11h_certificate_t pkcs11h_cert ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, + pkcs11h_certificate_t pkcs11h_cert); /** * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the @@ -99,8 +86,8 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, * \return 0 on success */ MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind( - mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ); + mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert); /** * Free the contents of the given private key context. Note that the structure @@ -112,7 +99,7 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind( * \param priv_key Private key structure to cleanup */ MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free( - mbedtls_pkcs11_context *priv_key ); + mbedtls_pkcs11_context *priv_key); /** * \brief Do an RSA private key decrypt, then remove the message @@ -134,11 +121,11 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free( * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * an error is thrown. */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief Do a private RSA to sign a message digest @@ -159,12 +146,12 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ -MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * SSL/TLS wrappers for PKCS#11 functions @@ -172,13 +159,15 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, * \deprecated This function is deprecated and will be removed in a future * version of the library. */ -MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, - int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt(void *ctx, + int mode, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { - return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output, - output_max_len ); + return mbedtls_pkcs11_decrypt((mbedtls_pkcs11_context *) ctx, mode, olen, input, output, + output_max_len); } /** @@ -207,15 +196,21 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, * ctx->N. For example, 128 bytes if RSA-1024 is * used. */ -MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign(void *ctx, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { ((void) f_rng); ((void) p_rng); - return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_pkcs11_sign((mbedtls_pkcs11_context *) ctx, mode, md_alg, + hashlen, hash, sig); } /** @@ -228,9 +223,9 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx, * * \return The length of the private key. */ -MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx ) +MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len(void *ctx) { - return ( (mbedtls_pkcs11_context *) ctx )->len; + return ((mbedtls_pkcs11_context *) ctx)->len; } #undef MBEDTLS_DEPRECATED diff --git a/third_party/mbedtls/repo/include/mbedtls/pkcs12.h b/third_party/mbedtls/repo/include/mbedtls/pkcs12.h index d9e85b1d126..2ad5e9c3ff2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pkcs12.h +++ b/third_party/mbedtls/repo/include/mbedtls/pkcs12.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H @@ -70,15 +58,30 @@ extern "C" { * * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output ); +int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *input, size_t len, + unsigned char *output); /** * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's * + * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must + * be enabled at compile time. + * + * \warning When decrypting: + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile + * time, this function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile + * time, this function does not validate the CBC padding. + * * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or * #MBEDTLS_PKCS12_PBE_DECRYPT @@ -87,17 +90,76 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, * \param pwd Latin1-encoded password used. This may only be \c NULL when * \p pwdlen is 0. No null terminator should be used. * \param pwdlen length of the password (may be 0) - * \param input the input data + * \param data the input data * \param len data length - * \param output the output buffer + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p len + * bytes. + * For encryption, there must be enough room for + * \p len + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. + * + * \return 0 if successful, or a MBEDTLS_ERR_XXX code + */ +int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output); + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + +/** + * \brief PKCS12 Password Based function (encryption / decryption) + * for cipher-based and mbedtls_md-based PBE's + * + * + * \warning When decrypting: + * - This function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * + * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure + * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or + * #MBEDTLS_PKCS12_PBE_DECRYPT + * \param cipher_type the cipher used + * \param md_type the mbedtls_md used + * \param pwd Latin1-encoded password used. This may only be \c NULL when + * \p pwdlen is 0. No null terminator should be used. + * \param pwdlen length of the password (may be 0) + * \param data the input data + * \param len data length + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p len + * bytes. + * For encryption, there must be enough room for + * \p len + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. + * \param output_size size of output buffer. + * This must be big enough to accommodate for output plus + * padding data. + * \param output_len On success, length of actual data written to the output buffer. * * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, - mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output ); +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len); + +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -128,10 +190,10 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, * * \return 0 if successful, or a MD, BIGNUM type error. */ -int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *salt, size_t saltlen, - mbedtls_md_type_t mbedtls_md, int id, int iterations ); +int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + mbedtls_md_type_t mbedtls_md, int id, int iterations); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/pkcs5.h b/third_party/mbedtls/repo/include/mbedtls/pkcs5.h index 696930f745f..05bea484f17 100644 --- a/third_party/mbedtls/repo/include/mbedtls/pkcs5.h +++ b/third_party/mbedtls/repo/include/mbedtls/pkcs5.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H @@ -57,20 +45,86 @@ extern "C" { /** * \brief PKCS#5 PBES2 function * + * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must + * be enabled at compile time. + * + * \warning When decrypting: + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile + * time, this function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile + * time, this function does not validate the CBC padding. + * * \param pbe_params the ASN.1 algorithm parameters - * \param mode either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT + * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT * \param pwd password to use when generating key * \param pwdlen length of password * \param data data to process * \param datalen length of data - * \param output output buffer + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p datalen + * bytes. + * For encryption, there must be enough room for + * \p datalen + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. * * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output ); +int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output); + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + +/** + * \brief PKCS#5 PBES2 function + * + * \warning When decrypting: + * - This function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * + * \param pbe_params the ASN.1 algorithm parameters + * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT + * \param pwd password to use when generating key + * \param pwdlen length of password + * \param data data to process + * \param datalen length of data + * \param output Output buffer. + * On success, it contains the decrypted data. + * On failure, the content is indetermidate. + * For decryption, there must be enough room for \p datalen + * bytes. + * For encryption, there must be enough room for + * \p datalen + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. + * \param output_size size of output buffer. + * This must be big enough to accommodate for output plus + * padding data. + * \param output_len On success, length of actual data written to the output buffer. + * + * \returns 0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails. + */ +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len); + +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -88,10 +142,10 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password, - size_t plen, const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ); +int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output); #if defined(MBEDTLS_SELF_TEST) @@ -100,7 +154,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_pkcs5_self_test( int verbose ); +int mbedtls_pkcs5_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/platform.h b/third_party/mbedtls/repo/include/mbedtls/platform.h index bdef07498d7..17639542b67 100644 --- a/third_party/mbedtls/repo/include/mbedtls/platform.h +++ b/third_party/mbedtls/repo/include/mbedtls/platform.h @@ -11,22 +11,17 @@ * implementations of these functions, or implementations specific to * their platform, which can be statically linked to the library or * dynamically configured at runtime. + * + * When all compilation options related to platform abstraction are + * disabled, this header just defines `mbedtls_xxx` function names + * as aliases to the standard `xxx` function. + * + * Most modules in the library and example programs are expected to + * include this header. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_H #define MBEDTLS_PLATFORM_H @@ -70,7 +65,9 @@ extern "C" { #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */ @@ -126,22 +123,35 @@ extern "C" { #endif #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +/* Enable certain documented defines only when generating doxygen to avoid + * an "unrecognized define" error. */ +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_CALLOC) +#define MBEDTLS_PLATFORM_STD_CALLOC +#endif + +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_FREE) +#define MBEDTLS_PLATFORM_STD_FREE +#endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ /* * The function pointers for calloc and free. + * Please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE + * in mbedtls_config.h for more information about behaviour and requirements. */ #if defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#undef mbedtls_free +#undef mbedtls_calloc #define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO #define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO #else /* For size_t */ #include -extern void *mbedtls_calloc( size_t n, size_t size ); -extern void mbedtls_free( void *ptr ); +extern void *mbedtls_calloc(size_t n, size_t size); +extern void mbedtls_free(void *ptr); /** * \brief This function dynamically sets the memory-management @@ -152,10 +162,12 @@ extern void mbedtls_free( void *ptr ); * * \return \c 0. */ -int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), - void (*free_func)( void * ) ); +int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), + void (*free_func)(void *)); #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #else /* !MBEDTLS_PLATFORM_MEMORY */ +#undef mbedtls_free +#undef mbedtls_calloc #define mbedtls_free free #define mbedtls_calloc calloc #endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ @@ -166,7 +178,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) /* We need FILE * */ #include -extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); +extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...); /** * \brief This function dynamically configures the fprintf @@ -177,9 +189,10 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... ); * * \return \c 0. */ -int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, - ... ) ); +int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *, + ...)); #else +#undef mbedtls_fprintf #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO #else @@ -191,7 +204,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char * The function pointers for printf */ #if defined(MBEDTLS_PLATFORM_PRINTF_ALT) -extern int (*mbedtls_printf)( const char *format, ... ); +extern int (*mbedtls_printf)(const char *format, ...); /** * \brief This function dynamically configures the snprintf @@ -202,8 +215,9 @@ extern int (*mbedtls_printf)( const char *format, ... ); * * \return \c 0 on success. */ -int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); +int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)); #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ +#undef mbedtls_printf #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO #else @@ -222,11 +236,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ); */ #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) /* For Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ); +int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...); #endif #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) -extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); +extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...); /** * \brief This function allows configuring a custom @@ -236,9 +250,10 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... ); * * \return \c 0 on success. */ -int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, ... ) ); +int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, + const char *format, ...)); #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#undef mbedtls_snprintf #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #else @@ -258,12 +273,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #include /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ -int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ); +int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg); #endif #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) #include -extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg ); +extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg); /** * \brief Set your own snprintf function pointer @@ -272,9 +287,10 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis * * \return \c 0 */ -int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, - const char * format, va_list arg ) ); +int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, + const char *format, va_list arg)); #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ +#undef mbedtls_vsnprintf #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO #else @@ -286,7 +302,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, * The function pointers for exit */ #if defined(MBEDTLS_PLATFORM_EXIT_ALT) -extern void (*mbedtls_exit)( int status ); +extern void (*mbedtls_exit)(int status); /** * \brief This function dynamically configures the exit @@ -297,8 +313,9 @@ extern void (*mbedtls_exit)( int status ); * * \return \c 0 on success. */ -int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); +int mbedtls_platform_set_exit(void (*exit_func)(int status)); #else +#undef mbedtls_exit #if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO #else @@ -329,13 +346,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ); #if defined(MBEDTLS_ENTROPY_NV_SEED) #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO) /* Internal standard platform definitions */ -int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ); -int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ); +int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len); +int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len); #endif #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) -extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ); -extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); +extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len); +extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len); /** * \brief This function allows configuring custom seed file writing and @@ -347,10 +364,12 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ); * \return \c 0 on success. */ int mbedtls_platform_set_nv_seed( - int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), - int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) - ); + int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len), + int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len) + ); #else +#undef mbedtls_nv_seed_read +#undef mbedtls_nv_seed_write #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) #define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO @@ -370,8 +389,7 @@ int mbedtls_platform_set_nv_seed( * \note This structure may be used to assist platform-specific * setup or teardown operations. */ -typedef struct mbedtls_platform_context -{ +typedef struct mbedtls_platform_context { char dummy; /**< A placeholder member, as empty structs are not portable. */ } mbedtls_platform_context; @@ -395,7 +413,7 @@ mbedtls_platform_context; * * \return \c 0 on success. */ -int mbedtls_platform_setup( mbedtls_platform_context *ctx ); +int mbedtls_platform_setup(mbedtls_platform_context *ctx); /** * \brief This function performs any platform teardown operations. * @@ -410,7 +428,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx ); * \param ctx The platform context. * */ -void mbedtls_platform_teardown( mbedtls_platform_context *ctx ); +void mbedtls_platform_teardown(mbedtls_platform_context *ctx); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/platform_time.h b/third_party/mbedtls/repo/include/mbedtls/platform_time.h index 7e7daab6920..9671c88d09e 100644 --- a/third_party/mbedtls/repo/include/mbedtls/platform_time.h +++ b/third_party/mbedtls/repo/include/mbedtls/platform_time.h @@ -1,23 +1,11 @@ /** * \file platform_time.h * - * \brief mbed TLS Platform time abstraction + * \brief Mbed TLS Platform time abstraction */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H @@ -32,14 +20,6 @@ extern "C" { #endif -/** - * \name SECTION: Module settings - * - * The configuration options you can set for this module are in this section. - * Either change them in config.h or define them on the compiler command line. - * \{ - */ - /* * The time_t datatype */ @@ -55,7 +35,7 @@ typedef time_t mbedtls_time_t; * The function pointers for time */ #if defined(MBEDTLS_PLATFORM_TIME_ALT) -extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); +extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time); /** * \brief Set your own time function pointer @@ -64,7 +44,7 @@ extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time ); * * \return 0 */ -int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) ); +int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time)); #else #if defined(MBEDTLS_PLATFORM_TIME_MACRO) #define mbedtls_time MBEDTLS_PLATFORM_TIME_MACRO diff --git a/third_party/mbedtls/repo/include/mbedtls/platform_util.h b/third_party/mbedtls/repo/include/mbedtls/platform_util.h index f982db8c01c..74e2a1db6cc 100644 --- a/third_party/mbedtls/repo/include/mbedtls/platform_util.h +++ b/third_party/mbedtls/repo/include/mbedtls/platform_util.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H @@ -56,18 +44,18 @@ extern "C" { #define MBEDTLS_PARAM_FAILED_ALT #elif defined(MBEDTLS_CHECK_PARAMS_ASSERT) -#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) +#define MBEDTLS_PARAM_FAILED(cond) assert(cond) #define MBEDTLS_PARAM_FAILED_ALT #else /* MBEDTLS_PARAM_FAILED */ -#define MBEDTLS_PARAM_FAILED( cond ) \ - mbedtls_param_failed( #cond, __FILE__, __LINE__ ) +#define MBEDTLS_PARAM_FAILED(cond) \ + mbedtls_param_failed( #cond, __FILE__, __LINE__) /** * \brief User supplied callback function for parameter validation failure. * See #MBEDTLS_CHECK_PARAMS for context. * - * This function will be called unless an alternative treatement + * This function will be called unless an alternative treatment * is defined through the #MBEDTLS_PARAM_FAILED macro. * * This function can return, and the operation will be aborted, or @@ -78,36 +66,36 @@ extern "C" { * \param file The file where the assertion failed. * \param line The line in the file where the assertion failed. */ -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ); +void mbedtls_param_failed(const char *failure_condition, + const char *file, + int line); #endif /* MBEDTLS_PARAM_FAILED */ /* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) \ +#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) \ do { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_PARAM_FAILED( cond ); \ - return( ret ); \ + MBEDTLS_PARAM_FAILED(cond); \ + return ret; \ } \ - } while( 0 ) + } while (0) /* Internal macro meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE( cond ) \ +#define MBEDTLS_INTERNAL_VALIDATE(cond) \ do { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_PARAM_FAILED( cond ); \ + MBEDTLS_PARAM_FAILED(cond); \ return; \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_CHECK_PARAMS */ /* Internal macros meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) -#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) +#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0) +#define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0) #endif /* MBEDTLS_CHECK_PARAMS */ @@ -119,16 +107,16 @@ void mbedtls_param_failed( const char *failure_condition, * it, too. We might want to move all these definitions here at * some point for uniformity. */ #define MBEDTLS_DEPRECATED __attribute__((deprecated)) -MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ - ( (mbedtls_deprecated_string_constant_t) ( VAL ) ) +MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t; +#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) \ + ((mbedtls_deprecated_string_constant_t) (VAL)) MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; -#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ - ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) \ + ((mbedtls_deprecated_numeric_constant_t) (VAL)) #undef MBEDTLS_DEPRECATED #else /* MBEDTLS_DEPRECATED_WARNING */ -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL -#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL +#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL #endif /* MBEDTLS_DEPRECATED_WARNING */ #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -198,7 +186,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * * This macro has an empty expansion. It exists for documentation purposes: * a #MBEDTLS_CHECK_RETURN_OPTIONAL annotation indicates that the function - * has been analyzed for return-check usefuless, whereas the lack of + * has been analyzed for return-check usefulness, whereas the lack of * an annotation indicates that the function has not been analyzed and its * return-check usefulness is unknown. */ @@ -218,9 +206,14 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34 */ -#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) ) +#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result)) #endif +/* If the following macro is defined, the library is being built by the test + * framework, and the framework is going to provide a replacement + * mbedtls_platform_zeroize() using a preprocessor macro, so the function + * declaration should be omitted. */ +#if !defined(MBEDTLS_TEST_DEFINES_ZEROIZE) //no-check-names /** * \brief Securely zeroize a buffer * @@ -243,7 +236,8 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * \param len Length of the buffer in bytes * */ -void mbedtls_platform_zeroize( void *buf, size_t len ); +void mbedtls_platform_zeroize(void *buf, size_t len); +#endif #if defined(MBEDTLS_HAVE_TIME_DATE) /** @@ -272,8 +266,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len ); * \return Pointer to an object of type struct tm on success, otherwise * NULL */ -struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, - struct tm *tm_buf ); +struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt, + struct tm *tm_buf); #endif /* MBEDTLS_HAVE_TIME_DATE */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/poly1305.h b/third_party/mbedtls/repo/include/mbedtls/poly1305.h index a69ede98b5e..ecbd9848794 100644 --- a/third_party/mbedtls/repo/include/mbedtls/poly1305.h +++ b/third_party/mbedtls/repo/include/mbedtls/poly1305.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_POLY1305_H @@ -60,8 +48,7 @@ extern "C" { #if !defined(MBEDTLS_POLY1305_ALT) -typedef struct mbedtls_poly1305_context -{ +typedef struct mbedtls_poly1305_context { uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */ uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */ uint32_t acc[5]; /** The accumulator number. */ @@ -89,7 +76,7 @@ mbedtls_poly1305_context; * \param ctx The Poly1305 context to initialize. This must * not be \c NULL. */ -void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); +void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx); /** * \brief This function releases and clears the specified @@ -99,7 +86,7 @@ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); * case this function is a no-op. If it is not \c NULL, it must * point to an initialized Poly1305 context. */ -void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); +void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx); /** * \brief This function sets the one-time authentication key. @@ -114,8 +101,8 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, - const unsigned char key[32] ); +int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx, + const unsigned char key[32]); /** * \brief This functions feeds an input buffer into an ongoing @@ -135,9 +122,9 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function generates the Poly1305 Message @@ -151,8 +138,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, - unsigned char mac[16] ); +int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx, + unsigned char mac[16]); /** * \brief This function calculates the Poly1305 MAC of the input @@ -172,10 +159,10 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_poly1305_mac( const unsigned char key[32], - const unsigned char *input, - size_t ilen, - unsigned char mac[16] ); +int mbedtls_poly1305_mac(const unsigned char key[32], + const unsigned char *input, + size_t ilen, + unsigned char mac[16]); #if defined(MBEDTLS_SELF_TEST) /** @@ -184,7 +171,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32], * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_poly1305_self_test( int verbose ); +int mbedtls_poly1305_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/psa_util.h b/third_party/mbedtls/repo/include/mbedtls/psa_util.h index af7a809e40b..6d7e4446430 100644 --- a/third_party/mbedtls/repo/include/mbedtls/psa_util.h +++ b/third_party/mbedtls/repo/include/mbedtls/psa_util.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_UTIL_H @@ -46,10 +34,9 @@ /* Translations for symmetric crypto. */ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( - mbedtls_cipher_type_t cipher ) + mbedtls_cipher_type_t cipher) { - switch( cipher ) - { + switch (cipher) { case MBEDTLS_CIPHER_AES_128_CCM: case MBEDTLS_CIPHER_AES_192_CCM: case MBEDTLS_CIPHER_AES_256_CCM: @@ -62,7 +49,7 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_256_ECB: - return( PSA_KEY_TYPE_AES ); + return PSA_KEY_TYPE_AES; /* ARIA not yet supported in PSA. */ /* case MBEDTLS_CIPHER_ARIA_128_CCM: @@ -77,87 +64,85 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type( return( PSA_KEY_TYPE_ARIA ); */ default: - return( 0 ); + return 0; } } static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( - mbedtls_cipher_mode_t mode, size_t taglen ) + mbedtls_cipher_mode_t mode, size_t taglen) { - switch( mode ) - { + switch (mode) { case MBEDTLS_MODE_ECB: - return( PSA_ALG_ECB_NO_PADDING ); + return PSA_ALG_ECB_NO_PADDING; case MBEDTLS_MODE_GCM: - return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, taglen ) ); + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen); case MBEDTLS_MODE_CCM: - return( PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, taglen ) ); + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen); case MBEDTLS_MODE_CBC: - if( taglen == 0 ) - return( PSA_ALG_CBC_NO_PADDING ); - else - return( 0 ); + if (taglen == 0) { + return PSA_ALG_CBC_NO_PADDING; + } else { + return 0; + } default: - return( 0 ); + return 0; } } static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( - mbedtls_operation_t op ) + mbedtls_operation_t op) { - switch( op ) - { + switch (op) { case MBEDTLS_ENCRYPT: - return( PSA_KEY_USAGE_ENCRYPT ); + return PSA_KEY_USAGE_ENCRYPT; case MBEDTLS_DECRYPT: - return( PSA_KEY_USAGE_DECRYPT ); + return PSA_KEY_USAGE_DECRYPT; default: - return( 0 ); + return 0; } } /* Translations for hashing. */ -static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg ) +static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg) { - switch( md_alg ) - { + switch (md_alg) { #if defined(MBEDTLS_MD2_C) - case MBEDTLS_MD_MD2: - return( PSA_ALG_MD2 ); + case MBEDTLS_MD_MD2: + return PSA_ALG_MD2; #endif #if defined(MBEDTLS_MD4_C) - case MBEDTLS_MD_MD4: - return( PSA_ALG_MD4 ); + case MBEDTLS_MD_MD4: + return PSA_ALG_MD4; #endif #if defined(MBEDTLS_MD5_C) - case MBEDTLS_MD_MD5: - return( PSA_ALG_MD5 ); + case MBEDTLS_MD_MD5: + return PSA_ALG_MD5; #endif #if defined(MBEDTLS_SHA1_C) - case MBEDTLS_MD_SHA1: - return( PSA_ALG_SHA_1 ); + case MBEDTLS_MD_SHA1: + return PSA_ALG_SHA_1; #endif #if defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_SHA224: - return( PSA_ALG_SHA_224 ); - case MBEDTLS_MD_SHA256: - return( PSA_ALG_SHA_256 ); + case MBEDTLS_MD_SHA224: + return PSA_ALG_SHA_224; + case MBEDTLS_MD_SHA256: + return PSA_ALG_SHA_256; #endif #if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA384: - return( PSA_ALG_SHA_384 ); - case MBEDTLS_MD_SHA512: - return( PSA_ALG_SHA_512 ); + case MBEDTLS_MD_SHA384: + return PSA_ALG_SHA_384; + case MBEDTLS_MD_SHA512: + return PSA_ALG_SHA_512; #endif #if defined(MBEDTLS_RIPEMD160_C) - case MBEDTLS_MD_RIPEMD160: - return( PSA_ALG_RIPEMD160 ); + case MBEDTLS_MD_RIPEMD160: + return PSA_ALG_RIPEMD160; #endif - case MBEDTLS_MD_NONE: - return( 0 ); - default: - return( 0 ); + case MBEDTLS_MD_NONE: + return 0; + default: + return 0; } } @@ -165,202 +150,197 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg static inline int mbedtls_psa_get_ecc_oid_from_id( psa_ecc_family_t curve, size_t bits, - char const **oid, size_t *oid_len ) + char const **oid, size_t *oid_len) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) case 192: *oid = MBEDTLS_OID_EC_GRP_SECP192R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) case 224: *oid = MBEDTLS_OID_EC_GRP_SECP224R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_SECP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) case 384: *oid = MBEDTLS_OID_EC_GRP_SECP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP384R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) case 521: *oid = MBEDTLS_OID_EC_GRP_SECP521R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP521R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ } break; case PSA_ECC_FAMILY_SECP_K1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) case 192: *oid = MBEDTLS_OID_EC_GRP_SECP192K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP192K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) case 224: *oid = MBEDTLS_OID_EC_GRP_SECP224K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP224K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_SECP256K1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_SECP256K1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1); + return 0; #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch( bits ) - { + switch (bits) { #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) case 256: *oid = MBEDTLS_OID_EC_GRP_BP256R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP256R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) case 384: *oid = MBEDTLS_OID_EC_GRP_BP384R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP384R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) case 512: *oid = MBEDTLS_OID_EC_GRP_BP512R1; - *oid_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_EC_GRP_BP512R1 ); - return( 0 ); + *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1); + return 0; #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ } break; } (void) oid; (void) oid_len; - return( -1 ); + return -1; } #define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH 1 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((521 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 521 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((521 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((192 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 192 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((192 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((224 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 224 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((224 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((256 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 256 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((256 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((384 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 384 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((384 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) -#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) +#if MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH < (2 * ((512 + 7) / 8) + 1) #undef MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH ( 2 * ( ( 512 + 7 ) / 8 ) + 1 ) +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH (2 * ((512 + 7) / 8) + 1) #endif #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ /* Translations for PK layer */ -static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) +static inline int mbedtls_psa_err_translate_pk(psa_status_t status) { - switch( status ) - { + switch (status) { case PSA_SUCCESS: - return( 0 ); + return 0; case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + return MBEDTLS_ERR_PK_ALLOC_FAILED; case PSA_ERROR_INSUFFICIENT_ENTROPY: - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + return MBEDTLS_ERR_ECP_RANDOM_FAILED; case PSA_ERROR_BAD_STATE: - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; /* All other failures */ case PSA_ERROR_COMMUNICATION_FAILURE: case PSA_ERROR_HARDWARE_FAILURE: case PSA_ERROR_CORRUPTION_DETECTED: - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; default: /* We return the same as for the 'other failures', * but list them separately nonetheless to indicate * which failure conditions we have considered. */ - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; } } @@ -371,14 +351,15 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) * into a PSA ECC group identifier. */ #if defined(MBEDTLS_ECP_C) static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( - uint16_t tls_ecc_grp_reg_id, size_t *bits ) + uint16_t tls_ecc_grp_reg_id, size_t *bits) { const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id ); - if( curve_info == NULL ) - return( 0 ); - return( PSA_KEY_TYPE_ECC_KEY_PAIR( - mbedtls_ecc_group_to_psa( curve_info->grp_id, bits ) ) ); + mbedtls_ecp_curve_info_from_tls_id(tls_ecc_grp_reg_id); + if (curve_info == NULL) { + return 0; + } + return PSA_KEY_TYPE_ECC_KEY_PAIR( + mbedtls_ecc_group_to_psa(curve_info->grp_id, bits)); } #endif /* MBEDTLS_ECP_C */ @@ -392,14 +373,14 @@ static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group( * as a subbuffer, and the function merely selects this subbuffer instead * of making a copy. */ -static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, - size_t srclen, - unsigned char **dst, - size_t *dstlen ) +static inline int mbedtls_psa_tls_psa_ec_to_ecpoint(unsigned char *src, + size_t srclen, + unsigned char **dst, + size_t *dstlen) { *dst = src; *dstlen = srclen; - return( 0 ); + return 0; } /* This function takes a buffer holding an ECPoint structure @@ -407,18 +388,19 @@ static inline int mbedtls_psa_tls_psa_ec_to_ecpoint( unsigned char *src, * exchanges) and converts it into a format that the PSA key * agreement API understands. */ -static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src, - size_t srclen, - unsigned char *dst, - size_t dstlen, - size_t *olen ) +static inline int mbedtls_psa_tls_ecpoint_to_psa_ec(unsigned char const *src, + size_t srclen, + unsigned char *dst, + size_t dstlen, + size_t *olen) { - if( srclen > dstlen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (srclen > dstlen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - memcpy( dst, src, srclen ); + memcpy(dst, src, srclen); *olen = srclen; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -435,7 +417,7 @@ static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src, * This type name is not part of the Mbed TLS stable API. It may be renamed * or moved without warning. */ -typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size ); +typedef int mbedtls_f_rng_t(void *p_rng, unsigned char *output, size_t output_size); #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) @@ -474,9 +456,9 @@ typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_s * `MBEDTLS_ERR_CTR_DRBG_xxx` or * `MBEDTLS_ERR_HMAC_DRBG_xxx` on error. */ -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ); +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size); /** The random generator state for the PSA subsystem. * diff --git a/third_party/mbedtls/repo/include/mbedtls/ripemd160.h b/third_party/mbedtls/repo/include/mbedtls/ripemd160.h index 63270d12394..38318a2b880 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ripemd160.h +++ b/third_party/mbedtls/repo/include/mbedtls/ripemd160.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RIPEMD160_H #define MBEDTLS_RIPEMD160_H @@ -47,8 +35,7 @@ extern "C" { /** * \brief RIPEMD-160 context structure */ -typedef struct mbedtls_ripemd160_context -{ +typedef struct mbedtls_ripemd160_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[5]; /*!< intermediate digest state */ unsigned char buffer[64]; /*!< data block being processed */ @@ -64,23 +51,23 @@ mbedtls_ripemd160_context; * * \param ctx RIPEMD-160 context to be initialized */ -void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ); +void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx); /** * \brief Clear RIPEMD-160 context * * \param ctx RIPEMD-160 context to be cleared */ -void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ); +void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx); /** - * \brief Clone (the state of) an RIPEMD-160 context + * \brief Clone (the state of) a RIPEMD-160 context * * \param dst The destination context * \param src The context to be cloned */ -void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, - const mbedtls_ripemd160_context *src ); +void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src); /** * \brief RIPEMD-160 context setup @@ -89,7 +76,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, * * \return 0 if successful */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); +int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx); /** * \brief RIPEMD-160 process buffer @@ -100,9 +87,9 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ); * * \return 0 if successful */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief RIPEMD-160 final digest @@ -112,8 +99,8 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ); +int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx, + unsigned char output[20]); /** * \brief RIPEMD-160 process data block (internal use only) @@ -123,8 +110,8 @@ int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, * * \return 0 if successful */ -int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -140,7 +127,7 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, * \param ctx context to be initialized */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts( - mbedtls_ripemd160_context *ctx ); + mbedtls_ripemd160_context *ctx); /** * \brief RIPEMD-160 process buffer @@ -152,9 +139,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts( * \param ilen length of the input data */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_update( - mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ); + mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief RIPEMD-160 final digest @@ -165,8 +152,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_update( * \param output RIPEMD-160 checksum result */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish( - mbedtls_ripemd160_context *ctx, - unsigned char output[20] ); + mbedtls_ripemd160_context *ctx, + unsigned char output[20]); /** * \brief RIPEMD-160 process data block (internal use only) @@ -177,8 +164,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish( * \param data buffer holding one block of data */ MBEDTLS_DEPRECATED void mbedtls_ripemd160_process( - mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ); + mbedtls_ripemd160_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -192,9 +179,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_process( * * \return 0 if successful */ -int mbedtls_ripemd160_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_ripemd160_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -211,9 +198,9 @@ int mbedtls_ripemd160_ret( const unsigned char *input, * \param ilen length of the input data * \param output RIPEMD-160 checksum result */ -MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_ripemd160(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -225,7 +212,7 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_ripemd160_self_test( int verbose ); +int mbedtls_ripemd160_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/rsa.h b/third_party/mbedtls/repo/include/mbedtls/rsa.h index 3c481e12a17..1779775155f 100644 --- a/third_party/mbedtls/repo/include/mbedtls/rsa.h +++ b/third_party/mbedtls/repo/include/mbedtls/rsa.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RSA_H #define MBEDTLS_RSA_H @@ -88,7 +76,7 @@ /* * The above constants may be used even if the RSA module is compile out, - * eg for alternative (PKCS#11) RSA implemenations in the PK layers. + * eg for alternative (PKCS#11) RSA implementations in the PK layers. */ #ifdef __cplusplus @@ -106,8 +94,7 @@ extern "C" { * is deprecated. All manipulation should instead be done through * the public interface functions. */ -typedef struct mbedtls_rsa_context -{ +typedef struct mbedtls_rsa_context { int ver; /*!< Reserved for internal purposes. * Do not set this field in application * code. Its meaning might change without @@ -134,8 +121,8 @@ typedef struct mbedtls_rsa_context mbedtls_mpi Vf; /*!< The cached un-blinding value. */ int padding; /*!< Selects padding mode: - #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and - #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ + #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and + #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */ int hash_id; /*!< Hash identifier of mbedtls_md_type_t type, as specified in md.h for use in the MGF mask generating function used in the @@ -178,9 +165,9 @@ mbedtls_rsa_context; * \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused * otherwise. */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ); +void mbedtls_rsa_init(mbedtls_rsa_context *ctx, + int padding, + int hash_id); /** * \brief This function imports a set of core parameters into an @@ -211,10 +198,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return A non-zero error code on failure. */ -int mbedtls_rsa_import( mbedtls_rsa_context *ctx, - const mbedtls_mpi *N, - const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *E ); +int mbedtls_rsa_import(mbedtls_rsa_context *ctx, + const mbedtls_mpi *N, + const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *E); /** * \brief This function imports core RSA parameters, in raw big-endian @@ -250,26 +237,26 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return A non-zero error code on failure. */ -int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, - unsigned char const *N, size_t N_len, - unsigned char const *P, size_t P_len, - unsigned char const *Q, size_t Q_len, - unsigned char const *D, size_t D_len, - unsigned char const *E, size_t E_len ); +int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, + unsigned char const *N, size_t N_len, + unsigned char const *P, size_t P_len, + unsigned char const *Q, size_t Q_len, + unsigned char const *D, size_t D_len, + unsigned char const *E, size_t E_len); /** * \brief This function completes an RSA context from * a set of imported core parameters. * - * To setup an RSA public key, precisely \p N and \p E + * To setup an RSA public key, precisely \c N and \c E * must have been imported. * * To setup an RSA private key, sufficient information must * be present for the other parameters to be derivable. * * The default implementation supports the following: - *
  • Derive \p P, \p Q from \p N, \p D, \p E.
    • - *
  • Derive \p N, \p D from \p P, \p Q, \p E.
+ *
  • Derive \c P, \c Q from \c N, \c D, \c E.
    • + *
  • Derive \c N, \c D from \c P, \c Q, \c E.
* Alternative implementations need not support these. * * If this function runs successfully, it guarantees that @@ -289,7 +276,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, * failed. * */ -int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); +int mbedtls_rsa_complete(mbedtls_rsa_context *ctx); /** * \brief This function exports the core parameters of an RSA key. @@ -331,9 +318,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); * \return A non-zero return code on any other failure. * */ -int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, - mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, - mbedtls_mpi *D, mbedtls_mpi *E ); +int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, + mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, + mbedtls_mpi *D, mbedtls_mpi *E); /** * \brief This function exports core parameters of an RSA key @@ -382,12 +369,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * functionality or because of security policies. * \return A non-zero return code on any other failure. */ -int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, - unsigned char *N, size_t N_len, - unsigned char *P, size_t P_len, - unsigned char *Q, size_t Q_len, - unsigned char *D, size_t D_len, - unsigned char *E, size_t E_len ); +int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, + unsigned char *N, size_t N_len, + unsigned char *P, size_t P_len, + unsigned char *Q, size_t Q_len, + unsigned char *D, size_t D_len, + unsigned char *E, size_t E_len); /** * \brief This function exports CRT parameters of a private RSA key. @@ -408,8 +395,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, * \return A non-zero error code on failure. * */ -int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, - mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ); +int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, + mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP); /** * \brief This function sets padding for an already initialized RSA @@ -420,8 +407,8 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ); +void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, + int hash_id); /** * \brief This function retrieves the length of RSA modulus in Bytes. @@ -431,7 +418,7 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, * \return The length of the RSA modulus in Bytes. * */ -size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); +size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx); /** * \brief This function generates an RSA keypair. @@ -451,10 +438,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - unsigned int nbits, int exponent ); +int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent); /** * \brief This function checks if a context contains at least an RSA @@ -470,7 +457,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); +int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx); /** * \brief This function checks if a context contains an RSA private key @@ -491,7 +478,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); * the current function does not have access to them, * and therefore cannot check them. See mbedtls_rsa_complete(). * If you want to check the consistency of the entire - * content of an PKCS1-encoded RSA private key, for example, you + * content of a PKCS1-encoded RSA private key, for example, you * should use mbedtls_rsa_validate_params() before setting * up the RSA context. * Additionally, if the implementation performs empirical checks, @@ -508,7 +495,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); +int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx); /** * \brief This function checks a public-private RSA key pair. @@ -521,8 +508,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, - const mbedtls_rsa_context *prv ); +int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, + const mbedtls_rsa_context *prv); /** * \brief This function performs an RSA public key operation. @@ -538,21 +525,21 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, * \note This function does not handle message padding. * * \note Make sure to set \p input[0] = 0 or ensure that - * input is smaller than \p N. + * input is smaller than \c N. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_public( mbedtls_rsa_context *ctx, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_public(mbedtls_rsa_context *ctx, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an RSA private key operation. * * \note Blinding is used if and only if a PRNG is provided. * - * \note If blinding is used, both the base of exponentation + * \note If blinding is used, both the base of exponentiation * and the exponent are blinded, providing protection * against some side-channel attacks. * @@ -578,11 +565,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_private( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_private(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + const unsigned char *input, + unsigned char *output); /** * \brief This function adds the message padding, then performs an RSA @@ -623,12 +610,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs a PKCS#1 v1.5 encryption operation @@ -664,12 +651,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs a PKCS#1 v2.1 OAEP encryption @@ -687,7 +674,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * mode being set to #MBEDTLS_RSA_PRIVATE and might instead * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * - * \param ctx The initnialized RSA context to use. + * \param ctx The initialized RSA context to use. * \param f_rng The RNG function to use. This is needed for padding * generation and must be provided. * \param p_rng The RNG context to be passed to \p f_rng. This may @@ -709,14 +696,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t ilen, - const unsigned char *input, - unsigned char *output ); +int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output); /** * \brief This function performs an RSA operation, then removes the @@ -725,6 +712,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * It is the generic wrapper for performing a PKCS#1 decryption * operation using the \p mode from the context. * + * \warning When \p ctx->padding is set to #MBEDTLS_RSA_PKCS_V15, + * mbedtls_rsa_rsaes_pkcs1_v15_decrypt() is called, which is an + * inherently dangerous function (CWE-242). + * * \note The output buffer length \c output_max_len should be * as large as the size \p ctx->len of \p ctx->N (for example, * 128 Bytes if RSA-1024 is used) to be able to hold an @@ -762,18 +753,23 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a PKCS#1 v1.5 decryption * operation (RSAES-PKCS1-v1_5-DECRYPT). * + * \warning This is an inherently dangerous function (CWE-242). Unless + * it is used in a side channel free and safe way (eg. + * implementing the TLS protocol as per 7.4.7.1 of RFC 5246), + * the calling code is vulnerable. + * * \note The output buffer length \c output_max_len should be * as large as the size \p ctx->len of \p ctx->N, for example, * 128 Bytes if RSA-1024 is used, to be able to hold an @@ -812,13 +808,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. * */ -int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a PKCS#1 v2.1 OAEP decryption @@ -866,15 +862,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); +int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len); /** * \brief This function performs a private RSA operation to sign @@ -926,14 +922,14 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v1.5 signature @@ -974,14 +970,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS signature @@ -1029,14 +1025,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS signature @@ -1093,14 +1089,14 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); /** * \brief This function performs a public RSA operation and checks @@ -1110,8 +1106,8 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * verification using the mode from the context. * * \note For PKCS#1 v2.1 encoding, see comments on - * mbedtls_rsa_rsassa_pss_verify() about \p md_alg and - * \p hash_id. + * mbedtls_rsa_rsassa_pss_verify() about \c md_alg and + * \c hash_id. * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library @@ -1146,14 +1142,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v1.5 verification @@ -1192,14 +1188,14 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS verification @@ -1248,14 +1244,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig); /** * \brief This function performs a PKCS#1 v2.1 PSS verification @@ -1301,16 +1297,16 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ -int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - mbedtls_md_type_t mgf1_hash_id, - int expected_salt_len, - const unsigned char *sig ); +int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + mbedtls_md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig); /** * \brief This function copies the components of an RSA context. @@ -1321,7 +1317,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure. */ -int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ); +int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src); /** * \brief This function frees the components of an RSA key. @@ -1330,7 +1326,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) * this function is a no-op. If it is not \c NULL, it must * point to an initialized RSA context. */ -void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); +void mbedtls_rsa_free(mbedtls_rsa_context *ctx); #if defined(MBEDTLS_SELF_TEST) @@ -1340,7 +1336,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_rsa_self_test( int verbose ); +int mbedtls_rsa_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/rsa_internal.h b/third_party/mbedtls/repo/include/mbedtls/rsa_internal.h index d55492bb16b..286cff25828 100644 --- a/third_party/mbedtls/repo/include/mbedtls/rsa_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/rsa_internal.h @@ -36,19 +36,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ @@ -92,9 +80,9 @@ extern "C" { * use the helper function \c mbedtls_rsa_validate_params. * */ -int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E, - mbedtls_mpi const *D, - mbedtls_mpi *P, mbedtls_mpi *Q ); +int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, mbedtls_mpi const *E, + mbedtls_mpi const *D, + mbedtls_mpi *P, mbedtls_mpi *Q); /** * \brief Compute RSA private exponent from @@ -117,10 +105,10 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E, * \note This function does not check whether P and Q are primes. * */ -int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, - mbedtls_mpi const *Q, - mbedtls_mpi const *E, - mbedtls_mpi *D ); +int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P, + mbedtls_mpi const *Q, + mbedtls_mpi const *E, + mbedtls_mpi *D); /** @@ -143,9 +131,9 @@ int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, * prime and whether D is a valid private exponent. * */ -int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, mbedtls_mpi *DP, - mbedtls_mpi *DQ, mbedtls_mpi *QP ); +int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, mbedtls_mpi *DP, + mbedtls_mpi *DQ, mbedtls_mpi *QP); /** @@ -178,11 +166,11 @@ int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, * to perform specific checks only. E.g., calling it with * (-,P,-,-,-) and a PRNG amounts to a primality check for P. */ -int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, - const mbedtls_mpi *Q, const mbedtls_mpi *D, - const mbedtls_mpi *E, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P, + const mbedtls_mpi *Q, const mbedtls_mpi *D, + const mbedtls_mpi *E, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Check validity of RSA CRT parameters @@ -213,9 +201,9 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * to perform specific checks only. E.g., calling it with the * parameters (P, -, D, DP, -, -) will check DP = D mod P-1. */ -int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *DP, - const mbedtls_mpi *DQ, const mbedtls_mpi *QP ); +int mbedtls_rsa_validate_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *DP, + const mbedtls_mpi *DQ, const mbedtls_mpi *QP); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/sha1.h b/third_party/mbedtls/repo/include/mbedtls/sha1.h index 4c3251b4a12..61d81f168d7 100644 --- a/third_party/mbedtls/repo/include/mbedtls/sha1.h +++ b/third_party/mbedtls/repo/include/mbedtls/sha1.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA1_H #define MBEDTLS_SHA1_H @@ -60,8 +48,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct mbedtls_sha1_context -{ +typedef struct mbedtls_sha1_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[5]; /*!< The intermediate digest state. */ unsigned char buffer[64]; /*!< The data block being processed. */ @@ -83,7 +70,7 @@ mbedtls_sha1_context; * This must not be \c NULL. * */ -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); +void mbedtls_sha1_init(mbedtls_sha1_context *ctx); /** * \brief This function clears a SHA-1 context. @@ -98,7 +85,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); * SHA-1 context. * */ -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); +void mbedtls_sha1_free(mbedtls_sha1_context *ctx); /** * \brief This function clones the state of a SHA-1 context. @@ -111,8 +98,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); * \param src The SHA-1 context to clone from. This must be initialized. * */ -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ); +void mbedtls_sha1_clone(mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src); /** * \brief This function starts a SHA-1 checksum calculation. @@ -127,7 +114,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, * \return A negative error code on failure. * */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); +int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx); /** * \brief This function feeds an input buffer into an ongoing SHA-1 @@ -146,9 +133,9 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-1 operation, and writes @@ -166,8 +153,8 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ); +int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, + unsigned char output[20]); /** * \brief SHA-1 process data block (internal use only). @@ -184,8 +171,8 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, * \return A negative error code on failure. * */ -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -205,7 +192,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, * \param ctx The SHA-1 context to initialize. This must be initialized. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); +MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx); /** * \brief This function feeds an input buffer into an ongoing SHA-1 @@ -224,9 +211,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); * \param ilen The length of the input data \p input in Bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-1 operation, and writes @@ -243,8 +230,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, * \param output The SHA-1 checksum result. * This must be a writable buffer of length \c 20 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx, + unsigned char output[20]); /** * \brief SHA-1 process data block (internal use only). @@ -260,8 +247,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, * This must be a readable buffer of length \c 64 bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -289,9 +276,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, * \return A negative error code on failure. * */ -int mbedtls_sha1_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +int mbedtls_sha1_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -321,9 +308,9 @@ int mbedtls_sha1_ret( const unsigned char *input, * buffer of size \c 20 Bytes. * */ -MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input, - size_t ilen, - unsigned char output[20] ); +MBEDTLS_DEPRECATED void mbedtls_sha1(const unsigned char *input, + size_t ilen, + unsigned char output[20]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -341,7 +328,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input, * \return \c 1 on failure. * */ -int mbedtls_sha1_self_test( int verbose ); +int mbedtls_sha1_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/sha256.h b/third_party/mbedtls/repo/include/mbedtls/sha256.h index 5b54be21425..d4c3e6468a7 100644 --- a/third_party/mbedtls/repo/include/mbedtls/sha256.h +++ b/third_party/mbedtls/repo/include/mbedtls/sha256.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA256_H #define MBEDTLS_SHA256_H @@ -55,8 +43,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha256_starts_ret(). */ -typedef struct mbedtls_sha256_context -{ +typedef struct mbedtls_sha256_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[64]; /*!< The data block being processed. */ @@ -74,7 +61,7 @@ mbedtls_sha256_context; * * \param ctx The SHA-256 context to initialize. This must not be \c NULL. */ -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); +void mbedtls_sha256_init(mbedtls_sha256_context *ctx); /** * \brief This function clears a SHA-256 context. @@ -83,7 +70,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); * case this function returns immediately. If it is not \c NULL, * it must point to an initialized SHA-256 context. */ -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); +void mbedtls_sha256_free(mbedtls_sha256_context *ctx); /** * \brief This function clones the state of a SHA-256 context. @@ -91,8 +78,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); * \param dst The destination context. This must be initialized. * \param src The context to clone. This must be initialized. */ -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ); +void mbedtls_sha256_clone(mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src); /** * \brief This function starts a SHA-224 or SHA-256 checksum @@ -105,7 +92,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); +int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224); /** * \brief This function feeds an input buffer into an ongoing @@ -120,9 +107,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-256 operation, and writes @@ -136,8 +123,8 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ); +int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, + unsigned char output[32]); /** * \brief This function processes a single data block within @@ -151,8 +138,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ); +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -170,8 +157,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, - int is224 ); +MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx, + int is224); /** * \brief This function feeds an input buffer into an ongoing @@ -185,9 +172,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-256 operation, and writes @@ -200,8 +187,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, * \param output The SHA-224 or SHA-256 checksum result. This must be * a writable buffer of length \c 32 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, - unsigned char output[32] ); +MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx, + unsigned char output[32]); /** * \brief This function processes a single data block within @@ -214,8 +201,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, * \param data The buffer holding one block of data. This must be * a readable buffer of size \c 64 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -241,10 +228,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha256_ret( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ); +int mbedtls_sha256_ret(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -273,10 +260,10 @@ int mbedtls_sha256_ret( const unsigned char *input, * \param is224 Determines which function to use. This must be either * \c 0 for SHA-256, or \c 1 for SHA-224. */ -MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ); +MBEDTLS_DEPRECATED void mbedtls_sha256(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -289,7 +276,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_sha256_self_test( int verbose ); +int mbedtls_sha256_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/mbedtls/sha512.h b/third_party/mbedtls/repo/include/mbedtls/sha512.h index cca47c2fe62..c9e01690ac7 100644 --- a/third_party/mbedtls/repo/include/mbedtls/sha512.h +++ b/third_party/mbedtls/repo/include/mbedtls/sha512.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA512_H #define MBEDTLS_SHA512_H @@ -54,8 +42,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha512_starts_ret(). */ -typedef struct mbedtls_sha512_context -{ +typedef struct mbedtls_sha512_context { uint64_t total[2]; /*!< The number of Bytes processed. */ uint64_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[128]; /*!< The data block being processed. */ @@ -76,7 +63,7 @@ mbedtls_sha512_context; * \param ctx The SHA-512 context to initialize. This must * not be \c NULL. */ -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); +void mbedtls_sha512_init(mbedtls_sha512_context *ctx); /** * \brief This function clears a SHA-512 context. @@ -86,7 +73,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); * is not \c NULL, it must point to an initialized * SHA-512 context. */ -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); +void mbedtls_sha512_free(mbedtls_sha512_context *ctx); /** * \brief This function clones the state of a SHA-512 context. @@ -94,8 +81,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); * \param dst The destination context. This must be initialized. * \param src The context to clone. This must be initialized. */ -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ); +void mbedtls_sha512_clone(mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src); /** * \brief This function starts a SHA-384 or SHA-512 checksum @@ -112,7 +99,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); +int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384); /** * \brief This function feeds an input buffer into an ongoing @@ -127,9 +114,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ); +int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-512 operation, and writes @@ -143,8 +130,8 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ); +int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx, + unsigned char output[64]); /** * \brief This function processes a single data block within @@ -158,8 +145,8 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ); +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) @@ -179,8 +166,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must * be \c 0, or the function will fail to work. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, - int is384 ); +MBEDTLS_DEPRECATED void mbedtls_sha512_starts(mbedtls_sha512_context *ctx, + int is384); /** * \brief This function feeds an input buffer into an ongoing @@ -194,9 +181,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ); +MBEDTLS_DEPRECATED void mbedtls_sha512_update(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen); /** * \brief This function finishes the SHA-512 operation, and writes @@ -209,8 +196,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, * \param output The SHA-384 or SHA-512 checksum result. This must * be a writable buffer of size \c 64 Bytes. */ -MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, - unsigned char output[64] ); +MBEDTLS_DEPRECATED void mbedtls_sha512_finish(mbedtls_sha512_context *ctx, + unsigned char output[64]); /** * \brief This function processes a single data block within @@ -224,8 +211,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, * a readable buffer of length \c 128 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_process( - mbedtls_sha512_context *ctx, - const unsigned char data[128] ); + mbedtls_sha512_context *ctx, + const unsigned char data[128]); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -255,10 +242,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_sha512_ret( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ); +int mbedtls_sha512_ret(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384); #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -290,23 +277,23 @@ int mbedtls_sha512_ret( const unsigned char *input, * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must * be \c 0, or the function will fail to work. */ -MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ); +MBEDTLS_DEPRECATED void mbedtls_sha512(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_SELF_TEST) - /** +/** * \brief The SHA-384 or SHA-512 checkup routine. * * \return \c 0 on success. * \return \c 1 on failure. */ -int mbedtls_sha512_self_test( int verbose ); +int mbedtls_sha512_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl.h b/third_party/mbedtls/repo/include/mbedtls/ssl.h index 209dbf6053c..9cdf3a3ebba 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_H #define MBEDTLS_SSL_H @@ -54,11 +42,13 @@ #if defined(MBEDTLS_ZLIB_SUPPORT) #if defined(MBEDTLS_DEPRECATED_WARNING) -#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" +#warning \ + "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library" #endif #if defined(MBEDTLS_DEPRECATED_REMOVED) -#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" +#error \ + "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" #endif #include "zlib.h" @@ -191,6 +181,8 @@ #define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /** Invalid value in SSL config */ #define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 +/** Cache entry not found */ +#define MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND -0x5E00 /* * Various constants @@ -349,7 +341,7 @@ #define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1 #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ /* * Length of the verify data for secure renegotiation @@ -491,8 +483,8 @@ #endif /* Dummy type used only for its size */ -union mbedtls_ssl_premaster_secret -{ +union mbedtls_ssl_premaster_secret { + unsigned char dummy; /* Make the union non-empty even with SSL disabled */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ #endif @@ -510,21 +502,21 @@ union mbedtls_ssl_premaster_secret #endif #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE - + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ + + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 3 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN]; /* RFC 4279 4 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES - + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ + + MBEDTLS_PSK_MAX_LEN]; /* RFC 5489 2 */ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) unsigned char _pms_ecjpake[32]; /* Thread spec: SHA-256 output */ #endif }; -#define MBEDTLS_PREMASTER_SIZE sizeof( union mbedtls_ssl_premaster_secret ) +#define MBEDTLS_PREMASTER_SIZE sizeof(union mbedtls_ssl_premaster_secret) #ifdef __cplusplus extern "C" { @@ -533,8 +525,7 @@ extern "C" { /* * SSL state machine */ -typedef enum -{ +typedef enum { MBEDTLS_SSL_HELLO_REQUEST, MBEDTLS_SSL_CLIENT_HELLO, MBEDTLS_SSL_SERVER_HELLO, @@ -560,13 +551,12 @@ mbedtls_ssl_states; /* * The tls_prf function types. */ -typedef enum -{ - MBEDTLS_SSL_TLS_PRF_NONE, - MBEDTLS_SSL_TLS_PRF_SSL3, - MBEDTLS_SSL_TLS_PRF_TLS1, - MBEDTLS_SSL_TLS_PRF_SHA384, - MBEDTLS_SSL_TLS_PRF_SHA256 +typedef enum { + MBEDTLS_SSL_TLS_PRF_NONE, + MBEDTLS_SSL_TLS_PRF_SSL3, + MBEDTLS_SSL_TLS_PRF_TLS1, + MBEDTLS_SSL_TLS_PRF_SHA384, + MBEDTLS_SSL_TLS_PRF_SHA256 } mbedtls_tls_prf_types; /** @@ -586,9 +576,9 @@ mbedtls_tls_prf_types; * \note The callback is allowed to send fewer bytes than requested. * It must always return the number of bytes actually sent. */ -typedef int mbedtls_ssl_send_t( void *ctx, - const unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_send_t(void *ctx, + const unsigned char *buf, + size_t len); /** * \brief Callback type: receive data from the network. @@ -610,9 +600,9 @@ typedef int mbedtls_ssl_send_t( void *ctx, * buffer. It must always return the number of bytes actually * received and written to the buffer. */ -typedef int mbedtls_ssl_recv_t( void *ctx, - unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_recv_t(void *ctx, + unsigned char *buf, + size_t len); /** * \brief Callback type: receive data from the network, with timeout @@ -624,7 +614,7 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * \param ctx Context for the receive callback (typically a file descriptor) * \param buf Buffer to write the received data to * \param len Length of the receive buffer - * \param timeout Maximum nomber of millisecondes to wait for data + * \param timeout Maximum number of milliseconds to wait for data * 0 means no timeout (potentially waiting forever) * * \return The callback must return the number of bytes received, @@ -636,10 +626,10 @@ typedef int mbedtls_ssl_recv_t( void *ctx, * buffer. It must always return the number of bytes actually * received and written to the buffer. */ -typedef int mbedtls_ssl_recv_timeout_t( void *ctx, - unsigned char *buf, - size_t len, - uint32_t timeout ); +typedef int mbedtls_ssl_recv_timeout_t(void *ctx, + unsigned char *buf, + size_t len, + uint32_t timeout); /** * \brief Callback type: set a pair of timers/delays to watch * @@ -652,7 +642,7 @@ typedef int mbedtls_ssl_recv_timeout_t( void *ctx, * for the associated \c mbedtls_ssl_get_timer_t callback to * return correct information. * - * \note If using a event-driven style of programming, an event must + * \note If using an event-driven style of programming, an event must * be generated when the final delay is passed. The event must * cause a call to \c mbedtls_ssl_handshake() with the proper * SSL context to be scheduled. Care must be taken to ensure @@ -662,9 +652,9 @@ typedef int mbedtls_ssl_recv_timeout_t( void *ctx, * function while a timer is running must cancel it. Cancelled * timers must not generate any event. */ -typedef void mbedtls_ssl_set_timer_t( void * ctx, - uint32_t int_ms, - uint32_t fin_ms ); +typedef void mbedtls_ssl_set_timer_t(void *ctx, + uint32_t int_ms, + uint32_t fin_ms); /** * \brief Callback type: get status of timers/delays @@ -677,7 +667,7 @@ typedef void mbedtls_ssl_set_timer_t( void * ctx, * 1 if only the intermediate delay has passed, * 2 if the final delay has passed. */ -typedef int mbedtls_ssl_get_timer_t( void * ctx ); +typedef int mbedtls_ssl_get_timer_t(void *ctx); /* Defined below */ typedef struct mbedtls_ssl_session mbedtls_ssl_session; @@ -768,11 +758,11 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ); +typedef int mbedtls_ssl_async_sign_t(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len); /** * \brief Callback type: start external decryption operation. @@ -834,10 +824,10 @@ typedef int mbedtls_ssl_async_sign_t( mbedtls_ssl_context *ssl, * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ); +typedef int mbedtls_ssl_async_decrypt_t(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -882,10 +872,10 @@ typedef int mbedtls_ssl_async_decrypt_t( mbedtls_ssl_context *ssl, * use \c MBEDTLS_ERR_SSL_xxx error codes except as * directed in the documentation of this callback. */ -typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ); +typedef int mbedtls_ssl_async_resume_t(mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size); /** * \brief Callback type: cancel external operation. @@ -904,7 +894,7 @@ typedef int mbedtls_ssl_async_resume_t( mbedtls_ssl_context *ssl, * \param ssl The SSL connection instance. It should not be * modified. */ -typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); +typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ @@ -939,17 +929,16 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); * Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value * must be updated too. */ -#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ( (uint16_t) 0x0001) -#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ( (uint16_t) 0x0002) -#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ( (uint16_t) 0x0005) -#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ( (uint16_t) 0x0006) +#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ((uint16_t) 0x0001) +#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ((uint16_t) 0x0002) +#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ((uint16_t) 0x0005) +#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ((uint16_t) 0x0006) /* This one is not iana defined, but for code readability. */ -#define MBEDTLS_TLS_SRTP_UNSET ( (uint16_t) 0x0000) +#define MBEDTLS_TLS_SRTP_UNSET ((uint16_t) 0x0000) typedef uint16_t mbedtls_ssl_srtp_profile; -typedef struct mbedtls_dtls_srtp_info_t -{ +typedef struct mbedtls_dtls_srtp_info_t { /*! The SRTP profile that was negotiated. */ mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile; /*! The length of mki_value. */ @@ -972,8 +961,7 @@ mbedtls_dtls_srtp_info; * mbedtls_ssl_session_save() and ssl_session_load() * ssl_session_copy() */ -struct mbedtls_ssl_session -{ +struct mbedtls_ssl_session { #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -1018,8 +1006,7 @@ struct mbedtls_ssl_session /** * SSL/TLS configuration to be shared between mbedtls_ssl_context structures. */ -struct mbedtls_ssl_config -{ +struct mbedtls_ssl_config { /* Group items by size and reorder them to maximize usage of immediate offset access. */ /* @@ -1074,7 +1061,7 @@ struct mbedtls_ssl_config #endif #if defined(MBEDTLS_SSL_SRV_C) uint8_t cert_req_ca_list /*bool*/; /*!< enable sending CA list in - Certificate Request messages? */ + Certificate Request messages? */ #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t ignore_unexpected_cid /*bool*/; /*!< Determines whether DTLS @@ -1152,34 +1139,34 @@ struct mbedtls_ssl_config #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - /** Callback to create & write a cookie for ClientHello veirifcation */ - int (*f_cookie_write)( void *, unsigned char **, unsigned char *, - const unsigned char *, size_t ); + /** Callback to create & write a cookie for ClientHello verification */ + int (*f_cookie_write)(void *, unsigned char **, unsigned char *, + const unsigned char *, size_t); /** Callback to verify validity of a ClientHello cookie */ - int (*f_cookie_check)( void *, const unsigned char *, size_t, - const unsigned char *, size_t ); + int (*f_cookie_check)(void *, const unsigned char *, size_t, + const unsigned char *, size_t); void *p_cookie; /*!< context for the cookie callbacks */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) /** Callback to create & write a session ticket */ - int (*f_ticket_write)( void *, const mbedtls_ssl_session *, - unsigned char *, const unsigned char *, size_t *, uint32_t * ); + int (*f_ticket_write)(void *, const mbedtls_ssl_session *, + unsigned char *, const unsigned char *, size_t *, uint32_t *); /** Callback to parse a session ticket into a session structure */ - int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t); + int (*f_ticket_parse)(void *, mbedtls_ssl_session *, unsigned char *, size_t); void *p_ticket; /*!< context for the ticket callbacks */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** Callback to export key block and master secret */ - int (*f_export_keys)( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t ); + int (*f_export_keys)(void *, const unsigned char *, + const unsigned char *, size_t, size_t, size_t); /** Callback to export key block, master secret, * tls_prf and random bytes. Should replace f_export_keys */ - int (*f_export_keys_ext)( void *, const unsigned char *, - const unsigned char *, size_t, size_t, size_t, - const unsigned char[32], const unsigned char[32], - mbedtls_tls_prf_types ); + int (*f_export_keys_ext)(void *, const unsigned char *, + const unsigned char *, size_t, size_t, size_t, + const unsigned char[32], const unsigned char[32], + mbedtls_tls_prf_types); void *p_export_keys; /*!< context for key export callback */ #endif @@ -1267,8 +1254,7 @@ struct mbedtls_ssl_config #endif /* MBEDTLS_SSL_DTLS_SRTP */ }; -struct mbedtls_ssl_context -{ +struct mbedtls_ssl_context { const mbedtls_ssl_config *conf; /*!< configuration information */ /* @@ -1278,8 +1264,8 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_SSL_RENEGOTIATION) int renego_status; /*!< Initial, in progress, pending? */ int renego_records_seen; /*!< Records since renego request, or with DTLS, - number of retransmissions of request if - renego_max_records is < 0 */ + number of retransmissions of request if + renego_max_records is < 0 */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ @@ -1298,7 +1284,7 @@ struct mbedtls_ssl_context mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ mbedtls_ssl_recv_timeout_t *f_recv_timeout; - /*!< Callback for network receive with timeout */ + /*!< Callback for network receive with timeout */ void *p_bio; /*!< context for I/O operations */ @@ -1311,7 +1297,7 @@ struct mbedtls_ssl_context mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */ mbedtls_ssl_handshake_params *handshake; /*!< params required only during - the handshake process */ + the handshake process */ /* * Record layer transformations @@ -1405,7 +1391,7 @@ struct mbedtls_ssl_context unsigned char *compress_buf; /*!< zlib data buffer */ #endif /* MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - signed char split_done; /*!< current record already splitted? */ + signed char split_done; /*!< current record already split? */ #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* @@ -1459,7 +1445,7 @@ struct mbedtls_ssl_context * all subsequent handshakes. This may be different from the * CID currently used in case the user has re-configured the CID * after an initial handshake. */ - unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ]; + unsigned char own_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; uint8_t own_cid_len; /*!< The length of \c own_cid. */ uint8_t negotiate_cid; /*!< This indicates whether the CID extension should * be negotiated in the next handshake or not. @@ -1472,8 +1458,8 @@ struct mbedtls_ssl_context #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#define MBEDTLS_SSL_CHANNEL_OUTBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 0 ) -#define MBEDTLS_SSL_CHANNEL_INBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( 1 ) +#define MBEDTLS_SSL_CHANNEL_OUTBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(0) +#define MBEDTLS_SSL_CHANNEL_INBOUND MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(1) #if defined(MBEDTLS_DEPRECATED_WARNING) #define MBEDTLS_DEPRECATED __attribute__((deprecated)) @@ -1482,24 +1468,24 @@ struct mbedtls_ssl_context #endif /* MBEDTLS_DEPRECATED_WARNING */ MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_init)( - mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen); + mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_activate)( - mbedtls_ssl_context *ssl, - int direction ); + mbedtls_ssl_context *ssl, + int direction); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_reset)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_write)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_read)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)( - mbedtls_ssl_context *ssl ); + mbedtls_ssl_context *ssl); #undef MBEDTLS_DEPRECATED #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -1514,7 +1500,7 @@ MBEDTLS_DEPRECATED extern int (*mbedtls_ssl_hw_record_finish)( * * \return a string containing the ciphersuite name */ -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); +const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id); /** * \brief Return the ID of the ciphersuite associated with the @@ -1524,7 +1510,7 @@ const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ); * * \return the ID with the ciphersuite or 0 if not found */ -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); +int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name); /** * \brief Initialize an SSL context @@ -1533,7 +1519,7 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ); * * \param ssl SSL context */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_init(mbedtls_ssl_context *ssl); /** * \brief Set up an SSL context for use @@ -1549,14 +1535,18 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ); * Calling mbedtls_ssl_setup again is not supported, even * if no session is active. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param ssl SSL context * \param conf SSL configuration to use * * \return 0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if * memory allocation failed */ -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ); +int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf); /** * \brief Reset an already initialized SSL context for re-use @@ -1568,7 +1558,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or * MBEDTLS_ERR_SSL_COMPRESSION_FAILED */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl); /** * \brief Set the current endpoint type @@ -1576,7 +1566,7 @@ int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ); * \param conf SSL configuration * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); +void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint); /** * \brief Set the transport type (TLS or DTLS). @@ -1592,7 +1582,7 @@ void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ); * MBEDTLS_SSL_TRANSPORT_STREAM for TLS, * MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS. */ -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); +void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport); /** * \brief Set the certificate verification mode @@ -1620,7 +1610,7 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ); * the verification as soon as possible. For example, REQUIRED was protecting * against the "triple handshake" attack even before it was found. */ -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); +void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -1638,9 +1628,9 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ); * \param f_vrfy The verification callback to use during CRT verification. * \param p_vrfy The opaque context to be passed to the callback. */ -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -1650,9 +1640,9 @@ void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, * \param f_rng RNG function * \param p_rng RNG parameter */ -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Set the debug callback @@ -1668,9 +1658,9 @@ void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, * \param f_dbg debug function * \param p_dbg debug parameter */ -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ); +void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg); /** * \brief Set the underlying BIO callbacks for write, read and @@ -1688,7 +1678,7 @@ void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, * * \note The two most common use cases are: * - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL - * - blocking I/O, f_recv == NULL, f_recv_timout != NULL + * - blocking I/O, f_recv == NULL, f_recv_timeout != NULL * * \note For DTLS, you need to provide either a non-NULL * f_recv_timeout callback, or a f_recv that doesn't block. @@ -1702,11 +1692,11 @@ void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, * \c mbedtls_net_recv_timeout() that are suitable to be used * here. */ -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ); +void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout); #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -1747,10 +1737,10 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * \param own_cid The address of the readable buffer holding the CID we want * the peer to use when sending encrypted messages to us. * This may be \c NULL if \p own_cid_len is \c 0. - * This parameter is unused if \p enabled is set to + * This parameter is unused if \p enable is set to * MBEDTLS_SSL_CID_DISABLED. * \param own_cid_len The length of \p own_cid. - * This parameter is unused if \p enabled is set to + * This parameter is unused if \p enable is set to * MBEDTLS_SSL_CID_DISABLED. * * \note The value of \p own_cid_len must match the value of the @@ -1796,10 +1786,10 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * applies to the next handshake. * \return A negative error code on failure. */ -int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, - int enable, - unsigned char const *own_cid, - size_t own_cid_len ); +int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len); /** * \brief Get information about the use of the CID extension @@ -1838,15 +1828,15 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, * \return \c 0 on success. * \return A negative error code on failure. */ -int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, - int *enabled, - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], - size_t *peer_cid_len ); +int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX], + size_t *peer_cid_len); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /** - * \brief Set the Maximum Tranport Unit (MTU). + * \brief Set the Maximum Transport Unit (MTU). * Special value: 0 means unset (no limit). * This represents the maximum size of a datagram payload * handled by the transport layer (usually UDP) as determined @@ -1887,7 +1877,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, * \param ssl SSL context * \param mtu Value of the path MTU in bytes */ -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); +void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -1909,9 +1899,9 @@ void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); * \param f_vrfy The verification callback to use during CRT verification. * \param p_vrfy The opaque context to be passed to the callback. */ -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_CRT_PARSE_C */ /** @@ -1930,7 +1920,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, * \note With non-blocking I/O, you may also skip this function * altogether and handle timeouts at the application layer. */ -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); +void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout); #if defined(MBEDTLS_SSL_RECORD_CHECKING) /** @@ -1977,9 +1967,9 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) * In this case, the SSL context becomes unusable and needs * to be freed or reset before reuse. */ -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ); +int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen); #endif /* MBEDTLS_SSL_RECORD_CHECKING */ /** @@ -2000,12 +1990,12 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, * here, except if using an event-driven style. * * \note See also the "DTLS tutorial" article in our knowledge base. - * https://tls.mbed.org/kb/how-to/dtls-tutorial + * https://mbed-tls.readthedocs.io/en/latest/kb/how-to/dtls-tutorial */ -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ); +void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer); /** * \brief Callback type: generate and write session ticket @@ -2026,12 +2016,12 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *lifetime ); +typedef int mbedtls_ssl_ticket_write_t(void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *lifetime); #if defined(MBEDTLS_SSL_EXPORT_KEYS) /** @@ -2054,12 +2044,12 @@ typedef int mbedtls_ssl_ticket_write_t( void *p_ticket, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_export_keys_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen ); +typedef int mbedtls_ssl_export_keys_t(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen); /** * \brief Callback type: Export key block, master secret, @@ -2086,15 +2076,15 @@ typedef int mbedtls_ssl_export_keys_t( void *p_expkey, * \return 0 if successful, or * a specific MBEDTLS_ERR_XXX code. */ -typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ); +typedef int mbedtls_ssl_export_keys_ext_t(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ /** @@ -2120,10 +2110,10 @@ typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, * MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or * any other non-zero code for other failures. */ -typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ); +typedef int mbedtls_ssl_ticket_parse_t(void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C) /** @@ -2140,10 +2130,10 @@ typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket, * \param f_ticket_parse Callback for parsing a ticket * \param p_ticket Context shared by the two callbacks */ -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ); +void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket); #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) @@ -2157,9 +2147,9 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, * \param f_export_keys Callback for exporting keys * \param p_export_keys Context for the callback */ -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ); +void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys); /** * \brief Configure extended key export callback. @@ -2173,9 +2163,9 @@ void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, * \param f_export_keys_ext Callback for exporting keys * \param p_export_keys Context for the callback */ -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, - void *p_export_keys ); +void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, + void *p_export_keys); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) @@ -2209,12 +2199,12 @@ void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, * mbedtls_ssl_conf_get_async_config_data(). The * library stores this value without dereferencing it. */ -void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_async_sign_t *f_async_sign, - mbedtls_ssl_async_decrypt_t *f_async_decrypt, - mbedtls_ssl_async_resume_t *f_async_resume, - mbedtls_ssl_async_cancel_t *f_async_cancel, - void *config_data ); +void mbedtls_ssl_conf_async_private_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_async_sign_t *f_async_sign, + mbedtls_ssl_async_decrypt_t *f_async_decrypt, + mbedtls_ssl_async_resume_t *f_async_resume, + mbedtls_ssl_async_cancel_t *f_async_cancel, + void *config_data); /** * \brief Retrieve the configuration data set by @@ -2224,7 +2214,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_config *conf, * \return The configuration data set by * mbedtls_ssl_conf_async_private_cb(). */ -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); +void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf); /** * \brief Retrieve the asynchronous operation user context. @@ -2240,7 +2230,7 @@ void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ); * called during the current handshake, this function returns * \c NULL. */ -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); +void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl); /** * \brief Retrieve the asynchronous operation user context. @@ -2253,8 +2243,8 @@ void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ); * Call mbedtls_ssl_get_async_operation_data() later during the * same handshake to retrieve this value. */ -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ); +void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, + void *ctx); #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ /** @@ -2271,9 +2261,9 @@ void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, * \return The callback must return 0 on success, * or a negative error code. */ -typedef int mbedtls_ssl_cookie_write_t( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *info, size_t ilen ); +typedef int mbedtls_ssl_cookie_write_t(void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *info, size_t ilen); /** * \brief Callback type: verify a cookie @@ -2288,9 +2278,9 @@ typedef int mbedtls_ssl_cookie_write_t( void *ctx, * \return The callback must return 0 if cookie is valid, * or a negative error code. */ -typedef int mbedtls_ssl_cookie_check_t( void *ctx, - const unsigned char *cookie, size_t clen, - const unsigned char *info, size_t ilen ); +typedef int mbedtls_ssl_cookie_check_t(void *ctx, + const unsigned char *cookie, size_t clen, + const unsigned char *info, size_t ilen); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /** @@ -2321,10 +2311,10 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx, * \param f_cookie_check Cookie check callback * \param p_cookie Context for both callbacks */ -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ); +void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie); /** * \brief Set client's transport-level identification info. @@ -2345,9 +2335,9 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client, * MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory. */ -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ); +int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen); #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ @@ -2367,7 +2357,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, * packets and needs information about them to adjust its * transmission strategy, then you'll want to disable this. */ -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); +void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode); #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) @@ -2387,14 +2377,14 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); * ones going through the authentication-decryption phase. * * \note This is a security trade-off related to the fact that it's - * often relatively easy for an active attacker ot inject UDP + * often relatively easy for an active attacker to inject UDP * datagrams. On one hand, setting a low limit here makes it * easier for such an attacker to forcibly terminated a * connection. On the other hand, a high limit or no limit * might make us waste resources checking authentication on * many bogus packets. */ -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); +void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit); #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -2427,8 +2417,8 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi * are currently always sent in separate datagrams. * */ -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ); +void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, + unsigned allow_packing); /** * \brief Set retransmit timeout values for the DTLS handshake. @@ -2461,7 +2451,7 @@ void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, * goes: send ... 1s -> resend ... 2s -> resend ... 4s -> * resend ... 5s -> give up and return a timeout error. */ -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ); +void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, uint32_t min, uint32_t max); #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_SRV_C) @@ -2498,14 +2488,14 @@ void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, * successfully cached, return 1 otherwise. * * \param conf SSL configuration - * \param p_cache parmater (context) for both callbacks + * \param p_cache parameter (context) for both callbacks * \param f_get_cache session get callback * \param f_set_cache session set callback */ -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); +void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *)); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_CLI_C) @@ -2523,13 +2513,13 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, * * \sa mbedtls_ssl_get_session() */ -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ); +int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session); #endif /* MBEDTLS_SSL_CLI_C */ /** * \brief Load serialized session data into a session structure. * On client, this can be used for loading saved sessions - * before resuming them with mbedstls_ssl_set_session(). + * before resuming them with mbedtls_ssl_set_session(). * On server, this can be used for alternative implementations * of session cache or session tickets. * @@ -2558,9 +2548,9 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session * \return Another negative value for other kinds of errors (for * example, unsupported features in the embedded certificate). */ -int mbedtls_ssl_session_load( mbedtls_ssl_session *session, - const unsigned char *buf, - size_t len ); +int mbedtls_ssl_session_load(mbedtls_ssl_session *session, + const unsigned char *buf, + size_t len); /** * \brief Save session structure as serialized data in a buffer. @@ -2574,8 +2564,8 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, * * \param session The session structure to be saved. * \param buf The buffer to write the serialized data to. It must be a - * writeable buffer of at least \p len bytes, or may be \c - * NULL if \p len is \c 0. + * writeable buffer of at least \p buf_len bytes, or may be \c + * NULL if \p buf_len is \c 0. * \param buf_len The number of bytes available for writing in \p buf. * \param olen The size in bytes of the data that has been or would have * been written. It must point to a valid \c size_t. @@ -2588,10 +2578,10 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session, * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small. */ -int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, - unsigned char *buf, - size_t buf_len, - size_t *olen ); +int mbedtls_ssl_session_save(const mbedtls_ssl_session *session, + unsigned char *buf, + size_t buf_len, + size_t *olen); /** * \brief Get a pointer to the current session structure, for example @@ -2608,7 +2598,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * \return A pointer to the current session if successful. * \return \c NULL if no session is active. */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); +const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl); /** * \brief Set the list of allowed ciphersuites and the preference @@ -2625,8 +2615,8 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co * \param conf SSL configuration * \param ciphersuites 0-terminated list of allowed ciphersuites */ -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ); +void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf, + const int *ciphersuites); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 @@ -2660,11 +2650,11 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, * record headers. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len + * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len * is too large. */ -int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, - int ignore_other_cids ); +int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len, + int ignore_other_cids); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /** @@ -2686,9 +2676,9 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 */ -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ); +void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -2701,8 +2691,8 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, * \param conf SSL configuration * \param profile Profile to use */ -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ); +void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile); /** * \brief Set the data required to verify peer certificate @@ -2715,9 +2705,9 @@ void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) * \param ca_crl trusted CA CRLs */ -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, +void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf, mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); + mbedtls_x509_crl *ca_crl); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /** @@ -2771,9 +2761,9 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, * to guarantee this (for example through a mutex * contained in the callback context pointed to by \p p_ca_cb). */ -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ); +void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ /** @@ -2793,7 +2783,7 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, * * \note On client, only the first call has any effect. That is, * only one client certificate can be provisioned. The - * server's preferences in its CertficateRequest message will + * server's preferences in its CertificateRequest message will * be ignored and our only cert will be sent regardless of * whether it matches those preferences - the server can then * decide what it wants to do with it. @@ -2812,9 +2802,9 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, * * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED */ -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, +int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); + mbedtls_pk_context *pk_key); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -2849,9 +2839,9 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ); +int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -2890,10 +2880,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_id_t psk, - const unsigned char *psk_identity, - size_t psk_identity_len ); +int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf, + psa_key_id_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -2912,8 +2902,8 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ); +int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /** @@ -2932,12 +2922,12 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, * PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its * use for the key derivation algorithm * applied in the handshake. - * + * * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. */ -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_id_t psk ); +int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, + psa_key_id_t psk); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /** @@ -2978,10 +2968,10 @@ int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, * \param p_psk A pointer to an opaque structure to be passed to * the callback, for example a PSK store. */ -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ); +void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk); #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) @@ -3007,9 +2997,9 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, * * \return 0 if successful */ -MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, - const char *dhm_P, - const char *dhm_G ); +MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf, + const char *dhm_P, + const char *dhm_G); #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -3026,9 +3016,9 @@ MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, * * \return 0 if successful */ -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ); +int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len); /** * \brief Set the Diffie-Hellman public P and G values, @@ -3039,7 +3029,7 @@ int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, * * \return 0 if successful */ -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ); +int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx); #endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) @@ -3051,8 +3041,8 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context * \param conf SSL configuration * \param bitlen Minimum bit length of the DHM prime */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ); +void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf, + unsigned int bitlen); #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_ECP_C) @@ -3085,8 +3075,8 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, * \param curves Ordered list of allowed curves, * terminated by MBEDTLS_ECP_DP_NONE. */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curves ); +void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curves); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) @@ -3110,8 +3100,8 @@ void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, * \param hashes Ordered list of allowed signature hashes, * terminated by \c MBEDTLS_MD_NONE. */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ); +void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, + const int *hashes); #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -3133,7 +3123,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, * when NULL). On allocation failure hostname is cleared. * On too long input failure, old hostname is unchanged. */ -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); +int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -3149,9 +3139,9 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ); * * \return 0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED */ -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ); +int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key); /** * \brief Set the data required to verify peer certificate for the @@ -3164,9 +3154,9 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) * \param ca_crl trusted CA CRLs */ -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ); +void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl); /** * \brief Set authmode for the current handshake. @@ -3178,8 +3168,8 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or * MBEDTLS_SSL_VERIFY_REQUIRED */ -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ); +void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, + int authmode); /** * \brief Set server side ServerName TLS extension callback @@ -3204,10 +3194,10 @@ void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, * \param f_sni verification function * \param p_sni verification parameter */ -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_sni ); +void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_sni); #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -3228,9 +3218,9 @@ void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, * * \return 0 on success, or a negative error code. */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ); +int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len); #endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) @@ -3241,12 +3231,12 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, * \param protos Pointer to a NULL-terminated list of supported protocols, * in decreasing preference order. The pointer to the list is * recorded by the library for later reference as required, so - * the lifetime of the table must be atleast as long as the + * the lifetime of the table must be at least as long as the * lifetime of the SSL configuration structure. * * \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA. */ -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ); +int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos); /** * \brief Get the name of the negotiated Application Layer Protocol. @@ -3255,28 +3245,27 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot * * \param ssl SSL context * - * \return Protcol name, or NULL if no protocol was negotiated. + * \return Protocol name, or NULL if no protocol was negotiated. */ -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) #if defined(MBEDTLS_DEBUG_C) -static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile ) +static inline const char *mbedtls_ssl_get_srtp_profile_as_string(mbedtls_ssl_srtp_profile profile) { - switch( profile ) - { + switch (profile) { case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: - return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" ); + return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80"; case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: - return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" ); + return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32"; case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: - return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" ); + return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80"; case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32: - return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" ); + return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32"; default: break; } - return( "" ); + return ""; } #endif /* MBEDTLS_DEBUG_C */ /** @@ -3292,8 +3281,8 @@ static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_sr * #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED * or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED. */ -void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, - int support_mki_value ); +void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf, + int support_mki_value); /** * \brief Set the supported DTLS-SRTP protection profiles. @@ -3315,8 +3304,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, * protection profiles is incorrect. */ int mbedtls_ssl_conf_dtls_srtp_protection_profiles - ( mbedtls_ssl_config *conf, - const mbedtls_ssl_srtp_profile *profiles ); + (mbedtls_ssl_config *conf, + const mbedtls_ssl_srtp_profile *profiles); /** * \brief Set the mki_value for the current DTLS-SRTP session. @@ -3334,11 +3323,11 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE */ -int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, - unsigned char *mki_value, - uint16_t mki_len ); +int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, + unsigned char *mki_value, + uint16_t mki_len); /** - * \brief Get the negotiated DTLS-SRTP informations: + * \brief Get the negotiated DTLS-SRTP information: * Protection profile and MKI value. * * \warning This function must be called after the handshake is @@ -3346,7 +3335,7 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, * not be trusted or acted upon before the handshake completes. * * \param ssl The SSL context to query. - * \param dtls_srtp_info The negotiated DTLS-SRTP informations: + * \param dtls_srtp_info The negotiated DTLS-SRTP information: * - Protection profile in use. * A direct mapping of the iana defined value for protection * profile on an uint16_t. @@ -3355,8 +3344,8 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, * or peer's Hello packet was not parsed yet. * - mki size and value( if size is > 0 ). */ -void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, - mbedtls_dtls_srtp_info *dtls_srtp_info ); +void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, + mbedtls_dtls_srtp_info *dtls_srtp_info); #endif /* MBEDTLS_SSL_DTLS_SRTP */ /** @@ -3375,7 +3364,7 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ss * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, * MBEDTLS_SSL_MINOR_VERSION_3 supported) */ -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ); +void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor); /** * \brief Set the minimum accepted SSL/TLS protocol version @@ -3395,7 +3384,7 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, * MBEDTLS_SSL_MINOR_VERSION_3 supported) */ -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); +void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor); #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) /** @@ -3417,7 +3406,7 @@ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int mino * \param conf SSL configuration * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK */ -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); +void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback); #endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) @@ -3432,7 +3421,7 @@ void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); * \param conf SSL configuration * \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED */ -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); +void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm); #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) @@ -3447,7 +3436,7 @@ void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ); * \param conf SSL configuration * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED */ -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); +void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems); #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_ARC4_C) @@ -3466,7 +3455,7 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems * \param conf SSL configuration * \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED */ -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); +void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4); #endif /* MBEDTLS_ARC4_C */ #if defined(MBEDTLS_SSL_SRV_C) @@ -3479,8 +3468,8 @@ void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ); * \param cert_req_ca_list MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or * MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED */ -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ); +void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf, + char cert_req_ca_list); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) @@ -3508,7 +3497,7 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, * \c mbedtls_ssl_get_record_expansion(). * * \note For DTLS, it is also possible to set a limit for the total - * size of daragrams passed to the transport layer, including + * size of datagrams passed to the transport layer, including * record overhead, see \c mbedtls_ssl_set_mtu(). * * \param conf SSL configuration @@ -3518,7 +3507,7 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, * * \return 0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA */ -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ); +int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) @@ -3530,7 +3519,7 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or * MBEDTLS_SSL_TRUNC_HMAC_DISABLED) */ -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); +void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate); #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) @@ -3545,7 +3534,7 @@ void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED */ -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); +void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split); #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) @@ -3559,7 +3548,7 @@ void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split * \param use_tickets Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or * MBEDTLS_SSL_SESSION_TICKETS_DISABLED) */ -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ); +void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets); #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -3568,7 +3557,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets * initiated by peer * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) * - * \warning It is recommended to always disable renegotation unless you + * \warning It is recommended to always disable renegotiation unless you * know you need it and you know what you're doing. In the * past, there have been several issues associated with * renegotiation or a poor understanding of its properties. @@ -3580,7 +3569,7 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or * MBEDTLS_SSL_RENEGOTIATION_DISABLED) */ -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ); +void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -3610,7 +3599,7 @@ void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation * SSL_ALLOW_LEGACY_RENEGOTIATION or * MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) */ -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ); +void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy); #if defined(MBEDTLS_SSL_RENEGOTIATION) /** @@ -3631,7 +3620,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_ * scenario. * * \note With DTLS and server-initiated renegotiation, the - * HelloRequest is retransmited every time mbedtls_ssl_read() times + * HelloRequest is retransmitted every time mbedtls_ssl_read() times * out or receives Application Data, until: * - max_records records have beens seen, if it is >= 0, or * - the number of retransmits that would happen during an @@ -3650,7 +3639,7 @@ void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_ * enforce renegotiation, or a non-negative value to enforce * it but allow for a grace period of max_records records. */ -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ); +void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records); /** * \brief Set record counter threshold for periodic renegotiation. @@ -3677,8 +3666,8 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ * \param conf SSL configuration * \param period The threshold value: a big-endian 64-bit number. */ -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ); +void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf, + const unsigned char period[8]); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -3719,7 +3708,7 @@ void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, * that all internal data has been processed. * */ -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl); /** * \brief Return the number of application data bytes @@ -3736,7 +3725,7 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ); * amount of data fitting into the input buffer. * */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl); /** * \brief Return the result of the certificate verification @@ -3750,7 +3739,7 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. */ -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); +uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl); /** * \brief Return the name of the current ciphersuite @@ -3759,7 +3748,7 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); * * \return a string containing the ciphersuite name */ -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl); /** * \brief Return the current SSL version (SSLv3/TLSv1/etc) @@ -3768,7 +3757,7 @@ const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ); * * \return a string containing the SSL version */ -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); +const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl); /** * \brief Return the (maximum) number of bytes added by the record @@ -3783,7 +3772,7 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); * MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is * enabled, which makes expansion much less predictable */ -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) /** @@ -3799,7 +3788,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * * \return Current maximum fragment length for the output buffer. */ -size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl); /** * \brief Return the maximum fragment length (payload, in bytes) for @@ -3815,7 +3804,7 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); * * \return Current maximum fragment length for the output buffer. */ -size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); +size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl); #if !defined(MBEDTLS_DEPRECATED_REMOVED) @@ -3840,7 +3829,7 @@ size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ); * \return Current maximum fragment length for the output buffer. */ MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( - const mbedtls_ssl_context *ssl ); + const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ @@ -3871,7 +3860,7 @@ MBEDTLS_DEPRECATED size_t mbedtls_ssl_get_max_frag_len( * \return Current maximum payload for an outgoing record, * or a negative error code. */ -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); +int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -3904,7 +3893,7 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); * If you want to use the certificate across API calls, * you must make a copy. */ -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ); +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_CLI_C) @@ -3934,7 +3923,7 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ss * * \sa mbedtls_ssl_set_session() */ -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session ); +int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session); #endif /* MBEDTLS_SSL_CLI_C */ /** @@ -3986,8 +3975,12 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session * in which case the datagram of the underlying transport that is * currently being processed might or might not contain further * DTLS records. + * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl); /** * \brief Perform a single step of the SSL handshake @@ -4009,7 +4002,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); * re-using it for a new connection; the current connection * must be closed. */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RENEGOTIATION) /** @@ -4035,7 +4028,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); * must be closed. * */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_RENEGOTIATION */ /** @@ -4115,7 +4108,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); * \c mbedtls_ssl_check_pending to check for remaining records. * */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ); +int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); /** * \brief Try to write exactly 'len' application data bytes @@ -4177,7 +4170,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * \note Attempting to write 0 bytes will result in an empty TLS * application record being sent. */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ); +int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len); /** * \brief Send an alert message @@ -4195,9 +4188,9 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_ * call \c mbedtls_ssl_session_reset() on it before re-using it * for a new connection; the current connection must be closed. */ -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ); +int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message); /** * \brief Notify the peer that the connection is being closed * @@ -4211,14 +4204,14 @@ int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, * call \c mbedtls_ssl_session_reset() on it before re-using it * for a new connection; the current connection must be closed. */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); /** * \brief Free referenced items in an SSL context and clear memory * * \param ssl SSL context */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_free(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) /** @@ -4263,16 +4256,16 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ); * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small. * \return #MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed - * while reseting the context. + * while resetting the context. * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if a handshake is in * progress, or there is pending data for reading or sending, * or the connection does not use DTLS 1.2 with an AEAD * ciphersuite, or renegotiation is enabled. */ -int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t buf_len, - size_t *olen ); +int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t buf_len, + size_t *olen); /** * \brief Load serialized connection data to an SSL context. @@ -4339,9 +4332,9 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, * comes from a different Mbed TLS version or build. * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid. */ -int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ); +int mbedtls_ssl_context_load(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len); #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /** @@ -4354,10 +4347,10 @@ int mbedtls_ssl_context_load( mbedtls_ssl_context *ssl, * * \param conf SSL configuration context */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); +void mbedtls_ssl_config_init(mbedtls_ssl_config *conf); /** - * \brief Load reasonnable default SSL configuration values. + * \brief Load reasonable default SSL configuration values. * (You need to call mbedtls_ssl_config_init() first.) * * \param conf SSL configuration context @@ -4371,22 +4364,22 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ); * \return 0 if successful, or * MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error. */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ); +int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, + int endpoint, int transport, int preset); /** * \brief Free an SSL configuration context * * \param conf SSL configuration context */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ); +void mbedtls_ssl_config_free(mbedtls_ssl_config *conf); /** * \brief Initialize SSL session structure * * \param session SSL session */ -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); +void mbedtls_ssl_session_init(mbedtls_ssl_session *session); /** * \brief Free referenced items in an SSL session including the @@ -4397,7 +4390,7 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); * * \param session SSL session */ -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); +void mbedtls_ssl_session_free(mbedtls_ssl_session *session); /** * \brief TLS-PRF function for key derivation. @@ -4414,11 +4407,11 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); * * \return 0 on success. An SSL specific error on failure. */ -int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); +int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl_cache.h b/third_party/mbedtls/repo/include/mbedtls/ssl_cache.h index c6ef2960f4d..cadb30c18a0 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl_cache.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl_cache.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H @@ -50,7 +38,7 @@ #define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #ifdef __cplusplus extern "C" { @@ -62,8 +50,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry; /** * \brief This structure is used for storing cache entries */ -struct mbedtls_ssl_cache_entry -{ +struct mbedtls_ssl_cache_entry { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t timestamp; /*!< entry timestamp */ #endif @@ -78,8 +65,7 @@ struct mbedtls_ssl_cache_entry /** * \brief Cache context */ -struct mbedtls_ssl_cache_context -{ +struct mbedtls_ssl_cache_context { mbedtls_ssl_cache_entry *chain; /*!< start of the chain */ int timeout; /*!< cache entry timeout */ int max_entries; /*!< maximum entries */ @@ -93,7 +79,7 @@ struct mbedtls_ssl_cache_context * * \param cache SSL cache context */ -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); +void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache); /** * \brief Cache get callback implementation @@ -101,8 +87,13 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); * * \param data SSL cache context * \param session session to retrieve entry for + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND if there is + * no cache entry with specified session ID found, or + * any other negative error code for other failures. */ -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session); /** * \brief Cache set callback implementation @@ -110,8 +101,11 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); * * \param data SSL cache context * \param session session to store entry for + * + * \return \c 0 on success. + * \return A negative error code on failure. */ -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session); #if defined(MBEDTLS_HAVE_TIME) /** @@ -123,7 +117,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); * \param cache SSL cache context * \param timeout cache entry timeout in seconds */ -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ); +void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout); #endif /* MBEDTLS_HAVE_TIME */ /** @@ -133,14 +127,14 @@ void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeou * \param cache SSL cache context * \param max cache entry maximum */ -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ); +void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max); /** * \brief Free referenced items in a cache context and clear memory * * \param cache SSL cache context */ -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ); +void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl_ciphersuites.h b/third_party/mbedtls/repo/include/mbedtls/ssl_ciphersuites.h index 93c32a5edac..199014f5086 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl_ciphersuites.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl_ciphersuites.h @@ -1,23 +1,11 @@ /** * \file ssl_ciphersuites.h * - * \brief SSL Ciphersuites for mbed TLS + * \brief SSL Ciphersuites for Mbed TLS */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H @@ -385,10 +373,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; /** * \brief This structure is used for storing ciphersuite information */ -struct mbedtls_ssl_ciphersuite_t -{ +struct mbedtls_ssl_ciphersuite_t { int id; - const char * name; + const char *name; mbedtls_cipher_type_t cipher; mbedtls_md_type_t mac; @@ -402,92 +389,87 @@ struct mbedtls_ssl_ciphersuite_t unsigned char flags; }; -const int *mbedtls_ssl_list_ciphersuites( void ); +const int *mbedtls_ssl_list_ciphersuites(void); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name); +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id); #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info); #endif -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); +int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info); +int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: @@ -495,56 +477,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( + const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl_cookie.h b/third_party/mbedtls/repo/include/mbedtls/ssl_cookie.h index 0a238708e59..85a1b4ac144 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl_cookie.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl_cookie.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H @@ -45,7 +33,7 @@ #define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ #endif -/* \} name SECTION: Module settings */ +/** \} name SECTION: Module settings */ #ifdef __cplusplus extern "C" { @@ -54,8 +42,7 @@ extern "C" { /** * \brief Context for the default cookie functions. */ -typedef struct mbedtls_ssl_cookie_ctx -{ +typedef struct mbedtls_ssl_cookie_ctx { mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ #if !defined(MBEDTLS_HAVE_TIME) unsigned long serial; /*!< serial number for expiration */ @@ -71,30 +58,30 @@ typedef struct mbedtls_ssl_cookie_ctx /** * \brief Initialize cookie context */ -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ); +void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx); /** * \brief Setup cookie context (generate keys) */ -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); /** * \brief Set expiration delay for cookies * (Default MBEDTLS_SSL_COOKIE_TIMEOUT) * - * \param ctx Cookie contex + * \param ctx Cookie context * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies * issued in the meantime. * 0 to disable expiration (NOT recommended) */ -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ); +void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay); /** * \brief Free cookie context */ -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ); +void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx); /** * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl_internal.h b/third_party/mbedtls/repo/include/mbedtls/ssl_internal.h index 6913dc0f668..3a40b4ba2fa 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl_internal.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_INTERNAL_H #define MBEDTLS_SSL_INTERNAL_H @@ -60,7 +48,7 @@ #include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -146,19 +134,19 @@ /* This macro determines whether CBC is supported. */ #if defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_AES_C) || \ - defined(MBEDTLS_CAMELLIA_C) || \ - defined(MBEDTLS_ARIA_C) || \ - defined(MBEDTLS_DES_C) ) + (defined(MBEDTLS_AES_C) || \ + defined(MBEDTLS_CAMELLIA_C) || \ + defined(MBEDTLS_ARIA_C) || \ + defined(MBEDTLS_DES_C)) #define MBEDTLS_SSL_SOME_SUITES_USE_CBC #endif /* This macro determines whether the CBC construct used in TLS 1.0-1.2 (as * opposed to the very different CBC construct used in SSLv3) is supported. */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) ) + (defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2)) #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC #endif @@ -193,18 +181,18 @@ #define MBEDTLS_SSL_MAX_CID_EXPANSION 0 #endif -#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD + \ - MBEDTLS_MAX_IV_LENGTH + \ - MBEDTLS_SSL_MAC_ADD + \ - MBEDTLS_SSL_PADDING_ADD + \ - MBEDTLS_SSL_MAX_CID_EXPANSION \ - ) +#define MBEDTLS_SSL_PAYLOAD_OVERHEAD (MBEDTLS_SSL_COMPRESSION_ADD + \ + MBEDTLS_MAX_IV_LENGTH + \ + MBEDTLS_SSL_MAC_ADD + \ + MBEDTLS_SSL_PADDING_ADD + \ + MBEDTLS_SSL_MAX_CID_EXPANSION \ + ) -#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_IN_CONTENT_LEN ) ) +#define MBEDTLS_SSL_IN_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + (MBEDTLS_SSL_IN_CONTENT_LEN)) -#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ - ( MBEDTLS_SSL_OUT_CONTENT_LEN ) ) +#define MBEDTLS_SSL_OUT_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ + (MBEDTLS_SSL_OUT_CONTENT_LEN)) /* The maximum number of buffered handshake messages. */ #define MBEDTLS_SSL_MAX_BUFFERED_HS 4 @@ -215,8 +203,8 @@ */ #define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ( \ (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN) \ - ? ( MBEDTLS_SSL_OUT_CONTENT_LEN ) \ - : ( MBEDTLS_SSL_IN_CONTENT_LEN ) \ + ? (MBEDTLS_SSL_OUT_CONTENT_LEN) \ + : (MBEDTLS_SSL_IN_CONTENT_LEN) \ ) /* Maximum size in bytes of list in sig-hash algorithm ext., RFC 5246 */ @@ -234,11 +222,13 @@ #endif #if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#error \ + "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." #endif #if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#error \ + "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." #endif #if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 @@ -258,44 +248,44 @@ #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_IN_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN)) #else #define MBEDTLS_SSL_IN_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) \ - + ( MBEDTLS_SSL_CID_IN_LEN_MAX ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN) \ + + (MBEDTLS_SSL_CID_IN_LEN_MAX)) #endif #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) #define MBEDTLS_SSL_OUT_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN)) #else #define MBEDTLS_SSL_OUT_BUFFER_LEN \ - ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) \ - + ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) ) + ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN) \ + + (MBEDTLS_SSL_CID_OUT_LEN_MAX)) #endif #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) -static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx ) +static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx) { -#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID) - return mbedtls_ssl_get_output_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD - + MBEDTLS_SSL_CID_OUT_LEN_MAX; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + return mbedtls_ssl_get_output_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD + + MBEDTLS_SSL_CID_OUT_LEN_MAX; #else - return mbedtls_ssl_get_output_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; + return mbedtls_ssl_get_output_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; #endif } -static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx ) +static inline size_t mbedtls_ssl_get_input_buflen(const mbedtls_ssl_context *ctx) { -#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID) - return mbedtls_ssl_get_input_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD - + MBEDTLS_SSL_CID_IN_LEN_MAX; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + return mbedtls_ssl_get_input_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD + + MBEDTLS_SSL_CID_IN_LEN_MAX; #else - return mbedtls_ssl_get_input_max_frag_len( ctx ) - + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; + return mbedtls_ssl_get_input_max_frag_len(ctx) + + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD; #endif } #endif @@ -303,7 +293,7 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct #ifdef MBEDTLS_ZLIB_SUPPORT /* Compression buffer holds both IN and OUT buffers, so should be size of the larger */ #define MBEDTLS_SSL_COMPRESS_BUFFER_LEN ( \ - ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN ) \ + (MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN) \ ? MBEDTLS_SSL_IN_BUFFER_LEN \ : MBEDTLS_SSL_OUT_BUFFER_LEN \ ) @@ -328,10 +318,10 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct * \return Zero if the needed space is available in the buffer, non-zero * otherwise. */ -static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur, - const uint8_t *end, size_t need ) +static inline int mbedtls_ssl_chk_buf_ptr(const uint8_t *cur, + const uint8_t *end, size_t need) { - return( ( cur > end ) || ( need > (size_t)( end - cur ) ) ); + return (cur > end) || (need > (size_t) (end - cur)); } /** @@ -344,13 +334,13 @@ static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur, * \param need Needed space in bytes. * */ -#define MBEDTLS_SSL_CHK_BUF_PTR( cur, end, need ) \ +#define MBEDTLS_SSL_CHK_BUF_PTR(cur, end, need) \ do { \ - if( mbedtls_ssl_chk_buf_ptr( ( cur ), ( end ), ( need ) ) != 0 ) \ + if (mbedtls_ssl_chk_buf_ptr((cur), (end), (need)) != 0) \ { \ - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); \ + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; \ } \ - } while( 0 ) + } while (0) #ifdef __cplusplus extern "C" { @@ -361,8 +351,7 @@ extern "C" { /* * Abstraction for a grid of allowed signature-hash-algorithm pairs. */ -struct mbedtls_ssl_sig_hash_set_t -{ +struct mbedtls_ssl_sig_hash_set_t { /* At the moment, we only need to remember a single suitable * hash algorithm per signature algorithm. As long as that's * the case - and we don't need a general lookup function - @@ -374,10 +363,10 @@ struct mbedtls_ssl_sig_hash_set_t #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); +typedef int mbedtls_ssl_tls_prf_cb(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); /* cipher.h exports the maximum IV, key and block length from * all ciphers enabled in the config, regardless of whether those @@ -403,16 +392,15 @@ typedef int mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen, * \brief The data structure holding the cryptographic material (key and IV) * used for record protection in TLS 1.3. */ -struct mbedtls_ssl_key_set -{ +struct mbedtls_ssl_key_set { /*! The key for client->server records. */ - unsigned char client_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ]; + unsigned char client_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH]; /*! The key for server->client records. */ - unsigned char server_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ]; + unsigned char server_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH]; /*! The IV for client->server records. */ - unsigned char client_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ]; + unsigned char client_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH]; /*! The IV for server->client records. */ - unsigned char server_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ]; + unsigned char server_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH]; size_t key_len; /*!< The length of client_write_key and * server_write_key, in Bytes. */ @@ -424,8 +412,7 @@ typedef struct mbedtls_ssl_key_set mbedtls_ssl_key_set; /* * This structure contains the parameters only needed during handshake. */ -struct mbedtls_ssl_handshake_params -{ +struct mbedtls_ssl_handshake_params { /* * Handshake specific crypto variables */ @@ -544,16 +531,14 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - struct - { + struct { size_t total_bytes_buffered; /*!< Cumulative size of heap allocated * buffers used for message buffering. */ uint8_t seen_ccs; /*!< Indicates if a CCS message has * been seen in the current flight. */ - struct mbedtls_ssl_hs_buffer - { + struct mbedtls_ssl_hs_buffer { unsigned is_valid : 1; unsigned is_fragmented : 1; unsigned is_complete : 1; @@ -561,8 +546,7 @@ struct mbedtls_ssl_handshake_params size_t data_len; } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; - struct - { + struct { unsigned char *data; size_t len; unsigned epoch; @@ -585,7 +569,7 @@ struct mbedtls_ssl_handshake_params unsigned int in_flight_start_seq; /*!< Minimum message sequence in the flight being received */ mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for - resending messages */ + resending messages */ unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter for resending messages */ @@ -596,7 +580,7 @@ struct mbedtls_ssl_handshake_params * has been negotiated. Possible values are * #MBEDTLS_SSL_CID_ENABLED and * #MBEDTLS_SSL_CID_DISABLED. */ - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */ + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; /*! The peer's CID */ uint8_t peer_cid_len; /*!< The length of * \c peer_cid. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -631,7 +615,7 @@ struct mbedtls_ssl_handshake_params unsigned char randbytes[64]; /*!< random bytes */ unsigned char premaster[MBEDTLS_PREMASTER_SIZE]; - /*!< premaster secret */ + /*!< premaster secret */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) /** Asynchronous operation context. This field is meant for use by the @@ -744,8 +728,7 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; * in other transformations. * */ -struct mbedtls_ssl_transform -{ +struct mbedtls_ssl_transform { /* * Session specific crypto layer */ @@ -782,8 +765,8 @@ struct mbedtls_ssl_transform #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t in_cid_len; uint8_t out_cid_len; - unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; - unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char in_cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; + unsigned char out_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* @@ -806,13 +789,13 @@ struct mbedtls_ssl_transform * Equivalently, return 0 if a separate MAC is used, 1 otherwise. */ static inline int mbedtls_ssl_transform_uses_aead( - const mbedtls_ssl_transform *transform ) + const mbedtls_ssl_transform *transform) { #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - return( transform->maclen == 0 && transform->taglen != 0 ); + return transform->maclen == 0 && transform->taglen != 0; #else (void) transform; - return( 1 ); + return 1; #endif } @@ -842,8 +825,7 @@ static inline int mbedtls_ssl_transform_uses_aead( #define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX #endif -typedef struct -{ +typedef struct { uint8_t ctr[8]; /* In TLS: The implicit record sequence number. * In DTLS: The 2-byte epoch followed by * the 6-byte sequence number. @@ -866,7 +848,7 @@ typedef struct #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) uint8_t cid_len; /* Length of the CID (0 if not present) */ - unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID */ + unsigned char cid[MBEDTLS_SSL_CID_LEN_MAX]; /* The CID */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ } mbedtls_record; @@ -874,8 +856,7 @@ typedef struct /* * List of certificate + private key pairs */ -struct mbedtls_ssl_key_cert -{ +struct mbedtls_ssl_key_cert { mbedtls_x509_crt *cert; /*!< cert */ mbedtls_pk_context *key; /*!< private key */ mbedtls_ssl_key_cert *next; /*!< next key/cert pair */ @@ -886,8 +867,7 @@ struct mbedtls_ssl_key_cert /* * List of handshake messages kept around for resending */ -struct mbedtls_ssl_flight_item -{ +struct mbedtls_ssl_flight_item { unsigned char *p; /*!< message, including handshake headers */ size_t len; /*!< length of p */ unsigned char type; /*!< type of the message: handshake or CCS */ @@ -899,20 +879,20 @@ struct mbedtls_ssl_flight_item defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ); +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg); /* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ); +void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg); /* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ); +void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg); /* Setup an empty signature-hash set */ -static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set ) +static inline void mbedtls_ssl_sig_hash_set_init(mbedtls_ssl_sig_hash_set_t *set) { - mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE ); + mbedtls_ssl_sig_hash_set_const_hash(set, MBEDTLS_MD_NONE); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2) && @@ -924,7 +904,7 @@ static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *se * * \param transform SSL transform context */ -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); +void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform); /** * \brief Free referenced items in an SSL handshake context and clear @@ -932,20 +912,26 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ); * * \param ssl SSL context */ -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl); -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl); +void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl); -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl); -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl); -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl); +void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl); /** * \brief Update record layer @@ -1023,28 +1009,40 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); * following the above definition. * */ -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ); -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); - -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); - -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, + unsigned update_hs_digest); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want); + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl); + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl); + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl); + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl); + +void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex); /** * Get the first defined PSK by order of precedence: @@ -1052,29 +1050,22 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch * 2. static PSK configured by \c mbedtls_ssl_conf_psk() * Return a code and update the pair (PSK, PSK length) passed to this function */ -static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, - const unsigned char **psk, size_t *psk_len ) +static inline int mbedtls_ssl_get_psk(const mbedtls_ssl_context *ssl, + const unsigned char **psk, size_t *psk_len) { - if( ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0 ) - { + if (ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0) { *psk = ssl->handshake->psk; *psk_len = ssl->handshake->psk_len; - } - - else if( ssl->conf->psk != NULL && ssl->conf->psk_len > 0 ) - { + } else if (ssl->conf->psk != NULL && ssl->conf->psk_len > 0) { *psk = ssl->conf->psk; *psk_len = ssl->conf->psk_len; - } - - else - { + } else { *psk = NULL; *psk_len = 0; - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1086,45 +1077,51 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl, * Return an opaque PSK */ static inline psa_key_id_t mbedtls_ssl_get_opaque_psk( - const mbedtls_ssl_context *ssl ) + const mbedtls_ssl_context *ssl) { - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( ssl->handshake->psk_opaque ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return ssl->handshake->psk_opaque; + } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( ssl->conf->psk_opaque ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return ssl->conf->psk_opaque; + } - return( MBEDTLS_SVC_KEY_ID_INIT ); + return MBEDTLS_SVC_KEY_ID_INIT; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_PK_C) -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ); -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ); -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ); +unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk); +unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type); +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig); #endif -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ); -unsigned char mbedtls_ssl_hash_from_md_alg( int md ); -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ); +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash); +unsigned char mbedtls_ssl_hash_from_md_alg(int md); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md); #if defined(MBEDTLS_ECP_C) -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id); #endif #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md); #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value - ( const uint16_t srtp_profile_value ) + (const uint16_t srtp_profile_value) { - switch( srtp_profile_value ) - { + switch (srtp_profile_value) { case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: @@ -1132,33 +1129,35 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value return srtp_profile_value; default: break; } - return( MBEDTLS_TLS_SRTP_UNSET ); + return MBEDTLS_TLS_SRTP_UNSET; } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) -static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl ) +static inline mbedtls_pk_context *mbedtls_ssl_own_key(mbedtls_ssl_context *ssl) { mbedtls_ssl_key_cert *key_cert; - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; - else + } else { key_cert = ssl->conf->key_cert; + } - return( key_cert == NULL ? NULL : key_cert->key ); + return key_cert == NULL ? NULL : key_cert->key; } -static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) +static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl) { mbedtls_ssl_key_cert *key_cert; - if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL ) + if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; - else + } else { key_cert = ssl->conf->key_cert; + } - return( key_cert == NULL ? NULL : key_cert->cert ); + return key_cert == NULL ? NULL : key_cert->cert; } /* @@ -1170,82 +1169,88 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) * * Return 0 if everything is OK, -1 if not. */ -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags); #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ); -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ); +void mbedtls_ssl_write_version(int major, int minor, int transport, + unsigned char ver[2]); +void mbedtls_ssl_read_version(int *major, int *minor, int transport, + const unsigned char ver[2]); -static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_in_hdr_len(const mbedtls_ssl_context *ssl) { #if !defined(MBEDTLS_SSL_PROTO_DTLS) ((void) ssl); #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - return( 13 ); - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 13; + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { - return( 5 ); + return 5; } } -static inline size_t mbedtls_ssl_out_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_out_hdr_len(const mbedtls_ssl_context *ssl) { - return( (size_t) ( ssl->out_iv - ssl->out_hdr ) ); + return (size_t) (ssl->out_iv - ssl->out_hdr); } -static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 12 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 12; + } #else ((void) ssl); #endif - return( 4 ); + return 4; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl); +void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_resend(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl); #endif /* Visible for testing purposes only */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl ); -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl); +void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl); #endif -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len); #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) /* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg); #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -1253,56 +1258,71 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, } #endif -void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ); -int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); -int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec ); +void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec); /* Length of the "epoch" field in the record header */ -static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl ) +static inline size_t mbedtls_ssl_ep_len(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 2 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 2; + } #else ((void) ssl); #endif - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ); -int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl); -void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ); -void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl); +void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform); +void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl); -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial); #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl); #endif -void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); +void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RENEGOTIATION) -int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_PROTO_DTLS) -size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); -void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ); -void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); +size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl); +void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl); +void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight); #endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_TEST_HOOKS) +int mbedtls_ssl_check_dtls_clihlo_cookie( + mbedtls_ssl_context *ssl, + const unsigned char *cli_id, size_t cli_id_len, + const unsigned char *in, size_t in_len, + unsigned char *obuf, size_t buf_len, size_t *olen); +#endif + #endif /* ssl_internal.h */ diff --git a/third_party/mbedtls/repo/include/mbedtls/ssl_ticket.h b/third_party/mbedtls/repo/include/mbedtls/ssl_ticket.h index a882eed23b9..ad1592357b2 100644 --- a/third_party/mbedtls/repo/include/mbedtls/ssl_ticket.h +++ b/third_party/mbedtls/repo/include/mbedtls/ssl_ticket.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H @@ -48,8 +36,7 @@ extern "C" { /** * \brief Information for session ticket protection */ -typedef struct mbedtls_ssl_ticket_key -{ +typedef struct mbedtls_ssl_ticket_key { unsigned char name[4]; /*!< random key identifier */ uint32_t generation_time; /*!< key generation timestamp (seconds) */ mbedtls_cipher_context_t ctx; /*!< context for auth enc/decryption */ @@ -59,8 +46,7 @@ mbedtls_ssl_ticket_key; /** * \brief Context for session ticket handling functions */ -typedef struct mbedtls_ssl_ticket_context -{ +typedef struct mbedtls_ssl_ticket_context { mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ unsigned char active; /*!< index of the currently active key */ @@ -83,7 +69,7 @@ mbedtls_ssl_ticket_context; * * \param ctx Context to be initialized */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); +void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx); /** * \brief Prepare context to be actually used @@ -101,16 +87,16 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ); * supported. Usually that means a 256-bit key. * * \note The lifetime of the keys is twice the lifetime of tickets. - * It is recommended to pick a reasonnable lifetime so as not + * It is recommended to pick a reasonable lifetime so as not * to negate the benefits of forward secrecy. * * \return 0 if successful, * or a specific MBEDTLS_ERR_XXX error code */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ); +int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime); /** * \brief Implementation of the ticket write callback @@ -131,7 +117,7 @@ mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse; * * \param ctx Context to be cleaned up */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ); +void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/threading.h b/third_party/mbedtls/repo/include/mbedtls/threading.h index d147c73f066..2a03afeef9c 100644 --- a/third_party/mbedtls/repo/include/mbedtls/threading.h +++ b/third_party/mbedtls/repo/include/mbedtls/threading.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_THREADING_H #define MBEDTLS_THREADING_H @@ -46,8 +34,7 @@ extern "C" { #if defined(MBEDTLS_THREADING_PTHREAD) #include -typedef struct mbedtls_threading_mutex_t -{ +typedef struct mbedtls_threading_mutex_t { pthread_mutex_t mutex; /* is_valid is 0 after a failed init or a free, and nonzero after a * successful init. This field is not considered part of the public @@ -64,9 +51,9 @@ typedef struct mbedtls_threading_mutex_t * \brief Set your alternate threading implementation function * pointers and initialize global mutexes. If used, this * function must be called once in the main thread before any - * other mbed TLS function is called, and + * other Mbed TLS function is called, and * mbedtls_threading_free_alt() must be called once in the main - * thread after all other mbed TLS functions. + * thread after all other Mbed TLS functions. * * \note mutex_init() and mutex_free() don't return a status code. * If mutex_init() fails, it should leave its argument (the @@ -78,15 +65,15 @@ typedef struct mbedtls_threading_mutex_t * \param mutex_lock the lock function implementation * \param mutex_unlock the unlock function implementation */ -void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), - void (*mutex_free)( mbedtls_threading_mutex_t * ), - int (*mutex_lock)( mbedtls_threading_mutex_t * ), - int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ); +void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *)); /** * \brief Free global mutexes. */ -void mbedtls_threading_free_alt( void ); +void mbedtls_threading_free_alt(void); #endif /* MBEDTLS_THREADING_ALT */ #if defined(MBEDTLS_THREADING_C) @@ -95,10 +82,10 @@ void mbedtls_threading_free_alt( void ); * * All these functions are expected to work or the result will be undefined. */ -extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex ); -extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex ); -extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex ); -extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); +extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex); +extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex); +extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex); +extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex); /* * Global mutexes diff --git a/third_party/mbedtls/repo/include/mbedtls/timing.h b/third_party/mbedtls/repo/include/mbedtls/timing.h index b7290cfcabc..bbc8fff7630 100644 --- a/third_party/mbedtls/repo/include/mbedtls/timing.h +++ b/third_party/mbedtls/repo/include/mbedtls/timing.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_TIMING_H #define MBEDTLS_TIMING_H @@ -41,16 +29,14 @@ extern "C" { /** * \brief timer structure */ -struct mbedtls_timing_hr_time -{ +struct mbedtls_timing_hr_time { unsigned char opaque[32]; }; /** * \brief Context for mbedtls_timing_set/get_delay() */ -typedef struct mbedtls_timing_delay_context -{ +typedef struct mbedtls_timing_delay_context { struct mbedtls_timing_hr_time timer; uint32_t int_ms; uint32_t fin_ms; @@ -72,7 +58,7 @@ extern volatile int mbedtls_timing_alarmed; * \note This value starts at an unspecified origin and * may wrap around. */ -unsigned long mbedtls_timing_hardclock( void ); +unsigned long mbedtls_timing_hardclock(void); /** * \brief Return the elapsed time in milliseconds @@ -91,7 +77,7 @@ unsigned long mbedtls_timing_hardclock( void ); * get_timer(0) }` the value time1+time2 is only approximately * the delay since the first reset. */ -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ); +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset); /** * \brief Setup an alarm clock @@ -103,7 +89,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int * context, this means one for the whole process, not one per * thread. */ -void mbedtls_set_alarm( int seconds ); +void mbedtls_set_alarm(int seconds); /** * \brief Set a pair of delays to watch @@ -119,7 +105,7 @@ void mbedtls_set_alarm( int seconds ); * \note To set a single delay, either use \c mbedtls_timing_set_timer * directly or use this function with int_ms == fin_ms. */ -void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms); /** * \brief Get the status of delays @@ -133,7 +119,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ); * 1 if only the intermediate delay is passed, * 2 if the final delay is passed. */ -int mbedtls_timing_get_delay( void *data ); +int mbedtls_timing_get_delay(void *data); #if defined(MBEDTLS_SELF_TEST) /** @@ -141,7 +127,7 @@ int mbedtls_timing_get_delay( void *data ); * * \return 0 if successful, or 1 if a test failed */ -int mbedtls_timing_self_test( int verbose ); +int mbedtls_timing_self_test(int verbose); #endif #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/mbedtls/version.h b/third_party/mbedtls/repo/include/mbedtls/version.h index b1a92b2bcf3..0533bca6812 100644 --- a/third_party/mbedtls/repo/include/mbedtls/version.h +++ b/third_party/mbedtls/repo/include/mbedtls/version.h @@ -5,23 +5,11 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This set of compile-time defines and run-time variables can be used to - * determine the version number of the mbed TLS library used. + * determine the version number of the Mbed TLS library used. */ #ifndef MBEDTLS_VERSION_H #define MBEDTLS_VERSION_H @@ -38,16 +26,16 @@ */ #define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MINOR 28 -#define MBEDTLS_VERSION_PATCH 0 +#define MBEDTLS_VERSION_PATCH 7 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x021C0000 -#define MBEDTLS_VERSION_STRING "2.28.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.28.0" +#define MBEDTLS_VERSION_NUMBER 0x021C0700 +#define MBEDTLS_VERSION_STRING "2.28.7" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 2.28.7" #if defined(MBEDTLS_VERSION_C) @@ -61,7 +49,7 @@ extern "C" { * \return The constructed version number in the format * MMNNPP00 (Major, Minor, Patch). */ -unsigned int mbedtls_version_get_number( void ); +unsigned int mbedtls_version_get_number(void); /** * Get the version string ("x.y.z"). @@ -69,27 +57,27 @@ unsigned int mbedtls_version_get_number( void ); * \param string The string that will receive the value. * (Should be at least 9 bytes in size) */ -void mbedtls_version_get_string( char *string ); +void mbedtls_version_get_string(char *string); /** - * Get the full version string ("mbed TLS x.y.z"). + * Get the full version string ("Mbed TLS x.y.z"). * - * \param string The string that will receive the value. The mbed TLS version + * \param string The string that will receive the value. The Mbed TLS version * string will use 18 bytes AT MOST including a terminating * null byte. * (So the buffer should be at least 18 bytes to receive this * version string). */ -void mbedtls_version_get_string_full( char *string ); +void mbedtls_version_get_string_full(char *string); /** * \brief Check if support for a feature was compiled into this - * mbed TLS binary. This allows you to see at runtime if the + * Mbed TLS binary. This allows you to see at runtime if the * library was for instance compiled with or without * Multi-threading support. * * \note only checks against defines in the sections "System - * support", "mbed TLS modules" and "mbed TLS feature + * support", "Mbed TLS modules" and "Mbed TLS feature * support" in config.h * * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C") @@ -99,7 +87,7 @@ void mbedtls_version_get_string_full( char *string ); * -2 if support for feature checking as a whole was not * compiled in. */ -int mbedtls_version_check_feature( const char *feature ); +int mbedtls_version_check_feature(const char *feature); #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/x509.h b/third_party/mbedtls/repo/include/mbedtls/x509.h index c1775014300..bde998c34f9 100644 --- a/third_party/mbedtls/repo/include/mbedtls/x509.h +++ b/third_party/mbedtls/repo/include/mbedtls/x509.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_H #define MBEDTLS_X509_H @@ -96,7 +84,7 @@ #define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL -0x2980 /** A fatal error occurred, eg the chain is too long or the vrfy callback failed. */ #define MBEDTLS_ERR_X509_FATAL_ERROR -0x3000 -/* \} name */ +/** \} name X509 Error codes */ /** * \name X509 Verify codes @@ -124,8 +112,8 @@ #define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ #define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */ -/* \} name */ -/* \} addtogroup x509_module */ +/** \} name X509 Verify codes */ +/** \} addtogroup x509_module */ /* * X.509 v3 Subject Alternative Name types. @@ -247,15 +235,13 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name; typedef mbedtls_asn1_sequence mbedtls_x509_sequence; /** Container for date and time (precision in seconds). */ -typedef struct mbedtls_x509_time -{ +typedef struct mbedtls_x509_time { int year, mon, day; /**< Date. */ int hour, min, sec; /**< Time. */ } mbedtls_x509_time; /** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ -/** \} addtogroup x509_module */ /** * \brief Store the certificate DN in printable form into buf; @@ -268,7 +254,7 @@ mbedtls_x509_time; * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); +int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn); /** * \brief Store the certificate serial in printable form into buf; @@ -281,7 +267,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ); +int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial); /** * \brief Check a given mbedtls_x509_time against the system time @@ -295,7 +281,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se * \return 1 if the given time is in the past or an error occurred, * 0 otherwise. */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to); /** * \brief Check a given mbedtls_x509_time against the system time @@ -309,7 +295,9 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ); * \return 1 if the given time is in the future or an error occurred, * 0 otherwise. */ -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from); + +/** \} addtogroup x509_module */ #if defined(MBEDTLS_SELF_TEST) @@ -318,7 +306,7 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ); * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_x509_self_test( int verbose ); +int mbedtls_x509_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ @@ -326,51 +314,52 @@ int mbedtls_x509_self_test( int verbose ); * Internal module functions. You probably do not want to use these unless you * know you do. */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ); -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ); -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ); +int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur); +int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg); +int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ); +int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len); #endif -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ); -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ); -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *t ); -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ); -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ); -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ); -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ); -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ); -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, - size_t val_len ); -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ); -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ); +int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig); +int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts); +int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, + mbedtls_x509_time *t); +int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial); +int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag); +int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts); +int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name); +int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name); +int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, + size_t val_len); +int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size, + mbedtls_pk_type_t pk_alg); #define MBEDTLS_X509_SAFE_SNPRINTF \ do { \ - if( ret < 0 || (size_t) ret >= n ) \ - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); \ - \ + if (ret < 0 || (size_t) ret >= n) \ + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; \ + \ n -= (size_t) ret; \ p += (size_t) ret; \ - } while( 0 ) + } while (0) #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/x509_crl.h b/third_party/mbedtls/repo/include/mbedtls/x509_crl.h index 7e9e8885f41..9f755f8535c 100644 --- a/third_party/mbedtls/repo/include/mbedtls/x509_crl.h +++ b/third_party/mbedtls/repo/include/mbedtls/x509_crl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H @@ -47,8 +35,7 @@ extern "C" { * Certificate revocation list entry. * Contains the CA-specific serial numbers and revocation dates. */ -typedef struct mbedtls_x509_crl_entry -{ +typedef struct mbedtls_x509_crl_entry { mbedtls_x509_buf raw; mbedtls_x509_buf serial; @@ -65,8 +52,7 @@ mbedtls_x509_crl_entry; * Certificate revocation list structure. * Every CRL may have multiple entries. */ -typedef struct mbedtls_x509_crl -{ +typedef struct mbedtls_x509_crl { mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ @@ -97,6 +83,10 @@ mbedtls_x509_crl; /** * \brief Parse a DER-encoded CRL and append it to the chained list * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in DER format * \param buflen size of the buffer @@ -104,13 +94,17 @@ mbedtls_x509_crl; * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen); /** * \brief Parse one or more CRLs and append them to the chained list * * \note Multiple CRLs are accepted only if using PEM format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in PEM or DER format * \param buflen size of the buffer @@ -118,7 +112,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -126,12 +120,16 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s * * \note Multiple CRLs are accepted only if using PEM format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param path filename to read the CRLs from (in PEM or DER encoding) * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); +int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -145,25 +143,25 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ); +int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl); /** * \brief Initialize a CRL (chain) * * \param crl CRL chain to initialize */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ); +void mbedtls_x509_crl_init(mbedtls_x509_crl *crl); /** * \brief Unallocate all CRL data * * \param crl CRL chain to free */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ); +void mbedtls_x509_crl_free(mbedtls_x509_crl *crl); -/* \} name */ -/* \} addtogroup x509_module */ +/** \} name Structures and functions for parsing CRLs */ +/** \} addtogroup x509_module */ #ifdef __cplusplus } diff --git a/third_party/mbedtls/repo/include/mbedtls/x509_crt.h b/third_party/mbedtls/repo/include/mbedtls/x509_crt.h index 64ccb433ba8..e6d6a2cc108 100644 --- a/third_party/mbedtls/repo/include/mbedtls/x509_crt.h +++ b/third_party/mbedtls/repo/include/mbedtls/x509_crt.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRT_H #define MBEDTLS_X509_CRT_H @@ -49,8 +37,7 @@ extern "C" { /** * Container for an X.509 certificate. The certificate may be chained. */ -typedef struct mbedtls_x509_crt -{ +typedef struct mbedtls_x509_crt { int own_buffer; /**< Indicates if \c raw is owned * by the structure or not. */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */ @@ -104,24 +91,21 @@ mbedtls_x509_crt; * type-id OBJECT IDENTIFIER, * value [0] EXPLICIT ANY DEFINED BY type-id } */ -typedef struct mbedtls_x509_san_other_name -{ +typedef struct mbedtls_x509_san_other_name { /** - * The type_id is an OID as deifned in RFC 5280. + * The type_id is an OID as defined in RFC 5280. * To check the value of the type id, you should use * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. */ mbedtls_x509_buf type_id; /**< The type id. */ - union - { + union { /** * From RFC 4108 section 5: * HardwareModuleName ::= SEQUENCE { * hwType OBJECT IDENTIFIER, * hwSerialNum OCTET STRING } */ - struct - { + struct { mbedtls_x509_buf oid; /**< The object identifier. */ mbedtls_x509_buf val; /**< The named value. */ } @@ -134,8 +118,7 @@ mbedtls_x509_san_other_name; /** * A structure for holding the parsed Subject Alternative Name, according to type */ -typedef struct mbedtls_x509_subject_alternative_name -{ +typedef struct mbedtls_x509_subject_alternative_name { int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ union { mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ @@ -149,17 +132,18 @@ mbedtls_x509_subject_alternative_name; * Build flag from an algorithm/curve identifier (pk, md, ecp) * Since 0 is always XXX_NONE, ignore it. */ -#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( (id) - 1 ) ) +#define MBEDTLS_X509_ID_FLAG(id) (1 << ((id) - 1)) /** * Security profile for certificate verification. * * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). */ -typedef struct mbedtls_x509_crt_profile -{ +typedef struct mbedtls_x509_crt_profile { uint32_t allowed_mds; /**< MDs for signatures */ - uint32_t allowed_pks; /**< PK algs for signatures */ + uint32_t allowed_pks; /**< PK algs for public keys; + * this applies to all certificates + * in the provided chain. */ uint32_t allowed_curves; /**< Elliptic curves for ECDSA */ uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */ } @@ -172,15 +156,14 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 -#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN ) +#if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 #endif /** * Container for writing a certificate (CRT) */ -typedef struct mbedtls_x509write_cert -{ +typedef struct mbedtls_x509write_cert { int version; mbedtls_mpi serial; mbedtls_pk_context *subject_key; @@ -205,13 +188,12 @@ typedef struct { /** * Max size of verification chain: end-entity + intermediates + trusted root */ -#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) +#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2) /** * Verification chain as built by \c mbedtls_crt_verify_chain() */ -typedef struct -{ +typedef struct { mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; unsigned len; @@ -229,8 +211,7 @@ typedef struct /** * \brief Context for resuming X.509 verify operations */ -typedef struct -{ +typedef struct { /* for check_signature() */ mbedtls_pk_restart_ctx pk; @@ -290,6 +271,10 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; * \brief Parse a single DER formatted certificate and add it * to the end of the provided chained list. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -306,9 +291,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb; * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); +int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen); /** * \brief The type of certificate extension callbacks. @@ -340,17 +325,21 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, * \return \c 0 on success. * \return A negative error code on failure. */ -typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, - mbedtls_x509_crt const *crt, - mbedtls_x509_buf const *oid, - int critical, - const unsigned char *p, - const unsigned char *end ); +typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx, + mbedtls_x509_crt const *crt, + mbedtls_x509_buf const *oid, + int critical, + const unsigned char *p, + const unsigned char *end); /** * \brief Parse a single DER formatted certificate and add it * to the end of the provided chained list. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -387,12 +376,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ); +int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx); /** * \brief Parse a single DER formatted certificate and add it @@ -401,6 +390,10 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, * temporary ownership of the CRT buffer until the CRT * is destroyed. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -421,9 +414,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, * \return \c 0 if successful. * \return A negative error code on failure. */ -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ); +int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen); /** * \brief Parse one DER-encoded or one or more concatenated PEM-encoded @@ -441,6 +434,10 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, * long as the certificates are enclosed in the PEM specific * '-----{BEGIN/END} CERTIFICATE-----' delimiters. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The chain to which to add the parsed certificates. * \param buf The buffer holding the certificate data in PEM or DER format. * For certificates in PEM encoding, this may be a concatenation @@ -455,7 +452,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, * \return A negative X509 or PEM error code otherwise. * */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -465,13 +462,17 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s * of failed certificates it encountered. If none complete * correctly, the first error is returned. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param path filename to read the certificates from * * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); +int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path); /** * \brief Load one or more certificate files from a path and add them @@ -486,7 +487,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ); * \return 0 if all certificates parsed successfully, a positive number * if partly successful or a specific X509 or PEM error code */ -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); +int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -496,7 +497,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); * \param san_buf The buffer holding the raw data item of the subject * alternative name. * \param san The target structure to populate with the parsed presentation - * of the subject alternative name encoded in \p san_raw. + * of the subject alternative name encoded in \p san_buf. * * \note Only "dnsName" and "otherName" of type hardware_module_name * as defined in RFC 4180 is supported. @@ -504,7 +505,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); * \note This function should be called on a single raw data of * subject alternative name. For example, after successful * certificate parsing, one must iterate on every item in the - * \p crt->subject_alt_names sequence, and pass it to + * \c crt->subject_alt_names sequence, and pass it to * this function. * * \warning The target structure contains pointers to the raw data of the @@ -516,8 +517,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ); * SAN type. * \return Another negative value for any other failure. */ -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ); +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san); /** * \brief Returns an informational string about the * certificate. @@ -530,8 +531,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ); +int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt); /** * \brief Returns an informational string about the @@ -545,8 +546,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ); +int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, + uint32_t flags); /** * \brief Verify a chain of certificates. @@ -614,12 +615,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, * \return Another negative error code in case of a fatal error * encountered during the verification process. */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); /** * \brief Verify a chain of certificates with respect to @@ -655,13 +656,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, * \return Another negative error code in case of a fatal error * encountered during the verification process. */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); /** * \brief Restartable version of \c mbedtls_crt_verify_with_profile() @@ -689,14 +690,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of * operations was reached: see \c mbedtls_ecp_set_max_ops(). */ -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ); +int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx); /** * \brief The type of trusted certificate callbacks. @@ -728,9 +729,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, * to the caller. * \return A negative error code on failure. */ -typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, - mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidate_cas ); +typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx, + mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidate_cas); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /** @@ -755,13 +756,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx, * * \return See \c mbedtls_crt_verify_with_profile(). */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ); +int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ @@ -787,8 +788,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, * (intermediate) CAs the keyUsage extension is automatically * checked by \c mbedtls_x509_crt_verify(). */ -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ); +int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt, + unsigned int usage); #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */ #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) @@ -805,9 +806,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, * * \note Usually only makes sense on leaf certificates. */ -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ); +int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len); #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ #if defined(MBEDTLS_X509_CRL_PARSE_C) @@ -820,7 +821,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, * \return 1 if the certificate is revoked, 0 otherwise * */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ); +int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl); #endif /* MBEDTLS_X509_CRL_PARSE_C */ /** @@ -828,30 +829,29 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509 * * \param crt Certificate chain to initialize */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); +void mbedtls_x509_crt_init(mbedtls_x509_crt *crt); /** * \brief Unallocate all certificate data * * \param crt Certificate chain to free */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); +void mbedtls_x509_crt_free(mbedtls_x509_crt *crt); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** * \brief Initialize a restart context */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); +void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx); /** * \brief Free the components of a restart context */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); +void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx); #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ -/* \} name */ -/* \} addtogroup x509_module */ +/** \} name Structures and functions for parsing and writing X.509 certificates */ #if defined(MBEDTLS_X509_CRT_WRITE_C) /** @@ -859,17 +859,17 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); * * \param ctx CRT context to initialize */ -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ); +void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx); /** - * \brief Set the verion for a Certificate + * \brief Set the version for a Certificate * Default: MBEDTLS_X509_CRT_VERSION_3 * * \param ctx CRT context to use * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or * MBEDTLS_X509_CRT_VERSION_3) */ -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version ); +void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version); /** * \brief Set the serial number for a Certificate. @@ -879,7 +879,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version * * \return 0 if successful */ -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial ); +int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial); /** * \brief Set the validity period for a Certificate @@ -895,14 +895,14 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls * \return 0 if timestamp was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before, - const char *not_after ); +int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before, + const char *not_after); /** * \brief Set the issuer name for a Certificate * Issuer names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS CA" + * e.g. "C=UK,O=ARM,CN=Mbed TLS CA" * * \param ctx CRT context to use * \param issuer_name issuer name to set @@ -910,14 +910,14 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char * \return 0 if issuer name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ); +int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, + const char *issuer_name); /** * \brief Set the subject name for a Certificate * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CRT context to use * \param subject_name subject name to set @@ -925,8 +925,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, * \return 0 if subject name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ); +int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx, + const char *subject_name); /** * \brief Set the subject public key for the certificate @@ -934,7 +934,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, * \param ctx CRT context to use * \param key public key to include */ -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key); /** * \brief Set the issuer key used for signing the certificate @@ -942,7 +942,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls * \param ctx CRT context to use * \param key private key to sign with */ -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key); /** * \brief Set the MD algorithm to use for the signature @@ -951,7 +951,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_ * \param ctx CRT context to use * \param md_alg MD algorithm to use */ -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg ); +void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg); /** * \brief Generic function to add to or replace an extension in the @@ -966,10 +966,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ); +int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len); /** * \brief Set the basicConstraints extension for a CRT @@ -978,12 +978,12 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, * \param is_ca is this a CA certificate * \param max_pathlen maximum length of certificate chains below this * certificate (only for CA certificates, -1 is - * inlimited) + * unlimited) * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ); +int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen); #if defined(MBEDTLS_SHA1_C) /** @@ -995,7 +995,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ); +int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx); /** * \brief Set the authorityKeyIdentifier extension for a CRT @@ -1006,7 +1006,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ); +int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx); #endif /* MBEDTLS_SHA1_C */ /** @@ -1018,8 +1018,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ); +int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, + unsigned int key_usage); /** * \brief Set the Netscape Cert Type flags @@ -1030,15 +1030,15 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ); +int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type); /** * \brief Free the contents of a CRT write context * * \param ctx CRT context to free */ -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); +void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx); /** * \brief Write a built up certificate to a X509 DER structure @@ -1060,9 +1060,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -1081,12 +1081,14 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_X509_CRT_WRITE_C */ +/** \} addtogroup x509_module */ + #ifdef __cplusplus } #endif diff --git a/third_party/mbedtls/repo/include/mbedtls/x509_csr.h b/third_party/mbedtls/repo/include/mbedtls/x509_csr.h index b1dfc21f1fb..97a9db44c75 100644 --- a/third_party/mbedtls/repo/include/mbedtls/x509_csr.h +++ b/third_party/mbedtls/repo/include/mbedtls/x509_csr.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CSR_H #define MBEDTLS_X509_CSR_H @@ -46,8 +34,7 @@ extern "C" { /** * Certificate Signing Request (CSR) structure. */ -typedef struct mbedtls_x509_csr -{ +typedef struct mbedtls_x509_csr { mbedtls_x509_buf raw; /**< The raw CSR data (DER). */ mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ @@ -69,8 +56,7 @@ mbedtls_x509_csr; /** * Container for writing a CSR */ -typedef struct mbedtls_x509write_csr -{ +typedef struct mbedtls_x509write_csr { mbedtls_pk_context *key; mbedtls_asn1_named_data *subject; mbedtls_md_type_t md_alg; @@ -84,20 +70,28 @@ mbedtls_x509write_csr; * * \note CSR attributes (if any) are currently silently ignored. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param csr CSR context to fill * \param buf buffer holding the CRL data * \param buflen size of the buffer * * \return 0 if successful, or a specific X509 error code */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ); +int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen); /** * \brief Load a Certificate Signing Request (CSR), DER or PEM format * * \note See notes for \c mbedtls_x509_csr_parse_der() * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param csr CSR context to fill * \param buf buffer holding the CRL data * \param buflen size of the buffer @@ -105,7 +99,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ); +int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen); #if defined(MBEDTLS_FS_IO) /** @@ -118,7 +112,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz * * \return 0 if successful, or a specific X509 or PEM error code */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); +int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path); #endif /* MBEDTLS_FS_IO */ /** @@ -133,26 +127,25 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ); * \return The length of the string written (not including the * terminated nul byte), or a negative error code. */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ); +int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr); /** * \brief Initialize a CSR * * \param csr CSR to initialize */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ); +void mbedtls_x509_csr_init(mbedtls_x509_csr *csr); /** * \brief Unallocate all CSR data * * \param csr CSR to free */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); +void mbedtls_x509_csr_free(mbedtls_x509_csr *csr); #endif /* MBEDTLS_X509_CSR_PARSE_C */ -/* \} name */ -/* \} addtogroup x509_module */ +/** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */ #if defined(MBEDTLS_X509_CSR_WRITE_C) /** @@ -160,13 +153,13 @@ void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ); * * \param ctx CSR context to initialize */ -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); +void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx); /** * \brief Set the subject name for a CSR * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CSR context to use * \param subject_name subject name to set @@ -174,17 +167,17 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ); * \return 0 if subject name was parsed successfully, or * a specific error code */ -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ); +int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx, + const char *subject_name); /** * \brief Set the key for a CSR (public key will be included, * private key used to sign the CSR when writing it) * * \param ctx CSR context to use - * \param key Asymetric key to include + * \param key Asymmetric key to include */ -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ); +void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key); /** * \brief Set the MD algorithm to use for the signature @@ -193,7 +186,7 @@ void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_conte * \param ctx CSR context to use * \param md_alg MD algorithm to use */ -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ); +void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg); /** * \brief Set the Key Usage Extension flags @@ -212,7 +205,7 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty * #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this * function. */ -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ); +int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage); /** * \brief Set the Netscape Cert Type flags @@ -223,8 +216,8 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch * * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ); +int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type); /** * \brief Generic function to add to or replace an extension in the @@ -238,16 +231,16 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, * * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ); +int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len); /** * \brief Free the contents of a CSR context * * \param ctx CSR context to free */ -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); +void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx); /** * \brief Write a CSR (Certificate Signing Request) to a @@ -270,9 +263,9 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ); * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #if defined(MBEDTLS_PEM_WRITE_C) /** @@ -292,12 +285,14 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s * for countermeasures against timing attacks). * ECDSA signatures always require a non-NULL f_rng. */ -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_X509_CSR_WRITE_C */ +/** \} addtogroup x509_module */ + #ifdef __cplusplus } #endif diff --git a/third_party/mbedtls/repo/include/mbedtls/xtea.h b/third_party/mbedtls/repo/include/mbedtls/xtea.h index 4bdc711fda0..b7242c74f03 100644 --- a/third_party/mbedtls/repo/include/mbedtls/xtea.h +++ b/third_party/mbedtls/repo/include/mbedtls/xtea.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_XTEA_H #define MBEDTLS_XTEA_H @@ -52,8 +40,7 @@ extern "C" { /** * \brief XTEA context structure */ -typedef struct mbedtls_xtea_context -{ +typedef struct mbedtls_xtea_context { uint32_t k[4]; /*!< key */ } mbedtls_xtea_context; @@ -67,14 +54,14 @@ mbedtls_xtea_context; * * \param ctx XTEA context to be initialized */ -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ); +void mbedtls_xtea_init(mbedtls_xtea_context *ctx); /** * \brief Clear XTEA context * * \param ctx XTEA context to be cleared */ -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); +void mbedtls_xtea_free(mbedtls_xtea_context *ctx); /** * \brief XTEA key schedule @@ -82,7 +69,7 @@ void mbedtls_xtea_free( mbedtls_xtea_context *ctx ); * \param ctx XTEA context to be initialized * \param key the secret key */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ); +void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]); /** * \brief XTEA cipher function @@ -94,10 +81,10 @@ void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] * * \return 0 if successful */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, - int mode, - const unsigned char input[8], - unsigned char output[8] ); +int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx, + int mode, + const unsigned char input[8], + unsigned char output[8]); #if defined(MBEDTLS_CIPHER_MODE_CBC) /** @@ -113,12 +100,12 @@ int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, * \return 0 if successful, * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output); +int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_SELF_TEST) @@ -128,7 +115,7 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, * * \return 0 if successful, or 1 if the test failed */ -int mbedtls_xtea_self_test( int verbose ); +int mbedtls_xtea_self_test(int verbose); #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/include/psa/crypto.h b/third_party/mbedtls/repo/include/psa/crypto.h index b0b57c3a6ba..9e70d0ce9b8 100644 --- a/third_party/mbedtls/repo/include/psa/crypto.h +++ b/third_party/mbedtls/repo/include/psa/crypto.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_H @@ -88,16 +76,16 @@ extern "C" { * initialization may have security implications, for example due to improper * seeding of the random number generator. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ psa_status_t psa_crypto_init(void); @@ -116,7 +104,7 @@ psa_status_t psa_crypto_init(void); /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_KEY_ATTRIBUTES_INIT {0} +#define PSA_KEY_ATTRIBUTES_INIT { 0 } #endif /** Return an initial value for a key attributes structure. @@ -143,8 +131,8 @@ static psa_key_attributes_t psa_key_attributes_init(void); * \param[out] attributes The attribute structure to write to. * \param key The persistent identifier for the key. */ -static void psa_set_key_id( psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t key ); +static void psa_set_key_id(psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t key); #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** Set the owner identifier of a key. @@ -161,8 +149,8 @@ static void psa_set_key_id( psa_key_attributes_t *attributes, * \param[out] attributes The attribute structure to write to. * \param owner The key owner identifier. */ -static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, - mbedtls_key_owner_id_t owner ); +static void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner); #endif /** Set the location of a persistent key. @@ -374,14 +362,14 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * On failure, equivalent to a * freshly-initialized structure. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -492,33 +480,30 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * identifier defined in \p attributes. * \c 0 on failure. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_HANDLE * \p source_key is invalid. * \retval #PSA_ERROR_ALREADY_EXISTS * This is an attempt to create a persistent key, and there is * already a persistent key with the given identifier. * \retval #PSA_ERROR_INVALID_ARGUMENT - * The lifetime or identifier in \p attributes are invalid. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The policy constraints on the source and specified in - * \p attributes are incompatible. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * The lifetime or identifier in \p attributes are invalid, or + * the policy constraints on the source and specified in + * \p attributes are incompatible, or * \p attributes specifies a key type or key size * which does not match the attributes of the source key. * \retval #PSA_ERROR_NOT_PERMITTED - * The source key does not have the #PSA_KEY_USAGE_COPY usage flag. - * \retval #PSA_ERROR_NOT_PERMITTED - * The source key is not exportable and its lifetime does not + * The source key does not have the #PSA_KEY_USAGE_COPY usage flag, or + * the source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -554,7 +539,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * \retval #PSA_ERROR_INVALID_HANDLE * \p key is not a valid identifier nor \c 0. * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * There was an failure in communication with the cryptoprocessor. + * There was a failure in communication with the cryptoprocessor. * The key material may still be present in the cryptoprocessor. * \retval #PSA_ERROR_DATA_INVALID * This error is typically a result of either storage corruption on a @@ -636,20 +621,18 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); * The key type or key size is not supported, either by the * implementation in general or in this particular persistent location. * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key attributes, as a whole, are invalid. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key data is not correctly formatted. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The size in \p attributes is nonzero and does not match the size + * The key attributes, as a whole, are invalid, or + * the key data is not correctly formatted, or + * the size in \p attributes is nonzero and does not match the size * of the key data. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -729,22 +712,22 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * \param[out] data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_EXPORT flag. - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a * sufficient buffer size by calling * #PSA_EXPORT_KEY_OUTPUT_SIZE(\c type, \c bits) * where \c type is the key type * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -804,22 +787,22 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key, * \param[out] data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is neither a public key nor a key pair. - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a * sufficient buffer size by calling * #PSA_EXPORT_KEY_OUTPUT_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) * where \c type is the key type * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -857,14 +840,13 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -896,11 +878,10 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \p alg is not supported or is not a hash algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \p input_length or \p hash_length do not match the hash size for \p alg - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -951,7 +932,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_HASH_OPERATION_INIT {0} +#define PSA_HASH_OPERATION_INIT { 0 } #endif /** Return an initial value for a hash operation object. @@ -996,14 +977,13 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \p alg is not a supported hash algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a hash algorithm. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1023,14 +1003,13 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * * \retval #PSA_SUCCESS * Success. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it muct be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1044,7 +1023,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * This function calculates the hash of the message formed by concatenating * the inputs passed to preceding calls to psa_hash_update(). * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_hash_abort(). * @@ -1066,18 +1045,17 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) * where \c alg is the hash algorithm that is calculated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1095,7 +1073,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * compares the calculated hash with the expected hash passed as a * parameter to this function. * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_hash_abort(). * @@ -1112,14 +1090,13 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The hash of the message was calculated successfully, but it * differs from the expected hash. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1143,10 +1120,10 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * * \param[in,out] operation Initialized hash operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1169,17 +1146,15 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \param[in,out] target_operation The operation object to set up. * It must be initialized but not active. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BAD_STATE - * The \p source_operation state is not valid (it must be active). + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The \p target_operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The \p source_operation state is not valid (it must be active), or + * the \p target_operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1215,18 +1190,18 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p mac_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1258,16 +1233,16 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, * \retval #PSA_ERROR_INVALID_SIGNATURE * The MAC of the message was calculated successfully, but it * differs from the expected value. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1321,7 +1296,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_MAC_OPERATION_INIT {0} +#define PSA_MAC_OPERATION_INIT { 0 } #endif /** Return an initial value for a MAC operation object. @@ -1368,22 +1343,21 @@ static psa_mac_operation_t psa_mac_operation_init(void); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1431,22 +1405,21 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE - * The key could not be retrieved from storage - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). + * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1469,15 +1442,14 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1491,7 +1463,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * This function calculates the MAC of the message formed by concatenating * the inputs passed to preceding calls to psa_mac_update(). * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_mac_abort(). * @@ -1515,19 +1487,18 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active mac sign - * operation). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_LENGTH(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be an active mac sign + * operation), or the library has not been previously initialized + * by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1545,7 +1516,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * compares the calculated MAC with the expected MAC passed as a * parameter to this function. * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_mac_abort(). * @@ -1562,16 +1533,15 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The MAC of the message was calculated successfully, but it * differs from the expected MAC. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active mac verify - * operation). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * operation), or the library has not been previously initialized + * by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1595,10 +1565,10 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * * \param[in,out] operation Initialized MAC operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1634,18 +1604,18 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1681,18 +1651,18 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1745,7 +1715,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_CIPHER_OPERATION_INIT {0} +#define PSA_CIPHER_OPERATION_INIT { 0 } #endif /** Return an initial value for a cipher operation object. @@ -1794,21 +1764,20 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1858,21 +1827,20 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1900,17 +1868,17 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with no IV set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be active, with no IV set), + * or the library has not been previously initialized + * by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1940,19 +1908,18 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active cipher - * encrypt operation, with no IV set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be an active cipher + * encrypt operation, with no IV set), or the library has not been + * previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -1983,18 +1950,17 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with an IV set - * if required for the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm), or the library has not been + * previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2016,7 +1982,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * formed by concatenating the inputs passed to preceding calls to * psa_cipher_update(). * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_cipher_abort(). * @@ -2036,18 +2002,17 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INVALID_PADDING * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with an IV set - * if required for the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, with an IV set + * if required for the algorithm), or the library has not been + * previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2072,10 +2037,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * * \param[in,out] operation Initialized cipher operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2128,23 +2093,23 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p ciphertext_size is too small. * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg, * \p plaintext_length) or * #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to * determine the required buffer size. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2199,25 +2164,25 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p plaintext_size is too small. * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg, * \p ciphertext_length) or * #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used * to determine the required buffer size. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2274,7 +2239,7 @@ typedef struct psa_aead_operation_s psa_aead_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_AEAD_OPERATION_INIT {0} +#define PSA_AEAD_OPERATION_INIT { 0 } #endif /** Return an initial value for an AEAD operation object. @@ -2330,19 +2295,19 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. @@ -2396,21 +2361,20 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive), or the + * library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2439,18 +2403,17 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active aead encrypt - * operation, with no nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p nonce buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be an active aead encrypt + * operation, with no nonce set), or the library has not been + * previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2480,18 +2443,17 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, with no nonce - * set). * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p nonce is not acceptable for the chosen algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, with no nonce + * set), or the library has not been previously initialized + * by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2525,19 +2487,18 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, and - * psa_aead_update_ad() and psa_aead_update() must not have been - * called yet). * \retval #PSA_ERROR_INVALID_ARGUMENT * At least one of the lengths is not acceptable for the chosen * algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, and + * psa_aead_update_ad() and psa_aead_update() must not have been + * called yet), or the library has not been previously initialized + * by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2573,20 +2534,19 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, have a nonce - * set, have lengths set if required by the algorithm, and - * psa_aead_update() must not have been called yet). * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input length overflows the additional data length that * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, have a nonce + * set, have lengths set if required by the algorithm, and + * psa_aead_update() must not have been called yet), or the library + * has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2651,9 +2611,6 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active, have a nonce - * set, and have lengths set if required by the algorithm). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * #PSA_AEAD_UPDATE_OUTPUT_SIZE(\c key_type, \c alg, \p input_length) or @@ -2662,17 +2619,18 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total input length overflows the plaintext length that + * specified with psa_aead_set_lengths(), or + * the total input length overflows the plaintext length that * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active, have a nonce + * set, and have lengths set if required by the algorithm), or the + * library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2697,7 +2655,7 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * preceding calls to psa_aead_update(). * - \p tag contains the authentication tag. * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_aead_abort(). * @@ -2736,9 +2694,6 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active encryption - * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p ciphertext or \p tag buffer is too small. * #PSA_AEAD_FINISH_OUTPUT_SIZE(\c key_type, \c alg) or @@ -2749,18 +2704,19 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update() so far is + * specified with psa_aead_set_lengths(), or + * the total length of input to psa_aead_update() so far is * less than the plaintext length that was previously * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be an active encryption + * operation with a nonce set), or the library has not been previously + * initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2789,7 +2745,7 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * plaintext and reports success. If the authentication tag is not correct, * this function returns #PSA_ERROR_INVALID_SIGNATURE. * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling psa_aead_abort(). * @@ -2823,9 +2779,6 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculations were successful, but the authentication tag is * not correct. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be an active decryption - * operation with a nonce set). * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p plaintext buffer is too small. * #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type, \c alg) or @@ -2834,18 +2787,19 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * The total length of input to psa_aead_update_ad() so far is * less than the additional data length that was previously - * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The total length of input to psa_aead_update() so far is + * specified with psa_aead_set_lengths(), or + * the total length of input to psa_aead_update() so far is * less than the plaintext length that was previously * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be an active decryption + * operation with a nonce set), or the library has not been previously + * initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -2872,10 +2826,10 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * * \param[in,out] operation Initialized AEAD operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2895,7 +2849,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * * \note To perform a multi-part hash-and-sign signature algorithm, first use * a multi-part hash operation and then pass the resulting hash to - * psa_sign_hash(). PSA_ALG_GET_HASH(\p alg) can be used to determine the + * psa_sign_hash(). PSA_ALG_SIGN_GET_HASH(\p alg) can be used to determine the * hash algorithm to use. * * \param[in] key Identifier of the key to use for the operation. @@ -2921,8 +2875,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \param[out] signature_length On success, the number of bytes that make up * the returned signature value. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, * or it does not permit the requested algorithm. @@ -2932,28 +2886,28 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ); +psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); /** \brief Verify the signature of a message with a public key, using * a hash-and-sign verification algorithm. @@ -2961,7 +2915,7 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, * \note To perform a multi-part hash-and-sign signature verification * algorithm, first use a multi-part hash operation to hash the message * and then pass the resulting hash to psa_verify_hash(). - * PSA_ALG_GET_HASH(\p alg) can be used to determine the hash algorithm + * PSA_ALG_SIGN_GET_HASH(\p alg) can be used to determine the hash algorithm * to use. * * \param[in] key Identifier of the key to use for the operation. @@ -2977,34 +2931,34 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, * \param[out] signature Buffer containing the signature to verify. * \param[in] signature_length Size of the \p signature buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, * or it does not permit the requested algorithm. * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed signature * is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ); +psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length); /** * \brief Sign a hash or short message with a private key. @@ -3030,23 +2984,23 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3086,18 +3040,18 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * The signature is valid. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE - * The calculation was perfomed successfully, but the passed + * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3113,7 +3067,7 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, /** * \brief Encrypt a short message with a public key. * - * \param key Identifer of the key to use for the operation. + * \param key Identifier of the key to use for the operation. * It must be a public key or an asymmetric key * pair. It must allow the usage * #PSA_KEY_USAGE_ENCRYPT. @@ -3139,23 +3093,23 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3199,24 +3153,24 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INVALID_PADDING \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3278,7 +3232,7 @@ typedef struct psa_key_derivation_s psa_key_derivation_operation_t; /* This is an example definition for documentation purposes. * Implementations should define a suitable value in `crypto_struct.h`. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0} +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 } #endif /** Return an initial value for a key derivation operation object. @@ -3332,15 +3286,14 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \c alg is not a key derivation algorithm. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid (it must be inactive), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3357,14 +3310,13 @@ psa_status_t psa_key_derivation_setup( * \param[in] operation The operation to query. * \param[out] capacity On success, the capacity of the operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active), or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3382,18 +3334,17 @@ psa_status_t psa_key_derivation_get_capacity( * It must be less or equal to the operation's * current capacity. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p capacity is larger than the operation's current capacity. * In this case, the operation object remains valid and its capacity * remains unchanged. + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * The operation state is not valid (it must be active), or the + * library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3408,7 +3359,7 @@ psa_status_t psa_key_derivation_set_capacity( * The value of the maximum possible capacity depends on the key derivation * algorithm. */ -#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t)(-1)) +#define PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ((size_t) (-1)) /** Provide an input for key derivation or key agreement. * @@ -3437,18 +3388,16 @@ psa_status_t psa_key_derivation_set_capacity( * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm, or * \c step does not allow direct inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this input \p step. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step, or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3486,22 +3435,20 @@ psa_status_t psa_key_derivation_input_bytes( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step is not compatible with the operation's algorithm. + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT + * \c step is not compatible with the operation's algorithm, or * \c step does not allow key inputs of the given type * or does not allow key inputs at all. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this input \p step. - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this input \p step, or + * the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3553,25 +3500,23 @@ psa_status_t psa_key_derivation_input_key( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_BAD_STATE - * The operation state is not valid for this key agreement \p step. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \c private_key is not compatible with \c alg, * or \p peer_key is not valid for \c alg or not compatible with - * \c private_key. + * \c private_key, or \c step does not allow an input resulting + * from a key agreement. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \c step does not allow an input resulting from a key agreement. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The operation state is not valid for this key agreement \p step, + * or the library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3599,7 +3544,7 @@ psa_status_t psa_key_derivation_key_agreement( * \param[out] output Buffer where the output will be written. * \param output_length Number of bytes to output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INSUFFICIENT_DATA * The operation's capacity was less than * \p output_length bytes. Note that in this case, @@ -3607,16 +3552,15 @@ psa_status_t psa_key_derivation_key_agreement( * The operation's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller output buffer. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed - * all required input steps). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * all required input steps), or the library has not been previously + * initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3749,19 +3693,18 @@ psa_status_t psa_key_derivation_output_bytes( * \retval #PSA_ERROR_NOT_PERMITTED * The #PSA_KEY_DERIVATION_INPUT_SECRET input was not provided through * a key. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed - * all required input steps). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE - * The library has not been previously initialized by psa_crypto_init(). + * all required input steps), or the library has not been previously + * initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ @@ -3784,10 +3727,10 @@ psa_status_t psa_key_derivation_output_key( * * \param[in,out] operation The operation to abort. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3825,11 +3768,10 @@ psa_status_t psa_key_derivation_abort( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p alg is not a key agreement algorithm + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p alg is not a key agreement algorithm, or * \p private_key is not compatible with \p alg, * or \p peer_key is not valid for \p alg or not compatible with * \p private_key. @@ -3837,11 +3779,11 @@ psa_status_t psa_key_derivation_abort( * \p output_size is too small * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not a supported key agreement algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3873,13 +3815,13 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \param[out] output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3916,17 +3858,17 @@ psa_status_t psa_generate_random(uint8_t *output, * \retval #PSA_ERROR_ALREADY_EXISTS * This is an attempt to create a persistent key, and there is * already a persistent key with the given identifier. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/third_party/mbedtls/repo/include/psa/crypto_builtin_composites.h b/third_party/mbedtls/repo/include/psa/crypto_builtin_composites.h index a875b237041..f51ee1c01f9 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_builtin_composites.h +++ b/third_party/mbedtls/repo/include/psa/crypto_builtin_composites.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H @@ -43,9 +31,14 @@ #define MBEDTLS_PSA_BUILTIN_MAC #endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) +#define MBEDTLS_PSA_BUILTIN_AEAD 1 +#endif + #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) -typedef struct -{ +typedef struct { /** The HMAC algorithm in use */ psa_algorithm_t alg; /** The hash context. */ @@ -54,16 +47,14 @@ typedef struct uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; } mbedtls_psa_hmac_operation_t; -#define MBEDTLS_PSA_HMAC_OPERATION_INIT {0, PSA_HASH_OPERATION_INIT, {0}} +#define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #include "mbedtls/cmac.h" -typedef struct -{ +typedef struct { psa_algorithm_t alg; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || defined(PSA_CRYPTO_DRIVER_TEST) mbedtls_psa_hmac_operation_t hmac; @@ -74,6 +65,6 @@ typedef struct } ctx; } mbedtls_psa_mac_operation_t; -#define MBEDTLS_PSA_MAC_OPERATION_INIT {0, {0}} +#define MBEDTLS_PSA_MAC_OPERATION_INIT { 0, { 0 } } #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_builtin_primitives.h b/third_party/mbedtls/repo/include/psa/crypto_builtin_primitives.h index 62a0e6f3704..c5f620c1022 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_builtin_primitives.h +++ b/third_party/mbedtls/repo/include/psa/crypto_builtin_primitives.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H @@ -59,11 +47,9 @@ #define MBEDTLS_PSA_BUILTIN_HASH #endif -typedef struct -{ +typedef struct { psa_algorithm_t alg; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) mbedtls_md2_context md2; @@ -81,17 +67,17 @@ typedef struct mbedtls_sha1_context sha1; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) mbedtls_sha256_context sha256; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; #endif } ctx; } mbedtls_psa_hash_operation_t; -#define MBEDTLS_PSA_HASH_OPERATION_INIT {0, {0}} +#define MBEDTLS_PSA_HASH_OPERATION_INIT { 0, { 0 } } /* * Cipher multi-part operation definitions. @@ -103,7 +89,6 @@ typedef struct defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_XTS) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) @@ -121,6 +106,6 @@ typedef struct { } ctx; } mbedtls_psa_cipher_operation_t; -#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}} +#define MBEDTLS_PSA_CIPHER_OPERATION_INIT { 0, 0, 0, { 0 } } #endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_compat.h b/third_party/mbedtls/repo/include/psa/crypto_compat.h index 09ac488398f..f014633089e 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_compat.h +++ b/third_party/mbedtls/repo/include/psa/crypto_compat.h @@ -5,26 +5,14 @@ * * This header declares alternative names for macro and functions. * New application code should not use these names. - * These names may be removed in a future version of Mbed Crypto. + * These names may be removed in a future version of Mbed TLS. * * \note This file may not be included directly. Applications must * include psa/crypto.h. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_COMPAT_H @@ -44,15 +32,15 @@ typedef mbedtls_svc_key_id_t psa_key_handle_t; #define PSA_KEY_HANDLE_INIT MBEDTLS_SVC_KEY_ID_INIT -/** Check whether an handle is null. +/** Check whether a handle is null. * * \param handle Handle * * \return Non-zero if the handle is null, zero otherwise. */ -static inline int psa_key_handle_is_null( psa_key_handle_t handle ) +static inline int psa_key_handle_is_null(psa_key_handle_t handle) { - return( mbedtls_svc_key_id_is_null( handle ) ); + return mbedtls_svc_key_id_is_null(handle); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) @@ -78,196 +66,197 @@ typedef MBEDTLS_PSA_DEPRECATED psa_algorithm_t mbedtls_deprecated_psa_algorithm_ #define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY #define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY -#define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ - ( (mbedtls_deprecated_##type) ( value ) ) +#define MBEDTLS_DEPRECATED_CONSTANT(type, value) \ + ((mbedtls_deprecated_##type) (value)) /* * Deprecated PSA Crypto error code definitions (PSA Crypto API <= 1.0 beta2) */ #define PSA_ERROR_UNKNOWN_ERROR \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_GENERIC_ERROR ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_GENERIC_ERROR) #define PSA_ERROR_OCCUPIED_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_ALREADY_EXISTS ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_ALREADY_EXISTS) #define PSA_ERROR_EMPTY_SLOT \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_DOES_NOT_EXIST ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_DOES_NOT_EXIST) #define PSA_ERROR_INSUFFICIENT_CAPACITY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_INSUFFICIENT_DATA ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_INSUFFICIENT_DATA) #define PSA_ERROR_TAMPERING_DETECTED \ - MBEDTLS_DEPRECATED_CONSTANT( psa_status_t, PSA_ERROR_CORRUPTION_DETECTED ) + MBEDTLS_DEPRECATED_CONSTANT(psa_status_t, PSA_ERROR_CORRUPTION_DETECTED) /* * Deprecated PSA Crypto numerical encodings (PSA Crypto API <= 1.0 beta3) */ #define PSA_KEY_USAGE_SIGN \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH ) + MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_SIGN_HASH) #define PSA_KEY_USAGE_VERIFY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH ) + MBEDTLS_DEPRECATED_CONSTANT(psa_key_usage_t, PSA_KEY_USAGE_VERIFY_HASH) /* * Deprecated PSA Crypto size calculation macros (PSA Crypto API <= 1.0 beta3) */ #define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGNATURE_MAX_SIZE ) -#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ) ) -#define PSA_KEY_EXPORT_MAX_SIZE( key_type, key_bits ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) ) -#define PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGNATURE_MAX_SIZE) +#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)) +#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits)) +#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_LENGTH(type)) #define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE ) -#define PSA_HASH_SIZE( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_HASH_LENGTH( alg ) ) -#define PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_MAC_LENGTH( key_type, key_bits, alg ) ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) +#define PSA_HASH_SIZE(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_HASH_LENGTH(alg)) +#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_MAC_LENGTH(key_type, key_bits, alg)) #define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ) + MBEDTLS_DEPRECATED_CONSTANT(size_t, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) /* * Deprecated PSA Crypto function names (PSA Crypto API <= 1.0 beta3) */ -MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_sign(psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { - return psa_sign_hash( key, alg, hash, hash_length, signature, signature_size, signature_length ); + return psa_sign_hash(key, alg, hash, hash_length, signature, signature_size, signature_length); } -MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key_handle_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify(psa_key_handle_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { - return psa_verify_hash( key, alg, hash, hash_length, signature, signature_length ); + return psa_verify_hash(key, alg, hash, hash_length, signature, signature_length); } /* * Size-specific elliptic curve families. */ #define PSA_ECC_CURVE_SECP160K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP192K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP224K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP256K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP160R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP192R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP224R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP256R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP384R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP521R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP160R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2) #define PSA_ECC_CURVE_SECT163K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT233K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT239K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT283K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT409K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT571K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT163R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT193R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT233R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT283R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT409R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT571R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT163R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_SECT193R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_BRAINPOOL_P256R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_BRAINPOOL_P384R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_BRAINPOOL_P512R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_CURVE25519 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) #define PSA_ECC_CURVE_CURVE448 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) /* * Curves that changed name due to PSA specification. */ #define PSA_ECC_CURVE_SECP_K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1) #define PSA_ECC_CURVE_SECP_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R1) #define PSA_ECC_CURVE_SECP_R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECP_R2) #define PSA_ECC_CURVE_SECT_K1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_K1) #define PSA_ECC_CURVE_SECT_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R1) #define PSA_ECC_CURVE_SECT_R2 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_SECT_R2) #define PSA_ECC_CURVE_BRAINPOOL_P_R1 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_BRAINPOOL_P_R1) #define PSA_ECC_CURVE_MONTGOMERY \ - MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) + MBEDTLS_DEPRECATED_CONSTANT(psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY) /* * Finite-field Diffie-Hellman families. */ #define PSA_DH_GROUP_FFDHE2048 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE3072 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE4096 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE6144 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_FFDHE8192 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) /* * Diffie-Hellman families that changed name due to PSA specification. */ #define PSA_DH_GROUP_RFC7919 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_RFC7919) #define PSA_DH_GROUP_CUSTOM \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM ) + MBEDTLS_DEPRECATED_CONSTANT(psa_dh_family_t, PSA_DH_FAMILY_CUSTOM) /* * Deprecated PSA Crypto stream cipher algorithms (PSA Crypto API <= 1.0 beta3) */ #define PSA_ALG_ARC4 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER ) + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER) #define PSA_ALG_CHACHA20 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_STREAM_CIPHER ) + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_STREAM_CIPHER) /* * Renamed AEAD tag length macros (PSA Crypto API <= 1.0 beta3) */ -#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( aead_alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( aead_alg ) ) -#define PSA_ALG_AEAD_WITH_TAG_LENGTH( aead_alg, tag_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( psa_algorithm_t, PSA_ALG_AEAD_WITH_SHORTENED_TAG( aead_alg, tag_length ) ) +#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(aead_alg) \ + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(aead_alg)) +#define PSA_ALG_AEAD_WITH_TAG_LENGTH(aead_alg, tag_length) \ + MBEDTLS_DEPRECATED_CONSTANT(psa_algorithm_t, \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, tag_length)) /* * Deprecated PSA AEAD output size macros (PSA Crypto API <= 1.0 beta3) @@ -285,11 +274,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * the ciphertext, return 0. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_TAG_LENGTH_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_TAG_LENGTH_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) ? \ + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -311,11 +300,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG( alg, plaintext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) ? \ - (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG(alg, plaintext_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) ? \ + (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** The maximum size of the output of psa_aead_decrypt(), in bytes. * @@ -337,12 +326,12 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG( alg, ciphertext_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD( alg ) && \ - (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) : \ - 0 ) +#define PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG(alg, ciphertext_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD(alg) && \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + 0) /** A sufficient output buffer size for psa_aead_update(). * @@ -368,11 +357,12 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * to emit output without delay. However, hardware may not always be * capable of this. So for modes based on a block cipher, allow the * implementation to delay the output until it has a full block. */ -#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG( alg, input_length ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_ROUND_UP_TO_MULTIPLE( PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, (input_length) ) : \ - (input_length) ) +#define PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG(alg, input_length) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \ + (input_length)) : \ + (input_length)) /** A sufficient ciphertext buffer size for psa_aead_finish(). * @@ -389,11 +379,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) +#define PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) /** A sufficient plaintext buffer size for psa_aead_verify(). * @@ -410,11 +400,11 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * specified algorithm. * If the AEAD algorithm is not recognized, return 0. */ -#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG( alg ) \ - MBEDTLS_DEPRECATED_CONSTANT( size_t, \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER( alg ) ? \ - PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ - 0 ) +#define PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG(alg) \ + MBEDTLS_DEPRECATED_CONSTANT(size_t, \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE : \ + 0) #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -468,18 +458,18 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key * permission to access it. Note that this specification does not * define any way to create such a key, but it may be possible * through implementation-specific means. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize * results in this error code. */ -psa_status_t psa_open_key( mbedtls_svc_key_id_t key, - psa_key_handle_t *handle ); +psa_status_t psa_open_key(mbedtls_svc_key_id_t key, + psa_key_handle_t *handle); /** Close a key handle. * @@ -512,8 +502,8 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, * \p handle was a valid handle or \c 0. It is now closed. * \retval #PSA_ERROR_INVALID_HANDLE * \p handle is not a valid handle nor \c 0. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/third_party/mbedtls/repo/include/psa/crypto_config.h b/third_party/mbedtls/repo/include/psa/crypto_config.h index e2446cb26c4..167ced58dee 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_config.h +++ b/third_party/mbedtls/repo/include/psa/crypto_config.h @@ -32,19 +32,7 @@ #endif /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CONFIG_H @@ -60,7 +48,6 @@ #define PSA_WANT_ALG_CMAC 1 #define PSA_WANT_ALG_CFB 1 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 -#define PSA_WANT_ALG_CMAC 1 #define PSA_WANT_ALG_CTR 1 #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 #define PSA_WANT_ALG_ECB_NO_PADDING 1 @@ -86,7 +73,9 @@ #define PSA_WANT_ALG_STREAM_CIPHER 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 -#define PSA_WANT_ALG_XTS 1 +/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. + * Note: when adding support, also adjust include/mbedtls/config_psa.h */ +//#define PSA_WANT_ALG_XTS 1 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 #define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 @@ -94,14 +83,14 @@ #define PSA_WANT_ECC_MONTGOMERY_255 1 /* * Curve448 is not yet supported via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/4249). Thus, do not enable it by + * (https://github.com/Mbed-TLS/mbedtls/issues/4249). Thus, do not enable it by * default. */ //#define PSA_WANT_ECC_MONTGOMERY_448 1 #define PSA_WANT_ECC_SECP_K1_192 1 /* * SECP224K1 is buggy via the PSA API in Mbed TLS - * (https://github.com/ARMmbed/mbedtls/issues/3541). Thus, do not enable it by + * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by * default. */ //#define PSA_WANT_ECC_SECP_K1_224 1 diff --git a/third_party/mbedtls/repo/include/psa/crypto_driver_common.h b/third_party/mbedtls/repo/include/psa/crypto_driver_common.h index 26363c6b2f3..cc11d3b9a2d 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_driver_common.h +++ b/third_party/mbedtls/repo/include/psa/crypto_driver_common.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_COMMON_H #define PSA_CRYPTO_DRIVER_COMMON_H diff --git a/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_composites.h b/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_composites.h index a7220091ea3..1e37682f1a8 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_composites.h +++ b/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_composites.h @@ -16,19 +16,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H @@ -50,25 +38,25 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) typedef libtestdriver1_mbedtls_psa_mac_operation_t - mbedtls_transparent_test_driver_mac_operation_t; + mbedtls_transparent_test_driver_mac_operation_t; typedef libtestdriver1_mbedtls_psa_mac_operation_t - mbedtls_opaque_test_driver_mac_operation_t; + mbedtls_opaque_test_driver_mac_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT #else typedef mbedtls_psa_mac_operation_t - mbedtls_transparent_test_driver_mac_operation_t; + mbedtls_transparent_test_driver_mac_operation_t; typedef mbedtls_psa_mac_operation_t - mbedtls_opaque_test_driver_mac_operation_t; + mbedtls_opaque_test_driver_mac_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \ - MBEDTLS_PSA_MAC_OPERATION_INIT + MBEDTLS_PSA_MAC_OPERATION_INIT #define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \ - MBEDTLS_PSA_MAC_OPERATION_INIT + MBEDTLS_PSA_MAC_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_primitives.h b/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_primitives.h index 2bb01ed432f..9a6db01be42 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_primitives.h +++ b/third_party/mbedtls/repo/include/psa/crypto_driver_contexts_primitives.h @@ -15,19 +15,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H @@ -50,32 +38,32 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) typedef libtestdriver1_mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; + mbedtls_transparent_test_driver_cipher_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT #else typedef mbedtls_psa_cipher_operation_t - mbedtls_transparent_test_driver_cipher_operation_t; + mbedtls_transparent_test_driver_cipher_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \ - MBEDTLS_PSA_CIPHER_OPERATION_INIT + MBEDTLS_PSA_CIPHER_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) typedef libtestdriver1_mbedtls_psa_hash_operation_t - mbedtls_transparent_test_driver_hash_operation_t; + mbedtls_transparent_test_driver_hash_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ - LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT + LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT #else typedef mbedtls_psa_hash_operation_t - mbedtls_transparent_test_driver_hash_operation_t; + mbedtls_transparent_test_driver_hash_operation_t; #define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \ - MBEDTLS_PSA_HASH_OPERATION_INIT + MBEDTLS_PSA_HASH_OPERATION_INIT #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */ @@ -85,7 +73,7 @@ typedef struct { } mbedtls_opaque_test_driver_cipher_operation_t; #define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \ - { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } + { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT } #endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_extra.h b/third_party/mbedtls/repo/include/psa/crypto_extra.h index 3ee0482cbda..a1b2af7a730 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_extra.h +++ b/third_party/mbedtls/repo/include/psa/crypto_extra.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_EXTRA_H @@ -84,7 +72,7 @@ static inline void psa_set_key_enrollment_algorithm( static inline psa_algorithm_t psa_get_key_enrollment_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg2 ); + return attributes->core.policy.alg2; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -107,13 +95,13 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( * indicates the slot number that contains it. * \retval #PSA_ERROR_NOT_PERMITTED * The caller is not permitted to query the slot number. - * Mbed Crypto currently does not return this error. + * Mbed TLS currently does not return this error. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is not located in a secure element. */ psa_status_t psa_get_key_slot_number( const psa_key_attributes_t *attributes, - psa_key_slot_number_t *slot_number ); + psa_key_slot_number_t *slot_number); /** Choose the slot number where a key is stored. * @@ -140,7 +128,7 @@ psa_status_t psa_get_key_slot_number( */ static inline void psa_set_key_slot_number( psa_key_attributes_t *attributes, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { attributes->core.flags |= MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; attributes->slot_number = slot_number; @@ -153,7 +141,7 @@ static inline void psa_set_key_slot_number( * \param[out] attributes The attribute structure to write to. */ static inline void psa_clear_key_slot_number( - psa_key_attributes_t *attributes ) + psa_key_attributes_t *attributes) { attributes->core.flags &= ~MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER; } @@ -181,21 +169,18 @@ static inline void psa_clear_key_slot_number( * support registering a key. * \retval #PSA_ERROR_INVALID_ARGUMENT * The identifier in \p attributes is invalid, namely the identifier is - * not in the user range. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * not in the user range, or * \p attributes specifies a lifetime which is not located - * in a secure element. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * No slot number is specified in \p attributes, + * in a secure element, or no slot number is specified in \p attributes, * or the specified slot number is not valid. * \retval #PSA_ERROR_NOT_PERMITTED * The caller is not authorized to register the specified key slot. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -216,16 +201,15 @@ psa_status_t mbedtls_psa_register_se_key( * * This is an Mbed TLS extension. */ -void mbedtls_psa_crypto_free( void ); +void mbedtls_psa_crypto_free(void); /** \brief Statistics about * resource consumption related to the PSA keystore. * * \note The content of this structure is not part of the stable API and ABI - * of Mbed Crypto and may change arbitrarily from version to version. + * of Mbed TLS and may change arbitrarily from version to version. */ -typedef struct mbedtls_psa_stats_s -{ +typedef struct mbedtls_psa_stats_s { /** Number of slots containing key material for a volatile key. */ size_t volatile_slots; /** Number of slots containing key material for a key which is in @@ -252,11 +236,11 @@ typedef struct mbedtls_psa_stats_s /** \brief Get statistics about * resource consumption related to the PSA keystore. * - * \note When Mbed Crypto is built as part of a service, with isolation + * \note When Mbed TLS is built as part of a service, with isolation * between the application and the keystore, the service may or * may not expose this function. */ -void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ); +void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats); /** * \brief Inject an initial entropy seed for the random generator into @@ -339,7 +323,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * string. The length of the byte string is the length of the base prime `p` * in bytes. */ -#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t)0x4002) +#define PSA_KEY_TYPE_DSA_PUBLIC_KEY ((psa_key_type_t) 0x4002) /** DSA key pair (private and public key). * @@ -348,7 +332,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * length of the byte string is the private key size in bytes (leading zeroes * are not stripped). * - * Determinstic DSA key derivation with psa_generate_derived_key follows + * Deterministic DSA key derivation with psa_generate_derived_key follows * FIPS 186-4 §B.1.2: interpret the byte string as integer * in big-endian order. Discard it if it is not in the range * [0, *N* - 2] where *N* is the boundary of the private key domain @@ -357,13 +341,13 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * Add 1 to the resulting integer and use this as the private key *x*. * */ -#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t)0x7002) +#define PSA_KEY_TYPE_DSA_KEY_PAIR ((psa_key_type_t) 0x7002) -/** Whether a key type is an DSA key (pair or public-only). */ +/** Whether a key type is a DSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_DSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY) -#define PSA_ALG_DSA_BASE ((psa_algorithm_t)0x06000400) +#define PSA_ALG_DSA_BASE ((psa_algorithm_t) 0x06000400) /** DSA signature with hashing. * * This is the signature scheme defined by FIPS 186-4, @@ -380,7 +364,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, */ #define PSA_ALG_DSA(hash_alg) \ (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t)0x06000500) +#define PSA_ALG_DETERMINISTIC_DSA_BASE ((psa_algorithm_t) 0x06000500) #define PSA_ALG_DSA_DETERMINISTIC_FLAG PSA_ALG_ECDSA_DETERMINISTIC_FLAG /** Deterministic DSA signature with hashing. * @@ -448,9 +432,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * As an exception, the public exponent 65537 is represented by an empty * byte string. * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR), - * the `Dss-Parms` format as defined by RFC 3279 §2.3.2. + * the `Dss-Params` format as defined by RFC 3279 §2.3.2. * ``` - * Dss-Parms ::= SEQUENCE { + * Dss-Params ::= SEQUENCE { * p INTEGER, * q INTEGER, * g INTEGER @@ -466,9 +450,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * g INTEGER, -- generator, g * q INTEGER, -- factor of p-1 * j INTEGER OPTIONAL, -- subgroup factor - * validationParms ValidationParms OPTIONAL + * validationParams ValidationParams OPTIONAL * } - * ValidationParms ::= SEQUENCE { + * ValidationParams ::= SEQUENCE { * seed BIT STRING, * pgenCounter INTEGER * } @@ -491,10 +475,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * according to \p type as described above. * \param data_length Size of the \p data buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, @@ -521,8 +505,8 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, * \param[out] data_length On success, the number of bytes * that make up the key domain parameters data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription */ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, @@ -587,53 +571,52 @@ psa_status_t psa_get_key_domain_parameters( * (`PSA_ECC_FAMILY_xxx`). * \return \c 0 on failure (\p grpid is not recognized). */ -static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid, - size_t *bits ) +static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits) { - switch( grpid ) - { + switch (grpid) { case MBEDTLS_ECP_DP_SECP192R1: *bits = 192; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP224R1: *bits = 224; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP256R1: *bits = 256; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP384R1: *bits = 384; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_SECP521R1: *bits = 521; - return( PSA_ECC_FAMILY_SECP_R1 ); + return PSA_ECC_FAMILY_SECP_R1; case MBEDTLS_ECP_DP_BP256R1: *bits = 256; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_BP384R1: *bits = 384; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_BP512R1: *bits = 512; - return( PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; case MBEDTLS_ECP_DP_CURVE25519: *bits = 255; - return( PSA_ECC_FAMILY_MONTGOMERY ); + return PSA_ECC_FAMILY_MONTGOMERY; case MBEDTLS_ECP_DP_SECP192K1: *bits = 192; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_SECP224K1: *bits = 224; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_SECP256K1: *bits = 256; - return( PSA_ECC_FAMILY_SECP_K1 ); + return PSA_ECC_FAMILY_SECP_K1; case MBEDTLS_ECP_DP_CURVE448: *bits = 448; - return( PSA_ECC_FAMILY_MONTGOMERY ); + return PSA_ECC_FAMILY_MONTGOMERY; default: *bits = 0; - return( 0 ); + return 0; } } @@ -656,9 +639,9 @@ static inline psa_ecc_family_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id gr * \return #MBEDTLS_ECP_DP_NONE if \p bits is not * correct for \p curve. */ -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy ); +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy); #endif /* MBEDTLS_ECP_C */ /**@}*/ @@ -709,7 +692,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, */ psa_status_t mbedtls_psa_external_get_random( mbedtls_psa_external_random_context_t *context, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ /**@}*/ @@ -729,14 +712,14 @@ psa_status_t mbedtls_psa_external_get_random( * This value is part of the library's ABI since changing it would invalidate * the values of built-in key identifiers in applications. */ -#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t)0x7fff0000) +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ((psa_key_id_t) 0x7fff0000) /** The maximum value for a key identifier that is built into the * implementation. * * See #MBEDTLS_PSA_KEY_ID_BUILTIN_MIN for more information. */ -#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t)0x7fffefff) +#define MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ((psa_key_id_t) 0x7fffefff) /** A slot number identifying a key in a driver. * @@ -754,10 +737,10 @@ typedef uint64_t psa_drv_slot_number_t; * \retval 0 * The key identifier is not a builtin key identifier. */ -static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) +static inline int psa_key_id_is_builtin(psa_key_id_t key_id) { - return( ( key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN ) && - ( key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX ) ); + return (key_id >= MBEDTLS_PSA_KEY_ID_BUILTIN_MIN) && + (key_id <= MBEDTLS_PSA_KEY_ID_BUILTIN_MAX); } /** Platform function to obtain the location and slot number of a built-in key. @@ -807,7 +790,7 @@ static inline int psa_key_id_is_builtin( psa_key_id_t key_id ) psa_status_t mbedtls_psa_platform_get_builtin_key( mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, - psa_drv_slot_number_t *slot_number ); + psa_drv_slot_number_t *slot_number); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ /** @} */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_platform.h b/third_party/mbedtls/repo/include/psa/crypto_platform.h index 66f46879305..ab6f1e84464 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_platform.h +++ b/third_party/mbedtls/repo/include/psa/crypto_platform.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_PLATFORM_H @@ -48,7 +36,7 @@ /* PSA requires several types which C99 provides in stdint.h. */ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline #endif @@ -60,8 +48,8 @@ * * The function psa_its_identifier_of_slot() in psa_crypto_storage.c that * translates a key identifier to a key storage file name assumes that - * mbedtls_key_owner_id_t is an 32 bits integer. This function thus needs - * reworking if mbedtls_key_owner_id_t is not defined as a 32 bits integer + * mbedtls_key_owner_id_t is a 32-bit integer. This function thus needs + * reworking if mbedtls_key_owner_id_t is not defined as a 32-bit integer * here anymore. */ typedef int32_t mbedtls_key_owner_id_t; @@ -73,10 +61,10 @@ typedef int32_t mbedtls_key_owner_id_t; * * \return Non-zero if the two key owner identifiers are equal, zero otherwise. */ -static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, - mbedtls_key_owner_id_t id2 ) +static inline int mbedtls_key_owner_id_equal(mbedtls_key_owner_id_t id1, + mbedtls_key_owner_id_t id2) { - return( id1 == id2 ); + return id1 == id2; } #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ diff --git a/third_party/mbedtls/repo/include/psa/crypto_se_driver.h b/third_party/mbedtls/repo/include/psa/crypto_se_driver.h index 1dc8f9b5c40..616850f55bf 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_se_driver.h +++ b/third_party/mbedtls/repo/include/psa/crypto_se_driver.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_DRIVER_H #define PSA_CRYPTO_SE_DRIVER_H @@ -137,7 +125,7 @@ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, psa_key_location_t location); #if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C) -/* Mbed Crypto with secure element support enabled defines this type in +/* Mbed TLS with secure element support enabled defines this type in * crypto_types.h because it is also visible to applications through an * implementation-specific extension. * For the PSA Cryptography specification, this type is only visible @@ -225,7 +213,7 @@ typedef psa_status_t (*psa_drv_se_mac_finish_t)(void *op_context, * operation by comparing the resulting MAC against a provided value * * \param[in,out] op_context A hardware-specific structure for the previously - * started MAC operation to be fiinished + * started MAC operation to be finished * \param[in] p_mac The MAC value against which the resulting MAC * will be compared against * \param[in] mac_length The size in bytes of the value stored in `p_mac` @@ -322,7 +310,7 @@ typedef psa_status_t (*psa_drv_se_mac_verify_t)(psa_drv_se_context_t *drv_contex typedef struct { /**The size in bytes of the hardware-specific secure element MAC context * structure - */ + */ size_t context_size; /** Function that performs a MAC setup operation */ @@ -336,7 +324,7 @@ typedef struct { /** Function that completes a MAC operation with a verify check */ psa_drv_se_mac_finish_verify_t p_finish_verify; - /** Function that aborts a previoustly started MAC operation + /** Function that aborts a previously started MAC operation */ psa_drv_se_mac_abort_t p_abort; /** Function that performs a MAC operation in one call @@ -384,8 +372,8 @@ typedef struct { * \param[in] direction Indicates whether the operation is an encrypt * or decrypt * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -394,7 +382,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont psa_encrypt_or_decrypt_t direction); /** \brief A function that sets the initialization vector (if - * necessary) for an secure element cipher operation + * necessary) for a secure element cipher operation * * Rationale: The `psa_se_cipher_*` operation in the PSA Cryptographic API has * two IV functions: one to set the IV, and one to generate it internally. The @@ -406,7 +394,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont * \param[in] p_iv A buffer containing the initialization vector * \param[in] iv_length The size (in bytes) of the `p_iv` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, const uint8_t *p_iv, @@ -428,7 +416,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, const uint8_t *p_input, @@ -449,7 +437,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context, uint8_t *p_output, @@ -484,8 +472,8 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context); * \param[in] output_size The allocated size in bytes of the `p_output` * buffer * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -553,7 +541,7 @@ typedef struct { * \param[out] p_signature_length On success, the number of bytes * that make up the returned signature value * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -617,7 +605,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv * \param[out] p_output_length On success, the number of bytes that make up * the returned output * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -657,7 +645,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *dr * \param[out] p_output_length On success, the number of bytes * that make up the returned output * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -745,7 +733,7 @@ typedef psa_status_t (*psa_drv_se_aead_encrypt_t)(psa_drv_se_context_t *drv_cont size_t ciphertext_size, size_t *p_ciphertext_length); -/** A function that peforms a secure element authenticated decryption operation +/** A function that performs a secure element authenticated decryption operation * * \param[in,out] drv_context The driver context structure. * \param[in] key_slot Slot containing the key to use @@ -814,8 +802,7 @@ typedef struct { /** An enumeration indicating how a key is created. */ -typedef enum -{ +typedef enum { PSA_KEY_CREATION_IMPORT, /**< During psa_import_key() */ PSA_KEY_CREATION_GENERATE, /**< During psa_generate_key() */ PSA_KEY_CREATION_DERIVE, /**< During psa_key_derivation_output_key() */ @@ -837,7 +824,7 @@ typedef enum * and #PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there * is no key with the specified slot number. * - * This is an Mbed Crypto extension. + * This is an Mbed TLS extension. */ PSA_KEY_CREATION_REGISTER, #endif @@ -904,8 +891,8 @@ typedef enum * Success. * The core will record \c *key_slot as the key slot where the key * is stored and will update the persistent data in storage. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription */ typedef psa_status_t (*psa_drv_se_allocate_key_t)( psa_drv_se_context_t *drv_context, @@ -1043,13 +1030,13 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)( * \param[out] p_data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key, @@ -1156,7 +1143,7 @@ typedef struct { * * Different key derivation algorithms require a different number of inputs. * Instead of having an API that takes as input variable length arrays, which - * can be problemmatic to manage on embedded platforms, the inputs are passed + * can be problematic to manage on embedded platforms, the inputs are passed * to the driver via a function, `psa_drv_se_key_derivation_collateral`, that * is called multiple times with different `collateral_id`s. Thus, for a key * derivation algorithm that required 3 parameter inputs, the flow would look @@ -1196,7 +1183,7 @@ typedef struct { * \param[in] source_key The key to be used as the source material for * the key derivation * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -1216,7 +1203,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t * * \param[in] p_collateral A buffer containing the collateral data * \param[in] collateral_size The size in bytes of the collateral * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, uint32_t collateral_id, @@ -1231,10 +1218,10 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, * \param[in] dest_key The slot where the generated key material * should be placed * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, - psa_key_slot_number_t dest_key); + psa_key_slot_number_t dest_key); /** \brief A function that performs the final step of a secure element key * agreement and place the generated key material in a buffer @@ -1245,7 +1232,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, * \param[out] p_output_length Upon success, contains the number of bytes of * key material placed in `p_output` * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context, uint8_t *p_output, @@ -1270,7 +1257,7 @@ typedef struct { psa_drv_se_key_derivation_collateral_t p_collateral; /** Function that performs a final key derivation step */ psa_drv_se_key_derivation_derive_t p_derive; - /** Function that perforsm a final key derivation or agreement and + /** Function that performs a final key derivation or agreement and * exports the key */ psa_drv_se_key_derivation_export_t p_export; } psa_drv_se_key_derivation_t; diff --git a/third_party/mbedtls/repo/include/psa/crypto_sizes.h b/third_party/mbedtls/repo/include/psa/crypto_sizes.h index e2ae5965d4f..43f2f7b1f0b 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_sizes.h +++ b/third_party/mbedtls/repo/include/psa/crypto_sizes.h @@ -22,19 +22,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SIZES_H @@ -275,7 +263,7 @@ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - ((void)(key_type), (void)(key_bits), 0)) + ((void) (key_type), (void) (key_bits), 0)) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -358,8 +346,8 @@ */ #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ - (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ + (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ + (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ 0) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the @@ -381,7 +369,7 @@ * */ #define PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(ciphertext_length) \ - (ciphertext_length) + (ciphertext_length) /** The default nonce size for an AEAD algorithm, in bytes. * @@ -410,11 +398,11 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ - 0 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ + 0 : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ 0) /** The maximum default nonce size among all supported pairs of key types and @@ -462,9 +450,9 @@ * implementation to delay the output until it has a full block. */ #define PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ - (input_length) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ + (input_length) : \ 0) /** A sufficient output buffer size for psa_aead_update(), for any of the @@ -503,8 +491,8 @@ */ #define PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the @@ -537,8 +525,8 @@ */ #define PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ - PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ - PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ 0) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the @@ -590,9 +578,9 @@ * return value is unspecified. */ #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ - (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - ((void)alg, 0)) + ((void) alg, 0)) #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) @@ -636,7 +624,7 @@ */ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ - ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \ + ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ 0) /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any @@ -716,7 +704,7 @@ (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) /* Maximum size of the export encoding of an RSA key pair. - * Assumes thatthe public exponent is less than 2^32 and that the size + * Assumes that the public exponent is less than 2^32 and that the size * difference between the two primes is at most 1 bit. * * RSAPrivateKey ::= SEQUENCE { @@ -747,7 +735,7 @@ * subjectPublicKey BIT STRING } -- contains DSAPublicKey * AlgorithmIdentifier ::= SEQUENCE { * algorithm OBJECT IDENTIFIER, - * parameters Dss-Parms } -- SEQUENCE of 3 INTEGERs + * parameters Dss-Params } -- SEQUENCE of 3 INTEGERs * DSAPublicKey ::= INTEGER -- public key, Y * * - 3 * 4 bytes of SEQUENCE overhead; @@ -991,14 +979,14 @@ */ #define PSA_CIPHER_IV_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1 && \ - ((alg) == PSA_ALG_CTR || \ - (alg) == PSA_ALG_CFB || \ - (alg) == PSA_ALG_OFB || \ - (alg) == PSA_ALG_XTS || \ - (alg) == PSA_ALG_CBC_NO_PADDING || \ - (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ + ((alg) == PSA_ALG_CTR || \ + (alg) == PSA_ALG_CFB || \ + (alg) == PSA_ALG_OFB || \ + (alg) == PSA_ALG_XTS || \ + (alg) == PSA_ALG_CBC_NO_PADDING || \ + (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ + (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ 0) /** The maximum IV size for all supported cipher algorithms, in bytes. @@ -1033,12 +1021,12 @@ #define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ (alg == PSA_ALG_CBC_PKCS7 ? \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ - (input_length) + 1) + \ - PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + (input_length) + 1) + \ + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ (PSA_ALG_IS_CIPHER(alg) ? \ (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ - 0)) + 0)) /** A sufficient output buffer size for psa_cipher_encrypt(), for any of the * supported key types and cipher algorithms. @@ -1114,13 +1102,13 @@ */ #define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ (PSA_ALG_IS_CIPHER(alg) ? \ - (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - (((alg) == PSA_ALG_CBC_PKCS7 || \ - (alg) == PSA_ALG_CBC_NO_PADDING || \ - (alg) == PSA_ALG_ECB_NO_PADDING) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ + (((alg) == PSA_ALG_CBC_PKCS7 || \ + (alg) == PSA_ALG_CBC_NO_PADDING || \ + (alg) == PSA_ALG_ECB_NO_PADDING) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ input_length) : \ - (input_length)) : 0) : \ + (input_length)) : 0) : \ 0) /** A sufficient output buffer size for psa_cipher_update(), for any of the diff --git a/third_party/mbedtls/repo/include/psa/crypto_struct.h b/third_party/mbedtls/repo/include/psa/crypto_struct.h index 23a02a5d8ef..213625fd6dc 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_struct.h +++ b/third_party/mbedtls/repo/include/psa/crypto_struct.h @@ -35,27 +35,15 @@ * GCC and Clang initialize the whole structure to 0 (at the time of writing), * but MSVC and CompCert don't. * - * In Mbed Crypto, multipart operation structures live independently from - * the key. This allows Mbed Crypto to free the key objects when destroying + * In Mbed TLS, multipart operation structures live independently from + * the key. This allows Mbed TLS to free the key objects when destroying * a key slot. If a multipart operation needs to remember the key after * the setup function returns, the operation structure needs to contain a * copy of the key. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STRUCT_H @@ -80,8 +68,7 @@ extern "C" { * algorithms. */ #include "psa/crypto_driver_contexts_primitives.h" -struct psa_hash_operation_s -{ +struct psa_hash_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -92,15 +79,14 @@ struct psa_hash_operation_s psa_driver_hash_context_t ctx; }; -#define PSA_HASH_OPERATION_INIT {0, {0}} -static inline struct psa_hash_operation_s psa_hash_operation_init( void ) +#define PSA_HASH_OPERATION_INIT { 0, { 0 } } +static inline struct psa_hash_operation_s psa_hash_operation_init(void) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; - return( v ); + return v; } -struct psa_cipher_operation_s -{ +struct psa_cipher_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -117,19 +103,18 @@ struct psa_cipher_operation_s psa_driver_cipher_context_t ctx; }; -#define PSA_CIPHER_OPERATION_INIT {0, 0, 0, 0, {0}} -static inline struct psa_cipher_operation_s psa_cipher_operation_init( void ) +#define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } +static inline struct psa_cipher_operation_s psa_cipher_operation_init(void) { const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; - return( v ); + return v; } /* Include the context definition for the compiled-in drivers for the composite * algorithms. */ #include "psa/crypto_driver_contexts_composites.h" -struct psa_mac_operation_s -{ +struct psa_mac_operation_s { /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -142,37 +127,34 @@ struct psa_mac_operation_s psa_driver_mac_context_t ctx; }; -#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_mac_operation_s psa_mac_operation_init( void ) +#define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } +static inline struct psa_mac_operation_s psa_mac_operation_init(void) { const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; - return( v ); + return v; } -struct psa_aead_operation_s -{ +struct psa_aead_operation_s { psa_algorithm_t alg; unsigned int key_set : 1; unsigned int iv_set : 1; uint8_t iv_size; uint8_t block_size; - union - { + union { unsigned dummy; /* Enable easier initializing of the union. */ mbedtls_cipher_context_t cipher; } ctx; }; -#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, {0}} -static inline struct psa_aead_operation_s psa_aead_operation_init( void ) +#define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, { 0 } } +static inline struct psa_aead_operation_s psa_aead_operation_init(void) { const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; - return( v ); + return v; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) -typedef struct -{ +typedef struct { uint8_t *info; size_t info_length; #if PSA_HASH_MAX_SIZE > 0xff @@ -190,8 +172,7 @@ typedef struct #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) -typedef enum -{ +typedef enum { PSA_TLS12_PRF_STATE_INIT, /* no input provided */ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */ @@ -199,8 +180,7 @@ typedef enum PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ } psa_tls12_prf_key_derivation_state_t; -typedef struct psa_tls12_prf_key_derivation_s -{ +typedef struct psa_tls12_prf_key_derivation_s { #if PSA_HASH_MAX_SIZE > 0xff #error "PSA_HASH_MAX_SIZE does not fit in uint8_t" #endif @@ -229,46 +209,43 @@ typedef struct psa_tls12_prf_key_derivation_s #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ -struct psa_key_derivation_s -{ +struct psa_key_derivation_s { psa_algorithm_t alg; unsigned int can_output_key : 1; size_t capacity; - union - { + union { /* Make the union non-empty even with no supported algorithms. */ uint8_t dummy; #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) psa_hkdf_key_derivation_t hkdf; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) psa_tls12_prf_key_derivation_t tls12_prf; #endif } ctx; }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ -#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, 0, {0}} -static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void ) +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } +static inline struct psa_key_derivation_s psa_key_derivation_operation_init(void) { const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT; - return( v ); + return v; } -struct psa_key_policy_s -{ +struct psa_key_policy_s { psa_key_usage_t usage; psa_algorithm_t alg; psa_algorithm_t alg2; }; typedef struct psa_key_policy_s psa_key_policy_t; -#define PSA_KEY_POLICY_INIT {0, 0, 0} -static inline struct psa_key_policy_s psa_key_policy_init( void ) +#define PSA_KEY_POLICY_INIT { 0, 0, 0 } +static inline struct psa_key_policy_s psa_key_policy_init(void) { const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT; - return( v ); + return v; } /* The type used internally for key sizes. @@ -276,7 +253,7 @@ static inline struct psa_key_policy_s psa_key_policy_init( void ) typedef uint16_t psa_key_bits_t; /* The maximum value of the type used to represent bit-sizes. * This is used to mark an invalid key size. */ -#define PSA_KEY_BITS_TOO_LARGE ( (psa_key_bits_t) ( -1 ) ) +#define PSA_KEY_BITS_TOO_LARGE ((psa_key_bits_t) (-1)) /* The maximum size of a key in bits. * Currently defined as the maximum that can be represented, rounded down * to a whole number of bytes. @@ -294,21 +271,20 @@ typedef uint16_t psa_key_bits_t; typedef uint16_t psa_key_attributes_flag_t; #define MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER \ - ( (psa_key_attributes_flag_t) 0x0001 ) + ((psa_key_attributes_flag_t) 0x0001) /* A mask of key attribute flags used externally only. * Only meant for internal checks inside the library. */ #define MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ( \ MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER | \ - 0 ) + 0) /* A mask of key attribute flags used both internally and externally. * Currently there aren't any. */ #define MBEDTLS_PSA_KA_MASK_DUAL_USE ( \ - 0 ) + 0) -typedef struct -{ +typedef struct { psa_key_type_t type; psa_key_bits_t bits; psa_key_lifetime_t lifetime; @@ -317,10 +293,10 @@ typedef struct psa_key_attributes_flag_t flags; } psa_core_key_attributes_t; -#define PSA_CORE_KEY_ATTRIBUTES_INIT {PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0} +#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, PSA_KEY_LIFETIME_VOLATILE, \ + MBEDTLS_SVC_KEY_ID_INIT, PSA_KEY_POLICY_INIT, 0 } -struct psa_key_attributes_s -{ +struct psa_key_attributes_s { psa_core_key_attributes_t core; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_key_slot_number_t slot_number; @@ -330,42 +306,41 @@ struct psa_key_attributes_s }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 } #else -#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0} +#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #endif -static inline struct psa_key_attributes_s psa_key_attributes_init( void ) +static inline struct psa_key_attributes_s psa_key_attributes_init(void) { const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT; - return( v ); + return v; } -static inline void psa_set_key_id( psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t key ) +static inline void psa_set_key_id(psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t key) { psa_key_lifetime_t lifetime = attributes->core.lifetime; attributes->core.id = key; - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { attributes->core.lifetime = PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_LIFETIME_PERSISTENT, - PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) ); + PSA_KEY_LIFETIME_GET_LOCATION(lifetime)); } } static inline mbedtls_svc_key_id_t psa_get_key_id( const psa_key_attributes_t *attributes) { - return( attributes->core.id ); + return attributes->core.id; } #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER -static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, - mbedtls_key_owner_id_t owner ) +static inline void mbedtls_set_key_owner_id(psa_key_attributes_t *attributes, + mbedtls_key_owner_id_t owner) { attributes->core.id.owner = owner; } @@ -375,8 +350,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, psa_key_lifetime_t lifetime) { attributes->core.lifetime = lifetime; - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER attributes->core.id.key_id = 0; #else @@ -388,29 +362,31 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, static inline psa_key_lifetime_t psa_get_key_lifetime( const psa_key_attributes_t *attributes) { - return( attributes->core.lifetime ); + return attributes->core.lifetime; } -static inline void psa_extend_key_usage_flags( psa_key_usage_t *usage_flags ) +static inline void psa_extend_key_usage_flags(psa_key_usage_t *usage_flags) { - if( *usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + if (*usage_flags & PSA_KEY_USAGE_SIGN_HASH) { *usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE; + } - if( *usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + if (*usage_flags & PSA_KEY_USAGE_VERIFY_HASH) { *usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } } static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes, psa_key_usage_t usage_flags) { - psa_extend_key_usage_flags( &usage_flags ); + psa_extend_key_usage_flags(&usage_flags); attributes->core.policy.usage = usage_flags; } static inline psa_key_usage_t psa_get_key_usage_flags( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.usage ); + return attributes->core.policy.usage; } static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, @@ -422,7 +398,7 @@ static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes, static inline psa_algorithm_t psa_get_key_algorithm( const psa_key_attributes_t *attributes) { - return( attributes->core.policy.alg ); + return attributes->core.policy.alg; } /* This function is declared in crypto_extra.h, which comes after this @@ -435,40 +411,38 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) { - if( attributes->domain_parameters == NULL ) - { + if (attributes->domain_parameters == NULL) { /* Common case: quick path */ attributes->core.type = type; - } - else - { - /* Call the bigger function to free the old domain paramteres. + } else { + /* Call the bigger function to free the old domain parameters. * Ignore any errors which may arise due to type requiring * non-default domain parameters, since this function can't * report errors. */ - (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 ); + (void) psa_set_key_domain_parameters(attributes, type, NULL, 0); } } static inline psa_key_type_t psa_get_key_type( const psa_key_attributes_t *attributes) { - return( attributes->core.type ); + return attributes->core.type; } static inline void psa_set_key_bits(psa_key_attributes_t *attributes, size_t bits) { - if( bits > PSA_MAX_KEY_BITS ) + if (bits > PSA_MAX_KEY_BITS) { attributes->core.bits = PSA_KEY_BITS_TOO_LARGE; - else + } else { attributes->core.bits = (psa_key_bits_t) bits; + } } static inline size_t psa_get_key_bits( const psa_key_attributes_t *attributes) { - return( attributes->core.bits ); + return attributes->core.bits; } #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/include/psa/crypto_types.h b/third_party/mbedtls/repo/include/psa/crypto_types.h index 386c7d794b4..90cda1afc8c 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_types.h +++ b/third_party/mbedtls/repo/include/psa/crypto_types.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TYPES_H @@ -69,10 +57,21 @@ typedef int32_t psa_status_t; */ /** \brief Encoding of a key type. + * + * Values of this type are generally constructed by macros called + * `PSA_KEY_TYPE_xxx`. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint16_t psa_key_type_t; /** The type of PSA elliptic curve family identifiers. + * + * Values of this type are generally constructed by macros called + * `PSA_ECC_FAMILY_xxx`. * * The curve identifier is required to create an ECC key using the * PSA_KEY_TYPE_ECC_KEY_PAIR() or PSA_KEY_TYPE_ECC_PUBLIC_KEY() @@ -80,27 +79,48 @@ typedef uint16_t psa_key_type_t; * * Values defined by this standard will never be in the range 0x80-0xff. * Vendors who define additional families must use an encoding in this range. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint8_t psa_ecc_family_t; /** The type of PSA Diffie-Hellman group family identifiers. * - * The group identifier is required to create an Diffie-Hellman key using the + * Values of this type are generally constructed by macros called + * `PSA_DH_FAMILY_xxx`. + * + * The group identifier is required to create a Diffie-Hellman key using the * PSA_KEY_TYPE_DH_KEY_PAIR() or PSA_KEY_TYPE_DH_PUBLIC_KEY() * macros. * * Values defined by this standard will never be in the range 0x80-0xff. * Vendors who define additional families must use an encoding in this range. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint8_t psa_dh_family_t; /** \brief Encoding of a cryptographic algorithm. + * + * Values of this type are generally constructed by macros called + * `PSA_ALG_xxx`. * * For algorithms that can be applied to multiple key types, this type * does not encode the key type. For example, for symmetric ciphers * based on a block cipher, #psa_algorithm_t encodes the block cipher * mode and the padding mode while the block cipher itself is encoded * via #psa_key_type_t. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint32_t psa_algorithm_t; @@ -142,6 +162,14 @@ typedef uint32_t psa_algorithm_t; * #PSA_KEY_LIFETIME_PERSISTENT is supported if persistent storage is * available. Other lifetime values may be supported depending on the * library configuration. + * + * Values of this type are generally constructed by macros called + * `PSA_KEY_LIFETIME_xxx`. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint32_t psa_key_lifetime_t; @@ -173,6 +201,11 @@ typedef uint32_t psa_key_lifetime_t; * \note Key persistence levels are 8-bit values. Key management * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which * encode the persistence as the lower 8 bits of a 32-bit value. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint8_t psa_key_persistence_t; @@ -209,6 +242,11 @@ typedef uint8_t psa_key_persistence_t; * \note Key location indicators are 24-bit values. Key management * interfaces operate on lifetimes (type ::psa_key_lifetime_t) which * encode the location as the upper 24 bits of a 32-bit value. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. */ typedef uint32_t psa_key_location_t; @@ -220,20 +258,37 @@ typedef uint32_t psa_key_location_t; * #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX. * - 0 is reserved as an invalid key identifier. * - Key identifiers outside these ranges are reserved for future use. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to how values are allocated must require careful + * consideration to allow backward compatibility. */ typedef uint32_t psa_key_id_t; +/** Encoding of key identifiers as seen inside the PSA Crypto implementation. + * + * When PSA Crypto is built as a library inside an application, this type + * is identical to #psa_key_id_t. When PSA Crypto is built as a service + * that can store keys on behalf of multiple clients, this type + * encodes the #psa_key_id_t value seen by each client application as + * well as extra information that identifies the client that owns + * the key. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. + */ #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) typedef psa_key_id_t mbedtls_svc_key_id_t; #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -/* Implementation-specific: The Mbed Cryptography library can be built as - * part of a multi-client service that exposes the PSA Cryptograpy API in each +/* Implementation-specific: The Mbed TLS library can be built as + * part of a multi-client service that exposes the PSA Cryptography API in each * client and encodes the client identity in the key identifier argument of * functions such as psa_open_key(). */ -typedef struct -{ +typedef struct { psa_key_id_t key_id; mbedtls_key_owner_id_t owner; } mbedtls_svc_key_id_t; @@ -246,7 +301,16 @@ typedef struct * @{ */ -/** \brief Encoding of permitted usage on a key. */ +/** \brief Encoding of permitted usage on a key. + * + * Values of this type are generally constructed as bitwise-ors of macros + * called `PSA_KEY_USAGE_xxx`. + * + * \note Values of this type are encoded in the persistent key store. + * Any changes to existing values will require bumping the storage + * format version and providing a translation when reading the old + * format. + */ typedef uint32_t psa_key_usage_t; /**@}*/ @@ -361,7 +425,7 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; #ifndef __DOXYGEN_ONLY__ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -/* Mbed Crypto defines this type in crypto_types.h because it is also +/* Mbed TLS defines this type in crypto_types.h because it is also * visible to applications through an implementation-specific extension. * For the PSA Cryptography specification, this type is only visible * via crypto_se_driver.h. */ @@ -375,7 +439,11 @@ typedef uint64_t psa_key_slot_number_t; * @{ */ -/** \brief Encoding of the step of a key derivation. */ +/** \brief Encoding of the step of a key derivation. + * + * Values of this type are generally constructed by macros called + * `PSA_KEY_DERIVATION_INPUT_xxx`. + */ typedef uint16_t psa_key_derivation_step_t; /**@}*/ diff --git a/third_party/mbedtls/repo/include/psa/crypto_values.h b/third_party/mbedtls/repo/include/psa/crypto_values.h index fafe93cf9ba..c25fda63ec2 100644 --- a/third_party/mbedtls/repo/include/psa/crypto_values.h +++ b/third_party/mbedtls/repo/include/psa/crypto_values.h @@ -12,23 +12,16 @@ * designations of cryptographic algorithms, and error codes returned by * the library. * + * Note that many of the constants defined in this file are embedded in + * the persistent key store, as part of key metadata (including usage + * policies). As a consequence, they must not be changed (unless the storage + * format version changes). + * * This header file only defines preprocessor macros. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_VALUES_H @@ -40,6 +33,25 @@ /* PSA error codes */ +/* Error codes are standardized across PSA domains (framework, crypto, storage, + * etc.). Do not change the values in this section or even the expansions + * of each macro: it must be possible to `#include` both this header + * and some other PSA component's headers in the same C source, + * which will lead to duplicate definitions of the `PSA_SUCCESS` and + * `PSA_ERROR_xxx` macros, which is ok if and only if the macros expand + * to the same sequence of tokens. + * + * If you must add a new + * value, check with the Arm PSA framework group to pick one that other + * domains aren't already using. */ + +/* Tell uncrustify not to touch the constant definitions, otherwise + * it might change the spacing to something that is not PSA-compliant + * (e.g. adding a space after casts). + * + * *INDENT-OFF* + */ + /** The action was completed successfully. */ #define PSA_SUCCESS ((psa_status_t)0) @@ -310,17 +322,25 @@ */ #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153) +/* *INDENT-ON* */ + /**@}*/ /** \defgroup crypto_types Key and algorithm types * @{ */ +/* Note that key type values, including ECC family and DH group values, are + * embedded in the persistent key store, as part of key metadata. As a + * consequence, they must not be changed (unless the storage format version + * changes). + */ + /** An invalid key type value. * * Zero is not the encoding of any key type. */ -#define PSA_KEY_TYPE_NONE ((psa_key_type_t)0x0000) +#define PSA_KEY_TYPE_NONE ((psa_key_type_t) 0x0000) /** Vendor-defined key type flag. * @@ -329,15 +349,15 @@ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should * respect the bitwise structure used by standard encodings whenever practical. */ -#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x8000) +#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t) 0x8000) -#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x7000) -#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t)0x1000) -#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x2000) -#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t)0x4000) -#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t)0x7000) +#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t) 0x7000) +#define PSA_KEY_TYPE_CATEGORY_RAW ((psa_key_type_t) 0x1000) +#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t) 0x2000) +#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY ((psa_key_type_t) 0x4000) +#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR ((psa_key_type_t) 0x7000) -#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t)0x3000) +#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR ((psa_key_type_t) 0x3000) /** Whether a key type is vendor-defined. * @@ -395,7 +415,7 @@ * * A "key" of this type cannot be used for any cryptographic operation. * Applications may use this type to store arbitrary data in the keystore. */ -#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x1001) +#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t) 0x1001) /** HMAC key. * @@ -405,25 +425,25 @@ * HMAC keys should generally have the same size as the underlying hash. * This size can be calculated with #PSA_HASH_LENGTH(\c alg) where * \c alg is the HMAC algorithm or the underlying hash algorithm. */ -#define PSA_KEY_TYPE_HMAC ((psa_key_type_t)0x1100) +#define PSA_KEY_TYPE_HMAC ((psa_key_type_t) 0x1100) /** A secret for key derivation. * * The key policy determines which key derivation algorithm the key * can be used for. */ -#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x1200) +#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t) 0x1200) /** Key for a cipher, AEAD or MAC algorithm based on the AES block cipher. * * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or * 32 bytes (AES-256). */ -#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x2400) +#define PSA_KEY_TYPE_AES ((psa_key_type_t) 0x2400) /** Key for a cipher, AEAD or MAC algorithm based on the * ARIA block cipher. */ -#define PSA_KEY_TYPE_ARIA ((psa_key_type_t)0x2406) +#define PSA_KEY_TYPE_ARIA ((psa_key_type_t) 0x2406) /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES). * @@ -434,17 +454,17 @@ * deprecated and should only be used to decrypt legacy data. 3-key 3DES * is weak and deprecated and should only be used in legacy protocols. */ -#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x2301) +#define PSA_KEY_TYPE_DES ((psa_key_type_t) 0x2301) /** Key for a cipher, AEAD or MAC algorithm based on the * Camellia block cipher. */ -#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403) +#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t) 0x2403) -/** Key for the RC4 stream cipher. +/** Key for the ARC4 stream cipher (also known as RC4 or ARCFOUR). * - * Note that RC4 is weak and deprecated and should only be used in + * Note that ARC4 is weak and deprecated and should only be used in * legacy protocols. */ -#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002) +#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t) 0x2002) /** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm. * @@ -453,25 +473,25 @@ * Implementations must support 12-byte nonces, may support 8-byte nonces, * and should reject other sizes. */ -#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) +#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t) 0x2004) /** RSA public key. * * The size of an RSA key is the bit size of the modulus. */ -#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x4001) +#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t) 0x4001) /** RSA key pair (private and public key). * * The size of an RSA key is the bit size of the modulus. */ -#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t)0x7001) +#define PSA_KEY_TYPE_RSA_KEY_PAIR ((psa_key_type_t) 0x7001) /** Whether a key type is an RSA key (pair or public-only). */ #define PSA_KEY_TYPE_IS_RSA(type) \ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY) -#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x4100) -#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t)0x7100) -#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x00ff) +#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4100) +#define PSA_KEY_TYPE_ECC_KEY_PAIR_BASE ((psa_key_type_t) 0x7100) +#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t) 0x00ff) /** Elliptic curve key pair. * * The size of an elliptic curve key is the bit size associated with the curve, @@ -511,8 +531,8 @@ /** Extract the curve from an elliptic curve key type. */ #define PSA_KEY_TYPE_ECC_GET_FAMILY(type) \ ((psa_ecc_family_t) (PSA_KEY_TYPE_IS_ECC(type) ? \ - ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ - 0)) + ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \ + 0)) /** SEC Koblitz curves over prime fields. * @@ -603,9 +623,9 @@ */ #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42) -#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t)0x4200) -#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t)0x7200) -#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) +#define PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE ((psa_key_type_t) 0x4200) +#define PSA_KEY_TYPE_DH_KEY_PAIR_BASE ((psa_key_type_t) 0x7200) +#define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t) 0x00ff) /** Diffie-Hellman key pair. * * \param group A value of type ::psa_dh_family_t that identifies the @@ -637,8 +657,8 @@ /** Extract the group from a Diffie-Hellman key type. */ #define PSA_KEY_TYPE_DH_GET_FAMILY(type) \ ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \ - ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ - 0)) + ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ + 0)) /** Diffie-Hellman groups defined in RFC 7919 Appendix A. * @@ -671,7 +691,12 @@ #define PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) \ (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ 1u << PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) : \ - 0u) + 0u) + +/* Note that algorithm values are embedded in the persistent key store, + * as part of key metadata. As a consequence, they must not be changed + * (unless the storage format version changes). + */ /** Vendor-defined algorithm flag. * @@ -680,17 +705,17 @@ * the #PSA_ALG_VENDOR_FLAG bit set and should respect the bitwise structure * used by standard encodings whenever practical. */ -#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t)0x80000000) +#define PSA_ALG_VENDOR_FLAG ((psa_algorithm_t) 0x80000000) -#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t)0x7f000000) -#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x02000000) -#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t)0x03000000) -#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t)0x04000000) -#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t)0x05000000) -#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t)0x06000000) -#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x07000000) -#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t)0x08000000) -#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t)0x09000000) +#define PSA_ALG_CATEGORY_MASK ((psa_algorithm_t) 0x7f000000) +#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t) 0x02000000) +#define PSA_ALG_CATEGORY_MAC ((psa_algorithm_t) 0x03000000) +#define PSA_ALG_CATEGORY_CIPHER ((psa_algorithm_t) 0x04000000) +#define PSA_ALG_CATEGORY_AEAD ((psa_algorithm_t) 0x05000000) +#define PSA_ALG_CATEGORY_SIGN ((psa_algorithm_t) 0x06000000) +#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t) 0x07000000) +#define PSA_ALG_CATEGORY_KEY_DERIVATION ((psa_algorithm_t) 0x08000000) +#define PSA_ALG_CATEGORY_KEY_AGREEMENT ((psa_algorithm_t) 0x09000000) /** Whether an algorithm is vendor-defined. * @@ -791,46 +816,48 @@ (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION) /** An invalid algorithm identifier value. */ +/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */ #define PSA_ALG_NONE ((psa_algorithm_t)0) +/* *INDENT-ON* */ -#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff) +#define PSA_ALG_HASH_MASK ((psa_algorithm_t) 0x000000ff) /** MD2 */ -#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001) +#define PSA_ALG_MD2 ((psa_algorithm_t) 0x02000001) /** MD4 */ -#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002) +#define PSA_ALG_MD4 ((psa_algorithm_t) 0x02000002) /** MD5 */ -#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003) +#define PSA_ALG_MD5 ((psa_algorithm_t) 0x02000003) /** PSA_ALG_RIPEMD160 */ -#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x02000004) +#define PSA_ALG_RIPEMD160 ((psa_algorithm_t) 0x02000004) /** SHA1 */ -#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x02000005) +#define PSA_ALG_SHA_1 ((psa_algorithm_t) 0x02000005) /** SHA2-224 */ -#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x02000008) +#define PSA_ALG_SHA_224 ((psa_algorithm_t) 0x02000008) /** SHA2-256 */ -#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x02000009) +#define PSA_ALG_SHA_256 ((psa_algorithm_t) 0x02000009) /** SHA2-384 */ -#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0200000a) +#define PSA_ALG_SHA_384 ((psa_algorithm_t) 0x0200000a) /** SHA2-512 */ -#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0200000b) +#define PSA_ALG_SHA_512 ((psa_algorithm_t) 0x0200000b) /** SHA2-512/224 */ -#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0200000c) +#define PSA_ALG_SHA_512_224 ((psa_algorithm_t) 0x0200000c) /** SHA2-512/256 */ -#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0200000d) +#define PSA_ALG_SHA_512_256 ((psa_algorithm_t) 0x0200000d) /** SHA3-224 */ -#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x02000010) +#define PSA_ALG_SHA3_224 ((psa_algorithm_t) 0x02000010) /** SHA3-256 */ -#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x02000011) +#define PSA_ALG_SHA3_256 ((psa_algorithm_t) 0x02000011) /** SHA3-384 */ -#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x02000012) +#define PSA_ALG_SHA3_384 ((psa_algorithm_t) 0x02000012) /** SHA3-512 */ -#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x02000013) +#define PSA_ALG_SHA3_512 ((psa_algorithm_t) 0x02000013) /** The first 512 bits (64 bytes) of the SHAKE256 output. * * This is the prehashing for Ed448ph (see #PSA_ALG_ED448PH). For other * scenarios where a hash function based on SHA3/SHAKE is desired, SHA3-512 * has the same output size and a (theoretically) higher security strength. */ -#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t)0x02000015) +#define PSA_ALG_SHAKE256_512 ((psa_algorithm_t) 0x02000015) /** In a hash-and-sign algorithm policy, allow any hash algorithm. * @@ -865,10 +892,10 @@ * This value may not be used to build an algorithm specification to * perform an operation. It is only valid to build policies. */ -#define PSA_ALG_ANY_HASH ((psa_algorithm_t)0x020000ff) +#define PSA_ALG_ANY_HASH ((psa_algorithm_t) 0x020000ff) -#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t)0x00c00000) -#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x03800000) +#define PSA_ALG_MAC_SUBCATEGORY_MASK ((psa_algorithm_t) 0x00c00000) +#define PSA_ALG_HMAC_BASE ((psa_algorithm_t) 0x03800000) /** Macro to build an HMAC algorithm. * * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256. @@ -907,7 +934,7 @@ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation * to full length is correctly encoded as 0 and any non-trivial truncation * is correctly encoded as a value between 1 and 63. */ -#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_ALG_MAC_TRUNCATION_MASK ((psa_algorithm_t) 0x003f0000) #define PSA_MAC_TRUNCATION_OFFSET 16 /* In the encoding of a MAC algorithm, the bit corresponding to @@ -916,7 +943,7 @@ * algorithm policy can be used with any algorithm corresponding to the * same base class and having a (potentially truncated) MAC length greater or * equal than the one encoded in #PSA_ALG_MAC_TRUNCATION_MASK. */ -#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) +#define PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000) /** Macro to build a truncated MAC algorithm. * @@ -1011,18 +1038,18 @@ * too large for the specified MAC algorithm. */ #define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \ - ( PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ - PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) + (PSA_ALG_TRUNCATED_MAC(mac_alg, min_mac_length) | \ + PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) -#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x03c00000) +#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t) 0x03c00000) /** The CBC-MAC construction over a block cipher * * \warning CBC-MAC is insecure in many cases. * A more secure mode, such as #PSA_ALG_CMAC, is recommended. */ -#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100) +#define PSA_ALG_CBC_MAC ((psa_algorithm_t) 0x03c00100) /** The CMAC construction over a block cipher */ -#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200) +#define PSA_ALG_CMAC ((psa_algorithm_t) 0x03c00200) /** Whether the specified algorithm is a MAC algorithm based on a block cipher. * @@ -1036,8 +1063,8 @@ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \ PSA_ALG_CIPHER_MAC_BASE) -#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t)0x00800000) -#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_CIPHER_STREAM_FLAG ((psa_algorithm_t) 0x00800000) +#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000) /** Whether the specified algorithm is a stream cipher. * @@ -1053,7 +1080,7 @@ */ #define PSA_ALG_IS_STREAM_CIPHER(alg) \ (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \ - (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) + (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG)) /** The stream cipher mode of a stream cipher algorithm. * @@ -1061,7 +1088,7 @@ * - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20. * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4. */ -#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100) +#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t) 0x04800100) /** The CTR stream cipher mode. * @@ -1070,19 +1097,19 @@ * For example, to use AES-128-CTR, use this algorithm with * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes). */ -#define PSA_ALG_CTR ((psa_algorithm_t)0x04c01000) +#define PSA_ALG_CTR ((psa_algorithm_t) 0x04c01000) /** The CFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CFB ((psa_algorithm_t)0x04c01100) +#define PSA_ALG_CFB ((psa_algorithm_t) 0x04c01100) /** The OFB stream cipher mode. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_OFB ((psa_algorithm_t)0x04c01200) +#define PSA_ALG_OFB ((psa_algorithm_t) 0x04c01200) /** The XTS cipher mode. * @@ -1090,7 +1117,7 @@ * least one full block of input, but beyond this minimum the input * does not need to be a whole number of blocks. */ -#define PSA_ALG_XTS ((psa_algorithm_t)0x0440ff00) +#define PSA_ALG_XTS ((psa_algorithm_t) 0x0440ff00) /** The Electronic Code Book (ECB) mode of a block cipher, with no padding. * @@ -1110,7 +1137,7 @@ * multi-part cipher operation with this algorithm, psa_cipher_generate_iv() * and psa_cipher_set_iv() must not be called. */ -#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t)0x04404400) +#define PSA_ALG_ECB_NO_PADDING ((psa_algorithm_t) 0x04404400) /** The CBC block cipher chaining mode, with no padding. * @@ -1119,7 +1146,7 @@ * This symmetric cipher mode can only be used with messages whose lengths * are whole number of blocks for the chosen block cipher. */ -#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t)0x04404000) +#define PSA_ALG_CBC_NO_PADDING ((psa_algorithm_t) 0x04404000) /** The CBC block cipher chaining mode with PKCS#7 padding. * @@ -1127,9 +1154,9 @@ * * This is the padding method defined by PKCS#7 (RFC 2315) §10.3. */ -#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t)0x04404100) +#define PSA_ALG_CBC_PKCS7 ((psa_algorithm_t) 0x04404100) -#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t)0x00400000) +#define PSA_ALG_AEAD_FROM_BLOCK_FLAG ((psa_algorithm_t) 0x00400000) /** Whether the specified algorithm is an AEAD mode on a block cipher. * @@ -1148,13 +1175,13 @@ * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_CCM ((psa_algorithm_t)0x05500100) +#define PSA_ALG_CCM ((psa_algorithm_t) 0x05500100) /** The GCM authenticated encryption algorithm. * * The underlying block cipher is determined by the key type. */ -#define PSA_ALG_GCM ((psa_algorithm_t)0x05500200) +#define PSA_ALG_GCM ((psa_algorithm_t) 0x05500200) /** The Chacha20-Poly1305 AEAD algorithm. * @@ -1165,13 +1192,13 @@ * * Implementations must support 16-byte tags and should reject other sizes. */ -#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t)0x05100500) +#define PSA_ALG_CHACHA20_POLY1305 ((psa_algorithm_t) 0x05100500) -/* In the encoding of a AEAD algorithm, the bits corresponding to +/* In the encoding of an AEAD algorithm, the bits corresponding to * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag. * The constants for default lengths follow this encoding. */ -#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t)0x003f0000) +#define PSA_ALG_AEAD_TAG_LENGTH_MASK ((psa_algorithm_t) 0x003f0000) #define PSA_AEAD_TAG_LENGTH_OFFSET 16 /* In the encoding of an AEAD algorithm, the bit corresponding to @@ -1180,7 +1207,7 @@ * algorithm policy can be used with any algorithm corresponding to the * same base class and having a tag length greater than or equal to the one * encoded in #PSA_ALG_AEAD_TAG_LENGTH_MASK. */ -#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t)0x00008000) +#define PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ((psa_algorithm_t) 0x00008000) /** Macro to build a shortened AEAD algorithm. * @@ -1204,7 +1231,7 @@ (((aead_alg) & ~(PSA_ALG_AEAD_TAG_LENGTH_MASK | \ PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG)) | \ ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET & \ - PSA_ALG_AEAD_TAG_LENGTH_MASK)) + PSA_ALG_AEAD_TAG_LENGTH_MASK)) /** Retrieve the tag length of a specified AEAD algorithm * @@ -1218,7 +1245,7 @@ */ #define PSA_ALG_AEAD_GET_TAG_LENGTH(aead_alg) \ (((aead_alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> \ - PSA_AEAD_TAG_LENGTH_OFFSET ) + PSA_AEAD_TAG_LENGTH_OFFSET) /** Calculate the corresponding AEAD algorithm with the default tag length. * @@ -1264,10 +1291,10 @@ * or too large for the specified AEAD algorithm. */ #define PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(aead_alg, min_tag_length) \ - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ - PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(aead_alg, min_tag_length) | \ + PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) -#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x06000200) +#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t) 0x06000200) /** RSA PKCS#1 v1.5 signature with hashing. * * This is the signature scheme defined by RFC 8017 @@ -1295,16 +1322,18 @@ #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE) -#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t)0x06000300) -#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t)0x06001300) +#define PSA_ALG_RSA_PSS_BASE ((psa_algorithm_t) 0x06000300) +#define PSA_ALG_RSA_PSS_ANY_SALT_BASE ((psa_algorithm_t) 0x06001300) /** RSA PSS signature with hashing. * * This is the signature scheme defined by RFC 8017 * (PKCS#1: RSA Cryptography Specifications) under the name * RSASSA-PSS, with the message generation function MGF1, and with - * a salt length equal to the length of the hash. The specified - * hash algorithm is used to hash the input message, to create the - * salted hash, and for the mask generation. + * a salt length equal to the length of the hash, or the largest + * possible salt length for the algorithm and key size if that is + * smaller than the hash length. The specified hash algorithm is + * used to hash the input message, to create the salted hash, and + * for the mask generation. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_HASH(\p hash_alg) is true). @@ -1383,14 +1412,14 @@ (PSA_ALG_IS_RSA_PSS_STANDARD_SALT(alg) || \ PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) -#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x06000600) +#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t) 0x06000600) /** ECDSA signature with hashing. * * This is the ECDSA signature scheme defined by ANSI X9.62, * with a random per-message secret number (*k*). * * The representation of the signature as a byte string consists of - * the concatentation of the signature values *r* and *s*. Each of + * the concatenation of the signature values *r* and *s*. Each of * *r* and *s* is encoded as an *N*-octet string, where *N* is the length * of the base point of the curve in octets. Each value is represented * in big-endian order (most significant octet first). @@ -1416,7 +1445,7 @@ * the curve size. */ #define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE -#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t)0x06000700) +#define PSA_ALG_DETERMINISTIC_ECDSA_BASE ((psa_algorithm_t) 0x06000700) /** Deterministic ECDSA signature with hashing. * * This is the deterministic ECDSA signature scheme defined by RFC 6979. @@ -1441,7 +1470,7 @@ */ #define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg) \ (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t)0x00000100) +#define PSA_ALG_ECDSA_DETERMINISTIC_FLAG ((psa_algorithm_t) 0x00000100) #define PSA_ALG_IS_ECDSA(alg) \ (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_ECDSA_DETERMINISTIC_FLAG) == \ PSA_ALG_ECDSA_BASE) @@ -1480,9 +1509,9 @@ * RFC 8032 §5.1.6 and §5.2.6 (a 64-byte string for Ed25519, a 114-byte * string for Ed448). */ -#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t)0x06000800) +#define PSA_ALG_PURE_EDDSA ((psa_algorithm_t) 0x06000800) -#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t)0x06000900) +#define PSA_ALG_HASH_EDDSA_BASE ((psa_algorithm_t) 0x06000900) #define PSA_ALG_IS_HASH_EDDSA(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HASH_EDDSA_BASE) @@ -1574,7 +1603,7 @@ * supported algorithm identifier. */ #define PSA_ALG_IS_SIGN_MESSAGE(alg) \ - (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA ) + (PSA_ALG_IS_SIGN_HASH(alg) || (alg) == PSA_ALG_PURE_EDDSA) /** Whether the specified algorithm is a hash-and-sign algorithm. * @@ -1630,10 +1659,17 @@ 0) /** RSA PKCS#1 v1.5 encryption. + * + * \warning Calling psa_asymmetric_decrypt() with this algorithm as a + * parameter is considered an inherently dangerous function + * (CWE-242). Unless it is used in a side channel free and safe + * way (eg. implementing the TLS protocol as per 7.4.7.1 of + * RFC 5246), the calling code is vulnerable. + * */ -#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x07000200) +#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200) -#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t)0x07000300) +#define PSA_ALG_RSA_OAEP_BASE ((psa_algorithm_t) 0x07000300) /** RSA OAEP encryption. * * This is the encryption scheme defined by RFC 8017 @@ -1657,10 +1693,10 @@ ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH : \ 0) -#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x08000100) +#define PSA_ALG_HKDF_BASE ((psa_algorithm_t) 0x08000100) /** Macro to build an HKDF algorithm. * - * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256. + * For example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)` is HKDF using HMAC-SHA-256. * * This key derivation algorithm uses the following inputs: * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step. @@ -1696,7 +1732,7 @@ #define PSA_ALG_HKDF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t)0x08000200) +#define PSA_ALG_TLS12_PRF_BASE ((psa_algorithm_t) 0x08000200) /** Macro to build a TLS-1.2 PRF algorithm. * * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule, @@ -1713,7 +1749,7 @@ * concatenation of ServerHello.Random + ClientHello.Random, * and the label is "key expansion". * - * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the + * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)` represents the * TLS 1.2 PRF using HMAC-SHA-256. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that @@ -1739,7 +1775,7 @@ #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x08000300) +#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t) 0x08000300) /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm. * * In a pure-PSK handshake in TLS 1.2, the master secret is derived @@ -1759,7 +1795,7 @@ * ClientHello.Random + ServerHello.Random, * and the label is "master secret" or "extended master secret". * - * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the + * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)` represents the * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256. * * \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that @@ -1785,8 +1821,8 @@ #define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) -#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) -#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000) +#define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff) +#define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000) /** Macro to build a combined algorithm that chains a key agreement with * a key derivation. @@ -1839,7 +1875,7 @@ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p` * in bits. */ -#define PSA_ALG_FFDH ((psa_algorithm_t)0x09010000) +#define PSA_ALG_FFDH ((psa_algorithm_t) 0x09010000) /** Whether the specified algorithm is a finite field Diffie-Hellman algorithm. * @@ -1881,7 +1917,7 @@ * in big-endian byte order. * The bit size is `m` for the field `F_{2^m}`. */ -#define PSA_ALG_ECDH ((psa_algorithm_t)0x09020000) +#define PSA_ALG_ECDH ((psa_algorithm_t) 0x09020000) /** Whether the specified algorithm is an elliptic curve Diffie-Hellman * algorithm. @@ -1928,6 +1964,11 @@ * @{ */ +/* Note that location and persistence level values are embedded in the + * persistent key store, as part of key metadata. As a consequence, they + * must not be changed (unless the storage format version changes). + */ + /** The default lifetime for volatile keys. * * A volatile key only exists as long as the identifier to it is not destroyed. @@ -1939,7 +1980,7 @@ * it must release all the resources associated with the key and erase the * key material if the calling application terminates. */ -#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000) +#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t) 0x00000000) /** The default lifetime for persistent keys. * @@ -1953,31 +1994,31 @@ * application. Integrations of Mbed TLS may support other persistent lifetimes. * See ::psa_key_lifetime_t for more information. */ -#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) +#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t) 0x00000001) /** The persistence level of volatile keys. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) +#define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t) 0x00) /** The default persistence level for persistent keys. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) +#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t) 0x01) /** A persistence level indicating that a key is never destroyed. * * See ::psa_key_persistence_t for more information. */ -#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) +#define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t) 0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ - ((psa_key_persistence_t)((lifetime) & 0x000000ff)) + ((psa_key_persistence_t) ((lifetime) & 0x000000ff)) #define PSA_KEY_LIFETIME_GET_LOCATION(lifetime) \ - ((psa_key_location_t)((lifetime) >> 8)) + ((psa_key_location_t) ((lifetime) >> 8)) /** Whether a key lifetime indicates that the key is volatile. * @@ -2039,32 +2080,39 @@ * * See ::psa_key_location_t for more information. */ -#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) +#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t) 0x000000) + +#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t) 0x800000) -#define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) +/* Note that key identifier values are embedded in the + * persistent key store, as part of key metadata. As a consequence, they + * must not be changed (unless the storage format version changes). + */ /** The null key identifier. */ +/* *INDENT-OFF* (https://github.com/ARM-software/psa-arch-tests/issues/337) */ #define PSA_KEY_ID_NULL ((psa_key_id_t)0) +/* *INDENT-ON* */ /** The minimum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001) +#define PSA_KEY_ID_USER_MIN ((psa_key_id_t) 0x00000001) /** The maximum value for a key identifier chosen by the application. */ -#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff) +#define PSA_KEY_ID_USER_MAX ((psa_key_id_t) 0x3fffffff) /** The minimum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000) +#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t) 0x40000000) /** The maximum value for a key identifier chosen by the implementation. */ -#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff) +#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t) 0x7fffffff) #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -#define MBEDTLS_SVC_KEY_ID_INIT ( (psa_key_id_t)0 ) -#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( id ) -#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( 0 ) +#define MBEDTLS_SVC_KEY_ID_INIT ((psa_key_id_t) 0) +#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) (id) +#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) (0) /** Utility to initialize a key identifier at runtime. * @@ -2072,11 +2120,11 @@ * \param key_id Identifier of the key. */ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( - unsigned int unused, psa_key_id_t key_id ) + unsigned int unused, psa_key_id_t key_id) { - (void)unused; + (void) unused; - return( key_id ); + return key_id; } /** Compare two key identifiers. @@ -2086,10 +2134,10 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( * * \return Non-zero if the two key identifier are equal, zero otherwise. */ -static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, - mbedtls_svc_key_id_t id2 ) +static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, + mbedtls_svc_key_id_t id2) { - return( id1 == id2 ); + return id1 == id2; } /** Check whether a key identifier is null. @@ -2098,16 +2146,16 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, * * \return Non-zero if the key identifier is null, zero otherwise. */ -static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key) { - return( key == 0 ); + return key == 0; } #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -#define MBEDTLS_SVC_KEY_ID_INIT ( (mbedtls_svc_key_id_t){ 0, 0 } ) -#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ( ( id ).key_id ) -#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( id ) ( ( id ).owner ) +#define MBEDTLS_SVC_KEY_ID_INIT ((mbedtls_svc_key_id_t){ 0, 0 }) +#define MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) ((id).key_id) +#define MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(id) ((id).owner) /** Utility to initialize a key identifier at runtime. * @@ -2115,10 +2163,10 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * \param key_id Identifier of the key. */ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( - mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) + mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id) { - return( (mbedtls_svc_key_id_t){ .key_id = key_id, - .owner = owner_id } ); + return (mbedtls_svc_key_id_t){ .key_id = key_id, + .owner = owner_id }; } /** Compare two key identifiers. @@ -2128,11 +2176,11 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( * * \return Non-zero if the two key identifier are equal, zero otherwise. */ -static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, - mbedtls_svc_key_id_t id2 ) +static inline int mbedtls_svc_key_id_equal(mbedtls_svc_key_id_t id1, + mbedtls_svc_key_id_t id2) { - return( ( id1.key_id == id2.key_id ) && - mbedtls_key_owner_id_equal( id1.owner, id2.owner ) ); + return (id1.key_id == id2.key_id) && + mbedtls_key_owner_id_equal(id1.owner, id2.owner); } /** Check whether a key identifier is null. @@ -2141,9 +2189,9 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, * * \return Non-zero if the key identifier is null, zero otherwise. */ -static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) +static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key) { - return( key.key_id == 0 ); + return key.key_id == 0; } #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ @@ -2154,6 +2202,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * @{ */ +/* Note that key usage flags are embedded in the + * persistent key store, as part of key metadata. As a consequence, they + * must not be changed (unless the storage format version changes). + */ + /** Whether the key may be exported. * * A public key or the public part of a key pair may always be exported @@ -2165,7 +2218,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * The key may however be exportable in a wrapped form, i.e. in a form * where it is encrypted by another key. */ -#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) +#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t) 0x00000001) /** Whether the key may be copied. * @@ -2181,7 +2234,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * #PSA_KEY_LIFETIME_PERSISTENT, the usage flag #PSA_KEY_USAGE_COPY * is sufficient to permit the copy. */ -#define PSA_KEY_USAGE_COPY ((psa_key_usage_t)0x00000002) +#define PSA_KEY_USAGE_COPY ((psa_key_usage_t) 0x00000002) /** Whether the key may be used to encrypt a message. * @@ -2192,7 +2245,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100) +#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t) 0x00000100) /** Whether the key may be used to decrypt a message. * @@ -2203,7 +2256,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t) 0x00000200) /** Whether the key may be used to sign a message. * @@ -2213,7 +2266,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400) +#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t) 0x00000400) /** Whether the key may be used to verify a message. * @@ -2223,7 +2276,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800) +#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t) 0x00000800) /** Whether the key may be used to sign a message. * @@ -2233,7 +2286,7 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the private key. */ -#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t)0x00001000) +#define PSA_KEY_USAGE_SIGN_HASH ((psa_key_usage_t) 0x00001000) /** Whether the key may be used to verify a message signature. * @@ -2243,11 +2296,11 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * * For a key pair, this concerns the public key. */ -#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t)0x00002000) +#define PSA_KEY_USAGE_VERIFY_HASH ((psa_key_usage_t) 0x00002000) /** Whether the key may be used to derive other keys. */ -#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00004000) +#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t) 0x00004000) /**@}*/ @@ -2255,6 +2308,9 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * @{ */ +/* Key input steps are not embedded in the persistent storage, so you can + * change them if needed: it's only an ABI change. */ + /** A secret input for key derivation. * * This should be a key of type #PSA_KEY_TYPE_DERIVE @@ -2267,35 +2323,35 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) * may not be used to derive keys: the operation will only allow * psa_key_derivation_output_bytes(), not psa_key_derivation_output_key(). */ -#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101) +#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t) 0x0101) /** A label for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201) +#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t) 0x0201) /** A salt for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202) +#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t) 0x0202) /** An information string for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203) +#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t) 0x0203) /** A seed for key derivation. * * This should be a direct input. * It can also be a key of type #PSA_KEY_TYPE_RAW_DATA. */ -#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t)0x0204) +#define PSA_KEY_DERIVATION_INPUT_SEED ((psa_key_derivation_step_t) 0x0204) /**@}*/ diff --git a/third_party/mbedtls/repo/library/.gitignore b/third_party/mbedtls/repo/library/.gitignore index 3a63a63a43f..9aa632210ae 100644 --- a/third_party/mbedtls/repo/library/.gitignore +++ b/third_party/mbedtls/repo/library/.gitignore @@ -1,4 +1,3 @@ -*.o libmbed* *.sln *.vcxproj diff --git a/third_party/mbedtls/repo/library/CMakeLists.txt b/third_party/mbedtls/repo/library/CMakeLists.txt index 0a600674db4..1b2980dbc6b 100644 --- a/third_party/mbedtls/repo/library/CMakeLists.txt +++ b/third_party/mbedtls/repo/library/CMakeLists.txt @@ -1,7 +1,7 @@ -option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) -option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) -option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) -option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF) +option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) +option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without @@ -202,16 +202,17 @@ if(USE_STATIC_MBEDTLS_LIBRARY) endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) + set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.0 SOVERSION 7) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.28.7 SOVERSION 7) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.0 SOVERSION 1) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.28.7 SOVERSION 1) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.0 SOVERSION 14) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.28.7 SOVERSION 14) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) @@ -228,6 +229,15 @@ foreach(target IN LISTS target_libraries) PRIVATE ${thirdparty_inc}) target_compile_definitions(${target} PRIVATE ${thirdparty_def}) + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() install(TARGETS ${target} DESTINATION ${LIB_INSTALL_DIR} PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/third_party/mbedtls/repo/library/Makefile b/third_party/mbedtls/repo/library/Makefile index 54b0651dc48..b011e887369 100644 --- a/third_party/mbedtls/repo/library/Makefile +++ b/third_party/mbedtls/repo/library/Makefile @@ -186,7 +186,15 @@ else all: shared static endif +ifdef TEST_TIMING_ALT_IMPL +OBJS_CRYPTO += external_timing_for_test.o +external_timing_for_test.o: ../tests/src/external_timing/external_timing_for_test.c + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< +endif + static: libmbedcrypto.a libmbedx509.a libmbedtls.a + cd ../tests && echo "This is a seedfile that contains 64 bytes (65 on Windows)......" > seedfile shared: libmbedcrypto.$(DLEXT) libmbedx509.$(DLEXT) libmbedtls.$(DLEXT) diff --git a/third_party/mbedtls/repo/library/aes.c b/third_party/mbedtls/repo/library/aes.c index 31824e75cf5..24d7ab92fbd 100644 --- a/third_party/mbedtls/repo/library/aes.c +++ b/third_party/mbedtls/repo/library/aes.c @@ -2,24 +2,12 @@ * FIPS-197 compliant AES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. * - * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf + * https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf */ @@ -40,25 +28,17 @@ #include "mbedtls/aesni.h" #endif -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_AES_ALT) /* Parameter validation macros based on platform_util.h */ -#define AES_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA ) -#define AES_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define AES_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA) +#define AES_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#if defined(MBEDTLS_PADLOCK_C) && \ - ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) ) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) static int aes_padlock_ace = -1; #endif @@ -66,6 +46,8 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -101,99 +83,105 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables */ #define FT \ \ - V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \ - V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \ - V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \ - V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \ - V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \ - V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \ - V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \ - V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \ - V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \ - V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \ - V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \ - V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \ - V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \ - V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \ - V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \ - V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \ - V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \ - V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \ - V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \ - V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \ - V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \ - V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \ - V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \ - V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \ - V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \ - V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \ - V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \ - V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \ - V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \ - V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \ - V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \ - V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \ - V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \ - V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \ - V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \ - V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \ - V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \ - V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \ - V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \ - V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \ - V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \ - V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \ - V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \ - V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \ - V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \ - V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \ - V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \ - V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \ - V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \ - V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \ - V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \ - V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \ - V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \ - V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \ - V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \ - V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \ - V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \ - V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \ - V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \ - V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \ - V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \ - V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \ - V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \ - V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C) - -#define V(a,b,c,d) 0x##a##b##c##d + V(A5, 63, 63, C6), V(84, 7C, 7C, F8), V(99, 77, 77, EE), V(8D, 7B, 7B, F6), \ + V(0D, F2, F2, FF), V(BD, 6B, 6B, D6), V(B1, 6F, 6F, DE), V(54, C5, C5, 91), \ + V(50, 30, 30, 60), V(03, 01, 01, 02), V(A9, 67, 67, CE), V(7D, 2B, 2B, 56), \ + V(19, FE, FE, E7), V(62, D7, D7, B5), V(E6, AB, AB, 4D), V(9A, 76, 76, EC), \ + V(45, CA, CA, 8F), V(9D, 82, 82, 1F), V(40, C9, C9, 89), V(87, 7D, 7D, FA), \ + V(15, FA, FA, EF), V(EB, 59, 59, B2), V(C9, 47, 47, 8E), V(0B, F0, F0, FB), \ + V(EC, AD, AD, 41), V(67, D4, D4, B3), V(FD, A2, A2, 5F), V(EA, AF, AF, 45), \ + V(BF, 9C, 9C, 23), V(F7, A4, A4, 53), V(96, 72, 72, E4), V(5B, C0, C0, 9B), \ + V(C2, B7, B7, 75), V(1C, FD, FD, E1), V(AE, 93, 93, 3D), V(6A, 26, 26, 4C), \ + V(5A, 36, 36, 6C), V(41, 3F, 3F, 7E), V(02, F7, F7, F5), V(4F, CC, CC, 83), \ + V(5C, 34, 34, 68), V(F4, A5, A5, 51), V(34, E5, E5, D1), V(08, F1, F1, F9), \ + V(93, 71, 71, E2), V(73, D8, D8, AB), V(53, 31, 31, 62), V(3F, 15, 15, 2A), \ + V(0C, 04, 04, 08), V(52, C7, C7, 95), V(65, 23, 23, 46), V(5E, C3, C3, 9D), \ + V(28, 18, 18, 30), V(A1, 96, 96, 37), V(0F, 05, 05, 0A), V(B5, 9A, 9A, 2F), \ + V(09, 07, 07, 0E), V(36, 12, 12, 24), V(9B, 80, 80, 1B), V(3D, E2, E2, DF), \ + V(26, EB, EB, CD), V(69, 27, 27, 4E), V(CD, B2, B2, 7F), V(9F, 75, 75, EA), \ + V(1B, 09, 09, 12), V(9E, 83, 83, 1D), V(74, 2C, 2C, 58), V(2E, 1A, 1A, 34), \ + V(2D, 1B, 1B, 36), V(B2, 6E, 6E, DC), V(EE, 5A, 5A, B4), V(FB, A0, A0, 5B), \ + V(F6, 52, 52, A4), V(4D, 3B, 3B, 76), V(61, D6, D6, B7), V(CE, B3, B3, 7D), \ + V(7B, 29, 29, 52), V(3E, E3, E3, DD), V(71, 2F, 2F, 5E), V(97, 84, 84, 13), \ + V(F5, 53, 53, A6), V(68, D1, D1, B9), V(00, 00, 00, 00), V(2C, ED, ED, C1), \ + V(60, 20, 20, 40), V(1F, FC, FC, E3), V(C8, B1, B1, 79), V(ED, 5B, 5B, B6), \ + V(BE, 6A, 6A, D4), V(46, CB, CB, 8D), V(D9, BE, BE, 67), V(4B, 39, 39, 72), \ + V(DE, 4A, 4A, 94), V(D4, 4C, 4C, 98), V(E8, 58, 58, B0), V(4A, CF, CF, 85), \ + V(6B, D0, D0, BB), V(2A, EF, EF, C5), V(E5, AA, AA, 4F), V(16, FB, FB, ED), \ + V(C5, 43, 43, 86), V(D7, 4D, 4D, 9A), V(55, 33, 33, 66), V(94, 85, 85, 11), \ + V(CF, 45, 45, 8A), V(10, F9, F9, E9), V(06, 02, 02, 04), V(81, 7F, 7F, FE), \ + V(F0, 50, 50, A0), V(44, 3C, 3C, 78), V(BA, 9F, 9F, 25), V(E3, A8, A8, 4B), \ + V(F3, 51, 51, A2), V(FE, A3, A3, 5D), V(C0, 40, 40, 80), V(8A, 8F, 8F, 05), \ + V(AD, 92, 92, 3F), V(BC, 9D, 9D, 21), V(48, 38, 38, 70), V(04, F5, F5, F1), \ + V(DF, BC, BC, 63), V(C1, B6, B6, 77), V(75, DA, DA, AF), V(63, 21, 21, 42), \ + V(30, 10, 10, 20), V(1A, FF, FF, E5), V(0E, F3, F3, FD), V(6D, D2, D2, BF), \ + V(4C, CD, CD, 81), V(14, 0C, 0C, 18), V(35, 13, 13, 26), V(2F, EC, EC, C3), \ + V(E1, 5F, 5F, BE), V(A2, 97, 97, 35), V(CC, 44, 44, 88), V(39, 17, 17, 2E), \ + V(57, C4, C4, 93), V(F2, A7, A7, 55), V(82, 7E, 7E, FC), V(47, 3D, 3D, 7A), \ + V(AC, 64, 64, C8), V(E7, 5D, 5D, BA), V(2B, 19, 19, 32), V(95, 73, 73, E6), \ + V(A0, 60, 60, C0), V(98, 81, 81, 19), V(D1, 4F, 4F, 9E), V(7F, DC, DC, A3), \ + V(66, 22, 22, 44), V(7E, 2A, 2A, 54), V(AB, 90, 90, 3B), V(83, 88, 88, 0B), \ + V(CA, 46, 46, 8C), V(29, EE, EE, C7), V(D3, B8, B8, 6B), V(3C, 14, 14, 28), \ + V(79, DE, DE, A7), V(E2, 5E, 5E, BC), V(1D, 0B, 0B, 16), V(76, DB, DB, AD), \ + V(3B, E0, E0, DB), V(56, 32, 32, 64), V(4E, 3A, 3A, 74), V(1E, 0A, 0A, 14), \ + V(DB, 49, 49, 92), V(0A, 06, 06, 0C), V(6C, 24, 24, 48), V(E4, 5C, 5C, B8), \ + V(5D, C2, C2, 9F), V(6E, D3, D3, BD), V(EF, AC, AC, 43), V(A6, 62, 62, C4), \ + V(A8, 91, 91, 39), V(A4, 95, 95, 31), V(37, E4, E4, D3), V(8B, 79, 79, F2), \ + V(32, E7, E7, D5), V(43, C8, C8, 8B), V(59, 37, 37, 6E), V(B7, 6D, 6D, DA), \ + V(8C, 8D, 8D, 01), V(64, D5, D5, B1), V(D2, 4E, 4E, 9C), V(E0, A9, A9, 49), \ + V(B4, 6C, 6C, D8), V(FA, 56, 56, AC), V(07, F4, F4, F3), V(25, EA, EA, CF), \ + V(AF, 65, 65, CA), V(8E, 7A, 7A, F4), V(E9, AE, AE, 47), V(18, 08, 08, 10), \ + V(D5, BA, BA, 6F), V(88, 78, 78, F0), V(6F, 25, 25, 4A), V(72, 2E, 2E, 5C), \ + V(24, 1C, 1C, 38), V(F1, A6, A6, 57), V(C7, B4, B4, 73), V(51, C6, C6, 97), \ + V(23, E8, E8, CB), V(7C, DD, DD, A1), V(9C, 74, 74, E8), V(21, 1F, 1F, 3E), \ + V(DD, 4B, 4B, 96), V(DC, BD, BD, 61), V(86, 8B, 8B, 0D), V(85, 8A, 8A, 0F), \ + V(90, 70, 70, E0), V(42, 3E, 3E, 7C), V(C4, B5, B5, 71), V(AA, 66, 66, CC), \ + V(D8, 48, 48, 90), V(05, 03, 03, 06), V(01, F6, F6, F7), V(12, 0E, 0E, 1C), \ + V(A3, 61, 61, C2), V(5F, 35, 35, 6A), V(F9, 57, 57, AE), V(D0, B9, B9, 69), \ + V(91, 86, 86, 17), V(58, C1, C1, 99), V(27, 1D, 1D, 3A), V(B9, 9E, 9E, 27), \ + V(38, E1, E1, D9), V(13, F8, F8, EB), V(B3, 98, 98, 2B), V(33, 11, 11, 22), \ + V(BB, 69, 69, D2), V(70, D9, D9, A9), V(89, 8E, 8E, 07), V(A7, 94, 94, 33), \ + V(B6, 9B, 9B, 2D), V(22, 1E, 1E, 3C), V(92, 87, 87, 15), V(20, E9, E9, C9), \ + V(49, CE, CE, 87), V(FF, 55, 55, AA), V(78, 28, 28, 50), V(7A, DF, DF, A5), \ + V(8F, 8C, 8C, 03), V(F8, A1, A1, 59), V(80, 89, 89, 09), V(17, 0D, 0D, 1A), \ + V(DA, BF, BF, 65), V(31, E6, E6, D7), V(C6, 42, 42, 84), V(B8, 68, 68, D0), \ + V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ + V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) + +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) +#define V(a, b, c, d) 0x##a##b##c##d static const uint32_t FT0[256] = { FT }; #undef V #if !defined(MBEDTLS_AES_FEWER_TABLES) -#define V(a,b,c,d) 0x##b##c##d##a +#define V(a, b, c, d) 0x##b##c##d##a static const uint32_t FT1[256] = { FT }; #undef V -#define V(a,b,c,d) 0x##c##d##a##b +#define V(a, b, c, d) 0x##c##d##a##b static const uint32_t FT2[256] = { FT }; #undef V -#define V(a,b,c,d) 0x##d##a##b##c +#define V(a, b, c, d) 0x##d##a##b##c static const uint32_t FT3[256] = { FT }; #undef V #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ + #undef FT +#if !defined(MBEDTLS_AES_DECRYPT_ALT) /* * Reverse S-box */ @@ -232,99 +220,105 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; +#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables */ #define RT \ \ - V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \ - V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \ - V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \ - V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \ - V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \ - V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \ - V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \ - V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \ - V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \ - V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \ - V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \ - V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \ - V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \ - V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \ - V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \ - V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \ - V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \ - V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \ - V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \ - V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \ - V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \ - V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \ - V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \ - V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \ - V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \ - V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \ - V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \ - V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \ - V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \ - V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \ - V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \ - V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \ - V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \ - V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \ - V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \ - V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \ - V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \ - V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \ - V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \ - V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \ - V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \ - V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \ - V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \ - V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \ - V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \ - V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \ - V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \ - V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \ - V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \ - V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \ - V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \ - V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \ - V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \ - V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \ - V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \ - V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \ - V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \ - V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \ - V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \ - V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \ - V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \ - V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \ - V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \ - V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0) - -#define V(a,b,c,d) 0x##a##b##c##d + V(50, A7, F4, 51), V(53, 65, 41, 7E), V(C3, A4, 17, 1A), V(96, 5E, 27, 3A), \ + V(CB, 6B, AB, 3B), V(F1, 45, 9D, 1F), V(AB, 58, FA, AC), V(93, 03, E3, 4B), \ + V(55, FA, 30, 20), V(F6, 6D, 76, AD), V(91, 76, CC, 88), V(25, 4C, 02, F5), \ + V(FC, D7, E5, 4F), V(D7, CB, 2A, C5), V(80, 44, 35, 26), V(8F, A3, 62, B5), \ + V(49, 5A, B1, DE), V(67, 1B, BA, 25), V(98, 0E, EA, 45), V(E1, C0, FE, 5D), \ + V(02, 75, 2F, C3), V(12, F0, 4C, 81), V(A3, 97, 46, 8D), V(C6, F9, D3, 6B), \ + V(E7, 5F, 8F, 03), V(95, 9C, 92, 15), V(EB, 7A, 6D, BF), V(DA, 59, 52, 95), \ + V(2D, 83, BE, D4), V(D3, 21, 74, 58), V(29, 69, E0, 49), V(44, C8, C9, 8E), \ + V(6A, 89, C2, 75), V(78, 79, 8E, F4), V(6B, 3E, 58, 99), V(DD, 71, B9, 27), \ + V(B6, 4F, E1, BE), V(17, AD, 88, F0), V(66, AC, 20, C9), V(B4, 3A, CE, 7D), \ + V(18, 4A, DF, 63), V(82, 31, 1A, E5), V(60, 33, 51, 97), V(45, 7F, 53, 62), \ + V(E0, 77, 64, B1), V(84, AE, 6B, BB), V(1C, A0, 81, FE), V(94, 2B, 08, F9), \ + V(58, 68, 48, 70), V(19, FD, 45, 8F), V(87, 6C, DE, 94), V(B7, F8, 7B, 52), \ + V(23, D3, 73, AB), V(E2, 02, 4B, 72), V(57, 8F, 1F, E3), V(2A, AB, 55, 66), \ + V(07, 28, EB, B2), V(03, C2, B5, 2F), V(9A, 7B, C5, 86), V(A5, 08, 37, D3), \ + V(F2, 87, 28, 30), V(B2, A5, BF, 23), V(BA, 6A, 03, 02), V(5C, 82, 16, ED), \ + V(2B, 1C, CF, 8A), V(92, B4, 79, A7), V(F0, F2, 07, F3), V(A1, E2, 69, 4E), \ + V(CD, F4, DA, 65), V(D5, BE, 05, 06), V(1F, 62, 34, D1), V(8A, FE, A6, C4), \ + V(9D, 53, 2E, 34), V(A0, 55, F3, A2), V(32, E1, 8A, 05), V(75, EB, F6, A4), \ + V(39, EC, 83, 0B), V(AA, EF, 60, 40), V(06, 9F, 71, 5E), V(51, 10, 6E, BD), \ + V(F9, 8A, 21, 3E), V(3D, 06, DD, 96), V(AE, 05, 3E, DD), V(46, BD, E6, 4D), \ + V(B5, 8D, 54, 91), V(05, 5D, C4, 71), V(6F, D4, 06, 04), V(FF, 15, 50, 60), \ + V(24, FB, 98, 19), V(97, E9, BD, D6), V(CC, 43, 40, 89), V(77, 9E, D9, 67), \ + V(BD, 42, E8, B0), V(88, 8B, 89, 07), V(38, 5B, 19, E7), V(DB, EE, C8, 79), \ + V(47, 0A, 7C, A1), V(E9, 0F, 42, 7C), V(C9, 1E, 84, F8), V(00, 00, 00, 00), \ + V(83, 86, 80, 09), V(48, ED, 2B, 32), V(AC, 70, 11, 1E), V(4E, 72, 5A, 6C), \ + V(FB, FF, 0E, FD), V(56, 38, 85, 0F), V(1E, D5, AE, 3D), V(27, 39, 2D, 36), \ + V(64, D9, 0F, 0A), V(21, A6, 5C, 68), V(D1, 54, 5B, 9B), V(3A, 2E, 36, 24), \ + V(B1, 67, 0A, 0C), V(0F, E7, 57, 93), V(D2, 96, EE, B4), V(9E, 91, 9B, 1B), \ + V(4F, C5, C0, 80), V(A2, 20, DC, 61), V(69, 4B, 77, 5A), V(16, 1A, 12, 1C), \ + V(0A, BA, 93, E2), V(E5, 2A, A0, C0), V(43, E0, 22, 3C), V(1D, 17, 1B, 12), \ + V(0B, 0D, 09, 0E), V(AD, C7, 8B, F2), V(B9, A8, B6, 2D), V(C8, A9, 1E, 14), \ + V(85, 19, F1, 57), V(4C, 07, 75, AF), V(BB, DD, 99, EE), V(FD, 60, 7F, A3), \ + V(9F, 26, 01, F7), V(BC, F5, 72, 5C), V(C5, 3B, 66, 44), V(34, 7E, FB, 5B), \ + V(76, 29, 43, 8B), V(DC, C6, 23, CB), V(68, FC, ED, B6), V(63, F1, E4, B8), \ + V(CA, DC, 31, D7), V(10, 85, 63, 42), V(40, 22, 97, 13), V(20, 11, C6, 84), \ + V(7D, 24, 4A, 85), V(F8, 3D, BB, D2), V(11, 32, F9, AE), V(6D, A1, 29, C7), \ + V(4B, 2F, 9E, 1D), V(F3, 30, B2, DC), V(EC, 52, 86, 0D), V(D0, E3, C1, 77), \ + V(6C, 16, B3, 2B), V(99, B9, 70, A9), V(FA, 48, 94, 11), V(22, 64, E9, 47), \ + V(C4, 8C, FC, A8), V(1A, 3F, F0, A0), V(D8, 2C, 7D, 56), V(EF, 90, 33, 22), \ + V(C7, 4E, 49, 87), V(C1, D1, 38, D9), V(FE, A2, CA, 8C), V(36, 0B, D4, 98), \ + V(CF, 81, F5, A6), V(28, DE, 7A, A5), V(26, 8E, B7, DA), V(A4, BF, AD, 3F), \ + V(E4, 9D, 3A, 2C), V(0D, 92, 78, 50), V(9B, CC, 5F, 6A), V(62, 46, 7E, 54), \ + V(C2, 13, 8D, F6), V(E8, B8, D8, 90), V(5E, F7, 39, 2E), V(F5, AF, C3, 82), \ + V(BE, 80, 5D, 9F), V(7C, 93, D0, 69), V(A9, 2D, D5, 6F), V(B3, 12, 25, CF), \ + V(3B, 99, AC, C8), V(A7, 7D, 18, 10), V(6E, 63, 9C, E8), V(7B, BB, 3B, DB), \ + V(09, 78, 26, CD), V(F4, 18, 59, 6E), V(01, B7, 9A, EC), V(A8, 9A, 4F, 83), \ + V(65, 6E, 95, E6), V(7E, E6, FF, AA), V(08, CF, BC, 21), V(E6, E8, 15, EF), \ + V(D9, 9B, E7, BA), V(CE, 36, 6F, 4A), V(D4, 09, 9F, EA), V(D6, 7C, B0, 29), \ + V(AF, B2, A4, 31), V(31, 23, 3F, 2A), V(30, 94, A5, C6), V(C0, 66, A2, 35), \ + V(37, BC, 4E, 74), V(A6, CA, 82, FC), V(B0, D0, 90, E0), V(15, D8, A7, 33), \ + V(4A, 98, 04, F1), V(F7, DA, EC, 41), V(0E, 50, CD, 7F), V(2F, F6, 91, 17), \ + V(8D, D6, 4D, 76), V(4D, B0, EF, 43), V(54, 4D, AA, CC), V(DF, 04, 96, E4), \ + V(E3, B5, D1, 9E), V(1B, 88, 6A, 4C), V(B8, 1F, 2C, C1), V(7F, 51, 65, 46), \ + V(04, EA, 5E, 9D), V(5D, 35, 8C, 01), V(73, 74, 87, FA), V(2E, 41, 0B, FB), \ + V(5A, 1D, 67, B3), V(52, D2, DB, 92), V(33, 56, 10, E9), V(13, 47, D6, 6D), \ + V(8C, 61, D7, 9A), V(7A, 0C, A1, 37), V(8E, 14, F8, 59), V(89, 3C, 13, EB), \ + V(EE, 27, A9, CE), V(35, C9, 61, B7), V(ED, E5, 1C, E1), V(3C, B1, 47, 7A), \ + V(59, DF, D2, 9C), V(3F, 73, F2, 55), V(79, CE, 14, 18), V(BF, 37, C7, 73), \ + V(EA, CD, F7, 53), V(5B, AA, FD, 5F), V(14, 6F, 3D, DF), V(86, DB, 44, 78), \ + V(81, F3, AF, CA), V(3E, C4, 68, B9), V(2C, 34, 24, 38), V(5F, 40, A3, C2), \ + V(72, C3, 1D, 16), V(0C, 25, E2, BC), V(8B, 49, 3C, 28), V(41, 95, 0D, FF), \ + V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ + V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) + +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + +#define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; #undef V #if !defined(MBEDTLS_AES_FEWER_TABLES) -#define V(a,b,c,d) 0x##b##c##d##a +#define V(a, b, c, d) 0x##b##c##d##a static const uint32_t RT1[256] = { RT }; #undef V -#define V(a,b,c,d) 0x##c##d##a##b +#define V(a, b, c, d) 0x##c##d##a##b static const uint32_t RT2[256] = { RT }; #undef V -#define V(a,b,c,d) 0x##d##a##b##c +#define V(a, b, c, d) 0x##d##a##b##c static const uint32_t RT3[256] = { RT }; #undef V #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ + #undef RT +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ @@ -334,31 +328,44 @@ static const uint32_t RCON[10] = 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ #else /* MBEDTLS_AES_ROM_TABLES */ /* * Forward S-box & tables */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t FT1[256]; static uint32_t FT2[256]; static uint32_t FT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * Reverse S-box & tables */ +#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) static unsigned char RSb[256]; +#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ + +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ @@ -367,13 +374,13 @@ static uint32_t RCON[10]; /* * Tables generation code */ -#define ROTL8(x) ( ( (x) << 8 ) & 0xFFFFFFFF ) | ( (x) >> 24 ) -#define XTIME(x) ( ( (x) << 1 ) ^ ( ( (x) & 0x80 ) ? 0x1B : 0x00 ) ) -#define MUL(x,y) ( ( (x) && (y) ) ? pow[(log[(x)]+log[(y)]) % 255] : 0 ) +#define ROTL8(x) (((x) << 8) & 0xFFFFFFFF) | ((x) >> 24) +#define XTIME(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1B : 0x00)) +#define MUL(x, y) (((x) && (y)) ? pow[(log[(x)]+log[(y)]) % 255] : 0) static int aes_init_done = 0; -static void aes_gen_tables( void ) +static void aes_gen_tables(void) { int i, x, y, z; int pow[256]; @@ -382,20 +389,18 @@ static void aes_gen_tables( void ) /* * compute pow and log tables over GF(2^8) */ - for( i = 0, x = 1; i < 256; i++ ) - { + for (i = 0, x = 1; i < 256; i++) { pow[i] = x; log[x] = i; - x = MBEDTLS_BYTE_0( x ^ XTIME( x ) ); + x = MBEDTLS_BYTE_0(x ^ XTIME(x)); } /* * calculate the round constants */ - for( i = 0, x = 1; i < 10; i++ ) - { + for (i = 0, x = 1; i < 10; i++) { RCON[i] = (uint32_t) x; - x = MBEDTLS_BYTE_0( XTIME( x ) ); + x = MBEDTLS_BYTE_0(XTIME(x)); } /* @@ -404,14 +409,13 @@ static void aes_gen_tables( void ) FSb[0x00] = 0x63; RSb[0x63] = 0x00; - for( i = 1; i < 256; i++ ) - { + for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; - y = x; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); - x ^= y; y = MBEDTLS_BYTE_0( ( y << 1 ) | ( y >> 7 ) ); + y = x; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); x ^= y ^ 0x63; FSb[i] = (unsigned char) x; @@ -421,57 +425,60 @@ static void aes_gen_tables( void ) /* * generate the forward and reverse tables */ - for( i = 0; i < 256; i++ ) - { + for (i = 0; i < 256; i++) { x = FSb[i]; - y = MBEDTLS_BYTE_0( XTIME( x ) ); - z = MBEDTLS_BYTE_0( y ^ x ); + y = MBEDTLS_BYTE_0(XTIME(x)); + z = MBEDTLS_BYTE_0(y ^ x); - FT0[i] = ( (uint32_t) y ) ^ - ( (uint32_t) x << 8 ) ^ - ( (uint32_t) x << 16 ) ^ - ( (uint32_t) z << 24 ); + FT0[i] = ((uint32_t) y) ^ + ((uint32_t) x << 8) ^ + ((uint32_t) x << 16) ^ + ((uint32_t) z << 24); #if !defined(MBEDTLS_AES_FEWER_TABLES) - FT1[i] = ROTL8( FT0[i] ); - FT2[i] = ROTL8( FT1[i] ); - FT3[i] = ROTL8( FT2[i] ); + FT1[i] = ROTL8(FT0[i]); + FT2[i] = ROTL8(FT1[i]); + FT3[i] = ROTL8(FT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ x = RSb[i]; - RT0[i] = ( (uint32_t) MUL( 0x0E, x ) ) ^ - ( (uint32_t) MUL( 0x09, x ) << 8 ) ^ - ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^ - ( (uint32_t) MUL( 0x0B, x ) << 24 ); +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ + ((uint32_t) MUL(0x09, x) << 8) ^ + ((uint32_t) MUL(0x0D, x) << 16) ^ + ((uint32_t) MUL(0x0B, x) << 24); #if !defined(MBEDTLS_AES_FEWER_TABLES) - RT1[i] = ROTL8( RT0[i] ); - RT2[i] = ROTL8( RT1[i] ); - RT3[i] = ROTL8( RT2[i] ); + RT1[i] = ROTL8(RT0[i]); + RT2[i] = ROTL8(RT1[i]); + RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ } } +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ + #undef ROTL8 #endif /* MBEDTLS_AES_ROM_TABLES */ #if defined(MBEDTLS_AES_FEWER_TABLES) -#define ROTL8(x) ( (uint32_t)( ( x ) << 8 ) + (uint32_t)( ( x ) >> 24 ) ) -#define ROTL16(x) ( (uint32_t)( ( x ) << 16 ) + (uint32_t)( ( x ) >> 16 ) ) -#define ROTL24(x) ( (uint32_t)( ( x ) << 24 ) + (uint32_t)( ( x ) >> 8 ) ) +#define ROTL8(x) ((uint32_t) ((x) << 8) + (uint32_t) ((x) >> 24)) +#define ROTL16(x) ((uint32_t) ((x) << 16) + (uint32_t) ((x) >> 16)) +#define ROTL24(x) ((uint32_t) ((x) << 24) + (uint32_t) ((x) >> 8)) #define AES_RT0(idx) RT0[idx] -#define AES_RT1(idx) ROTL8( RT0[idx] ) -#define AES_RT2(idx) ROTL16( RT0[idx] ) -#define AES_RT3(idx) ROTL24( RT0[idx] ) +#define AES_RT1(idx) ROTL8(RT0[idx]) +#define AES_RT2(idx) ROTL16(RT0[idx]) +#define AES_RT3(idx) ROTL24(RT0[idx]) #define AES_FT0(idx) FT0[idx] -#define AES_FT1(idx) ROTL8( FT0[idx] ) -#define AES_FT2(idx) ROTL16( FT0[idx] ) -#define AES_FT3(idx) ROTL24( FT0[idx] ) +#define AES_FT1(idx) ROTL8(FT0[idx]) +#define AES_FT2(idx) ROTL16(FT0[idx]) +#define AES_FT3(idx) ROTL24(FT0[idx]) #else /* MBEDTLS_AES_FEWER_TABLES */ @@ -487,100 +494,142 @@ static void aes_gen_tables( void ) #endif /* MBEDTLS_AES_FEWER_TABLES */ -void mbedtls_aes_init( mbedtls_aes_context *ctx ) +void mbedtls_aes_init(mbedtls_aes_context *ctx) { - AES_VALIDATE( ctx != NULL ); + AES_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_aes_context ) ); + memset(ctx, 0, sizeof(mbedtls_aes_context)); } -void mbedtls_aes_free( mbedtls_aes_context *ctx ) +void mbedtls_aes_free(mbedtls_aes_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aes_context)); } #if defined(MBEDTLS_CIPHER_MODE_XTS) -void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ) +void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx) { - AES_VALIDATE( ctx != NULL ); + AES_VALIDATE(ctx != NULL); - mbedtls_aes_init( &ctx->crypt ); - mbedtls_aes_init( &ctx->tweak ); + mbedtls_aes_init(&ctx->crypt); + mbedtls_aes_init(&ctx->tweak); } -void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) +void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_aes_free( &ctx->crypt ); - mbedtls_aes_free( &ctx->tweak ); + mbedtls_aes_free(&ctx->crypt); + mbedtls_aes_free(&ctx->tweak); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ +/* Some implementations need the round keys to be aligned. + * Return an offset to be added to buf, such that (buf + offset) is + * correctly aligned. + * Note that the offset is in units of elements of buf, i.e. 32-bit words, + * i.e. an offset of 1 means 4 bytes and so on. + */ +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) || \ + (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2) +#define MAY_NEED_TO_ALIGN +#endif + +#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +static unsigned mbedtls_aes_rk_offset(uint32_t *buf) +{ +#if defined(MAY_NEED_TO_ALIGN) + int align_16_bytes = 0; + +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (aes_padlock_ace == -1) { + aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); + } + if (aes_padlock_ace) { + align_16_bytes = 1; + } +#endif + +#if defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2 + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + align_16_bytes = 1; + } +#endif + + if (align_16_bytes) { + /* These implementations needs 16-byte alignment + * for the round key array. */ + unsigned delta = ((uintptr_t) buf & 0x0000000fU) / 4; + if (delta == 0) { + return 0; + } else { + return 4 - delta; // 16 bytes = 4 uint32_t + } + } +#else /* MAY_NEED_TO_ALIGN */ + (void) buf; +#endif /* MAY_NEED_TO_ALIGN */ + + return 0; +} +#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ + /* * AES key schedule (encryption) */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) { unsigned int i; uint32_t *RK; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - switch( keybits ) - { + switch (keybits) { case 128: ctx->nr = 10; break; case 192: ctx->nr = 12; break; case 256: ctx->nr = 14; break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } #if !defined(MBEDTLS_AES_ROM_TABLES) - if( aes_init_done == 0 ) - { + if (aes_init_done == 0) { aes_gen_tables(); aes_init_done = 1; } #endif -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); - - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else -#endif - ctx->rk = RK = ctx->buf; + ctx->rk = RK = ctx->buf + mbedtls_aes_rk_offset(ctx->buf); -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) ); +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + return mbedtls_aesni_setkey_enc((unsigned char *) ctx->rk, key, keybits); + } #endif - for( i = 0; i < ( keybits >> 5 ); i++ ) - { - RK[i] = MBEDTLS_GET_UINT32_LE( key, i << 2 ); + for (i = 0; i < (keybits >> 5); i++) { + RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2); } - switch( ctx->nr ) - { + switch (ctx->nr) { case 10: - for( i = 0; i < 10; i++, RK += 4 ) - { + for (i = 0; i < 10; i++, RK += 4) { RK[4] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[3] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[3] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[3] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[3] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[3])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[3])] << 24); RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; @@ -590,13 +639,12 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, case 12: - for( i = 0; i < 8; i++, RK += 6 ) - { + for (i = 0; i < 8; i++, RK += 6) { RK[6] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[5] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[5] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[5] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[5] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[5])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[5])] << 24); RK[7] = RK[1] ^ RK[6]; RK[8] = RK[2] ^ RK[7]; @@ -608,23 +656,22 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, case 14: - for( i = 0; i < 7; i++, RK += 8 ) - { + for (i = 0; i < 7; i++, RK += 8) { RK[8] = RK[0] ^ RCON[i] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[7] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[7] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[7] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[7] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[7])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[7])] << 24); RK[9] = RK[1] ^ RK[8]; RK[10] = RK[2] ^ RK[9]; RK[11] = RK[3] ^ RK[10]; RK[12] = RK[4] ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( RK[11] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( RK[11] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( RK[11] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( RK[11] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(RK[11])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[11])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[11])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[11])] << 24); RK[13] = RK[5] ^ RK[12]; RK[14] = RK[6] ^ RK[13]; @@ -633,7 +680,7 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, break; } - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ @@ -641,40 +688,32 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, * AES key schedule (decryption) */ #if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) -int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, + unsigned int keybits) { int i, j, ret; mbedtls_aes_context cty; uint32_t *RK; uint32_t *SK; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); - - mbedtls_aes_init( &cty ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if( aes_padlock_ace == -1 ) - aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); + mbedtls_aes_init(&cty); - if( aes_padlock_ace ) - ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf ); - else -#endif - ctx->rk = RK = ctx->buf; + ctx->rk = RK = ctx->buf + mbedtls_aes_rk_offset(ctx->buf); /* Also checks keybits */ - if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_enc(&cty, key, keybits)) != 0) { goto exit; + } ctx->nr = cty.nr; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - { - mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk, - (const unsigned char *) cty.rk, ctx->nr ); +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + mbedtls_aesni_inverse_key((unsigned char *) ctx->rk, + (const unsigned char *) cty.rk, ctx->nr); goto exit; } #endif @@ -686,14 +725,12 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, *RK++ = *SK++; *RK++ = *SK++; - for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 ) - { - for( j = 0; j < 4; j++, SK++ ) - { - *RK++ = AES_RT0( FSb[ MBEDTLS_BYTE_0( *SK ) ] ) ^ - AES_RT1( FSb[ MBEDTLS_BYTE_1( *SK ) ] ) ^ - AES_RT2( FSb[ MBEDTLS_BYTE_2( *SK ) ] ) ^ - AES_RT3( FSb[ MBEDTLS_BYTE_3( *SK ) ] ); + for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) { + for (j = 0; j < 4; j++, SK++) { + *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^ + AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^ + AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^ + AES_RT3(FSb[MBEDTLS_BYTE_3(*SK)]); } } @@ -703,28 +740,27 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, *RK++ = *SK++; exit: - mbedtls_aes_free( &cty ); + mbedtls_aes_free(&cty); - return( ret ); + return ret; } #endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int mbedtls_aes_xts_decode_keys( const unsigned char *key, - unsigned int keybits, - const unsigned char **key1, - unsigned int *key1bits, - const unsigned char **key2, - unsigned int *key2bits ) +static int mbedtls_aes_xts_decode_keys(const unsigned char *key, + unsigned int keybits, + const unsigned char **key1, + unsigned int *key1bits, + const unsigned char **key2, + unsigned int *key2bits) { const unsigned int half_keybits = keybits / 2; const unsigned int half_keybytes = half_keybits / 8; - switch( keybits ) - { + switch (keybits) { case 256: break; case 512: break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } *key1bits = half_keybits; @@ -735,175 +771,177 @@ static int mbedtls_aes_xts_decode_keys( const unsigned char *key, return 0; } -int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) +int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits, + &key2, &key2bits); + if (ret != 0) { + return ret; + } /* Set the tweak key. Always set tweak key for the encryption mode. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits); + if (ret != 0) { + return ret; + } /* Set crypt key for encryption. */ - return mbedtls_aes_setkey_enc( &ctx->crypt, key1, key1bits ); + return mbedtls_aes_setkey_enc(&ctx->crypt, key1, key1bits); } -int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, - const unsigned char *key, - unsigned int keybits) +int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *key1, *key2; unsigned int key1bits, key2bits; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( key != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(key != NULL); - ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, - &key2, &key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_xts_decode_keys(key, keybits, &key1, &key1bits, + &key2, &key2bits); + if (ret != 0) { + return ret; + } /* Set the tweak key. Always set tweak key for encryption. */ - ret = mbedtls_aes_setkey_enc( &ctx->tweak, key2, key2bits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_setkey_enc(&ctx->tweak, key2, key2bits); + if (ret != 0) { + return ret; + } /* Set crypt key for decryption. */ - return mbedtls_aes_setkey_dec( &ctx->crypt, key1, key1bits ); + return mbedtls_aes_setkey_dec(&ctx->crypt, key1, key1bits); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +#define AES_FROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3) \ do \ { \ - (X0) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y3 ) ); \ + (X0) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y0)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y1)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y2)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y3)); \ \ - (X1) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y0 ) ); \ + (X1) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y1)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y2)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y3)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y0)); \ \ - (X2) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y1 ) ); \ + (X2) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y2)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y3)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y0)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y1)); \ \ - (X3) = *RK++ ^ AES_FT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ - AES_FT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ - AES_FT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ - AES_FT3( MBEDTLS_BYTE_3( Y2 ) ); \ - } while( 0 ) + (X3) = *RK++ ^ AES_FT0(MBEDTLS_BYTE_0(Y3)) ^ \ + AES_FT1(MBEDTLS_BYTE_1(Y0)) ^ \ + AES_FT2(MBEDTLS_BYTE_2(Y1)) ^ \ + AES_FT3(MBEDTLS_BYTE_3(Y2)); \ + } while (0) -#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +#define AES_RROUND(X0, X1, X2, X3, Y0, Y1, Y2, Y3) \ do \ { \ - (X0) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y0 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y3 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y2 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y1 ) ); \ + (X0) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y0)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y3)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y2)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y1)); \ \ - (X1) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y1 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y0 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y3 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y2 ) ); \ + (X1) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y1)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y0)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y3)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y2)); \ \ - (X2) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y2 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y1 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y0 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y3 ) ); \ + (X2) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y2)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y1)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y0)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y3)); \ \ - (X3) = *RK++ ^ AES_RT0( MBEDTLS_BYTE_0( Y3 ) ) ^ \ - AES_RT1( MBEDTLS_BYTE_1( Y2 ) ) ^ \ - AES_RT2( MBEDTLS_BYTE_2( Y1 ) ) ^ \ - AES_RT3( MBEDTLS_BYTE_3( Y0 ) ); \ - } while( 0 ) + (X3) = *RK++ ^ AES_RT0(MBEDTLS_BYTE_0(Y3)) ^ \ + AES_RT1(MBEDTLS_BYTE_1(Y2)) ^ \ + AES_RT2(MBEDTLS_BYTE_2(Y1)) ^ \ + AES_RT3(MBEDTLS_BYTE_3(Y0)); \ + } while (0) /* * AES-ECB block encryption */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) -int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->rk; - struct - { + struct { uint32_t X[4]; uint32_t Y[4]; } t; - t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; - t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; - t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; - t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE(input, 0); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE(input, 4); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE(input, 8); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++; - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); - AES_FROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] ); + for (i = (ctx->nr >> 1) - 1; i > 0; i--) { + AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); + AES_FROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]); } - AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); + AES_FROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); t.X[0] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[0])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[1])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[3])] << 24); t.X[1] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[1])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[2])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[0])] << 24); t.X[2] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[2])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[3])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[1])] << 24); t.X[3] = *RK++ ^ \ - ( (uint32_t) FSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ - ( (uint32_t) FSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); + ((uint32_t) FSb[MBEDTLS_BYTE_0(t.Y[3])]) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_1(t.Y[0])] << 8) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^ + ((uint32_t) FSb[MBEDTLS_BYTE_3(t.Y[2])] << 24); - MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(t.X[0], output, 0); + MBEDTLS_PUT_UINT32_LE(t.X[1], output, 4); + MBEDTLS_PUT_UINT32_LE(t.X[2], output, 8); + MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12); - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +void mbedtls_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { - MBEDTLS_IGNORE_RETURN( mbedtls_internal_aes_encrypt( ctx, input, output ) ); + MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_encrypt(ctx, input, output)); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ @@ -911,142 +949,165 @@ void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, * AES-ECB block decryption */ #if !defined(MBEDTLS_AES_DECRYPT_ALT) -int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->rk; - struct - { + struct { uint32_t X[4]; uint32_t Y[4]; } t; - t.X[0] = MBEDTLS_GET_UINT32_LE( input, 0 ); t.X[0] ^= *RK++; - t.X[1] = MBEDTLS_GET_UINT32_LE( input, 4 ); t.X[1] ^= *RK++; - t.X[2] = MBEDTLS_GET_UINT32_LE( input, 8 ); t.X[2] ^= *RK++; - t.X[3] = MBEDTLS_GET_UINT32_LE( input, 12 ); t.X[3] ^= *RK++; + t.X[0] = MBEDTLS_GET_UINT32_LE(input, 0); t.X[0] ^= *RK++; + t.X[1] = MBEDTLS_GET_UINT32_LE(input, 4); t.X[1] ^= *RK++; + t.X[2] = MBEDTLS_GET_UINT32_LE(input, 8); t.X[2] ^= *RK++; + t.X[3] = MBEDTLS_GET_UINT32_LE(input, 12); t.X[3] ^= *RK++; - for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) - { - AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); - AES_RROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] ); + for (i = (ctx->nr >> 1) - 1; i > 0; i--) { + AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); + AES_RROUND(t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3]); } - AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] ); + AES_RROUND(t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3]); t.X[0] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[0] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[3] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[2] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[1] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[0])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[3])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[2])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[1])] << 24); t.X[1] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[1] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[0] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[3] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[2] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[1])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[0])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[3])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[2])] << 24); t.X[2] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[2] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[1] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[0] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[3] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[2])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[1])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[0])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[3])] << 24); t.X[3] = *RK++ ^ \ - ( (uint32_t) RSb[ MBEDTLS_BYTE_0( t.Y[3] ) ] ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_1( t.Y[2] ) ] << 8 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_2( t.Y[1] ) ] << 16 ) ^ - ( (uint32_t) RSb[ MBEDTLS_BYTE_3( t.Y[0] ) ] << 24 ); + ((uint32_t) RSb[MBEDTLS_BYTE_0(t.Y[3])]) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_1(t.Y[2])] << 8) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_2(t.Y[1])] << 16) ^ + ((uint32_t) RSb[MBEDTLS_BYTE_3(t.Y[0])] << 24); - MBEDTLS_PUT_UINT32_LE( t.X[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( t.X[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( t.X[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( t.X[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(t.X[0], output, 0); + MBEDTLS_PUT_UINT32_LE(t.X[1], output, 4); + MBEDTLS_PUT_UINT32_LE(t.X[2], output, 8); + MBEDTLS_PUT_UINT32_LE(t.X[3], output, 12); - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16] ) +void mbedtls_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { - MBEDTLS_IGNORE_RETURN( mbedtls_internal_aes_decrypt( ctx, input, output ) ); + MBEDTLS_IGNORE_RETURN(mbedtls_internal_aes_decrypt(ctx, input, output)); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ +#if defined(MAY_NEED_TO_ALIGN) +/* VIA Padlock and our intrinsics-based implementation of AESNI require + * the round keys to be aligned on a 16-byte boundary. We take care of this + * before creating them, but the AES context may have moved (this can happen + * if the library is called from a language with managed memory), and in later + * calls it might have a different alignment with respect to 16-byte memory. + * So we may need to realign. + * NOTE: In the LTS branch, the context contains a pointer to within itself, + * so if it has been moved, things will probably go pear-shaped. We keep this + * code for compatibility with the development branch, in case of future changes. + */ +static void aes_maybe_realign(mbedtls_aes_context *ctx) +{ + unsigned current_offset = (unsigned) (ctx->rk - ctx->buf); + unsigned new_offset = mbedtls_aes_rk_offset(ctx->buf); + if (new_offset != current_offset) { + memmove(ctx->buf + new_offset, // new address + ctx->buf + current_offset, // current address + (ctx->nr + 1) * 16); // number of round keys * bytes per rk + ctx->rk = ctx->buf + new_offset; + } +} +#endif + /* * AES-ECB block encryption/decryption */ -int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) - return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + +#if defined(MAY_NEED_TO_ALIGN) + aes_maybe_realign(ctx); #endif -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 ) - return( 0 ); +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + return mbedtls_aesni_crypt_ecb(ctx, mode, input, output); + } +#endif - // If padlock data misaligned, we just fall back to - // unaccelerated mode - // +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (aes_padlock_ace) { + return mbedtls_padlock_xcryptecb(ctx, mode, input, output); } #endif - if( mode == MBEDTLS_AES_ENCRYPT ) - return( mbedtls_internal_aes_encrypt( ctx, input, output ) ); - else - return( mbedtls_internal_aes_decrypt( ctx, input, output ) ); + if (mode == MBEDTLS_AES_ENCRYPT) { + return mbedtls_internal_aes_encrypt(ctx, input, output); + } else { + return mbedtls_internal_aes_decrypt(ctx, input, output); + } } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * AES-CBC buffer encryption/decryption */ -int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[16]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); - if( length % 16 ) - return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + if (length % 16) { + return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) - { - if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) - return( 0 ); +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (aes_padlock_ace) { + if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) { + return 0; + } // If padlock data misaligned, we just fall back to // unaccelerated mode @@ -1054,36 +1115,35 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, } #endif - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 16 ); - ret = mbedtls_aes_crypt_ecb( ctx, mode, input, output ); - if( ret != 0 ) + if (mode == MBEDTLS_AES_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 16); + ret = mbedtls_aes_crypt_ecb(ctx, mode, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 16 ); + memcpy(iv, temp, 16); input += 16; output += 16; length -= 16; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_aes_crypt_ecb( ctx, mode, output, output ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(ctx, mode, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 16 ); + } + memcpy(iv, output, 16); input += 16; output += 16; @@ -1093,7 +1153,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1106,33 +1166,33 @@ typedef unsigned char mbedtls_be128[16]; * * This function multiplies a field element by x in the polynomial field * representation. It uses 64-bit word operations to gain speed but compensates - * for machine endianess and hence works correctly on both big and little + * for machine endianness and hence works correctly on both big and little * endian machines. */ -static void mbedtls_gf128mul_x_ble( unsigned char r[16], - const unsigned char x[16] ) +static void mbedtls_gf128mul_x_ble(unsigned char r[16], + const unsigned char x[16]) { uint64_t a, b, ra, rb; - a = MBEDTLS_GET_UINT64_LE( x, 0 ); - b = MBEDTLS_GET_UINT64_LE( x, 8 ); + a = MBEDTLS_GET_UINT64_LE(x, 0); + b = MBEDTLS_GET_UINT64_LE(x, 8); - ra = ( a << 1 ) ^ 0x0087 >> ( 8 - ( ( b >> 63 ) << 3 ) ); - rb = ( a >> 63 ) | ( b << 1 ); + ra = (a << 1) ^ 0x0087 >> (8 - ((b >> 63) << 3)); + rb = (a >> 63) | (b << 1); - MBEDTLS_PUT_UINT64_LE( ra, r, 0 ); - MBEDTLS_PUT_UINT64_LE( rb, r, 8 ); + MBEDTLS_PUT_UINT64_LE(ra, r, 0); + MBEDTLS_PUT_UINT64_LE(rb, r, 8); } /* * AES-XTS buffer encryption/decryption */ -int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, - int mode, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, + int mode, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t blocks = length / 16; @@ -1141,61 +1201,64 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, unsigned char prev_tweak[16]; unsigned char tmp[16]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( data_unit != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(data_unit != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); /* Data units must be at least 16 bytes long. */ - if( length < 16 ) + if (length < 16) { return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */ - if( length > ( 1 << 20 ) * 16 ) + if (length > (1 << 20) * 16) { return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; + } /* Compute the tweak. */ - ret = mbedtls_aes_crypt_ecb( &ctx->tweak, MBEDTLS_AES_ENCRYPT, - data_unit, tweak ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_crypt_ecb(&ctx->tweak, MBEDTLS_AES_ENCRYPT, + data_unit, tweak); + if (ret != 0) { + return ret; + } - while( blocks-- ) - { + while (blocks--) { size_t i; - if( leftover && ( mode == MBEDTLS_AES_DECRYPT ) && blocks == 0 ) - { + if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) { /* We are on the last block in a decrypt operation that has * leftover bytes, so we need to use the next tweak for this block, - * and this tweak for the lefover bytes. Save the current tweak for + * and this tweak for the leftover bytes. Save the current tweak for * the leftovers and then update the current tweak for use on this, * the last full block. */ - memcpy( prev_tweak, tweak, sizeof( tweak ) ); - mbedtls_gf128mul_x_ble( tweak, tweak ); + memcpy(prev_tweak, tweak, sizeof(tweak)); + mbedtls_gf128mul_x_ble(tweak, tweak); } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { tmp[i] = input[i] ^ tweak[i]; + } - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp); + if (ret != 0) { + return ret; + } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { output[i] = tmp[i] ^ tweak[i]; + } /* Update the tweak for the next block. */ - mbedtls_gf128mul_x_ble( tweak, tweak ); + mbedtls_gf128mul_x_ble(tweak, tweak); output += 16; input += 16; } - if( leftover ) - { + if (leftover) { /* If we are on the leftover bytes in a decrypt operation, we need to * use the previous tweak for these bytes (as saved in prev_tweak). */ unsigned char *t = mode == MBEDTLS_AES_DECRYPT ? prev_tweak : tweak; @@ -1206,31 +1269,33 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, unsigned char *prev_output = output - 16; /* Copy ciphertext bytes from the previous block to our output for each - * byte of cyphertext we won't steal. At the same time, copy the + * byte of ciphertext we won't steal. At the same time, copy the * remainder of the input for this final round (since the loop bounds * are the same). */ - for( i = 0; i < leftover; i++ ) - { + for (i = 0; i < leftover; i++) { output[i] = prev_output[i]; tmp[i] = input[i] ^ t[i]; } /* Copy ciphertext bytes from the previous block for input in this * round. */ - for( ; i < 16; i++ ) + for (; i < 16; i++) { tmp[i] = prev_output[i] ^ t[i]; + } - ret = mbedtls_aes_crypt_ecb( &ctx->crypt, mode, tmp, tmp ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(&ctx->crypt, mode, tmp, tmp); + if (ret != 0) { return ret; + } /* Write the result back to the previous block, overriding the previous * output we copied. */ - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { prev_output[i] = tmp[i] ^ t[i]; + } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -1238,63 +1303,59 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, /* * AES-CFB128 buffer encryption/decryption */ -int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv_off != NULL); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *iv_off; - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 15) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_AES_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + if (mode == MBEDTLS_AES_DECRYPT) { + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + } else { + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } @@ -1302,50 +1363,52 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, ret = 0; exit: - return( ret ); + return ret; } /* * AES-CFB8 buffer encryption/decryption */ -int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char c; unsigned char ov[17]; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || - mode == MBEDTLS_AES_DECRYPT ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); - while( length-- ) - { - memcpy( ov, iv, 16 ); - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); + while (length--) { + memcpy(ov, iv, 16); + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } - if( mode == MBEDTLS_AES_DECRYPT ) + if (mode == MBEDTLS_AES_DECRYPT) { ov[16] = *input; + } - c = *output++ = (unsigned char)( iv[0] ^ *input++ ); + c = *output++ = (unsigned char) (iv[0] ^ *input++); - if( mode == MBEDTLS_AES_ENCRYPT ) + if (mode == MBEDTLS_AES_ENCRYPT) { ov[16] = c; + } - memcpy( iv, ov + 1, 16 ); + memcpy(iv, ov + 1, 16); } ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -1353,44 +1416,44 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, /* * AES-OFB (Output Feedback Mode) buffer encryption/decryption */ -int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ret = 0; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( iv_off != NULL ); - AES_VALIDATE_RET( iv != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(iv_off != NULL); + AES_VALIDATE_RET(iv != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *iv_off; - if( n > 15 ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 15) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) - { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); - if( ret != 0 ) + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, iv, iv); + if (ret != 0) { goto exit; + } } *output++ = *input++ ^ iv[n]; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *iv_off = n; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -1398,52 +1461,55 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, /* * AES-CTR buffer encryption/decryption */ -int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output) { int c, i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - AES_VALIDATE_RET( ctx != NULL ); - AES_VALIDATE_RET( nc_off != NULL ); - AES_VALIDATE_RET( nonce_counter != NULL ); - AES_VALIDATE_RET( stream_block != NULL ); - AES_VALIDATE_RET( input != NULL ); - AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET(ctx != NULL); + AES_VALIDATE_RET(nc_off != NULL); + AES_VALIDATE_RET(nonce_counter != NULL); + AES_VALIDATE_RET(stream_block != NULL); + AES_VALIDATE_RET(input != NULL); + AES_VALIDATE_RET(output != NULL); n = *nc_off; - if ( n > 0x0F ) - return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + if (n > 0x0F) { + return MBEDTLS_ERR_AES_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - ret = mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block ); - if( ret != 0 ) + while (length--) { + if (n == 0) { + ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block); + if (ret != 0) { goto exit; + } - for( i = 16; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = 16; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1689,7 +1755,7 @@ static const unsigned char aes_test_ctr_ct[3][48] = }; static const int aes_test_ctr_len[3] = - { 16, 32, 36 }; +{ 16, 32, 36 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -1750,12 +1816,12 @@ static const unsigned char aes_test_xts_ct32[][32] = static const unsigned char aes_test_xts_data_unit[][16] = { - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x33, 0x33, 0x33, 0x33, 0x33, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, }; #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -1763,14 +1829,15 @@ static const unsigned char aes_test_xts_data_unit[][16] = /* * Checkup routine */ -int mbedtls_aes_self_test( int verbose ) +int mbedtls_aes_self_test(int verbose) { int ret = 0, i, j, u, mode; unsigned int keybits; unsigned char key[32]; unsigned char buf[64]; const unsigned char *aes_tests; -#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) +#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) || \ + defined(MBEDTLS_CIPHER_MODE_OFB) unsigned char iv[16]; #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1789,32 +1856,55 @@ int mbedtls_aes_self_test( int verbose ) #endif mbedtls_aes_context ctx; - memset( key, 0, 32 ); - mbedtls_aes_init( &ctx ); + memset(key, 0, 32); + mbedtls_aes_init(&ctx); + + if (verbose != 0) { +#if defined(MBEDTLS_AES_ALT) + mbedtls_printf(" AES note: alternative implementation.\n"); +#else /* MBEDTLS_AES_ALT */ +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) { + mbedtls_printf(" AES note: using VIA Padlock.\n"); + } else +#endif +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + mbedtls_printf(" AES note: using AESNI via "); +#if MBEDTLS_AESNI_HAVE_CODE == 1 + mbedtls_printf("assembly"); +#elif MBEDTLS_AESNI_HAVE_CODE == 2 + mbedtls_printf("intrinsics"); +#else + mbedtls_printf("(unknown)"); +#endif + mbedtls_printf(".\n"); + } else +#endif + mbedtls_printf(" AES note: built-in implementation.\n"); +#endif /* MBEDTLS_AES_ALT */ + } /* * ECB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-ECB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( buf, 0, 16 ); + memset(buf, 0, 16); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_ecb_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); aes_tests = aes_test_ecb_enc[u]; } @@ -1823,62 +1913,57 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - for( j = 0; j < 10000; j++ ) - { - ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf ); - if( ret != 0 ) + for (j = 0; j < 10000; j++) { + ret = mbedtls_aes_crypt_ecb(&ctx, mode, buf, buf); + if (ret != 0) { goto exit; + } } - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { + if (memcmp(buf, aes_tests, 16) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CBC-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CBC-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( iv , 0, 16 ); - memset( prv, 0, 16 ); - memset( buf, 0, 16 ); + memset(iv, 0, 16); + memset(prv, 0, 16); + memset(buf, 0, 16); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_setkey_dec( &ctx, key, keybits ); + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_cbc_dec[u]; - } - else - { - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); aes_tests = aes_test_cbc_enc[u]; } @@ -1887,301 +1972,292 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - for( j = 0; j < 10000; j++ ) - { - if( mode == MBEDTLS_AES_ENCRYPT ) - { + for (j = 0; j < 10000; j++) { + if (mode == MBEDTLS_AES_ENCRYPT) { unsigned char tmp[16]; - memcpy( tmp, prv, 16 ); - memcpy( prv, buf, 16 ); - memcpy( buf, tmp, 16 ); + memcpy(tmp, prv, 16); + memcpy(prv, buf, 16); + memcpy(buf, tmp, 16); } - ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_cbc(&ctx, mode, 16, iv, buf, buf); + if (ret != 0) { goto exit; + } } - if( memcmp( buf, aes_tests, 16 ) != 0 ) - { + if (memcmp(buf, aes_tests, 16) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) /* * CFB128 mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CFB128-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CFB128-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, aes_test_cfb128_iv, 16 ); - memcpy( key, aes_test_cfb128_key[u], keybits / 8 ); + memcpy(iv, aes_test_cfb128_iv, 16); + memcpy(key, aes_test_cfb128_key[u], keybits / 8); offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_cfb128_ct[u], 64 ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_cfb128_ct[u], 64); aes_tests = aes_test_cfb128_pt; - } - else - { - memcpy( buf, aes_test_cfb128_pt, 64 ); + } else { + memcpy(buf, aes_test_cfb128_pt, 64); aes_tests = aes_test_cfb128_ct[u]; } - ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_cfb128(&ctx, mode, 64, &offset, iv, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { + if (memcmp(buf, aes_tests, 64) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) /* * OFB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; keybits = 128 + u * 64; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-OFB-%3u (%s): ", keybits, - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-OFB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, aes_test_ofb_iv, 16 ); - memcpy( key, aes_test_ofb_key[u], keybits / 8 ); + memcpy(iv, aes_test_ofb_iv, 16); + memcpy(key, aes_test_ofb_key[u], keybits / 8); offset = 0; - ret = mbedtls_aes_setkey_enc( &ctx, key, keybits ); + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); continue; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ofb_ct[u], 64 ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ofb_ct[u], 64); aes_tests = aes_test_ofb_pt; - } - else - { - memcpy( buf, aes_test_ofb_pt, 64 ); + } else { + memcpy(buf, aes_test_ofb_pt, 64); aes_tests = aes_test_ofb_ct[u]; } - ret = mbedtls_aes_crypt_ofb( &ctx, 64, &offset, iv, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ofb(&ctx, 64, &offset, iv, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, 64 ) != 0 ) - { + if (memcmp(buf, aes_tests, 64) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-CTR-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-CTR-128 (%s): ", + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); - memcpy( key, aes_test_ctr_key[u], 16 ); + memcpy(nonce_counter, aes_test_ctr_nonce_counter[u], 16); + memcpy(key, aes_test_ctr_key[u], 16); offset = 0; - if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_enc(&ctx, key, 128)) != 0) { goto exit; + } len = aes_test_ctr_len[u]; - if( mode == MBEDTLS_AES_DECRYPT ) - { - memcpy( buf, aes_test_ctr_ct[u], len ); + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ctr_ct[u], len); aes_tests = aes_test_ctr_pt[u]; - } - else - { - memcpy( buf, aes_test_ctr_pt[u], len ); + } else { + memcpy(buf, aes_test_ctr_pt[u], len); aes_tests = aes_test_ctr_ct[u]; } - ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, - stream_block, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ctr(&ctx, len, &offset, nonce_counter, + stream_block, buf, buf); + if (ret != 0) { goto exit; + } - if( memcmp( buf, aes_tests, len ) != 0 ) - { + if (memcmp(buf, aes_tests, len) != 0) { ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) { - static const int num_tests = - sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); - mbedtls_aes_xts_context ctx_xts; + static const int num_tests = + sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); + mbedtls_aes_xts_context ctx_xts; - /* - * XTS mode - */ - mbedtls_aes_xts_init( &ctx_xts ); + /* + * XTS mode + */ + mbedtls_aes_xts_init(&ctx_xts); - for( i = 0; i < num_tests << 1; i++ ) - { - const unsigned char *data_unit; - u = i >> 1; - mode = i & 1; + for (i = 0; i < num_tests << 1; i++) { + const unsigned char *data_unit; + u = i >> 1; + mode = i & 1; - if( verbose != 0 ) - mbedtls_printf( " AES-XTS-128 (%s): ", - ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-XTS-128 (%s): ", + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - memset( key, 0, sizeof( key ) ); - memcpy( key, aes_test_xts_key[u], 32 ); - data_unit = aes_test_xts_data_unit[u]; + memset(key, 0, sizeof(key)); + memcpy(key, aes_test_xts_key[u], 32); + data_unit = aes_test_xts_data_unit[u]; - len = sizeof( *aes_test_xts_ct32 ); + len = sizeof(*aes_test_xts_ct32); - if( mode == MBEDTLS_AES_DECRYPT ) - { - ret = mbedtls_aes_xts_setkey_dec( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_ct32[u], len ); - aes_tests = aes_test_xts_pt32[u]; - } - else - { - ret = mbedtls_aes_xts_setkey_enc( &ctx_xts, key, 256 ); - if( ret != 0) - goto exit; - memcpy( buf, aes_test_xts_pt32[u], len ); - aes_tests = aes_test_xts_ct32[u]; - } + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_xts_setkey_dec(&ctx_xts, key, 256); + if (ret != 0) { + goto exit; + } + memcpy(buf, aes_test_xts_ct32[u], len); + aes_tests = aes_test_xts_pt32[u]; + } else { + ret = mbedtls_aes_xts_setkey_enc(&ctx_xts, key, 256); + if (ret != 0) { + goto exit; + } + memcpy(buf, aes_test_xts_pt32[u], len); + aes_tests = aes_test_xts_ct32[u]; + } - ret = mbedtls_aes_crypt_xts( &ctx_xts, mode, len, data_unit, - buf, buf ); - if( ret != 0 ) - goto exit; + ret = mbedtls_aes_crypt_xts(&ctx_xts, mode, len, data_unit, + buf, buf); + if (ret != 0) { + goto exit; + } - if( memcmp( buf, aes_tests, len ) != 0 ) - { - ret = 1; - goto exit; - } + if (memcmp(buf, aes_tests, len) != 0) { + ret = 1; + goto exit; + } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - } + if (verbose != 0) { + mbedtls_printf("passed\n"); + } + } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - mbedtls_aes_xts_free( &ctx_xts ); + mbedtls_aes_xts_free(&ctx_xts); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ ret = 0; exit: - if( ret != 0 && verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0 && verbose != 0) { + mbedtls_printf("failed\n"); + } - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/aesni.c b/third_party/mbedtls/repo/library/aesni.c index 996292ff6dc..dd84c2b4ea6 100644 --- a/third_party/mbedtls/repo/library/aesni.c +++ b/third_party/mbedtls/repo/library/aesni.c @@ -2,67 +2,397 @@ * AES-NI support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* - * [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set - * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/ + * [AES-WP] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-advanced-encryption-standard-aes-instructions-set.html + * [CLMUL-WP] https://www.intel.com/content/www/us/en/develop/download/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode.html */ #include "common.h" #if defined(MBEDTLS_AESNI_C) -#if defined(__has_feature) -#if __has_feature(memory_sanitizer) -#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." -#endif -#endif - #include "mbedtls/aesni.h" #include +/* *INDENT-OFF* */ #ifndef asm #define asm __asm #endif +/* *INDENT-ON* */ + +#if defined(MBEDTLS_AESNI_HAVE_CODE) -#if defined(MBEDTLS_HAVE_X86_64) +#if MBEDTLS_AESNI_HAVE_CODE == 2 +#if !defined(_WIN32) +#include +#else +#include +#endif +#include +#endif /* * AES-NI support detection routine */ -int mbedtls_aesni_has_support( unsigned int what ) +int mbedtls_aesni_has_support(unsigned int what) { static int done = 0; static unsigned int c = 0; - if( ! done ) - { - asm( "movl $1, %%eax \n\t" + if (!done) { +#if MBEDTLS_AESNI_HAVE_CODE == 2 + static unsigned info[4] = { 0, 0, 0, 0 }; +#if defined(_MSC_VER) + __cpuid(info, 1); +#else + __cpuid(1, info[0], info[1], info[2], info[3]); +#endif + c = info[2]; +#else /* AESNI using asm */ + asm ("movl $1, %%eax \n\t" "cpuid \n\t" : "=c" (c) : - : "eax", "ebx", "edx" ); + : "eax", "ebx", "edx"); +#endif /* MBEDTLS_AESNI_HAVE_CODE */ done = 1; } - return( ( c & what ) != 0 ); + return (c & what) != 0; +} + +#if MBEDTLS_AESNI_HAVE_CODE == 2 + +/* + * AES-NI AES-ECB block en(de)cryption + */ +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) +{ + const __m128i *rk = (const __m128i *) (ctx->rk); + unsigned nr = ctx->nr; // Number of remaining rounds + + // Load round key 0 + __m128i state; + memcpy(&state, input, 16); + state = _mm_xor_si128(state, rk[0]); // state ^= *rk; + ++rk; + --nr; + + if (mode == 0) { + while (nr != 0) { + state = _mm_aesdec_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesdeclast_si128(state, *rk); + } else { + while (nr != 0) { + state = _mm_aesenc_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesenclast_si128(state, *rk); + } + + memcpy(output, &state, 16); + return 0; +} + +/* + * GCM multiplication: c = a times b in GF(2^128) + * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. + */ + +static void gcm_clmul(const __m128i aa, const __m128i bb, + __m128i *cc, __m128i *dd) +{ + /* + * Caryless multiplication dd:cc = aa * bb + * using [CLMUL-WP] algorithm 1 (p. 12). + */ + *cc = _mm_clmulepi64_si128(aa, bb, 0x00); // a0*b0 = c1:c0 + *dd = _mm_clmulepi64_si128(aa, bb, 0x11); // a1*b1 = d1:d0 + __m128i ee = _mm_clmulepi64_si128(aa, bb, 0x10); // a0*b1 = e1:e0 + __m128i ff = _mm_clmulepi64_si128(aa, bb, 0x01); // a1*b0 = f1:f0 + ff = _mm_xor_si128(ff, ee); // e1+f1:e0+f0 + ee = ff; // e1+f1:e0+f0 + ff = _mm_srli_si128(ff, 8); // 0:e1+f1 + ee = _mm_slli_si128(ee, 8); // e0+f0:0 + *dd = _mm_xor_si128(*dd, ff); // d1:d0+e1+f1 + *cc = _mm_xor_si128(*cc, ee); // c1+e0+f0:c0 +} + +static void gcm_shift(__m128i *cc, __m128i *dd) +{ + /* [CMUCL-WP] Algorithm 5 Step 1: shift cc:dd one bit to the left, + * taking advantage of [CLMUL-WP] eq 27 (p. 18). */ + // // *cc = r1:r0 + // // *dd = r3:r2 + __m128i cc_lo = _mm_slli_epi64(*cc, 1); // r1<<1:r0<<1 + __m128i dd_lo = _mm_slli_epi64(*dd, 1); // r3<<1:r2<<1 + __m128i cc_hi = _mm_srli_epi64(*cc, 63); // r1>>63:r0>>63 + __m128i dd_hi = _mm_srli_epi64(*dd, 63); // r3>>63:r2>>63 + __m128i xmm5 = _mm_srli_si128(cc_hi, 8); // 0:r1>>63 + cc_hi = _mm_slli_si128(cc_hi, 8); // r0>>63:0 + dd_hi = _mm_slli_si128(dd_hi, 8); // 0:r1>>63 + + *cc = _mm_or_si128(cc_lo, cc_hi); // r1<<1|r0>>63:r0<<1 + *dd = _mm_or_si128(_mm_or_si128(dd_lo, dd_hi), xmm5); // r3<<1|r2>>62:r2<<1|r1>>63 +} + +static __m128i gcm_reduce(__m128i xx) +{ + // // xx = x1:x0 + /* [CLMUL-WP] Algorithm 5 Step 2 */ + __m128i aa = _mm_slli_epi64(xx, 63); // x1<<63:x0<<63 = stuff:a + __m128i bb = _mm_slli_epi64(xx, 62); // x1<<62:x0<<62 = stuff:b + __m128i cc = _mm_slli_epi64(xx, 57); // x1<<57:x0<<57 = stuff:c + __m128i dd = _mm_slli_si128(_mm_xor_si128(_mm_xor_si128(aa, bb), cc), 8); // a+b+c:0 + return _mm_xor_si128(dd, xx); // x1+a+b+c:x0 = d:x0 +} + +static __m128i gcm_mix(__m128i dx) +{ + /* [CLMUL-WP] Algorithm 5 Steps 3 and 4 */ + __m128i ee = _mm_srli_epi64(dx, 1); // e1:x0>>1 = e1:e0' + __m128i ff = _mm_srli_epi64(dx, 2); // f1:x0>>2 = f1:f0' + __m128i gg = _mm_srli_epi64(dx, 7); // g1:x0>>7 = g1:g0' + + // e0'+f0'+g0' is almost e0+f0+g0, except for some missing + // bits carried from d. Now get those bits back in. + __m128i eh = _mm_slli_epi64(dx, 63); // d<<63:stuff + __m128i fh = _mm_slli_epi64(dx, 62); // d<<62:stuff + __m128i gh = _mm_slli_epi64(dx, 57); // d<<57:stuff + __m128i hh = _mm_srli_si128(_mm_xor_si128(_mm_xor_si128(eh, fh), gh), 8); // 0:missing bits of d + + return _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(ee, ff), gg), hh), dx); +} + +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]) +{ + __m128i aa, bb, cc, dd; + + /* The inputs are in big-endian order, so byte-reverse them */ + for (size_t i = 0; i < 16; i++) { + ((uint8_t *) &aa)[i] = a[15 - i]; + ((uint8_t *) &bb)[i] = b[15 - i]; + } + + gcm_clmul(aa, bb, &cc, &dd); + gcm_shift(&cc, &dd); + /* + * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 + * using [CLMUL-WP] algorithm 5 (p. 18). + * Currently dd:cc holds x3:x2:x1:x0 (already shifted). + */ + __m128i dx = gcm_reduce(cc); + __m128i xh = gcm_mix(dx); + cc = _mm_xor_si128(xh, dd); // x3+h1:x2+h0 + + /* Now byte-reverse the outputs */ + for (size_t i = 0; i < 16; i++) { + c[i] = ((uint8_t *) &cc)[15 - i]; + } + + return; +} + +/* + * Compute decryption round keys from encryption round keys + */ +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, int nr) +{ + __m128i *ik = (__m128i *) invkey; + const __m128i *fk = (const __m128i *) fwdkey + nr; + + *ik = *fk; + for (--fk, ++ik; fk > (const __m128i *) fwdkey; --fk, ++ik) { + *ik = _mm_aesimc_si128(*fk); + } + *ik = *fk; +} + +/* + * Key expansion, 128-bit case + */ +static __m128i aesni_set_rk_128(__m128i state, __m128i xword) +{ + /* + * Finish generating the next round key. + * + * On entry state is r3:r2:r1:r0 and xword is X:stuff:stuff:stuff + * with X = rot( sub( r3 ) ) ^ RCON (obtained with AESKEYGENASSIST). + * + * On exit, xword is r7:r6:r5:r4 + * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3 + * and this is returned, to be written to the round key buffer. + */ + xword = _mm_shuffle_epi32(xword, 0xff); // X:X:X:X + xword = _mm_xor_si128(xword, state); // X+r3:X+r2:X+r1:r4 + state = _mm_slli_si128(state, 4); // r2:r1:r0:0 + xword = _mm_xor_si128(xword, state); // X+r3+r2:X+r2+r1:r5:r4 + state = _mm_slli_si128(state, 4); // r1:r0:0:0 + xword = _mm_xor_si128(xword, state); // X+r3+r2+r1:r6:r5:r4 + state = _mm_slli_si128(state, 4); // r0:0:0:0 + state = _mm_xor_si128(xword, state); // r7:r6:r5:r4 + return state; +} + +static void aesni_setkey_enc_128(unsigned char *rk_bytes, + const unsigned char *key) +{ + __m128i *rk = (__m128i *) rk_bytes; + + memcpy(&rk[0], key, 16); + rk[1] = aesni_set_rk_128(rk[0], _mm_aeskeygenassist_si128(rk[0], 0x01)); + rk[2] = aesni_set_rk_128(rk[1], _mm_aeskeygenassist_si128(rk[1], 0x02)); + rk[3] = aesni_set_rk_128(rk[2], _mm_aeskeygenassist_si128(rk[2], 0x04)); + rk[4] = aesni_set_rk_128(rk[3], _mm_aeskeygenassist_si128(rk[3], 0x08)); + rk[5] = aesni_set_rk_128(rk[4], _mm_aeskeygenassist_si128(rk[4], 0x10)); + rk[6] = aesni_set_rk_128(rk[5], _mm_aeskeygenassist_si128(rk[5], 0x20)); + rk[7] = aesni_set_rk_128(rk[6], _mm_aeskeygenassist_si128(rk[6], 0x40)); + rk[8] = aesni_set_rk_128(rk[7], _mm_aeskeygenassist_si128(rk[7], 0x80)); + rk[9] = aesni_set_rk_128(rk[8], _mm_aeskeygenassist_si128(rk[8], 0x1B)); + rk[10] = aesni_set_rk_128(rk[9], _mm_aeskeygenassist_si128(rk[9], 0x36)); } +/* + * Key expansion, 192-bit case + */ +static void aesni_set_rk_192(__m128i *state0, __m128i *state1, __m128i xword, + unsigned char *rk) +{ + /* + * Finish generating the next 6 quarter-keys. + * + * On entry state0 is r3:r2:r1:r0, state1 is stuff:stuff:r5:r4 + * and xword is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON + * (obtained with AESKEYGENASSIST). + * + * On exit, state0 is r9:r8:r7:r6 and state1 is stuff:stuff:r11:r10 + * and those are written to the round key buffer. + */ + xword = _mm_shuffle_epi32(xword, 0x55); // X:X:X:X + xword = _mm_xor_si128(xword, *state0); // X+r3:X+r2:X+r1:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r2:r1:r0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2:X+r2+r1:X+r1+r0:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r1:r0:0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2+r1:X+r2+r1+r0:X+r1+r0:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r0:0:0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2+r1+r0:X+r2+r1+r0:X+r1+r0:X+r0 + *state0 = xword; // = r9:r8:r7:r6 + + xword = _mm_shuffle_epi32(xword, 0xff); // r9:r9:r9:r9 + xword = _mm_xor_si128(xword, *state1); // stuff:stuff:r9+r5:r9+r4 + *state1 = _mm_slli_si128(*state1, 4); // stuff:stuff:r4:0 + xword = _mm_xor_si128(xword, *state1); // stuff:stuff:r9+r5+r4:r9+r4 + *state1 = xword; // = stuff:stuff:r11:r10 + + /* Store state0 and the low half of state1 into rk, which is conceptually + * an array of 24-byte elements. Since 24 is not a multiple of 16, + * rk is not necessarily aligned so just `*rk = *state0` doesn't work. */ + memcpy(rk, state0, 16); + memcpy(rk + 16, state1, 8); +} + +static void aesni_setkey_enc_192(unsigned char *rk, + const unsigned char *key) +{ + /* First round: use original key */ + memcpy(rk, key, 24); + /* aes.c guarantees that rk is aligned on a 16-byte boundary. */ + __m128i state0 = ((__m128i *) rk)[0]; + __m128i state1 = _mm_loadl_epi64(((__m128i *) rk) + 1); + + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x01), rk + 24 * 1); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x02), rk + 24 * 2); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x04), rk + 24 * 3); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x08), rk + 24 * 4); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x10), rk + 24 * 5); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x20), rk + 24 * 6); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x40), rk + 24 * 7); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x80), rk + 24 * 8); +} + +/* + * Key expansion, 256-bit case + */ +static void aesni_set_rk_256(__m128i state0, __m128i state1, __m128i xword, + __m128i *rk0, __m128i *rk1) +{ + /* + * Finish generating the next two round keys. + * + * On entry state0 is r3:r2:r1:r0, state1 is r7:r6:r5:r4 and + * xword is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON + * (obtained with AESKEYGENASSIST). + * + * On exit, *rk0 is r11:r10:r9:r8 and *rk1 is r15:r14:r13:r12 + */ + xword = _mm_shuffle_epi32(xword, 0xff); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + state0 = _mm_xor_si128(state0, xword); + *rk0 = state0; + + /* Set xword to stuff:Y:stuff:stuff with Y = subword( r11 ) + * and proceed to generate next round key from there */ + xword = _mm_aeskeygenassist_si128(state0, 0x00); + xword = _mm_shuffle_epi32(xword, 0xaa); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + state1 = _mm_xor_si128(state1, xword); + *rk1 = state1; +} + +static void aesni_setkey_enc_256(unsigned char *rk_bytes, + const unsigned char *key) +{ + __m128i *rk = (__m128i *) rk_bytes; + + memcpy(&rk[0], key, 16); + memcpy(&rk[1], key + 16, 16); + + /* + * Main "loop" - Generating one more key than necessary, + * see definition of mbedtls_aes_context.buf + */ + aesni_set_rk_256(rk[0], rk[1], _mm_aeskeygenassist_si128(rk[1], 0x01), &rk[2], &rk[3]); + aesni_set_rk_256(rk[2], rk[3], _mm_aeskeygenassist_si128(rk[3], 0x02), &rk[4], &rk[5]); + aesni_set_rk_256(rk[4], rk[5], _mm_aeskeygenassist_si128(rk[5], 0x04), &rk[6], &rk[7]); + aesni_set_rk_256(rk[6], rk[7], _mm_aeskeygenassist_si128(rk[7], 0x08), &rk[8], &rk[9]); + aesni_set_rk_256(rk[8], rk[9], _mm_aeskeygenassist_si128(rk[9], 0x10), &rk[10], &rk[11]); + aesni_set_rk_256(rk[10], rk[11], _mm_aeskeygenassist_si128(rk[11], 0x20), &rk[12], &rk[13]); + aesni_set_rk_256(rk[12], rk[13], _mm_aeskeygenassist_si128(rk[13], 0x40), &rk[14], &rk[15]); +} + +#else /* MBEDTLS_AESNI_HAVE_CODE == 1 */ + +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) +#warning \ + "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." +#endif +#endif + /* * Binutils needs to be at least 2.19 to support AES-NI instructions. * Unfortunately, a lot of users have a lower version now (2014-04). @@ -73,13 +403,13 @@ int mbedtls_aesni_has_support( unsigned int what ) * Operand macros are in gas order (src, dst) as opposed to Intel order * (dst, src) in order to blend better into the surrounding assembly code. */ -#define AESDEC ".byte 0x66,0x0F,0x38,0xDE," -#define AESDECLAST ".byte 0x66,0x0F,0x38,0xDF," -#define AESENC ".byte 0x66,0x0F,0x38,0xDC," -#define AESENCLAST ".byte 0x66,0x0F,0x38,0xDD," -#define AESIMC ".byte 0x66,0x0F,0x38,0xDB," -#define AESKEYGENA ".byte 0x66,0x0F,0x3A,0xDF," -#define PCLMULQDQ ".byte 0x66,0x0F,0x3A,0x44," +#define AESDEC(regs) ".byte 0x66,0x0F,0x38,0xDE," regs "\n\t" +#define AESDECLAST(regs) ".byte 0x66,0x0F,0x38,0xDF," regs "\n\t" +#define AESENC(regs) ".byte 0x66,0x0F,0x38,0xDC," regs "\n\t" +#define AESENCLAST(regs) ".byte 0x66,0x0F,0x38,0xDD," regs "\n\t" +#define AESIMC(regs) ".byte 0x66,0x0F,0x38,0xDB," regs "\n\t" +#define AESKEYGENA(regs, imm) ".byte 0x66,0x0F,0x3A,0xDF," regs "," imm "\n\t" +#define PCLMULQDQ(regs, imm) ".byte 0x66,0x0F,0x3A,0x44," regs "," imm "\n\t" #define xmm0_xmm0 "0xC0" #define xmm0_xmm1 "0xC8" @@ -92,12 +422,12 @@ int mbedtls_aesni_has_support( unsigned int what ) /* * AES-NI AES-ECB block en(de)cryption */ -int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { - asm( "movdqu (%3), %%xmm0 \n\t" // load input + asm ("movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 "add $16, %1 \n\t" // point to next round key @@ -107,65 +437,64 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, "1: \n\t" // encryption loop "movdqu (%1), %%xmm1 \n\t" // load round key - AESENC xmm1_xmm0 "\n\t" // do round + AESENC(xmm1_xmm0) // do round "add $16, %1 \n\t" // point to next round key "subl $1, %0 \n\t" // loop "jnz 1b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key - AESENCLAST xmm1_xmm0 "\n\t" // last round + AESENCLAST(xmm1_xmm0) // last round "jmp 3f \n\t" "2: \n\t" // decryption loop "movdqu (%1), %%xmm1 \n\t" - AESDEC xmm1_xmm0 "\n\t" // do round + AESDEC(xmm1_xmm0) // do round "add $16, %1 \n\t" "subl $1, %0 \n\t" "jnz 2b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key - AESDECLAST xmm1_xmm0 "\n\t" // last round + AESDECLAST(xmm1_xmm0) // last round "3: \n\t" "movdqu %%xmm0, (%4) \n\t" // export output : : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output) - : "memory", "cc", "xmm0", "xmm1" ); + : "memory", "cc", "xmm0", "xmm1"); - return( 0 ); + return 0; } /* * GCM multiplication: c = a times b in GF(2^128) * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. */ -void mbedtls_aesni_gcm_mult( unsigned char c[16], - const unsigned char a[16], - const unsigned char b[16] ) +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]) { unsigned char aa[16], bb[16], cc[16]; size_t i; /* The inputs are in big-endian order, so byte-reverse them */ - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { aa[i] = a[15 - i]; bb[i] = b[15 - i]; } - asm( "movdqu (%0), %%xmm0 \n\t" // a1:a0 + asm ("movdqu (%0), %%xmm0 \n\t" // a1:a0 "movdqu (%1), %%xmm1 \n\t" // b1:b0 /* * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1 - * using [CLMUL-WP] algorithm 1 (p. 13). + * using [CLMUL-WP] algorithm 1 (p. 12). */ "movdqa %%xmm1, %%xmm2 \n\t" // copy of b1:b0 "movdqa %%xmm1, %%xmm3 \n\t" // same "movdqa %%xmm1, %%xmm4 \n\t" // same - PCLMULQDQ xmm0_xmm1 ",0x00 \n\t" // a0*b0 = c1:c0 - PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0 - PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0 - PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0 + PCLMULQDQ(xmm0_xmm1, "0x00") // a0*b0 = c1:c0 + PCLMULQDQ(xmm0_xmm2, "0x11") // a1*b1 = d1:d0 + PCLMULQDQ(xmm0_xmm3, "0x10") // a0*b1 = e1:e0 + PCLMULQDQ(xmm0_xmm4, "0x01") // a1*b0 = f1:f0 "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 "movdqa %%xmm4, %%xmm3 \n\t" // same "psrldq $8, %%xmm4 \n\t" // 0:e1+f1 @@ -175,7 +504,7 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], /* * Now shift the result one bit to the left, - * taking advantage of [CLMUL-WP] eq 27 (p. 20) + * taking advantage of [CLMUL-WP] eq 27 (p. 18) */ "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 @@ -193,7 +522,7 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], /* * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 - * using [CLMUL-WP] algorithm 5 (p. 20). + * using [CLMUL-WP] algorithm 5 (p. 18). * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted). */ /* Step 2 (1) */ @@ -237,11 +566,12 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], "movdqu %%xmm0, (%2) \n\t" // done : : "r" (aa), "r" (bb), "r" (cc) - : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" ); + : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5"); /* Now byte-reverse the outputs */ - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { c[i] = cc[15 - i]; + } return; } @@ -249,32 +579,33 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ -void mbedtls_aesni_inverse_key( unsigned char *invkey, - const unsigned char *fwdkey, int nr ) +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, int nr) { unsigned char *ik = invkey; const unsigned char *fk = fwdkey + 16 * nr; - memcpy( ik, fk, 16 ); + memcpy(ik, fk, 16); - for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 ) - asm( "movdqu (%0), %%xmm0 \n\t" - AESIMC xmm0_xmm0 "\n\t" + for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) { + asm ("movdqu (%0), %%xmm0 \n\t" + AESIMC(xmm0_xmm0) "movdqu %%xmm0, (%1) \n\t" : : "r" (fk), "r" (ik) - : "memory", "xmm0" ); + : "memory", "xmm0"); + } - memcpy( ik, fk, 16 ); + memcpy(ik, fk, 16); } /* * Key expansion, 128-bit case */ -static void aesni_setkey_enc_128( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_128(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" // copy the original key + asm ("movdqu (%1), %%xmm0 \n\t" // copy the original key "movdqu %%xmm0, (%0) \n\t" // as round key 0 "jmp 2f \n\t" // skip auxiliary routine @@ -303,28 +634,28 @@ static void aesni_setkey_enc_128( unsigned char *rk, /* Main "loop" */ "2: \n\t" - AESKEYGENA xmm0_xmm1 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x40 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x80 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x1B \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x01") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x02") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x04") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x08") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x10") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x20") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x40") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x80") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x1B") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x36") "call 1b \n\t" : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } /* * Key expansion, 192-bit case */ -static void aesni_setkey_enc_192( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_192(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" // copy original round key + asm ("movdqu (%1), %%xmm0 \n\t" // copy original round key "movdqu %%xmm0, (%0) \n\t" "add $16, %0 \n\t" "movq 16(%1), %%xmm1 \n\t" @@ -361,27 +692,27 @@ static void aesni_setkey_enc_192( unsigned char *rk, "ret \n\t" "2: \n\t" - AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x80 \n\tcall 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x01") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x02") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x04") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x08") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x10") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x20") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x40") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x80") "call 1b \n\t" : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } /* * Key expansion, 256-bit case */ -static void aesni_setkey_enc_256( unsigned char *rk, - const unsigned char *key ) +static void aesni_setkey_enc_256(unsigned char *rk, + const unsigned char *key) { - asm( "movdqu (%1), %%xmm0 \n\t" + asm ("movdqu (%1), %%xmm0 \n\t" "movdqu %%xmm0, (%0) \n\t" "add $16, %0 \n\t" "movdqu 16(%1), %%xmm1 \n\t" @@ -411,7 +742,7 @@ static void aesni_setkey_enc_256( unsigned char *rk, /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 ) * and proceed to generate next round key from there */ - AESKEYGENA xmm0_xmm2 ",0x00 \n\t" + AESKEYGENA(xmm0_xmm2, "0x00") "pshufd $0xaa, %%xmm2, %%xmm2 \n\t" "pxor %%xmm1, %%xmm2 \n\t" "pslldq $4, %%xmm1 \n\t" @@ -429,36 +760,37 @@ static void aesni_setkey_enc_256( unsigned char *rk, * see definition of mbedtls_aes_context.buf */ "2: \n\t" - AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x01") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x02") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x04") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x08") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x10") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x20") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x40") "call 1b \n\t" : : "r" (rk), "r" (key) - : "memory", "cc", "0" ); + : "memory", "cc", "0"); } +#endif /* MBEDTLS_AESNI_HAVE_CODE */ + /* * Key expansion, wrapper */ -int mbedtls_aesni_setkey_enc( unsigned char *rk, - const unsigned char *key, - size_t bits ) +int mbedtls_aesni_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits) { - switch( bits ) - { - case 128: aesni_setkey_enc_128( rk, key ); break; - case 192: aesni_setkey_enc_192( rk, key ); break; - case 256: aesni_setkey_enc_256( rk, key ); break; - default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); + switch (bits) { + case 128: aesni_setkey_enc_128(rk, key); break; + case 192: aesni_setkey_enc_192(rk, key); break; + case 256: aesni_setkey_enc_256(rk, key); break; + default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } - return( 0 ); + return 0; } -#endif /* MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ #endif /* MBEDTLS_AESNI_C */ diff --git a/third_party/mbedtls/repo/library/arc4.c b/third_party/mbedtls/repo/library/arc4.c index b34dc5e7541..7ff747d0404 100644 --- a/third_party/mbedtls/repo/library/arc4.c +++ b/third_party/mbedtls/repo/library/arc4.c @@ -2,19 +2,7 @@ * An implementation of the ARCFOUR algorithm * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ARCFOUR algorithm was publicly disclosed on 94/09. @@ -31,35 +19,29 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_ARC4_ALT) -void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) +void mbedtls_arc4_init(mbedtls_arc4_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); + memset(ctx, 0, sizeof(mbedtls_arc4_context)); } -void mbedtls_arc4_free( mbedtls_arc4_context *ctx ) +void mbedtls_arc4_free(mbedtls_arc4_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_arc4_context)); } /* * ARC4 key schedule */ -void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, - unsigned int keylen ) +void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key, + unsigned int keylen) { int i, j, a; unsigned int k; @@ -69,17 +51,19 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, ctx->y = 0; m = ctx->m; - for( i = 0; i < 256; i++ ) + for (i = 0; i < 256; i++) { m[i] = (unsigned char) i; + } j = k = 0; - for( i = 0; i < 256; i++, k++ ) - { - if( k >= keylen ) k = 0; + for (i = 0; i < 256; i++, k++) { + if (k >= keylen) { + k = 0; + } a = m[i]; - j = ( j + a + key[k] ) & 0xFF; + j = (j + a + key[k]) & 0xFF; m[i] = m[j]; m[j] = (unsigned char) a; } @@ -88,8 +72,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key, /* * ARC4 cipher function */ -int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ) +int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output) { int x, y, a, b; size_t i; @@ -99,22 +83,21 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned y = ctx->y; m = ctx->m; - for( i = 0; i < length; i++ ) - { - x = ( x + 1 ) & 0xFF; a = m[x]; - y = ( y + a ) & 0xFF; b = m[y]; + for (i = 0; i < length; i++) { + x = (x + 1) & 0xFF; a = m[x]; + y = (y + a) & 0xFF; b = m[y]; m[x] = (unsigned char) b; m[y] = (unsigned char) a; output[i] = (unsigned char) - ( input[i] ^ m[(unsigned char)( a + b )] ); + (input[i] ^ m[(unsigned char) (a + b)]); } ctx->x = x; ctx->y = y; - return( 0 ); + return 0; } #endif /* !MBEDTLS_ARC4_ALT */ @@ -149,45 +132,47 @@ static const unsigned char arc4_test_ct[3][8] = /* * Checkup routine */ -int mbedtls_arc4_self_test( int verbose ) +int mbedtls_arc4_self_test(int verbose) { int i, ret = 0; unsigned char ibuf[8]; unsigned char obuf[8]; mbedtls_arc4_context ctx; - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); - for( i = 0; i < 3; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ARC4 test #%d: ", i + 1 ); + for (i = 0; i < 3; i++) { + if (verbose != 0) { + mbedtls_printf(" ARC4 test #%d: ", i + 1); + } - memcpy( ibuf, arc4_test_pt[i], 8 ); + memcpy(ibuf, arc4_test_pt[i], 8); - mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 ); - mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf ); + mbedtls_arc4_setup(&ctx, arc4_test_key[i], 8); + mbedtls_arc4_crypt(&ctx, 8, ibuf, obuf); - if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(obuf, arc4_test_ct[i], 8) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_arc4_free( &ctx ); + mbedtls_arc4_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/aria.c b/third_party/mbedtls/repo/library/aria.c index bc05c4a3196..c9441057c68 100644 --- a/third_party/mbedtls/repo/library/aria.c +++ b/third_party/mbedtls/repo/library/aria.c @@ -2,19 +2,7 @@ * ARIA implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -31,29 +19,17 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_ARIA_ALT) #include "mbedtls/platform_util.h" -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - /* Parameter validation macros */ -#define ARIA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ) -#define ARIA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ARIA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA) +#define ARIA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes @@ -67,30 +43,30 @@ #if defined(__arm__) /* rev16 available from v6 up */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(__GNUC__) && \ - ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ + (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \ __ARM_ARCH >= 6 -static inline uint32_t aria_p1( uint32_t x ) +static inline uint32_t aria_p1(uint32_t x) { uint32_t r; - __asm( "rev16 %0, %1" : "=l" (r) : "l" (x) ); - return( r ); + __asm("rev16 %0, %1" : "=l" (r) : "l" (x)); + return r; } #define ARIA_P1 aria_p1 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ - ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) -static inline uint32_t aria_p1( uint32_t x ) + (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3) +static inline uint32_t aria_p1(uint32_t x) { uint32_t r; - __asm( "rev16 r, x" ); - return( r ); + __asm("rev16 r, x"); + return r; } #define ARIA_P1 aria_p1 #endif #endif /* arm */ #if defined(__GNUC__) && \ - defined(__i386__) || defined(__amd64__) || defined( __x86_64__) + defined(__i386__) || defined(__amd64__) || defined(__x86_64__) /* I couldn't find an Intel equivalent of rev16, so two instructions */ -#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) ) +#define ARIA_P1(x) ARIA_P2(ARIA_P3(x)) #endif /* x86 gnuc */ #endif /* MBEDTLS_HAVE_ASM && GNUC */ #if !defined(ARIA_P1) @@ -118,38 +94,38 @@ static inline uint32_t aria_p1( uint32_t x ) #if defined(__arm__) /* rev available from v6 up */ /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(__GNUC__) && \ - ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \ + (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \ __ARM_ARCH >= 6 -static inline uint32_t aria_p3( uint32_t x ) +static inline uint32_t aria_p3(uint32_t x) { uint32_t r; - __asm( "rev %0, %1" : "=l" (r) : "l" (x) ); - return( r ); + __asm("rev %0, %1" : "=l" (r) : "l" (x)); + return r; } #define ARIA_P3 aria_p3 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \ - ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 ) -static inline uint32_t aria_p3( uint32_t x ) + (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3) +static inline uint32_t aria_p3(uint32_t x) { uint32_t r; - __asm( "rev r, x" ); - return( r ); + __asm("rev r, x"); + return r; } #define ARIA_P3 aria_p3 #endif #endif /* arm */ #if defined(__GNUC__) && \ - defined(__i386__) || defined(__amd64__) || defined( __x86_64__) -static inline uint32_t aria_p3( uint32_t x ) + defined(__i386__) || defined(__amd64__) || defined(__x86_64__) +static inline uint32_t aria_p3(uint32_t x) { - __asm( "bswap %0" : "=r" (x) : "0" (x) ); - return( x ); + __asm("bswap %0" : "=r" (x) : "0" (x)); + return x; } #define ARIA_P3 aria_p3 #endif /* x86 gnuc */ #endif /* MBEDTLS_HAVE_ASM && GNUC */ #if !defined(ARIA_P3) -#define ARIA_P3(x) ARIA_P2( ARIA_P1 ( x ) ) +#define ARIA_P3(x) ARIA_P2(ARIA_P1(x)) #endif /* @@ -175,28 +151,28 @@ static inline uint32_t aria_p3( uint32_t x ) * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4. * The implementation below uses only P1 and P2 as they are sufficient. */ -static inline void aria_a( uint32_t *a, uint32_t *b, - uint32_t *c, uint32_t *d ) +static inline void aria_a(uint32_t *a, uint32_t *b, + uint32_t *c, uint32_t *d) { uint32_t ta, tb, tc; ta = *b; // 4567 *b = *a; // 0123 - *a = ARIA_P2( ta ); // 6745 - tb = ARIA_P2( *d ); // efcd - *d = ARIA_P1( *c ); // 98ba - *c = ARIA_P1( tb ); // fedc + *a = ARIA_P2(ta); // 6745 + tb = ARIA_P2(*d); // efcd + *d = ARIA_P1(*c); // 98ba + *c = ARIA_P1(tb); // fedc ta ^= *d; // 4567+98ba - tc = ARIA_P2( *b ); // 2301 - ta = ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc - tb ^= ARIA_P2( *d ); // ba98+efcd - tc ^= ARIA_P1( *a ); // 2301+7654 + tc = ARIA_P2(*b); // 2301 + ta = ARIA_P1(ta) ^ tc ^ *c; // 2301+5476+89ab+fedc + tb ^= ARIA_P2(*d); // ba98+efcd + tc ^= ARIA_P1(*a); // 2301+7654 *b ^= ta ^ tb; // 0123+2301+5476+89ab+ba98+efcd+fedc OUT - tb = ARIA_P2( tb ) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc - *a ^= ARIA_P1( tb ); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT - ta = ARIA_P2( ta ); // 0123+7654+ab89+dcfe - *d ^= ARIA_P1( ta ) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT - tc = ARIA_P2( tc ); // 0123+5476 - *c ^= ARIA_P1( tc ) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT + tb = ARIA_P2(tb) ^ ta; // 2301+5476+89ab+98ba+cdef+fedc + *a ^= ARIA_P1(tb); // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT + ta = ARIA_P2(ta); // 0123+7654+ab89+dcfe + *d ^= ARIA_P1(ta) ^ tc; // 1032+2301+6745+7654+98ba+ba98+cdef OUT + tc = ARIA_P2(tc); // 0123+5476 + *c ^= ARIA_P1(tc) ^ ta; // 0123+1032+4567+7654+ab89+dcfe+fedc OUT } /* @@ -207,27 +183,27 @@ static inline void aria_a( uint32_t *a, uint32_t *b, * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1 * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2 */ -static inline void aria_sl( uint32_t *a, uint32_t *b, - uint32_t *c, uint32_t *d, - const uint8_t sa[256], const uint8_t sb[256], - const uint8_t sc[256], const uint8_t sd[256] ) +static inline void aria_sl(uint32_t *a, uint32_t *b, + uint32_t *c, uint32_t *d, + const uint8_t sa[256], const uint8_t sb[256], + const uint8_t sc[256], const uint8_t sd[256]) { - *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24); - *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24); - *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24); - *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ] ) ^ - (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) << 8) ^ - (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^ - (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24); + *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24); + *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24); + *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24); + *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^ + (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) << 8) ^ + (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^ + (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24); } /* @@ -340,8 +316,8 @@ static const uint8_t aria_is2[256] = /* * Helper for key schedule: r = FO( p, k ) ^ x */ -static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], - const uint32_t k[4], const uint32_t x[4] ) +static void aria_fo_xor(uint32_t r[4], const uint32_t p[4], + const uint32_t k[4], const uint32_t x[4]) { uint32_t a, b, c, d; @@ -350,8 +326,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], c = p[2] ^ k[2]; d = p[3] ^ k[3]; - aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2); + aria_a(&a, &b, &c, &d); r[0] = a ^ x[0]; r[1] = b ^ x[1]; @@ -362,8 +338,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4], /* * Helper for key schedule: r = FE( p, k ) ^ x */ -static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], - const uint32_t k[4], const uint32_t x[4] ) +static void aria_fe_xor(uint32_t r[4], const uint32_t p[4], + const uint32_t k[4], const uint32_t x[4]) { uint32_t a, b, c, d; @@ -372,8 +348,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], c = p[2] ^ k[2]; d = p[3] ^ k[3]; - aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2); + aria_a(&a, &b, &c, &d); r[0] = a ^ x[0]; r[1] = b ^ x[1]; @@ -388,8 +364,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4], * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse * bytes here. */ -static void aria_rot128( uint32_t r[4], const uint32_t a[4], - const uint32_t b[4], uint8_t n ) +static void aria_rot128(uint32_t r[4], const uint32_t a[4], + const uint32_t b[4], uint8_t n) { uint8_t i, j; uint32_t t, u; @@ -397,15 +373,14 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4], const uint8_t n1 = n % 32; // bit offset const uint8_t n2 = n1 ? 32 - n1 : 0; // reverse bit offset - j = ( n / 32 ) % 4; // initial word offset - t = ARIA_P3( b[j] ); // big endian - for( i = 0; i < 4; i++ ) - { - j = ( j + 1 ) % 4; // get next word, big endian - u = ARIA_P3( b[j] ); + j = (n / 32) % 4; // initial word offset + t = ARIA_P3(b[j]); // big endian + for (i = 0; i < 4; i++) { + j = (j + 1) % 4; // get next word, big endian + u = ARIA_P3(b[j]); t <<= n1; // rotate t |= u >> n2; - t = ARIA_P3( t ); // back to little endian + t = ARIA_P3(t); // back to little endian r[i] = a[i] ^ t; // store t = u; // move to next word } @@ -414,8 +389,8 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4], /* * Set encryption key */ -int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, - const unsigned char *key, unsigned int keybits ) +int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, + const unsigned char *key, unsigned int keybits) { /* round constant masks */ const uint32_t rc[3][4] = @@ -427,74 +402,71 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int i; uint32_t w[4][4], *w2; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( key != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(key != NULL); - if( keybits != 128 && keybits != 192 && keybits != 256 ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (keybits != 128 && keybits != 192 && keybits != 256) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } /* Copy key to W0 (and potential remainder to W1) */ - w[0][0] = MBEDTLS_GET_UINT32_LE( key, 0 ); - w[0][1] = MBEDTLS_GET_UINT32_LE( key, 4 ); - w[0][2] = MBEDTLS_GET_UINT32_LE( key, 8 ); - w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 ); - - memset( w[1], 0, 16 ); - if( keybits >= 192 ) - { - w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 ); // 192 bit key - w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 ); + w[0][0] = MBEDTLS_GET_UINT32_LE(key, 0); + w[0][1] = MBEDTLS_GET_UINT32_LE(key, 4); + w[0][2] = MBEDTLS_GET_UINT32_LE(key, 8); + w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12); + + memset(w[1], 0, 16); + if (keybits >= 192) { + w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16); // 192 bit key + w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20); } - if( keybits == 256 ) - { - w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 ); // 256 bit key - w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 ); + if (keybits == 256) { + w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24); // 256 bit key + w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28); } - i = ( keybits - 128 ) >> 6; // index: 0, 1, 2 + i = (keybits - 128) >> 6; // index: 0, 1, 2 ctx->nr = 12 + 2 * i; // no. rounds: 12, 14, 16 - aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR + aria_fo_xor(w[1], w[0], rc[i], w[1]); // W1 = FO(W0, CK1) ^ KR i = i < 2 ? i + 1 : 0; - aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0 + aria_fe_xor(w[2], w[1], rc[i], w[0]); // W2 = FE(W1, CK2) ^ W0 i = i < 2 ? i + 1 : 0; - aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1 + aria_fo_xor(w[3], w[2], rc[i], w[1]); // W3 = FO(W2, CK3) ^ W1 - for( i = 0; i < 4; i++ ) // create round keys - { + for (i = 0; i < 4; i++) { // create round keys w2 = w[(i + 1) & 3]; - aria_rot128( ctx->rk[i ], w[i], w2, 128 - 19 ); - aria_rot128( ctx->rk[i + 4], w[i], w2, 128 - 31 ); - aria_rot128( ctx->rk[i + 8], w[i], w2, 61 ); - aria_rot128( ctx->rk[i + 12], w[i], w2, 31 ); + aria_rot128(ctx->rk[i], w[i], w2, 128 - 19); + aria_rot128(ctx->rk[i + 4], w[i], w2, 128 - 31); + aria_rot128(ctx->rk[i + 8], w[i], w2, 61); + aria_rot128(ctx->rk[i + 12], w[i], w2, 31); } - aria_rot128( ctx->rk[16], w[0], w[1], 19 ); + aria_rot128(ctx->rk[16], w[0], w[1], 19); /* w holds enough info to reconstruct the round keys */ - mbedtls_platform_zeroize( w, sizeof( w ) ); + mbedtls_platform_zeroize(w, sizeof(w)); - return( 0 ); + return 0; } /* * Set decryption key */ -int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, - const unsigned char *key, unsigned int keybits ) +int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, + const unsigned char *key, unsigned int keybits) { int i, j, k, ret; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( key != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(key != NULL); - ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_aria_setkey_enc(ctx, key, keybits); + if (ret != 0) { + return ret; + } /* flip the order of round keys */ - for( i = 0, j = ctx->nr; i < j; i++, j-- ) - { - for( k = 0; k < 4; k++ ) - { + for (i = 0, j = ctx->nr; i < j; i++, j--) { + for (k = 0; k < 4; k++) { uint32_t t = ctx->rk[i][k]; ctx->rk[i][k] = ctx->rk[j][k]; ctx->rk[j][k] = t; @@ -502,45 +474,43 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, } /* apply affine transform to middle keys */ - for( i = 1; i < ctx->nr; i++ ) - { - aria_a( &ctx->rk[i][0], &ctx->rk[i][1], - &ctx->rk[i][2], &ctx->rk[i][3] ); + for (i = 1; i < ctx->nr; i++) { + aria_a(&ctx->rk[i][0], &ctx->rk[i][1], + &ctx->rk[i][2], &ctx->rk[i][3]); } - return( 0 ); + return 0; } /* * Encrypt a block */ -int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, - const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] ) +int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, + const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]) { int i; uint32_t a, b, c, d; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( input != NULL ); - ARIA_VALIDATE_RET( output != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(input != NULL); + ARIA_VALIDATE_RET(output != NULL); - a = MBEDTLS_GET_UINT32_LE( input, 0 ); - b = MBEDTLS_GET_UINT32_LE( input, 4 ); - c = MBEDTLS_GET_UINT32_LE( input, 8 ); - d = MBEDTLS_GET_UINT32_LE( input, 12 ); + a = MBEDTLS_GET_UINT32_LE(input, 0); + b = MBEDTLS_GET_UINT32_LE(input, 4); + c = MBEDTLS_GET_UINT32_LE(input, 8); + d = MBEDTLS_GET_UINT32_LE(input, 12); i = 0; - while( 1 ) - { + while (1) { a ^= ctx->rk[i][0]; b ^= ctx->rk[i][1]; c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; i++; - aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 ); - aria_a( &a, &b, &c, &d ); + aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2); + aria_a(&a, &b, &c, &d); a ^= ctx->rk[i][0]; b ^= ctx->rk[i][1]; @@ -548,10 +518,11 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, d ^= ctx->rk[i][3]; i++; - aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 ); - if( i >= ctx->nr ) + aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2); + if (i >= ctx->nr) { break; - aria_a( &a, &b, &c, &d ); + } + aria_a(&a, &b, &c, &d); } /* final key mixing */ @@ -560,80 +531,79 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, c ^= ctx->rk[i][2]; d ^= ctx->rk[i][3]; - MBEDTLS_PUT_UINT32_LE( a, output, 0 ); - MBEDTLS_PUT_UINT32_LE( b, output, 4 ); - MBEDTLS_PUT_UINT32_LE( c, output, 8 ); - MBEDTLS_PUT_UINT32_LE( d, output, 12 ); + MBEDTLS_PUT_UINT32_LE(a, output, 0); + MBEDTLS_PUT_UINT32_LE(b, output, 4); + MBEDTLS_PUT_UINT32_LE(c, output, 8); + MBEDTLS_PUT_UINT32_LE(d, output, 12); - return( 0 ); + return 0; } /* Initialize context */ -void mbedtls_aria_init( mbedtls_aria_context *ctx ) +void mbedtls_aria_init(mbedtls_aria_context *ctx) { - ARIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_aria_context ) ); + ARIA_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_aria_context)); } /* Clear context */ -void mbedtls_aria_free( mbedtls_aria_context *ctx ) +void mbedtls_aria_free(mbedtls_aria_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context)); } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * ARIA-CBC buffer encryption/decryption */ -int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( iv != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(iv != NULL); - if( length % MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); + if (length % MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_ARIA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE ); - mbedtls_aria_crypt_ecb( ctx, input, output ); + if (mode == MBEDTLS_ARIA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE); + mbedtls_aria_crypt_ecb(ctx, input, output); - for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE ); + memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE); input += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE; length -= MBEDTLS_ARIA_BLOCKSIZE; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_aria_crypt_ecb( ctx, output, output ); - memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE ); + mbedtls_aria_crypt_ecb(ctx, output, output); + memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE); input += MBEDTLS_ARIA_BLOCKSIZE; output += MBEDTLS_ARIA_BLOCKSIZE; @@ -641,7 +611,7 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -649,63 +619,61 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, /* * ARIA-CFB128 buffer encryption/decryption */ -int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { unsigned char c; size_t n; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( iv != NULL ); - ARIA_VALIDATE_RET( iv_off != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(iv != NULL); + ARIA_VALIDATE_RET(iv_off != NULL); n = *iv_off; /* An overly large value of n can lead to an unlimited * buffer overflow. Therefore, guard against this * outside of parameter validation. */ - if( n >= MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (n >= MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_ARIA_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aria_crypt_ecb( ctx, iv, iv ); + if (mode == MBEDTLS_ARIA_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, iv, iv); + } c = *input++; *output++ = c ^ iv[n]; iv[n] = c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_aria_crypt_ecb( ctx, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } *iv_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -713,50 +681,52 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, /* * ARIA-CTR buffer encryption/decryption */ -int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - ARIA_VALIDATE_RET( ctx != NULL ); - ARIA_VALIDATE_RET( length == 0 || input != NULL ); - ARIA_VALIDATE_RET( length == 0 || output != NULL ); - ARIA_VALIDATE_RET( nonce_counter != NULL ); - ARIA_VALIDATE_RET( stream_block != NULL ); - ARIA_VALIDATE_RET( nc_off != NULL ); + ARIA_VALIDATE_RET(ctx != NULL); + ARIA_VALIDATE_RET(length == 0 || input != NULL); + ARIA_VALIDATE_RET(length == 0 || output != NULL); + ARIA_VALIDATE_RET(nonce_counter != NULL); + ARIA_VALIDATE_RET(stream_block != NULL); + ARIA_VALIDATE_RET(nc_off != NULL); n = *nc_off; /* An overly large value of n can lead to an unlimited * buffer overflow. Therefore, guard against this * outside of parameter validation. */ - if( n >= MBEDTLS_ARIA_BLOCKSIZE ) - return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); + if (n >= MBEDTLS_ARIA_BLOCKSIZE) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_aria_crypt_ecb( ctx, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_aria_crypt_ecb(ctx, nonce_counter, + stream_block); - for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* !MBEDTLS_ARIA_ALT */ @@ -895,20 +865,22 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ -#define ARIA_SELF_TEST_IF_FAIL \ - { \ - if( verbose ) \ - mbedtls_printf( "failed\n" ); \ +#define ARIA_SELF_TEST_ASSERT(cond) \ + do { \ + if (cond) { \ + if (verbose) \ + mbedtls_printf("failed\n"); \ goto exit; \ - } else { \ - if( verbose ) \ - mbedtls_printf( "passed\n" ); \ - } + } else { \ + if (verbose) \ + mbedtls_printf("passed\n"); \ + } \ + } while (0) /* * Checkup routine */ -int mbedtls_aria_self_test( int verbose ) +int mbedtls_aria_self_test(int verbose) { int i; uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE]; @@ -920,137 +892,142 @@ int mbedtls_aria_self_test( int verbose ) #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) || \ - defined(MBEDTLS_CIPHER_MODE_CFB) || \ - defined(MBEDTLS_CIPHER_MODE_CTR)) + defined(MBEDTLS_CIPHER_MODE_CFB) || \ + defined(MBEDTLS_CIPHER_MODE_CTR)) uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE]; #endif - mbedtls_aria_init( &ctx ); + mbedtls_aria_init(&ctx); /* * Test set 1 */ - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* test ECB encryption */ - if( verbose ) - mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); - mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); - if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + if (verbose) { + mbedtls_printf(" ARIA-ECB-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i); + mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk); + ARIA_SELF_TEST_ASSERT( + memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE) + != 0); /* test ECB decryption */ - if( verbose ) - mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); - mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); - if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + if (verbose) { + mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i); + mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk); + ARIA_SELF_TEST_ASSERT( + memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE) + != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); /* * Test set 2 */ #if defined(MBEDTLS_CIPHER_MODE_CBC) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CBC encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); - mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, - aria_test2_pt, buf ); - if( memcmp( buf, aria_test2_cbc_ct[i], 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + if (verbose) { + mbedtls_printf(" ARIA-CBC-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0x55, sizeof(buf)); + mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48) + != 0); /* Test CBC decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); - mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, - aria_test2_cbc_ct[i], buf ); - if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + if (verbose) { + mbedtls_printf(" ARIA-CBC-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0xAA, sizeof(buf)); + mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, + aria_test2_cbc_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CFB encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CFB-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0x55, sizeof(buf)); j = 0; - mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, - aria_test2_pt, buf ); - if( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0); /* Test CFB decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CFB-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE); + memset(buf, 0xAA, sizeof(buf)); j = 0; - mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, - iv, aria_test2_cfb_ct[i], buf ); - if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, + iv, aria_test2_cfb_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - for( i = 0; i < 3; i++ ) - { + for (i = 0; i < 3; i++) { /* Test CTR encryption */ - if( verbose ) - mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0x55, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CTR-%d (enc): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0 + memset(buf, 0x55, sizeof(buf)); j = 0; - mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, - aria_test2_pt, buf ); - if( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk, + aria_test2_pt, buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0); /* Test CTR decryption */ - if( verbose ) - mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); - mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0xAA, sizeof( buf ) ); + if (verbose) { + mbedtls_printf(" ARIA-CTR-%d (dec): ", 128 + 64 * i); + } + mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i); + memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE); // IV = 0 + memset(buf, 0xAA, sizeof(buf)); j = 0; - mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, - aria_test2_ctr_ct[i], buf ); - if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) - ARIA_SELF_TEST_IF_FAIL; + mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk, + aria_test2_ctr_ct[i], buf); + ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0); + } + if (verbose) { + mbedtls_printf("\n"); } - if( verbose ) - mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CTR */ ret = 0; exit: - mbedtls_aria_free( &ctx ); - return( ret ); + mbedtls_aria_free(&ctx); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/asn1parse.c b/third_party/mbedtls/repo/library/asn1parse.c index 22747d3ba4f..c7f7f0b33a5 100644 --- a/third_party/mbedtls/repo/library/asn1parse.c +++ b/third_party/mbedtls/repo/library/asn1parse.c @@ -2,19 +2,7 @@ * Generic ASN.1 parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -31,214 +19,224 @@ #include "mbedtls/bignum.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /* * ASN.1 DER decoding routines */ -int mbedtls_asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ) +int mbedtls_asn1_get_len(unsigned char **p, + const unsigned char *end, + size_t *len) { - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - if( ( **p & 0x80 ) == 0 ) + if ((**p & 0x80) == 0) { *len = *(*p)++; - else - { - switch( **p & 0x7F ) - { - case 1: - if( ( end - *p ) < 2 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = (*p)[1]; - (*p) += 2; - break; - - case 2: - if( ( end - *p ) < 3 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; - (*p) += 3; - break; - - case 3: - if( ( end - *p ) < 4 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 16 ) | - ( (size_t)(*p)[2] << 8 ) | (*p)[3]; - (*p) += 4; - break; - - case 4: - if( ( end - *p ) < 5 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - - *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | - ( (size_t)(*p)[3] << 8 ) | (*p)[4]; - (*p) += 5; - break; - - default: - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + } else { + switch (**p & 0x7F) { + case 1: + if ((end - *p) < 2) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = (*p)[1]; + (*p) += 2; + break; + + case 2: + if ((end - *p) < 3) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 8) | (*p)[2]; + (*p) += 3; + break; + + case 3: + if ((end - *p) < 4) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 16) | + ((size_t) (*p)[2] << 8) | (*p)[3]; + (*p) += 4; + break; + + case 4: + if ((end - *p) < 5) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) | + ((size_t) (*p)[3] << 8) | (*p)[4]; + (*p) += 5; + break; + + default: + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; } } - if( *len > (size_t) ( end - *p ) ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if (*len > (size_t) (end - *p)) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - return( 0 ); + return 0; } -int mbedtls_asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ) +int mbedtls_asn1_get_tag(unsigned char **p, + const unsigned char *end, + size_t *len, int tag) { - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } - if( **p != tag ) - return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + if (**p != tag) { + return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; + } (*p)++; - return( mbedtls_asn1_get_len( p, end, len ) ); + return mbedtls_asn1_get_len(p, end, len); } -int mbedtls_asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_bool(unsigned char **p, + const unsigned char *end, + int *val) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) { + return ret; + } - if( len != 1 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len != 1) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } - *val = ( **p != 0 ) ? 1 : 0; + *val = (**p != 0) ? 1 : 0; (*p)++; - return( 0 ); + return 0; } -static int asn1_get_tagged_int( unsigned char **p, - const unsigned char *end, - int tag, int *val ) +static int asn1_get_tagged_int(unsigned char **p, + const unsigned char *end, + int tag, int *val) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) { + return ret; + } /* * len==0 is malformed (0 must be represented as 020100 for INTEGER, * or 0A0100 for ENUMERATED tags */ - if( len == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } /* This is a cryptography library. Reject negative integers. */ - if( ( **p & 0x80 ) != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if ((**p & 0x80) != 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } /* Skip leading zeros. */ - while( len > 0 && **p == 0 ) - { - ++( *p ); + while (len > 0 && **p == 0) { + ++(*p); --len; } /* Reject integers that don't fit in an int. This code assumes that * the int type has no padding bit. */ - if( len > sizeof( int ) ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); - if( len == sizeof( int ) && ( **p & 0x80 ) != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (len > sizeof(int)) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + if (len == sizeof(int) && (**p & 0x80) != 0) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } *val = 0; - while( len-- > 0 ) - { - *val = ( *val << 8 ) | **p; + while (len-- > 0) { + *val = (*val << 8) | **p; (*p)++; } - return( 0 ); + return 0; } -int mbedtls_asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_int(unsigned char **p, + const unsigned char *end, + int *val) { - return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) ); + return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val); } -int mbedtls_asn1_get_enum( unsigned char **p, - const unsigned char *end, - int *val ) +int mbedtls_asn1_get_enum(unsigned char **p, + const unsigned char *end, + int *val) { - return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) ); + return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val); } #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ) +int mbedtls_asn1_get_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; + } - ret = mbedtls_mpi_read_binary( X, *p, len ); + ret = mbedtls_mpi_read_binary(X, *p, len); *p += len; - return( ret ); + return ret; } #endif /* MBEDTLS_BIGNUM_C */ -int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end, - mbedtls_asn1_bitstring *bs) +int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end, + mbedtls_asn1_bitstring *bs) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Certificate type is a single byte bitstring */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) { + return ret; + } /* Check length, subtract one for actual bit string length */ - if( bs->len < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if (bs->len < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } bs->len -= 1; /* Get number of unused bits, ensure unused bits <= 7 */ bs->unused_bits = **p; - if( bs->unused_bits > 7 ) - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + if (bs->unused_bits > 7) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } (*p)++; /* Get actual bitstring */ bs->p = *p; *p += bs->len; - if( *p != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - return( 0 ); + return 0; } /* @@ -250,105 +248,106 @@ int mbedtls_asn1_traverse_sequence_of( const unsigned char *end, unsigned char tag_must_mask, unsigned char tag_must_val, unsigned char tag_may_mask, unsigned char tag_may_val, - int (*cb)( void *ctx, int tag, - unsigned char *start, size_t len ), - void *ctx ) + int (*cb)(void *ctx, int tag, + unsigned char *start, size_t len), + void *ctx) { int ret; size_t len; /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; } - if( *p + len != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p + len != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - while( *p < end ) - { + while (*p < end) { unsigned char const tag = *(*p)++; - if( ( tag & tag_must_mask ) != tag_must_val ) - return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + if ((tag & tag_must_mask) != tag_must_val) { + return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; + } - if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) { + return ret; + } - if( ( tag & tag_may_mask ) == tag_may_val ) - { - if( cb != NULL ) - { - ret = cb( ctx, tag, *p, len ); - if( ret != 0 ) - return( ret ); + if ((tag & tag_may_mask) == tag_may_val) { + if (cb != NULL) { + ret = cb(ctx, tag, *p, len); + if (ret != 0) { + return ret; + } } } *p += len; } - return( 0 ); + return 0; } /* * Get a bit string without unused bits */ -int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, - size_t *len ) +int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end, + size_t *len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) { + return ret; + } - if( *len == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - --( *len ); + if (*len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + --(*len); - if( **p != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - ++( *p ); + if (**p != 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + ++(*p); - return( 0 ); + return 0; } -void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq ) +void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq) { - while( seq != NULL ) - { + while (seq != NULL) { mbedtls_asn1_sequence *next = seq->next; - mbedtls_platform_zeroize( seq, sizeof( *seq ) ); - mbedtls_free( seq ); + mbedtls_platform_zeroize(seq, sizeof(*seq)); + mbedtls_free(seq); seq = next; } } -typedef struct -{ +typedef struct { int tag; mbedtls_asn1_sequence *cur; } asn1_get_sequence_of_cb_ctx_t; -static int asn1_get_sequence_of_cb( void *ctx, - int tag, - unsigned char *start, - size_t len ) +static int asn1_get_sequence_of_cb(void *ctx, + int tag, + unsigned char *start, + size_t len) { asn1_get_sequence_of_cb_ctx_t *cb_ctx = (asn1_get_sequence_of_cb_ctx_t *) ctx; mbedtls_asn1_sequence *cur = cb_ctx->cur; - if( cur->buf.p != NULL ) - { + if (cur->buf.p != NULL) { cur->next = - mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERR_ASN1_ALLOC_FAILED ); + if (cur->next == NULL) { + return MBEDTLS_ERR_ASN1_ALLOC_FAILED; + } cur = cur->next; } @@ -358,124 +357,128 @@ static int asn1_get_sequence_of_cb( void *ctx, cur->buf.tag = tag; cb_ctx->cur = cur; - return( 0 ); + return 0; } /* * Parses and splits an ASN.1 "SEQUENCE OF " */ -int mbedtls_asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_sequence *cur, - int tag) +int mbedtls_asn1_get_sequence_of(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_sequence *cur, + int tag) { asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; - memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); - return( mbedtls_asn1_traverse_sequence_of( - p, end, 0xFF, tag, 0, 0, - asn1_get_sequence_of_cb, &cb_ctx ) ); + memset(cur, 0, sizeof(mbedtls_asn1_sequence)); + return mbedtls_asn1_traverse_sequence_of( + p, end, 0xFF, tag, 0, 0, + asn1_get_sequence_of_cb, &cb_ctx); } -int mbedtls_asn1_get_alg( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params ) +int mbedtls_asn1_get_alg(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + if ((end - *p) < 1) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } alg->tag = **p; end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) { + return ret; + } alg->p = *p; *p += alg->len; - if( *p == end ) - { - mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) ); - return( 0 ); + if (*p == end) { + mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf)); + return 0; } params->tag = **p; (*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, ¶ms->len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_len(p, end, ¶ms->len)) != 0) { + return ret; + } params->p = *p; *p += params->len; - if( *p != end ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (*p != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } - return( 0 ); + return 0; } -int mbedtls_asn1_get_alg_null( unsigned char **p, - const unsigned char *end, - mbedtls_asn1_buf *alg ) +int mbedtls_asn1_get_alg_null(unsigned char **p, + const unsigned char *end, + mbedtls_asn1_buf *alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf params; - memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); + memset(¶ms, 0, sizeof(mbedtls_asn1_buf)); - if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_alg(p, end, alg, ¶ms)) != 0) { + return ret; + } - if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); + if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } - return( 0 ); + return 0; } -void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur ) +void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur) { - if( cur == NULL ) + if (cur == NULL) { return; + } - mbedtls_free( cur->oid.p ); - mbedtls_free( cur->val.p ); + mbedtls_free(cur->oid.p); + mbedtls_free(cur->val.p); - mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) ); + mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data)); } -void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head ) +void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head) { mbedtls_asn1_named_data *cur; - while( ( cur = *head ) != NULL ) - { + while ((cur = *head) != NULL) { *head = cur->next; - mbedtls_asn1_free_named_data( cur ); - mbedtls_free( cur ); + mbedtls_asn1_free_named_data(cur); + mbedtls_free(cur); } } -mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list, - const char *oid, size_t len ) +mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list, + const char *oid, size_t len) { - while( list != NULL ) - { - if( list->oid.len == len && - memcmp( list->oid.p, oid, len ) == 0 ) - { + while (list != NULL) { + if (list->oid.len == len && + memcmp(list->oid.p, oid, len) == 0) { break; } list = list->next; } - return( list ); + return list; } #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/third_party/mbedtls/repo/library/asn1write.c b/third_party/mbedtls/repo/library/asn1write.c index 3811ef27a3f..0147c49f688 100644 --- a/third_party/mbedtls/repo/library/asn1write.c +++ b/third_party/mbedtls/repo/library/asn1write.c @@ -2,19 +2,7 @@ * ASN.1 buffer writing functionality * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -26,455 +14,465 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) +int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len) { - if( len < 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len < 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (unsigned char) len; - return( 1 ); + return 1; } - if( len <= 0xFF ) - { - if( *p - start < 2 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFF) { + if (*p - start < 2) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (unsigned char) len; *--(*p) = 0x81; - return( 2 ); + return 2; } - if( len <= 0xFFFF ) - { - if( *p - start < 3 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFFFF) { + if (*p - start < 3) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); *--(*p) = 0x82; - return( 3 ); + return 3; } - if( len <= 0xFFFFFF ) - { - if( *p - start < 4 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (len <= 0xFFFFFF) { + if (*p - start < 4) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); - *--(*p) = MBEDTLS_BYTE_2( len ); + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); + *--(*p) = MBEDTLS_BYTE_2(len); *--(*p) = 0x83; - return( 4 ); + return 4; } + int len_is_valid = 1; #if SIZE_MAX > 0xFFFFFFFF - if( len <= 0xFFFFFFFF ) + len_is_valid = (len <= 0xFFFFFFFF); #endif - { - if( *p - start < 5 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - - *--(*p) = MBEDTLS_BYTE_0( len ); - *--(*p) = MBEDTLS_BYTE_1( len ); - *--(*p) = MBEDTLS_BYTE_2( len ); - *--(*p) = MBEDTLS_BYTE_3( len ); + if (len_is_valid) { + if (*p - start < 5) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + *--(*p) = MBEDTLS_BYTE_0(len); + *--(*p) = MBEDTLS_BYTE_1(len); + *--(*p) = MBEDTLS_BYTE_2(len); + *--(*p) = MBEDTLS_BYTE_3(len); *--(*p) = 0x84; - return( 5 ); + return 5; } -#if SIZE_MAX > 0xFFFFFFFF - return( MBEDTLS_ERR_ASN1_INVALID_LENGTH ); -#endif + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; } -int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) +int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag) { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = tag; - return( 1 ); + return 1; } -int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ) +int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size) { size_t len = 0; - if( *p < start || (size_t)( *p - start ) < size ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < size) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = size; (*p) -= len; - memcpy( *p, buf, len ); + memcpy(*p, buf, len); - return( (int) len ); + return (int) len; } #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ) +int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write the MPI // - len = mbedtls_mpi_size( X ); + len = mbedtls_mpi_size(X); - if( *p < start || (size_t)( *p - start ) < len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not + * as 0 digits. We need to end up with 020100, not with 0200. */ + if (len == 0) { + len = 1; + } + + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } (*p) -= len; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len)); // DER format assumes 2s complement for numbers, so the leftmost bit // should be 0 for positive numbers and 1 for negative numbers. // - if( X->s ==1 && **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (X->s == 1 && **p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER)); ret = (int) len; cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_BIGNUM_C */ -int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ) +int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; // Write NULL // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len ) +int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) oid, oid_len ) ); - MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) oid, oid_len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - size_t par_len ) +int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len) +{ + return mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len, par_len, 1); +} + +int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len, int has_par) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( par_len == 0 ) - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) ); - else - len += par_len; + if (has_par) { + if (par_len == 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start)); + } else { + len += par_len; + } + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) +int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, int boolean) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = (boolean) ? 255 : 0; len++; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN)); - return( (int) len ); + return (int) len; } -static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag ) +static int asn1_write_tagged_int(unsigned char **p, unsigned char *start, int val, int tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - do - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + do { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len += 1; *--(*p) = val & 0xff; val >>= 8; - } - while( val > 0 ); + } while (val > 0); - if( **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (**p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) +int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val) { - return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) ); + return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER); } -int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val ) +int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val) { - return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) ); + return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED); } -int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, - const char *text, size_t text_len ) +int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, int tag, + const char *text, size_t text_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) text, text_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) text, + text_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len); } -int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_printable_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, + text_len); } -int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start, + const char *text, size_t text_len) { - return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); + return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len); } -int mbedtls_asn1_write_named_bitstring( unsigned char **p, - unsigned char *start, - const unsigned char *buf, - size_t bits ) +int mbedtls_asn1_write_named_bitstring(unsigned char **p, + unsigned char *start, + const unsigned char *buf, + size_t bits) { size_t unused_bits, byte_len; const unsigned char *cur_byte; unsigned char cur_byte_shifted; unsigned char bit; - byte_len = ( bits + 7 ) / 8; - unused_bits = ( byte_len * 8 ) - bits; + byte_len = (bits + 7) / 8; + unused_bits = (byte_len * 8) - bits; /* * Named bitstrings require that trailing 0s are excluded in the encoding * of the bitstring. Trailing 0s are considered part of the 'unused' bits * when encoding this value in the first content octet */ - if( bits != 0 ) - { + if (bits != 0) { cur_byte = buf + byte_len - 1; cur_byte_shifted = *cur_byte >> unused_bits; - for( ; ; ) - { + for (;;) { bit = cur_byte_shifted & 0x1; cur_byte_shifted >>= 1; - if( bit != 0 ) + if (bit != 0) { break; + } bits--; - if( bits == 0 ) + if (bits == 0) { break; + } - if( bits % 8 == 0 ) + if (bits % 8 == 0) { cur_byte_shifted = *--cur_byte; + } } } - return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) ); + return mbedtls_asn1_write_bitstring(p, start, buf, bits); } -int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ) +int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; size_t unused_bits, byte_len; - byte_len = ( bits + 7 ) / 8; - unused_bits = ( byte_len * 8 ) - bits; + byte_len = (bits + 7) / 8; + unused_bits = (byte_len * 8) - bits; - if( *p < start || (size_t)( *p - start ) < byte_len + 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < byte_len + 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = byte_len + 1; /* Write the bitstring. Ensure the unused bits are zeroed */ - if( byte_len > 0 ) - { + if (byte_len > 0) { byte_len--; - *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 ); - ( *p ) -= byte_len; - memcpy( *p, buf, byte_len ); + *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1); + (*p) -= byte_len; + memcpy(*p, buf, byte_len); } /* Write unused bits */ - *--( *p ) = (unsigned char)unused_bits; + *--(*p) = (unsigned char) unused_bits; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING)); - return( (int) len ); + return (int) len; } -int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ) +int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING)); - return( (int) len ); + return (int) len; } /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(), * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ static mbedtls_asn1_named_data *asn1_find_named_data( - mbedtls_asn1_named_data *list, - const char *oid, size_t len ) + mbedtls_asn1_named_data *list, + const char *oid, size_t len) { - while( list != NULL ) - { - if( list->oid.len == len && - memcmp( list->oid.p, oid, len ) == 0 ) - { + while (list != NULL) { + if (list->oid.len == len && + memcmp(list->oid.p, oid, len) == 0) { break; } list = list->next; } - return( list ); + return list; } mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( - mbedtls_asn1_named_data **head, - const char *oid, size_t oid_len, - const unsigned char *val, - size_t val_len ) + mbedtls_asn1_named_data **head, + const char *oid, size_t oid_len, + const unsigned char *val, + size_t val_len) { mbedtls_asn1_named_data *cur; - if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) - { + if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) { // Add new entry if not present yet based on OID // - cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1, - sizeof(mbedtls_asn1_named_data) ); - if( cur == NULL ) - return( NULL ); + cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1, + sizeof(mbedtls_asn1_named_data)); + if (cur == NULL) { + return NULL; + } cur->oid.len = oid_len; - cur->oid.p = mbedtls_calloc( 1, oid_len ); - if( cur->oid.p == NULL ) - { - mbedtls_free( cur ); - return( NULL ); + cur->oid.p = mbedtls_calloc(1, oid_len); + if (cur->oid.p == NULL) { + mbedtls_free(cur); + return NULL; } - memcpy( cur->oid.p, oid, oid_len ); + memcpy(cur->oid.p, oid, oid_len); cur->val.len = val_len; - if( val_len != 0 ) - { - cur->val.p = mbedtls_calloc( 1, val_len ); - if( cur->val.p == NULL ) - { - mbedtls_free( cur->oid.p ); - mbedtls_free( cur ); - return( NULL ); + if (val_len != 0) { + cur->val.p = mbedtls_calloc(1, val_len); + if (cur->val.p == NULL) { + mbedtls_free(cur->oid.p); + mbedtls_free(cur); + return NULL; } } cur->next = *head; *head = cur; - } - else if( val_len == 0 ) - { - mbedtls_free( cur->val.p ); + } else if (val_len == 0) { + mbedtls_free(cur->val.p); cur->val.p = NULL; - } - else if( cur->val.len != val_len ) - { + } else if (cur->val.len != val_len) { /* * Enlarge existing value buffer if needed * Preserve old data until the allocation succeeded, to leave list in * a consistent state in case allocation fails. */ - void *p = mbedtls_calloc( 1, val_len ); - if( p == NULL ) - return( NULL ); + void *p = mbedtls_calloc(1, val_len); + if (p == NULL) { + return NULL; + } - mbedtls_free( cur->val.p ); + mbedtls_free(cur->val.p); cur->val.p = p; cur->val.len = val_len; } - if( val != NULL ) - memcpy( cur->val.p, val, val_len ); + if (val != NULL && val_len != 0) { + memcpy(cur->val.p, val, val_len); + } - return( cur ); + return cur; } #endif /* MBEDTLS_ASN1_WRITE_C */ diff --git a/third_party/mbedtls/repo/library/base64.c b/third_party/mbedtls/repo/library/base64.c index 83daa0bcc67..1f1a90a9374 100644 --- a/third_party/mbedtls/repo/library/base64.c +++ b/third_party/mbedtls/repo/library/base64.c @@ -2,19 +2,7 @@ * RFC 1521 base64 encoding/decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -28,76 +16,68 @@ #if defined(MBEDTLS_SELF_TEST) #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_SELF_TEST */ -#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ +#define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ /* * Encode a buffer into base64 format */ -int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ) +int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen) { size_t i, n; int C1, C2, C3; unsigned char *p; - if( slen == 0 ) - { + if (slen == 0) { *olen = 0; - return( 0 ); + return 0; } - n = slen / 3 + ( slen % 3 != 0 ); + n = slen / 3 + (slen % 3 != 0); - if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 ) - { + if (n > (BASE64_SIZE_T_MAX - 1) / 4) { *olen = BASE64_SIZE_T_MAX; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } n *= 4; - if( ( dlen < n + 1 ) || ( NULL == dst ) ) - { + if ((dlen < n + 1) || (NULL == dst)) { *olen = n + 1; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } - n = ( slen / 3 ) * 3; + n = (slen / 3) * 3; - for( i = 0, p = dst; i < n; i += 3 ) - { + for (i = 0, p = dst; i < n; i += 3) { C1 = *src++; C2 = *src++; C3 = *src++; - *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) - & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) ) - & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4)) + & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6)) + & 0x3F); + *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F); } - if( i < slen ) - { + if (i < slen) { C1 = *src++; - C2 = ( ( i + 1 ) < slen ) ? *src++ : 0; + C2 = ((i + 1) < slen) ? *src++ : 0; - *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F ); - *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) ) - & 0x3F ); + *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F); + *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4)) + & 0x3F); - if( ( i + 1 ) < slen ) - *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F ); - else *p++ = '='; + if ((i + 1) < slen) { + *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F); + } else { + *p++ = '='; + } *p++ = '='; } @@ -105,14 +85,14 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen, *olen = p - dst; *p = 0; - return( 0 ); + return 0; } /* * Decode a base64-formatted buffer */ -int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, - const unsigned char *src, size_t slen ) +int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, + const unsigned char *src, size_t slen) { size_t i; /* index in source */ size_t n; /* number of digits or trailing = in source */ @@ -123,92 +103,97 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen, unsigned char *p; /* First pass: check for validity and get output length */ - for( i = n = 0; i < slen; i++ ) - { + for (i = n = 0; i < slen; i++) { /* Skip spaces before checking for EOL */ spaces_present = 0; - while( i < slen && src[i] == ' ' ) - { + while (i < slen && src[i] == ' ') { ++i; spaces_present = 1; } /* Spaces at end of buffer are OK */ - if( i == slen ) + if (i == slen) { break; + } - if( ( slen - i ) >= 2 && - src[i] == '\r' && src[i + 1] == '\n' ) + if ((slen - i) >= 2 && + src[i] == '\r' && src[i + 1] == '\n') { continue; + } - if( src[i] == '\n' ) + if (src[i] == '\n') { continue; + } /* Space inside a line is an error */ - if( spaces_present ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); - - if( src[i] > 127 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + if (spaces_present) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } - if( src[i] == '=' ) - { - if( ++equals > 2 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + if (src[i] > 127) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; } - else - { - if( equals != 0 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); - if( mbedtls_ct_base64_dec_value( src[i] ) < 0 ) - return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER ); + + if (src[i] == '=') { + if (++equals > 2) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } + } else { + if (equals != 0) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } + if (mbedtls_ct_base64_dec_value(src[i]) < 0) { + return MBEDTLS_ERR_BASE64_INVALID_CHARACTER; + } } n++; } - if( n == 0 ) - { + if (n == 0) { *olen = 0; - return( 0 ); + return 0; } /* The following expression is to calculate the following formula without * risk of integer overflow in n: * n = ( ( n * 6 ) + 7 ) >> 3; */ - n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 ); + n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3); n -= equals; - if( dst == NULL || dlen < n ) - { + if (dst == NULL || dlen < n) { *olen = n; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } equals = 0; - for( x = 0, p = dst; i > 0; i--, src++ ) - { - if( *src == '\r' || *src == '\n' || *src == ' ' ) + for (x = 0, p = dst; i > 0; i--, src++) { + if (*src == '\r' || *src == '\n' || *src == ' ') { continue; + } x = x << 6; - if( *src == '=' ) + if (*src == '=') { ++equals; - else - x |= mbedtls_ct_base64_dec_value( *src ); + } else { + x |= mbedtls_ct_base64_dec_value(*src); + } - if( ++accumulated_digits == 4 ) - { + if (++accumulated_digits == 4) { accumulated_digits = 0; - *p++ = MBEDTLS_BYTE_2( x ); - if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x ); - if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x ); + *p++ = MBEDTLS_BYTE_2(x); + if (equals <= 1) { + *p++ = MBEDTLS_BYTE_1(x); + } + if (equals <= 0) { + *p++ = MBEDTLS_BYTE_0(x); + } } } *olen = p - dst; - return( 0 ); + return 0; } #if defined(MBEDTLS_SELF_TEST) @@ -232,44 +217,47 @@ static const unsigned char base64_test_enc[] = /* * Checkup routine */ -int mbedtls_base64_self_test( int verbose ) +int mbedtls_base64_self_test(int verbose) { size_t len; const unsigned char *src; unsigned char buffer[128]; - if( verbose != 0 ) - mbedtls_printf( " Base64 encoding test: " ); + if (verbose != 0) { + mbedtls_printf(" Base64 encoding test: "); + } src = base64_test_dec; - if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 || - memcmp( base64_test_enc, buffer, 88 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 || + memcmp(base64_test_enc, buffer, 88) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n Base64 decoding test: " ); + if (verbose != 0) { + mbedtls_printf("passed\n Base64 decoding test: "); + } src = base64_test_enc; - if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 || - memcmp( base64_test_dec, buffer, 64 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 || + memcmp(base64_test_dec, buffer, 64) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/bignum.c b/third_party/mbedtls/repo/library/bignum.c index 62e7f76727f..fadd9e9cc2a 100644 --- a/third_party/mbedtls/repo/library/bignum.c +++ b/third_party/mbedtls/repo/library/bignum.c @@ -2,19 +2,7 @@ * Multi-precision integer library * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -42,50 +30,43 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "constant_time_internal.h" +#include "bignum_internal.h" #include #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -#define MPI_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) -#define MPI_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define MPI_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) +#define MPI_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ #define biH (ciL << 2) /* half limb size */ -#define MPI_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */ +#define MPI_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ /* * Convert between bits/chars and number of limbs * Divide first in order to avoid potential overflows */ -#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) ) -#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) ) +#define BITS_TO_LIMBS(i) ((i) / biL + ((i) % biL != 0)) +#define CHARS_TO_LIMBS(i) ((i) / ciL + ((i) % ciL != 0)) /* Implementation that should never be optimized out by the compiler */ -static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) +static void mbedtls_mpi_zeroize(mbedtls_mpi_uint *v, size_t n) { - mbedtls_platform_zeroize( v, ciL * n ); + mbedtls_platform_zeroize(v, ciL * n); } /* * Initialize one MPI */ -void mbedtls_mpi_init( mbedtls_mpi *X ) +void mbedtls_mpi_init(mbedtls_mpi *X) { - MPI_VALIDATE( X != NULL ); + MPI_VALIDATE(X != NULL); X->s = 1; X->n = 0; @@ -95,15 +76,15 @@ void mbedtls_mpi_init( mbedtls_mpi *X ) /* * Unallocate one MPI */ -void mbedtls_mpi_free( mbedtls_mpi *X ) +void mbedtls_mpi_free(mbedtls_mpi *X) { - if( X == NULL ) + if (X == NULL) { return; + } - if( X->p != NULL ) - { - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->s = 1; @@ -114,93 +95,93 @@ void mbedtls_mpi_free( mbedtls_mpi *X ) /* * Enlarge to the specified number of limbs */ -int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) +int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->n < nblimbs ) - { - if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (X->n < nblimbs) { + if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(nblimbs, ciL)) == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->p != NULL ) - { - memcpy( p, X->p, X->n * ciL ); - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + memcpy(p, X->p, X->n * ciL); + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->n = nblimbs; X->p = p; } - return( 0 ); + return 0; } /* * Resize down as much as possible, * while keeping at least the specified number of limbs */ -int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) +int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; size_t i; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } /* Actually resize up if there are currently fewer than nblimbs limbs. */ - if( X->n <= nblimbs ) - return( mbedtls_mpi_grow( X, nblimbs ) ); + if (X->n <= nblimbs) { + return mbedtls_mpi_grow(X, nblimbs); + } /* After this point, then X->n > nblimbs and in particular X->n > 0. */ - for( i = X->n - 1; i > 0; i-- ) - if( X->p[i] != 0 ) + for (i = X->n - 1; i > 0; i--) { + if (X->p[i] != 0) { break; + } + } i++; - if( i < nblimbs ) + if (i < nblimbs) { i = nblimbs; + } - if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + if ((p = (mbedtls_mpi_uint *) mbedtls_calloc(i, ciL)) == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - if( X->p != NULL ) - { - memcpy( p, X->p, i * ciL ); - mbedtls_mpi_zeroize( X->p, X->n ); - mbedtls_free( X->p ); + if (X->p != NULL) { + memcpy(p, X->p, i * ciL); + mbedtls_mpi_zeroize(X->p, X->n); + mbedtls_free(X->p); } X->n = i; X->p = p; - return( 0 ); + return 0; } /* Resize X to have exactly n limbs and set it to 0. */ -static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) +static int mbedtls_mpi_resize_clear(mbedtls_mpi *X, size_t limbs) { - if( limbs == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); - } - else if( X->n == limbs ) - { - memset( X->p, 0, limbs * ciL ); + if (limbs == 0) { + mbedtls_mpi_free(X); + return 0; + } else if (X->n == limbs) { + memset(X->p, 0, limbs * ciL); X->s = 1; - return( 0 ); - } - else - { - mbedtls_mpi_free( X ); - return( mbedtls_mpi_grow( X, limbs ) ); + return 0; + } else { + mbedtls_mpi_free(X); + return mbedtls_mpi_grow(X, limbs); } } @@ -213,155 +194,171 @@ static int mbedtls_mpi_resize_clear( mbedtls_mpi *X, size_t limbs ) * but some code in the bignum module relies on this property, for example * in mbedtls_mpi_exp_mod(). */ -int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y) { int ret = 0; size_t i; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - if( X == Y ) - return( 0 ); + if (X == Y) { + return 0; + } - if( Y->n == 0 ) - { - if( X->n != 0 ) - { + if (Y->n == 0) { + if (X->n != 0) { X->s = 1; - memset( X->p, 0, X->n * ciL ); + memset(X->p, 0, X->n * ciL); } - return( 0 ); + return 0; } - for( i = Y->n - 1; i > 0; i-- ) - if( Y->p[i] != 0 ) + for (i = Y->n - 1; i > 0; i--) { + if (Y->p[i] != 0) { break; + } + } i++; X->s = Y->s; - if( X->n < i ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) ); - } - else - { - memset( X->p + i, 0, ( X->n - i ) * ciL ); + if (X->n < i) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i)); + } else { + memset(X->p + i, 0, (X->n - i) * ciL); } - memcpy( X->p, Y->p, i * ciL ); + memcpy(X->p, Y->p, i * ciL); cleanup: - return( ret ); + return ret; } /* * Swap the contents of X and Y */ -void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ) +void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y) { mbedtls_mpi T; - MPI_VALIDATE( X != NULL ); - MPI_VALIDATE( Y != NULL ); + MPI_VALIDATE(X != NULL); + MPI_VALIDATE(Y != NULL); - memcpy( &T, X, sizeof( mbedtls_mpi ) ); - memcpy( X, Y, sizeof( mbedtls_mpi ) ); - memcpy( Y, &T, sizeof( mbedtls_mpi ) ); + memcpy(&T, X, sizeof(mbedtls_mpi)); + memcpy(X, Y, sizeof(mbedtls_mpi)); + memcpy(Y, &T, sizeof(mbedtls_mpi)); +} + +static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z) +{ + if (z >= 0) { + return z; + } + /* Take care to handle the most negative value (-2^(biL-1)) correctly. + * A naive -z would have undefined behavior. + * Write this in a way that makes popular compilers happy (GCC, Clang, + * MSVC). */ + return (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z; } /* * Set value from integer */ -int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) +int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); - memset( X->p, 0, X->n * ciL ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, 1)); + memset(X->p, 0, X->n * ciL); - X->p[0] = ( z < 0 ) ? -z : z; - X->s = ( z < 0 ) ? -1 : 1; + X->p[0] = mpi_sint_abs(z); + X->s = (z < 0) ? -1 : 1; cleanup: - return( ret ); + return ret; } /* * Get a specific bit */ -int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ) +int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos) { - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( X->n * biL <= pos ) - return( 0 ); + if (X->n * biL <= pos) { + return 0; + } - return( ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01 ); + return (X->p[pos / biL] >> (pos % biL)) & 0x01; } /* Get a specific byte, without range checks. */ -#define GET_BYTE( X, i ) \ - ( ( ( X )->p[( i ) / ciL] >> ( ( ( i ) % ciL ) * 8 ) ) & 0xff ) +#define GET_BYTE(X, i) \ + (((X)->p[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff) /* * Set a bit to a specific value of 0 or 1 */ -int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ) +int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val) { int ret = 0; size_t off = pos / biL; size_t idx = pos % biL; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - if( val != 0 && val != 1 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (val != 0 && val != 1) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( X->n * biL <= pos ) - { - if( val == 0 ) - return( 0 ); + if (X->n * biL <= pos) { + if (val == 0) { + return 0; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, off + 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, off + 1)); } - X->p[off] &= ~( (mbedtls_mpi_uint) 0x01 << idx ); + X->p[off] &= ~((mbedtls_mpi_uint) 0x01 << idx); X->p[off] |= (mbedtls_mpi_uint) val << idx; cleanup: - return( ret ); + return ret; } /* * Return the number of less significant zero-bits */ -size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ) +size_t mbedtls_mpi_lsb(const mbedtls_mpi *X) { size_t i, j, count = 0; - MBEDTLS_INTERNAL_VALIDATE_RET( X != NULL, 0 ); + MBEDTLS_INTERNAL_VALIDATE_RET(X != NULL, 0); - for( i = 0; i < X->n; i++ ) - for( j = 0; j < biL; j++, count++ ) - if( ( ( X->p[i] >> j ) & 1 ) != 0 ) - return( count ); + for (i = 0; i < X->n; i++) { + for (j = 0; j < biL; j++, count++) { + if (((X->p[i] >> j) & 1) != 0) { + return count; + } + } + } - return( 0 ); + return 0; } /* * Count leading zero bits in a given integer */ -static size_t mbedtls_clz( const mbedtls_mpi_uint x ) +static size_t mbedtls_clz(const mbedtls_mpi_uint x) { size_t j; mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1); - for( j = 0; j < biL; j++ ) - { - if( x & mask ) break; + for (j = 0; j < biL; j++) { + if (x & mask) { + break; + } mask >>= 1; } @@ -372,231 +369,236 @@ static size_t mbedtls_clz( const mbedtls_mpi_uint x ) /* * Return the number of bits */ -size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ) +size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X) { size_t i, j; - if( X->n == 0 ) - return( 0 ); + if (X->n == 0) { + return 0; + } - for( i = X->n - 1; i > 0; i-- ) - if( X->p[i] != 0 ) + for (i = X->n - 1; i > 0; i--) { + if (X->p[i] != 0) { break; + } + } - j = biL - mbedtls_clz( X->p[i] ); + j = biL - mbedtls_clz(X->p[i]); - return( ( i * biL ) + j ); + return (i * biL) + j; } /* * Return the total size in bytes */ -size_t mbedtls_mpi_size( const mbedtls_mpi *X ) +size_t mbedtls_mpi_size(const mbedtls_mpi *X) { - return( ( mbedtls_mpi_bitlen( X ) + 7 ) >> 3 ); + return (mbedtls_mpi_bitlen(X) + 7) >> 3; } /* * Convert an ASCII character to digit value */ -static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c ) +static int mpi_get_digit(mbedtls_mpi_uint *d, int radix, char c) { *d = 255; - if( c >= 0x30 && c <= 0x39 ) *d = c - 0x30; - if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37; - if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57; + if (c >= 0x30 && c <= 0x39) { + *d = c - 0x30; + } + if (c >= 0x41 && c <= 0x46) { + *d = c - 0x37; + } + if (c >= 0x61 && c <= 0x66) { + *d = c - 0x57; + } - if( *d >= (mbedtls_mpi_uint) radix ) - return( MBEDTLS_ERR_MPI_INVALID_CHARACTER ); + if (*d >= (mbedtls_mpi_uint) radix) { + return MBEDTLS_ERR_MPI_INVALID_CHARACTER; + } - return( 0 ); + return 0; } /* * Import from an ASCII string */ -int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) +int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j, slen, n; int sign = 1; mbedtls_mpi_uint d; mbedtls_mpi T; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( s != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(s != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - if( s[0] == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); + if (s[0] == 0) { + mbedtls_mpi_free(X); + return 0; } - if( s[0] == '-' ) - { + if (s[0] == '-') { ++s; sign = -1; } - slen = strlen( s ); + slen = strlen(s); - if( radix == 16 ) - { - if( slen > MPI_SIZE_T_MAX >> 2 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix == 16) { + if (slen > MPI_SIZE_T_MAX >> 2) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - n = BITS_TO_LIMBS( slen << 2 ); + n = BITS_TO_LIMBS(slen << 2); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( i = slen, j = 0; i > 0; i--, j++ ) - { - MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); - X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 ); + for (i = slen, j = 0; i > 0; i--, j++) { + MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i - 1])); + X->p[j / (2 * ciL)] |= d << ((j % (2 * ciL)) << 2); } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( i = 0; i < slen; i++ ) - { - MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) ); + for (i = 0; i < slen; i++) { + MBEDTLS_MPI_CHK(mpi_get_digit(&d, radix, s[i])); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T, X, radix)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, &T, d)); } } - if( sign < 0 && mbedtls_mpi_bitlen( X ) != 0 ) + if (sign < 0 && mbedtls_mpi_bitlen(X) != 0) { X->s = -1; + } cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - return( ret ); + return ret; } /* * Helper to write the digits high-order first. */ -static int mpi_write_hlp( mbedtls_mpi *X, int radix, - char **p, const size_t buflen ) +static int mpi_write_hlp(mbedtls_mpi *X, int radix, + char **p, const size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint r; size_t length = 0; char *p_end = *p + buflen; - do - { - if( length >= buflen ) - { - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + do { + if (length >= buflen) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, radix)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_int(X, NULL, X, radix)); /* * Write the residue in the current position, as an ASCII character. */ - if( r < 0xA ) - *(--p_end) = (char)( '0' + r ); - else - *(--p_end) = (char)( 'A' + ( r - 0xA ) ); + if (r < 0xA) { + *(--p_end) = (char) ('0' + r); + } else { + *(--p_end) = (char) ('A' + (r - 0xA)); + } length++; - } while( mbedtls_mpi_cmp_int( X, 0 ) != 0 ); + } while (mbedtls_mpi_cmp_int(X, 0) != 0); - memmove( *p, p_end, length ); + memmove(*p, p_end, length); *p += length; cleanup: - return( ret ); + return ret; } /* * Export into an ASCII string */ -int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, - char *buf, size_t buflen, size_t *olen ) +int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, + char *buf, size_t buflen, size_t *olen) { int ret = 0; size_t n; char *p; mbedtls_mpi T; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( olen != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(olen != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - n = mbedtls_mpi_bitlen( X ); /* Number of bits necessary to present `n`. */ - if( radix >= 4 ) n >>= 1; /* Number of 4-adic digits necessary to present + n = mbedtls_mpi_bitlen(X); /* Number of bits necessary to present `n`. */ + if (radix >= 4) { + n >>= 1; /* Number of 4-adic digits necessary to present * `n`. If radix > 4, this might be a strict * overapproximation of the number of * radix-adic digits needed to present `n`. */ - if( radix >= 16 ) n >>= 1; /* Number of hexadecimal digits necessary to + } + if (radix >= 16) { + n >>= 1; /* Number of hexadecimal digits necessary to * present `n`. */ + } n += 1; /* Terminating null byte */ n += 1; /* Compensate for the divisions above, which round down `n` * in case it's not even. */ n += 1; /* Potential '-'-sign. */ - n += ( n & 1 ); /* Make n even to have enough space for hexadecimal writing, + n += (n & 1); /* Make n even to have enough space for hexadecimal writing, * which always uses an even number of hex-digits. */ - if( buflen < n ) - { + if (buflen < n) { *olen = n; - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; } p = buf; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - if( X->s == -1 ) - { + if (X->s == -1) { *p++ = '-'; buflen--; } - if( radix == 16 ) - { + if (radix == 16) { int c; size_t i, j, k; - for( i = X->n, k = 0; i > 0; i-- ) - { - for( j = ciL; j > 0; j-- ) - { - c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF; + for (i = X->n, k = 0; i > 0; i--) { + for (j = ciL; j > 0; j--) { + c = (X->p[i - 1] >> ((j - 1) << 3)) & 0xFF; - if( c == 0 && k == 0 && ( i + j ) != 2 ) + if (c == 0 && k == 0 && (i + j) != 2) { continue; + } *(p++) = "0123456789ABCDEF" [c / 16]; *(p++) = "0123456789ABCDEF" [c % 16]; k = 1; } } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T, X ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T, X)); - if( T.s == -1 ) + if (T.s == -1) { T.s = 1; + } - MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p, buflen ) ); + MBEDTLS_MPI_CHK(mpi_write_hlp(&T, radix, &p, buflen)); } *p++ = '\0'; @@ -604,16 +606,16 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) /* * Read X from an opened file */ -int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) +int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin) { mbedtls_mpi_uint d; size_t slen; @@ -622,37 +624,46 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; + char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( fin != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(fin != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( s, 0, sizeof( s ) ); - if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) - return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); + memset(s, 0, sizeof(s)); + if (fgets(s, sizeof(s) - 1, fin) == NULL) { + return MBEDTLS_ERR_MPI_FILE_IO_ERROR; + } - slen = strlen( s ); - if( slen == sizeof( s ) - 2 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + slen = strlen(s); + if (slen == sizeof(s) - 2) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } - if( slen > 0 && s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; } - if( slen > 0 && s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; } + if (slen > 0 && s[slen - 1] == '\n') { + slen--; s[slen] = '\0'; + } + if (slen > 0 && s[slen - 1] == '\r') { + slen--; s[slen] = '\0'; + } p = s + slen; - while( p-- > s ) - if( mpi_get_digit( &d, radix, *p ) != 0 ) + while (p-- > s) { + if (mpi_get_digit(&d, radix, *p) != 0) { break; + } + } - return( mbedtls_mpi_read_string( X, radix, p + 1 ) ); + return mbedtls_mpi_read_string(X, radix, p + 1); } /* * Write X into an opened file (or stdout if fout == NULL) */ -int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ) +int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, int radix, FILE *fout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n, slen, plen; @@ -660,35 +671,38 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE * Buffer should have space for (short) label and decimal formatted MPI, * newline characters and '\0' */ - char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; - MPI_VALIDATE_RET( X != NULL ); + char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; + MPI_VALIDATE_RET(X != NULL); - if( radix < 2 || radix > 16 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (radix < 2 || radix > 16) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( s, 0, sizeof( s ) ); + memset(s, 0, sizeof(s)); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_string(X, radix, s, sizeof(s) - 2, &n)); - if( p == NULL ) p = ""; + if (p == NULL) { + p = ""; + } - plen = strlen( p ); - slen = strlen( s ); + plen = strlen(p); + slen = strlen(s); s[slen++] = '\r'; s[slen++] = '\n'; - if( fout != NULL ) - { - if( fwrite( p, 1, plen, fout ) != plen || - fwrite( s, 1, slen, fout ) != slen ) - return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); + if (fout != NULL) { + if (fwrite(p, 1, plen, fout) != plen || + fwrite(s, 1, slen, fout) != slen) { + return MBEDTLS_ERR_MPI_FILE_IO_ERROR; + } + } else { + mbedtls_printf("%s%s", p, s); } - else - mbedtls_printf( "%s%s", p, s ); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -696,35 +710,34 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE /* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint * into the storage form used by mbedtls_mpi. */ -static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c( mbedtls_mpi_uint x ) +static mbedtls_mpi_uint mpi_uint_bigendian_to_host_c(mbedtls_mpi_uint x) { uint8_t i; unsigned char *x_ptr; mbedtls_mpi_uint tmp = 0; - for( i = 0, x_ptr = (unsigned char*) &x; i < ciL; i++, x_ptr++ ) - { + for (i = 0, x_ptr = (unsigned char *) &x; i < ciL; i++, x_ptr++) { tmp <<= CHAR_BIT; tmp |= (mbedtls_mpi_uint) *x_ptr; } - return( tmp ); + return tmp; } -static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) +static mbedtls_mpi_uint mpi_uint_bigendian_to_host(mbedtls_mpi_uint x) { #if defined(__BYTE_ORDER__) /* Nothing to do on bigendian systems. */ -#if ( __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ ) - return( x ); +#if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) + return x; #endif /* __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ */ -#if ( __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ ) +#if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) /* For GCC and Clang, have builtins for byte swapping. */ #if defined(__GNUC__) && defined(__GNUC_PREREQ) -#if __GNUC_PREREQ(4,3) +#if __GNUC_PREREQ(4, 3) #define have_bswap #endif #endif @@ -738,12 +751,11 @@ static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) #if defined(have_bswap) /* The compiler is hopefully able to statically evaluate this! */ - switch( sizeof(mbedtls_mpi_uint) ) - { + switch (sizeof(mbedtls_mpi_uint)) { case 4: - return( __builtin_bswap32(x) ); + return __builtin_bswap32(x); case 8: - return( __builtin_bswap64(x) ); + return __builtin_bswap64(x); } #endif #endif /* __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ */ @@ -751,15 +763,16 @@ static mbedtls_mpi_uint mpi_uint_bigendian_to_host( mbedtls_mpi_uint x ) /* Fall back to C-based reordering if we don't know the byte order * or we couldn't use a compiler-specific builtin. */ - return( mpi_uint_bigendian_to_host_c( x ) ); + return mpi_uint_bigendian_to_host_c(x); } -static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) +static void mpi_bigendian_to_host(mbedtls_mpi_uint * const p, size_t limbs) { mbedtls_mpi_uint *cur_limb_left; mbedtls_mpi_uint *cur_limb_right; - if( limbs == 0 ) + if (limbs == 0) { return; + } /* * Traverse limbs and @@ -770,15 +783,14 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) * than the right index (it's not a problem if limbs is odd and the * indices coincide in the last iteration). */ - for( cur_limb_left = p, cur_limb_right = p + ( limbs - 1 ); + for (cur_limb_left = p, cur_limb_right = p + (limbs - 1); cur_limb_left <= cur_limb_right; - cur_limb_left++, cur_limb_right-- ) - { + cur_limb_left++, cur_limb_right--) { mbedtls_mpi_uint tmp; /* Note that if cur_limb_left == cur_limb_right, * this code effectively swaps the bytes only once. */ - tmp = mpi_uint_bigendian_to_host( *cur_limb_left ); - *cur_limb_left = mpi_uint_bigendian_to_host( *cur_limb_right ); + tmp = mpi_uint_bigendian_to_host(*cur_limb_left); + *cur_limb_left = mpi_uint_bigendian_to_host(*cur_limb_right); *cur_limb_right = tmp; } } @@ -786,18 +798,19 @@ static void mpi_bigendian_to_host( mbedtls_mpi_uint * const p, size_t limbs ) /* * Import X from unsigned binary data, little endian */ -int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, - const unsigned char *buf, size_t buflen ) +int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; - size_t const limbs = CHARS_TO_LIMBS( buflen ); + size_t const limbs = CHARS_TO_LIMBS(buflen); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); - for( i = 0; i < buflen; i++ ) + for (i = 0; i < buflen; i++) { X->p[i / ciL] |= ((mbedtls_mpi_uint) buf[i]) << ((i % ciL) << 3); + } cleanup: @@ -806,33 +819,32 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, * upon failure is not necessary because failure only can happen before any * input is copied. */ - return( ret ); + return ret; } /* * Import X from unsigned binary data, big endian */ -int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ) +int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t const limbs = CHARS_TO_LIMBS( buflen ); - size_t const overhead = ( limbs * ciL ) - buflen; + size_t const limbs = CHARS_TO_LIMBS(buflen); + size_t const overhead = (limbs * ciL) - buflen; unsigned char *Xp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); /* Avoid calling `memcpy` with NULL source or destination argument, * even if buflen is 0. */ - if( buflen != 0 ) - { - Xp = (unsigned char*) X->p; - memcpy( Xp + overhead, buf, buflen ); + if (buflen != 0) { + Xp = (unsigned char *) X->p; + memcpy(Xp + overhead, buf, buflen); - mpi_bigendian_to_host( X->p, limbs ); + mpi_bigendian_to_host(X->p, limbs); } cleanup: @@ -842,66 +854,62 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu * upon failure is not necessary because failure only can happen before any * input is copied. */ - return( ret ); + return ret; } /* * Export X into unsigned binary data, little endian */ -int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen) { size_t stored_bytes = X->n * ciL; size_t bytes_to_copy; size_t i; - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { bytes_to_copy = stored_bytes; - } - else - { + } else { bytes_to_copy = buflen; /* The output buffer is smaller than the allocated size of X. * However X may fit if its leading bytes are zero. */ - for( i = bytes_to_copy; i < stored_bytes; i++ ) - { - if( GET_BYTE( X, i ) != 0 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + for (i = bytes_to_copy; i < stored_bytes; i++) { + if (GET_BYTE(X, i) != 0) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } } } - for( i = 0; i < bytes_to_copy; i++ ) - buf[i] = GET_BYTE( X, i ); + for (i = 0; i < bytes_to_copy; i++) { + buf[i] = GET_BYTE(X, i); + } - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { /* Write trailing 0 bytes */ - memset( buf + stored_bytes, 0, buflen - stored_bytes ); + memset(buf + stored_bytes, 0, buflen - stored_bytes); } - return( 0 ); + return 0; } /* * Export X into unsigned binary data, big endian */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, - unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary(const mbedtls_mpi *X, + unsigned char *buf, size_t buflen) { size_t stored_bytes; size_t bytes_to_copy; unsigned char *p; size_t i; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(buflen == 0 || buf != NULL); stored_bytes = X->n * ciL; - if( stored_bytes < buflen ) - { + if (stored_bytes < buflen) { /* There is enough space in the output buffer. Write initial * null bytes and record the position at which to start * writing the significant bytes. In this case, the execution @@ -909,66 +917,65 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, * number. */ bytes_to_copy = stored_bytes; p = buf + buflen - stored_bytes; - memset( buf, 0, buflen - stored_bytes ); - } - else - { + memset(buf, 0, buflen - stored_bytes); + } else { /* The output buffer is smaller than the allocated size of X. * However X may fit if its leading bytes are zero. */ bytes_to_copy = buflen; p = buf; - for( i = bytes_to_copy; i < stored_bytes; i++ ) - { - if( GET_BYTE( X, i ) != 0 ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + for (i = bytes_to_copy; i < stored_bytes; i++) { + if (GET_BYTE(X, i) != 0) { + return MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL; + } } } - for( i = 0; i < bytes_to_copy; i++ ) - p[bytes_to_copy - i - 1] = GET_BYTE( X, i ); + for (i = 0; i < bytes_to_copy; i++) { + p[bytes_to_copy - i - 1] = GET_BYTE(X, i); + } - return( 0 ); + return 0; } /* * Left-shift: X <<= count */ -int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) +int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, v0, t1; mbedtls_mpi_uint r0 = 0, r1; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - v0 = count / (biL ); + v0 = count / (biL); t1 = count & (biL - 1); - i = mbedtls_mpi_bitlen( X ) + count; + i = mbedtls_mpi_bitlen(X) + count; - if( X->n * biL < i ) - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, BITS_TO_LIMBS( i ) ) ); + if (X->n * biL < i) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, BITS_TO_LIMBS(i))); + } ret = 0; /* * shift by count / limb_size */ - if( v0 > 0 ) - { - for( i = X->n; i > v0; i-- ) + if (v0 > 0) { + for (i = X->n; i > v0; i--) { X->p[i - 1] = X->p[i - v0 - 1]; + } - for( ; i > 0; i-- ) + for (; i > 0; i--) { X->p[i - 1] = 0; + } } /* * shift by count % limb_size */ - if( t1 > 0 ) - { - for( i = v0; i < X->n; i++ ) - { + if (t1 > 0) { + for (i = v0; i < X->n; i++) { r1 = X->p[i] >> (biL - t1); X->p[i] <<= t1; X->p[i] |= r0; @@ -978,43 +985,43 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) cleanup: - return( ret ); + return ret; } /* * Right-shift: X >>= count */ -int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) +int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count) { size_t i, v0, v1; mbedtls_mpi_uint r0 = 0, r1; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); v0 = count / biL; v1 = count & (biL - 1); - if( v0 > X->n || ( v0 == X->n && v1 > 0 ) ) - return mbedtls_mpi_lset( X, 0 ); + if (v0 > X->n || (v0 == X->n && v1 > 0)) { + return mbedtls_mpi_lset(X, 0); + } /* * shift by count / limb_size */ - if( v0 > 0 ) - { - for( i = 0; i < X->n - v0; i++ ) + if (v0 > 0) { + for (i = 0; i < X->n - v0; i++) { X->p[i] = X->p[i + v0]; + } - for( ; i < X->n; i++ ) + for (; i < X->n; i++) { X->p[i] = 0; + } } /* * shift by count % limb_size */ - if( v1 > 0 ) - { - for( i = X->n; i > 0; i-- ) - { + if (v1 > 0) { + for (i = X->n; i > 0; i--) { r1 = X->p[i - 1] << (biL - v1); X->p[i - 1] >>= v1; X->p[i - 1] |= r0; @@ -1022,150 +1029,183 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) } } - return( 0 ); + return 0; } /* * Compare unsigned values */ -int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - for( i = X->n; i > 0; i-- ) - if( X->p[i - 1] != 0 ) + for (i = X->n; i > 0; i--) { + if (X->p[i - 1] != 0) { break; + } + } - for( j = Y->n; j > 0; j-- ) - if( Y->p[j - 1] != 0 ) + for (j = Y->n; j > 0; j--) { + if (Y->p[j - 1] != 0) { break; + } + } - if( i == 0 && j == 0 ) - return( 0 ); + if (i == 0 && j == 0) { + return 0; + } - if( i > j ) return( 1 ); - if( j > i ) return( -1 ); + if (i > j) { + return 1; + } + if (j > i) { + return -1; + } - for( ; i > 0; i-- ) - { - if( X->p[i - 1] > Y->p[i - 1] ) return( 1 ); - if( X->p[i - 1] < Y->p[i - 1] ) return( -1 ); + for (; i > 0; i--) { + if (X->p[i - 1] > Y->p[i - 1]) { + return 1; + } + if (X->p[i - 1] < Y->p[i - 1]) { + return -1; + } } - return( 0 ); + return 0; } /* * Compare signed values */ -int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) +int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - for( i = X->n; i > 0; i-- ) - if( X->p[i - 1] != 0 ) + for (i = X->n; i > 0; i--) { + if (X->p[i - 1] != 0) { break; + } + } - for( j = Y->n; j > 0; j-- ) - if( Y->p[j - 1] != 0 ) + for (j = Y->n; j > 0; j--) { + if (Y->p[j - 1] != 0) { break; + } + } - if( i == 0 && j == 0 ) - return( 0 ); + if (i == 0 && j == 0) { + return 0; + } - if( i > j ) return( X->s ); - if( j > i ) return( -Y->s ); + if (i > j) { + return X->s; + } + if (j > i) { + return -Y->s; + } - if( X->s > 0 && Y->s < 0 ) return( 1 ); - if( Y->s > 0 && X->s < 0 ) return( -1 ); + if (X->s > 0 && Y->s < 0) { + return 1; + } + if (Y->s > 0 && X->s < 0) { + return -1; + } - for( ; i > 0; i-- ) - { - if( X->p[i - 1] > Y->p[i - 1] ) return( X->s ); - if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s ); + for (; i > 0; i--) { + if (X->p[i - 1] > Y->p[i - 1]) { + return X->s; + } + if (X->p[i - 1] < Y->p[i - 1]) { + return -X->s; + } } - return( 0 ); + return 0; } /* * Compare signed values */ -int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) +int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z) { mbedtls_mpi Y; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET(X != NULL); - *p = ( z < 0 ) ? -z : z; - Y.s = ( z < 0 ) ? -1 : 1; + *p = mpi_sint_abs(z); + Y.s = (z < 0) ? -1 : 1; Y.n = 1; Y.p = p; - return( mbedtls_mpi_cmp_mpi( X, &Y ) ); + return mbedtls_mpi_cmp_mpi(X, &Y); } /* * Unsigned addition: X = |A| + |B| (HAC 14.7) */ -int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi_uint *o, *p, c, tmp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( X == B ) - { + if (X == B) { const mbedtls_mpi *T = A; A = X; B = T; } - if( X != A ) - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); + if (X != A) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A)); + } /* * X should always be positive as a result of unsigned additions. */ X->s = 1; - for( j = B->n; j > 0; j-- ) - if( B->p[j - 1] != 0 ) + for (j = B->n; j > 0; j--) { + if (B->p[j - 1] != 0) { break; + } + } + + /* Exit early to avoid undefined behavior on NULL+0 when X->n == 0 + * and B is 0 (of any size). */ + if (j == 0) { + return 0; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, j)); o = B->p; p = X->p; c = 0; /* * tmp is used because it might happen that p == o */ - for( i = 0; i < j; i++, o++, p++ ) - { - tmp= *o; - *p += c; c = ( *p < c ); - *p += tmp; c += ( *p < tmp ); - } - - while( c != 0 ) - { - if( i >= X->n ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + 1 ) ); + for (i = 0; i < j; i++, o++, p++) { + tmp = *o; + *p += c; c = (*p < c); + *p += tmp; c += (*p < tmp); + } + + while (c != 0) { + if (i >= X->n) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + 1)); p = X->p + i; } - *p += c; c = ( *p < c ); i++; p++; + *p += c; c = (*p < c); i++; p++; } cleanup: - return( ret ); + return ret; } /** @@ -1185,65 +1225,66 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi * \return 1 if `l < r`. * 0 if `l >= r`. */ -static mbedtls_mpi_uint mpi_sub_hlp( size_t n, - mbedtls_mpi_uint *d, - const mbedtls_mpi_uint *l, - const mbedtls_mpi_uint *r ) +static mbedtls_mpi_uint mpi_sub_hlp(size_t n, + mbedtls_mpi_uint *d, + const mbedtls_mpi_uint *l, + const mbedtls_mpi_uint *r) { size_t i; mbedtls_mpi_uint c = 0, t, z; - for( i = 0; i < n; i++ ) - { - z = ( l[i] < c ); t = l[i] - c; - c = ( t < r[i] ) + z; d[i] = t - r[i]; + for (i = 0; i < n; i++) { + z = (l[i] < c); t = l[i] - c; + c = (t < r[i]) + z; d[i] = t - r[i]; } - return( c ); + return c; } /* * Unsigned subtraction: X = |A| - |B| (HAC 14.9, 14.10) */ -int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; mbedtls_mpi_uint carry; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - for( n = B->n; n > 0; n-- ) - if( B->p[n - 1] != 0 ) + for (n = B->n; n > 0; n--) { + if (B->p[n - 1] != 0) { break; - if( n > A->n ) - { + } + } + if (n > A->n) { /* B >= (2^ciL)^n > A */ ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, A->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, A->n)); /* Set the high limbs of X to match A. Don't touch the lower limbs * because X might be aliased to B, and we must not overwrite the * significant digits of B. */ - if( A->n > n ) - memcpy( X->p + n, A->p + n, ( A->n - n ) * ciL ); - if( X->n > A->n ) - memset( X->p + A->n, 0, ( X->n - A->n ) * ciL ); - - carry = mpi_sub_hlp( n, X->p, A->p, B->p ); - if( carry != 0 ) - { + if (A->n > n && A != X) { + memcpy(X->p + n, A->p + n, (A->n - n) * ciL); + } + if (X->n > A->n) { + memset(X->p + A->n, 0, (X->n - A->n) * ciL); + } + + carry = mpi_sub_hlp(n, X->p, A->p, B->p); + if (carry != 0) { /* Propagate the carry to the first nonzero limb of X. */ - for( ; n < X->n && X->p[n] == 0; n++ ) + for (; n < X->n && X->p[n] == 0; n++) { --X->p[n]; + } /* If we ran out of space for the carry, it means that the result * is negative. */ - if( n == X->n ) - { + if (n == X->n) { ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE; goto cleanup; } @@ -1254,113 +1295,95 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi X->s = 1; cleanup: - return( ret ); + return ret; } -/* - * Signed addition: X = A + B +/* Common function for signed addition and subtraction. + * Calculate A + B * flip_B where flip_B is 1 or -1. */ -int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +static int add_sub_mpi(mbedtls_mpi *X, + const mbedtls_mpi *A, const mbedtls_mpi *B, + int flip_B) { int ret, s; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); s = A->s; - if( A->s * B->s < 0 ) - { - if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); - X->s = s; - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); + if (A->s * B->s * flip_B < 0) { + int cmp = mbedtls_mpi_cmp_abs(A, B); + if (cmp >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, A, B)); + /* If |A| = |B|, the result is 0 and we must set the sign bit + * to +1 regardless of which of A or B was negative. Otherwise, + * since |A| > |B|, the sign is the sign of A. */ + X->s = cmp == 0 ? 1 : s; + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(X, B, A)); + /* Since |A| < |B|, the sign is the opposite of A. */ X->s = -s; } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) ); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(X, A, B)); X->s = s; } cleanup: - return( ret ); + return ret; } /* - * Signed subtraction: X = A - B + * Signed addition: X = A + B */ -int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { - int ret, s; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); - - s = A->s; - if( A->s * B->s > 0 ) - { - if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); - X->s = s; - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); - X->s = -s; - } - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) ); - X->s = s; - } - -cleanup: + return add_sub_mpi(X, A, B, 1); +} - return( ret ); +/* + * Signed subtraction: X = A - B + */ +int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) +{ + return add_sub_mpi(X, A, B, -1); } /* * Signed addition: X = A + b */ -int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); - p[0] = ( b < 0 ) ? -b : b; - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_add_mpi( X, A, &B ) ); + return mbedtls_mpi_add_mpi(X, A, &B); } /* * Signed subtraction: X = A - b */ -int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); - p[0] = ( b < 0 ) ? -b : b; - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_sub_mpi( X, A, &B ) ); + return mbedtls_mpi_sub_mpi(X, A, &B); } /** Helper for mbedtls_mpi multiplication. @@ -1385,32 +1408,30 @@ static * Apple LLVM version 4.2 (clang-425.0.24) (based on LLVM 3.2svn) * appears to need this to prevent bad ARM code generation at -O3. */ -__attribute__ ((noinline)) +__attribute__((noinline)) #endif -void mpi_mul_hlp( size_t i, - const mbedtls_mpi_uint *s, - mbedtls_mpi_uint *d, - mbedtls_mpi_uint b ) +void mpi_mul_hlp(size_t i, + const mbedtls_mpi_uint *s, + mbedtls_mpi_uint *d, + mbedtls_mpi_uint b) { mbedtls_mpi_uint c = 0, t = 0; + (void) t; /* Unused in some architectures */ #if defined(MULADDC_HUIT) - for( ; i >= 8; i -= 8 ) - { + for (; i >= 8; i -= 8) { MULADDC_INIT MULADDC_HUIT - MULADDC_STOP + MULADDC_STOP } - for( ; i > 0; i-- ) - { + for (; i > 0; i--) { MULADDC_INIT MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } #else /* MULADDC_HUIT */ - for( ; i >= 16; i -= 16 ) - { + for (; i >= 16; i -= 16) { MULADDC_INIT MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE @@ -1421,106 +1442,113 @@ void mpi_mul_hlp( size_t i, MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } - for( ; i >= 8; i -= 8 ) - { + for (; i >= 8; i -= 8) { MULADDC_INIT MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } - for( ; i > 0; i-- ) - { + for (; i > 0; i--) { MULADDC_INIT MULADDC_CORE - MULADDC_STOP + MULADDC_STOP } #endif /* MULADDC_HUIT */ - t++; - - while( c != 0 ) - { - *d += c; c = ( *d < c ); d++; + while (c != 0) { + *d += c; c = (*d < c); d++; } } /* * Baseline multiplication: X = A * B (HAC 14.12) */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, j; mbedtls_mpi TA, TB; int result_is_zero = 0; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); - if( X == A ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); A = &TA; } - if( X == B ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; } + if (X == A) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); A = &TA; + } + if (X == B) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B)); B = &TB; + } - for( i = A->n; i > 0; i-- ) - if( A->p[i - 1] != 0 ) + for (i = A->n; i > 0; i--) { + if (A->p[i - 1] != 0) { break; - if( i == 0 ) + } + } + if (i == 0) { result_is_zero = 1; + } - for( j = B->n; j > 0; j-- ) - if( B->p[j - 1] != 0 ) + for (j = B->n; j > 0; j--) { + if (B->p[j - 1] != 0) { break; - if( j == 0 ) + } + } + if (j == 0) { result_is_zero = 1; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for( ; j > 0; j-- ) - mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] ); + for (; j > 0; j--) { + mpi_mul_hlp(i, A->p, X->p + j - 1, B->p[j - 1]); + } /* If the result is 0, we don't shortcut the operation, which reduces * but does not eliminate side channels leaking the zero-ness. We do * need to take care to set the sign bit properly since the library does * not fully support an MPI object with a value of 0 and s == -1. */ - if( result_is_zero ) + if (result_is_zero) { X->s = 1; - else + } else { X->s = A->s * B->s; + } cleanup: - mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TA ); + mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TA); - return( ret ); + return ret; } /* * Baseline multiplication: X = A * b */ -int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ) +int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b) { - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); /* mpi_mul_hlp can't deal with a leading 0. */ size_t n = A->n; - while( n > 0 && A->p[n - 1] == 0 ) + while (n > 0 && A->p[n - 1] == 0) { --n; + } /* The general method below doesn't work if n==0 or b==0. By chance * calculating the result is trivial in those cases. */ - if( b == 0 || n == 0 ) - { - return( mbedtls_mpi_lset( X, 0 ) ); + if (b == 0 || n == 0) { + return mbedtls_mpi_lset(X, 0); } /* Calculate A*b as A + A*(b-1) to take advantage of mpi_mul_hlp */ @@ -1533,26 +1561,28 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint * calls to calloc() in ECP code, presumably because it reuses the * same mpi for a while and this way the mpi is more likely to directly * grow to its final size. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) ); - mpi_mul_hlp( n, A->p, X->p, b - 1 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, A)); + mpi_mul_hlp(n, A->p, X->p, b - 1); cleanup: - return( ret ); + return ret; } /* * Unsigned integer divide - double mbedtls_mpi_uint dividend, u1/u0, and * mbedtls_mpi_uint divisor, d */ -static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, - mbedtls_mpi_uint u0, mbedtls_mpi_uint d, mbedtls_mpi_uint *r ) +static mbedtls_mpi_uint mbedtls_int_div_int(mbedtls_mpi_uint u1, + mbedtls_mpi_uint u0, + mbedtls_mpi_uint d, + mbedtls_mpi_uint *r) { #if defined(MBEDTLS_HAVE_UDBL) mbedtls_t_udbl dividend, quotient; #else const mbedtls_mpi_uint radix = (mbedtls_mpi_uint) 1 << biH; - const mbedtls_mpi_uint uint_halfword_mask = ( (mbedtls_mpi_uint) 1 << biH ) - 1; + const mbedtls_mpi_uint uint_halfword_mask = ((mbedtls_mpi_uint) 1 << biH) - 1; mbedtls_mpi_uint d0, d1, q0, q1, rAX, r0, quotient; mbedtls_mpi_uint u0_msw, u0_lsw; size_t s; @@ -1561,22 +1591,25 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Check for overflow */ - if( 0 == d || u1 >= d ) - { - if (r != NULL) *r = ~0; + if (0 == d || u1 >= d) { + if (r != NULL) { + *r = ~(mbedtls_mpi_uint) 0u; + } - return ( ~0 ); + return ~(mbedtls_mpi_uint) 0u; } #if defined(MBEDTLS_HAVE_UDBL) dividend = (mbedtls_t_udbl) u1 << biL; dividend |= (mbedtls_t_udbl) u0; quotient = dividend / d; - if( quotient > ( (mbedtls_t_udbl) 1 << biL ) - 1 ) - quotient = ( (mbedtls_t_udbl) 1 << biL ) - 1; + if (quotient > ((mbedtls_t_udbl) 1 << biL) - 1) { + quotient = ((mbedtls_t_udbl) 1 << biL) - 1; + } - if( r != NULL ) - *r = (mbedtls_mpi_uint)( dividend - (quotient * d ) ); + if (r != NULL) { + *r = (mbedtls_mpi_uint) (dividend - (quotient * d)); + } return (mbedtls_mpi_uint) quotient; #else @@ -1589,11 +1622,11 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Normalize the divisor, d, and dividend, u0, u1 */ - s = mbedtls_clz( d ); + s = mbedtls_clz(d); d = d << s; u1 = u1 << s; - u1 |= ( u0 >> ( biL - s ) ) & ( -(mbedtls_mpi_sint)s >> ( biL - 1 ) ); + u1 |= (u0 >> (biL - s)) & (-(mbedtls_mpi_sint) s >> (biL - 1)); u0 = u0 << s; d1 = d >> biH; @@ -1608,28 +1641,31 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, q1 = u1 / d1; r0 = u1 - d1 * q1; - while( q1 >= radix || ( q1 * d0 > radix * r0 + u0_msw ) ) - { + while (q1 >= radix || (q1 * d0 > radix * r0 + u0_msw)) { q1 -= 1; r0 += d1; - if ( r0 >= radix ) break; + if (r0 >= radix) { + break; + } } - rAX = ( u1 * radix ) + ( u0_msw - q1 * d ); + rAX = (u1 * radix) + (u0_msw - q1 * d); q0 = rAX / d1; r0 = rAX - q0 * d1; - while( q0 >= radix || ( q0 * d0 > radix * r0 + u0_lsw ) ) - { + while (q0 >= radix || (q0 * d0 > radix * r0 + u0_lsw)) { q0 -= 1; r0 += d1; - if ( r0 >= radix ) break; + if (r0 >= radix) { + break; + } } - if (r != NULL) - *r = ( rAX * radix + u0_lsw - q0 * d ) >> s; + if (r != NULL) { + *r = (rAX * radix + u0_lsw - q0 * d) >> s; + } quotient = q1 * radix + q0; @@ -1640,21 +1676,22 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Division by mbedtls_mpi: A = Q * B + R (HAC 14.20) */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, - const mbedtls_mpi *B ) +int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; mbedtls_mpi_uint TP2[3]; - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( mbedtls_mpi_cmp_int( B, 0 ) == 0 ) - return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); + if (mbedtls_mpi_cmp_int(B, 0) == 0) { + return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; + } - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - mbedtls_mpi_init( &T1 ); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); + mbedtls_mpi_init(&T1); /* * Avoid dynamic memory allocations for constant-size T2. * @@ -1663,196 +1700,194 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, * buffer. */ T2.s = 1; - T2.n = sizeof( TP2 ) / sizeof( *TP2 ); + T2.n = sizeof(TP2) / sizeof(*TP2); T2.p = TP2; - if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) - { - if( Q != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_lset( Q, 0 ) ); - if( R != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, A ) ); - return( 0 ); + if (mbedtls_mpi_cmp_abs(A, B) < 0) { + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(Q, 0)); + } + if (R != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, A)); + } + return 0; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &X, A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&X, A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, B)); X.s = Y.s = 1; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, A->n + 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&Z, A->n + 2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Z, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T1, A->n + 2)); - k = mbedtls_mpi_bitlen( &Y ) % biL; - if( k < biL - 1 ) - { + k = mbedtls_mpi_bitlen(&Y) % biL; + if (k < biL - 1) { k = biL - 1 - k; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &X, k ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, k ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&X, k)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, k)); + } else { + k = 0; } - else k = 0; n = X.n - 1; t = Y.n - 1; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&Y, biL * (n - t))); - while( mbedtls_mpi_cmp_mpi( &X, &Y ) >= 0 ) - { + while (mbedtls_mpi_cmp_mpi(&X, &Y) >= 0) { Z.p[n - t]++; - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &Y)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, biL * ( n - t ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, biL * (n - t))); - for( i = n; i > t ; i-- ) - { - if( X.p[i] >= Y.p[t] ) - Z.p[i - t - 1] = ~0; - else - { - Z.p[i - t - 1] = mbedtls_int_div_int( X.p[i], X.p[i - 1], - Y.p[t], NULL); + for (i = n; i > t; i--) { + if (X.p[i] >= Y.p[t]) { + Z.p[i - t - 1] = ~(mbedtls_mpi_uint) 0u; + } else { + Z.p[i - t - 1] = mbedtls_int_div_int(X.p[i], X.p[i - 1], + Y.p[t], NULL); } - T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2]; - T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1]; + T2.p[0] = (i < 2) ? 0 : X.p[i - 2]; + T2.p[1] = (i < 1) ? 0 : X.p[i - 1]; T2.p[2] = X.p[i]; Z.p[i - t - 1]++; - do - { + do { Z.p[i - t - 1]--; - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T1, 0 ) ); - T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1]; + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&T1, 0)); + T1.p[0] = (t < 1) ? 0 : Y.p[t - 1]; T1.p[1] = Y.p[t]; - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); - } - while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &T1, Z.p[i - t - 1])); + } while (mbedtls_mpi_cmp_mpi(&T1, &T2) > 0); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&T1, &Y, Z.p[i - t - 1])); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1, biL * (i - t - 1))); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&X, &X, &T1)); - if( mbedtls_mpi_cmp_int( &X, 0 ) < 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &X, &X, &T1 ) ); + if (mbedtls_mpi_cmp_int(&X, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&T1, biL * (i - t - 1))); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&X, &X, &T1)); Z.p[i - t - 1]--; } } - if( Q != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Q, &Z ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(Q, &Z)); Q->s = A->s * B->s; } - if( R != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &X, k ) ); + if (R != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&X, k)); X.s = A->s; - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, &X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(R, &X)); - if( mbedtls_mpi_cmp_int( R, 0 ) == 0 ) + if (mbedtls_mpi_cmp_int(R, 0) == 0) { R->s = 1; + } } cleanup: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); - mbedtls_mpi_free( &T1 ); - mbedtls_platform_zeroize( TP2, sizeof( TP2 ) ); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); + mbedtls_mpi_free(&T1); + mbedtls_platform_zeroize(TP2, sizeof(TP2)); - return( ret ); + return ret; } /* * Division by int: A = Q * b + R */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, - const mbedtls_mpi *A, - mbedtls_mpi_sint b ) +int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, + const mbedtls_mpi *A, + mbedtls_mpi_sint b) { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(A != NULL); - p[0] = ( b < 0 ) ? -b : b; - B.s = ( b < 0 ) ? -1 : 1; + p[0] = mpi_sint_abs(b); + B.s = (b < 0) ? -1 : 1; B.n = 1; B.p = p; - return( mbedtls_mpi_div_mpi( Q, R, A, &B ) ); + return mbedtls_mpi_div_mpi(Q, R, A, &B); } /* * Modulo: R = A mod B */ -int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET( R != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(R != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - if( mbedtls_mpi_cmp_int( B, 0 ) < 0 ) - return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); + if (mbedtls_mpi_cmp_int(B, 0) < 0) { + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( NULL, R, A, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(NULL, R, A, B)); - while( mbedtls_mpi_cmp_int( R, 0 ) < 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( R, R, B ) ); + while (mbedtls_mpi_cmp_int(R, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(R, R, B)); + } - while( mbedtls_mpi_cmp_mpi( R, B ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( R, R, B ) ); + while (mbedtls_mpi_cmp_mpi(R, B) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(R, R, B)); + } cleanup: - return( ret ); + return ret; } /* * Modulo: r = A mod b */ -int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b) { size_t i; mbedtls_mpi_uint x, y, z; - MPI_VALIDATE_RET( r != NULL ); - MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET(r != NULL); + MPI_VALIDATE_RET(A != NULL); - if( b == 0 ) - return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); + if (b == 0) { + return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; + } - if( b < 0 ) - return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); + if (b < 0) { + return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; + } /* * handle trivial cases */ - if( b == 1 ) - { + if (b == 1 || A->n == 0) { *r = 0; - return( 0 ); + return 0; } - if( b == 2 ) - { + if (b == 2) { *r = A->p[0] & 1; - return( 0 ); + return 0; } /* * general case */ - for( i = A->n, y = 0; i > 0; i-- ) - { + for (i = A->n, y = 0; i > 0; i--) { x = A->p[i - 1]; - y = ( y << biH ) | ( x >> biH ); + y = (y << biH) | (x >> biH); z = y / b; y -= z * b; x <<= biH; - y = ( y << biH ) | ( x >> biH ); + y = (y << biH) | (x >> biH); z = y / b; y -= z * b; } @@ -1861,75 +1896,55 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_ * If A is negative, then the current y represents a negative value. * Flipping it to the positive side. */ - if( A->s < 0 && y != 0 ) + if (A->s < 0 && y != 0) { y = b - y; + } *r = y; - return( 0 ); + return 0; } /* * Fast Montgomery initialization (thanks to Tom St Denis) */ -static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) +mbedtls_mpi_uint mbedtls_mpi_montmul_init(const mbedtls_mpi_uint *N) { - mbedtls_mpi_uint x, m0 = N->p[0]; - unsigned int i; + mbedtls_mpi_uint x = N[0]; - x = m0; - x += ( ( m0 + 2 ) & 4 ) << 1; + x += ((N[0] + 2) & 4) << 1; - for( i = biL; i >= 8; i /= 2 ) - x *= ( 2 - ( m0 * x ) ); + for (unsigned int i = biL; i >= 8; i /= 2) { + x *= (2 - (N[0] * x)); + } - *mm = ~x + 1; + return ~x + 1; } -/** Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) - * - * \param[in,out] A One of the numbers to multiply. - * It must have at least as many limbs as N - * (A->n >= N->n), and any limbs beyond n are ignored. - * On successful completion, A contains the result of - * the multiplication A * B * R^-1 mod N where - * R = (2^ciL)^n. - * \param[in] B One of the numbers to multiply. - * It must be nonzero and must not have more limbs than N - * (B->n <= N->n). - * \param[in] N The modulo. N must be odd. - * \param mm The value calculated by `mpi_montg_init(&mm, N)`. - * This is -N^-1 mod 2^ciL. - * \param[in,out] T A bignum for temporary storage. - * It must be at least twice the limb size of N plus 2 - * (T->n >= 2 * (N->n + 1)). - * Its initial content is unused and - * its final content is indeterminate. - * Note that unlike the usual convention in the library - * for `const mbedtls_mpi*`, the content of T can change. - */ -static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm, - const mbedtls_mpi *T ) +void mbedtls_mpi_montmul(mbedtls_mpi *A, + const mbedtls_mpi *B, + const mbedtls_mpi *N, + mbedtls_mpi_uint mm, + const mbedtls_mpi *T) { size_t i, n, m; mbedtls_mpi_uint u0, u1, *d; - memset( T->p, 0, T->n * ciL ); + memset(T->p, 0, T->n * ciL); d = T->p; n = N->n; - m = ( B->n < n ) ? B->n : n; + m = (B->n < n) ? B->n : n; - for( i = 0; i < n; i++ ) - { + for (i = 0; i < n; i++) { /* * T = (T + u0*B + u1*N) / 2^biL */ u0 = A->p[i]; - u1 = ( d[0] + u0 * B->p[0] ) * mm; + u1 = (d[0] + u0 * B->p[0]) * mm; - mpi_mul_hlp( m, B->p, d, u0 ); - mpi_mul_hlp( n, N->p, d, u1 ); + mpi_mul_hlp(m, B->p, d, u0); + mpi_mul_hlp(n, N->p, d, u1); *d++ = u0; d[n + 1] = 0; } @@ -1940,28 +1955,29 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi /* Copy the n least significant limbs of d to A, so that * A = d if d < N (recall that N has n limbs). */ - memcpy( A->p, d, n * ciL ); + memcpy(A->p, d, n * ciL); /* If d >= N then we want to set A to d - N. To prevent timing attacks, * do the calculation without using conditional tests. */ /* Set d to d0 + (2^biL)^n - N where d0 is the current value of d. */ d[n] += 1; - d[n] -= mpi_sub_hlp( n, d, d, N->p ); + d[n] -= mpi_sub_hlp(n, d, d, N->p); /* If d0 < N then d < (2^biL)^n * so d[n] == 0 and we want to keep A as it is. * If d0 >= N then d >= (2^biL)^n, and d <= (2^biL)^n + N < 2 * (2^biL)^n * so d[n] == 1 and we want to set A to the result of the subtraction * which is d - (2^biL)^n, i.e. the n least significant limbs of d. * This exactly corresponds to a conditional assignment. */ - mbedtls_ct_mpi_uint_cond_assign( n, A->p, d, (unsigned char) d[n] ); + mbedtls_ct_mpi_uint_cond_assign(n, A->p, d, (unsigned char) d[n]); } /* * Montgomery reduction: A = A * R^-1 mod N * - * See mpi_montmul() regarding constraints and guarantees on the parameters. + * See mbedtls_mpi_montmul() regarding constraints and guarantees on the + * parameters. */ -static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, - mbedtls_mpi_uint mm, const mbedtls_mpi *T ) +static void mpi_montred(mbedtls_mpi *A, const mbedtls_mpi *N, + mbedtls_mpi_uint mm, const mbedtls_mpi *T) { mbedtls_mpi_uint z = 1; mbedtls_mpi U; @@ -1969,7 +1985,7 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, U.n = U.s = (int) z; U.p = &z; - mpi_montmul( A, &U, N, mm, T ); + mbedtls_mpi_montmul(A, &U, N, mm, T); } /** @@ -1987,86 +2003,140 @@ static void mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, * * \return \c 0 on success, or a negative error code. */ -static int mpi_select( mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx ) +static int mpi_select(mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_t idx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( size_t i = 0; i < T_size; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( R, &T[i], - (unsigned char) mbedtls_ct_size_bool_eq( i, idx ) ) ); + for (size_t i = 0; i < T_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i], + (unsigned char) mbedtls_ct_size_bool_eq(i, + idx))); } cleanup: - return( ret ); + return ret; +} + +int mbedtls_mpi_get_mont_r2_unsafe(mbedtls_mpi *X, + const mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(X, N->n * 2 * biL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(X, X, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(X, N->n)); + +cleanup: + return ret; } /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, - const mbedtls_mpi *E, const mbedtls_mpi *N, - mbedtls_mpi *prec_RR ) +int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *prec_RR) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t wbits, wsize, one = 1; + size_t window_bitsize; size_t i, j, nblimbs; size_t bufsize, nbits; + size_t exponent_bits_in_window = 0; mbedtls_mpi_uint ei, mm, state; - mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], WW, Apos; + mbedtls_mpi RR, T, W[(size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE], WW, Apos; int neg; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( E != NULL ); - MPI_VALIDATE_RET( N != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(E != NULL); + MPI_VALIDATE_RET(N != NULL); - if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(N, 0) <= 0 || (N->p[0] & 1) == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_cmp_int( E, 0 ) < 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(E, 0) < 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_bitlen( E ) > MBEDTLS_MPI_MAX_BITS || - mbedtls_mpi_bitlen( N ) > MBEDTLS_MPI_MAX_BITS ) - return ( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_bitlen(E) > MBEDTLS_MPI_MAX_BITS || + mbedtls_mpi_bitlen(N) > MBEDTLS_MPI_MAX_BITS) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * Init temps and window size */ - mpi_montg_init( &mm, N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T ); - mbedtls_mpi_init( &Apos ); - mbedtls_mpi_init( &WW ); - memset( W, 0, sizeof( W ) ); + mm = mbedtls_mpi_montmul_init(N->p); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&T); + mbedtls_mpi_init(&Apos); + mbedtls_mpi_init(&WW); + memset(W, 0, sizeof(W)); - i = mbedtls_mpi_bitlen( E ); + i = mbedtls_mpi_bitlen(E); - wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : - ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; + window_bitsize = (i > 671) ? 6 : (i > 239) ? 5 : + (i > 79) ? 4 : (i > 23) ? 3 : 1; -#if( MBEDTLS_MPI_WINDOW_SIZE < 6 ) - if( wsize > MBEDTLS_MPI_WINDOW_SIZE ) - wsize = MBEDTLS_MPI_WINDOW_SIZE; +#if (MBEDTLS_MPI_WINDOW_SIZE < 6) + if (window_bitsize > MBEDTLS_MPI_WINDOW_SIZE) { + window_bitsize = MBEDTLS_MPI_WINDOW_SIZE; + } #endif + const size_t w_table_used_size = (size_t) 1 << window_bitsize; + + /* + * This function is not constant-trace: its memory accesses depend on the + * exponent value. To defend against timing attacks, callers (such as RSA + * and DHM) should use exponent blinding. However this is not enough if the + * adversary can find the exponent in a single trace, so this function + * takes extra precautions against adversaries who can observe memory + * access patterns. + * + * This function performs a series of multiplications by table elements and + * squarings, and we want the prevent the adversary from finding out which + * table element was used, and from distinguishing between multiplications + * and squarings. Firstly, when multiplying by an element of the window + * W[i], we do a constant-trace table lookup to obfuscate i. This leaves + * squarings as having a different memory access patterns from other + * multiplications. So secondly, we put the accumulator in the table as + * well, and also do a constant-trace table lookup to multiply by the + * accumulator which is W[x_index]. + * + * This way, all multiplications take the form of a lookup-and-multiply. + * The number of lookup-and-multiply operations inside each iteration of + * the main loop still depends on the bits of the exponent, but since the + * other operations in the loop don't have an easily recognizable memory + * trace, an adversary is unlikely to be able to observe the exact + * patterns. + * + * An adversary may still be able to recover the exponent if they can + * observe both memory accesses and branches. However, branch prediction + * exploitation typically requires many traces of execution over the same + * data, which is defeated by randomized blinding. + */ + const size_t x_index = 0; + mbedtls_mpi_init(&W[x_index]); + j = N->n + 1; - /* All W[i] and X must have at least N->n limbs for the mpi_montmul() - * and mpi_montred() calls later. Here we ensure that W[1] and X are - * large enough, and later we'll grow other W[i] to the same length. - * They must not be shrunk midway through this function! + /* All W[i] including the accumulator must have at least N->n limbs for + * the mbedtls_mpi_montmul() and mpi_montred() calls later. Here we ensure + * that W[1] and the accumulator W[x_index] are large enough. later we'll + * grow other W[i] to the same length. They must not be shrunk midway + * through this function! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[x_index], j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], j)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&T, j * 2)); /* * Compensate for negative A (and correct at the end) */ - neg = ( A->s == -1 ); - if( neg ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Apos, A ) ); + neg = (A->s == -1); + if (neg) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Apos, A)); Apos.s = 1; A = &Apos; } @@ -2074,83 +2144,85 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * If 1st call, pre-compute R^2 mod N */ - if( prec_RR == NULL || prec_RR->p == NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) ); + if (prec_RR == NULL || prec_RR->p == NULL) { + mbedtls_mpi_get_mont_r2_unsafe(&RR, N); - if( prec_RR != NULL ) - memcpy( prec_RR, &RR, sizeof( mbedtls_mpi ) ); + if (prec_RR != NULL) { + memcpy(prec_RR, &RR, sizeof(mbedtls_mpi)); + } + } else { + memcpy(&RR, prec_RR, sizeof(mbedtls_mpi)); } - else - memcpy( &RR, prec_RR, sizeof( mbedtls_mpi ) ); /* * W[1] = A * R^2 * R^-1 mod N = A * R mod N */ - if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) ); + if (mbedtls_mpi_cmp_mpi(A, N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&W[1], A, N)); /* This should be a no-op because W[1] is already that large before * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow - * in mpi_montmul() below, so let's make sure. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) ); + * in mbedtls_mpi_montmul() below, so let's make sure. */ + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], N->n + 1)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[1], A)); } - else - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) ); /* Note that this is safe because W[1] always has at least N->n limbs * (it grew above and was preserved by mbedtls_mpi_copy()). */ - mpi_montmul( &W[1], &RR, N, mm, &T ); + mbedtls_mpi_montmul(&W[1], &RR, N, mm, &T); /* - * X = R^2 * R^-1 mod N = R mod N + * W[x_index] = R^2 * R^-1 mod N = R mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) ); - mpi_montred( X, N, mm, &T ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[x_index], &RR)); + mpi_montred(&W[x_index], N, mm, &T); - if( wsize > 1 ) - { + + if (window_bitsize > 1) { /* - * W[1 << (wsize - 1)] = W[1] ^ (wsize - 1) + * W[i] = W[1] ^ i + * + * The first bit of the sliding window is always 1 and therefore we + * only need to store the second half of the table. + * + * (There are two special elements in the table: W[0] for the + * accumulator/result and W[1] for A in Montgomery form. Both of these + * are already set at this point.) */ - j = one << ( wsize - 1 ); + j = w_table_used_size / 2; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[j], N->n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1] ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[j], N->n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[j], &W[1])); - for( i = 0; i < wsize - 1; i++ ) - mpi_montmul( &W[j], &W[j], N, mm, &T ); + for (i = 0; i < window_bitsize - 1; i++) { + mbedtls_mpi_montmul(&W[j], &W[j], N, mm, &T); + } /* * W[i] = W[i - 1] * W[1] */ - for( i = j + 1; i < ( one << wsize ); i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) ); + for (i = j + 1; i < w_table_used_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[i], N->n + 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[i], &W[i - 1])); - mpi_montmul( &W[i], &W[1], N, mm, &T ); + mbedtls_mpi_montmul(&W[i], &W[1], N, mm, &T); } } nblimbs = E->n; bufsize = 0; nbits = 0; - wbits = 0; state = 0; - while( 1 ) - { - if( bufsize == 0 ) - { - if( nblimbs == 0 ) + while (1) { + if (bufsize == 0) { + if (nblimbs == 0) { break; + } nblimbs--; - bufsize = sizeof( mbedtls_mpi_uint ) << 3; + bufsize = sizeof(mbedtls_mpi_uint) << 3; } bufsize--; @@ -2160,15 +2232,16 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, /* * skip leading 0s */ - if( ei == 0 && state == 0 ) + if (ei == 0 && state == 0) { continue; + } - if( ei == 0 && state == 1 ) - { + if (ei == 0 && state == 1) { /* - * out of window, square X + * out of window, square W[x_index] */ - mpi_montmul( X, X, N, mm, &T ); + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index)); + mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T); continue; } @@ -2178,99 +2251,115 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, state = 2; nbits++; - wbits |= ( ei << ( wsize - nbits ) ); + exponent_bits_in_window |= (ei << (window_bitsize - nbits)); - if( nbits == wsize ) - { + if (nbits == window_bitsize) { /* - * X = X^wsize R^-1 mod N + * W[x_index] = W[x_index]^window_bitsize R^-1 mod N */ - for( i = 0; i < wsize; i++ ) - mpi_montmul( X, X, N, mm, &T ); + for (i = 0; i < window_bitsize; i++) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, + x_index)); + mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T); + } /* - * X = X * W[wbits] R^-1 mod N + * W[x_index] = W[x_index] * W[exponent_bits_in_window] R^-1 mod N */ - MBEDTLS_MPI_CHK( mpi_select( &WW, W, (size_t) 1 << wsize, wbits ) ); - mpi_montmul( X, &WW, N, mm, &T ); + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, + exponent_bits_in_window)); + mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T); state--; nbits = 0; - wbits = 0; + exponent_bits_in_window = 0; } } /* * process the remaining bits */ - for( i = 0; i < nbits; i++ ) - { - mpi_montmul( X, X, N, mm, &T ); + for (i = 0; i < nbits; i++) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, x_index)); + mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T); - wbits <<= 1; + exponent_bits_in_window <<= 1; - if( ( wbits & ( one << wsize ) ) != 0 ) - mpi_montmul( X, &W[1], N, mm, &T ); + if ((exponent_bits_in_window & ((size_t) 1 << window_bitsize)) != 0) { + MBEDTLS_MPI_CHK(mpi_select(&WW, W, w_table_used_size, 1)); + mbedtls_mpi_montmul(&W[x_index], &WW, N, mm, &T); + } } /* - * X = A^E * R * R^-1 mod N = A^E mod N + * W[x_index] = A^E * R * R^-1 mod N = A^E mod N */ - mpi_montred( X, N, mm, &T ); + mpi_montred(&W[x_index], N, mm, &T); - if( neg && E->n != 0 && ( E->p[0] & 1 ) != 0 ) - { - X->s = -1; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, N, X ) ); + if (neg && E->n != 0 && (E->p[0] & 1) != 0) { + W[x_index].s = -1; + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&W[x_index], N, &W[x_index])); } + /* + * Load the result in the output variable. + */ + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &W[x_index])); + cleanup: - for( i = ( one << ( wsize - 1 ) ); i < ( one << wsize ); i++ ) - mbedtls_mpi_free( &W[i] ); + /* The first bit of the sliding window is always 1 and therefore the first + * half of the table was unused. */ + for (i = w_table_used_size/2; i < w_table_used_size; i++) { + mbedtls_mpi_free(&W[i]); + } - mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos ); - mbedtls_mpi_free( &WW ); + mbedtls_mpi_free(&W[x_index]); + mbedtls_mpi_free(&W[1]); + mbedtls_mpi_free(&T); + mbedtls_mpi_free(&Apos); + mbedtls_mpi_free(&WW); - if( prec_RR == NULL || prec_RR->p == NULL ) - mbedtls_mpi_free( &RR ); + if (prec_RR == NULL || prec_RR->p == NULL) { + mbedtls_mpi_free(&RR); + } - return( ret ); + return ret; } /* * Greatest common divisor: G = gcd(A, B) (HAC 14.54) */ -int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t lz, lzt; mbedtls_mpi TA, TB; - MPI_VALIDATE_RET( G != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( B != NULL ); + MPI_VALIDATE_RET(G != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, B)); - lz = mbedtls_mpi_lsb( &TA ); - lzt = mbedtls_mpi_lsb( &TB ); + lz = mbedtls_mpi_lsb(&TA); + lzt = mbedtls_mpi_lsb(&TB); /* The loop below gives the correct result when A==0 but not when B==0. * So have a special case for B==0. Leverage the fact that we just * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test * slightly more efficient than cmp_int(). */ - if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 ) - { - ret = mbedtls_mpi_copy( G, A ); + if (lzt == 0 && mbedtls_mpi_get_bit(&TB, 0) == 0) { + ret = mbedtls_mpi_copy(G, A); goto cleanup; } - if( lzt < lz ) + if (lzt < lz) { lz = lzt; + } TA.s = TB.s = 1; @@ -2307,28 +2396,24 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted * since in that case TB is calculated from TB-TA with the condition TB>TA). */ - while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 ) - { + while (mbedtls_mpi_cmp_int(&TA, 0) != 0) { /* Divisions by 2 preserve the invariant (I). */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, mbedtls_mpi_lsb(&TA))); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, mbedtls_mpi_lsb(&TB))); /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd, * TA-TB is even so the division by 2 has an integer result. * Invariant (I) is preserved since any odd divisor of both TA and TB * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2 - * also divides TB, and any odd divisior of both TB and |TA-TB|/2 also + * also divides TB, and any odd divisor of both TB and |TA-TB|/2 also * divides TA. */ - if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, 1 ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) ); + if (mbedtls_mpi_cmp_mpi(&TA, &TB) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TA, &TA, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TA, 1)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&TB, &TB, &TA)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TB, 1)); } /* Note that one of TA or TB is still odd. */ } @@ -2342,14 +2427,14 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&TB, lz)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(G, &TB)); cleanup: - mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB ); + mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TB); - return( ret ); + return ret; } /* Fill X with n_bytes random bytes. @@ -2361,22 +2446,23 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B */ static int mpi_fill_random_internal( mbedtls_mpi *X, size_t n_bytes, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const size_t limbs = CHARS_TO_LIMBS( n_bytes ); - const size_t overhead = ( limbs * ciL ) - n_bytes; + const size_t limbs = CHARS_TO_LIMBS(n_bytes); + const size_t overhead = (limbs * ciL) - n_bytes; - if( X->n < limbs ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (X->n < limbs) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - memset( X->p, 0, overhead ); - memset( (unsigned char *) X->p + limbs * ciL, 0, ( X->n - limbs ) * ciL ); - MBEDTLS_MPI_CHK( f_rng( p_rng, (unsigned char *) X->p + overhead, n_bytes ) ); - mpi_bigendian_to_host( X->p, limbs ); + memset(X->p, 0, overhead); + memset((unsigned char *) X->p + limbs * ciL, 0, (X->n - limbs) * ciL); + MBEDTLS_MPI_CHK(f_rng(p_rng, (unsigned char *) X->p + overhead, n_bytes)); + mpi_bigendian_to_host(X->p, limbs); cleanup: - return( ret ); + return ret; } /* @@ -2386,44 +2472,47 @@ static int mpi_fill_random_internal( * regardless of the platform endianness (useful when f_rng is actually * deterministic, eg for tests). */ -int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t const limbs = CHARS_TO_LIMBS( size ); + size_t const limbs = CHARS_TO_LIMBS(size); - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, limbs ) ); - if( size == 0 ) - return( 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); + if (size == 0) { + return 0; + } - ret = mpi_fill_random_internal( X, size, f_rng, p_rng ); + ret = mpi_fill_random_internal(X, size, f_rng, p_rng); cleanup: - return( ret ); + return ret; } -int mbedtls_mpi_random( mbedtls_mpi *X, - mbedtls_mpi_sint min, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_random(mbedtls_mpi *X, + mbedtls_mpi_sint min, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; int count; unsigned lt_lower = 1, lt_upper = 0; - size_t n_bits = mbedtls_mpi_bitlen( N ); - size_t n_bytes = ( n_bits + 7 ) / 8; + size_t n_bits = mbedtls_mpi_bitlen(N); + size_t n_bytes = (n_bits + 7) / 8; mbedtls_mpi lower_bound; - if( min < 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - if( mbedtls_mpi_cmp_int( N, min ) <= 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (min < 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + if (mbedtls_mpi_cmp_int(N, min) <= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * When min == 0, each try has at worst a probability 1/2 of failing @@ -2442,16 +2531,16 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * is small, use a higher repeat count, otherwise the probability of * failure is macroscopic. */ - count = ( n_bytes > 4 ? 30 : 250 ); + count = (n_bytes > 4 ? 30 : 250); - mbedtls_mpi_init( &lower_bound ); + mbedtls_mpi_init(&lower_bound); /* Ensure that target MPI has exactly the same number of limbs * as the upper bound, even if the upper bound has leading zeros. * This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &lower_bound, N->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &lower_bound, min ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, N->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&lower_bound, N->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&lower_bound, min)); /* * Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA) @@ -2461,150 +2550,140 @@ int mbedtls_mpi_random( mbedtls_mpi *X, * - try until result is in the desired range. * This also avoids any bias, which is especially important for ECDSA. */ - do - { - MBEDTLS_MPI_CHK( mpi_fill_random_internal( X, n_bytes, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, 8 * n_bytes - n_bits ) ); + do { + MBEDTLS_MPI_CHK(mpi_fill_random_internal(X, n_bytes, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, 8 * n_bytes - n_bits)); - if( --count == 0 ) - { + if (--count == 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, &lower_bound, <_lower ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lt_mpi_ct( X, N, <_upper ) ); - } - while( lt_lower != 0 || lt_upper == 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, &lower_bound, <_lower)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lt_mpi_ct(X, N, <_upper)); + } while (lt_lower != 0 || lt_upper == 0); cleanup: - mbedtls_mpi_free( &lower_bound ); - return( ret ); + mbedtls_mpi_free(&lower_bound); + return ret; } /* * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) */ -int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ) +int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( A != NULL ); - MPI_VALIDATE_RET( N != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(A != NULL); + MPI_VALIDATE_RET(N != NULL); - if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(N, 1) <= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TU ); mbedtls_mpi_init( &U1 ); mbedtls_mpi_init( &U2 ); - mbedtls_mpi_init( &G ); mbedtls_mpi_init( &TB ); mbedtls_mpi_init( &TV ); - mbedtls_mpi_init( &V1 ); mbedtls_mpi_init( &V2 ); + mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TU); mbedtls_mpi_init(&U1); mbedtls_mpi_init(&U2); + mbedtls_mpi_init(&G); mbedtls_mpi_init(&TB); mbedtls_mpi_init(&TV); + mbedtls_mpi_init(&V1); mbedtls_mpi_init(&V2); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, A, N)); - if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&G, 1) != 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&TA, A, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TU, &TA)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TB, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TV, N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&U2, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V1, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&V2, 1)); - do - { - while( ( TU.p[0] & 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TU, 1 ) ); + do { + while ((TU.p[0] & 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TU, 1)); - if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) ); + if ((U1.p[0] & 1) != 0 || (U2.p[0] & 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&U1, &U1, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &TA)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&U2, 1)); } - while( ( TV.p[0] & 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TV, 1 ) ); + while ((TV.p[0] & 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&TV, 1)); - if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) ); + if ((V1.p[0] & 1) != 0 || (V2.p[0] & 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, &TB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &TA)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V2, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&V2, 1)); } - if( mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) ); + if (mbedtls_mpi_cmp_mpi(&TU, &TV) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TU, &TU, &TV)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U1, &U1, &V1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&U2, &U2, &V2)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&TV, &TV, &TU)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, &U1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V2, &V2, &U2)); } - } - while( mbedtls_mpi_cmp_int( &TU, 0 ) != 0 ); + } while (mbedtls_mpi_cmp_int(&TU, 0) != 0); - while( mbedtls_mpi_cmp_int( &V1, 0 ) < 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) ); + while (mbedtls_mpi_cmp_int(&V1, 0) < 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&V1, &V1, N)); + } - while( mbedtls_mpi_cmp_mpi( &V1, N ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) ); + while (mbedtls_mpi_cmp_mpi(&V1, N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&V1, &V1, N)); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &V1)); cleanup: - mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TU ); mbedtls_mpi_free( &U1 ); mbedtls_mpi_free( &U2 ); - mbedtls_mpi_free( &G ); mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TV ); - mbedtls_mpi_free( &V1 ); mbedtls_mpi_free( &V2 ); + mbedtls_mpi_free(&TA); mbedtls_mpi_free(&TU); mbedtls_mpi_free(&U1); mbedtls_mpi_free(&U2); + mbedtls_mpi_free(&G); mbedtls_mpi_free(&TB); mbedtls_mpi_free(&TV); + mbedtls_mpi_free(&V1); mbedtls_mpi_free(&V2); - return( ret ); + return ret; } #if defined(MBEDTLS_GENPRIME) static const int small_prime[] = { - 3, 5, 7, 11, 13, 17, 19, 23, - 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, - 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, - 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, - 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, - 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, - 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, - 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, - 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, - 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, - 887, 907, 911, 919, 929, 937, 941, 947, - 953, 967, 971, 977, 983, 991, 997, -103 + 3, 5, 7, 11, 13, 17, 19, 23, + 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, + 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, + 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, + 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, + 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, + 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, + 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, + 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, + 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, + 887, 907, 911, 919, 929, 937, 941, 947, + 953, 967, 971, 977, 983, 991, 997, -103 }; /* @@ -2616,70 +2695,71 @@ static const int small_prime[] = * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime * other negative: error */ -static int mpi_check_small_factors( const mbedtls_mpi *X ) +static int mpi_check_small_factors(const mbedtls_mpi *X) { int ret = 0; size_t i; mbedtls_mpi_uint r; - if( ( X->p[0] & 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if ((X->p[0] & 1) == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } - for( i = 0; small_prime[i] > 0; i++ ) - { - if( mbedtls_mpi_cmp_int( X, small_prime[i] ) <= 0 ) - return( 1 ); + for (i = 0; small_prime[i] > 0; i++) { + if (mbedtls_mpi_cmp_int(X, small_prime[i]) <= 0) { + return 1; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, small_prime[i] ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, small_prime[i])); - if( r == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if (r == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } } cleanup: - return( ret ); + return ret; } /* * Miller-Rabin pseudo-primality test (HAC 4.24) */ -static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int mpi_miller_rabin(const mbedtls_mpi *X, size_t rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret, count; size_t i, j, k, s; mbedtls_mpi W, R, T, A, RR; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); - mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); - mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &RR ); + mbedtls_mpi_init(&W); mbedtls_mpi_init(&R); + mbedtls_mpi_init(&T); mbedtls_mpi_init(&A); + mbedtls_mpi_init(&RR); /* * W = |X| - 1 * R = W >> lsb( W ) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &W, X, 1 ) ); - s = mbedtls_mpi_lsb( &W ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&W, X, 1)); + s = mbedtls_mpi_lsb(&W); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R, &W)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&R, s)); - for( i = 0; i < rounds; i++ ) - { + for (i = 0; i < rounds; i++) { /* * pick a random A, 1 < A < |X| - 1 */ count = 0; do { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&A, X->n * ciL, f_rng, p_rng)); - j = mbedtls_mpi_bitlen( &A ); - k = mbedtls_mpi_bitlen( &W ); + j = mbedtls_mpi_bitlen(&A); + k = mbedtls_mpi_bitlen(&W); if (j > k) { - A.p[A.n - 1] &= ( (mbedtls_mpi_uint) 1 << ( k - ( A.n - 1 ) * biL - 1 ) ) - 1; + A.p[A.n - 1] &= ((mbedtls_mpi_uint) 1 << (k - (A.n - 1) * biL - 1)) - 1; } if (count++ > 30) { @@ -2687,29 +2767,30 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, goto cleanup; } - } while ( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 || - mbedtls_mpi_cmp_int( &A, 1 ) <= 0 ); + } while (mbedtls_mpi_cmp_mpi(&A, &W) >= 0 || + mbedtls_mpi_cmp_int(&A, 1) <= 0); /* * A = A^R mod |X| */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &A, &A, &R, X, &RR ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&A, &A, &R, X, &RR)); - if( mbedtls_mpi_cmp_mpi( &A, &W ) == 0 || - mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) + if (mbedtls_mpi_cmp_mpi(&A, &W) == 0 || + mbedtls_mpi_cmp_int(&A, 1) == 0) { continue; + } j = 1; - while( j < s && mbedtls_mpi_cmp_mpi( &A, &W ) != 0 ) - { + while (j < s && mbedtls_mpi_cmp_mpi(&A, &W) != 0) { /* * A = A * A mod |X| */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &A, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &A, &T, X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &A, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&A, &T, X)); - if( mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) + if (mbedtls_mpi_cmp_int(&A, 1) == 0) { break; + } j++; } @@ -2717,73 +2798,74 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, /* * not prime if A != |X| - 1 or A == 1 */ - if( mbedtls_mpi_cmp_mpi( &A, &W ) != 0 || - mbedtls_mpi_cmp_int( &A, 1 ) == 0 ) - { + if (mbedtls_mpi_cmp_mpi(&A, &W) != 0 || + mbedtls_mpi_cmp_int(&A, 1) == 0) { ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; break; } } cleanup: - mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); - mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &RR ); + mbedtls_mpi_free(&W); mbedtls_mpi_free(&R); + mbedtls_mpi_free(&T); mbedtls_mpi_free(&A); + mbedtls_mpi_free(&RR); - return( ret ); + return ret; } /* * Pseudo-primality test: small factors, then Miller-Rabin */ -int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi XX; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); XX.s = 1; XX.n = X->n; XX.p = X->p; - if( mbedtls_mpi_cmp_int( &XX, 0 ) == 0 || - mbedtls_mpi_cmp_int( &XX, 1 ) == 0 ) - return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + if (mbedtls_mpi_cmp_int(&XX, 0) == 0 || + mbedtls_mpi_cmp_int(&XX, 1) == 0) { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } - if( mbedtls_mpi_cmp_int( &XX, 2 ) == 0 ) - return( 0 ); + if (mbedtls_mpi_cmp_int(&XX, 2) == 0) { + return 0; + } - if( ( ret = mpi_check_small_factors( &XX ) ) != 0 ) - { - if( ret == 1 ) - return( 0 ); + if ((ret = mpi_check_small_factors(&XX)) != 0) { + if (ret == 1) { + return 0; + } - return( ret ); + return ret; } - return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) ); + return mpi_miller_rabin(&XX, rounds, f_rng, p_rng); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) /* * Pseudo-primality test, error probability 2^-80 */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_is_prime(const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); /* * In the past our key generation aimed for an error rate of at most * 2^-80. Since this function is deprecated, aim for the same certainty * here as well. */ - return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) ); + return mbedtls_mpi_is_prime_ext(X, 40, f_rng, p_rng); } #endif @@ -2794,9 +2876,9 @@ int mbedtls_mpi_is_prime( const mbedtls_mpi *X, * be either 1024 bits or 1536 bits long, and flags must contain * MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR. */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { #ifdef MBEDTLS_HAVE_INT64 // ceil(2^63.5) @@ -2811,107 +2893,108 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, mbedtls_mpi_uint r; mbedtls_mpi Y; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( f_rng != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(f_rng != NULL); - if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &Y ); + mbedtls_mpi_init(&Y); - n = BITS_TO_LIMBS( nbits ); + n = BITS_TO_LIMBS(nbits); - if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR ) == 0 ) - { + if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR) == 0) { /* * 2^-80 error probability, number of rounds chosen per HAC, table 4.4 */ - rounds = ( ( nbits >= 1300 ) ? 2 : ( nbits >= 850 ) ? 3 : - ( nbits >= 650 ) ? 4 : ( nbits >= 350 ) ? 8 : - ( nbits >= 250 ) ? 12 : ( nbits >= 150 ) ? 18 : 27 ); - } - else - { + rounds = ((nbits >= 1300) ? 2 : (nbits >= 850) ? 3 : + (nbits >= 650) ? 4 : (nbits >= 350) ? 8 : + (nbits >= 250) ? 12 : (nbits >= 150) ? 18 : 27); + } else { /* * 2^-100 error probability, number of rounds computed based on HAC, * fact 4.48 */ - rounds = ( ( nbits >= 1450 ) ? 4 : ( nbits >= 1150 ) ? 5 : - ( nbits >= 1000 ) ? 6 : ( nbits >= 850 ) ? 7 : - ( nbits >= 750 ) ? 8 : ( nbits >= 500 ) ? 13 : - ( nbits >= 250 ) ? 28 : ( nbits >= 150 ) ? 40 : 51 ); + rounds = ((nbits >= 1450) ? 4 : (nbits >= 1150) ? 5 : + (nbits >= 1000) ? 6 : (nbits >= 850) ? 7 : + (nbits >= 750) ? 8 : (nbits >= 500) ? 13 : + (nbits >= 250) ? 28 : (nbits >= 150) ? 40 : 51); } - while( 1 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); + while (1) { + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(X, n * ciL, f_rng, p_rng)); /* make sure generated number is at least (nbits-1)+0.5 bits (FIPS 186-4 §B.3.3 steps 4.4, 5.5) */ - if( X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2 ) continue; + if (X->p[n-1] < CEIL_MAXUINT_DIV_SQRT2) { + continue; + } k = n * biL; - if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits ) ); + if (k > nbits) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(X, k - nbits)); + } X->p[0] |= 1; - if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) == 0 ) - { - ret = mbedtls_mpi_is_prime_ext( X, rounds, f_rng, p_rng ); + if ((flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) == 0) { + ret = mbedtls_mpi_is_prime_ext(X, rounds, f_rng, p_rng); - if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; - } - else - { + } + } else { /* - * An necessary condition for Y and X = 2Y + 1 to be prime + * A necessary condition for Y and X = 2Y + 1 to be prime * is X = 2 mod 3 (which is equivalent to Y = 2 mod 3). * Make sure it is satisfied, while keeping X = 3 mod 4 */ X->p[0] |= 2; - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, 3 ) ); - if( r == 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 8 ) ); - else if( r == 1 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 4 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, 3)); + if (r == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 8)); + } else if (r == 1) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 4)); + } /* Set Y = (X-1) / 2, which is X / 2 because X is odd */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Y, X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Y, 1)); - while( 1 ) - { + while (1) { /* * First, check small factors for X and Y * before doing Miller-Rabin on any of them */ - if( ( ret = mpi_check_small_factors( X ) ) == 0 && - ( ret = mpi_check_small_factors( &Y ) ) == 0 && - ( ret = mpi_miller_rabin( X, rounds, f_rng, p_rng ) ) - == 0 && - ( ret = mpi_miller_rabin( &Y, rounds, f_rng, p_rng ) ) - == 0 ) + if ((ret = mpi_check_small_factors(X)) == 0 && + (ret = mpi_check_small_factors(&Y)) == 0 && + (ret = mpi_miller_rabin(X, rounds, f_rng, p_rng)) + == 0 && + (ret = mpi_miller_rabin(&Y, rounds, f_rng, p_rng)) + == 0) { goto cleanup; + } - if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; + } /* * Next candidates. We want to preserve Y = (X-1) / 2 and * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3) * so up Y by 6 and X by 12. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 12 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &Y, &Y, 6 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(X, X, 12)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&Y, &Y, 6)); } } } cleanup: - mbedtls_mpi_free( &Y ); + mbedtls_mpi_free(&Y); - return( ret ); + return ret; } #endif /* MBEDTLS_GENPRIME */ @@ -2930,162 +3013,173 @@ static const int gcd_pairs[GCD_PAIR_COUNT][3] = /* * Checkup routine */ -int mbedtls_mpi_self_test( int verbose ) +int mbedtls_mpi_self_test(int verbose) { int ret, i; mbedtls_mpi A, E, N, X, Y, U, V; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &X ); - mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &U ); mbedtls_mpi_init( &V ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &A, 16, - "EFE021C2645FD1DC586E69184AF4A31E" \ - "D5F53E93B5F123FA41680867BA110131" \ - "944FE7952E2517337780CB0DB80E61AA" \ - "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 16, - "B2E7EFD37075B9F03FF989C7C5051C20" \ - "34D2A323810251127E7BF8625A4F49A5" \ - "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ - "5B5C25763222FEFCCFC38B832366C29E" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &N, 16, - "0066A198186C18C10B2F5ED9B522752A" \ - "9830B69916E535C8F047518A889A43A5" \ - "94B6BED27A168D31D4A52F88925AA8F5" ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &A, &N ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "602AB7ECA597A3D6B56FF9829A5E8B85" \ - "9E857EA95A03512E2BAE7391688D264A" \ - "A5663B0341DB9CCFD2C4C5F421FEC814" \ - "8001B72E848A38CAE1C65F78E56ABDEF" \ - "E12D3C039B8A02D6BE593F0BBBDA56F1" \ - "ECF677152EF804370C1A305CAF3B5BF1" \ - "30879B56C61DE584A0F53A2447A51E" ) ); - - if( verbose != 0 ) - mbedtls_printf( " MPI test #1 (mul_mpi): " ); - - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); mbedtls_mpi_init(&X); + mbedtls_mpi_init(&Y); mbedtls_mpi_init(&U); mbedtls_mpi_init(&V); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&A, 16, + "EFE021C2645FD1DC586E69184AF4A31E" \ + "D5F53E93B5F123FA41680867BA110131" \ + "944FE7952E2517337780CB0DB80E61AA" \ + "E7C8DDC6C5C6AADEB34EB38A2F40D5E6")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 16, + "B2E7EFD37075B9F03FF989C7C5051C20" \ + "34D2A323810251127E7BF8625A4F49A5" \ + "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ + "5B5C25763222FEFCCFC38B832366C29E")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&N, 16, + "0066A198186C18C10B2F5ED9B522752A" \ + "9830B69916E535C8F047518A889A43A5" \ + "94B6BED27A168D31D4A52F88925AA8F5")); + + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&X, &A, &N)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "602AB7ECA597A3D6B56FF9829A5E8B85" \ + "9E857EA95A03512E2BAE7391688D264A" \ + "A5663B0341DB9CCFD2C4C5F421FEC814" \ + "8001B72E848A38CAE1C65F78E56ABDEF" \ + "E12D3C039B8A02D6BE593F0BBBDA56F1" \ + "ECF677152EF804370C1A305CAF3B5BF1" \ + "30879B56C61DE584A0F53A2447A51E")); + + if (verbose != 0) { + mbedtls_printf(" MPI test #1 (mul_mpi): "); + } + + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &X, &Y, &A, &N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&X, &Y, &A, &N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "256567336059E52CAE22925474705F39A94" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "256567336059E52CAE22925474705F39A94")); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &V, 16, - "6613F26162223DF488E9CD48CC132C7A" \ - "0AC93C701B001B092E4E5B9F73BCD27B" \ - "9EE50D0657C77F374E903CDFA4C642" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&V, 16, + "6613F26162223DF488E9CD48CC132C7A" \ + "0AC93C701B001B092E4E5B9F73BCD27B" \ + "9EE50D0657C77F374E903CDFA4C642")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #2 (div_mpi): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #2 (div_mpi): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 || - mbedtls_mpi_cmp_mpi( &Y, &V ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0 || + mbedtls_mpi_cmp_mpi(&Y, &V) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &X, &A, &E, &N, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&X, &A, &E, &N, NULL)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "36E139AEA55215609D2816998ED020BB" \ - "BD96C37890F65171D948E9BC7CBAA4D9" \ - "325D24D6A3C12710F10A09FA08AB87" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "36E139AEA55215609D2816998ED020BB" \ + "BD96C37890F65171D948E9BC7CBAA4D9" \ + "325D24D6A3C12710F10A09FA08AB87")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #3 (exp_mod): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #3 (exp_mod): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &X, &A, &N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&X, &A, &N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16, - "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ - "C3DBA76456363A10869622EAC2DD84EC" \ - "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&U, 16, + "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ + "C3DBA76456363A10869622EAC2DD84EC" \ + "C5B8A74DAC4D09E03B5E0BE779F2DF61")); - if( verbose != 0 ) - mbedtls_printf( " MPI test #4 (inv_mod): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #4 (inv_mod): "); + } - if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_mpi_cmp_mpi(&X, &U) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MPI test #5 (simple gcd): " ); + if (verbose != 0) { + mbedtls_printf(" MPI test #5 (simple gcd): "); + } - for( i = 0; i < GCD_PAIR_COUNT; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &X, gcd_pairs[i][0] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Y, gcd_pairs[i][1] ) ); + for (i = 0; i < GCD_PAIR_COUNT; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&X, gcd_pairs[i][0])); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&Y, gcd_pairs[i][1])); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &A, &X, &Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&A, &X, &Y)); - if( mbedtls_mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed at %d\n", i ); + if (mbedtls_mpi_cmp_int(&A, gcd_pairs[i][2]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed at %d\n", i); + } ret = 1; goto cleanup; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } cleanup: - if( ret != 0 && verbose != 0 ) - mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret ); + if (ret != 0 && verbose != 0) { + mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret); + } - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); mbedtls_mpi_free(&U); mbedtls_mpi_free(&V); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/bignum_internal.h b/third_party/mbedtls/repo/library/bignum_internal.h new file mode 100644 index 00000000000..5435ebb4649 --- /dev/null +++ b/third_party/mbedtls/repo/library/bignum_internal.h @@ -0,0 +1,71 @@ +/** + * Low level bignum functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_BIGNUM_INTERNAL_H +#define MBEDTLS_BIGNUM_INTERNAL_H + +#include "mbedtls/bignum.h" + +/** + * \brief Calculate the square of the Montgomery constant. (Needed + * for conversion and operations in Montgomery form.) + * + * \param[out] X A pointer to the result of the calculation of + * the square of the Montgomery constant: + * 2^{2*n*biL} mod N. + * \param[in] N Little-endian presentation of the modulus, which must be odd. + * + * \return 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if there is not enough space + * to store the value of Montgomery constant squared. + * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero. + * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative. + */ +int mbedtls_mpi_get_mont_r2_unsafe(mbedtls_mpi *X, + const mbedtls_mpi *N); + +/** + * \brief Calculate initialisation value for fast Montgomery modular + * multiplication + * + * \param[in] N Little-endian presentation of the modulus. This must have + * at least one limb. + * + * \return The initialisation value for fast Montgomery modular multiplication + */ +mbedtls_mpi_uint mbedtls_mpi_montmul_init(const mbedtls_mpi_uint *N); + +/** Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) + * + * \param[in,out] A One of the numbers to multiply. + * It must have at least as many limbs as N + * (A->n >= N->n), and any limbs beyond n are ignored. + * On successful completion, A contains the result of + * the multiplication A * B * R^-1 mod N where + * R = (2^ciL)^n. + * \param[in] B One of the numbers to multiply. + * It must be nonzero and must not have more limbs than N + * (B->n <= N->n). + * \param[in] N The modulo. N must be odd. + * \param mm The value calculated by + * `mbedtls_mpi_montg_init(&mm, N)`. + * This is -N^-1 mod 2^ciL. + * \param[in,out] T A bignum for temporary storage. + * It must be at least twice the limb size of N plus 2 + * (T->n >= 2 * (N->n + 1)). + * Its initial content is unused and + * its final content is indeterminate. + * Note that unlike the usual convention in the library + * for `const mbedtls_mpi*`, the content of T can change. + */ +void mbedtls_mpi_montmul(mbedtls_mpi *A, + const mbedtls_mpi *B, + const mbedtls_mpi *N, + mbedtls_mpi_uint mm, + const mbedtls_mpi *T); + +#endif /* MBEDTLS_BIGNUM_INTERNAL_H */ diff --git a/third_party/mbedtls/repo/library/blowfish.c b/third_party/mbedtls/repo/library/blowfish.c index 621e9f76cd7..d90456b961a 100644 --- a/third_party/mbedtls/repo/library/blowfish.c +++ b/third_party/mbedtls/repo/library/blowfish.c @@ -2,19 +2,7 @@ * Blowfish implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The Blowfish block cipher was designed by Bruce Schneier in 1993. @@ -35,42 +23,42 @@ #if !defined(MBEDTLS_BLOWFISH_ALT) /* Parameter validation macros */ -#define BLOWFISH_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ) -#define BLOWFISH_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define BLOWFISH_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) +#define BLOWFISH_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = { - 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, - 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, - 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, - 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, - 0x9216D5D9L, 0x8979FB1BL + 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, + 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, + 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, + 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, + 0x9216D5D9L, 0x8979FB1BL }; /* declarations of data at the end of this file */ static const uint32_t S[4][256]; -static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x ) +static uint32_t F(mbedtls_blowfish_context *ctx, uint32_t x) { - unsigned short a, b, c, d; - uint32_t y; - - d = MBEDTLS_BYTE_0( x ); - x >>= 8; - c = MBEDTLS_BYTE_0( x ); - x >>= 8; - b = MBEDTLS_BYTE_0( x ); - x >>= 8; - a = MBEDTLS_BYTE_0( x ); - y = ctx->S[0][a] + ctx->S[1][b]; - y = y ^ ctx->S[2][c]; - y = y + ctx->S[3][d]; - - return( y ); + unsigned short a, b, c, d; + uint32_t y; + + d = MBEDTLS_BYTE_0(x); + x >>= 8; + c = MBEDTLS_BYTE_0(x); + x >>= 8; + b = MBEDTLS_BYTE_0(x); + x >>= 8; + a = MBEDTLS_BYTE_0(x); + y = ctx->S[0][a] + ctx->S[1][b]; + y = y ^ ctx->S[2][c]; + y = y + ctx->S[3][d]; + + return y; } -static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_enc(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr) { uint32_t Xl, Xr, temp; short i; @@ -78,10 +66,9 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t Xl = *xl; Xr = *xr; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i ) - { + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i) { Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; + Xr = F(ctx, Xl) ^ Xr; temp = Xl; Xl = Xr; @@ -99,7 +86,7 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr = Xr; } -static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) +static void blowfish_dec(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr) { uint32_t Xl, Xr, temp; short i; @@ -107,10 +94,9 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t Xl = *xl; Xr = *xr; - for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i ) - { + for (i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i) { Xl = Xl ^ ctx->P[i]; - Xr = F( ctx, Xl ) ^ Xr; + Xr = F(ctx, Xl) ^ Xr; temp = Xl; Xl = Xr; @@ -128,56 +114,55 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr = Xr; } -void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) +void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx) { - BLOWFISH_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); + BLOWFISH_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_blowfish_context)); } -void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) +void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_blowfish_context)); } /* * Blowfish key schedule */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, + const unsigned char *key, + unsigned int keybits) { unsigned int i, j, k; uint32_t data, datal, datar; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( key != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(key != NULL); - if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || + if (keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || - keybits % 8 != 0 ) - { - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + keybits % 8 != 0) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; } keybits >>= 3; - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j++ ) + for (i = 0; i < 4; i++) { + for (j = 0; j < 256; j++) { ctx->S[i][j] = S[i][j]; + } } j = 0; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i ) - { + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i) { data = 0x00000000; - for( k = 0; k < 4; ++k ) - { - data = ( data << 8 ) | key[j++]; - if( j >= keybits ) + for (k = 0; k < 4; ++k) { + data = (data << 8) | key[j++]; + if (j >= keybits) { j = 0; + } } ctx->P[i] = P[i] ^ data; } @@ -185,107 +170,99 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, datal = 0x00000000; datar = 0x00000000; - for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); + for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2) { + blowfish_enc(ctx, &datal, &datar); ctx->P[i] = datal; ctx->P[i + 1] = datar; } - for( i = 0; i < 4; i++ ) - { - for( j = 0; j < 256; j += 2 ) - { - blowfish_enc( ctx, &datal, &datar ); + for (i = 0; i < 4; i++) { + for (j = 0; j < 256; j += 2) { + blowfish_enc(ctx, &datal, &datar); ctx->S[i][j] = datal; ctx->S[i][j + 1] = datar; } } - return( 0 ); + return 0; } /* * Blowfish-ECB block encryption/decryption */ -int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, - int mode, - const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) +int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx, + int mode, + const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]) { uint32_t X0, X1; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( input != NULL ); - BLOWFISH_VALIDATE_RET( output != NULL ); - - X0 = MBEDTLS_GET_UINT32_BE( input, 0 ); - X1 = MBEDTLS_GET_UINT32_BE( input, 4 ); - - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - blowfish_dec( ctx, &X0, &X1 ); - } - else /* MBEDTLS_BLOWFISH_ENCRYPT */ - { - blowfish_enc( ctx, &X0, &X1 ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(input != NULL); + BLOWFISH_VALIDATE_RET(output != NULL); + + X0 = MBEDTLS_GET_UINT32_BE(input, 0); + X1 = MBEDTLS_GET_UINT32_BE(input, 4); + + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + blowfish_dec(ctx, &X0, &X1); + } else { /* MBEDTLS_BLOWFISH_ENCRYPT */ + blowfish_enc(ctx, &X0, &X1); } - MBEDTLS_PUT_UINT32_BE( X0, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X1, output, 4 ); + MBEDTLS_PUT_UINT32_BE(X0, output, 0); + MBEDTLS_PUT_UINT32_BE(X1, output, 4); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Blowfish-CBC buffer encryption/decryption */ -int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); - - if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) - return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(iv != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); + + if (length % MBEDTLS_BLOWFISH_BLOCKSIZE) { + return MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE ); - mbedtls_blowfish_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + while (length > 0) { + memcpy(temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE); + mbedtls_blowfish_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE ); + memcpy(iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE); input += MBEDTLS_BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE; length -= MBEDTLS_BLOWFISH_BLOCKSIZE; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_blowfish_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE ); + mbedtls_blowfish_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE); input += MBEDTLS_BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE; @@ -293,7 +270,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -301,59 +278,57 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, /* * Blowfish CFB buffer encryption/decryption */ -int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c; size_t n; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || - mode == MBEDTLS_BLOWFISH_DECRYPT ); - BLOWFISH_VALIDATE_RET( iv != NULL ); - BLOWFISH_VALIDATE_RET( iv_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT); + BLOWFISH_VALIDATE_RET(iv != NULL); + BLOWFISH_VALIDATE_RET(iv_off != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); n = *iv_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + if (n >= 8) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_BLOWFISH_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); + if (mode == MBEDTLS_BLOWFISH_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv); + } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } } *iv_off = n; - return( 0 ); + return 0; } #endif /*MBEDTLS_CIPHER_MODE_CFB */ @@ -361,46 +336,48 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, /* * Blowfish CTR buffer encryption/decryption */ -int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], - unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], - const unsigned char *input, - unsigned char *output ) +int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE], + unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - BLOWFISH_VALIDATE_RET( ctx != NULL ); - BLOWFISH_VALIDATE_RET( nonce_counter != NULL ); - BLOWFISH_VALIDATE_RET( stream_block != NULL ); - BLOWFISH_VALIDATE_RET( nc_off != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); - BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + BLOWFISH_VALIDATE_RET(ctx != NULL); + BLOWFISH_VALIDATE_RET(nonce_counter != NULL); + BLOWFISH_VALIDATE_RET(stream_block != NULL); + BLOWFISH_VALIDATE_RET(nc_off != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || input != NULL); + BLOWFISH_VALIDATE_RET(length == 0 || output != NULL); n = *nc_off; - if( n >= 8 ) - return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); + if (n >= 8) { + return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter, + stream_block); - for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE; + n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ diff --git a/third_party/mbedtls/repo/library/camellia.c b/third_party/mbedtls/repo/library/camellia.c index 29d730ab536..bd76ea874f7 100644 --- a/third_party/mbedtls/repo/library/camellia.c +++ b/third_party/mbedtls/repo/library/camellia.c @@ -2,19 +2,7 @@ * Camellia implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The Camellia block cipher was designed by NTT and Mitsubishi Electric @@ -32,22 +20,15 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_CAMELLIA_ALT) /* Parameter validation macros */ -#define CAMELLIA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ) -#define CAMELLIA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CAMELLIA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) +#define CAMELLIA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static const unsigned char SIGMA_CHARS[6][8] = { @@ -63,109 +44,109 @@ static const unsigned char SIGMA_CHARS[6][8] = static const unsigned char FSb[256] = { - 112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65, - 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189, - 134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26, - 166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77, - 139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153, - 223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215, - 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34, - 254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80, - 170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210, - 16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148, - 135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226, - 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46, - 233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89, - 120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250, - 114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164, - 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158 + 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, + 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, + 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, + 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, + 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, + 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, + 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, + 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, + 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, + 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, + 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, + 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, + 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, + 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, + 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, + 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 }; #define SBOX1(n) FSb[(n)] -#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) -#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) +#define SBOX2(n) (unsigned char) ((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) +#define SBOX3(n) (unsigned char) ((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] #else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ static const unsigned char FSb[256] = { - 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, - 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, - 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, - 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, - 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, - 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, - 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, - 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, - 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, - 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, - 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, - 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, - 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, - 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, - 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, - 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 + 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, + 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, + 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, + 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, + 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, + 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, + 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, + 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, + 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, + 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, + 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, + 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, + 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, + 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, + 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, + 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 }; static const unsigned char FSb2[256] = { - 224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130, - 70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123, - 13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52, - 77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154, - 23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51, - 191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175, - 40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68, - 253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160, - 85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165, - 32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41, - 15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197, - 164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92, - 211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178, - 240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245, - 228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73, - 128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61 + 224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130, + 70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123, + 13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52, + 77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154, + 23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51, + 191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175, + 40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68, + 253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160, + 85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165, + 32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41, + 15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197, + 164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92, + 211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178, + 240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245, + 228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73, + 128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61 }; static const unsigned char FSb3[256] = { - 56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160, - 145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222, - 67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13, - 83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166, - 197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204, - 239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235, - 10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17, - 127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40, - 85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105, - 8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74, - 195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113, - 41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23, - 244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172, - 60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125, - 57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82, - 32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79 + 56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160, + 145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222, + 67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13, + 83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166, + 197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204, + 239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235, + 10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17, + 127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40, + 85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105, + 8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74, + 195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113, + 41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23, + 244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172, + 60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125, + 57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82, + 32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79 }; static const unsigned char FSb4[256] = { - 112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146, - 134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108, - 139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4, - 20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105, - 170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221, - 135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99, - 233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141, - 114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128, - 130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189, - 184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77, - 13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215, - 88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80, - 208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148, - 92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46, - 121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250, - 7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158 + 112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146, + 134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108, + 139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4, + 20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105, + 170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221, + 135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99, + 233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141, + 114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128, + 130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189, + 184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77, + 13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215, + 88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80, + 208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148, + 92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46, + 121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250, + 7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158 }; #define SBOX1(n) FSb[(n)] @@ -195,23 +176,23 @@ static const signed char indexes[2][4][20] = { { { 0, 1, 2, 3, 8, 9, 10, 11, 38, 39, - 36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */ + 36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */ { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */ { 4, 5, 6, 7, 12, 13, 14, 15, 16, 17, - 18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */ + 18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */ { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 } /* KB -> RK */ }, { { 0, 1, 2, 3, 61, 62, 63, 60, -1, -1, - -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */ + -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */ { -1, -1, -1, -1, 8, 9, 10, 11, 16, 17, 18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */ { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59, 56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */ { 4, 5, 6, 7, 65, 66, 67, 64, 20, 21, - 22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */ + 22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */ } }; @@ -235,57 +216,57 @@ static const signed char transposes[2][20] = /* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */ #define ROTL(DEST, SRC, SHIFT) \ -{ \ - (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ - (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ - (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ - (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ -} + { \ + (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ + (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ + (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ + (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ + } #define FL(XL, XR, KL, KR) \ -{ \ - (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR); \ - (XL) = ((XR) | (KR)) ^ (XL); \ -} + { \ + (XR) = ((((XL) &(KL)) << 1) | (((XL) &(KL)) >> 31)) ^ (XR); \ + (XL) = ((XR) | (KR)) ^ (XL); \ + } #define FLInv(YL, YR, KL, KR) \ -{ \ - (YL) = ((YR) | (KR)) ^ (YL); \ - (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR); \ -} + { \ + (YL) = ((YR) | (KR)) ^ (YL); \ + (YR) = ((((YL) &(KL)) << 1) | (((YL) &(KL)) >> 31)) ^ (YR); \ + } #define SHIFT_AND_PLACE(INDEX, OFFSET) \ -{ \ - TK[0] = KC[(OFFSET) * 4 + 0]; \ - TK[1] = KC[(OFFSET) * 4 + 1]; \ - TK[2] = KC[(OFFSET) * 4 + 2]; \ - TK[3] = KC[(OFFSET) * 4 + 3]; \ + { \ + TK[0] = KC[(OFFSET) * 4 + 0]; \ + TK[1] = KC[(OFFSET) * 4 + 1]; \ + TK[2] = KC[(OFFSET) * 4 + 2]; \ + TK[3] = KC[(OFFSET) * 4 + 3]; \ \ - for( i = 1; i <= 4; i++ ) \ - if( shifts[(INDEX)][(OFFSET)][i -1] ) \ - ROTL(TK + i * 4, TK, ( 15 * i ) % 32); \ + for (i = 1; i <= 4; i++) \ + if (shifts[(INDEX)][(OFFSET)][i -1]) \ + ROTL(TK + i * 4, TK, (15 * i) % 32); \ \ - for( i = 0; i < 20; i++ ) \ - if( indexes[(INDEX)][(OFFSET)][i] != -1 ) { \ - RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \ + for (i = 0; i < 20; i++) \ + if (indexes[(INDEX)][(OFFSET)][i] != -1) { \ + RK[indexes[(INDEX)][(OFFSET)][i]] = TK[i]; \ } \ -} + } -static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], - uint32_t z[2]) +static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], + uint32_t z[2]) { uint32_t I0, I1; I0 = x[0] ^ k[0]; I1 = x[1] ^ k[1]; - I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) | - ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) | - ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) << 8) | - ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 )) ); - I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) | - ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) | - ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) << 8) | - ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 )) ); + I0 = ((uint32_t) SBOX1(MBEDTLS_BYTE_3(I0)) << 24) | + ((uint32_t) SBOX2(MBEDTLS_BYTE_2(I0)) << 16) | + ((uint32_t) SBOX3(MBEDTLS_BYTE_1(I0)) << 8) | + ((uint32_t) SBOX4(MBEDTLS_BYTE_0(I0))); + I1 = ((uint32_t) SBOX2(MBEDTLS_BYTE_3(I1)) << 24) | + ((uint32_t) SBOX3(MBEDTLS_BYTE_2(I1)) << 16) | + ((uint32_t) SBOX4(MBEDTLS_BYTE_1(I1)) << 8) | + ((uint32_t) SBOX1(MBEDTLS_BYTE_0(I1))); I0 ^= (I1 << 8) | (I1 >> 24); I1 ^= (I0 << 16) | (I0 >> 16); @@ -296,26 +277,27 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], z[1] ^= I0; } -void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) +void mbedtls_camellia_init(mbedtls_camellia_context *ctx) { - CAMELLIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); + CAMELLIA_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_camellia_context)); } -void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) +void mbedtls_camellia_free(mbedtls_camellia_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_camellia_context)); } /* * Camellia key schedule (encryption) */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits) { int idx; size_t i; @@ -325,68 +307,73 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, uint32_t KC[16]; uint32_t TK[20]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( key != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(key != NULL); RK = ctx->rk; - memset( t, 0, 64 ); - memset( RK, 0, sizeof(ctx->rk) ); + memset(t, 0, 64); + memset(RK, 0, sizeof(ctx->rk)); - switch( keybits ) - { + switch (keybits) { case 128: ctx->nr = 3; idx = 0; break; case 192: case 256: ctx->nr = 4; idx = 1; break; - default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + default: return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; } - for( i = 0; i < keybits / 8; ++i ) + for (i = 0; i < keybits / 8; ++i) { t[i] = key[i]; + } - if( keybits == 192 ) { - for( i = 0; i < 8; i++ ) + if (keybits == 192) { + for (i = 0; i < 8; i++) { t[24 + i] = ~t[16 + i]; + } } /* * Prepare SIGMA values */ - for( i = 0; i < 6; i++ ) { - SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 ); - SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 ); + for (i = 0; i < 6; i++) { + SIGMA[i][0] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 0); + SIGMA[i][1] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 4); } /* * Key storage in KC * Order: KL, KR, KA, KB */ - memset( KC, 0, sizeof(KC) ); + memset(KC, 0, sizeof(KC)); /* Store KL, KR */ - for( i = 0; i < 8; i++ ) - KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 ); + for (i = 0; i < 8; i++) { + KC[i] = MBEDTLS_GET_UINT32_BE(t, i * 4); + } /* Generate KA */ - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[8 + i] = KC[i] ^ KC[4 + i]; + } - camellia_feistel( KC + 8, SIGMA[0], KC + 10 ); - camellia_feistel( KC + 10, SIGMA[1], KC + 8 ); + camellia_feistel(KC + 8, SIGMA[0], KC + 10); + camellia_feistel(KC + 10, SIGMA[1], KC + 8); - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[8 + i] ^= KC[i]; + } - camellia_feistel( KC + 8, SIGMA[2], KC + 10 ); - camellia_feistel( KC + 10, SIGMA[3], KC + 8 ); + camellia_feistel(KC + 8, SIGMA[2], KC + 10); + camellia_feistel(KC + 10, SIGMA[3], KC + 8); - if( keybits > 128 ) { + if (keybits > 128) { /* Generate KB */ - for( i = 0; i < 4; ++i ) + for (i = 0; i < 4; ++i) { KC[12 + i] = KC[4 + i] ^ KC[8 + i]; + } - camellia_feistel( KC + 12, SIGMA[4], KC + 14 ); - camellia_feistel( KC + 14, SIGMA[5], KC + 12 ); + camellia_feistel(KC + 12, SIGMA[4], KC + 14); + camellia_feistel(KC + 14, SIGMA[5], KC + 12); } /* @@ -394,54 +381,55 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, */ /* Manipulating KL */ - SHIFT_AND_PLACE( idx, 0 ); + SHIFT_AND_PLACE(idx, 0); /* Manipulating KR */ - if( keybits > 128 ) { - SHIFT_AND_PLACE( idx, 1 ); + if (keybits > 128) { + SHIFT_AND_PLACE(idx, 1); } /* Manipulating KA */ - SHIFT_AND_PLACE( idx, 2 ); + SHIFT_AND_PLACE(idx, 2); /* Manipulating KB */ - if( keybits > 128 ) { - SHIFT_AND_PLACE( idx, 3 ); + if (keybits > 128) { + SHIFT_AND_PLACE(idx, 3); } /* Do transpositions */ - for( i = 0; i < 20; i++ ) { - if( transposes[idx][i] != -1 ) { + for (i = 0; i < 20; i++) { + if (transposes[idx][i] != -1) { RK[32 + 12 * idx + i] = RK[transposes[idx][i]]; } } - return( 0 ); + return 0; } /* * Camellia key schedule (decryption) */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits) { int idx, ret; size_t i; mbedtls_camellia_context cty; uint32_t *RK; uint32_t *SK; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( key != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(key != NULL); - mbedtls_camellia_init( &cty ); + mbedtls_camellia_init(&cty); /* Also checks keybits */ - if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 ) + if ((ret = mbedtls_camellia_setkey_enc(&cty, key, keybits)) != 0) { goto exit; + } ctx->nr = cty.nr; - idx = ( ctx->nr == 4 ); + idx = (ctx->nr == 4); RK = ctx->rk; SK = cty.rk + 24 * 2 + 8 * idx * 2; @@ -451,8 +439,7 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, *RK++ = *SK++; *RK++ = *SK++; - for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 ) - { + for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) { *RK++ = *SK++; *RK++ = *SK++; } @@ -465,58 +452,58 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, *RK++ = *SK++; exit: - mbedtls_camellia_free( &cty ); + mbedtls_camellia_free(&cty); - return( ret ); + return ret; } /* * Camellia-ECB block encryption/decryption */ -int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { int NR; uint32_t *RK, X[4]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( input != NULL ); - CAMELLIA_VALIDATE_RET( output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(input != NULL); + CAMELLIA_VALIDATE_RET(output != NULL); - ( (void) mode ); + ((void) mode); NR = ctx->nr; RK = ctx->rk; - X[0] = MBEDTLS_GET_UINT32_BE( input, 0 ); - X[1] = MBEDTLS_GET_UINT32_BE( input, 4 ); - X[2] = MBEDTLS_GET_UINT32_BE( input, 8 ); - X[3] = MBEDTLS_GET_UINT32_BE( input, 12 ); + X[0] = MBEDTLS_GET_UINT32_BE(input, 0); + X[1] = MBEDTLS_GET_UINT32_BE(input, 4); + X[2] = MBEDTLS_GET_UINT32_BE(input, 8); + X[3] = MBEDTLS_GET_UINT32_BE(input, 12); X[0] ^= *RK++; X[1] ^= *RK++; X[2] ^= *RK++; X[3] ^= *RK++; - while( NR ) { + while (NR) { --NR; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - camellia_feistel( X, RK, X + 2 ); + camellia_feistel(X, RK, X + 2); RK += 2; - camellia_feistel( X + 2, RK, X ); + camellia_feistel(X + 2, RK, X); RK += 2; - if( NR ) { + if (NR) { FL(X[0], X[1], RK[0], RK[1]); RK += 2; FLInv(X[2], X[3], RK[0], RK[1]); @@ -529,63 +516,61 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, X[0] ^= *RK++; X[1] ^= *RK++; - MBEDTLS_PUT_UINT32_BE( X[2], output, 0 ); - MBEDTLS_PUT_UINT32_BE( X[3], output, 4 ); - MBEDTLS_PUT_UINT32_BE( X[0], output, 8 ); - MBEDTLS_PUT_UINT32_BE( X[1], output, 12 ); + MBEDTLS_PUT_UINT32_BE(X[2], output, 0); + MBEDTLS_PUT_UINT32_BE(X[3], output, 4); + MBEDTLS_PUT_UINT32_BE(X[0], output, 8); + MBEDTLS_PUT_UINT32_BE(X[1], output, 12); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * Camellia-CBC buffer encryption/decryption */ -int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[16]; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( iv != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); - - if( length % 16 ) - return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(iv != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); + + if (length % 16) { + return MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_CAMELLIA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 16 ); - mbedtls_camellia_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_CAMELLIA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 16); + mbedtls_camellia_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 16 ); + memcpy(iv, temp, 16); input += 16; output += 16; length -= 16; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 16; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 16; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_camellia_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 16 ); + mbedtls_camellia_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, 16); input += 16; output += 16; @@ -593,7 +578,7 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -601,58 +586,56 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, /* * Camellia-CFB128 buffer encryption/decryption */ -int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int c; size_t n; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || - mode == MBEDTLS_CAMELLIA_DECRYPT ); - CAMELLIA_VALIDATE_RET( iv != NULL ); - CAMELLIA_VALIDATE_RET( iv_off != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT); + CAMELLIA_VALIDATE_RET(iv != NULL); + CAMELLIA_VALIDATE_RET(iv_off != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); n = *iv_off; - if( n >= 16 ) - return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + if (n >= 16) { + return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; + } - if( mode == MBEDTLS_CAMELLIA_DECRYPT ) - { - while( length-- ) - { - if( n == 0 ) - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); + if (mode == MBEDTLS_CAMELLIA_DECRYPT) { + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv); + } c = *input++; - *output++ = (unsigned char)( c ^ iv[n] ); + *output++ = (unsigned char) (c ^ iv[n]); iv[n] = (unsigned char) c; - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } - } - else - { - while( length-- ) - { - if( n == 0 ) - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv ); + } else { + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv); + } - iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } } *iv_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -660,46 +643,48 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, /* * Camellia-CTR buffer encryption/decryption */ -int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output) { int c, i; size_t n; - CAMELLIA_VALIDATE_RET( ctx != NULL ); - CAMELLIA_VALIDATE_RET( nonce_counter != NULL ); - CAMELLIA_VALIDATE_RET( stream_block != NULL ); - CAMELLIA_VALIDATE_RET( nc_off != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); - CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + CAMELLIA_VALIDATE_RET(ctx != NULL); + CAMELLIA_VALIDATE_RET(nonce_counter != NULL); + CAMELLIA_VALIDATE_RET(stream_block != NULL); + CAMELLIA_VALIDATE_RET(nc_off != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || input != NULL); + CAMELLIA_VALIDATE_RET(length == 0 || output != NULL); n = *nc_off; - if( n >= 16 ) - return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); + if (n >= 16) { + return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA; + } - while( length-- ) - { - if( n == 0 ) { - mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, - stream_block ); + while (length--) { + if (n == 0) { + mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter, + stream_block); - for( i = 16; i > 0; i-- ) - if( ++nonce_counter[i - 1] != 0 ) + for (i = 16; i > 0; i--) { + if (++nonce_counter[i - 1] != 0) { break; + } + } } c = *input++; - *output++ = (unsigned char)( c ^ stream_block[n] ); + *output++ = (unsigned char) (c ^ stream_block[n]); - n = ( n + 1 ) & 0x0F; + n = (n + 1) & 0x0F; } *nc_off = n; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #endif /* !MBEDTLS_CAMELLIA_ALT */ @@ -779,23 +764,23 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] = static const unsigned char camellia_test_cbc_key[3][32] = { - { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C } + { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C } , - { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, - 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B } + { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B } , - { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } + { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } }; static const unsigned char camellia_test_cbc_iv[16] = - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } +{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } ; static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] = @@ -898,13 +883,13 @@ static const unsigned char camellia_test_ctr_ct[3][48] = }; static const int camellia_test_ctr_len[3] = - { 16, 32, 36 }; +{ 16, 32, 36 }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ /* * Checkup routine */ -int mbedtls_camellia_self_test( int verbose ) +int mbedtls_camellia_self_test(int verbose) { int i, j, u, v; unsigned char key[32]; @@ -923,163 +908,167 @@ int mbedtls_camellia_self_test( int verbose ) mbedtls_camellia_context ctx; - mbedtls_camellia_init( &ctx ); - memset( key, 0, 32 ); + mbedtls_camellia_init(&ctx); + memset(key, 0, 32); - for( j = 0; j < 6; j++ ) { + for (j = 0; j < 6; j++) { u = j >> 1; - v = j & 1; - - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, - (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); - - for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) { - memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u ); - - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); - memcpy( src, camellia_test_ecb_cipher[u][i], 16 ); - memcpy( dst, camellia_test_ecb_plain[i], 16 ); - } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ - mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); - memcpy( src, camellia_test_ecb_plain[i], 16 ); - memcpy( dst, camellia_test_ecb_cipher[u][i], 16 ); + v = j & 1; + + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); } - mbedtls_camellia_crypt_ecb( &ctx, v, src, buf ); + for (i = 0; i < CAMELLIA_TESTS_ECB; i++) { + memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u); + + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_cipher[u][i], 16); + memcpy(dst, camellia_test_ecb_plain[i], 16); + } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ + mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_plain[i], 16); + memcpy(dst, camellia_test_ecb_cipher[u][i], 16); + } + + mbedtls_camellia_crypt_ecb(&ctx, v, src, buf); - if( memcmp( buf, dst, 16 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - goto exit; + if (memcmp(buf, dst, 16) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + goto exit; + } } - } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( j = 0; j < 6; j++ ) - { + for (j = 0; j < 6; j++) { u = j >> 1; v = j & 1; - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, - ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); + } - memcpy( src, camellia_test_cbc_iv, 16 ); - memcpy( dst, camellia_test_cbc_iv, 16 ); - memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u ); + memcpy(src, camellia_test_cbc_iv, 16); + memcpy(dst, camellia_test_cbc_iv, 16); + memcpy(key, camellia_test_cbc_key[u], 16 + 8 * u); - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 ); + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); } else { - mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 ); + mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); } - for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { + for (i = 0; i < CAMELLIA_TESTS_CBC; i++) { - if( v == MBEDTLS_CAMELLIA_DECRYPT ) { - memcpy( iv , src, 16 ); - memcpy( src, camellia_test_cbc_cipher[u][i], 16 ); - memcpy( dst, camellia_test_cbc_plain[i], 16 ); + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + memcpy(iv, src, 16); + memcpy(src, camellia_test_cbc_cipher[u][i], 16); + memcpy(dst, camellia_test_cbc_plain[i], 16); } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ - memcpy( iv , dst, 16 ); - memcpy( src, camellia_test_cbc_plain[i], 16 ); - memcpy( dst, camellia_test_cbc_cipher[u][i], 16 ); + memcpy(iv, dst, 16); + memcpy(src, camellia_test_cbc_plain[i], 16); + memcpy(dst, camellia_test_cbc_cipher[u][i], 16); } - mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); + mbedtls_camellia_crypt_cbc(&ctx, v, 16, iv, src, buf); - if( memcmp( buf, dst, 16 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, dst, 16) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } #endif /* MBEDTLS_CIPHER_MODE_CBC */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " CAMELLIA-CTR-128 (%s): ", - ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" CAMELLIA-CTR-128 (%s): ", + (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); + } - memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); - memcpy( key, camellia_test_ctr_key[u], 16 ); + memcpy(nonce_counter, camellia_test_ctr_nonce_counter[u], 16); + memcpy(key, camellia_test_ctr_key[u], 16); offset = 0; - mbedtls_camellia_setkey_enc( &ctx, key, 128 ); + mbedtls_camellia_setkey_enc(&ctx, key, 128); - if( v == MBEDTLS_CAMELLIA_DECRYPT ) - { + if (v == MBEDTLS_CAMELLIA_DECRYPT) { len = camellia_test_ctr_len[u]; - memcpy( buf, camellia_test_ctr_ct[u], len ); + memcpy(buf, camellia_test_ctr_ct[u], len); - mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, - buf, buf ); + mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block, + buf, buf); - if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, camellia_test_ctr_pt[u], len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - } - else - { + } else { len = camellia_test_ctr_len[u]; - memcpy( buf, camellia_test_ctr_pt[u], len ); + memcpy(buf, camellia_test_ctr_pt[u], len); - mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, - buf, buf ); + mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block, + buf, buf); - if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, camellia_test_ctr_ct[u], len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #endif /* MBEDTLS_CIPHER_MODE_CTR */ ret = 0; exit: - mbedtls_camellia_free( &ctx ); - return( ret ); + mbedtls_camellia_free(&ctx); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/ccm.c b/third_party/mbedtls/repo/library/ccm.c index a21a37f55f3..2ba21c7e71d 100644 --- a/third_party/mbedtls/repo/library/ccm.c +++ b/third_party/mbedtls/repo/library/ccm.c @@ -2,19 +2,7 @@ * NIST SP800-38C compliant CCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -33,24 +21,18 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #if !defined(MBEDTLS_CCM_ALT) -#define CCM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT ) -#define CCM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CCM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CCM_BAD_INPUT) +#define CCM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #define CCM_ENCRYPT 0 #define CCM_DECRYPT 1 @@ -58,54 +40,57 @@ /* * Initialize context */ -void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) +void mbedtls_ccm_init(mbedtls_ccm_context *ctx) { - CCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); + CCM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_ccm_context)); } -int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( key != NULL ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(key != NULL); - cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Free context */ -void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) +void mbedtls_ccm_free(mbedtls_ccm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); + } + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); } /* @@ -118,38 +103,38 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) * (Always using b as the source helps the compiler optimise a bit better.) */ #define UPDATE_CBC_MAC \ - for( i = 0; i < 16; i++ ) \ - y[i] ^= b[i]; \ + for (i = 0; i < 16; i++) \ + y[i] ^= b[i]; \ \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, y, 16, y, &olen)) != 0) \ + return ret; /* * Encrypt or decrypt a partial block with CTR * Warning: using b for temporary storage! src and dst must not be b! * This avoids allocating one more 16 bytes buffer while allowing src == dst. */ -#define CTR_CRYPT( dst, src, len ) \ +#define CTR_CRYPT(dst, src, len) \ do \ { \ - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, \ - 16, b, &olen ) ) != 0 ) \ + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctr, \ + 16, b, &olen)) != 0) \ { \ - return( ret ); \ + return ret; \ } \ - \ - for( i = 0; i < (len); i++ ) \ - (dst)[i] = (src)[i] ^ b[i]; \ - } while( 0 ) + \ + for (i = 0; i < (len); i++) \ + (dst)[i] = (src)[i] ^ b[i]; \ + } while (0) /* * Authenticated encryption or decryption */ -static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; @@ -168,15 +153,18 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4). */ - if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } /* Also implies q is within bounds */ - if( iv_len < 7 || iv_len > 13 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (iv_len < 7 || iv_len > 13) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } - if( add_len >= 0xFF00 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (add_len >= 0xFF00) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } q = 16 - 1 - (unsigned char) iv_len; @@ -193,49 +181,49 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 2 .. 0 q - 1 */ b[0] = 0; - b[0] |= ( add_len > 0 ) << 6; - b[0] |= ( ( tag_len - 2 ) / 2 ) << 3; + b[0] |= (add_len > 0) << 6; + b[0] |= ((tag_len - 2) / 2) << 3; b[0] |= q - 1; - memcpy( b + 1, iv, iv_len ); + memcpy(b + 1, iv, iv_len); - for( i = 0, len_left = length; i < q; i++, len_left >>= 8 ) - b[15-i] = MBEDTLS_BYTE_0( len_left ); + for (i = 0, len_left = length; i < q; i++, len_left >>= 8) { + b[15-i] = MBEDTLS_BYTE_0(len_left); + } - if( len_left > 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); + if (len_left > 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } /* Start CBC-MAC with first block */ - memset( y, 0, 16 ); + memset(y, 0, 16); UPDATE_CBC_MAC; /* * If there is additional data, update CBC-MAC with * add_len, add, 0 (padding to a block boundary) */ - if( add_len > 0 ) - { + if (add_len > 0) { size_t use_len; len_left = add_len; src = add; - memset( b, 0, 16 ); - MBEDTLS_PUT_UINT16_BE( add_len, b, 0 ); + memset(b, 0, 16); + MBEDTLS_PUT_UINT16_BE(add_len, b, 0); use_len = len_left < 16 - 2 ? len_left : 16 - 2; - memcpy( b + 2, src, use_len ); + memcpy(b + 2, src, use_len); len_left -= use_len; src += use_len; UPDATE_CBC_MAC; - while( len_left > 0 ) - { + while (len_left > 0) { use_len = len_left > 16 ? 16 : len_left; - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + memset(b, 0, 16); + memcpy(b, src, use_len); UPDATE_CBC_MAC; len_left -= use_len; @@ -254,8 +242,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * 2 .. 0 q - 1 */ ctr[0] = q - 1; - memcpy( ctr + 1, iv, iv_len ); - memset( ctr + 1 + iv_len, 0, q ); + memcpy(ctr + 1, iv, iv_len); + memset(ctr + 1 + iv_len, 0, q); ctr[15] = 1; /* @@ -268,23 +256,20 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, src = input; dst = output; - while( len_left > 0 ) - { + while (len_left > 0) { size_t use_len = len_left > 16 ? 16 : len_left; - if( mode == CCM_ENCRYPT ) - { - memset( b, 0, 16 ); - memcpy( b, src, use_len ); + if (mode == CCM_ENCRYPT) { + memset(b, 0, 16); + memcpy(b, src, use_len); UPDATE_CBC_MAC; } - CTR_CRYPT( dst, src, use_len ); + CTR_CRYPT(dst, src, use_len); - if( mode == CCM_DECRYPT ) - { - memset( b, 0, 16 ); - memcpy( b, dst, use_len ); + if (mode == CCM_DECRYPT) { + memset(b, 0, 16); + memcpy(b, dst, use_len); UPDATE_CBC_MAC; } @@ -296,120 +281,121 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, * Increment counter. * No need to check for overflow thanks to the length check above. */ - for( i = 0; i < q; i++ ) - if( ++ctr[15-i] != 0 ) + for (i = 0; i < q; i++) { + if (++ctr[15-i] != 0) { break; + } + } } /* * Authentication: reset counter and crypt/mask internal tag */ - for( i = 0; i < q; i++ ) + for (i = 0; i < q; i++) { ctr[15-i] = 0; + } - CTR_CRYPT( y, y, 16 ); - memcpy( tag, y, tag_len ); + CTR_CRYPT(y, y, 16); + memcpy(tag, y, tag_len); - return( 0 ); + return 0; } /* * Authenticated encryption */ -int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len, - add, add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + return ccm_auth_crypt(ctx, CCM_ENCRYPT, length, iv, iv_len, + add, add_len, input, output, tag, tag_len); } -int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); - - return( mbedtls_ccm_star_encrypt_and_tag( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (tag_len == 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + return mbedtls_ccm_star_encrypt_and_tag(ctx, length, iv, iv_len, add, + add_len, input, output, tag, tag_len); } /* * Authenticated decryption */ -int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - unsigned char i; int diff; - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length, - iv, iv_len, add, add_len, - input, output, check_tag, tag_len ) ) != 0 ) - { - return( ret ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + + if ((ret = ccm_auth_crypt(ctx, CCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, check_tag, tag_len)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < tag_len; i++ ) - diff |= tag[i] ^ check_tag[i]; + diff = mbedtls_ct_memcmp(tag, check_tag, tag_len); - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_CCM_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_CCM_AUTH_FAILED; } - return( 0 ); + return 0; } -int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, - const unsigned char *iv, size_t iv_len, - const unsigned char *add, size_t add_len, - const unsigned char *input, unsigned char *output, - const unsigned char *tag, size_t tag_len ) +int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, + const unsigned char *iv, size_t iv_len, + const unsigned char *add, size_t add_len, + const unsigned char *input, unsigned char *output, + const unsigned char *tag, size_t tag_len) { - CCM_VALIDATE_RET( ctx != NULL ); - CCM_VALIDATE_RET( iv != NULL ); - CCM_VALIDATE_RET( add_len == 0 || add != NULL ); - CCM_VALIDATE_RET( length == 0 || input != NULL ); - CCM_VALIDATE_RET( length == 0 || output != NULL ); - CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - if( tag_len == 0 ) - return( MBEDTLS_ERR_CCM_BAD_INPUT ); - - return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add, - add_len, input, output, tag, tag_len ) ); + CCM_VALIDATE_RET(ctx != NULL); + CCM_VALIDATE_RET(iv != NULL); + CCM_VALIDATE_RET(add_len == 0 || add != NULL); + CCM_VALIDATE_RET(length == 0 || input != NULL); + CCM_VALIDATE_RET(length == 0 || output != NULL); + CCM_VALIDATE_RET(tag_len == 0 || tag != NULL); + + if (tag_len == 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + return mbedtls_ccm_star_auth_decrypt(ctx, length, iv, iv_len, add, + add_len, input, output, tag, tag_len); } #endif /* !MBEDTLS_CCM_ALT */ @@ -446,7 +432,7 @@ static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, }; -static const size_t iv_len_test_data [NB_TESTS] = { 7, 8, 12 }; +static const size_t iv_len_test_data[NB_TESTS] = { 7, 8, 12 }; static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 }; static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 }; static const size_t tag_len_test_data[NB_TESTS] = { 4, 6, 8 }; @@ -462,7 +448,7 @@ static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = { 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } }; -int mbedtls_ccm_self_test( int verbose ) +int mbedtls_ccm_self_test(int verbose) { mbedtls_ccm_context ctx; /* @@ -475,70 +461,72 @@ int mbedtls_ccm_self_test( int verbose ) size_t i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, - 8 * sizeof key_test_data ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " CCM: setup failed" ); + if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, + 8 * sizeof(key_test_data)) != 0) { + if (verbose != 0) { + mbedtls_printf(" CCM: setup failed"); + } - return( 1 ); + return 1; } - for( i = 0; i < NB_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); - - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); - memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); - memcpy( plaintext, msg_test_data, msg_len_test_data[i] ); - - ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i], - iv_test_data, iv_len_test_data[i], - ad_test_data, add_len_test_data[i], - plaintext, ciphertext, - ciphertext + msg_len_test_data[i], - tag_len_test_data[i] ); - - if( ret != 0 || - memcmp( ciphertext, res_test_data[i], - msg_len_test_data[i] + tag_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( 1 ); + for (i = 0; i < NB_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" CCM-AES #%u: ", (unsigned int) i + 1); + } + + memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN); + memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN); + memcpy(plaintext, msg_test_data, msg_len_test_data[i]); + + ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i], + iv_test_data, iv_len_test_data[i], + ad_test_data, add_len_test_data[i], + plaintext, ciphertext, + ciphertext + msg_len_test_data[i], + tag_len_test_data[i]); + + if (ret != 0 || + memcmp(ciphertext, res_test_data[i], + msg_len_test_data[i] + tag_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + + return 1; } - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); - - ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i], - iv_test_data, iv_len_test_data[i], - ad_test_data, add_len_test_data[i], - ciphertext, plaintext, - ciphertext + msg_len_test_data[i], - tag_len_test_data[i] ); - - if( ret != 0 || - memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - - return( 1 ); + memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN); + + ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i], + iv_test_data, iv_len_test_data[i], + ad_test_data, add_len_test_data[i], + ciphertext, plaintext, + ciphertext + msg_len_test_data[i], + tag_len_test_data[i]); + + if (ret != 0 || + memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + + return 1; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/third_party/mbedtls/repo/library/certs.c b/third_party/mbedtls/repo/library/certs.c index a5695e3c8e8..79856cd6cf9 100644 --- a/third_party/mbedtls/repo/library/certs.c +++ b/third_party/mbedtls/repo/library/certs.c @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -38,69 +26,69 @@ /* This is taken from tests/data_files/test-ca2.crt */ /* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */ -#define TEST_CA_CRT_EC_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \ - "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ - "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \ - "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ - "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \ - "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \ - "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \ - "MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \ - "SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \ - "LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \ - "hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n" \ +#define TEST_CA_CRT_EC_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \ + "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ + "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \ + "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ + "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \ + "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \ + "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \ + "MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \ + "SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \ + "LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \ + "hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n" \ "-----END CERTIFICATE-----\r\n" /* END FILE */ /* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */ -#define TEST_CA_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ - 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ - 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ - 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ - 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ - 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ - 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ - 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ - 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ - 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ - 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ - 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ - 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ - 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ - 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ - 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \ - 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \ - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \ - 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ - 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \ - 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \ - 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \ - 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \ - 0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \ - 0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \ - 0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \ - 0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \ - 0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \ - 0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \ - 0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \ - 0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \ - 0xf5, 0xae, 0x1c, 0x42 \ +#define TEST_CA_CRT_EC_DER { \ + 0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ + 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ + 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ + 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ + 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ + 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ + 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ + 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ + 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ + 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ + 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ + 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ + 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ + 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ + 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ + 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \ + 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \ + 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \ + 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ + 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \ + 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \ + 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \ + 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \ + 0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \ + 0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \ + 0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \ + 0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \ + 0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \ + 0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \ + 0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \ + 0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \ + 0xf5, 0xae, 0x1c, 0x42 \ } /* END FILE */ @@ -123,20 +111,20 @@ /* This is generated from tests/data_files/test-ca2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca2.key.der */ #define TEST_CA_KEY_EC_DER { \ - 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ - 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ - 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ - 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ - 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ - 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ - 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ - 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ - 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ - 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ - 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ - 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ - 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ - 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ + 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ + 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ + 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ + 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ + 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ + 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ + 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ + 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ + 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ + 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ + 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ + 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ + 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ + 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ } /* END FILE */ @@ -169,76 +157,76 @@ * using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER tests/data_files/test-ca-sha256.crt.der */ #define TEST_CA_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ - 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ - 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ - 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ - 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ - 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ - 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ - 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ - 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ - 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ - 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ - 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ - 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ - 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ - 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ - 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ - 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ - 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ - 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ - 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ - 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ - 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ + 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ + 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ + 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ + 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ + 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ + 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ + 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ + 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ + 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ + 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ + 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ + 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ + 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ + 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ + 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ + 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ + 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ + 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ + 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ + 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ + 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ } /* END FILE */ @@ -270,76 +258,76 @@ /* This is taken from tests/data_files/test-ca-sha1.crt.der. */ /* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER tests/data_files/test-ca-sha1.crt.der */ #define TEST_CA_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d, \ - 0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52, \ - 0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f, \ - 0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08, \ - 0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7, \ - 0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a, \ - 0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff, \ - 0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f, \ - 0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a, \ - 0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9, \ - 0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15, \ - 0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93, \ - 0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5, \ - 0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a, \ - 0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95, \ - 0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c, \ - 0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf, \ - 0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea, \ - 0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89, \ - 0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12, \ - 0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda, \ - 0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90 \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d, \ + 0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52, \ + 0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f, \ + 0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08, \ + 0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7, \ + 0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a, \ + 0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff, \ + 0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f, \ + 0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a, \ + 0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9, \ + 0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15, \ + 0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93, \ + 0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5, \ + 0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a, \ + 0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95, \ + 0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c, \ + 0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf, \ + 0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea, \ + 0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89, \ + 0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12, \ + 0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda, \ + 0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90 \ } /* END FILE */ @@ -348,33 +336,33 @@ #define TEST_CA_KEY_RSA_PEM \ "-----BEGIN RSA PRIVATE KEY-----\r\n" \ "Proc-Type: 4,ENCRYPTED\r\n" \ - "DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" \ + "AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \ "\r\n" \ - "9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \ - "7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \ - "Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \ - "PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \ - "GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \ - "gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \ - "QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \ - "PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \ - "vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \ - "WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \ - "JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \ - "KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \ - "Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \ - "9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \ - "iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \ - "tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \ - "P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \ - "1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \ - "nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \ - "X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \ - "rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \ - "L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \ - "I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \ - "wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \ - "P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \ + "etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \ + "NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \ + "bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \ + "skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \ + "sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \ + "U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \ + "L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \ + "UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \ + "itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \ + "sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \ + "/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \ + "1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \ + "UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \ + "7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \ + "ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \ + "cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \ + "R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \ + "EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \ + "90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \ + "gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \ + "xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \ + "0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \ + "fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \ + "9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \ + "PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \ "-----END RSA PRIVATE KEY-----\r\n" /* END FILE */ @@ -383,106 +371,106 @@ /* This was generated from test-ca.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER tests/data_files/test-ca.key.der */ #define TEST_CA_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ - 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ - 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ - 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ - 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ - 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ - 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ - 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ - 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ - 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ - 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ - 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ - 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ - 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ - 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ - 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ - 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ - 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ - 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ - 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ - 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ - 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ - 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ - 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ - 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ - 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ - 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ - 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ - 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ - 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ - 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ - 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ - 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ - 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ - 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ - 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ - 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ - 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ - 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ - 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ - 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ - 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ - 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ - 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ - 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ - 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ - 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ - 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ - 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ - 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ - 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ - 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ - 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ - 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ - 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ - 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ - 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ - 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ - 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ - 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ - 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ - 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ - 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ - 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ - 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ - 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ - 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ - 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ - 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ - 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ - 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ - 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ - 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ - 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ - 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ - 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ - 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ - 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ - 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ - 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ - 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ - 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ - 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ - 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ - 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ - 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ - 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ - 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ - 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ - 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ - 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ - 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ - 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ - 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ - 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ - 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ - 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ - 0xa8, 0xc2, 0x8f, 0x0d \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ + 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ + 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ + 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ + 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ + 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ + 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ + 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ + 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ + 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ + 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ + 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ + 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ + 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ + 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ + 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ + 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ + 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ + 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ + 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ + 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ + 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ + 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ + 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ + 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ + 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ + 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ + 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ + 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ + 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ + 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ + 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ + 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ + 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ + 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ + 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ + 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ + 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ + 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ + 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ + 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ + 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ + 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ + 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ + 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ + 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ + 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ + 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ + 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ + 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ + 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ + 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ + 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ + 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ + 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ + 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ + 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ + 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ + 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ + 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ + 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ + 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ + 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ + 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ + 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ + 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ + 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ + 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ + 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ + 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ + 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ + 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ + 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ + 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ + 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ + 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ + 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ + 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ + 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ + 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ + 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ + 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ + 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ + 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ + 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ + 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ + 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ + 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ + 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ + 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ + 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ + 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ + 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ + 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ + 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ + 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ + 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ + 0xa8, 0xc2, 0x8f, 0x0d \ } /* END FILE */ @@ -501,72 +489,72 @@ /* This is taken from tests/data_files/server5.crt. */ /* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */ -#define TEST_SRV_CRT_EC_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \ - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \ - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \ - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \ - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \ - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \ - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \ - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \ - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \ - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" \ +#define TEST_SRV_CRT_EC_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \ + "MjMwNjE1MDMzNDE4WhcNMzMwNjEyMDMzNDE4WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \ + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \ + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \ + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \ + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \ + "clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \ + "CCqGSM49BAMCA2gAMGUCMAHFbGEzx8dZaUlIltT5s1QO9FvKmvFer4uRY3ntEy9S\r\n" \ + "k7DCCozM86WWLjfzbJ78bwIxAJYRPF1CzNEiXPHb9O46ZPHKo2S5x//g/54RowAK\r\n" \ + "uZz+hKPuMi6YY6cIm81jfeaSZQ==\r\n" \ "-----END CERTIFICATE-----\r\n" /* END FILE */ /* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */ -#define TEST_SRV_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \ - 0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \ - 0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ - 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ - 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ - 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ - 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ - 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ - 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ - 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ - 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ - 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ - 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ - 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ - 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ - 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ - 0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \ - 0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \ - 0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \ - 0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \ - 0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \ - 0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \ - 0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \ - 0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \ - 0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \ +#define TEST_SRV_CRT_EC_DER { \ + 0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x32, 0x33, 0x30, 0x36, 0x31, 0x35, 0x30, 0x33, 0x33, 0x34, 0x31, 0x38, \ + 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x36, 0x31, 0x32, 0x30, 0x33, 0x33, \ + 0x34, 0x31, 0x38, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ + 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ + 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ + 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ + 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ + 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ + 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ + 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ + 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ + 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ + 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ + 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ + 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ + 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ + 0x30, 0x65, 0x02, 0x30, 0x01, 0xc5, 0x6c, 0x61, 0x33, 0xc7, 0xc7, 0x59, \ + 0x69, 0x49, 0x48, 0x96, 0xd4, 0xf9, 0xb3, 0x54, 0x0e, 0xf4, 0x5b, 0xca, \ + 0x9a, 0xf1, 0x5e, 0xaf, 0x8b, 0x91, 0x63, 0x79, 0xed, 0x13, 0x2f, 0x52, \ + 0x93, 0xb0, 0xc2, 0x0a, 0x8c, 0xcc, 0xf3, 0xa5, 0x96, 0x2e, 0x37, 0xf3, \ + 0x6c, 0x9e, 0xfc, 0x6f, 0x02, 0x31, 0x00, 0x96, 0x11, 0x3c, 0x5d, 0x42, \ + 0xcc, 0xd1, 0x22, 0x5c, 0xf1, 0xdb, 0xf4, 0xee, 0x3a, 0x64, 0xf1, 0xca, \ + 0xa3, 0x64, 0xb9, 0xc7, 0xff, 0xe0, 0xff, 0x9e, 0x11, 0xa3, 0x00, 0x0a, \ + 0xb9, 0x9c, 0xfe, 0x84, 0xa3, 0xee, 0x32, 0x2e, 0x98, 0x63, 0xa7, 0x08, \ + 0x9b, 0xcd, 0x63, 0x7d, 0xe6, 0x92, 0x65 \ } /* END FILE */ @@ -583,17 +571,17 @@ /* This is generated from tests/data_files/server5.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server5.key.der */ #define TEST_SRV_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ - 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ - 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ - 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ - 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ - 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ - 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ - 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ - 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ - 0xff \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ + 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ + 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ + 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ + 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ + 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ + 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ + 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ + 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ + 0xff \ } /* END FILE */ @@ -625,175 +613,175 @@ /* This is taken from tests/data_files/server2-sha256.crt.der. */ /* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER tests/data_files/server2-sha256.crt.der */ #define TEST_SRV_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ - 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ - 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ - 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ - 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ - 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ - 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ - 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ - 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ - 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ - 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ - 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ - 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ - 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ - 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ - 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ - 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ - 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ - 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ - 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ - 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ - 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ + 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ + 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ + 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ + 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ + 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ + 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ + 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ + 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ + 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ + 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ + 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ + 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ + 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ + 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ + 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ + 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ + 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ + 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ + 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ + 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ + 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ } /* END FILE */ /* This is taken from tests/data_files/server2.crt. */ /* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM tests/data_files/server2.crt */ #define TEST_SRV_CRT_RSA_SHA1_PEM \ -"-----BEGIN CERTIFICATE-----\r\n" \ -"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ -"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ -"MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ -"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ -"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ -"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ -"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ -"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ -"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ -"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ -"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ -"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ -"cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ -"O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ -"KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ -"iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ -"HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ -"Awgk0+4m0T25cNs=\r\n" \ -"-----END CERTIFICATE-----\r\n" + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ + "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ + "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ + "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ + "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ + "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ + "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ + "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ + "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ + "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ + "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ + "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ + "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ + "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ + "Awgk0+4m0T25cNs=\r\n" \ + "-----END CERTIFICATE-----\r\n" /* END FILE */ /* This is taken from tests/data_files/server2.crt.der. */ /* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER tests/data_files/server2.crt.der */ #define TEST_SRV_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5, \ - 0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0, \ - 0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8, \ - 0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce, \ - 0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85, \ - 0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86, \ - 0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43, \ - 0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc, \ - 0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d, \ - 0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1, \ - 0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02, \ - 0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89, \ - 0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e, \ - 0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2, \ - 0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb, \ - 0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c, \ - 0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35, \ - 0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b, \ - 0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11, \ - 0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60, \ - 0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b, \ - 0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8 \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5, \ + 0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0, \ + 0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8, \ + 0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce, \ + 0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85, \ + 0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86, \ + 0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43, \ + 0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc, \ + 0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d, \ + 0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1, \ + 0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02, \ + 0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89, \ + 0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e, \ + 0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2, \ + 0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb, \ + 0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c, \ + 0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35, \ + 0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b, \ + 0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11, \ + 0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60, \ + 0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b, \ + 0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8 \ } /* END FILE */ @@ -832,106 +820,106 @@ /* This was generated from tests/data_files/server2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER tests/data_files/server2.key.der */ #define TEST_SRV_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ - 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ - 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ - 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ - 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ - 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ - 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ - 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ - 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ - 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ - 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ - 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ - 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ - 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ - 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ - 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ - 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ - 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ - 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ - 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ - 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ - 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ - 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ - 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ - 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ - 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ - 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ - 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ - 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ - 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ - 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ - 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ - 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ - 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ - 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ - 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ - 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ - 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ - 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ - 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ - 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ - 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ - 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ - 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ - 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ - 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ - 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ - 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ - 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ - 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ - 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ - 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ - 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ - 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ - 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ - 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ - 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ - 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ - 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ - 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ - 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ - 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ - 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ - 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ - 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ - 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ - 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ - 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ - 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ - 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ - 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ - 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ - 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ - 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ - 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ - 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ - 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ - 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ - 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ - 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ - 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ - 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ - 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ - 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ - 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ - 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ - 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ - 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ - 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ - 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ - 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ - 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ - 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ - 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ - 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ - 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ - 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ - 0x06, 0x21, 0x2e, 0x56 \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ + 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ + 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ + 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ + 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ + 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ + 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ + 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ + 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ + 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ + 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ + 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ + 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ + 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ + 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ + 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ + 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ + 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ + 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ + 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ + 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ + 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ + 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ + 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ + 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ + 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ + 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ + 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ + 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ + 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ + 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ + 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ + 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ + 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ + 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ + 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ + 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ + 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ + 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ + 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ + 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ + 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ + 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ + 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ + 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ + 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ + 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ + 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ + 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ + 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ + 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ + 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ + 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ + 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ + 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ + 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ + 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ + 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ + 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ + 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ + 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ + 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ + 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ + 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ + 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ + 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ + 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ + 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ + 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ + 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ + 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ + 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ + 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ + 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ + 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ + 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ + 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ + 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ + 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ + 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ + 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ + 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ + 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ + 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ + 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ + 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ + 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ + 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ + 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ + 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ + 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ + 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ + 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ + 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ + 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ + 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ + 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ + 0x06, 0x21, 0x2e, 0x56 \ } /* END FILE */ @@ -969,47 +957,47 @@ /* This is generated from tests/data_files/cli2.crt.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli2.crt.der */ #define TEST_CLI_CRT_EC_DER { \ - 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ - 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ - 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ - 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ - 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ - 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ - 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ - 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ - 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ - 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ - 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ - 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ - 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ - 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ - 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ - 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ - 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ - 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ - 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ - 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ - 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ - 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ - 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ - 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ - 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ - 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ - 0x6b, 0xd5, 0x64 \ + 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ + 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ + 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ + 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ + 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ + 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ + 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ + 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ + 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ + 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ + 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ + 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ + 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ + 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ + 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ + 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ + 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ + 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ + 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ + 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ + 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ + 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ + 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ + 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ + 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ + 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ + 0x6b, 0xd5, 0x64 \ } /* END FILE */ @@ -1026,17 +1014,17 @@ /* This is generated from tests/data_files/cli2.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli2.key.der */ #define TEST_CLI_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ - 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ - 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ - 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ - 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ - 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ - 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ - 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ - 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ - 0xc7 \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ + 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ + 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ + 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ + 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ + 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ + 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ + 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ + 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ + 0xc7 \ } /* END FILE */ @@ -1069,76 +1057,76 @@ using `xxd -i.` */ /* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER tests/data_files/cli-rsa-sha256.crt.der */ #define TEST_CLI_CRT_RSA_DER { \ - 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ - 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ - 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ - 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ - 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ - 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ - 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ - 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ - 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ - 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ - 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ - 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ - 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ - 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ - 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ - 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ - 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ - 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ - 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ - 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ - 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ - 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ - 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ - 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ - 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ - 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ - 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ - 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ - 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ - 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ - 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ - 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ - 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ - 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ - 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ - 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ - 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ - 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ - 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ - 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ - 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ - 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ - 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ - 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ - 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ - 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ - 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ - 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ - 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ - 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ - 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ - 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ - 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ - 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ + 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ + 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ + 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ + 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ + 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ + 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ + 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ + 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ + 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ + 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ + 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ + 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ + 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ + 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ + 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ + 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ + 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ + 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ + 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ + 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ + 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ + 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ + 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ + 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ + 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ + 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ + 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ + 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ + 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ + 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ + 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ + 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ + 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ + 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ + 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ + 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ + 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ + 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ + 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ + 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ + 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ + 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ + 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ + 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ + 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ + 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ + 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ + 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ + 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ + 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ + 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ + 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ + 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ + 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ + 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ } /* END FILE */ @@ -1176,106 +1164,106 @@ /* This was generated from tests/data_files/cli-rsa.key.der using `xxd -i`. */ /* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER tests/data_files/cli-rsa.key.der */ #define TEST_CLI_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ - 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ - 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ - 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ - 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ - 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ - 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ - 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ - 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ - 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ - 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ - 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ - 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ - 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ - 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ - 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ - 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ - 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ - 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ - 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ - 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ - 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ - 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ - 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ - 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ - 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ - 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ - 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ - 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ - 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ - 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ - 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ - 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ - 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ - 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ - 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ - 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ - 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ - 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ - 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ - 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ - 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ - 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ - 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ - 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ - 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ - 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ - 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ - 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ - 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ - 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ - 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ - 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ - 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ - 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ - 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ - 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ - 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ - 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ - 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ - 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ - 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ - 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ - 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ - 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ - 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ - 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ - 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ - 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ - 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ - 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ - 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ - 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ - 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ - 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ - 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ - 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ - 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ - 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ - 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ - 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ - 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ - 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ - 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ - 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ - 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ - 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ - 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ - 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ - 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ - 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ - 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ - 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ - 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ - 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ - 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ - 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ - 0x8b, 0x87, 0xc3, 0x00 \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ + 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ + 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ + 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ + 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ + 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ + 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ + 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ + 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ + 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ + 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ + 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ + 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ + 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ + 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ + 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ + 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ + 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ + 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ + 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ + 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ + 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ + 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ + 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ + 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ + 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ + 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ + 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ + 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ + 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ + 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ + 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ + 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ + 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ + 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ + 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ + 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ + 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ + 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ + 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ + 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ + 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ + 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ + 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ + 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ + 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ + 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ + 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ + 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ + 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ + 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ + 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ + 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ + 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ + 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ + 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ + 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ + 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ + 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ + 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ + 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ + 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ + 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ + 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ + 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ + 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ + 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ + 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ + 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ + 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ + 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ + 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ + 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ + 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ + 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ + 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ + 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ + 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ + 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ + 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ + 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ + 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ + 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ + 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ + 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ + 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ + 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ + 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ + 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ + 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ + 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ + 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ + 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ + 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ + 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ + 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ + 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ + 0x8b, 0x87, 0xc3, 0x00 \ } /* END FILE */ @@ -1306,32 +1294,32 @@ const unsigned char mbedtls_test_ca_crt_rsa_sha256_der[] = TEST_CA_CRT_RSA_SHA256_DER; const size_t mbedtls_test_ca_crt_ec_pem_len = - sizeof( mbedtls_test_ca_crt_ec_pem ); + sizeof(mbedtls_test_ca_crt_ec_pem); const size_t mbedtls_test_ca_key_ec_pem_len = - sizeof( mbedtls_test_ca_key_ec_pem ); + sizeof(mbedtls_test_ca_key_ec_pem); const size_t mbedtls_test_ca_pwd_ec_pem_len = - sizeof( mbedtls_test_ca_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_ca_pwd_ec_pem) - 1; const size_t mbedtls_test_ca_key_rsa_pem_len = - sizeof( mbedtls_test_ca_key_rsa_pem ); + sizeof(mbedtls_test_ca_key_rsa_pem); const size_t mbedtls_test_ca_pwd_rsa_pem_len = - sizeof( mbedtls_test_ca_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_ca_pwd_rsa_pem) - 1; const size_t mbedtls_test_ca_crt_rsa_sha1_pem_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1_pem ); + sizeof(mbedtls_test_ca_crt_rsa_sha1_pem); const size_t mbedtls_test_ca_crt_rsa_sha256_pem_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256_pem ); + sizeof(mbedtls_test_ca_crt_rsa_sha256_pem); const size_t mbedtls_test_ca_crt_ec_der_len = - sizeof( mbedtls_test_ca_crt_ec_der ); + sizeof(mbedtls_test_ca_crt_ec_der); const size_t mbedtls_test_ca_key_ec_der_len = - sizeof( mbedtls_test_ca_key_ec_der ); + sizeof(mbedtls_test_ca_key_ec_der); const size_t mbedtls_test_ca_pwd_ec_der_len = 0; const size_t mbedtls_test_ca_key_rsa_der_len = - sizeof( mbedtls_test_ca_key_rsa_der ); + sizeof(mbedtls_test_ca_key_rsa_der); const size_t mbedtls_test_ca_pwd_rsa_der_len = 0; const size_t mbedtls_test_ca_crt_rsa_sha1_der_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1_der ); + sizeof(mbedtls_test_ca_crt_rsa_sha1_der); const size_t mbedtls_test_ca_crt_rsa_sha256_der_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256_der ); + sizeof(mbedtls_test_ca_crt_rsa_sha256_der); /* * Server @@ -1354,32 +1342,32 @@ const unsigned char mbedtls_test_srv_crt_rsa_sha256_der[] = TEST_SRV_CRT_RSA_SHA256_DER; const size_t mbedtls_test_srv_crt_ec_pem_len = - sizeof( mbedtls_test_srv_crt_ec_pem ); + sizeof(mbedtls_test_srv_crt_ec_pem); const size_t mbedtls_test_srv_key_ec_pem_len = - sizeof( mbedtls_test_srv_key_ec_pem ); + sizeof(mbedtls_test_srv_key_ec_pem); const size_t mbedtls_test_srv_pwd_ec_pem_len = - sizeof( mbedtls_test_srv_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_srv_pwd_ec_pem) - 1; const size_t mbedtls_test_srv_key_rsa_pem_len = - sizeof( mbedtls_test_srv_key_rsa_pem ); + sizeof(mbedtls_test_srv_key_rsa_pem); const size_t mbedtls_test_srv_pwd_rsa_pem_len = - sizeof( mbedtls_test_srv_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_srv_pwd_rsa_pem) - 1; const size_t mbedtls_test_srv_crt_rsa_sha1_pem_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1_pem ); + sizeof(mbedtls_test_srv_crt_rsa_sha1_pem); const size_t mbedtls_test_srv_crt_rsa_sha256_pem_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256_pem ); + sizeof(mbedtls_test_srv_crt_rsa_sha256_pem); const size_t mbedtls_test_srv_crt_ec_der_len = - sizeof( mbedtls_test_srv_crt_ec_der ); + sizeof(mbedtls_test_srv_crt_ec_der); const size_t mbedtls_test_srv_key_ec_der_len = - sizeof( mbedtls_test_srv_key_ec_der ); + sizeof(mbedtls_test_srv_key_ec_der); const size_t mbedtls_test_srv_pwd_ec_der_len = 0; const size_t mbedtls_test_srv_key_rsa_der_len = - sizeof( mbedtls_test_srv_key_rsa_der ); + sizeof(mbedtls_test_srv_key_rsa_der); const size_t mbedtls_test_srv_pwd_rsa_der_len = 0; const size_t mbedtls_test_srv_crt_rsa_sha1_der_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1_der ); + sizeof(mbedtls_test_srv_crt_rsa_sha1_der); const size_t mbedtls_test_srv_crt_rsa_sha256_der_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256_der ); + sizeof(mbedtls_test_srv_crt_rsa_sha256_der); /* * Client @@ -1398,26 +1386,26 @@ const unsigned char mbedtls_test_cli_key_rsa_der[] = TEST_CLI_KEY_RSA_DER; const unsigned char mbedtls_test_cli_crt_rsa_der[] = TEST_CLI_CRT_RSA_DER; const size_t mbedtls_test_cli_crt_ec_pem_len = - sizeof( mbedtls_test_cli_crt_ec_pem ); + sizeof(mbedtls_test_cli_crt_ec_pem); const size_t mbedtls_test_cli_key_ec_pem_len = - sizeof( mbedtls_test_cli_key_ec_pem ); + sizeof(mbedtls_test_cli_key_ec_pem); const size_t mbedtls_test_cli_pwd_ec_pem_len = - sizeof( mbedtls_test_cli_pwd_ec_pem ) - 1; + sizeof(mbedtls_test_cli_pwd_ec_pem) - 1; const size_t mbedtls_test_cli_key_rsa_pem_len = - sizeof( mbedtls_test_cli_key_rsa_pem ); + sizeof(mbedtls_test_cli_key_rsa_pem); const size_t mbedtls_test_cli_pwd_rsa_pem_len = - sizeof( mbedtls_test_cli_pwd_rsa_pem ) - 1; + sizeof(mbedtls_test_cli_pwd_rsa_pem) - 1; const size_t mbedtls_test_cli_crt_rsa_pem_len = - sizeof( mbedtls_test_cli_crt_rsa_pem ); + sizeof(mbedtls_test_cli_crt_rsa_pem); const size_t mbedtls_test_cli_crt_ec_der_len = - sizeof( mbedtls_test_cli_crt_ec_der ); + sizeof(mbedtls_test_cli_crt_ec_der); const size_t mbedtls_test_cli_key_ec_der_len = - sizeof( mbedtls_test_cli_key_ec_der ); + sizeof(mbedtls_test_cli_key_ec_der); const size_t mbedtls_test_cli_key_rsa_der_len = - sizeof( mbedtls_test_cli_key_rsa_der ); + sizeof(mbedtls_test_cli_key_rsa_der); const size_t mbedtls_test_cli_crt_rsa_der_len = - sizeof( mbedtls_test_cli_crt_rsa_der ); + sizeof(mbedtls_test_cli_crt_rsa_der); /* * @@ -1519,47 +1507,47 @@ const char mbedtls_test_cli_pwd_ec[] = TEST_CLI_PWD_EC; const char mbedtls_test_cli_crt_ec[] = TEST_CLI_CRT_EC; const size_t mbedtls_test_ca_key_rsa_len = - sizeof( mbedtls_test_ca_key_rsa ); + sizeof(mbedtls_test_ca_key_rsa); const size_t mbedtls_test_ca_pwd_rsa_len = - sizeof( mbedtls_test_ca_pwd_rsa ) - 1; + sizeof(mbedtls_test_ca_pwd_rsa) - 1; const size_t mbedtls_test_ca_crt_rsa_sha256_len = - sizeof( mbedtls_test_ca_crt_rsa_sha256 ); + sizeof(mbedtls_test_ca_crt_rsa_sha256); const size_t mbedtls_test_ca_crt_rsa_sha1_len = - sizeof( mbedtls_test_ca_crt_rsa_sha1 ); + sizeof(mbedtls_test_ca_crt_rsa_sha1); const size_t mbedtls_test_ca_key_ec_len = - sizeof( mbedtls_test_ca_key_ec ); + sizeof(mbedtls_test_ca_key_ec); const size_t mbedtls_test_ca_pwd_ec_len = - sizeof( mbedtls_test_ca_pwd_ec ) - 1; + sizeof(mbedtls_test_ca_pwd_ec) - 1; const size_t mbedtls_test_ca_crt_ec_len = - sizeof( mbedtls_test_ca_crt_ec ); + sizeof(mbedtls_test_ca_crt_ec); const size_t mbedtls_test_srv_key_rsa_len = - sizeof( mbedtls_test_srv_key_rsa ); + sizeof(mbedtls_test_srv_key_rsa); const size_t mbedtls_test_srv_pwd_rsa_len = - sizeof( mbedtls_test_srv_pwd_rsa ) -1; + sizeof(mbedtls_test_srv_pwd_rsa) -1; const size_t mbedtls_test_srv_crt_rsa_sha256_len = - sizeof( mbedtls_test_srv_crt_rsa_sha256 ); + sizeof(mbedtls_test_srv_crt_rsa_sha256); const size_t mbedtls_test_srv_crt_rsa_sha1_len = - sizeof( mbedtls_test_srv_crt_rsa_sha1 ); + sizeof(mbedtls_test_srv_crt_rsa_sha1); const size_t mbedtls_test_srv_key_ec_len = - sizeof( mbedtls_test_srv_key_ec ); + sizeof(mbedtls_test_srv_key_ec); const size_t mbedtls_test_srv_pwd_ec_len = - sizeof( mbedtls_test_srv_pwd_ec ) - 1; + sizeof(mbedtls_test_srv_pwd_ec) - 1; const size_t mbedtls_test_srv_crt_ec_len = - sizeof( mbedtls_test_srv_crt_ec ); + sizeof(mbedtls_test_srv_crt_ec); const size_t mbedtls_test_cli_key_rsa_len = - sizeof( mbedtls_test_cli_key_rsa ); + sizeof(mbedtls_test_cli_key_rsa); const size_t mbedtls_test_cli_pwd_rsa_len = - sizeof( mbedtls_test_cli_pwd_rsa ) - 1; + sizeof(mbedtls_test_cli_pwd_rsa) - 1; const size_t mbedtls_test_cli_crt_rsa_len = - sizeof( mbedtls_test_cli_crt_rsa ); + sizeof(mbedtls_test_cli_crt_rsa); const size_t mbedtls_test_cli_key_ec_len = - sizeof( mbedtls_test_cli_key_ec ); + sizeof(mbedtls_test_cli_key_ec); const size_t mbedtls_test_cli_pwd_ec_len = - sizeof( mbedtls_test_cli_pwd_ec ) - 1; + sizeof(mbedtls_test_cli_pwd_ec) - 1; const size_t mbedtls_test_cli_crt_ec_len = - sizeof( mbedtls_test_cli_crt_ec ); + sizeof(mbedtls_test_cli_crt_ec); /* * Dispatch between SHA-1 and SHA-256 @@ -1577,9 +1565,9 @@ const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA; const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA; const size_t mbedtls_test_ca_crt_rsa_len = - sizeof( mbedtls_test_ca_crt_rsa ); + sizeof(mbedtls_test_ca_crt_rsa); const size_t mbedtls_test_srv_crt_rsa_len = - sizeof( mbedtls_test_srv_crt_rsa ); + sizeof(mbedtls_test_srv_crt_rsa); /* * Dispatch between RSA and EC @@ -1642,25 +1630,25 @@ const char *mbedtls_test_cli_pwd = test_cli_pwd; const char *mbedtls_test_cli_crt = test_cli_crt; const size_t mbedtls_test_ca_key_len = - sizeof( test_ca_key ); + sizeof(test_ca_key); const size_t mbedtls_test_ca_pwd_len = - sizeof( test_ca_pwd ) - 1; + sizeof(test_ca_pwd) - 1; const size_t mbedtls_test_ca_crt_len = - sizeof( test_ca_crt ); + sizeof(test_ca_crt); const size_t mbedtls_test_srv_key_len = - sizeof( test_srv_key ); + sizeof(test_srv_key); const size_t mbedtls_test_srv_pwd_len = - sizeof( test_srv_pwd ) - 1; + sizeof(test_srv_pwd) - 1; const size_t mbedtls_test_srv_crt_len = - sizeof( test_srv_crt ); + sizeof(test_srv_crt); const size_t mbedtls_test_cli_key_len = - sizeof( test_cli_key ); + sizeof(test_cli_key); const size_t mbedtls_test_cli_pwd_len = - sizeof( test_cli_pwd ) - 1; + sizeof(test_cli_pwd) - 1; const size_t mbedtls_test_cli_crt_len = - sizeof( test_cli_crt ); + sizeof(test_cli_crt); /* * @@ -1669,7 +1657,7 @@ const size_t mbedtls_test_cli_crt_len = */ /* List of CAs in PEM or DER, depending on config */ -const char * mbedtls_test_cas[] = { +const char *mbedtls_test_cas[] = { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C) mbedtls_test_ca_crt_rsa_sha1, #endif @@ -1683,19 +1671,19 @@ const char * mbedtls_test_cas[] = { }; const size_t mbedtls_test_cas_len[] = { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA1_C) - sizeof( mbedtls_test_ca_crt_rsa_sha1 ), + sizeof(mbedtls_test_ca_crt_rsa_sha1), #endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) - sizeof( mbedtls_test_ca_crt_rsa_sha256 ), + sizeof(mbedtls_test_ca_crt_rsa_sha256), #endif #if defined(MBEDTLS_ECDSA_C) - sizeof( mbedtls_test_ca_crt_ec ), + sizeof(mbedtls_test_ca_crt_ec), #endif 0 }; /* List of all available CA certificates in DER format */ -const unsigned char * mbedtls_test_cas_der[] = { +const unsigned char *mbedtls_test_cas_der[] = { #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SHA256_C) mbedtls_test_ca_crt_rsa_sha256_der, @@ -1713,14 +1701,14 @@ const unsigned char * mbedtls_test_cas_der[] = { const size_t mbedtls_test_cas_der_len[] = { #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SHA256_C) - sizeof( mbedtls_test_ca_crt_rsa_sha256_der ), + sizeof(mbedtls_test_ca_crt_rsa_sha256_der), #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA1_C) - sizeof( mbedtls_test_ca_crt_rsa_sha1_der ), + sizeof(mbedtls_test_ca_crt_rsa_sha1_der), #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECDSA_C) - sizeof( mbedtls_test_ca_crt_ec_der ), + sizeof(mbedtls_test_ca_crt_ec_der), #endif /* MBEDTLS_ECDSA_C */ 0 }; @@ -1740,7 +1728,7 @@ const char mbedtls_test_cas_pem[] = TEST_CA_CRT_EC_PEM #endif /* MBEDTLS_ECDSA_C */ ""; -const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem ); +const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem); #endif /* MBEDTLS_PEM_PARSE_C */ #endif /* MBEDTLS_CERTS_C */ diff --git a/third_party/mbedtls/repo/library/chacha20.c b/third_party/mbedtls/repo/library/chacha20.c index 658f0469017..82b7b1d89f4 100644 --- a/third_party/mbedtls/repo/library/chacha20.c +++ b/third_party/mbedtls/repo/library/chacha20.c @@ -6,19 +6,7 @@ * \author Daniel King * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -32,34 +20,22 @@ #include #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_CHACHA20_ALT) -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - /* Parameter validation macros */ -#define CHACHA20_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) -#define CHACHA20_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CHACHA20_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) +#define CHACHA20_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define ROTL32( value, amount ) \ - ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) ) +#define ROTL32(value, amount) \ + ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount)))) -#define CHACHA20_CTR_INDEX ( 12U ) +#define CHACHA20_CTR_INDEX (12U) -#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U ) +#define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U) /** * \brief ChaCha20 quarter round operation. @@ -76,31 +52,31 @@ * \param c The index of 'c' in the state. * \param d The index of 'd' in the state. */ -static inline void chacha20_quarter_round( uint32_t state[16], - size_t a, - size_t b, - size_t c, - size_t d ) +static inline void chacha20_quarter_round(uint32_t state[16], + size_t a, + size_t b, + size_t c, + size_t d) { /* a += b; d ^= a; d <<<= 16; */ state[a] += state[b]; state[d] ^= state[a]; - state[d] = ROTL32( state[d], 16 ); + state[d] = ROTL32(state[d], 16); /* c += d; b ^= c; b <<<= 12 */ state[c] += state[d]; state[b] ^= state[c]; - state[b] = ROTL32( state[b], 12 ); + state[b] = ROTL32(state[b], 12); /* a += b; d ^= a; d <<<= 8; */ state[a] += state[b]; state[d] ^= state[a]; - state[d] = ROTL32( state[d], 8 ); + state[d] = ROTL32(state[d], 8); /* c += d; b ^= c; b <<<= 7; */ state[c] += state[d]; state[b] ^= state[c]; - state[b] = ROTL32( state[b], 7 ); + state[b] = ROTL32(state[b], 7); } /** @@ -111,17 +87,17 @@ static inline void chacha20_quarter_round( uint32_t state[16], * * \param state The ChaCha20 state to update. */ -static void chacha20_inner_block( uint32_t state[16] ) +static void chacha20_inner_block(uint32_t state[16]) { - chacha20_quarter_round( state, 0, 4, 8, 12 ); - chacha20_quarter_round( state, 1, 5, 9, 13 ); - chacha20_quarter_round( state, 2, 6, 10, 14 ); - chacha20_quarter_round( state, 3, 7, 11, 15 ); - - chacha20_quarter_round( state, 0, 5, 10, 15 ); - chacha20_quarter_round( state, 1, 6, 11, 12 ); - chacha20_quarter_round( state, 2, 7, 8, 13 ); - chacha20_quarter_round( state, 3, 4, 9, 14 ); + chacha20_quarter_round(state, 0, 4, 8, 12); + chacha20_quarter_round(state, 1, 5, 9, 13); + chacha20_quarter_round(state, 2, 6, 10, 14); + chacha20_quarter_round(state, 3, 7, 11, 15); + + chacha20_quarter_round(state, 0, 5, 10, 15); + chacha20_quarter_round(state, 1, 6, 11, 12); + chacha20_quarter_round(state, 2, 7, 8, 13); + chacha20_quarter_round(state, 3, 4, 9, 14); } /** @@ -130,29 +106,30 @@ static void chacha20_inner_block( uint32_t state[16] ) * \param initial_state The initial ChaCha20 state (key, nonce, counter). * \param keystream Generated keystream bytes are written to this buffer. */ -static void chacha20_block( const uint32_t initial_state[16], - unsigned char keystream[64] ) +static void chacha20_block(const uint32_t initial_state[16], + unsigned char keystream[64]) { uint32_t working_state[16]; size_t i; - memcpy( working_state, - initial_state, - CHACHA20_BLOCK_SIZE_BYTES ); - - for( i = 0U; i < 10U; i++ ) - chacha20_inner_block( working_state ); - - working_state[ 0] += initial_state[ 0]; - working_state[ 1] += initial_state[ 1]; - working_state[ 2] += initial_state[ 2]; - working_state[ 3] += initial_state[ 3]; - working_state[ 4] += initial_state[ 4]; - working_state[ 5] += initial_state[ 5]; - working_state[ 6] += initial_state[ 6]; - working_state[ 7] += initial_state[ 7]; - working_state[ 8] += initial_state[ 8]; - working_state[ 9] += initial_state[ 9]; + memcpy(working_state, + initial_state, + CHACHA20_BLOCK_SIZE_BYTES); + + for (i = 0U; i < 10U; i++) { + chacha20_inner_block(working_state); + } + + working_state[0] += initial_state[0]; + working_state[1] += initial_state[1]; + working_state[2] += initial_state[2]; + working_state[3] += initial_state[3]; + working_state[4] += initial_state[4]; + working_state[5] += initial_state[5]; + working_state[6] += initial_state[6]; + working_state[7] += initial_state[7]; + working_state[8] += initial_state[8]; + working_state[9] += initial_state[9]; working_state[10] += initial_state[10]; working_state[11] += initial_state[11]; working_state[12] += initial_state[12]; @@ -160,40 +137,38 @@ static void chacha20_block( const uint32_t initial_state[16], working_state[14] += initial_state[14]; working_state[15] += initial_state[15]; - for( i = 0U; i < 16; i++ ) - { + for (i = 0U; i < 16; i++) { size_t offset = i * 4U; MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset); } - mbedtls_platform_zeroize( working_state, sizeof( working_state ) ); + mbedtls_platform_zeroize(working_state, sizeof(working_state)); } -void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ) +void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx) { - CHACHA20_VALIDATE( ctx != NULL ); + CHACHA20_VALIDATE(ctx != NULL); - mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); - mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state)); + mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8)); /* Initially, there's no keystream bytes available */ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; } -void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) +void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx) { - if( ctx != NULL ) - { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) ); + if (ctx != NULL) { + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context)); } } -int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, - const unsigned char key[32] ) +int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx, + const unsigned char key[32]) { - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( key != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(key != NULL); /* ChaCha20 constants - the string "expand 32-byte k" */ ctx->state[0] = 0x61707865; @@ -202,58 +177,57 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, ctx->state[3] = 0x6b206574; /* Set key */ - ctx->state[4] = MBEDTLS_GET_UINT32_LE( key, 0 ); - ctx->state[5] = MBEDTLS_GET_UINT32_LE( key, 4 ); - ctx->state[6] = MBEDTLS_GET_UINT32_LE( key, 8 ); - ctx->state[7] = MBEDTLS_GET_UINT32_LE( key, 12 ); - ctx->state[8] = MBEDTLS_GET_UINT32_LE( key, 16 ); - ctx->state[9] = MBEDTLS_GET_UINT32_LE( key, 20 ); - ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 ); - ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 ); - - return( 0 ); + ctx->state[4] = MBEDTLS_GET_UINT32_LE(key, 0); + ctx->state[5] = MBEDTLS_GET_UINT32_LE(key, 4); + ctx->state[6] = MBEDTLS_GET_UINT32_LE(key, 8); + ctx->state[7] = MBEDTLS_GET_UINT32_LE(key, 12); + ctx->state[8] = MBEDTLS_GET_UINT32_LE(key, 16); + ctx->state[9] = MBEDTLS_GET_UINT32_LE(key, 20); + ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24); + ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28); + + return 0; } -int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, - const unsigned char nonce[12], - uint32_t counter ) +int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx, + const unsigned char nonce[12], + uint32_t counter) { - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( nonce != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(nonce != NULL); /* Counter */ ctx->state[12] = counter; /* Nonce */ - ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 ); - ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 ); - ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 ); + ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0); + ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4); + ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8); - mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8)); /* Initially, there's no keystream bytes available */ ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; - return( 0 ); + return 0; } -int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, - size_t size, - const unsigned char *input, - unsigned char *output ) +int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx, + size_t size, + const unsigned char *input, + unsigned char *output) { size_t offset = 0U; size_t i; - CHACHA20_VALIDATE_RET( ctx != NULL ); - CHACHA20_VALIDATE_RET( size == 0 || input != NULL ); - CHACHA20_VALIDATE_RET( size == 0 || output != NULL ); + CHACHA20_VALIDATE_RET(ctx != NULL); + CHACHA20_VALIDATE_RET(size == 0 || input != NULL); + CHACHA20_VALIDATE_RET(size == 0 || output != NULL); /* Use leftover keystream bytes, if available */ - while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES ) - { + while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) { output[offset] = input[offset] - ^ ctx->keystream8[ctx->keystream_bytes_used]; + ^ ctx->keystream8[ctx->keystream_bytes_used]; ctx->keystream_bytes_used++; offset++; @@ -261,15 +235,13 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } /* Process full blocks */ - while( size >= CHACHA20_BLOCK_SIZE_BYTES ) - { + while (size >= CHACHA20_BLOCK_SIZE_BYTES) { /* Generate new keystream block and increment counter */ - chacha20_block( ctx->state, ctx->keystream8 ); + chacha20_block(ctx->state, ctx->keystream8); ctx->state[CHACHA20_CTR_INDEX]++; - for( i = 0U; i < 64U; i += 8U ) - { - output[offset + i ] = input[offset + i ] ^ ctx->keystream8[i ]; + for (i = 0U; i < 64U; i += 8U) { + output[offset + i] = input[offset + i] ^ ctx->keystream8[i]; output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1]; output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2]; output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3]; @@ -284,14 +256,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } /* Last (partial) block */ - if( size > 0U ) - { + if (size > 0U) { /* Generate new keystream block and increment counter */ - chacha20_block( ctx->state, ctx->keystream8 ); + chacha20_block(ctx->state, ctx->keystream8); ctx->state[CHACHA20_CTR_INDEX]++; - for( i = 0U; i < size; i++) - { + for (i = 0U; i < size; i++) { output[offset + i] = input[offset + i] ^ ctx->keystream8[i]; } @@ -299,39 +269,41 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, } - return( 0 ); + return 0; } -int mbedtls_chacha20_crypt( const unsigned char key[32], - const unsigned char nonce[12], - uint32_t counter, - size_t data_len, - const unsigned char* input, - unsigned char* output ) +int mbedtls_chacha20_crypt(const unsigned char key[32], + const unsigned char nonce[12], + uint32_t counter, + size_t data_len, + const unsigned char *input, + unsigned char *output) { mbedtls_chacha20_context ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHA20_VALIDATE_RET( key != NULL ); - CHACHA20_VALIDATE_RET( nonce != NULL ); - CHACHA20_VALIDATE_RET( data_len == 0 || input != NULL ); - CHACHA20_VALIDATE_RET( data_len == 0 || output != NULL ); + CHACHA20_VALIDATE_RET(key != NULL); + CHACHA20_VALIDATE_RET(nonce != NULL); + CHACHA20_VALIDATE_RET(data_len == 0 || input != NULL); + CHACHA20_VALIDATE_RET(data_len == 0 || output != NULL); - mbedtls_chacha20_init( &ctx ); + mbedtls_chacha20_init(&ctx); - ret = mbedtls_chacha20_setkey( &ctx, key ); - if( ret != 0 ) + ret = mbedtls_chacha20_setkey(&ctx, key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chacha20_starts( &ctx, nonce, counter ); - if( ret != 0 ) + ret = mbedtls_chacha20_starts(&ctx, nonce, counter); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chacha20_update( &ctx, data_len, input, output ); + ret = mbedtls_chacha20_update(&ctx, data_len, input, output); cleanup: - mbedtls_chacha20_free( &ctx ); - return( ret ); + mbedtls_chacha20_free(&ctx); + return ret; } #endif /* !MBEDTLS_CHACHA20_ALT */ @@ -507,50 +479,52 @@ static const size_t test_lengths[2] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_chacha20_self_test( int verbose ) +int mbedtls_chacha20_self_test(int verbose) { unsigned char output[381]; unsigned i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( i = 0U; i < 2U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ChaCha20 test %u ", i ); + for (i = 0U; i < 2U; i++) { + if (verbose != 0) { + mbedtls_printf(" ChaCha20 test %u ", i); + } - ret = mbedtls_chacha20_crypt( test_keys[i], - test_nonces[i], - test_counters[i], - test_lengths[i], - test_input[i], - output ); + ret = mbedtls_chacha20_crypt(test_keys[i], + test_nonces[i], + test_counters[i], + test_lengths[i], + test_input[i], + output); - ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); + ASSERT(0 == ret, ("error code: %i\n", ret)); - ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ), - ( "failed (output)\n" ) ); + ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]), + ("failed (output)\n")); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/chachapoly.c b/third_party/mbedtls/repo/library/chachapoly.c index dc75b2030a4..dd678f4c331 100644 --- a/third_party/mbedtls/repo/library/chachapoly.c +++ b/third_party/mbedtls/repo/library/chachapoly.c @@ -4,19 +4,7 @@ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -25,49 +13,44 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_CHACHAPOLY_ALT) /* Parameter validation macros */ -#define CHACHAPOLY_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) -#define CHACHAPOLY_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CHACHAPOLY_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) +#define CHACHAPOLY_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define CHACHAPOLY_STATE_INIT ( 0 ) -#define CHACHAPOLY_STATE_AAD ( 1 ) -#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */ -#define CHACHAPOLY_STATE_FINISHED ( 3 ) +#define CHACHAPOLY_STATE_INIT (0) +#define CHACHAPOLY_STATE_AAD (1) +#define CHACHAPOLY_STATE_CIPHERTEXT (2) /* Encrypting or decrypting */ +#define CHACHAPOLY_STATE_FINISHED (3) /** * \brief Adds nul bytes to pad the AAD for Poly1305. * * \param ctx The ChaCha20-Poly1305 context. */ -static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) +static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx) { - uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U ); + uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U); unsigned char zeroes[15]; - if( partial_block_len == 0U ) - return( 0 ); + if (partial_block_len == 0U) { + return 0; + } - memset( zeroes, 0, sizeof( zeroes ) ); + memset(zeroes, 0, sizeof(zeroes)); - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, - zeroes, - 16U - partial_block_len ) ); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, + zeroes, + 16U - partial_block_len); } /** @@ -75,86 +58,89 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) * * \param ctx The ChaCha20-Poly1305 context. */ -static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) +static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx) { - uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U ); + uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U); unsigned char zeroes[15]; - if( partial_block_len == 0U ) - return( 0 ); + if (partial_block_len == 0U) { + return 0; + } - memset( zeroes, 0, sizeof( zeroes ) ); - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, - zeroes, - 16U - partial_block_len ) ); + memset(zeroes, 0, sizeof(zeroes)); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, + zeroes, + 16U - partial_block_len); } -void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) +void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx) { - CHACHAPOLY_VALIDATE( ctx != NULL ); + CHACHAPOLY_VALIDATE(ctx != NULL); - mbedtls_chacha20_init( &ctx->chacha20_ctx ); - mbedtls_poly1305_init( &ctx->poly1305_ctx ); + mbedtls_chacha20_init(&ctx->chacha20_ctx); + mbedtls_poly1305_init(&ctx->poly1305_ctx); ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_INIT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } -void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) +void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_chacha20_free( &ctx->chacha20_ctx ); - mbedtls_poly1305_free( &ctx->poly1305_ctx ); + mbedtls_chacha20_free(&ctx->chacha20_ctx); + mbedtls_poly1305_free(&ctx->poly1305_ctx); ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_INIT; ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } -int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, - const unsigned char key[32] ) +int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx, + const unsigned char key[32]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( key != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(key != NULL); - ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); + ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key); - return( ret ); + return ret; } -int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, - const unsigned char nonce[12], - mbedtls_chachapoly_mode_t mode ) +int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx, + const unsigned char nonce[12], + mbedtls_chachapoly_mode_t mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char poly1305_key[64]; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); /* Set counter = 0, will be update to 1 when generating Poly1305 key */ - ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); - if( ret != 0 ) + ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U); + if (ret != 0) { goto cleanup; + } /* Generate the Poly1305 key by getting the ChaCha20 keystream output with * counter = 0. This is the same as encrypting a buffer of zeroes. * Only the first 256-bits (32 bytes) of the key is used for Poly1305. * The other 256 bits are discarded. */ - memset( poly1305_key, 0, sizeof( poly1305_key ) ); - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), - poly1305_key, poly1305_key ); - if( ret != 0 ) + memset(poly1305_key, 0, sizeof(poly1305_key)); + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key), + poly1305_key, poly1305_key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key ); + ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key); - if( ret == 0 ) - { + if (ret == 0) { ctx->aad_len = 0U; ctx->ciphertext_len = 0U; ctx->state = CHACHAPOLY_STATE_AAD; @@ -162,100 +148,99 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, } cleanup: - mbedtls_platform_zeroize( poly1305_key, 64U ); - return( ret ); + mbedtls_platform_zeroize(poly1305_key, 64U); + return ret; } -int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, - const unsigned char *aad, - size_t aad_len ) +int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx, + const unsigned char *aad, + size_t aad_len) { - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); - if( ctx->state != CHACHAPOLY_STATE_AAD ) - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if (ctx->state != CHACHAPOLY_STATE_AAD) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; + } ctx->aad_len += aad_len; - return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) ); + return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len); } -int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, - size_t len, - const unsigned char *input, - unsigned char *output ) +int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx, + size_t len, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(len == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(len == 0 || output != NULL); - if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && - ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) - { - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if ((ctx->state != CHACHAPOLY_STATE_AAD) && + (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; } - if( ctx->state == CHACHAPOLY_STATE_AAD ) - { + if (ctx->state == CHACHAPOLY_STATE_AAD) { ctx->state = CHACHAPOLY_STATE_CIPHERTEXT; - ret = chachapoly_pad_aad( ctx ); - if( ret != 0 ) - return( ret ); + ret = chachapoly_pad_aad(ctx); + if (ret != 0) { + return ret; + } } ctx->ciphertext_len += len; - if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT ) - { - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len ); - if( ret != 0 ) - return( ret ); - } - else /* DECRYPT */ - { - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output ); - if( ret != 0 ) - return( ret ); + if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) { + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output); + if (ret != 0) { + return ret; + } + + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len); + if (ret != 0) { + return ret; + } + } else { /* DECRYPT */ + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output); + if (ret != 0) { + return ret; + } } - return( 0 ); + return 0; } -int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, - unsigned char mac[16] ) +int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx, + unsigned char mac[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char len_block[16]; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( mac != NULL ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(mac != NULL); - if( ctx->state == CHACHAPOLY_STATE_INIT ) - { - return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + if (ctx->state == CHACHAPOLY_STATE_INIT) { + return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE; } - if( ctx->state == CHACHAPOLY_STATE_AAD ) - { - ret = chachapoly_pad_aad( ctx ); - if( ret != 0 ) - return( ret ); - } - else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT ) - { - ret = chachapoly_pad_ciphertext( ctx ); - if( ret != 0 ) - return( ret ); + if (ctx->state == CHACHAPOLY_STATE_AAD) { + ret = chachapoly_pad_aad(ctx); + if (ret != 0) { + return ret; + } + } else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) { + ret = chachapoly_pad_ciphertext(ctx); + if (ret != 0) { + return ret; + } } ctx->state = CHACHAPOLY_STATE_FINISHED; @@ -266,104 +251,104 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0); MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8); - ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U); + if (ret != 0) { + return ret; + } - ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac ); + ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac); - return( ret ); + return ret; } -static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx, - mbedtls_chachapoly_mode_t mode, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ) +static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx, + mbedtls_chachapoly_mode_t mode, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_chachapoly_starts( ctx, nonce, mode ); - if( ret != 0 ) + ret = mbedtls_chachapoly_starts(ctx, nonce, mode); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len ); - if( ret != 0 ) + ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_update( ctx, length, input, output ); - if( ret != 0 ) + ret = mbedtls_chachapoly_update(ctx, length, input, output); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_chachapoly_finish( ctx, tag ); + ret = mbedtls_chachapoly_finish(ctx, tag); cleanup: - return( ret ); + return ret; } -int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char *input, - unsigned char *output, - unsigned char tag[16] ) +int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char *input, + unsigned char *output, + unsigned char tag[16]) { - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); - CHACHAPOLY_VALIDATE_RET( tag != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); - - return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, - length, nonce, aad, aad_len, - input, output, tag ) ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); + CHACHAPOLY_VALIDATE_RET(tag != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || output != NULL); + + return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, + length, nonce, aad, aad_len, + input, output, tag); } -int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, - size_t length, - const unsigned char nonce[12], - const unsigned char *aad, - size_t aad_len, - const unsigned char tag[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, + size_t length, + const unsigned char nonce[12], + const unsigned char *aad, + size_t aad_len, + const unsigned char tag[16], + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - size_t i; int diff; - CHACHAPOLY_VALIDATE_RET( ctx != NULL ); - CHACHAPOLY_VALIDATE_RET( nonce != NULL ); - CHACHAPOLY_VALIDATE_RET( tag != NULL ); - CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); - CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); - - if( ( ret = chachapoly_crypt_and_tag( ctx, - MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, - aad, aad_len, input, output, check_tag ) ) != 0 ) - { - return( ret ); + CHACHAPOLY_VALIDATE_RET(ctx != NULL); + CHACHAPOLY_VALIDATE_RET(nonce != NULL); + CHACHAPOLY_VALIDATE_RET(tag != NULL); + CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || input != NULL); + CHACHAPOLY_VALIDATE_RET(length == 0 || output != NULL); + + if ((ret = chachapoly_crypt_and_tag(ctx, + MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, + aad, aad_len, input, output, check_tag)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < sizeof( check_tag ); i++ ) - diff |= tag[i] ^ check_tag[i]; + diff = mbedtls_ct_memcmp(tag, check_tag, sizeof(check_tag)); - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CHACHAPOLY_ALT */ @@ -459,20 +444,20 @@ static const unsigned char test_mac[1][16] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_chachapoly_self_test( int verbose ) +int mbedtls_chachapoly_self_test(int verbose) { mbedtls_chachapoly_context ctx; unsigned i; @@ -480,43 +465,45 @@ int mbedtls_chachapoly_self_test( int verbose ) unsigned char output[200]; unsigned char mac[16]; - for( i = 0U; i < 1U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " ChaCha20-Poly1305 test %u ", i ); + for (i = 0U; i < 1U; i++) { + if (verbose != 0) { + mbedtls_printf(" ChaCha20-Poly1305 test %u ", i); + } - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] ); - ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) ); + ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]); + ASSERT(0 == ret, ("setkey() error code: %i\n", ret)); - ret = mbedtls_chachapoly_encrypt_and_tag( &ctx, - test_input_len[i], - test_nonce[i], - test_aad[i], - test_aad_len[i], - test_input[i], - output, - mac ); + ret = mbedtls_chachapoly_encrypt_and_tag(&ctx, + test_input_len[i], + test_nonce[i], + test_aad[i], + test_aad_len[i], + test_input[i], + output, + mac); - ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) ); + ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret)); - ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ), - ( "failure (wrong output)\n" ) ); + ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]), + ("failure (wrong output)\n")); - ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), - ( "failure (wrong MAC)\n" ) ); + ASSERT(0 == memcmp(mac, test_mac[i], 16U), + ("failure (wrong MAC)\n")); - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/check_crypto_config.h b/third_party/mbedtls/repo/library/check_crypto_config.h index d7ad16a6170..0ba32bfe0dd 100644 --- a/third_party/mbedtls/repo/library/check_crypto_config.h +++ b/third_party/mbedtls/repo/library/check_crypto_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -29,57 +17,57 @@ #define MBEDTLS_CHECK_CRYPTO_CONFIG_H #if defined(PSA_WANT_ALG_CCM) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA)) #error "PSA_WANT_ALG_CCM defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_CMAC) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \ - defined(PSA_WANT_KEY_TYPE_DES) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \ + defined(PSA_WANT_KEY_TYPE_DES)) #error "PSA_WANT_ALG_CMAC defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ - !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_ECDSA) && \ - !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_GCM) && \ - !( defined(PSA_WANT_KEY_TYPE_AES) || \ - defined(PSA_WANT_KEY_TYPE_CAMELLIA) ) + !(defined(PSA_WANT_KEY_TYPE_AES) || \ + defined(PSA_WANT_KEY_TYPE_CAMELLIA)) #error "PSA_WANT_ALG_GCM defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_OAEP) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PSS) && \ - !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) ) + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #endif diff --git a/third_party/mbedtls/repo/library/cipher.c b/third_party/mbedtls/repo/library/cipher.c index 4ec40d2cacd..37a2effc8f5 100644 --- a/third_party/mbedtls/repo/library/cipher.c +++ b/third_party/mbedtls/repo/library/cipher.c @@ -1,24 +1,12 @@ /** * \file cipher.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -30,6 +18,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#include "constant_time_internal.h" #include #include @@ -63,144 +52,146 @@ #include "mbedtls/nist_kw.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -#define CIPHER_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ) -#define CIPHER_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define CIPHER_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) +#define CIPHER_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) static int supported_init = 0; -const int *mbedtls_cipher_list( void ) +const int *mbedtls_cipher_list(void) { const mbedtls_cipher_definition_t *def; int *type; - if( ! supported_init ) - { + if (!supported_init) { def = mbedtls_cipher_definitions; type = mbedtls_cipher_supported; - while( def->type != 0 ) + while (def->type != 0) { *type++ = (*def++).type; + } *type = 0; supported_init = 1; } - return( mbedtls_cipher_supported ); + return mbedtls_cipher_supported; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( - const mbedtls_cipher_type_t cipher_type ) + const mbedtls_cipher_type_t cipher_type) { const mbedtls_cipher_definition_t *def; - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( def->type == cipher_type ) - return( def->info ); + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (def->type == cipher_type) { + return def->info; + } + } - return( NULL ); + return NULL; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( - const char *cipher_name ) + const char *cipher_name) { const mbedtls_cipher_definition_t *def; - if( NULL == cipher_name ) - return( NULL ); + if (NULL == cipher_name) { + return NULL; + } - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( ! strcmp( def->info->name, cipher_name ) ) - return( def->info ); + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (!strcmp(def->info->name, cipher_name)) { + return def->info; + } + } - return( NULL ); + return NULL; } const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, int key_bitlen, - const mbedtls_cipher_mode_t mode ) + const mbedtls_cipher_mode_t mode) { const mbedtls_cipher_definition_t *def; - for( def = mbedtls_cipher_definitions; def->info != NULL; def++ ) - if( def->info->base->cipher == cipher_id && + for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { + if (def->info->base->cipher == cipher_id && def->info->key_bitlen == (unsigned) key_bitlen && - def->info->mode == mode ) - return( def->info ); + def->info->mode == mode) { + return def->info; + } + } - return( NULL ); + return NULL; } -void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ) +void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx) { - CIPHER_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + CIPHER_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); } -void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) +void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { - if( ctx->cipher_ctx != NULL ) - { + if (ctx->psa_enabled == 1) { + if (ctx->cipher_ctx != NULL) { mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; - if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED ) - { + if (cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED) { /* xxx_free() doesn't allow to return failures. */ - (void) psa_destroy_key( cipher_psa->slot ); + (void) psa_destroy_key(cipher_psa->slot); } - mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) ); - mbedtls_free( cipher_psa ); + mbedtls_platform_zeroize(cipher_psa, sizeof(*cipher_psa)); + mbedtls_free(cipher_psa); } - mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); return; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_CMAC_C) - if( ctx->cmac_ctx ) - { - mbedtls_platform_zeroize( ctx->cmac_ctx, - sizeof( mbedtls_cmac_context_t ) ); - mbedtls_free( ctx->cmac_ctx ); + if (ctx->cmac_ctx) { + mbedtls_platform_zeroize(ctx->cmac_ctx, + sizeof(mbedtls_cmac_context_t)); + mbedtls_free(ctx->cmac_ctx); } #endif - if( ctx->cipher_ctx ) - ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx ); + if (ctx->cipher_ctx) { + ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx); + } - mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); } -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info ) +int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info) { - CIPHER_VALIDATE_RET( ctx != NULL ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } ctx->cipher_info = cipher_info; @@ -209,106 +200,112 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, * Ignore possible errors caused by a cipher mode that doesn't use padding */ #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 ); + (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_PKCS7); #else - (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE ); + (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_NONE); #endif #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx, - const mbedtls_cipher_info_t *cipher_info, - size_t taglen ) +int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info, + size_t taglen) { psa_algorithm_t alg; mbedtls_cipher_context_psa *cipher_psa; - if( NULL == cipher_info || NULL == ctx ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == cipher_info || NULL == ctx) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* Check that the underlying cipher mode and cipher type are * supported by the underlying PSA Crypto implementation. */ - alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen ); - if( alg == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen); + if (alg == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) ); - if( cipher_psa == NULL ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + cipher_psa = mbedtls_calloc(1, sizeof(mbedtls_cipher_context_psa)); + if (cipher_psa == NULL) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } cipher_psa->alg = alg; ctx->cipher_ctx = cipher_psa; ctx->cipher_info = cipher_info; ctx->psa_enabled = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, - const unsigned char *key, - int key_bitlen, - const mbedtls_operation_t operation ) +int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( key != NULL ); - CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT || - operation == MBEDTLS_DECRYPT ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(key != NULL); + CIPHER_VALIDATE_RET(operation == MBEDTLS_ENCRYPT || + operation == MBEDTLS_DECRYPT); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; - size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8; + size_t const key_bytelen = ((size_t) key_bitlen + 7) / 8; psa_status_t status; psa_key_type_t key_type; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* PSA Crypto API only accepts byte-aligned keys. */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen % 8 != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* Don't allow keys to be set multiple times. */ - if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } key_type = mbedtls_psa_translate_cipher_type( - ctx->cipher_info->type ); - if( key_type == 0 ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - psa_set_key_type( &attributes, key_type ); + ctx->cipher_info->type); + if (key_type == 0) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + psa_set_key_type(&attributes, key_type); /* Mbed TLS' cipher layer doesn't enforce the mode of operation * (encrypt vs. decrypt): it is possible to setup a key for encryption * and use it for AEAD decryption. Until tests relying on this * are changed, allow any usage in PSA. */ - psa_set_key_usage_flags( &attributes, - /* mbedtls_psa_translate_cipher_operation( operation ); */ - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, cipher_psa->alg ); - - status = psa_import_key( &attributes, key, key_bytelen, - &cipher_psa->slot ); - switch( status ) - { + psa_set_key_usage_flags(&attributes, + /* mbedtls_psa_translate_cipher_operation( operation ); */ + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, cipher_psa->alg); + + status = psa_import_key(&attributes, key, key_bytelen, + &cipher_psa->slot); + switch (status) { case PSA_SUCCESS: break; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; default: - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; } /* Indicate that we own the key slot and need to * destroy it in mbedtls_cipher_free(). */ @@ -316,14 +313,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, ctx->key_bitlen = key_bitlen; ctx->operation = operation; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && - (int) ctx->cipher_info->key_bitlen != key_bitlen ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 && + (int) ctx->cipher_info->key_bitlen != key_bitlen) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } ctx->key_bitlen = key_bitlen; @@ -332,257 +328,258 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, /* * For OFB, CFB and CTR mode always use the encryption key schedule */ - if( MBEDTLS_ENCRYPT == operation || + if (MBEDTLS_ENCRYPT == operation || MBEDTLS_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) - { - return( ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, - ctx->key_bitlen ) ); + MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { + return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key, + ctx->key_bitlen); } - if( MBEDTLS_DECRYPT == operation ) - return( ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, - ctx->key_bitlen ) ); + if (MBEDTLS_DECRYPT == operation) { + return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key, + ctx->key_bitlen); + } - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, - size_t iv_len ) +int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, + size_t iv_len) { size_t actual_iv_size; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* avoid buffer overflow in ctx->iv */ - if( iv_len > MBEDTLS_MAX_IV_LENGTH ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (iv_len > MBEDTLS_MAX_IV_LENGTH) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 ) + if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) { actual_iv_size = iv_len; - else - { + } else { actual_iv_size = ctx->cipher_info->iv_size; /* avoid reading past the end of input buffer */ - if( actual_iv_size > iv_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (actual_iv_size > iv_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } } #if defined(MBEDTLS_CHACHA20_C) - if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 ) - { - if ( 0 != mbedtls_chacha20_starts( (mbedtls_chacha20_context*)ctx->cipher_ctx, - iv, - 0U ) ) /* Initial counter value */ - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) { + /* Even though the actual_iv_size is overwritten with a correct value + * of 12 from the cipher info, return an error to indicate that + * the input iv_len is wrong. */ + if (iv_len != 12) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } + + if (0 != mbedtls_chacha20_starts((mbedtls_chacha20_context *) ctx->cipher_ctx, + iv, + 0U)) { /* Initial counter value */ + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + } +#if defined(MBEDTLS_CHACHAPOLY_C) + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 && + iv_len != 12) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } +#endif #endif - if ( actual_iv_size != 0 ) - { - memcpy( ctx->iv, iv, actual_iv_size ); + if (actual_iv_size != 0) { + memcpy(ctx->iv, iv, actual_iv_size); ctx->iv_size = actual_iv_size; } - return( 0 ); + return 0; } -int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) +int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx) { - CIPHER_VALIDATE_RET( ctx != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* We don't support resetting PSA-based * cipher contexts, yet. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ ctx->unprocessed_len = 0; - return( 0 ); + return 0; } #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, - const unsigned char *ad, size_t ad_len ) +int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, + const unsigned char *ad, size_t ad_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { - return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, - ctx->iv, ctx->iv_size, ad, ad_len ) ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, + ctx->iv, ctx->iv_size, ad, ad_len); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { int result; mbedtls_chachapoly_mode_t mode; - mode = ( ctx->operation == MBEDTLS_ENCRYPT ) + mode = (ctx->operation == MBEDTLS_ENCRYPT) ? MBEDTLS_CHACHAPOLY_ENCRYPT : MBEDTLS_CHACHAPOLY_DECRYPT; - result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ctx->iv, - mode ); - if ( result != 0 ) - return( result ); + result = mbedtls_chachapoly_starts((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ctx->iv, + mode); + if (result != 0) { + return result; + } - return( mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ad, ad_len ) ); + return mbedtls_chachapoly_update_aad((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ad, ad_len); } #endif - return( 0 ); + return 0; } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ -int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, - size_t ilen, unsigned char *output, size_t *olen ) +int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, + size_t ilen, unsigned char *output, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t block_size; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ *olen = 0; - block_size = mbedtls_cipher_get_block_size( ctx ); - if ( 0 == block_size ) - { - return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); + block_size = mbedtls_cipher_get_block_size(ctx); + if (0 == block_size) { + return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; } - if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB ) - { - if( ilen != block_size ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) { + if (ilen != block_size) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } *olen = ilen; - if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx, - ctx->operation, input, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx, + ctx->operation, input, output))) { + return ret; } - return( 0 ); + return 0; } #if defined(MBEDTLS_GCM_C) - if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM ) - { + if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) { *olen = ilen; - return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, - output ) ); + return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, + output); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) - { + if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { *olen = ilen; - return( mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ilen, input, output ) ); + return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx, + ilen, input, output); } #endif - if( input == output && - ( ctx->unprocessed_len != 0 || ilen % block_size ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (input == output && + (ctx->unprocessed_len != 0 || ilen % block_size)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC ) - { + if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) { size_t copy_len = 0; /* * If there is not enough data for a full block, cache it. */ - if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding && - ilen <= block_size - ctx->unprocessed_len ) || - ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding && - ilen < block_size - ctx->unprocessed_len ) || - ( ctx->operation == MBEDTLS_ENCRYPT && - ilen < block_size - ctx->unprocessed_len ) ) - { - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, - ilen ); + if ((ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding && + ilen <= block_size - ctx->unprocessed_len) || + (ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding && + ilen < block_size - ctx->unprocessed_len) || + (ctx->operation == MBEDTLS_ENCRYPT && + ilen < block_size - ctx->unprocessed_len)) { + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, + ilen); ctx->unprocessed_len += ilen; - return( 0 ); + return 0; } /* * Process cached data first */ - if( 0 != ctx->unprocessed_len ) - { + if (0 != ctx->unprocessed_len) { copy_len = block_size - ctx->unprocessed_len; - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, - copy_len ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, + copy_len); - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, block_size, ctx->iv, - ctx->unprocessed_data, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, block_size, ctx->iv, + ctx->unprocessed_data, output))) { + return ret; } *olen += block_size; @@ -596,22 +593,20 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * Cache final, incomplete block */ - if( 0 != ilen ) - { + if (0 != ilen) { /* Encryption: only cache partial blocks * Decryption w/ padding: always keep at least one whole block * Decryption w/o padding: only cache partial blocks */ copy_len = ilen % block_size; - if( copy_len == 0 && + if (copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT && - NULL != ctx->add_padding) - { + NULL != ctx->add_padding) { copy_len = block_size; } - memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ), - copy_len ); + memcpy(ctx->unprocessed_data, &(input[ilen - copy_len]), + copy_len); ctx->unprocessed_len += copy_len; ilen -= copy_len; @@ -620,105 +615,96 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * Process remaining full blocks */ - if( ilen ) - { - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output ) ) ) - { - return( ret ); + if (ilen) { + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, ilen, ctx->iv, input, + output))) { + return ret; } *olen += ilen; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB ) - { - if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx, - ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, - input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { + if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx, + ctx->operation, ilen, + &ctx->unprocessed_len, ctx->iv, + input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - if( ctx->cipher_info->mode == MBEDTLS_MODE_OFB ) - { - if( 0 != ( ret = ctx->cipher_info->base->ofb_func( ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { + if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, + input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR ) - { - if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - ctx->unprocessed_data, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { + if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, + ctx->unprocessed_data, input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - if( ctx->cipher_info->mode == MBEDTLS_MODE_XTS ) - { - if( ctx->unprocessed_len > 0 ) { + if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) { + if (ctx->unprocessed_len > 0) { /* We can only process an entire data unit at a time. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - ret = ctx->cipher_info->base->xts_func( ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output ); - if( ret != 0 ) - { - return( ret ); + ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx, + ctx->operation, ilen, ctx->iv, input, output); + if (ret != 0) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_STREAM) - if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM ) - { - if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx, - ilen, input, output ) ) ) - { - return( ret ); + if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { + if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx, + ilen, input, output))) { + return ret; } *olen = ilen; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_STREAM */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) @@ -726,39 +712,42 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i /* * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len */ -static void add_pkcs_padding( unsigned char *output, size_t output_len, - size_t data_len ) +static void add_pkcs_padding(unsigned char *output, size_t output_len, + size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i; - for( i = 0; i < padding_len; i++ ) + for (i = 0; i < padding_len; i++) { output[data_len + i] = (unsigned char) padding_len; + } } -static int get_pkcs_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_pkcs_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i, pad_idx; unsigned char padding_len, bad = 0; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } padding_len = input[input_len - 1]; *data_len = input_len - padding_len; /* Avoid logical || since it results in a branch */ - bad |= padding_len > input_len; - bad |= padding_len == 0; + bad |= ~mbedtls_ct_size_mask_ge(input_len, padding_len); + bad |= mbedtls_ct_size_bool_eq(padding_len, 0); /* The number of bytes checked must be independent of padding_len, * so pick input_len, which is usually 8 or 16 (one block) */ pad_idx = input_len - padding_len; - for( i = 0; i < input_len; i++ ) - bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx ); - - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + for (i = 0; i < input_len; i++) { + size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx); + bad |= (input[i] ^ padding_len) & mask; + } + return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0); } #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ @@ -766,38 +755,44 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len, /* * One and zeros padding: fill with 80 00 ... 00 */ -static void add_one_and_zeros_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_one_and_zeros_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i = 0; output[data_len] = 0x80; - for( i = 1; i < padding_len; i++ ) + for (i = 1; i < padding_len; i++) { output[data_len + i] = 0x00; + } } -static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_one_and_zeros_padding(unsigned char *input, size_t input_len, + size_t *data_len) { - size_t i; - unsigned char done = 0, prev_done, bad; + unsigned int bad = 1; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - bad = 0x80; *data_len = 0; - for( i = input_len; i > 0; i-- ) - { - prev_done = done; - done |= ( input[i - 1] != 0 ); - *data_len |= ( i - 1 ) * ( done != prev_done ); - bad ^= input[i - 1] * ( done != prev_done ); - } + size_t in_padding = ~0; + + for (ptrdiff_t i = (ptrdiff_t) (input_len) - 1; i >= 0; i--) { + size_t is_nonzero = mbedtls_ct_uint_mask(input[i]); + + size_t hit_first_nonzero = is_nonzero & in_padding; + + *data_len = (*data_len & ~hit_first_nonzero) | ((size_t) i & hit_first_nonzero); - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + bad = mbedtls_ct_uint_if((unsigned int) hit_first_nonzero, + !mbedtls_ct_size_bool_eq(input[i], 0x80), bad); + in_padding = in_padding & ~is_nonzero; + } + + return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0); } #endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ @@ -805,39 +800,43 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len, /* * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length */ -static void add_zeros_and_len_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_zeros_and_len_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t padding_len = output_len - data_len; unsigned char i = 0; - for( i = 1; i < padding_len; i++ ) + for (i = 1; i < padding_len; i++) { output[data_len + i - 1] = 0x00; + } output[output_len - 1] = (unsigned char) padding_len; } -static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i, pad_idx; unsigned char padding_len, bad = 0; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } padding_len = input[input_len - 1]; *data_len = input_len - padding_len; /* Avoid logical || since it results in a branch */ - bad |= padding_len > input_len; - bad |= padding_len == 0; + bad |= mbedtls_ct_size_mask_ge(padding_len, input_len + 1); + bad |= mbedtls_ct_size_bool_eq(padding_len, 0); /* The number of bytes checked must be independent of padding_len */ pad_idx = input_len - padding_len; - for( i = 0; i < input_len - 1; i++ ) - bad |= input[i] * ( i >= pad_idx ); + for (i = 0; i < input_len - 1; i++) { + size_t mask = mbedtls_ct_size_mask_ge(i, pad_idx); + bad |= input[i] & mask; + } - return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); + return -(int) mbedtls_ct_uint_if(bad, -MBEDTLS_ERR_CIPHER_INVALID_PADDING, 0); } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ @@ -845,33 +844,35 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len, /* * Zero padding: fill with 00 ... 00 */ -static void add_zeros_padding( unsigned char *output, - size_t output_len, size_t data_len ) +static void add_zeros_padding(unsigned char *output, + size_t output_len, size_t data_len) { size_t i; - for( i = data_len; i < output_len; i++ ) + for (i = data_len; i < output_len; i++) { output[i] = 0x00; + } } -static int get_zeros_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_zeros_padding(unsigned char *input, size_t input_len, + size_t *data_len) { size_t i; unsigned char done = 0, prev_done; - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } *data_len = 0; - for( i = input_len; i > 0; i-- ) - { + for (i = input_len; i > 0; i--) { prev_done = done; - done |= ( input[i-1] != 0 ); - *data_len |= i * ( done != prev_done ); + done |= !mbedtls_ct_size_bool_eq(input[i-1], 0); + size_t mask = mbedtls_ct_size_mask(done ^ prev_done); + *data_len |= i & mask; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ @@ -881,247 +882,244 @@ static int get_zeros_padding( unsigned char *input, size_t input_len, * There is no add_padding function (check for NULL in mbedtls_cipher_finish) * but a trivial get_padding function */ -static int get_no_padding( unsigned char *input, size_t input_len, - size_t *data_len ) +static int get_no_padding(unsigned char *input, size_t input_len, + size_t *data_len) { - if( NULL == input || NULL == data_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == input || NULL == data_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } *data_len = input_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ -int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output, size_t *olen ) +int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output, size_t *olen) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ *olen = 0; - if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode || + if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode || MBEDTLS_MODE_GCM == ctx->cipher_info->mode || MBEDTLS_MODE_XTS == ctx->cipher_info->mode || - MBEDTLS_MODE_STREAM == ctx->cipher_info->mode ) - { - return( 0 ); + MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) { + return 0; } - if ( ( MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type ) || - ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) ) - { - return( 0 ); + if ((MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type) || + (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) { + return 0; } - if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode ) - { - if( ctx->unprocessed_len != 0 ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) { + if (ctx->unprocessed_len != 0) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) { int ret = 0; - if( MBEDTLS_ENCRYPT == ctx->operation ) - { + if (MBEDTLS_ENCRYPT == ctx->operation) { /* check for 'no padding' mode */ - if( NULL == ctx->add_padding ) - { - if( 0 != ctx->unprocessed_len ) - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + if (NULL == ctx->add_padding) { + if (0 != ctx->unprocessed_len) { + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } - return( 0 ); + return 0; } - ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ), - ctx->unprocessed_len ); - } - else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len ) - { + ctx->add_padding(ctx->unprocessed_data, mbedtls_cipher_get_iv_size(ctx), + ctx->unprocessed_len); + } else if (mbedtls_cipher_get_block_size(ctx) != ctx->unprocessed_len) { /* * For decrypt operations, expect a full block, * or an empty block if no padding */ - if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len ) - return( 0 ); + if (NULL == ctx->add_padding && 0 == ctx->unprocessed_len) { + return 0; + } - return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } /* cipher block */ - if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, - ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv, - ctx->unprocessed_data, output ) ) ) - { - return( ret ); + if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, + ctx->operation, + mbedtls_cipher_get_block_size(ctx), + ctx->iv, + ctx->unprocessed_data, output))) { + return ret; } /* Set output size for decryption */ - if( MBEDTLS_DECRYPT == ctx->operation ) - return( ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ), - olen ) ); + if (MBEDTLS_DECRYPT == ctx->operation) { + return ctx->get_padding(output, mbedtls_cipher_get_block_size(ctx), + olen); + } /* Set output size for encryption */ - *olen = mbedtls_cipher_get_block_size( ctx ); - return( 0 ); + *olen = mbedtls_cipher_get_block_size(ctx); + return 0; } #else ((void) output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, - mbedtls_cipher_padding_t mode ) +int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode) { - CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); - if( NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto knows about CBC padding * schemes, we currently don't make them * accessible through the cipher layer. */ - if( mode != MBEDTLS_PADDING_NONE ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (mode != MBEDTLS_PADDING_NONE) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - switch( mode ) - { + switch (mode) { #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - case MBEDTLS_PADDING_PKCS7: - ctx->add_padding = add_pkcs_padding; - ctx->get_padding = get_pkcs_padding; - break; + case MBEDTLS_PADDING_PKCS7: + ctx->add_padding = add_pkcs_padding; + ctx->get_padding = get_pkcs_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - case MBEDTLS_PADDING_ONE_AND_ZEROS: - ctx->add_padding = add_one_and_zeros_padding; - ctx->get_padding = get_one_and_zeros_padding; - break; + case MBEDTLS_PADDING_ONE_AND_ZEROS: + ctx->add_padding = add_one_and_zeros_padding; + ctx->get_padding = get_one_and_zeros_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - case MBEDTLS_PADDING_ZEROS_AND_LEN: - ctx->add_padding = add_zeros_and_len_padding; - ctx->get_padding = get_zeros_and_len_padding; - break; + case MBEDTLS_PADDING_ZEROS_AND_LEN: + ctx->add_padding = add_zeros_and_len_padding; + ctx->get_padding = get_zeros_and_len_padding; + break; #endif #if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - case MBEDTLS_PADDING_ZEROS: - ctx->add_padding = add_zeros_padding; - ctx->get_padding = get_zeros_padding; - break; + case MBEDTLS_PADDING_ZEROS: + ctx->add_padding = add_zeros_padding; + ctx->get_padding = get_zeros_padding; + break; #endif - case MBEDTLS_PADDING_NONE: - ctx->add_padding = NULL; - ctx->get_padding = get_no_padding; - break; + case MBEDTLS_PADDING_NONE: + ctx->add_padding = NULL; + ctx->get_padding = get_no_padding; + break; - default: - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + default: + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, - unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, + unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( MBEDTLS_ENCRYPT != ctx->operation ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (MBEDTLS_ENCRYPT != ctx->operation) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, - tag, tag_len ) ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + return mbedtls_gcm_finish((mbedtls_gcm_context *) ctx->cipher_ctx, + tag, tag_len); + } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* Don't allow truncated MAC for Poly1305 */ - if ( tag_len != 16U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (tag_len != 16U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( mbedtls_chachapoly_finish( - (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) ); + return mbedtls_chachapoly_finish( + (mbedtls_chachapoly_context *) ctx->cipher_ctx, tag); } #endif - return( 0 ); + return 0; } -int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, - const unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, + const unsigned char *tag, size_t tag_len) { unsigned char check_tag[16]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - if( ctx->cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + if (ctx->cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( MBEDTLS_DECRYPT != ctx->operation ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (MBEDTLS_DECRYPT != ctx->operation) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -1132,21 +1130,19 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, ret = 0; #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { - if( tag_len > sizeof( check_tag ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - if( 0 != ( ret = mbedtls_gcm_finish( - (mbedtls_gcm_context *) ctx->cipher_ctx, - check_tag, tag_len ) ) ) - { - return( ret ); + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (tag_len > sizeof(check_tag)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + + if (0 != (ret = mbedtls_gcm_finish( + (mbedtls_gcm_context *) ctx->cipher_ctx, + check_tag, tag_len))) { + return ret; } /* Check the tag in "constant-time" */ - if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - { + if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto exit; } @@ -1154,22 +1150,20 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* Don't allow truncated MAC for Poly1305 */ - if ( tag_len != sizeof( check_tag ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (tag_len != sizeof(check_tag)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } ret = mbedtls_chachapoly_finish( - (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag ); - if ( ret != 0 ) - { - return( ret ); + (mbedtls_chachapoly_context *) ctx->cipher_ctx, check_tag); + if (ret != 0) { + return ret; } /* Check the tag in "constant-time" */ - if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 ) - { + if (mbedtls_ct_memcmp(tag, check_tag, tag_len) != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto exit; } @@ -1177,31 +1171,30 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_CHACHAPOLY_C */ exit: - mbedtls_platform_zeroize( check_tag, tag_len ); - return( ret ); + mbedtls_platform_zeroize(check_tag, tag_len); + return ret; } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ /* * Packet-oriented wrapper for non-AEAD modes */ -int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ) +int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t finish_olen; - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1214,69 +1207,73 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; size_t part_len; - if( ctx->operation == MBEDTLS_DECRYPT ) - { - status = psa_cipher_decrypt_setup( &cipher_op, - cipher_psa->slot, - cipher_psa->alg ); + if (ctx->operation == MBEDTLS_DECRYPT) { + status = psa_cipher_decrypt_setup(&cipher_op, + cipher_psa->slot, + cipher_psa->alg); + } else if (ctx->operation == MBEDTLS_ENCRYPT) { + status = psa_cipher_encrypt_setup(&cipher_op, + cipher_psa->slot, + cipher_psa->alg); + } else { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - else if( ctx->operation == MBEDTLS_ENCRYPT ) - { - status = psa_cipher_encrypt_setup( &cipher_op, - cipher_psa->slot, - cipher_psa->alg ); - } - else - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* In the following, we can immediately return on an error, * because the PSA Crypto API guarantees that cipher operations * are terminated by unsuccessful calls to psa_cipher_update(), * and by any call to psa_cipher_finish(). */ - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - - if( ctx->cipher_info->mode != MBEDTLS_MODE_ECB ) - { - status = psa_cipher_set_iv( &cipher_op, iv, iv_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; } - status = psa_cipher_update( &cipher_op, - input, ilen, - output, ilen, olen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) { + status = psa_cipher_set_iv(&cipher_op, iv, iv_len); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } + } + + status = psa_cipher_update(&cipher_op, + input, ilen, + output, ilen, olen); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } - status = psa_cipher_finish( &cipher_op, - output + *olen, ilen - *olen, - &part_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_cipher_finish(&cipher_op, + output + *olen, ilen - *olen, + &part_len); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } *olen += part_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_set_iv(ctx, iv, iv_len)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_reset(ctx)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_update( ctx, input, ilen, - output, olen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_update(ctx, input, ilen, + output, olen)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, - &finish_olen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_finish(ctx, output + *olen, + &finish_olen)) != 0) { + return ret; + } *olen += finish_olen; - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_AEAD) @@ -1284,16 +1281,15 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, * Packet-oriented encryption for AEAD modes: internal function shared by * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). */ -static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) +static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1306,74 +1302,71 @@ static int mbedtls_cipher_aead_encrypt( mbedtls_cipher_context_t *ctx, /* PSA Crypto API always writes the authentication tag * at the end of the encrypted message. */ - if( output == NULL || tag != output + ilen ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (output == NULL || tag != output + ilen) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - status = psa_aead_encrypt( cipher_psa->slot, - cipher_psa->alg, - iv, iv_len, - ad, ad_len, - input, ilen, - output, ilen + tag_len, olen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); + status = psa_aead_encrypt(cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen, + output, ilen + tag_len, olen); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } *olen -= tag_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { *olen = ilen; - return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, - ilen, iv, iv_len, ad, ad_len, - input, output, tag_len, tag ) ); + return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, + ilen, iv, iv_len, ad, ad_len, + input, output, tag_len, tag); } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { *olen = ilen; - return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, input, output, - tag, tag_len ) ); + return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, input, output, + tag, tag_len); } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ( ( iv_len != ctx->cipher_info->iv_size ) || - ( tag_len != 16U ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((iv_len != ctx->cipher_info->iv_size) || + (tag_len != 16U)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } *olen = ilen; - return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx, - ilen, iv, ad, ad_len, input, output, tag ) ); + return mbedtls_chachapoly_encrypt_and_tag(ctx->cipher_ctx, + ilen, iv, ad, ad_len, input, output, tag); } #endif /* MBEDTLS_CHACHAPOLY_C */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } /* * Packet-oriented encryption for AEAD modes: internal function shared by * mbedtls_cipher_auth_encrypt() and mbedtls_cipher_auth_encrypt_ext(). */ -static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) +static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ctx->psa_enabled == 1 ) - { + if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will * still be in its default state of 0, which is @@ -1386,127 +1379,128 @@ static int mbedtls_cipher_aead_decrypt( mbedtls_cipher_context_t *ctx, /* PSA Crypto API always writes the authentication tag * at the end of the encrypted message. */ - if( input == NULL || tag != input + ilen ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - - status = psa_aead_decrypt( cipher_psa->slot, - cipher_psa->alg, - iv, iv_len, - ad, ad_len, - input, ilen + tag_len, - output, ilen, olen ); - if( status == PSA_ERROR_INVALID_SIGNATURE ) - return( MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - else if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED ); - - return( 0 ); + if (input == NULL || tag != input + ilen) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } + + status = psa_aead_decrypt(cipher_psa->slot, + cipher_psa->alg, + iv, iv_len, + ad, ad_len, + input, ilen + tag_len, + output, ilen, olen); + if (status == PSA_ERROR_INVALID_SIGNATURE) { + return MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } else if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED; + } + + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_GCM_C) - if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; - ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, - tag, tag_len, input, output ); + ret = mbedtls_gcm_auth_decrypt(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, + tag, tag_len, input, output); - if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_GCM_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode ) - { + if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; - ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen, - iv, iv_len, ad, ad_len, - input, output, tag, tag_len ); + ret = mbedtls_ccm_auth_decrypt(ctx->cipher_ctx, ilen, + iv, iv_len, ad, ad_len, + input, output, tag, tag_len); - if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_CCM_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) - { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ( ( iv_len != ctx->cipher_info->iv_size ) || - ( tag_len != 16U ) ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if ((iv_len != ctx->cipher_info->iv_size) || + (tag_len != 16U)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } *olen = ilen; - ret = mbedtls_chachapoly_auth_decrypt( ctx->cipher_ctx, ilen, - iv, ad, ad_len, tag, input, output ); + ret = mbedtls_chachapoly_auth_decrypt(ctx->cipher_ctx, ilen, + iv, ad, ad_len, tag, input, output); - if( ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED ) + if (ret == MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; + } - return( ret ); + return ret; } #endif /* MBEDTLS_CHACHAPOLY_C */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) /* * Packet-oriented encryption for AEAD modes: public legacy function. */ -int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + + return mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + tag, tag_len); } /* * Packet-oriented decryption for AEAD modes: public legacy function. */ -int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, - const unsigned char *tag, size_t tag_len ) +int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, + const unsigned char *tag, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); - CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); - - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - tag, tag_len ) ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); + CIPHER_VALIDATE_RET(tag_len == 0 || tag != NULL); + + return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + tag, tag_len); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */ @@ -1515,110 +1509,112 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ -int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ) +int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_NIST_KW_C) - if( + if ( #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - ( MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) ) - { - mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ctx->cipher_info->mode || + MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { + mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ - if( iv_len != 0 || tag_len != 0 || ad_len != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (iv_len != 0 || tag_len != 0 || ad_len != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } (void) iv; (void) ad; - return( mbedtls_nist_kw_wrap( ctx->cipher_ctx, mode, input, ilen, - output, olen, output_len ) ); + return mbedtls_nist_kw_wrap(ctx->cipher_ctx, mode, input, ilen, + output, olen, output_len); } #endif /* MBEDTLS_NIST_KW_C */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ - if( output_len < ilen + tag_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (output_len < ilen + tag_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - int ret = mbedtls_cipher_aead_encrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen, output, olen, - output + ilen, tag_len ); + int ret = mbedtls_cipher_aead_encrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen, output, olen, + output + ilen, tag_len); *olen += tag_len; - return( ret ); + return ret; #else - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_MODE_AEAD */ } /* * Packet-oriented decryption for AEAD/NIST_KW: public function. */ -int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t output_len, - size_t *olen, size_t tag_len ) +int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, + const unsigned char *iv, size_t iv_len, + const unsigned char *ad, size_t ad_len, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t output_len, + size_t *olen, size_t tag_len) { - CIPHER_VALIDATE_RET( ctx != NULL ); - CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); - CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); - CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); - CIPHER_VALIDATE_RET( output_len == 0 || output != NULL ); - CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET(ctx != NULL); + CIPHER_VALIDATE_RET(iv_len == 0 || iv != NULL); + CIPHER_VALIDATE_RET(ad_len == 0 || ad != NULL); + CIPHER_VALIDATE_RET(ilen == 0 || input != NULL); + CIPHER_VALIDATE_RET(output_len == 0 || output != NULL); + CIPHER_VALIDATE_RET(olen != NULL); #if defined(MBEDTLS_NIST_KW_C) - if( + if ( #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_enabled == 0 && #endif - ( MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode ) ) - { - mbedtls_nist_kw_mode_t mode = ( MBEDTLS_MODE_KW == ctx->cipher_info->mode ) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ctx->cipher_info->mode || + MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { + mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ - if( iv_len != 0 || tag_len != 0 || ad_len != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (iv_len != 0 || tag_len != 0 || ad_len != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } (void) iv; (void) ad; - return( mbedtls_nist_kw_unwrap( ctx->cipher_ctx, mode, input, ilen, - output, olen, output_len ) ); + return mbedtls_nist_kw_unwrap(ctx->cipher_ctx, mode, input, ilen, + output, olen, output_len); } #endif /* MBEDTLS_NIST_KW_C */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ - if( ilen < tag_len || output_len < ilen - tag_len ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ilen < tag_len || output_len < ilen - tag_len) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( mbedtls_cipher_aead_decrypt( ctx, iv, iv_len, ad, ad_len, - input, ilen - tag_len, output, olen, - input + ilen - tag_len, tag_len ) ); + return mbedtls_cipher_aead_decrypt(ctx, iv, iv_len, ad, ad_len, + input, ilen - tag_len, output, olen, + input + ilen - tag_len, tag_len); #else - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_MODE_AEAD */ } #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ diff --git a/third_party/mbedtls/repo/library/cipher_wrap.c b/third_party/mbedtls/repo/library/cipher_wrap.c index 57eb3cb67fb..5f8dde3f4a3 100644 --- a/third_party/mbedtls/repo/library/cipher_wrap.c +++ b/third_party/mbedtls/repo/library/cipher_wrap.c @@ -1,24 +1,12 @@ /** * \file cipher_wrap.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -76,110 +64,105 @@ #include #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ -static void *gcm_ctx_alloc( void ) +static void *gcm_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_gcm_context)); - if( ctx != NULL ) - mbedtls_gcm_init( (mbedtls_gcm_context *) ctx ); + if (ctx != NULL) { + mbedtls_gcm_init((mbedtls_gcm_context *) ctx); + } - return( ctx ); + return ctx; } -static void gcm_ctx_free( void *ctx ) +static void gcm_ctx_free(void *ctx) { - mbedtls_gcm_free( ctx ); - mbedtls_free( ctx ); + mbedtls_gcm_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) /* shared by all CCM ciphers */ -static void *ccm_ctx_alloc( void ) +static void *ccm_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ccm_context)); - if( ctx != NULL ) - mbedtls_ccm_init( (mbedtls_ccm_context *) ctx ); + if (ctx != NULL) { + mbedtls_ccm_init((mbedtls_ccm_context *) ctx); + } - return( ctx ); + return ctx; } -static void ccm_ctx_free( void *ctx ) +static void ccm_ctx_free(void *ctx) { - mbedtls_ccm_free( ctx ); - mbedtls_free( ctx ); + mbedtls_ccm_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_AES_C) -static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output ); + return mbedtls_aes_crypt_ecb((mbedtls_aes_context *) ctx, operation, input, output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int aes_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_aes_crypt_cbc((mbedtls_aes_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv, - input, output ); + return mbedtls_aes_crypt_cfb128((mbedtls_aes_context *) ctx, operation, length, iv_off, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) -static int aes_crypt_ofb_wrap( void *ctx, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int aes_crypt_ofb_wrap(void *ctx, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ofb( (mbedtls_aes_context *) ctx, length, iv_off, - iv, input, output ); + return mbedtls_aes_crypt_ofb((mbedtls_aes_context *) ctx, length, iv_off, + iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int aes_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, - stream_block, input, output ); + return mbedtls_aes_crypt_ctr((mbedtls_aes_context *) ctx, length, nc_off, nonce_counter, + stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, - const unsigned char data_unit[16], - const unsigned char *input, - unsigned char *output ) +static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, + const unsigned char data_unit[16], + const unsigned char *input, + unsigned char *output) { mbedtls_aes_xts_context *xts_ctx = ctx; int mode; - switch( operation ) - { + switch (operation) { case MBEDTLS_ENCRYPT: mode = MBEDTLS_AES_ENCRYPT; break; @@ -190,39 +173,40 @@ static int aes_crypt_xts_wrap( void *ctx, mbedtls_operation_t operation, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - return mbedtls_aes_crypt_xts( xts_ctx, mode, length, - data_unit, input, output ); + return mbedtls_aes_crypt_xts(xts_ctx, mode, length, + data_unit, input, output); } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen ); + return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen); } -static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); + return mbedtls_aes_setkey_enc((mbedtls_aes_context *) ctx, key, key_bitlen); } -static void * aes_ctx_alloc( void ) +static void *aes_ctx_alloc(void) { - mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) ); + mbedtls_aes_context *aes = mbedtls_calloc(1, sizeof(mbedtls_aes_context)); - if( aes == NULL ) - return( NULL ); + if (aes == NULL) { + return NULL; + } - mbedtls_aes_init( aes ); + mbedtls_aes_init(aes); - return( aes ); + return aes; } -static void aes_ctx_free( void *ctx ) +static void aes_ctx_free(void *ctx) { - mbedtls_aes_free( (mbedtls_aes_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_aes_free((mbedtls_aes_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t aes_info = { @@ -426,39 +410,41 @@ static const mbedtls_cipher_info_t aes_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) -static int xts_aes_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int xts_aes_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_enc( xts_ctx, key, key_bitlen ) ); + return mbedtls_aes_xts_setkey_enc(xts_ctx, key, key_bitlen); } -static int xts_aes_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int xts_aes_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { mbedtls_aes_xts_context *xts_ctx = ctx; - return( mbedtls_aes_xts_setkey_dec( xts_ctx, key, key_bitlen ) ); + return mbedtls_aes_xts_setkey_dec(xts_ctx, key, key_bitlen); } -static void *xts_aes_ctx_alloc( void ) +static void *xts_aes_ctx_alloc(void) { - mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc( 1, sizeof( *xts_ctx ) ); + mbedtls_aes_xts_context *xts_ctx = mbedtls_calloc(1, sizeof(*xts_ctx)); - if( xts_ctx != NULL ) - mbedtls_aes_xts_init( xts_ctx ); + if (xts_ctx != NULL) { + mbedtls_aes_xts_init(xts_ctx); + } - return( xts_ctx ); + return xts_ctx; } -static void xts_aes_ctx_free( void *ctx ) +static void xts_aes_ctx_free(void *ctx) { mbedtls_aes_xts_context *xts_ctx = ctx; - if( xts_ctx == NULL ) + if (xts_ctx == NULL) { return; + } - mbedtls_aes_xts_free( xts_ctx ); - mbedtls_free( xts_ctx ); + mbedtls_aes_xts_free(xts_ctx); + mbedtls_free(xts_ctx); } static const mbedtls_cipher_base_t xts_aes_info = { @@ -512,11 +498,11 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_GCM_C) -static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_aes_info = { @@ -581,11 +567,11 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_aes_info = { @@ -653,72 +639,73 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { #if defined(MBEDTLS_CAMELLIA_C) -static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input, - output ); + return mbedtls_camellia_crypt_ecb((mbedtls_camellia_context *) ctx, operation, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_camellia_crypt_cbc((mbedtls_camellia_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_camellia_crypt_cfb128((mbedtls_camellia_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_camellia_crypt_ctr((mbedtls_camellia_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen ); + return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen); } -static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen ); + return mbedtls_camellia_setkey_enc((mbedtls_camellia_context *) ctx, key, key_bitlen); } -static void * camellia_ctx_alloc( void ) +static void *camellia_ctx_alloc(void) { mbedtls_camellia_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_camellia_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_camellia_init( ctx ); + mbedtls_camellia_init(ctx); - return( ctx ); + return ctx; } -static void camellia_ctx_free( void *ctx ) +static void camellia_ctx_free(void *ctx) { - mbedtls_camellia_free( (mbedtls_camellia_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_camellia_free((mbedtls_camellia_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t camellia_info = { @@ -887,11 +874,11 @@ static const mbedtls_cipher_info_t camellia_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_GCM_C) -static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_camellia_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_camellia_info = { @@ -956,11 +943,11 @@ static const mbedtls_cipher_info_t camellia_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_camellia_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_camellia_info = { @@ -1028,73 +1015,74 @@ static const mbedtls_cipher_info_t camellia_256_ccm_info = { #if defined(MBEDTLS_ARIA_C) -static int aria_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { (void) operation; - return mbedtls_aria_crypt_ecb( (mbedtls_aria_context *) ctx, input, - output ); + return mbedtls_aria_crypt_ecb((mbedtls_aria_context *) ctx, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int aria_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_cbc( (mbedtls_aria_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_aria_crypt_cbc((mbedtls_aria_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int aria_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_cfb128_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_cfb128( (mbedtls_aria_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_aria_crypt_cfb128((mbedtls_aria_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int aria_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_aria_crypt_ctr( (mbedtls_aria_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_aria_crypt_ctr((mbedtls_aria_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int aria_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aria_setkey_dec( (mbedtls_aria_context *) ctx, key, key_bitlen ); + return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen); } -static int aria_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_aria_setkey_enc( (mbedtls_aria_context *) ctx, key, key_bitlen ); + return mbedtls_aria_setkey_enc((mbedtls_aria_context *) ctx, key, key_bitlen); } -static void * aria_ctx_alloc( void ) +static void *aria_ctx_alloc(void) { mbedtls_aria_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_aria_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_aria_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_aria_init( ctx ); + mbedtls_aria_init(ctx); - return( ctx ); + return ctx; } -static void aria_ctx_free( void *ctx ) +static void aria_ctx_free(void *ctx) { - mbedtls_aria_free( (mbedtls_aria_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_aria_free((mbedtls_aria_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t aria_info = { @@ -1263,11 +1251,11 @@ static const mbedtls_cipher_info_t aria_256_ctr_info = { #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_GCM_C) -static int gcm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int gcm_aria_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); + return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, + key, key_bitlen); } static const mbedtls_cipher_base_t gcm_aria_info = { @@ -1332,11 +1320,11 @@ static const mbedtls_cipher_info_t aria_256_gcm_info = { #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) -static int ccm_aria_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int ccm_aria_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, - key, key_bitlen ); + return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_ARIA, + key, key_bitlen); } static const mbedtls_cipher_base_t ccm_aria_info = { @@ -1404,121 +1392,123 @@ static const mbedtls_cipher_info_t aria_256_ccm_info = { #if defined(MBEDTLS_DES_C) -static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int des_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { ((void) operation); - return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output ); + return mbedtls_des_crypt_ecb((mbedtls_des_context *) ctx, input, output); } -static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int des3_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { ((void) operation); - return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output ); + return mbedtls_des3_crypt_ecb((mbedtls_des3_context *) ctx, input, output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int des_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_des_crypt_cbc((mbedtls_des_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length, - unsigned char *iv, const unsigned char *input, unsigned char *output ) +static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output) { - return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input, - output ); + return mbedtls_des3_crypt_cbc((mbedtls_des3_context *) ctx, operation, length, iv, input, + output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ -static int des_setkey_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key ); + return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key); } -static int des_setkey_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key ); + return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key); } -static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key); } -static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key); } -static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key); } -static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) key_bitlen); - return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key ); + return mbedtls_des3_set3key_enc((mbedtls_des3_context *) ctx, key); } -static void * des_ctx_alloc( void ) +static void *des_ctx_alloc(void) { - mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) ); + mbedtls_des_context *des = mbedtls_calloc(1, sizeof(mbedtls_des_context)); - if( des == NULL ) - return( NULL ); + if (des == NULL) { + return NULL; + } - mbedtls_des_init( des ); + mbedtls_des_init(des); - return( des ); + return des; } -static void des_ctx_free( void *ctx ) +static void des_ctx_free(void *ctx) { - mbedtls_des_free( (mbedtls_des_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_des_free((mbedtls_des_context *) ctx); + mbedtls_free(ctx); } -static void * des3_ctx_alloc( void ) +static void *des3_ctx_alloc(void) { mbedtls_des3_context *des3; - des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) ); + des3 = mbedtls_calloc(1, sizeof(mbedtls_des3_context)); - if( des3 == NULL ) - return( NULL ); + if (des3 == NULL) { + return NULL; + } - mbedtls_des3_init( des3 ); + mbedtls_des3_init(des3); - return( des3 ); + return des3; } -static void des3_ctx_free( void *ctx ) +static void des3_ctx_free(void *ctx) { - mbedtls_des3_free( (mbedtls_des3_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_des3_free((mbedtls_des3_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t des_info = { @@ -1676,66 +1666,67 @@ static const mbedtls_cipher_info_t des_ede3_cbc_info = { #if defined(MBEDTLS_BLOWFISH_C) -static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_ecb_wrap(void *ctx, mbedtls_operation_t operation, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input, - output ); + return mbedtls_blowfish_crypt_ecb((mbedtls_blowfish_context *) ctx, operation, input, + output); } #if defined(MBEDTLS_CIPHER_MODE_CBC) -static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, unsigned char *iv, const unsigned char *input, - unsigned char *output ) +static int blowfish_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, unsigned char *iv, const unsigned char *input, + unsigned char *output) { - return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv, - input, output ); + return mbedtls_blowfish_crypt_cbc((mbedtls_blowfish_context *) ctx, operation, length, iv, + input, output); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) -static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation, - size_t length, size_t *iv_off, unsigned char *iv, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_cfb64_wrap(void *ctx, mbedtls_operation_t operation, + size_t length, size_t *iv_off, unsigned char *iv, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length, - iv_off, iv, input, output ); + return mbedtls_blowfish_crypt_cfb64((mbedtls_blowfish_context *) ctx, operation, length, + iv_off, iv, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) -static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off, - unsigned char *nonce_counter, unsigned char *stream_block, - const unsigned char *input, unsigned char *output ) +static int blowfish_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, + unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output) { - return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off, - nonce_counter, stream_block, input, output ); + return mbedtls_blowfish_crypt_ctr((mbedtls_blowfish_context *) ctx, length, nc_off, + nonce_counter, stream_block, input, output); } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -static int blowfish_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int blowfish_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen ); + return mbedtls_blowfish_setkey((mbedtls_blowfish_context *) ctx, key, key_bitlen); } -static void * blowfish_ctx_alloc( void ) +static void *blowfish_ctx_alloc(void) { mbedtls_blowfish_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_blowfish_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_blowfish_init( ctx ); + mbedtls_blowfish_init(ctx); - return( ctx ); + return ctx; } -static void blowfish_ctx_free( void *ctx ) +static void blowfish_ctx_free(void *ctx) { - mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_blowfish_free((mbedtls_blowfish_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t blowfish_info = { @@ -1817,41 +1808,43 @@ static const mbedtls_cipher_info_t blowfish_ctr_info = { #endif /* MBEDTLS_BLOWFISH_C */ #if defined(MBEDTLS_ARC4_C) -static int arc4_crypt_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int arc4_crypt_stream_wrap(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { - return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) ); + return mbedtls_arc4_crypt((mbedtls_arc4_context *) ctx, length, input, output); } -static int arc4_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int arc4_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { /* we get key_bitlen in bits, arc4 expects it in bytes */ - if( key_bitlen % 8 != 0 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen % 8 != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 ); - return( 0 ); + mbedtls_arc4_setup((mbedtls_arc4_context *) ctx, key, key_bitlen / 8); + return 0; } -static void * arc4_ctx_alloc( void ) +static void *arc4_ctx_alloc(void) { mbedtls_arc4_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_arc4_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_arc4_init( ctx ); + mbedtls_arc4_init(ctx); - return( ctx ); + return ctx; } -static void arc4_ctx_free( void *ctx ) +static void arc4_ctx_free(void *ctx) { - mbedtls_arc4_free( (mbedtls_arc4_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_arc4_free((mbedtls_arc4_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t arc4_base_info = { @@ -1895,48 +1888,52 @@ static const mbedtls_cipher_info_t arc4_128_info = { #if defined(MBEDTLS_CHACHA20_C) -static int chacha20_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int chacha20_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen != 256U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if ( 0 != mbedtls_chacha20_setkey( (mbedtls_chacha20_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (0 != mbedtls_chacha20_setkey((mbedtls_chacha20_context *) ctx, key)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } -static int chacha20_stream_wrap( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int chacha20_stream_wrap(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_chacha20_update( ctx, length, input, output ); - if( ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ret = mbedtls_chacha20_update(ctx, length, input, output); + if (ret == MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( ret ); + return ret; } -static void * chacha20_ctx_alloc( void ) +static void *chacha20_ctx_alloc(void) { mbedtls_chacha20_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chacha20_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_chacha20_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_chacha20_init( ctx ); + mbedtls_chacha20_init(ctx); - return( ctx ); + return ctx; } -static void chacha20_ctx_free( void *ctx ) +static void chacha20_ctx_free(void *ctx) { - mbedtls_chacha20_free( (mbedtls_chacha20_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_chacha20_free((mbedtls_chacha20_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t chacha20_base_info = { @@ -1979,36 +1976,39 @@ static const mbedtls_cipher_info_t chacha20_info = { #if defined(MBEDTLS_CHACHAPOLY_C) -static int chachapoly_setkey_wrap( void *ctx, - const unsigned char *key, - unsigned int key_bitlen ) +static int chachapoly_setkey_wrap(void *ctx, + const unsigned char *key, + unsigned int key_bitlen) { - if( key_bitlen != 256U ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key_bitlen != 256U) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (0 != mbedtls_chachapoly_setkey((mbedtls_chachapoly_context *) ctx, key)) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } -static void * chachapoly_ctx_alloc( void ) +static void *chachapoly_ctx_alloc(void) { mbedtls_chachapoly_context *ctx; - ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) ); + ctx = mbedtls_calloc(1, sizeof(mbedtls_chachapoly_context)); - if( ctx == NULL ) - return( NULL ); + if (ctx == NULL) { + return NULL; + } - mbedtls_chachapoly_init( ctx ); + mbedtls_chachapoly_init(ctx); - return( ctx ); + return ctx; } -static void chachapoly_ctx_free( void *ctx ) +static void chachapoly_ctx_free(void *ctx) { - mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_chachapoly_free((mbedtls_chachapoly_context *) ctx); + mbedtls_free(ctx); } static const mbedtls_cipher_base_t chachapoly_base_info = { @@ -2050,31 +2050,31 @@ static const mbedtls_cipher_info_t chachapoly_info = { #endif /* MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -static int null_crypt_stream( void *ctx, size_t length, - const unsigned char *input, - unsigned char *output ) +static int null_crypt_stream(void *ctx, size_t length, + const unsigned char *input, + unsigned char *output) { ((void) ctx); - memmove( output, input, length ); - return( 0 ); + memmove(output, input, length); + return 0; } -static int null_setkey( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int null_setkey(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { ((void) ctx); ((void) key); ((void) key_bitlen); - return( 0 ); + return 0; } -static void * null_ctx_alloc( void ) +static void *null_ctx_alloc(void) { - return( (void *) 1 ); + return (void *) 1; } -static void null_ctx_free( void *ctx ) +static void null_ctx_free(void *ctx) { ((void) ctx); } @@ -2119,34 +2119,35 @@ static const mbedtls_cipher_info_t null_cipher_info = { #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ #if defined(MBEDTLS_NIST_KW_C) -static void *kw_ctx_alloc( void ) +static void *kw_ctx_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_nist_kw_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_nist_kw_context)); - if( ctx != NULL ) - mbedtls_nist_kw_init( (mbedtls_nist_kw_context *) ctx ); + if (ctx != NULL) { + mbedtls_nist_kw_init((mbedtls_nist_kw_context *) ctx); + } - return( ctx ); + return ctx; } -static void kw_ctx_free( void *ctx ) +static void kw_ctx_free(void *ctx) { - mbedtls_nist_kw_free( ctx ); - mbedtls_free( ctx ); + mbedtls_nist_kw_free(ctx); + mbedtls_free(ctx); } -static int kw_aes_setkey_wrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int kw_aes_setkey_wrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, - MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1 ); + return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx, + MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 1); } -static int kw_aes_setkey_unwrap( void *ctx, const unsigned char *key, - unsigned int key_bitlen ) +static int kw_aes_setkey_unwrap(void *ctx, const unsigned char *key, + unsigned int key_bitlen) { - return mbedtls_nist_kw_setkey( (mbedtls_nist_kw_context *) ctx, - MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0 ); + return mbedtls_nist_kw_setkey((mbedtls_nist_kw_context *) ctx, + MBEDTLS_CIPHER_ID_AES, key, key_bitlen, 0); } static const mbedtls_cipher_base_t kw_aes_info = { @@ -2399,8 +2400,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_NONE, NULL } }; -#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) / \ - sizeof(mbedtls_cipher_definitions[0]) ) +#define NUM_CIPHERS (sizeof(mbedtls_cipher_definitions) / \ + sizeof(mbedtls_cipher_definitions[0])) int mbedtls_cipher_supported[NUM_CIPHERS]; #endif /* MBEDTLS_CIPHER_C */ diff --git a/third_party/mbedtls/repo/library/cmac.c b/third_party/mbedtls/repo/library/cmac.c index 3cc49d10cc2..32a9a0e5668 100644 --- a/third_party/mbedtls/repo/library/cmac.c +++ b/third_party/mbedtls/repo/library/cmac.c @@ -4,19 +4,7 @@ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -63,9 +51,9 @@ * Input and output MUST NOT point to the same buffer * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES. */ -static int cmac_multiply_by_u( unsigned char *output, - const unsigned char *input, - size_t blocksize ) +static int cmac_multiply_by_u(unsigned char *output, + const unsigned char *input, + size_t blocksize) { const unsigned char R_128 = 0x87; const unsigned char R_64 = 0x1B; @@ -73,21 +61,15 @@ static int cmac_multiply_by_u( unsigned char *output, unsigned char overflow = 0x00; int i; - if( blocksize == MBEDTLS_AES_BLOCK_SIZE ) - { + if (blocksize == MBEDTLS_AES_BLOCK_SIZE) { R_n = R_128; - } - else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE ) - { + } else if (blocksize == MBEDTLS_DES3_BLOCK_SIZE) { R_n = R_64; - } - else - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + } else { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - for( i = (int)blocksize - 1; i >= 0; i-- ) - { + for (i = (int) blocksize - 1; i >= 0; i--) { output[i] = input[i] << 1 | overflow; overflow = input[i] >> 7; } @@ -101,14 +83,14 @@ static int cmac_multiply_by_u( unsigned char *output, #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - mask = - ( input[0] >> 7 ); + mask = -(input[0] >> 7); #if defined(_MSC_VER) #pragma warning( pop ) #endif - output[ blocksize - 1 ] ^= R_n & mask; + output[blocksize - 1] ^= R_n & mask; - return( 0 ); + return 0; } /* @@ -116,46 +98,50 @@ static int cmac_multiply_by_u( unsigned char *output, * * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm */ -static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx, - unsigned char* K1, unsigned char* K2 ) +static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx, + unsigned char *K1, unsigned char *K2) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX]; size_t olen, block_size; - mbedtls_platform_zeroize( L, sizeof( L ) ); + mbedtls_platform_zeroize(L, sizeof(L)); block_size = ctx->cipher_info->block_size; /* Calculate Ek(0) */ - if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 ) + if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) { goto exit; + } /* * Generate K1 and K2 */ - if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 ) + if ((ret = cmac_multiply_by_u(K1, L, block_size)) != 0) { goto exit; + } - if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 ) + if ((ret = cmac_multiply_by_u(K2, K1, block_size)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( L, sizeof( L ) ); + mbedtls_platform_zeroize(L, sizeof(L)); - return( ret ); + return ret; } #endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */ #if !defined(MBEDTLS_CMAC_ALT) -static void cmac_xor_block( unsigned char *output, const unsigned char *input1, - const unsigned char *input2, - const size_t block_size ) +static void cmac_xor_block(unsigned char *output, const unsigned char *input1, + const unsigned char *input2, + const size_t block_size) { size_t idx; - for( idx = 0; idx < block_size; idx++ ) - output[ idx ] = input1[ idx ] ^ input2[ idx ]; + for (idx = 0; idx < block_size; idx++) { + output[idx] = input1[idx] ^ input2[idx]; + } } /* @@ -164,75 +150,78 @@ static void cmac_xor_block( unsigned char *output, const unsigned char *input1, * We can't use the padding option from the cipher layer, as it only works for * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition. */ -static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX], - size_t padded_block_len, - const unsigned char *last_block, - size_t last_block_len ) +static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX], + size_t padded_block_len, + const unsigned char *last_block, + size_t last_block_len) { size_t j; - for( j = 0; j < padded_block_len; j++ ) - { - if( j < last_block_len ) + for (j = 0; j < padded_block_len; j++) { + if (j < last_block_len) { padded_block[j] = last_block[j]; - else if( j == last_block_len ) + } else if (j == last_block_len) { padded_block[j] = 0x80; - else + } else { padded_block[j] = 0x00; + } } } -int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, - const unsigned char *key, size_t keybits ) +int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, + const unsigned char *key, size_t keybits) { mbedtls_cipher_type_t type; mbedtls_cmac_context_t *cmac_ctx; int retval; - if( ctx == NULL || ctx->cipher_info == NULL || key == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || key == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - return( retval ); + if ((retval = mbedtls_cipher_setkey(ctx, key, (int) keybits, + MBEDTLS_ENCRYPT)) != 0) { + return retval; + } type = ctx->cipher_info->type; - switch( type ) - { + switch (type) { case MBEDTLS_CIPHER_AES_128_ECB: case MBEDTLS_CIPHER_AES_192_ECB: case MBEDTLS_CIPHER_AES_256_ECB: case MBEDTLS_CIPHER_DES_EDE3_ECB: break; default: - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* Allocated and initialise in the cipher context memory for the CMAC * context */ - cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) ); - if( cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); + cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t)); + if (cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } ctx->cmac_ctx = cmac_ctx; - mbedtls_platform_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) ); + mbedtls_platform_zeroize(cmac_ctx->state, sizeof(cmac_ctx->state)); return 0; } -int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, - const unsigned char *input, size_t ilen ) +int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, + const unsigned char *input, size_t ilen) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; unsigned char *state; int ret = 0; size_t n, j, olen, block_size; - if( ctx == NULL || ctx->cipher_info == NULL || input == NULL || - ctx->cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || input == NULL || + ctx->cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; @@ -240,19 +229,17 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, /* Is there data still to process from the last call, that's greater in * size than a block? */ - if( cmac_ctx->unprocessed_len > 0 && - ilen > block_size - cmac_ctx->unprocessed_len ) - { - memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], - input, - block_size - cmac_ctx->unprocessed_len ); + if (cmac_ctx->unprocessed_len > 0 && + ilen > block_size - cmac_ctx->unprocessed_len) { + memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], + input, + block_size - cmac_ctx->unprocessed_len); - cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size ); + cmac_xor_block(state, cmac_ctx->unprocessed_block, state, block_size); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - { - goto exit; + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { + goto exit; } input += block_size - cmac_ctx->unprocessed_len; @@ -261,39 +248,38 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, } /* n is the number of blocks including any final partial block */ - n = ( ilen + block_size - 1 ) / block_size; + n = (ilen + block_size - 1) / block_size; /* Iterate across the input data in block sized chunks, excluding any * final partial or complete block */ - for( j = 1; j < n; j++ ) - { - cmac_xor_block( state, input, state, block_size ); + for (j = 1; j < n; j++) { + cmac_xor_block(state, input, state, block_size); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - goto exit; + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { + goto exit; + } ilen -= block_size; input += block_size; } /* If there is data left over that wasn't aligned to a block */ - if( ilen > 0 ) - { - memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], - input, - ilen ); + if (ilen > 0) { + memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len], + input, + ilen); cmac_ctx->unprocessed_len += ilen; } exit: - return( ret ); + return ret; } -int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, - unsigned char *output ) +int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, + unsigned char *output) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; unsigned char *state, *last_block; unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; @@ -301,153 +287,153 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen, block_size; - if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || - output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL || + output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; block_size = ctx->cipher_info->block_size; state = cmac_ctx->state; - mbedtls_platform_zeroize( K1, sizeof( K1 ) ); - mbedtls_platform_zeroize( K2, sizeof( K2 ) ); - cmac_generate_subkeys( ctx, K1, K2 ); + mbedtls_platform_zeroize(K1, sizeof(K1)); + mbedtls_platform_zeroize(K2, sizeof(K2)); + cmac_generate_subkeys(ctx, K1, K2); last_block = cmac_ctx->unprocessed_block; /* Calculate last block */ - if( cmac_ctx->unprocessed_len < block_size ) - { - cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len ); - cmac_xor_block( M_last, M_last, K2, block_size ); - } - else - { + if (cmac_ctx->unprocessed_len < block_size) { + cmac_pad(M_last, block_size, last_block, cmac_ctx->unprocessed_len); + cmac_xor_block(M_last, M_last, K2, block_size); + } else { /* Last block is complete block */ - cmac_xor_block( M_last, last_block, K1, block_size ); + cmac_xor_block(M_last, last_block, K1, block_size); } - cmac_xor_block( state, M_last, state, block_size ); - if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state, - &olen ) ) != 0 ) - { + cmac_xor_block(state, M_last, state, block_size); + if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, + &olen)) != 0) { goto exit; } - memcpy( output, state, block_size ); + memcpy(output, state, block_size); exit: /* Wipe the generated keys on the stack, and any other transients to avoid * side channel leakage */ - mbedtls_platform_zeroize( K1, sizeof( K1 ) ); - mbedtls_platform_zeroize( K2, sizeof( K2 ) ); + mbedtls_platform_zeroize(K1, sizeof(K1)); + mbedtls_platform_zeroize(K2, sizeof(K2)); cmac_ctx->unprocessed_len = 0; - mbedtls_platform_zeroize( cmac_ctx->unprocessed_block, - sizeof( cmac_ctx->unprocessed_block ) ); + mbedtls_platform_zeroize(cmac_ctx->unprocessed_block, + sizeof(cmac_ctx->unprocessed_block)); - mbedtls_platform_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX ); - return( ret ); + mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX); + return ret; } -int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ) +int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx) { - mbedtls_cmac_context_t* cmac_ctx; + mbedtls_cmac_context_t *cmac_ctx; - if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } cmac_ctx = ctx->cmac_ctx; /* Reset the internal state */ cmac_ctx->unprocessed_len = 0; - mbedtls_platform_zeroize( cmac_ctx->unprocessed_block, - sizeof( cmac_ctx->unprocessed_block ) ); - mbedtls_platform_zeroize( cmac_ctx->state, - sizeof( cmac_ctx->state ) ); + mbedtls_platform_zeroize(cmac_ctx->unprocessed_block, + sizeof(cmac_ctx->unprocessed_block)); + mbedtls_platform_zeroize(cmac_ctx->state, + sizeof(cmac_ctx->state)); - return( 0 ); + return 0; } -int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output) { mbedtls_cipher_context_t ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( cipher_info == NULL || key == NULL || input == NULL || output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_info == NULL || key == NULL || input == NULL || output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 ) + if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_update( &ctx, input, ilen ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac_update(&ctx, input, ilen); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_finish( &ctx, output ); + ret = mbedtls_cipher_cmac_finish(&ctx, output); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); - return( ret ); + return ret; } #if defined(MBEDTLS_AES_C) /* * Implementation of AES-CMAC-PRF-128 defined in RFC 4615 */ -int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, - const unsigned char *input, size_t in_len, - unsigned char output[16] ) +int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_length, + const unsigned char *input, size_t in_len, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE]; unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE]; - if( key == NULL || input == NULL || output == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (key == NULL || input == NULL || output == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto exit; } - if( key_length == MBEDTLS_AES_BLOCK_SIZE ) - { + if (key_length == MBEDTLS_AES_BLOCK_SIZE) { /* Use key as is */ - memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE ); - } - else - { - memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE ); + memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE); + } else { + memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE); - ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key, - key_length, int_key ); - if( ret != 0 ) + ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key, + key_length, int_key); + if (ret != 0) { goto exit; + } } - ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len, - output ); + ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len, + output); exit: - mbedtls_platform_zeroize( int_key, sizeof( int_key ) ); + mbedtls_platform_zeroize(int_key, sizeof(int_key)); - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ @@ -508,7 +494,8 @@ static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b } }; -static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0xbb, 0x1d, 0x69, 0x29, 0xe9, 0x59, 0x37, 0x28, @@ -549,7 +536,8 @@ static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0x7d, 0xcc, 0x87, 0x3b, 0xa9, 0xb5, 0x45, 0x2c } }; -static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0xd1, 0x7d, 0xdf, 0x46, 0xad, 0xaa, 0xcd, 0xe5, @@ -591,7 +579,8 @@ static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = { 0x5d, 0x35, 0x33, 0x01, 0x0c, 0x42, 0xa0, 0xd9 } }; -static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = { +static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = +{ { /* Example #1 */ 0x02, 0x89, 0x62, 0xf6, 0x1b, 0x7b, 0xf8, 0x9e, @@ -643,7 +632,8 @@ static const unsigned char des3_2key_subkeys[2][8] = { 0x1b, 0xa5, 0x96, 0xf4, 0x7b, 0x11, 0x11, 0xb2 } }; -static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { +static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] + = { { /* Sample #1 */ 0x79, 0xce, 0x52, 0xa7, 0xf7, 0x86, 0xa9, 0x60 @@ -660,7 +650,7 @@ static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED /* Sample #4 */ 0x9c, 0xd3, 0x35, 0x80, 0xf9, 0xb6, 0x4d, 0xfb } -}; + }; /* CMAC-TDES (Generation) - 3 Key Test Data */ static const unsigned char des3_3key_key[24] = { @@ -681,7 +671,8 @@ static const unsigned char des3_3key_subkeys[2][8] = { 0x3a, 0xe9, 0xce, 0x72, 0x66, 0x2f, 0x2d, 0x9b } }; -static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = { +static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] + = { { /* Sample #1 */ 0x7d, 0xb0, 0xd3, 0x7d, 0xf9, 0x36, 0xc5, 0x50 @@ -698,7 +689,7 @@ static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED /* Sample #4 */ 0x99, 0x42, 0x9b, 0xd0, 0xbF, 0x79, 0x04, 0xe5 } -}; + }; #endif /* MBEDTLS_DES_C */ @@ -741,14 +732,14 @@ static const unsigned char PRFT[NB_PRF_TESTS][16] = { }; #endif /* MBEDTLS_AES_C */ -static int cmac_test_subkeys( int verbose, - const char* testname, - const unsigned char* key, - int keybits, - const unsigned char* subkeys, - mbedtls_cipher_type_t cipher_type, - int block_size, - int num_tests ) +static int cmac_test_subkeys(int verbose, + const char *testname, + const unsigned char *key, + int keybits, + const unsigned char *subkeys, + mbedtls_cipher_type_t cipher_type, + int block_size, + int num_tests) { int i, ret = 0; mbedtls_cipher_context_t ctx; @@ -756,330 +747,321 @@ static int cmac_test_subkeys( int verbose, unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - for( i = 0; i < num_tests; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " %s CMAC subkey #%d: ", testname, i + 1 ); + for (i = 0; i < num_tests; i++) { + if (verbose != 0) { + mbedtls_printf(" %s CMAC subkey #%d: ", testname, i + 1); + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "test execution failed\n" ); + if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) { + if (verbose != 0) { + mbedtls_printf("test execution failed\n"); + } goto cleanup; } - if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { + if ((ret = mbedtls_cipher_setkey(&ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, * AES-192 may be unavailable. This should not cause the selftest * function to fail. */ - if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || - ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) { - if( verbose != 0 ) - mbedtls_printf( "skipped\n" ); + if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || + ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) && + cipher_type == MBEDTLS_CIPHER_AES_192_ECB) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } goto next_test; } - if( verbose != 0 ) - mbedtls_printf( "test execution failed\n" ); + if (verbose != 0) { + mbedtls_printf("test execution failed\n"); + } goto cleanup; } - ret = cmac_generate_subkeys( &ctx, K1, K2 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = cmac_generate_subkeys(&ctx, K1, K2); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0 || - ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = memcmp(K1, subkeys, block_size)) != 0 || + (ret = memcmp(K2, &subkeys[block_size], block_size)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } next_test: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } ret = 0; goto exit; cleanup: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); exit: - return( ret ); + return ret; } -static int cmac_test_wth_cipher( int verbose, - const char* testname, - const unsigned char* key, - int keybits, - const unsigned char* messages, - const unsigned int message_lengths[4], - const unsigned char* expected_result, - mbedtls_cipher_type_t cipher_type, - int block_size, - int num_tests ) +static int cmac_test_wth_cipher(int verbose, + const char *testname, + const unsigned char *key, + int keybits, + const unsigned char *messages, + const unsigned int message_lengths[4], + const unsigned char *expected_result, + mbedtls_cipher_type_t cipher_type, + int block_size, + int num_tests) { const mbedtls_cipher_info_t *cipher_info; int i, ret = 0; unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - { + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { /* Failing at this point must be due to a build issue */ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto exit; } - for( i = 0; i < num_tests; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " %s CMAC #%d: ", testname, i + 1 ); + for (i = 0; i < num_tests; i++) { + if (verbose != 0) { + mbedtls_printf(" %s CMAC #%d: ", testname, i + 1); + } - if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages, - message_lengths[i], output ) ) != 0 ) - { + if ((ret = mbedtls_cipher_cmac(cipher_info, key, keybits, messages, + message_lengths[i], output)) != 0) { /* When CMAC is implemented by an alternative implementation, or * the underlying primitive itself is implemented alternatively, * AES-192 and/or 3DES may be unavailable. This should not cause * the selftest function to fail. */ - if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || - ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) && - ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB || - cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) { - if( verbose != 0 ) - mbedtls_printf( "skipped\n" ); + if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED || + ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) && + (cipher_type == MBEDTLS_CIPHER_AES_192_ECB || + cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB)) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } continue; } - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = memcmp(output, &expected_result[i * block_size], block_size)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } ret = 0; exit: - return( ret ); + return ret; } #if defined(MBEDTLS_AES_C) -static int test_aes128_cmac_prf( int verbose ) +static int test_aes128_cmac_prf(int verbose) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output[MBEDTLS_AES_BLOCK_SIZE]; - for( i = 0; i < NB_PRF_TESTS; i++ ) - { - mbedtls_printf( " AES CMAC 128 PRF #%d: ", i ); - ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output ); - if( ret != 0 || - memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 ) - { + for (i = 0; i < NB_PRF_TESTS; i++) { + mbedtls_printf(" AES CMAC 128 PRF #%d: ", i); + ret = mbedtls_aes_cmac_prf_128(PRFK, PRFKlen[i], PRFM, 20, output); + if (ret != 0 || + memcmp(output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE) != 0) { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); - } - else if( verbose != 0 ) - { - mbedtls_printf( "passed\n" ); + return ret; + } else if (verbose != 0) { + mbedtls_printf("passed\n"); } } - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ -int mbedtls_cmac_self_test( int verbose ) +int mbedtls_cmac_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_AES_C) /* AES-128 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 128", - aes_128_key, - 128, - (const unsigned char*)aes_128_subkeys, - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 128", + aes_128_key, + 128, + (const unsigned char *) aes_128_subkeys, + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "AES 128", - aes_128_key, - 128, - test_message, - aes_message_lengths, - (const unsigned char*)aes_128_expected_result, - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 128", + aes_128_key, + 128, + test_message, + aes_message_lengths, + (const unsigned char *) aes_128_expected_result, + MBEDTLS_CIPHER_AES_128_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* AES-192 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 192", - aes_192_key, - 192, - (const unsigned char*)aes_192_subkeys, - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 192", + aes_192_key, + 192, + (const unsigned char *) aes_192_subkeys, + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "AES 192", - aes_192_key, - 192, - test_message, - aes_message_lengths, - (const unsigned char*)aes_192_expected_result, - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 192", + aes_192_key, + 192, + test_message, + aes_message_lengths, + (const unsigned char *) aes_192_expected_result, + MBEDTLS_CIPHER_AES_192_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* AES-256 */ - if( ( ret = cmac_test_subkeys( verbose, - "AES 256", - aes_256_key, - 256, - (const unsigned char*)aes_256_subkeys, - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "AES 256", + aes_256_key, + 256, + (const unsigned char *) aes_256_subkeys, + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher ( verbose, - "AES 256", - aes_256_key, - 256, - test_message, - aes_message_lengths, - (const unsigned char*)aes_256_expected_result, - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_AES_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "AES 256", + aes_256_key, + 256, + test_message, + aes_message_lengths, + (const unsigned char *) aes_256_expected_result, + MBEDTLS_CIPHER_AES_256_ECB, + MBEDTLS_AES_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_DES_C) /* 3DES 2 key */ - if( ( ret = cmac_test_subkeys( verbose, - "3DES 2 key", - des3_2key_key, - 192, - (const unsigned char*)des3_2key_subkeys, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "3DES 2 key", + des3_2key_key, + 192, + (const unsigned char *) des3_2key_subkeys, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "3DES 2 key", - des3_2key_key, - 192, - test_message, - des3_message_lengths, - (const unsigned char*)des3_2key_expected_result, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "3DES 2 key", + des3_2key_key, + 192, + test_message, + des3_message_lengths, + (const unsigned char *) des3_2key_expected_result, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } /* 3DES 3 key */ - if( ( ret = cmac_test_subkeys( verbose, - "3DES 3 key", - des3_3key_key, - 192, - (const unsigned char*)des3_3key_subkeys, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_subkeys(verbose, + "3DES 3 key", + des3_3key_key, + 192, + (const unsigned char *) des3_3key_subkeys, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } - if( ( ret = cmac_test_wth_cipher( verbose, - "3DES 3 key", - des3_3key_key, - 192, - test_message, - des3_message_lengths, - (const unsigned char*)des3_3key_expected_result, - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_DES3_BLOCK_SIZE, - NB_CMAC_TESTS_PER_KEY ) ) != 0 ) - { - return( ret ); + if ((ret = cmac_test_wth_cipher(verbose, + "3DES 3 key", + des3_3key_key, + 192, + test_message, + des3_message_lengths, + (const unsigned char *) des3_3key_expected_result, + MBEDTLS_CIPHER_DES_EDE3_ECB, + MBEDTLS_DES3_BLOCK_SIZE, + NB_CMAC_TESTS_PER_KEY)) != 0) { + return ret; } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 ) - return( ret ); + if ((ret = test_aes128_cmac_prf(verbose)) != 0) { + return ret; + } #endif /* MBEDTLS_AES_C */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/common.h b/third_party/mbedtls/repo/library/common.h index c06472418df..bf18d725ccf 100644 --- a/third_party/mbedtls/repo/library/common.h +++ b/third_party/mbedtls/repo/library/common.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LIBRARY_COMMON_H @@ -29,8 +17,16 @@ #include "mbedtls/config.h" #endif +#include +#include #include +/* Define `inline` on some non-C99-compliant compilers. */ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -52,19 +48,57 @@ #define MBEDTLS_STATIC_TESTABLE static #endif +/** Return an offset into a buffer. + * + * This is just the addition of an offset to a pointer, except that this + * function also accepts an offset of 0 into a buffer whose pointer is null. + * (`p + n` has undefined behavior when `p` is null, even when `n == 0`. + * A null pointer is a valid buffer pointer when the size is 0, for example + * as the result of `malloc(0)` on some platforms.) + * + * \param p Pointer to a buffer of at least n bytes. + * This may be \p NULL if \p n is zero. + * \param n An offset in bytes. + * \return Pointer to offset \p n in the buffer \p p. + * Note that this is only a valid pointer if the size of the + * buffer is at least \p n + 1. + */ +static inline unsigned char *mbedtls_buffer_offset( + unsigned char *p, size_t n) +{ + return p == NULL ? NULL : p + n; +} + +/** Return an offset into a read-only buffer. + * + * Similar to mbedtls_buffer_offset(), but for const pointers. + * + * \param p Pointer to a buffer of at least n bytes. + * This may be \p NULL if \p n is zero. + * \param n An offset in bytes. + * \return Pointer to offset \p n in the buffer \p p. + * Note that this is only a valid pointer if the size of the + * buffer is at least \p n + 1. + */ +static inline const unsigned char *mbedtls_buffer_offset_const( + const unsigned char *p, size_t n) +{ + return p == NULL ? NULL : p + n; +} + /** Byte Reading Macros * * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th * byte from x, where byte 0 is the least significant byte. */ -#define MBEDTLS_BYTE_0( x ) ( (uint8_t) ( ( x ) & 0xff ) ) -#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8 ) & 0xff ) ) -#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) ) -#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) ) -#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) ) -#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) ) -#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) ) -#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) ) +#define MBEDTLS_BYTE_0(x) ((uint8_t) ((x) & 0xff)) +#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff)) +#define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff)) +#define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff)) +#define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff)) +#define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff)) +#define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff)) +#define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff)) /** * Get the unsigned 32 bits integer corresponding to four bytes in @@ -76,12 +110,12 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT32_BE -#define MBEDTLS_GET_UINT32_BE( data , offset ) \ +#define MBEDTLS_GET_UINT32_BE(data, offset) \ ( \ - ( (uint32_t) ( data )[( offset ) ] << 24 ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] ) \ + ((uint32_t) (data)[(offset)] << 24) \ + | ((uint32_t) (data)[(offset) + 1] << 16) \ + | ((uint32_t) (data)[(offset) + 2] << 8) \ + | ((uint32_t) (data)[(offset) + 3]) \ ) #endif @@ -95,13 +129,13 @@ * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_BE -#define MBEDTLS_PUT_UINT32_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT32_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -114,12 +148,12 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT32_LE -#define MBEDTLS_GET_UINT32_LE( data, offset ) \ +#define MBEDTLS_GET_UINT32_LE(data, offset) \ ( \ - ( (uint32_t) ( data )[( offset ) ] ) \ - | ( (uint32_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint32_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint32_t) ( data )[( offset ) + 3] << 24 ) \ + ((uint32_t) (data)[(offset)]) \ + | ((uint32_t) (data)[(offset) + 1] << 8) \ + | ((uint32_t) (data)[(offset) + 2] << 16) \ + | ((uint32_t) (data)[(offset) + 3] << 24) \ ) #endif @@ -133,13 +167,13 @@ * byte of the 32 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT32_LE -#define MBEDTLS_PUT_UINT32_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ -} +#define MBEDTLS_PUT_UINT32_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_3(n); \ + } #endif /** @@ -152,10 +186,10 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT16_LE -#define MBEDTLS_GET_UINT16_LE( data, offset ) \ +#define MBEDTLS_GET_UINT16_LE(data, offset) \ ( \ - ( (uint16_t) ( data )[( offset ) ] ) \ - | ( (uint16_t) ( data )[( offset ) + 1] << 8 ) \ + ((uint16_t) (data)[(offset)]) \ + | ((uint16_t) (data)[(offset) + 1] << 8) \ ) #endif @@ -169,11 +203,11 @@ * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_LE -#define MBEDTLS_PUT_UINT16_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ -} +#define MBEDTLS_PUT_UINT16_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + } #endif /** @@ -186,10 +220,10 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT16_BE -#define MBEDTLS_GET_UINT16_BE( data, offset ) \ +#define MBEDTLS_GET_UINT16_BE(data, offset) \ ( \ - ( (uint16_t) ( data )[( offset ) ] << 8 ) \ - | ( (uint16_t) ( data )[( offset ) + 1] ) \ + ((uint16_t) (data)[(offset)] << 8) \ + | ((uint16_t) (data)[(offset) + 1]) \ ) #endif @@ -203,11 +237,11 @@ * byte of the 16 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT16_BE -#define MBEDTLS_PUT_UINT16_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT16_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -220,16 +254,16 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT64_BE -#define MBEDTLS_GET_UINT64_BE( data, offset ) \ +#define MBEDTLS_GET_UINT64_BE(data, offset) \ ( \ - ( (uint64_t) ( data )[( offset ) ] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) + 7] ) \ + ((uint64_t) (data)[(offset)] << 56) \ + | ((uint64_t) (data)[(offset) + 1] << 48) \ + | ((uint64_t) (data)[(offset) + 2] << 40) \ + | ((uint64_t) (data)[(offset) + 3] << 32) \ + | ((uint64_t) (data)[(offset) + 4] << 24) \ + | ((uint64_t) (data)[(offset) + 5] << 16) \ + | ((uint64_t) (data)[(offset) + 6] << 8) \ + | ((uint64_t) (data)[(offset) + 7]) \ ) #endif @@ -243,17 +277,17 @@ * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_BE -#define MBEDTLS_PUT_UINT64_BE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_7( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n ); \ -} +#define MBEDTLS_PUT_UINT64_BE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_7(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_6(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_5(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_4(n); \ + (data)[(offset) + 4] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 5] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 6] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 7] = MBEDTLS_BYTE_0(n); \ + } #endif /** @@ -266,16 +300,16 @@ * integer from. */ #ifndef MBEDTLS_GET_UINT64_LE -#define MBEDTLS_GET_UINT64_LE( data, offset ) \ +#define MBEDTLS_GET_UINT64_LE(data, offset) \ ( \ - ( (uint64_t) ( data )[( offset ) + 7] << 56 ) \ - | ( (uint64_t) ( data )[( offset ) + 6] << 48 ) \ - | ( (uint64_t) ( data )[( offset ) + 5] << 40 ) \ - | ( (uint64_t) ( data )[( offset ) + 4] << 32 ) \ - | ( (uint64_t) ( data )[( offset ) + 3] << 24 ) \ - | ( (uint64_t) ( data )[( offset ) + 2] << 16 ) \ - | ( (uint64_t) ( data )[( offset ) + 1] << 8 ) \ - | ( (uint64_t) ( data )[( offset ) ] ) \ + ((uint64_t) (data)[(offset) + 7] << 56) \ + | ((uint64_t) (data)[(offset) + 6] << 48) \ + | ((uint64_t) (data)[(offset) + 5] << 40) \ + | ((uint64_t) (data)[(offset) + 4] << 32) \ + | ((uint64_t) (data)[(offset) + 3] << 24) \ + | ((uint64_t) (data)[(offset) + 2] << 16) \ + | ((uint64_t) (data)[(offset) + 1] << 8) \ + | ((uint64_t) (data)[(offset)]) \ ) #endif @@ -289,17 +323,31 @@ * byte of the 64 bits unsigned integer \p n. */ #ifndef MBEDTLS_PUT_UINT64_LE -#define MBEDTLS_PUT_UINT64_LE( n, data, offset ) \ -{ \ - ( data )[( offset ) ] = MBEDTLS_BYTE_0( n ); \ - ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n ); \ - ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n ); \ - ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n ); \ - ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n ); \ - ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n ); \ - ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n ); \ - ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n ); \ -} +#define MBEDTLS_PUT_UINT64_LE(n, data, offset) \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ + (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \ + (data)[(offset) + 3] = MBEDTLS_BYTE_3(n); \ + (data)[(offset) + 4] = MBEDTLS_BYTE_4(n); \ + (data)[(offset) + 5] = MBEDTLS_BYTE_5(n); \ + (data)[(offset) + 6] = MBEDTLS_BYTE_6(n); \ + (data)[(offset) + 7] = MBEDTLS_BYTE_7(n); \ + } +#endif + +/* Always provide a static assert macro, so it can be used unconditionally. + * It will expand to nothing on some systems. + * Can be used outside functions (but don't add a trailing ';' in that case: + * the semicolon is included here to avoid triggering -Wextra-semi when + * MBEDTLS_STATIC_ASSERT() expands to nothing). + * Can't use the C11-style `defined(static_assert)` on FreeBSD, since it + * defines static_assert even with -std=c99, but then complains about it. + */ +#if defined(static_assert) && !defined(__FreeBSD__) +#define MBEDTLS_STATIC_ASSERT(expr, msg) static_assert(expr, msg); +#else +#define MBEDTLS_STATIC_ASSERT(expr, msg) #endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/third_party/mbedtls/repo/library/constant_time.c b/third_party/mbedtls/repo/library/constant_time.c index 18f1b20daa3..002ca491c6f 100644 --- a/third_party/mbedtls/repo/library/constant_time.c +++ b/third_party/mbedtls/repo/library/constant_time.c @@ -2,22 +2,10 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ - /* +/* * The following functions are implemented without using comparison operators, as those * might be translated to branches by some compilers on some platforms. */ @@ -46,17 +34,16 @@ #include -int mbedtls_ct_memcmp( const void *a, - const void *b, - size_t n ) +int mbedtls_ct_memcmp(const void *a, + const void *b, + size_t n) { size_t i; volatile const unsigned char *A = (volatile const unsigned char *) a; volatile const unsigned char *B = (volatile const unsigned char *) b; volatile unsigned char diff = 0; - for( i = 0; i < n; i++ ) - { + for (i = 0; i < n; i++) { /* Read volatile data in order before computing diff. * This avoids IAR compiler warning: * 'the order of volatile accesses is undefined ..' */ @@ -64,10 +51,10 @@ int mbedtls_ct_memcmp( const void *a, diff |= x ^ y; } - return( (int)diff ); + return (int) diff; } -unsigned mbedtls_ct_uint_mask( unsigned value ) +unsigned mbedtls_ct_uint_mask(unsigned value) { /* MSVC has a warning about unary minus on unsigned, but this is * well-defined and precisely what we want to do here */ @@ -75,15 +62,16 @@ unsigned mbedtls_ct_uint_mask( unsigned value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif } -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \ + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) -size_t mbedtls_ct_size_mask( size_t value ) +size_t mbedtls_ct_size_mask(size_t value) { /* MSVC has a warning about unary minus on unsigned integer types, * but this is well-defined and precisely what we want to do here. */ @@ -91,17 +79,18 @@ size_t mbedtls_ct_size_mask( size_t value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif } -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) */ #if defined(MBEDTLS_BIGNUM_C) -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) +mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value) { /* MSVC has a warning about unary minus on unsigned, but this is * well-defined and precisely what we want to do here */ @@ -109,7 +98,7 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) #pragma warning( push ) #pragma warning( disable : 4146 ) #endif - return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); + return -((value | -value) >> (sizeof(value) * 8 - 1)); #if defined(_MSC_VER) #pragma warning( pop ) #endif @@ -117,7 +106,8 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) #endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \ + defined(MBEDTLS_CIPHER_MODE_CBC) /** Constant-flow mask generation for "less than" comparison: * - if \p x < \p y, return all-bits 1, that is (size_t) -1 @@ -131,28 +121,29 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ) * * \return All-bits-one if \p x is less than \p y, otherwise zero. */ -static size_t mbedtls_ct_size_mask_lt( size_t x, - size_t y ) +static size_t mbedtls_ct_size_mask_lt(size_t x, + size_t y) { /* This has the most significant bit set if and only if x < y */ const size_t sub = x - y; /* sub1 = (x < y) ? 1 : 0 */ - const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 ); + const size_t sub1 = sub >> (sizeof(sub) * 8 - 1); /* mask = (x < y) ? 0xff... : 0x00... */ - const size_t mask = mbedtls_ct_size_mask( sub1 ); + const size_t mask = mbedtls_ct_size_mask(sub1); - return( mask ); + return mask; } -size_t mbedtls_ct_size_mask_ge( size_t x, - size_t y ) +size_t mbedtls_ct_size_mask_ge(size_t x, + size_t y) { - return( ~mbedtls_ct_size_mask_lt( x, y ) ); + return ~mbedtls_ct_size_mask_lt(x, y); } -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || + defined(MBEDTLS_CIPHER_MODE_CBC) */ #if defined(MBEDTLS_BASE64_C) @@ -161,21 +152,21 @@ size_t mbedtls_ct_size_mask_ge( size_t x, * Constant flow with respect to c. */ MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ) +unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, + unsigned char high, + unsigned char c) { /* low_mask is: 0 if low <= c, 0x...ff if low > c */ - unsigned low_mask = ( (unsigned) c - low ) >> 8; + unsigned low_mask = ((unsigned) c - low) >> 8; /* high_mask is: 0 if c <= high, 0x...ff if c > high */ - unsigned high_mask = ( (unsigned) high - c ) >> 8; - return( ~( low_mask | high_mask ) & 0xff ); + unsigned high_mask = ((unsigned) high - c) >> 8; + return ~(low_mask | high_mask) & 0xff; } #endif /* MBEDTLS_BASE64_C */ -unsigned mbedtls_ct_size_bool_eq( size_t x, - size_t y ) +unsigned mbedtls_ct_size_bool_eq(size_t x, + size_t y) { /* diff = 0 if x == y, non-zero otherwise */ const size_t diff = x ^ y; @@ -188,16 +179,16 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, #endif /* diff_msb's most significant bit is equal to x != y */ - const size_t diff_msb = ( diff | (size_t) -diff ); + const size_t diff_msb = (diff | (size_t) -diff); #if defined(_MSC_VER) #pragma warning( pop ) #endif /* diff1 = (x != y) ? 1 : 0 */ - const unsigned diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 ); + const unsigned diff1 = diff_msb >> (sizeof(diff_msb) * 8 - 1); - return( 1 ^ diff1 ); + return 1 ^ diff1; } #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) @@ -213,19 +204,19 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, * * \return 1 if \p x greater than \p y, otherwise 0. */ -static unsigned mbedtls_ct_size_gt( size_t x, - size_t y ) +static unsigned mbedtls_ct_size_gt(size_t x, + size_t y) { /* Return the sign bit (1 for negative) of (y - x). */ - return( ( y - x ) >> ( sizeof( size_t ) * 8 - 1 ) ); + return (y - x) >> (sizeof(size_t) * 8 - 1); } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ #if defined(MBEDTLS_BIGNUM_C) -unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y ) +unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, + const mbedtls_mpi_uint y) { mbedtls_mpi_uint ret; mbedtls_mpi_uint cond; @@ -233,12 +224,12 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, /* * Check if the most significant bits (MSB) of the operands are different. */ - cond = ( x ^ y ); + cond = (x ^ y); /* * If the MSB are the same then the difference x-y will be negative (and * have its MSB set to 1 during conversion to unsigned) if and only if x> ( sizeof( mbedtls_mpi_uint ) * 8 - 1 ); + ret = ret >> (sizeof(mbedtls_mpi_uint) * 8 - 1); return (unsigned) ret; } #endif /* MBEDTLS_BIGNUM_C */ -unsigned mbedtls_ct_uint_if( unsigned condition, - unsigned if1, - unsigned if0 ) +unsigned mbedtls_ct_uint_if(unsigned condition, + unsigned if1, + unsigned if0) { - unsigned mask = mbedtls_ct_uint_mask( condition ); - return( ( mask & if1 ) | (~mask & if0 ) ); + unsigned mask = mbedtls_ct_uint_mask(condition); + return (mask & if1) | (~mask & if0); } #if defined(MBEDTLS_BIGNUM_C) -/** Select between two sign values without branches. - * - * This is functionally equivalent to `condition ? if1 : if0` but uses only bit - * operations in order to avoid branches. - * - * \note if1 and if0 must be either 1 or -1, otherwise the result - * is undefined. - * - * \param condition Condition to test. - * \param if1 The first sign; must be either +1 or -1. - * \param if0 The second sign; must be either +1 or -1. - * - * \return \c if1 if \p condition is nonzero, otherwise \c if0. - * */ -static int mbedtls_ct_cond_select_sign( unsigned char condition, - int if1, - int if0 ) -{ - /* In order to avoid questions about what we can reasonably assume about - * the representations of signed integers, move everything to unsigned - * by taking advantage of the fact that if1 and if0 are either +1 or -1. */ - unsigned uif1 = if1 + 1; - unsigned uif0 = if0 + 1; - - /* condition was 0 or 1, mask is 0 or 2 as are uif1 and uif0 */ - const unsigned mask = condition << 1; - - /* select uif1 or uif0 */ - unsigned ur = ( uif0 & ~mask ) | ( uif1 & mask ); - - /* ur is now 0 or 2, convert back to -1 or +1 */ - return( (int) ur - 1 ); -} - -void mbedtls_ct_mpi_uint_cond_assign( size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition ) +void mbedtls_ct_mpi_uint_cond_assign(size_t n, + mbedtls_mpi_uint *dest, + const mbedtls_mpi_uint *src, + unsigned char condition) { size_t i; @@ -319,43 +276,44 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, #pragma warning( pop ) #endif - for( i = 0; i < n; i++ ) - dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask ); + for (i = 0; i < n; i++) { + dest[i] = (src[i] & mask) | (dest[i] & ~mask); + } } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_BASE64_C) -unsigned char mbedtls_ct_base64_enc_char( unsigned char value ) +unsigned char mbedtls_ct_base64_enc_char(unsigned char value) { unsigned char digit = 0; /* For each range of values, if value is in that range, mask digit with * the corresponding value. Since value can only be in a single range, * only at most one masking will change digit. */ - digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, value ) & ( 'A' + value ); - digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, value ) & ( 'a' + value - 26 ); - digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, value ) & ( '0' + value - 52 ); - digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, value ) & '+'; - digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, value ) & '/'; - return( digit ); + digit |= mbedtls_ct_uchar_mask_of_range(0, 25, value) & ('A' + value); + digit |= mbedtls_ct_uchar_mask_of_range(26, 51, value) & ('a' + value - 26); + digit |= mbedtls_ct_uchar_mask_of_range(52, 61, value) & ('0' + value - 52); + digit |= mbedtls_ct_uchar_mask_of_range(62, 62, value) & '+'; + digit |= mbedtls_ct_uchar_mask_of_range(63, 63, value) & '/'; + return digit; } -signed char mbedtls_ct_base64_dec_value( unsigned char c ) +signed char mbedtls_ct_base64_dec_value(unsigned char c) { unsigned char val = 0; /* For each range of digits, if c is in that range, mask val with * the corresponding value. Since c can only be in a single range, * only at most one masking will change val. Set val to one plus * the desired value so that it stays 0 if c is in none of the ranges. */ - val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 ); - val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 ); + val |= mbedtls_ct_uchar_mask_of_range('A', 'Z', c) & (c - 'A' + 0 + 1); + val |= mbedtls_ct_uchar_mask_of_range('a', 'z', c) & (c - 'a' + 26 + 1); + val |= mbedtls_ct_uchar_mask_of_range('0', '9', c) & (c - '0' + 52 + 1); + val |= mbedtls_ct_uchar_mask_of_range('+', '+', c) & (c - '+' + 62 + 1); + val |= mbedtls_ct_uchar_mask_of_range('/', '/', c) & (c - '/' + 63 + 1); /* At this point, val is 0 if c is an invalid digit and v+1 if c is * a digit with the value v. */ - return( val - 1 ); + return val - 1; } #endif /* MBEDTLS_BASE64_C */ @@ -378,73 +336,71 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c ) * \param total Total size of the buffer. * \param offset Offset from which to copy \p total - \p offset bytes. */ -static void mbedtls_ct_mem_move_to_left( void *start, - size_t total, - size_t offset ) +static void mbedtls_ct_mem_move_to_left(void *start, + size_t total, + size_t offset) { volatile unsigned char *buf = start; size_t i, n; - if( total == 0 ) + if (total == 0) { return; - for( i = 0; i < total; i++ ) - { - unsigned no_op = mbedtls_ct_size_gt( total - offset, i ); + } + for (i = 0; i < total; i++) { + unsigned no_op = mbedtls_ct_size_gt(total - offset, i); /* The first `total - offset` passes are a no-op. The last * `offset` passes shift the data one byte to the left and * zero out the last byte. */ - for( n = 0; n < total - 1; n++ ) - { + for (n = 0; n < total - 1; n++) { unsigned char current = buf[n]; unsigned char next = buf[n+1]; - buf[n] = mbedtls_ct_uint_if( no_op, current, next ); + buf[n] = mbedtls_ct_uint_if(no_op, current, next); } - buf[total-1] = mbedtls_ct_uint_if( no_op, buf[total-1], 0 ); + buf[total-1] = mbedtls_ct_uint_if(no_op, buf[total-1], 0); } } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) - -void mbedtls_ct_memcpy_if_eq( unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, - size_t c2 ) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +void mbedtls_ct_memcpy_if_eq(unsigned char *dest, + const unsigned char *src, + size_t len, + size_t c1, + size_t c2) { /* mask = c1 == c2 ? 0xff : 0x00 */ - const size_t equal = mbedtls_ct_size_bool_eq( c1, c2 ); - const unsigned char mask = (unsigned char) mbedtls_ct_size_mask( equal ); + const size_t equal = mbedtls_ct_size_bool_eq(c1, c2); + const unsigned char mask = (unsigned char) mbedtls_ct_size_mask(equal); /* dest[i] = c1 == c2 ? src[i] : dest[i] */ - for( size_t i = 0; i < len; i++ ) - dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask ); + for (size_t i = 0; i < len; i++) { + dest[i] = (src[i] & mask) | (dest[i] & ~mask); + } } -void mbedtls_ct_memcpy_offset( unsigned char *dest, - const unsigned char *src, - size_t offset, - size_t offset_min, - size_t offset_max, - size_t len ) +void mbedtls_ct_memcpy_offset(unsigned char *dest, + const unsigned char *src, + size_t offset, + size_t offset_min, + size_t offset_max, + size_t len) { size_t offsetval; - for( offsetval = offset_min; offsetval <= offset_max; offsetval++ ) - { - mbedtls_ct_memcpy_if_eq( dest, src + offsetval, len, - offsetval, offset ); + for (offsetval = offset_min; offsetval <= offset_max; offsetval++) { + mbedtls_ct_memcpy_if_eq(dest, src + offsetval, len, + offsetval, offset); } } -int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output ) +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output) { /* * This function breaks the HMAC abstraction and uses the md_clone() @@ -460,178 +416,193 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, * * Then we only need to compute HASH(okey + inner_hash) and we're done. */ - const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info ); + const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info); /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5, * all of which have the same block size except SHA-384. */ const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64; const unsigned char * const ikey = ctx->hmac_ctx; const unsigned char * const okey = ikey + block_size; - const size_t hash_size = mbedtls_md_get_size( ctx->md_info ); + const size_t hash_size = mbedtls_md_get_size(ctx->md_info); unsigned char aux_out[MBEDTLS_MD_MAX_SIZE]; mbedtls_md_context_t aux; size_t offset; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &aux ); + mbedtls_md_init(&aux); -#define MD_CHK( func_call ) \ +#define MD_CHK(func_call) \ do { \ ret = (func_call); \ - if( ret != 0 ) \ - goto cleanup; \ - } while( 0 ) + if (ret != 0) \ + goto cleanup; \ + } while (0) - MD_CHK( mbedtls_md_setup( &aux, ctx->md_info, 0 ) ); + MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0)); /* After hmac_start() of hmac_reset(), ikey has already been hashed, * so we can start directly with the message */ - MD_CHK( mbedtls_md_update( ctx, add_data, add_data_len ) ); - MD_CHK( mbedtls_md_update( ctx, data, min_data_len ) ); + MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len)); + MD_CHK(mbedtls_md_update(ctx, data, min_data_len)); + + /* Fill the hash buffer in advance with something that is + * not a valid hash (barring an attack on the hash and + * deliberately-crafted input), in case the caller doesn't + * check the return status properly. */ + memset(output, '!', hash_size); /* For each possible length, compute the hash up to that point */ - for( offset = min_data_len; offset <= max_data_len; offset++ ) - { - MD_CHK( mbedtls_md_clone( &aux, ctx ) ); - MD_CHK( mbedtls_md_finish( &aux, aux_out ) ); + for (offset = min_data_len; offset <= max_data_len; offset++) { + MD_CHK(mbedtls_md_clone(&aux, ctx)); + MD_CHK(mbedtls_md_finish(&aux, aux_out)); /* Keep only the correct inner_hash in the output buffer */ - mbedtls_ct_memcpy_if_eq( output, aux_out, hash_size, - offset, data_len_secret ); + mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size, + offset, data_len_secret); - if( offset < max_data_len ) - MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) ); + if (offset < max_data_len) { + MD_CHK(mbedtls_md_update(ctx, data + offset, 1)); + } } /* The context needs to finish() before it starts() again */ - MD_CHK( mbedtls_md_finish( ctx, aux_out ) ); + MD_CHK(mbedtls_md_finish(ctx, aux_out)); /* Now compute HASH(okey + inner_hash) */ - MD_CHK( mbedtls_md_starts( ctx ) ); - MD_CHK( mbedtls_md_update( ctx, okey, block_size ) ); - MD_CHK( mbedtls_md_update( ctx, output, hash_size ) ); - MD_CHK( mbedtls_md_finish( ctx, output ) ); + MD_CHK(mbedtls_md_starts(ctx)); + MD_CHK(mbedtls_md_update(ctx, okey, block_size)); + MD_CHK(mbedtls_md_update(ctx, output, hash_size)); + MD_CHK(mbedtls_md_finish(ctx, output)); /* Done, get ready for next time */ - MD_CHK( mbedtls_md_hmac_reset( ctx ) ); + MD_CHK(mbedtls_md_hmac_reset(ctx)); #undef MD_CHK cleanup: - mbedtls_md_free( &aux ); - return( ret ); + mbedtls_md_free(&aux); + return ret; } -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_BIGNUM_C) -#define MPI_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) +#define MPI_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) /* * Conditionally assign X = Y, without leaking information * about whether the assignment was made or not. * (Leaking information about the respective sizes of X and Y is ok however.) */ -int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned char assign ) +#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103) +/* + * MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See: + * https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989 + */ +__declspec(noinline) +#endif +int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned char assign) { int ret = 0; size_t i; mbedtls_mpi_uint limb_mask; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ - limb_mask = mbedtls_ct_mpi_uint_mask( assign );; + limb_mask = mbedtls_ct_mpi_uint_mask(assign);; - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); - X->s = mbedtls_ct_cond_select_sign( assign, Y->s, X->s ); + X->s = (int) mbedtls_ct_uint_if(assign, Y->s, X->s); - mbedtls_ct_mpi_uint_cond_assign( Y->n, X->p, Y->p, assign ); + mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign); - for( i = Y->n; i < X->n; i++ ) + for (i = Y->n; i < X->n; i++) { X->p[i] &= ~limb_mask; + } cleanup: - return( ret ); + return ret; } /* * Conditionally swap X and Y, without leaking information * about whether the swap was made or not. - * Here it is not ok to simply swap the pointers, which whould lead to + * Here it is not ok to simply swap the pointers, which would lead to * different memory access patterns when X and Y are used afterwards. */ -int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, - mbedtls_mpi *Y, - unsigned char swap ) +int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, + mbedtls_mpi *Y, + unsigned char swap) { int ret, s; size_t i; mbedtls_mpi_uint limb_mask; mbedtls_mpi_uint tmp; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); - if( X == Y ) - return( 0 ); + if (X == Y) { + return 0; + } /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ - limb_mask = mbedtls_ct_mpi_uint_mask( swap ); + limb_mask = mbedtls_ct_mpi_uint_mask(swap); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n)); s = X->s; - X->s = mbedtls_ct_cond_select_sign( swap, Y->s, X->s ); - Y->s = mbedtls_ct_cond_select_sign( swap, s, Y->s ); + X->s = (int) mbedtls_ct_uint_if(swap, Y->s, X->s); + Y->s = (int) mbedtls_ct_uint_if(swap, s, Y->s); - for( i = 0; i < X->n; i++ ) - { + for (i = 0; i < X->n; i++) { tmp = X->p[i]; - X->p[i] = ( X->p[i] & ~limb_mask ) | ( Y->p[i] & limb_mask ); - Y->p[i] = ( Y->p[i] & ~limb_mask ) | ( tmp & limb_mask ); + X->p[i] = (X->p[i] & ~limb_mask) | (Y->p[i] & limb_mask); + Y->p[i] = (Y->p[i] & ~limb_mask) | (tmp & limb_mask); } cleanup: - return( ret ); + return ret; } /* * Compare signed values in constant time */ -int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned *ret ) +int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned *ret) { size_t i; /* The value of any of these variables is either 0 or 1 at all times. */ unsigned cond, done, X_is_negative, Y_is_negative; - MPI_VALIDATE_RET( X != NULL ); - MPI_VALIDATE_RET( Y != NULL ); - MPI_VALIDATE_RET( ret != NULL ); + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); + MPI_VALIDATE_RET(ret != NULL); - if( X->n != Y->n ) + if (X->n != Y->n) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } /* * Set sign_N to 1 if N >= 0, 0 if N < 0. * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. */ - X_is_negative = ( X->s & 2 ) >> 1; - Y_is_negative = ( Y->s & 2 ) >> 1; + X_is_negative = (X->s & 2) >> 1; + Y_is_negative = (Y->s & 2) >> 1; /* * If the signs are different, then the positive operand is the bigger. * That is if X is negative (X_is_negative == 1), then X < Y is true and it * is false if X is positive (X_is_negative == 0). */ - cond = ( X_is_negative ^ Y_is_negative ); + cond = (X_is_negative ^ Y_is_negative); *ret = cond & X_is_negative; /* @@ -640,8 +611,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, */ done = cond; - for( i = X->n; i > 0; i-- ) - { + for (i = X->n; i > 0; i--) { /* * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both * X and Y are negative. @@ -649,8 +619,8 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = mbedtls_ct_mpi_uint_lt( Y->p[i - 1], X->p[i - 1] ); - *ret |= cond & ( 1 - done ) & X_is_negative; + cond = mbedtls_ct_mpi_uint_lt(Y->p[i - 1], X->p[i - 1]); + *ret |= cond & (1 - done) & X_is_negative; done |= cond; /* @@ -660,24 +630,24 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, * Again even if we can make a decision, we just mark the result and * the fact that we are done and continue looping. */ - cond = mbedtls_ct_mpi_uint_lt( X->p[i - 1], Y->p[i - 1] ); - *ret |= cond & ( 1 - done ) & ( 1 - X_is_negative ); + cond = mbedtls_ct_mpi_uint_lt(X->p[i - 1], Y->p[i - 1]); + *ret |= cond & (1 - done) & (1 - X_is_negative); done |= cond; } - return( 0 ); + return 0; } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) -int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, - unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen ) +int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode, + unsigned char *input, + size_t ilen, + unsigned char *output, + size_t output_max_len, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, plaintext_max_size; @@ -698,29 +668,25 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, size_t plaintext_size = 0; unsigned output_too_large; - plaintext_max_size = ( output_max_len > ilen - 11 ) ? ilen - 11 + plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11 : output_max_len; /* Check and get padding length in constant time and constant * memory trace. The first byte must be 0. */ bad |= input[0]; - if( mode == MBEDTLS_RSA_PRIVATE ) - { + if (mode == MBEDTLS_RSA_PRIVATE) { /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 * where PS must be at least 8 nonzero bytes. */ bad |= input[1] ^ MBEDTLS_RSA_CRYPT; /* Read the whole buffer. Set pad_done to nonzero if we find * the 0x00 byte and remember the padding length in pad_count. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= ((input[i] | (unsigned char)-input[i]) >> 7) ^ 1; - pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; + for (i = 2; i < ilen; i++) { + pad_done |= ((input[i] | (unsigned char) -input[i]) >> 7) ^ 1; + pad_count += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; } - } - else - { + } else { /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00 * where PS must be at least 8 bytes with the value 0xFF. */ bad |= input[1] ^ MBEDTLS_RSA_SIGN; @@ -728,19 +694,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, /* Read the whole buffer. Set pad_done to nonzero if we find * the 0x00 byte and remember the padding length in pad_count. * If there's a non-0xff byte in the padding, the padding is bad. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= mbedtls_ct_uint_if( input[i], 0, 1 ); - pad_count += mbedtls_ct_uint_if( pad_done, 0, 1 ); - bad |= mbedtls_ct_uint_if( pad_done, 0, input[i] ^ 0xFF ); + for (i = 2; i < ilen; i++) { + pad_done |= mbedtls_ct_uint_if(input[i], 0, 1); + pad_count += mbedtls_ct_uint_if(pad_done, 0, 1); + bad |= mbedtls_ct_uint_if(pad_done, 0, input[i] ^ 0xFF); } } /* If pad_done is still zero, there's no data, only unfinished padding. */ - bad |= mbedtls_ct_uint_if( pad_done, 0, 1 ); + bad |= mbedtls_ct_uint_if(pad_done, 0, 1); /* There must be at least 8 bytes of padding. */ - bad |= mbedtls_ct_size_gt( 8, pad_count ); + bad |= mbedtls_ct_size_gt(8, pad_count); /* If the padding is valid, set plaintext_size to the number of * remaining bytes after stripping the padding. If the padding @@ -750,24 +715,24 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * validity through timing. RSA keys are small enough that all the * size_t values involved fit in unsigned int. */ plaintext_size = mbedtls_ct_uint_if( - bad, (unsigned) plaintext_max_size, - (unsigned) ( ilen - pad_count - 3 ) ); + bad, (unsigned) plaintext_max_size, + (unsigned) (ilen - pad_count - 3)); /* Set output_too_large to 0 if the plaintext fits in the output * buffer and to 1 otherwise. */ - output_too_large = mbedtls_ct_size_gt( plaintext_size, - plaintext_max_size ); + output_too_large = mbedtls_ct_size_gt(plaintext_size, + plaintext_max_size); /* Set ret without branches to avoid timing attacks. Return: * - INVALID_PADDING if the padding is bad (bad != 0). * - OUTPUT_TOO_LARGE if the padding is good but the decrypted * plaintext does not fit in the output buffer. * - 0 if the padding is correct. */ - ret = - (int) mbedtls_ct_uint_if( - bad, - MBEDTLS_ERR_RSA_INVALID_PADDING, - mbedtls_ct_uint_if( output_too_large, - - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, - 0 ) ); + ret = -(int) mbedtls_ct_uint_if( + bad, -MBEDTLS_ERR_RSA_INVALID_PADDING, + mbedtls_ct_uint_if(output_too_large, + -MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, + 0)); /* If the padding is bad or the plaintext is too large, zero the * data that we're about to copy to the output buffer. @@ -775,17 +740,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * from the same buffer whether the padding is good or not to * avoid leaking the padding validity through overall timing or * through memory or cache access patterns. */ - bad = mbedtls_ct_uint_mask( bad | output_too_large ); - for( i = 11; i < ilen; i++ ) + bad = mbedtls_ct_uint_mask(bad | output_too_large); + for (i = 11; i < ilen; i++) { input[i] &= ~bad; + } /* If the plaintext is too large, truncate it to the buffer size. * Copy anyway to avoid revealing the length through timing, because * revealing the length is as bad as revealing the padding validity * for a Bleichenbacher attack. */ - plaintext_size = mbedtls_ct_uint_if( output_too_large, - (unsigned) plaintext_max_size, - (unsigned) plaintext_size ); + plaintext_size = mbedtls_ct_uint_if(output_too_large, + (unsigned) plaintext_max_size, + (unsigned) plaintext_size); /* Move the plaintext to the leftmost position where it can start in * the working buffer, i.e. make it start plaintext_max_size from @@ -793,9 +759,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * does not depend on the plaintext size. After this move, the * starting location of the plaintext is no longer sensitive * information. */ - mbedtls_ct_mem_move_to_left( input + ilen - plaintext_max_size, - plaintext_max_size, - plaintext_max_size - plaintext_size ); + mbedtls_ct_mem_move_to_left(input + ilen - plaintext_max_size, + plaintext_max_size, + plaintext_max_size - plaintext_size); /* Finally copy the decrypted plaintext plus trailing zeros into the output * buffer. If output_max_len is 0, then output may be an invalid pointer @@ -804,8 +770,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * user-provided output buffer), which is independent from plaintext * length, validity of padding, success of the decryption, and other * secrets. */ - if( output_max_len != 0 ) - memcpy( output, input + ilen - plaintext_max_size, plaintext_max_size ); + if (output_max_len != 0) { + memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size); + } /* Report the amount of data we copied to the output buffer. In case * of errors (bad padding or output too large), the value of *olen @@ -813,7 +780,7 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, * to the good case limits the risks of leaking the padding validity. */ *olen = plaintext_size; - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ diff --git a/third_party/mbedtls/repo/library/constant_time_internal.h b/third_party/mbedtls/repo/library/constant_time_internal.h index bbb3a906709..82e65cc0282 100644 --- a/third_party/mbedtls/repo/library/constant_time_internal.h +++ b/third_party/mbedtls/repo/library/constant_time_internal.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H @@ -32,7 +20,6 @@ #include - /** Turn a value into a mask: * - if \p value == 0, return the all-bits 0 mask, aka 0 * - otherwise, return the all-bits 1 mask, aka (unsigned) -1 @@ -44,9 +31,10 @@ * * \return Zero if \p value is zero, otherwise all-bits-one. */ -unsigned mbedtls_ct_uint_mask( unsigned value ); +unsigned mbedtls_ct_uint_mask(unsigned value); -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || \ + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) /** Turn a value into a mask: * - if \p value == 0, return the all-bits 0 mask, aka 0 @@ -59,9 +47,10 @@ unsigned mbedtls_ct_uint_mask( unsigned value ); * * \return Zero if \p value is zero, otherwise all-bits-one. */ -size_t mbedtls_ct_size_mask( size_t value ); +size_t mbedtls_ct_size_mask(size_t value); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) || defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || + defined(MBEDTLS_NIST_KW_C) || defined(MBEDTLS_CIPHER_MODE_CBC) */ #if defined(MBEDTLS_BIGNUM_C) @@ -76,11 +65,12 @@ size_t mbedtls_ct_size_mask( size_t value ); * * \return Zero if \p value is zero, otherwise all-bits-one. */ -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ); +mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value); #endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || \ + defined(MBEDTLS_CIPHER_MODE_CBC) /** Constant-flow mask generation for "greater or equal" comparison: * - if \p x >= \p y, return all-bits 1, that is (size_t) -1 @@ -95,10 +85,11 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value ); * \return All-bits-one if \p x is greater or equal than \p y, * otherwise zero. */ -size_t mbedtls_ct_size_mask_ge( size_t x, - size_t y ); +size_t mbedtls_ct_size_mask_ge(size_t x, + size_t y); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) || defined(MBEDTLS_NIST_KW_C) || + defined(MBEDTLS_CIPHER_MODE_CBC) */ /** Constant-flow boolean "equal" comparison: * return x == y @@ -111,8 +102,8 @@ size_t mbedtls_ct_size_mask_ge( size_t x, * * \return 1 if \p x equals to \p y, otherwise 0. */ -unsigned mbedtls_ct_size_bool_eq( size_t x, - size_t y ); +unsigned mbedtls_ct_size_bool_eq(size_t x, + size_t y); #if defined(MBEDTLS_BIGNUM_C) @@ -126,8 +117,8 @@ unsigned mbedtls_ct_size_bool_eq( size_t x, * * \return 1 if \p x is less than \p y, otherwise 0. */ -unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y ); +unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, + const mbedtls_mpi_uint y); #endif /* MBEDTLS_BIGNUM_C */ @@ -142,9 +133,9 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x, * * \return \c if1 if \p condition is nonzero, otherwise \c if0. */ -unsigned mbedtls_ct_uint_if( unsigned condition, - unsigned if1, - unsigned if0 ); +unsigned mbedtls_ct_uint_if(unsigned condition, + unsigned if1, + unsigned if0); #if defined(MBEDTLS_BIGNUM_C) @@ -160,10 +151,10 @@ unsigned mbedtls_ct_uint_if( unsigned condition, * initialized MPI. * \param condition Condition to test, must be 0 or 1. */ -void mbedtls_ct_mpi_uint_cond_assign( size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition ); +void mbedtls_ct_mpi_uint_cond_assign(size_t n, + mbedtls_mpi_uint *dest, + const mbedtls_mpi_uint *src, + unsigned char condition); #endif /* MBEDTLS_BIGNUM_C */ @@ -178,7 +169,7 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n, * * \return A base64 digit converted from \p value. */ -unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); +unsigned char mbedtls_ct_base64_enc_char(unsigned char value); /** Given a Base64 digit, return its value. * @@ -192,11 +183,11 @@ unsigned char mbedtls_ct_base64_enc_char( unsigned char value ); * * \return The value of the base64 digit \p c. */ -signed char mbedtls_ct_base64_dec_value( unsigned char c ); +signed char mbedtls_ct_base64_dec_value(unsigned char c); #endif /* MBEDTLS_BASE64_C */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) /** Conditional memcpy without branches. * @@ -209,10 +200,10 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c ); * \param c1 The first value to analyze in the condition. * \param c2 The second value to analyze in the condition. */ -void mbedtls_ct_memcpy_if_eq( unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, size_t c2 ); +void mbedtls_ct_memcpy_if_eq(unsigned char *dest, + const unsigned char *src, + size_t len, + size_t c1, size_t c2); /** Copy data from a secret position with constant flow. * @@ -221,6 +212,13 @@ void mbedtls_ct_memcpy_if_eq( unsigned char *dest, * offset_secret, but only on \p offset_min, \p offset_max and \p len. * Functionally equivalent to `memcpy(dst, src + offset_secret, len)`. * + * \note This function reads from \p dest, but the value that + * is read does not influence the result and this + * function's behavior is well-defined regardless of the + * contents of the buffers. This may result in false + * positives from static or dynamic analyzers, especially + * if \p dest is not initialized. + * * \param dest The destination buffer. This must point to a writable * buffer of at least \p len bytes. * \param src The base of the source buffer. This must point to a @@ -233,12 +231,12 @@ void mbedtls_ct_memcpy_if_eq( unsigned char *dest, * \param offset_max The maximal value of \p offset. * \param len The number of bytes to copy. */ -void mbedtls_ct_memcpy_offset( unsigned char *dest, - const unsigned char *src, - size_t offset, - size_t offset_min, - size_t offset_max, - size_t len ); +void mbedtls_ct_memcpy_offset(unsigned char *dest, + const unsigned char *src, + size_t offset, + size_t offset_min, + size_t offset_max, + size_t len); /** Compute the HMAC of variable-length data with constant flow. * @@ -276,16 +274,16 @@ void mbedtls_ct_memcpy_offset( unsigned char *dest, * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED * The hardware accelerator failed. */ -int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output ); +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ +#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) @@ -317,12 +315,12 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx, * \return #MBEDTLS_ERR_RSA_INVALID_PADDING * The input doesn't contain properly formatted padding. */ -int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode, - unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen ); +int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode, + unsigned char *input, + size_t ilen, + unsigned char *output, + size_t output_max_len, + size_t *olen); #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ diff --git a/third_party/mbedtls/repo/library/constant_time_invasive.h b/third_party/mbedtls/repo/library/constant_time_invasive.h index 4620ca13799..14e0bec5ea7 100644 --- a/third_party/mbedtls/repo/library/constant_time_invasive.h +++ b/third_party/mbedtls/repo/library/constant_time_invasive.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_INVASIVE_H @@ -42,9 +30,9 @@ * * \return All-bits-one if \p low <= \p c <= \p high, otherwise zero. */ -unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low, - unsigned char high, - unsigned char c ); +unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, + unsigned char high, + unsigned char c); #endif /* MBEDTLS_TEST_HOOKS */ diff --git a/third_party/mbedtls/repo/library/ctr_drbg.c b/third_party/mbedtls/repo/library/ctr_drbg.c index a604ec0761a..53987a22fff 100644 --- a/third_party/mbedtls/repo/library/ctr_drbg.c +++ b/third_party/mbedtls/repo/library/ctr_drbg.c @@ -2,24 +2,12 @@ * CTR_DRBG implementation based on AES-256 (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The NIST SP 800-90 DRBGs are described in the following publication. * - * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf + * https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-90r.pdf */ #include "common.h" @@ -30,27 +18,21 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include #include #if defined(MBEDTLS_FS_IO) #include #endif -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ /* * CTR_DRBG context initialization */ -void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) +void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); + memset(ctx, 0, sizeof(mbedtls_ctr_drbg_context)); /* Indicate that the entropy nonce length is not set explicitly. * See mbedtls_ctr_drbg_set_nonce_len(). */ ctx->reseed_counter = -1; @@ -62,50 +44,55 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) * This function resets CTR_DRBG context to the state immediately * after initial call of mbedtls_ctr_drbg_init(). */ -void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx ) +void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_THREADING_C) /* The mutex is initialized iff f_entropy is set. */ - if( ctx->f_entropy != NULL ) - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->f_entropy != NULL) { + mbedtls_mutex_free(&ctx->mutex); + } #endif - mbedtls_aes_free( &ctx->aes_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) ); + mbedtls_aes_free(&ctx->aes_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ctr_drbg_context)); ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; ctx->reseed_counter = -1; } -void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, - int resistance ) +void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, + int resistance) { ctx->prediction_resistance = resistance; } -void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, - size_t len ) +void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, + size_t len) { ctx->entropy_len = len; } -int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, - size_t len ) +int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, + size_t len) { /* If mbedtls_ctr_drbg_seed() has already been called, it's * too late. Return the error code that's closest to making sense. */ - if( ctx->f_entropy != NULL ) - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (ctx->f_entropy != NULL) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; + } - if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } #if SIZE_MAX > INT_MAX /* This shouldn't be an issue because * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible * configuration, but make sure anyway. */ - if( len > INT_MAX ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (len > INT_MAX) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } #endif /* For backward compatibility with Mbed TLS <= 2.19, store the @@ -113,17 +100,17 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx, * used until after the initial seeding. */ /* Due to the capping of len above, the value fits in an int. */ ctx->reseed_counter = (int) len; - return( 0 ); + return 0; } -void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, - int interval ) +void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, + int interval) { ctx->reseed_interval = interval; } -static int block_cipher_df( unsigned char *output, - const unsigned char *data, size_t data_len ) +static int block_cipher_df(unsigned char *output, + const unsigned char *data, size_t data_len) { unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16]; @@ -137,12 +124,13 @@ static int block_cipher_df( unsigned char *output, int i, j; size_t buf_len, use_len; - if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + - MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); - mbedtls_aes_init( &aes_ctx ); + memset(buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16); + mbedtls_aes_init(&aes_ctx); /* * Construct IV (16 bytes) and S in buffer @@ -152,48 +140,46 @@ static int block_cipher_df( unsigned char *output, * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; - MBEDTLS_PUT_UINT32_BE( data_len, p, 0); + MBEDTLS_PUT_UINT32_BE(data_len, p, 0); p += 4 + 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; - memcpy( p, data, data_len ); + memcpy(p, data, data_len); p[data_len] = 0x80; buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; - for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ ) + for (i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++) { key[i] = i; + } - if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, key, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } /* * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data */ - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { p = buf; - memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memset(chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE); use_len = buf_len; - while( use_len > 0 ) - { - for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ ) + while (use_len > 0) { + for (i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++) { chain[i] ^= p[i]; + } p += MBEDTLS_CTR_DRBG_BLOCKSIZE; - use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? + use_len -= (use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len; - if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, - chain, chain ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, + chain, chain)) != 0) { goto exit; } } - memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE); /* * Update IV @@ -204,42 +190,38 @@ static int block_cipher_df( unsigned char *output, /* * Do final encryption with reduced data */ - if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, tmp, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE; p = output; - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { - if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, - iv, iv ) ) != 0 ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { + if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, + iv, iv)) != 0) { goto exit; } - memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE); p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } exit: - mbedtls_aes_free( &aes_ctx ); + mbedtls_aes_free(&aes_ctx); /* - * tidy up the stack - */ - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( chain, sizeof( chain ) ); - if( 0 != ret ) - { + * tidy up the stack + */ + mbedtls_platform_zeroize(buf, sizeof(buf)); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(chain, sizeof(chain)); + if (0 != ret) { /* - * wipe partial seed from memory - */ - mbedtls_platform_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN ); + * wipe partial seed from memory + */ + mbedtls_platform_zeroize(output, MBEDTLS_CTR_DRBG_SEEDLEN); } - return( ret ); + return ret; } /* CTR_DRBG_Update (SP 800-90A §10.2.1.2) @@ -250,54 +232,54 @@ static int block_cipher_df( unsigned char *output, * ctx->aes_ctx = Key * ctx->counter = V */ -static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, - const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] ) +static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, + const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN]) { unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = tmp; int i, j; int ret = 0; - memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + memset(tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN); - for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) - { + for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { /* * Increase counter */ - for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) - if( ++ctx->counter[i - 1] != 0 ) + for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { + if (++ctx->counter[i - 1] != 0) { break; + } + } /* * Crypt counter block */ - if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, - ctx->counter, p ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, + ctx->counter, p)) != 0) { goto exit; } p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } - for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ ) + for (i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++) { tmp[i] ^= data[i]; + } /* * Update key and counter */ - if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { + if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, tmp, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } - memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, - MBEDTLS_CTR_DRBG_BLOCKSIZE ); + memcpy(ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, + MBEDTLS_CTR_DRBG_BLOCKSIZE); exit: - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( ret ); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return ret; } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) @@ -312,36 +294,40 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( add_len == 0 ) - return( 0 ); + if (add_len == 0) { + return 0; + } - if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) + if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { goto exit; - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + } + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); - return( ret ); + mbedtls_platform_zeroize(add_input, sizeof(add_input)); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { /* MAX_INPUT would be more logical here, but we have to match * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + if (add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; - (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len ); + } + (void) mbedtls_ctr_drbg_update_ret(ctx, additional, add_len); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -358,66 +344,67 @@ void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, * and with output * ctx contains new_working_state */ -static int mbedtls_ctr_drbg_reseed_internal( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t len, - size_t nonce_len ) +static int mbedtls_ctr_drbg_reseed_internal(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t len, + size_t nonce_len) { unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - if( nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - if( len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } + if (nonce_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } + if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len - nonce_len) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); + memset(seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT); /* Gather entropy_len bytes of entropy to seed state. */ - if( 0 != ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) ) - { - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (0 != ctx->f_entropy(ctx->p_entropy, seed, ctx->entropy_len)) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len; /* Gather entropy for a nonce if requested. */ - if( nonce_len != 0 ) - { - if( 0 != ctx->f_entropy( ctx->p_entropy, seed + seedlen, nonce_len ) ) - { - return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + if (nonce_len != 0) { + if (0 != ctx->f_entropy(ctx->p_entropy, seed + seedlen, nonce_len)) { + return MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += nonce_len; } /* Add additional data if provided. */ - if( additional != NULL && len != 0 ) - { - memcpy( seed + seedlen, additional, len ); + if (additional != NULL && len != 0) { + memcpy(seed + seedlen, additional, len); seedlen += len; } /* Reduce to 384 bits. */ - if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 ) + if ((ret = block_cipher_df(seed, seed, seedlen)) != 0) { goto exit; + } /* Update state. */ - if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 ) + if ((ret = ctr_drbg_update_internal(ctx, seed)) != 0) { goto exit; + } ctx->reseed_counter = 1; exit: - mbedtls_platform_zeroize( seed, sizeof( seed ) ); - return( ret ); + mbedtls_platform_zeroize(seed, sizeof(seed)); + return ret; } -int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ) +int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, size_t len) { - return( mbedtls_ctr_drbg_reseed_internal( ctx, additional, len, 0 ) ); + return mbedtls_ctr_drbg_reseed_internal(ctx, additional, len, 0); } /* Return a "good" nonce length for CTR_DRBG. The chosen nonce length @@ -425,12 +412,13 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * size and entropy length. If there is enough entropy in the initial * call to the entropy function to serve as both the entropy input and * the nonce, don't make a second call to get a nonce. */ -static size_t good_nonce_len( size_t entropy_len ) +static size_t good_nonce_len(size_t entropy_len) { - if( entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2 ) - return( 0 ); - else - return( ( entropy_len + 1 ) / 2 ); + if (entropy_len >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2) { + return 0; + } else { + return (entropy_len + 1) / 2; + } } /* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) @@ -444,52 +432,51 @@ static size_t good_nonce_len( size_t entropy_len ) * and with outputs * ctx = initial_working_state */ -int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) +int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; size_t nonce_len; - memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); + memset(key, 0, MBEDTLS_CTR_DRBG_KEYSIZE); /* The mutex is initialized iff f_entropy is set. */ #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif - mbedtls_aes_init( &ctx->aes_ctx ); + mbedtls_aes_init(&ctx->aes_ctx); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - if( ctx->entropy_len == 0 ) + if (ctx->entropy_len == 0) { ctx->entropy_len = MBEDTLS_CTR_DRBG_ENTROPY_LEN; + } /* ctx->reseed_counter contains the desired amount of entropy to * grab for a nonce (see mbedtls_ctr_drbg_set_nonce_len()). * If it's -1, indicating that the entropy nonce length was not set * explicitly, use a sufficiently large nonce for security. */ - nonce_len = ( ctx->reseed_counter >= 0 ? - (size_t) ctx->reseed_counter : - good_nonce_len( ctx->entropy_len ) ); + nonce_len = (ctx->reseed_counter >= 0 ? + (size_t) ctx->reseed_counter : + good_nonce_len(ctx->entropy_len)); /* Initialize with an empty key. */ - if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, - MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, key, + MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { + return ret; } /* Do the initial seeding. */ - if( ( ret = mbedtls_ctr_drbg_reseed_internal( ctx, custom, len, - nonce_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ctr_drbg_reseed_internal(ctx, custom, len, + nonce_len)) != 0) { + return ret; } - return( 0 ); + return 0; } /* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2) @@ -511,9 +498,9 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, * returned_bits = output[:output_len] * ctx contains new_working_state */ -int mbedtls_ctr_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, size_t add_len ) +int mbedtls_ctr_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len) { int ret = 0; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; @@ -523,159 +510,163 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, int i; size_t use_len; - if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST ) - return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG ); + if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) { + return MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG; + } - if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT ) - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + if (add_len > MBEDTLS_CTR_DRBG_MAX_INPUT) { + return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + } - memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + memset(add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN); - if( ctx->reseed_counter > ctx->reseed_interval || - ctx->prediction_resistance ) - { - if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) - { - return( ret ); + if (ctx->reseed_counter > ctx->reseed_interval || + ctx->prediction_resistance) { + if ((ret = mbedtls_ctr_drbg_reseed(ctx, additional, add_len)) != 0) { + return ret; } add_len = 0; } - if( add_len > 0 ) - { - if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) + if (add_len > 0) { + if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { goto exit; - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + } + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } } - while( output_len > 0 ) - { + while (output_len > 0) { /* * Increase counter */ - for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) - if( ++ctx->counter[i - 1] != 0 ) + for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { + if (++ctx->counter[i - 1] != 0) { break; + } + } /* * Crypt counter block */ - if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, - ctx->counter, tmp ) ) != 0 ) - { + if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, + ctx->counter, tmp)) != 0) { goto exit; } - use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) + use_len = (output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len; /* * Copy random block to destination */ - memcpy( p, tmp, use_len ); + memcpy(p, tmp, use_len); p += use_len; output_len -= use_len; } - if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { goto exit; + } ctx->reseed_counter++; exit: - mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( ret ); + mbedtls_platform_zeroize(add_input, sizeof(add_input)); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return ret; } -int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, - size_t output_len ) +int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, + size_t output_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = mbedtls_ctr_drbg_random_with_add( ctx, output, output_len, NULL, 0 ); + ret = mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, NULL, 0); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) -int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, - const char *path ) +int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, + const char *path) { int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; FILE *f; - unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT]; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "wb")) == NULL) { + return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; + } - if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, - MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 ) + if ((ret = mbedtls_ctr_drbg_random(ctx, buf, + MBEDTLS_CTR_DRBG_MAX_INPUT)) != 0) { goto exit; + } - if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != - MBEDTLS_CTR_DRBG_MAX_INPUT ) - { + if (fwrite(buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f) != + MBEDTLS_CTR_DRBG_MAX_INPUT) { ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; - } - else - { + } else { ret = 0; } exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - fclose( f ); - return( ret ); + fclose(f); + return ret; } -int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, - const char *path ) +int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, + const char *path) { int ret = 0; FILE *f = NULL; size_t n; - unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_CTR_DRBG_MAX_INPUT]; unsigned char c; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; + } - n = fread( buf, 1, sizeof( buf ), f ); - if( fread( &c, 1, 1, f ) != 0 ) - { + n = fread(buf, 1, sizeof(buf), f); + if (fread(&c, 1, 1, f) != 0) { ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; goto exit; } - if( n == 0 || ferror( f ) ) - { + if (n == 0 || ferror(f)) { ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; goto exit; } - fclose( f ); + fclose(f); f = NULL; - ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_ctr_drbg_update_ret(ctx, buf, n); exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - if( f != NULL ) - fclose( f ); - if( ret != 0 ) - return( ret ); - return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + if (f != NULL) { + fclose(f); + } + if (ret != 0) { + return ret; + } + return mbedtls_ctr_drbg_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -706,192 +697,197 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) static const unsigned char entropy_source_pr[] = - { 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb, - 0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92, - 0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8, - 0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20, - 0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0, - 0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad, - 0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 }; +{ 0x04, 0xd9, 0x49, 0xa6, 0xdc, 0xe8, 0x6e, 0xbb, + 0xf1, 0x08, 0x77, 0x2b, 0x9e, 0x08, 0xca, 0x92, + 0x65, 0x16, 0xda, 0x99, 0xa2, 0x59, 0xf3, 0xe8, + 0x38, 0x7e, 0x3f, 0x6b, 0x51, 0x70, 0x7b, 0x20, + 0xec, 0x53, 0xd0, 0x66, 0xc3, 0x0f, 0xe3, 0xb0, + 0xe0, 0x86, 0xa6, 0xaa, 0x5f, 0x72, 0x2f, 0xad, + 0xf7, 0xef, 0x06, 0xb8, 0xd6, 0x9c, 0x9d, 0xe8 }; static const unsigned char entropy_source_nopr[] = - { 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45, - 0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9, - 0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20, - 0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f, - 0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c }; +{ 0x07, 0x0d, 0x59, 0x63, 0x98, 0x73, 0xa5, 0x45, + 0x27, 0x38, 0x22, 0x7b, 0x76, 0x85, 0xd1, 0xa9, + 0x74, 0x18, 0x1f, 0x3c, 0x22, 0xf6, 0x49, 0x20, + 0x4a, 0x47, 0xc2, 0xf3, 0x85, 0x16, 0xb4, 0x6f, + 0x00, 0x2e, 0x71, 0xda, 0xed, 0x16, 0x9b, 0x5c }; static const unsigned char pers_pr[] = - { 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a, - 0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad }; +{ 0xbf, 0xa4, 0x9a, 0x8f, 0x7b, 0xd8, 0xb1, 0x7a, + 0x9d, 0xfa, 0x45, 0xed, 0x21, 0x52, 0xb3, 0xad }; static const unsigned char pers_nopr[] = - { 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c, - 0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f }; +{ 0x4e, 0x61, 0x79, 0xd4, 0xc2, 0x72, 0xa1, 0x4c, + 0xf1, 0x3d, 0xf6, 0x5e, 0xa3, 0xa6, 0xe5, 0x0f }; static const unsigned char result_pr[] = - { 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66, - 0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff, - 0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10, - 0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30, - 0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4, - 0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc, - 0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06, - 0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf }; +{ 0xc9, 0x0a, 0xaf, 0x85, 0x89, 0x71, 0x44, 0x66, + 0x4f, 0x25, 0x0b, 0x2b, 0xde, 0xd8, 0xfa, 0xff, + 0x52, 0x5a, 0x1b, 0x32, 0x5e, 0x41, 0x7a, 0x10, + 0x1f, 0xef, 0x1e, 0x62, 0x23, 0xe9, 0x20, 0x30, + 0xc9, 0x0d, 0xad, 0x69, 0xb4, 0x9c, 0x5b, 0xf4, + 0x87, 0x42, 0xd5, 0xae, 0x5e, 0x5e, 0x43, 0xcc, + 0xd9, 0xfd, 0x0b, 0x93, 0x4a, 0xe3, 0xd4, 0x06, + 0x37, 0x36, 0x0f, 0x3f, 0x72, 0x82, 0x0c, 0xcf }; static const unsigned char result_nopr[] = - { 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13, - 0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0, - 0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf, - 0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2, - 0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7, - 0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2, - 0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02, - 0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 }; +{ 0x31, 0xc9, 0x91, 0x09, 0xf8, 0xc5, 0x10, 0x13, + 0x3c, 0xd3, 0x96, 0xf9, 0xbc, 0x2c, 0x12, 0xc0, + 0x7c, 0xc1, 0x61, 0x5f, 0xa3, 0x09, 0x99, 0xaf, + 0xd7, 0xf2, 0x36, 0xfd, 0x40, 0x1a, 0x8b, 0xf2, + 0x33, 0x38, 0xee, 0x1d, 0x03, 0x5f, 0x83, 0xb7, + 0xa2, 0x53, 0xdc, 0xee, 0x18, 0xfc, 0xa7, 0xf2, + 0xee, 0x96, 0xc6, 0xc2, 0xcd, 0x0c, 0xff, 0x02, + 0x76, 0x70, 0x69, 0xaa, 0x69, 0xd1, 0x3b, 0xe8 }; #else /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static const unsigned char entropy_source_pr[] = - { 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49, - 0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a, - 0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85, - 0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e, - 0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15, - 0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45, - 0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8, - 0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c, - 0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3, - 0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce, - 0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e, - 0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76, - 0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77, - 0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe }; +{ 0xca, 0x58, 0xfd, 0xf2, 0xb9, 0x77, 0xcb, 0x49, + 0xd4, 0xe0, 0x5b, 0xe2, 0x39, 0x50, 0xd9, 0x8a, + 0x6a, 0xb3, 0xc5, 0x2f, 0xdf, 0x74, 0xd5, 0x85, + 0x8f, 0xd1, 0xba, 0x64, 0x54, 0x7b, 0xdb, 0x1e, + 0xc5, 0xea, 0x24, 0xc0, 0xfa, 0x0c, 0x90, 0x15, + 0x09, 0x20, 0x92, 0x42, 0x32, 0x36, 0x45, 0x45, + 0x7d, 0x20, 0x76, 0x6b, 0xcf, 0xa2, 0x15, 0xc8, + 0x2f, 0x9f, 0xbc, 0x88, 0x3f, 0x80, 0xd1, 0x2c, + 0xb7, 0x16, 0xd1, 0x80, 0x9e, 0xe1, 0xc9, 0xb3, + 0x88, 0x1b, 0x21, 0x45, 0xef, 0xa1, 0x7f, 0xce, + 0xc8, 0x92, 0x35, 0x55, 0x2a, 0xd9, 0x1d, 0x8e, + 0x12, 0x38, 0xac, 0x01, 0x4e, 0x38, 0x18, 0x76, + 0x9c, 0xf2, 0xb6, 0xd4, 0x13, 0xb6, 0x2c, 0x77, + 0xc0, 0xe7, 0xe6, 0x0c, 0x47, 0x44, 0x95, 0xbe }; static const unsigned char entropy_source_nopr[] = - { 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d, - 0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0, - 0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73, - 0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c, - 0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2, - 0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1, - 0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a, - 0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb, - 0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a, - 0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 }; +{ 0x4c, 0xfb, 0x21, 0x86, 0x73, 0x34, 0x6d, 0x9d, + 0x50, 0xc9, 0x22, 0xe4, 0x9b, 0x0d, 0xfc, 0xd0, + 0x90, 0xad, 0xf0, 0x4f, 0x5c, 0x3b, 0xa4, 0x73, + 0x27, 0xdf, 0xcd, 0x6f, 0xa6, 0x3a, 0x78, 0x5c, + 0x01, 0x69, 0x62, 0xa7, 0xfd, 0x27, 0x87, 0xa2, + 0x4b, 0xf6, 0xbe, 0x47, 0xef, 0x37, 0x83, 0xf1, + 0xb7, 0xec, 0x46, 0x07, 0x23, 0x63, 0x83, 0x4a, + 0x1b, 0x01, 0x33, 0xf2, 0xc2, 0x38, 0x91, 0xdb, + 0x4f, 0x11, 0xa6, 0x86, 0x51, 0xf2, 0x3e, 0x3a, + 0x8b, 0x1f, 0xdc, 0x03, 0xb1, 0x92, 0xc7, 0xe7 }; static const unsigned char pers_pr[] = - { 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33, - 0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e, - 0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0, - 0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 }; +{ 0x5a, 0x70, 0x95, 0xe9, 0x81, 0x40, 0x52, 0x33, + 0x91, 0x53, 0x7e, 0x75, 0xd6, 0x19, 0x9d, 0x1e, + 0xad, 0x0d, 0xc6, 0xa7, 0xde, 0x6c, 0x1f, 0xe0, + 0xea, 0x18, 0x33, 0xa8, 0x7e, 0x06, 0x20, 0xe9 }; static const unsigned char pers_nopr[] = - { 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29, - 0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf, - 0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb, - 0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b }; +{ 0x88, 0xee, 0xb8, 0xe0, 0xe8, 0x3b, 0xf3, 0x29, + 0x4b, 0xda, 0xcd, 0x60, 0x99, 0xeb, 0xe4, 0xbf, + 0x55, 0xec, 0xd9, 0x11, 0x3f, 0x71, 0xe5, 0xeb, + 0xcb, 0x45, 0x75, 0xf3, 0xd6, 0xa6, 0x8a, 0x6b }; static const unsigned char result_pr[] = - { 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85, - 0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d, - 0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62, - 0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d, - 0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb, - 0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39, - 0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40, - 0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 }; +{ 0xce, 0x2f, 0xdb, 0xb6, 0xd9, 0xb7, 0x39, 0x85, + 0x04, 0xc5, 0xc0, 0x42, 0xc2, 0x31, 0xc6, 0x1d, + 0x9b, 0x5a, 0x59, 0xf8, 0x7e, 0x0d, 0xcc, 0x62, + 0x7b, 0x65, 0x11, 0x55, 0x10, 0xeb, 0x9e, 0x3d, + 0xa4, 0xfb, 0x1c, 0x6a, 0x18, 0xc0, 0x74, 0xdb, + 0xdd, 0xe7, 0x02, 0x23, 0x63, 0x21, 0xd0, 0x39, + 0xf9, 0xa7, 0xc4, 0x52, 0x84, 0x3b, 0x49, 0x40, + 0x72, 0x2b, 0xb0, 0x6c, 0x9c, 0xdb, 0xc3, 0x43 }; static const unsigned char result_nopr[] = - { 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad, - 0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3, - 0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b, - 0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14, - 0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54, - 0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30, - 0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a, - 0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 }; +{ 0xa5, 0x51, 0x80, 0xa1, 0x90, 0xbe, 0xf3, 0xad, + 0xaf, 0x28, 0xf6, 0xb7, 0x95, 0xe9, 0xf1, 0xf3, + 0xd6, 0xdf, 0xa1, 0xb2, 0x7d, 0xd0, 0x46, 0x7b, + 0x0c, 0x75, 0xf5, 0xfa, 0x93, 0x1e, 0x97, 0x14, + 0x75, 0xb2, 0x7c, 0xae, 0x03, 0xa2, 0x96, 0x54, + 0xe2, 0xf4, 0x09, 0x66, 0xea, 0x33, 0x64, 0x30, + 0x40, 0xd1, 0x40, 0x0f, 0xe6, 0x77, 0x87, 0x3a, + 0xf8, 0x09, 0x7c, 0x1f, 0xe9, 0xf0, 0x02, 0x98 }; #endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ static size_t test_offset; -static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, - size_t len ) +static int ctr_drbg_self_test_entropy(void *data, unsigned char *buf, + size_t len) { const unsigned char *p = data; - memcpy( buf, p + test_offset, len ); + memcpy(buf, p + test_offset, len); test_offset += len; - return( 0 ); + return 0; } -#define CHK( c ) if( (c) != 0 ) \ - { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ - return( 1 ); \ - } +#define CHK(c) if ((c) != 0) \ + { \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ + return 1; \ + } -#define SELF_TEST_OUPUT_DISCARD_LENGTH 64 +#define SELF_TEST_OUTPUT_DISCARD_LENGTH 64 /* * Checkup routine */ -int mbedtls_ctr_drbg_self_test( int verbose ) +int mbedtls_ctr_drbg_self_test(int verbose) { mbedtls_ctr_drbg_context ctx; - unsigned char buf[ sizeof( result_pr ) ]; + unsigned char buf[sizeof(result_pr)]; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); /* * Based on a NIST CTR_DRBG test vector (PR = True) */ - if( verbose != 0 ) - mbedtls_printf( " CTR_DRBG (PR = TRUE) : " ); + if (verbose != 0) { + mbedtls_printf(" CTR_DRBG (PR = TRUE) : "); + } test_offset = 0; - mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE ); - mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 ); - CHK( mbedtls_ctr_drbg_seed( &ctx, - ctr_drbg_self_test_entropy, - (void *) entropy_source_pr, - pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE ) ); - mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUPUT_DISCARD_LENGTH ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_pr ) ) ); - CHK( memcmp( buf, result_pr, sizeof( result_pr ) ) ); - - mbedtls_ctr_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE); + mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2); + CHK(mbedtls_ctr_drbg_seed(&ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_pr, + pers_pr, MBEDTLS_CTR_DRBG_KEYSIZE)); + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_pr))); + CHK(memcmp(buf, result_pr, sizeof(result_pr))); + + mbedtls_ctr_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } /* * Based on a NIST CTR_DRBG test vector (PR = FALSE) */ - if( verbose != 0 ) - mbedtls_printf( " CTR_DRBG (PR = FALSE): " ); + if (verbose != 0) { + mbedtls_printf(" CTR_DRBG (PR = FALSE): "); + } - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset = 0; - mbedtls_ctr_drbg_set_entropy_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE); - mbedtls_ctr_drbg_set_nonce_len( &ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2 ); - CHK( mbedtls_ctr_drbg_seed( &ctx, - ctr_drbg_self_test_entropy, - (void *) entropy_source_nopr, - pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE ) ); - CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, SELF_TEST_OUPUT_DISCARD_LENGTH ) ); - CHK( mbedtls_ctr_drbg_random( &ctx, buf, sizeof( result_nopr ) ) ); - CHK( memcmp( buf, result_nopr, sizeof( result_nopr ) ) ); - - mbedtls_ctr_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); - - if( verbose != 0 ) - mbedtls_printf( "\n" ); - - return( 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE); + mbedtls_ctr_drbg_set_nonce_len(&ctx, MBEDTLS_CTR_DRBG_KEYSIZE / 2); + CHK(mbedtls_ctr_drbg_seed(&ctx, + ctr_drbg_self_test_entropy, + (void *) entropy_source_nopr, + pers_nopr, MBEDTLS_CTR_DRBG_KEYSIZE)); + CHK(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, SELF_TEST_OUTPUT_DISCARD_LENGTH)); + CHK(mbedtls_ctr_drbg_random(&ctx, buf, sizeof(result_nopr))); + CHK(memcmp(buf, result_nopr, sizeof(result_nopr))); + + mbedtls_ctr_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } + + if (verbose != 0) { + mbedtls_printf("\n"); + } + + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/debug.c b/third_party/mbedtls/repo/library/debug.c index e1086008af7..f2d8dced5f4 100644 --- a/third_party/mbedtls/repo/library/debug.c +++ b/third_party/mbedtls/repo/library/debug.c @@ -2,35 +2,14 @@ * Debugging routines * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_DEBUG_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_time_t time_t -#define mbedtls_snprintf snprintf -#define mbedtls_vsnprintf vsnprintf -#endif #include "mbedtls/debug.h" #include "mbedtls/error.h" @@ -39,16 +18,12 @@ #include #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - +/* DEBUG_BUF_SIZE must be at least 2 */ #define DEBUG_BUF_SIZE 512 static int debug_threshold = 0; -void mbedtls_debug_set_threshold( int threshold ) +void mbedtls_debug_set_threshold(int threshold) { debug_threshold = threshold; } @@ -56,9 +31,9 @@ void mbedtls_debug_set_threshold( int threshold ) /* * All calls to f_dbg must be made via this function */ -static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *str ) +static inline void debug_send_line(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *str) { /* * If in a threaded environment, we need a thread identifier. @@ -67,54 +42,58 @@ static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level, */ #if defined(MBEDTLS_THREADING_C) char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */ - mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str ); - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr ); + mbedtls_snprintf(idstr, sizeof(idstr), "%p: %s", (void *) ssl, str); + ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, idstr); #else - ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str ); + ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, str); #endif } MBEDTLS_PRINTF_ATTRIBUTE(5, 6) -void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ... ) +void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ...) { va_list argp; char str[DEBUG_BUF_SIZE]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( NULL == ssl || + MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small"); + + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - va_start( argp, format ); - ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp ); - va_end( argp ); + va_start(argp, format); + ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp); + va_end(argp); - if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 ) - { - str[ret] = '\n'; - str[ret + 1] = '\0'; + if (ret < 0) { + ret = 0; + } else { + if (ret >= DEBUG_BUF_SIZE - 1) { + ret = DEBUG_BUF_SIZE - 2; + } } + str[ret] = '\n'; + str[ret + 1] = '\0'; - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); } -void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ) +void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret) { char str[DEBUG_BUF_SIZE]; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } @@ -123,246 +102,232 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level, * the logs would be quickly flooded with WANT_READ, so ignore that. * Don't ignore WANT_WRITE however, since is is usually rare. */ - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { return; + } - mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n", - text, ret, (unsigned int) -ret ); + mbedtls_snprintf(str, sizeof(str), "%s() returned %d (-0x%04x)\n", + text, ret, (unsigned int) -ret); - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); } -void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len ) +void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len) { char str[DEBUG_BUF_SIZE]; char txt[17]; size_t i, idx = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n", - text, (unsigned int) len ); + mbedtls_snprintf(str + idx, sizeof(str) - idx, "dumping '%s' (%u bytes)\n", + text, (unsigned int) len); - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); idx = 0; - memset( txt, 0, sizeof( txt ) ); - for( i = 0; i < len; i++ ) - { - if( i >= 4096 ) + memset(txt, 0, sizeof(txt)); + for (i = 0; i < len; i++) { + if (i >= 4096) { break; + } - if( i % 16 == 0 ) - { - if( i > 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); + if (i % 16 == 0) { + if (i > 0) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt); + debug_send_line(ssl, level, file, line, str); idx = 0; - memset( txt, 0, sizeof( txt ) ); + memset(txt, 0, sizeof(txt)); } - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", - (unsigned int) i ); + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "%04x: ", + (unsigned int) i); } - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", - (unsigned int) buf[i] ); - txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", + (unsigned int) buf[i]); + txt[i % 16] = (buf[i] > 31 && buf[i] < 127) ? buf[i] : '.'; } - if( len > 0 ) - { - for( /* i = i */; i % 16 != 0; i++ ) - idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " ); + if (len > 0) { + for (/* i = i */; i % 16 != 0; i++) { + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " "); + } - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt); + debug_send_line(ssl, level, file, line, str); } } #if defined(MBEDTLS_ECP_C) -void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X ) +void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X) { char str[DEBUG_BUF_SIZE]; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || - level > debug_threshold ) - { + level > debug_threshold) { return; } - mbedtls_snprintf( str, sizeof( str ), "%s(X)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X ); + mbedtls_snprintf(str, sizeof(str), "%s(X)", text); + mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->X); - mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text ); - mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y ); + mbedtls_snprintf(str, sizeof(str), "%s(Y)", text); + mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y); } #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_BIGNUM_C) -void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X ) +void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X) { char str[DEBUG_BUF_SIZE]; size_t bitlen; size_t idx = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || NULL == X || - level > debug_threshold ) - { + level > debug_threshold) { return; } - bitlen = mbedtls_mpi_bitlen( X ); + bitlen = mbedtls_mpi_bitlen(X); - mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n", - text, (unsigned) bitlen ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str, sizeof(str), "value of '%s' (%u bits) is:\n", + text, (unsigned) bitlen); + debug_send_line(ssl, level, file, line, str); - if( bitlen == 0 ) - { + if (bitlen == 0) { str[0] = ' '; str[1] = '0'; str[2] = '0'; idx = 3; - } - else - { + } else { int n; - for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- ) - { - size_t limb_offset = n / sizeof( mbedtls_mpi_uint ); - size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint ); + for (n = (int) ((bitlen - 1) / 8); n >= 0; n--) { + size_t limb_offset = n / sizeof(mbedtls_mpi_uint); + size_t offset_in_limb = n % sizeof(mbedtls_mpi_uint); unsigned char octet = - ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff; - mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet ); + (X->p[limb_offset] >> (offset_in_limb * 8)) & 0xff; + mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", octet); idx += 3; /* Wrap lines after 16 octets that each take 3 columns */ - if( idx >= 3 * 16 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); + if (idx >= 3 * 16) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); idx = 0; } } } - if( idx != 0 ) - { - mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" ); - debug_send_line( ssl, level, file, line, str ); + if (idx != 0) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); } } #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_pk_context *pk ) +static void debug_print_pk(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_pk_context *pk) { size_t i; mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; char name[16]; - memset( items, 0, sizeof( items ) ); + memset(items, 0, sizeof(items)); - if( mbedtls_pk_debug( pk, items ) != 0 ) - { - debug_send_line( ssl, level, file, line, - "invalid PK context\n" ); + if (mbedtls_pk_debug(pk, items) != 0) { + debug_send_line(ssl, level, file, line, + "invalid PK context\n"); return; } - for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ ) - { - if( items[i].type == MBEDTLS_PK_DEBUG_NONE ) + for (i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++) { + if (items[i].type == MBEDTLS_PK_DEBUG_NONE) { return; + } - mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); - name[sizeof( name ) - 1] = '\0'; + mbedtls_snprintf(name, sizeof(name), "%s%s", text, items[i].name); + name[sizeof(name) - 1] = '\0'; - if( items[i].type == MBEDTLS_PK_DEBUG_MPI ) - mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value ); - else + if (items[i].type == MBEDTLS_PK_DEBUG_MPI) { + mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value); + } else #if defined(MBEDTLS_ECP_C) - if( items[i].type == MBEDTLS_PK_DEBUG_ECP ) - mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value ); - else + if (items[i].type == MBEDTLS_PK_DEBUG_ECP) { + mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value); + } else #endif - debug_send_line( ssl, level, file, line, - "should not happen\n" ); + { debug_send_line(ssl, level, file, line, + "should not happen\n"); } } } -static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text ) +static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text) { char str[DEBUG_BUF_SIZE]; const char *start, *cur; start = text; - for( cur = text; *cur != '\0'; cur++ ) - { - if( *cur == '\n' ) - { + for (cur = text; *cur != '\0'; cur++) { + if (*cur == '\n') { size_t len = cur - start + 1; - if( len > DEBUG_BUF_SIZE - 1 ) + if (len > DEBUG_BUF_SIZE - 1) { len = DEBUG_BUF_SIZE - 1; + } - memcpy( str, start, len ); + memcpy(str, start, len); str[len] = '\0'; - debug_send_line( ssl, level, file, line, str ); + debug_send_line(ssl, level, file, line, str); start = cur + 1; } } } -void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt ) +void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt) { char str[DEBUG_BUF_SIZE]; int i = 0; - if( NULL == ssl || + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || NULL == crt || - level > debug_threshold ) - { + level > debug_threshold) { return; } - while( crt != NULL ) - { + while (crt != NULL) { char buf[1024]; - mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i ); - debug_send_line( ssl, level, file, line, str ); + mbedtls_snprintf(str, sizeof(str), "%s #%d:\n", text, ++i); + debug_send_line(ssl, level, file, line, str); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - debug_print_line_by_line( ssl, level, file, line, buf ); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + debug_print_line_by_line(ssl, level, file, line, buf); - debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); + debug_print_pk(ssl, level, file, line, "crt->", &crt->pk); crt = crt->next; } @@ -370,50 +335,48 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_ECDH_C) -static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, - int level, const char *file, - int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) +static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl, + int level, const char *file, + int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - const mbedtls_ecdh_context* ctx = ecdh; + const mbedtls_ecdh_context *ctx = ecdh; #else - const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh; + const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh; #endif - switch( attr ) - { + switch (attr) { case MBEDTLS_DEBUG_ECDH_Q: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q", - &ctx->Q ); + mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q", + &ctx->Q); break; case MBEDTLS_DEBUG_ECDH_QP: - mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp", - &ctx->Qp ); + mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp", + &ctx->Qp); break; case MBEDTLS_DEBUG_ECDH_Z: - mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z", - &ctx->z ); + mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z", + &ctx->z); break; default: break; } } -void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr ) +void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr ); + mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr); #else - switch( ecdh->var ) - { + switch (ecdh->var) { default: - mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, - attr ); + mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, + attr); } #endif } diff --git a/third_party/mbedtls/repo/library/des.c b/third_party/mbedtls/repo/library/des.c index 91d22b5d906..afe72cec00e 100644 --- a/third_party/mbedtls/repo/library/des.c +++ b/third_party/mbedtls/repo/library/des.c @@ -2,19 +2,7 @@ * FIPS-46-3 compliant Triple-DES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * DES, on which TDES is based, was originally designed by Horst Feistel @@ -33,14 +21,7 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_DES_ALT) @@ -229,7 +210,7 @@ static const uint32_t RHs[16] = /* * Initial Permutation macro */ -#define DES_IP(X,Y) \ +#define DES_IP(X, Y) \ do \ { \ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \ @@ -239,12 +220,12 @@ static const uint32_t RHs[16] = (Y) = (((Y) << 1) | ((Y) >> 31)) & 0xFFFFFFFF; \ T = ((X) ^ (Y)) & 0xAAAAAAAA; (Y) ^= T; (X) ^= T; \ (X) = (((X) << 1) | ((X) >> 31)) & 0xFFFFFFFF; \ - } while( 0 ) + } while (0) /* * Final Permutation macro */ -#define DES_FP(X,Y) \ +#define DES_FP(X, Y) \ do \ { \ (X) = (((X) << 31) | ((X) >> 1)) & 0xFFFFFFFF; \ @@ -254,90 +235,103 @@ static const uint32_t RHs[16] = T = (((Y) >> 2) ^ (X)) & 0x33333333; (X) ^= T; (Y) ^= (T << 2); \ T = (((X) >> 16) ^ (Y)) & 0x0000FFFF; (Y) ^= T; (X) ^= (T << 16); \ T = (((X) >> 4) ^ (Y)) & 0x0F0F0F0F; (Y) ^= T; (X) ^= (T << 4); \ - } while( 0 ) + } while (0) /* * DES round macro */ -#define DES_ROUND(X,Y) \ +#define DES_ROUND(X, Y) \ do \ { \ T = *SK++ ^ (X); \ - (Y) ^= SB8[ (T ) & 0x3F ] ^ \ - SB6[ (T >> 8) & 0x3F ] ^ \ - SB4[ (T >> 16) & 0x3F ] ^ \ - SB2[ (T >> 24) & 0x3F ]; \ + (Y) ^= SB8[(T) & 0x3F] ^ \ + SB6[(T >> 8) & 0x3F] ^ \ + SB4[(T >> 16) & 0x3F] ^ \ + SB2[(T >> 24) & 0x3F]; \ \ T = *SK++ ^ (((X) << 28) | ((X) >> 4)); \ - (Y) ^= SB7[ (T ) & 0x3F ] ^ \ - SB5[ (T >> 8) & 0x3F ] ^ \ - SB3[ (T >> 16) & 0x3F ] ^ \ - SB1[ (T >> 24) & 0x3F ]; \ - } while( 0 ) + (Y) ^= SB7[(T) & 0x3F] ^ \ + SB5[(T >> 8) & 0x3F] ^ \ + SB3[(T >> 16) & 0x3F] ^ \ + SB1[(T >> 24) & 0x3F]; \ + } while (0) -#define SWAP(a,b) \ +#define SWAP(a, b) \ do \ { \ uint32_t t = (a); (a) = (b); (b) = t; t = 0; \ - } while( 0 ) + } while (0) -void mbedtls_des_init( mbedtls_des_context *ctx ) +void mbedtls_des_init(mbedtls_des_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_des_context ) ); + memset(ctx, 0, sizeof(mbedtls_des_context)); } -void mbedtls_des_free( mbedtls_des_context *ctx ) +void mbedtls_des_free(mbedtls_des_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des_context)); } -void mbedtls_des3_init( mbedtls_des3_context *ctx ) +void mbedtls_des3_init(mbedtls_des3_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_des3_context ) ); + memset(ctx, 0, sizeof(mbedtls_des3_context)); } -void mbedtls_des3_free( mbedtls_des3_context *ctx ) +void mbedtls_des3_free(mbedtls_des3_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_des3_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_des3_context)); } static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, - 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44, - 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81, - 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112, - 115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140, - 143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168, - 171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196, - 199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224, - 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253, - 254 }; - -void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] ) + 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, + 35, 37, 38, 41, 42, 44, + 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, + 70, 73, 74, 76, 79, 81, + 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, + 104, 107, 109, 110, 112, + 115, 117, 118, 121, 122, 124, 127, 128, 131, + 133, 134, 137, 138, 140, + 143, 145, 146, 148, 151, 152, 155, 157, 158, + 161, 162, 164, 167, 168, + 171, 173, 174, 176, 179, 181, 182, 185, 186, + 188, 191, 193, 194, 196, + 199, 200, 203, 205, 206, 208, 211, 213, 214, + 217, 218, 220, 223, 224, + 227, 229, 230, 233, 234, 236, 239, 241, 242, + 244, 247, 248, 251, 253, + 254 }; + +void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) + for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) { key[i] = odd_parity_table[key[i] / 2]; + } } /* * Check the given key's parity, returns 1 on failure, 0 on SUCCESS */ -int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ ) - if( key[i] != odd_parity_table[key[i] / 2] ) - return( 1 ); + for (i = 0; i < MBEDTLS_DES_KEY_SIZE; i++) { + if (key[i] != odd_parity_table[key[i] / 2]) { + return 1; + } + } - return( 0 ); + return 0; } /* @@ -384,41 +378,43 @@ static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } }; -int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - for( i = 0; i < WEAK_KEY_COUNT; i++ ) - if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 ) - return( 1 ); + for (i = 0; i < WEAK_KEY_COUNT; i++) { + if (memcmp(weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0) { + return 1; + } + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DES_SETKEY_ALT) -void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; uint32_t X, Y, T; - X = MBEDTLS_GET_UINT32_BE( key, 0 ); - Y = MBEDTLS_GET_UINT32_BE( key, 4 ); + X = MBEDTLS_GET_UINT32_BE(key, 0); + Y = MBEDTLS_GET_UINT32_BE(key, 4); /* * Permuted Choice 1 */ T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4); - T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T ); + T = ((Y) ^ X) & 0x10101010; X ^= T; Y ^= (T); - X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2) - | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] ) - | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6) - | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4); + X = (LHs[(X) & 0xF] << 3) | (LHs[(X >> 8) & 0xF] << 2) + | (LHs[(X >> 16) & 0xF] << 1) | (LHs[(X >> 24) & 0xF]) + | (LHs[(X >> 5) & 0xF] << 7) | (LHs[(X >> 13) & 0xF] << 6) + | (LHs[(X >> 21) & 0xF] << 5) | (LHs[(X >> 29) & 0xF] << 4); - Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2) - | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] ) - | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6) - | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4); + Y = (RHs[(Y >> 1) & 0xF] << 3) | (RHs[(Y >> 9) & 0xF] << 2) + | (RHs[(Y >> 17) & 0xF] << 1) | (RHs[(Y >> 25) & 0xF]) + | (RHs[(Y >> 4) & 0xF] << 7) | (RHs[(Y >> 12) & 0xF] << 6) + | (RHs[(Y >> 20) & 0xF] << 5) | (RHs[(Y >> 28) & 0xF] << 4); X &= 0x0FFFFFFF; Y &= 0x0FFFFFFF; @@ -426,15 +422,11 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE /* * calculate subkeys */ - for( i = 0; i < 16; i++ ) - { - if( i < 2 || i == 8 || i == 15 ) - { + for (i = 0; i < 16; i++) { + if (i < 2 || i == 8 || i == 15) { X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF; Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF; - } - else - { + } else { X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF; Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF; } @@ -446,7 +438,7 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000) | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000) | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400) - | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100) + | ((Y >> 14) & 0x00000200) | ((Y) & 0x00000100) | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010) | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004) | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001); @@ -459,7 +451,7 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000) | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000) | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400) - | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100) + | ((Y) & 0x00000200) | ((Y << 7) & 0x00000100) | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011) | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); } @@ -469,52 +461,50 @@ void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KE /* * DES key schedule (56-bit, encryption) */ -int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { - mbedtls_des_setkey( ctx->sk, key ); + mbedtls_des_setkey(ctx->sk, key); - return( 0 ); + return 0; } /* * DES key schedule (56-bit, decryption) */ -int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) +int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; - mbedtls_des_setkey( ctx->sk, key ); + mbedtls_des_setkey(ctx->sk, key); - for( i = 0; i < 16; i += 2 ) - { - SWAP( ctx->sk[i ], ctx->sk[30 - i] ); - SWAP( ctx->sk[i + 1], ctx->sk[31 - i] ); + for (i = 0; i < 16; i += 2) { + SWAP(ctx->sk[i], ctx->sk[30 - i]); + SWAP(ctx->sk[i + 1], ctx->sk[31 - i]); } - return( 0 ); + return 0; } -static void des3_set2key( uint32_t esk[96], - uint32_t dsk[96], - const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] ) +static void des3_set2key(uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[MBEDTLS_DES_KEY_SIZE*2]) { int i; - mbedtls_des_setkey( esk, key ); - mbedtls_des_setkey( dsk + 32, key + 8 ); + mbedtls_des_setkey(esk, key); + mbedtls_des_setkey(dsk + 32, key + 8); - for( i = 0; i < 32; i += 2 ) - { - dsk[i ] = esk[30 - i]; + for (i = 0; i < 32; i += 2) { + dsk[i] = esk[30 - i]; dsk[i + 1] = esk[31 - i]; esk[i + 32] = dsk[62 - i]; esk[i + 33] = dsk[63 - i]; - esk[i + 64] = esk[i ]; + esk[i + 64] = esk[i]; esk[i + 65] = esk[i + 1]; - dsk[i + 64] = dsk[i ]; + dsk[i + 64] = dsk[i]; dsk[i + 65] = dsk[i + 1]; } } @@ -522,44 +512,43 @@ static void des3_set2key( uint32_t esk[96], /* * Triple-DES key schedule (112-bit, encryption) */ -int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { uint32_t sk[96]; - des3_set2key( ctx->sk, sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set2key(ctx->sk, sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * Triple-DES key schedule (112-bit, decryption) */ -int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] ) +int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { uint32_t sk[96]; - des3_set2key( sk, ctx->sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set2key(sk, ctx->sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } -static void des3_set3key( uint32_t esk[96], - uint32_t dsk[96], - const unsigned char key[24] ) +static void des3_set3key(uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[24]) { int i; - mbedtls_des_setkey( esk, key ); - mbedtls_des_setkey( dsk + 32, key + 8 ); - mbedtls_des_setkey( esk + 64, key + 16 ); + mbedtls_des_setkey(esk, key); + mbedtls_des_setkey(dsk + 32, key + 8); + mbedtls_des_setkey(esk + 64, key + 16); - for( i = 0; i < 32; i += 2 ) - { - dsk[i ] = esk[94 - i]; + for (i = 0; i < 32; i += 2) { + dsk[i] = esk[94 - i]; dsk[i + 1] = esk[95 - i]; esk[i + 32] = dsk[62 - i]; @@ -573,61 +562,60 @@ static void des3_set3key( uint32_t esk[96], /* * Triple-DES key schedule (168-bit, encryption) */ -int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { uint32_t sk[96]; - des3_set3key( ctx->sk, sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set3key(ctx->sk, sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * Triple-DES key schedule (168-bit, decryption) */ -int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx, - const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] ) +int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, + const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { uint32_t sk[96]; - des3_set3key( sk, ctx->sk, key ); - mbedtls_platform_zeroize( sk, sizeof( sk ) ); + des3_set3key(sk, ctx->sk, key); + mbedtls_platform_zeroize(sk, sizeof(sk)); - return( 0 ); + return 0; } /* * DES-ECB block encryption/decryption */ #if !defined(MBEDTLS_DES_CRYPT_ECB_ALT) -int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, - const unsigned char input[8], - unsigned char output[8] ) +int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, + const unsigned char input[8], + unsigned char output[8]) { int i; uint32_t X, Y, T, *SK; SK = ctx->sk; - X = MBEDTLS_GET_UINT32_BE( input, 0 ); - Y = MBEDTLS_GET_UINT32_BE( input, 4 ); + X = MBEDTLS_GET_UINT32_BE(input, 0); + Y = MBEDTLS_GET_UINT32_BE(input, 4); - DES_IP( X, Y ); + DES_IP(X, Y); - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - DES_FP( Y, X ); + DES_FP(Y, X); - MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE(Y, output, 0); + MBEDTLS_PUT_UINT32_BE(X, output, 4); - return( 0 ); + return 0; } #endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */ @@ -635,50 +623,50 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, /* * DES-CBC buffer encryption/decryption */ -int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ) +int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_DES_ENCRYPT ) - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + if (mode == MBEDTLS_DES_ENCRYPT) { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_des_crypt_ecb( ctx, output, output ); - if( ret != 0 ) + ret = mbedtls_des_crypt_ecb(ctx, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 8 ); + } + memcpy(iv, output, 8); input += 8; output += 8; length -= 8; } - } - else /* MBEDTLS_DES_DECRYPT */ - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - ret = mbedtls_des_crypt_ecb( ctx, input, output ); - if( ret != 0 ) + } else { /* MBEDTLS_DES_DECRYPT */ + while (length > 0) { + memcpy(temp, input, 8); + ret = mbedtls_des_crypt_ecb(ctx, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; @@ -688,7 +676,7 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -696,44 +684,41 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, * 3DES-ECB block encryption/decryption */ #if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT) -int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, - const unsigned char input[8], - unsigned char output[8] ) +int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, + const unsigned char input[8], + unsigned char output[8]) { int i; uint32_t X, Y, T, *SK; SK = ctx->sk; - X = MBEDTLS_GET_UINT32_BE( input, 0 ); - Y = MBEDTLS_GET_UINT32_BE( input, 4 ); + X = MBEDTLS_GET_UINT32_BE(input, 0); + Y = MBEDTLS_GET_UINT32_BE(input, 4); - DES_IP( X, Y ); + DES_IP(X, Y); - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - for( i = 0; i < 8; i++ ) - { - DES_ROUND( X, Y ); - DES_ROUND( Y, X ); + for (i = 0; i < 8; i++) { + DES_ROUND(X, Y); + DES_ROUND(Y, X); } - for( i = 0; i < 8; i++ ) - { - DES_ROUND( Y, X ); - DES_ROUND( X, Y ); + for (i = 0; i < 8; i++) { + DES_ROUND(Y, X); + DES_ROUND(X, Y); } - DES_FP( Y, X ); + DES_FP(Y, X); - MBEDTLS_PUT_UINT32_BE( Y, output, 0 ); - MBEDTLS_PUT_UINT32_BE( X, output, 4 ); + MBEDTLS_PUT_UINT32_BE(Y, output, 0); + MBEDTLS_PUT_UINT32_BE(X, output, 4); - return( 0 ); + return 0; } #endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */ @@ -741,50 +726,50 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx, /* * 3DES-CBC buffer encryption/decryption */ -int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ) +int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output) { int i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_DES_ENCRYPT ) - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + if (mode == MBEDTLS_DES_ENCRYPT) { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - ret = mbedtls_des3_crypt_ecb( ctx, output, output ); - if( ret != 0 ) + ret = mbedtls_des3_crypt_ecb(ctx, output, output); + if (ret != 0) { goto exit; - memcpy( iv, output, 8 ); + } + memcpy(iv, output, 8); input += 8; output += 8; length -= 8; } - } - else /* MBEDTLS_DES_DECRYPT */ - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - ret = mbedtls_des3_crypt_ecb( ctx, input, output ); - if( ret != 0 ) + } else { /* MBEDTLS_DES_DECRYPT */ + while (length > 0) { + memcpy(temp, input, 8); + ret = mbedtls_des3_crypt_ecb(ctx, input, output); + if (ret != 0) { goto exit; + } - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; @@ -794,7 +779,7 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx, ret = 0; exit: - return( ret ); + return ret; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -856,7 +841,7 @@ static const unsigned char des3_test_cbc_enc[3][8] = /* * Checkup routine */ -int mbedtls_des_self_test( int verbose ) +int mbedtls_des_self_test(int verbose) { int i, j, u, v, ret = 0; mbedtls_des_context ctx; @@ -867,194 +852,199 @@ int mbedtls_des_self_test( int verbose ) unsigned char iv[8]; #endif - mbedtls_des_init( &ctx ); - mbedtls_des3_init( &ctx3 ); + mbedtls_des_init(&ctx); + mbedtls_des3_init(&ctx3); /* * ECB mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " DES%c-ECB-%3d (%s): ", - ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" DES%c-ECB-%3d (%s): ", + (u == 0) ? ' ' : '3', 56 + u * 56, + (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); + } - memcpy( buf, des3_test_buf, 8 ); + memcpy(buf, des3_test_buf, 8); - switch( i ) - { - case 0: - ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys ); - break; + switch (i) { + case 0: + ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); + break; - case 1: - ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys ); - break; + case 1: + ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); + break; - case 2: - ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); - break; + case 2: + ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); + break; - case 3: - ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); - break; + case 3: + ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); + break; - case 4: - ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); - break; + case 4: + ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); + break; - case 5: - ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); - break; + case 5: + ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); + break; - default: - return( 1 ); + default: + return 1; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } - for( j = 0; j < 100; j++ ) - { - if( u == 0 ) - ret = mbedtls_des_crypt_ecb( &ctx, buf, buf ); - else - ret = mbedtls_des3_crypt_ecb( &ctx3, buf, buf ); - if( ret != 0 ) + for (j = 0; j < 100; j++) { + if (u == 0) { + ret = mbedtls_des_crypt_ecb(&ctx, buf, buf); + } else { + ret = mbedtls_des3_crypt_ecb(&ctx3, buf, buf); + } + if (ret != 0) { goto exit; + } } - if( ( v == MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) || - ( v != MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((v == MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_ecb_dec[u], 8) != 0) || + (v != MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_ecb_enc[u], 8) != 0)) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { u = i >> 1; v = i & 1; - if( verbose != 0 ) - mbedtls_printf( " DES%c-CBC-%3d (%s): ", - ( u == 0 ) ? ' ' : '3', 56 + u * 56, - ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" ); + if (verbose != 0) { + mbedtls_printf(" DES%c-CBC-%3d (%s): ", + (u == 0) ? ' ' : '3', 56 + u * 56, + (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); + } - memcpy( iv, des3_test_iv, 8 ); - memcpy( prv, des3_test_iv, 8 ); - memcpy( buf, des3_test_buf, 8 ); + memcpy(iv, des3_test_iv, 8); + memcpy(prv, des3_test_iv, 8); + memcpy(buf, des3_test_buf, 8); - switch( i ) - { - case 0: - ret = mbedtls_des_setkey_dec( &ctx, des3_test_keys ); - break; + switch (i) { + case 0: + ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); + break; - case 1: - ret = mbedtls_des_setkey_enc( &ctx, des3_test_keys ); - break; + case 1: + ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); + break; - case 2: - ret = mbedtls_des3_set2key_dec( &ctx3, des3_test_keys ); - break; + case 2: + ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); + break; - case 3: - ret = mbedtls_des3_set2key_enc( &ctx3, des3_test_keys ); - break; + case 3: + ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); + break; - case 4: - ret = mbedtls_des3_set3key_dec( &ctx3, des3_test_keys ); - break; + case 4: + ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); + break; - case 5: - ret = mbedtls_des3_set3key_enc( &ctx3, des3_test_keys ); - break; + case 5: + ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); + break; - default: - return( 1 ); + default: + return 1; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( v == MBEDTLS_DES_DECRYPT ) - { - for( j = 0; j < 100; j++ ) - { - if( u == 0 ) - ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); - else - ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); - if( ret != 0 ) + if (v == MBEDTLS_DES_DECRYPT) { + for (j = 0; j < 100; j++) { + if (u == 0) { + ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf); + } else { + ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf); + } + if (ret != 0) { goto exit; + } } - } - else - { - for( j = 0; j < 100; j++ ) - { + } else { + for (j = 0; j < 100; j++) { unsigned char tmp[8]; - if( u == 0 ) - ret = mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); - else - ret = mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); - if( ret != 0 ) + if (u == 0) { + ret = mbedtls_des_crypt_cbc(&ctx, v, 8, iv, buf, buf); + } else { + ret = mbedtls_des3_crypt_cbc(&ctx3, v, 8, iv, buf, buf); + } + if (ret != 0) { goto exit; + } - memcpy( tmp, prv, 8 ); - memcpy( prv, buf, 8 ); - memcpy( buf, tmp, 8 ); + memcpy(tmp, prv, 8); + memcpy(prv, buf, 8); + memcpy(buf, tmp, 8); } - memcpy( buf, prv, 8 ); + memcpy(buf, prv, 8); } - if( ( v == MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) || - ( v != MBEDTLS_DES_DECRYPT && - memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((v == MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_cbc_dec[u], 8) != 0) || + (v != MBEDTLS_DES_DECRYPT && + memcmp(buf, des3_test_cbc_enc[u], 8) != 0)) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } #endif /* MBEDTLS_CIPHER_MODE_CBC */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_des_free( &ctx ); - mbedtls_des3_free( &ctx3 ); + mbedtls_des_free(&ctx); + mbedtls_des3_free(&ctx3); - if( ret != 0 ) + if (ret != 0) { ret = 1; - return( ret ); + } + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/dhm.c b/third_party/mbedtls/repo/library/dhm.c index 88e148bb80f..1a41b91a90b 100644 --- a/third_party/mbedtls/repo/library/dhm.c +++ b/third_party/mbedtls/repo/library/dhm.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The following sources were referenced in the design of this implementation @@ -43,47 +31,42 @@ #include "mbedtls/asn1.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #if !defined(MBEDTLS_DHM_ALT) -#define DHM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA ) -#define DHM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define DHM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA) +#define DHM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * helper to validate the mbedtls_mpi size and import it */ -static int dhm_read_bignum( mbedtls_mpi *X, - unsigned char **p, - const unsigned char *end ) +static int dhm_read_bignum(mbedtls_mpi *X, + unsigned char **p, + const unsigned char *end) { int ret, n; - if( end - *p < 2 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (end - *p < 2) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; (*p) += 2; - if( (int)( end - *p ) < n ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if ((int) (end - *p) < n) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret ) ); + if ((ret = mbedtls_mpi_read_binary(X, *p, n)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED, ret); + } (*p) += n; - return( 0 ); + return 0; } /* @@ -98,232 +81,242 @@ static int dhm_read_bignum( mbedtls_mpi *X, * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643 */ -static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P ) +static int dhm_check_range(const mbedtls_mpi *param, const mbedtls_mpi *P) { mbedtls_mpi U; int ret = 0; - mbedtls_mpi_init( &U ); + mbedtls_mpi_init(&U); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&U, P, 2)); - if( mbedtls_mpi_cmp_int( param, 2 ) < 0 || - mbedtls_mpi_cmp_mpi( param, &U ) > 0 ) - { + if (mbedtls_mpi_cmp_int(param, 2) < 0 || + mbedtls_mpi_cmp_mpi(param, &U) > 0) { ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } cleanup: - mbedtls_mpi_free( &U ); - return( ret ); + mbedtls_mpi_free(&U); + return ret; } -void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) +void mbedtls_dhm_init(mbedtls_dhm_context *ctx) { - DHM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); + DHM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_dhm_context)); } /* * Parse the ServerKeyExchange parameters */ -int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, - unsigned char **p, - const unsigned char *end ) +int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx, + unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( p != NULL && *p != NULL ); - DHM_VALIDATE_RET( end != NULL ); - - if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 || - ( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 || - ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 ) - return( ret ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(p != NULL && *p != NULL); + DHM_VALIDATE_RET(end != NULL); + + if ((ret = dhm_read_bignum(&ctx->P, p, end)) != 0 || + (ret = dhm_read_bignum(&ctx->G, p, end)) != 0 || + (ret = dhm_read_bignum(&ctx->GY, p, end)) != 0) { + return ret; + } - if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) { + return ret; + } - ctx->len = mbedtls_mpi_size( &ctx->P ); + ctx->len = mbedtls_mpi_size(&ctx->P); - return( 0 ); + return 0; } /* * Pick a random R in the range [2, M-2] for blinding or key generation. */ -static int dhm_random_below( mbedtls_mpi *R, const mbedtls_mpi *M, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int dhm_random_below(mbedtls_mpi *R, const mbedtls_mpi *M, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret; - MBEDTLS_MPI_CHK( mbedtls_mpi_random( R, 3, M, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( R, R, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(R, 3, M, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(R, R, 1)); cleanup: - return( ret ); + return ret; } -static int dhm_make_common( mbedtls_dhm_context *ctx, int x_size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int dhm_make_common(mbedtls_dhm_context *ctx, int x_size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = 0; - if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - if( x_size < 0 ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); - - if( (unsigned) x_size < mbedtls_mpi_size( &ctx->P ) ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) ); + if (mbedtls_mpi_cmp_int(&ctx->P, 0) == 0) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } - else - { + if (x_size < 0) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } + + if ((unsigned) x_size < mbedtls_mpi_size(&ctx->P)) { + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->X, x_size, f_rng, p_rng)); + } else { /* Generate X as large as possible ( <= P - 2 ) */ - ret = dhm_random_below( &ctx->X, &ctx->P, f_rng, p_rng ); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) - return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ); - if( ret != 0 ) - return( ret ); + ret = dhm_random_below(&ctx->X, &ctx->P, f_rng, p_rng); + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { + return MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED; + } + if (ret != 0) { + return ret; + } } /* * Calculate GX = G^X mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, - &ctx->P , &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->GX, &ctx->G, &ctx->X, + &ctx->P, &ctx->RP)); - if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GX, &ctx->P)) != 0) { + return ret; + } cleanup: - return( ret ); + return ret; } /* * Setup and write the ServerKeyExchange parameters */ -int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; size_t n1, n2, n3; unsigned char *p; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( olen != NULL ); - DHM_VALIDATE_RET( f_rng != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(olen != NULL); + DHM_VALIDATE_RET(f_rng != NULL); - ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); - if( ret != 0 ) + ret = dhm_make_common(ctx, x_size, f_rng, p_rng); + if (ret != 0) { goto cleanup; + } /* * Export P, G, GX. RFC 5246 §4.4 states that "leading zero octets are * not required". We omit leading zeros for compactness. */ -#define DHM_MPI_EXPORT( X, n ) \ +#define DHM_MPI_EXPORT(X, n) \ do { \ - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ), \ - p + 2, \ - ( n ) ) ); \ - *p++ = MBEDTLS_BYTE_1( n ); \ - *p++ = MBEDTLS_BYTE_0( n ); \ - p += ( n ); \ - } while( 0 ) - - n1 = mbedtls_mpi_size( &ctx->P ); - n2 = mbedtls_mpi_size( &ctx->G ); - n3 = mbedtls_mpi_size( &ctx->GX ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary((X), \ + p + 2, \ + (n))); \ + *p++ = MBEDTLS_BYTE_1(n); \ + *p++ = MBEDTLS_BYTE_0(n); \ + p += (n); \ + } while (0) + + n1 = mbedtls_mpi_size(&ctx->P); + n2 = mbedtls_mpi_size(&ctx->G); + n3 = mbedtls_mpi_size(&ctx->GX); p = output; - DHM_MPI_EXPORT( &ctx->P , n1 ); - DHM_MPI_EXPORT( &ctx->G , n2 ); - DHM_MPI_EXPORT( &ctx->GX, n3 ); + DHM_MPI_EXPORT(&ctx->P, n1); + DHM_MPI_EXPORT(&ctx->G, n2); + DHM_MPI_EXPORT(&ctx->GX, n3); *olen = p - output; ctx->len = n1; cleanup: - if( ret != 0 && ret > -128 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret ); - return( ret ); + if (ret != 0 && ret > -128) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED, ret); + } + return ret; } /* * Set prime modulus and generator */ -int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, - const mbedtls_mpi *P, - const mbedtls_mpi *G ) +int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx, + const mbedtls_mpi *P, + const mbedtls_mpi *G) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( P != NULL ); - DHM_VALIDATE_RET( G != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(P != NULL); + DHM_VALIDATE_RET(G != NULL); - if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret ) ); + if ((ret = mbedtls_mpi_copy(&ctx->P, P)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->G, G)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_SET_GROUP_FAILED, ret); } - ctx->len = mbedtls_mpi_size( &ctx->P ); - return( 0 ); + ctx->len = mbedtls_mpi_size(&ctx->P); + return 0; } /* * Import the peer's public value G^Y */ -int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, - const unsigned char *input, size_t ilen ) +int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx, + const unsigned char *input, size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( input != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(input != NULL); - if( ilen < 1 || ilen > ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (ilen < 1 || ilen > ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret ) ); + if ((ret = mbedtls_mpi_read_binary(&ctx->GY, input, ilen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED, ret); + } - return( 0 ); + return 0; } /* * Create own private value X and export G^X */ -int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, - unsigned char *output, size_t olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( f_rng != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(f_rng != NULL); - if( olen < 1 || olen > ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (olen < 1 || olen > ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - ret = dhm_make_common( ctx, x_size, f_rng, p_rng ); - if( ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED ) - return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED ); - if( ret != 0 ) + ret = dhm_make_common(ctx, x_size, f_rng, p_rng); + if (ret == MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) { + return MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED; + } + if (ret != 0) { goto cleanup; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->GX, output, olen)); cleanup: - if( ret != 0 && ret > -128 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret ); - return( ret ); + if (ret != 0 && ret > -128) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED, ret); + } + return ret; } @@ -333,40 +326,38 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int dhm_update_blinding( mbedtls_dhm_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int dhm_update_blinding(mbedtls_dhm_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret; mbedtls_mpi R; - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&R); /* * Don't use any blinding the first time a particular X is used, * but remember it to use blinding next time. */ - if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) ); + if (mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->pX) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&ctx->pX, &ctx->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vi, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->Vf, 1)); - return( 0 ); + return 0; } /* * Ok, we need blinding. Can we re-use existing values? * If yes, just update them by squaring them. */ - if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) ); + if (mbedtls_mpi_cmp_int(&ctx->Vi, 1) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->P)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); - return( 0 ); + return 0; } /* @@ -374,111 +365,113 @@ static int dhm_update_blinding( mbedtls_dhm_context *ctx, */ /* Vi = random( 2, P-2 ) */ - MBEDTLS_MPI_CHK( dhm_random_below( &ctx->Vi, &ctx->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(dhm_random_below(&ctx->Vi, &ctx->P, f_rng, p_rng)); /* Vf = Vi^-X mod P * First compute Vi^-1 = R * (R Vi)^-1, (avoiding leaks from inv_mod), * then elevate to the Xth power. */ - MBEDTLS_MPI_CHK( dhm_random_below( &R, &ctx->P, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vi, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vf, &ctx->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); + MBEDTLS_MPI_CHK(dhm_random_below(&R, &ctx->P, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vi, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->Vf, &ctx->Vf, &ctx->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->P)); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP)); cleanup: - mbedtls_mpi_free( &R ); + mbedtls_mpi_free(&R); - return( ret ); + return ret; } /* * Derive and export the shared secret (G^Y)^X mod P */ -int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, - unsigned char *output, size_t output_size, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx, + unsigned char *output, size_t output_size, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi GYb; - DHM_VALIDATE_RET( ctx != NULL ); - DHM_VALIDATE_RET( output != NULL ); - DHM_VALIDATE_RET( olen != NULL ); + DHM_VALIDATE_RET(ctx != NULL); + DHM_VALIDATE_RET(output != NULL); + DHM_VALIDATE_RET(olen != NULL); - if( output_size < ctx->len ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + if (output_size < ctx->len) { + return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; + } - if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) - return( ret ); + if ((ret = dhm_check_range(&ctx->GY, &ctx->P)) != 0) { + return ret; + } - mbedtls_mpi_init( &GYb ); + mbedtls_mpi_init(&GYb); /* Blind peer's value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); + if (f_rng != NULL) { + MBEDTLS_MPI_CHK(dhm_update_blinding(ctx, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&GYb, &ctx->GY, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&GYb, &GYb, &ctx->P)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&GYb, &ctx->GY)); } - else - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) ); /* Do modular exponentiation */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X, - &ctx->P, &ctx->RP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->K, &GYb, &ctx->X, + &ctx->P, &ctx->RP)); /* Unblind secret value */ - if( f_rng != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); + if (f_rng != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->K, &ctx->K, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->K, &ctx->K, &ctx->P)); } /* Output the secret without any leading zero byte. This is mandatory * for TLS per RFC 5246 §8.1.2. */ - *olen = mbedtls_mpi_size( &ctx->K ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) ); + *olen = mbedtls_mpi_size(&ctx->K); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->K, output, *olen)); cleanup: - mbedtls_mpi_free( &GYb ); + mbedtls_mpi_free(&GYb); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED, ret); + } - return( 0 ); + return 0; } /* * Free the components of a DHM key */ -void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) +void mbedtls_dhm_free(mbedtls_dhm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->pX ); - mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->Vi ); - mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->K ); - mbedtls_mpi_free( &ctx->GY ); - mbedtls_mpi_free( &ctx->GX ); - mbedtls_mpi_free( &ctx->X ); - mbedtls_mpi_free( &ctx->G ); - mbedtls_mpi_free( &ctx->P ); - - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) ); + mbedtls_mpi_free(&ctx->pX); + mbedtls_mpi_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->Vi); + mbedtls_mpi_free(&ctx->RP); + mbedtls_mpi_free(&ctx->K); + mbedtls_mpi_free(&ctx->GY); + mbedtls_mpi_free(&ctx->GX); + mbedtls_mpi_free(&ctx->X); + mbedtls_mpi_free(&ctx->G); + mbedtls_mpi_free(&ctx->P); + + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_dhm_context)); } #if defined(MBEDTLS_ASN1_PARSE_C) /* * Parse DHM parameters */ -int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, - size_t dhminlen ) +int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin, + size_t dhminlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -487,32 +480,32 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, mbedtls_pem_context pem; #endif /* MBEDTLS_PEM_PARSE_C */ - DHM_VALIDATE_RET( dhm != NULL ); - DHM_VALIDATE_RET( dhmin != NULL ); + DHM_VALIDATE_RET(dhm != NULL); + DHM_VALIDATE_RET(dhmin != NULL); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' ) + if (dhminlen == 0 || dhmin[dhminlen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN DH PARAMETERS-----", - "-----END DH PARAMETERS-----", - dhmin, NULL, 0, &dhminlen ); - - if( ret == 0 ) - { + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN DH PARAMETERS-----", + "-----END DH PARAMETERS-----", + dhmin, NULL, 0, &dhminlen); + } + + if (ret == 0) { /* * Was PEM encoded */ dhminlen = pem.buflen; - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { goto exit; + } - p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin; + p = (ret == 0) ? pem.buf : (unsigned char *) dhmin; #else p = (unsigned char *) dhmin; #endif /* MBEDTLS_PEM_PARSE_C */ @@ -525,55 +518,51 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * privateValueLength INTEGER OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } end = p + len; - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + if ((ret = mbedtls_asn1_get_mpi(&p, end, &dhm->P)) != 0 || + (ret = mbedtls_asn1_get_mpi(&p, end, &dhm->G)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } - if( p != end ) - { + if (p != end) { /* This might be the optional privateValueLength. * If so, we can cleanly discard it */ mbedtls_mpi rec; - mbedtls_mpi_init( &rec ); - ret = mbedtls_asn1_get_mpi( &p, end, &rec ); - mbedtls_mpi_free( &rec ); - if ( ret != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, ret ); + mbedtls_mpi_init(&rec); + ret = mbedtls_asn1_get_mpi(&p, end, &rec); + mbedtls_mpi_free(&rec); + if (ret != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, ret); goto exit; } - if ( p != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_DHM_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_DHM_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); goto exit; } } ret = 0; - dhm->len = mbedtls_mpi_size( &dhm->P ); + dhm->len = mbedtls_mpi_size(&dhm->P); exit: #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); #endif - if( ret != 0 ) - mbedtls_dhm_free( dhm ); + if (ret != 0) { + mbedtls_dhm_free(dhm); + } - return( ret ); + return ret; } #if defined(MBEDTLS_FS_IO) @@ -584,71 +573,71 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * A terminating null byte is always appended. It is included in the announced * length only if the data looks like it is PEM encoded. */ -static int load_file( const char *path, unsigned char **buf, size_t *n ) +static int load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( MBEDTLS_ERR_DHM_ALLOC_FAILED ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_DHM_ALLOC_FAILED; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); - mbedtls_platform_zeroize( *buf, *n + 1 ); - mbedtls_free( *buf ); + mbedtls_platform_zeroize(*buf, *n + 1); + mbedtls_free(*buf); - return( MBEDTLS_ERR_DHM_FILE_IO_ERROR ); + return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { ++*n; + } - return( 0 ); + return 0; } /* * Load and parse DHM parameters */ -int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) +int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - DHM_VALIDATE_RET( dhm != NULL ); - DHM_VALIDATE_RET( path != NULL ); + DHM_VALIDATE_RET(dhm != NULL); + DHM_VALIDATE_RET(path != NULL); - if( ( ret = load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_dhm_parse_dhm( dhm, buf, n ); + ret = mbedtls_dhm_parse_dhm(dhm, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -658,60 +647,63 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) #if defined(MBEDTLS_PEM_PARSE_C) static const char mbedtls_test_dhm_params[] = -"-----BEGIN DH PARAMETERS-----\r\n" -"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" -"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" -"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" -"-----END DH PARAMETERS-----\r\n"; + "-----BEGIN DH PARAMETERS-----\r\n" + "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" + "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" + "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" + "-----END DH PARAMETERS-----\r\n"; #else /* MBEDTLS_PEM_PARSE_C */ static const char mbedtls_test_dhm_params[] = { - 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44, - 0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d, - 0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3, - 0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1, - 0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18, - 0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a, - 0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1, - 0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6, - 0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64, - 0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8, - 0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f, - 0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 }; + 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x35, 0xf4, 0x30, 0x44, + 0x3a, 0x09, 0x90, 0x4f, 0x3a, 0x39, 0xa9, 0x79, 0x79, 0x7d, 0x07, 0x0d, + 0xf5, 0x33, 0x78, 0xe7, 0x9c, 0x24, 0x38, 0xbe, 0xf4, 0xe7, 0x61, 0xf3, + 0xc7, 0x14, 0x55, 0x33, 0x28, 0x58, 0x9b, 0x04, 0x1c, 0x80, 0x9b, 0xe1, + 0xd6, 0xc6, 0xb5, 0xf1, 0xfc, 0x9f, 0x47, 0xd3, 0xa2, 0x54, 0x43, 0x18, + 0x82, 0x53, 0xa9, 0x92, 0xa5, 0x68, 0x18, 0xb3, 0x7b, 0xa9, 0xde, 0x5a, + 0x40, 0xd3, 0x62, 0xe5, 0x6e, 0xff, 0x0b, 0xe5, 0x41, 0x74, 0x74, 0xc1, + 0x25, 0xc1, 0x99, 0x27, 0x2c, 0x8f, 0xe4, 0x1d, 0xea, 0x73, 0x3d, 0xf6, + 0xf6, 0x62, 0xc9, 0x2a, 0xe7, 0x65, 0x56, 0xe7, 0x55, 0xd1, 0x0c, 0x64, + 0xe6, 0xa5, 0x09, 0x68, 0xf6, 0x7f, 0xc6, 0xea, 0x73, 0xd0, 0xdc, 0xa8, + 0x56, 0x9b, 0xe2, 0xba, 0x20, 0x4e, 0x23, 0x58, 0x0d, 0x8b, 0xca, 0x2f, + 0x49, 0x75, 0xb3, 0x02, 0x01, 0x02 +}; #endif /* MBEDTLS_PEM_PARSE_C */ -static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params ); +static const size_t mbedtls_test_dhm_params_len = sizeof(mbedtls_test_dhm_params); /* * Checkup routine */ -int mbedtls_dhm_self_test( int verbose ) +int mbedtls_dhm_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_dhm_context dhm; - mbedtls_dhm_init( &dhm ); + mbedtls_dhm_init(&dhm); - if( verbose != 0 ) - mbedtls_printf( " DHM parameter load: " ); + if (verbose != 0) { + mbedtls_printf(" DHM parameter load: "); + } - if( ( ret = mbedtls_dhm_parse_dhm( &dhm, - (const unsigned char *) mbedtls_test_dhm_params, - mbedtls_test_dhm_params_len ) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if ((ret = mbedtls_dhm_parse_dhm(&dhm, + (const unsigned char *) mbedtls_test_dhm_params, + mbedtls_test_dhm_params_len)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } exit: - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/ecdh.c b/third_party/mbedtls/repo/library/ecdh.c index 9dfa8680637..29a732a08fd 100644 --- a/third_party/mbedtls/repo/library/ecdh.c +++ b/third_party/mbedtls/repo/library/ecdh.c @@ -2,25 +2,13 @@ * Elliptic curve Diffie-Hellman * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf * RFC 4492 */ @@ -35,30 +23,30 @@ #include /* Parameter validation macros based on platform_util.h */ -#define ECDH_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECDH_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECDH_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECDH_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; #endif static mbedtls_ecp_group_id mbedtls_ecdh_grp_id( - const mbedtls_ecdh_context *ctx ) + const mbedtls_ecdh_context *ctx) { #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ctx->grp.id ); + return ctx->grp.id; #else - return( ctx->grp_id ); + return ctx->grp_id; #endif } -int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) +int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid) { /* At this time, all groups support ECDH. */ (void) gid; - return( 1 ); + return 1; } #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) @@ -69,39 +57,42 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid ) * the output parameter 'd' across continuation calls. This would not be * acceptable for a public function but is OK here as we control call sites. */ -static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecdh_gen_public_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - /* If multiplication is in progress, we already generated a privkey */ + int restarting = 0; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx == NULL || rs_ctx->rsm == NULL ) + restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL); #endif - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); + /* If multiplication is in progress, we already generated a privkey */ + if (!restarting) { + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, Q, d, &grp->G, + f_rng, p_rng, rs_ctx)); cleanup: - return( ret ); + return ret; } /* * Generate public key */ -int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDH_VALIDATE_RET( grp != NULL ); - ECDH_VALIDATE_RET( d != NULL ); - ECDH_VALIDATE_RET( Q != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); - return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) ); + ECDH_VALIDATE_RET(grp != NULL); + ECDH_VALIDATE_RET(d != NULL); + ECDH_VALIDATE_RET(Q != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); + return ecdh_gen_public_restartable(grp, d, Q, f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */ @@ -109,79 +100,78 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp /* * Compute shared secret (SEC1 3.3.1) */ -static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecdh_compute_shared_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point P; - mbedtls_ecp_point_init( &P ); + mbedtls_ecp_point_init(&P); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &P, d, Q, + f_rng, p_rng, rs_ctx)); - if( mbedtls_ecp_is_zero( &P ) ) - { + if (mbedtls_ecp_is_zero(&P)) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(z, &P.X)); cleanup: - mbedtls_ecp_point_free( &P ); + mbedtls_ecp_point_free(&P); - return( ret ); + return ret; } /* * Compute shared secret (SEC1 3.3.1) */ -int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, - const mbedtls_ecp_point *Q, const mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDH_VALIDATE_RET( grp != NULL ); - ECDH_VALIDATE_RET( Q != NULL ); - ECDH_VALIDATE_RET( d != NULL ); - ECDH_VALIDATE_RET( z != NULL ); - return( ecdh_compute_shared_restartable( grp, z, Q, d, - f_rng, p_rng, NULL ) ); + ECDH_VALIDATE_RET(grp != NULL); + ECDH_VALIDATE_RET(Q != NULL); + ECDH_VALIDATE_RET(d != NULL); + ECDH_VALIDATE_RET(z != NULL); + return ecdh_compute_shared_restartable(grp, z, Q, d, + f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ -static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) +static void ecdh_init_internal(mbedtls_ecdh_context_mbed *ctx) { - mbedtls_ecp_group_init( &ctx->grp ); - mbedtls_mpi_init( &ctx->d ); - mbedtls_ecp_point_init( &ctx->Q ); - mbedtls_ecp_point_init( &ctx->Qp ); - mbedtls_mpi_init( &ctx->z ); + mbedtls_ecp_group_init(&ctx->grp); + mbedtls_mpi_init(&ctx->d); + mbedtls_ecp_point_init(&ctx->Q); + mbedtls_ecp_point_init(&ctx->Qp); + mbedtls_mpi_init(&ctx->z); #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_init( &ctx->rs ); + mbedtls_ecp_restart_init(&ctx->rs); #endif } /* * Initialize context */ -void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx) { - ECDH_VALIDATE( ctx != NULL ); + ECDH_VALIDATE(ctx != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - ecdh_init_internal( ctx ); - mbedtls_ecp_point_init( &ctx->Vi ); - mbedtls_ecp_point_init( &ctx->Vf ); - mbedtls_mpi_init( &ctx->_d ); + ecdh_init_internal(ctx); + mbedtls_ecp_point_init(&ctx->Vi); + mbedtls_ecp_point_init(&ctx->Vf); + mbedtls_mpi_init(&ctx->_d); #else - memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); + memset(ctx, 0, sizeof(mbedtls_ecdh_context)); ctx->var = MBEDTLS_ECDH_VARIANT_NONE; #endif @@ -191,59 +181,57 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) #endif } -static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx, - mbedtls_ecp_group_id grp_id ) +static int ecdh_setup_internal(mbedtls_ecdh_context_mbed *ctx, + mbedtls_ecp_group_id grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_ecp_group_load( &ctx->grp, grp_id ); - if( ret != 0 ) - { - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + ret = mbedtls_ecp_group_load(&ctx->grp, grp_id); + if (ret != 0) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } /* * Setup context */ -int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) +int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id) { - ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_setup_internal( ctx, grp_id ) ); + return ecdh_setup_internal(ctx, grp_id); #else - switch( grp_id ) - { + switch (grp_id) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: ctx->point_format = MBEDTLS_ECP_PF_COMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_EVEREST; ctx->grp_id = grp_id; - return( mbedtls_everest_setup( &ctx->ctx.everest_ecdh, grp_id ) ); + return mbedtls_everest_setup(&ctx->ctx.everest_ecdh, grp_id); #endif default: ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; ctx->grp_id = grp_id; - ecdh_init_internal( &ctx->ctx.mbed_ecdh ); - return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); + ecdh_init_internal(&ctx->ctx.mbed_ecdh); + return ecdh_setup_internal(&ctx->ctx.mbed_ecdh, grp_id); } #endif } -static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx ) +static void ecdh_free_internal(mbedtls_ecdh_context_mbed *ctx) { - mbedtls_ecp_group_free( &ctx->grp ); - mbedtls_mpi_free( &ctx->d ); - mbedtls_ecp_point_free( &ctx->Q ); - mbedtls_ecp_point_free( &ctx->Qp ); - mbedtls_mpi_free( &ctx->z ); + mbedtls_ecp_group_free(&ctx->grp); + mbedtls_mpi_free(&ctx->d); + mbedtls_ecp_point_free(&ctx->Q); + mbedtls_ecp_point_free(&ctx->Qp); + mbedtls_mpi_free(&ctx->z); #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_free( &ctx->rs ); + mbedtls_ecp_restart_free(&ctx->rs); #endif } @@ -251,9 +239,9 @@ static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx ) /* * Enable restartable operations for context */ -void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx) { - ECDH_VALIDATE( ctx != NULL ); + ECDH_VALIDATE(ctx != NULL); ctx->restart_enabled = 1; } @@ -262,26 +250,26 @@ void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ) /* * Free context */ -void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) +void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - mbedtls_ecp_point_free( &ctx->Vi ); - mbedtls_ecp_point_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->_d ); - ecdh_free_internal( ctx ); + mbedtls_ecp_point_free(&ctx->Vi); + mbedtls_ecp_point_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->_d); + ecdh_free_internal(ctx); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - mbedtls_everest_free( &ctx->ctx.everest_ecdh ); + mbedtls_everest_free(&ctx->ctx.everest_ecdh); break; #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - ecdh_free_internal( &ctx->ctx.mbed_ecdh ); + ecdh_free_internal(&ctx->ctx.mbed_ecdh); break; default: break; @@ -293,14 +281,14 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) #endif } -static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, int point_format, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_make_params_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t grp_len, pt_len; @@ -308,40 +296,46 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng, rs_ctx ) ) != 0 ) - return( ret ); + if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx)) != 0) { + return ret; + } #else - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng)) != 0) { + return ret; + } #endif /* MBEDTLS_ECP_RESTARTABLE */ - if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, - blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_write_group(&ctx->grp, &grp_len, buf, + blen)) != 0) { + return ret; + } buf += grp_len; blen -= grp_len; - if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, - &pt_len, buf, blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format, + &pt_len, buf, blen)) != 0) { + return ret; + } *olen = grp_len + pt_len; - return( 0 ); + return 0; } /* @@ -351,16 +345,16 @@ static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, * ECPoint public; * } ServerECDHParams; */ -int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; @@ -369,359 +363,365 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_make_params_internal( ctx, olen, ctx->point_format, buf, blen, - f_rng, p_rng, restart_enabled ) ); + return ecdh_make_params_internal(ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_params( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_make_params(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, - ctx->point_format, buf, blen, - f_rng, p_rng, - restart_enabled ) ); + return ecdh_make_params_internal(&ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_read_params_internal( mbedtls_ecdh_context_mbed *ctx, - const unsigned char **buf, - const unsigned char *end ) +static int ecdh_read_params_internal(mbedtls_ecdh_context_mbed *ctx, + const unsigned char **buf, + const unsigned char *end) { - return( mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, - end - *buf ) ); + return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf, + end - *buf); } /* - * Read the ServerKeyExhange parameters (RFC 4492) + * Read the ServerKeyExchange parameters (RFC 4492) * struct { * ECParameters curve_params; * ECPoint public; * } ServerECDHParams; */ -int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, - const unsigned char *end ) +int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, + const unsigned char **buf, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( *buf != NULL ); - ECDH_VALIDATE_RET( end != NULL ); - - if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, end - *buf ) ) - != 0 ) - return( ret ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(*buf != NULL); + ECDH_VALIDATE_RET(end != NULL); + + if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf)) + != 0) { + return ret; + } - if( ( ret = mbedtls_ecdh_setup( ctx, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_setup(ctx, grp_id)) != 0) { + return ret; + } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_read_params_internal( ctx, buf, end ) ); + return ecdh_read_params_internal(ctx, buf, end); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_params( &ctx->ctx.everest_ecdh, - buf, end) ); + return mbedtls_everest_read_params(&ctx->ctx.everest_ecdh, + buf, end); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, - buf, end ) ); + return ecdh_read_params_internal(&ctx->ctx.mbed_ecdh, + buf, end); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ) +static int ecdh_get_params_internal(mbedtls_ecdh_context_mbed *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* If it's not our key, just import the public part as Qp */ - if( side == MBEDTLS_ECDH_THEIRS ) - return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) ); + if (side == MBEDTLS_ECDH_THEIRS) { + return mbedtls_ecp_copy(&ctx->Qp, &key->Q); + } /* Our key: import public (as Q) and private parts */ - if( side != MBEDTLS_ECDH_OURS ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (side != MBEDTLS_ECDH_OURS) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* * Get parameters from a keypair */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, - const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ) +int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( key != NULL ); - ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || - side == MBEDTLS_ECDH_THEIRS ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(key != NULL); + ECDH_VALIDATE_RET(side == MBEDTLS_ECDH_OURS || + side == MBEDTLS_ECDH_THEIRS); - if( mbedtls_ecdh_grp_id( ctx ) == MBEDTLS_ECP_DP_NONE ) - { + if (mbedtls_ecdh_grp_id(ctx) == MBEDTLS_ECP_DP_NONE) { /* This is the first call to get_params(). Set up the context * for use with the group. */ - if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) - return( ret ); - } - else - { + if ((ret = mbedtls_ecdh_setup(ctx, key->grp.id)) != 0) { + return ret; + } + } else { /* This is not the first call to get_params(). Check that the * current key's group is the same as the context's, which was set * from the first key's group. */ - if( mbedtls_ecdh_grp_id( ctx ) != key->grp.id ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecdh_grp_id(ctx) != key->grp.id) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } } #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_get_params_internal( ctx, key, side ) ); + return ecdh_get_params_internal(ctx, key, side); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: { mbedtls_everest_ecdh_side s = side == MBEDTLS_ECDH_OURS ? - MBEDTLS_EVEREST_ECDH_OURS : - MBEDTLS_EVEREST_ECDH_THEIRS; - return( mbedtls_everest_get_params( &ctx->ctx.everest_ecdh, - key, s) ); + MBEDTLS_EVEREST_ECDH_OURS : + MBEDTLS_EVEREST_ECDH_THEIRS; + return mbedtls_everest_get_params(&ctx->ctx.everest_ecdh, + key, s); } #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, - key, side ) ); + return ecdh_get_params_internal(&ctx->ctx.mbed_ecdh, + key, side); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, int point_format, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_make_public_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng, rs_ctx ) ) != 0 ) - return( ret ); + if ((ret = ecdh_gen_public_restartable(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx)) != 0) { + return ret; + } #else - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, - f_rng, p_rng ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecdh_gen_public(&ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng)) != 0) { + return ret; + } #endif /* MBEDTLS_ECP_RESTARTABLE */ - return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, olen, - buf, blen ); + return mbedtls_ecp_tls_write_point(&ctx->grp, &ctx->Q, point_format, olen, + buf, blen); } /* * Setup and export the client public value */ -int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); - ECDH_VALIDATE_RET( f_rng != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); + ECDH_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_make_public_internal( ctx, olen, ctx->point_format, buf, blen, - f_rng, p_rng, restart_enabled ) ); + return ecdh_make_public_internal(ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_make_public( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_make_public(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, - ctx->point_format, buf, blen, - f_rng, p_rng, - restart_enabled ) ); + return ecdh_make_public_internal(&ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx, - const unsigned char *buf, size_t blen ) +static int ecdh_read_public_internal(mbedtls_ecdh_context_mbed *ctx, + const unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; - if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, - blen ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, &p, + blen)) != 0) { + return ret; + } - if( (size_t)( p - buf ) != blen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((size_t) (p - buf) != blen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Parse and import the client's public value */ -int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ) +int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen) { - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_read_public_internal( ctx, buf, blen ) ); + return ecdh_read_public_internal(ctx, buf, blen); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_read_public( &ctx->ctx.everest_ecdh, - buf, blen ) ); + return mbedtls_everest_read_public(&ctx->ctx.everest_ecdh, + buf, blen); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, - buf, blen ) ); + return ecdh_read_public_internal(&ctx->ctx.mbed_ecdh, + buf, blen); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } -static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, - size_t *olen, unsigned char *buf, - size_t blen, - int (*f_rng)(void *, - unsigned char *, - size_t), - void *p_rng, - int restart_enabled ) +static int ecdh_calc_secret_internal(mbedtls_ecdh_context_mbed *ctx, + size_t *olen, unsigned char *buf, + size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_ECP_RESTARTABLE) mbedtls_ecp_restart_ctx *rs_ctx = NULL; #endif - if( ctx == NULL || ctx->grp.pbits == 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->grp.pbits == 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( restart_enabled ) + if (restart_enabled) { rs_ctx = &ctx->rs; + } #else (void) restart_enabled; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ( ret = ecdh_compute_shared_restartable( &ctx->grp, &ctx->z, &ctx->Qp, - &ctx->d, f_rng, p_rng, - rs_ctx ) ) != 0 ) - { - return( ret ); + if ((ret = ecdh_compute_shared_restartable(&ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng, + rs_ctx)) != 0) { + return ret; } #else - if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, - &ctx->d, f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ecdh_compute_shared(&ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng)) != 0) { + return ret; } #endif /* MBEDTLS_ECP_RESTARTABLE */ - if( mbedtls_mpi_size( &ctx->z ) > blen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_mpi_size(&ctx->z) > blen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 ); + *olen = ctx->grp.pbits / 8 + ((ctx->grp.pbits % 8) != 0); - if( mbedtls_ecp_get_type( &ctx->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return mbedtls_mpi_write_binary_le( &ctx->z, buf, *olen ); + if (mbedtls_ecp_get_type(&ctx->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return mbedtls_mpi_write_binary_le(&ctx->z, buf, *olen); + } - return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); + return mbedtls_mpi_write_binary(&ctx->z, buf, *olen); } /* * Derive and export the shared secret */ -int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int restart_enabled = 0; - ECDH_VALIDATE_RET( ctx != NULL ); - ECDH_VALIDATE_RET( olen != NULL ); - ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET(ctx != NULL); + ECDH_VALIDATE_RET(olen != NULL); + ECDH_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) restart_enabled = ctx->restart_enabled; #endif #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_calc_secret_internal( ctx, olen, buf, blen, f_rng, p_rng, - restart_enabled ) ); + return ecdh_calc_secret_internal(ctx, olen, buf, blen, f_rng, p_rng, + restart_enabled); #else - switch( ctx->var ) - { + switch (ctx->var) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( mbedtls_everest_calc_secret( &ctx->ctx.everest_ecdh, olen, - buf, blen, f_rng, p_rng ) ); + return mbedtls_everest_calc_secret(&ctx->ctx.everest_ecdh, olen, + buf, blen, f_rng, p_rng); #endif case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: - return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, - blen, f_rng, p_rng, - restart_enabled ) ); + return ecdh_calc_secret_internal(&ctx->ctx.mbed_ecdh, olen, buf, + blen, f_rng, p_rng, + restart_enabled); default: - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #endif } diff --git a/third_party/mbedtls/repo/library/ecdsa.c b/third_party/mbedtls/repo/library/ecdsa.c index 640eb24a26e..51aba0ed9a9 100644 --- a/third_party/mbedtls/repo/library/ecdsa.c +++ b/third_party/mbedtls/repo/library/ecdsa.c @@ -2,25 +2,13 @@ * Elliptic curve DSA * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf */ #include "common.h" @@ -36,30 +24,23 @@ #include "mbedtls/hmac_drbg.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/platform_util.h" #include "mbedtls/error.h" /* Parameter validation macros based on platform_util.h */ -#define ECDSA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECDSA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECDSA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECDSA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_ECP_RESTARTABLE) /* * Sub-context for ecdsa_verify() */ -struct mbedtls_ecdsa_restart_ver -{ +struct mbedtls_ecdsa_restart_ver { mbedtls_mpi u1, u2; /* intermediate values */ enum { /* what to do next? */ ecdsa_ver_init = 0, /* getting started */ @@ -70,32 +51,32 @@ struct mbedtls_ecdsa_restart_ver /* * Init verify restart sub-context */ -static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *ctx ) +static void ecdsa_restart_ver_init(mbedtls_ecdsa_restart_ver_ctx *ctx) { - mbedtls_mpi_init( &ctx->u1 ); - mbedtls_mpi_init( &ctx->u2 ); + mbedtls_mpi_init(&ctx->u1); + mbedtls_mpi_init(&ctx->u2); ctx->state = ecdsa_ver_init; } /* * Free the components of a verify restart sub-context */ -static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *ctx ) +static void ecdsa_restart_ver_free(mbedtls_ecdsa_restart_ver_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->u1 ); - mbedtls_mpi_free( &ctx->u2 ); + mbedtls_mpi_free(&ctx->u1); + mbedtls_mpi_free(&ctx->u2); - ecdsa_restart_ver_init( ctx ); + ecdsa_restart_ver_init(ctx); } /* * Sub-context for ecdsa_sign() */ -struct mbedtls_ecdsa_restart_sig -{ +struct mbedtls_ecdsa_restart_sig { int sign_tries; int key_tries; mbedtls_mpi k; /* per-signature random */ @@ -110,33 +91,33 @@ struct mbedtls_ecdsa_restart_sig /* * Init verify sign sub-context */ -static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *ctx ) +static void ecdsa_restart_sig_init(mbedtls_ecdsa_restart_sig_ctx *ctx) { ctx->sign_tries = 0; ctx->key_tries = 0; - mbedtls_mpi_init( &ctx->k ); - mbedtls_mpi_init( &ctx->r ); + mbedtls_mpi_init(&ctx->k); + mbedtls_mpi_init(&ctx->r); ctx->state = ecdsa_sig_init; } /* * Free the components of a sign restart sub-context */ -static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *ctx ) +static void ecdsa_restart_sig_free(mbedtls_ecdsa_restart_sig_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->k ); - mbedtls_mpi_free( &ctx->r ); + mbedtls_mpi_free(&ctx->k); + mbedtls_mpi_free(&ctx->r); } #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Sub-context for ecdsa_sign_det() */ -struct mbedtls_ecdsa_restart_det -{ +struct mbedtls_ecdsa_restart_det { mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */ enum { /* what to do next? */ ecdsa_det_init = 0, /* getting started */ @@ -147,73 +128,74 @@ struct mbedtls_ecdsa_restart_det /* * Init verify sign_det sub-context */ -static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *ctx ) +static void ecdsa_restart_det_init(mbedtls_ecdsa_restart_det_ctx *ctx) { - mbedtls_hmac_drbg_init( &ctx->rng_ctx ); + mbedtls_hmac_drbg_init(&ctx->rng_ctx); ctx->state = ecdsa_det_init; } /* * Free the components of a sign_det restart sub-context */ -static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) +static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_hmac_drbg_free( &ctx->rng_ctx ); + mbedtls_hmac_drbg_free(&ctx->rng_ctx); - ecdsa_restart_det_init( ctx ); + ecdsa_restart_det_init(ctx); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#define ECDSA_RS_ECP ( rs_ctx == NULL ? NULL : &rs_ctx->ecp ) +#define ECDSA_RS_ECP (rs_ctx == NULL ? NULL : &rs_ctx->ecp) /* Utility macro for checking and updating ops budget */ -#define ECDSA_BUDGET( ops ) \ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) ); +#define ECDSA_BUDGET(ops) \ + MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, ECDSA_RS_ECP, ops)); /* Call this when entering a function that needs its own sub-context */ -#define ECDSA_RS_ENTER( SUB ) do { \ - /* reset ops count for this call if top-level */ \ - if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 ) \ +#define ECDSA_RS_ENTER(SUB) do { \ + /* reset ops count for this call if top-level */ \ + if (rs_ctx != NULL && rs_ctx->ecp.depth++ == 0) \ rs_ctx->ecp.ops_done = 0; \ \ - /* set up our own sub-context if needed */ \ - if( mbedtls_ecp_restart_is_enabled() && \ - rs_ctx != NULL && rs_ctx->SUB == NULL ) \ - { \ - rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ - if( rs_ctx->SUB == NULL ) \ - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ - \ - ecdsa_restart_## SUB ##_init( rs_ctx->SUB ); \ - } \ -} while( 0 ) + /* set up our own sub-context if needed */ \ + if (mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL) \ + { \ + rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ + if (rs_ctx->SUB == NULL) \ + return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ + \ + ecdsa_restart_## SUB ##_init(rs_ctx->SUB); \ + } \ +} while (0) /* Call this when leaving a function that needs its own sub-context */ -#define ECDSA_RS_LEAVE( SUB ) do { \ - /* clear our sub-context when not in progress (done or error) */ \ - if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ - ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ - { \ - ecdsa_restart_## SUB ##_free( rs_ctx->SUB ); \ - mbedtls_free( rs_ctx->SUB ); \ - rs_ctx->SUB = NULL; \ - } \ +#define ECDSA_RS_LEAVE(SUB) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ + { \ + ecdsa_restart_## SUB ##_free(rs_ctx->SUB); \ + mbedtls_free(rs_ctx->SUB); \ + rs_ctx->SUB = NULL; \ + } \ \ - if( rs_ctx != NULL ) \ + if (rs_ctx != NULL) \ rs_ctx->ecp.depth--; \ -} while( 0 ) +} while (0) #else /* MBEDTLS_ECP_RESTARTABLE */ #define ECDSA_RS_ECP NULL -#define ECDSA_BUDGET( ops ) /* no-op; for compatibility */ +#define ECDSA_BUDGET(ops) /* no-op; for compatibility */ -#define ECDSA_RS_ENTER( SUB ) (void) rs_ctx -#define ECDSA_RS_LEAVE( SUB ) (void) rs_ctx +#define ECDSA_RS_ENTER(SUB) (void) rs_ctx +#define ECDSA_RS_LEAVE(SUB) (void) rs_ctx #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -224,38 +206,53 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 */ -static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x, - const unsigned char *buf, size_t blen ) +static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, + const unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n_size = ( grp->nbits + 7 ) / 8; + size_t n_size = (grp->nbits + 7) / 8; size_t use_size = blen > n_size ? n_size : blen; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) ); - if( use_size * 8 > grp->nbits ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(x, buf, use_size)); + if (use_size * 8 > grp->nbits) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(x, use_size * 8 - grp->nbits)); + } /* While at it, reduce modulo N */ - if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) ); + if (mbedtls_mpi_cmp_mpi(x, &grp->N) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(x, x, &grp->N)); + } cleanup: - return( ret ); + return ret; } #endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ +int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) +{ + switch (gid) { +#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED + case MBEDTLS_ECP_DP_CURVE25519: return 0; +#endif +#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED + case MBEDTLS_ECP_DP_CURVE448: return 0; +#endif + default: return 1; + } +} + #if !defined(MBEDTLS_ECDSA_SIGN_ALT) /* * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) */ -static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_sign_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret, key_tries, sign_tries; int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; @@ -264,21 +261,22 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* Make sure d is in range 1..n-1 */ - if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(d, 1) < 0 || mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t ); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&k); mbedtls_mpi_init(&e); mbedtls_mpi_init(&t); - ECDSA_RS_ENTER( sig ); + ECDSA_RS_ENTER(sig); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) - { + if (rs_ctx != NULL && rs_ctx->sig != NULL) { /* redirect to our context */ p_sign_tries = &rs_ctx->sig->sign_tries; p_key_tries = &rs_ctx->sig->key_tries; @@ -286,18 +284,18 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, pr = &rs_ctx->sig->r; /* jump to current step */ - if( rs_ctx->sig->state == ecdsa_sig_mul ) + if (rs_ctx->sig->state == ecdsa_sig_mul) { goto mul; - if( rs_ctx->sig->state == ecdsa_sig_modn ) + } + if (rs_ctx->sig->state == ecdsa_sig_modn) { goto modn; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ *p_sign_tries = 0; - do - { - if( (*p_sign_tries)++ > 10 ) - { + do { + if ((*p_sign_tries)++ > 10) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } @@ -307,33 +305,32 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, * and set r = xR mod n */ *p_key_tries = 0; - do - { - if( (*p_key_tries)++ > 10 ) - { + do { + if ((*p_key_tries)++ > 10) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, pk, f_rng, p_rng)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { rs_ctx->sig->state = ecdsa_sig_mul; + } mul: #endif - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, - f_rng_blind, - p_rng_blind, - ECDSA_RS_ECP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); - } - while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, &R, pk, &grp->G, + f_rng_blind, + p_rng_blind, + ECDSA_RS_ECP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pr, &R.X, &grp->N)); + } while (mbedtls_mpi_cmp_int(pr, 0) == 0); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) + if (rs_ctx != NULL && rs_ctx->sig != NULL) { rs_ctx->sig->state = ecdsa_sig_modn; + } modn: #endif @@ -341,79 +338,65 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, * Accounting for everything up to the end of the loop * (step 6, but checking now avoids saving e and t) */ - ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 ); + ECDSA_BUDGET(MBEDTLS_ECP_OPS_INV + 4); /* * Step 5: derive MPI from hashed message */ - MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); /* * Generate a random value to blind inv_mod in next step, * avoiding a potential timing leak. */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng_blind, - p_rng_blind ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, &t, f_rng_blind, + p_rng_blind)); /* * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, pr, d ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pk, pk, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); - } - while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, pr, d)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&e, &e, s)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&e, &e, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pk, pk, &t)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pk, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(s, pk, &grp->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(s, s, &e)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(s, s, &grp->N)); + } while (mbedtls_mpi_cmp_int(s, 0) == 0); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->sig != NULL ) - mbedtls_mpi_copy( r, pr ); + if (rs_ctx != NULL && rs_ctx->sig != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr)); + } #endif cleanup: - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t ); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&k); mbedtls_mpi_free(&e); mbedtls_mpi_free(&t); - ECDSA_RS_LEAVE( sig ); + ECDSA_RS_LEAVE(sig); - return( ret ); -} - -int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid ) -{ - switch( gid ) - { -#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED - case MBEDTLS_ECP_DP_CURVE25519: return 0; -#endif -#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED - case MBEDTLS_ECP_DP_CURVE448: return 0; -#endif - default: return 1; - } + return ret; } /* * Compute ECDSA signature of a hashed message */ -int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( f_rng != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(f_rng != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); /* Use the same RNG for both blinding and ephemeral key generation */ - return( ecdsa_sign_restartable( grp, r, s, d, buf, blen, - f_rng, p_rng, f_rng, p_rng, NULL ) ); + return ecdsa_sign_restartable(grp, r, s, d, buf, blen, + f_rng, p_rng, f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDSA_SIGN_ALT */ @@ -421,66 +404,67 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, /* * Deterministic signature wrapper */ -static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context rng_ctx; mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; - size_t grp_len = ( grp->nbits + 7 ) / 8; + size_t grp_len = (grp->nbits + 7) / 8; const mbedtls_md_info_t *md_info; mbedtls_mpi h; - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &h ); - mbedtls_hmac_drbg_init( &rng_ctx ); + mbedtls_mpi_init(&h); + mbedtls_hmac_drbg_init(&rng_ctx); - ECDSA_RS_ENTER( det ); + ECDSA_RS_ENTER(det); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->det != NULL ) - { + if (rs_ctx != NULL && rs_ctx->det != NULL) { /* redirect to our context */ p_rng = &rs_ctx->det->rng_ctx; /* jump to current step */ - if( rs_ctx->det->state == ecdsa_det_sign ) + if (rs_ctx->det->state == ecdsa_det_sign) { goto sign; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) ); - MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) ); - mbedtls_hmac_drbg_seed_buf( p_rng, md_info, data, 2 * grp_len ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len)); + MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len)); + MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->det != NULL ) + if (rs_ctx != NULL && rs_ctx->det != NULL) { rs_ctx->det->state = ecdsa_det_sign; + } sign: #endif #if defined(MBEDTLS_ECDSA_SIGN_ALT) (void) f_rng_blind; (void) p_rng_blind; - ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng ); + ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng); #else - if( f_rng_blind != NULL ) - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx ); - else - { + if (f_rng_blind != NULL) { + ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx); + } else { mbedtls_hmac_drbg_context *p_rng_blind_det; #if !defined(MBEDTLS_ECP_RESTARTABLE) @@ -490,19 +474,18 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, * reusing the bits of the ephemeral key for blinding and eliminate the * risk that they leak this way. */ - const char* blind_label = "BLINDING CONTEXT"; + const char *blind_label = "BLINDING CONTEXT"; mbedtls_hmac_drbg_context rng_ctx_blind; - mbedtls_hmac_drbg_init( &rng_ctx_blind ); + mbedtls_hmac_drbg_init(&rng_ctx_blind); p_rng_blind_det = &rng_ctx_blind; - mbedtls_hmac_drbg_seed_buf( p_rng_blind_det, md_info, - data, 2 * grp_len ); - ret = mbedtls_hmac_drbg_update_ret( p_rng_blind_det, - (const unsigned char*) blind_label, - strlen( blind_label ) ); - if( ret != 0 ) - { - mbedtls_hmac_drbg_free( &rng_ctx_blind ); + mbedtls_hmac_drbg_seed_buf(p_rng_blind_det, md_info, + data, 2 * grp_len); + ret = mbedtls_hmac_drbg_update_ret(p_rng_blind_det, + (const unsigned char *) blind_label, + strlen(blind_label)); + if (ret != 0) { + mbedtls_hmac_drbg_free(&rng_ctx_blind); goto cleanup; } #else @@ -529,24 +512,24 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, * won't be a valid value for f_rng_blind anymore. Therefore it should * be checked by the caller and this branch and check can be removed. */ - ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - mbedtls_hmac_drbg_random, p_rng_blind_det, - rs_ctx ); + ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + mbedtls_hmac_drbg_random, p_rng_blind_det, + rs_ctx); #if !defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_hmac_drbg_free( &rng_ctx_blind ); + mbedtls_hmac_drbg_free(&rng_ctx_blind); #endif } #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: - mbedtls_hmac_drbg_free( &rng_ctx ); - mbedtls_mpi_free( &h ); + mbedtls_hmac_drbg_free(&rng_ctx); + mbedtls_mpi_free(&h); - ECDSA_RS_LEAVE( det ); + ECDSA_RS_LEAVE(det); - return( ret ); + return ret; } /* @@ -554,39 +537,39 @@ static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) +int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - NULL, NULL, NULL ) ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); + + return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + NULL, NULL, NULL); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ -int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, - mbedtls_mpi *s, const mbedtls_mpi *d, - const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, - size_t), - void *p_rng_blind ) +int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, + size_t), + void *p_rng_blind) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( d != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); - ECDSA_VALIDATE_RET( f_rng_blind != NULL ); - - return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, - f_rng_blind, p_rng_blind, NULL ) ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(d != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); + ECDSA_VALIDATE_RET(f_rng_blind != NULL); + + return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + f_rng_blind, p_rng_blind, NULL); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -595,46 +578,46 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r, * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) */ -static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, const mbedtls_mpi *s, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +static int ecdsa_verify_restartable(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi e, s_inv, u1, u2; mbedtls_ecp_point R; mbedtls_mpi *pu1 = &u1, *pu2 = &u2; - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); - mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&e); mbedtls_mpi_init(&s_inv); + mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ - if( ! mbedtls_ecdsa_can_do( grp->id ) || grp->N.p == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (!mbedtls_ecdsa_can_do(grp->id) || grp->N.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - ECDSA_RS_ENTER( ver ); + ECDSA_RS_ENTER(ver); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ver != NULL ) - { + if (rs_ctx != NULL && rs_ctx->ver != NULL) { /* redirect to our context */ pu1 = &rs_ctx->ver->u1; pu2 = &rs_ctx->ver->u2; /* jump to current step */ - if( rs_ctx->ver->state == ecdsa_ver_muladd ) + if (rs_ctx->ver->state == ecdsa_ver_muladd) { goto muladd; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ /* * Step 1: make sure r and s are in range 1..n-1 */ - if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 || - mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 ) - { + if (mbedtls_mpi_cmp_int(r, 1) < 0 || mbedtls_mpi_cmp_mpi(r, &grp->N) >= 0 || + mbedtls_mpi_cmp_int(s, 1) < 0 || mbedtls_mpi_cmp_mpi(s, &grp->N) >= 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } @@ -642,35 +625,35 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, /* * Step 3: derive MPI from hashed message */ - MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); + MBEDTLS_MPI_CHK(derive_mpi(grp, &e, buf, blen)); /* * Step 4: u1 = e / s mod n, u2 = r / s mod n */ - ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 ); + ECDSA_BUDGET(MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&s_inv, s, &grp->N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu1, &e, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu1, pu1, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu1, &e, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu1, pu1, &grp->N)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu2, r, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu2, pu2, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(pu2, r, &s_inv)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(pu2, pu2, &grp->N)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ver != NULL ) + if (rs_ctx != NULL && rs_ctx->ver != NULL) { rs_ctx->ver->state = ecdsa_ver_muladd; + } muladd: #endif /* * Step 5: R = u1 G + u2 Q */ - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd_restartable( grp, - &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd_restartable(grp, + &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP)); - if( mbedtls_ecp_is_zero( &R ) ) - { + if (mbedtls_ecp_is_zero(&R)) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } @@ -679,302 +662,303 @@ static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, * Step 6: convert xR to an integer (no-op) * Step 7: reduce xR mod n (gives v) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&R.X, &R.X, &grp->N)); /* * Step 8: check if v (that is, R.X) is equal to r */ - if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 ) - { + if (mbedtls_mpi_cmp_mpi(&R.X, r) != 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); - mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&e); mbedtls_mpi_free(&s_inv); + mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); - ECDSA_RS_LEAVE( ver ); + ECDSA_RS_LEAVE(ver); - return( ret ); + return ret; } /* * Verify ECDSA signature of hashed message */ -int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, - const mbedtls_mpi *s) +int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s) { - ECDSA_VALIDATE_RET( grp != NULL ); - ECDSA_VALIDATE_RET( Q != NULL ); - ECDSA_VALIDATE_RET( r != NULL ); - ECDSA_VALIDATE_RET( s != NULL ); - ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + ECDSA_VALIDATE_RET(grp != NULL); + ECDSA_VALIDATE_RET(Q != NULL); + ECDSA_VALIDATE_RET(r != NULL); + ECDSA_VALIDATE_RET(s != NULL); + ECDSA_VALIDATE_RET(buf != NULL || blen == 0); - return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) ); + return ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); } #endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ /* * Convert a signature (given by context) to ASN.1 */ -static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, - unsigned char *sig, size_t *slen ) +static int ecdsa_signature_to_asn1(const mbedtls_mpi *r, const mbedtls_mpi *s, + unsigned char *sig, size_t *slen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = {0}; - unsigned char *p = buf + sizeof( buf ); + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = { 0 }; + unsigned char *p = buf + sizeof(buf); size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, s)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&p, buf, r)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - memcpy( sig, p, len ); + memcpy(sig, p, len); *slen = len; - return( 0 ); + return 0; } /* * Compute and write signature */ -int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg, f_rng, - p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg, f_rng, + p_rng, rs_ctx)); #else (void) md_alg; #if defined(MBEDTLS_ECDSA_SIGN_ALT) (void) rs_ctx; - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng)); #else /* Use the same RNG for both blinding and ephemeral key generation */ - MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng, f_rng, - p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng, f_rng, + p_rng, rs_ctx)); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); + MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, slen)); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); - return( ret ); + return ret; } /* * Compute and write signature */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature_restartable( - ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); + return mbedtls_ecdsa_write_signature_restartable( + ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL); } #if !defined(MBEDTLS_DEPRECATED_REMOVED) && \ defined(MBEDTLS_ECDSA_DETERMINISTIC) -int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - unsigned char *sig, size_t *slen, - mbedtls_md_type_t md_alg ) +int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + mbedtls_md_type_t md_alg) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - ECDSA_VALIDATE_RET( slen != NULL ); - return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, - NULL, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + ECDSA_VALIDATE_RET(slen != NULL); + return mbedtls_ecdsa_write_signature(ctx, md_alg, hash, hlen, sig, slen, + NULL, NULL); } #endif /* * Read and check signature */ -int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen ) +int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen) { - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); - return( mbedtls_ecdsa_read_signature_restartable( - ctx, hash, hlen, sig, slen, NULL ) ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); + return mbedtls_ecdsa_read_signature_restartable( + ctx, hash, hlen, sig, slen, NULL); } /* * Restartable read and check signature */ -int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, - const unsigned char *hash, size_t hlen, - const unsigned char *sig, size_t slen, - mbedtls_ecdsa_restart_ctx *rs_ctx ) +int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; mbedtls_mpi r, s; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( hash != NULL ); - ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(hash != NULL); + ECDSA_VALIDATE_RET(sig != NULL); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - if( p + len != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p + len != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); goto cleanup; } - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 || - ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 ) - { + if ((ret = mbedtls_asn1_get_mpi(&p, end, &r)) != 0 || + (ret = mbedtls_asn1_get_mpi(&p, end, &s)) != 0) { ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } #if defined(MBEDTLS_ECDSA_VERIFY_ALT) (void) rs_ctx; - if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen, - &ctx->Q, &r, &s ) ) != 0 ) + if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s)) != 0) { goto cleanup; + } #else - if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen, - &ctx->Q, &r, &s, rs_ctx ) ) != 0 ) + if ((ret = ecdsa_verify_restartable(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s, rs_ctx)) != 0) { goto cleanup; + } #endif /* MBEDTLS_ECDSA_VERIFY_ALT */ /* At this point we know that the buffer starts with a valid signature. * Return 0 if the buffer just contains the signature, and a specific * error code if the valid signature is followed by more data. */ - if( p != end ) + if (p != end) { ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH; + } cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); - return( ret ); + return ret; } #if !defined(MBEDTLS_ECDSA_GENKEY_ALT) /* * Generate key pair */ -int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = 0; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( f_rng != NULL ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(f_rng != NULL); - ret = mbedtls_ecp_group_load( &ctx->grp, gid ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ecp_group_load(&ctx->grp, gid); + if (ret != 0) { + return ret; + } - return( mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, - &ctx->Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d, + &ctx->Q, f_rng, p_rng); } #endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ /* * Set context from an mbedtls_ecp_keypair */ -int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) +int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECDSA_VALIDATE_RET( ctx != NULL ); - ECDSA_VALIDATE_RET( key != NULL ); - - if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || - ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 || - ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ) - { - mbedtls_ecdsa_free( ctx ); + ECDSA_VALIDATE_RET(ctx != NULL); + ECDSA_VALIDATE_RET(key != NULL); + + if ((ret = mbedtls_ecp_group_copy(&ctx->grp, &key->grp)) != 0 || + (ret = mbedtls_mpi_copy(&ctx->d, &key->d)) != 0 || + (ret = mbedtls_ecp_copy(&ctx->Q, &key->Q)) != 0) { + mbedtls_ecdsa_free(ctx); } - return( ret ); + return ret; } /* * Initialize context */ -void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ) +void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx) { - ECDSA_VALIDATE( ctx != NULL ); + ECDSA_VALIDATE(ctx != NULL); - mbedtls_ecp_keypair_init( ctx ); + mbedtls_ecp_keypair_init(ctx); } /* * Free context */ -void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ) +void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_keypair_free( ctx ); + mbedtls_ecp_keypair_free(ctx); } #if defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ) +void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx) { - ECDSA_VALIDATE( ctx != NULL ); + ECDSA_VALIDATE(ctx != NULL); - mbedtls_ecp_restart_init( &ctx->ecp ); + mbedtls_ecp_restart_init(&ctx->ecp); ctx->ver = NULL; ctx->sig = NULL; @@ -986,24 +970,25 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ) +void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_restart_free( &ctx->ecp ); + mbedtls_ecp_restart_free(&ctx->ecp); - ecdsa_restart_ver_free( ctx->ver ); - mbedtls_free( ctx->ver ); + ecdsa_restart_ver_free(ctx->ver); + mbedtls_free(ctx->ver); ctx->ver = NULL; - ecdsa_restart_sig_free( ctx->sig ); - mbedtls_free( ctx->sig ); + ecdsa_restart_sig_free(ctx->sig); + mbedtls_free(ctx->sig); ctx->sig = NULL; #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - ecdsa_restart_det_free( ctx->det ); - mbedtls_free( ctx->det ); + ecdsa_restart_det_free(ctx->det); + mbedtls_free(ctx->det); ctx->det = NULL; #endif } diff --git a/third_party/mbedtls/repo/library/ecjpake.c b/third_party/mbedtls/repo/library/ecjpake.c index 368b6c7124b..102c24ab2a9 100644 --- a/third_party/mbedtls/repo/library/ecjpake.c +++ b/third_party/mbedtls/repo/library/ecjpake.c @@ -2,19 +2,7 @@ * Elliptic curve J-PAKE * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -35,10 +23,10 @@ #if !defined(MBEDTLS_ECJPAKE_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECJPAKE_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECJPAKE_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECJPAKE_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECJPAKE_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Convert a mbedtls_ecjpake_role to identifier string @@ -48,206 +36,212 @@ static const char * const ecjpake_id[] = { "server" }; -#define ID_MINE ( ecjpake_id[ ctx->role ] ) -#define ID_PEER ( ecjpake_id[ 1 - ctx->role ] ) +#define ID_MINE (ecjpake_id[ctx->role]) +#define ID_PEER (ecjpake_id[1 - ctx->role]) /* * Initialize context */ -void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) +void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx) { - ECJPAKE_VALIDATE( ctx != NULL ); + ECJPAKE_VALIDATE(ctx != NULL); ctx->md_info = NULL; - mbedtls_ecp_group_init( &ctx->grp ); + mbedtls_ecp_group_init(&ctx->grp); ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; - mbedtls_ecp_point_init( &ctx->Xm1 ); - mbedtls_ecp_point_init( &ctx->Xm2 ); - mbedtls_ecp_point_init( &ctx->Xp1 ); - mbedtls_ecp_point_init( &ctx->Xp2 ); - mbedtls_ecp_point_init( &ctx->Xp ); + mbedtls_ecp_point_init(&ctx->Xm1); + mbedtls_ecp_point_init(&ctx->Xm2); + mbedtls_ecp_point_init(&ctx->Xp1); + mbedtls_ecp_point_init(&ctx->Xp2); + mbedtls_ecp_point_init(&ctx->Xp); - mbedtls_mpi_init( &ctx->xm1 ); - mbedtls_mpi_init( &ctx->xm2 ); - mbedtls_mpi_init( &ctx->s ); + mbedtls_mpi_init(&ctx->xm1); + mbedtls_mpi_init(&ctx->xm2); + mbedtls_mpi_init(&ctx->s); } /* * Free context */ -void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ) +void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } ctx->md_info = NULL; - mbedtls_ecp_group_free( &ctx->grp ); + mbedtls_ecp_group_free(&ctx->grp); - mbedtls_ecp_point_free( &ctx->Xm1 ); - mbedtls_ecp_point_free( &ctx->Xm2 ); - mbedtls_ecp_point_free( &ctx->Xp1 ); - mbedtls_ecp_point_free( &ctx->Xp2 ); - mbedtls_ecp_point_free( &ctx->Xp ); + mbedtls_ecp_point_free(&ctx->Xm1); + mbedtls_ecp_point_free(&ctx->Xm2); + mbedtls_ecp_point_free(&ctx->Xp1); + mbedtls_ecp_point_free(&ctx->Xp2); + mbedtls_ecp_point_free(&ctx->Xp); - mbedtls_mpi_free( &ctx->xm1 ); - mbedtls_mpi_free( &ctx->xm2 ); - mbedtls_mpi_free( &ctx->s ); + mbedtls_mpi_free(&ctx->xm1); + mbedtls_mpi_free(&ctx->xm2); + mbedtls_mpi_free(&ctx->s); } /* * Setup context */ -int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, - mbedtls_ecjpake_role role, - mbedtls_md_type_t hash, - mbedtls_ecp_group_id curve, - const unsigned char *secret, - size_t len ) +int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, + mbedtls_ecjpake_role role, + mbedtls_md_type_t hash, + mbedtls_ecp_group_id curve, + const unsigned char *secret, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT || - role == MBEDTLS_ECJPAKE_SERVER ); - ECJPAKE_VALIDATE_RET( secret != NULL || len == 0 ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(role == MBEDTLS_ECJPAKE_CLIENT || + role == MBEDTLS_ECJPAKE_SERVER); + ECJPAKE_VALIDATE_RET(secret != NULL || len == 0); ctx->role = role; - if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + if ((ctx->md_info = mbedtls_md_info_from_type(hash)) == NULL) { + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + } - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ctx->grp, curve)); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->s, secret, len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->s, secret, len)); cleanup: - if( ret != 0 ) - mbedtls_ecjpake_free( ctx ); + if (ret != 0) { + mbedtls_ecjpake_free(ctx); + } - return( ret ); + return ret; } /* * Check if context is ready for use */ -int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) +int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); - if( ctx->md_info == NULL || + if (ctx->md_info == NULL || ctx->grp.id == MBEDTLS_ECP_DP_NONE || - ctx->s.p == NULL ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + ctx->s.p == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - return( 0 ); + return 0; } /* * Write a point plus its length to a buffer */ -static int ecjpake_write_len_point( unsigned char **p, - const unsigned char *end, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *P ) +static int ecjpake_write_len_point(unsigned char **p, + const unsigned char *end, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *P) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Need at least 4 for length plus 1 for point */ - if( end < *p || end - *p < 5 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p || end - *p < 5) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - ret = mbedtls_ecp_point_write_binary( grp, P, pf, - &len, *p + 4, end - ( *p + 4 ) ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ecp_point_write_binary(grp, P, pf, + &len, *p + 4, end - (*p + 4)); + if (ret != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_BE( len, *p, 0 ); + MBEDTLS_PUT_UINT32_BE(len, *p, 0); *p += 4 + len; - return( 0 ); + return 0; } /* * Size of the temporary buffer for ecjpake_hash: * 3 EC points plus their length, plus ID and its length (4 + 6 bytes) */ -#define ECJPAKE_HASH_BUF_LEN ( 3 * ( 4 + MBEDTLS_ECP_MAX_PT_LEN ) + 4 + 6 ) +#define ECJPAKE_HASH_BUF_LEN (3 * (4 + MBEDTLS_ECP_MAX_PT_LEN) + 4 + 6) /* * Compute hash for ZKP (7.4.2.2.2.1) */ -static int ecjpake_hash( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_ecp_point *V, - const mbedtls_ecp_point *X, - const char *id, - mbedtls_mpi *h ) +static int ecjpake_hash(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_ecp_point *V, + const mbedtls_ecp_point *X, + const char *id, + mbedtls_mpi *h) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[ECJPAKE_HASH_BUF_LEN]; unsigned char *p = buf; - const unsigned char *end = buf + sizeof( buf ); - const size_t id_len = strlen( id ); + const unsigned char *end = buf + sizeof(buf); + const size_t id_len = strlen(id); unsigned char hash[MBEDTLS_MD_MAX_SIZE]; /* Write things to temporary buffer */ - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, G ) ); - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, V ) ); - MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, X ) ); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, G)); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, V)); + MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, X)); - if( end - p < 4 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end - p < 4) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_PUT_UINT32_BE( id_len, p, 0 ); + MBEDTLS_PUT_UINT32_BE(id_len, p, 0); p += 4; - if( end < p || (size_t)( end - p ) < id_len ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < p || (size_t) (end - p) < id_len) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - memcpy( p, id, id_len ); + memcpy(p, id, id_len); p += id_len; /* Compute hash */ - MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) ); + MBEDTLS_MPI_CHK(mbedtls_md(md_info, buf, p - buf, hash)); /* Turn it into an integer mod n */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash, - mbedtls_md_get_size( md_info ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( h, h, &grp->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash, + mbedtls_md_get_size(md_info))); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(h, h, &grp->N)); cleanup: - return( ret ); + return ret; } /* * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3) */ -static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_ecp_point *X, - const char *id, - const unsigned char **p, - const unsigned char *end ) +static int ecjpake_zkp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_ecp_point *X, + const char *id, + const unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V, VV; mbedtls_mpi r, h; size_t r_len; - mbedtls_ecp_point_init( &V ); - mbedtls_ecp_point_init( &VV ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &h ); + mbedtls_ecp_point_init(&V); + mbedtls_ecp_point_init(&VV); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&h); /* * struct { @@ -255,64 +249,62 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info, * opaque r<1..2^8-1>; * } ECSchnorrZKP; */ - if( end < *p ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, &V, p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p)); - if( end < *p || (size_t)( end - *p ) < 1 ) - { + if (end < *p || (size_t) (end - *p) < 1) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } r_len = *(*p)++; - if( end < *p || (size_t)( end - *p ) < r_len || r_len == 0 ) - { + if (end < *p || (size_t) (end - *p) < r_len || r_len == 0) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, *p, r_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, *p, r_len)); *p += r_len; /* * Verification */ - MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( (mbedtls_ecp_group *) grp, - &VV, &h, X, &r, G ) ); + MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd((mbedtls_ecp_group *) grp, + &VV, &h, X, &r, G)); - if( mbedtls_ecp_point_cmp( &VV, &V ) != 0 ) - { + if (mbedtls_ecp_point_cmp(&VV, &V) != 0) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &V ); - mbedtls_ecp_point_free( &VV ); - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &h ); + mbedtls_ecp_point_free(&V); + mbedtls_ecp_point_free(&VV); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&h); - return( ret ); + return ret; } /* * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2) */ -static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - const mbedtls_mpi *x, - const mbedtls_ecp_point *X, - const char *id, - unsigned char **p, - const unsigned char *end, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_zkp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + const mbedtls_mpi *x, + const mbedtls_ecp_point *X, + const char *id, + unsigned char **p, + const unsigned char *end, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point V; @@ -320,62 +312,63 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info, mbedtls_mpi h; /* later recycled to hold r */ size_t len; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - mbedtls_ecp_point_init( &V ); - mbedtls_mpi_init( &v ); - mbedtls_mpi_init( &h ); + mbedtls_ecp_point_init(&V); + mbedtls_mpi_init(&v); + mbedtls_mpi_init(&h); /* Compute signature */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, - G, &v, &V, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &h, &h, x ) ); /* x*h */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &h, &v, &h ) ); /* v - x*h */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &h, &h, &grp->N ) ); /* r */ + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, + G, &v, &V, f_rng, p_rng)); + MBEDTLS_MPI_CHK(ecjpake_hash(md_info, grp, pf, G, &V, X, id, &h)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&h, &h, x)); /* x*h */ + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&h, &v, &h)); /* v - x*h */ + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&h, &h, &grp->N)); /* r */ /* Write it out */ - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, &V, - pf, &len, *p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V, + pf, &len, *p, end - *p)); *p += len; - len = mbedtls_mpi_size( &h ); /* actually r */ - if( end < *p || (size_t)( end - *p ) < 1 + len || len > 255 ) - { + len = mbedtls_mpi_size(&h); /* actually r */ + if (end < *p || (size_t) (end - *p) < 1 + len || len > 255) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - *(*p)++ = MBEDTLS_BYTE_0( len ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */ + *(*p)++ = MBEDTLS_BYTE_0(len); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, *p, len)); /* r */ *p += len; cleanup: - mbedtls_ecp_point_free( &V ); - mbedtls_mpi_free( &v ); - mbedtls_mpi_free( &h ); + mbedtls_ecp_point_free(&V); + mbedtls_mpi_free(&v); + mbedtls_mpi_free(&h); - return( ret ); + return ret; } /* * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof * Output: verified public key X */ -static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_ecp_point *X, - const char *id, - const unsigned char **p, - const unsigned char *end ) +static int ecjpake_kkp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_ecp_point *X, + const char *id, + const unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * struct { @@ -383,69 +376,69 @@ static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info, * ECSchnorrZKP zkp; * } ECJPAKEKeyKP; */ - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, X, p, end - *p ) ); - if( mbedtls_ecp_is_zero( X ) ) - { + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p)); + if (mbedtls_ecp_is_zero(X)) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } - MBEDTLS_MPI_CHK( ecjpake_zkp_read( md_info, grp, pf, G, X, id, p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_read(md_info, grp, pf, G, X, id, p, end)); cleanup: - return( ret ); + return ret; } /* * Generate an ECJPAKEKeyKP * Output: the serialized structure, plus private/public key pair */ -static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_mpi *x, - mbedtls_ecp_point *X, - const char *id, - unsigned char **p, - const unsigned char *end, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_kkp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_mpi *x, + mbedtls_ecp_point *X, + const char *id, + unsigned char **p, + const unsigned char *end, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( end < *p ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (end < *p) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } /* Generate key (7.4.2.3.1) and write it out */ - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, G, x, X, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, X, - pf, &len, *p, end - *p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X, + pf, &len, *p, end - *p)); *p += len; /* Generate and write proof */ - MBEDTLS_MPI_CHK( ecjpake_zkp_write( md_info, grp, pf, G, x, X, id, - p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_write(md_info, grp, pf, G, x, X, id, + p, end, f_rng, p_rng)); cleanup: - return( ret ); + return ret; } /* * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs - * Ouputs: verified peer public keys Xa, Xb + * Outputs: verified peer public keys Xa, Xb */ -static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_ecp_point *Xa, - mbedtls_ecp_point *Xb, - const char *id, - const unsigned char *buf, - size_t len ) +static int ecjpake_kkpp_read(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_ecp_point *Xa, + mbedtls_ecp_point *Xb, + const char *id, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; @@ -456,114 +449,115 @@ static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info, * ECJPAKEKeyKP ecjpake_key_kp_pair_list[2]; * } ECJPAKEKeyKPPairList; */ - MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xa, id, &p, end ) ); - MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xb, id, &p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xa, id, &p, end)); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(md_info, grp, pf, G, Xb, id, &p, end)); - if( p != end ) + if (p != end) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } cleanup: - return( ret ); + return ret; } /* * Generate a ECJPAKEKeyKPPairList * Outputs: the serialized structure, plus two private/public key pairs */ -static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info, - const mbedtls_ecp_group *grp, - const int pf, - const mbedtls_ecp_point *G, - mbedtls_mpi *xm1, - mbedtls_ecp_point *Xa, - mbedtls_mpi *xm2, - mbedtls_ecp_point *Xb, - const char *id, - unsigned char *buf, - size_t len, - size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_kkpp_write(const mbedtls_md_info_t *md_info, + const mbedtls_ecp_group *grp, + const int pf, + const mbedtls_ecp_point *G, + mbedtls_mpi *xm1, + mbedtls_ecp_point *Xa, + mbedtls_mpi *xm2, + mbedtls_ecp_point *Xb, + const char *id, + unsigned char *buf, + size_t len, + size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; const unsigned char *end = buf + len; - MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm1, Xa, id, - &p, end, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm2, Xb, id, - &p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm1, Xa, id, + &p, end, f_rng, p_rng)); + MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_info, grp, pf, G, xm2, Xb, id, + &p, end, f_rng, p_rng)); *olen = p - buf; cleanup: - return( ret ); + return ret; } /* * Read and process the first round message */ -int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ) +int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); - return( ecjpake_kkpp_read( ctx->md_info, &ctx->grp, ctx->point_format, - &ctx->grp.G, - &ctx->Xp1, &ctx->Xp2, ID_PEER, - buf, len ) ); + return ecjpake_kkpp_read(ctx->md_info, &ctx->grp, ctx->point_format, + &ctx->grp.G, + &ctx->Xp1, &ctx->Xp2, ID_PEER, + buf, len); } /* * Generate and write the first round message */ -int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); - - return( ecjpake_kkpp_write( ctx->md_info, &ctx->grp, ctx->point_format, - &ctx->grp.G, - &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2, - ID_MINE, buf, len, olen, f_rng, p_rng ) ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); + + return ecjpake_kkpp_write(ctx->md_info, &ctx->grp, ctx->point_format, + &ctx->grp.G, + &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2, + ID_MINE, buf, len, olen, f_rng, p_rng); } /* * Compute the sum of three points R = A + B + C */ -static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *A, - const mbedtls_ecp_point *B, - const mbedtls_ecp_point *C ) +static int ecjpake_ecp_add3(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *A, + const mbedtls_ecp_point *B, + const mbedtls_ecp_point *C) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi one; - mbedtls_mpi_init( &one ); + mbedtls_mpi_init(&one); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, A, &one, B ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, R, &one, C ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, A, &one, B)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(grp, R, &one, R, &one, C)); cleanup: - mbedtls_mpi_free( &one ); + mbedtls_mpi_free(&one); - return( ret ); + return ret; } /* * Read and process second round message (C: 7.4.2.5, S: 7.4.2.6) */ -int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, - const unsigned char *buf, - size_t len ) +int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; @@ -571,11 +565,11 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, mbedtls_ecp_group grp; mbedtls_ecp_point G; /* C: GB, S: GA */ - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &G ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&G); /* * Server: GA = X3 + X4 + X1 (7.4.2.6.1) @@ -583,8 +577,8 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * Unified: G = Xm1 + Xm2 + Xp1 * We need that before parsing in order to check Xp as we read it */ - MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G, - &ctx->Xm1, &ctx->Xm2, &ctx->Xp1 ) ); + MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G, + &ctx->Xm1, &ctx->Xm2, &ctx->Xp1)); /* * struct { @@ -592,71 +586,68 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, * ECJPAKEKeyKP ecjpake_key_kp; * } Client/ServerECJPAKEParams; */ - if( ctx->role == MBEDTLS_ECJPAKE_CLIENT ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_group( &grp, &p, len ) ); - if( grp.id != ctx->grp.id ) - { + if (ctx->role == MBEDTLS_ECJPAKE_CLIENT) { + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_group(&grp, &p, len)); + if (grp.id != ctx->grp.id) { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; goto cleanup; } } - MBEDTLS_MPI_CHK( ecjpake_kkp_read( ctx->md_info, &ctx->grp, - ctx->point_format, - &G, &ctx->Xp, ID_PEER, &p, end ) ); + MBEDTLS_MPI_CHK(ecjpake_kkp_read(ctx->md_info, &ctx->grp, + ctx->point_format, + &G, &ctx->Xp, ID_PEER, &p, end)); - if( p != end ) - { + if (p != end) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } cleanup: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &G ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&G); - return( ret ); + return ret; } /* * Compute R = +/- X * S mod N, taking care not to leak S */ -static int ecjpake_mul_secret( mbedtls_mpi *R, int sign, - const mbedtls_mpi *X, - const mbedtls_mpi *S, - const mbedtls_mpi *N, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecjpake_mul_secret(mbedtls_mpi *R, int sign, + const mbedtls_mpi *X, + const mbedtls_mpi *S, + const mbedtls_mpi *N, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi b; /* Blinding value, then s + N * blinding */ - mbedtls_mpi_init( &b ); + mbedtls_mpi_init(&b); /* b = s + rnd-128-bit * N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &b, 16, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &b, &b, N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &b, &b, S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&b, 16, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&b, &b, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&b, &b, S)); /* R = sign * X * b mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( R, X, &b ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(R, X, &b)); R->s *= sign; - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( R, R, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(R, R, N)); cleanup: - mbedtls_mpi_free( &b ); + mbedtls_mpi_free(&b); - return( ret ); + return ret; } /* * Generate and write the second round message (S: 7.4.2.5, C: 7.4.2.6) */ -int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point G; /* C: GA, S: GB */ @@ -666,14 +657,14 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *end = buf + len; size_t ec_len; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); - mbedtls_ecp_point_init( &G ); - mbedtls_ecp_point_init( &Xm ); - mbedtls_mpi_init( &xm ); + mbedtls_ecp_point_init(&G); + mbedtls_ecp_point_init(&Xm); + mbedtls_mpi_init(&xm); /* * First generate private/public key pair (S: 7.4.2.5.1, C: 7.4.2.6.1) @@ -682,11 +673,11 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * Server: GB = X3 + X1 + X2 | xs = x4 * s | Xs = xs * GB * Unified: G = Xm1 + Xp1 + Xp2 | xm = xm2 * s | Xm = xm * G */ - MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G, - &ctx->Xp1, &ctx->Xp2, &ctx->Xm1 ) ); - MBEDTLS_MPI_CHK( ecjpake_mul_secret( &xm, 1, &ctx->xm2, &ctx->s, - &ctx->grp.N, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &Xm, &xm, &G, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_ecp_add3(&ctx->grp, &G, + &ctx->Xp1, &ctx->Xp2, &ctx->Xm1)); + MBEDTLS_MPI_CHK(ecjpake_mul_secret(&xm, 1, &ctx->xm2, &ctx->s, + &ctx->grp.N, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &Xm, &xm, &G, f_rng, p_rng)); /* * Now write things out @@ -696,49 +687,46 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, * ECJPAKEKeyKP ecjpake_key_kp; * } Client/ServerECJPAKEParams; */ - if( ctx->role == MBEDTLS_ECJPAKE_SERVER ) - { - if( end < p ) - { + if (ctx->role == MBEDTLS_ECJPAKE_SERVER) { + if (end < p) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_group( &ctx->grp, &ec_len, - p, end - p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len, + p, end - p)); p += ec_len; } - if( end < p ) - { + if (end < p) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( &ctx->grp, &Xm, - ctx->point_format, &ec_len, p, end - p ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm, + ctx->point_format, &ec_len, p, end - p)); p += ec_len; - MBEDTLS_MPI_CHK( ecjpake_zkp_write( ctx->md_info, &ctx->grp, - ctx->point_format, - &G, &xm, &Xm, ID_MINE, - &p, end, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_info, &ctx->grp, + ctx->point_format, + &G, &xm, &Xm, ID_MINE, + &p, end, f_rng, p_rng)); *olen = p - buf; cleanup: - mbedtls_ecp_point_free( &G ); - mbedtls_ecp_point_free( &Xm ); - mbedtls_mpi_free( &xm ); + mbedtls_ecp_point_free(&G); + mbedtls_ecp_point_free(&Xm); + mbedtls_mpi_free(&xm); - return( ret ); + return ret; } /* * Derive PMS (7.4.2.7 / 7.4.2.8) */ -int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, - unsigned char *buf, size_t len, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, + unsigned char *buf, size_t len, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point K; @@ -746,45 +734,46 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; size_t x_bytes; - ECJPAKE_VALIDATE_RET( ctx != NULL ); - ECJPAKE_VALIDATE_RET( buf != NULL ); - ECJPAKE_VALIDATE_RET( olen != NULL ); - ECJPAKE_VALIDATE_RET( f_rng != NULL ); + ECJPAKE_VALIDATE_RET(ctx != NULL); + ECJPAKE_VALIDATE_RET(buf != NULL); + ECJPAKE_VALIDATE_RET(olen != NULL); + ECJPAKE_VALIDATE_RET(f_rng != NULL); - *olen = mbedtls_md_get_size( ctx->md_info ); - if( len < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + *olen = mbedtls_md_get_size(ctx->md_info); + if (len < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - mbedtls_ecp_point_init( &K ); - mbedtls_mpi_init( &m_xm2_s ); - mbedtls_mpi_init( &one ); + mbedtls_ecp_point_init(&K); + mbedtls_mpi_init(&m_xm2_s); + mbedtls_mpi_init(&one); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&one, 1)); /* * Client: K = ( Xs - X4 * x2 * s ) * x2 * Server: K = ( Xc - X2 * x4 * s ) * x4 * Unified: K = ( Xp - Xp2 * xm2 * s ) * xm2 */ - MBEDTLS_MPI_CHK( ecjpake_mul_secret( &m_xm2_s, -1, &ctx->xm2, &ctx->s, - &ctx->grp.N, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( &ctx->grp, &K, - &one, &ctx->Xp, - &m_xm2_s, &ctx->Xp2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &K, &ctx->xm2, &K, - f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(ecjpake_mul_secret(&m_xm2_s, -1, &ctx->xm2, &ctx->s, + &ctx->grp.N, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_muladd(&ctx->grp, &K, + &one, &ctx->Xp, + &m_xm2_s, &ctx->Xp2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &K, &ctx->xm2, &K, + f_rng, p_rng)); /* PMS = SHA-256( K.X ) */ - x_bytes = ( ctx->grp.pbits + 7 ) / 8; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &K.X, kx, x_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_md( ctx->md_info, kx, x_bytes, buf ) ); + x_bytes = (ctx->grp.pbits + 7) / 8; + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&K.X, kx, x_bytes)); + MBEDTLS_MPI_CHK(mbedtls_md(ctx->md_info, kx, x_bytes, buf)); cleanup: - mbedtls_ecp_point_free( &K ); - mbedtls_mpi_free( &m_xm2_s ); - mbedtls_mpi_free( &one ); + mbedtls_ecp_point_free(&K); + mbedtls_mpi_free(&m_xm2_s); + mbedtls_mpi_free(&one); - return( ret ); + return ret; } #undef ID_MINE @@ -794,19 +783,14 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, #if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif #if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ !defined(MBEDTLS_SHA256_C) -int mbedtls_ecjpake_self_test( int verbose ) +int mbedtls_ecjpake_self_test(int verbose) { (void) verbose; - return( 0 ); + return 0; } #else @@ -944,59 +928,58 @@ static const unsigned char ecjpake_test_pms[] = { }; /* Load my private keys and generate the corresponding public keys */ -static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len1, - const unsigned char *xm2, size_t len2 ) +static int ecjpake_test_load(mbedtls_ecjpake_context *ctx, + const unsigned char *xm1, size_t len1, + const unsigned char *xm2, size_t len2) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1, - &ctx->grp.G, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2, - &ctx->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm1, &ctx->xm1, + &ctx->grp.G, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&ctx->grp, &ctx->Xm2, &ctx->xm2, + &ctx->grp.G, NULL, NULL)); cleanup: - return( ret ); + return ret; } #endif /* ! MBEDTLS_ECJPAKE_ALT */ /* For tests we don't need a secure RNG; * use the LGC from Numerical Recipes for simplicity */ -static int ecjpake_lgc( void *p, unsigned char *out, size_t len ) +static int ecjpake_lgc(void *p, unsigned char *out, size_t len) { static uint32_t x = 42; (void) p; - while( len > 0 ) - { + while (len > 0) { size_t use_len = len > 4 ? 4 : len; x = 1664525 * x + 1013904223; - memcpy( out, &x, use_len ); + memcpy(out, &x, use_len); out += use_len; len -= use_len; } - return( 0 ); + return 0; } -#define TEST_ASSERT( x ) \ +#define TEST_ASSERT(x) \ do { \ - if( x ) \ - ret = 0; \ + if (x) \ + ret = 0; \ else \ { \ ret = 1; \ goto cleanup; \ } \ - } while( 0 ) + } while (0) /* * Checkup routine */ -int mbedtls_ecjpake_self_test( int verbose ) +int mbedtls_ecjpake_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecjpake_context cli; @@ -1004,132 +987,139 @@ int mbedtls_ecjpake_self_test( int verbose ) unsigned char buf[512], pms[32]; size_t len, pmslen; - mbedtls_ecjpake_init( &cli ); - mbedtls_ecjpake_init( &srv ); + mbedtls_ecjpake_init(&cli); + mbedtls_ecjpake_init(&srv); - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #0 (setup): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #0 (setup): "); + } - TEST_ASSERT( mbedtls_ecjpake_setup( &cli, MBEDTLS_ECJPAKE_CLIENT, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, - ecjpake_test_password, - sizeof( ecjpake_test_password ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&cli, MBEDTLS_ECJPAKE_CLIENT, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, + ecjpake_test_password, + sizeof(ecjpake_test_password)) == 0); - TEST_ASSERT( mbedtls_ecjpake_setup( &srv, MBEDTLS_ECJPAKE_SERVER, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, - ecjpake_test_password, - sizeof( ecjpake_test_password ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&srv, MBEDTLS_ECJPAKE_SERVER, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, + ecjpake_test_password, + sizeof(ecjpake_test_password)) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #1 (random handshake): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #1 (random handshake): "); + } - TEST_ASSERT( mbedtls_ecjpake_write_round_one( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_one(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_one( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_one(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_two( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_two(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli, - pms, sizeof( pms ), &pmslen, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli, + pms, sizeof(pms), &pmslen, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_write_round_two( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_write_round_two(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == pmslen ); - TEST_ASSERT( memcmp( buf, pms, len ) == 0 ); + TEST_ASSERT(len == pmslen); + TEST_ASSERT(memcmp(buf, pms, len) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #if !defined(MBEDTLS_ECJPAKE_ALT) /* 'reference handshake' tests can only be run against implementations * for which we have 100% control over how the random ephemeral keys - * are generated. This is only the case for the internal mbed TLS + * are generated. This is only the case for the internal Mbed TLS * implementation, so these tests are skipped in case the internal * implementation is swapped out for an alternative one. */ - if( verbose != 0 ) - mbedtls_printf( " ECJPAKE test #2 (reference handshake): " ); + if (verbose != 0) { + mbedtls_printf(" ECJPAKE test #2 (reference handshake): "); + } /* Simulate generation of round one */ - MBEDTLS_MPI_CHK( ecjpake_test_load( &cli, - ecjpake_test_x1, sizeof( ecjpake_test_x1 ), - ecjpake_test_x2, sizeof( ecjpake_test_x2 ) ) ); + MBEDTLS_MPI_CHK(ecjpake_test_load(&cli, + ecjpake_test_x1, sizeof(ecjpake_test_x1), + ecjpake_test_x2, sizeof(ecjpake_test_x2))); - MBEDTLS_MPI_CHK( ecjpake_test_load( &srv, - ecjpake_test_x3, sizeof( ecjpake_test_x3 ), - ecjpake_test_x4, sizeof( ecjpake_test_x4 ) ) ); + MBEDTLS_MPI_CHK(ecjpake_test_load(&srv, + ecjpake_test_x3, sizeof(ecjpake_test_x3), + ecjpake_test_x4, sizeof(ecjpake_test_x4))); /* Read round one */ - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, - ecjpake_test_cli_one, - sizeof( ecjpake_test_cli_one ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&srv, + ecjpake_test_cli_one, + sizeof(ecjpake_test_cli_one)) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, - ecjpake_test_srv_one, - sizeof( ecjpake_test_srv_one ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&cli, + ecjpake_test_srv_one, + sizeof(ecjpake_test_srv_one)) == 0); /* Skip generation of round two, read round two */ - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, - ecjpake_test_srv_two, - sizeof( ecjpake_test_srv_two ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&cli, + ecjpake_test_srv_two, + sizeof(ecjpake_test_srv_two)) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, - ecjpake_test_cli_two, - sizeof( ecjpake_test_cli_two ) ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&srv, + ecjpake_test_cli_two, + sizeof(ecjpake_test_cli_two)) == 0); /* Server derives PMS */ - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&srv, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == sizeof( ecjpake_test_pms ) ); - TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 ); + TEST_ASSERT(len == sizeof(ecjpake_test_pms)); + TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0); - memset( buf, 0, len ); /* Avoid interferences with next step */ + memset(buf, 0, len); /* Avoid interferences with next step */ /* Client derives PMS */ - TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli, - buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_derive_secret(&cli, + buf, sizeof(buf), &len, ecjpake_lgc, NULL) == 0); - TEST_ASSERT( len == sizeof( ecjpake_test_pms ) ); - TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 ); + TEST_ASSERT(len == sizeof(ecjpake_test_pms)); + TEST_ASSERT(memcmp(buf, ecjpake_test_pms, len) == 0); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #endif /* ! MBEDTLS_ECJPAKE_ALT */ cleanup: - mbedtls_ecjpake_free( &cli ); - mbedtls_ecjpake_free( &srv ); + mbedtls_ecjpake_free(&cli); + mbedtls_ecjpake_free(&srv); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #undef TEST_ASSERT diff --git a/third_party/mbedtls/repo/library/ecp.c b/third_party/mbedtls/repo/library/ecp.c index 7f9e1045d4b..31a6b9e305f 100644 --- a/third_party/mbedtls/repo/library/ecp.c +++ b/third_party/mbedtls/repo/library/ecp.c @@ -2,31 +2,21 @@ * Elliptic curves over GF(p): generic functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf * RFC 4492 for the related TLS structures and constants + * - https://www.rfc-editor.org/rfc/rfc4492 * RFC 7748 for the Curve448 and Curve25519 curve definitions + * - https://www.rfc-editor.org/rfc/rfc7748 * - * [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf + * [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf * * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis * for elliptic curve cryptosystems. In : Cryptographic Hardware and @@ -85,20 +75,12 @@ #if !defined(MBEDTLS_ECP_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECP_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define ECP_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECP_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ecp_internal.h" @@ -108,15 +90,11 @@ #elif defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/ctr_drbg.h" #else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." +#error \ + "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." #endif #endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - #if defined(MBEDTLS_SELF_TEST) /* * Counts of point addition and doubling, and field multiplications. @@ -150,49 +128,49 @@ static unsigned long add_count, dbl_count, mul_count; typedef mbedtls_hmac_drbg_context ecp_drbg_context; /* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) +static inline void ecp_drbg_init(ecp_drbg_context *ctx) { - mbedtls_hmac_drbg_init( ctx ); + mbedtls_hmac_drbg_init(ctx); } /* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) +static inline void ecp_drbg_free(ecp_drbg_context *ctx) { - mbedtls_hmac_drbg_free( ctx ); + mbedtls_hmac_drbg_free(ctx); } /* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) +static inline int ecp_drbg_random(void *p_rng, + unsigned char *output, size_t output_len) { - return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) ); + return mbedtls_hmac_drbg_random(p_rng, output, output_len); } /* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) +static int ecp_drbg_seed(ecp_drbg_context *ctx, + const mbedtls_mpi *secret, size_t secret_len) { int ret; unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; /* The list starts with strong hashes */ - const mbedtls_md_type_t md_type = mbedtls_md_list()[0]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type ); + const mbedtls_md_type_t md_type = + (mbedtls_md_type_t) (mbedtls_md_list()[0]); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { + if (secret_len > MBEDTLS_ECP_MAX_BYTES) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret, + secret_bytes, secret_len)); - ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len ); + ret = mbedtls_hmac_drbg_seed_buf(ctx, md_info, secret_bytes, secret_len); cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); + mbedtls_platform_zeroize(secret_bytes, secret_len); - return( ret ); + return ret; } #elif defined(MBEDTLS_CTR_DRBG_C) @@ -201,22 +179,22 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx, typedef mbedtls_ctr_drbg_context ecp_drbg_context; /* DRBG context init */ -static inline void ecp_drbg_init( ecp_drbg_context *ctx ) +static inline void ecp_drbg_init(ecp_drbg_context *ctx) { - mbedtls_ctr_drbg_init( ctx ); + mbedtls_ctr_drbg_init(ctx); } /* DRBG context free */ -static inline void ecp_drbg_free( ecp_drbg_context *ctx ) +static inline void ecp_drbg_free(ecp_drbg_context *ctx) { - mbedtls_ctr_drbg_free( ctx ); + mbedtls_ctr_drbg_free(ctx); } /* DRBG function */ -static inline int ecp_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ) +static inline int ecp_drbg_random(void *p_rng, + unsigned char *output, size_t output_len) { - return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) ); + return mbedtls_ctr_drbg_random(p_rng, output, output_len); } /* @@ -229,37 +207,37 @@ static inline int ecp_drbg_random( void *p_rng, static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len) { (void) ctx; - memset( out, 0, len ); - return( 0 ); + memset(out, 0, len); + return 0; } /* DRBG context seeding */ -static int ecp_drbg_seed( ecp_drbg_context *ctx, - const mbedtls_mpi *secret, size_t secret_len ) +static int ecp_drbg_seed(ecp_drbg_context *ctx, + const mbedtls_mpi *secret, size_t secret_len) { int ret; unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES]; - if( secret_len > MBEDTLS_ECP_MAX_BYTES ) - { + if (secret_len > MBEDTLS_ECP_MAX_BYTES) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret, - secret_bytes, secret_len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(secret, + secret_bytes, secret_len)); - ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL, - secret_bytes, secret_len ); + ret = mbedtls_ctr_drbg_seed(ctx, ecp_ctr_drbg_null_entropy, NULL, + secret_bytes, secret_len); cleanup: - mbedtls_platform_zeroize( secret_bytes, secret_len ); + mbedtls_platform_zeroize(secret_bytes, secret_len); - return( ret ); + return ret; } #else -#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." +#error \ + "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid." #endif /* DRBG modules */ #endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ @@ -279,7 +257,7 @@ static unsigned ecp_max_ops = 0; /* * Set ecp_max_ops */ -void mbedtls_ecp_set_max_ops( unsigned max_ops ) +void mbedtls_ecp_set_max_ops(unsigned max_ops) { ecp_max_ops = max_ops; } @@ -287,16 +265,15 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops ) /* * Check if restart is enabled */ -int mbedtls_ecp_restart_is_enabled( void ) +int mbedtls_ecp_restart_is_enabled(void) { - return( ecp_max_ops != 0 ); + return ecp_max_ops != 0; } /* * Restart sub-context for ecp_mul_comb() */ -struct mbedtls_ecp_restart_mul -{ +struct mbedtls_ecp_restart_mul { mbedtls_ecp_point R; /* current intermediate result */ size_t i; /* current index in various loops, 0 outside */ mbedtls_ecp_point *T; /* table for precomputed points */ @@ -319,15 +296,15 @@ struct mbedtls_ecp_restart_mul /* * Init restart_mul sub-context */ -static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) +static void ecp_restart_rsm_init(mbedtls_ecp_restart_mul_ctx *ctx) { - mbedtls_ecp_point_init( &ctx->R ); + mbedtls_ecp_point_init(&ctx->R); ctx->i = 0; ctx->T = NULL; ctx->T_size = 0; ctx->state = ecp_rsm_init; #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_init( &ctx->drbg_ctx ); + ecp_drbg_init(&ctx->drbg_ctx); ctx->drbg_seeded = 0; #endif } @@ -335,34 +312,34 @@ static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) /* * Free the components of a restart_mul sub-context */ -static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx ) +static void ecp_restart_rsm_free(mbedtls_ecp_restart_mul_ctx *ctx) { unsigned char i; - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_point_free( &ctx->R ); + mbedtls_ecp_point_free(&ctx->R); - if( ctx->T != NULL ) - { - for( i = 0; i < ctx->T_size; i++ ) - mbedtls_ecp_point_free( ctx->T + i ); - mbedtls_free( ctx->T ); + if (ctx->T != NULL) { + for (i = 0; i < ctx->T_size; i++) { + mbedtls_ecp_point_free(ctx->T + i); + } + mbedtls_free(ctx->T); } #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &ctx->drbg_ctx ); + ecp_drbg_free(&ctx->drbg_ctx); #endif - ecp_restart_rsm_init( ctx ); + ecp_restart_rsm_init(ctx); } /* * Restart context for ecp_muladd() */ -struct mbedtls_ecp_restart_muladd -{ +struct mbedtls_ecp_restart_muladd { mbedtls_ecp_point mP; /* mP value */ mbedtls_ecp_point R; /* R intermediate result */ enum { /* what should we do next? */ @@ -376,33 +353,34 @@ struct mbedtls_ecp_restart_muladd /* * Init restart_muladd sub-context */ -static void ecp_restart_ma_init( mbedtls_ecp_restart_muladd_ctx *ctx ) +static void ecp_restart_ma_init(mbedtls_ecp_restart_muladd_ctx *ctx) { - mbedtls_ecp_point_init( &ctx->mP ); - mbedtls_ecp_point_init( &ctx->R ); + mbedtls_ecp_point_init(&ctx->mP); + mbedtls_ecp_point_init(&ctx->R); ctx->state = ecp_rsma_mul1; } /* * Free the components of a restart_muladd sub-context */ -static void ecp_restart_ma_free( mbedtls_ecp_restart_muladd_ctx *ctx ) +static void ecp_restart_ma_free(mbedtls_ecp_restart_muladd_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_ecp_point_free( &ctx->mP ); - mbedtls_ecp_point_free( &ctx->R ); + mbedtls_ecp_point_free(&ctx->mP); + mbedtls_ecp_point_free(&ctx->R); - ecp_restart_ma_init( ctx ); + ecp_restart_ma_init(ctx); } /* * Initialize a restart context */ -void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ) +void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx) { - ECP_VALIDATE( ctx != NULL ); + ECP_VALIDATE(ctx != NULL); ctx->ops_done = 0; ctx->depth = 0; ctx->rsm = NULL; @@ -412,93 +390,93 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ) +void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - ecp_restart_rsm_free( ctx->rsm ); - mbedtls_free( ctx->rsm ); + ecp_restart_rsm_free(ctx->rsm); + mbedtls_free(ctx->rsm); - ecp_restart_ma_free( ctx->ma ); - mbedtls_free( ctx->ma ); + ecp_restart_ma_free(ctx->ma); + mbedtls_free(ctx->ma); - mbedtls_ecp_restart_init( ctx ); + mbedtls_ecp_restart_init(ctx); } /* * Check if we can do the next step */ -int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, - mbedtls_ecp_restart_ctx *rs_ctx, - unsigned ops ) +int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops) { - ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET(grp != NULL); - if( rs_ctx != NULL && ecp_max_ops != 0 ) - { + if (rs_ctx != NULL && ecp_max_ops != 0) { /* scale depending on curve size: the chosen reference is 256-bit, * and multiplication is quadratic. Round to the closest integer. */ - if( grp->pbits >= 512 ) + if (grp->pbits >= 512) { ops *= 4; - else if( grp->pbits >= 384 ) + } else if (grp->pbits >= 384) { ops *= 2; + } /* Avoid infinite loops: always allow first step. * Because of that, however, it's not generally true * that ops_done <= ecp_max_ops, so the check * ops_done > ecp_max_ops below is mandatory. */ - if( ( rs_ctx->ops_done != 0 ) && - ( rs_ctx->ops_done > ecp_max_ops || - ops > ecp_max_ops - rs_ctx->ops_done ) ) - { - return( MBEDTLS_ERR_ECP_IN_PROGRESS ); + if ((rs_ctx->ops_done != 0) && + (rs_ctx->ops_done > ecp_max_ops || + ops > ecp_max_ops - rs_ctx->ops_done)) { + return MBEDTLS_ERR_ECP_IN_PROGRESS; } /* update running count */ rs_ctx->ops_done += ops; } - return( 0 ); + return 0; } /* Call this when entering a function that needs its own sub-context */ -#define ECP_RS_ENTER( SUB ) do { \ - /* reset ops count for this call if top-level */ \ - if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) \ +#define ECP_RS_ENTER(SUB) do { \ + /* reset ops count for this call if top-level */ \ + if (rs_ctx != NULL && rs_ctx->depth++ == 0) \ rs_ctx->ops_done = 0; \ \ - /* set up our own sub-context if needed */ \ - if( mbedtls_ecp_restart_is_enabled() && \ - rs_ctx != NULL && rs_ctx->SUB == NULL ) \ - { \ - rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ - if( rs_ctx->SUB == NULL ) \ - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ - \ - ecp_restart_## SUB ##_init( rs_ctx->SUB ); \ - } \ -} while( 0 ) + /* set up our own sub-context if needed */ \ + if (mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL) \ + { \ + rs_ctx->SUB = mbedtls_calloc(1, sizeof(*rs_ctx->SUB)); \ + if (rs_ctx->SUB == NULL) \ + return MBEDTLS_ERR_ECP_ALLOC_FAILED; \ + \ + ecp_restart_## SUB ##_init(rs_ctx->SUB); \ + } \ +} while (0) /* Call this when leaving a function that needs its own sub-context */ -#define ECP_RS_LEAVE( SUB ) do { \ - /* clear our sub-context when not in progress (done or error) */ \ - if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ - ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ - { \ - ecp_restart_## SUB ##_free( rs_ctx->SUB ); \ - mbedtls_free( rs_ctx->SUB ); \ - rs_ctx->SUB = NULL; \ - } \ +#define ECP_RS_LEAVE(SUB) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if (rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS) \ + { \ + ecp_restart_## SUB ##_free(rs_ctx->SUB); \ + mbedtls_free(rs_ctx->SUB); \ + rs_ctx->SUB = NULL; \ + } \ \ - if( rs_ctx != NULL ) \ + if (rs_ctx != NULL) \ rs_ctx->depth--; \ -} while( 0 ) +} while (0) #else /* MBEDTLS_ECP_RESTARTABLE */ -#define ECP_RS_ENTER( sub ) (void) rs_ctx; -#define ECP_RS_LEAVE( sub ) (void) rs_ctx; +#define ECP_RS_ENTER(sub) (void) rs_ctx; +#define ECP_RS_LEAVE(sub) (void) rs_ctx; #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -558,35 +536,33 @@ static const mbedtls_ecp_curve_info ecp_supported_curves[] = { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; -#define ECP_NB_CURVES sizeof( ecp_supported_curves ) / \ - sizeof( ecp_supported_curves[0] ) +#define ECP_NB_CURVES sizeof(ecp_supported_curves) / \ + sizeof(ecp_supported_curves[0]) static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES]; /* * List of supported curves and associated info */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void) { - return( ecp_supported_curves ); + return ecp_supported_curves; } /* * List of supported curves, group ID only */ -const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ) +const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void) { static int init_done = 0; - if( ! init_done ) - { + if (!init_done) { size_t i = 0; const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { + curve_info++) { ecp_supported_grp_id[i++] = curve_info->grp_id; } ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE; @@ -594,105 +570,108 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void ) init_done = 1; } - return( ecp_supported_grp_id ); + return ecp_supported_grp_id; } /* * Get the curve info for the internal identifier */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id) { const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( curve_info->grp_id == grp_id ) - return( curve_info ); + curve_info++) { + if (curve_info->grp_id == grp_id) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the curve info from the TLS identifier */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id) { const mbedtls_ecp_curve_info *curve_info; - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( curve_info->tls_id == tls_id ) - return( curve_info ); + curve_info++) { + if (curve_info->tls_id == tls_id) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the curve info from the name */ -const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name ) +const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name) { const mbedtls_ecp_curve_info *curve_info; - if( name == NULL ) - return( NULL ); + if (name == NULL) { + return NULL; + } - for( curve_info = mbedtls_ecp_curve_list(); + for (curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( strcmp( curve_info->name, name ) == 0 ) - return( curve_info ); + curve_info++) { + if (strcmp(curve_info->name, name) == 0) { + return curve_info; + } } - return( NULL ); + return NULL; } /* * Get the type of a curve */ -mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp ) +mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp) { - if( grp->G.X.p == NULL ) - return( MBEDTLS_ECP_TYPE_NONE ); + if (grp->G.X.p == NULL) { + return MBEDTLS_ECP_TYPE_NONE; + } - if( grp->G.Y.p == NULL ) - return( MBEDTLS_ECP_TYPE_MONTGOMERY ); - else - return( MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ); + if (grp->G.Y.p == NULL) { + return MBEDTLS_ECP_TYPE_MONTGOMERY; + } else { + return MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS; + } } /* * Initialize (the components of) a point */ -void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ) +void mbedtls_ecp_point_init(mbedtls_ecp_point *pt) { - ECP_VALIDATE( pt != NULL ); + ECP_VALIDATE(pt != NULL); - mbedtls_mpi_init( &pt->X ); - mbedtls_mpi_init( &pt->Y ); - mbedtls_mpi_init( &pt->Z ); + mbedtls_mpi_init(&pt->X); + mbedtls_mpi_init(&pt->Y); + mbedtls_mpi_init(&pt->Z); } /* * Initialize (the components of) a group */ -void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) +void mbedtls_ecp_group_init(mbedtls_ecp_group *grp) { - ECP_VALIDATE( grp != NULL ); + ECP_VALIDATE(grp != NULL); grp->id = MBEDTLS_ECP_DP_NONE; - mbedtls_mpi_init( &grp->P ); - mbedtls_mpi_init( &grp->A ); - mbedtls_mpi_init( &grp->B ); - mbedtls_ecp_point_init( &grp->G ); - mbedtls_mpi_init( &grp->N ); + mbedtls_mpi_init(&grp->P); + mbedtls_mpi_init(&grp->A); + mbedtls_mpi_init(&grp->B); + mbedtls_ecp_point_init(&grp->G); + mbedtls_mpi_init(&grp->N); grp->pbits = 0; grp->nbits = 0; grp->h = 0; @@ -707,297 +686,299 @@ void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) /* * Initialize (the components of) a key pair */ -void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ) +void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key) { - ECP_VALIDATE( key != NULL ); + ECP_VALIDATE(key != NULL); - mbedtls_ecp_group_init( &key->grp ); - mbedtls_mpi_init( &key->d ); - mbedtls_ecp_point_init( &key->Q ); + mbedtls_ecp_group_init(&key->grp); + mbedtls_mpi_init(&key->d); + mbedtls_ecp_point_init(&key->Q); } /* * Unallocate (the components of) a point */ -void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ) +void mbedtls_ecp_point_free(mbedtls_ecp_point *pt) { - if( pt == NULL ) + if (pt == NULL) { return; + } - mbedtls_mpi_free( &( pt->X ) ); - mbedtls_mpi_free( &( pt->Y ) ); - mbedtls_mpi_free( &( pt->Z ) ); + mbedtls_mpi_free(&(pt->X)); + mbedtls_mpi_free(&(pt->Y)); + mbedtls_mpi_free(&(pt->Z)); } /* * Unallocate (the components of) a group */ -void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ) +void mbedtls_ecp_group_free(mbedtls_ecp_group *grp) { size_t i; - if( grp == NULL ) + if (grp == NULL) { return; + } - if( grp->h != 1 ) - { - mbedtls_mpi_free( &grp->P ); - mbedtls_mpi_free( &grp->A ); - mbedtls_mpi_free( &grp->B ); - mbedtls_ecp_point_free( &grp->G ); - mbedtls_mpi_free( &grp->N ); + if (grp->h != 1) { + mbedtls_mpi_free(&grp->P); + mbedtls_mpi_free(&grp->A); + mbedtls_mpi_free(&grp->B); + mbedtls_ecp_point_free(&grp->G); + mbedtls_mpi_free(&grp->N); } - if( grp->T != NULL ) - { - for( i = 0; i < grp->T_size; i++ ) - mbedtls_ecp_point_free( &grp->T[i] ); - mbedtls_free( grp->T ); + if (grp->T != NULL) { + for (i = 0; i < grp->T_size; i++) { + mbedtls_ecp_point_free(&grp->T[i]); + } + mbedtls_free(grp->T); } - mbedtls_platform_zeroize( grp, sizeof( mbedtls_ecp_group ) ); + mbedtls_platform_zeroize(grp, sizeof(mbedtls_ecp_group)); } /* * Unallocate (the components of) a key pair */ -void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) +void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key) { - if( key == NULL ) + if (key == NULL) { return; + } - mbedtls_ecp_group_free( &key->grp ); - mbedtls_mpi_free( &key->d ); - mbedtls_ecp_point_free( &key->Q ); + mbedtls_ecp_group_free(&key->grp); + mbedtls_mpi_free(&key->d); + mbedtls_ecp_point_free(&key->Q); } /* * Copy the contents of a point */ -int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) +int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(Q != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Z, &Q->Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->X, &Q->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Y, &Q->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&P->Z, &Q->Z)); cleanup: - return( ret ); + return ret; } /* * Copy the contents of a group object */ -int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ) +int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst, const mbedtls_ecp_group *src) { - ECP_VALIDATE_RET( dst != NULL ); - ECP_VALIDATE_RET( src != NULL ); + ECP_VALIDATE_RET(dst != NULL); + ECP_VALIDATE_RET(src != NULL); - return( mbedtls_ecp_group_load( dst, src->id ) ); + return mbedtls_ecp_group_load(dst, src->id); } /* * Set point to zero */ -int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) +int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(pt != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z , 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Y, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 0)); cleanup: - return( ret ); + return ret; } /* * Tell if a point is zero */ -int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ) +int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt) { - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(pt != NULL); - return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ); + return mbedtls_mpi_cmp_int(&pt->Z, 0) == 0; } /* * Compare two points lazily */ -int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, - const mbedtls_ecp_point *Q ) +int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, + const mbedtls_ecp_point *Q) { - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(Q != NULL); - if( mbedtls_mpi_cmp_mpi( &P->X, &Q->X ) == 0 && - mbedtls_mpi_cmp_mpi( &P->Y, &Q->Y ) == 0 && - mbedtls_mpi_cmp_mpi( &P->Z, &Q->Z ) == 0 ) - { - return( 0 ); + if (mbedtls_mpi_cmp_mpi(&P->X, &Q->X) == 0 && + mbedtls_mpi_cmp_mpi(&P->Y, &Q->Y) == 0 && + mbedtls_mpi_cmp_mpi(&P->Z, &Q->Z) == 0) { + return 0; } - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Import a non-zero point from ASCII strings */ -int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, - const char *x, const char *y ) +int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix, + const char *x, const char *y) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( x != NULL ); - ECP_VALIDATE_RET( y != NULL ); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(x != NULL); + ECP_VALIDATE_RET(y != NULL); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->X, radix, x)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P->Y, radix, y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1)); cleanup: - return( ret ); + return ret; } /* * Export a point into unsigned binary data (SEC1 2.3.3 and RFC7748) */ -int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *P, - int format, size_t *olen, - unsigned char *buf, size_t buflen ) +int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *P, + int format, size_t *olen, + unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; size_t plen; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( olen != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || - format == MBEDTLS_ECP_PF_COMPRESSED ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(olen != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED); - plen = mbedtls_mpi_size( &grp->P ); + plen = mbedtls_mpi_size(&grp->P); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) (void) format; /* Montgomery curves always use the same point format */ - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { *olen = plen; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &P->X, buf, plen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&P->X, buf, plen)); } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { /* * Common case: P == 0 */ - if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) - { - if( buflen < 1 ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) { + if (buflen < 1) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } buf[0] = 0x00; *olen = 1; - return( 0 ); + return 0; } - if( format == MBEDTLS_ECP_PF_UNCOMPRESSED ) - { + if (format == MBEDTLS_ECP_PF_UNCOMPRESSED) { *olen = 2 * plen + 1; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } buf[0] = 0x04; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->Y, buf + 1 + plen, plen ) ); - } - else if( format == MBEDTLS_ECP_PF_COMPRESSED ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->Y, buf + 1 + plen, plen)); + } else if (format == MBEDTLS_ECP_PF_COMPRESSED) { *olen = plen + 1; - if( buflen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (buflen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - buf[0] = 0x02 + mbedtls_mpi_get_bit( &P->Y, 0 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) ); + buf[0] = 0x02 + mbedtls_mpi_get_bit(&P->Y, 0); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&P->X, buf + 1, plen)); } } #endif cleanup: - return( ret ); + return ret; } /* * Import a point from unsigned binary data (SEC1 2.3.4 and RFC7748) */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char *buf, size_t ilen ) +int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char *buf, size_t ilen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; size_t plen; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(buf != NULL); - if( ilen < 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ilen < 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - plen = mbedtls_mpi_size( &grp->P ); + plen = mbedtls_mpi_size(&grp->P); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - if( plen != ilen ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + if (plen != ilen) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &pt->X, buf, plen ) ); - mbedtls_mpi_free( &pt->Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&pt->X, buf, plen)); + mbedtls_mpi_free(&pt->Y); - if( grp->id == MBEDTLS_ECP_DP_CURVE25519 ) + if (grp->id == MBEDTLS_ECP_DP_CURVE25519) { /* Set most significant bit to 0 as prescribed in RFC7748 §5 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &pt->X, plen * 8 - 1, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&pt->X, plen * 8 - 1, 0)); + } - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - if( buf[0] == 0x00 ) - { - if( ilen == 1 ) - return( mbedtls_ecp_set_zero( pt ) ); - else - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + if (buf[0] == 0x00) { + if (ilen == 1) { + return mbedtls_ecp_set_zero(pt); + } else { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } } - if( buf[0] != 0x04 ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if (buf[0] != 0x04) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - if( ilen != 2 * plen + 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (ilen != 2 * plen + 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->X, buf + 1, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->Y, - buf + 1 + plen, plen ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->X, buf + 1, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&pt->Y, + buf + 1 + plen, plen)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); } #endif cleanup: - return( ret ); + return ret; } /* @@ -1006,26 +987,28 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, * opaque point <1..2^8-1>; * } ECPoint; */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *pt, - const unsigned char **buf, size_t buf_len ) +int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t buf_len) { unsigned char data_len; const unsigned char *buf_start; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); /* * We must have at least two bytes (1 for length, at least one for data) */ - if( buf_len < 2 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (buf_len < 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } data_len = *(*buf)++; - if( data_len < 1 || data_len > buf_len - 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (data_len < 1 || data_len > buf_len - 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * Save buffer start for read_binary and update buf @@ -1033,7 +1016,7 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, buf_start = *buf; *buf += data_len; - return( mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ) ); + return mbedtls_ecp_point_read_binary(grp, pt, buf_start, data_len); } /* @@ -1042,27 +1025,29 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, * opaque point <1..2^8-1>; * } ECPoint; */ -int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, - int format, size_t *olen, - unsigned char *buf, size_t blen ) +int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, + int format, size_t *olen, + unsigned char *buf, size_t blen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); - ECP_VALIDATE_RET( olen != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || - format == MBEDTLS_ECP_PF_COMPRESSED ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); + ECP_VALIDATE_RET(olen != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED); /* * buffer length must be at least one, for our length byte */ - if( blen < 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (blen < 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format, - olen, buf + 1, blen - 1) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_point_write_binary(grp, pt, format, + olen, buf + 1, blen - 1)) != 0) { + return ret; + } /* * write length to the first byte and update total length @@ -1070,51 +1055,54 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp buf[0] = (unsigned char) *olen; ++*olen; - return( 0 ); + return 0; } /* * Set a group from an ECParameters record (RFC 4492) */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, - const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); - if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, len)) != 0) { + return ret; + } - return( mbedtls_ecp_group_load( grp, grp_id ) ); + return mbedtls_ecp_group_load(grp, grp_id); } /* * Read a group id from an ECParameters record (RFC 4492) and convert it to * mbedtls_ecp_group_id. */ -int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, - const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, + const unsigned char **buf, size_t len) { uint16_t tls_id; const mbedtls_ecp_curve_info *curve_info; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( *buf != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(*buf != NULL); /* * We expect at least three bytes (see below) */ - if( len < 3 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (len < 3) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * First byte is curve_type; only named_curve is handled */ - if( *(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (*(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * Next two bytes are the namedcurve value @@ -1123,34 +1111,37 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, tls_id <<= 8; tls_id |= *(*buf)++; - if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if ((curve_info = mbedtls_ecp_curve_info_from_tls_id(tls_id)) == NULL) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } *grp = curve_info->grp_id; - return( 0 ); + return 0; } /* * Write the ECParameters record corresponding to a group (RFC 4492) */ -int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, - unsigned char *buf, size_t blen ) +int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, + unsigned char *buf, size_t blen) { const mbedtls_ecp_curve_info *curve_info; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( buf != NULL ); - ECP_VALIDATE_RET( olen != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(buf != NULL); + ECP_VALIDATE_RET(olen != NULL); - if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((curve_info = mbedtls_ecp_curve_info_from_grp_id(grp->id)) == NULL) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* * We are going to write 3 bytes (see below) */ *olen = 3; - if( blen < *olen ) - return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); + if (blen < *olen) { + return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } /* * First byte is curve_type, always named_curve @@ -1160,9 +1151,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, /* * Next two bytes are the namedcurve value */ - MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, buf, 0 ); + MBEDTLS_PUT_UINT16_BE(curve_info->tls_id, buf, 0); - return( 0 ); + return 0; } /* @@ -1171,32 +1162,34 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, * * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf. */ -static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) +static int ecp_modp(mbedtls_mpi *N, const mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( grp->modp == NULL ) - return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) ); + if (grp->modp == NULL) { + return mbedtls_mpi_mod_mpi(N, N, &grp->P); + } /* N->s < 0 is a much faster test, which fails only if N is 0 */ - if( ( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) || - mbedtls_mpi_bitlen( N ) > 2 * grp->pbits ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if ((N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) || + mbedtls_mpi_bitlen(N) > 2 * grp->pbits) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - MBEDTLS_MPI_CHK( grp->modp( N ) ); + MBEDTLS_MPI_CHK(grp->modp(N)); /* N->s < 0 is a much faster test, which fails only if N is 0 */ - while( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) ); + while (N->s < 0 && mbedtls_mpi_cmp_int(N, 0) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &grp->P)); + } - while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 ) + while (mbedtls_mpi_cmp_mpi(N, &grp->P) >= 0) { /* we known P, N and the result are positive */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(N, N, &grp->P)); + } cleanup: - return( ret ); + return ret; } /* @@ -1218,50 +1211,50 @@ static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp ) #define INC_MUL_COUNT #endif -#define MOD_MUL( N ) \ +#define MOD_MUL(N) \ do \ { \ - MBEDTLS_MPI_CHK( ecp_modp( &(N), grp ) ); \ + MBEDTLS_MPI_CHK(ecp_modp(&(N), grp)); \ INC_MUL_COUNT \ - } while( 0 ) + } while (0) -static inline int mbedtls_mpi_mul_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +static inline int mbedtls_mpi_mul_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( X, A, B ) ); - MOD_MUL( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(X, A, B)); + MOD_MUL(*X); cleanup: - return( ret ); + return ret; } /* * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi * N->s < 0 is a very fast test, which fails only if N is 0 */ -#define MOD_SUB( N ) \ - while( (N).s < 0 && mbedtls_mpi_cmp_int( &(N), 0 ) != 0 ) \ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &(N), &(N), &grp->P ) ) - -#if ( defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT) ) ) || \ - ( defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) ) ) -static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +#define MOD_SUB(N) \ + while ((N).s < 0 && mbedtls_mpi_cmp_int(&(N), 0) != 0) \ + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&(N), &(N), &grp->P)) + +#if (defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ + defined(MBEDTLS_ECP_ADD_MIXED_ALT))) || \ + (defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \ + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT))) +static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( X, A, B ) ); - MOD_SUB( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(X, A, B)); + MOD_SUB(*X); cleanup: - return( ret ); + return ret; } #endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */ @@ -1270,44 +1263,45 @@ static inline int mbedtls_mpi_sub_mod( const mbedtls_ecp_group *grp, * We known P, N and the result are positive, so sub_abs is correct, and * a bit faster. */ -#define MOD_ADD( N ) \ - while( mbedtls_mpi_cmp_mpi( &(N), &grp->P ) >= 0 ) \ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &(N), &(N), &grp->P ) ) +#define MOD_ADD(N) \ + while (mbedtls_mpi_cmp_mpi(&(N), &grp->P) >= 0) \ + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_abs(&(N), &(N), &grp->P)) -static inline int mbedtls_mpi_add_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - const mbedtls_mpi *A, - const mbedtls_mpi *B ) +static inline int mbedtls_mpi_add_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + const mbedtls_mpi *A, + const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, A, B ) ); - MOD_ADD( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(X, A, B)); + MOD_ADD(*X); cleanup: - return( ret ); + return ret; } #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !( defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT) ) -static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, - mbedtls_mpi *X, - size_t count ) + !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ + defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ + defined(MBEDTLS_ECP_ADD_MIXED_ALT)) +static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp, + mbedtls_mpi *X, + size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, count ) ); - MOD_ADD( *X ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(X, count)); + MOD_ADD(*X); cleanup: - return( ret ); + return ret; } -#endif /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */ +#endif \ + /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* * For curves in short Weierstrass form, we do all the internal operations in * Jacobian coordinates. * - * For multiplication, we'll use a comb method with coutermeasueres against + * For multiplication, we'll use a comb method with countermeasures against * SPA, hence timing attacks. */ @@ -1315,46 +1309,48 @@ static inline int mbedtls_mpi_shift_l_mod( const mbedtls_ecp_group *grp, * Normalize jacobian coordinates so that Z == 0 || Z == 1 (GECC 3.2.1) * Cost: 1N := 1I + 3M + 1S */ -static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt ) +static int ecp_normalize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt) { - if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ) - return( 0 ); + if (mbedtls_mpi_cmp_int(&pt->Z, 0) == 0) { + return 0; + } #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_jac( grp, pt ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_jac(grp, pt); + } #endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi Zi, ZZi; - mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); + mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi); /* * X = X / Z^2 mod p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi, &pt->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ZZi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&Zi, &pt->Z, &grp->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi, &Zi, &Zi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X, &pt->X, &ZZi)); /* * Y = Y / Z^3 mod p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &Zi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &Zi)); /* * Z = 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&pt->Z, 1)); cleanup: - mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); + mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) */ } @@ -1369,68 +1365,68 @@ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p * * Cost: 1N(t) := 1I + (6t - 3)M + 1S */ -static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *T[], size_t T_size ) +static int ecp_normalize_jac_many(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *T[], size_t T_size) { - if( T_size < 2 ) - return( ecp_normalize_jac( grp, *T ) ); + if (T_size < 2) { + return ecp_normalize_jac(grp, *T); + } #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_jac_many(grp, T, T_size); + } #endif #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi *c, u, Zi, ZZi; - if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL ) - return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + if ((c = mbedtls_calloc(T_size, sizeof(mbedtls_mpi))) == NULL) { + return MBEDTLS_ERR_ECP_ALLOC_FAILED; + } - for( i = 0; i < T_size; i++ ) - mbedtls_mpi_init( &c[i] ); + for (i = 0; i < T_size; i++) { + mbedtls_mpi_init(&c[i]); + } - mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); + mbedtls_mpi_init(&u); mbedtls_mpi_init(&Zi); mbedtls_mpi_init(&ZZi); /* * c[i] = Z_0 * ... * Z_i */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) ); - for( i = 1; i < T_size; i++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &c[i], &c[i-1], &T[i]->Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&c[0], &T[0]->Z)); + for (i = 1; i < T_size; i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &c[i], &c[i-1], &T[i]->Z)); } /* * u = 1 / (Z_0 * ... * Z_n) mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&u, &c[T_size-1], &grp->P)); - for( i = T_size - 1; ; i-- ) - { + for (i = T_size - 1;; i--) { /* * Zi = 1 / Z_i mod p * u = 1 / (Z_0 * ... * Z_i) mod P */ - if( i == 0 ) { - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Zi, &u ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Zi, &u, &c[i-1] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &u, &u, &T[i]->Z ) ); + if (i == 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&Zi, &u)); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Zi, &u, &c[i-1])); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &u, &u, &T[i]->Z)); } /* * proceed as in normalize() */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ZZi, &Zi, &Zi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->X, &T[i]->X, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &ZZi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T[i]->Y, &T[i]->Y, &Zi ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ZZi, &Zi, &Zi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->X, &T[i]->X, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &ZZi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T[i]->Y, &T[i]->Y, &Zi)); /* * Post-precessing: reclaim some memory by shrinking coordinates @@ -1438,22 +1434,24 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * - shrinking other coordinates, but still keeping the same number of * limbs as P, as otherwise it will too likely be regrown too fast. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) ); - mbedtls_mpi_free( &T[i]->Z ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->X, grp->P.n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shrink(&T[i]->Y, grp->P.n)); + mbedtls_mpi_free(&T[i]->Z); - if( i == 0 ) + if (i == 0) { break; + } } cleanup: - mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); - for( i = 0; i < T_size; i++ ) - mbedtls_mpi_free( &c[i] ); - mbedtls_free( c ); + mbedtls_mpi_free(&u); mbedtls_mpi_free(&Zi); mbedtls_mpi_free(&ZZi); + for (i = 0; i < T_size; i++) { + mbedtls_mpi_free(&c[i]); + } + mbedtls_free(c); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) */ } @@ -1461,25 +1459,25 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak. * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid */ -static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *Q, - unsigned char inv ) +static int ecp_safe_invert_jac(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *Q, + unsigned char inv) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char nonzero; mbedtls_mpi mQY; - mbedtls_mpi_init( &mQY ); + mbedtls_mpi_init(&mQY); /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) ); - nonzero = mbedtls_mpi_cmp_int( &Q->Y, 0 ) != 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mQY, &grp->P, &Q->Y)); + nonzero = mbedtls_mpi_cmp_int(&Q->Y, 0) != 0; + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&Q->Y, &mQY, inv & nonzero)); cleanup: - mbedtls_mpi_free( &mQY ); + mbedtls_mpi_free(&mQY); - return( ret ); + return ret; } /* @@ -1496,85 +1494,82 @@ static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp, * 4M + 4S (A == -3) * 3M + 6S + 1a otherwise */ -static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *P ) +static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P) { #if defined(MBEDTLS_SELF_TEST) dbl_count++; #endif #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_double_jac( grp, R, P ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_double_jac(grp, R, P); + } #endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, S, T, U; - mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U ); + mbedtls_mpi_init(&M); mbedtls_mpi_init(&S); mbedtls_mpi_init(&T); mbedtls_mpi_init(&U); /* Special case for A = -3 */ - if( grp->A.p == NULL ) - { + if (grp->A.p == NULL) { /* M = 3(X + Z^2)(X - Z^2) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &T, &P->X, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &U, &P->X, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &U ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); - } - else - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &T, &P->X, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &U, &P->X, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &T, &U)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &S, 3)); MOD_ADD(M); + } else { /* M = 3.X^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &S, 3 ) ); MOD_ADD( M ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->X, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &S, 3)); MOD_ADD(M); /* Optimize away for "koblitz" curves with A = 0 */ - if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&grp->A, 0) != 0) { /* M += A.Z^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &S, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &T, &grp->A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &M, &M, &S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &S, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &T, &grp->A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &M, &M, &S)); } } /* S = 4.X.Y^2 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &P->Y, &P->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &P->X, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &S, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &P->Y, &P->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &P->X, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &S, 1)); /* U = 8.Y^4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &T, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U, &T, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U, 1)); /* T = M^2 - 2.S */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T, &M, &M ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T, &T, &S ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T, &M, &M)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T, &T, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T, &T, &S)); /* S = M(S - T) - U */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S, &S, &M ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S, &S, &U ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S, &S, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S, &S, &M)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S, &S, &U)); /* U = 2.Y.Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &U, &P->Y, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &U, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &U, &P->Y, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &U, 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &U ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &S)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &U)); cleanup: - mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U ); + mbedtls_mpi_free(&M); mbedtls_mpi_free(&S); mbedtls_mpi_free(&T); mbedtls_mpi_free(&U); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) */ } @@ -1596,20 +1591,21 @@ static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Cost: 1A := 8M + 3S */ -static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) +static int ecp_add_mixed(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q) { #if defined(MBEDTLS_SELF_TEST) add_count++; #endif #if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_add_mixed(grp, R, P, Q); + } #endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_ADD_MIXED_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi T1, T2, T3, T4, X, Y, Z; @@ -1617,67 +1613,66 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* * Trivial cases: P == 0 or Q == 0 (case 1) */ - if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 ) - return( mbedtls_ecp_copy( R, Q ) ); + if (mbedtls_mpi_cmp_int(&P->Z, 0) == 0) { + return mbedtls_ecp_copy(R, Q); + } - if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 0 ) == 0 ) - return( mbedtls_ecp_copy( R, P ) ); + if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 0) == 0) { + return mbedtls_ecp_copy(R, P); + } /* * Make sure Q coordinates are normalized */ - if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 1 ) != 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (Q->Z.p != NULL && mbedtls_mpi_cmp_int(&Q->Z, 1) != 0) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&T1); mbedtls_mpi_init(&T2); mbedtls_mpi_init(&T3); mbedtls_mpi_init(&T4); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &P->Z, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T1, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T1, &T1, &Q->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T2, &T2, &Q->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T1, &T1, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T2, &T2, &P->Y ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1, &P->Z, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2, &T1, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T1, &T1, &Q->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T2, &T2, &Q->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T1, &T1, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T2, &T2, &P->Y)); /* Special cases (2) and (3) */ - if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 ) - { - if( mbedtls_mpi_cmp_int( &T2, 0 ) == 0 ) - { - ret = ecp_double_jac( grp, R, P ); + if (mbedtls_mpi_cmp_int(&T1, 0) == 0) { + if (mbedtls_mpi_cmp_int(&T2, 0) == 0) { + ret = ecp_double_jac(grp, R, P); goto cleanup; - } - else - { - ret = mbedtls_ecp_set_zero( R ); + } else { + ret = mbedtls_ecp_set_zero(R); goto cleanup; } } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &Z, &P->Z, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T1, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T3, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &T3 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l_mod( grp, &T1, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &X, &T2, &T2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &X, &X, &T4 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &T3, &T3, &X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T3, &T3, &T2 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &T4, &T4, &P->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &Y, &T3, &T4 ) ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &Z ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &Z, &P->Z, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T1, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4, &T3, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T3, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&T1, &T3)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l_mod(grp, &T1, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &X, &T2, &T2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X, &X, &T1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &X, &X, &T4)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &T3, &T3, &X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T3, &T3, &T2)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &T4, &T4, &P->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &Y, &T3, &T4)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->X, &X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Y, &Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&R->Z, &Z)); cleanup: - mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); mbedtls_mpi_free( &T3 ); mbedtls_mpi_free( &T4 ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&T1); mbedtls_mpi_free(&T2); mbedtls_mpi_free(&T3); mbedtls_mpi_free(&T4); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_ADD_MIXED_ALT) */ } @@ -1688,42 +1683,44 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * This countermeasure was first suggested in [2]. */ -static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecp_randomize_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_randomize_jac(grp, pt, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l, ll; - mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll ); + mbedtls_mpi_init(&l); mbedtls_mpi_init(&ll); /* Generate l such that 1 < l < p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng)); /* Z = l * Z */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Z, &pt->Z, &l ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Z, &pt->Z, &l)); /* X = l^2 * X */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &l, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->X, &pt->X, &ll ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll, &l, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->X, &pt->X, &ll)); /* Y = l^3 * Y */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &ll, &ll, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &pt->Y, &pt->Y, &ll ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &ll, &ll, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &pt->Y, &pt->Y, &ll)); cleanup: - mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll ); + mbedtls_mpi_free(&l); mbedtls_mpi_free(&ll); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - return( ret ); + } + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) */ } @@ -1735,10 +1732,10 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p #endif /* d = ceil( n / w ) */ -#define COMB_MAX_D ( MBEDTLS_ECP_MAX_BITS + 1 ) / 2 +#define COMB_MAX_D (MBEDTLS_ECP_MAX_BITS + 1) / 2 /* number of precomputed points */ -#define COMB_MAX_PRE ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) ) +#define COMB_MAX_PRE (1 << (MBEDTLS_ECP_WINDOW_SIZE - 1)) /* * Compute the representation of m that will be used with our comb method. @@ -1787,32 +1784,33 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d * (the result will be incorrect if these assumptions are not satisfied) */ -static void ecp_comb_recode_core( unsigned char x[], size_t d, - unsigned char w, const mbedtls_mpi *m ) +static void ecp_comb_recode_core(unsigned char x[], size_t d, + unsigned char w, const mbedtls_mpi *m) { size_t i, j; unsigned char c, cc, adjust; - memset( x, 0, d+1 ); + memset(x, 0, d+1); /* First get the classical comb values (except for x_d = 0) */ - for( i = 0; i < d; i++ ) - for( j = 0; j < w; j++ ) - x[i] |= mbedtls_mpi_get_bit( m, i + d * j ) << j; + for (i = 0; i < d; i++) { + for (j = 0; j < w; j++) { + x[i] |= mbedtls_mpi_get_bit(m, i + d * j) << j; + } + } /* Now make sure x_1 .. x_d are odd */ c = 0; - for( i = 1; i <= d; i++ ) - { + for (i = 1; i <= d; i++) { /* Add carry and update it */ cc = x[i] & c; x[i] = x[i] ^ c; c = cc; /* Adjust if needed, avoiding branches */ - adjust = 1 - ( x[i] & 0x01 ); - c |= x[i] & ( x[i-1] * adjust ); - x[i] = x[i] ^ ( x[i-1] * adjust ); + adjust = 1 - (x[i] & 0x01); + c |= x[i] & (x[i-1] * adjust); + x[i] = x[i] ^ (x[i-1] * adjust); x[i-1] |= adjust << 7; } } @@ -1851,36 +1849,38 @@ static void ecp_comb_recode_core( unsigned char x[], size_t d, * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order * to minimize maximum blocking time. */ -static int ecp_precompute_comb( const mbedtls_ecp_group *grp, - mbedtls_ecp_point T[], const mbedtls_ecp_point *P, - unsigned char w, size_t d, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_precompute_comb(const mbedtls_ecp_group *grp, + mbedtls_ecp_point T[], const mbedtls_ecp_point *P, + unsigned char w, size_t d, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t j = 0; - const unsigned char T_size = 1U << ( w - 1 ); + const unsigned char T_size = 1U << (w - 1); mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1]; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { - if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { + if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) { goto dbl; - if( rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl) { goto norm_dbl; - if( rs_ctx->rsm->state == ecp_rsm_pre_add ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_add) { goto add; - if( rs_ctx->rsm->state == ecp_rsm_pre_norm_add ) + } + if (rs_ctx->rsm->state == ecp_rsm_pre_norm_add) { goto norm_add; + } } #else (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_dbl; /* initial state for the loop */ @@ -1893,31 +1893,32 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * Set T[0] = P and * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value) */ - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&T[0], P)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) { j = rs_ctx->rsm->i; - else + } else #endif - j = 0; + j = 0; - for( ; j < d * ( w - 1 ); j++ ) - { - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL ); + for (; j < d * (w - 1); j++) { + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL); - i = 1U << ( j / d ); + i = 1U << (j / d); cur = T + i; - if( j % d == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); + if (j % d == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(cur, T + (i >> 1))); + } - MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); + MBEDTLS_MPI_CHK(ecp_double_jac(grp, cur, cur)); } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl; + } norm_dbl: #endif @@ -1926,16 +1927,18 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * use an auxiliary array of pointers to elements in T. */ j = 0; - for( i = 1; i < T_size; i <<= 1 ) + for (i = 1; i < T_size; i <<= 1) { TT[j++] = T + i; + } - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2); - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_add; + } add: #endif @@ -1943,18 +1946,19 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * Compute the remaining ones using the minimal number of additions * Be careful to update T[2^l] only after using it! */ - MBEDTLS_ECP_BUDGET( ( T_size - 1 ) * MBEDTLS_ECP_OPS_ADD ); + MBEDTLS_ECP_BUDGET((T_size - 1) * MBEDTLS_ECP_OPS_ADD); - for( i = 1; i < T_size; i <<= 1 ) - { + for (i = 1; i < T_size; i <<= 1) { j = i; - while( j-- ) - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); + while (j--) { + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, &T[i + j], &T[j], &T[i])); + } } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_pre_norm_add; + } norm_add: #endif @@ -1963,24 +1967,25 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * still need the auxiliary array for homogeneity with the previous * call. Also, skip T[0] which is already normalised, being a copy of P. */ - for( j = 0; j + 1 < T_size; j++ ) + for (j = 0; j + 1 < T_size; j++) { TT[j] = T + j + 1; + } - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV + 6 * j - 2); - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac_many(grp, TT, j)); cleanup: #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { - if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + if (rs_ctx->rsm->state == ecp_rsm_pre_dbl) { rs_ctx->rsm->i = j; + } } #endif - return( ret ); + return ret; } /* @@ -1988,28 +1993,27 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, * * See ecp_comb_recode_core() for background */ -static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char T_size, - unsigned char i ) +static int ecp_select_comb(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char T_size, + unsigned char i) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ii, j; /* Ignore the "sign" bit and scale down */ - ii = ( i & 0x7Fu ) >> 1; + ii = (i & 0x7Fu) >> 1; /* Read the whole table to thwart cache-based timing attacks */ - for( j = 0; j < T_size; j++ ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) ); + for (j = 0; j < T_size; j++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->X, &T[j].X, j == ii)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&R->Y, &T[j].Y, j == ii)); } /* Safely invert result if i is "negative" */ - MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) ); + MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, R, i >> 7)); cleanup: - return( ret ); + return ret; } /* @@ -2018,74 +2022,76 @@ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Cost: d A + d D + 1 R */ -static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char T_size, - const unsigned char x[], size_t d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb_core(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_ecp_point T[], unsigned char T_size, + const unsigned char x[], size_t d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Txi; size_t i; - mbedtls_ecp_point_init( &Txi ); + mbedtls_ecp_point_init(&Txi); #if !defined(MBEDTLS_ECP_RESTARTABLE) (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - rs_ctx->rsm->state != ecp_rsm_comb_core ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + rs_ctx->rsm->state != ecp_rsm_comb_core) { rs_ctx->rsm->i = 0; rs_ctx->rsm->state = ecp_rsm_comb_core; } /* new 'if' instead of nested for the sake of the 'else' branch */ - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0) { /* restore current index (R already pointing to rs_ctx->rsm->R) */ i = rs_ctx->rsm->i; - } - else + } else #endif { + int have_rng = 1; + /* Start with a non-zero point and randomize its coordinates */ i = d; - MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); + MBEDTLS_MPI_CHK(ecp_select_comb(grp, R, T, T_size, x[i])); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 1)); + #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng != 0 ) + if (f_rng == NULL) { + have_rng = 0; + } #endif - MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, R, f_rng, p_rng)); + } } - while( i != 0 ) - { - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD ); + while (i != 0) { + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD); --i; - MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) ); - MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, T_size, x[i] ) ); - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); + MBEDTLS_MPI_CHK(ecp_double_jac(grp, R, R)); + MBEDTLS_MPI_CHK(ecp_select_comb(grp, &Txi, T, T_size, x[i])); + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, R, R, &Txi)); } cleanup: - mbedtls_ecp_point_free( &Txi ); + mbedtls_ecp_point_free(&Txi); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && - ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { rs_ctx->rsm->i = i; /* no need to save R, already pointing to rs_ctx->rsm->R */ } #endif - return( ret ); + return ret; } /* @@ -2100,39 +2106,40 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R * * See ecp_comb_recode_core() for background. */ -static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, - const mbedtls_mpi *m, - unsigned char k[COMB_MAX_D + 1], - size_t d, - unsigned char w, - unsigned char *parity_trick ) +static int ecp_comb_recode_scalar(const mbedtls_ecp_group *grp, + const mbedtls_mpi *m, + unsigned char k[COMB_MAX_D + 1], + size_t d, + unsigned char w, + unsigned char *parity_trick) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi M, mm; - mbedtls_mpi_init( &M ); - mbedtls_mpi_init( &mm ); + mbedtls_mpi_init(&M); + mbedtls_mpi_init(&mm); /* N is always odd (see above), just make extra sure */ - if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + if (mbedtls_mpi_get_bit(&grp->N, 0) != 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } /* do we need the parity trick? */ - *parity_trick = ( mbedtls_mpi_get_bit( m, 0 ) == 0 ); + *parity_trick = (mbedtls_mpi_get_bit(m, 0) == 0); /* execute parity fix in constant time */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, *parity_trick ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&M, m)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&mm, &grp->N, m)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(&M, &mm, *parity_trick)); /* actual scalar recoding */ - ecp_comb_recode_core( k, d, w, &M ); + ecp_comb_recode_core(k, d, w, &M); cleanup: - mbedtls_mpi_free( &mm ); - mbedtls_mpi_free( &M ); + mbedtls_mpi_free(&mm); + mbedtls_mpi_free(&M); - return( ret ); + return ret; } /* @@ -2142,44 +2149,46 @@ static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, * Scalar recoding may use a parity trick that makes us compute -m * P, * if that is the case we'll need to recover m * P at the end. */ -static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - const mbedtls_mpi *m, - const mbedtls_ecp_point *T, - unsigned char T_size, - unsigned char w, - size_t d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb_after_precomp(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + const mbedtls_mpi *m, + const mbedtls_ecp_point *T, + unsigned char T_size, + unsigned char w, + size_t d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char parity_trick; unsigned char k[COMB_MAX_D + 1]; mbedtls_ecp_point *RR = R; + int have_rng = 1; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { RR = &rs_ctx->rsm->R; - if( rs_ctx->rsm->state == ecp_rsm_final_norm ) + if (rs_ctx->rsm->state == ecp_rsm_final_norm) { goto final_norm; + } } #endif - MBEDTLS_MPI_CHK( ecp_comb_recode_scalar( grp, m, k, d, w, - &parity_trick ) ); - MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, RR, T, T_size, k, d, - f_rng, p_rng, rs_ctx ) ); - MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, RR, parity_trick ) ); + MBEDTLS_MPI_CHK(ecp_comb_recode_scalar(grp, m, k, d, w, + &parity_trick)); + MBEDTLS_MPI_CHK(ecp_mul_comb_core(grp, RR, T, T_size, k, d, + f_rng, p_rng, rs_ctx)); + MBEDTLS_MPI_CHK(ecp_safe_invert_jac(grp, RR, parity_trick)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->state = ecp_rsm_final_norm; + } final_norm: - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV); #endif /* * Knowledge of the jacobian coordinates may leak the last few bits of the @@ -2193,26 +2202,31 @@ static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, * Avoid the leak by randomizing coordinates before we normalize them. */ #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng != 0 ) + if (f_rng == NULL) { + have_rng = 0; + } #endif - MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_jac(grp, RR, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) ); + MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, RR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, RR ) ); + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, RR)); + } #endif cleanup: - return( ret ); + return ret; } /* * Pick window size based on curve size and whether we optimize for base point */ -static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, - unsigned char p_eq_g ) +static unsigned char ecp_pick_window_size(const mbedtls_ecp_group *grp, + unsigned char p_eq_g) { unsigned char w; @@ -2228,21 +2242,24 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, * Just adding one avoids upping the cost of the first mul too much, * and the memory cost too. */ - if( p_eq_g ) + if (p_eq_g) { w++; + } /* * Make sure w is within bounds. * (The last test is useful only for very small curves in the test suite.) */ -#if( MBEDTLS_ECP_WINDOW_SIZE < 6 ) - if( w > MBEDTLS_ECP_WINDOW_SIZE ) +#if (MBEDTLS_ECP_WINDOW_SIZE < 6) + if (w > MBEDTLS_ECP_WINDOW_SIZE) { w = MBEDTLS_ECP_WINDOW_SIZE; + } #endif - if( w >= grp->nbits ) + if (w >= grp->nbits) { w = 2; + } - return( w ); + return w; } /* @@ -2251,18 +2268,18 @@ static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, * This function is mainly responsible for administrative work: * - managing the restart context if enabled * - managing the table of precomputed points (passed between the below two - * functions): allocation, computation, ownership tranfer, freeing. + * functions): allocation, computation, ownership transfer, freeing. * * It delegates the actual arithmetic work to: * ecp_precompute_comb() and ecp_mul_comb_with_precomp() * * See comments on ecp_comb_recode_core() regarding the computation strategy. */ -static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int ecp_mul_comb(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char w, p_eq_g, i; @@ -2272,64 +2289,61 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) ecp_drbg_context drbg_ctx; - ecp_drbg_init( &drbg_ctx ); + ecp_drbg_init(&drbg_ctx); #endif - ECP_RS_ENTER( rsm ); + ECP_RS_ENTER(rsm); #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { + if (f_rng == NULL) { /* Adjust pointers */ f_rng = &ecp_drbg_random; #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { p_rng = &rs_ctx->rsm->drbg_ctx; - else + } else #endif - p_rng = &drbg_ctx; + p_rng = &drbg_ctx; /* Initialize internal DRBG if necessary */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx == NULL || rs_ctx->rsm == NULL || - rs_ctx->rsm->drbg_seeded == 0 ) + if (rs_ctx == NULL || rs_ctx->rsm == NULL || + rs_ctx->rsm->drbg_seeded == 0) #endif { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) ); + const size_t m_len = (grp->nbits + 7) / 8; + MBEDTLS_MPI_CHK(ecp_drbg_seed(p_rng, m, m_len)); } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + if (rs_ctx != NULL && rs_ctx->rsm != NULL) { rs_ctx->rsm->drbg_seeded = 1; + } #endif } #endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ /* Is P the base point ? */ #if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 - p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && - mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); + p_eq_g = (mbedtls_mpi_cmp_mpi(&P->Y, &grp->G.Y) == 0 && + mbedtls_mpi_cmp_mpi(&P->X, &grp->G.X) == 0); #else p_eq_g = 0; #endif /* Pick window size and deduce related sizes */ - w = ecp_pick_window_size( grp, p_eq_g ); - T_size = 1U << ( w - 1 ); - d = ( grp->nbits + w - 1 ) / w; + w = ecp_pick_window_size(grp, p_eq_g); + T_size = 1U << (w - 1); + d = (grp->nbits + w - 1) / w; /* Pre-computed table: do we have it already for the base point? */ - if( p_eq_g && grp->T != NULL ) - { + if (p_eq_g && grp->T != NULL) { /* second pointer to the same table, will be deleted on exit */ T = grp->T; T_ok = 1; - } - else + } else #if defined(MBEDTLS_ECP_RESTARTABLE) /* Pre-computed table: do we have one in progress? complete? */ - if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL) { /* transfer ownership of T from rsm to local function */ T = rs_ctx->rsm->T; rs_ctx->rsm->T = NULL; @@ -2337,31 +2351,28 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* This effectively jumps to the call to mul_comb_after_precomp() */ T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core; - } - else + } else #endif /* Allocate table if we didn't have any */ { - T = mbedtls_calloc( T_size, sizeof( mbedtls_ecp_point ) ); - if( T == NULL ) - { + T = mbedtls_calloc(T_size, sizeof(mbedtls_ecp_point)); + if (T == NULL) { ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; goto cleanup; } - for( i = 0; i < T_size; i++ ) - mbedtls_ecp_point_init( &T[i] ); + for (i = 0; i < T_size; i++) { + mbedtls_ecp_point_init(&T[i]); + } T_ok = 0; } /* Compute table (or finish computing it) if not done already */ - if( !T_ok ) - { - MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d, rs_ctx ) ); + if (!T_ok) { + MBEDTLS_MPI_CHK(ecp_precompute_comb(grp, T, P, w, d, rs_ctx)); - if( p_eq_g ) - { + if (p_eq_g) { /* almost transfer ownership of T to the group, but keep a copy of * the pointer to use for calling the next function more easily */ grp->T = T; @@ -2370,24 +2381,24 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, } /* Actual comb multiplication using precomputed points */ - MBEDTLS_MPI_CHK( ecp_mul_comb_after_precomp( grp, R, m, - T, T_size, w, d, - f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK(ecp_mul_comb_after_precomp(grp, R, m, + T, T_size, w, d, + f_rng, p_rng, rs_ctx)); cleanup: #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); + ecp_drbg_free(&drbg_ctx); #endif /* does T belong to the group? */ - if( T == grp->T ) + if (T == grp->T) { T = NULL; + } /* does T belong to the restart context? */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL ) - { + if (rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL) { /* transfer ownership of T from local function to rsm */ rs_ctx->rsm->T_size = T_size; rs_ctx->rsm->T = T; @@ -2396,24 +2407,28 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #endif /* did T belong to us? then let's destroy it! */ - if( T != NULL ) - { - for( i = 0; i < T_size; i++ ) - mbedtls_ecp_point_free( &T[i] ); - mbedtls_free( T ); + if (T != NULL) { + for (i = 0; i < T_size; i++) { + mbedtls_ecp_point_free(&T[i]); + } + mbedtls_free(T); } - /* don't free R while in progress in case R == P */ + /* prevent caller from using invalid value */ + int should_free_R = (ret != 0); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) + /* don't free R while in progress in case R == P */ + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + should_free_R = 0; + } #endif - /* prevent caller from using invalid value */ - if( ret != 0 ) - mbedtls_ecp_point_free( R ); + if (should_free_R) { + mbedtls_ecp_point_free(R); + } - ECP_RS_LEAVE( rsm ); + ECP_RS_LEAVE(rsm); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -2422,7 +2437,7 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* * For Montgomery curves, we do all the internal arithmetic in projective * coordinates. Import/export of points uses only the x coordinates, which is - * internaly represented as X / Z. + * internally represented as X / Z. * * For scalar multiplication, we'll use a Montgomery ladder. */ @@ -2431,23 +2446,24 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1 * Cost: 1M + 1I */ -static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P ) +static int ecp_normalize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P) { #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_normalize_mxz( grp, P ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_normalize_mxz(grp, P); + } #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&P->Z, &P->Z, &grp->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&P->Z, 1)); cleanup: - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) */ } @@ -2459,33 +2475,35 @@ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P * This countermeasure was first suggested in [2]. * Cost: 2M */ -static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecp_randomize_mxz(const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_randomize_mxz(grp, P, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi l; - mbedtls_mpi_init( &l ); + mbedtls_mpi_init(&l); /* Generate l such that 1 < l < p */ - MBEDTLS_MPI_CHK( mbedtls_mpi_random( &l, 2, &grp->P, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_random(&l, 2, &grp->P, f_rng, p_rng)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->X, &P->X, &l ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &P->Z, &P->Z, &l ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->X, &P->X, &l)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &P->Z, &P->Z, &l)); cleanup: - mbedtls_mpi_free( &l ); + mbedtls_mpi_free(&l); - if( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + if (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - return( ret ); + } + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) */ } @@ -2504,51 +2522,52 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P * * Cost: 5M + 4S */ -static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, mbedtls_ecp_point *S, - const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, - const mbedtls_mpi *d ) +static int ecp_double_add_mxz(const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, mbedtls_ecp_point *S, + const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q, + const mbedtls_mpi *d) { #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - if( mbedtls_internal_ecp_grp_capable( grp ) ) - return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) ); + if (mbedtls_internal_ecp_grp_capable(grp)) { + return mbedtls_internal_ecp_double_add_mxz(grp, R, S, P, Q, d); + } #endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ #if defined(MBEDTLS_ECP_NO_FALLBACK) && defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B ); - mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB ); - - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &A, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &AA, &A, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &B, &P->X, &P->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &BB, &B, &B ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &E, &AA, &BB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &C, &Q->X, &Q->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &D, &Q->X, &Q->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &DA, &D, &A ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &CB, &C, &B ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &S->X, &DA, &CB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->X, &S->X, &S->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mod( grp, &S->Z, &DA, &CB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, &S->Z, &S->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &S->Z, d, &S->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->X, &AA, &BB ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &grp->A, &E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &R->Z, &BB, &R->Z ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &R->Z, &E, &R->Z ) ); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&AA); mbedtls_mpi_init(&B); + mbedtls_mpi_init(&BB); mbedtls_mpi_init(&E); mbedtls_mpi_init(&C); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&DA); mbedtls_mpi_init(&CB); + + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &A, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &AA, &A, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &B, &P->X, &P->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &BB, &B, &B)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &E, &AA, &BB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &C, &Q->X, &Q->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &D, &Q->X, &Q->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &DA, &D, &A)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &CB, &C, &B)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &S->X, &DA, &CB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->X, &S->X, &S->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mod(grp, &S->Z, &DA, &CB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, &S->Z, &S->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &S->Z, d, &S->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->X, &AA, &BB)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &grp->A, &E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &R->Z, &BB, &R->Z)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &R->Z, &E, &R->Z)); cleanup: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B ); - mbedtls_mpi_free( &BB ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB ); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&AA); mbedtls_mpi_free(&B); + mbedtls_mpi_free(&BB); mbedtls_mpi_free(&E); mbedtls_mpi_free(&C); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&DA); mbedtls_mpi_free(&CB); - return( ret ); + return ret; #endif /* !defined(MBEDTLS_ECP_NO_FALLBACK) || !defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) */ } @@ -2556,12 +2575,13 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, * Multiplication with Montgomery ladder in x/z coordinates, * for curves in Montgomery form */ -static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int ecp_mul_mxz(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int have_rng = 1; size_t i; unsigned char b; mbedtls_ecp_point RP; @@ -2569,43 +2589,45 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) ecp_drbg_context drbg_ctx; - ecp_drbg_init( &drbg_ctx ); + ecp_drbg_init(&drbg_ctx); #endif - mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); + mbedtls_ecp_point_init(&RP); mbedtls_mpi_init(&PX); #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng == NULL ) - { - const size_t m_len = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) ); + if (f_rng == NULL) { + const size_t m_len = (grp->nbits + 7) / 8; + MBEDTLS_MPI_CHK(ecp_drbg_seed(&drbg_ctx, m, m_len)); f_rng = &ecp_drbg_random; p_rng = &drbg_ctx; } #endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */ /* Save PX and read from P before writing to R, in case P == R */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&PX, &P->X)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(&RP, P)); /* Set R to zero in modified x/z coordinates */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->X, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 0 ) ); - mbedtls_mpi_free( &R->Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&R->Z, 0)); + mbedtls_mpi_free(&R->Y); - /* RP.X might be sligtly larger than P, so reduce it */ - MOD_ADD( RP.X ); + /* RP.X might be slightly larger than P, so reduce it */ + MOD_ADD(RP.X); - /* Randomize coordinates of the starting point */ #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng != NULL ) + /* Derandomize coordinates of the starting point */ + if (f_rng == NULL) { + have_rng = 0; + } #endif - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, &RP, f_rng, p_rng)); + } /* Loop invariant: R = result so far, RP = R + P */ - i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */ - while( i-- > 0 ) - { - b = mbedtls_mpi_get_bit( m, i ); + i = grp->nbits + 1; /* one past the (zero-based) required msb for private keys */ + while (i-- > 0) { + b = mbedtls_mpi_get_bit(m, i); /* * if (b) R = 2R + P else R = 2R, * which is: @@ -2613,11 +2635,11 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * else double_add( R, RP, R, RP ) * but using safe conditional swaps to avoid leaks */ - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); - MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b)); + MBEDTLS_MPI_CHK(ecp_double_add_mxz(grp, R, &RP, R, &RP, &PX)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->X, &RP.X, b)); + MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_swap(&R->Z, &RP.Z, b)); } /* @@ -2631,21 +2653,26 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * * Avoid the leak by randomizing coordinates before we normalize them. */ + have_rng = 1; #if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( f_rng != NULL ) + if (f_rng == NULL) { + have_rng = 0; + } #endif - MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) ); + if (have_rng) { + MBEDTLS_MPI_CHK(ecp_randomize_mxz(grp, R, f_rng, p_rng)); + } - MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); + MBEDTLS_MPI_CHK(ecp_normalize_mxz(grp, R)); cleanup: #if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - ecp_drbg_free( &drbg_ctx ); + ecp_drbg_free(&drbg_ctx); #endif - mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX ); + mbedtls_ecp_point_free(&RP); mbedtls_mpi_free(&PX); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ @@ -2653,83 +2680,90 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, /* * Restartable multiplication R = m * P */ -int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_ecp_restart_ctx *rs_ctx ) +int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); #if defined(MBEDTLS_ECP_RESTARTABLE) /* reset ops count for this call if top-level */ - if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) + if (rs_ctx != NULL && rs_ctx->depth++ == 0) { rs_ctx->ops_done = 0; + } #else (void) rs_ctx; #endif #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) - MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); + if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) { + MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp)); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ + int restarting = 0; #if defined(MBEDTLS_ECP_RESTARTABLE) - /* skip argument check when restarting */ - if( rs_ctx == NULL || rs_ctx->rsm == NULL ) + restarting = (rs_ctx != NULL && rs_ctx->rsm != NULL); #endif - { + /* skip argument check when restarting */ + if (!restarting) { /* check_privkey is free */ - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_CHK); /* Common sanity checks */ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); } ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + MBEDTLS_MPI_CHK(ecp_mul_mxz(grp, R, m, P, f_rng, p_rng)); + } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(ecp_mul_comb(grp, R, m, P, f_rng, p_rng, rs_ctx)); + } #endif cleanup: #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( is_grp_capable ) - mbedtls_internal_ecp_free( grp ); + if (is_grp_capable) { + mbedtls_internal_ecp_free(grp); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL ) + if (rs_ctx != NULL) { rs_ctx->depth--; + } #endif - return( ret ); + return ret; } /* * Multiplication R = m * P */ -int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + return mbedtls_ecp_mul_restartable(grp, R, m, P, f_rng, p_rng, NULL); } #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) @@ -2737,48 +2771,47 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * Check that an affine point is valid as a public key, * short weierstrass curves (SEC1 3.2.3.1) */ -static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) +static int ecp_check_pubkey_sw(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi YY, RHS; /* pt coordinates must be normalized for our checks */ - if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 || - mbedtls_mpi_cmp_int( &pt->Y, 0 ) < 0 || - mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 || - mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0 || + mbedtls_mpi_cmp_int(&pt->Y, 0) < 0 || + mbedtls_mpi_cmp_mpi(&pt->X, &grp->P) >= 0 || + mbedtls_mpi_cmp_mpi(&pt->Y, &grp->P) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - mbedtls_mpi_init( &YY ); mbedtls_mpi_init( &RHS ); + mbedtls_mpi_init(&YY); mbedtls_mpi_init(&RHS); /* * YY = Y^2 * RHS = X (X^2 + A) + B = X^3 + A X + B */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &YY, &pt->Y, &pt->Y ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &pt->X, &pt->X ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &YY, &pt->Y, &pt->Y)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &pt->X, &pt->X)); /* Special case for A = -3 */ - if( grp->A.p == NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &RHS, &RHS, 3 ) ); MOD_SUB( RHS ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->A ) ); + if (grp->A.p == NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&RHS, &RHS, 3)); MOD_SUB(RHS); + } else { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS, &grp->A)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mod( grp, &RHS, &RHS, &pt->X ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mod( grp, &RHS, &RHS, &grp->B ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mod(grp, &RHS, &RHS, &pt->X)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mod(grp, &RHS, &RHS, &grp->B)); - if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 ) + if (mbedtls_mpi_cmp_mpi(&YY, &RHS) != 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; + } cleanup: - mbedtls_mpi_free( &YY ); mbedtls_mpi_free( &RHS ); + mbedtls_mpi_free(&YY); mbedtls_mpi_free(&RHS); - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -2787,36 +2820,33 @@ static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_ * R = m * P with shortcuts for m == 0, m == 1 and m == -1 * NOT constant-time - ONLY for short Weierstrass! */ -static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - const mbedtls_mpi *m, - const mbedtls_ecp_point *P, - mbedtls_ecp_restart_ctx *rs_ctx ) +static int mbedtls_ecp_mul_shortcuts(mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + const mbedtls_mpi *m, + const mbedtls_ecp_point *P, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( mbedtls_mpi_cmp_int( m, 0 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_set_zero( R ) ); - } - else if( mbedtls_mpi_cmp_int( m, 1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) ); - } - else if( mbedtls_mpi_cmp_int( m, -1 ) == 0 ) - { - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) ); - if( mbedtls_mpi_cmp_int( &R->Y, 0 ) != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &R->Y, &grp->P, &R->Y ) ); - } - else - { - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P, - NULL, NULL, rs_ctx ) ); + if (mbedtls_mpi_cmp_int(m, 0) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_set_zero(R)); + } else if (mbedtls_mpi_cmp_int(m, 1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P)); + } else if (mbedtls_mpi_cmp_int(m, -1) == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_pubkey(grp, P)); + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, P)); + if (mbedtls_mpi_cmp_int(&R->Y, 0) != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&R->Y, &grp->P, &R->Y)); + } + } else { + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_restartable(grp, R, m, P, + NULL, NULL, rs_ctx)); } cleanup: - return( ret ); + return ret; } /* @@ -2824,10 +2854,10 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, * NOT constant-time */ int mbedtls_ecp_muladd_restartable( - mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q, - mbedtls_ecp_restart_ctx *rs_ctx ) + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point mP; @@ -2836,107 +2866,116 @@ int mbedtls_ecp_muladd_restartable( #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( n != NULL ); - ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(n != NULL); + ECP_VALIDATE_RET(Q != NULL); - if( mbedtls_ecp_get_type( grp ) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + if (mbedtls_ecp_get_type(grp) != MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - mbedtls_ecp_point_init( &mP ); + mbedtls_ecp_point_init(&mP); - ECP_RS_ENTER( ma ); + ECP_RS_ENTER(ma); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) - { + if (rs_ctx != NULL && rs_ctx->ma != NULL) { /* redirect intermediate results to restart context */ pmP = &rs_ctx->ma->mP; pR = &rs_ctx->ma->R; /* jump to next operation */ - if( rs_ctx->ma->state == ecp_rsma_mul2 ) + if (rs_ctx->ma->state == ecp_rsma_mul2) { goto mul2; - if( rs_ctx->ma->state == ecp_rsma_add ) + } + if (rs_ctx->ma->state == ecp_rsma_add) { goto add; - if( rs_ctx->ma->state == ecp_rsma_norm ) + } + if (rs_ctx->ma->state == ecp_rsma_norm) { goto norm; + } } #endif /* MBEDTLS_ECP_RESTARTABLE */ - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pmP, m, P, rs_ctx)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_mul2; + } mul2: #endif - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR, n, Q, rs_ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul_shortcuts(grp, pR, n, Q, rs_ctx)); #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) - MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); + if ((is_grp_capable = mbedtls_internal_ecp_grp_capable(grp))) { + MBEDTLS_MPI_CHK(mbedtls_internal_ecp_init(grp)); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_add; + } add: #endif - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_ADD ); - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_ADD); + MBEDTLS_MPI_CHK(ecp_add_mixed(grp, pR, pmP, pR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) + if (rs_ctx != NULL && rs_ctx->ma != NULL) { rs_ctx->ma->state = ecp_rsma_norm; + } norm: #endif - MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) ); + MBEDTLS_ECP_BUDGET(MBEDTLS_ECP_OPS_INV); + MBEDTLS_MPI_CHK(ecp_normalize_jac(grp, pR)); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && rs_ctx->ma != NULL ) - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) ); + if (rs_ctx != NULL && rs_ctx->ma != NULL) { + MBEDTLS_MPI_CHK(mbedtls_ecp_copy(R, pR)); + } #endif cleanup: #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( is_grp_capable ) - mbedtls_internal_ecp_free( grp ); + if (is_grp_capable) { + mbedtls_internal_ecp_free(grp); + } #endif /* MBEDTLS_ECP_INTERNAL_ALT */ - mbedtls_ecp_point_free( &mP ); + mbedtls_ecp_point_free(&mP); - ECP_RS_LEAVE( ma ); + ECP_RS_LEAVE(ma); - return( ret ); + return ret; } /* * Linear combination * NOT constant-time */ -int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q ) +int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( R != NULL ); - ECP_VALIDATE_RET( m != NULL ); - ECP_VALIDATE_RET( P != NULL ); - ECP_VALIDATE_RET( n != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(R != NULL); + ECP_VALIDATE_RET(m != NULL); + ECP_VALIDATE_RET(P != NULL); + ECP_VALIDATE_RET(n != NULL); + ECP_VALIDATE_RET(Q != NULL); + return mbedtls_ecp_muladd_restartable(grp, R, m, P, n, Q, NULL); } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } #define ECP_MPI_INIT_ARRAY(x) \ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) /* @@ -2945,21 +2984,21 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * See ecp_check_pubkey_x25519(). */ static const mbedtls_mpi_uint x25519_bad_point_1[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a), + MBEDTLS_BYTES_TO_T_UINT_8(0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00), }; static const mbedtls_mpi_uint x25519_bad_point_2[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57), }; static const mbedtls_mpi ecp_x25519_bad_point_1 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_1 ); + x25519_bad_point_1); static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( - x25519_bad_point_2 ); + x25519_bad_point_2); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ /* @@ -2968,40 +3007,37 @@ static const mbedtls_mpi ecp_x25519_bad_point_2 = ECP_MPI_INIT_ARRAY( * https://eprint.iacr.org/2017/806.pdf * Those points are never sent by an honest peer. */ -static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, - const mbedtls_ecp_group_id grp_id ) +static int ecp_check_bad_points_mx(const mbedtls_mpi *X, const mbedtls_mpi *P, + const mbedtls_ecp_group_id grp_id) { int ret; mbedtls_mpi XmP; - mbedtls_mpi_init( &XmP ); + mbedtls_mpi_init(&XmP); /* Reduce X mod P so that we only need to check values less than P. * We know X < 2^256 so we can proceed by subtraction. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &XmP, X ) ); - while( mbedtls_mpi_cmp_mpi( &XmP, P ) >= 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &XmP, &XmP, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&XmP, X)); + while (mbedtls_mpi_cmp_mpi(&XmP, P) >= 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&XmP, &XmP, P)); + } /* Check against the known bad values that are less than P. For Curve448 * these are 0, 1 and -1. For Curve25519 we check the values less than P * from the following list: https://cr.yp.to/ecdh.html#validate */ - if( mbedtls_mpi_cmp_int( &XmP, 1 ) <= 0 ) /* takes care of 0 and 1 */ - { + if (mbedtls_mpi_cmp_int(&XmP, 1) <= 0) { /* takes care of 0 and 1 */ ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_1 ) == 0 ) - { + if (grp_id == MBEDTLS_ECP_DP_CURVE25519) { + if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_1) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } - if( mbedtls_mpi_cmp_mpi( &XmP, &ecp_x25519_bad_point_2 ) == 0 ) - { + if (mbedtls_mpi_cmp_mpi(&XmP, &ecp_x25519_bad_point_2) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } @@ -3011,9 +3047,8 @@ static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, #endif /* Final check: check if XmP + 1 is P (final because it changes XmP!) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &XmP, &XmP, 1 ) ); - if( mbedtls_mpi_cmp_mpi( &XmP, P ) == 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&XmP, &XmP, 1)); + if (mbedtls_mpi_cmp_mpi(&XmP, P) == 0) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; } @@ -3021,102 +3056,108 @@ static int ecp_check_bad_points_mx( const mbedtls_mpi *X, const mbedtls_mpi *P, ret = 0; cleanup: - mbedtls_mpi_free( &XmP ); + mbedtls_mpi_free(&XmP); - return( ret ); + return ret; } /* * Check validity of a public key for Montgomery curves with x-only schemes */ -static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) +static int ecp_check_pubkey_mx(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt) { /* [Curve25519 p. 5] Just check X is the correct number of bytes */ /* Allow any public value, if it's too big then we'll just reduce it mod p * (RFC 7748 sec. 5 para. 3). */ - if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_size(&pt->X) > (grp->nbits + 7) / 8) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } /* Implicit in all standards (as they don't consider negative numbers): * X must be non-negative. This is normally ensured by the way it's * encoded for transmission, but let's be extra sure. */ - if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->X, 0) < 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - return( ecp_check_bad_points_mx( &pt->X, &grp->P, grp->id ) ); + return ecp_check_bad_points_mx(&pt->X, &grp->P, grp->id); } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ /* * Check that a point is valid as a public key */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, - const mbedtls_ecp_point *pt ) +int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(pt != NULL); /* Must use affine coordinates */ - if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_cmp_int(&pt->Z, 1) != 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return( ecp_check_pubkey_mx( grp, pt ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return ecp_check_pubkey_mx(grp, pt); + } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( ecp_check_pubkey_sw( grp, pt ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return ecp_check_pubkey_sw(grp, pt); + } #endif - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Check that an mbedtls_mpi is valid as a private key */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, - const mbedtls_mpi *d ) +int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp, + const mbedtls_mpi *d) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { /* see RFC 7748 sec. 5 para. 5 */ - if( mbedtls_mpi_get_bit( d, 0 ) != 0 || - mbedtls_mpi_get_bit( d, 1 ) != 0 || - mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */ - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (mbedtls_mpi_get_bit(d, 0) != 0 || + mbedtls_mpi_get_bit(d, 1) != 0 || + mbedtls_mpi_bitlen(d) - 1 != grp->nbits) { /* mbedtls_mpi_bitlen is one-based! */ + return MBEDTLS_ERR_ECP_INVALID_KEY; + } /* see [Curve25519] page 5 */ - if( grp->nbits == 254 && mbedtls_mpi_get_bit( d, 2 ) != 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); + if (grp->nbits == 254 && mbedtls_mpi_get_bit(d, 2) != 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { /* see SEC1 3.2 */ - if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || - mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ) - return( MBEDTLS_ERR_ECP_INVALID_KEY ); - else - return( 0 ); + if (mbedtls_mpi_cmp_int(d, 1) < 0 || + mbedtls_mpi_cmp_mpi(d, &grp->N) >= 0) { + return MBEDTLS_ERR_ECP_INVALID_KEY; + } else { + return 0; + } } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) MBEDTLS_STATIC_TESTABLE -int mbedtls_ecp_gen_privkey_mx( size_t high_bit, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_privkey_mx(size_t high_bit, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; size_t n_random_bytes = high_bit / 8 + 1; @@ -3125,38 +3166,36 @@ int mbedtls_ecp_gen_privkey_mx( size_t high_bit, /* Generate a (high_bit+1)-bit random number by generating just enough * random bytes, then shifting out extra bits from the top (necessary * when (high_bit+1) is not a multiple of 8). */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_random_bytes, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_random_bytes - high_bit - 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(d, n_random_bytes, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(d, 8 * n_random_bytes - high_bit - 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, high_bit, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, high_bit, 1)); /* Make sure the last two bits are unset for Curve448, three bits for Curve25519 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) ); - if( high_bit == 254 ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 0, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 1, 0)); + if (high_bit == 254) { + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(d, 2, 0)); } cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) static int mbedtls_ecp_gen_privkey_sw( const mbedtls_mpi *N, mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - int ret = mbedtls_mpi_random( d, 1, N, f_rng, p_rng ); - switch( ret ) - { + int ret = mbedtls_mpi_random(d, 1, N, f_rng, p_rng); + switch (ret) { case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); + return MBEDTLS_ERR_ECP_RANDOM_FAILED; default: - return( ret ); + return ret; } } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ @@ -3164,233 +3203,232 @@ static int mbedtls_ecp_gen_privkey_sw( /* * Generate a private key */ -int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(f_rng != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - return( mbedtls_ecp_gen_privkey_mx( grp->nbits, d, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + return mbedtls_ecp_gen_privkey_mx(grp->nbits, d, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - return( mbedtls_ecp_gen_privkey_sw( &grp->N, d, f_rng, p_rng ) ); + if (mbedtls_ecp_get_type(grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + return mbedtls_ecp_gen_privkey_sw(&grp->N, d, f_rng, p_rng); + } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } /* * Generate a keypair with configurable base point */ -int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( G != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(G != NULL); + ECP_VALIDATE_RET(Q != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_gen_privkey(grp, d, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, Q, d, G, f_rng, p_rng)); cleanup: - return( ret ); + return ret; } /* * Generate key pair, wrapper for conventional base point */ -int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { - ECP_VALIDATE_RET( grp != NULL ); - ECP_VALIDATE_RET( d != NULL ); - ECP_VALIDATE_RET( Q != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(grp != NULL); + ECP_VALIDATE_RET(d != NULL); + ECP_VALIDATE_RET(Q != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair_base(grp, &grp->G, d, Q, f_rng, p_rng); } /* * Generate a keypair, prettier wrapper */ -int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( f_rng != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(f_rng != NULL); - if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) { + return ret; + } - return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) ); + return mbedtls_ecp_gen_keypair(&key->grp, &key->d, &key->Q, f_rng, p_rng); } #define ECP_CURVE25519_KEY_SIZE 32 /* * Read a private key. */ -int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - const unsigned char *buf, size_t buflen ) +int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + const unsigned char *buf, size_t buflen) { int ret = 0; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(buf != NULL); - if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) { + return ret; + } ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { /* * If it is Curve25519 curve then mask the key as mandated by RFC7748 */ - if( grp_id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( buflen != ECP_CURVE25519_KEY_SIZE ) + if (grp_id == MBEDTLS_ECP_DP_CURVE25519) { + if (buflen != ECP_CURVE25519_KEY_SIZE) { return MBEDTLS_ERR_ECP_INVALID_KEY; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary_le( &key->d, buf, buflen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary_le(&key->d, buf, buflen)); /* Set the three least significant bits to 0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 0, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 1, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &key->d, 2, 0 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 0, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 1, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&key->d, 2, 0)); /* Set the most significant bit to 0 */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( &key->d, - ECP_CURVE25519_KEY_SIZE * 8 - 1, 0 ) - ); + mbedtls_mpi_set_bit(&key->d, + ECP_CURVE25519_KEY_SIZE * 8 - 1, 0) + ); /* Set the second most significant bit to 1 */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( &key->d, - ECP_CURVE25519_KEY_SIZE * 8 - 2, 1 ) - ); - } - else + mbedtls_mpi_set_bit(&key->d, + ECP_CURVE25519_KEY_SIZE * 8 - 2, 1) + ); + } else { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &key->d, buf, buflen ) ); + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen)); - MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( &key->grp, &key->d ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); } #endif cleanup: - if( ret != 0 ) - mbedtls_mpi_free( &key->d ); + if (ret != 0) { + mbedtls_mpi_free(&key->d); + } - return( ret ); + return ret; } /* * Write a private key. */ -int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key, - unsigned char *buf, size_t buflen ) +int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, + unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; - ECP_VALIDATE_RET( key != NULL ); - ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET(key != NULL); + ECP_VALIDATE_RET(buf != NULL); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - if( key->grp.id == MBEDTLS_ECP_DP_CURVE25519 ) - { - if( buflen < ECP_CURVE25519_KEY_SIZE ) + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + if (key->grp.id == MBEDTLS_ECP_DP_CURVE25519) { + if (buflen < ECP_CURVE25519_KEY_SIZE) { return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary_le( &key->d, buf, buflen ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary_le(&key->d, buf, buflen)); + } else { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } } #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) - if( mbedtls_ecp_get_type( &key->grp ) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &key->d, buf, buflen ) ); + if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&key->d, buf, buflen)); } #endif cleanup: - return( ret ); + return ret; } /* * Check a public-private key pair */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ) +int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_point Q; mbedtls_ecp_group grp; - ECP_VALIDATE_RET( pub != NULL ); - ECP_VALIDATE_RET( prv != NULL ); + ECP_VALIDATE_RET(pub != NULL); + ECP_VALIDATE_RET(prv != NULL); - if( pub->grp.id == MBEDTLS_ECP_DP_NONE || + if (pub->grp.id == MBEDTLS_ECP_DP_NONE || pub->grp.id != prv->grp.id || - mbedtls_mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) || - mbedtls_mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) || - mbedtls_mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) ) - { - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + mbedtls_mpi_cmp_mpi(&pub->Q.X, &prv->Q.X) || + mbedtls_mpi_cmp_mpi(&pub->Q.Y, &prv->Q.Y) || + mbedtls_mpi_cmp_mpi(&pub->Q.Z, &prv->Q.Z)) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - mbedtls_ecp_point_init( &Q ); - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_point_init(&Q); + mbedtls_ecp_group_init(&grp); /* mbedtls_ecp_mul() needs a non-const group... */ - mbedtls_ecp_group_copy( &grp, &prv->grp ); + mbedtls_ecp_group_copy(&grp, &prv->grp); /* Also checks d is valid */ - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &Q, &prv->d, &prv->grp.G, NULL, NULL)); - if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) || - mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) || - mbedtls_mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) ) - { + if (mbedtls_mpi_cmp_mpi(&Q.X, &prv->Q.X) || + mbedtls_mpi_cmp_mpi(&Q.Y, &prv->Q.Y) || + mbedtls_mpi_cmp_mpi(&Q.Z, &prv->Q.Z)) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } cleanup: - mbedtls_ecp_point_free( &Q ); - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_point_free(&Q); + mbedtls_ecp_group_free(&grp); - return( ret ); + return ret; } #if defined(MBEDTLS_SELF_TEST) @@ -3398,26 +3436,25 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ec /* Adjust the exponent to be a valid private point for the specified curve. * This is sometimes necessary because we use a single set of exponents * for all curves but the validity of values depends on the curve. */ -static int self_test_adjust_exponent( const mbedtls_ecp_group *grp, - mbedtls_mpi *m ) +static int self_test_adjust_exponent(const mbedtls_ecp_group *grp, + mbedtls_mpi *m) { int ret = 0; - switch( grp->id ) - { - /* If Curve25519 is available, then that's what we use for the - * Montgomery test, so we don't need the adjustment code. */ -#if ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + switch (grp->id) { + /* If Curve25519 is available, then that's what we use for the + * Montgomery test, so we don't need the adjustment code. */ +#if !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) case MBEDTLS_ECP_DP_CURVE448: /* Move highest bit from 254 to N-1. Setting bit N-1 is * necessary to enforce the highest-bit-set constraint. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, 254, 0 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( m, grp->nbits, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, 254, 0)); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(m, grp->nbits, 1)); /* Copy second-highest bit from 253 to N-2. This is not * necessary but improves the test variety a bit. */ MBEDTLS_MPI_CHK( - mbedtls_mpi_set_bit( m, grp->nbits - 1, - mbedtls_mpi_get_bit( m, 253 ) ) ); + mbedtls_mpi_set_bit(m, grp->nbits - 1, + mbedtls_mpi_get_bit(m, 253))); break; #endif #endif /* ! defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) */ @@ -3428,18 +3465,18 @@ static int self_test_adjust_exponent( const mbedtls_ecp_group *grp, goto cleanup; } cleanup: - return( ret ); + return ret; } /* Calculate R = m.P for each m in exponents. Check that the number of * basic operations doesn't depend on the value of m. */ -static int self_test_point( int verbose, - mbedtls_ecp_group *grp, - mbedtls_ecp_point *R, - mbedtls_mpi *m, - const mbedtls_ecp_point *P, - const char *const *exponents, - size_t n_exponents ) +static int self_test_point(int verbose, + mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + mbedtls_mpi *m, + const mbedtls_ecp_point *P, + const char *const *exponents, + size_t n_exponents) { int ret = 0; size_t i = 0; @@ -3448,12 +3485,11 @@ static int self_test_point( int verbose, dbl_count = 0; mul_count = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) ); - MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[0])); + MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL)); - for( i = 1; i < n_exponents; i++ ) - { + for (i = 1; i < n_exponents; i++) { add_c_prev = add_count; dbl_c_prev = dbl_count; mul_c_prev = mul_count; @@ -3461,34 +3497,33 @@ static int self_test_point( int verbose, dbl_count = 0; mul_count = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) ); - MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(m, 16, exponents[i])); + MBEDTLS_MPI_CHK(self_test_adjust_exponent(grp, m)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(grp, R, m, P, NULL, NULL)); - if( add_count != add_c_prev || + if (add_count != add_c_prev || dbl_count != dbl_c_prev || - mul_count != mul_c_prev ) - { + mul_count != mul_c_prev) { ret = 1; break; } } cleanup: - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed (%u)\n", (unsigned int) i ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed (%u)\n", (unsigned int) i); + } else { + mbedtls_printf("passed\n"); + } } - return( ret ); + return ret; } /* * Checkup routine */ -int mbedtls_ecp_self_test( int verbose ) +int mbedtls_ecp_self_test(int verbose) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; @@ -3524,77 +3559,85 @@ int mbedtls_ecp_self_test( int verbose ) }; #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &m ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&m); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* Use secp192r1 if available, or any available curve */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP192R1)); #else - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, mbedtls_ecp_curve_list()->grp_id)); #endif - if( verbose != 0 ) - mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " ); + if (verbose != 0) { + mbedtls_printf(" ECP SW test #1 (constant op_count, base point G): "); + } /* Do a dummy multiplication first to trigger precomputation */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) ); - ret = self_test_point( verbose, - &grp, &R, &m, &grp.G, - sw_exponents, - sizeof( sw_exponents ) / sizeof( sw_exponents[0] )); - if( ret != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&m, 2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_mul(&grp, &P, &m, &grp.G, NULL, NULL)); + ret = self_test_point(verbose, + &grp, &R, &m, &grp.G, + sw_exponents, + sizeof(sw_exponents) / sizeof(sw_exponents[0])); + if (ret != 0) { goto cleanup; + } - if( verbose != 0 ) - mbedtls_printf( " ECP SW test #2 (constant op_count, other point): " ); + if (verbose != 0) { + mbedtls_printf(" ECP SW test #2 (constant op_count, other point): "); + } /* We computed P = 2G last time, use it */ - ret = self_test_point( verbose, - &grp, &R, &m, &P, - sw_exponents, - sizeof( sw_exponents ) / sizeof( sw_exponents[0] )); - if( ret != 0 ) + ret = self_test_point(verbose, + &grp, &R, &m, &P, + sw_exponents, + sizeof(sw_exponents) / sizeof(sw_exponents[0])); + if (ret != 0) { goto cleanup; + } - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) - if( verbose != 0 ) - mbedtls_printf( " ECP Montgomery test (constant op_count): " ); + if (verbose != 0) { + mbedtls_printf(" ECP Montgomery test (constant op_count): "); + } #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE25519 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE25519)); #elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_CURVE448 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_CURVE448)); #else #error "MBEDTLS_ECP_MONTGOMERY_ENABLED is defined, but no curve is supported for self-test" #endif - ret = self_test_point( verbose, - &grp, &R, &m, &grp.G, - m_exponents, - sizeof( m_exponents ) / sizeof( m_exponents[0] )); - if( ret != 0 ) + ret = self_test_point(verbose, + &grp, &R, &m, &grp.G, + m_exponents, + sizeof(m_exponents) / sizeof(m_exponents[0])); + if (ret != 0) { goto cleanup; + } #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ cleanup: - if( ret < 0 && verbose != 0 ) - mbedtls_printf( "Unexpected error, return code = %08X\n", (unsigned int) ret ); + if (ret < 0 && verbose != 0) { + mbedtls_printf("Unexpected error, return code = %08X\n", (unsigned int) ret); + } - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &m ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&m); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/ecp_curves.c b/third_party/mbedtls/repo/library/ecp_curves.c index ff26a18e8fc..c7565cce5dc 100644 --- a/third_party/mbedtls/repo/library/ecp_curves.c +++ b/third_party/mbedtls/repo/library/ecp_curves.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -33,17 +21,12 @@ #if !defined(MBEDTLS_ECP_ALT) /* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) -#define ECP_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif +#define ECP_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECP_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define ECP_MPI_INIT(s, n, p) {s, (n), (mbedtls_mpi_uint *)(p)} +#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } #define ECP_MPI_INIT_ARRAY(x) \ ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) @@ -58,29 +41,29 @@ */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) static const mbedtls_mpi_uint secp192r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp192r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64), }; static const mbedtls_mpi_uint secp192r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18), }; static const mbedtls_mpi_uint secp192r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07), }; static const mbedtls_mpi_uint secp192r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ @@ -89,34 +72,34 @@ static const mbedtls_mpi_uint secp192r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) static const mbedtls_mpi_uint secp224r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), }; static const mbedtls_mpi_uint secp224r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_4(0x85, 0x0A, 0x05, 0xB4), }; static const mbedtls_mpi_uint secp224r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_4(0xBD, 0x0C, 0x0E, 0xB7), }; static const mbedtls_mpi_uint secp224r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_4(0x88, 0x63, 0x37, 0xBD), }; static const mbedtls_mpi_uint secp224r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ @@ -125,34 +108,34 @@ static const mbedtls_mpi_uint secp224r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) static const mbedtls_mpi_uint secp256r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp256r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A), }; static const mbedtls_mpi_uint secp256r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B), }; static const mbedtls_mpi_uint secp256r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F), }; static const mbedtls_mpi_uint secp256r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ @@ -161,44 +144,44 @@ static const mbedtls_mpi_uint secp256r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) static const mbedtls_mpi_uint secp384r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp384r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3), }; static const mbedtls_mpi_uint secp384r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA), }; static const mbedtls_mpi_uint secp384r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36), }; static const mbedtls_mpi_uint secp384r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ @@ -207,154 +190,154 @@ static const mbedtls_mpi_uint secp384r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) static const mbedtls_mpi_uint secp521r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), }; static const mbedtls_mpi_uint secp521r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0x51, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95), + MBEDTLS_BYTES_TO_T_UINT_2(0x51, 0x00), }; static const mbedtls_mpi_uint secp521r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xC6, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85), + MBEDTLS_BYTES_TO_T_UINT_2(0xC6, 0x00), }; static const mbedtls_mpi_uint secp521r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ), - MBEDTLS_BYTES_TO_T_UINT_2( 0x18, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39), + MBEDTLS_BYTES_TO_T_UINT_2(0x18, 0x01), }; static const mbedtls_mpi_uint secp521r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_2( 0xFF, 0x01 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), }; #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) static const mbedtls_mpi_uint secp192k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp192k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp192k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x03, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x03, 0x00), }; static const mbedtls_mpi_uint secp192k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB), }; static const mbedtls_mpi_uint secp192k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B), }; static const mbedtls_mpi_uint secp192k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) static const mbedtls_mpi_uint secp224k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp224k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp224k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x05, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x05, 0x00), }; static const mbedtls_mpi_uint secp224k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ), - MBEDTLS_BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_4(0x33, 0x5B, 0x45, 0xA1), }; static const mbedtls_mpi_uint secp224k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_4(0xED, 0x9F, 0x08, 0x7E), }; static const mbedtls_mpi_uint secp224k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00), }; #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) static const mbedtls_mpi_uint secp256k1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; static const mbedtls_mpi_uint secp256k1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x00, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), }; static const mbedtls_mpi_uint secp256k1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_2( 0x07, 0x00 ), + MBEDTLS_BYTES_TO_T_UINT_2(0x07, 0x00), }; static const mbedtls_mpi_uint secp256k1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79), }; static const mbedtls_mpi_uint secp256k1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48), }; static const mbedtls_mpi_uint secp256k1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), }; #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ @@ -363,40 +346,40 @@ static const mbedtls_mpi_uint secp256k1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) static const mbedtls_mpi_uint brainpoolP256r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), }; static const mbedtls_mpi_uint brainpoolP256r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D), }; static const mbedtls_mpi_uint brainpoolP256r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26), }; static const mbedtls_mpi_uint brainpoolP256r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B), }; static const mbedtls_mpi_uint brainpoolP256r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54), }; static const mbedtls_mpi_uint brainpoolP256r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), }; #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ @@ -405,52 +388,52 @@ static const mbedtls_mpi_uint brainpoolP256r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) static const mbedtls_mpi_uint brainpoolP384r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), }; static const mbedtls_mpi_uint brainpoolP384r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B), }; static const mbedtls_mpi_uint brainpoolP384r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), }; static const mbedtls_mpi_uint brainpoolP384r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D), }; static const mbedtls_mpi_uint brainpoolP384r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A), }; static const mbedtls_mpi_uint brainpoolP384r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), }; #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ @@ -459,64 +442,64 @@ static const mbedtls_mpi_uint brainpoolP384r1_n[] = { */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) static const mbedtls_mpi_uint brainpoolP512r1_p[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), }; static const mbedtls_mpi_uint brainpoolP512r1_a[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78), }; static const mbedtls_mpi_uint brainpoolP512r1_b[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D), }; static const mbedtls_mpi_uint brainpoolP512r1_gx[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81), }; static const mbedtls_mpi_uint brainpoolP512r1_gy[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D), }; static const mbedtls_mpi_uint brainpoolP512r1_n[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ), - MBEDTLS_BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), }; #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ @@ -538,19 +521,19 @@ static const mbedtls_mpi_uint brainpoolP512r1_n[] = { #if defined(ECP_LOAD_GROUP) /* * Create an MPI from embedded constants - * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint) + * (assumes len is an exact multiple of sizeof(mbedtls_mpi_uint)) */ -static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len ) +static inline void ecp_mpi_load(mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len) { X->s = 1; - X->n = len / sizeof( mbedtls_mpi_uint ); + X->n = len / sizeof(mbedtls_mpi_uint); X->p = (mbedtls_mpi_uint *) p; } /* * Set an MPI to static value 1 */ -static inline void ecp_mpi_set1( mbedtls_mpi *X ) +static inline void ecp_mpi_set1(mbedtls_mpi *X) { static mbedtls_mpi_uint one[] = { 1 }; X->s = 1; @@ -561,89 +544,90 @@ static inline void ecp_mpi_set1( mbedtls_mpi *X ) /* * Make group available from embedded constants */ -static int ecp_group_load( mbedtls_ecp_group *grp, - const mbedtls_mpi_uint *p, size_t plen, - const mbedtls_mpi_uint *a, size_t alen, - const mbedtls_mpi_uint *b, size_t blen, - const mbedtls_mpi_uint *gx, size_t gxlen, - const mbedtls_mpi_uint *gy, size_t gylen, - const mbedtls_mpi_uint *n, size_t nlen) +static int ecp_group_load(mbedtls_ecp_group *grp, + const mbedtls_mpi_uint *p, size_t plen, + const mbedtls_mpi_uint *a, size_t alen, + const mbedtls_mpi_uint *b, size_t blen, + const mbedtls_mpi_uint *gx, size_t gxlen, + const mbedtls_mpi_uint *gy, size_t gylen, + const mbedtls_mpi_uint *n, size_t nlen) { - ecp_mpi_load( &grp->P, p, plen ); - if( a != NULL ) - ecp_mpi_load( &grp->A, a, alen ); - ecp_mpi_load( &grp->B, b, blen ); - ecp_mpi_load( &grp->N, n, nlen ); + ecp_mpi_load(&grp->P, p, plen); + if (a != NULL) { + ecp_mpi_load(&grp->A, a, alen); + } + ecp_mpi_load(&grp->B, b, blen); + ecp_mpi_load(&grp->N, n, nlen); - ecp_mpi_load( &grp->G.X, gx, gxlen ); - ecp_mpi_load( &grp->G.Y, gy, gylen ); - ecp_mpi_set1( &grp->G.Z ); + ecp_mpi_load(&grp->G.X, gx, gxlen); + ecp_mpi_load(&grp->G.Y, gy, gylen); + ecp_mpi_set1(&grp->G.Z); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); - grp->nbits = mbedtls_mpi_bitlen( &grp->N ); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); + grp->nbits = mbedtls_mpi_bitlen(&grp->N); grp->h = 1; - return( 0 ); + return 0; } #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_NIST_OPTIM) /* Forward declarations */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -static int ecp_mod_p192( mbedtls_mpi * ); +static int ecp_mod_p192(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -static int ecp_mod_p224( mbedtls_mpi * ); +static int ecp_mod_p224(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -static int ecp_mod_p256( mbedtls_mpi * ); +static int ecp_mod_p256(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -static int ecp_mod_p384( mbedtls_mpi * ); +static int ecp_mod_p384(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -static int ecp_mod_p521( mbedtls_mpi * ); +static int ecp_mod_p521(mbedtls_mpi *); #endif -#define NIST_MODP( P ) grp->modp = ecp_mod_ ## P; +#define NIST_MODP(P) grp->modp = ecp_mod_ ## P; #else -#define NIST_MODP( P ) +#define NIST_MODP(P) #endif /* MBEDTLS_ECP_NIST_OPTIM */ /* Additional forward declarations */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -static int ecp_mod_p255( mbedtls_mpi * ); +static int ecp_mod_p255(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) -static int ecp_mod_p448( mbedtls_mpi * ); +static int ecp_mod_p448(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -static int ecp_mod_p192k1( mbedtls_mpi * ); +static int ecp_mod_p192k1(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -static int ecp_mod_p224k1( mbedtls_mpi * ); +static int ecp_mod_p224k1(mbedtls_mpi *); #endif #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -static int ecp_mod_p256k1( mbedtls_mpi * ); +static int ecp_mod_p256k1(mbedtls_mpi *); #endif #if defined(ECP_LOAD_GROUP) -#define LOAD_GROUP_A( G ) ecp_group_load( grp, \ - G ## _p, sizeof( G ## _p ), \ - G ## _a, sizeof( G ## _a ), \ - G ## _b, sizeof( G ## _b ), \ - G ## _gx, sizeof( G ## _gx ), \ - G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) - -#define LOAD_GROUP( G ) ecp_group_load( grp, \ - G ## _p, sizeof( G ## _p ), \ - NULL, 0, \ - G ## _b, sizeof( G ## _b ), \ - G ## _gx, sizeof( G ## _gx ), \ - G ## _gy, sizeof( G ## _gy ), \ - G ## _n, sizeof( G ## _n ) ) +#define LOAD_GROUP_A(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + G ## _a, sizeof(G ## _a), \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n)) + +#define LOAD_GROUP(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + NULL, 0, \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n)) #endif /* ECP_LOAD_GROUP */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) @@ -657,38 +641,39 @@ static const unsigned char curve25519_part_of_n[] = { /* * Specialized function for creating the Curve25519 group */ -static int ecp_use_curve25519( mbedtls_ecp_group *grp ) +static int ecp_use_curve25519(mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve25519_a24 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve25519_a24)); /* P = 2^255 - 19 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 255 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 19 ) ); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 255)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 19)); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); /* N = 2^252 + 27742317777372353535851937790883648493 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &grp->N, - curve25519_part_of_n, sizeof( curve25519_part_of_n ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 252, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&grp->N, + curve25519_part_of_n, sizeof(curve25519_part_of_n))); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 252, 1)); /* Y intentionally not set, since we use x/z coordinates. * This is used as a marker to identify Montgomery curves! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 9 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) ); - mbedtls_mpi_free( &grp->G.Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 9)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); /* Actually, the required msb for private keys */ grp->nbits = 254; cleanup: - if( ret != 0 ) - mbedtls_ecp_group_free( grp ); + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ @@ -705,138 +690,140 @@ static const unsigned char curve448_part_of_n[] = { /* * Specialized function for creating the Curve448 group */ -static int ecp_use_curve448( mbedtls_ecp_group *grp ) +static int ecp_use_curve448(mbedtls_ecp_group *grp) { mbedtls_mpi Ns; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_mpi_init( &Ns ); + mbedtls_mpi_init(&Ns); /* Actually ( A + 2 ) / 4 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->A, curve448_a24 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve448_a24)); /* P = 2^448 - 2^224 - 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 1 ) ); - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&grp->P, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&grp->P, &grp->P, 1)); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); /* Y intentionally not set, since we use x/z coordinates. * This is used as a marker to identify Montgomery curves! */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 5 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) ); - mbedtls_mpi_free( &grp->G.Y ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 5)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); /* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( &grp->N, 446, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &Ns, - curve448_part_of_n, sizeof( curve448_part_of_n ) ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &grp->N, &grp->N, &Ns ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(&grp->N, 446, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&Ns, + curve448_part_of_n, sizeof(curve448_part_of_n))); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&grp->N, &grp->N, &Ns)); /* Actually, the required msb for private keys */ grp->nbits = 447; cleanup: - mbedtls_mpi_free( &Ns ); - if( ret != 0 ) - mbedtls_ecp_group_free( grp ); + mbedtls_mpi_free(&Ns); + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ /* * Set a group using well-known domain parameters */ -int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) +int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id) { - ECP_VALIDATE_RET( grp != NULL ); - mbedtls_ecp_group_free( grp ); + ECP_VALIDATE_RET(grp != NULL); + mbedtls_ecp_group_free(grp); + + mbedtls_ecp_group_init(grp); grp->id = id; - switch( id ) - { + switch (id) { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) case MBEDTLS_ECP_DP_SECP192R1: - NIST_MODP( p192 ); - return( LOAD_GROUP( secp192r1 ) ); + NIST_MODP(p192); + return LOAD_GROUP(secp192r1); #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) case MBEDTLS_ECP_DP_SECP224R1: - NIST_MODP( p224 ); - return( LOAD_GROUP( secp224r1 ) ); + NIST_MODP(p224); + return LOAD_GROUP(secp224r1); #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) case MBEDTLS_ECP_DP_SECP256R1: - NIST_MODP( p256 ); - return( LOAD_GROUP( secp256r1 ) ); + NIST_MODP(p256); + return LOAD_GROUP(secp256r1); #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) case MBEDTLS_ECP_DP_SECP384R1: - NIST_MODP( p384 ); - return( LOAD_GROUP( secp384r1 ) ); + NIST_MODP(p384); + return LOAD_GROUP(secp384r1); #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) case MBEDTLS_ECP_DP_SECP521R1: - NIST_MODP( p521 ); - return( LOAD_GROUP( secp521r1 ) ); + NIST_MODP(p521); + return LOAD_GROUP(secp521r1); #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) case MBEDTLS_ECP_DP_SECP192K1: grp->modp = ecp_mod_p192k1; - return( LOAD_GROUP_A( secp192k1 ) ); + return LOAD_GROUP_A(secp192k1); #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) case MBEDTLS_ECP_DP_SECP224K1: grp->modp = ecp_mod_p224k1; - return( LOAD_GROUP_A( secp224k1 ) ); + return LOAD_GROUP_A(secp224k1); #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) case MBEDTLS_ECP_DP_SECP256K1: grp->modp = ecp_mod_p256k1; - return( LOAD_GROUP_A( secp256k1 ) ); + return LOAD_GROUP_A(secp256k1); #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) case MBEDTLS_ECP_DP_BP256R1: - return( LOAD_GROUP_A( brainpoolP256r1 ) ); + return LOAD_GROUP_A(brainpoolP256r1); #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) case MBEDTLS_ECP_DP_BP384R1: - return( LOAD_GROUP_A( brainpoolP384r1 ) ); + return LOAD_GROUP_A(brainpoolP384r1); #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) case MBEDTLS_ECP_DP_BP512R1: - return( LOAD_GROUP_A( brainpoolP512r1 ) ); + return LOAD_GROUP_A(brainpoolP512r1); #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) case MBEDTLS_ECP_DP_CURVE25519: grp->modp = ecp_mod_p255; - return( ecp_use_curve25519( grp ) ); + return ecp_use_curve25519(grp); #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) case MBEDTLS_ECP_DP_CURVE448: grp->modp = ecp_mod_p448; - return( ecp_use_curve448( grp ) ); + return ecp_use_curve448(grp); #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ default: grp->id = MBEDTLS_ECP_DP_NONE; - return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; } } @@ -865,56 +852,54 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) */ /* Add 64-bit chunks (dst += src) and update carry */ -static inline void add64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry ) +static inline void add64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry) { unsigned char i; mbedtls_mpi_uint c = 0; - for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++, src++ ) - { - *dst += c; c = ( *dst < c ); - *dst += *src; c += ( *dst < *src ); + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++, src++) { + *dst += c; c = (*dst < c); + *dst += *src; c += (*dst < *src); } *carry += c; } /* Add carry to a 64-bit chunk and update carry */ -static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry ) +static inline void carry64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry) { unsigned char i; - for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++ ) - { + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++) { *dst += *carry; - *carry = ( *dst < *carry ); + *carry = (*dst < *carry); } } -#define WIDTH 8 / sizeof( mbedtls_mpi_uint ) -#define A( i ) N->p + (i) * WIDTH -#define ADD( i ) add64( p, A( i ), &c ) -#define NEXT p += WIDTH; carry64( p, &c ) -#define LAST p += WIDTH; *p = c; while( ++p < end ) *p = 0 +#define WIDTH 8 / sizeof(mbedtls_mpi_uint) +#define A(i) N->p + (i) * WIDTH +#define ADD(i) add64(p, A(i), &c) +#define NEXT p += WIDTH; carry64(p, &c) +#define LAST p += WIDTH; *p = c; while (++p < end) *p = 0 /* * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1) */ -static int ecp_mod_p192( mbedtls_mpi *N ) +static int ecp_mod_p192(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi_uint c = 0; mbedtls_mpi_uint *p, *end; /* Make sure we have enough blocks so that A(5) is legal */ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, 6 * WIDTH)); p = N->p; end = p + N->n; - ADD( 3 ); ADD( 5 ); NEXT; // A0 += A3 + A5 - ADD( 3 ); ADD( 4 ); ADD( 5 ); NEXT; // A1 += A3 + A4 + A5 - ADD( 4 ); ADD( 5 ); LAST; // A2 += A4 + A5 + ADD(3); ADD(5); NEXT; // A0 += A3 + A5 + ADD(3); ADD(4); ADD(5); NEXT; // A1 += A3 + A4 + A5 + ADD(4); ADD(5); LAST; // A2 += A4 + A5 cleanup: - return( ret ); + return ret; } #undef WIDTH @@ -943,21 +928,21 @@ static int ecp_mod_p192( mbedtls_mpi *N ) * * While at it, also define the size of N in terms of 32-bit chunks. */ -#define LOAD32 cur = A( i ); +#define LOAD32 cur = A(i); #if defined(MBEDTLS_HAVE_INT32) /* 32 bit */ #define MAX32 N->n -#define A( j ) N->p[j] +#define A(j) N->p[j] #define STORE32 N->p[i] = cur; #else /* 64-bit */ #define MAX32 N->n * 2 -#define A( j ) (j) % 2 ? (uint32_t)( N->p[(j)/2] >> 32 ) : \ - (uint32_t)( N->p[(j)/2] ) +#define A(j) (j) % 2 ? (uint32_t) (N->p[(j)/2] >> 32) : \ + (uint32_t) (N->p[(j)/2]) #define STORE32 \ - if( i % 2 ) { \ + if (i % 2) { \ N->p[i/2] &= 0x00000000FFFFFFFF; \ N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32; \ } else { \ @@ -970,20 +955,20 @@ static int ecp_mod_p192( mbedtls_mpi *N ) /* * Helpers for addition and subtraction of chunks, with signed carry. */ -static inline void add32( uint32_t *dst, uint32_t src, signed char *carry ) +static inline void add32(uint32_t *dst, uint32_t src, signed char *carry) { *dst += src; - *carry += ( *dst < src ); + *carry += (*dst < src); } -static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) +static inline void sub32(uint32_t *dst, uint32_t src, signed char *carry) { - *carry -= ( *dst < src ); + *carry -= (*dst < src); *dst -= src; } -#define ADD( j ) add32( &cur, A( j ), &c ); -#define SUB( j ) sub32( &cur, A( j ), &c ); +#define ADD(j) add32(&cur, A(j), &c); +#define SUB(j) sub32(&cur, A(j), &c); #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ @@ -991,83 +976,83 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) /* * Helpers for the main 'loop' */ -#define INIT( b ) \ +#define INIT(b) \ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; \ signed char c = 0, cc; \ uint32_t cur; \ size_t i = 0, bits = (b); \ /* N is the size of the product of two b-bit numbers, plus one */ \ /* limb for fix_negative */ \ - MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, ( b ) * 2 / biL + 1 ) ); \ + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, (b) * 2 / biL + 1)); \ LOAD32; #define NEXT \ STORE32; i++; LOAD32; \ cc = c; c = 0; \ - if( cc < 0 ) \ - sub32( &cur, -cc, &c ); \ + if (cc < 0) \ + sub32(&cur, -cc, &c); \ else \ - add32( &cur, cc, &c ); \ + add32(&cur, cc, &c); \ #define LAST \ STORE32; i++; \ cur = c > 0 ? c : 0; STORE32; \ - cur = 0; while( ++i < MAX32 ) { STORE32; } \ - if( c < 0 ) mbedtls_ecp_fix_negative( N, c, bits ); + cur = 0; while (++i < MAX32) { STORE32; } \ + if (c < 0) mbedtls_ecp_fix_negative(N, c, bits); /* * If the result is negative, we get it in the form * c * 2^bits + N, with c negative and N positive shorter than 'bits' */ MBEDTLS_STATIC_TESTABLE -void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ) +void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits) { size_t i; /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so * set the absolute value to 0xfff...fff - N. There is no carry * since we're subtracting from all-bits-one. */ - for( i = 0; i <= bits / 8 / sizeof( mbedtls_mpi_uint ); i++ ) - { - N->p[i] = ~(mbedtls_mpi_uint)0 - N->p[i]; + for (i = 0; i <= bits / 8 / sizeof(mbedtls_mpi_uint); i++) { + N->p[i] = ~(mbedtls_mpi_uint) 0 - N->p[i]; } /* Add 1, taking care of the carry. */ i = 0; - do + do { ++N->p[i]; - while( N->p[i++] == 0 && i <= bits / 8 / sizeof( mbedtls_mpi_uint ) ); + } while (N->p[i++] == 0 && i <= bits / 8 / sizeof(mbedtls_mpi_uint)); /* Invert the sign. * Now N = N0 - 2^bits where N0 is the initial value of N. */ N->s = -1; /* Add |c| * 2^bits to the absolute value. Since c and N are - * negative, this adds c * 2^bits. */ + * negative, this adds c * 2^bits. */ mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c; #if defined(MBEDTLS_HAVE_INT64) - if( bits == 224 ) + if (bits == 224) { msw <<= 32; + } #endif - N->p[bits / 8 / sizeof( mbedtls_mpi_uint)] += msw; + N->p[bits / 8 / sizeof(mbedtls_mpi_uint)] += msw; } #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) /* * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2) */ -static int ecp_mod_p224( mbedtls_mpi *N ) +static int ecp_mod_p224(mbedtls_mpi *N) { - INIT( 224 ); + INIT(224); - SUB( 7 ); SUB( 11 ); NEXT; // A0 += -A7 - A11 - SUB( 8 ); SUB( 12 ); NEXT; // A1 += -A8 - A12 - SUB( 9 ); SUB( 13 ); NEXT; // A2 += -A9 - A13 - SUB( 10 ); ADD( 7 ); ADD( 11 ); NEXT; // A3 += -A10 + A7 + A11 - SUB( 11 ); ADD( 8 ); ADD( 12 ); NEXT; // A4 += -A11 + A8 + A12 - SUB( 12 ); ADD( 9 ); ADD( 13 ); NEXT; // A5 += -A12 + A9 + A13 - SUB( 13 ); ADD( 10 ); LAST; // A6 += -A13 + A10 + SUB(7); SUB(11); NEXT; // A0 += -A7 - A11 + SUB(8); SUB(12); NEXT; // A1 += -A8 - A12 + SUB(9); SUB(13); NEXT; // A2 += -A9 - A13 + SUB(10); ADD(7); ADD(11); NEXT; // A3 += -A10 + A7 + A11 + SUB(11); ADD(8); ADD(12); NEXT; // A4 += -A11 + A8 + A12 + SUB(12); ADD(9); ADD(13); NEXT; // A5 += -A12 + A9 + A13 + SUB(13); ADD(10); LAST; // A6 += -A13 + A10 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ @@ -1075,36 +1060,36 @@ static int ecp_mod_p224( mbedtls_mpi *N ) /* * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3) */ -static int ecp_mod_p256( mbedtls_mpi *N ) +static int ecp_mod_p256(mbedtls_mpi *N) { - INIT( 256 ); + INIT(256); - ADD( 8 ); ADD( 9 ); - SUB( 11 ); SUB( 12 ); SUB( 13 ); SUB( 14 ); NEXT; // A0 + ADD(8); ADD(9); + SUB(11); SUB(12); SUB(13); SUB(14); NEXT; // A0 - ADD( 9 ); ADD( 10 ); - SUB( 12 ); SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A1 + ADD(9); ADD(10); + SUB(12); SUB(13); SUB(14); SUB(15); NEXT; // A1 - ADD( 10 ); ADD( 11 ); - SUB( 13 ); SUB( 14 ); SUB( 15 ); NEXT; // A2 + ADD(10); ADD(11); + SUB(13); SUB(14); SUB(15); NEXT; // A2 - ADD( 11 ); ADD( 11 ); ADD( 12 ); ADD( 12 ); ADD( 13 ); - SUB( 15 ); SUB( 8 ); SUB( 9 ); NEXT; // A3 + ADD(11); ADD(11); ADD(12); ADD(12); ADD(13); + SUB(15); SUB(8); SUB(9); NEXT; // A3 - ADD( 12 ); ADD( 12 ); ADD( 13 ); ADD( 13 ); ADD( 14 ); - SUB( 9 ); SUB( 10 ); NEXT; // A4 + ADD(12); ADD(12); ADD(13); ADD(13); ADD(14); + SUB(9); SUB(10); NEXT; // A4 - ADD( 13 ); ADD( 13 ); ADD( 14 ); ADD( 14 ); ADD( 15 ); - SUB( 10 ); SUB( 11 ); NEXT; // A5 + ADD(13); ADD(13); ADD(14); ADD(14); ADD(15); + SUB(10); SUB(11); NEXT; // A5 - ADD( 14 ); ADD( 14 ); ADD( 15 ); ADD( 15 ); ADD( 14 ); ADD( 13 ); - SUB( 8 ); SUB( 9 ); NEXT; // A6 + ADD(14); ADD(14); ADD(15); ADD(15); ADD(14); ADD(13); + SUB(8); SUB(9); NEXT; // A6 - ADD( 15 ); ADD( 15 ); ADD( 15 ); ADD( 8 ); - SUB( 10 ); SUB( 11 ); SUB( 12 ); SUB( 13 ); LAST; // A7 + ADD(15); ADD(15); ADD(15); ADD(8); + SUB(10); SUB(11); SUB(12); SUB(13); LAST; // A7 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ @@ -1112,48 +1097,48 @@ static int ecp_mod_p256( mbedtls_mpi *N ) /* * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) */ -static int ecp_mod_p384( mbedtls_mpi *N ) +static int ecp_mod_p384(mbedtls_mpi *N) { - INIT( 384 ); + INIT(384); - ADD( 12 ); ADD( 21 ); ADD( 20 ); - SUB( 23 ); NEXT; // A0 + ADD(12); ADD(21); ADD(20); + SUB(23); NEXT; // A0 - ADD( 13 ); ADD( 22 ); ADD( 23 ); - SUB( 12 ); SUB( 20 ); NEXT; // A2 + ADD(13); ADD(22); ADD(23); + SUB(12); SUB(20); NEXT; // A2 - ADD( 14 ); ADD( 23 ); - SUB( 13 ); SUB( 21 ); NEXT; // A2 + ADD(14); ADD(23); + SUB(13); SUB(21); NEXT; // A2 - ADD( 15 ); ADD( 12 ); ADD( 20 ); ADD( 21 ); - SUB( 14 ); SUB( 22 ); SUB( 23 ); NEXT; // A3 + ADD(15); ADD(12); ADD(20); ADD(21); + SUB(14); SUB(22); SUB(23); NEXT; // A3 - ADD( 21 ); ADD( 21 ); ADD( 16 ); ADD( 13 ); ADD( 12 ); ADD( 20 ); ADD( 22 ); - SUB( 15 ); SUB( 23 ); SUB( 23 ); NEXT; // A4 + ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22); + SUB(15); SUB(23); SUB(23); NEXT; // A4 - ADD( 22 ); ADD( 22 ); ADD( 17 ); ADD( 14 ); ADD( 13 ); ADD( 21 ); ADD( 23 ); - SUB( 16 ); NEXT; // A5 + ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23); + SUB(16); NEXT; // A5 - ADD( 23 ); ADD( 23 ); ADD( 18 ); ADD( 15 ); ADD( 14 ); ADD( 22 ); - SUB( 17 ); NEXT; // A6 + ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22); + SUB(17); NEXT; // A6 - ADD( 19 ); ADD( 16 ); ADD( 15 ); ADD( 23 ); - SUB( 18 ); NEXT; // A7 + ADD(19); ADD(16); ADD(15); ADD(23); + SUB(18); NEXT; // A7 - ADD( 20 ); ADD( 17 ); ADD( 16 ); - SUB( 19 ); NEXT; // A8 + ADD(20); ADD(17); ADD(16); + SUB(19); NEXT; // A8 - ADD( 21 ); ADD( 18 ); ADD( 17 ); - SUB( 20 ); NEXT; // A9 + ADD(21); ADD(18); ADD(17); + SUB(20); NEXT; // A9 - ADD( 22 ); ADD( 19 ); ADD( 18 ); - SUB( 21 ); NEXT; // A10 + ADD(22); ADD(19); ADD(18); + SUB(21); NEXT; // A10 - ADD( 23 ); ADD( 20 ); ADD( 19 ); - SUB( 22 ); LAST; // A11 + ADD(23); ADD(20); ADD(19); + SUB(22); LAST; // A11 cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ @@ -1176,7 +1161,7 @@ static int ecp_mod_p384( mbedtls_mpi *N ) */ /* Size of p521 in terms of mbedtls_mpi_uint */ -#define P521_WIDTH ( 521 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) +#define P521_WIDTH (521 / 8 / sizeof(mbedtls_mpi_uint) + 1) /* Bits to keep in the most significant mbedtls_mpi_uint */ #define P521_MASK 0x01FF @@ -1185,7 +1170,7 @@ static int ecp_mod_p384( mbedtls_mpi *N ) * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5) * Write N as A1 + 2^521 A0, return A0 + A1 */ -static int ecp_mod_p521( mbedtls_mpi *N ) +static int ecp_mod_p521(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; @@ -1195,28 +1180,31 @@ static int ecp_mod_p521( mbedtls_mpi *N ) * we need to hold bits 513 to 1056, which is 34 limbs, that is * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */ - if( N->n < P521_WIDTH ) - return( 0 ); + if (N->n < P521_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P521_WIDTH - 1 ); - if( M.n > P521_WIDTH + 1 ) + M.n = N->n - (P521_WIDTH - 1); + if (M.n > P521_WIDTH + 1) { M.n = P521_WIDTH + 1; + } M.p = Mp; - memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 521 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); + memcpy(Mp, N->p + P521_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 521 % (8 * sizeof(mbedtls_mpi_uint)))); /* N = A0 */ N->p[P521_WIDTH - 1] &= P521_MASK; - for( i = P521_WIDTH; i < N->n; i++ ) + for (i = P521_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #undef P521_WIDTH @@ -1228,57 +1216,60 @@ static int ecp_mod_p521( mbedtls_mpi *N ) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) /* Size of p255 in terms of mbedtls_mpi_uint */ -#define P255_WIDTH ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 ) +#define P255_WIDTH (255 / 8 / sizeof(mbedtls_mpi_uint) + 1) /* * Fast quasi-reduction modulo p255 = 2^255 - 19 * Write N as A0 + 2^255 A1, return A0 + 19 * A1 */ -static int ecp_mod_p255( mbedtls_mpi *N ) +static int ecp_mod_p255(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M; mbedtls_mpi_uint Mp[P255_WIDTH + 2]; - if( N->n < P255_WIDTH ) - return( 0 ); + if (N->n < P255_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P255_WIDTH - 1 ); - if( M.n > P255_WIDTH + 1 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + M.n = N->n - (P255_WIDTH - 1); + if (M.n > P255_WIDTH + 1) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } M.p = Mp; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); + memset(Mp, 0, sizeof(Mp)); + memcpy(Mp, N->p + P255_WIDTH - 1, M.n * sizeof(mbedtls_mpi_uint)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, 255 % (8 * sizeof(mbedtls_mpi_uint)))); M.n++; /* Make room for multiplication by 19 */ /* N = A0 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) ); - for( i = P255_WIDTH; i < N->n; i++ ) + MBEDTLS_MPI_CHK(mbedtls_mpi_set_bit(N, 255, 0)); + for (i = P255_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + 19 * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_int(&M, &M, 19)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ #if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) /* Size of p448 in terms of mbedtls_mpi_uint */ -#define P448_WIDTH ( 448 / 8 / sizeof( mbedtls_mpi_uint ) ) +#define P448_WIDTH (448 / 8 / sizeof(mbedtls_mpi_uint)) /* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */ -#define DIV_ROUND_UP( X, Y ) ( ( ( X ) + ( Y ) - 1 ) / ( Y ) ) -#define P224_WIDTH_MIN ( 28 / sizeof( mbedtls_mpi_uint ) ) -#define P224_WIDTH_MAX DIV_ROUND_UP( 28, sizeof( mbedtls_mpi_uint ) ) -#define P224_UNUSED_BITS ( ( P224_WIDTH_MAX * sizeof( mbedtls_mpi_uint ) * 8 ) - 224 ) +#define DIV_ROUND_UP(X, Y) (((X) + (Y) -1) / (Y)) +#define P224_WIDTH_MIN (28 / sizeof(mbedtls_mpi_uint)) +#define P224_WIDTH_MAX DIV_ROUND_UP(28, sizeof(mbedtls_mpi_uint)) +#define P224_UNUSED_BITS ((P224_WIDTH_MAX * sizeof(mbedtls_mpi_uint) * 8) - 224) /* * Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1 @@ -1291,52 +1282,57 @@ static int ecp_mod_p255( mbedtls_mpi *N ) * but for 64-bit targets it should use half the number of operations if we do * the reduction with 224-bit limbs, since mpi_add_mpi will then use 64-bit adds. */ -static int ecp_mod_p448( mbedtls_mpi *N ) +static int ecp_mod_p448(mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, Q; mbedtls_mpi_uint Mp[P448_WIDTH + 1], Qp[P448_WIDTH]; - if( N->n <= P448_WIDTH ) - return( 0 ); + if (N->n <= P448_WIDTH) { + return 0; + } /* M = A1 */ M.s = 1; - M.n = N->n - ( P448_WIDTH ); - if( M.n > P448_WIDTH ) + M.n = N->n - (P448_WIDTH); + if (M.n > P448_WIDTH) { /* Shouldn't be called with N larger than 2^896! */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } M.p = Mp; - memset( Mp, 0, sizeof( Mp ) ); - memcpy( Mp, N->p + P448_WIDTH, M.n * sizeof( mbedtls_mpi_uint ) ); + memset(Mp, 0, sizeof(Mp)); + memcpy(Mp, N->p + P448_WIDTH, M.n * sizeof(mbedtls_mpi_uint)); /* N = A0 */ - for( i = P448_WIDTH; i < N->n; i++ ) + for (i = P448_WIDTH; i < N->n; i++) { N->p[i] = 0; + } /* N += A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M)); /* Q = B1, N += B1 */ Q = M; Q.p = Qp; - memcpy( Qp, Mp, sizeof( Qp ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Q, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &Q ) ); + memcpy(Qp, Mp, sizeof(Qp)); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&Q, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &Q)); /* M = (B0 + B1) * 2^224, N += M */ - if( sizeof( mbedtls_mpi_uint ) > 4 ) - Mp[P224_WIDTH_MIN] &= ( (mbedtls_mpi_uint)-1 ) >> ( P224_UNUSED_BITS ); - for( i = P224_WIDTH_MAX; i < M.n; ++i ) + if (sizeof(mbedtls_mpi_uint) > 4) { + Mp[P224_WIDTH_MIN] &= ((mbedtls_mpi_uint)-1) >> (P224_UNUSED_BITS); + } + for (i = P224_WIDTH_MAX; i < M.n; ++i) { Mp[i] = 0; - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M, &M, &Q ) ); + } + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&M, &M, &Q)); M.n = P448_WIDTH + 1; /* Make room for shifted carry bit from the addition */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &M, 224 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_l(&M, 224)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ @@ -1350,18 +1346,19 @@ static int ecp_mod_p448( mbedtls_mpi *N ) * Write N as A0 + 2^224 A1, return A0 + R * A1. * Actually do two passes, since R is big. */ -#define P_KOBLITZ_MAX ( 256 / 8 / sizeof( mbedtls_mpi_uint ) ) // Max limbs in P -#define P_KOBLITZ_R ( 8 / sizeof( mbedtls_mpi_uint ) ) // Limbs in R -static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, - size_t adjust, size_t shift, mbedtls_mpi_uint mask ) +#define P_KOBLITZ_MAX (256 / 8 / sizeof(mbedtls_mpi_uint)) // Max limbs in P +#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R +static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, + size_t adjust, size_t shift, mbedtls_mpi_uint mask) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_mpi M, R; mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1]; - if( N->n < p_limbs ) - return( 0 ); + if (N->n < p_limbs) { + return 0; + } /* Init R */ R.s = 1; @@ -1373,49 +1370,57 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t M.p = Mp; /* M = A1 */ - M.n = N->n - ( p_limbs - adjust ); - if( M.n > p_limbs + adjust ) + M.n = N->n - (p_limbs - adjust); + if (M.n > p_limbs + adjust) { M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); - if( shift != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); + } + memset(Mp, 0, sizeof(Mp)); + memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); + if (shift != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); + } M.n += R.n; /* Make room for multiplication by R */ /* N = A0 */ - if( mask != 0 ) + if (mask != 0) { N->p[p_limbs - 1] &= mask; - for( i = p_limbs; i < N->n; i++ ) + } + for (i = p_limbs; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + R * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); /* Second pass */ /* M = A1 */ - M.n = N->n - ( p_limbs - adjust ); - if( M.n > p_limbs + adjust ) + M.n = N->n - (p_limbs - adjust); + if (M.n > p_limbs + adjust) { M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); - memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); - if( shift != 0 ) - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); + } + memset(Mp, 0, sizeof(Mp)); + memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); + if (shift != 0) { + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); + } M.n += R.n; /* Make room for multiplication by R */ /* N = A0 */ - if( mask != 0 ) + if (mask != 0) { N->p[p_limbs - 1] &= mask; - for( i = p_limbs; i < N->n; i++ ) + } + for (i = p_limbs; i < N->n; i++) { N->p[i] = 0; + } /* N = A0 + R * A1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&M, &M, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_abs(N, N, &M)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) || MBEDTLS_ECP_DP_SECP224K1_ENABLED) || @@ -1426,14 +1431,15 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t * Fast quasi-reduction modulo p192k1 = 2^192 - R, * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119 */ -static int ecp_mod_p192k1( mbedtls_mpi *N ) +static int ecp_mod_p192k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; - return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + return ecp_mod_koblitz(N, Rp, 192 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); } #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ @@ -1442,17 +1448,18 @@ static int ecp_mod_p192k1( mbedtls_mpi *N ) * Fast quasi-reduction modulo p224k1 = 2^224 - R, * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93 */ -static int ecp_mod_p224k1( mbedtls_mpi *N ) +static int ecp_mod_p224k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; #if defined(MBEDTLS_HAVE_INT64) - return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) ); + return ecp_mod_koblitz(N, Rp, 4, 1, 32, 0xFFFFFFFF); #else - return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + return ecp_mod_koblitz(N, Rp, 224 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); #endif } @@ -1463,13 +1470,14 @@ static int ecp_mod_p224k1( mbedtls_mpi *N ) * Fast quasi-reduction modulo p256k1 = 2^256 - R, * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1 */ -static int ecp_mod_p256k1( mbedtls_mpi *N ) +static int ecp_mod_p256k1(mbedtls_mpi *N) { static mbedtls_mpi_uint Rp[] = { - MBEDTLS_BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00 ) }; - return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, - 0 ) ); + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, + 0x00) + }; + return ecp_mod_koblitz(N, Rp, 256 / 8 / sizeof(mbedtls_mpi_uint), 0, 0, + 0); } #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ diff --git a/third_party/mbedtls/repo/library/ecp_invasive.h b/third_party/mbedtls/repo/library/ecp_invasive.h index 71c77027582..b5a1f7ce7df 100644 --- a/third_party/mbedtls/repo/library/ecp_invasive.h +++ b/third_party/mbedtls/repo/library/ecp_invasive.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_INVASIVE_H #define MBEDTLS_ECP_INVASIVE_H @@ -44,7 +32,7 @@ * Behavior: * Set N to c * 2^bits + old_value_of_N. */ -void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); +void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); #endif #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) @@ -61,7 +49,7 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); * This is the bit-size of the key minus 1: * 254 for Curve25519 or 447 for Curve448. * \param d The randomly generated key. This is a number of size - * exactly \p n_bits + 1 bits, with the least significant bits + * exactly \p high_bit + 1 bits, with the least significant bits * masked as specified in [Curve25519] and in [RFC7748] §5. * \param f_rng The RNG function. * \param p_rng The RNG context to be passed to \p f_rng. @@ -69,10 +57,10 @@ void mbedtls_ecp_fix_negative( mbedtls_mpi *N, signed char c, size_t bits ); * \return \c 0 on success. * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. */ -int mbedtls_ecp_gen_privkey_mx( size_t n_bits, - mbedtls_mpi *d, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_privkey_mx(size_t high_bit, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng); #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ diff --git a/third_party/mbedtls/repo/library/entropy.c b/third_party/mbedtls/repo/library/entropy.c index 12fd3b9b5fb..339dc0e038f 100644 --- a/third_party/mbedtls/repo/library/entropy.c +++ b/third_party/mbedtls/repo/library/entropy.c @@ -2,19 +2,7 @@ * Entropy accumulator implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -31,6 +19,8 @@ #include "mbedtls/entropy_poll.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/sha256.h" +#include "mbedtls/sha512.h" #include @@ -38,18 +28,9 @@ #include #endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) #include "mbedtls/platform.h" -#endif -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if defined(MBEDTLS_HAVEGE_C) #include "mbedtls/havege.h" @@ -57,103 +38,104 @@ #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ -void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) +void mbedtls_entropy_init(mbedtls_entropy_context *ctx) { ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); + memset(ctx->source, 0, sizeof(ctx->source)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif ctx->accumulator_started = 0; #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init( &ctx->accumulator ); + mbedtls_sha512_init(&ctx->accumulator); #else - mbedtls_sha256_init( &ctx->accumulator ); + mbedtls_sha256_init(&ctx->accumulator); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_init( &ctx->havege_data ); + mbedtls_havege_init(&ctx->havege_data); #endif /* Reminder: Update ENTROPY_HAVE_STRONG in the test files * when adding more strong entropy sources here. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL, - 1, MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_null_entropy_poll, NULL, + 1, MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); + mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, - MBEDTLS_ENTROPY_MIN_HAVEGE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) - mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); ctx->initial_entropy_run = 0; #endif #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ } -void mbedtls_entropy_free( mbedtls_entropy_context *ctx ) +void mbedtls_entropy_free(mbedtls_entropy_context *ctx) { /* If the context was already free, don't call free() again. * This is important for mutexes which don't allow double-free. */ - if( ctx->accumulator_started == -1 ) + if (ctx->accumulator_started == -1) { return; + } #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_free( &ctx->havege_data ); + mbedtls_havege_free(&ctx->havege_data); #endif #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_free( &ctx->accumulator ); + mbedtls_sha512_free(&ctx->accumulator); #else - mbedtls_sha256_free( &ctx->accumulator ); + mbedtls_sha256_free(&ctx->accumulator); #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) ctx->initial_entropy_run = 0; #endif ctx->source_count = 0; - mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) ); + mbedtls_platform_zeroize(ctx->source, sizeof(ctx->source)); ctx->accumulator_started = -1; } -int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, - mbedtls_entropy_f_source_ptr f_source, void *p_source, - size_t threshold, int strong ) +int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx, + mbedtls_entropy_f_source_ptr f_source, void *p_source, + size_t threshold, int strong) { int idx, ret = 0; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif idx = ctx->source_count; - if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES ) - { + if (idx >= MBEDTLS_ENTROPY_MAX_SOURCES) { ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES; goto exit; } @@ -167,18 +149,19 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx, exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Entropy accumulator update */ -static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id, - const unsigned char *data, size_t len ) +static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, + const unsigned char *data, size_t len) { unsigned char header[2]; unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE]; @@ -186,14 +169,15 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id const unsigned char *p = data; int ret = 0; - if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - { + if (use_len > MBEDTLS_ENTROPY_BLOCK_SIZE) { #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 ) + if ((ret = mbedtls_sha512_ret(data, len, tmp, 0)) != 0) { goto cleanup; + } #else - if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 ) + if ((ret = mbedtls_sha256_ret(data, len, tmp, 0)) != 0) { goto cleanup; + } #endif p = tmp; use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; @@ -208,55 +192,61 @@ static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id * gather entropy eventually execute this code. */ #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if (ctx->accumulator_started == 0 && + (ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) { goto cleanup; - else + } else { ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + } + if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, header, 2)) != 0) { goto cleanup; - ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len ); + } + ret = mbedtls_sha512_update_ret(&ctx->accumulator, p, use_len); #else - if( ctx->accumulator_started == 0 && - ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + if (ctx->accumulator_started == 0 && + (ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) { goto cleanup; - else + } else { ctx->accumulator_started = 1; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 ) + } + if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, header, 2)) != 0) { goto cleanup; - ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len ); + } + ret = mbedtls_sha256_update_ret(&ctx->accumulator, p, use_len); #endif cleanup: - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); - return( ret ); + return ret; } -int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx, - const unsigned char *data, size_t len ) +int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx, + const unsigned char *data, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len ); + ret = entropy_update(ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Run through the different sources to add entropy to our accumulator */ -static int entropy_gather_internal( mbedtls_entropy_context *ctx ) +static int entropy_gather_internal(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; int i; @@ -264,121 +254,125 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx ) unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER]; size_t olen; - if( ctx->source_count == 0 ) - return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); + if (ctx->source_count == 0) { + return MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED; + } /* * Run through our entropy sources */ - for( i = 0; i < ctx->source_count; i++ ) - { - if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + for (i = 0; i < ctx->source_count; i++) { + if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) { have_one_strong = 1; + } olen = 0; - if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, - buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 ) - { + if ((ret = ctx->source[i].f_source(ctx->source[i].p_source, + buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen)) != 0) { goto cleanup; } /* * Add if we actually gathered something */ - if( olen > 0 ) - { - if( ( ret = entropy_update( ctx, (unsigned char) i, - buf, olen ) ) != 0 ) - return( ret ); + if (olen > 0) { + if ((ret = entropy_update(ctx, (unsigned char) i, + buf, olen)) != 0) { + return ret; + } ctx->source[i].size += olen; } } - if( have_one_strong == 0 ) + if (have_one_strong == 0) { ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE; + } cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } /* * Thread-safe wrapper for entropy_gather_internal() */ -int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) +int mbedtls_entropy_gather(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = entropy_gather_internal( ctx ); + ret = entropy_gather_internal(ctx); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } -int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) +int mbedtls_entropy_func(void *data, unsigned char *output, size_t len) { int ret, count = 0, i, thresholds_reached; size_t strong_size; mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( len > MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (len > MBEDTLS_ENTROPY_BLOCK_SIZE) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } #if defined(MBEDTLS_ENTROPY_NV_SEED) /* Update the NV entropy seed before generating any entropy for outside * use. */ - if( ctx->initial_entropy_run == 0 ) - { + if (ctx->initial_entropy_run == 0) { ctx->initial_entropy_run = 1; - if( ( ret = mbedtls_entropy_update_nv_seed( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_entropy_update_nv_seed(ctx)) != 0) { + return ret; + } } #endif #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif /* * Always gather extra entropy before a call */ - do - { - if( count++ > ENTROPY_MAX_LOOP ) - { + do { + if (count++ > ENTROPY_MAX_LOOP) { ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; goto exit; } - if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) + if ((ret = entropy_gather_internal(ctx)) != 0) { goto exit; + } thresholds_reached = 1; strong_size = 0; - for( i = 0; i < ctx->source_count; i++ ) - { - if( ctx->source[i].size < ctx->source[i].threshold ) + for (i = 0; i < ctx->source_count; i++) { + if (ctx->source[i].size < ctx->source[i].threshold) { thresholds_reached = 0; - if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG ) + } + if (ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG) { strong_size += ctx->source[i].size; + } } - } - while( ! thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE ); + } while (!thresholds_reached || strong_size < MBEDTLS_ENTROPY_BLOCK_SIZE); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) /* @@ -386,109 +380,118 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) * in a previous call to entropy_update(). If this is not guaranteed, the * code below will fail. */ - if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx->accumulator, buf)) != 0) { goto exit; + } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha512_free( &ctx->accumulator ); - mbedtls_sha512_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + mbedtls_sha512_free(&ctx->accumulator); + mbedtls_sha512_init(&ctx->accumulator); + if ((ret = mbedtls_sha512_starts_ret(&ctx->accumulator, 0)) != 0) { goto exit; - if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) + } + if ((ret = mbedtls_sha512_update_ret(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; + } /* * Perform second SHA-512 on entropy */ - if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) + if ((ret = mbedtls_sha512_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + buf, 0)) != 0) { goto exit; + } #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx->accumulator, buf)) != 0) { goto exit; + } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha256_free( &ctx->accumulator ); - mbedtls_sha256_init( &ctx->accumulator ); - if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 ) + mbedtls_sha256_free(&ctx->accumulator); + mbedtls_sha256_init(&ctx->accumulator); + if ((ret = mbedtls_sha256_starts_ret(&ctx->accumulator, 0)) != 0) { goto exit; - if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) + } + if ((ret = mbedtls_sha256_update_ret(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; + } /* * Perform second SHA-256 on entropy */ - if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0 ) ) != 0 ) + if ((ret = mbedtls_sha256_ret(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + buf, 0)) != 0) { goto exit; + } #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - for( i = 0; i < ctx->source_count; i++ ) + for (i = 0; i < ctx->source_count; i++) { ctx->source[i].size = 0; + } - memcpy( output, buf, len ); + memcpy(output, buf, len); ret = 0; exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ) +int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx) { int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; /* Read new seed and write it to NV */ - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { + return ret; + } - if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); + if (mbedtls_nv_seed_write(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } /* Manually update the remaining stream with a separator value to diverge */ - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + ret = mbedtls_entropy_update_manual(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE); - return( ret ); + return ret; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ #if defined(MBEDTLS_FS_IO) -int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path ) +int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f = NULL; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 ) - { + if ((ret = mbedtls_entropy_func(ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; goto exit; } - if( ( f = fopen( path, "wb" ) ) == NULL ) - { + if ((f = fopen(path, "wb")) == NULL) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; goto exit; } - if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE ) - { + if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != MBEDTLS_ENTROPY_BLOCK_SIZE) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; goto exit; } @@ -496,44 +499,49 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p ret = 0; exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - if( f != NULL ) - fclose( f ); + if (f != NULL) { + fclose(f); + } - return( ret ); + return ret; } -int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path ) +int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path) { int ret = 0; FILE *f; size_t n; - unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ]; + unsigned char buf[MBEDTLS_ENTROPY_MAX_SEED_SIZE]; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - n = (size_t) ftell( f ); - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_END); + n = (size_t) ftell(f); + fseek(f, 0, SEEK_SET); - if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) + if (n > MBEDTLS_ENTROPY_MAX_SEED_SIZE) { n = MBEDTLS_ENTROPY_MAX_SEED_SIZE; + } - if( fread( buf, 1, n, f ) != n ) + if (fread(buf, 1, n, f) != n) { ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; - else - ret = mbedtls_entropy_update_manual( ctx, buf, n ); + } else { + ret = mbedtls_entropy_update_manual(ctx, buf, n); + } - fclose( f ); + fclose(f); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( mbedtls_entropy_write_seed_file( ctx, path ) ); + return mbedtls_entropy_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -542,64 +550,62 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char * /* * Dummy source function */ -static int entropy_dummy_source( void *data, unsigned char *output, - size_t len, size_t *olen ) +static int entropy_dummy_source(void *data, unsigned char *output, + size_t len, size_t *olen) { ((void) data); - memset( output, 0x2a, len ); + memset(output, 0x2a, len); *olen = len; - return( 0 ); + return 0; } #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) -static int mbedtls_entropy_source_self_test_gather( unsigned char *buf, size_t buf_len ) +static int mbedtls_entropy_source_self_test_gather(unsigned char *buf, size_t buf_len) { int ret = 0; size_t entropy_len = 0; size_t olen = 0; size_t attempts = buf_len; - while( attempts > 0 && entropy_len < buf_len ) - { - if( ( ret = mbedtls_hardware_poll( NULL, buf + entropy_len, - buf_len - entropy_len, &olen ) ) != 0 ) - return( ret ); + while (attempts > 0 && entropy_len < buf_len) { + if ((ret = mbedtls_hardware_poll(NULL, buf + entropy_len, + buf_len - entropy_len, &olen)) != 0) { + return ret; + } entropy_len += olen; attempts--; } - if( entropy_len < buf_len ) - { + if (entropy_len < buf_len) { ret = 1; } - return( ret ); + return ret; } -static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf, - size_t buf_len ) +static int mbedtls_entropy_source_self_test_check_bits(const unsigned char *buf, + size_t buf_len) { - unsigned char set= 0xFF; + unsigned char set = 0xFF; unsigned char unset = 0x00; size_t i; - for( i = 0; i < buf_len; i++ ) - { + for (i = 0; i < buf_len; i++) { set &= buf[i]; unset |= buf[i]; } - return( set == 0xFF || unset == 0x00 ); + return set == 0xFF || unset == 0x00; } /* - * A test to ensure hat the entropy sources are functioning correctly + * A test to ensure that the entropy sources are functioning correctly * and there is no obvious failure. The test performs the following checks: * - The entropy source is not providing only 0s (all bits unset) or 1s (all * bits set). @@ -609,45 +615,50 @@ static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf * are not equal. * - The error code returned by the entropy source is not an error. */ -int mbedtls_entropy_source_self_test( int verbose ) +int mbedtls_entropy_source_self_test(int verbose) { int ret = 0; - unsigned char buf0[2 * sizeof( unsigned long long int )]; - unsigned char buf1[2 * sizeof( unsigned long long int )]; + unsigned char buf0[2 * sizeof(unsigned long long int)]; + unsigned char buf1[2 * sizeof(unsigned long long int)]; - if( verbose != 0 ) - mbedtls_printf( " ENTROPY_BIAS test: " ); + if (verbose != 0) { + mbedtls_printf(" ENTROPY_BIAS test: "); + } - memset( buf0, 0x00, sizeof( buf0 ) ); - memset( buf1, 0x00, sizeof( buf1 ) ); + memset(buf0, 0x00, sizeof(buf0)); + memset(buf1, 0x00, sizeof(buf1)); - if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test_gather(buf0, sizeof(buf0))) != 0) { goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_gather( buf1, sizeof( buf1 ) ) ) != 0 ) + } + if ((ret = mbedtls_entropy_source_self_test_gather(buf1, sizeof(buf1))) != 0) { goto cleanup; + } /* Make sure that the returned values are not all 0 or 1 */ - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf0, sizeof( buf0 ) ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test_check_bits(buf0, sizeof(buf0))) != 0) { goto cleanup; - if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf1, sizeof( buf1 ) ) ) != 0 ) + } + if ((ret = mbedtls_entropy_source_self_test_check_bits(buf1, sizeof(buf1))) != 0) { goto cleanup; + } /* Make sure that the entropy source is not returning values in a * pattern */ - ret = memcmp( buf0, buf1, sizeof( buf0 ) ) == 0; + ret = memcmp(buf0, buf1, sizeof(buf0)) == 0; cleanup: - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed\n"); + } else { + mbedtls_printf("passed\n"); + } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( ret != 0 ); + return ret != 0; } #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ @@ -657,7 +668,7 @@ int mbedtls_entropy_source_self_test( int verbose ) * test that the functions don't cause errors and write the correct * amount of data to buffers. */ -int mbedtls_entropy_self_test( int verbose ) +int mbedtls_entropy_self_test(int verbose) { int ret = 1; #if !defined(MBEDTLS_TEST_NULL_ENTROPY) @@ -667,23 +678,27 @@ int mbedtls_entropy_self_test( int verbose ) size_t i, j; #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - if( verbose != 0 ) - mbedtls_printf( " ENTROPY test: " ); + if (verbose != 0) { + mbedtls_printf(" ENTROPY test: "); + } #if !defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* First do a gather to make sure we have default sources */ - if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 ) + if ((ret = mbedtls_entropy_gather(&ctx)) != 0) { goto cleanup; + } - ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16, - MBEDTLS_ENTROPY_SOURCE_WEAK ); - if( ret != 0 ) + ret = mbedtls_entropy_add_source(&ctx, entropy_dummy_source, NULL, 16, + MBEDTLS_ENTROPY_SOURCE_WEAK); + if (ret != 0) { goto cleanup; + } - if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) + if ((ret = mbedtls_entropy_update_manual(&ctx, buf, sizeof(buf))) != 0) { goto cleanup; + } /* * To test that mbedtls_entropy_func writes correct number of bytes: @@ -693,44 +708,44 @@ int mbedtls_entropy_self_test( int verbose ) * each of the 32 or 64 bytes to be non-zero has a false failure rate * of at most 2^(-58) which is acceptable. */ - for( i = 0; i < 8; i++ ) - { - if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) + for (i = 0; i < 8; i++) { + if ((ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf))) != 0) { goto cleanup; + } - for( j = 0; j < sizeof( buf ); j++ ) + for (j = 0; j < sizeof(buf); j++) { acc[j] |= buf[j]; + } } - for( j = 0; j < sizeof( buf ); j++ ) - { - if( acc[j] == 0 ) - { + for (j = 0; j < sizeof(buf); j++) { + if (acc[j] == 0) { ret = 1; goto cleanup; } } #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( ( ret = mbedtls_entropy_source_self_test( 0 ) ) != 0 ) + if ((ret = mbedtls_entropy_source_self_test(0)) != 0) { goto cleanup; + } #endif cleanup: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); #endif /* !MBEDTLS_TEST_NULL_ENTROPY */ - if( verbose != 0 ) - { - if( ret != 0 ) - mbedtls_printf( "failed\n" ); - else - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + if (ret != 0) { + mbedtls_printf("failed\n"); + } else { + mbedtls_printf("passed\n"); + } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( ret != 0 ); + return ret != 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/entropy_poll.c b/third_party/mbedtls/repo/library/entropy_poll.c index 2c1e0937b98..cde49e66a01 100644 --- a/third_party/mbedtls/repo/library/entropy_poll.c +++ b/third_party/mbedtls/repo/library/entropy_poll.c @@ -2,19 +2,7 @@ * Platform-specific and custom entropy polling functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(__linux__) && !defined(_GNU_SOURCE) @@ -38,16 +26,15 @@ #if defined(MBEDTLS_HAVEGE_C) #include "mbedtls/havege.h" #endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) #include "mbedtls/platform.h" -#endif #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ !defined(__HAIKU__) && !defined(__midipix__) -#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" +#error \ + "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" #endif #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -58,29 +45,27 @@ #include #include -int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, - size_t *olen ) +int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len, + size_t *olen) { HCRYPTPROV provider; ((void) data); *olen = 0; - if( CryptAcquireContext( &provider, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) - { - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (CryptAcquireContext(&provider, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) - { - CryptReleaseContext( provider, 0 ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) { + CryptReleaseContext(provider, 0); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - CryptReleaseContext( provider, 0 ); + CryptReleaseContext(provider, 0); *olen = len; - return( 0 ); + return 0; } #else /* _WIN32 && !EFIX64 && !EFI32 */ @@ -96,15 +81,15 @@ int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len #define HAVE_GETRANDOM #include -static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) +static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) { /* MemSan cannot understand that the syscall writes to the buffer */ #if defined(__has_feature) #if __has_feature(memory_sanitizer) - memset( buf, 0, buflen ); + memset(buf, 0, buflen); #endif #endif - return( syscall( SYS_getrandom, buf, buflen, flags ) ); + return syscall(SYS_getrandom, buf, buflen, flags); } #endif /* SYS_getrandom */ #endif /* __linux__ || __midipix__ */ @@ -116,9 +101,9 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) #include #include #define HAVE_GETRANDOM -static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) +static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) { - return getrandom( buf, buflen, flags ); + return getrandom(buf, buflen, flags); } #endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) || (__DragonFly__ && __DragonFly_version >= 500700) */ @@ -138,7 +123,7 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) #if defined(KERN_ARND) #define HAVE_SYSCTL_ARND -static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen ) +static int sysctl_arnd_wrapper(unsigned char *buf, size_t buflen) { int name[2]; size_t len; @@ -146,23 +131,23 @@ static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen ) name[0] = CTL_KERN; name[1] = KERN_ARND; - while( buflen > 0 ) - { + while (buflen > 0) { len = buflen > 256 ? 256 : buflen; - if( sysctl(name, 2, buf, &len, NULL, 0) == -1 ) - return( -1 ); + if (sysctl(name, 2, buf, &len, NULL, 0) == -1) { + return -1; + } buflen -= len; buf += len; } - return( 0 ); + return 0; } #endif /* KERN_ARND */ #endif /* __FreeBSD__ || __NetBSD__ */ #include -int mbedtls_platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_platform_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { FILE *file; size_t read_len; @@ -170,14 +155,13 @@ int mbedtls_platform_entropy_poll( void *data, ((void) data); #if defined(HAVE_GETRANDOM) - ret = getrandom_wrapper( output, len, 0 ); - if( ret >= 0 ) - { + ret = getrandom_wrapper(output, len, 0); + if (ret >= 0) { *olen = ret; - return( 0 ); + return 0; + } else if (errno != ENOSYS) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - else if( errno != ENOSYS ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); /* Fall through if the system call isn't known. */ #else ((void) ret); @@ -186,105 +170,111 @@ int mbedtls_platform_entropy_poll( void *data, #if defined(HAVE_SYSCTL_ARND) ((void) file); ((void) read_len); - if( sysctl_arnd_wrapper( output, len ) == -1 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (sysctl_arnd_wrapper(output, len) == -1) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } *olen = len; - return( 0 ); + return 0; #else *olen = 0; - file = fopen( "/dev/urandom", "rb" ); - if( file == NULL ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + file = fopen("/dev/urandom", "rb"); + if (file == NULL) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - read_len = fread( output, 1, len, file ); - if( read_len != len ) - { - fclose( file ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + read_len = fread(output, 1, len, file); + if (read_len != len) { + fclose(file); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - fclose( file ); + fclose(file); *olen = len; - return( 0 ); + return 0; #endif /* HAVE_SYSCTL_ARND */ } #endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) -int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_null_entropy_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { ((void) data); ((void) output); *olen = 0; - if( len < sizeof(unsigned char) ) - return( 0 ); + if (len < sizeof(unsigned char)) { + return 0; + } output[0] = 0; *olen = sizeof(unsigned char); - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_TIMING_C) -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_hardclock_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { unsigned long timer = mbedtls_timing_hardclock(); ((void) data); *olen = 0; - if( len < sizeof(unsigned long) ) - return( 0 ); + if (len < sizeof(unsigned long)) { + return 0; + } - memcpy( output, &timer, sizeof(unsigned long) ); + memcpy(output, &timer, sizeof(unsigned long)); *olen = sizeof(unsigned long); - return( 0 ); + return 0; } #endif /* MBEDTLS_TIMING_C */ #if defined(MBEDTLS_HAVEGE_C) -int mbedtls_havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_havege_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { mbedtls_havege_state *hs = (mbedtls_havege_state *) data; *olen = 0; - if( mbedtls_havege_random( hs, output, len ) != 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (mbedtls_havege_random(hs, output, len) != 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } *olen = len; - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVEGE_C */ #if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_nv_seed_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) +int mbedtls_nv_seed_poll(void *data, + unsigned char *output, size_t len, size_t *olen) { unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; ((void) data); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (mbedtls_nv_seed_read(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - if( len < use_len ) - use_len = len; + if (len < use_len) { + use_len = len; + } - memcpy( output, buf, use_len ); + memcpy(output, buf, use_len); *olen = use_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ diff --git a/third_party/mbedtls/repo/library/error.c b/third_party/mbedtls/repo/library/error.c index afad38904ff..cb7ad57e450 100644 --- a/third_party/mbedtls/repo/library/error.c +++ b/third_party/mbedtls/repo/library/error.c @@ -2,19 +2,7 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -25,11 +13,7 @@ #if defined(MBEDTLS_ERROR_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif #include #include @@ -211,20 +195,20 @@ #endif -const char * mbedtls_high_level_strerr( int error_code ) +const char *mbedtls_high_level_strerr(int error_code) { int high_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the high-level part from the error code. */ high_level_error_code = error_code & 0xFF80; - switch( high_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_CIPHER_C) + switch (high_level_error_code) { + /* Begin Auto-Generated Code. */ + #if defined(MBEDTLS_CIPHER_C) case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): return( "CIPHER - The selected feature is not available" ); case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): @@ -522,6 +506,8 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - A cryptographic operation is in progress. Try again later" ); case -(MBEDTLS_ERR_SSL_BAD_CONFIG): return( "SSL - Invalid value in SSL config" ); + case -(MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND): + return( "SSL - Cache entry not found" ); #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) @@ -572,23 +558,23 @@ const char * mbedtls_high_level_strerr( int error_code ) break; } - return( NULL ); + return NULL; } -const char * mbedtls_low_level_strerr( int error_code ) +const char *mbedtls_low_level_strerr(int error_code) { int low_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the low-level part from the error code. */ low_level_error_code = error_code & ~0xFF80; - switch( low_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_AES_C) + switch (low_level_error_code) { + /* Begin Auto-Generated Code. */ + #if defined(MBEDTLS_AES_C) case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): return( "AES - Invalid key length" ); case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): @@ -890,91 +876,97 @@ const char * mbedtls_low_level_strerr( int error_code ) break; } - return( NULL ); + return NULL; } -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { size_t len; int use_ret; - const char * high_level_error_description = NULL; - const char * low_level_error_description = NULL; + const char *high_level_error_description = NULL; + const char *low_level_error_description = NULL; - if( buflen == 0 ) + if (buflen == 0) { return; + } - memset( buf, 0x00, buflen ); + memset(buf, 0x00, buflen); - if( ret < 0 ) + if (ret < 0) { ret = -ret; + } - if( ret & 0xFF80 ) - { + if (ret & 0xFF80) { use_ret = ret & 0xFF80; // Translate high level error code. - high_level_error_description = mbedtls_high_level_strerr( ret ); + high_level_error_description = mbedtls_high_level_strerr(ret); - if( high_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); + if (high_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", high_level_error_description); + } #if defined(MBEDTLS_SSL_TLS_C) // Early return in case of a fatal error - do not try to translate low // level code. - if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) + if (use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) { return; + } #endif /* MBEDTLS_SSL_TLS_C */ } use_ret = ret & ~0xFF80; - if( use_ret == 0 ) + if (use_ret == 0) { return; + } // If high level code is present, make a concatenation between both // error strings. // - len = strlen( buf ); + len = strlen(buf); - if( len > 0 ) - { - if( buflen - len < 5 ) + if (len > 0) { + if (buflen - len < 5) { return; + } - mbedtls_snprintf( buf + len, buflen - len, " : " ); + mbedtls_snprintf(buf + len, buflen - len, " : "); buf += len + 3; buflen -= len + 3; } // Translate low level error code. - low_level_error_description = mbedtls_low_level_strerr( ret ); + low_level_error_description = mbedtls_low_level_strerr(ret); - if( low_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); + if (low_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", low_level_error_description); + } } #else /* MBEDTLS_ERROR_C */ /* - * Provide an non-function in case MBEDTLS_ERROR_C is not defined + * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined */ -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { ((void) ret); - if( buflen > 0 ) + if (buflen > 0) { buf[0] = '\0'; + } } #endif /* MBEDTLS_ERROR_C */ #if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/third_party/mbedtls/repo/library/gcm.c b/third_party/mbedtls/repo/library/gcm.c index 43a5e1bec68..86d5fa2b5fc 100644 --- a/third_party/mbedtls/repo/library/gcm.c +++ b/third_party/mbedtls/repo/library/gcm.c @@ -2,19 +2,7 @@ * NIST SP800-38D compliant GCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -32,8 +20,10 @@ #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" +#include "mbedtls/platform.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include @@ -41,30 +31,21 @@ #include "mbedtls/aesni.h" #endif -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) -#include "mbedtls/aes.h" -#include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ - #if !defined(MBEDTLS_GCM_ALT) /* Parameter validation macros */ -#define GCM_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_GCM_BAD_INPUT ) -#define GCM_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define GCM_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_GCM_BAD_INPUT) +#define GCM_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Initialize a context */ -void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) +void mbedtls_gcm_init(mbedtls_gcm_context *ctx) { - GCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); + GCM_VALIDATE(ctx != NULL); + memset(ctx, 0, sizeof(mbedtls_gcm_context)); } /* @@ -75,7 +56,7 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL * corresponds to P^127. */ -static int gcm_gen_table( mbedtls_gcm_context *ctx ) +static int gcm_gen_table(mbedtls_gcm_context *ctx) { int ret, i, j; uint64_t hi, lo; @@ -83,93 +64,95 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) unsigned char h[16]; size_t olen = 0; - memset( h, 0, 16 ); - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) - return( ret ); + memset(h, 0, 16); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { + return ret; + } /* pack h as two 64-bits ints, big-endian */ - hi = MBEDTLS_GET_UINT32_BE( h, 0 ); - lo = MBEDTLS_GET_UINT32_BE( h, 4 ); + hi = MBEDTLS_GET_UINT32_BE(h, 0); + lo = MBEDTLS_GET_UINT32_BE(h, 4); vh = (uint64_t) hi << 32 | lo; - hi = MBEDTLS_GET_UINT32_BE( h, 8 ); - lo = MBEDTLS_GET_UINT32_BE( h, 12 ); + hi = MBEDTLS_GET_UINT32_BE(h, 8); + lo = MBEDTLS_GET_UINT32_BE(h, 12); vl = (uint64_t) hi << 32 | lo; /* 8 = 1000 corresponds to 1 in GF(2^128) */ ctx->HL[8] = vl; ctx->HH[8] = vh; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_HAVE_CODE) /* With CLMUL support, we need only h, not the rest of the table */ - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) - return( 0 ); + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { + return 0; + } #endif /* 0 corresponds to 0 in GF(2^128) */ ctx->HH[0] = 0; ctx->HL[0] = 0; - for( i = 4; i > 0; i >>= 1 ) - { - uint32_t T = ( vl & 1 ) * 0xe1000000U; - vl = ( vh << 63 ) | ( vl >> 1 ); - vh = ( vh >> 1 ) ^ ( (uint64_t) T << 32); + for (i = 4; i > 0; i >>= 1) { + uint32_t T = (vl & 1) * 0xe1000000U; + vl = (vh << 63) | (vl >> 1); + vh = (vh >> 1) ^ ((uint64_t) T << 32); ctx->HL[i] = vl; ctx->HH[i] = vh; } - for( i = 2; i <= 8; i *= 2 ) - { + for (i = 2; i <= 8; i *= 2) { uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i; vh = *HiH; vl = *HiL; - for( j = 1; j < i; j++ ) - { + for (j = 1; j < i; j++) { HiH[j] = vh ^ ctx->HH[j]; HiL[j] = vl ^ ctx->HL[j]; } } - return( 0 ); + return 0; } -int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits ) +int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( key != NULL ); - GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(key != NULL); + GCM_VALIDATE_RET(keybits == 128 || keybits == 192 || keybits == 256); - cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + MBEDTLS_ENCRYPT)) != 0) { + return ret; } - if( ( ret = gcm_gen_table( ctx ) ) != 0 ) - return( ret ); + if ((ret = gcm_gen_table(ctx)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -189,42 +172,40 @@ static const uint64_t last4[16] = * Sets output to x times H using the precomputed tables. * x and output are seen as elements of GF(2^128) as in [MGV]. */ -static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], - unsigned char output[16] ) +static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], + unsigned char output[16]) { int i = 0; unsigned char lo, hi, rem; uint64_t zh, zl; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) - if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) { +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { unsigned char h[16]; - MBEDTLS_PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->HH[8], h, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->HL[8], h, 12 ); + MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h, 0); + MBEDTLS_PUT_UINT32_BE(ctx->HH[8], h, 4); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h, 8); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8], h, 12); - mbedtls_aesni_gcm_mult( output, x, h ); + mbedtls_aesni_gcm_mult(output, x, h); return; } -#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ lo = x[15] & 0xf; zh = ctx->HH[lo]; zl = ctx->HL[lo]; - for( i = 15; i >= 0; i-- ) - { + for (i = 15; i >= 0; i--) { lo = x[i] & 0xf; - hi = ( x[i] >> 4 ) & 0xf; + hi = (x[i] >> 4) & 0xf; - if( i != 15 ) - { + if (i != 15) { rem = (unsigned char) zl & 0xf; - zl = ( zh << 60 ) | ( zl >> 4 ); - zh = ( zh >> 4 ); + zl = (zh << 60) | (zl >> 4); + zh = (zh >> 4); zh ^= (uint64_t) last4[rem] << 48; zh ^= ctx->HH[lo]; zl ^= ctx->HL[lo]; @@ -232,25 +213,25 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], } rem = (unsigned char) zl & 0xf; - zl = ( zh << 60 ) | ( zl >> 4 ); - zh = ( zh >> 4 ); + zl = (zh << 60) | (zl >> 4); + zh = (zh >> 4); zh ^= (uint64_t) last4[rem] << 48; zh ^= ctx->HH[hi]; zl ^= ctx->HL[hi]; } - MBEDTLS_PUT_UINT32_BE( zh >> 32, output, 0 ); - MBEDTLS_PUT_UINT32_BE( zh, output, 4 ); - MBEDTLS_PUT_UINT32_BE( zl >> 32, output, 8 ); - MBEDTLS_PUT_UINT32_BE( zl, output, 12 ); + MBEDTLS_PUT_UINT32_BE(zh >> 32, output, 0); + MBEDTLS_PUT_UINT32_BE(zh, output, 4); + MBEDTLS_PUT_UINT32_BE(zl >> 32, output, 8); + MBEDTLS_PUT_UINT32_BE(zl, output, 12); } -int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ) +int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; @@ -259,85 +240,81 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, size_t use_len, olen = 0; uint64_t iv_bits; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); /* IV and AD are limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ - if( iv_len == 0 || - ( (uint64_t) iv_len ) >> 61 != 0 || - ( (uint64_t) add_len ) >> 61 != 0 ) - { - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (iv_len == 0 || + ((uint64_t) iv_len) >> 61 != 0 || + ((uint64_t) add_len) >> 61 != 0) { + return MBEDTLS_ERR_GCM_BAD_INPUT; } - memset( ctx->y, 0x00, sizeof(ctx->y) ); - memset( ctx->buf, 0x00, sizeof(ctx->buf) ); + memset(ctx->y, 0x00, sizeof(ctx->y)); + memset(ctx->buf, 0x00, sizeof(ctx->buf)); ctx->mode = mode; ctx->len = 0; ctx->add_len = 0; - if( iv_len == 12 ) - { - memcpy( ctx->y, iv, iv_len ); + if (iv_len == 12) { + memcpy(ctx->y, iv, iv_len); ctx->y[15] = 1; - } - else - { - memset( work_buf, 0x00, 16 ); - iv_bits = (uint64_t)iv_len * 8; - MBEDTLS_PUT_UINT64_BE( iv_bits, work_buf, 8 ); + } else { + memset(work_buf, 0x00, 16); + iv_bits = (uint64_t) iv_len * 8; + MBEDTLS_PUT_UINT64_BE(iv_bits, work_buf, 8); p = iv; - while( iv_len > 0 ) - { - use_len = ( iv_len < 16 ) ? iv_len : 16; + while (iv_len > 0) { + use_len = (iv_len < 16) ? iv_len : 16; - for( i = 0; i < use_len; i++ ) + for (i = 0; i < use_len; i++) { ctx->y[i] ^= p[i]; + } - gcm_mult( ctx, ctx->y, ctx->y ); + gcm_mult(ctx, ctx->y, ctx->y); iv_len -= use_len; p += use_len; } - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { ctx->y[i] ^= work_buf[i]; + } - gcm_mult( ctx, ctx->y, ctx->y ); + gcm_mult(ctx, ctx->y, ctx->y); } - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, - ctx->base_ectr, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, + ctx->base_ectr, &olen)) != 0) { + return ret; } ctx->add_len = add_len; p = add; - while( add_len > 0 ) - { - use_len = ( add_len < 16 ) ? add_len : 16; + while (add_len > 0) { + use_len = (add_len < 16) ? add_len : 16; - for( i = 0; i < use_len; i++ ) + for (i = 0; i < use_len; i++) { ctx->buf[i] ^= p[i]; + } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); add_len -= use_len; p += use_len; } - return( 0 ); + return 0; } -int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ) +int mbedtls_gcm_update(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char ectr[16]; @@ -346,180 +323,183 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, unsigned char *out_p = output; size_t use_len, olen = 0; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); - if( output > input && (size_t) ( output - input ) < length ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (output > input && (size_t) (output - input) < length) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes * Also check for possible overflow */ - if( ctx->len + length < ctx->len || - (uint64_t) ctx->len + length > 0xFFFFFFFE0ull ) - { - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (ctx->len + length < ctx->len || + (uint64_t) ctx->len + length > 0xFFFFFFFE0ull) { + return MBEDTLS_ERR_GCM_BAD_INPUT; } ctx->len += length; p = input; - while( length > 0 ) - { - use_len = ( length < 16 ) ? length : 16; + while (length > 0) { + use_len = (length < 16) ? length : 16; - for( i = 16; i > 12; i-- ) - if( ++ctx->y[i - 1] != 0 ) + for (i = 16; i > 12; i--) { + if (++ctx->y[i - 1] != 0) { break; + } + } - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, - &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, + &olen)) != 0) { + return ret; } - for( i = 0; i < use_len; i++ ) - { - if( ctx->mode == MBEDTLS_GCM_DECRYPT ) + for (i = 0; i < use_len; i++) { + if (ctx->mode == MBEDTLS_GCM_DECRYPT) { ctx->buf[i] ^= p[i]; + } out_p[i] = ectr[i] ^ p[i]; - if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) + if (ctx->mode == MBEDTLS_GCM_ENCRYPT) { ctx->buf[i] ^= out_p[i]; + } } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); length -= use_len; p += use_len; out_p += use_len; } - return( 0 ); + return 0; } -int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ) +int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, + unsigned char *tag, + size_t tag_len) { unsigned char work_buf[16]; size_t i; uint64_t orig_len; uint64_t orig_add_len; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( tag != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(tag != NULL); orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; - if( tag_len > 16 || tag_len < 4 ) - return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if (tag_len > 16 || tag_len < 4) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } - memcpy( tag, ctx->base_ectr, tag_len ); + memcpy(tag, ctx->base_ectr, tag_len); - if( orig_len || orig_add_len ) - { - memset( work_buf, 0x00, 16 ); + if (orig_len || orig_add_len) { + memset(work_buf, 0x00, 16); - MBEDTLS_PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); - MBEDTLS_PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); - MBEDTLS_PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); - MBEDTLS_PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + MBEDTLS_PUT_UINT32_BE((orig_add_len >> 32), work_buf, 0); + MBEDTLS_PUT_UINT32_BE((orig_add_len), work_buf, 4); + MBEDTLS_PUT_UINT32_BE((orig_len >> 32), work_buf, 8); + MBEDTLS_PUT_UINT32_BE((orig_len), work_buf, 12); - for( i = 0; i < 16; i++ ) + for (i = 0; i < 16; i++) { ctx->buf[i] ^= work_buf[i]; + } - gcm_mult( ctx, ctx->buf, ctx->buf ); + gcm_mult(ctx, ctx->buf, ctx->buf); - for( i = 0; i < tag_len; i++ ) + for (i = 0; i < tag_len; i++) { tag[i] ^= ctx->buf[i]; + } } - return( 0 ); + return 0; } -int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, - int mode, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *input, - unsigned char *output, - size_t tag_len, - unsigned char *tag ) +int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); - GCM_VALIDATE_RET( tag != NULL ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); + GCM_VALIDATE_RET(tag != NULL); - if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_starts(ctx, mode, iv, iv_len, add, add_len)) != 0) { + return ret; + } - if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_update(ctx, length, input, output)) != 0) { + return ret; + } - if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_gcm_finish(ctx, tag, tag_len)) != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *tag, - size_t tag_len, - const unsigned char *input, - unsigned char *output ) +int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - size_t i; int diff; - GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - GCM_VALIDATE_RET( tag != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); - - if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length, - iv, iv_len, add, add_len, - input, output, tag_len, check_tag ) ) != 0 ) - { - return( ret ); + GCM_VALIDATE_RET(ctx != NULL); + GCM_VALIDATE_RET(iv != NULL); + GCM_VALIDATE_RET(add_len == 0 || add != NULL); + GCM_VALIDATE_RET(tag != NULL); + GCM_VALIDATE_RET(length == 0 || input != NULL); + GCM_VALIDATE_RET(length == 0 || output != NULL); + + if ((ret = mbedtls_gcm_crypt_and_tag(ctx, MBEDTLS_GCM_DECRYPT, length, + iv, iv_len, add, add_len, + input, output, tag_len, check_tag)) != 0) { + return ret; } /* Check tag in "constant-time" */ - for( diff = 0, i = 0; i < tag_len; i++ ) - diff |= tag[i] ^ check_tag[i]; + diff = mbedtls_ct_memcmp(tag, check_tag, tag_len); - if( diff != 0 ) - { - mbedtls_platform_zeroize( output, length ); - return( MBEDTLS_ERR_GCM_AUTH_FAILED ); + if (diff != 0) { + mbedtls_platform_zeroize(output, length); + return MBEDTLS_ERR_GCM_AUTH_FAILED; } - return( 0 ); + return 0; } -void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) +void mbedtls_gcm_free(mbedtls_gcm_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) ); + } + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context)); } #endif /* !MBEDTLS_GCM_ALT */ @@ -533,7 +513,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) #define MAX_TESTS 6 static const int key_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 1 }; +{ 0, 0, 1, 1, 1, 1 }; static const unsigned char key_test_data[MAX_TESTS][32] = { @@ -548,10 +528,10 @@ static const unsigned char key_test_data[MAX_TESTS][32] = }; static const size_t iv_len_test_data[MAX_TESTS] = - { 12, 12, 12, 12, 8, 60 }; +{ 12, 12, 12, 12, 8, 60 }; static const int iv_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 2 }; +{ 0, 0, 1, 1, 1, 2 }; static const unsigned char iv_test_data[MAX_TESTS][64] = { @@ -570,10 +550,10 @@ static const unsigned char iv_test_data[MAX_TESTS][64] = }; static const size_t add_len_test_data[MAX_TESTS] = - { 0, 0, 0, 20, 20, 20 }; +{ 0, 0, 0, 20, 20, 20 }; static const int add_index_test_data[MAX_TESTS] = - { 0, 0, 0, 1, 1, 1 }; +{ 0, 0, 0, 1, 1, 1 }; static const unsigned char additional_test_data[MAX_TESTS][64] = { @@ -584,10 +564,10 @@ static const unsigned char additional_test_data[MAX_TESTS][64] = }; static const size_t pt_len_test_data[MAX_TESTS] = - { 0, 16, 64, 60, 60, 60 }; +{ 0, 16, 64, 60, 60, 60 }; static const int pt_index_test_data[MAX_TESTS] = - { 0, 0, 1, 1, 1, 1 }; +{ 0, 0, 1, 1, 1, 1 }; static const unsigned char pt_test_data[MAX_TESTS][64] = { @@ -752,7 +732,7 @@ static const unsigned char tag_test_data[MAX_TESTS * 3][16] = 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, }; -int mbedtls_gcm_self_test( int verbose ) +int mbedtls_gcm_self_test(int verbose) { mbedtls_gcm_context ctx; unsigned char buf[64]; @@ -760,242 +740,271 @@ int mbedtls_gcm_self_test( int verbose ) int i, j, ret; mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; - for( j = 0; j < 3; j++ ) - { + if (verbose != 0) { +#if defined(MBEDTLS_GCM_ALT) + mbedtls_printf(" GCM note: alternative implementation.\n"); +#else /* MBEDTLS_GCM_ALT */ +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { + mbedtls_printf(" GCM note: using AESNI via "); +#if MBEDTLS_AESNI_HAVE_CODE == 1 + mbedtls_printf("assembly"); +#elif MBEDTLS_AESNI_HAVE_CODE == 2 + mbedtls_printf("intrinsics"); +#else + mbedtls_printf("(unknown)"); +#endif + mbedtls_printf(".\n"); + } else +#endif + mbedtls_printf(" GCM note: built-in implementation.\n"); +#endif /* MBEDTLS_GCM_ALT */ + } + + for (j = 0; j < 3; j++) { int key_len = 128 + 64 * j; - for( i = 0; i < MAX_TESTS; i++ ) - { - mbedtls_gcm_init( &ctx ); + for (i = 0; i < MAX_TESTS; i++) { + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d (%s): ", - key_len, i, "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d (%s): ", + key_len, i, "enc"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); /* * AES-192 is an optional feature that may be unavailable when * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192) { + mbedtls_printf("skipped\n"); break; - } - else if( ret != 0 ) - { + } else if (ret != 0) { goto exit; } - ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, - pt_len_test_data[i], - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i], - pt_test_data[pt_index_test_data[i]], - buf, 16, tag_buf ); + ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, + pt_len_test_data[i], + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i], + pt_test_data[pt_index_test_data[i]], + buf, 16, tag_buf); #if defined(MBEDTLS_GCM_ALT) /* Allow alternative implementations to only support 12-byte nonces. */ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && - iv_len_test_data[i] != 12 ) - { - mbedtls_printf( "skipped\n" ); + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && + iv_len_test_data[i] != 12) { + mbedtls_printf("skipped\n"); break; } #endif /* defined(MBEDTLS_GCM_ALT) */ - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if ( memcmp( buf, ct_test_data[j * 6 + i], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, ct_test_data[j * 6 + i], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d (%s): ", - key_len, i, "dec" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d (%s): ", + key_len, i, "dec"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT, - pt_len_test_data[i], - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i], - ct_test_data[j * 6 + i], buf, 16, tag_buf ); + ret = mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_DECRYPT, + pt_len_test_data[i], + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i], + ct_test_data[j * 6 + i], buf, 16, tag_buf); - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( memcmp( buf, pt_test_data[pt_index_test_data[i]], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, pt_test_data[pt_index_test_data[i]], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", - key_len, i, "enc" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d split (%s): ", + key_len, i, "enc"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i] ); - if( ret != 0 ) + ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_ENCRYPT, + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i]); + if (ret != 0) { goto exit; + } - if( pt_len_test_data[i] > 32 ) - { + if (pt_len_test_data[i] > 32) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, - pt_test_data[pt_index_test_data[i]], - buf ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, 32, + pt_test_data[pt_index_test_data[i]], + buf); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_update( &ctx, rest_len, - pt_test_data[pt_index_test_data[i]] + 32, - buf + 32 ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, rest_len, + pt_test_data[pt_index_test_data[i]] + 32, + buf + 32); + if (ret != 0) { goto exit; - } - else - { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], - pt_test_data[pt_index_test_data[i]], - buf ); - if( ret != 0 ) + } + } else { + ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i], + pt_test_data[pt_index_test_data[i]], + buf); + if (ret != 0) { goto exit; + } } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); - if( ret != 0 ) + ret = mbedtls_gcm_finish(&ctx, tag_buf, 16); + if (ret != 0) { goto exit; + } - if( memcmp( buf, ct_test_data[j * 6 + i], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, ct_test_data[j * 6 + i], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - if( verbose != 0 ) - mbedtls_printf( " AES-GCM-%3d #%d split (%s): ", - key_len, i, "dec" ); + if (verbose != 0) { + mbedtls_printf(" AES-GCM-%3d #%d split (%s): ", + key_len, i, "dec"); + } - ret = mbedtls_gcm_setkey( &ctx, cipher, - key_test_data[key_index_test_data[i]], - key_len ); - if( ret != 0 ) + ret = mbedtls_gcm_setkey(&ctx, cipher, + key_test_data[key_index_test_data[i]], + key_len); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i] ); - if( ret != 0 ) + ret = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i], + additional_test_data[add_index_test_data[i]], + add_len_test_data[i]); + if (ret != 0) { goto exit; + } - if( pt_len_test_data[i] > 32 ) - { + if (pt_len_test_data[i] > 32) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i], - buf ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, 32, ct_test_data[j * 6 + i], + buf); + if (ret != 0) { goto exit; + } - ret = mbedtls_gcm_update( &ctx, rest_len, - ct_test_data[j * 6 + i] + 32, - buf + 32 ); - if( ret != 0 ) + ret = mbedtls_gcm_update(&ctx, rest_len, + ct_test_data[j * 6 + i] + 32, + buf + 32); + if (ret != 0) { goto exit; - } - else - { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], - ct_test_data[j * 6 + i], - buf ); - if( ret != 0 ) + } + } else { + ret = mbedtls_gcm_update(&ctx, pt_len_test_data[i], + ct_test_data[j * 6 + i], + buf); + if (ret != 0) { goto exit; + } } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); - if( ret != 0 ) + ret = mbedtls_gcm_finish(&ctx, tag_buf, 16); + if (ret != 0) { goto exit; + } - if( memcmp( buf, pt_test_data[pt_index_test_data[i]], - pt_len_test_data[i] ) != 0 || - memcmp( tag_buf, tag_test_data[j * 6 + i], 16 ) != 0 ) - { + if (memcmp(buf, pt_test_data[pt_index_test_data[i]], + pt_len_test_data[i]) != 0 || + memcmp(tag_buf, tag_test_data[j * 6 + i], 16) != 0) { ret = 1; goto exit; } - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } ret = 0; exit: - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); - mbedtls_gcm_free( &ctx ); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + mbedtls_gcm_free(&ctx); } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/third_party/mbedtls/repo/library/havege.c b/third_party/mbedtls/repo/library/havege.c index 2a360a150ce..3d1f6f48cef 100644 --- a/third_party/mbedtls/repo/library/havege.c +++ b/third_party/mbedtls/repo/library/havege.c @@ -2,19 +2,7 @@ * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The HAVEGE RNG was designed by Andre Seznec in 2002. @@ -49,10 +37,10 @@ * ------------------------------------------------------------------------ */ -#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; } +#define SWAP(X, Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; } -#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; -#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; +#define TST1_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1; +#define TST2_ENTER if (PTEST & 1) { PTEST ^= 3; PTEST >>= 1; #define TST1_LEAVE U1++; } #define TST2_LEAVE U2++; } @@ -69,14 +57,14 @@ TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ \ - PTX = (PT1 >> 18) & 7; \ + PTX = (PT1 >> 18) & 7; \ PT1 &= 0x1FFF; \ PT2 &= 0x1FFF; \ CLK = (uint32_t) mbedtls_timing_hardclock(); \ \ i = 0; \ - A = &WALK[PT1 ]; RES[i++] ^= *A; \ - B = &WALK[PT2 ]; RES[i++] ^= *B; \ + A = &WALK[PT1]; RES[i++] ^= *A; \ + B = &WALK[PT2]; RES[i++] ^= *B; \ C = &WALK[PT1 ^ 1]; RES[i++] ^= *C; \ D = &WALK[PT2 ^ 4]; RES[i++] ^= *D; \ \ @@ -91,7 +79,7 @@ C = &WALK[PT1 ^ 3]; RES[i++] ^= *C; \ D = &WALK[PT2 ^ 6]; RES[i++] ^= *D; \ \ - if( PTEST & 1 ) SWAP( A, C ); \ + if (PTEST & 1) SWAP(A, C); \ \ IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ @@ -116,7 +104,7 @@ TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ \ - C = &WALK[PT1 ^ 5]; \ + C = &WALK[PT1 ^ 5]; \ D = &WALK[PT2 ^ 5]; \ \ RES[i++] ^= *A; \ @@ -124,7 +112,7 @@ RES[i++] ^= *C; \ RES[i++] ^= *D; \ \ - IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK; \ + IN = (*A >> (9)) ^ (*A << (23)) ^ CLK; \ *A = (*B >> (10)) ^ (*B << (22)) ^ CLK; \ *B = IN ^ U2; \ *C = (*C >> (11)) ^ (*C << (21)) ^ CLK; \ @@ -141,17 +129,17 @@ *C = (*C >> (15)) ^ (*C << (17)) ^ CLK; \ *D = (*D >> (16)) ^ (*D << (16)) ^ CLK; \ \ - PT1 = ( RES[( i - 8 ) ^ PTX] ^ \ - WALK[PT1 ^ PTX ^ 7] ) & (~1); \ + PT1 = (RES[(i - 8) ^ PTX] ^ \ + WALK[PT1 ^ PTX ^ 7]) & (~1); \ PT1 ^= (PT2 ^ 0x10) & 0x10; \ \ - for( n++, i = 0; i < 16; i++ ) \ - hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i]; + for (n++, i = 0; i < 16; i++) \ + hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i]; /* * Entropy gathering function */ -static void havege_fill( mbedtls_havege_state *hs ) +static void havege_fill(mbedtls_havege_state *hs) { size_t n = 0; size_t i; @@ -166,16 +154,15 @@ static void havege_fill( mbedtls_havege_state *hs ) PTX = U1 = 0; PTY = U2 = 0; - (void)PTX; + (void) PTX; - memset( RES, 0, sizeof( RES ) ); + memset(RES, 0, sizeof(RES)); - while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 ) - { - ONE_ITERATION + while (n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4) { ONE_ITERATION ONE_ITERATION ONE_ITERATION + ONE_ITERATION } hs->PT1 = PT1; @@ -188,50 +175,52 @@ static void havege_fill( mbedtls_havege_state *hs ) /* * HAVEGE initialization */ -void mbedtls_havege_init( mbedtls_havege_state *hs ) +void mbedtls_havege_init(mbedtls_havege_state *hs) { - memset( hs, 0, sizeof( mbedtls_havege_state ) ); + memset(hs, 0, sizeof(mbedtls_havege_state)); - havege_fill( hs ); + havege_fill(hs); } -void mbedtls_havege_free( mbedtls_havege_state *hs ) +void mbedtls_havege_free(mbedtls_havege_state *hs) { - if( hs == NULL ) + if (hs == NULL) { return; + } - mbedtls_platform_zeroize( hs, sizeof( mbedtls_havege_state ) ); + mbedtls_platform_zeroize(hs, sizeof(mbedtls_havege_state)); } /* * HAVEGE rand function */ -int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len ) +int mbedtls_havege_random(void *p_rng, unsigned char *buf, size_t len) { uint32_t val; size_t use_len; mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng; unsigned char *p = buf; - while( len > 0 ) - { + while (len > 0) { use_len = len; - if( use_len > sizeof( val ) ) - use_len = sizeof( val ); + if (use_len > sizeof(val)) { + use_len = sizeof(val); + } - if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE ) - havege_fill( hs ); + if (hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE) { + havege_fill(hs); + } val = hs->pool[hs->offset[0]++]; val ^= hs->pool[hs->offset[1]++]; - memcpy( p, &val, use_len ); + memcpy(p, &val, use_len); len -= use_len; p += use_len; } - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVEGE_C */ diff --git a/third_party/mbedtls/repo/library/hkdf.c b/third_party/mbedtls/repo/library/hkdf.c index 5013729d2a6..631ac24e530 100644 --- a/third_party/mbedtls/repo/library/hkdf.c +++ b/third_party/mbedtls/repo/library/hkdf.c @@ -2,19 +2,7 @@ * HKDF implementation -- RFC 5869 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -25,47 +13,43 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, - size_t salt_len, const unsigned char *ikm, size_t ikm_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len ) +int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt, + size_t salt_len, const unsigned char *ikm, size_t ikm_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char prk[MBEDTLS_MD_MAX_SIZE]; - ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, prk ); + ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, prk); - if( ret == 0 ) - { - ret = mbedtls_hkdf_expand( md, prk, mbedtls_md_get_size( md ), - info, info_len, okm, okm_len ); + if (ret == 0) { + ret = mbedtls_hkdf_expand(md, prk, mbedtls_md_get_size(md), + info, info_len, okm, okm_len); } - mbedtls_platform_zeroize( prk, sizeof( prk ) ); + mbedtls_platform_zeroize(prk, sizeof(prk)); - return( ret ); + return ret; } -int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk ) +int mbedtls_hkdf_extract(const mbedtls_md_info_t *md, + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk) { unsigned char null_salt[MBEDTLS_MD_MAX_SIZE] = { '\0' }; - if( salt == NULL ) - { + if (salt == NULL) { size_t hash_len; - if( salt_len != 0 ) - { + if (salt_len != 0) { return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - hash_len = mbedtls_md_get_size( md ); + hash_len = mbedtls_md_get_size(md); - if( hash_len == 0 ) - { + if (hash_len == 0) { return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } @@ -73,12 +57,12 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, salt_len = hash_len; } - return( mbedtls_md_hmac( md, salt, salt_len, ikm, ikm_len, prk ) ); + return mbedtls_md_hmac(md, salt, salt_len, ikm, ikm_len, prk); } -int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, - size_t prk_len, const unsigned char *info, - size_t info_len, unsigned char *okm, size_t okm_len ) +int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk, + size_t prk_len, const unsigned char *info, + size_t info_len, unsigned char *okm, size_t okm_len) { size_t hash_len; size_t where = 0; @@ -89,28 +73,24 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, mbedtls_md_context_t ctx; unsigned char t[MBEDTLS_MD_MAX_SIZE]; - if( okm == NULL ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (okm == NULL) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - hash_len = mbedtls_md_get_size( md ); + hash_len = mbedtls_md_get_size(md); - if( prk_len < hash_len || hash_len == 0 ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (prk_len < hash_len || hash_len == 0) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - if( info == NULL ) - { + if (info == NULL) { info = (const unsigned char *) ""; info_len = 0; } n = okm_len / hash_len; - if( okm_len % hash_len != 0 ) - { + if (okm_len % hash_len != 0) { n++; } @@ -118,72 +98,64 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk, * Per RFC 5869 Section 2.3, okm_len must not exceed * 255 times the hash length */ - if( n > 255 ) - { - return( MBEDTLS_ERR_HKDF_BAD_INPUT_DATA ); + if (n > 255) { + return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA; } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&ctx, md, 1)) != 0) { goto exit; } - memset( t, 0, hash_len ); + memset(t, 0, hash_len); /* * Compute T = T(1) | T(2) | T(3) | ... | T(N) * Where T(N) is defined in RFC 5869 Section 2.3 */ - for( i = 1; i <= n; i++ ) - { + for (i = 1; i <= n; i++) { size_t num_to_copy; unsigned char c = i & 0xff; - ret = mbedtls_md_hmac_starts( &ctx, prk, prk_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_starts(&ctx, prk, prk_len); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_update( &ctx, t, t_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, t, t_len); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_update( &ctx, info, info_len ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, info, info_len); + if (ret != 0) { goto exit; } /* The constant concatenated to the end of each T(n) is a single octet. * */ - ret = mbedtls_md_hmac_update( &ctx, &c, 1 ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_update(&ctx, &c, 1); + if (ret != 0) { goto exit; } - ret = mbedtls_md_hmac_finish( &ctx, t ); - if( ret != 0 ) - { + ret = mbedtls_md_hmac_finish(&ctx, t); + if (ret != 0) { goto exit; } num_to_copy = i != n ? hash_len : okm_len - where; - memcpy( okm + where, t, num_to_copy ); + memcpy(okm + where, t, num_to_copy); where += hash_len; t_len = hash_len; } exit: - mbedtls_md_free( &ctx ); - mbedtls_platform_zeroize( t, sizeof( t ) ); + mbedtls_md_free(&ctx); + mbedtls_platform_zeroize(t, sizeof(t)); - return( ret ); + return ret; } #endif /* MBEDTLS_HKDF_C */ diff --git a/third_party/mbedtls/repo/library/hmac_drbg.c b/third_party/mbedtls/repo/library/hmac_drbg.c index de9706885ca..ee8f8e33253 100644 --- a/third_party/mbedtls/repo/library/hmac_drbg.c +++ b/third_party/mbedtls/repo/library/hmac_drbg.c @@ -2,19 +2,7 @@ * HMAC_DRBG implementation (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -37,21 +25,14 @@ #include #endif -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_SELF_TEST */ -#endif /* MBEDTLS_PLATFORM_C */ /* * HMAC_DRBG context initialization */ -void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) +void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) ); + memset(ctx, 0, sizeof(mbedtls_hmac_drbg_context)); ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; } @@ -59,74 +40,81 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) /* * HMAC_DRBG update, using optional additional data (10.1.2.2) */ -int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); - unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; + size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info); + unsigned char rounds = (additional != NULL && add_len != 0) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; int ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA; - for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) - { + for (sep[0] = 0; sep[0] < rounds; sep[0]++) { /* Step 1 or 4 */ - if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) - goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - sep, 1 ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( rounds == 2 ) - { - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - additional, add_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + sep, 1)) != 0) { goto exit; } - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 ) + if (rounds == 2) { + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + additional, add_len)) != 0) { + goto exit; + } + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, K)) != 0) { goto exit; + } /* Step 2 or 5 */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 ) + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, K, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) { goto exit; + } } exit: - mbedtls_platform_zeroize( K, sizeof( K ) ); - return( ret ); + mbedtls_platform_zeroize(K, sizeof(K)); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, - size_t add_len ) +void mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len) { - (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); + (void) mbedtls_hmac_drbg_update_ret(ctx, additional, add_len); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ -int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - const unsigned char *data, size_t data_len ) +int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + const unsigned char *data, size_t data_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) { + return ret; + } #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif /* @@ -134,15 +122,17 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, - mbedtls_md_get_size( md_info ) ) ) != 0 ) - return( ret ); - memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V, + mbedtls_md_get_size(md_info))) != 0) { + return ret; + } + memset(ctx->V, 0x01, mbedtls_md_get_size(md_info)); - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, data, data_len)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -150,9 +140,9 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * Comments starting with arabic numbers refer to section 10.1.2.4 * of SP800-90A, while roman numbers refer to section 9.2. */ -static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len, - int use_nonce ) +static int hmac_drbg_reseed_core(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len, + int use_nonce) { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen = 0; @@ -161,33 +151,31 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, { size_t total_entropy_len; - if( use_nonce == 0 ) + if (use_nonce == 0) { total_entropy_len = ctx->entropy_len; - else + } else { total_entropy_len = ctx->entropy_len * 3 / 2; + } /* III. Check input length */ - if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || - total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ) - { - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + if (len > MBEDTLS_HMAC_DRBG_MAX_INPUT || + total_entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) { + return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; } } - memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); + memset(seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT); /* IV. Gather entropy_len bytes of entropy for the seed */ - if( ( ret = ctx->f_entropy( ctx->p_entropy, - seed, ctx->entropy_len ) ) != 0 ) - { - return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + if ((ret = ctx->f_entropy(ctx->p_entropy, + seed, ctx->entropy_len)) != 0) { + return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len; /* For initial seeding, allow adding of nonce generated * from the entropy source. See Sect 8.6.7 in SP800-90A. */ - if( use_nonce ) - { + if (use_nonce) { /* Note: We don't merge the two calls to f_entropy() in order * to avoid requesting too much entropy from f_entropy() * at once. Specifically, if the underlying digest is not @@ -195,11 +183,10 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, * is larger than the maximum of 32 Bytes that our own * entropy source implementation can emit in a single * call in configurations disabling SHA-512. */ - if( ( ret = ctx->f_entropy( ctx->p_entropy, - seed + seedlen, - ctx->entropy_len / 2 ) ) != 0 ) - { - return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); + if ((ret = ctx->f_entropy(ctx->p_entropy, + seed + seedlen, + ctx->entropy_len / 2)) != 0) { + return MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED; } seedlen += ctx->entropy_len / 2; @@ -207,32 +194,32 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, /* 1. Concatenate entropy and additional data if any */ - if( additional != NULL && len != 0 ) - { - memcpy( seed + seedlen, additional, len ); + if (additional != NULL && len != 0) { + memcpy(seed + seedlen, additional, len); seedlen += len; } /* 2. Update state */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, seed, seedlen)) != 0) { goto exit; + } /* 3. Reset reseed_counter */ ctx->reseed_counter = 1; exit: /* 4. Done */ - mbedtls_platform_zeroize( seed, seedlen ); - return( ret ); + mbedtls_platform_zeroize(seed, seedlen); + return ret; } /* * HMAC_DRBG reseeding: 10.1.2.4 + 9.2 */ -int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t len ) +int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t len) { - return( hmac_drbg_reseed_core( ctx, additional, len, 0 ) ); + return hmac_drbg_reseed_core(ctx, additional, len, 0); } /* @@ -241,40 +228,41 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, * The nonce is not passed as a separate parameter but extracted * from the entropy source as suggested in 8.6.7. */ -int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - const mbedtls_md_info_t * md_info, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) +int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, + const mbedtls_md_info_t *md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t md_size; - if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md_setup(&ctx->md_ctx, md_info, 1)) != 0) { + return ret; + } /* The mutex is initialized iff the md context is set up. */ #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif - md_size = mbedtls_md_get_size( md_info ); + md_size = mbedtls_md_get_size(md_info); /* * Set initial working state. * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ) ) != 0 ) - return( ret ); - memset( ctx->V, 0x01, md_size ); + if ((ret = mbedtls_md_hmac_starts(&ctx->md_ctx, ctx->V, md_size)) != 0) { + return ret; + } + memset(ctx->V, 0x01, md_size); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; - if( ctx->entropy_len == 0 ) - { + if (ctx->entropy_len == 0) { /* * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by * each hash function, then according to SP800-90A rev1 10.1 table 2, @@ -287,20 +275,19 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, 32; /* better (256+) -> 256 bits */ } - if( ( ret = hmac_drbg_reseed_core( ctx, custom, len, - 1 /* add nonce */ ) ) != 0 ) - { - return( ret ); + if ((ret = hmac_drbg_reseed_core(ctx, custom, len, + 1 /* add nonce */)) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Set prediction resistance */ -void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx, - int resistance ) +void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, + int resistance) { ctx->prediction_resistance = resistance; } @@ -308,7 +295,7 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx /* * Set entropy length grabbed for seeding */ -void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len ) +void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len) { ctx->entropy_len = len; } @@ -316,7 +303,7 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t l /* * Set reseed interval */ -void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval ) +void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval) { ctx->reseed_interval = interval; } @@ -325,131 +312,141 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int * HMAC_DRBG random function with optional additional data: * 10.1.2.5 (arabic) + 9.3 (Roman) */ -int mbedtls_hmac_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t out_len, - const unsigned char *additional, size_t add_len ) +int mbedtls_hmac_drbg_random_with_add(void *p_rng, + unsigned char *output, size_t out_len, + const unsigned char *additional, size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; - size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); + size_t md_len = mbedtls_md_get_size(ctx->md_ctx.md_info); size_t left = out_len; unsigned char *out = output; /* II. Check request length */ - if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST ) - return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG ); + if (out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST) { + return MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG; + } /* III. Check input length */ - if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT ) - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + if (add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT) { + return MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; + } /* 1. (aka VII and IX) Check reseed counter and PR */ - if( ctx->f_entropy != NULL && /* For no-reseeding instances */ - ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON || - ctx->reseed_counter > ctx->reseed_interval ) ) - { - if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 ) - return( ret ); + if (ctx->f_entropy != NULL && /* For no-reseeding instances */ + (ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON || + ctx->reseed_counter > ctx->reseed_interval)) { + if ((ret = mbedtls_hmac_drbg_reseed(ctx, additional, add_len)) != 0) { + return ret; + } add_len = 0; /* VII.4 */ } /* 2. Use additional data if any */ - if( additional != NULL && add_len != 0 ) - { - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, - additional, add_len ) ) != 0 ) + if (additional != NULL && add_len != 0) { + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, + additional, add_len)) != 0) { goto exit; + } } /* 3, 4, 5. Generate bytes */ - while( left != 0 ) - { + while (left != 0) { size_t use_len = left > md_len ? md_len : left; - if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(&ctx->md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, - ctx->V, md_len ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx->md_ctx, + ctx->V, md_len)) != 0) { goto exit; - if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx->md_ctx, ctx->V)) != 0) { goto exit; + } - memcpy( out, ctx->V, use_len ); + memcpy(out, ctx->V, use_len); out += use_len; left -= use_len; } /* 6. Update */ - if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, - additional, add_len ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_update_ret(ctx, + additional, add_len)) != 0) { goto exit; + } /* 7. Update reseed counter */ ctx->reseed_counter++; exit: /* 8. Done */ - return( ret ); + return ret; } /* * HMAC_DRBG random function */ -int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) +int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - ret = mbedtls_hmac_drbg_random_with_add( ctx, output, out_len, NULL, 0 ); + ret = mbedtls_hmac_drbg_random_with_add(ctx, output, out_len, NULL, 0); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * This function resets HMAC_DRBG context to the state immediately * after initial call of mbedtls_hmac_drbg_init(). */ -void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) +void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } #if defined(MBEDTLS_THREADING_C) /* The mutex is initialized iff the md context is set up. */ - if( ctx->md_ctx.md_info != NULL ) - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->md_ctx.md_info != NULL) { + mbedtls_mutex_free(&ctx->mutex); + } #endif - mbedtls_md_free( &ctx->md_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) ); + mbedtls_md_free(&ctx->md_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_hmac_drbg_context)); ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL; } #if defined(MBEDTLS_FS_IO) -int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) +int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; - unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT]; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "wb")) == NULL) { + return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; + } - if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = mbedtls_hmac_drbg_random(ctx, buf, sizeof(buf))) != 0) { goto exit; + } - if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) ) - { + if (fwrite(buf, 1, sizeof(buf), f) != sizeof(buf)) { ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; goto exit; } @@ -457,46 +454,47 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha ret = 0; exit: - fclose( f ); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + fclose(f); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } -int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) +int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path) { int ret = 0; FILE *f = NULL; size_t n; - unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; + unsigned char buf[MBEDTLS_HMAC_DRBG_MAX_INPUT]; unsigned char c; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; + } - n = fread( buf, 1, sizeof( buf ), f ); - if( fread( &c, 1, 1, f ) != 0 ) - { + n = fread(buf, 1, sizeof(buf), f); + if (fread(&c, 1, 1, f) != 0) { ret = MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; goto exit; } - if( n == 0 || ferror( f ) ) - { + if (n == 0 || ferror(f)) { ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; goto exit; } - fclose( f ); + fclose(f); f = NULL; - ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n ); + ret = mbedtls_hmac_drbg_update_ret(ctx, buf, n); exit: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - if( f != NULL ) - fclose( f ); - if( ret != 0 ) - return( ret ); - return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + if (f != NULL) { + fclose(f); + } + if (ret != 0) { + return ret; + } + return mbedtls_hmac_drbg_write_seed_file(ctx, path); } #endif /* MBEDTLS_FS_IO */ @@ -505,10 +503,10 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch #if !defined(MBEDTLS_SHA1_C) /* Dummy checkup routine */ -int mbedtls_hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test(int verbose) { (void) verbose; - return( 0 ); + return 0; } #else @@ -520,7 +518,8 @@ static const unsigned char entropy_pr[] = { 0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11, 0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42, 0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3, - 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 }; + 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 +}; static const unsigned char result_pr[OUTPUT_LEN] = { 0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39, 0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94, @@ -528,14 +527,16 @@ static const unsigned char result_pr[OUTPUT_LEN] = { 0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e, 0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab, 0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3, - 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 }; + 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 +}; /* From a NIST PR=false test vector */ static const unsigned char entropy_nopr[] = { 0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66, 0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8, 0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3, - 0xe9, 0x9d, 0xfe, 0xdf }; + 0xe9, 0x9d, 0xfe, 0xdf +}; static const unsigned char result_nopr[OUTPUT_LEN] = { 0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f, 0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6, @@ -543,85 +544,91 @@ static const unsigned char result_nopr[OUTPUT_LEN] = { 0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec, 0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd, 0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49, - 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 }; + 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 +}; /* "Entropy" from buffer */ static size_t test_offset; -static int hmac_drbg_self_test_entropy( void *data, - unsigned char *buf, size_t len ) +static int hmac_drbg_self_test_entropy(void *data, + unsigned char *buf, size_t len) { const unsigned char *p = data; - memcpy( buf, p + test_offset, len ); + memcpy(buf, p + test_offset, len); test_offset += len; - return( 0 ); + return 0; } -#define CHK( c ) if( (c) != 0 ) \ - { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ - return( 1 ); \ - } +#define CHK(c) if ((c) != 0) \ + { \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ + return 1; \ + } /* * Checkup routine for HMAC_DRBG with SHA-1 */ -int mbedtls_hmac_drbg_self_test( int verbose ) +int mbedtls_hmac_drbg_self_test(int verbose) { mbedtls_hmac_drbg_context ctx; unsigned char buf[OUTPUT_LEN]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); /* * PR = True */ - if( verbose != 0 ) - mbedtls_printf( " HMAC_DRBG (PR = True) : " ); + if (verbose != 0) { + mbedtls_printf(" HMAC_DRBG (PR = True) : "); + } test_offset = 0; - CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, - hmac_drbg_self_test_entropy, (void *) entropy_pr, - NULL, 0 ) ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( memcmp( buf, result_pr, OUTPUT_LEN ) ); - mbedtls_hmac_drbg_free( &ctx ); - - mbedtls_hmac_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + CHK(mbedtls_hmac_drbg_seed(&ctx, md_info, + hmac_drbg_self_test_entropy, (void *) entropy_pr, + NULL, 0)); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(memcmp(buf, result_pr, OUTPUT_LEN)); + mbedtls_hmac_drbg_free(&ctx); + + mbedtls_hmac_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } /* * PR = False */ - if( verbose != 0 ) - mbedtls_printf( " HMAC_DRBG (PR = False) : " ); + if (verbose != 0) { + mbedtls_printf(" HMAC_DRBG (PR = False) : "); + } - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); test_offset = 0; - CHK( mbedtls_hmac_drbg_seed( &ctx, md_info, - hmac_drbg_self_test_entropy, (void *) entropy_nopr, - NULL, 0 ) ); - CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); - CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) ); - mbedtls_hmac_drbg_free( &ctx ); - - mbedtls_hmac_drbg_free( &ctx ); - - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + CHK(mbedtls_hmac_drbg_seed(&ctx, md_info, + hmac_drbg_self_test_entropy, (void *) entropy_nopr, + NULL, 0)); + CHK(mbedtls_hmac_drbg_reseed(&ctx, NULL, 0)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(mbedtls_hmac_drbg_random(&ctx, buf, OUTPUT_LEN)); + CHK(memcmp(buf, result_nopr, OUTPUT_LEN)); + mbedtls_hmac_drbg_free(&ctx); + + mbedtls_hmac_drbg_free(&ctx); + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SHA1_C */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/md.c b/third_party/mbedtls/repo/library/md.c index a10a8356347..3e4a1c10a35 100644 --- a/third_party/mbedtls/repo/library/md.c +++ b/third_party/mbedtls/repo/library/md.c @@ -1,24 +1,12 @@ /** * \file md.c * - * \brief Generic message digest wrapper for mbed TLS + * \brief Generic message digest wrapper for Mbed TLS * * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -38,13 +26,7 @@ #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include @@ -137,174 +119,182 @@ const mbedtls_md_info_t mbedtls_sha512_info = { static const int supported_digests[] = { #if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, + MBEDTLS_MD_SHA512, #if !defined(MBEDTLS_SHA512_NO_SHA384) - MBEDTLS_MD_SHA384, + MBEDTLS_MD_SHA384, #endif #endif #if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, - MBEDTLS_MD_SHA224, + MBEDTLS_MD_SHA256, + MBEDTLS_MD_SHA224, #endif #if defined(MBEDTLS_SHA1_C) - MBEDTLS_MD_SHA1, + MBEDTLS_MD_SHA1, #endif #if defined(MBEDTLS_RIPEMD160_C) - MBEDTLS_MD_RIPEMD160, + MBEDTLS_MD_RIPEMD160, #endif #if defined(MBEDTLS_MD5_C) - MBEDTLS_MD_MD5, + MBEDTLS_MD_MD5, #endif #if defined(MBEDTLS_MD4_C) - MBEDTLS_MD_MD4, + MBEDTLS_MD_MD4, #endif #if defined(MBEDTLS_MD2_C) - MBEDTLS_MD_MD2, + MBEDTLS_MD_MD2, #endif - MBEDTLS_MD_NONE + MBEDTLS_MD_NONE }; -const int *mbedtls_md_list( void ) +const int *mbedtls_md_list(void) { - return( supported_digests ); + return supported_digests; } -const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name) { - if( NULL == md_name ) - return( NULL ); + if (NULL == md_name) { + return NULL; + } /* Get the appropriate digest information */ #if defined(MBEDTLS_MD2_C) - if( !strcmp( "MD2", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 ); + if (!strcmp("MD2", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD2); + } #endif #if defined(MBEDTLS_MD4_C) - if( !strcmp( "MD4", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 ); + if (!strcmp("MD4", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD4); + } #endif #if defined(MBEDTLS_MD5_C) - if( !strcmp( "MD5", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ); + if (!strcmp("MD5", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_MD5); + } #endif #if defined(MBEDTLS_RIPEMD160_C) - if( !strcmp( "RIPEMD160", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 ); + if (!strcmp("RIPEMD160", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160); + } #endif #if defined(MBEDTLS_SHA1_C) - if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); + if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + } #endif #if defined(MBEDTLS_SHA256_C) - if( !strcmp( "SHA224", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 ); - if( !strcmp( "SHA256", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); + if (!strcmp("SHA224", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224); + } + if (!strcmp("SHA256", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); + } #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) - if( !strcmp( "SHA384", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); + if (!strcmp("SHA384", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); + } #endif - if( !strcmp( "SHA512", md_name ) ) - return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); + if (!strcmp("SHA512", md_name)) { + return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); + } #endif - return( NULL ); + return NULL; } -const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) { - switch( md_type ) - { + switch (md_type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( &mbedtls_md2_info ); + return &mbedtls_md2_info; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( &mbedtls_md4_info ); + return &mbedtls_md4_info; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( &mbedtls_md5_info ); + return &mbedtls_md5_info; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( &mbedtls_ripemd160_info ); + return &mbedtls_ripemd160_info; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( &mbedtls_sha1_info ); + return &mbedtls_sha1_info; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( &mbedtls_sha224_info ); + return &mbedtls_sha224_info; case MBEDTLS_MD_SHA256: - return( &mbedtls_sha256_info ); + return &mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( &mbedtls_sha384_info ); + return &mbedtls_sha384_info; #endif case MBEDTLS_MD_SHA512: - return( &mbedtls_sha512_info ); + return &mbedtls_sha512_info; #endif default: - return( NULL ); + return NULL; } } -void mbedtls_md_init( mbedtls_md_context_t *ctx ) +void mbedtls_md_init(mbedtls_md_context_t *ctx) { - memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); + memset(ctx, 0, sizeof(mbedtls_md_context_t)); } -void mbedtls_md_free( mbedtls_md_context_t *ctx ) +void mbedtls_md_free(mbedtls_md_context_t *ctx) { - if( ctx == NULL || ctx->md_info == NULL ) + if (ctx == NULL || ctx->md_info == NULL) { return; + } - if( ctx->md_ctx != NULL ) - { - switch( ctx->md_info->type ) - { + if (ctx->md_ctx != NULL) { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - mbedtls_md2_free( ctx->md_ctx ); + mbedtls_md2_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - mbedtls_md4_free( ctx->md_ctx ); + mbedtls_md4_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - mbedtls_md5_free( ctx->md_ctx ); + mbedtls_md5_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - mbedtls_ripemd160_free( ctx->md_ctx ); + mbedtls_ripemd160_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - mbedtls_sha1_free( ctx->md_ctx ); + mbedtls_sha1_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - mbedtls_sha256_free( ctx->md_ctx ); + mbedtls_sha256_free(ctx->md_ctx); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -312,67 +302,64 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - mbedtls_sha512_free( ctx->md_ctx ); + mbedtls_sha512_free(ctx->md_ctx); break; #endif default: /* Shouldn't happen */ break; } - mbedtls_free( ctx->md_ctx ); + mbedtls_free(ctx->md_ctx); } - if( ctx->hmac_ctx != NULL ) - { - mbedtls_platform_zeroize( ctx->hmac_ctx, - 2 * ctx->md_info->block_size ); - mbedtls_free( ctx->hmac_ctx ); + if (ctx->hmac_ctx != NULL) { + mbedtls_platform_zeroize(ctx->hmac_ctx, + 2 * ctx->md_info->block_size); + mbedtls_free(ctx->hmac_ctx); } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t)); } -int mbedtls_md_clone( mbedtls_md_context_t *dst, - const mbedtls_md_context_t *src ) +int mbedtls_md_clone(mbedtls_md_context_t *dst, + const mbedtls_md_context_t *src) { - if( dst == NULL || dst->md_info == NULL || + if (dst == NULL || dst->md_info == NULL || src == NULL || src->md_info == NULL || - dst->md_info != src->md_info ) - { - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + dst->md_info != src->md_info) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - switch( src->md_info->type ) - { + switch (src->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - mbedtls_md2_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md2_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - mbedtls_md4_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md4_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - mbedtls_md5_clone( dst->md_ctx, src->md_ctx ); + mbedtls_md5_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - mbedtls_ripemd160_clone( dst->md_ctx, src->md_ctx ); + mbedtls_ripemd160_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - mbedtls_sha1_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha1_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha256_clone(dst->md_ctx, src->md_ctx); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -380,72 +367,72 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); + mbedtls_sha512_clone(dst->md_ctx, src->md_ctx); break; #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - return( 0 ); + return 0; } -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info) { - return mbedtls_md_setup( ctx, md_info, 1 ); + return mbedtls_md_setup(ctx, md_info, 1); } #endif -#define ALLOC( type ) \ +#define ALLOC(type) \ do { \ - ctx->md_ctx = mbedtls_calloc( 1, sizeof( mbedtls_##type##_context ) ); \ - if( ctx->md_ctx == NULL ) \ - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); \ - mbedtls_##type##_init( ctx->md_ctx ); \ + ctx->md_ctx = mbedtls_calloc(1, sizeof(mbedtls_##type##_context)); \ + if (ctx->md_ctx == NULL) \ + return MBEDTLS_ERR_MD_ALLOC_FAILED; \ + mbedtls_##type##_init(ctx->md_ctx); \ } \ - while( 0 ) + while (0) -int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac ) +int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac) { - if( md_info == NULL || ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL || ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } ctx->md_info = md_info; ctx->md_ctx = NULL; ctx->hmac_ctx = NULL; - switch( md_info->type ) - { + switch (md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - ALLOC( md2 ); + ALLOC(md2); break; #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - ALLOC( md4 ); + ALLOC(md4); break; #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - ALLOC( md5 ); + ALLOC(md5); break; #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - ALLOC( ripemd160 ); + ALLOC(ripemd160); break; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - ALLOC( sha1 ); + ALLOC(sha1); break; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - ALLOC( sha256 ); + ALLOC(sha256); break; #endif #if defined(MBEDTLS_SHA512_C) @@ -453,210 +440,208 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - ALLOC( sha512 ); + ALLOC(sha512); break; #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } - if( hmac != 0 ) - { - ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size ); - if( ctx->hmac_ctx == NULL ) - { - mbedtls_md_free( ctx ); - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + if (hmac != 0) { + ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size); + if (ctx->hmac_ctx == NULL) { + mbedtls_md_free(ctx); + return MBEDTLS_ERR_MD_ALLOC_FAILED; } } - return( 0 ); + return 0; } #undef ALLOC -int mbedtls_md_starts( mbedtls_md_context_t *ctx ) +int mbedtls_md_starts(mbedtls_md_context_t *ctx) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_starts_ret( ctx->md_ctx ) ); + return mbedtls_md2_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_starts_ret( ctx->md_ctx ) ); + return mbedtls_md4_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_starts_ret( ctx->md_ctx ) ); + return mbedtls_md5_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) ); + return mbedtls_ripemd160_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_starts_ret( ctx->md_ctx ) ); + return mbedtls_sha1_starts_ret(ctx->md_ctx); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) ); + return mbedtls_sha256_starts_ret(ctx->md_ctx, 1); case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); + return mbedtls_sha256_starts_ret(ctx->md_ctx, 0); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); + return mbedtls_sha512_starts_ret(ctx->md_ctx, 1); #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); + return mbedtls_sha512_starts_ret(ctx->md_ctx, 0); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md2_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md4_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_md5_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_ripemd160_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha1_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha256_update_ret(ctx->md_ctx, input, ilen); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); + return mbedtls_sha512_update_ret(ctx->md_ctx, input, ilen); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) +int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md2_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md4_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_md5_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_ripemd160_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha1_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha256_finish_ret(ctx->md_ctx, output); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); + return mbedtls_sha512_finish_ret(ctx->md_ctx, output); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output) { - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( md_info->type ) - { + switch (md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_md2_ret( input, ilen, output ) ); + return mbedtls_md2_ret(input, ilen, output); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_md4_ret( input, ilen, output ) ); + return mbedtls_md4_ret(input, ilen, output); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_md5_ret( input, ilen, output ) ); + return mbedtls_md5_ret(input, ilen, output); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_ripemd160_ret( input, ilen, output ) ); + return mbedtls_ripemd160_ret(input, ilen, output); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_sha1_ret( input, ilen, output ) ); + return mbedtls_sha1_ret(input, ilen, output); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); + return mbedtls_sha256_ret(input, ilen, output, 1); case MBEDTLS_MD_SHA256: - return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); + return mbedtls_sha256_ret(input, ilen, output, 0); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); + return mbedtls_sha512_ret(input, ilen, output, 1); #endif case MBEDTLS_MD_SHA512: - return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); + return mbedtls_sha512_ret(input, ilen, output, 0); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } #if defined(MBEDTLS_FS_IO) -int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output ) +int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; FILE *f; @@ -664,56 +649,66 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigne mbedtls_md_context_t ctx; unsigned char buf[1024]; - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_MD_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_MD_FILE_IO_ERROR; + } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&ctx)) != 0) { goto cleanup; + } - while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) - if( ( ret = mbedtls_md_update( &ctx, buf, n ) ) != 0 ) + while ((n = fread(buf, 1, sizeof(buf), f)) > 0) { + if ((ret = mbedtls_md_update(&ctx, buf, n)) != 0) { goto cleanup; + } + } - if( ferror( f ) != 0 ) + if (ferror(f) != 0) { ret = MBEDTLS_ERR_MD_FILE_IO_ERROR; - else - ret = mbedtls_md_finish( &ctx, output ); + } else { + ret = mbedtls_md_finish(&ctx, output); + } cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - fclose( f ); - mbedtls_md_free( &ctx ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + fclose(f); + mbedtls_md_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ -int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen ) +int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; unsigned char *ipad, *opad; size_t i; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - if( keylen > (size_t) ctx->md_info->block_size ) - { - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) + if (keylen > (size_t) ctx->md_info->block_size) { + if ((ret = mbedtls_md_starts(ctx)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_update( ctx, key, keylen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(ctx, key, keylen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_finish( ctx, sum ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(ctx, sum)) != 0) { goto cleanup; + } keylen = ctx->md_info->size; key = sum; @@ -722,167 +717,184 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, ipad = (unsigned char *) ctx->hmac_ctx; opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; - memset( ipad, 0x36, ctx->md_info->block_size ); - memset( opad, 0x5C, ctx->md_info->block_size ); + memset(ipad, 0x36, ctx->md_info->block_size); + memset(opad, 0x5C, ctx->md_info->block_size); - for( i = 0; i < keylen; i++ ) - { - ipad[i] = (unsigned char)( ipad[i] ^ key[i] ); - opad[i] = (unsigned char)( opad[i] ^ key[i] ); + for (i = 0; i < keylen; i++) { + ipad[i] = (unsigned char) (ipad[i] ^ key[i]); + opad[i] = (unsigned char) (opad[i] ^ key[i]); } - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(ctx)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_update( ctx, ipad, - ctx->md_info->block_size ) ) != 0 ) + } + if ((ret = mbedtls_md_update(ctx, ipad, + ctx->md_info->block_size)) != 0) { goto cleanup; + } cleanup: - mbedtls_platform_zeroize( sum, sizeof( sum ) ); + mbedtls_platform_zeroize(sum, sizeof(sum)); - return( ret ); + return ret; } -int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen ) +int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen) { - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - return( mbedtls_md_update( ctx, input, ilen ) ); + return mbedtls_md_update(ctx, input, ilen); } -int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output ) +int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; unsigned char *opad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; - if( ( ret = mbedtls_md_finish( ctx, tmp ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_update( ctx, opad, - ctx->md_info->block_size ) ) != 0 ) - return( ret ); - if( ( ret = mbedtls_md_update( ctx, tmp, - ctx->md_info->size ) ) != 0 ) - return( ret ); - return( mbedtls_md_finish( ctx, output ) ); + if ((ret = mbedtls_md_finish(ctx, tmp)) != 0) { + return ret; + } + if ((ret = mbedtls_md_starts(ctx)) != 0) { + return ret; + } + if ((ret = mbedtls_md_update(ctx, opad, + ctx->md_info->block_size)) != 0) { + return ret; + } + if ((ret = mbedtls_md_update(ctx, tmp, + ctx->md_info->size)) != 0) { + return ret; + } + return mbedtls_md_finish(ctx, output); } -int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) +int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ipad; - if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } ipad = (unsigned char *) ctx->hmac_ctx; - if( ( ret = mbedtls_md_starts( ctx ) ) != 0 ) - return( ret ); - return( mbedtls_md_update( ctx, ipad, ctx->md_info->block_size ) ); + if ((ret = mbedtls_md_starts(ctx)) != 0) { + return ret; + } + return mbedtls_md_update(ctx, ipad, ctx->md_info->block_size); } -int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, - const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ) +int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, + const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output) { mbedtls_md_context_t ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&ctx, md_info, 1)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 ) + if ((ret = mbedtls_md_hmac_starts(&ctx, key, keylen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_update(&ctx, input, ilen)) != 0) { goto cleanup; - if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 ) + } + if ((ret = mbedtls_md_hmac_finish(&ctx, output)) != 0) { goto cleanup; + } cleanup: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); - return( ret ); + return ret; } -int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) +int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data) { - if( ctx == NULL || ctx->md_info == NULL ) - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->md_info == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } - switch( ctx->md_info->type ) - { + switch (ctx->md_info->type) { #if defined(MBEDTLS_MD2_C) case MBEDTLS_MD_MD2: - return( mbedtls_internal_md2_process( ctx->md_ctx ) ); + return mbedtls_internal_md2_process(ctx->md_ctx); #endif #if defined(MBEDTLS_MD4_C) case MBEDTLS_MD_MD4: - return( mbedtls_internal_md4_process( ctx->md_ctx, data ) ); + return mbedtls_internal_md4_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( mbedtls_internal_md5_process( ctx->md_ctx, data ) ); + return mbedtls_internal_md5_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_RIPEMD160_C) case MBEDTLS_MD_RIPEMD160: - return( mbedtls_internal_ripemd160_process( ctx->md_ctx, data ) ); + return mbedtls_internal_ripemd160_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha1_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: case MBEDTLS_MD_SHA256: - return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha256_process(ctx->md_ctx, data); #endif #if defined(MBEDTLS_SHA512_C) #if !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: #endif case MBEDTLS_MD_SHA512: - return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); + return mbedtls_internal_sha512_process(ctx->md_ctx, data); #endif default: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } -unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info ) +unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( 0 ); + if (md_info == NULL) { + return 0; + } return md_info->size; } -mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) +mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( MBEDTLS_MD_NONE ); + if (md_info == NULL) { + return MBEDTLS_MD_NONE; + } return md_info->type; } -const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info ) +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info) { - if( md_info == NULL ) - return( NULL ); + if (md_info == NULL) { + return NULL; + } return md_info->name; } diff --git a/third_party/mbedtls/repo/library/md2.c b/third_party/mbedtls/repo/library/md2.c index 7264e303130..b552d5f7e11 100644 --- a/third_party/mbedtls/repo/library/md2.c +++ b/third_party/mbedtls/repo/library/md2.c @@ -2,19 +2,7 @@ * RFC 1115/1319 compliant MD2 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The MD2 algorithm was designed by Ron Rivest in 1989. @@ -33,14 +21,7 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_MD2_ALT) @@ -74,21 +55,22 @@ static const unsigned char PI_SUBST[256] = 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 }; -void mbedtls_md2_init( mbedtls_md2_context *ctx ) +void mbedtls_md2_init(mbedtls_md2_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md2_context ) ); + memset(ctx, 0, sizeof(mbedtls_md2_context)); } -void mbedtls_md2_free( mbedtls_md2_context *ctx ) +void mbedtls_md2_free(mbedtls_md2_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md2_context)); } -void mbedtls_md2_clone( mbedtls_md2_context *dst, - const mbedtls_md2_context *src ) +void mbedtls_md2_clone(mbedtls_md2_context *dst, + const mbedtls_md2_context *src) { *dst = *src; } @@ -96,67 +78,63 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, /* * MD2 context setup */ -int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ) +int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx) { - memset( ctx->cksum, 0, 16 ); - memset( ctx->state, 0, 46 ); - memset( ctx->buffer, 0, 16 ); + memset(ctx->cksum, 0, 16); + memset(ctx->state, 0, 46); + memset(ctx->buffer, 0, 16); ctx->left = 0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_starts( mbedtls_md2_context *ctx ) +void mbedtls_md2_starts(mbedtls_md2_context *ctx) { - mbedtls_md2_starts_ret( ctx ); + mbedtls_md2_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD2_PROCESS_ALT) -int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ) +int mbedtls_internal_md2_process(mbedtls_md2_context *ctx) { int i, j; unsigned char t = 0; - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { ctx->state[i + 16] = ctx->buffer[i]; ctx->state[i + 32] = - (unsigned char)( ctx->buffer[i] ^ ctx->state[i]); + (unsigned char) (ctx->buffer[i] ^ ctx->state[i]); } - for( i = 0; i < 18; i++ ) - { - for( j = 0; j < 48; j++ ) - { + for (i = 0; i < 18; i++) { + for (j = 0; j < 48; j++) { ctx->state[j] = (unsigned char) - ( ctx->state[j] ^ PI_SUBST[t] ); + (ctx->state[j] ^ PI_SUBST[t]); t = ctx->state[j]; } - t = (unsigned char)( t + i ); + t = (unsigned char) (t + i); } t = ctx->cksum[15]; - for( i = 0; i < 16; i++ ) - { + for (i = 0; i < 16; i++) { ctx->cksum[i] = (unsigned char) - ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] ); + (ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t]); t = ctx->cksum[i]; } /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &t, sizeof( t ) ); + mbedtls_platform_zeroize(&t, sizeof(t)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_process( mbedtls_md2_context *ctx ) +void mbedtls_md2_process(mbedtls_md2_context *ctx) { - mbedtls_internal_md2_process( ctx ); + mbedtls_internal_md2_process(ctx); } #endif #endif /* !MBEDTLS_MD2_PROCESS_ALT */ @@ -164,78 +142,81 @@ void mbedtls_md2_process( mbedtls_md2_context *ctx ) /* * MD2 process buffer */ -int mbedtls_md2_update_ret( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md2_update_ret(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; - while( ilen > 0 ) - { - if( ilen > 16 - ctx->left ) + while (ilen > 0) { + if (ilen > 16 - ctx->left) { fill = 16 - ctx->left; - else + } else { fill = ilen; + } - memcpy( ctx->buffer + ctx->left, input, fill ); + memcpy(ctx->buffer + ctx->left, input, fill); ctx->left += fill; input += fill; ilen -= fill; - if( ctx->left == 16 ) - { + if (ctx->left == 16) { ctx->left = 0; - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } } } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_update( mbedtls_md2_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md2_update(mbedtls_md2_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md2_update_ret( ctx, input, ilen ); + mbedtls_md2_update_ret(ctx, input, ilen); } #endif /* * MD2 final digest */ -int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx, - unsigned char output[16] ) +int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; unsigned char x; - x = (unsigned char)( 16 - ctx->left ); + x = (unsigned char) (16 - ctx->left); - for( i = ctx->left; i < 16; i++ ) + for (i = ctx->left; i < 16; i++) { ctx->buffer[i] = x; + } - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } - memcpy( ctx->buffer, ctx->cksum, 16 ); - if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 ) - return( ret ); + memcpy(ctx->buffer, ctx->cksum, 16); + if ((ret = mbedtls_internal_md2_process(ctx)) != 0) { + return ret; + } - memcpy( output, ctx->state, 16 ); + memcpy(output, ctx->state, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2_finish( mbedtls_md2_context *ctx, - unsigned char output[16] ) +void mbedtls_md2_finish(mbedtls_md2_context *ctx, + unsigned char output[16]) { - mbedtls_md2_finish_ret( ctx, output ); + mbedtls_md2_finish_ret(ctx, output); } #endif @@ -244,36 +225,39 @@ void mbedtls_md2_finish( mbedtls_md2_context *ctx, /* * output = MD2( input buffer ) */ -int mbedtls_md2_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md2_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md2_context ctx; - mbedtls_md2_init( &ctx ); + mbedtls_md2_init(&ctx); - if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md2_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md2_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md2_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md2_free( &ctx ); + mbedtls_md2_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md2( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md2(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md2_ret( input, ilen, output ); + mbedtls_md2_ret(input, ilen, output); } #endif @@ -319,40 +303,43 @@ static const unsigned char md2_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md2_self_test( int verbose ) +int mbedtls_md2_self_test(int verbose) { int i, ret = 0; unsigned char md2sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD2 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD2 test #%d: ", i + 1); + } - ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum ); - if( ret != 0 ) + ret = mbedtls_md2_ret(md2_test_str[i], md2_test_strlen[i], md2sum); + if (ret != 0) { goto fail; + } - if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md2sum, md2_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/md4.c b/third_party/mbedtls/repo/library/md4.c index eaa679a0a6e..8de85fba2e6 100644 --- a/third_party/mbedtls/repo/library/md4.c +++ b/third_party/mbedtls/repo/library/md4.c @@ -2,19 +2,7 @@ * RFC 1186/1320 compliant MD4 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The MD4 algorithm was designed by Ron Rivest in 1990. @@ -33,32 +21,26 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_MD4_ALT) -void mbedtls_md4_init( mbedtls_md4_context *ctx ) +void mbedtls_md4_init(mbedtls_md4_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md4_context ) ); + memset(ctx, 0, sizeof(mbedtls_md4_context)); } -void mbedtls_md4_free( mbedtls_md4_context *ctx ) +void mbedtls_md4_free(mbedtls_md4_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md4_context)); } -void mbedtls_md4_clone( mbedtls_md4_context *dst, - const mbedtls_md4_context *src ) +void mbedtls_md4_clone(mbedtls_md4_context *dst, + const mbedtls_md4_context *src) { *dst = *src; } @@ -66,7 +48,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst, /* * MD4 context setup */ -int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ) +int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -76,43 +58,42 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx ) ctx->state[2] = 0x98BADCFE; ctx->state[3] = 0x10325476; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_starts( mbedtls_md4_context *ctx ) +void mbedtls_md4_starts(mbedtls_md4_context *ctx) { - mbedtls_md4_starts_ret( ctx ); + mbedtls_md4_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD4_PROCESS_ALT) -int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t X[16], A, B, C, D; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); - -#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); + +#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) local.A = ctx->state[0]; local.B = ctx->state[1]; @@ -120,86 +101,86 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, local.D = ctx->state[3]; #define F(x, y, z) (((x) & (y)) | ((~(x)) & (z))) -#define P(a,b,c,d,x,s) \ +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x); \ - (a) = S((a),(s)); \ - } while( 0 ) - - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 1], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 2], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 3], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 4], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 7 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[ 7], 19 ); - P( local.A, local.B, local.C, local.D, local.X[ 8], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 7 ); - P( local.C, local.D, local.A, local.B, local.X[10], 11 ); - P( local.B, local.C, local.D, local.A, local.X[11], 19 ); - P( local.A, local.B, local.C, local.D, local.X[12], 3 ); - P( local.D, local.A, local.B, local.C, local.X[13], 7 ); - P( local.C, local.D, local.A, local.B, local.X[14], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 19 ); + (a) += F((b), (c), (d)) + (x); \ + (a) = S((a), (s)); \ + } while (0) + + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[1], 7); + P(local.C, local.D, local.A, local.B, local.X[2], 11); + P(local.B, local.C, local.D, local.A, local.X[3], 19); + P(local.A, local.B, local.C, local.D, local.X[4], 3); + P(local.D, local.A, local.B, local.C, local.X[5], 7); + P(local.C, local.D, local.A, local.B, local.X[6], 11); + P(local.B, local.C, local.D, local.A, local.X[7], 19); + P(local.A, local.B, local.C, local.D, local.X[8], 3); + P(local.D, local.A, local.B, local.C, local.X[9], 7); + P(local.C, local.D, local.A, local.B, local.X[10], 11); + P(local.B, local.C, local.D, local.A, local.X[11], 19); + P(local.A, local.B, local.C, local.D, local.X[12], 3); + P(local.D, local.A, local.B, local.C, local.X[13], 7); + P(local.C, local.D, local.A, local.B, local.X[14], 11); + P(local.B, local.C, local.D, local.A, local.X[15], 19); #undef P #undef F -#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) -#define P(a,b,c,d,x,s) \ +#define F(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x) + 0x5A827999; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 4], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 8], 9 ); - P( local.B, local.C, local.D, local.A, local.X[12], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 5], 5 ); - P( local.C, local.D, local.A, local.B, local.X[ 9], 9 ); - P( local.B, local.C, local.D, local.A, local.X[13], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 6], 5 ); - P( local.C, local.D, local.A, local.B, local.X[10], 9 ); - P( local.B, local.C, local.D, local.A, local.X[14], 13 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 7], 5 ); - P( local.C, local.D, local.A, local.B, local.X[11], 9 ); - P( local.B, local.C, local.D, local.A, local.X[15], 13 ); + (a) += F((b), (c), (d)) + (x) + 0x5A827999; \ + (a) = S((a), (s)); \ + } while (0) + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[4], 5); + P(local.C, local.D, local.A, local.B, local.X[8], 9); + P(local.B, local.C, local.D, local.A, local.X[12], 13); + P(local.A, local.B, local.C, local.D, local.X[1], 3); + P(local.D, local.A, local.B, local.C, local.X[5], 5); + P(local.C, local.D, local.A, local.B, local.X[9], 9); + P(local.B, local.C, local.D, local.A, local.X[13], 13); + P(local.A, local.B, local.C, local.D, local.X[2], 3); + P(local.D, local.A, local.B, local.C, local.X[6], 5); + P(local.C, local.D, local.A, local.B, local.X[10], 9); + P(local.B, local.C, local.D, local.A, local.X[14], 13); + P(local.A, local.B, local.C, local.D, local.X[3], 3); + P(local.D, local.A, local.B, local.C, local.X[7], 5); + P(local.C, local.D, local.A, local.B, local.X[11], 9); + P(local.B, local.C, local.D, local.A, local.X[15], 13); #undef P #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) -#define P(a,b,c,d,x,s) \ +#define F(x, y, z) ((x) ^ (y) ^ (z)) +#define P(a, b, c, d, x, s) \ do \ { \ - (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \ - (a) = S((a),(s)); \ - } while( 0 ) - - P( local.A, local.B, local.C, local.D, local.X[ 0], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 8], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 4], 11 ); - P( local.B, local.C, local.D, local.A, local.X[12], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 2], 3 ); - P( local.D, local.A, local.B, local.C, local.X[10], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 6], 11 ); - P( local.B, local.C, local.D, local.A, local.X[14], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 1], 3 ); - P( local.D, local.A, local.B, local.C, local.X[ 9], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 5], 11 ); - P( local.B, local.C, local.D, local.A, local.X[13], 15 ); - P( local.A, local.B, local.C, local.D, local.X[ 3], 3 ); - P( local.D, local.A, local.B, local.C, local.X[11], 9 ); - P( local.C, local.D, local.A, local.B, local.X[ 7], 11 ); - P( local.B, local.C, local.D, local.A, local.X[15], 15 ); + (a) += F((b), (c), (d)) + (x) + 0x6ED9EBA1; \ + (a) = S((a), (s)); \ + } while (0) + + P(local.A, local.B, local.C, local.D, local.X[0], 3); + P(local.D, local.A, local.B, local.C, local.X[8], 9); + P(local.C, local.D, local.A, local.B, local.X[4], 11); + P(local.B, local.C, local.D, local.A, local.X[12], 15); + P(local.A, local.B, local.C, local.D, local.X[2], 3); + P(local.D, local.A, local.B, local.C, local.X[10], 9); + P(local.C, local.D, local.A, local.B, local.X[6], 11); + P(local.B, local.C, local.D, local.A, local.X[14], 15); + P(local.A, local.B, local.C, local.D, local.X[1], 3); + P(local.D, local.A, local.B, local.C, local.X[9], 9); + P(local.C, local.D, local.A, local.B, local.X[5], 11); + P(local.B, local.C, local.D, local.A, local.X[13], 15); + P(local.A, local.B, local.C, local.D, local.X[3], 3); + P(local.D, local.A, local.B, local.C, local.X[11], 9); + P(local.C, local.D, local.A, local.B, local.X[7], 11); + P(local.B, local.C, local.D, local.A, local.X[15], 15); #undef F #undef P @@ -210,16 +191,16 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, ctx->state[3] += local.D; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_process( mbedtls_md4_context *ctx, - const unsigned char data[64] ) +void mbedtls_md4_process(mbedtls_md4_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_md4_process( ctx, data ); + mbedtls_internal_md4_process(ctx, data); } #endif #endif /* !MBEDTLS_MD4_PROCESS_ALT */ @@ -227,16 +208,17 @@ void mbedtls_md4_process( mbedtls_md4_context *ctx, /* * MD4 process buffer */ -int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md4_update_ret(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -244,52 +226,52 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), + (void *) input, fill); - if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md4_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_md4_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), - (void *) input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), + (void *) input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_update( mbedtls_md4_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md4_update(mbedtls_md4_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md4_update_ret( ctx, input, ilen ); + mbedtls_md4_update_ret(ctx, input, ilen); } #endif static const unsigned char md4_padding[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 @@ -298,45 +280,47 @@ static const unsigned char md4_padding[64] = /* * MD4 final digest */ -int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx, - unsigned char output[16] ) +int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); - MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE(low, msglen, 0); + MBEDTLS_PUT_UINT32_LE(high, msglen, 4); last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + padn = (last < 56) ? (56 - last) : (120 - last); - ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md4_update_ret(ctx, (unsigned char *) md4_padding, padn); + if (ret != 0) { + return ret; + } - if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md4_update_ret(ctx, msglen, 8)) != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4_finish( mbedtls_md4_context *ctx, - unsigned char output[16] ) +void mbedtls_md4_finish(mbedtls_md4_context *ctx, + unsigned char output[16]) { - mbedtls_md4_finish_ret( ctx, output ); + mbedtls_md4_finish_ret(ctx, output); } #endif @@ -345,36 +329,39 @@ void mbedtls_md4_finish( mbedtls_md4_context *ctx, /* * output = MD4( input buffer ) */ -int mbedtls_md4_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md4_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md4_context ctx; - mbedtls_md4_init( &ctx ); + mbedtls_md4_init(&ctx); - if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md4_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md4_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md4_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md4_free( &ctx ); + mbedtls_md4_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md4( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md4(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md4_ret( input, ilen, output ); + mbedtls_md4_ret(input, ilen, output); } #endif @@ -420,40 +407,43 @@ static const unsigned char md4_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md4_self_test( int verbose ) +int mbedtls_md4_self_test(int verbose) { int i, ret = 0; unsigned char md4sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD4 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD4 test #%d: ", i + 1); + } - ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum ); - if( ret != 0 ) + ret = mbedtls_md4_ret(md4_test_str[i], md4_test_strlen[i], md4sum); + if (ret != 0) { goto fail; + } - if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md4sum, md4_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/md5.c b/third_party/mbedtls/repo/library/md5.c index 4b53fcf3673..4ad24fc8b1b 100644 --- a/third_party/mbedtls/repo/library/md5.c +++ b/third_party/mbedtls/repo/library/md5.c @@ -2,19 +2,7 @@ * RFC 1321 compliant MD5 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The MD5 algorithm was designed by Ron Rivest in 1991. @@ -32,32 +20,26 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_MD5_ALT) -void mbedtls_md5_init( mbedtls_md5_context *ctx ) +void mbedtls_md5_init(mbedtls_md5_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_md5_context ) ); + memset(ctx, 0, sizeof(mbedtls_md5_context)); } -void mbedtls_md5_free( mbedtls_md5_context *ctx ) +void mbedtls_md5_free(mbedtls_md5_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md5_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md5_context)); } -void mbedtls_md5_clone( mbedtls_md5_context *dst, - const mbedtls_md5_context *src ) +void mbedtls_md5_clone(mbedtls_md5_context *dst, + const mbedtls_md5_context *src) { *dst = *src; } @@ -65,7 +47,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst, /* * MD5 context setup */ -int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) +int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -75,138 +57,137 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx ) ctx->state[2] = 0x98BADCFE; ctx->state[3] = 0x10325476; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_starts( mbedtls_md5_context *ctx ) +void mbedtls_md5_starts(mbedtls_md5_context *ctx) { - mbedtls_md5_starts_ret( ctx ); + mbedtls_md5_starts_ret(ctx); } #endif #if !defined(MBEDTLS_MD5_PROCESS_ALT) -int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t X[16], A, B, C, D; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); - -#define S(x,n) \ - ( ( (x) << (n) ) | ( ( (x) & 0xFFFFFFFF) >> ( 32 - (n) ) ) ) - -#define P(a,b,c,d,k,s,t) \ + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); + +#define S(x, n) \ + (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + +#define P(a, b, c, d, k, s, t) \ do \ { \ - (a) += F((b),(c),(d)) + local.X[(k)] + (t); \ - (a) = S((a),(s)) + (b); \ - } while( 0 ) + (a) += F((b), (c), (d)) + local.X[(k)] + (t); \ + (a) = S((a), (s)) + (b); \ + } while (0) local.A = ctx->state[0]; local.B = ctx->state[1]; local.C = ctx->state[2]; local.D = ctx->state[3]; -#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) - - P( local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478 ); - P( local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756 ); - P( local.C, local.D, local.A, local.B, 2, 17, 0x242070DB ); - P( local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE ); - P( local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF ); - P( local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A ); - P( local.C, local.D, local.A, local.B, 6, 17, 0xA8304613 ); - P( local.B, local.C, local.D, local.A, 7, 22, 0xFD469501 ); - P( local.A, local.B, local.C, local.D, 8, 7, 0x698098D8 ); - P( local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF ); - P( local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1 ); - P( local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE ); - P( local.A, local.B, local.C, local.D, 12, 7, 0x6B901122 ); - P( local.D, local.A, local.B, local.C, 13, 12, 0xFD987193 ); - P( local.C, local.D, local.A, local.B, 14, 17, 0xA679438E ); - P( local.B, local.C, local.D, local.A, 15, 22, 0x49B40821 ); +#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) + + P(local.A, local.B, local.C, local.D, 0, 7, 0xD76AA478); + P(local.D, local.A, local.B, local.C, 1, 12, 0xE8C7B756); + P(local.C, local.D, local.A, local.B, 2, 17, 0x242070DB); + P(local.B, local.C, local.D, local.A, 3, 22, 0xC1BDCEEE); + P(local.A, local.B, local.C, local.D, 4, 7, 0xF57C0FAF); + P(local.D, local.A, local.B, local.C, 5, 12, 0x4787C62A); + P(local.C, local.D, local.A, local.B, 6, 17, 0xA8304613); + P(local.B, local.C, local.D, local.A, 7, 22, 0xFD469501); + P(local.A, local.B, local.C, local.D, 8, 7, 0x698098D8); + P(local.D, local.A, local.B, local.C, 9, 12, 0x8B44F7AF); + P(local.C, local.D, local.A, local.B, 10, 17, 0xFFFF5BB1); + P(local.B, local.C, local.D, local.A, 11, 22, 0x895CD7BE); + P(local.A, local.B, local.C, local.D, 12, 7, 0x6B901122); + P(local.D, local.A, local.B, local.C, 13, 12, 0xFD987193); + P(local.C, local.D, local.A, local.B, 14, 17, 0xA679438E); + P(local.B, local.C, local.D, local.A, 15, 22, 0x49B40821); #undef F -#define F(x,y,z) ((y) ^ ((z) & ((x) ^ (y)))) - - P( local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562 ); - P( local.D, local.A, local.B, local.C, 6, 9, 0xC040B340 ); - P( local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51 ); - P( local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA ); - P( local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D ); - P( local.D, local.A, local.B, local.C, 10, 9, 0x02441453 ); - P( local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681 ); - P( local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8 ); - P( local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6 ); - P( local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6 ); - P( local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87 ); - P( local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED ); - P( local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905 ); - P( local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8 ); - P( local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9 ); - P( local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A ); +#define F(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) + + P(local.A, local.B, local.C, local.D, 1, 5, 0xF61E2562); + P(local.D, local.A, local.B, local.C, 6, 9, 0xC040B340); + P(local.C, local.D, local.A, local.B, 11, 14, 0x265E5A51); + P(local.B, local.C, local.D, local.A, 0, 20, 0xE9B6C7AA); + P(local.A, local.B, local.C, local.D, 5, 5, 0xD62F105D); + P(local.D, local.A, local.B, local.C, 10, 9, 0x02441453); + P(local.C, local.D, local.A, local.B, 15, 14, 0xD8A1E681); + P(local.B, local.C, local.D, local.A, 4, 20, 0xE7D3FBC8); + P(local.A, local.B, local.C, local.D, 9, 5, 0x21E1CDE6); + P(local.D, local.A, local.B, local.C, 14, 9, 0xC33707D6); + P(local.C, local.D, local.A, local.B, 3, 14, 0xF4D50D87); + P(local.B, local.C, local.D, local.A, 8, 20, 0x455A14ED); + P(local.A, local.B, local.C, local.D, 13, 5, 0xA9E3E905); + P(local.D, local.A, local.B, local.C, 2, 9, 0xFCEFA3F8); + P(local.C, local.D, local.A, local.B, 7, 14, 0x676F02D9); + P(local.B, local.C, local.D, local.A, 12, 20, 0x8D2A4C8A); #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) - - P( local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942 ); - P( local.D, local.A, local.B, local.C, 8, 11, 0x8771F681 ); - P( local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122 ); - P( local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C ); - P( local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44 ); - P( local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9 ); - P( local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60 ); - P( local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70 ); - P( local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6 ); - P( local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA ); - P( local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085 ); - P( local.B, local.C, local.D, local.A, 6, 23, 0x04881D05 ); - P( local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039 ); - P( local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5 ); - P( local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8 ); - P( local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665 ); +#define F(x, y, z) ((x) ^ (y) ^ (z)) + + P(local.A, local.B, local.C, local.D, 5, 4, 0xFFFA3942); + P(local.D, local.A, local.B, local.C, 8, 11, 0x8771F681); + P(local.C, local.D, local.A, local.B, 11, 16, 0x6D9D6122); + P(local.B, local.C, local.D, local.A, 14, 23, 0xFDE5380C); + P(local.A, local.B, local.C, local.D, 1, 4, 0xA4BEEA44); + P(local.D, local.A, local.B, local.C, 4, 11, 0x4BDECFA9); + P(local.C, local.D, local.A, local.B, 7, 16, 0xF6BB4B60); + P(local.B, local.C, local.D, local.A, 10, 23, 0xBEBFBC70); + P(local.A, local.B, local.C, local.D, 13, 4, 0x289B7EC6); + P(local.D, local.A, local.B, local.C, 0, 11, 0xEAA127FA); + P(local.C, local.D, local.A, local.B, 3, 16, 0xD4EF3085); + P(local.B, local.C, local.D, local.A, 6, 23, 0x04881D05); + P(local.A, local.B, local.C, local.D, 9, 4, 0xD9D4D039); + P(local.D, local.A, local.B, local.C, 12, 11, 0xE6DB99E5); + P(local.C, local.D, local.A, local.B, 15, 16, 0x1FA27CF8); + P(local.B, local.C, local.D, local.A, 2, 23, 0xC4AC5665); #undef F -#define F(x,y,z) ((y) ^ ((x) | ~(z))) - - P( local.A, local.B, local.C, local.D, 0, 6, 0xF4292244 ); - P( local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97 ); - P( local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7 ); - P( local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039 ); - P( local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3 ); - P( local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92 ); - P( local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D ); - P( local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1 ); - P( local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F ); - P( local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0 ); - P( local.C, local.D, local.A, local.B, 6, 15, 0xA3014314 ); - P( local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1 ); - P( local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82 ); - P( local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235 ); - P( local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB ); - P( local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391 ); +#define F(x, y, z) ((y) ^ ((x) | ~(z))) + + P(local.A, local.B, local.C, local.D, 0, 6, 0xF4292244); + P(local.D, local.A, local.B, local.C, 7, 10, 0x432AFF97); + P(local.C, local.D, local.A, local.B, 14, 15, 0xAB9423A7); + P(local.B, local.C, local.D, local.A, 5, 21, 0xFC93A039); + P(local.A, local.B, local.C, local.D, 12, 6, 0x655B59C3); + P(local.D, local.A, local.B, local.C, 3, 10, 0x8F0CCC92); + P(local.C, local.D, local.A, local.B, 10, 15, 0xFFEFF47D); + P(local.B, local.C, local.D, local.A, 1, 21, 0x85845DD1); + P(local.A, local.B, local.C, local.D, 8, 6, 0x6FA87E4F); + P(local.D, local.A, local.B, local.C, 15, 10, 0xFE2CE6E0); + P(local.C, local.D, local.A, local.B, 6, 15, 0xA3014314); + P(local.B, local.C, local.D, local.A, 13, 21, 0x4E0811A1); + P(local.A, local.B, local.C, local.D, 4, 6, 0xF7537E82); + P(local.D, local.A, local.B, local.C, 11, 10, 0xBD3AF235); + P(local.C, local.D, local.A, local.B, 2, 15, 0x2AD7D2BB); + P(local.B, local.C, local.D, local.A, 9, 21, 0xEB86D391); #undef F @@ -216,16 +197,16 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, ctx->state[3] += local.D; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_process( mbedtls_md5_context *ctx, - const unsigned char data[64] ) +void mbedtls_md5_process(mbedtls_md5_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_md5_process( ctx, data ); + mbedtls_internal_md5_process(ctx, data); } #endif #endif /* !MBEDTLS_MD5_PROCESS_ALT */ @@ -233,16 +214,17 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, /* * MD5 process buffer */ -int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_md5_update_ret(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -250,51 +232,51 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_md5_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_update( mbedtls_md5_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_md5_update(mbedtls_md5_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_md5_update_ret( ctx, input, ilen ); + mbedtls_md5_update_ret(ctx, input, ilen); } #endif /* * MD5 final digest */ -int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, - unsigned char output[16] ) +int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; @@ -307,51 +289,50 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_LE( high, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_LE(low, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_LE(high, ctx->buffer, 60); - if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5_finish( mbedtls_md5_context *ctx, - unsigned char output[16] ) +void mbedtls_md5_finish(mbedtls_md5_context *ctx, + unsigned char output[16]) { - mbedtls_md5_finish_ret( ctx, output ); + mbedtls_md5_finish_ret(ctx, output); } #endif @@ -360,36 +341,39 @@ void mbedtls_md5_finish( mbedtls_md5_context *ctx, /* * output = MD5( input buffer ) */ -int mbedtls_md5_ret( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +int mbedtls_md5_ret(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md5_context ctx; - mbedtls_md5_init( &ctx ); + mbedtls_md5_init(&ctx); - if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_md5_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_md5_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_md5_free( &ctx ); + mbedtls_md5_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_md5( const unsigned char *input, - size_t ilen, - unsigned char output[16] ) +void mbedtls_md5(const unsigned char *input, + size_t ilen, + unsigned char output[16]) { - mbedtls_md5_ret( input, ilen, output ); + mbedtls_md5_ret(input, ilen, output); } #endif @@ -434,40 +418,43 @@ static const unsigned char md5_test_sum[7][16] = /* * Checkup routine */ -int mbedtls_md5_self_test( int verbose ) +int mbedtls_md5_self_test(int verbose) { int i, ret = 0; unsigned char md5sum[16]; - for( i = 0; i < 7; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " MD5 test #%d: ", i + 1 ); + for (i = 0; i < 7; i++) { + if (verbose != 0) { + mbedtls_printf(" MD5 test #%d: ", i + 1); + } - ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum ); - if( ret != 0 ) + ret = mbedtls_md5_ret(md5_test_buf[i], md5_test_buflen[i], md5sum); + if (ret != 0) { goto fail; + } - if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 ) - { + if (memcmp(md5sum, md5_test_sum[i], 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/memory_buffer_alloc.c b/third_party/mbedtls/repo/library/memory_buffer_alloc.c index 0d5d27d3de6..d6a47ba93da 100644 --- a/third_party/mbedtls/repo/library/memory_buffer_alloc.c +++ b/third_party/mbedtls/repo/library/memory_buffer_alloc.c @@ -2,19 +2,7 @@ * Buffer-based memory allocator * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -42,8 +30,7 @@ #define MAX_BT 20 typedef struct _memory_header memory_header; -struct _memory_header -{ +struct _memory_header { size_t magic1; size_t size; size_t alloc; @@ -58,8 +45,7 @@ struct _memory_header size_t magic2; }; -typedef struct -{ +typedef struct { unsigned char *buf; size_t len; memory_header *first; @@ -82,146 +68,135 @@ buffer_alloc_ctx; static buffer_alloc_ctx heap; #if defined(MBEDTLS_MEMORY_DEBUG) -static void debug_header( memory_header *hdr ) +static void debug_header(memory_header *hdr) { #if defined(MBEDTLS_MEMORY_BACKTRACE) size_t i; #endif - mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " - "ALLOC(%zu), SIZE(%10zu)\n", - (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, - hdr->alloc, hdr->size ); - mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", - (size_t) hdr->prev_free, (size_t) hdr->next_free ); + mbedtls_fprintf(stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " + "ALLOC(%zu), SIZE(%10zu)\n", + (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, + hdr->alloc, hdr->size); + mbedtls_fprintf(stderr, " FPREV(%10zu), FNEXT(%10zu)\n", + (size_t) hdr->prev_free, (size_t) hdr->next_free); #if defined(MBEDTLS_MEMORY_BACKTRACE) - mbedtls_fprintf( stderr, "TRACE: \n" ); - for( i = 0; i < hdr->trace_count; i++ ) - mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] ); - mbedtls_fprintf( stderr, "\n" ); + mbedtls_fprintf(stderr, "TRACE: \n"); + for (i = 0; i < hdr->trace_count; i++) { + mbedtls_fprintf(stderr, "%s\n", hdr->trace[i]); + } + mbedtls_fprintf(stderr, "\n"); #endif } -static void debug_chain( void ) +static void debug_chain(void) { memory_header *cur = heap.first; - mbedtls_fprintf( stderr, "\nBlock list\n" ); - while( cur != NULL ) - { - debug_header( cur ); + mbedtls_fprintf(stderr, "\nBlock list\n"); + while (cur != NULL) { + debug_header(cur); cur = cur->next; } - mbedtls_fprintf( stderr, "Free list\n" ); + mbedtls_fprintf(stderr, "Free list\n"); cur = heap.first_free; - while( cur != NULL ) - { - debug_header( cur ); + while (cur != NULL) { + debug_header(cur); cur = cur->next_free; } } #endif /* MBEDTLS_MEMORY_DEBUG */ -static int verify_header( memory_header *hdr ) +static int verify_header(memory_header *hdr) { - if( hdr->magic1 != MAGIC1 ) - { + if (hdr->magic1 != MAGIC1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); + mbedtls_fprintf(stderr, "FATAL: MAGIC1 mismatch\n"); #endif - return( 1 ); + return 1; } - if( hdr->magic2 != MAGIC2 ) - { + if (hdr->magic2 != MAGIC2) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); + mbedtls_fprintf(stderr, "FATAL: MAGIC2 mismatch\n"); #endif - return( 1 ); + return 1; } - if( hdr->alloc > 1 ) - { + if (hdr->alloc > 1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" ); + mbedtls_fprintf(stderr, "FATAL: alloc has illegal value\n"); #endif - return( 1 ); + return 1; } - if( hdr->prev != NULL && hdr->prev == hdr->next ) - { + if (hdr->prev != NULL && hdr->prev == hdr->next) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev == next\n" ); + mbedtls_fprintf(stderr, "FATAL: prev == next\n"); #endif - return( 1 ); + return 1; } - if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free ) - { + if (hdr->prev_free != NULL && hdr->prev_free == hdr->next_free) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" ); + mbedtls_fprintf(stderr, "FATAL: prev_free == next_free\n"); #endif - return( 1 ); + return 1; } - return( 0 ); + return 0; } -static int verify_chain( void ) +static int verify_chain(void) { memory_header *prv = heap.first, *cur; - if( prv == NULL || verify_header( prv ) != 0 ) - { + if (prv == NULL || verify_header(prv) != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of first header " - "failed\n" ); + mbedtls_fprintf(stderr, "FATAL: verification of first header " + "failed\n"); #endif - return( 1 ); + return 1; } - if( heap.first->prev != NULL ) - { + if (heap.first->prev != NULL) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "first->prev != NULL\n" ); + mbedtls_fprintf(stderr, "FATAL: verification failed: " + "first->prev != NULL\n"); #endif - return( 1 ); + return 1; } cur = heap.first->next; - while( cur != NULL ) - { - if( verify_header( cur ) != 0 ) - { + while (cur != NULL) { + if (verify_header(cur) != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification of header " - "failed\n" ); + mbedtls_fprintf(stderr, "FATAL: verification of header " + "failed\n"); #endif - return( 1 ); + return 1; } - if( cur->prev != prv ) - { + if (cur->prev != prv) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: verification failed: " - "cur->prev != prv\n" ); + mbedtls_fprintf(stderr, "FATAL: verification failed: " + "cur->prev != prv\n"); #endif - return( 1 ); + return 1; } prv = cur; cur = cur->next; } - return( 0 ); + return 0; } -static void *buffer_alloc_calloc( size_t n, size_t size ) +static void *buffer_alloc_calloc(size_t n, size_t size) { memory_header *new, *cur = heap.first_free; unsigned char *p; @@ -232,42 +207,43 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) size_t trace_cnt; #endif - if( heap.buf == NULL || heap.first == NULL ) - return( NULL ); + if (heap.buf == NULL || heap.first == NULL) { + return NULL; + } original_len = len = n * size; - if( n == 0 || size == 0 || len / n != size ) - return( NULL ); - else if( len > (size_t)-MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - return( NULL ); + if (n == 0 || size == 0 || len / n != size) { + return NULL; + } else if (len > (size_t) -MBEDTLS_MEMORY_ALIGN_MULTIPLE) { + return NULL; + } - if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + if (len % MBEDTLS_MEMORY_ALIGN_MULTIPLE) { len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE; len += MBEDTLS_MEMORY_ALIGN_MULTIPLE; } // Find block that fits // - while( cur != NULL ) - { - if( cur->size >= len ) + while (cur != NULL) { + if (cur->size >= len) { break; + } cur = cur->next_free; } - if( cur == NULL ) - return( NULL ); + if (cur == NULL) { + return NULL; + } - if( cur->alloc != 0 ) - { + if (cur->alloc != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated " - "data\n" ); + mbedtls_fprintf(stderr, "FATAL: block in free_list but allocated " + "data\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } #if defined(MBEDTLS_MEMORY_DEBUG) @@ -276,45 +252,48 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) // Found location, split block if > memory_header + 4 room left // - if( cur->size - len < sizeof(memory_header) + - MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + if (cur->size - len < sizeof(memory_header) + + MBEDTLS_MEMORY_ALIGN_MULTIPLE) { cur->alloc = 1; // Remove from free_list // - if( cur->prev_free != NULL ) + if (cur->prev_free != NULL) { cur->prev_free->next_free = cur->next_free; - else + } else { heap.first_free = cur->next_free; + } - if( cur->next_free != NULL ) + if (cur->next_free != NULL) { cur->next_free->prev_free = cur->prev_free; + } cur->prev_free = NULL; cur->next_free = NULL; #if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) + if (heap.total_used > heap.maximum_used) { heap.maximum_used = heap.total_used; + } #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); + trace_cnt = backtrace(trace_buffer, MAX_BT); + cur->trace = backtrace_symbols(trace_buffer, trace_cnt); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) { + mbedtls_exit(1); + } - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + ret = (unsigned char *) cur + sizeof(memory_header); + memset(ret, 0, original_len); - return( ret ); + return ret; } - p = ( (unsigned char *) cur ) + sizeof(memory_header) + len; + p = ((unsigned char *) cur) + sizeof(memory_header) + len; new = (memory_header *) p; new->size = cur->size - len - sizeof(memory_header); @@ -328,20 +307,23 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) new->magic1 = MAGIC1; new->magic2 = MAGIC2; - if( new->next != NULL ) + if (new->next != NULL) { new->next->prev = new; + } // Replace cur with new in free_list // new->prev_free = cur->prev_free; new->next_free = cur->next_free; - if( new->prev_free != NULL ) + if (new->prev_free != NULL) { new->prev_free->next_free = new; - else + } else { heap.first_free = new; + } - if( new->next_free != NULL ) + if (new->next_free != NULL) { new->next_free->prev_free = new; + } cur->alloc = 1; cur->size = len; @@ -351,57 +333,60 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count++; - if( heap.header_count > heap.maximum_header_count ) + if (heap.header_count > heap.maximum_header_count) { heap.maximum_header_count = heap.header_count; + } heap.total_used += cur->size; - if( heap.total_used > heap.maximum_used ) + if (heap.total_used > heap.maximum_used) { heap.maximum_used = heap.total_used; + } #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - trace_cnt = backtrace( trace_buffer, MAX_BT ); - cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); + trace_cnt = backtrace(trace_buffer, MAX_BT); + cur->trace = backtrace_symbols(trace_buffer, trace_cnt); cur->trace_count = trace_cnt; #endif - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC) && verify_chain() != 0) { + mbedtls_exit(1); + } - ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + ret = (unsigned char *) cur + sizeof(memory_header); + memset(ret, 0, original_len); - return( ret ); + return ret; } -static void buffer_alloc_free( void *ptr ) +static void buffer_alloc_free(void *ptr) { memory_header *hdr, *old = NULL; unsigned char *p = (unsigned char *) ptr; - if( ptr == NULL || heap.buf == NULL || heap.first == NULL ) + if (ptr == NULL || heap.buf == NULL || heap.first == NULL) { return; + } - if( p < heap.buf || p >= heap.buf + heap.len ) - { + if (p < heap.buf || p >= heap.buf + heap.len) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed " - "space\n" ); + mbedtls_fprintf(stderr, "FATAL: mbedtls_free() outside of managed " + "space\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } p -= sizeof(memory_header); hdr = (memory_header *) p; - if( verify_header( hdr ) != 0 ) - mbedtls_exit( 1 ); + if (verify_header(hdr) != 0) { + mbedtls_exit(1); + } - if( hdr->alloc != 1 ) - { + if (hdr->alloc != 1) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated " - "data\n" ); + mbedtls_fprintf(stderr, "FATAL: mbedtls_free() on unallocated " + "data\n"); #endif - mbedtls_exit( 1 ); + mbedtls_exit(1); } hdr->alloc = 0; @@ -412,15 +397,14 @@ static void buffer_alloc_free( void *ptr ) #endif #if defined(MBEDTLS_MEMORY_BACKTRACE) - free( hdr->trace ); + free(hdr->trace); hdr->trace = NULL; hdr->trace_count = 0; #endif // Regroup with block before // - if( hdr->prev != NULL && hdr->prev->alloc == 0 ) - { + if (hdr->prev != NULL && hdr->prev->alloc == 0) { #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif @@ -429,16 +413,16 @@ static void buffer_alloc_free( void *ptr ) old = hdr; hdr = hdr->prev; - if( hdr->next != NULL ) + if (hdr->next != NULL) { hdr->next->prev = hdr; + } - memset( old, 0, sizeof(memory_header) ); + memset(old, 0, sizeof(memory_header)); } // Regroup with block after // - if( hdr->next != NULL && hdr->next->alloc == 0 ) - { + if (hdr->next != NULL && hdr->next->alloc == 0) { #if defined(MBEDTLS_MEMORY_DEBUG) heap.header_count--; #endif @@ -446,95 +430,97 @@ static void buffer_alloc_free( void *ptr ) old = hdr->next; hdr->next = hdr->next->next; - if( hdr->prev_free != NULL || hdr->next_free != NULL ) - { - if( hdr->prev_free != NULL ) + if (hdr->prev_free != NULL || hdr->next_free != NULL) { + if (hdr->prev_free != NULL) { hdr->prev_free->next_free = hdr->next_free; - else + } else { heap.first_free = hdr->next_free; + } - if( hdr->next_free != NULL ) + if (hdr->next_free != NULL) { hdr->next_free->prev_free = hdr->prev_free; + } } hdr->prev_free = old->prev_free; hdr->next_free = old->next_free; - if( hdr->prev_free != NULL ) + if (hdr->prev_free != NULL) { hdr->prev_free->next_free = hdr; - else + } else { heap.first_free = hdr; + } - if( hdr->next_free != NULL ) + if (hdr->next_free != NULL) { hdr->next_free->prev_free = hdr; + } - if( hdr->next != NULL ) + if (hdr->next != NULL) { hdr->next->prev = hdr; + } - memset( old, 0, sizeof(memory_header) ); + memset(old, 0, sizeof(memory_header)); } // Prepend to free_list if we have not merged // (Does not have to stay in same order as prev / next list) // - if( old == NULL ) - { + if (old == NULL) { hdr->next_free = heap.first_free; - if( heap.first_free != NULL ) + if (heap.first_free != NULL) { heap.first_free->prev_free = hdr; + } heap.first_free = hdr; } - if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) - mbedtls_exit( 1 ); + if ((heap.verify & MBEDTLS_MEMORY_VERIFY_FREE) && verify_chain() != 0) { + mbedtls_exit(1); + } } -void mbedtls_memory_buffer_set_verify( int verify ) +void mbedtls_memory_buffer_set_verify(int verify) { heap.verify = verify; } -int mbedtls_memory_buffer_alloc_verify( void ) +int mbedtls_memory_buffer_alloc_verify(void) { return verify_chain(); } #if defined(MBEDTLS_MEMORY_DEBUG) -void mbedtls_memory_buffer_alloc_status( void ) +void mbedtls_memory_buffer_alloc_status(void) { - mbedtls_fprintf( stderr, - "Current use: %zu blocks / %zu bytes, max: %zu blocks / " - "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", - heap.header_count, heap.total_used, - heap.maximum_header_count, heap.maximum_used, - heap.maximum_header_count * sizeof( memory_header ) - + heap.maximum_used, - heap.alloc_count, heap.free_count ); - - if( heap.first->next == NULL ) - { - mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); - } - else - { - mbedtls_fprintf( stderr, "Memory currently allocated:\n" ); + mbedtls_fprintf(stderr, + "Current use: %zu blocks / %zu bytes, max: %zu blocks / " + "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n", + heap.header_count, heap.total_used, + heap.maximum_header_count, heap.maximum_used, + heap.maximum_header_count * sizeof(memory_header) + + heap.maximum_used, + heap.alloc_count, heap.free_count); + + if (heap.first->next == NULL) { + mbedtls_fprintf(stderr, "All memory de-allocated in stack buffer\n"); + } else { + mbedtls_fprintf(stderr, "Memory currently allocated:\n"); debug_chain(); } } -void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) +void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks) { *max_used = heap.maximum_used; *max_blocks = heap.maximum_header_count; } -void mbedtls_memory_buffer_alloc_max_reset( void ) +void mbedtls_memory_buffer_alloc_max_reset(void) { heap.maximum_used = 0; heap.maximum_header_count = 0; } -void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) +void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks) { *cur_used = heap.total_used; *cur_blocks = heap.header_count; @@ -542,202 +528,211 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) #endif /* MBEDTLS_MEMORY_DEBUG */ #if defined(MBEDTLS_THREADING_C) -static void *buffer_alloc_calloc_mutexed( size_t n, size_t size ) +static void *buffer_alloc_calloc_mutexed(size_t n, size_t size) { void *buf; - if( mbedtls_mutex_lock( &heap.mutex ) != 0 ) - return( NULL ); - buf = buffer_alloc_calloc( n, size ); - if( mbedtls_mutex_unlock( &heap.mutex ) ) - return( NULL ); - return( buf ); + if (mbedtls_mutex_lock(&heap.mutex) != 0) { + return NULL; + } + buf = buffer_alloc_calloc(n, size); + if (mbedtls_mutex_unlock(&heap.mutex)) { + return NULL; + } + return buf; } -static void buffer_alloc_free_mutexed( void *ptr ) +static void buffer_alloc_free_mutexed(void *ptr) { - /* We have to good option here, but corrupting the heap seems - * worse than loosing memory. */ - if( mbedtls_mutex_lock( &heap.mutex ) ) + /* We have no good option here, but corrupting the heap seems + * worse than losing memory. */ + if (mbedtls_mutex_lock(&heap.mutex)) { return; - buffer_alloc_free( ptr ); - (void) mbedtls_mutex_unlock( &heap.mutex ); + } + buffer_alloc_free(ptr); + (void) mbedtls_mutex_unlock(&heap.mutex); } #endif /* MBEDTLS_THREADING_C */ -void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) +void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len) { - memset( &heap, 0, sizeof( buffer_alloc_ctx ) ); + memset(&heap, 0, sizeof(buffer_alloc_ctx)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &heap.mutex ); - mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed, - buffer_alloc_free_mutexed ); + mbedtls_mutex_init(&heap.mutex); + mbedtls_platform_set_calloc_free(buffer_alloc_calloc_mutexed, + buffer_alloc_free_mutexed); #else - mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free ); + mbedtls_platform_set_calloc_free(buffer_alloc_calloc, buffer_alloc_free); #endif - if( len < sizeof( memory_header ) + MBEDTLS_MEMORY_ALIGN_MULTIPLE ) + if (len < sizeof(memory_header) + MBEDTLS_MEMORY_ALIGN_MULTIPLE) { return; - else if( (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE ) - { + } else if ((size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE) { /* Adjust len first since buf is used in the computation */ len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE - - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; + - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; } - memset( buf, 0, len ); + memset(buf, 0, len); heap.buf = buf; heap.len = len; - heap.first = (memory_header *)buf; - heap.first->size = len - sizeof( memory_header ); + heap.first = (memory_header *) buf; + heap.first->size = len - sizeof(memory_header); heap.first->magic1 = MAGIC1; heap.first->magic2 = MAGIC2; heap.first_free = heap.first; } -void mbedtls_memory_buffer_alloc_free( void ) +void mbedtls_memory_buffer_alloc_free(void) { #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &heap.mutex ); + mbedtls_mutex_free(&heap.mutex); #endif - mbedtls_platform_zeroize( &heap, sizeof(buffer_alloc_ctx) ); + mbedtls_platform_zeroize(&heap, sizeof(buffer_alloc_ctx)); } #if defined(MBEDTLS_SELF_TEST) -static int check_pointer( void *p ) +static int check_pointer(void *p) { - if( p == NULL ) - return( -1 ); + if (p == NULL) { + return -1; + } - if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) - return( -1 ); + if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) { + return -1; + } - return( 0 ); + return 0; } -static int check_all_free( void ) +static int check_all_free(void) { - if( + if ( #if defined(MBEDTLS_MEMORY_DEBUG) heap.total_used != 0 || #endif heap.first != heap.first_free || - (void *) heap.first != (void *) heap.buf ) - { - return( -1 ); + (void *) heap.first != (void *) heap.buf) { + return -1; } - return( 0 ); + return 0; } -#define TEST_ASSERT( condition ) \ - if( ! (condition) ) \ +#define TEST_ASSERT(condition) \ + if (!(condition)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf( "failed\n" ); \ + if (verbose != 0) \ + mbedtls_printf("failed\n"); \ \ ret = 1; \ goto cleanup; \ } -int mbedtls_memory_buffer_alloc_self_test( int verbose ) +int mbedtls_memory_buffer_alloc_self_test(int verbose) { unsigned char buf[1024]; unsigned char *p, *q, *r, *end; int ret = 0; - if( verbose != 0 ) - mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #1 (basic alloc-free cycle): "); + } - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, 1); + q = mbedtls_calloc(1, 128); + r = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); + TEST_ASSERT(check_pointer(p) == 0 && + check_pointer(q) == 0 && + check_pointer(r) == 0); - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); + mbedtls_free(r); + mbedtls_free(q); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); /* Memorize end to compare with the next test */ end = heap.buf + heap.len; - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MBA test #2 (buf not aligned): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #2 (buf not aligned): "); + } - mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); + mbedtls_memory_buffer_alloc_init(buf + 1, sizeof(buf) - 1); - TEST_ASSERT( heap.buf + heap.len == end ); + TEST_ASSERT(heap.buf + heap.len == end); - p = mbedtls_calloc( 1, 1 ); - q = mbedtls_calloc( 1, 128 ); - r = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, 1); + q = mbedtls_calloc(1, 128); + r = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && - check_pointer( q ) == 0 && - check_pointer( r ) == 0 ); + TEST_ASSERT(check_pointer(p) == 0 && + check_pointer(q) == 0 && + check_pointer(r) == 0); - mbedtls_free( r ); - mbedtls_free( q ); - mbedtls_free( p ); + mbedtls_free(r); + mbedtls_free(q); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " MBA test #3 (full): " ); + if (verbose != 0) { + mbedtls_printf(" MBA test #3 (full): "); + } - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) ); + p = mbedtls_calloc(1, sizeof(buf) - sizeof(memory_header)); - TEST_ASSERT( check_pointer( p ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); + TEST_ASSERT(check_pointer(p) == 0); + TEST_ASSERT(mbedtls_calloc(1, 1) == NULL); - mbedtls_free( p ); + mbedtls_free(p); - p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); - q = mbedtls_calloc( 1, 16 ); + p = mbedtls_calloc(1, sizeof(buf) - 2 * sizeof(memory_header) - 16); + q = mbedtls_calloc(1, 16); - TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 ); - TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL ); + TEST_ASSERT(check_pointer(p) == 0 && check_pointer(q) == 0); + TEST_ASSERT(mbedtls_calloc(1, 1) == NULL); - mbedtls_free( q ); + mbedtls_free(q); - TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL ); + TEST_ASSERT(mbedtls_calloc(1, 17) == NULL); - mbedtls_free( p ); + mbedtls_free(p); - TEST_ASSERT( check_all_free( ) == 0 ); + TEST_ASSERT(check_all_free() == 0); - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } cleanup: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/mps_common.h b/third_party/mbedtls/repo/library/mps_common.h index d20776f1595..a41eb9aa672 100644 --- a/third_party/mbedtls/repo/library/mps_common.h +++ b/third_party/mbedtls/repo/library/mps_common.h @@ -1,20 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** @@ -51,7 +37,7 @@ * the function's behavior is entirely undefined. * In addition to state integrity, all MPS structures have a more refined * notion of abstract state that the API operates on. For example, all layers - * have a notion of 'abtract read state' which indicates if incoming data has + * have a notion of 'abstract read state' which indicates if incoming data has * been passed to the user, e.g. through mps_l2_read_start() for Layer 2 * or mps_l3_read() in Layer 3. After such a call, it doesn't make sense to * call these reading functions again until the incoming data has been @@ -99,41 +85,41 @@ #if defined(MBEDTLS_MPS_STATE_VALIDATION) -#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \ +#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string) \ do \ { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \ - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED ); \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string); \ + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED); \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_MPS_STATE_VALIDATION */ -#define MBEDTLS_MPS_STATE_VALIDATE_RAW( cond, string ) \ +#define MBEDTLS_MPS_STATE_VALIDATE_RAW(cond, string) \ do \ { \ - ( cond ); \ - } while( 0 ) + (cond); \ + } while (0) #endif /* MBEDTLS_MPS_STATE_VALIDATION */ #if defined(MBEDTLS_MPS_ENABLE_ASSERTIONS) -#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) \ +#define MBEDTLS_MPS_ASSERT_RAW(cond, string) \ do \ { \ - if( !(cond) ) \ + if (!(cond)) \ { \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, string ); \ - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_INTERNAL_ERROR ); \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, string); \ + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_INTERNAL_ERROR); \ } \ - } while( 0 ) + } while (0) #else /* MBEDTLS_MPS_ENABLE_ASSERTIONS */ -#define MBEDTLS_MPS_ASSERT_RAW( cond, string ) do {} while( 0 ) +#define MBEDTLS_MPS_ASSERT_RAW(cond, string) do {} while (0) #endif /* MBEDTLS_MPS_ENABLE_ASSERTIONS */ @@ -169,7 +155,7 @@ * */ typedef size_t mbedtls_mps_stored_size_t; -#define MBEDTLS_MPS_STORED_SIZE_MAX ( (mbedtls_mps_stored_size_t) -1 ) +#define MBEDTLS_MPS_STORED_SIZE_MAX ((mbedtls_mps_stored_size_t) -1) /** \brief The type of buffer sizes and offsets used in the MPS API * and implementation. @@ -183,7 +169,7 @@ typedef size_t mbedtls_mps_stored_size_t; * so almost 10%. */ typedef size_t mbedtls_mps_size_t; -#define MBEDTLS_MPS_SIZE_MAX ( (mbedtls_mps_size_t) -1 ) +#define MBEDTLS_MPS_SIZE_MAX ((mbedtls_mps_size_t) -1) #if MBEDTLS_MPS_STORED_SIZE_MAX > MBEDTLS_MPS_SIZE_MAX #error "Misconfiguration of mbedtls_mps_size_t and mbedtls_mps_stored_size_t." diff --git a/third_party/mbedtls/repo/library/mps_error.h b/third_party/mbedtls/repo/library/mps_error.h index f78d9a05f15..016a84ce49e 100644 --- a/third_party/mbedtls/repo/library/mps_error.h +++ b/third_party/mbedtls/repo/library/mps_error.h @@ -1,20 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** @@ -45,14 +31,14 @@ */ #ifndef MBEDTLS_MPS_ERR_BASE -#define MBEDTLS_MPS_ERR_BASE ( 0 ) +#define MBEDTLS_MPS_ERR_BASE (0) #endif #define MBEDTLS_MPS_MAKE_ERROR(code) \ - ( -( MBEDTLS_MPS_ERR_BASE | (code) ) ) + (-(MBEDTLS_MPS_ERR_BASE | (code))) -#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED MBEDTLS_MPS_MAKE_ERROR( 0x1 ) -#define MBEDTLS_ERR_MPS_INTERNAL_ERROR MBEDTLS_MPS_MAKE_ERROR( 0x2 ) +#define MBEDTLS_ERR_MPS_OPERATION_UNEXPECTED MBEDTLS_MPS_MAKE_ERROR(0x1) +#define MBEDTLS_ERR_MPS_INTERNAL_ERROR MBEDTLS_MPS_MAKE_ERROR(0x2) /* \} name SECTION: MPS general error codes */ @@ -63,40 +49,40 @@ */ #ifndef MBEDTLS_MPS_READER_ERR_BASE -#define MBEDTLS_MPS_READER_ERR_BASE ( 1 << 8 ) +#define MBEDTLS_MPS_READER_ERR_BASE (1 << 8) #endif #define MBEDTLS_MPS_READER_MAKE_ERROR(code) \ - ( -( MBEDTLS_MPS_READER_ERR_BASE | (code) ) ) + (-(MBEDTLS_MPS_READER_ERR_BASE | (code))) /*! An attempt to reclaim the data buffer from a reader failed because * the user hasn't yet read and committed all of it. */ -#define MBEDTLS_ERR_MPS_READER_DATA_LEFT MBEDTLS_MPS_READER_MAKE_ERROR( 0x1 ) +#define MBEDTLS_ERR_MPS_READER_DATA_LEFT MBEDTLS_MPS_READER_MAKE_ERROR(0x1) /*! An invalid argument was passed to the reader. */ -#define MBEDTLS_ERR_MPS_READER_INVALID_ARG MBEDTLS_MPS_READER_MAKE_ERROR( 0x2 ) +#define MBEDTLS_ERR_MPS_READER_INVALID_ARG MBEDTLS_MPS_READER_MAKE_ERROR(0x2) /*! An attempt to move a reader to consuming mode through mbedtls_mps_reader_feed() * after pausing failed because the provided data is not sufficient to serve the * read requests that led to the pausing. */ -#define MBEDTLS_ERR_MPS_READER_NEED_MORE MBEDTLS_MPS_READER_MAKE_ERROR( 0x3 ) +#define MBEDTLS_ERR_MPS_READER_NEED_MORE MBEDTLS_MPS_READER_MAKE_ERROR(0x3) /*! A get request failed because not enough data is available in the reader. */ -#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA MBEDTLS_MPS_READER_MAKE_ERROR( 0x4 ) +#define MBEDTLS_ERR_MPS_READER_OUT_OF_DATA MBEDTLS_MPS_READER_MAKE_ERROR(0x4) /*!< A get request after pausing and reactivating the reader failed because * the request is not in line with the request made prior to pausing. The user * must not change it's 'strategy' after pausing and reactivating a reader. */ -#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR( 0x5 ) +#define MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS MBEDTLS_MPS_READER_MAKE_ERROR(0x5) /*! An attempt to reclaim the data buffer from a reader failed because the reader * has no accumulator it can use to backup the data that hasn't been processed. */ -#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR MBEDTLS_MPS_READER_MAKE_ERROR( 0x6 ) +#define MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR MBEDTLS_MPS_READER_MAKE_ERROR(0x6) /*! An attempt to reclaim the data buffer from a reader failed because the * accumulator passed to the reader is not large enough to hold both the * data that hasn't been processed and the excess of the last read-request. */ -#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR( 0x7 ) +#define MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL MBEDTLS_MPS_READER_MAKE_ERROR(0x7) /* \} name SECTION: MPS Reader error codes */ diff --git a/third_party/mbedtls/repo/library/mps_reader.c b/third_party/mbedtls/repo/library/mps_reader.c index 9af5073cc90..36ca070e39e 100644 --- a/third_party/mbedtls/repo/library/mps_reader.c +++ b/third_party/mbedtls/repo/library/mps_reader.c @@ -2,21 +2,7 @@ * Message Processing Stack, Reader implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of Mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -29,11 +15,6 @@ #include -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - #if defined(MBEDTLS_MPS_ENABLE_TRACE) static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER; #endif /* MBEDTLS_MPS_ENABLE_TRACE */ @@ -72,54 +53,56 @@ static int mbedtls_mps_trace_id = MBEDTLS_MPS_TRACE_BIT_READER; */ static inline int mps_reader_is_accumulating( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { mbedtls_mps_size_t acc_remaining; - if( rd->acc == NULL ) - return( 0 ); + if (rd->acc == NULL) { + return 0; + } acc_remaining = rd->acc_share.acc_remaining; - return( acc_remaining > 0 ); + return acc_remaining > 0; } static inline int mps_reader_is_producing( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { unsigned char *frag = rd->frag; - return( frag == NULL ); + return frag == NULL; } static inline int mps_reader_is_consuming( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { - return( !mps_reader_is_producing( rd ) ); + return !mps_reader_is_producing(rd); } static inline mbedtls_mps_size_t mps_reader_get_fragment_offset( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { unsigned char *acc = rd->acc; mbedtls_mps_size_t frag_offset; - if( acc == NULL ) - return( 0 ); + if (acc == NULL) { + return 0; + } frag_offset = rd->acc_share.frag_offset; - return( frag_offset ); + return frag_offset; } static inline mbedtls_mps_size_t mps_reader_serving_from_accumulator( - mbedtls_mps_reader const *rd ) + mbedtls_mps_reader const *rd) { mbedtls_mps_size_t frag_offset, end; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); end = rd->end; - return( end < frag_offset ); + return end < frag_offset; } -static inline void mps_reader_zero( mbedtls_mps_reader *rd ) +static inline void mps_reader_zero(mbedtls_mps_reader *rd) { /* A plain memset() would likely be more efficient, * but the current way of zeroing makes it harder @@ -128,56 +111,56 @@ static inline void mps_reader_zero( mbedtls_mps_reader *rd ) * doesn't require reasoning about structs being * interpreted as unstructured binary blobs. */ static mbedtls_mps_reader const zero = - { .frag = NULL, - .frag_len = 0, - .commit = 0, - .end = 0, - .pending = 0, - .acc = NULL, - .acc_len = 0, - .acc_available = 0, - .acc_share = { .acc_remaining = 0 } - }; + { .frag = NULL, + .frag_len = 0, + .commit = 0, + .end = 0, + .pending = 0, + .acc = NULL, + .acc_len = 0, + .acc_available = 0, + .acc_share = { .acc_remaining = 0 } }; *rd = zero; } -int mbedtls_mps_reader_init( mbedtls_mps_reader *rd, - unsigned char *acc, - mbedtls_mps_size_t acc_len ) +int mbedtls_mps_reader_init(mbedtls_mps_reader *rd, + unsigned char *acc, + mbedtls_mps_size_t acc_len) { - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_init" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Accumulator size: %u bytes", (unsigned) acc_len ); - mps_reader_zero( rd ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_init"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Accumulator size: %u bytes", (unsigned) acc_len); + mps_reader_zero(rd); rd->acc = acc; rd->acc_len = acc_len; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_free( mbedtls_mps_reader *rd ) +int mbedtls_mps_reader_free(mbedtls_mps_reader *rd) { - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_free" ); - mps_reader_zero( rd ); - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_free"); + mps_reader_zero(rd); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, - unsigned char *new_frag, - mbedtls_mps_size_t new_frag_len ) +int mbedtls_mps_reader_feed(mbedtls_mps_reader *rd, + unsigned char *new_frag, + mbedtls_mps_size_t new_frag_len) { mbedtls_mps_size_t copy_to_acc; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_feed" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Fragment length: %u bytes", (unsigned) new_frag_len ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_feed"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Fragment length: %u bytes", (unsigned) new_frag_len); - if( new_frag == NULL ) - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_INVALID_ARG ); + if (new_frag == NULL) { + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_INVALID_ARG); + } - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_producing( rd ), - "mbedtls_mps_reader_feed() requires reader to be in producing mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_producing( + rd), + "mbedtls_mps_reader_feed() requires reader to be in producing mode"); - if( mps_reader_is_accumulating( rd ) ) - { + if (mps_reader_is_accumulating(rd)) { unsigned char *acc = rd->acc; mbedtls_mps_size_t acc_remaining = rd->acc_share.acc_remaining; mbedtls_mps_size_t acc_available = rd->acc_available; @@ -186,39 +169,38 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, acc += acc_available; copy_to_acc = acc_remaining; - if( copy_to_acc > new_frag_len ) + if (copy_to_acc > new_frag_len) { copy_to_acc = new_frag_len; + } /* Copy new contents to accumulator. */ - memcpy( acc, new_frag, copy_to_acc ); + memcpy(acc, new_frag, copy_to_acc); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Copy new data of size %u of %u into accumulator at offset %u", - (unsigned) copy_to_acc, (unsigned) new_frag_len, (unsigned) acc_available ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Copy new data of size %u of %u into accumulator at offset %u", + (unsigned) copy_to_acc, (unsigned) new_frag_len, + (unsigned) acc_available); /* Check if, with the new fragment, we have enough data. */ acc_remaining -= copy_to_acc; - if( acc_remaining > 0 ) - { + if (acc_remaining > 0) { /* We need to accumulate more data. Stay in producing mode. */ acc_available += copy_to_acc; rd->acc_share.acc_remaining = acc_remaining; rd->acc_available = acc_available; - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_NEED_MORE ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_NEED_MORE); } /* We have filled the accumulator: Move to consuming mode. */ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Enough data available to serve user request" ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Enough data available to serve user request"); /* Remember overlap of accumulator and fragment. */ rd->acc_share.frag_offset = acc_available; acc_available += copy_to_acc; rd->acc_available = acc_available; - } - else /* Not accumulating */ - { + } else { /* Not accumulating */ rd->acc_share.frag_offset = 0; } @@ -226,30 +208,30 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *rd, rd->frag_len = new_frag_len; rd->commit = 0; rd->end = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, - mbedtls_mps_size_t desired, - unsigned char **buffer, - mbedtls_mps_size_t *buflen ) +int mbedtls_mps_reader_get(mbedtls_mps_reader *rd, + mbedtls_mps_size_t desired, + unsigned char **buffer, + mbedtls_mps_size_t *buflen) { unsigned char *frag; mbedtls_mps_size_t frag_len, frag_offset, end, frag_fetched, frag_remaining; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_get" ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "* Bytes requested: %u", (unsigned) desired ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_get"); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "* Bytes requested: %u", (unsigned) desired); - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_get() requires reader to be in consuming mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_get() requires reader to be in consuming mode"); end = rd->end; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); /* Check if we're still serving from the accumulator. */ - if( mps_reader_serving_from_accumulator( rd ) ) - { + if (mps_reader_serving_from_accumulator(rd)) { /* Illustration of supported and unsupported cases: * * - Allowed #1 @@ -315,14 +297,12 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, unsigned char *acc; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Serve the request from the accumulator" ); - if( frag_offset - end < desired ) - { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Serve the request from the accumulator"); + if (frag_offset - end < desired) { mbedtls_mps_size_t acc_available; acc_available = rd->acc_available; - if( acc_available - end != desired ) - { + if (acc_available - end != desired) { /* It might be possible to serve some of these situations by * making additional space in the accumulator, removing those * parts that have already been committed. @@ -334,7 +314,7 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, * the library, this check is a good opportunity to * validate this. */ MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); } } @@ -342,19 +322,20 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, acc += end; *buffer = acc; - if( buflen != NULL ) + if (buflen != NULL) { *buflen = desired; + } end += desired; rd->end = end; rd->pending = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } /* Attempt to serve the request from the current fragment */ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Serve the request from the current fragment." ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Serve the request from the current fragment."); frag_len = rd->frag_len; frag_fetched = end - frag_offset; /* The amount of data from the current @@ -363,23 +344,20 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, frag_remaining = frag_len - frag_fetched; /* Remaining data in fragment */ /* Check if we can serve the read request from the fragment. */ - if( frag_remaining < desired ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There's not enough data in the current fragment " - "to serve the request." ); + if (frag_remaining < desired) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There's not enough data in the current fragment " + "to serve the request."); /* There's not enough data in the current fragment, * so either just RETURN what we have or fail. */ - if( buflen == NULL ) - { - if( frag_remaining > 0 ) - { + if (buflen == NULL) { + if (frag_remaining > 0) { rd->pending = desired - frag_remaining; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Remember to collect %u bytes before re-opening", - (unsigned) rd->pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Remember to collect %u bytes before re-opening", + (unsigned) rd->pending); } - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); } desired = frag_remaining; @@ -392,41 +370,45 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *rd, frag += frag_fetched; *buffer = frag; - if( buflen != NULL ) + if (buflen != NULL) { *buflen = desired; + } end += desired; rd->end = end; rd->pending = 0; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_commit( mbedtls_mps_reader *rd ) +int mbedtls_mps_reader_commit(mbedtls_mps_reader *rd) { mbedtls_mps_size_t end; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_commit" ); - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_commit() requires reader to be in consuming mode" ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_commit"); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_commit() requires reader to be in consuming mode"); end = rd->end; rd->commit = end; - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE_RETURN(0); } -int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, - int *paused ) +int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *rd, + int *paused) { unsigned char *frag, *acc; mbedtls_mps_size_t pending, commit; mbedtls_mps_size_t acc_len, frag_offset, frag_len; - MBEDTLS_MPS_TRACE_INIT( "mbedtls_mps_reader_reclaim" ); + MBEDTLS_MPS_TRACE_INIT("mbedtls_mps_reader_reclaim"); - if( paused != NULL ) + if (paused != NULL) { *paused = 0; + } - MBEDTLS_MPS_STATE_VALIDATE_RAW( mps_reader_is_consuming( rd ), - "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode" ); + MBEDTLS_MPS_STATE_VALIDATE_RAW(mps_reader_is_consuming( + rd), + "mbedtls_mps_reader_reclaim() requires reader to be in consuming mode"); frag = rd->frag; acc = rd->acc; @@ -434,30 +416,26 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, commit = rd->commit; frag_len = rd->frag_len; - frag_offset = mps_reader_get_fragment_offset( rd ); + frag_offset = mps_reader_get_fragment_offset(rd); - if( pending == 0 ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "No unsatisfied read-request has been logged." ); + if (pending == 0) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "No unsatisfied read-request has been logged."); /* Check if there's data left to be consumed. */ - if( commit < frag_offset || commit - frag_offset < frag_len ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There is data left to be consumed." ); + if (commit < frag_offset || commit - frag_offset < frag_len) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There is data left to be consumed."); rd->end = commit; - MBEDTLS_MPS_TRACE_RETURN( MBEDTLS_ERR_MPS_READER_DATA_LEFT ); + MBEDTLS_MPS_TRACE_RETURN(MBEDTLS_ERR_MPS_READER_DATA_LEFT); } rd->acc_available = 0; rd->acc_share.acc_remaining = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Fragment has been fully processed and committed." ); - } - else - { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Fragment has been fully processed and committed."); + } else { int overflow; mbedtls_mps_size_t acc_backup_offset; @@ -468,31 +446,27 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, mbedtls_mps_size_t backup_len; mbedtls_mps_size_t acc_len_needed; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "There has been an unsatisfied read with %u bytes overhead.", - (unsigned) pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "There has been an unsatisfied read with %u bytes overhead.", + (unsigned) pending); - if( acc == NULL ) - { - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "No accumulator present" ); + if (acc == NULL) { + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "No accumulator present"); MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR ); + MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR); } acc_len = rd->acc_len; /* Check if the upper layer has already fetched * and committed the contents of the accumulator. */ - if( commit < frag_offset ) - { + if (commit < frag_offset) { /* No, accumulator is still being processed. */ frag_backup_offset = 0; frag_backup_len = frag_len; acc_backup_offset = commit; acc_backup_len = frag_offset - commit; - } - else - { + } else { /* Yes, the accumulator is already processed. */ frag_backup_offset = commit - frag_offset; frag_backup_len = frag_len - frag_backup_offset; @@ -504,47 +478,47 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, acc_len_needed = backup_len + pending; overflow = 0; - overflow |= ( backup_len < acc_backup_len ); - overflow |= ( acc_len_needed < backup_len ); + overflow |= (backup_len < acc_backup_len); + overflow |= (acc_len_needed < backup_len); - if( overflow || acc_len < acc_len_needed ) - { + if (overflow || acc_len < acc_len_needed) { /* Except for the different return code, we behave as if * there hadn't been a call to mbedtls_mps_reader_get() * since the last commit. */ rd->end = commit; rd->pending = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "The accumulator is too small to handle the backup." ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "* Size: %u", (unsigned) acc_len ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_ERROR, - "* Needed: %u (%u + %u)", - (unsigned) acc_len_needed, - (unsigned) backup_len, (unsigned) pending ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "The accumulator is too small to handle the backup."); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "* Size: %u", (unsigned) acc_len); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_ERROR, + "* Needed: %u (%u + %u)", + (unsigned) acc_len_needed, + (unsigned) backup_len, (unsigned) pending); MBEDTLS_MPS_TRACE_RETURN( - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); } - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Fragment backup: %u", (unsigned) frag_backup_len ); - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Accumulator backup: %u", (unsigned) acc_backup_len ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Fragment backup: %u", (unsigned) frag_backup_len); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Accumulator backup: %u", (unsigned) acc_backup_len); /* Move uncommitted parts from the accumulator to the front * of the accumulator. */ - memmove( acc, acc + acc_backup_offset, acc_backup_len ); + memmove(acc, acc + acc_backup_offset, acc_backup_len); - /* Copy uncmmitted parts of the current fragment to the + /* Copy uncommitted parts of the current fragment to the * accumulator. */ - memcpy( acc + acc_backup_len, - frag + frag_backup_offset, frag_backup_len ); + memcpy(acc + acc_backup_len, + frag + frag_backup_offset, frag_backup_len); rd->acc_available = backup_len; rd->acc_share.acc_remaining = pending; - if( paused != NULL ) + if (paused != NULL) { *paused = 1; + } } rd->frag = NULL; @@ -554,11 +528,11 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *rd, rd->end = 0; rd->pending = 0; - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_COMMENT, - "Final state: aa %u, al %u, ar %u", - (unsigned) rd->acc_available, (unsigned) rd->acc_len, - (unsigned) rd->acc_share.acc_remaining ); - MBEDTLS_MPS_TRACE_RETURN( 0 ); + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_COMMENT, + "Final state: aa %u, al %u, ar %u", + (unsigned) rd->acc_available, (unsigned) rd->acc_len, + (unsigned) rd->acc_share.acc_remaining); + MBEDTLS_MPS_TRACE_RETURN(0); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/third_party/mbedtls/repo/library/mps_reader.h b/third_party/mbedtls/repo/library/mps_reader.h index 427c1bd254f..3193a5e334e 100644 --- a/third_party/mbedtls/repo/library/mps_reader.h +++ b/third_party/mbedtls/repo/library/mps_reader.h @@ -1,20 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** @@ -134,8 +120,7 @@ typedef struct mbedtls_mps_reader mbedtls_mps_reader; * Structure definitions */ -struct mbedtls_mps_reader -{ +struct mbedtls_mps_reader { unsigned char *frag; /*!< The fragment of incoming data managed by * the reader; it is provided to the reader * through mbedtls_mps_reader_feed(). The reader @@ -146,46 +131,46 @@ struct mbedtls_mps_reader * The reader is in consuming mode if * and only if \c frag is not \c NULL. */ mbedtls_mps_stored_size_t frag_len; - /*!< The length of the current fragment. - * Must be 0 if \c frag == \c NULL. */ + /*!< The length of the current fragment. + * Must be 0 if \c frag == \c NULL. */ mbedtls_mps_stored_size_t commit; - /*!< The offset of the last commit, relative - * to the first byte in the fragment, if - * no accumulator is present. If an accumulator - * is present, it is viewed as a prefix to the - * current fragment, and this variable contains - * an offset from the beginning of the accumulator. - * - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The offset of the last commit, relative + * to the first byte in the fragment, if + * no accumulator is present. If an accumulator + * is present, it is viewed as a prefix to the + * current fragment, and this variable contains + * an offset from the beginning of the accumulator. + * + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ mbedtls_mps_stored_size_t end; - /*!< The offset of the end of the last chunk - * passed to the user through a call to - * mbedtls_mps_reader_get(), relative to the first - * byte in the fragment, if no accumulator is - * present. If an accumulator is present, it is - * viewed as a prefix to the current fragment, and - * this variable contains an offset from the - * beginning of the accumulator. - * - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The offset of the end of the last chunk + * passed to the user through a call to + * mbedtls_mps_reader_get(), relative to the first + * byte in the fragment, if no accumulator is + * present. If an accumulator is present, it is + * viewed as a prefix to the current fragment, and + * this variable contains an offset from the + * beginning of the accumulator. + * + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ mbedtls_mps_stored_size_t pending; - /*!< The amount of incoming data missing on the - * last call to mbedtls_mps_reader_get(). - * In particular, it is \c 0 if the last call - * was successful. - * If a reader is reclaimed after an - * unsuccessful call to mbedtls_mps_reader_get(), - * this variable is used to have the reader - * remember how much data should be accumulated - * so that the call to mbedtls_mps_reader_get() - * succeeds next time. - * This is only used when the reader is in - * consuming mode, i.e. \c frag != \c NULL; - * otherwise, its value is \c 0. */ + /*!< The amount of incoming data missing on the + * last call to mbedtls_mps_reader_get(). + * In particular, it is \c 0 if the last call + * was successful. + * If a reader is reclaimed after an + * unsuccessful call to mbedtls_mps_reader_get(), + * this variable is used to have the reader + * remember how much data should be accumulated + * so that the call to mbedtls_mps_reader_get() + * succeeds next time. + * This is only used when the reader is in + * consuming mode, i.e. \c frag != \c NULL; + * otherwise, its value is \c 0. */ /* The accumulator is only needed if we need to be able to pause * the reader. A few bytes could be saved by moving this to a @@ -195,32 +180,31 @@ struct mbedtls_mps_reader * data if a read-request via mbedtls_mps_reader_get() * cannot be served from the current fragment. */ mbedtls_mps_stored_size_t acc_len; - /*!< The total size of the accumulator. */ + /*!< The total size of the accumulator. */ mbedtls_mps_stored_size_t acc_available; - /*!< The number of bytes currently gathered in - * the accumulator. This is both used in - * producing and in consuming mode: - * While producing, it is increased until - * it reaches the value of \c acc_remaining below. - * While consuming, it is used to judge if a - * get request can be served from the - * accumulator or not. - * Must not be larger than \c acc_len. */ - union - { + /*!< The number of bytes currently gathered in + * the accumulator. This is both used in + * producing and in consuming mode: + * While producing, it is increased until + * it reaches the value of \c acc_remaining below. + * While consuming, it is used to judge if a + * get request can be served from the + * accumulator or not. + * Must not be larger than \c acc_len. */ + union { mbedtls_mps_stored_size_t acc_remaining; - /*!< This indicates the amount of data still - * to be gathered in the accumulator. It is - * only used in producing mode. - * Must be at most acc_len - acc_available. */ + /*!< This indicates the amount of data still + * to be gathered in the accumulator. It is + * only used in producing mode. + * Must be at most acc_len - acc_available. */ mbedtls_mps_stored_size_t frag_offset; - /*!< If an accumulator is present and in use, this - * field indicates the offset of the current - * fragment from the beginning of the - * accumulator. If no accumulator is present - * or the accumulator is not in use, this is \c 0. - * It is only used in consuming mode. - * Must not be larger than \c acc_available. */ + /*!< If an accumulator is present and in use, this + * field indicates the offset of the current + * fragment from the beginning of the + * accumulator. If no accumulator is present + * or the accumulator is not in use, this is \c 0. + * It is only used in consuming mode. + * Must not be larger than \c acc_available. */ } acc_share; }; @@ -254,9 +238,9 @@ struct mbedtls_mps_reader * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_init( mbedtls_mps_reader *reader, - unsigned char *acc, - mbedtls_mps_size_t acc_len ); +int mbedtls_mps_reader_init(mbedtls_mps_reader *reader, + unsigned char *acc, + mbedtls_mps_size_t acc_len); /** * \brief Free a reader object @@ -266,7 +250,7 @@ int mbedtls_mps_reader_init( mbedtls_mps_reader *reader, * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_free( mbedtls_mps_reader *reader ); +int mbedtls_mps_reader_free(mbedtls_mps_reader *reader); /** * \brief Pass chunk of data for the reader to manage. @@ -291,9 +275,9 @@ int mbedtls_mps_reader_free( mbedtls_mps_reader *reader ); * \return Another negative \c MBEDTLS_ERR_READER_XXX error code on * different kinds of failures. */ -int mbedtls_mps_reader_feed( mbedtls_mps_reader *reader, - unsigned char *buf, - mbedtls_mps_size_t buflen ); +int mbedtls_mps_reader_feed(mbedtls_mps_reader *reader, + unsigned char *buf, + mbedtls_mps_size_t buflen); /** * \brief Reclaim reader's access to the current input buffer. @@ -310,8 +294,8 @@ int mbedtls_mps_reader_feed( mbedtls_mps_reader *reader, * \return \c 0 on success. * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. */ -int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *reader, - int *paused ); +int mbedtls_mps_reader_reclaim(mbedtls_mps_reader *reader, + int *paused); /* * Usage API (Upper layer) @@ -353,10 +337,10 @@ int mbedtls_mps_reader_reclaim( mbedtls_mps_reader *reader, * address as buflen and checking \c *buflen == \c desired * afterwards. */ -int mbedtls_mps_reader_get( mbedtls_mps_reader *reader, - mbedtls_mps_size_t desired, - unsigned char **buffer, - mbedtls_mps_size_t *buflen ); +int mbedtls_mps_reader_get(mbedtls_mps_reader *reader, + mbedtls_mps_size_t desired, + unsigned char **buffer, + mbedtls_mps_size_t *buflen); /** * \brief Mark data obtained from mbedtls_mps_reader_get() as processed. @@ -377,6 +361,6 @@ int mbedtls_mps_reader_get( mbedtls_mps_reader *reader, * \return A negative \c MBEDTLS_ERR_READER_XXX error code on failure. * */ -int mbedtls_mps_reader_commit( mbedtls_mps_reader *reader ); +int mbedtls_mps_reader_commit(mbedtls_mps_reader *reader); #endif /* MBEDTLS_READER_H */ diff --git a/third_party/mbedtls/repo/library/mps_trace.c b/third_party/mbedtls/repo/library/mps_trace.c index 6026a07163b..4f580d71ca8 100644 --- a/third_party/mbedtls/repo/library/mps_trace.c +++ b/third_party/mbedtls/repo/library/mps_trace.c @@ -2,21 +2,7 @@ * Message Processing Stack, Trace module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of Mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -41,7 +27,7 @@ static int trace_depth = 0; #define color_cyan "\x1B[1;36m" #define color_white "\x1B[1;37m" -static char const * colors[] = +static char const *colors[] = { color_default, color_green, @@ -54,19 +40,18 @@ static char const * colors[] = #define MPS_TRACE_BUF_SIZE 100 -void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... ) +void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...) { int ret; char str[MPS_TRACE_BUF_SIZE]; va_list argp; - va_start( argp, format ); - ret = mbedtls_vsnprintf( str, MPS_TRACE_BUF_SIZE, format, argp ); - va_end( argp ); + va_start(argp, format); + ret = mbedtls_vsnprintf(str, MPS_TRACE_BUF_SIZE, format, argp); + va_end(argp); - if( ret >= 0 && ret < MPS_TRACE_BUF_SIZE ) - { + if (ret >= 0 && ret < MPS_TRACE_BUF_SIZE) { str[ret] = '\0'; - mbedtls_printf( "[%d|L%d]: %s\n", id, line, str ); + mbedtls_printf("[%d|L%d]: %s\n", id, line, str); } } @@ -83,39 +68,39 @@ void mbedtls_mps_trace_inc_depth() trace_depth++; } -void mbedtls_mps_trace_color( int id ) +void mbedtls_mps_trace_color(int id) { - if( id > (int) ( sizeof( colors ) / sizeof( *colors ) ) ) + if (id > (int) (sizeof(colors) / sizeof(*colors))) { return; - printf( "%s", colors[ id ] ); + } + printf("%s", colors[id]); } -void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty ) +void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty) { - if( level > 0 ) - { - while( --level ) - printf( "| " ); + if (level > 0) { + while (--level) { + printf("| "); + } - printf( "| " ); + printf("| "); } - switch( ty ) - { + switch (ty) { case MBEDTLS_MPS_TRACE_TYPE_COMMENT: - mbedtls_printf( "@ " ); + mbedtls_printf("@ "); break; case MBEDTLS_MPS_TRACE_TYPE_CALL: - mbedtls_printf( "+--> " ); + mbedtls_printf("+--> "); break; case MBEDTLS_MPS_TRACE_TYPE_ERROR: - mbedtls_printf( "E " ); + mbedtls_printf("E "); break; case MBEDTLS_MPS_TRACE_TYPE_RETURN: - mbedtls_printf( "< " ); + mbedtls_printf("< "); break; default: diff --git a/third_party/mbedtls/repo/library/mps_trace.h b/third_party/mbedtls/repo/library/mps_trace.h index 7c2360118aa..b456b2ffddf 100644 --- a/third_party/mbedtls/repo/library/mps_trace.h +++ b/third_party/mbedtls/repo/library/mps_trace.h @@ -1,20 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** @@ -30,13 +16,7 @@ #include "mps_common.h" #include "mps_trace.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#define mbedtls_vsnprintf vsnprintf -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_MPS_ENABLE_TRACE) @@ -58,8 +38,7 @@ * rest of this file. */ -typedef enum -{ +typedef enum { MBEDTLS_MPS_TRACE_TYPE_COMMENT, MBEDTLS_MPS_TRACE_TYPE_CALL, MBEDTLS_MPS_TRACE_TYPE_ERROR, @@ -74,101 +53,101 @@ typedef enum #define MBEDTLS_MPS_TRACE_BIT_READER 6 #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_1) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_1 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_1) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_1 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_2) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_2 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_2) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_2 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_3) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_3 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_3) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_3 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_LAYER_4) -#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4 ) +#define MBEDTLS_MPS_TRACE_MASK_LAYER_4 (1u << MBEDTLS_MPS_TRACE_BIT_LAYER_4) #else #define MBEDTLS_MPS_TRACE_MASK_LAYER_4 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_READER) -#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER ) +#define MBEDTLS_MPS_TRACE_MASK_READER (1u << MBEDTLS_MPS_TRACE_BIT_READER) #else #define MBEDTLS_MPS_TRACE_MASK_READER 0 #endif #if defined(MBEDTLS_MPS_TRACE_ENABLE_WRITER) -#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER ) +#define MBEDTLS_MPS_TRACE_MASK_WRITER (1u << MBEDTLS_MPS_TRACE_BIT_WRITER) #else #define MBEDTLS_MPS_TRACE_MASK_WRITER 0 #endif -#define MBEDTLS_MPS_TRACE_MASK ( MBEDTLS_MPS_TRACE_MASK_LAYER_1 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_2 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_3 | \ - MBEDTLS_MPS_TRACE_MASK_LAYER_4 | \ - MBEDTLS_MPS_TRACE_MASK_READER | \ - MBEDTLS_MPS_TRACE_MASK_WRITER ) +#define MBEDTLS_MPS_TRACE_MASK (MBEDTLS_MPS_TRACE_MASK_LAYER_1 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_2 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_3 | \ + MBEDTLS_MPS_TRACE_MASK_LAYER_4 | \ + MBEDTLS_MPS_TRACE_MASK_READER | \ + MBEDTLS_MPS_TRACE_MASK_WRITER) /* We have to avoid globals because E-ACSL chokes on them... * Wrap everything in stub functions. */ -int mbedtls_mps_trace_get_depth( void ); -void mbedtls_mps_trace_inc_depth( void ); -void mbedtls_mps_trace_dec_depth( void ); +int mbedtls_mps_trace_get_depth(void); +void mbedtls_mps_trace_inc_depth(void); +void mbedtls_mps_trace_dec_depth(void); -void mbedtls_mps_trace_color( int id ); -void mbedtls_mps_trace_indent( int level, mbedtls_mps_trace_type ty ); +void mbedtls_mps_trace_color(int id); +void mbedtls_mps_trace_indent(int level, mbedtls_mps_trace_type ty); -void mbedtls_mps_trace_print_msg( int id, int line, const char *format, ... ); +void mbedtls_mps_trace_print_msg(int id, int line, const char *format, ...); -#define MBEDTLS_MPS_TRACE( type, ... ) \ +#define MBEDTLS_MPS_TRACE(type, ...) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - mbedtls_mps_trace_indent( mbedtls_mps_trace_get_depth(), type ); \ - mbedtls_mps_trace_color( mbedtls_mps_trace_id ); \ - mbedtls_mps_trace_print_msg( mbedtls_mps_trace_id, __LINE__, __VA_ARGS__ ); \ - mbedtls_mps_trace_color( 0 ); \ - } while( 0 ) - -#define MBEDTLS_MPS_TRACE_INIT( ... ) \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + mbedtls_mps_trace_indent(mbedtls_mps_trace_get_depth(), type); \ + mbedtls_mps_trace_color(mbedtls_mps_trace_id); \ + mbedtls_mps_trace_print_msg(mbedtls_mps_trace_id, __LINE__, __VA_ARGS__); \ + mbedtls_mps_trace_color(0); \ + } while (0) + +#define MBEDTLS_MPS_TRACE_INIT(...) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__ ); \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_CALL, __VA_ARGS__); \ mbedtls_mps_trace_inc_depth(); \ - } while( 0 ) + } while (0) -#define MBEDTLS_MPS_TRACE_END( val ) \ +#define MBEDTLS_MPS_TRACE_END(val) \ do { \ - if( ! ( MBEDTLS_MPS_TRACE_MASK & ( 1u << mbedtls_mps_trace_id ) ) ) \ - break; \ - MBEDTLS_MPS_TRACE( MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)", \ - (int) (val), -((unsigned)(val)) ); \ + if (!(MBEDTLS_MPS_TRACE_MASK & (1u << mbedtls_mps_trace_id))) \ + break; \ + MBEDTLS_MPS_TRACE(MBEDTLS_MPS_TRACE_TYPE_RETURN, "%d (-%#04x)", \ + (int) (val), -((unsigned) (val))); \ mbedtls_mps_trace_dec_depth(); \ - } while( 0 ) + } while (0) -#define MBEDTLS_MPS_TRACE_RETURN( val ) \ +#define MBEDTLS_MPS_TRACE_RETURN(val) \ do { \ /* Breaks tail recursion. */ \ int ret__ = val; \ - MBEDTLS_MPS_TRACE_END( ret__ ); \ - return( ret__ ); \ - } while( 0 ) + MBEDTLS_MPS_TRACE_END(ret__); \ + return ret__; \ + } while (0) #else /* MBEDTLS_MPS_TRACE */ -#define MBEDTLS_MPS_TRACE( type, ... ) do { } while( 0 ) -#define MBEDTLS_MPS_TRACE_INIT( ... ) do { } while( 0 ) -#define MBEDTLS_MPS_TRACE_END do { } while( 0 ) +#define MBEDTLS_MPS_TRACE(type, ...) do { } while (0) +#define MBEDTLS_MPS_TRACE_INIT(...) do { } while (0) +#define MBEDTLS_MPS_TRACE_END do { } while (0) -#define MBEDTLS_MPS_TRACE_RETURN( val ) return( val ); +#define MBEDTLS_MPS_TRACE_RETURN(val) return val; #endif /* MBEDTLS_MPS_TRACE */ diff --git a/third_party/mbedtls/repo/library/net_sockets.c b/third_party/mbedtls/repo/library/net_sockets.c index 5fbe1f764a4..8140eeade42 100644 --- a/third_party/mbedtls/repo/library/net_sockets.c +++ b/third_party/mbedtls/repo/library/net_sockets.c @@ -2,19 +2,7 @@ * TCP/IP or UDP/IP networking functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of getaddrinfo() even when compiling with -std=c99. Must @@ -37,11 +25,7 @@ #error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#endif #include "mbedtls/net_sockets.h" #include "mbedtls/error.h" @@ -51,7 +35,7 @@ #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) -#define IS_EINTR( ret ) ( ( ret ) == WSAEINTR ) +#define IS_EINTR(ret) ((ret) == WSAEINTR) #if !defined(_WIN32_WINNT) /* Enables getaddrinfo() & Co */ @@ -74,8 +58,8 @@ #endif #endif /* _MSC_VER */ -#define read(fd,buf,len) recv( fd, (char*)( buf ), (int)( len ), 0 ) -#define write(fd,buf,len) send( fd, (char*)( buf ), (int)( len ), 0 ) +#define read(fd, buf, len) recv(fd, (char *) (buf), (int) (len), 0) +#define write(fd, buf, len) send(fd, (char *) (buf), (int) (len), 0) #define close(fd) closesocket(fd) static int wsa_init_done = 0; @@ -93,7 +77,8 @@ static int wsa_init_done = 0; #include #include -#define IS_EINTR( ret ) ( ( ret ) == EINTR ) +#define IS_EINTR(ret) ((ret) == EINTR) +#define SOCKET int #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ @@ -107,32 +92,34 @@ static int wsa_init_done = 0; #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include /* * Prepare for using the sockets interface */ -static int net_prepare( void ) +static int net_prepare(void) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) WSADATA wsaData; - if( wsa_init_done == 0 ) - { - if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 ) - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + if (wsa_init_done == 0) { + if (WSAStartup(MAKEWORD(2, 0), &wsaData) != 0) { + return MBEDTLS_ERR_NET_SOCKET_FAILED; + } wsa_init_done = 1; } #else #if !defined(EFIX64) && !defined(EFI32) - signal( SIGPIPE, SIG_IGN ); + signal(SIGPIPE, SIG_IGN); #endif #endif - return( 0 ); + return 0; } /* @@ -140,10 +127,11 @@ static int net_prepare( void ) * If for_select != 0, check whether the file descriptor is within the range * allowed for fd_set used for the FD_xxx macros and the select() function. */ -static int check_fd( int fd, int for_select ) +static int check_fd(int fd, int for_select) { - if( fd < 0 ) - return( MBEDTLS_ERR_NET_INVALID_CONTEXT ); + if (fd < 0) { + return MBEDTLS_ERR_NET_INVALID_CONTEXT; + } #if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) @@ -153,17 +141,18 @@ static int check_fd( int fd, int for_select ) * that are strictly less than FD_SETSIZE. This is a limitation of the * fd_set type. Error out early, because attempting to call FD_SET on a * large file descriptor is a buffer overflow on typical platforms. */ - if( for_select && fd >= FD_SETSIZE ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + if (for_select && fd >= FD_SETSIZE) { + return MBEDTLS_ERR_NET_POLL_FAILED; + } #endif - return( 0 ); + return 0; } /* * Initialize a context */ -void mbedtls_net_init( mbedtls_net_context *ctx ) +void mbedtls_net_init(mbedtls_net_context *ctx) { ctx->fd = -1; } @@ -171,107 +160,103 @@ void mbedtls_net_init( mbedtls_net_context *ctx ) /* * Initiate a TCP connection with host:port and the given protocol */ -int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, - const char *port, int proto ) +int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, + const char *port, int proto) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct addrinfo hints, *addr_list, *cur; - if( ( ret = net_prepare() ) != 0 ) - return( ret ); + if ((ret = net_prepare()) != 0) { + return ret; + } /* Do name resolution with both IPv6 and IPv4 */ - memset( &hints, 0, sizeof( hints ) ); + memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( getaddrinfo( host, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + if (getaddrinfo(host, port, &hints, &addr_list) != 0) { + return MBEDTLS_ERR_NET_UNKNOWN_HOST; + } /* Try the sockaddrs until a connection succeeds */ ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { + for (cur = addr_list; cur != NULL; cur = cur->ai_next) { + ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype, + cur->ai_protocol); + if (ctx->fd < 0) { ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 ) - { + if (connect(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) == 0) { ret = 0; break; } - close( ctx->fd ); + close(ctx->fd); ret = MBEDTLS_ERR_NET_CONNECT_FAILED; } - freeaddrinfo( addr_list ); + freeaddrinfo(addr_list); - return( ret ); + return ret; } /* * Create a listening socket on bind_ip:port */ -int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto ) +int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto) { int n, ret; struct addrinfo hints, *addr_list, *cur; - if( ( ret = net_prepare() ) != 0 ) - return( ret ); + if ((ret = net_prepare()) != 0) { + return ret; + } /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ - memset( &hints, 0, sizeof( hints ) ); + memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; - if( bind_ip == NULL ) + if (bind_ip == NULL) { hints.ai_flags = AI_PASSIVE; + } - if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 ) - return( MBEDTLS_ERR_NET_UNKNOWN_HOST ); + if (getaddrinfo(bind_ip, port, &hints, &addr_list) != 0) { + return MBEDTLS_ERR_NET_UNKNOWN_HOST; + } /* Try the sockaddrs until a binding succeeds */ ret = MBEDTLS_ERR_NET_UNKNOWN_HOST; - for( cur = addr_list; cur != NULL; cur = cur->ai_next ) - { - ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype, - cur->ai_protocol ); - if( ctx->fd < 0 ) - { + for (cur = addr_list; cur != NULL; cur = cur->ai_next) { + ctx->fd = (int) socket(cur->ai_family, cur->ai_socktype, + cur->ai_protocol); + if (ctx->fd < 0) { ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } n = 1; - if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &n, sizeof( n ) ) != 0 ) - { - close( ctx->fd ); + if (setsockopt(ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &n, sizeof(n)) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_SOCKET_FAILED; continue; } - if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 ) - { - close( ctx->fd ); + if (bind(ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_BIND_FAILED; continue; } /* Listen only makes sense for TCP */ - if( proto == MBEDTLS_NET_PROTO_TCP ) - { - if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 ) - { - close( ctx->fd ); + if (proto == MBEDTLS_NET_PROTO_TCP) { + if (listen(ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG) != 0) { + close(ctx->fd); ret = MBEDTLS_ERR_NET_LISTEN_FAILED; continue; } @@ -282,22 +267,22 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char break; } - freeaddrinfo( addr_list ); + freeaddrinfo(addr_list); - return( ret ); + return ret; } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) /* * Check if the requested operation would be blocking on a non-blocking socket * and thus 'failed' with a negative return value. */ -static int net_would_block( const mbedtls_net_context *ctx ) +static int net_would_block(const mbedtls_net_context *ctx) { ((void) ctx); - return( WSAGetLastError() == WSAEWOULDBLOCK ); + return WSAGetLastError() == WSAEWOULDBLOCK; } #else /* @@ -306,39 +291,37 @@ static int net_would_block( const mbedtls_net_context *ctx ) * * Note: on a blocking socket this function always returns 0! */ -static int net_would_block( const mbedtls_net_context *ctx ) +static int net_would_block(const mbedtls_net_context *ctx) { int err = errno; /* * Never return 'WOULD BLOCK' on a blocking socket */ - if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK ) - { + if ((fcntl(ctx->fd, F_GETFL) & O_NONBLOCK) != O_NONBLOCK) { errno = err; - return( 0 ); + return 0; } - switch( errno = err ) - { + switch (errno = err) { #if defined EAGAIN case EAGAIN: #endif #if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN case EWOULDBLOCK: #endif - return( 1 ); + return 1; } - return( 0 ); + return 0; } #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ /* * Accept a connection from a remote client */ -int mbedtls_net_accept( mbedtls_net_context *bind_ctx, - mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len ) +int mbedtls_net_accept(mbedtls_net_context *bind_ctx, + mbedtls_net_context *client_ctx, + void *client_ip, size_t buf_size, size_t *ip_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int type; @@ -348,132 +331,123 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx, #if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t) || \ defined(socklen_t) || (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L) - socklen_t n = (socklen_t) sizeof( client_addr ); - socklen_t type_len = (socklen_t) sizeof( type ); + socklen_t n = (socklen_t) sizeof(client_addr); + socklen_t type_len = (socklen_t) sizeof(type); #else - int n = (int) sizeof( client_addr ); - int type_len = (int) sizeof( type ); + int n = (int) sizeof(client_addr); + int type_len = (int) sizeof(type); #endif /* Is this a TCP or UDP socket? */ - if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE, - (void *) &type, &type_len ) != 0 || - ( type != SOCK_STREAM && type != SOCK_DGRAM ) ) - { - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + if (getsockopt(bind_ctx->fd, SOL_SOCKET, SO_TYPE, + (void *) &type, &type_len) != 0 || + (type != SOCK_STREAM && type != SOCK_DGRAM)) { + return MBEDTLS_ERR_NET_ACCEPT_FAILED; } - if( type == SOCK_STREAM ) - { + if (type == SOCK_STREAM) { /* TCP: actual accept() */ - ret = client_ctx->fd = (int) accept( bind_ctx->fd, - (struct sockaddr *) &client_addr, &n ); - } - else - { + ret = client_ctx->fd = (int) accept(bind_ctx->fd, + (struct sockaddr *) &client_addr, &n); + } else { /* UDP: wait for a message, but keep it in the queue */ char buf[1] = { 0 }; - ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, - (struct sockaddr *) &client_addr, &n ); + ret = (int) recvfrom(bind_ctx->fd, buf, sizeof(buf), MSG_PEEK, + (struct sockaddr *) &client_addr, &n); #if defined(_WIN32) - if( ret == SOCKET_ERROR && - WSAGetLastError() == WSAEMSGSIZE ) - { + if (ret == SOCKET_ERROR && + WSAGetLastError() == WSAEMSGSIZE) { /* We know buf is too small, thanks, just peeking here */ ret = 0; } #endif } - if( ret < 0 ) - { - if( net_would_block( bind_ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { + if (net_would_block(bind_ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + return MBEDTLS_ERR_NET_ACCEPT_FAILED; } /* UDP: hijack the listening socket to communicate with the client, * then bind a new socket to accept new connections */ - if( type != SOCK_STREAM ) - { + if (type != SOCK_STREAM) { struct sockaddr_storage local_addr; int one = 1; - if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 ) - return( MBEDTLS_ERR_NET_ACCEPT_FAILED ); + if (connect(bind_ctx->fd, (struct sockaddr *) &client_addr, n) != 0) { + return MBEDTLS_ERR_NET_ACCEPT_FAILED; + } client_ctx->fd = bind_ctx->fd; bind_ctx->fd = -1; /* In case we exit early */ - n = sizeof( struct sockaddr_storage ); - if( getsockname( client_ctx->fd, - (struct sockaddr *) &local_addr, &n ) != 0 || - ( bind_ctx->fd = (int) socket( local_addr.ss_family, - SOCK_DGRAM, IPPROTO_UDP ) ) < 0 || - setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, - (const char *) &one, sizeof( one ) ) != 0 ) - { - return( MBEDTLS_ERR_NET_SOCKET_FAILED ); + n = sizeof(struct sockaddr_storage); + if (getsockname(client_ctx->fd, + (struct sockaddr *) &local_addr, &n) != 0 || + (bind_ctx->fd = (int) socket(local_addr.ss_family, + SOCK_DGRAM, IPPROTO_UDP)) < 0 || + setsockopt(bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &one, sizeof(one)) != 0) { + return MBEDTLS_ERR_NET_SOCKET_FAILED; } - if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 ) - { - return( MBEDTLS_ERR_NET_BIND_FAILED ); + if (bind(bind_ctx->fd, (struct sockaddr *) &local_addr, n) != 0) { + return MBEDTLS_ERR_NET_BIND_FAILED; } } - if( client_ip != NULL ) - { - if( client_addr.ss_family == AF_INET ) - { + if (client_ip != NULL) { + if (client_addr.ss_family == AF_INET) { struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; - *ip_len = sizeof( addr4->sin_addr.s_addr ); + *ip_len = sizeof(addr4->sin_addr.s_addr); - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + if (buf_size < *ip_len) { + return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; + } - memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len ); - } - else - { + memcpy(client_ip, &addr4->sin_addr.s_addr, *ip_len); + } else { struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; - *ip_len = sizeof( addr6->sin6_addr.s6_addr ); + *ip_len = sizeof(addr6->sin6_addr.s6_addr); - if( buf_size < *ip_len ) - return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL ); + if (buf_size < *ip_len) { + return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; + } - memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len); + memcpy(client_ip, &addr6->sin6_addr.s6_addr, *ip_len); } } - return( 0 ); + return 0; } /* * Set the socket blocking or non-blocking */ -int mbedtls_net_set_block( mbedtls_net_context *ctx ) +int mbedtls_net_set_block(mbedtls_net_context *ctx) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 0; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); + return ioctlsocket(ctx->fd, FIONBIO, &n); #else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) ); + return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) & ~O_NONBLOCK); #endif } -int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) +int mbedtls_net_set_nonblock(mbedtls_net_context *ctx) { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ !defined(EFI32) u_long n = 1; - return( ioctlsocket( ctx->fd, FIONBIO, &n ) ); + return ioctlsocket(ctx->fd, FIONBIO, &n); #else - return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) ); + return fcntl(ctx->fd, F_SETFL, fcntl(ctx->fd, F_GETFL) | O_NONBLOCK); #endif } @@ -481,7 +455,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx ) * Check if data is available on the socket */ -int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) +int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct timeval tv; @@ -491,207 +465,220 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) int fd = ctx->fd; - ret = check_fd( fd, 1 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 1); + if (ret != 0) { + return ret; + } #if defined(__has_feature) #if __has_feature(memory_sanitizer) /* Ensure that memory sanitizers consider read_fds and write_fds as * initialized even on platforms such as Glibc/x86_64 where FD_ZERO * is implemented in assembly. */ - memset( &read_fds, 0, sizeof( read_fds ) ); - memset( &write_fds, 0, sizeof( write_fds ) ); + memset(&read_fds, 0, sizeof(read_fds)); + memset(&write_fds, 0, sizeof(write_fds)); #endif #endif - FD_ZERO( &read_fds ); - if( rw & MBEDTLS_NET_POLL_READ ) - { + FD_ZERO(&read_fds); + if (rw & MBEDTLS_NET_POLL_READ) { rw &= ~MBEDTLS_NET_POLL_READ; - FD_SET( fd, &read_fds ); + FD_SET((SOCKET) fd, &read_fds); } - FD_ZERO( &write_fds ); - if( rw & MBEDTLS_NET_POLL_WRITE ) - { + FD_ZERO(&write_fds); + if (rw & MBEDTLS_NET_POLL_WRITE) { rw &= ~MBEDTLS_NET_POLL_WRITE; - FD_SET( fd, &write_fds ); + FD_SET((SOCKET) fd, &write_fds); } - if( rw != 0 ) - return( MBEDTLS_ERR_NET_BAD_INPUT_DATA ); + if (rw != 0) { + return MBEDTLS_ERR_NET_BAD_INPUT_DATA; + } tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; + tv.tv_usec = (timeout % 1000) * 1000; - do - { - ret = select( fd + 1, &read_fds, &write_fds, NULL, - timeout == (uint32_t) -1 ? NULL : &tv ); - } - while( IS_EINTR( ret ) ); + do { + ret = select(fd + 1, &read_fds, &write_fds, NULL, + timeout == (uint32_t) -1 ? NULL : &tv); + } while (IS_EINTR(ret)); - if( ret < 0 ) - return( MBEDTLS_ERR_NET_POLL_FAILED ); + if (ret < 0) { + return MBEDTLS_ERR_NET_POLL_FAILED; + } ret = 0; - if( FD_ISSET( fd, &read_fds ) ) + if (FD_ISSET(fd, &read_fds)) { ret |= MBEDTLS_NET_POLL_READ; - if( FD_ISSET( fd, &write_fds ) ) + } + if (FD_ISSET(fd, &write_fds)) { ret |= MBEDTLS_NET_POLL_WRITE; + } - return( ret ); + return ret; } /* * Portable usleep helper */ -void mbedtls_net_usleep( unsigned long usec ) +void mbedtls_net_usleep(unsigned long usec) { #if defined(_WIN32) - Sleep( ( usec + 999 ) / 1000 ); + Sleep((usec + 999) / 1000); #else struct timeval tv; tv.tv_sec = usec / 1000000; #if defined(__unix__) || defined(__unix) || \ - ( defined(__APPLE__) && defined(__MACH__) ) + (defined(__APPLE__) && defined(__MACH__)) tv.tv_usec = (suseconds_t) usec % 1000000; #else tv.tv_usec = usec % 1000000; #endif - select( 0, NULL, NULL, NULL, &tv ); + select(0, NULL, NULL, NULL, &tv); #endif } /* * Read at most 'len' characters */ -int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len ) +int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 0 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 0); + if (ret != 0) { + return ret; + } - ret = (int) read( fd, buf, len ); + ret = (int) read(fd, buf, len); - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { + if (net_would_block(ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } #else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); + if (errno == EPIPE || errno == ECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #endif - return( MBEDTLS_ERR_NET_RECV_FAILED ); + return MBEDTLS_ERR_NET_RECV_FAILED; } - return( ret ); + return ret; } /* * Read at most 'len' characters, blocking for at most 'timeout' ms */ -int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, - size_t len, uint32_t timeout ) +int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, + size_t len, uint32_t timeout) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; struct timeval tv; fd_set read_fds; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 1 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 1); + if (ret != 0) { + return ret; + } - FD_ZERO( &read_fds ); - FD_SET( fd, &read_fds ); + FD_ZERO(&read_fds); + FD_SET((SOCKET) fd, &read_fds); tv.tv_sec = timeout / 1000; - tv.tv_usec = ( timeout % 1000 ) * 1000; + tv.tv_usec = (timeout % 1000) * 1000; - ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv ); + ret = select(fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv); /* Zero fds ready means we timed out */ - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_TIMEOUT ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_TIMEOUT; + } - if( ret < 0 ) - { -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAEINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ret < 0) { +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAEINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #else - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_READ; + } #endif - return( MBEDTLS_ERR_NET_RECV_FAILED ); + return MBEDTLS_ERR_NET_RECV_FAILED; } /* This call will not block */ - return( mbedtls_net_recv( ctx, buf, len ) ); + return mbedtls_net_recv(ctx, buf, len); } /* * Write at most 'len' characters */ -int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len ) +int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int fd = ((mbedtls_net_context *) ctx)->fd; - ret = check_fd( fd, 0 ); - if( ret != 0 ) - return( ret ); + ret = check_fd(fd, 0); + if (ret != 0) { + return ret; + } - ret = (int) write( fd, buf, len ); + ret = (int) write(fd, buf, len); - if( ret < 0 ) - { - if( net_would_block( ctx ) != 0 ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + if (ret < 0) { + if (net_would_block(ctx) != 0) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } -#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \ - !defined(EFI32) - if( WSAGetLastError() == WSAECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); +#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \ + !defined(EFI32) + if (WSAGetLastError() == WSAECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } #else - if( errno == EPIPE || errno == ECONNRESET ) - return( MBEDTLS_ERR_NET_CONN_RESET ); + if (errno == EPIPE || errno == ECONNRESET) { + return MBEDTLS_ERR_NET_CONN_RESET; + } - if( errno == EINTR ) - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + if (errno == EINTR) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } #endif - return( MBEDTLS_ERR_NET_SEND_FAILED ); + return MBEDTLS_ERR_NET_SEND_FAILED; } - return( ret ); + return ret; } /* * Close the connection */ -void mbedtls_net_close( mbedtls_net_context *ctx ) +void mbedtls_net_close(mbedtls_net_context *ctx) { - if( ctx->fd == -1 ) + if (ctx->fd == -1) { return; + } - close( ctx->fd ); + close(ctx->fd); ctx->fd = -1; } @@ -699,13 +686,14 @@ void mbedtls_net_close( mbedtls_net_context *ctx ) /* * Gracefully close the connection */ -void mbedtls_net_free( mbedtls_net_context *ctx ) +void mbedtls_net_free(mbedtls_net_context *ctx) { - if( ctx->fd == -1 ) + if (ctx->fd == -1) { return; + } - shutdown( ctx->fd, 2 ); - close( ctx->fd ); + shutdown(ctx->fd, 2); + close(ctx->fd); ctx->fd = -1; } diff --git a/third_party/mbedtls/repo/library/nist_kw.c b/third_party/mbedtls/repo/library/nist_kw.c index 1aea0b63457..5a5b995c167 100644 --- a/third_party/mbedtls/repo/library/nist_kw.c +++ b/third_party/mbedtls/repo/library/nist_kw.c @@ -3,19 +3,7 @@ * only * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Definition of Key Wrapping: @@ -35,18 +23,12 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#include "constant_time_internal.h" #include #include -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #if !defined(MBEDTLS_NIST_KW_ALT) @@ -54,35 +36,37 @@ #define MIN_SEMIBLOCKS_COUNT 3 /*! The 64-bit default integrity check value (ICV) for KW mode. */ -static const unsigned char NIST_KW_ICV1[] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6}; +static const unsigned char NIST_KW_ICV1[] = { 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6 }; /*! The 32-bit default integrity check value (ICV) for KWP mode. */ -static const unsigned char NIST_KW_ICV2[] = {0xA6, 0x59, 0x59, 0xA6}; +static const unsigned char NIST_KW_ICV2[] = { 0xA6, 0x59, 0x59, 0xA6 }; /* * Initialize context */ -void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ) +void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) ); + memset(ctx, 0, sizeof(mbedtls_nist_kw_context)); } -int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, - mbedtls_cipher_id_t cipher, - const unsigned char *key, - unsigned int keybits, - const int is_wrap ) +int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, + mbedtls_cipher_id_t cipher, + const unsigned char *key, + unsigned int keybits, + const int is_wrap) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; - cipher_info = mbedtls_cipher_info_from_values( cipher, - keybits, - MBEDTLS_MODE_ECB ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_values(cipher, + keybits, + MBEDTLS_MODE_ECB); + if (cipher_info == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } - if( cipher_info->block_size != 16 ) - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (cipher_info->block_size != 16) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } /* * SP 800-38F currently defines AES cipher as the only block cipher allowed: @@ -93,44 +77,44 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, * Currently we don't support other 128 bit block ciphers for key wrapping, * such as Camellia and Aria. */ - if( cipher != MBEDTLS_CIPHER_ID_AES ) - return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + if (cipher != MBEDTLS_CIPHER_ID_AES) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } - mbedtls_cipher_free( &ctx->cipher_ctx ); + mbedtls_cipher_free(&ctx->cipher_ctx); - if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) { + return ret; + } - if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits, - is_wrap ? MBEDTLS_ENCRYPT : - MBEDTLS_DECRYPT ) - ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits, + is_wrap ? MBEDTLS_ENCRYPT : + MBEDTLS_DECRYPT) + ) != 0) { + return ret; } - return( 0 ); + return 0; } /* * Free context */ -void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx ) +void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx) { - mbedtls_cipher_free( &ctx->cipher_ctx ); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_nist_kw_context ) ); + mbedtls_cipher_free(&ctx->cipher_ctx); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_nist_kw_context)); } /* * Helper function for Xoring the uint64_t "t" with the encrypted A. * Defined in NIST SP 800-38F section 6.1 */ -static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) +static void calc_a_xor_t(unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t) { size_t i = 0; - for( i = 0; i < sizeof( t ); i++ ) - { - A[i] ^= ( t >> ( ( sizeof( t ) - 1 - i ) * 8 ) ) & 0xff; + for (i = 0; i < sizeof(t); i++) { + A[i] ^= (t >> ((sizeof(t) - 1 - i) * 8)) & 0xff; } } @@ -138,10 +122,10 @@ static void calc_a_xor_t( unsigned char A[KW_SEMIBLOCK_LENGTH], uint64_t t ) * KW-AE as defined in SP 800-38F section 6.2 * KWP-AE as defined in SP 800-38F section 6.3 */ -int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, - mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t *out_len, size_t out_size ) +int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, + mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size) { int ret = 0; size_t semiblocks = 0; @@ -155,106 +139,96 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, /* * Generate the String to work on */ - if( mode == MBEDTLS_KW_MODE_KW ) - { - if( out_size < in_len + KW_SEMIBLOCK_LENGTH ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (mode == MBEDTLS_KW_MODE_KW) { + if (out_size < in_len + KW_SEMIBLOCK_LENGTH) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* * According to SP 800-38F Table 1, the plaintext length for KW * must be between 2 to 2^54-1 semiblocks inclusive. */ - if( in_len < 16 || + if (in_len < 16 || #if SIZE_MAX > 0x1FFFFFFFFFFFFF8 in_len > 0x1FFFFFFFFFFFFF8 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH ); - memmove( output + KW_SEMIBLOCK_LENGTH, input, in_len ); - } - else - { - if( in_len % 8 != 0 ) - { - padlen = ( 8 - ( in_len % 8 ) ); + memcpy(output, NIST_KW_ICV1, KW_SEMIBLOCK_LENGTH); + memmove(output + KW_SEMIBLOCK_LENGTH, input, in_len); + } else { + if (in_len % 8 != 0) { + padlen = (8 - (in_len % 8)); } - if( out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (out_size < in_len + KW_SEMIBLOCK_LENGTH + padlen) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } /* * According to SP 800-38F Table 1, the plaintext length for KWP * must be between 1 and 2^32-1 octets inclusive. */ - if( in_len < 1 + if (in_len < 1 #if SIZE_MAX > 0xFFFFFFFF || in_len > 0xFFFFFFFF #endif - ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2 ); - MBEDTLS_PUT_UINT32_BE( ( in_len & 0xffffffff ), output, - KW_SEMIBLOCK_LENGTH / 2 ); + memcpy(output, NIST_KW_ICV2, KW_SEMIBLOCK_LENGTH / 2); + MBEDTLS_PUT_UINT32_BE((in_len & 0xffffffff), output, + KW_SEMIBLOCK_LENGTH / 2); - memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); - memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen ); + memcpy(output + KW_SEMIBLOCK_LENGTH, input, in_len); + memset(output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen); } - semiblocks = ( ( in_len + padlen ) / KW_SEMIBLOCK_LENGTH ) + 1; + semiblocks = ((in_len + padlen) / KW_SEMIBLOCK_LENGTH) + 1; - s = 6 * ( semiblocks - 1 ); + s = 6 * (semiblocks - 1); - if( mode == MBEDTLS_KW_MODE_KWP - && in_len <= KW_SEMIBLOCK_LENGTH ) - { - memcpy( inbuff, output, 16 ); - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, output, &olen ); - if( ret != 0 ) + if (mode == MBEDTLS_KW_MODE_KWP + && in_len <= KW_SEMIBLOCK_LENGTH) { + memcpy(inbuff, output, 16); + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, output, &olen); + if (ret != 0) { goto cleanup; - } - else - { + } + } else { unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH; unsigned char *A = output; /* * Do the wrapping function W, as defined in RFC 3394 section 2.2.1 */ - if( semiblocks < MIN_SEMIBLOCKS_COUNT ) - { + if (semiblocks < MIN_SEMIBLOCKS_COUNT) { ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; goto cleanup; } /* Calculate intermediate values */ - for( t = 1; t <= s; t++ ) - { - memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH ); - memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH ); - - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, outbuff, &olen ); - if( ret != 0 ) + for (t = 1; t <= s; t++) { + memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH); + memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R2, KW_SEMIBLOCK_LENGTH); + + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); - calc_a_xor_t( A, t ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); + calc_a_xor_t(A, t); - memcpy( R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); + memcpy(R2, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); R2 += KW_SEMIBLOCK_LENGTH; - if( R2 >= output + ( semiblocks * KW_SEMIBLOCK_LENGTH ) ) + if (R2 >= output + (semiblocks * KW_SEMIBLOCK_LENGTH)) { R2 = output + KW_SEMIBLOCK_LENGTH; + } } } @@ -262,14 +236,13 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, cleanup: - if( ret != 0) - { - memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH ); + if (ret != 0) { + memset(output, 0, semiblocks * KW_SEMIBLOCK_LENGTH); } - mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 ); - mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 ); + mbedtls_platform_zeroize(inbuff, KW_SEMIBLOCK_LENGTH * 2); + mbedtls_platform_zeroize(outbuff, KW_SEMIBLOCK_LENGTH * 2); - return( ret ); + return ret; } /* @@ -280,13 +253,13 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, * 3. Minimal number of semiblocks is 3. * 4. A is a buffer to hold the first semiblock of the input buffer. */ -static int unwrap( mbedtls_nist_kw_context *ctx, - const unsigned char *input, size_t semiblocks, - unsigned char A[KW_SEMIBLOCK_LENGTH], - unsigned char *output, size_t* out_len ) +static int unwrap(mbedtls_nist_kw_context *ctx, + const unsigned char *input, size_t semiblocks, + unsigned char A[KW_SEMIBLOCK_LENGTH], + unsigned char *output, size_t *out_len) { int ret = 0; - const size_t s = 6 * ( semiblocks - 1 ); + const size_t s = 6 * (semiblocks - 1); size_t olen; uint64_t t = 0; unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; @@ -294,148 +267,141 @@ static int unwrap( mbedtls_nist_kw_context *ctx, unsigned char *R = NULL; *out_len = 0; - if( semiblocks < MIN_SEMIBLOCKS_COUNT ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (semiblocks < MIN_SEMIBLOCKS_COUNT) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - memcpy( A, input, KW_SEMIBLOCK_LENGTH ); - memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); - R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; + memcpy(A, input, KW_SEMIBLOCK_LENGTH); + memmove(output, input + KW_SEMIBLOCK_LENGTH, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH); + R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH; /* Calculate intermediate values */ - for( t = s; t >= 1; t-- ) - { - calc_a_xor_t( A, t ); + for (t = s; t >= 1; t--) { + calc_a_xor_t(A, t); - memcpy( inbuff, A, KW_SEMIBLOCK_LENGTH ); - memcpy( inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH ); + memcpy(inbuff, A, KW_SEMIBLOCK_LENGTH); + memcpy(inbuff + KW_SEMIBLOCK_LENGTH, R, KW_SEMIBLOCK_LENGTH); - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - inbuff, 16, outbuff, &olen ); - if( ret != 0 ) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + inbuff, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); /* Set R as LSB64 of outbuff */ - memcpy( R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); + memcpy(R, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); - if( R == output ) - R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; - else + if (R == output) { + R = output + (semiblocks - 2) * KW_SEMIBLOCK_LENGTH; + } else { R -= KW_SEMIBLOCK_LENGTH; + } } - *out_len = ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH; + *out_len = (semiblocks - 1) * KW_SEMIBLOCK_LENGTH; cleanup: - if( ret != 0) - memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); - mbedtls_platform_zeroize( inbuff, sizeof( inbuff ) ); - mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) ); + if (ret != 0) { + memset(output, 0, (semiblocks - 1) * KW_SEMIBLOCK_LENGTH); + } + mbedtls_platform_zeroize(inbuff, sizeof(inbuff)); + mbedtls_platform_zeroize(outbuff, sizeof(outbuff)); - return( ret ); + return ret; } /* * KW-AD as defined in SP 800-38F section 6.2 * KWP-AD as defined in SP 800-38F section 6.3 */ -int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, - mbedtls_nist_kw_mode_t mode, - const unsigned char *input, size_t in_len, - unsigned char *output, size_t *out_len, size_t out_size ) +int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, + mbedtls_nist_kw_mode_t mode, + const unsigned char *input, size_t in_len, + unsigned char *output, size_t *out_len, size_t out_size) { int ret = 0; size_t i, olen; unsigned char A[KW_SEMIBLOCK_LENGTH]; - unsigned char diff, bad_padding = 0; + unsigned char diff; *out_len = 0; - if( out_size < in_len - KW_SEMIBLOCK_LENGTH ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + if (out_size < in_len - KW_SEMIBLOCK_LENGTH) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if( mode == MBEDTLS_KW_MODE_KW ) - { + if (mode == MBEDTLS_KW_MODE_KW) { /* * According to SP 800-38F Table 1, the ciphertext length for KW * must be between 3 to 2^54 semiblocks inclusive. */ - if( in_len < 24 || + if (in_len < 24 || #if SIZE_MAX > 0x200000000000000 in_len > 0x200000000000000 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH, - A, output, out_len ); - if( ret != 0 ) + ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH, + A, output, out_len); + if (ret != 0) { goto cleanup; + } /* Check ICV in "constant-time" */ - diff = mbedtls_ct_memcmp( NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH ); + diff = mbedtls_ct_memcmp(NIST_KW_ICV1, A, KW_SEMIBLOCK_LENGTH); - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; goto cleanup; } - } - else if( mode == MBEDTLS_KW_MODE_KWP ) - { + } else if (mode == MBEDTLS_KW_MODE_KWP) { size_t padlen = 0; uint32_t Plen; /* * According to SP 800-38F Table 1, the ciphertext length for KWP * must be between 2 to 2^29 semiblocks inclusive. */ - if( in_len < KW_SEMIBLOCK_LENGTH * 2 || + if (in_len < KW_SEMIBLOCK_LENGTH * 2 || #if SIZE_MAX > 0x100000000 in_len > 0x100000000 || #endif - in_len % KW_SEMIBLOCK_LENGTH != 0 ) - { - return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + in_len % KW_SEMIBLOCK_LENGTH != 0) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if( in_len == KW_SEMIBLOCK_LENGTH * 2 ) - { + if (in_len == KW_SEMIBLOCK_LENGTH * 2) { unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; - ret = mbedtls_cipher_update( &ctx->cipher_ctx, - input, 16, outbuff, &olen ); - if( ret != 0 ) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, + input, 16, outbuff, &olen); + if (ret != 0) { goto cleanup; + } - memcpy( A, outbuff, KW_SEMIBLOCK_LENGTH ); - memcpy( output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH ); - mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) ); + memcpy(A, outbuff, KW_SEMIBLOCK_LENGTH); + memcpy(output, outbuff + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH); + mbedtls_platform_zeroize(outbuff, sizeof(outbuff)); *out_len = KW_SEMIBLOCK_LENGTH; - } - else - { + } else { /* in_len >= KW_SEMIBLOCK_LENGTH * 3 */ - ret = unwrap( ctx, input, in_len / KW_SEMIBLOCK_LENGTH, - A, output, out_len ); - if( ret != 0 ) + ret = unwrap(ctx, input, in_len / KW_SEMIBLOCK_LENGTH, + A, output, out_len); + if (ret != 0) { goto cleanup; + } } /* Check ICV in "constant-time" */ - diff = mbedtls_ct_memcmp( NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2 ); + diff = mbedtls_ct_memcmp(NIST_KW_ICV2, A, KW_SEMIBLOCK_LENGTH / 2); - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - Plen = MBEDTLS_GET_UINT32_BE( A, KW_SEMIBLOCK_LENGTH / 2 ); + Plen = MBEDTLS_GET_UINT32_BE(A, KW_SEMIBLOCK_LENGTH / 2); /* * Plen is the length of the plaintext, when the input is valid. @@ -443,51 +409,39 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, * larger than 8, because of the type wrap around. */ padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen; - if ( padlen > 7 ) - { - padlen &= 7; - ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; - } + ret = -(int) mbedtls_ct_uint_if(padlen & ~7, -MBEDTLS_ERR_CIPHER_AUTH_FAILED, -ret); + padlen &= 7; /* Check padding in "constant-time" */ - for( diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++ ) - { - if( i >= KW_SEMIBLOCK_LENGTH - padlen ) - diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; - else - bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; + for (diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++) { + size_t mask = mbedtls_ct_size_mask_ge(i, KW_SEMIBLOCK_LENGTH - padlen); + diff |= (unsigned char) (mask & output[*out_len - KW_SEMIBLOCK_LENGTH + i]); } - if( diff != 0 ) - { + if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; } - if( ret != 0 ) - { + if (ret != 0) { goto cleanup; } - memset( output + Plen, 0, padlen ); + memset(output + Plen, 0, padlen); *out_len = Plen; - } - else - { + } else { ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; goto cleanup; } cleanup: - if( ret != 0 ) - { - memset( output, 0, *out_len ); + if (ret != 0) { + memset(output, 0, *out_len); *out_len = 0; } - mbedtls_platform_zeroize( &bad_padding, sizeof( bad_padding) ); - mbedtls_platform_zeroize( &diff, sizeof( diff ) ); - mbedtls_platform_zeroize( A, sizeof( A ) ); + mbedtls_platform_zeroize(&diff, sizeof(diff)); + mbedtls_platform_zeroize(A, sizeof(A)); - return( ret ); + return ret; } #endif /* !MBEDTLS_NIST_KW_ALT */ @@ -582,130 +536,133 @@ static const unsigned char kwp_res[KW_TESTS][48] = { }; static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 }; -int mbedtls_nist_kw_self_test( int verbose ) +int mbedtls_nist_kw_self_test(int verbose) { mbedtls_nist_kw_context ctx; unsigned char out[48]; size_t olen; int i; int ret = 0; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - for( i = 0; i < KW_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " KW-AES-%u ", (unsigned int) key_len[i] * 8 ); + for (i = 0; i < KW_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" KW-AES-%u ", (unsigned int) key_len[i] * 8); + } - ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 1 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KW: setup failed " ); + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], - kw_msg_len[i], out, &olen, sizeof( out ) ); - if( ret != 0 || kw_out_len[i] != olen || - memcmp( out, kw_res[i], kw_out_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], + kw_msg_len[i], out, &olen, sizeof(out)); + if (ret != 0 || kw_out_len[i] != olen || + memcmp(out, kw_res[i], kw_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 0 ) ) - != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KW: setup failed "); + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KW, - out, olen, out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, + out, olen, out, &olen, sizeof(out)); - if( ret != 0 || olen != kw_msg_len[i] || - memcmp( out, kw_msg[i], kw_msg_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (ret != 0 || olen != kw_msg_len[i] || + memcmp(out, kw_msg[i], kw_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto end; } - if( verbose != 0 ) - mbedtls_printf( " passed\n" ); + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } - for( i = 0; i < KW_TESTS; i++ ) - { - olen = sizeof( out ); - if( verbose != 0 ) - mbedtls_printf( " KWP-AES-%u ", (unsigned int) key_len[i] * 8 ); + for (i = 0; i < KW_TESTS; i++) { + olen = sizeof(out); + if (verbose != 0) { + mbedtls_printf(" KWP-AES-%u ", (unsigned int) key_len[i] * 8); + } - ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], - key_len[i] * 8, 1 ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KWP: setup failed " ); + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], + key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_wrap( &ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], - kwp_msg_len[i], out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], + kwp_msg_len[i], out, &olen, sizeof(out)); - if( ret != 0 || kwp_out_len[i] != olen || - memcmp( out, kwp_res[i], kwp_out_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + if (ret != 0 || kwp_out_len[i] != olen || + memcmp(out, kwp_res[i], kwp_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( ( ret = mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - kwp_key[i], key_len[i] * 8, 0 ) ) - != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( " KWP: setup failed "); + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kwp_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } goto end; } - ret = mbedtls_nist_kw_unwrap( &ctx, MBEDTLS_KW_MODE_KWP, out, - olen, out, &olen, sizeof( out ) ); + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KWP, out, + olen, out, &olen, sizeof(out)); - if( ret != 0 || olen != kwp_msg_len[i] || - memcmp( out, kwp_msg[i], kwp_msg_len[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed. "); + if (ret != 0 || olen != kwp_msg_len[i] || + memcmp(out, kwp_msg[i], kwp_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } ret = 1; goto end; } - if( verbose != 0 ) - mbedtls_printf( " passed\n" ); + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } end: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ diff --git a/third_party/mbedtls/repo/library/oid.c b/third_party/mbedtls/repo/library/oid.c index 19c8ac207ce..7d7f1bfdaec 100644 --- a/third_party/mbedtls/repo/library/oid.c +++ b/third_party/mbedtls/repo/library/oid.c @@ -4,19 +4,7 @@ * \brief Object Identifier (OID) database * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -30,11 +18,7 @@ #include #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif /* * Macro to automatically add the size of #define'd OIDs @@ -45,23 +29,23 @@ * Macro to generate an internal function for oid_XXX_from_asn1() (used by * the other functions) */ -#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \ - static const TYPE_T * oid_ ## NAME ## _from_asn1( \ - const mbedtls_asn1_buf *oid ) \ +#define FN_OID_TYPED_FROM_ASN1(TYPE_T, NAME, LIST) \ + static const TYPE_T *oid_ ## NAME ## _from_asn1( \ + const mbedtls_asn1_buf *oid) \ { \ const TYPE_T *p = (LIST); \ const mbedtls_oid_descriptor_t *cur = \ (const mbedtls_oid_descriptor_t *) p; \ - if( p == NULL || oid == NULL ) return( NULL ); \ - while( cur->asn1 != NULL ) { \ - if( cur->asn1_len == oid->len && \ - memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \ - return( p ); \ + if (p == NULL || oid == NULL) return NULL; \ + while (cur->asn1 != NULL) { \ + if (cur->asn1_len == oid->len && \ + memcmp(cur->asn1, oid->p, oid->len) == 0) { \ + return p; \ } \ p++; \ cur = (const mbedtls_oid_descriptor_t *) p; \ } \ - return( NULL ); \ + return NULL; \ } /* @@ -69,26 +53,26 @@ * descriptor of an mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *ATTR1 = data->descriptor.ATTR1; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *ATTR1 = data->descriptor.ATTR1; \ + return 0; \ + } /* * Macro to generate a function for retrieving a single attribute from an * mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *ATTR1 = data->ATTR1; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *ATTR1 = data->ATTR1; \ + return 0; \ + } /* * Macro to generate a function for retrieving two attributes from an @@ -96,34 +80,34 @@ int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) */ #define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ -int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \ - ATTR2_TYPE * ATTR2 ) \ -{ \ - const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \ - if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \ - *(ATTR1) = data->ATTR1; \ - *(ATTR2) = data->ATTR2; \ - return( 0 ); \ -} + int FN_NAME(const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, \ + ATTR2_TYPE * ATTR2) \ + { \ + const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1(oid); \ + if (data == NULL) return MBEDTLS_ERR_OID_NOT_FOUND; \ + *(ATTR1) = data->ATTR1; \ + *(ATTR2) = data->ATTR2; \ + return 0; \ + } /* * Macro to generate a function for retrieving the OID based on a single * attribute from a mbedtls_oid_descriptor_t wrapper. */ #define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \ -int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ -{ \ - const TYPE_T *cur = (LIST); \ - while( cur->descriptor.asn1 != NULL ) { \ - if( cur->ATTR1 == (ATTR1) ) { \ - *oid = cur->descriptor.asn1; \ - *olen = cur->descriptor.asn1_len; \ - return( 0 ); \ - } \ - cur++; \ - } \ - return( MBEDTLS_ERR_OID_NOT_FOUND ); \ -} + int FN_NAME(ATTR1_TYPE ATTR1, const char **oid, size_t *olen) \ + { \ + const TYPE_T *cur = (LIST); \ + while (cur->descriptor.asn1 != NULL) { \ + if (cur->ATTR1 == (ATTR1)) { \ + *oid = cur->descriptor.asn1; \ + *olen = cur->descriptor.asn1_len; \ + return 0; \ + } \ + cur++; \ + } \ + return MBEDTLS_ERR_OID_NOT_FOUND; \ + } /* * Macro to generate a function for retrieving the OID based on two @@ -131,20 +115,20 @@ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \ */ #define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \ ATTR2_TYPE, ATTR2) \ -int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \ - size_t *olen ) \ -{ \ - const TYPE_T *cur = (LIST); \ - while( cur->descriptor.asn1 != NULL ) { \ - if( cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2) ) { \ - *oid = cur->descriptor.asn1; \ - *olen = cur->descriptor.asn1_len; \ - return( 0 ); \ - } \ - cur++; \ - } \ - return( MBEDTLS_ERR_OID_NOT_FOUND ); \ -} + int FN_NAME(ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid, \ + size_t *olen) \ + { \ + const TYPE_T *cur = (LIST); \ + while (cur->descriptor.asn1 != NULL) { \ + if (cur->ATTR1 == (ATTR1) && cur->ATTR2 == (ATTR2)) { \ + *oid = cur->descriptor.asn1; \ + *olen = cur->descriptor.asn1_len; \ + return 0; \ + } \ + cur++; \ + } \ + return MBEDTLS_ERR_OID_NOT_FOUND; \ + } /* * For X520 attribute types @@ -157,79 +141,84 @@ typedef struct { static const oid_x520_attr_t oid_x520_attr_type[] = { { - { ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" }, + { ADD_LEN(MBEDTLS_OID_AT_CN), "id-at-commonName", "Common Name" }, "CN", }, { - { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" }, + { ADD_LEN(MBEDTLS_OID_AT_COUNTRY), "id-at-countryName", "Country" }, "C", }, { - { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" }, + { ADD_LEN(MBEDTLS_OID_AT_LOCALITY), "id-at-locality", "Locality" }, "L", }, { - { ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" }, + { ADD_LEN(MBEDTLS_OID_AT_STATE), "id-at-state", "State" }, "ST", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" }, + { ADD_LEN(MBEDTLS_OID_AT_ORGANIZATION), "id-at-organizationName", "Organization" }, "O", }, { - { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" }, + { ADD_LEN(MBEDTLS_OID_AT_ORG_UNIT), "id-at-organizationalUnitName", "Org Unit" }, "OU", }, { - { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" }, + { ADD_LEN(MBEDTLS_OID_PKCS9_EMAIL), "emailAddress", "E-mail address" }, "emailAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" }, + { ADD_LEN(MBEDTLS_OID_AT_SERIAL_NUMBER), "id-at-serialNumber", "Serial number" }, "serialNumber", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" }, + { ADD_LEN(MBEDTLS_OID_AT_POSTAL_ADDRESS), "id-at-postalAddress", + "Postal address" }, "postalAddress", }, { - { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" }, + { ADD_LEN(MBEDTLS_OID_AT_POSTAL_CODE), "id-at-postalCode", "Postal code" }, "postalCode", }, { - { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" }, + { ADD_LEN(MBEDTLS_OID_AT_SUR_NAME), "id-at-surName", "Surname" }, "SN", }, { - { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" }, + { ADD_LEN(MBEDTLS_OID_AT_GIVEN_NAME), "id-at-givenName", "Given name" }, "GN", }, { - { ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" }, + { ADD_LEN(MBEDTLS_OID_AT_INITIALS), "id-at-initials", "Initials" }, "initials", }, { - { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" }, + { ADD_LEN(MBEDTLS_OID_AT_GENERATION_QUALIFIER), "id-at-generationQualifier", + "Generation qualifier" }, "generationQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" }, + { ADD_LEN(MBEDTLS_OID_AT_TITLE), "id-at-title", "Title" }, "title", }, { - { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" }, + { ADD_LEN(MBEDTLS_OID_AT_DN_QUALIFIER), "id-at-dnQualifier", + "Distinguished Name qualifier" }, "dnQualifier", }, { - { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" }, + { ADD_LEN(MBEDTLS_OID_AT_PSEUDONYM), "id-at-pseudonym", "Pseudonym" }, "pseudonym", }, { - { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" }, + { ADD_LEN(MBEDTLS_OID_DOMAIN_COMPONENT), "id-domainComponent", + "Domain component" }, "DC", }, { - { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" }, + { ADD_LEN(MBEDTLS_OID_AT_UNIQUE_IDENTIFIER), "id-at-uniqueIdentifier", + "Unique Identifier" }, "uniqueIdentifier", }, { @@ -239,7 +228,11 @@ static const oid_x520_attr_t oid_x520_attr_type[] = }; FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type) -FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name) +FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, + oid_x520_attr_t, + x520_attr, + const char *, + short_name) /* * For X509 extensions @@ -252,27 +245,32 @@ typedef struct { static const oid_x509_ext_t oid_x509_ext[] = { { - { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" }, + { ADD_LEN(MBEDTLS_OID_BASIC_CONSTRAINTS), "id-ce-basicConstraints", + "Basic Constraints" }, MBEDTLS_OID_X509_EXT_BASIC_CONSTRAINTS, }, { - { ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" }, + { ADD_LEN(MBEDTLS_OID_KEY_USAGE), "id-ce-keyUsage", "Key Usage" }, MBEDTLS_OID_X509_EXT_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-extKeyUsage", "Extended Key Usage" }, + { ADD_LEN(MBEDTLS_OID_EXTENDED_KEY_USAGE), "id-ce-extKeyUsage", + "Extended Key Usage" }, MBEDTLS_OID_X509_EXT_EXTENDED_KEY_USAGE, }, { - { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" }, + { ADD_LEN(MBEDTLS_OID_SUBJECT_ALT_NAME), "id-ce-subjectAltName", + "Subject Alt Name" }, MBEDTLS_OID_X509_EXT_SUBJECT_ALT_NAME, }, { - { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" }, + { ADD_LEN(MBEDTLS_OID_NS_CERT_TYPE), "id-netscape-certtype", + "Netscape Certificate Type" }, MBEDTLS_OID_X509_EXT_NS_CERT_TYPE, }, { - { ADD_LEN( MBEDTLS_OID_CERTIFICATE_POLICIES ), "id-ce-certificatePolicies", "Certificate Policies" }, + { ADD_LEN(MBEDTLS_OID_CERTIFICATE_POLICIES), "id-ce-certificatePolicies", + "Certificate Policies" }, MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, { @@ -286,27 +284,38 @@ FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, e static const mbedtls_oid_descriptor_t oid_ext_key_usage[] = { - { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" }, - { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" }, - { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" }, - { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" }, - { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" }, - { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" }, - { ADD_LEN( MBEDTLS_OID_WISUN_FAN ), "id-kp-wisun-fan-device", "Wi-SUN Alliance Field Area Network (FAN)" }, + { ADD_LEN(MBEDTLS_OID_SERVER_AUTH), "id-kp-serverAuth", + "TLS Web Server Authentication" }, + { ADD_LEN(MBEDTLS_OID_CLIENT_AUTH), "id-kp-clientAuth", + "TLS Web Client Authentication" }, + { ADD_LEN(MBEDTLS_OID_CODE_SIGNING), "id-kp-codeSigning", "Code Signing" }, + { ADD_LEN(MBEDTLS_OID_EMAIL_PROTECTION), "id-kp-emailProtection", "E-mail Protection" }, + { ADD_LEN(MBEDTLS_OID_TIME_STAMPING), "id-kp-timeStamping", "Time Stamping" }, + { ADD_LEN(MBEDTLS_OID_OCSP_SIGNING), "id-kp-OCSPSigning", "OCSP Signing" }, + { ADD_LEN(MBEDTLS_OID_WISUN_FAN), "id-kp-wisun-fan-device", + "Wi-SUN Alliance Field Area Network (FAN)" }, { NULL, 0, NULL, NULL }, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage) -FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description) +FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, + mbedtls_oid_descriptor_t, + ext_key_usage, + const char *, + description) static const mbedtls_oid_descriptor_t oid_certificate_policies[] = { - { ADD_LEN( MBEDTLS_OID_ANY_POLICY ), "anyPolicy", "Any Policy" }, + { ADD_LEN(MBEDTLS_OID_ANY_POLICY), "anyPolicy", "Any Policy" }, { NULL, 0, NULL, NULL }, }; FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, certificate_policies, oid_certificate_policies) -FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, mbedtls_oid_descriptor_t, certificate_policies, const char *, description) +FN_OID_GET_ATTR1(mbedtls_oid_get_certificate_policies, + mbedtls_oid_descriptor_t, + certificate_policies, + const char *, + description) #if defined(MBEDTLS_MD_C) /* @@ -323,51 +332,51 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD2), "md2WithRSAEncryption", "RSA with MD2" }, MBEDTLS_MD_MD2, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD4), "md4WithRSAEncryption", "RSA with MD4" }, MBEDTLS_MD_MD4, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_MD5), "md5WithRSAEncryption", "RSA with MD5" }, MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA1), "sha-1WithRSAEncryption", "RSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA224), "sha224WithRSAEncryption", "RSA with SHA-224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA256), "sha256WithRSAEncryption", "RSA with SHA-256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA384), "sha384WithRSAEncryption", "RSA with SHA-384" }, MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_SHA512), "sha512WithRSAEncryption", "RSA with SHA-512" }, MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_RSA_SHA_OBS), "sha-1WithRSAEncryption", "RSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ @@ -375,34 +384,34 @@ static const oid_sig_alg_t oid_sig_alg[] = #if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA1), "ecdsa-with-SHA1", "ECDSA with SHA1" }, MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA224), "ecdsa-with-SHA224", "ECDSA with SHA224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA256), "ecdsa-with-SHA256", "ECDSA with SHA256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA384), "ecdsa-with-SHA384", "ECDSA with SHA384" }, MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, { - { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, + { ADD_LEN(MBEDTLS_OID_ECDSA_SHA512), "ecdsa-with-SHA512", "ECDSA with SHA512" }, MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_ECDSA_C */ #if defined(MBEDTLS_RSA_C) { - { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + { ADD_LEN(MBEDTLS_OID_RSASSA_PSS), "RSASSA-PSS", "RSASSA-PSS" }, MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS, }, #endif /* MBEDTLS_RSA_C */ @@ -413,9 +422,25 @@ static const oid_sig_alg_t oid_sig_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg) -FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description) -FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg) -FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg) +FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, + oid_sig_alg_t, + sig_alg, + const char *, + description) +FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, + oid_sig_alg_t, + sig_alg, + mbedtls_md_type_t, + md_alg, + mbedtls_pk_type_t, + pk_alg) +FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, + oid_sig_alg_t, + oid_sig_alg, + mbedtls_pk_type_t, + pk_alg, + mbedtls_md_type_t, + md_alg) #endif /* MBEDTLS_MD_C */ /* @@ -429,15 +454,15 @@ typedef struct { static const oid_pk_alg_t oid_pk_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" }, + { ADD_LEN(MBEDTLS_OID_PKCS1_RSA), "rsaEncryption", "RSA" }, MBEDTLS_PK_RSA, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" }, + { ADD_LEN(MBEDTLS_OID_EC_ALG_UNRESTRICTED), "id-ecPublicKey", "Generic EC key" }, MBEDTLS_PK_ECKEY, }, { - { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" }, + { ADD_LEN(MBEDTLS_OID_EC_ALG_ECDH), "id-ecDH", "EC key for ECDH" }, MBEDTLS_PK_ECKEY_DH, }, { @@ -448,7 +473,11 @@ static const oid_pk_alg_t oid_pk_alg[] = FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg) FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, + oid_pk_alg_t, + oid_pk_alg, + mbedtls_pk_type_t, + pk_alg) #if defined(MBEDTLS_ECP_C) /* @@ -463,67 +492,67 @@ static const oid_ecp_grp_t oid_ecp_grp[] = { #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192R1), "secp192r1", "secp192r1" }, MBEDTLS_ECP_DP_SECP192R1, }, #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224R1), "secp224r1", "secp224r1" }, MBEDTLS_ECP_DP_SECP224R1, }, #endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256R1), "secp256r1", "secp256r1" }, MBEDTLS_ECP_DP_SECP256R1, }, #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP384R1), "secp384r1", "secp384r1" }, MBEDTLS_ECP_DP_SECP384R1, }, #endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP521R1), "secp521r1", "secp521r1" }, MBEDTLS_ECP_DP_SECP521R1, }, #endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP192K1), "secp192k1", "secp192k1" }, MBEDTLS_ECP_DP_SECP192K1, }, #endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP224K1), "secp224k1", "secp224k1" }, MBEDTLS_ECP_DP_SECP224K1, }, #endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_SECP256K1), "secp256k1", "secp256k1" }, MBEDTLS_ECP_DP_SECP256K1, }, #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP256R1), "brainpoolP256r1", "brainpool256r1" }, MBEDTLS_ECP_DP_BP256R1, }, #endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP384R1), "brainpoolP384r1", "brainpool384r1" }, MBEDTLS_ECP_DP_BP384R1, }, #endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ #if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) { - { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" }, + { ADD_LEN(MBEDTLS_OID_EC_GRP_BP512R1), "brainpoolP512r1", "brainpool512r1" }, MBEDTLS_ECP_DP_BP512R1, }, #endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ @@ -535,7 +564,11 @@ static const oid_ecp_grp_t oid_ecp_grp[] = FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp) FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, + oid_ecp_grp_t, + oid_ecp_grp, + mbedtls_ecp_group_id, + grp_id) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_CIPHER_C) @@ -550,11 +583,11 @@ typedef struct { static const oid_cipher_alg_t oid_cipher_alg[] = { { - { ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" }, + { ADD_LEN(MBEDTLS_OID_DES_CBC), "desCBC", "DES-CBC" }, MBEDTLS_CIPHER_DES_CBC, }, { - { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" }, + { ADD_LEN(MBEDTLS_OID_DES_EDE3_CBC), "des-ede3-cbc", "DES-EDE3-CBC" }, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { @@ -564,7 +597,11 @@ static const oid_cipher_alg_t oid_cipher_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg) -FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg) +FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, + oid_cipher_alg_t, + cipher_alg, + mbedtls_cipher_type_t, + cipher_alg) #endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_MD_C) @@ -580,51 +617,51 @@ static const oid_md_alg_t oid_md_alg[] = { #if defined(MBEDTLS_MD2_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD2), "id-md2", "MD2" }, MBEDTLS_MD_MD2, }, #endif /* MBEDTLS_MD2_C */ #if defined(MBEDTLS_MD4_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD4), "id-md4", "MD4" }, MBEDTLS_MD_MD4, }, #endif /* MBEDTLS_MD4_C */ #if defined(MBEDTLS_MD5_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_MD5), "id-md5", "MD5" }, MBEDTLS_MD_MD5, }, #endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA1), "id-sha1", "SHA-1" }, MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA224), "id-sha224", "SHA-224" }, MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA256), "id-sha256", "SHA-256" }, MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA384), "id-sha384", "SHA-384" }, MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_SHA512), "id-sha512", "SHA-512" }, MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_RIPEMD160_C) { - { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_RIPEMD160 ), "id-ripemd160", "RIPEMD-160" }, + { ADD_LEN(MBEDTLS_OID_DIGEST_ALG_RIPEMD160), "id-ripemd160", "RIPEMD-160" }, MBEDTLS_MD_RIPEMD160, }, #endif /* MBEDTLS_RIPEMD160_C */ @@ -636,7 +673,11 @@ static const oid_md_alg_t oid_md_alg[] = FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg) FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg) -FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, + oid_md_alg_t, + oid_md_alg, + mbedtls_md_type_t, + md_alg) /* * For HMAC digestAlgorithm @@ -650,27 +691,27 @@ static const oid_md_hmac_t oid_md_hmac[] = { #if defined(MBEDTLS_SHA1_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA1 ), "hmacSHA1", "HMAC-SHA-1" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA1), "hmacSHA1", "HMAC-SHA-1" }, MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA224), "hmacSHA224", "HMAC-SHA-224" }, MBEDTLS_MD_SHA224, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA256), "hmacSHA256", "HMAC-SHA-256" }, MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA384), "hmacSHA384", "HMAC-SHA-384" }, MBEDTLS_MD_SHA384, }, { - { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, + { ADD_LEN(MBEDTLS_OID_HMAC_SHA512), "hmacSHA512", "HMAC-SHA-512" }, MBEDTLS_MD_SHA512, }, #endif /* MBEDTLS_SHA512_C */ @@ -697,11 +738,13 @@ typedef struct { static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = { { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" }, + { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC), "pbeWithSHAAnd3-KeyTripleDES-CBC", + "PBE with SHA1 and 3-Key 3DES" }, MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC, }, { - { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" }, + { ADD_LEN(MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC), "pbeWithSHAAnd2-KeyTripleDES-CBC", + "PBE with SHA1 and 2-Key 3DES" }, MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC, }, { @@ -711,57 +754,82 @@ static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] = }; FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg) -FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg) +FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, + oid_pkcs12_pbe_alg_t, + pkcs12_pbe_alg, + mbedtls_md_type_t, + md_alg, + mbedtls_cipher_type_t, + cipher_alg) #endif /* MBEDTLS_PKCS12_C */ -#define OID_SAFE_SNPRINTF \ - do { \ - if( ret < 0 || (size_t) ret >= n ) \ - return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \ - \ - n -= (size_t) ret; \ - p += (size_t) ret; \ - } while( 0 ) - /* Return the x.y.z.... style numeric string for the given OID */ -int mbedtls_oid_get_numeric_string( char *buf, size_t size, - const mbedtls_asn1_buf *oid ) +int mbedtls_oid_get_numeric_string(char *buf, size_t size, + const mbedtls_asn1_buf *oid) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, n; - unsigned int value; - char *p; + char *p = buf; + size_t n = size; + unsigned int value = 0; - p = buf; - n = size; + if (size > INT_MAX) { + /* Avoid overflow computing return value */ + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } - /* First byte contains first two dots */ - if( oid->len > 0 ) - { - ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 ); - OID_SAFE_SNPRINTF; + if (oid->len <= 0) { + /* OID must not be empty */ + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; } - value = 0; - for( i = 1; i < oid->len; i++ ) - { + for (size_t i = 0; i < oid->len; i++) { /* Prevent overflow in value. */ - if( ( ( value << 7 ) >> 7 ) != value ) - return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); + if (value > (UINT_MAX >> 7)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if ((value == 0) && ((oid->p[i]) == 0x80)) { + /* Overlong encoding is not allowed */ + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } value <<= 7; - value += oid->p[i] & 0x7F; + value |= oid->p[i] & 0x7F; - if( !( oid->p[i] & 0x80 ) ) - { + if (!(oid->p[i] & 0x80)) { /* Last byte */ - ret = mbedtls_snprintf( p, n, ".%u", value ); - OID_SAFE_SNPRINTF; + if (n == size) { + int component1; + unsigned int component2; + /* First subidentifier contains first two OID components */ + if (value >= 80) { + component1 = '2'; + component2 = value - 80; + } else if (value >= 40) { + component1 = '1'; + component2 = value - 40; + } else { + component1 = '0'; + component2 = value; + } + ret = mbedtls_snprintf(p, n, "%c.%u", component1, component2); + } else { + ret = mbedtls_snprintf(p, n, ".%u", value); + } + if (ret < 2 || (size_t) ret >= n) { + return MBEDTLS_ERR_OID_BUF_TOO_SMALL; + } + n -= (size_t) ret; + p += ret; value = 0; } } - return( (int) ( size - n ) ); + if (value != 0) { + /* Unterminated subidentifier */ + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + return (int) (size - n); } #endif /* MBEDTLS_OID_C */ diff --git a/third_party/mbedtls/repo/library/padlock.c b/third_party/mbedtls/repo/library/padlock.c index 837337413cf..0b4b610f964 100644 --- a/third_party/mbedtls/repo/library/padlock.c +++ b/third_party/mbedtls/repo/library/padlock.c @@ -2,19 +2,7 @@ * VIA PadLock support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This implementation is based on the VIA PadLock Programming Guide: @@ -31,23 +19,24 @@ #include +/* *INDENT-OFF* */ #ifndef asm #define asm __asm #endif +/* *INDENT-ON* */ -#if defined(MBEDTLS_HAVE_X86) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) /* * PadLock detection routine */ -int mbedtls_padlock_has_support( int feature ) +int mbedtls_padlock_has_support(int feature) { static int flags = -1; int ebx = 0, edx = 0; - if( flags == -1 ) - { - asm( "movl %%ebx, %0 \n\t" + if (flags == -1) { + asm ("movl %%ebx, %0 \n\t" "movl $0xC0000000, %%eax \n\t" "cpuid \n\t" "cmpl $0xC0000001, %%eax \n\t" @@ -60,21 +49,21 @@ int mbedtls_padlock_has_support( int feature ) "movl %2, %%ebx \n\t" : "=m" (ebx), "=m" (edx) : "m" (ebx) - : "eax", "ecx", "edx" ); + : "eax", "ecx", "edx"); flags = edx; } - return( flags & feature ); + return flags & feature; } /* * PadLock AES-ECB block en(de)cryption */ -int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) +int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) { int ebx = 0; uint32_t *rk; @@ -83,13 +72,13 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, unsigned char buf[256]; rk = ctx->rk; - blk = MBEDTLS_PADLOCK_ALIGN16( buf ); - memcpy( blk, input, 16 ); + blk = MBEDTLS_PADLOCK_ALIGN16(buf); + memcpy(blk, input, 16); - ctrl = blk + 4; - *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 ); + ctrl = blk + 4; + *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode^1) - 10) << 9); - asm( "pushfl \n\t" + asm ("pushfl \n\t" "popfl \n\t" "movl %%ebx, %0 \n\t" "movl $1, %%ecx \n\t" @@ -101,22 +90,22 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, "movl %1, %%ebx \n\t" : "=m" (ebx) : "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk) - : "memory", "ecx", "edx", "esi", "edi" ); + : "memory", "ecx", "edx", "esi", "edi"); - memcpy( output, blk, 16 ); + memcpy(output, blk, 16); - return( 0 ); + return 0; } /* * PadLock AES-CBC buffer en(de)cryption */ -int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) +int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output) { int ebx = 0; size_t count; @@ -125,20 +114,21 @@ int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, uint32_t *ctrl; unsigned char buf[256]; - if( ( (long) input & 15 ) != 0 || - ( (long) output & 15 ) != 0 ) - return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED ); + if (((long) input & 15) != 0 || + ((long) output & 15) != 0) { + return MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED; + } rk = ctx->rk; - iw = MBEDTLS_PADLOCK_ALIGN16( buf ); - memcpy( iw, iv, 16 ); + iw = MBEDTLS_PADLOCK_ALIGN16(buf); + memcpy(iw, iv, 16); - ctrl = iw + 4; - *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode ^ 1 ) - 10 ) << 9 ); + ctrl = iw + 4; + *ctrl = 0x80 | ctx->nr | ((ctx->nr + (mode ^ 1) - 10) << 9); - count = ( length + 15 ) >> 4; + count = (length + 15) >> 4; - asm( "pushfl \n\t" + asm ("pushfl \n\t" "popfl \n\t" "movl %%ebx, %0 \n\t" "movl %2, %%ecx \n\t" @@ -151,14 +141,14 @@ int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, "movl %1, %%ebx \n\t" : "=m" (ebx) : "m" (ebx), "m" (count), "m" (ctrl), - "m" (rk), "m" (input), "m" (output), "m" (iw) - : "memory", "eax", "ecx", "edx", "esi", "edi" ); + "m" (rk), "m" (input), "m" (output), "m" (iw) + : "memory", "eax", "ecx", "edx", "esi", "edi"); - memcpy( iv, iw, 16 ); + memcpy(iv, iw, 16); - return( 0 ); + return 0; } -#endif /* MBEDTLS_HAVE_X86 */ +#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */ #endif /* MBEDTLS_PADLOCK_C */ diff --git a/third_party/mbedtls/repo/library/pem.c b/third_party/mbedtls/repo/library/pem.c index fcfde947999..c1a47b0da47 100644 --- a/third_party/mbedtls/repo/library/pem.c +++ b/third_party/mbedtls/repo/library/pem.c @@ -2,19 +2,7 @@ * Privacy Enhanced Mail (PEM) decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -32,160 +20,173 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #if defined(MBEDTLS_PEM_PARSE_C) -void mbedtls_pem_init( mbedtls_pem_context *ctx ) +void mbedtls_pem_init(mbedtls_pem_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_pem_context ) ); + memset(ctx, 0, sizeof(mbedtls_pem_context)); } #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) /* * Read a 16-byte hex string and convert it to binary */ -static int pem_get_iv( const unsigned char *s, unsigned char *iv, - size_t iv_len ) +static int pem_get_iv(const unsigned char *s, unsigned char *iv, + size_t iv_len) { size_t i, j, k; - memset( iv, 0, iv_len ); - - for( i = 0; i < iv_len * 2; i++, s++ ) - { - if( *s >= '0' && *s <= '9' ) j = *s - '0'; else - if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else - if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + memset(iv, 0, iv_len); + + for (i = 0; i < iv_len * 2; i++, s++) { + if (*s >= '0' && *s <= '9') { + j = *s - '0'; + } else + if (*s >= 'A' && *s <= 'F') { + j = *s - '7'; + } else + if (*s >= 'a' && *s <= 'f') { + j = *s - 'W'; + } else { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } - k = ( ( i & 1 ) != 0 ) ? j : j << 4; + k = ((i & 1) != 0) ? j : j << 4; - iv[i >> 1] = (unsigned char)( iv[i >> 1] | k ); + iv[i >> 1] = (unsigned char) (iv[i >> 1] | k); } - return( 0 ); + return 0; } -static int pem_pbkdf1( unsigned char *key, size_t keylen, - unsigned char *iv, - const unsigned char *pwd, size_t pwdlen ) +static int pem_pbkdf1(unsigned char *key, size_t keylen, + unsigned char *iv, + const unsigned char *pwd, size_t pwdlen) { mbedtls_md5_context md5_ctx; unsigned char md5sum[16]; size_t use_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md5_init( &md5_ctx ); + mbedtls_md5_init(&md5_ctx); /* * key[ 0..15] = MD5(pwd || IV) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) { goto exit; + } - if( keylen <= 16 ) - { - memcpy( key, md5sum, keylen ); + if (keylen <= 16) { + memcpy(key, md5sum, keylen); goto exit; } - memcpy( key, md5sum, 16 ); + memcpy(key, md5sum, 16); /* * key[16..23] = MD5(key[ 0..15] || pwd || IV]) */ - if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, md5sum, 16)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5_ctx, iv, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5_ctx, md5sum)) != 0) { goto exit; + } use_len = 16; - if( keylen < 32 ) + if (keylen < 32) { use_len = keylen - 16; + } - memcpy( key + 16, md5sum, use_len ); + memcpy(key + 16, md5sum, use_len); exit: - mbedtls_md5_free( &md5_ctx ); - mbedtls_platform_zeroize( md5sum, 16 ); + mbedtls_md5_free(&md5_ctx); + mbedtls_platform_zeroize(md5sum, 16); - return( ret ); + return ret; } #if defined(MBEDTLS_DES_C) /* * Decrypt with DES-CBC, using PBKDF1 for key derivation */ -static int pem_des_decrypt( unsigned char des_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_des_decrypt(unsigned char des_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_des_context des_ctx; unsigned char des_key[8]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_des_init( &des_ctx ); + mbedtls_des_init(&des_ctx); - if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(des_key, 8, des_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 ) + if ((ret = mbedtls_des_setkey_dec(&des_ctx, des_key)) != 0) { goto exit; - ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen, - des_iv, buf, buf ); + } + ret = mbedtls_des_crypt_cbc(&des_ctx, MBEDTLS_DES_DECRYPT, buflen, + des_iv, buf, buf); exit: - mbedtls_des_free( &des_ctx ); - mbedtls_platform_zeroize( des_key, 8 ); + mbedtls_des_free(&des_ctx); + mbedtls_platform_zeroize(des_key, 8); - return( ret ); + return ret; } /* * Decrypt with 3DES-CBC, using PBKDF1 for key derivation */ -static int pem_des3_decrypt( unsigned char des3_iv[8], - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_des3_decrypt(unsigned char des3_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_des3_context des3_ctx; unsigned char des3_key[24]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_des3_init( &des3_ctx ); + mbedtls_des3_init(&des3_ctx); - if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(des3_key, 24, des3_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 ) + if ((ret = mbedtls_des3_set3key_dec(&des3_ctx, des3_key)) != 0) { goto exit; - ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen, - des3_iv, buf, buf ); + } + ret = mbedtls_des3_crypt_cbc(&des3_ctx, MBEDTLS_DES_DECRYPT, buflen, + des3_iv, buf, buf); exit: - mbedtls_des3_free( &des3_ctx ); - mbedtls_platform_zeroize( des3_key, 24 ); + mbedtls_des3_free(&des3_ctx); + mbedtls_platform_zeroize(des3_key, 24); - return( ret ); + return ret; } #endif /* MBEDTLS_DES_C */ @@ -193,45 +194,47 @@ static int pem_des3_decrypt( unsigned char des3_iv[8], /* * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation */ -static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, - unsigned char *buf, size_t buflen, - const unsigned char *pwd, size_t pwdlen ) +static int pem_aes_decrypt(unsigned char aes_iv[16], unsigned int keylen, + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen) { mbedtls_aes_context aes_ctx; unsigned char aes_key[32]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_aes_init( &aes_ctx ); + mbedtls_aes_init(&aes_ctx); - if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 ) + if ((ret = pem_pbkdf1(aes_key, keylen, aes_iv, pwd, pwdlen)) != 0) { goto exit; + } - if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 ) + if ((ret = mbedtls_aes_setkey_dec(&aes_ctx, aes_key, keylen * 8)) != 0) { goto exit; - ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen, - aes_iv, buf, buf ); + } + ret = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT, buflen, + aes_iv, buf, buf); exit: - mbedtls_aes_free( &aes_ctx ); - mbedtls_platform_zeroize( aes_key, keylen ); + mbedtls_aes_free(&aes_ctx); + mbedtls_platform_zeroize(aes_key, keylen); - return( ret ); + return ret; } #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ -int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer, - const unsigned char *data, const unsigned char *pwd, - size_t pwdlen, size_t *use_len ) +int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer, + const unsigned char *data, const unsigned char *pwd, + size_t pwdlen, size_t *use_len) { int ret, enc; size_t len; unsigned char *buf; const unsigned char *s1, *s2, *end; #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) unsigned char pem_iv[16]; mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE; #else @@ -240,154 +243,181 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ - if( ctx == NULL ) - return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA ); + if (ctx == NULL) { + return MBEDTLS_ERR_PEM_BAD_INPUT_DATA; + } - s1 = (unsigned char *) strstr( (const char *) data, header ); + s1 = (unsigned char *) strstr((const char *) data, header); - if( s1 == NULL ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + if (s1 == NULL) { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } - s2 = (unsigned char *) strstr( (const char *) data, footer ); + s2 = (unsigned char *) strstr((const char *) data, footer); - if( s2 == NULL || s2 <= s1 ) - return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + if (s2 == NULL || s2 <= s1) { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } - s1 += strlen( header ); - if( *s1 == ' ' ) s1++; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + s1 += strlen(header); + if (*s1 == ' ') { + s1++; + } + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; + } end = s2; - end += strlen( footer ); - if( *end == ' ' ) end++; - if( *end == '\r' ) end++; - if( *end == '\n' ) end++; + end += strlen(footer); + if (*end == ' ') { + end++; + } + if (*end == '\r') { + end++; + } + if (*end == '\n') { + end++; + } *use_len = end - data; enc = 0; - if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) - { + if (s2 - s1 >= 22 && memcmp(s1, "Proc-Type: 4,ENCRYPTED", 22) == 0) { #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) enc++; s1 += 22; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } #if defined(MBEDTLS_DES_C) - if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) - { + if (s2 - s1 >= 23 && memcmp(s1, "DEK-Info: DES-EDE3-CBC,", 23) == 0) { enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC; s1 += 23; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 16; - } - else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) - { + } else if (s2 - s1 >= 18 && memcmp(s1, "DEK-Info: DES-CBC,", 18) == 0) { enc_alg = MBEDTLS_CIPHER_DES_CBC; s1 += 18; - if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 16 || pem_get_iv(s1, pem_iv, 8) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 16; } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) - { - if( s2 - s1 < 22 ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); - else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) + if (s2 - s1 >= 14 && memcmp(s1, "DEK-Info: AES-", 14) == 0) { + if (s2 - s1 < 22) { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } else if (memcmp(s1, "DEK-Info: AES-128-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_128_CBC; - else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) + } else if (memcmp(s1, "DEK-Info: AES-192-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_192_CBC; - else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 ) + } else if (memcmp(s1, "DEK-Info: AES-256-CBC,", 22) == 0) { enc_alg = MBEDTLS_CIPHER_AES_256_CBC; - else - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); + } else { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } s1 += 22; - if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 ) - return( MBEDTLS_ERR_PEM_INVALID_ENC_IV ); + if (s2 - s1 < 32 || pem_get_iv(s1, pem_iv, 16) != 0) { + return MBEDTLS_ERR_PEM_INVALID_ENC_IV; + } s1 += 32; } #endif /* MBEDTLS_AES_C */ - if( enc_alg == MBEDTLS_CIPHER_NONE ) - return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG ); + if (enc_alg == MBEDTLS_CIPHER_NONE) { + return MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG; + } - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; - else return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (*s1 == '\r') { + s1++; + } + if (*s1 == '\n') { + s1++; + } else { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } #else - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } - if( s1 >= s2 ) - return( MBEDTLS_ERR_PEM_INVALID_DATA ); + if (s1 >= s2) { + return MBEDTLS_ERR_PEM_INVALID_DATA; + } - ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 ); + ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1); - if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); + if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); + } - if( ( buf = mbedtls_calloc( 1, len ) ) == NULL ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); + if ((buf = mbedtls_calloc(1, len)) == NULL) { + return MBEDTLS_ERR_PEM_ALLOC_FAILED; + } - if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PEM_INVALID_DATA, ret ) ); + if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); } - if( enc != 0 ) - { + if (enc != 0) { #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ - ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) ) - if( pwd == NULL ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ); + (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) + if (pwd == NULL) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_PASSWORD_REQUIRED; } ret = 0; #if defined(MBEDTLS_DES_C) - if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC ) - ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_DES_CBC ) - ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen ); + if (enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC) { + ret = pem_des3_decrypt(pem_iv, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_DES_CBC) { + ret = pem_des_decrypt(pem_iv, buf, len, pwd, pwdlen); + } #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) - if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC ) - ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC ) - ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen ); - else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC ) - ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen ); + if (enc_alg == MBEDTLS_CIPHER_AES_128_CBC) { + ret = pem_aes_decrypt(pem_iv, 16, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_AES_192_CBC) { + ret = pem_aes_decrypt(pem_iv, 24, buf, len, pwd, pwdlen); + } else if (enc_alg == MBEDTLS_CIPHER_AES_256_CBC) { + ret = pem_aes_decrypt(pem_iv, 32, buf, len, pwd, pwdlen); + } #endif /* MBEDTLS_AES_C */ - if( ret != 0 ) - { - mbedtls_free( buf ); - return( ret ); + if (ret != 0) { + mbedtls_free(buf); + return ret; } /* @@ -396,16 +426,15 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const * * Use that as a heuristic to try to detect password mismatches. */ - if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 ) - { - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ); + if (len <= 2 || buf[0] != 0x30 || buf[1] > 0x83) { + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_PASSWORD_MISMATCH; } #else - mbedtls_platform_zeroize( buf, len ); - mbedtls_free( buf ); - return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE ); + mbedtls_platform_zeroize(buf, len); + mbedtls_free(buf); + return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ } @@ -413,77 +442,73 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const ctx->buf = buf; ctx->buflen = len; - return( 0 ); + return 0; } -void mbedtls_pem_free( mbedtls_pem_context *ctx ) +void mbedtls_pem_free(mbedtls_pem_context *ctx) { - if ( ctx->buf != NULL ) - { - mbedtls_platform_zeroize( ctx->buf, ctx->buflen ); - mbedtls_free( ctx->buf ); + if (ctx->buf != NULL) { + mbedtls_platform_zeroize(ctx->buf, ctx->buflen); + mbedtls_free(ctx->buf); } - mbedtls_free( ctx->info ); + mbedtls_free(ctx->info); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pem_context)); } #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_pem_write_buffer( const char *header, const char *footer, - const unsigned char *der_data, size_t der_len, - unsigned char *buf, size_t buf_len, size_t *olen ) +int mbedtls_pem_write_buffer(const char *header, const char *footer, + const unsigned char *der_data, size_t der_len, + unsigned char *buf, size_t buf_len, size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *encode_buf = NULL, *c, *p = buf; size_t len = 0, use_len, add_len = 0; - mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len ); - add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1; + mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); + add_len = strlen(header) + strlen(footer) + (use_len / 64) + 1; - if( use_len + add_len > buf_len ) - { + if (use_len + add_len > buf_len) { *olen = use_len + add_len; - return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } - if( use_len != 0 && - ( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL ) ) - return( MBEDTLS_ERR_PEM_ALLOC_FAILED ); + if (use_len != 0 && + ((encode_buf = mbedtls_calloc(1, use_len)) == NULL)) { + return MBEDTLS_ERR_PEM_ALLOC_FAILED; + } - if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data, - der_len ) ) != 0 ) - { - mbedtls_free( encode_buf ); - return( ret ); + if ((ret = mbedtls_base64_encode(encode_buf, use_len, &use_len, der_data, + der_len)) != 0) { + mbedtls_free(encode_buf); + return ret; } - memcpy( p, header, strlen( header ) ); - p += strlen( header ); + memcpy(p, header, strlen(header)); + p += strlen(header); c = encode_buf; - while( use_len ) - { - len = ( use_len > 64 ) ? 64 : use_len; - memcpy( p, c, len ); + while (use_len) { + len = (use_len > 64) ? 64 : use_len; + memcpy(p, c, len); use_len -= len; p += len; c += len; *p++ = '\n'; } - memcpy( p, footer, strlen( footer ) ); - p += strlen( footer ); + memcpy(p, footer, strlen(footer)); + p += strlen(footer); *p++ = '\0'; *olen = p - buf; - /* Clean any remaining data previously written to the buffer */ - memset( buf + *olen, 0, buf_len - *olen ); + /* Clean any remaining data previously written to the buffer */ + memset(buf + *olen, 0, buf_len - *olen); - mbedtls_free( encode_buf ); - return( 0 ); + mbedtls_free(encode_buf); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ - diff --git a/third_party/mbedtls/repo/library/pk.c b/third_party/mbedtls/repo/library/pk.c index 05cc2134f1c..6b5008df2aa 100644 --- a/third_party/mbedtls/repo/library/pk.c +++ b/third_party/mbedtls/repo/library/pk.c @@ -2,19 +2,7 @@ * Public Key abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -44,17 +32,17 @@ #include /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) /* * Initialise a mbedtls_pk_context */ -void mbedtls_pk_init( mbedtls_pk_context *ctx ) +void mbedtls_pk_init(mbedtls_pk_context *ctx) { - PK_VALIDATE( ctx != NULL ); + PK_VALIDATE(ctx != NULL); ctx->pk_info = NULL; ctx->pk_ctx = NULL; @@ -63,24 +51,26 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ) /* * Free (the components of) a mbedtls_pk_context */ -void mbedtls_pk_free( mbedtls_pk_context *ctx ) +void mbedtls_pk_free(mbedtls_pk_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - if ( ctx->pk_info != NULL ) - ctx->pk_info->ctx_free_func( ctx->pk_ctx ); + if (ctx->pk_info != NULL) { + ctx->pk_info->ctx_free_func(ctx->pk_ctx); + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pk_context)); } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) +void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx) { - PK_VALIDATE( ctx != NULL ); + PK_VALIDATE(ctx != NULL); ctx->pk_info = NULL; ctx->rs_ctx = NULL; } @@ -88,15 +78,14 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) /* * Free the components of a restart context */ -void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) +void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx) { - if( ctx == NULL || ctx->pk_info == NULL || - ctx->pk_info->rs_free_func == NULL ) - { + if (ctx == NULL || ctx->pk_info == NULL || + ctx->pk_info->rs_free_func == NULL) { return; } - ctx->pk_info->rs_free_func( ctx->rs_ctx ); + ctx->pk_info->rs_free_func(ctx->rs_ctx); ctx->pk_info = NULL; ctx->rs_ctx = NULL; @@ -106,79 +95,85 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) /* * Get pk_info structure from type */ -const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ) +const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type) { - switch( pk_type ) { + switch (pk_type) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: - return( &mbedtls_rsa_info ); + return &mbedtls_rsa_info; #endif #if defined(MBEDTLS_ECP_C) case MBEDTLS_PK_ECKEY: - return( &mbedtls_eckey_info ); + return &mbedtls_eckey_info; case MBEDTLS_PK_ECKEY_DH: - return( &mbedtls_eckeydh_info ); + return &mbedtls_eckeydh_info; #endif #if defined(MBEDTLS_ECDSA_C) case MBEDTLS_PK_ECDSA: - return( &mbedtls_ecdsa_info ); + return &mbedtls_ecdsa_info; #endif /* MBEDTLS_PK_RSA_ALT omitted on purpose */ default: - return( NULL ); + return NULL; } } /* * Initialise context */ -int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) +int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info) { - PK_VALIDATE_RET( ctx != NULL ); - if( info == NULL || ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (info == NULL || ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* * Initialise a PSA-wrapping context */ -int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, - const psa_key_id_t key ) +int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, + const psa_key_id_t key) { const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_id_t *pk_ctx; psa_key_type_t type; - if( ctx == NULL || ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( PSA_SUCCESS != psa_get_key_attributes( key, &attributes ) ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - type = psa_get_key_type( &attributes ); - psa_reset_key_attributes( &attributes ); + if (PSA_SUCCESS != psa_get_key_attributes(key, &attributes)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + type = psa_get_key_type(&attributes); + psa_reset_key_attributes(&attributes); /* Current implementation of can_do() relies on this. */ - if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ; + if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; pk_ctx = (psa_key_id_t *) ctx->pk_ctx; *pk_ctx = key; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -186,20 +181,22 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, /* * Initialize an RSA-alt context */ -int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, - mbedtls_pk_rsa_alt_decrypt_func decrypt_func, - mbedtls_pk_rsa_alt_sign_func sign_func, - mbedtls_pk_rsa_alt_key_len_func key_len_func ) +int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key, + mbedtls_pk_rsa_alt_decrypt_func decrypt_func, + mbedtls_pk_rsa_alt_sign_func sign_func, + mbedtls_pk_rsa_alt_key_len_func key_len_func) { mbedtls_rsa_alt_context *rsa_alt; const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info; - PK_VALIDATE_RET( ctx != NULL ); - if( ctx->pk_info != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (ctx->pk_info != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; @@ -210,377 +207,406 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, rsa_alt->sign_func = sign_func; rsa_alt->key_len_func = key_len_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ /* * Tell if a PK can do the operations of the given type */ -int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) +int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type) { /* A context with null pk_info is not set up yet and can't do anything. * For backward compatibility, also accept NULL instead of a context * pointer. */ - if( ctx == NULL || ctx->pk_info == NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info == NULL) { + return 0; + } - return( ctx->pk_info->can_do( type ) ); + return ctx->pk_info->can_do(type); } /* * Helper for mbedtls_pk_sign and mbedtls_pk_verify */ -static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len ) +static inline int pk_hashlen_helper(mbedtls_md_type_t md_alg, size_t *hash_len) { const mbedtls_md_info_t *md_info; - if( *hash_len != 0 && md_alg == MBEDTLS_MD_NONE ) - return( 0 ); + if (*hash_len != 0 && md_alg == MBEDTLS_MD_NONE) { + return 0; + } - if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL ) - return( -1 ); + if ((md_info = mbedtls_md_info_from_type(md_alg)) == NULL) { + return -1; + } - if ( *hash_len != 0 && *hash_len != mbedtls_md_get_size( md_info ) ) - return ( -1 ); + if (*hash_len != 0 && *hash_len != mbedtls_md_get_size(md_info)) { + return -1; + } - *hash_len = mbedtls_md_get_size( md_info ); - return( 0 ); + *hash_len = mbedtls_md_get_size(md_info); + return 0; } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Helper to set up a restart context if needed */ -static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx, - const mbedtls_pk_info_t *info ) +static int pk_restart_setup(mbedtls_pk_restart_ctx *ctx, + const mbedtls_pk_info_t *info) { /* Don't do anything if already set up or invalid */ - if( ctx == NULL || ctx->pk_info != NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info != NULL) { + return 0; + } /* Should never happen when we're called */ - if( info->rs_alloc_func == NULL || info->rs_free_func == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (info->rs_alloc_func == NULL || info->rs_free_func == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((ctx->rs_ctx = info->rs_alloc_func()) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } ctx->pk_info = info; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* * Verify a signature (restartable) */ -int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - mbedtls_pk_restart_ctx *rs_ctx ) +int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); - - if( ctx->pk_info == NULL || - pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); + + if (ctx->pk_info == NULL || + pk_hashlen_helper(md_alg, &hash_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* optimization: use non-restartable version if restart disabled */ - if( rs_ctx != NULL && + if (rs_ctx != NULL && mbedtls_ecp_restart_is_enabled() && - ctx->pk_info->verify_rs_func != NULL ) - { + ctx->pk_info->verify_rs_func != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) - return( ret ); + if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) { + return ret; + } - ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx, - md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx ); + ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx, + md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx); - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_pk_restart_free( rs_ctx ); + if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_pk_restart_free(rs_ctx); + } - return( ret ); + return ret; } #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ (void) rs_ctx; #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - if( ctx->pk_info->verify_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->verify_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len, - sig, sig_len ) ); + return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len, + sig, sig_len); } /* * Verify a signature */ -int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { - return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len, - sig, sig_len, NULL ) ); + return mbedtls_pk_verify_restartable(ctx, md_alg, hash, hash_len, + sig, sig_len, NULL); } /* * Verify a signature with options */ -int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, - mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, + mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ! mbedtls_pk_can_do( ctx, type ) ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (!mbedtls_pk_can_do(ctx, type)) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - if( type == MBEDTLS_PK_RSASSA_PSS ) - { + if (type == MBEDTLS_PK_RSASSA_PSS) { #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_rsassa_pss_options *pss_opts; #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - if( options == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (options == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } pss_opts = (const mbedtls_pk_rsassa_pss_options *) options; - if( sig_len < mbedtls_pk_get_len( ctx ) ) - return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - - ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), - NULL, NULL, MBEDTLS_RSA_PUBLIC, - md_alg, (unsigned int) hash_len, hash, - pss_opts->mgf1_hash_id, - pss_opts->expected_salt_len, - sig ); - if( ret != 0 ) - return( ret ); - - if( sig_len > mbedtls_pk_get_len( ctx ) ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); - - return( 0 ); + if (sig_len < mbedtls_pk_get_len(ctx)) { + return MBEDTLS_ERR_RSA_VERIFY_FAILED; + } + + ret = mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_pk_rsa(*ctx), + NULL, NULL, MBEDTLS_RSA_PUBLIC, + md_alg, (unsigned int) hash_len, hash, + pss_opts->mgf1_hash_id, + pss_opts->expected_salt_len, + sig); + if (ret != 0) { + return ret; + } + + if (sig_len > mbedtls_pk_get_len(ctx)) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } + + return 0; #else - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */ } /* General case: no options */ - if( options != NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (options != NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); + return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len); } /* * Make a signature (restartable) */ -int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, - mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_pk_restart_ctx *rs_ctx ) +int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || - hash != NULL ); - PK_VALIDATE_RET( sig != NULL ); - - if( ctx->pk_info == NULL || - pk_hashlen_helper( md_alg, &hash_len ) != 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && hash_len == 0) || + hash != NULL); + PK_VALIDATE_RET(sig != NULL); + + if (ctx->pk_info == NULL || + pk_hashlen_helper(md_alg, &hash_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* optimization: use non-restartable version if restart disabled */ - if( rs_ctx != NULL && + if (rs_ctx != NULL && mbedtls_ecp_restart_is_enabled() && - ctx->pk_info->sign_rs_func != NULL ) - { + ctx->pk_info->sign_rs_func != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) - return( ret ); + if ((ret = pk_restart_setup(rs_ctx, ctx->pk_info)) != 0) { + return ret; + } - ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg, - hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx ); + ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg, + hash, hash_len, sig, sig_len, f_rng, p_rng, + rs_ctx->rs_ctx); - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_pk_restart_free( rs_ctx ); + if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_pk_restart_free(rs_ctx); + } - return( ret ); + return ret; } #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ (void) rs_ctx; #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ - if( ctx->pk_info->sign_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->sign_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng ) ); + return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg, hash, hash_len, + sig, sig_len, f_rng, p_rng); } /* * Make a signature */ -int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len, - sig, sig_len, f_rng, p_rng, NULL ) ); + return mbedtls_pk_sign_restartable(ctx, md_alg, hash, hash_len, + sig, sig_len, f_rng, p_rng, NULL); } /* * Decrypt message */ -int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( input != NULL || ilen == 0 ); - PK_VALIDATE_RET( output != NULL || osize == 0 ); - PK_VALIDATE_RET( olen != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(input != NULL || ilen == 0); + PK_VALIDATE_RET(output != NULL || osize == 0); + PK_VALIDATE_RET(olen != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->decrypt_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->decrypt_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen, - output, olen, osize, f_rng, p_rng ) ); + return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen, + output, olen, osize, f_rng, p_rng); } /* * Encrypt message */ -int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( input != NULL || ilen == 0 ); - PK_VALIDATE_RET( output != NULL || osize == 0 ); - PK_VALIDATE_RET( olen != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(input != NULL || ilen == 0); + PK_VALIDATE_RET(output != NULL || osize == 0); + PK_VALIDATE_RET(olen != NULL); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->encrypt_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->encrypt_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen, - output, olen, osize, f_rng, p_rng ) ); + return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen, + output, olen, osize, f_rng, p_rng); } /* * Check public-private key pair */ -int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) +int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv) { - PK_VALIDATE_RET( pub != NULL ); - PK_VALIDATE_RET( prv != NULL ); + PK_VALIDATE_RET(pub != NULL); + PK_VALIDATE_RET(prv != NULL); - if( pub->pk_info == NULL || - prv->pk_info == NULL ) - { - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (pub->pk_info == NULL || + prv->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - if( prv->pk_info->check_pair_func == NULL ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); - - if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT ) - { - if( pub->pk_info->type != MBEDTLS_PK_RSA ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (prv->pk_info->check_pair_func == NULL) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - else - { - if( pub->pk_info != prv->pk_info ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + + if (prv->pk_info->type == MBEDTLS_PK_RSA_ALT) { + if (pub->pk_info->type != MBEDTLS_PK_RSA) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + } else { + if (pub->pk_info != prv->pk_info) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } } - return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) ); + return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx); } /* * Get key size in bits */ -size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ) +size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx) { /* For backward compatibility, accept NULL or a context that * isn't set up yet, and return a fake value that should be safe. */ - if( ctx == NULL || ctx->pk_info == NULL ) - return( 0 ); + if (ctx == NULL || ctx->pk_info == NULL) { + return 0; + } - return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) ); + return ctx->pk_info->get_bitlen(ctx->pk_ctx); } /* * Export debug information */ -int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ) +int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items) { - PK_VALIDATE_RET( ctx != NULL ); - if( ctx->pk_info == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + PK_VALIDATE_RET(ctx != NULL); + if (ctx->pk_info == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - if( ctx->pk_info->debug_func == NULL ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (ctx->pk_info->debug_func == NULL) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - ctx->pk_info->debug_func( ctx->pk_ctx, items ); - return( 0 ); + ctx->pk_info->debug_func(ctx->pk_ctx, items); + return 0; } /* * Access the PK type name */ -const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx ) +const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx) { - if( ctx == NULL || ctx->pk_info == NULL ) - return( "invalid PK" ); + if (ctx == NULL || ctx->pk_info == NULL) { + return "invalid PK"; + } - return( ctx->pk_info->name ); + return ctx->pk_info->name; } /* * Access the PK type */ -mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) +mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx) { - if( ctx == NULL || ctx->pk_info == NULL ) - return( MBEDTLS_PK_NONE ); + if (ctx == NULL || ctx->pk_info == NULL) { + return MBEDTLS_PK_NONE; + } - return( ctx->pk_info->type ); + return ctx->pk_info->type; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -590,15 +616,15 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ) * * Currently only works for EC private keys. */ -int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, - psa_key_id_t *key, - psa_algorithm_t hash_alg ) +int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, + psa_key_id_t *key, + psa_algorithm_t hash_alg) { #if !defined(MBEDTLS_ECP_C) ((void) pk); ((void) key); ((void) hash_alg); - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + return MBEDTLS_ERR_PK_TYPE_MISMATCH; #else const mbedtls_ecp_keypair *ec; unsigned char d[MBEDTLS_ECP_MAX_BYTES]; @@ -608,34 +634,40 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, psa_key_type_t key_type; size_t bits; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status; /* export the private key material in the format PSA wants */ - if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY ) - return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); + if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } - ec = mbedtls_pk_ec( *pk ); - d_len = ( ec->grp.nbits + 7 ) / 8; - if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 ) - return( ret ); + ec = mbedtls_pk_ec(*pk); + d_len = (ec->grp.nbits + 7) / 8; + if ((ret = mbedtls_mpi_write_binary(&ec->d, d, d_len)) != 0) { + return ret; + } - curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits ); - key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id ); + curve_id = mbedtls_ecc_group_to_psa(ec->grp.id, &bits); + key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_id); /* prepare the key attributes */ - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg)); /* import private key into PSA */ - if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + status = psa_import_key(&attributes, d, d_len, key); + mbedtls_platform_zeroize(d, sizeof(d)); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } /* make PK context wrap the key slot */ - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); - return( mbedtls_pk_setup_opaque( pk, *key ) ); + return mbedtls_pk_setup_opaque(pk, *key); #endif /* MBEDTLS_ECP_C */ } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/third_party/mbedtls/repo/library/pk_wrap.c b/third_party/mbedtls/repo/library/pk_wrap.c index 107e912acee..14c6d3f99cd 100644 --- a/third_party/mbedtls/repo/library/pk_wrap.c +++ b/third_party/mbedtls/repo/library/pk_wrap.c @@ -2,19 +2,7 @@ * Public Key abstraction layer: wrapper functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -50,142 +38,144 @@ #include "mbedtls/asn1.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include #include #if defined(MBEDTLS_RSA_C) -static int rsa_can_do( mbedtls_pk_type_t type ) +static int rsa_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_RSA || - type == MBEDTLS_PK_RSASSA_PSS ); + return type == MBEDTLS_PK_RSA || + type == MBEDTLS_PK_RSASSA_PSS; } -static size_t rsa_get_bitlen( const void *ctx ) +static size_t rsa_get_bitlen(const void *ctx) { - const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; - return( 8 * mbedtls_rsa_get_len( rsa ) ); + const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) ctx; + return 8 * mbedtls_rsa_get_len(rsa); } -static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; - size_t rsa_len = mbedtls_rsa_get_len( rsa ); + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + size_t rsa_len = mbedtls_rsa_get_len(rsa); #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - if( sig_len < rsa_len ) - return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); + if (sig_len < rsa_len) { + return MBEDTLS_ERR_RSA_VERIFY_FAILED; + } - if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL, - MBEDTLS_RSA_PUBLIC, md_alg, - (unsigned int) hash_len, hash, sig ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(rsa, NULL, NULL, + MBEDTLS_RSA_PUBLIC, md_alg, + (unsigned int) hash_len, hash, sig)) != 0) { + return ret; + } /* The buffer contains a valid signature followed by extra data. * We have a special error code for that so that so that callers can * use mbedtls_pk_verify() to check "Does the buffer start with a * valid signature?" and not just "Does the buffer contain a valid * signature?". */ - if( sig_len > rsa_len ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (sig_len > rsa_len) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( 0 ); + return 0; } -static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; #if SIZE_MAX > UINT_MAX - if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - *sig_len = mbedtls_rsa_get_len( rsa ); + *sig_len = mbedtls_rsa_get_len(rsa); - return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, (unsigned int) hash_len, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign(rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_decrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_decrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; - if( ilen != mbedtls_rsa_get_len( rsa ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen != mbedtls_rsa_get_len(rsa)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + return mbedtls_rsa_pkcs1_decrypt(rsa, f_rng, p_rng, + MBEDTLS_RSA_PRIVATE, olen, input, output, osize); } -static int rsa_encrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_encrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; - *olen = mbedtls_rsa_get_len( rsa ); + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + *olen = mbedtls_rsa_get_len(rsa); - if( *olen > osize ) - return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); + if (*olen > osize) { + return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; + } - return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, - ilen, input, output ) ); + return mbedtls_rsa_pkcs1_encrypt(rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, + ilen, input, output); } -static int rsa_check_pair_wrap( const void *pub, const void *prv ) +static int rsa_check_pair_wrap(const void *pub, const void *prv) { - return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, - (const mbedtls_rsa_context *) prv ) ); + return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub, + (const mbedtls_rsa_context *) prv); } -static void *rsa_alloc_wrap( void ) +static void *rsa_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_context)); - if( ctx != NULL ) - mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); + if (ctx != NULL) { + mbedtls_rsa_init((mbedtls_rsa_context *) ctx, 0, 0); + } - return( ctx ); + return ctx; } -static void rsa_free_wrap( void *ctx ) +static void rsa_free_wrap(void *ctx) { - mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_rsa_free((mbedtls_rsa_context *) ctx); + mbedtls_free(ctx); } -static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) +static void rsa_debug(const void *ctx, mbedtls_pk_debug_item *items) { items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.N"; - items->value = &( ((mbedtls_rsa_context *) ctx)->N ); + items->value = &(((mbedtls_rsa_context *) ctx)->N); items++; items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.E"; - items->value = &( ((mbedtls_rsa_context *) ctx)->E ); + items->value = &(((mbedtls_rsa_context *) ctx)->E); } const mbedtls_pk_info_t mbedtls_rsa_info = { @@ -216,77 +206,79 @@ const mbedtls_pk_info_t mbedtls_rsa_info = { /* * Generic EC key */ -static int eckey_can_do( mbedtls_pk_type_t type ) +static int eckey_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECKEY_DH || - type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH || + type == MBEDTLS_PK_ECDSA; } -static size_t eckey_get_bitlen( const void *ctx ) +static size_t eckey_get_bitlen(const void *ctx) { - return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); + return ((mbedtls_ecp_keypair *) ctx)->grp.pbits; } #if defined(MBEDTLS_ECDSA_C) /* Forward declarations */ -static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ); - -static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); - -static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len); + +static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +static int eckey_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) - ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); + if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { + ret = ecdsa_verify_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len); + } - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); - return( ret ); + return ret; } -static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int eckey_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecdsa_context ecdsa; - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) - ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, - f_rng, p_rng ); + if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { + ret = ecdsa_sign_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len, + f_rng, p_rng); + } - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); - return( ret ); + return ret; } #if defined(MBEDTLS_ECP_RESTARTABLE) /* Forward declarations */ -static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ); +static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx); -static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ); +static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx); /* * Restart context for ECDSA operations with ECKEY context @@ -294,120 +286,124 @@ static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, * We need to store an actual ECDSA context, as we need to pass the same to * the underlying ecdsa function, so we can't create it on the fly every time. */ -typedef struct -{ +typedef struct { mbedtls_ecdsa_restart_ctx ecdsa_rs; mbedtls_ecdsa_context ecdsa_ctx; } eckey_restart_ctx; -static void *eckey_rs_alloc( void ) +static void *eckey_rs_alloc(void) { eckey_restart_ctx *rs_ctx; - void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) ); + void *ctx = mbedtls_calloc(1, sizeof(eckey_restart_ctx)); - if( ctx != NULL ) - { + if (ctx != NULL) { rs_ctx = ctx; - mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs ); - mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx ); + mbedtls_ecdsa_restart_init(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_init(&rs_ctx->ecdsa_ctx); } - return( ctx ); + return ctx; } -static void eckey_rs_free( void *ctx ) +static void eckey_rs_free(void *ctx) { eckey_restart_ctx *rs_ctx; - if( ctx == NULL) + if (ctx == NULL) { return; + } rs_ctx = ctx; - mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs ); - mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx ); + mbedtls_ecdsa_restart_free(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_free(&rs_ctx->ecdsa_ctx); - mbedtls_free( ctx ); + mbedtls_free(ctx); } -static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ) +static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ - if( rs == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* set up our own sub-context if needed (that is, on first run) */ - if( rs->ecdsa_ctx.grp.pbits == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + } - MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx, - md_alg, hash, hash_len, - sig, sig_len, &rs->ecdsa_rs ) ); + MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(&rs->ecdsa_ctx, + md_alg, hash, hash_len, + sig, sig_len, &rs->ecdsa_rs)); cleanup: - return( ret ); + return ret; } -static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ) +static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; eckey_restart_ctx *rs = rs_ctx; /* Should never happen */ - if( rs == NULL ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* set up our own sub-context if needed (that is, on first run) */ - if( rs->ecdsa_ctx.grp.pbits == 0 ) - MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); + } - MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg, - hash, hash_len, sig, sig_len, - f_rng, p_rng, &rs->ecdsa_rs ) ); + MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(&rs->ecdsa_ctx, md_alg, + hash, hash_len, sig, sig_len, + f_rng, p_rng, &rs->ecdsa_rs)); cleanup: - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C */ -static int eckey_check_pair( const void *pub, const void *prv ) +static int eckey_check_pair(const void *pub, const void *prv) { - return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, - (const mbedtls_ecp_keypair *) prv ) ); + return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub, + (const mbedtls_ecp_keypair *) prv); } -static void *eckey_alloc_wrap( void ) +static void *eckey_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); - if( ctx != NULL ) - mbedtls_ecp_keypair_init( ctx ); + if (ctx != NULL) { + mbedtls_ecp_keypair_init(ctx); + } - return( ctx ); + return ctx; } -static void eckey_free_wrap( void *ctx ) +static void eckey_free_wrap(void *ctx) { - mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); - mbedtls_free( ctx ); + mbedtls_ecp_keypair_free((mbedtls_ecp_keypair *) ctx); + mbedtls_free(ctx); } -static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) +static void eckey_debug(const void *ctx, mbedtls_pk_debug_item *items) { items->type = MBEDTLS_PK_DEBUG_ECP; items->name = "eckey.Q"; - items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); + items->value = &(((mbedtls_ecp_keypair *) ctx)->Q); } const mbedtls_pk_info_t mbedtls_eckey_info = { @@ -441,10 +437,10 @@ const mbedtls_pk_info_t mbedtls_eckey_info = { /* * EC key restricted to ECDH */ -static int eckeydh_can_do( mbedtls_pk_type_t type ) +static int eckeydh_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECKEY_DH ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH; } const mbedtls_pk_info_t mbedtls_eckeydh_info = { @@ -472,9 +468,9 @@ const mbedtls_pk_info_t mbedtls_eckeydh_info = { #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ECDSA_C) -static int ecdsa_can_do( mbedtls_pk_type_t type ) +static int ecdsa_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECDSA; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -482,33 +478,32 @@ static int ecdsa_can_do( mbedtls_pk_type_t type ) * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of * those integers and convert it to the fixed-length encoding expected by PSA. */ -static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end, - unsigned char *to, size_t to_len ) +static int extract_ecdsa_sig_int(unsigned char **from, const unsigned char *end, + unsigned char *to, size_t to_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len; - if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len, - MBEDTLS_ASN1_INTEGER ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(from, end, &unpadded_len, + MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; } - while( unpadded_len > 0 && **from == 0x00 ) - { - ( *from )++; + while (unpadded_len > 0 && **from == 0x00) { + (*from)++; unpadded_len--; } - if( unpadded_len > to_len || unpadded_len == 0 ) - return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (unpadded_len > to_len || unpadded_len == 0) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } padding_len = to_len - unpadded_len; - memset( to, 0x00, padding_len ); - memcpy( to + padding_len, *from, unpadded_len ); - ( *from ) += unpadded_len; + memset(to, 0x00, padding_len); + memcpy(to + padding_len, *from, unpadded_len); + (*from) += unpadded_len; - return( 0 ); + return 0; } /* @@ -516,29 +511,32 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end * to a raw {r,s} buffer. Note: the provided sig buffer must be at least * twice as big as int_size. */ -static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end, - unsigned char *sig, size_t int_size ) +static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end, + unsigned char *sig, size_t int_size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tmp_size; - if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &tmp_size, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } /* Extract r */ - if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 ) - return( ret ); + if ((ret = extract_ecdsa_sig_int(p, end, sig, int_size)) != 0) { + return ret; + } /* Extract s */ - if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 ) - return( ret ); + if ((ret = extract_ecdsa_sig_int(p, end, sig + int_size, int_size)) != 0) { + return ret; + } - return( 0 ); + return 0; } -static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -554,162 +552,163 @@ static int ecdsa_verify_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; size_t curve_bits; psa_ecc_family_t curve = - mbedtls_ecc_group_to_psa( ctx->grp.id, &curve_bits ); - const size_t signature_part_size = ( ctx->grp.nbits + 7 ) / 8; + mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); + const size_t signature_part_size = (ctx->grp.nbits + 7) / 8; ((void) md_alg); - if( curve == 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* mbedtls_pk_write_pubkey() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &pk_info; key.pk_ctx = ctx; - p = buf + sizeof( buf ); - key_len = mbedtls_pk_write_pubkey( &p, buf, &key ); - if( key_len <= 0 ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - psa_set_key_type( &attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, psa_sig_md ); - - status = psa_import_key( &attributes, - buf + sizeof( buf ) - key_len, key_len, - &key_id ); - if( status != PSA_SUCCESS ) - { - ret = mbedtls_psa_err_translate_pk( status ); + p = buf + sizeof(buf); + key_len = mbedtls_pk_write_pubkey(&p, buf, &key); + if (key_len <= 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, psa_sig_md); + + status = psa_import_key(&attributes, + buf + sizeof(buf) - key_len, key_len, + &key_id); + if (status != PSA_SUCCESS) { + ret = mbedtls_psa_err_translate_pk(status); goto cleanup; } /* We don't need the exported key anymore and can * reuse its buffer for signature extraction. */ - if( 2 * signature_part_size > sizeof( buf ) ) - { + if (2 * signature_part_size > sizeof(buf)) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } - p = (unsigned char*) sig; - if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf, - signature_part_size ) ) != 0 ) - { + p = (unsigned char *) sig; + if ((ret = extract_ecdsa_sig(&p, sig + sig_len, buf, + signature_part_size)) != 0) { goto cleanup; } - if( psa_verify_hash( key_id, psa_sig_md, - hash, hash_len, - buf, 2 * signature_part_size ) - != PSA_SUCCESS ) - { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; - goto cleanup; + if (psa_verify_hash(key_id, psa_sig_md, + hash, hash_len, + buf, 2 * signature_part_size) + != PSA_SUCCESS) { + ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + goto cleanup; } - if( p != sig + sig_len ) - { + if (p != sig + sig_len) { ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; goto cleanup; } ret = 0; cleanup: - psa_destroy_key( key_id ); - return( ret ); + psa_destroy_key(key_id); + return ret; } #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) +static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); - ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, - hash, hash_len, sig, sig_len ); + ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) ctx, + hash, hash_len, sig, sig_len); - if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); + return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng); } #if defined(MBEDTLS_ECP_RESTARTABLE) -static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx ) +static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( - (mbedtls_ecdsa_context *) ctx, - hash, hash_len, sig, sig_len, - (mbedtls_ecdsa_restart_ctx *) rs_ctx ); + (mbedtls_ecdsa_context *) ctx, + hash, hash_len, sig, sig_len, + (mbedtls_ecdsa_restart_ctx *) rs_ctx); - if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) - return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { + return MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; + } - return( ret ); + return ret; } -static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx ) +static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx) { - return( mbedtls_ecdsa_write_signature_restartable( - (mbedtls_ecdsa_context *) ctx, - md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, - (mbedtls_ecdsa_restart_ctx *) rs_ctx ) ); + return mbedtls_ecdsa_write_signature_restartable( + (mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, + (mbedtls_ecdsa_restart_ctx *) rs_ctx); } #endif /* MBEDTLS_ECP_RESTARTABLE */ -static void *ecdsa_alloc_wrap( void ) +static void *ecdsa_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_context)); - if( ctx != NULL ) - mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); + if (ctx != NULL) { + mbedtls_ecdsa_init((mbedtls_ecdsa_context *) ctx); + } - return( ctx ); + return ctx; } -static void ecdsa_free_wrap( void *ctx ) +static void ecdsa_free_wrap(void *ctx) { - mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); - mbedtls_free( ctx ); + mbedtls_ecdsa_free((mbedtls_ecdsa_context *) ctx); + mbedtls_free(ctx); } #if defined(MBEDTLS_ECP_RESTARTABLE) -static void *ecdsa_rs_alloc( void ) +static void *ecdsa_rs_alloc(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_restart_ctx)); - if( ctx != NULL ) - mbedtls_ecdsa_restart_init( ctx ); + if (ctx != NULL) { + mbedtls_ecdsa_restart_init(ctx); + } - return( ctx ); + return ctx; } -static void ecdsa_rs_free( void *ctx ) +static void ecdsa_rs_free(void *ctx) { - mbedtls_ecdsa_restart_free( ctx ); - mbedtls_free( ctx ); + mbedtls_ecdsa_restart_free(ctx); + mbedtls_free(ctx); } #endif /* MBEDTLS_ECP_RESTARTABLE */ @@ -742,99 +741,102 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = { * Support for alternative RSA-private implementations */ -static int rsa_alt_can_do( mbedtls_pk_type_t type ) +static int rsa_alt_can_do(mbedtls_pk_type_t type) { - return( type == MBEDTLS_PK_RSA ); + return type == MBEDTLS_PK_RSA; } -static size_t rsa_alt_get_bitlen( const void *ctx ) +static size_t rsa_alt_get_bitlen(const void *ctx) { const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; - return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); + return 8 * rsa_alt->key_len_func(rsa_alt->key); } -static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; #if SIZE_MAX > UINT_MAX - if( UINT_MAX < hash_len ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (UINT_MAX < hash_len) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } #endif /* SIZE_MAX > UINT_MAX */ - *sig_len = rsa_alt->key_len_func( rsa_alt->key ); - if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + *sig_len = rsa_alt->key_len_func(rsa_alt->key); + if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } - return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, (unsigned int) hash_len, hash, sig ) ); + return rsa_alt->sign_func(rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_alt_decrypt_wrap( void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_alt_decrypt_wrap(void *ctx, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; ((void) f_rng); ((void) p_rng); - if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen != rsa_alt->key_len_func(rsa_alt->key)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - return( rsa_alt->decrypt_func( rsa_alt->key, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + return rsa_alt->decrypt_func(rsa_alt->key, + MBEDTLS_RSA_PRIVATE, olen, input, output, osize); } #if defined(MBEDTLS_RSA_C) -static int rsa_alt_check_pair( const void *pub, const void *prv ) +static int rsa_alt_check_pair(const void *pub, const void *prv) { unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; unsigned char hash[32]; size_t sig_len = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_alt_get_bitlen(prv) != rsa_get_bitlen(pub)) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; + } - memset( hash, 0x2a, sizeof( hash ) ); + memset(hash, 0x2a, sizeof(hash)); - if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, - hash, sizeof( hash ), - sig, &sig_len, NULL, NULL ) ) != 0 ) - { - return( ret ); + if ((ret = rsa_alt_sign_wrap((void *) prv, MBEDTLS_MD_NONE, + hash, sizeof(hash), + sig, &sig_len, NULL, NULL)) != 0) { + return ret; } - if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, - hash, sizeof( hash ), sig, sig_len ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_verify_wrap((void *) pub, MBEDTLS_MD_NONE, + hash, sizeof(hash), sig, sig_len) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_RSA_C */ -static void *rsa_alt_alloc_wrap( void ) +static void *rsa_alt_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_rsa_alt_context)); - if( ctx != NULL ) - memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); + if (ctx != NULL) { + memset(ctx, 0, sizeof(mbedtls_rsa_alt_context)); + } - return( ctx ); + return ctx; } -static void rsa_alt_free_wrap( void *ctx ) +static void rsa_alt_free_wrap(void *ctx) { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); - mbedtls_free( ctx ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_rsa_alt_context)); + mbedtls_free(ctx); } const mbedtls_pk_info_t mbedtls_rsa_alt_info = { @@ -868,42 +870,43 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #if defined(MBEDTLS_USE_PSA_CRYPTO) -static void *pk_opaque_alloc_wrap( void ) +static void *pk_opaque_alloc_wrap(void) { - void *ctx = mbedtls_calloc( 1, sizeof( psa_key_id_t ) ); + void *ctx = mbedtls_calloc(1, sizeof(psa_key_id_t)); - /* no _init() function to call, an calloc() already zeroized */ + /* no _init() function to call, as calloc() already zeroized */ - return( ctx ); + return ctx; } -static void pk_opaque_free_wrap( void *ctx ) +static void pk_opaque_free_wrap(void *ctx) { - mbedtls_platform_zeroize( ctx, sizeof( psa_key_id_t ) ); - mbedtls_free( ctx ); + mbedtls_platform_zeroize(ctx, sizeof(psa_key_id_t)); + mbedtls_free(ctx); } -static size_t pk_opaque_get_bitlen( const void *ctx ) +static size_t pk_opaque_get_bitlen(const void *ctx) { const psa_key_id_t *key = (const psa_key_id_t *) ctx; size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if( PSA_SUCCESS != psa_get_key_attributes( *key, &attributes ) ) - return( 0 ); + if (PSA_SUCCESS != psa_get_key_attributes(*key, &attributes)) { + return 0; + } - bits = psa_get_key_bits( &attributes ); - psa_reset_key_attributes( &attributes ); - return( bits ); + bits = psa_get_key_bits(&attributes); + psa_reset_key_attributes(&attributes); + return bits; } -static int pk_opaque_can_do( mbedtls_pk_type_t type ) +static int pk_opaque_can_do(mbedtls_pk_type_t type) { /* For now opaque PSA keys can only wrap ECC keypairs, * as checked by setup_psa(). * Also, ECKEY_DH does not really make sense with the current API. */ - return( type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECDSA ); + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECDSA; } #if defined(MBEDTLS_ECDSA_C) @@ -917,48 +920,49 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type ) * start: start of the output buffer, and also of the mpi to write at the end * n_len: length of the mpi to read from start */ -static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, - size_t n_len ) +static int asn1_write_mpibuf(unsigned char **p, unsigned char *start, + size_t n_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( (size_t)( *p - start ) < n_len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if ((size_t) (*p - start) < n_len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = n_len; *p -= len; - memmove( *p, start, len ); + memmove(*p, start, len); /* ASN.1 DER encoding requires minimal length, so skip leading 0s. * Neither r nor s should be 0, but as a failsafe measure, still detect * that rather than overflowing the buffer in case of a PSA error. */ - while( len > 0 && **p == 0x00 ) - { + while (len > 0 && **p == 0x00) { ++(*p); --len; } /* this is only reached if the signature was invalid */ - if( len == 0 ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); + if (len == 0) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } /* if the msb is 1, ASN.1 requires that we prepend a 0. * Neither r nor s can be 0, so we can assume len > 0 at all times. */ - if( **p & 0x80 ) - { - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (**p & 0x80) { + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0x00; len += 1; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_INTEGER ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_INTEGER)); - return( (int) len ); + return (int) len; } /* Transcode signature from PSA format to ASN.1 sequence. @@ -969,33 +973,34 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start, * [in/out] sig_len: signature length pre- and post-transcoding * [int] buf_len: the available size the in/out buffer */ -static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len, - size_t buf_len ) +static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, + size_t buf_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const size_t rs_len = *sig_len / 2; unsigned char *p = sig + buf_len; - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig + rs_len, rs_len)); + MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig, rs_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, sig, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, sig, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - memmove( sig, p, len ); + memmove(sig, p, len); *sig_len = len; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDSA_C */ -static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if !defined(MBEDTLS_ECDSA_C) ((void) ctx); @@ -1006,11 +1011,11 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, ((void) sig_len); ((void) f_rng); ((void) p_rng); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #else /* !MBEDTLS_ECDSA_C */ const psa_key_id_t *key = (const psa_key_id_t *) ctx; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) ); + psa_algorithm_t alg = PSA_ALG_ECDSA(mbedtls_psa_translate_md(md_alg)); size_t buf_len; psa_status_t status; @@ -1022,22 +1027,25 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, * that information. Assume that the buffer is large enough for a * maximal-length signature with that key (otherwise the application is * buggy anyway). */ - status = psa_get_key_attributes( *key, &attributes ); - if( status != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( status ) ); - buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); - psa_reset_key_attributes( &attributes ); - if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + status = psa_get_key_attributes(*key, &attributes); + if (status != PSA_SUCCESS) { + return mbedtls_psa_err_translate_pk(status); + } + buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN(psa_get_key_bits(&attributes)); + psa_reset_key_attributes(&attributes); + if (buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } /* make the signature */ - status = psa_sign_hash( *key, alg, hash, hash_len, - sig, buf_len, sig_len ); - if( status != PSA_SUCCESS ) - return( mbedtls_psa_err_translate_pk( status ) ); + status = psa_sign_hash(*key, alg, hash, hash_len, + sig, buf_len, sig_len); + if (status != PSA_SUCCESS) { + return mbedtls_psa_err_translate_pk(status); + } /* transcode it to ASN.1 sequence */ - return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) ); + return pk_ecdsa_sig_asn1_from_psa(sig, sig_len, buf_len); #endif /* !MBEDTLS_ECDSA_C */ } diff --git a/third_party/mbedtls/repo/library/pkcs11.c b/third_party/mbedtls/repo/library/pkcs11.c index 4deccf3f607..45ea4afcc69 100644 --- a/third_party/mbedtls/repo/library/pkcs11.c +++ b/third_party/mbedtls/repo/library/pkcs11.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/pkcs11.h" @@ -29,56 +17,45 @@ #include "mbedtls/oid.h" #include "mbedtls/x509_crt.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include -void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) +void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); + memset(ctx, 0, sizeof(mbedtls_pkcs11_context)); } -int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) +int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert) { int ret = 1; unsigned char *cert_blob = NULL; size_t cert_blob_size = 0; - if( cert == NULL ) - { + if (cert == NULL) { ret = 2; goto cleanup; } - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, - &cert_blob_size ) != CKR_OK ) - { + if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, NULL, + &cert_blob_size) != CKR_OK) { ret = 3; goto cleanup; } - cert_blob = mbedtls_calloc( 1, cert_blob_size ); - if( NULL == cert_blob ) - { + cert_blob = mbedtls_calloc(1, cert_blob_size); + if (NULL == cert_blob) { ret = 4; goto cleanup; } - if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, - &cert_blob_size ) != CKR_OK ) - { + if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob, + &cert_blob_size) != CKR_OK) { ret = 5; goto cleanup; } - if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) ) - { + if (0 != mbedtls_x509_crt_parse(cert, cert_blob, cert_blob_size)) { ret = 6; goto cleanup; } @@ -86,121 +63,128 @@ int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t ret = 0; cleanup: - if( NULL != cert_blob ) - mbedtls_free( cert_blob ); + if (NULL != cert_blob) { + mbedtls_free(cert_blob); + } - return( ret ); + return ret; } -int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ) +int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert) { int ret = 1; mbedtls_x509_crt cert; - mbedtls_x509_crt_init( &cert ); + mbedtls_x509_crt_init(&cert); - if( priv_key == NULL ) + if (priv_key == NULL) { goto cleanup; + } - if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) ) + if (0 != mbedtls_pkcs11_x509_cert_bind(&cert, pkcs11_cert)) { goto cleanup; + } - priv_key->len = mbedtls_pk_get_len( &cert.pk ); + priv_key->len = mbedtls_pk_get_len(&cert.pk); priv_key->pkcs11h_cert = pkcs11_cert; ret = 0; cleanup: - mbedtls_x509_crt_free( &cert ); + mbedtls_x509_crt_free(&cert); - return( ret ); + return ret; } -void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key ) +void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key) { - if( NULL != priv_key ) - pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); + if (NULL != priv_key) { + pkcs11h_certificate_freeCertificate(priv_key->pkcs11h_cert); + } } -int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { size_t input_len, output_len; - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (NULL == ctx) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (MBEDTLS_RSA_PRIVATE != mode) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } output_len = input_len = ctx->len; - if( input_len < 16 || input_len > output_max_len ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (input_len < 16 || input_len > output_max_len) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* Determine size of output buffer */ - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, NULL, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, NULL, &output_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if( output_len > output_max_len ) - return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); + if (output_len > output_max_len) { + return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; + } - if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, - input_len, output, &output_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, output, &output_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } *olen = output_len; - return( 0 ); + return 0; } -int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { size_t sig_len = 0, asn_len = 0, oid_size = 0; unsigned char *p = sig; const char *oid; - if( NULL == ctx ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (NULL == ctx) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( MBEDTLS_RSA_PRIVATE != mode ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (MBEDTLS_RSA_PRIVATE != mode) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( md_alg != MBEDTLS_MD_NONE ) - { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (md_alg != MBEDTLS_MD_NONE) { + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); asn_len = 10 + oid_size; } sig_len = ctx->len; - if( hashlen > sig_len || asn_len > sig_len || - hashlen + asn_len > sig_len ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (hashlen > sig_len || asn_len > sig_len || + hashlen + asn_len > sig_len) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* * DigestInfo ::= SEQUENCE { * digestAlgorithm DigestAlgorithmIdentifier, @@ -211,12 +195,12 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, * Digest ::= OCTET STRING */ *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x08 + oid_size + hashlen ); + *p++ = (unsigned char) (0x08 + oid_size + hashlen); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char) ( 0x04 + oid_size ); + *p++ = (unsigned char) (0x04 + oid_size); *p++ = MBEDTLS_ASN1_OID; *p++ = oid_size & 0xFF; - memcpy( p, oid, oid_size ); + memcpy(p, oid, oid_size); p += oid_size; *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; @@ -224,15 +208,14 @@ int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx, *p++ = hashlen; } - memcpy( p, hash, hashlen ); + memcpy(p, hash, hashlen); - if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, - asn_len + hashlen, sig, &sig_len ) != CKR_OK ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (pkcs11h_certificate_signAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, + asn_len + hashlen, sig, &sig_len) != CKR_OK) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - return( 0 ); + return 0; } #endif /* defined(MBEDTLS_PKCS11_C) */ diff --git a/third_party/mbedtls/repo/library/pkcs12.c b/third_party/mbedtls/repo/library/pkcs12.c index cacf7dba221..712488233f5 100644 --- a/third_party/mbedtls/repo/library/pkcs12.c +++ b/third_party/mbedtls/repo/library/pkcs12.c @@ -2,19 +2,7 @@ * PKCS#12 Personal Information Exchange Syntax * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The PKCS #12 Personal Information Exchange Syntax Standard v1.1 @@ -45,8 +33,8 @@ #if defined(MBEDTLS_ASN1_PARSE_C) -static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, - mbedtls_asn1_buf *salt, int *iterations ) +static int pkcs12_parse_pbe_params(mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char **p = ¶ms->p; @@ -59,76 +47,82 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, * } * */ - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } - if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret); + } salt->p = *p; *p += salt->len; - if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, iterations)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #define PKCS12_MAX_PWDLEN 128 -static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - unsigned char *key, size_t keylen, - unsigned char *iv, size_t ivlen ) +static int pkcs12_pbe_derive_key_iv(mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen) { int ret, iterations = 0; mbedtls_asn1_buf salt; size_t i; unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2]; - if( pwdlen > PKCS12_MAX_PWDLEN ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwdlen > PKCS12_MAX_PWDLEN) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); - memset( &unipwd, 0, sizeof(unipwd) ); + memset(&salt, 0, sizeof(mbedtls_asn1_buf)); + memset(&unipwd, 0, sizeof(unipwd)); - if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt, - &iterations ) ) != 0 ) - return( ret ); + if ((ret = pkcs12_parse_pbe_params(pbe_params, &salt, + &iterations)) != 0) { + return ret; + } - for( i = 0; i < pwdlen; i++ ) + for (i = 0; i < pwdlen; i++) { unipwd[i * 2 + 1] = pwd[i]; + } - if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2, - salt.p, salt.len, md_type, - MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pkcs12_derivation(key, keylen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + MBEDTLS_PKCS12_DERIVE_KEY, iterations)) != 0) { + return ret; } - if( iv == NULL || ivlen == 0 ) - return( 0 ); + if (iv == NULL || ivlen == 0) { + return 0; + } - if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2, - salt.p, salt.len, md_type, - MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pkcs12_derivation(iv, ivlen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + MBEDTLS_PKCS12_DERIVE_IV, iterations)) != 0) { + return ret; } - return( 0 ); + return 0; } #undef PKCS12_MAX_PWDLEN -int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t len, - unsigned char *output ) +int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output) { #if !defined(MBEDTLS_ARC4_C) ((void) pbe_params); @@ -138,114 +132,179 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, ((void) data); ((void) len); ((void) output); - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[16]; mbedtls_arc4_context ctx; ((void) mode); - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1, - pwd, pwdlen, - key, 16, NULL, 0 ) ) != 0 ) - { - return( ret ); + if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, MBEDTLS_MD_SHA1, + pwd, pwdlen, + key, 16, NULL, 0)) != 0) { + return ret; } - mbedtls_arc4_setup( &ctx, key, 16 ); - if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 ) + mbedtls_arc4_setup(&ctx, key, 16); + if ((ret = mbedtls_arc4_crypt(&ctx, len, data, output)) != 0) { goto exit; + } exit: - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_arc4_free( &ctx ); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_arc4_free(&ctx); - return( ret ); + return ret; #endif /* MBEDTLS_ARC4_C */ } -int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, - mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t len, - unsigned char *output ) +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len); +#endif + +int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output) +{ + size_t output_len = 0; + + /* We assume caller of the function is providing a big enough output buffer + * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees + * for the output size actually being correct. + */ + return mbedtls_pkcs12_pbe_ext(pbe_params, mode, cipher_type, md_type, + pwd, pwdlen, data, len, output, SIZE_MAX, + &output_len); +} + +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len) { int ret, keylen = 0; unsigned char key[32]; unsigned char iv[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t cipher_ctx; - size_t olen = 0; + size_t finish_olen = 0; + unsigned int padlen = 0; - if( pwd == NULL && pwdlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwd == NULL && pwdlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + if (cipher_info == NULL) { + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; + } keylen = cipher_info->key_bitlen / 8; - if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen, - key, keylen, - iv, cipher_info->iv_size ) ) != 0 ) - { - return( ret ); + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + if (output_size < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + if (mode == MBEDTLS_PKCS12_PBE_ENCRYPT) { + padlen = cipher_info->block_size - (len % cipher_info->block_size); + if (output_size < (len + padlen)) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } } - mbedtls_cipher_init( &cipher_ctx ); + if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, + key, keylen, + iv, cipher_info->iv_size)) != 0) { + return ret; + } + + mbedtls_cipher_init(&cipher_ctx); + + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { + goto exit; + } - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) + if ((ret = + mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, + (mbedtls_operation_t) mode)) != 0) { goto exit; + } + +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /* PKCS12 uses CBC with PKCS7 padding */ - if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 ) + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } +#endif + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { goto exit; + } +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 ) + if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 ) + if ((ret = mbedtls_cipher_reset(&cipher_ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len, - output, &olen ) ) != 0 ) - { + if ((ret = mbedtls_cipher_update(&cipher_ctx, data, len, + output, output_len)) != 0) { goto exit; } - if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) + if ((ret = mbedtls_cipher_finish(&cipher_ctx, output + (*output_len), &finish_olen)) != 0) { ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH; + } + + *output_len += finish_olen; exit: - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( iv, sizeof( iv ) ); - mbedtls_cipher_free( &cipher_ctx ); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(iv, sizeof(iv)); + mbedtls_cipher_free(&cipher_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_ASN1_PARSE_C */ -static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, - const unsigned char *filler, size_t fill_len ) +static void pkcs12_fill_buffer(unsigned char *data, size_t data_len, + const unsigned char *filler, size_t fill_len) { unsigned char *p = data; size_t use_len; - if( filler != NULL && fill_len != 0 ) - { - while( data_len > 0 ) - { - use_len = ( data_len > fill_len ) ? fill_len : data_len; - memcpy( p, filler, use_len ); + if (filler != NULL && fill_len != 0) { + while (data_len > 0) { + use_len = (data_len > fill_len) ? fill_len : data_len; + memcpy(p, filler, use_len); p += use_len; data_len -= use_len; } - } - else - { + } else { /* If either of the above are not true then clearly there is nothing * that this function can do. The function should *not* be called * under either of those circumstances, as you could end up with an @@ -254,10 +313,10 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, } } -int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *salt, size_t saltlen, - mbedtls_md_type_t md_type, int id, int iterations ) +int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + mbedtls_md_type_t md_type, int id, int iterations) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int j; @@ -276,114 +335,119 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, mbedtls_md_context_t md_ctx; // This version only allows max of 64 bytes of password or salt - if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (datalen > 128 || pwdlen > 64 || saltlen > 64) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - if( pwd == NULL && pwdlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (pwd == NULL && pwdlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - if( salt == NULL && saltlen != 0 ) - return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); + if (salt == NULL && saltlen != 0) { + return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; + } - use_password = ( pwd && pwdlen != 0 ); - use_salt = ( salt && saltlen != 0 ); + use_password = (pwd && pwdlen != 0); + use_salt = (salt && saltlen != 0); - md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + md_info = mbedtls_md_info_from_type(md_type); + if (md_info == NULL) { + return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; + } - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) - return( ret ); - hlen = mbedtls_md_get_size( md_info ); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { + return ret; + } + hlen = mbedtls_md_get_size(md_info); - if( hlen <= 32 ) + if (hlen <= 32) { v = 64; - else + } else { v = 128; + } - memset( diversifier, (unsigned char) id, v ); + memset(diversifier, (unsigned char) id, v); - if( use_salt != 0 ) - { - pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + if (use_salt != 0) { + pkcs12_fill_buffer(salt_block, v, salt, saltlen); } - if( use_password != 0 ) - { - pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + if (use_password != 0) { + pkcs12_fill_buffer(pwd_block, v, pwd, pwdlen); } p = data; - while( datalen > 0 ) - { + while (datalen > 0) { // Calculate hash( diversifier || salt_block || pwd_block ) - if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&md_ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) + if ((ret = mbedtls_md_update(&md_ctx, diversifier, v)) != 0) { goto exit; + } - if( use_salt != 0 ) - { - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) + if (use_salt != 0) { + if ((ret = mbedtls_md_update(&md_ctx, salt_block, v)) != 0) { goto exit; + } } - if( use_password != 0) - { - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) + if (use_password != 0) { + if ((ret = mbedtls_md_update(&md_ctx, pwd_block, v)) != 0) { goto exit; + } } - if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) + if ((ret = mbedtls_md_finish(&md_ctx, hash_output)) != 0) { goto exit; + } // Perform remaining ( iterations - 1 ) recursive hash calculations - for( i = 1; i < (size_t) iterations; i++ ) - { - if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 ) + for (i = 1; i < (size_t) iterations; i++) { + if ((ret = mbedtls_md(md_info, hash_output, hlen, hash_output)) != 0) { goto exit; + } } - use_len = ( datalen > hlen ) ? hlen : datalen; - memcpy( p, hash_output, use_len ); + use_len = (datalen > hlen) ? hlen : datalen; + memcpy(p, hash_output, use_len); datalen -= use_len; p += use_len; - if( datalen == 0 ) + if (datalen == 0) { break; + } // Concatenating copies of hash_output into hash_block (B) - pkcs12_fill_buffer( hash_block, v, hash_output, hlen ); + pkcs12_fill_buffer(hash_block, v, hash_output, hlen); // B += 1 - for( i = v; i > 0; i-- ) - if( ++hash_block[i - 1] != 0 ) + for (i = v; i > 0; i--) { + if (++hash_block[i - 1] != 0) { break; + } + } - if( use_salt != 0 ) - { + if (use_salt != 0) { // salt_block += B c = 0; - for( i = v; i > 0; i-- ) - { + for (i = v; i > 0; i--) { j = salt_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - salt_block[i - 1] = MBEDTLS_BYTE_0( j ); + c = MBEDTLS_BYTE_1(j); + salt_block[i - 1] = MBEDTLS_BYTE_0(j); } } - if( use_password != 0 ) - { + if (use_password != 0) { // pwd_block += B c = 0; - for( i = v; i > 0; i-- ) - { + for (i = v; i > 0; i--) { j = pwd_block[i - 1] + hash_block[i - 1] + c; - c = MBEDTLS_BYTE_1( j ); - pwd_block[i - 1] = MBEDTLS_BYTE_0( j ); + c = MBEDTLS_BYTE_1(j); + pwd_block[i - 1] = MBEDTLS_BYTE_0(j); } } } @@ -391,14 +455,14 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, ret = 0; exit: - mbedtls_platform_zeroize( salt_block, sizeof( salt_block ) ); - mbedtls_platform_zeroize( pwd_block, sizeof( pwd_block ) ); - mbedtls_platform_zeroize( hash_block, sizeof( hash_block ) ); - mbedtls_platform_zeroize( hash_output, sizeof( hash_output ) ); + mbedtls_platform_zeroize(salt_block, sizeof(salt_block)); + mbedtls_platform_zeroize(pwd_block, sizeof(pwd_block)); + mbedtls_platform_zeroize(hash_block, sizeof(hash_block)); + mbedtls_platform_zeroize(hash_output, sizeof(hash_output)); - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS12_C */ diff --git a/third_party/mbedtls/repo/library/pkcs5.c b/third_party/mbedtls/repo/library/pkcs5.c index 2b014d91c87..8e5b751a38c 100644 --- a/third_party/mbedtls/repo/library/pkcs5.c +++ b/third_party/mbedtls/repo/library/pkcs5.c @@ -6,19 +6,7 @@ * \author Mathias Olsson * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * PKCS#5 includes PBKDF2 and more @@ -42,26 +30,23 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif + #if defined(MBEDTLS_ASN1_PARSE_C) -static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, - mbedtls_asn1_buf *salt, int *iterations, - int *keylen, mbedtls_md_type_t *md_type ) +static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, + mbedtls_asn1_buf *salt, int *iterations, + int *keylen, mbedtls_md_type_t *md_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf prf_alg_oid; unsigned char *p = params->p; const unsigned char *end = params->p + params->len; - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } /* * PBKDF2-params ::= SEQUENCE { * salt OCTET STRING, @@ -71,45 +56,76 @@ static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, * } * */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &salt->len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } salt->p = p; p += salt->len; - if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, iterations)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } + + if (p == end) { + return 0; + } + + if ((ret = mbedtls_asn1_get_int(&p, end, keylen)) != 0) { + if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } + } + + if (p == end) { + return 0; + } - if( p == end ) - return( 0 ); + if ((ret = mbedtls_asn1_get_alg_null(&p, end, &prf_alg_oid)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if (mbedtls_oid_get_md_hmac(&prf_alg_oid, md_type) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; } - if( p == end ) - return( 0 ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + return 0; +} - if( mbedtls_oid_get_md_hmac( &prf_alg_oid, md_type ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len); +#endif - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); +int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output) +{ + size_t output_len = 0; - return( 0 ); + /* We assume caller of the function is providing a big enough output buffer + * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees + * for the output size actually being correct. + */ + return mbedtls_pkcs5_pbes2_ext(pbe_params, mode, pwd, pwdlen, data, + datalen, output, SIZE_MAX, &output_len); } -int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output ) +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len) { int ret, iterations = 0, keylen = 0; unsigned char *p, *end; @@ -117,12 +133,12 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_asn1_buf salt; mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; - size_t olen = 0; const mbedtls_md_info_t *md_info; const mbedtls_cipher_info_t *cipher_info; mbedtls_md_context_t md_ctx; mbedtls_cipher_type_t cipher_alg; mbedtls_cipher_context_t cipher_ctx; + unsigned int padlen = 0; p = pbe_params->p; end = p + pbe_params->len; @@ -133,42 +149,46 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} * } */ - if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (pbe_params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } - if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, - &kdf_alg_params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &kdf_alg_oid, + &kdf_alg_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); + } // Only PBKDF2 supported at the moment // - if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params, - &salt, &iterations, &keylen, - &md_type ) ) != 0 ) - { - return( ret ); + if ((ret = pkcs5_parse_pbkdf2_params(&kdf_alg_params, + &salt, &iterations, &keylen, + &md_type)) != 0) { + return ret; } - md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + md_info = mbedtls_md_info_from_type(md_type); + if (md_info == NULL) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid, - &enc_scheme_params ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &enc_scheme_oid, + &enc_scheme_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS5_INVALID_FORMAT, ret); } - if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + if (mbedtls_oid_get_cipher_alg(&enc_scheme_oid, &cipher_alg) != 0) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } - cipher_info = mbedtls_cipher_info_from_type( cipher_alg ); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); + cipher_info = mbedtls_cipher_info_from_type(cipher_alg); + if (cipher_info == NULL) { + return MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE; + } /* * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored @@ -176,143 +196,190 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, */ keylen = cipher_info->key_bitlen / 8; - if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || - enc_scheme_params.len != cipher_info->iv_size ) - { - return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT ); + if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || + enc_scheme_params.len != cipher_info->iv_size) { + return MBEDTLS_ERR_PKCS5_INVALID_FORMAT; } - mbedtls_md_init( &md_ctx ); - mbedtls_cipher_init( &cipher_ctx ); + if (mode == MBEDTLS_PKCS5_DECRYPT) { + if (output_size < datalen) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + if (mode == MBEDTLS_PKCS5_ENCRYPT) { + padlen = cipher_info->block_size - (datalen % cipher_info->block_size); + if (output_size < (datalen + padlen)) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + mbedtls_md_init(&md_ctx); + + mbedtls_cipher_init(&cipher_ctx); - memcpy( iv, enc_scheme_params.p, enc_scheme_params.len ); + memcpy(iv, enc_scheme_params.p, enc_scheme_params.len); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; + } - if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, - iterations, keylen, key ) ) != 0 ) - { + if ((ret = mbedtls_pkcs5_pbkdf2_hmac(&md_ctx, pwd, pwdlen, salt.p, salt.len, + iterations, keylen, key)) != 0) { goto exit; } - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 ) + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, - (mbedtls_operation_t) mode ) ) != 0 ) + if ((ret = mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, + (mbedtls_operation_t) mode)) != 0) { goto exit; + } - if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len, - data, datalen, output, &olen ) ) != 0 ) +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /* PKCS5 uses CBC with PKCS7 padding (which is the same as + * "PKCS5 padding" except that it's typically only called PKCS5 + * with 64-bit-block ciphers). + */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } +#endif + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ + if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len, + data, datalen, output, output_len)) != 0) { ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH; + } exit: - mbedtls_md_free( &md_ctx ); - mbedtls_cipher_free( &cipher_ctx ); + mbedtls_md_free(&md_ctx); + mbedtls_cipher_free(&cipher_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_ASN1_PARSE_C */ -int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, - const unsigned char *password, - size_t plen, const unsigned char *salt, size_t slen, - unsigned int iteration_count, - uint32_t key_length, unsigned char *output ) +int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, + const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int j; unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; - unsigned char md_size = mbedtls_md_get_size( ctx->md_info ); + unsigned char md_size = mbedtls_md_get_size(ctx->md_info); size_t use_len; unsigned char *out_p = output; unsigned char counter[4]; - memset( counter, 0, 4 ); + memset(counter, 0, 4); counter[3] = 1; #if UINT_MAX > 0xFFFFFFFF - if( iteration_count > 0xFFFFFFFF ) - return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA ); + if (iteration_count > 0xFFFFFFFF) { + return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; + } #endif - if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); - while( key_length ) - { + if ((ret = mbedtls_md_hmac_starts(ctx, password, plen)) != 0) { + return ret; + } + while (key_length) { // U1 ends up in work // - if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, salt, slen)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, counter, 4)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) + if ((ret = mbedtls_md_hmac_finish(ctx, work)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) { goto cleanup; + } - memcpy( md1, work, md_size ); + memcpy(md1, work, md_size); - for( i = 1; i < iteration_count; i++ ) - { + for (i = 1; i < iteration_count; i++) { // U2 ends up in md1 // - if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) + if ((ret = mbedtls_md_hmac_update(ctx, md1, md_size)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) + if ((ret = mbedtls_md_hmac_finish(ctx, md1)) != 0) { goto cleanup; + } - if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 ) + if ((ret = mbedtls_md_hmac_reset(ctx)) != 0) { goto cleanup; + } // U1 xor U2 // - for( j = 0; j < md_size; j++ ) + for (j = 0; j < md_size; j++) { work[j] ^= md1[j]; + } } - use_len = ( key_length < md_size ) ? key_length : md_size; - memcpy( out_p, work, use_len ); + use_len = (key_length < md_size) ? key_length : md_size; + memcpy(out_p, work, use_len); key_length -= (uint32_t) use_len; out_p += use_len; - for( i = 4; i > 0; i-- ) - if( ++counter[i - 1] != 0 ) + for (i = 4; i > 0; i--) { + if (++counter[i - 1] != 0) { break; + } + } } cleanup: /* Zeroise buffers to clear sensitive data from memory. */ - mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE ); - mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE ); + mbedtls_platform_zeroize(work, MBEDTLS_MD_MAX_SIZE); + mbedtls_platform_zeroize(md1, MBEDTLS_MD_MAX_SIZE); - return( ret ); + return ret; } #if defined(MBEDTLS_SELF_TEST) #if !defined(MBEDTLS_SHA1_C) -int mbedtls_pkcs5_self_test( int verbose ) +int mbedtls_pkcs5_self_test(int verbose) { - if( verbose != 0 ) - mbedtls_printf( " PBKDF2 (SHA1): skipped\n\n" ); + if (verbose != 0) { + mbedtls_printf(" PBKDF2 (SHA1): skipped\n\n"); + } - return( 0 ); + return 0; } #else #define MAX_TESTS 6 static const size_t plen_test_data[MAX_TESTS] = - { 8, 8, 8, 24, 9 }; +{ 8, 8, 8, 24, 9 }; static const unsigned char password_test_data[MAX_TESTS][32] = { @@ -324,7 +391,7 @@ static const unsigned char password_test_data[MAX_TESTS][32] = }; static const size_t slen_test_data[MAX_TESTS] = - { 4, 4, 4, 36, 5 }; +{ 4, 4, 4, 36, 5 }; static const unsigned char salt_test_data[MAX_TESTS][40] = { @@ -336,10 +403,10 @@ static const unsigned char salt_test_data[MAX_TESTS][40] = }; static const uint32_t it_cnt_test_data[MAX_TESTS] = - { 1, 2, 4096, 4096, 4096 }; +{ 1, 2, 4096, 4096, 4096 }; static const uint32_t key_len_test_data[MAX_TESTS] = - { 20, 20, 20, 25, 16 }; +{ 20, 20, 20, 25, 16 }; static const unsigned char result_key_test_data[MAX_TESTS][32] = { @@ -360,58 +427,58 @@ static const unsigned char result_key_test_data[MAX_TESTS][32] = 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 }, }; -int mbedtls_pkcs5_self_test( int verbose ) +int mbedtls_pkcs5_self_test(int verbose) { mbedtls_md_context_t sha1_ctx; const mbedtls_md_info_t *info_sha1; int ret, i; unsigned char key[64]; - mbedtls_md_init( &sha1_ctx ); + mbedtls_md_init(&sha1_ctx); - info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); - if( info_sha1 == NULL ) - { + info_sha1 = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); + if (info_sha1 == NULL) { ret = 1; goto exit; } - if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&sha1_ctx, info_sha1, 1)) != 0) { ret = 1; goto exit; } - for( i = 0; i < MAX_TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i ); + for (i = 0; i < MAX_TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" PBKDF2 (SHA1) #%d: ", i); + } - ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password_test_data[i], - plen_test_data[i], salt_test_data[i], - slen_test_data[i], it_cnt_test_data[i], - key_len_test_data[i], key ); - if( ret != 0 || - memcmp( result_key_test_data[i], key, key_len_test_data[i] ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_pkcs5_pbkdf2_hmac(&sha1_ctx, password_test_data[i], + plen_test_data[i], salt_test_data[i], + slen_test_data[i], it_cnt_test_data[i], + key_len_test_data[i], key); + if (ret != 0 || + memcmp(result_key_test_data[i], key, key_len_test_data[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_md_free( &sha1_ctx ); + mbedtls_md_free(&sha1_ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SHA1_C */ diff --git a/third_party/mbedtls/repo/library/pkparse.c b/third_party/mbedtls/repo/library/pkparse.c index 535ed70eb1b..37d501640d2 100644 --- a/third_party/mbedtls/repo/library/pkparse.c +++ b/third_party/mbedtls/repo/library/pkparse.c @@ -2,19 +2,7 @@ * Public Key layer for parsing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -48,19 +36,13 @@ #include "mbedtls/pkcs12.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_FS_IO) /* @@ -70,104 +52,106 @@ * A terminating null byte is always appended. It is included in the announced * length only if the data looks like it is PEM encoded. */ -int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - PK_VALIDATE_RET( path != NULL ); - PK_VALIDATE_RET( buf != NULL ); - PK_VALIDATE_RET( n != NULL ); + PK_VALIDATE_RET(path != NULL); + PK_VALIDATE_RET(buf != NULL); + PK_VALIDATE_RET(n != NULL); - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_PK_ALLOC_FAILED; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); - mbedtls_platform_zeroize( *buf, *n ); - mbedtls_free( *buf ); + mbedtls_platform_zeroize(*buf, *n); + mbedtls_free(*buf); - return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL ) + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { ++*n; + } - return( 0 ); + return 0; } /* * Load and parse a private key */ -int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, - const char *path, const char *pwd ) +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *pwd) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( path != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(path != NULL); - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - if( pwd == NULL ) - ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 ); - else - ret = mbedtls_pk_parse_key( ctx, buf, n, - (const unsigned char *) pwd, strlen( pwd ) ); + if (pwd == NULL) { + ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0); + } else { + ret = mbedtls_pk_parse_key(ctx, buf, n, + (const unsigned char *) pwd, strlen(pwd)); + } - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } /* * Load and parse a public key */ -int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - PK_VALIDATE_RET( ctx != NULL ); - PK_VALIDATE_RET( path != NULL ); + PK_VALIDATE_RET(ctx != NULL); + PK_VALIDATE_RET(path != NULL); - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_pk_parse_public_key( ctx, buf, n ); + ret = mbedtls_pk_parse_public_key(ctx, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -180,40 +164,40 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) * -- implicitCurve NULL * } */ -static int pk_get_ecparams( unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *params ) +static int pk_get_ecparams(unsigned char **p, const unsigned char *end, + mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ( end - *p < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (end - *p < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } /* Tag may be either OID or SEQUENCE */ params->tag = **p; - if( params->tag != MBEDTLS_ASN1_OID + if (params->tag != MBEDTLS_ASN1_OID #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) + && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) #endif - ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + ) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } - if( ( ret = mbedtls_asn1_get_tag( p, end, ¶ms->len, params->tag ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } params->p = *p; *p += params->len; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) @@ -236,7 +220,7 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end, * * We only support prime-field as field type, and ignore hash and cofactor. */ -static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) +static int pk_group_from_specified(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = params->p; @@ -246,11 +230,13 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ int ver; /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */ - if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &ver)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ver < 1 || ver > 3 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ver < 1 || ver > 3) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } /* * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field @@ -258,9 +244,10 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * parameters FIELD-ID.&Type({IOSet}{@fieldType}) * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } end_field = p + len; @@ -272,26 +259,28 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * } * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_field, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end_field, &len, MBEDTLS_ASN1_OID)) != 0) { + return ret; + } - if( len != MBEDTLS_OID_SIZE( MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD ) || - memcmp( p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 ) - { - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (len != MBEDTLS_OID_SIZE(MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD) || + memcmp(p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len) != 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } p += len; /* Prime-p ::= INTEGER -- Field of size p. */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_mpi(&p, end_field, &grp->P)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - grp->pbits = mbedtls_mpi_bitlen( &grp->P ); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); - if( p != end_field ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end_field) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Curve ::= SEQUENCE { @@ -302,9 +291,10 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * -- with version equal to ecdpVer2 or ecdpVer3 * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } end_curve = p + len; @@ -312,51 +302,50 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ * FieldElement ::= OCTET STRING * containing an integer in the case of a prime field */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 || + (ret = mbedtls_mpi_read_binary(&grp->A, p, len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0 || + (ret = mbedtls_mpi_read_binary(&grp->B, p, len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; /* Ignore seed BIT STRING OPTIONAL */ - if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING ) ) == 0 ) + if ((ret = mbedtls_asn1_get_tag(&p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING)) == 0) { p += len; + } - if( p != end_curve ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end_curve) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * ECPoint ::= OCTET STRING */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G, - ( const unsigned char *) p, len ) ) != 0 ) - { + if ((ret = mbedtls_ecp_point_read_binary(grp, &grp->G, + (const unsigned char *) p, len)) != 0) { /* * If we can't read the point because it's compressed, cheat by * reading only the X coordinate and the parity bit of Y. */ - if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE || - ( p[0] != 0x02 && p[0] != 0x03 ) || - len != mbedtls_mpi_size( &grp->P ) + 1 || - mbedtls_mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 || - mbedtls_mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 || - mbedtls_mpi_lset( &grp->G.Z, 1 ) != 0 ) - { - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE || + (p[0] != 0x02 && p[0] != 0x03) || + len != mbedtls_mpi_size(&grp->P) + 1 || + mbedtls_mpi_read_binary(&grp->G.X, p + 1, len - 1) != 0 || + mbedtls_mpi_lset(&grp->G.Y, p[0] - 2) != 0 || + mbedtls_mpi_lset(&grp->G.Z, 1) != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } } @@ -365,83 +354,84 @@ static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_ /* * order INTEGER */ - if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_mpi(&p, end, &grp->N)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - grp->nbits = mbedtls_mpi_bitlen( &grp->N ); + grp->nbits = mbedtls_mpi_bitlen(&grp->N); /* * Allow optional elements by purposefully not enforcing p == end here. */ - return( 0 ); + return 0; } /* * Find the group id associated with an (almost filled) group as generated by * pk_group_from_specified(), or return an error if unknown. */ -static int pk_group_id_from_group( const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id ) +static int pk_group_id_from_group(const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id) { int ret = 0; mbedtls_ecp_group ref; const mbedtls_ecp_group_id *id; - mbedtls_ecp_group_init( &ref ); + mbedtls_ecp_group_init(&ref); - for( id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++ ) - { + for (id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++) { /* Load the group associated to that id */ - mbedtls_ecp_group_free( &ref ); - MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ref, *id ) ); + mbedtls_ecp_group_free(&ref); + MBEDTLS_MPI_CHK(mbedtls_ecp_group_load(&ref, *id)); /* Compare to the group we were given, starting with easy tests */ - if( grp->pbits == ref.pbits && grp->nbits == ref.nbits && - mbedtls_mpi_cmp_mpi( &grp->P, &ref.P ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->A, &ref.A ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->B, &ref.B ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->N, &ref.N ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 && - mbedtls_mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 && + if (grp->pbits == ref.pbits && grp->nbits == ref.nbits && + mbedtls_mpi_cmp_mpi(&grp->P, &ref.P) == 0 && + mbedtls_mpi_cmp_mpi(&grp->A, &ref.A) == 0 && + mbedtls_mpi_cmp_mpi(&grp->B, &ref.B) == 0 && + mbedtls_mpi_cmp_mpi(&grp->N, &ref.N) == 0 && + mbedtls_mpi_cmp_mpi(&grp->G.X, &ref.G.X) == 0 && + mbedtls_mpi_cmp_mpi(&grp->G.Z, &ref.G.Z) == 0 && /* For Y we may only know the parity bit, so compare only that */ - mbedtls_mpi_get_bit( &grp->G.Y, 0 ) == mbedtls_mpi_get_bit( &ref.G.Y, 0 ) ) - { + mbedtls_mpi_get_bit(&grp->G.Y, 0) == mbedtls_mpi_get_bit(&ref.G.Y, 0)) { break; } } cleanup: - mbedtls_ecp_group_free( &ref ); + mbedtls_ecp_group_free(&ref); *grp_id = *id; - if( ret == 0 && *id == MBEDTLS_ECP_DP_NONE ) + if (ret == 0 && *id == MBEDTLS_ECP_DP_NONE) { ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } - return( ret ); + return ret; } /* * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID */ -static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, - mbedtls_ecp_group_id *grp_id ) +static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_group_init(&grp); - if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 ) + if ((ret = pk_group_from_specified(params, &grp)) != 0) { goto cleanup; + } - ret = pk_group_id_from_group( &grp, grp_id ); + ret = pk_group_id_from_group(&grp, grp_id); cleanup: - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_group_free(&grp); - return( ret ); + return ret; } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ @@ -453,36 +443,37 @@ static int pk_group_id_from_specified( const mbedtls_asn1_buf *params, * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } * -- implicitCurve NULL */ -static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp ) +static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - if( params->tag == MBEDTLS_ASN1_OID ) - { - if( mbedtls_oid_get_ec_grp( params, &grp_id ) != 0 ) - return( MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE ); - } - else - { + if (params->tag == MBEDTLS_ASN1_OID) { + if (mbedtls_oid_get_ec_grp(params, &grp_id) != 0) { + return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE; + } + } else { #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 ) - return( ret ); + if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { + return ret; + } #else - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; #endif } /* - * grp may already be initilialized; if so, make sure IDs match + * grp may already be initialized; if so, make sure IDs match */ - if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - if( ( ret = mbedtls_ecp_group_load( grp, grp_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ecp_group_load(grp, grp_id)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* @@ -492,15 +483,14 @@ static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *g * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. */ -static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, - mbedtls_ecp_keypair *key ) +static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, + mbedtls_ecp_keypair *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q, - (const unsigned char *) *p, end - *p ) ) == 0 ) - { - ret = mbedtls_ecp_check_pubkey( &key->grp, &key->Q ); + if ((ret = mbedtls_ecp_point_read_binary(&key->grp, &key->Q, + (const unsigned char *) *p, end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&key->grp, &key->Q); } /* @@ -508,7 +498,7 @@ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, */ *p = (unsigned char *) end; - return( ret ); + return ret; } #endif /* MBEDTLS_ECP_C */ @@ -519,52 +509,58 @@ static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end, * publicExponent INTEGER -- e * } */ -static int pk_get_rsapubkey( unsigned char **p, - const unsigned char *end, - mbedtls_rsa_context *rsa ) +static int pk_get_rsapubkey(unsigned char **p, + const unsigned char *end, + mbedtls_rsa_context *rsa) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Import N */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0, - NULL, 0, NULL, 0 ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, + NULL, 0, NULL, 0)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } *p += len; /* Import E */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, *p, len ) ) != 0 ) - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, *p, len)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } *p += len; - if( mbedtls_rsa_complete( rsa ) != 0 || - mbedtls_rsa_check_pubkey( rsa ) != 0 ) - { - return( MBEDTLS_ERR_PK_INVALID_PUBKEY ); + if (mbedtls_rsa_complete(rsa) != 0 || + mbedtls_rsa_check_pubkey(rsa) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_RSA_C */ @@ -574,32 +570,33 @@ static int pk_get_rsapubkey( unsigned char **p, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ -static int pk_get_pk_alg( unsigned char **p, - const unsigned char *end, - mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params ) +static int pk_get_pk_alg(unsigned char **p, + const unsigned char *end, + mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf alg_oid; - memset( params, 0, sizeof(mbedtls_asn1_buf) ); + memset(params, 0, sizeof(mbedtls_asn1_buf)); - if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg(p, end, &alg_oid, params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, ret); + } - if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if (mbedtls_oid_get_pk_alg(&alg_oid, pk_alg) != 0) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } /* * No parameters with RSA (only for EC) */ - if( *pk_alg == MBEDTLS_PK_RSA && - ( ( params->tag != MBEDTLS_ASN1_NULL && params->tag != 0 ) || - params->len != 0 ) ) - { - return( MBEDTLS_ERR_PK_INVALID_ALG ); + if (*pk_alg == MBEDTLS_PK_RSA && + ((params->tag != MBEDTLS_ASN1_NULL && params->tag != 0) || + params->len != 0)) { + return MBEDTLS_ERR_PK_INVALID_ALG; } - return( 0 ); + return 0; } /* @@ -607,8 +604,8 @@ static int pk_get_pk_alg( unsigned char **p, * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } */ -int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk ) +int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -616,59 +613,64 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; const mbedtls_pk_info_t *pk_info; - PK_VALIDATE_RET( p != NULL ); - PK_VALIDATE_RET( *p != NULL ); - PK_VALIDATE_RET( end != NULL ); - PK_VALIDATE_RET( pk != NULL ); + PK_VALIDATE_RET(p != NULL); + PK_VALIDATE_RET(*p != NULL); + PK_VALIDATE_RET(end != NULL); + PK_VALIDATE_RET(pk != NULL); - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = *p + len; - if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 ) - return( ret ); + if ((ret = pk_get_pk_alg(p, end, &pk_alg, &alg_params)) != 0) { + return ret; + } - if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = pk_get_rsapubkey( p, end, mbedtls_pk_rsa( *pk ) ); + if (pk_alg == MBEDTLS_PK_RSA) { + ret = pk_get_rsapubkey(p, end, mbedtls_pk_rsa(*pk)); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY ) - { - ret = pk_use_ecparams( &alg_params, &mbedtls_pk_ec( *pk )->grp ); - if( ret == 0 ) - ret = pk_get_ecpubkey( p, end, mbedtls_pk_ec( *pk ) ); + if (pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY) { + ret = pk_use_ecparams(&alg_params, &mbedtls_pk_ec(*pk)->grp); + if (ret == 0) { + ret = pk_get_ecpubkey(p, end, mbedtls_pk_ec(*pk)); + } } else #endif /* MBEDTLS_ECP_C */ - ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; - if( ret == 0 && *p != end ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (ret == 0 && *p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ret != 0 ) - mbedtls_pk_free( pk ); + if (ret != 0) { + mbedtls_pk_free(pk); + } - return( ret ); + return ret; } #if defined(MBEDTLS_RSA_C) @@ -682,35 +684,37 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * Since values can't be omitted in PKCS#1, passing a zero value to * rsa_complete() would be incorrect, so reject zero values early. */ -static int asn1_get_nonzero_mpi( unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X ) +static int asn1_get_nonzero_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) { int ret; - ret = mbedtls_asn1_get_mpi( p, end, X ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_asn1_get_mpi(p, end, X); + if (ret != 0) { + return ret; + } - if( mbedtls_mpi_cmp_int( X, 0 ) == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - return( 0 ); + return 0; } /* * Parse a PKCS#1 encoded private RSA key */ -static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, - const unsigned char *key, - size_t keylen ) +static int pk_parse_key_pkcs1_der(mbedtls_rsa_context *rsa, + const unsigned char *key, + size_t keylen) { int ret, version; size_t len; unsigned char *p, *end; mbedtls_mpi T; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); p = (unsigned char *) key; end = p + keylen; @@ -731,87 +735,93 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, * otherPrimeInfos OtherPrimeInfos OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } - if( version != 0 ) - { - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); + if (version != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; } /* Import N */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, &T, NULL, NULL, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, + NULL, NULL)) != 0) { goto cleanup; + } /* Import E */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, - NULL, &T ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + NULL, &T)) != 0) { goto cleanup; + } /* Import D */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, NULL, - &T, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + &T, NULL)) != 0) { goto cleanup; + } /* Import P */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, &T, NULL, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, + NULL, NULL)) != 0) { goto cleanup; + } /* Import Q */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_rsa_import( rsa, NULL, NULL, &T, - NULL, NULL ) ) != 0 ) + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, + NULL, NULL)) != 0) { goto cleanup; + } #if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) /* - * The RSA CRT parameters DP, DQ and QP are nominally redundant, in - * that they can be easily recomputed from D, P and Q. However by - * parsing them from the PKCS1 structure it is possible to avoid - * recalculating them which both reduces the overhead of loading - * RSA private keys into memory and also avoids side channels which - * can arise when computing those values, since all of D, P, and Q - * are secret. See https://eprint.iacr.org/2020/055 for a - * description of one such attack. - */ + * The RSA CRT parameters DP, DQ and QP are nominally redundant, in + * that they can be easily recomputed from D, P and Q. However by + * parsing them from the PKCS1 structure it is possible to avoid + * recalculating them which both reduces the overhead of loading + * RSA private keys into memory and also avoids side channels which + * can arise when computing those values, since all of D, P, and Q + * are secret. See https://eprint.iacr.org/2020/055 for a + * description of one such attack. + */ /* Import DP */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->DP, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { + goto cleanup; + } /* Import DQ */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->DQ, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { + goto cleanup; + } /* Import QP */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = mbedtls_mpi_copy( &rsa->QP, &T ) ) != 0 ) - goto cleanup; + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { + goto cleanup; + } #else - /* Verify existance of the CRT params */ - if( ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 || - ( ret = asn1_get_nonzero_mpi( &p, end, &T ) ) != 0 ) - goto cleanup; + /* Verify existence of the CRT params */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { + goto cleanup; + } #endif /* rsa_complete() doesn't complete anything with the default @@ -823,34 +833,32 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, * Furthermore, we also check the public part for consistency with * mbedtls_pk_parse_pubkey(), as it includes size minima for example. */ - if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 || - ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 ) - { + if ((ret = mbedtls_rsa_complete(rsa)) != 0 || + (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { goto cleanup; } - if( p != end ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + if (p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } cleanup: - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - if( ret != 0 ) - { + if (ret != 0) { /* Wrap error code if it's coming from a lower level */ - if( ( ret & 0xff80 ) == 0 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ); - else + if ((ret & 0xff80) == 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } else { ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } - mbedtls_rsa_free( rsa ); + mbedtls_rsa_free(rsa); } - return( ret ); + return ret; } #endif /* MBEDTLS_RSA_C */ @@ -858,9 +866,9 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa, /* * Parse a SEC1 encoded private EC key */ -static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, - const unsigned char *key, - size_t keylen ) +static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, + const unsigned char *key, + size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; @@ -880,106 +888,100 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, * publicKey [1] BIT STRING OPTIONAL * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( version != 1 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION ); + if (version != 1) { + return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_mpi_read_binary(&eck->d, p, len)) != 0) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } p += len; pubkey_done = 0; - if( p != end ) - { + if (p != end) { /* * Is 'parameters' present? */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { - if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 || - ( ret = pk_use_ecparams( ¶ms, &eck->grp ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( ret ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) == 0) { + if ((ret = pk_get_ecparams(&p, p + len, ¶ms)) != 0 || + (ret = pk_use_ecparams(¶ms, &eck->grp)) != 0) { + mbedtls_ecp_keypair_free(eck); + return ret; } - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } - if( p != end ) - { + if (p != end) { /* * Is 'publickey' present? If not, or if we can't read it (eg because it * is compressed), create it from the private key. */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 1)) == 0) { end2 = p + len; - if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(&p, end2, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( p + len != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p + len != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 ) + if ((ret = pk_get_ecpubkey(&p, end2, eck)) == 0) { pubkey_done = 1; - else - { + } else { /* * The only acceptable failure mode of pk_get_ecpubkey() above * is if the point format is not recognized. */ - if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } } - } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } - if( ! pubkey_done && - ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G, - NULL, NULL ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if (!pubkey_done && + (ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, + NULL, NULL)) != 0) { + mbedtls_ecp_keypair_free(eck); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 ) - { - mbedtls_ecp_keypair_free( eck ); - return( ret ); + if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) { + mbedtls_ecp_keypair_free(eck); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECP_C */ @@ -997,9 +999,9 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck, * */ static int pk_parse_key_pkcs8_unencrypted_der( - mbedtls_pk_context *pk, - const unsigned char* key, - size_t keylen ) + mbedtls_pk_context *pk, + const unsigned char *key, + size_t keylen) { int ret, version; size_t len; @@ -1025,62 +1027,62 @@ static int pk_parse_key_pkcs8_unencrypted_der( * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( version != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret ) ); + if (version != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret); + } - if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 ) - { - return( ret ); + if ((ret = pk_get_pk_alg(&p, end, &pk_alg, ¶ms)) != 0) { + return ret; } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( len < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (len < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(pk_alg)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA ) - { - if( ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), p, len ) ) != 0 ) - { - mbedtls_pk_free( pk ); - return( ret ); + if (pk_alg == MBEDTLS_PK_RSA) { + if ((ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), p, len)) != 0) { + mbedtls_pk_free(pk); + return ret; } } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH ) - { - if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 ) - { - mbedtls_pk_free( pk ); - return( ret ); + if (pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { + if ((ret = pk_use_ecparams(¶ms, &mbedtls_pk_ec(*pk)->grp)) != 0 || + (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), p, len)) != 0) { + mbedtls_pk_free(pk); + return ret; } } else #endif /* MBEDTLS_ECP_C */ - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; - return( 0 ); + return 0; } /* @@ -1094,9 +1096,9 @@ static int pk_parse_key_pkcs8_unencrypted_der( */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) static int pk_parse_key_pkcs8_encrypted_der( - mbedtls_pk_context *pk, - unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) + mbedtls_pk_context *pk, + unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen) { int ret, decrypted = 0; size_t len; @@ -1111,8 +1113,9 @@ static int pk_parse_key_pkcs8_encrypted_der( p = key; end = p + keylen; - if( pwdlen == 0 ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); + if (pwdlen == 0) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } /* * This function parses the EncryptedPrivateKeyInfo object (PKCS#8) @@ -1129,19 +1132,20 @@ static int pk_parse_key_pkcs8_encrypted_der( * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo * */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } end = p + len; - if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_alg(&p, end, &pbe_alg_oid, &pbe_params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } buf = p; @@ -1149,73 +1153,68 @@ static int pk_parse_key_pkcs8_encrypted_der( * Decrypt EncryptedData with appropriate PBE */ #if defined(MBEDTLS_PKCS12_C) - if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 ) - { - if( ( ret = mbedtls_pkcs12_pbe( &pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, - cipher_alg, md_alg, - pwd, pwdlen, p, len, buf ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - - return( ret ); + if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) { + if ((ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, + cipher_alg, md_alg, + pwd, pwdlen, p, len, buf)) != 0) { + if (ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } + + return ret; } decrypted = 1; - } - else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 ) - { - if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params, - MBEDTLS_PKCS12_PBE_DECRYPT, - pwd, pwdlen, - p, len, buf ) ) != 0 ) - { - return( ret ); + } else if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid) == 0) { + if ((ret = mbedtls_pkcs12_pbe_sha1_rc4_128(&pbe_params, + MBEDTLS_PKCS12_PBE_DECRYPT, + pwd, pwdlen, + p, len, buf)) != 0) { + return ret; } // Best guess for password mismatch when using RC4. If first tag is // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE // - if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + if (*buf != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } decrypted = 1; - } - else + } else #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) - if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid ) == 0 ) - { - if( ( ret = mbedtls_pkcs5_pbes2( &pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, - p, len, buf ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) { + if ((ret = mbedtls_pkcs5_pbes2(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, + p, len, buf)) != 0) { + if (ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } - return( ret ); + return ret; } decrypted = 1; - } - else + } else #endif /* MBEDTLS_PKCS5_C */ { ((void) pwd); } - if( decrypted == 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (decrypted == 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); + return pk_parse_key_pkcs8_unencrypted_der(pk, buf, len); } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ /* * Parse a private key */ -int mbedtls_pk_parse_key( mbedtls_pk_context *pk, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ) +int mbedtls_pk_parse_key(mbedtls_pk_context *pk, + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_pk_info_t *pk_info; @@ -1224,121 +1223,120 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, mbedtls_pem_context pem; #endif - PK_VALIDATE_RET( pk != NULL ); - if( keylen == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - PK_VALIDATE_RET( key != NULL ); + (void) pk_info; + + PK_VALIDATE_RET(pk != NULL); + if (keylen == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + PK_VALIDATE_RET(key != NULL); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN RSA PRIVATE KEY-----", - "-----END RSA PRIVATE KEY-----", - key, pwd, pwdlen, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN RSA PRIVATE KEY-----", + "-----END RSA PRIVATE KEY-----", + key, pwd, pwdlen, &len); + } - if( ret == 0 ) - { - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + if (ret == 0) { + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || + (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN EC PRIVATE KEY-----", - "-----END EC PRIVATE KEY-----", - key, pwd, pwdlen, &len ); - if( ret == 0 ) - { - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN EC PRIVATE KEY-----", + "-----END EC PRIVATE KEY-----", + key, pwd, pwdlen, &len); + } + if (ret == 0) { + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || + (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) { + return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; + } else if (ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) { + return MBEDTLS_ERR_PK_PASSWORD_REQUIRED; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH ) - return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH ); - else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED ) - return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED ); - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_ECP_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN PRIVATE KEY-----", - "-----END PRIVATE KEY-----", - key, NULL, 0, &len ); - if( ret == 0 ) - { - if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN PRIVATE KEY-----", + "-----END PRIVATE KEY-----", + key, NULL, 0, &len); + } + if (ret == 0) { + if ((ret = pk_parse_key_pkcs8_unencrypted_der(pk, + pem.buf, pem.buflen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN ENCRYPTED PRIVATE KEY-----", - "-----END ENCRYPTED PRIVATE KEY-----", - key, NULL, 0, &len ); - if( ret == 0 ) - { - if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, - pem.buf, pem.buflen, - pwd, pwdlen ) ) != 0 ) - { - mbedtls_pk_free( pk ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN ENCRYPTED PRIVATE KEY-----", + "-----END ENCRYPTED PRIVATE KEY-----", + key, NULL, 0, &len); + } + if (ret == 0) { + if ((ret = pk_parse_key_pkcs8_encrypted_der(pk, + pem.buf, pem.buflen, + pwd, pwdlen)) != 0) { + mbedtls_pk_free(pk); } - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ #else ((void) pwd); @@ -1356,61 +1354,59 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, { unsigned char *key_copy; - if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL ) - return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + if ((key_copy = mbedtls_calloc(1, keylen)) == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } - memcpy( key_copy, key, keylen ); + memcpy(key_copy, key, keylen); - ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen, - pwd, pwdlen ); + ret = pk_parse_key_pkcs8_encrypted_der(pk, key_copy, keylen, + pwd, pwdlen); - mbedtls_platform_zeroize( key_copy, keylen ); - mbedtls_free( key_copy ); + mbedtls_platform_zeroize(key_copy, keylen); + mbedtls_free(key_copy); } - if( ret == 0 ) - return( 0 ); + if (ret == 0) { + return 0; + } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); - if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH ) - { - return( ret ); + if (ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH) { + return ret; } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ - ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ); - if( ret == 0 ) - { - return( 0 ); + ret = pk_parse_key_pkcs8_unencrypted_der(pk, key, keylen); + if (ret == 0) { + return 0; } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); #if defined(MBEDTLS_RSA_C) - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ); - if( mbedtls_pk_setup( pk, pk_info ) == 0 && - pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) == 0 ) - { - return( 0 ); + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); + if (mbedtls_pk_setup(pk, pk_info) == 0 && + pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), key, keylen) == 0) { + return 0; } - mbedtls_pk_free( pk ); - mbedtls_pk_init( pk ); + mbedtls_pk_free(pk); + mbedtls_pk_init(pk); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); - if( mbedtls_pk_setup( pk, pk_info ) == 0 && - pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - key, keylen ) == 0 ) - { - return( 0 ); + pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); + if (mbedtls_pk_setup(pk, pk_info) == 0 && + pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + key, keylen) == 0) { + return 0; } - mbedtls_pk_free( pk ); + mbedtls_pk_free(pk); #endif /* MBEDTLS_ECP_C */ /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't, @@ -1423,14 +1419,14 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, * also ok and in line with the mbedtls_pk_free() calls * on failed PEM parsing attempts. */ - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } /* * Parse a public key */ -int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, - const unsigned char *key, size_t keylen ) +int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, + const unsigned char *key, size_t keylen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -1442,98 +1438,100 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, mbedtls_pem_context pem; #endif - PK_VALIDATE_RET( ctx != NULL ); - if( keylen == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - PK_VALIDATE_RET( key != NULL || keylen == 0 ); + PK_VALIDATE_RET(ctx != NULL); + if (keylen == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + PK_VALIDATE_RET(key != NULL || keylen == 0); #if defined(MBEDTLS_PEM_PARSE_C) - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN RSA PUBLIC KEY-----", - "-----END RSA PUBLIC KEY-----", - key, NULL, 0, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN RSA PUBLIC KEY-----", + "-----END RSA PUBLIC KEY-----", + key, NULL, 0, &len); + } - if( ret == 0 ) - { + if (ret == 0) { p = pem.buf; - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) { + mbedtls_pem_free(&pem); + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) { + mbedtls_pem_free(&pem); + return ret; + } - if ( ( ret = pk_get_rsapubkey( &p, p + pem.buflen, mbedtls_pk_rsa( *ctx ) ) ) != 0 ) - mbedtls_pk_free( ctx ); + if ((ret = pk_get_rsapubkey(&p, p + pem.buflen, mbedtls_pk_rsa(*ctx))) != 0) { + mbedtls_pk_free(ctx); + } - mbedtls_pem_free( &pem ); - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - return( ret ); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); + return ret; } #endif /* MBEDTLS_RSA_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( key[keylen - 1] != '\0' ) + if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN PUBLIC KEY-----", - "-----END PUBLIC KEY-----", - key, NULL, 0, &len ); + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN PUBLIC KEY-----", + "-----END PUBLIC KEY-----", + key, NULL, 0, &len); + } - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded */ p = pem.buf; - ret = mbedtls_pk_parse_subpubkey( &p, p + pem.buflen, ctx ); - mbedtls_pem_free( &pem ); - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); - return( ret ); + ret = mbedtls_pk_parse_subpubkey(&p, p + pem.buflen, ctx); + mbedtls_pem_free(&pem); + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); + return ret; } - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); #endif /* MBEDTLS_PEM_PARSE_C */ #if defined(MBEDTLS_RSA_C) - if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL ) - return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG ); + if ((pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == NULL) { + return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + } - if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_setup(ctx, pk_info)) != 0) { + return ret; + } - p = (unsigned char *)key; - ret = pk_get_rsapubkey( &p, p + keylen, mbedtls_pk_rsa( *ctx ) ); - if( ret == 0 ) - { - return( ret ); + p = (unsigned char *) key; + ret = pk_get_rsapubkey(&p, p + keylen, mbedtls_pk_rsa(*ctx)); + if (ret == 0) { + return ret; } - mbedtls_pk_free( ctx ); - if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) ) - { - return( ret ); + mbedtls_pk_free(ctx); + if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG))) { + return ret; } #endif /* MBEDTLS_RSA_C */ p = (unsigned char *) key; - ret = mbedtls_pk_parse_subpubkey( &p, p + keylen, ctx ); + ret = mbedtls_pk_parse_subpubkey(&p, p + keylen, ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_PK_PARSE_C */ diff --git a/third_party/mbedtls/repo/library/pkwrite.c b/third_party/mbedtls/repo/library/pkwrite.c index 566153dd933..fafcf0e1a76 100644 --- a/third_party/mbedtls/repo/library/pkwrite.c +++ b/third_party/mbedtls/repo/library/pkwrite.c @@ -2,19 +2,7 @@ * Public Key layer for writing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -48,19 +36,13 @@ #include "psa/crypto.h" #include "mbedtls/psa_util.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /* Parameter validation macros based on platform_util.h */ -#define PK_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) -#define PK_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define PK_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA) +#define PK_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) #if defined(MBEDTLS_RSA_C) /* @@ -69,38 +51,41 @@ * publicExponent INTEGER -- e * } */ -static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, - mbedtls_rsa_context *rsa ) +static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, + mbedtls_rsa_context *rsa) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); /* Export E */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { goto end_of_export; + } len += ret; /* Export N */ - if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { goto end_of_export; + } len += ret; end_of_export: - mbedtls_mpi_free( &T ); - if( ret < 0 ) - return( ret ); + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_RSA_C */ @@ -108,27 +93,27 @@ static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start, /* * EC public key is an EC point */ -static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; - if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - &len, buf, sizeof( buf ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, buf, sizeof(buf))) != 0) { + return ret; } - if( *p < start || (size_t)( *p - start ) < len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *p -= len; - memcpy( *p, buf, len ); + memcpy(*p, buf, len); - return( (int) len ); + return (int) len; } /* @@ -136,93 +121,96 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start, * namedCurve OBJECT IDENTIFIER * } */ -static int pk_write_ec_param( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_param(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const char *oid; size_t oid_len; - if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_ec_grp(ec->grp.id, &oid, &oid_len)) != 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - return( (int) len ); + return (int) len; } /* * privateKey OCTET STRING -- always of length ceil(log2(n)/8) */ -static int pk_write_ec_private( unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec ) +static int pk_write_ec_private(unsigned char **p, unsigned char *start, + mbedtls_ecp_keypair *ec) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t byte_length = ( ec->grp.pbits + 7 ) / 8; + size_t byte_length = (ec->grp.pbits + 7) / 8; unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( ec, tmp, byte_length ); - if( ret != 0 ) + ret = mbedtls_ecp_write_key(ec, tmp, byte_length); + if (ret != 0) { goto exit; - ret = mbedtls_asn1_write_octet_string( p, start, tmp, byte_length ); + } + ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length); exit: - mbedtls_platform_zeroize( tmp, byte_length ); - return( ret ); + mbedtls_platform_zeroize(tmp, byte_length); + return ret; } #endif /* MBEDTLS_ECP_C */ -int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, - const mbedtls_pk_context *key ) +int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *key) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - PK_VALIDATE_RET( p != NULL ); - PK_VALIDATE_RET( *p != NULL ); - PK_VALIDATE_RET( start != NULL ); - PK_VALIDATE_RET( key != NULL ); + (void) p; + (void) start; + (void) key; + (void) ret; + + PK_VALIDATE_RET(p != NULL); + PK_VALIDATE_RET(*p != NULL); + PK_VALIDATE_RET(start != NULL); + PK_VALIDATE_RET(key != NULL); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) ); - else + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { + MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, mbedtls_pk_rsa(*key))); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) ); - else + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key))); + } else #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { size_t buffer_size; - psa_key_id_t* key_id = (psa_key_id_t*) key->pk_ctx; - - if ( *p < start ) - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + psa_key_id_t *key_id = (psa_key_id_t *) key->pk_ctx; - buffer_size = (size_t)( *p - start ); - if ( psa_export_public_key( *key_id, start, buffer_size, &len ) - != PSA_SUCCESS ) - { - return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + if (*p < start) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - else - { + + buffer_size = (size_t) (*p - start); + if (psa_export_public_key(*key_id, start, buffer_size, &len) + != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } else { *p -= len; - memmove( *p, start, len ); + memmove(*p, start, len); } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - return( (int) len ); + return (int) len; } -int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; @@ -230,17 +218,19 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si mbedtls_pk_type_t pk_type; const char *oid; - PK_VALIDATE_RET( key != NULL ); - if( size == 0 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - PK_VALIDATE_RET( buf != NULL ); + PK_VALIDATE_RET(key != NULL); + if (size == 0) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + PK_VALIDATE_RET(buf != NULL); c = buf + size; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_pk_write_pubkey(&c, buf, key)); - if( c - buf < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (c - buf < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } /* * SubjectPublicKeyInfo ::= SEQUENCE { @@ -250,162 +240,173 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si *--c = 0; len += 1; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - pk_type = mbedtls_pk_get_type( key ); + pk_type = mbedtls_pk_get_type(key); #if defined(MBEDTLS_ECP_C) - if( pk_type == MBEDTLS_PK_ECKEY ) - { - MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) ); + if (pk_type == MBEDTLS_PK_ECKEY) { + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, mbedtls_pk_ec(*key))); } #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( pk_type == MBEDTLS_PK_OPAQUE ) - { + if (pk_type == MBEDTLS_PK_OPAQUE) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; psa_key_id_t key_id; psa_ecc_family_t curve; size_t bits; - key_id = *((psa_key_id_t*) key->pk_ctx ); - if( PSA_SUCCESS != psa_get_key_attributes( key_id, &attributes ) ) - return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED ); - key_type = psa_get_key_type( &attributes ); - bits = psa_get_key_bits( &attributes ); - psa_reset_key_attributes( &attributes ); + key_id = *((psa_key_id_t *) key->pk_ctx); + if (PSA_SUCCESS != psa_get_key_attributes(key_id, &attributes)) { + return MBEDTLS_ERR_PK_HW_ACCEL_FAILED; + } + key_type = psa_get_key_type(&attributes); + bits = psa_get_key_bits(&attributes); + psa_reset_key_attributes(&attributes); - curve = PSA_KEY_TYPE_ECC_GET_FAMILY( key_type ); - if( curve == 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + curve = PSA_KEY_TYPE_ECC_GET_FAMILY(key_type); + if (curve == 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } - ret = mbedtls_psa_get_ecc_oid_from_id( curve, bits, &oid, &oid_len ); - if( ret != 0 ) - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + ret = mbedtls_psa_get_ecc_oid_from_id(curve, bits, &oid, &oid_len); + if (ret != 0) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } /* Write EC algorithm parameters; that's akin * to pk_write_ec_param() above. */ - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_oid( &c, buf, - oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_oid(&c, buf, + oid, oid_len)); /* The rest of the function works as for legacy EC contexts. */ pk_type = MBEDTLS_PK_ECKEY; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_oid_get_oid_by_pk_alg( pk_type, &oid, - &oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, + &oid_len)) != 0) { + return ret; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len, - par_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&c, buf, oid, oid_len, + par_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_der(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; size_t len = 0; - PK_VALIDATE_RET( key != NULL ); - if( size == 0 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - PK_VALIDATE_RET( buf != NULL ); + (void) ret; + (void) c; + (void) key; + + PK_VALIDATE_RET(key != NULL); + if (size == 0) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + PK_VALIDATE_RET(buf != NULL); c = buf + size; #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { mbedtls_mpi T; /* Temporary holding the exported parameters */ - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key ); + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key); /* * Export the parameters one after another to avoid simultaneous copies. */ - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); /* Export QP */ - if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export DQ */ - if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, &T, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export DP */ - if( ( ret = mbedtls_rsa_export_crt( rsa, &T, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export Q */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - &T, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export P */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, &T, - NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export D */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - NULL, &T, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export E */ - if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, - NULL, NULL, &T ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; /* Export N */ - if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, - NULL, NULL, NULL ) ) != 0 || - ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 ) + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { goto end_of_export; + } len += ret; - end_of_export: +end_of_export: - mbedtls_mpi_free( &T ); - if( ret < 0 ) - return( ret ); + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, - buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - } - else + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, + buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key ); + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key); size_t pub_len = 0, par_len = 0; /* @@ -420,44 +421,46 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ */ /* publicKey */ - MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec)); - if( c - buf < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (c - buf < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--c = 0; pub_len += 1; - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) ); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 1)); len += pub_len; /* parameters */ - MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec)); - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) ); - MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(&c, buf, par_len)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); len += par_len; /* privateKey */ - MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_private( &c, buf, ec ) ); + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(&c, buf, ec)); /* version */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 1)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - } - else + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + } else #endif /* MBEDTLS_ECP_C */ - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - return( (int) len ); + return (int) len; } #if defined(MBEDTLS_PEM_WRITE_C) @@ -487,7 +490,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1 * } */ -#define RSA_PUB_DER_MAX_BYTES ( 38 + 2 * MBEDTLS_MPI_MAX_SIZE ) +#define RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE) /* * RSA private keys: @@ -504,10 +507,10 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported) * } */ -#define MPI_MAX_SIZE_2 ( MBEDTLS_MPI_MAX_SIZE / 2 + \ - MBEDTLS_MPI_MAX_SIZE % 2 ) -#define RSA_PRV_DER_MAX_BYTES ( 47 + 3 * MBEDTLS_MPI_MAX_SIZE \ - + 5 * MPI_MAX_SIZE_2 ) +#define MPI_MAX_SIZE_2 (MBEDTLS_MPI_MAX_SIZE / 2 + \ + MBEDTLS_MPI_MAX_SIZE % 2) +#define RSA_PRV_DER_MAX_BYTES (47 + 3 * MBEDTLS_MPI_MAX_SIZE \ + + 5 * MPI_MAX_SIZE_2) #else /* MBEDTLS_RSA_C */ @@ -528,7 +531,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * + 2 * ECP_MAX (coords) [1] * } */ -#define ECP_PUB_DER_MAX_BYTES ( 30 + 2 * MBEDTLS_ECP_MAX_BYTES ) +#define ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) /* * EC private keys: @@ -539,7 +542,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define ECP_PRV_DER_MAX_BYTES ( 29 + 3 * MBEDTLS_ECP_MAX_BYTES ) +#define ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) #else /* MBEDTLS_ECP_C */ @@ -548,75 +551,69 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_ #endif /* MBEDTLS_ECP_C */ -#define PUB_DER_MAX_BYTES ( RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ - RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES ) -#define PRV_DER_MAX_BYTES ( RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \ - RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES ) +#define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ + RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES) +#define PRV_DER_MAX_BYTES (RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \ + RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES) -int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; - PK_VALIDATE_RET( key != NULL ); - PK_VALIDATE_RET( buf != NULL || size == 0 ); + PK_VALIDATE_RET(key != NULL); + PK_VALIDATE_RET(buf != NULL || size == 0); - if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, - sizeof(output_buf) ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, + sizeof(output_buf))) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } -int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size ) +int mbedtls_pk_write_key_pem(mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char output_buf[PRV_DER_MAX_BYTES]; const char *begin, *end; size_t olen = 0; - PK_VALIDATE_RET( key != NULL ); - PK_VALIDATE_RET( buf != NULL || size == 0 ); + PK_VALIDATE_RET(key != NULL); + PK_VALIDATE_RET(buf != NULL || size == 0); - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) { + return ret; + } #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { begin = PEM_BEGIN_PRIVATE_KEY_RSA; end = PEM_END_PRIVATE_KEY_RSA; - } - else + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY ) - { + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { begin = PEM_BEGIN_PRIVATE_KEY_EC; end = PEM_END_PRIVATE_KEY_EC; - } - else + } else #endif - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - if( ( ret = mbedtls_pem_write_buffer( begin, end, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(begin, end, + output_buf + sizeof(output_buf) - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/third_party/mbedtls/repo/library/platform.c b/third_party/mbedtls/repo/library/platform.c index e742fde7ccc..e82cbeb6c61 100644 --- a/third_party/mbedtls/repo/library/platform.c +++ b/third_party/mbedtls/repo/library/platform.c @@ -2,19 +2,7 @@ * Platform abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -30,22 +18,22 @@ * configuration via mbedtls_platform_set_calloc_free(). So, omit everything * related to the latter if MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO are defined. */ #if defined(MBEDTLS_PLATFORM_MEMORY) && \ - !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && \ - defined(MBEDTLS_PLATFORM_FREE_MACRO) ) + !(defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && \ + defined(MBEDTLS_PLATFORM_FREE_MACRO)) #if !defined(MBEDTLS_PLATFORM_STD_CALLOC) -static void *platform_calloc_uninit( size_t n, size_t size ) +static void *platform_calloc_uninit(size_t n, size_t size) { ((void) n); ((void) size); - return( NULL ); + return NULL; } #define MBEDTLS_PLATFORM_STD_CALLOC platform_calloc_uninit #endif /* !MBEDTLS_PLATFORM_STD_CALLOC */ #if !defined(MBEDTLS_PLATFORM_STD_FREE) -static void platform_free_uninit( void *ptr ) +static void platform_free_uninit(void *ptr) { ((void) ptr); } @@ -53,25 +41,25 @@ static void platform_free_uninit( void *ptr ) #define MBEDTLS_PLATFORM_STD_FREE platform_free_uninit #endif /* !MBEDTLS_PLATFORM_STD_FREE */ -static void * (*mbedtls_calloc_func)( size_t, size_t ) = MBEDTLS_PLATFORM_STD_CALLOC; -static void (*mbedtls_free_func)( void * ) = MBEDTLS_PLATFORM_STD_FREE; +static void * (*mbedtls_calloc_func)(size_t, size_t) = MBEDTLS_PLATFORM_STD_CALLOC; +static void (*mbedtls_free_func)(void *) = MBEDTLS_PLATFORM_STD_FREE; -void * mbedtls_calloc( size_t nmemb, size_t size ) +void *mbedtls_calloc(size_t nmemb, size_t size) { - return (*mbedtls_calloc_func)( nmemb, size ); + return (*mbedtls_calloc_func)(nmemb, size); } -void mbedtls_free( void * ptr ) +void mbedtls_free(void *ptr) { - (*mbedtls_free_func)( ptr ); + (*mbedtls_free_func)(ptr); } -int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), - void (*free_func)( void * ) ) +int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), + void (*free_func)(void *)) { mbedtls_calloc_func = calloc_func; mbedtls_free_func = free_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_MEMORY && !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && @@ -79,16 +67,16 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #include -int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) +int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; va_list argp; - va_start( argp, fmt ); - ret = mbedtls_vsnprintf( s, n, fmt, argp ); - va_end( argp ); + va_start(argp, fmt); + ret = mbedtls_vsnprintf(s, n, fmt, argp); + va_end(argp); - return( ret ); + return ret; } #endif @@ -97,53 +85,53 @@ int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_snprintf_uninit( char * s, size_t n, - const char * format, ... ) +static int platform_snprintf_uninit(char *s, size_t n, + const char *format, ...) { ((void) s); ((void) n); ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_SNPRINTF platform_snprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */ -int (*mbedtls_snprintf)( char * s, size_t n, - const char * format, - ... ) = MBEDTLS_PLATFORM_STD_SNPRINTF; +int (*mbedtls_snprintf)(char *s, size_t n, + const char *format, + ...) = MBEDTLS_PLATFORM_STD_SNPRINTF; -int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, - const char * format, - ... ) ) +int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, + const char *format, + ...)) { mbedtls_snprintf = snprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) #include -int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ) +int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Avoid calling the invalid parameter handler by checking ourselves */ - if( s == NULL || n == 0 || fmt == NULL ) - return( -1 ); + if (s == NULL || n == 0 || fmt == NULL) { + return -1; + } #if defined(_TRUNCATE) - ret = vsnprintf_s( s, n, _TRUNCATE, fmt, arg ); + ret = vsnprintf_s(s, n, _TRUNCATE, fmt, arg); #else - ret = vsnprintf( s, n, fmt, arg ); - if( ret < 0 || (size_t) ret == n ) - { + ret = vsnprintf(s, n, fmt, arg); + if (ret < 0 || (size_t) ret == n) { s[n-1] = '\0'; ret = -1; } #endif - return( ret ); + return ret; } #endif @@ -152,29 +140,29 @@ int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_lis /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_vsnprintf_uninit( char * s, size_t n, - const char * format, va_list arg ) +static int platform_vsnprintf_uninit(char *s, size_t n, + const char *format, va_list arg) { ((void) s); ((void) n); ((void) format); ((void) arg); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_VSNPRINTF platform_vsnprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_VSNPRINTF */ -int (*mbedtls_vsnprintf)( char * s, size_t n, - const char * format, - va_list arg ) = MBEDTLS_PLATFORM_STD_VSNPRINTF; +int (*mbedtls_vsnprintf)(char *s, size_t n, + const char *format, + va_list arg) = MBEDTLS_PLATFORM_STD_VSNPRINTF; -int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, - const char * format, - va_list arg ) ) +int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, + const char *format, + va_list arg)) { mbedtls_vsnprintf = vsnprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ @@ -183,21 +171,21 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n, /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_printf_uninit( const char *format, ... ) +static int platform_printf_uninit(const char *format, ...) { ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_PRINTF platform_printf_uninit #endif /* !MBEDTLS_PLATFORM_STD_PRINTF */ -int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF; +int (*mbedtls_printf)(const char *, ...) = MBEDTLS_PLATFORM_STD_PRINTF; -int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ) +int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)) { mbedtls_printf = printf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ @@ -206,23 +194,23 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_fprintf_uninit( FILE *stream, const char *format, ... ) +static int platform_fprintf_uninit(FILE *stream, const char *format, ...) { ((void) stream); ((void) format); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_FPRINTF platform_fprintf_uninit #endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */ -int (*mbedtls_fprintf)( FILE *, const char *, ... ) = - MBEDTLS_PLATFORM_STD_FPRINTF; +int (*mbedtls_fprintf)(FILE *, const char *, ...) = + MBEDTLS_PLATFORM_STD_FPRINTF; -int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) ) +int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *, const char *, ...)) { mbedtls_fprintf = fprintf_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ @@ -231,7 +219,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... /* * Make dummy function to prevent NULL pointer dereferences */ -static void platform_exit_uninit( int status ) +static void platform_exit_uninit(int status) { ((void) status); } @@ -239,12 +227,12 @@ static void platform_exit_uninit( int status ) #define MBEDTLS_PLATFORM_STD_EXIT platform_exit_uninit #endif /* !MBEDTLS_PLATFORM_STD_EXIT */ -void (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT; +void (*mbedtls_exit)(int status) = MBEDTLS_PLATFORM_STD_EXIT; -int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) +int mbedtls_platform_set_exit(void (*exit_func)(int status)) { mbedtls_exit = exit_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_EXIT_ALT */ @@ -255,21 +243,21 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) ) /* * Make dummy function to prevent NULL pointer dereferences */ -static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer ) +static mbedtls_time_t platform_time_uninit(mbedtls_time_t *timer) { ((void) timer); - return( 0 ); + return 0; } #define MBEDTLS_PLATFORM_STD_TIME platform_time_uninit #endif /* !MBEDTLS_PLATFORM_STD_TIME */ -mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME; +mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *timer) = MBEDTLS_PLATFORM_STD_TIME; -int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* timer ) ) +int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *timer)) { mbedtls_time = time_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_TIME_ALT */ @@ -280,41 +268,41 @@ int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time /* Default implementations for the platform independent seed functions use * standard libc file functions to read from and write to a pre-defined filename */ -int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len ) +int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len) { FILE *file; size_t n; - if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL ) - return( -1 ); + if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) { + return -1; + } - if( ( n = fread( buf, 1, buf_len, file ) ) != buf_len ) - { - fclose( file ); - mbedtls_platform_zeroize( buf, buf_len ); - return( -1 ); + if ((n = fread(buf, 1, buf_len, file)) != buf_len) { + fclose(file); + mbedtls_platform_zeroize(buf, buf_len); + return -1; } - fclose( file ); - return( (int)n ); + fclose(file); + return (int) n; } -int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) +int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len) { FILE *file; size_t n; - if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL ) + if ((file = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) { return -1; + } - if( ( n = fwrite( buf, 1, buf_len, file ) ) != buf_len ) - { - fclose( file ); + if ((n = fwrite(buf, 1, buf_len, file)) != buf_len) { + fclose(file); return -1; } - fclose( file ); - return( (int)n ); + fclose(file); + return (int) n; } #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ @@ -323,11 +311,11 @@ int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len ) +static int platform_nv_seed_read_uninit(unsigned char *buf, size_t buf_len) { ((void) buf); ((void) buf_len); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_NV_SEED_READ platform_nv_seed_read_uninit @@ -337,28 +325,28 @@ static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len ) /* * Make dummy function to prevent NULL pointer dereferences */ -static int platform_nv_seed_write_uninit( unsigned char *buf, size_t buf_len ) +static int platform_nv_seed_write_uninit(unsigned char *buf, size_t buf_len) { ((void) buf); ((void) buf_len); - return( -1 ); + return -1; } #define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE platform_nv_seed_write_uninit #endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ -int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = - MBEDTLS_PLATFORM_STD_NV_SEED_READ; -int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) = - MBEDTLS_PLATFORM_STD_NV_SEED_WRITE; +int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) = + MBEDTLS_PLATFORM_STD_NV_SEED_READ; +int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) = + MBEDTLS_PLATFORM_STD_NV_SEED_WRITE; int mbedtls_platform_set_nv_seed( - int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ), - int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) ) + int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len), + int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)) { mbedtls_nv_seed_read = nv_seed_read_func; mbedtls_nv_seed_write = nv_seed_write_func; - return( 0 ); + return 0; } #endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ #endif /* MBEDTLS_ENTROPY_NV_SEED */ @@ -367,19 +355,19 @@ int mbedtls_platform_set_nv_seed( /* * Placeholder platform setup that does nothing by default */ -int mbedtls_platform_setup( mbedtls_platform_context *ctx ) +int mbedtls_platform_setup(mbedtls_platform_context *ctx) { - (void)ctx; + (void) ctx; - return( 0 ); + return 0; } /* * Placeholder platform teardown that does nothing by default */ -void mbedtls_platform_teardown( mbedtls_platform_context *ctx ) +void mbedtls_platform_teardown(mbedtls_platform_context *ctx) { - (void)ctx; + (void) ctx; } #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ diff --git a/third_party/mbedtls/repo/library/platform_util.c b/third_party/mbedtls/repo/library/platform_util.c index 98fe5deb2de..a86b07fa3fc 100644 --- a/third_party/mbedtls/repo/library/platform_util.c +++ b/third_party/mbedtls/repo/library/platform_util.c @@ -3,19 +3,7 @@ * library. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -62,14 +50,15 @@ * mbedtls_platform_zeroize() to use a suitable implementation for their * platform and needs. */ -static void * (* const volatile memset_func)( void *, int, size_t ) = memset; +static void *(*const volatile memset_func)(void *, int, size_t) = memset; -void mbedtls_platform_zeroize( void *buf, size_t len ) +void mbedtls_platform_zeroize(void *buf, size_t len) { - MBEDTLS_INTERNAL_VALIDATE( len == 0 || buf != NULL ); + MBEDTLS_INTERNAL_VALIDATE(len == 0 || buf != NULL); - if( len > 0 ) - memset_func( buf, 0, len ); + if (len > 0) { + memset_func(buf, 0, len); + } } #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ @@ -82,9 +71,9 @@ void mbedtls_platform_zeroize( void *buf, size_t len ) #endif /* !_WIN32 && (unix || __unix || __unix__ || * (__APPLE__ && __MACH__)) */ -#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ - _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) +#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) || \ + (defined(_POSIX_THREAD_SAFE_FUNCTIONS) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L)) /* * This is a convenience shorthand macro to avoid checking the long * preprocessor conditions above. Ideally, we could expose this macro in @@ -92,42 +81,43 @@ void mbedtls_platform_zeroize( void *buf, size_t len ) * threading.h. However, this macro is not part of the Mbed TLS public API, so * we keep it private by only defining it in this file */ -#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)) #define PLATFORM_UTIL_USE_GMTIME #endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ -#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */ -struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, - struct tm *tm_buf ) +struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt, + struct tm *tm_buf) { #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - return( ( gmtime_s( tm_buf, tt ) == 0 ) ? tm_buf : NULL ); + return (gmtime_s(tm_buf, tt) == 0) ? tm_buf : NULL; #elif !defined(PLATFORM_UTIL_USE_GMTIME) - return( gmtime_r( tt, tm_buf ) ); + return gmtime_r(tt, tm_buf); #else struct tm *lt; #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 ) - return( NULL ); + if (mbedtls_mutex_lock(&mbedtls_threading_gmtime_mutex) != 0) { + return NULL; + } #endif /* MBEDTLS_THREADING_C */ - lt = gmtime( tt ); + lt = gmtime(tt); - if( lt != NULL ) - { - memcpy( tm_buf, lt, sizeof( struct tm ) ); + if (lt != NULL) { + memcpy(tm_buf, lt, sizeof(struct tm)); } #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 ) - return( NULL ); + if (mbedtls_mutex_unlock(&mbedtls_threading_gmtime_mutex) != 0) { + return NULL; + } #endif /* MBEDTLS_THREADING_C */ - return( ( lt == NULL ) ? NULL : tm_buf ); + return (lt == NULL) ? NULL : tm_buf; #endif /* _WIN32 && !EFIX64 && !EFI32 */ } #endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */ diff --git a/third_party/mbedtls/repo/library/poly1305.c b/third_party/mbedtls/repo/library/poly1305.c index 7375a0c5728..c7811076020 100644 --- a/third_party/mbedtls/repo/library/poly1305.c +++ b/third_party/mbedtls/repo/library/poly1305.c @@ -4,19 +4,7 @@ * \brief Poly1305 authentication algorithm. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -28,36 +16,24 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_POLY1305_ALT) -#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - /* Parameter validation macros */ -#define POLY1305_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) -#define POLY1305_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) +#define POLY1305_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) +#define POLY1305_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) -#define POLY1305_BLOCK_SIZE_BYTES ( 16U ) +#define POLY1305_BLOCK_SIZE_BYTES (16U) /* * Our implementation is tuned for 32-bit platforms with a 64-bit multiplier. * However we provided an alternative for platforms without such a multiplier. */ #if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) -static uint64_t mul64( uint32_t a, uint32_t b ) +static uint64_t mul64(uint32_t a, uint32_t b) { /* a = al + 2**16 ah, b = bl + 2**16 bh */ const uint16_t al = (uint16_t) a; @@ -67,15 +43,15 @@ static uint64_t mul64( uint32_t a, uint32_t b ) /* ab = al*bl + 2**16 (ah*bl + bl*bh) + 2**32 ah*bh */ const uint32_t lo = (uint32_t) al * bl; - const uint64_t me = (uint64_t)( (uint32_t) ah * bl ) + (uint32_t) al * bh; + const uint64_t me = (uint64_t) ((uint32_t) ah * bl) + (uint32_t) al * bh; const uint32_t hi = (uint32_t) ah * bh; - return( lo + ( me << 16 ) + ( (uint64_t) hi << 32 ) ); + return lo + (me << 16) + ((uint64_t) hi << 32); } #else -static inline uint64_t mul64( uint32_t a, uint32_t b ) +static inline uint64_t mul64(uint32_t a, uint32_t b) { - return( (uint64_t) a * b ); + return (uint64_t) a * b; } #endif @@ -91,10 +67,10 @@ static inline uint64_t mul64( uint32_t a, uint32_t b ) * applied to the input data before calling this * function. Otherwise, set this parameter to 1. */ -static void poly1305_process( mbedtls_poly1305_context *ctx, - size_t nblocks, - const unsigned char *input, - uint32_t needs_padding ) +static void poly1305_process(mbedtls_poly1305_context *ctx, + size_t nblocks, + const unsigned char *input, + uint32_t needs_padding) { uint64_t d0, d1, d2, d3; uint32_t acc0, acc1, acc2, acc3, acc4; @@ -108,9 +84,9 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, r2 = ctx->r[2]; r3 = ctx->r[3]; - rs1 = r1 + ( r1 >> 2U ); - rs2 = r2 + ( r2 >> 2U ); - rs3 = r3 + ( r3 >> 2U ); + rs1 = r1 + (r1 >> 2U); + rs2 = r2 + (r2 >> 2U); + rs3 = r3 + (r3 >> 2U); acc0 = ctx->acc[0]; acc1 = ctx->acc[1]; @@ -119,67 +95,66 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, acc4 = ctx->acc[4]; /* Process full blocks */ - for( i = 0U; i < nblocks; i++ ) - { + for (i = 0U; i < nblocks; i++) { /* The input block is treated as a 128-bit little-endian integer */ - d0 = MBEDTLS_GET_UINT32_LE( input, offset + 0 ); - d1 = MBEDTLS_GET_UINT32_LE( input, offset + 4 ); - d2 = MBEDTLS_GET_UINT32_LE( input, offset + 8 ); - d3 = MBEDTLS_GET_UINT32_LE( input, offset + 12 ); + d0 = MBEDTLS_GET_UINT32_LE(input, offset + 0); + d1 = MBEDTLS_GET_UINT32_LE(input, offset + 4); + d2 = MBEDTLS_GET_UINT32_LE(input, offset + 8); + d3 = MBEDTLS_GET_UINT32_LE(input, offset + 12); /* Compute: acc += (padded) block as a 130-bit integer */ d0 += (uint64_t) acc0; - d1 += (uint64_t) acc1 + ( d0 >> 32U ); - d2 += (uint64_t) acc2 + ( d1 >> 32U ); - d3 += (uint64_t) acc3 + ( d2 >> 32U ); + d1 += (uint64_t) acc1 + (d0 >> 32U); + d2 += (uint64_t) acc2 + (d1 >> 32U); + d3 += (uint64_t) acc3 + (d2 >> 32U); acc0 = (uint32_t) d0; acc1 = (uint32_t) d1; acc2 = (uint32_t) d2; acc3 = (uint32_t) d3; - acc4 += (uint32_t) ( d3 >> 32U ) + needs_padding; + acc4 += (uint32_t) (d3 >> 32U) + needs_padding; /* Compute: acc *= r */ - d0 = mul64( acc0, r0 ) + - mul64( acc1, rs3 ) + - mul64( acc2, rs2 ) + - mul64( acc3, rs1 ); - d1 = mul64( acc0, r1 ) + - mul64( acc1, r0 ) + - mul64( acc2, rs3 ) + - mul64( acc3, rs2 ) + - mul64( acc4, rs1 ); - d2 = mul64( acc0, r2 ) + - mul64( acc1, r1 ) + - mul64( acc2, r0 ) + - mul64( acc3, rs3 ) + - mul64( acc4, rs2 ); - d3 = mul64( acc0, r3 ) + - mul64( acc1, r2 ) + - mul64( acc2, r1 ) + - mul64( acc3, r0 ) + - mul64( acc4, rs3 ); + d0 = mul64(acc0, r0) + + mul64(acc1, rs3) + + mul64(acc2, rs2) + + mul64(acc3, rs1); + d1 = mul64(acc0, r1) + + mul64(acc1, r0) + + mul64(acc2, rs3) + + mul64(acc3, rs2) + + mul64(acc4, rs1); + d2 = mul64(acc0, r2) + + mul64(acc1, r1) + + mul64(acc2, r0) + + mul64(acc3, rs3) + + mul64(acc4, rs2); + d3 = mul64(acc0, r3) + + mul64(acc1, r2) + + mul64(acc2, r1) + + mul64(acc3, r0) + + mul64(acc4, rs3); acc4 *= r0; /* Compute: acc %= (2^130 - 5) (partial remainder) */ - d1 += ( d0 >> 32 ); - d2 += ( d1 >> 32 ); - d3 += ( d2 >> 32 ); + d1 += (d0 >> 32); + d2 += (d1 >> 32); + d3 += (d2 >> 32); acc0 = (uint32_t) d0; acc1 = (uint32_t) d1; acc2 = (uint32_t) d2; acc3 = (uint32_t) d3; - acc4 = (uint32_t) ( d3 >> 32 ) + acc4; + acc4 = (uint32_t) (d3 >> 32) + acc4; - d0 = (uint64_t) acc0 + ( acc4 >> 2 ) + ( acc4 & 0xFFFFFFFCU ); + d0 = (uint64_t) acc0 + (acc4 >> 2) + (acc4 & 0xFFFFFFFCU); acc4 &= 3U; acc0 = (uint32_t) d0; - d0 = (uint64_t) acc1 + ( d0 >> 32U ); + d0 = (uint64_t) acc1 + (d0 >> 32U); acc1 = (uint32_t) d0; - d0 = (uint64_t) acc2 + ( d0 >> 32U ); + d0 = (uint64_t) acc2 + (d0 >> 32U); acc2 = (uint32_t) d0; - d0 = (uint64_t) acc3 + ( d0 >> 32U ); + d0 = (uint64_t) acc3 + (d0 >> 32U); acc3 = (uint32_t) d0; - d0 = (uint64_t) acc4 + ( d0 >> 32U ); + d0 = (uint64_t) acc4 + (d0 >> 32U); acc4 = (uint32_t) d0; offset += POLY1305_BLOCK_SIZE_BYTES; @@ -199,8 +174,8 @@ static void poly1305_process( mbedtls_poly1305_context *ctx, * \param mac The buffer to where the MAC is written. Must be * big enough to contain the 16-byte MAC. */ -static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, - unsigned char mac[16] ) +static void poly1305_compute_mac(const mbedtls_poly1305_context *ctx, + unsigned char mac[16]) { uint64_t d; uint32_t g0, g1, g2, g3, g4; @@ -220,73 +195,74 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, */ /* Calculate acc + -(2^130 - 5) */ - d = ( (uint64_t) acc0 + 5U ); + d = ((uint64_t) acc0 + 5U); g0 = (uint32_t) d; - d = ( (uint64_t) acc1 + ( d >> 32 ) ); + d = ((uint64_t) acc1 + (d >> 32)); g1 = (uint32_t) d; - d = ( (uint64_t) acc2 + ( d >> 32 ) ); + d = ((uint64_t) acc2 + (d >> 32)); g2 = (uint32_t) d; - d = ( (uint64_t) acc3 + ( d >> 32 ) ); + d = ((uint64_t) acc3 + (d >> 32)); g3 = (uint32_t) d; - g4 = acc4 + (uint32_t) ( d >> 32U ); + g4 = acc4 + (uint32_t) (d >> 32U); /* mask == 0xFFFFFFFF if 131st bit is set, otherwise mask == 0 */ - mask = (uint32_t) 0U - ( g4 >> 2U ); + mask = (uint32_t) 0U - (g4 >> 2U); mask_inv = ~mask; /* If 131st bit is set then acc=g, otherwise, acc is unmodified */ - acc0 = ( acc0 & mask_inv ) | ( g0 & mask ); - acc1 = ( acc1 & mask_inv ) | ( g1 & mask ); - acc2 = ( acc2 & mask_inv ) | ( g2 & mask ); - acc3 = ( acc3 & mask_inv ) | ( g3 & mask ); + acc0 = (acc0 & mask_inv) | (g0 & mask); + acc1 = (acc1 & mask_inv) | (g1 & mask); + acc2 = (acc2 & mask_inv) | (g2 & mask); + acc3 = (acc3 & mask_inv) | (g3 & mask); /* Add 's' */ d = (uint64_t) acc0 + ctx->s[0]; acc0 = (uint32_t) d; - d = (uint64_t) acc1 + ctx->s[1] + ( d >> 32U ); + d = (uint64_t) acc1 + ctx->s[1] + (d >> 32U); acc1 = (uint32_t) d; - d = (uint64_t) acc2 + ctx->s[2] + ( d >> 32U ); + d = (uint64_t) acc2 + ctx->s[2] + (d >> 32U); acc2 = (uint32_t) d; - acc3 += ctx->s[3] + (uint32_t) ( d >> 32U ); + acc3 += ctx->s[3] + (uint32_t) (d >> 32U); /* Compute MAC (128 least significant bits of the accumulator) */ - MBEDTLS_PUT_UINT32_LE( acc0, mac, 0 ); - MBEDTLS_PUT_UINT32_LE( acc1, mac, 4 ); - MBEDTLS_PUT_UINT32_LE( acc2, mac, 8 ); - MBEDTLS_PUT_UINT32_LE( acc3, mac, 12 ); + MBEDTLS_PUT_UINT32_LE(acc0, mac, 0); + MBEDTLS_PUT_UINT32_LE(acc1, mac, 4); + MBEDTLS_PUT_UINT32_LE(acc2, mac, 8); + MBEDTLS_PUT_UINT32_LE(acc3, mac, 12); } -void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) +void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx) { - POLY1305_VALIDATE( ctx != NULL ); + POLY1305_VALIDATE(ctx != NULL); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context)); } -void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ) +void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_poly1305_context)); } -int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, - const unsigned char key[32] ) +int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx, + const unsigned char key[32]) { - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( key != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(key != NULL); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ - ctx->r[0] = MBEDTLS_GET_UINT32_LE( key, 0 ) & 0x0FFFFFFFU; - ctx->r[1] = MBEDTLS_GET_UINT32_LE( key, 4 ) & 0x0FFFFFFCU; - ctx->r[2] = MBEDTLS_GET_UINT32_LE( key, 8 ) & 0x0FFFFFFCU; - ctx->r[3] = MBEDTLS_GET_UINT32_LE( key, 12 ) & 0x0FFFFFFCU; + ctx->r[0] = MBEDTLS_GET_UINT32_LE(key, 0) & 0x0FFFFFFFU; + ctx->r[1] = MBEDTLS_GET_UINT32_LE(key, 4) & 0x0FFFFFFCU; + ctx->r[2] = MBEDTLS_GET_UINT32_LE(key, 8) & 0x0FFFFFFCU; + ctx->r[3] = MBEDTLS_GET_UINT32_LE(key, 12) & 0x0FFFFFFCU; - ctx->s[0] = MBEDTLS_GET_UINT32_LE( key, 16 ); - ctx->s[1] = MBEDTLS_GET_UINT32_LE( key, 20 ); - ctx->s[2] = MBEDTLS_GET_UINT32_LE( key, 24 ); - ctx->s[3] = MBEDTLS_GET_UINT32_LE( key, 28 ); + ctx->s[0] = MBEDTLS_GET_UINT32_LE(key, 16); + ctx->s[1] = MBEDTLS_GET_UINT32_LE(key, 20); + ctx->s[2] = MBEDTLS_GET_UINT32_LE(key, 24); + ctx->s[3] = MBEDTLS_GET_UINT32_LE(key, 28); /* Initial accumulator state */ ctx->acc[0] = 0U; @@ -296,129 +272,124 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, ctx->acc[4] = 0U; /* Queue initially empty */ - mbedtls_platform_zeroize( ctx->queue, sizeof( ctx->queue ) ); + mbedtls_platform_zeroize(ctx->queue, sizeof(ctx->queue)); ctx->queue_len = 0U; - return( 0 ); + return 0; } -int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx, + const unsigned char *input, + size_t ilen) { size_t offset = 0U; size_t remaining = ilen; size_t queue_free_len; size_t nblocks; - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(ilen == 0 || input != NULL); - if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) ) - { - queue_free_len = ( POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); + if ((remaining > 0U) && (ctx->queue_len > 0U)) { + queue_free_len = (POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len); - if( ilen < queue_free_len ) - { + if (ilen < queue_free_len) { /* Not enough data to complete the block. * Store this data with the other leftovers. */ - memcpy( &ctx->queue[ctx->queue_len], - input, - ilen ); + memcpy(&ctx->queue[ctx->queue_len], + input, + ilen); ctx->queue_len += ilen; remaining = 0U; - } - else - { + } else { /* Enough data to produce a complete block */ - memcpy( &ctx->queue[ctx->queue_len], - input, - queue_free_len ); + memcpy(&ctx->queue[ctx->queue_len], + input, + queue_free_len); ctx->queue_len = 0U; - poly1305_process( ctx, 1U, ctx->queue, 1U ); /* add padding bit */ + poly1305_process(ctx, 1U, ctx->queue, 1U); /* add padding bit */ offset += queue_free_len; remaining -= queue_free_len; } } - if( remaining >= POLY1305_BLOCK_SIZE_BYTES ) - { + if (remaining >= POLY1305_BLOCK_SIZE_BYTES) { nblocks = remaining / POLY1305_BLOCK_SIZE_BYTES; - poly1305_process( ctx, nblocks, &input[offset], 1U ); + poly1305_process(ctx, nblocks, &input[offset], 1U); offset += nblocks * POLY1305_BLOCK_SIZE_BYTES; remaining %= POLY1305_BLOCK_SIZE_BYTES; } - if( remaining > 0U ) - { + if (remaining > 0U) { /* Store partial block */ ctx->queue_len = remaining; - memcpy( ctx->queue, &input[offset], remaining ); + memcpy(ctx->queue, &input[offset], remaining); } - return( 0 ); + return 0; } -int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, - unsigned char mac[16] ) +int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx, + unsigned char mac[16]) { - POLY1305_VALIDATE_RET( ctx != NULL ); - POLY1305_VALIDATE_RET( mac != NULL ); + POLY1305_VALIDATE_RET(ctx != NULL); + POLY1305_VALIDATE_RET(mac != NULL); /* Process any leftover data */ - if( ctx->queue_len > 0U ) - { + if (ctx->queue_len > 0U) { /* Add padding bit */ ctx->queue[ctx->queue_len] = 1U; ctx->queue_len++; /* Pad with zeroes */ - memset( &ctx->queue[ctx->queue_len], - 0, - POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); + memset(&ctx->queue[ctx->queue_len], + 0, + POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len); - poly1305_process( ctx, 1U, /* Process 1 block */ - ctx->queue, 0U ); /* Already padded above */ + poly1305_process(ctx, 1U, /* Process 1 block */ + ctx->queue, 0U); /* Already padded above */ } - poly1305_compute_mac( ctx, mac ); + poly1305_compute_mac(ctx, mac); - return( 0 ); + return 0; } -int mbedtls_poly1305_mac( const unsigned char key[32], - const unsigned char *input, - size_t ilen, - unsigned char mac[16] ) +int mbedtls_poly1305_mac(const unsigned char key[32], + const unsigned char *input, + size_t ilen, + unsigned char mac[16]) { mbedtls_poly1305_context ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - POLY1305_VALIDATE_RET( key != NULL ); - POLY1305_VALIDATE_RET( mac != NULL ); - POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); + POLY1305_VALIDATE_RET(key != NULL); + POLY1305_VALIDATE_RET(mac != NULL); + POLY1305_VALIDATE_RET(ilen == 0 || input != NULL); - mbedtls_poly1305_init( &ctx ); + mbedtls_poly1305_init(&ctx); - ret = mbedtls_poly1305_starts( &ctx, key ); - if( ret != 0 ) + ret = mbedtls_poly1305_starts(&ctx, key); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_update( &ctx, input, ilen ); - if( ret != 0 ) + ret = mbedtls_poly1305_update(&ctx, input, ilen); + if (ret != 0) { goto cleanup; + } - ret = mbedtls_poly1305_finish( &ctx, mac ); + ret = mbedtls_poly1305_finish(&ctx, mac); cleanup: - mbedtls_poly1305_free( &ctx ); - return( ret ); + mbedtls_poly1305_free(&ctx); + return ret; } #endif /* MBEDTLS_POLY1305_ALT */ @@ -491,46 +462,48 @@ static const unsigned char test_mac[2][16] = /* Make sure no other definition is already present. */ #undef ASSERT -#define ASSERT( cond, args ) \ +#define ASSERT(cond, args) \ do \ { \ - if( ! ( cond ) ) \ + if (!(cond)) \ { \ - if( verbose != 0 ) \ - mbedtls_printf args; \ + if (verbose != 0) \ + mbedtls_printf args; \ \ - return( -1 ); \ + return -1; \ } \ } \ - while( 0 ) + while (0) -int mbedtls_poly1305_self_test( int verbose ) +int mbedtls_poly1305_self_test(int verbose) { unsigned char mac[16]; unsigned i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - for( i = 0U; i < 2U; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " Poly1305 test %u ", i ); + for (i = 0U; i < 2U; i++) { + if (verbose != 0) { + mbedtls_printf(" Poly1305 test %u ", i); + } - ret = mbedtls_poly1305_mac( test_keys[i], - test_data[i], - test_data_len[i], - mac ); - ASSERT( 0 == ret, ( "error code: %i\n", ret ) ); + ret = mbedtls_poly1305_mac(test_keys[i], + test_data[i], + test_data_len[i], + mac); + ASSERT(0 == ret, ("error code: %i\n", ret)); - ASSERT( 0 == memcmp( mac, test_mac[i], 16U ), ( "failed (mac)\n" ) ); + ASSERT(0 == memcmp(mac, test_mac[i], 16U), ("failed (mac)\n")); - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/psa_crypto.c b/third_party/mbedtls/repo/library/psa_crypto.c index e6dab33c773..533ded6ff99 100644 --- a/third_party/mbedtls/repo/library/psa_crypto.c +++ b/third_party/mbedtls/repo/library/psa_crypto.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -47,14 +35,9 @@ #include "psa_crypto_random_impl.h" -#include #include #include #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/aes.h" #include "mbedtls/arc4.h" @@ -90,15 +73,15 @@ #include "mbedtls/sha512.h" #include "mbedtls/xtea.h" -#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) /****************************************************************/ /* Global data, support functions and library management */ /****************************************************************/ -static int key_type_is_raw_bytes( psa_key_type_t type ) +static int key_type_is_raw_bytes(psa_key_type_t type) { - return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ); + return PSA_KEY_TYPE_IS_UNSTRUCTURED(type); } /* Values for psa_global_data_t::rng_state */ @@ -106,8 +89,7 @@ static int key_type_is_raw_bytes( psa_key_type_t type ) #define RNG_INITIALIZED 1 #define RNG_SEEDED 2 -typedef struct -{ +typedef struct { unsigned initialized : 1; unsigned rng_state : 2; mbedtls_psa_random_context_t rng; @@ -121,40 +103,39 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state = #endif #define GUARD_MODULE_INITIALIZED \ - if( global_data.initialized == 0 ) \ - return( PSA_ERROR_BAD_STATE ); + if (global_data.initialized == 0) \ + return PSA_ERROR_BAD_STATE; -psa_status_t mbedtls_to_psa_error( int ret ) +psa_status_t mbedtls_to_psa_error(int ret) { /* Mbed TLS error codes can combine a high-level error code and a * low-level error code. The low-level error usually reflects the * root cause better, so dispatch on that preferably. */ - int low_level_ret = - ( -ret & 0x007f ); - switch( low_level_ret != 0 ? low_level_ret : ret ) - { + int low_level_ret = -(-ret & 0x007f); + switch (low_level_ret != 0 ? low_level_ret : ret) { case 0: - return( PSA_SUCCESS ); + return PSA_SUCCESS; case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_AES_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ASN1_OUT_OF_DATA: case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG: case MBEDTLS_ERR_ASN1_INVALID_LENGTH: case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH: case MBEDTLS_ERR_ASN1_INVALID_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_ASN1_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; #if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA: @@ -162,9 +143,9 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH: #endif case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; #if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: @@ -172,209 +153,209 @@ psa_status_t mbedtls_to_psa_error( int ret ) case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH: #endif case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CCM_BAD_INPUT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CCM_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CIPHER_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_CIPHER_INVALID_PADDING: - return( PSA_ERROR_INVALID_PADDING ); + return PSA_ERROR_INVALID_PADDING; case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CIPHER_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; -#if !( defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ - defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) ) +#if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ + defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)) /* Only check CTR_DRBG error codes if underlying mbedtls_xxx * functions are passed a CTR_DRBG instance. */ case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG: case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_DES_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED: case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_GCM_AUTH_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_GCM_BAD_INPUT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ - defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) + defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) /* Only check HMAC_DRBG error codes if underlying mbedtls_xxx * functions are passed a HMAC_DRBG instance. */ case MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG: case MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED: case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED: case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_MD_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MD_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_MD_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_MD_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_MPI_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_MPI_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_INVALID_CHARACTER: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_MPI_NEGATIVE_VALUE: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_PK_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_PK_TYPE_MISMATCH: case MBEDTLS_ERR_PK_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_FILE_IO_ERROR: - return( PSA_ERROR_STORAGE_FAILURE ); + return PSA_ERROR_STORAGE_FAILURE; case MBEDTLS_ERR_PK_KEY_INVALID_VERSION: case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_PK_PASSWORD_REQUIRED: case MBEDTLS_ERR_PK_PASSWORD_MISMATCH: - return( PSA_ERROR_NOT_PERMITTED ); + return PSA_ERROR_NOT_PERMITTED; case MBEDTLS_ERR_PK_INVALID_PUBKEY: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_PK_INVALID_ALG: case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE: case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_PK_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_RSA_BAD_INPUT_DATA: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_RSA_INVALID_PADDING: - return( PSA_ERROR_INVALID_PADDING ); + return PSA_ERROR_INVALID_PADDING; case MBEDTLS_ERR_RSA_KEY_GEN_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_RSA_PUBLIC_FAILED: case MBEDTLS_ERR_RSA_PRIVATE_FAILED: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; case MBEDTLS_ERR_RSA_VERIFY_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_RSA_RNG_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED: case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED: case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: case MBEDTLS_ERR_ECP_INVALID_KEY: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL: - return( PSA_ERROR_BUFFER_TOO_SMALL ); + return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH: case MBEDTLS_ERR_ECP_VERIFY_FAILED: - return( PSA_ERROR_INVALID_SIGNATURE ); + return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_ECP_ALLOC_FAILED: - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_ECP_RANDOM_FAILED: - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + return PSA_ERROR_INSUFFICIENT_ENTROPY; case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED: - return( PSA_ERROR_HARDWARE_FAILURE ); + return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED: - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; default: - return( PSA_ERROR_GENERIC_ERROR ); + return PSA_ERROR_GENERIC_ERROR; } } @@ -390,99 +371,96 @@ psa_status_t mbedtls_to_psa_error( int ret ) defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy ) +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_SECP_R1_192) case 192: - return( MBEDTLS_ECP_DP_SECP192R1 ); + return MBEDTLS_ECP_DP_SECP192R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_224) case 224: - return( MBEDTLS_ECP_DP_SECP224R1 ); + return MBEDTLS_ECP_DP_SECP224R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_256) case 256: - return( MBEDTLS_ECP_DP_SECP256R1 ); + return MBEDTLS_ECP_DP_SECP256R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_384) case 384: - return( MBEDTLS_ECP_DP_SECP384R1 ); + return MBEDTLS_ECP_DP_SECP384R1; #endif #if defined(PSA_WANT_ECC_SECP_R1_521) case 521: - return( MBEDTLS_ECP_DP_SECP521R1 ); + return MBEDTLS_ECP_DP_SECP521R1; case 528: - if( bits_is_sloppy ) - return( MBEDTLS_ECP_DP_SECP521R1 ); + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_SECP521R1; + } break; #endif } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) case 256: - return( MBEDTLS_ECP_DP_BP256R1 ); + return MBEDTLS_ECP_DP_BP256R1; #endif #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) case 384: - return( MBEDTLS_ECP_DP_BP384R1 ); + return MBEDTLS_ECP_DP_BP384R1; #endif #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) case 512: - return( MBEDTLS_ECP_DP_BP512R1 ); + return MBEDTLS_ECP_DP_BP512R1; #endif } break; case PSA_ECC_FAMILY_MONTGOMERY: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_MONTGOMERY_255) case 255: - return( MBEDTLS_ECP_DP_CURVE25519 ); + return MBEDTLS_ECP_DP_CURVE25519; case 256: - if( bits_is_sloppy ) - return( MBEDTLS_ECP_DP_CURVE25519 ); + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_CURVE25519; + } break; #endif #if defined(PSA_WANT_ECC_MONTGOMERY_448) case 448: - return( MBEDTLS_ECP_DP_CURVE448 ); + return MBEDTLS_ECP_DP_CURVE448; #endif } break; case PSA_ECC_FAMILY_SECP_K1: - switch( bits ) - { + switch (bits) { #if defined(PSA_WANT_ECC_SECP_K1_192) case 192: - return( MBEDTLS_ECP_DP_SECP192K1 ); + return MBEDTLS_ECP_DP_SECP192K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_224) case 224: - return( MBEDTLS_ECP_DP_SECP224K1 ); + return MBEDTLS_ECP_DP_SECP224K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_256) case 256: - return( MBEDTLS_ECP_DP_SECP256K1 ); + return MBEDTLS_ECP_DP_SECP256K1; #endif } break; } (void) bits_is_sloppy; - return( MBEDTLS_ECP_DP_NONE ); + return MBEDTLS_ECP_DP_NONE; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || @@ -490,59 +468,65 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve, defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ -static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, - size_t bits ) +static psa_status_t validate_unstructured_key_bit_size(psa_key_type_t type, + size_t bits) { /* Check that the bit size is acceptable for the key type */ - switch( type ) - { + switch (type) { case PSA_KEY_TYPE_RAW_DATA: case PSA_KEY_TYPE_HMAC: case PSA_KEY_TYPE_DERIVE: break; #if defined(PSA_WANT_KEY_TYPE_AES) case PSA_KEY_TYPE_AES: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_ARIA) case PSA_KEY_TYPE_ARIA: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) case PSA_KEY_TYPE_CAMELLIA: - if( bits != 128 && bits != 192 && bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 128 && bits != 192 && bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_DES) case PSA_KEY_TYPE_DES: - if( bits != 64 && bits != 128 && bits != 192 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 64 && bits != 128 && bits != 192) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_ARC4) case PSA_KEY_TYPE_ARC4: - if( bits < 8 || bits > 2048 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits < 8 || bits > 2048) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif #if defined(PSA_WANT_KEY_TYPE_CHACHA20) case PSA_KEY_TYPE_CHACHA20: - if( bits != 256 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (bits != 256) { + return PSA_ERROR_INVALID_ARGUMENT; + } break; #endif default: - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; + } + if (bits % 8 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; } - if( bits % 8 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Check whether a given key type is valid for use with a given MAC algorithm @@ -561,124 +545,125 @@ static psa_status_t validate_unstructured_key_bit_size( psa_key_type_t type, */ MBEDTLS_STATIC_TESTABLE psa_status_t psa_mac_key_can_do( psa_algorithm_t algorithm, - psa_key_type_t key_type ) + psa_key_type_t key_type) { - if( PSA_ALG_IS_HMAC( algorithm ) ) - { - if( key_type == PSA_KEY_TYPE_HMAC ) - return( PSA_SUCCESS ); + if (PSA_ALG_IS_HMAC(algorithm)) { + if (key_type == PSA_KEY_TYPE_HMAC) { + return PSA_SUCCESS; + } } - if( PSA_ALG_IS_BLOCK_CIPHER_MAC( algorithm ) ) - { + if (PSA_ALG_IS_BLOCK_CIPHER_MAC(algorithm)) { /* Check that we're calling PSA_BLOCK_CIPHER_BLOCK_LENGTH with a cipher * key. */ - if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ) - { + if ((key_type & PSA_KEY_TYPE_CATEGORY_MASK) == + PSA_KEY_TYPE_CATEGORY_SYMMETRIC) { /* PSA_BLOCK_CIPHER_BLOCK_LENGTH returns 1 for stream ciphers and * the block length (larger than 1) for block ciphers. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) > 1 ) - return( PSA_SUCCESS ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) > 1) { + return PSA_SUCCESS; + } } } - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } -psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ) +psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot, + size_t buffer_length) { - if( slot->key.data != NULL ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (slot->key.data != NULL) { + return PSA_ERROR_ALREADY_EXISTS; + } - slot->key.data = mbedtls_calloc( 1, buffer_length ); - if( slot->key.data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + slot->key.data = mbedtls_calloc(1, buffer_length); + if (slot->key.data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } slot->key.bytes = buffer_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, - const uint8_t* data, - size_t data_length ) +psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length) { - psa_status_t status = psa_allocate_buffer_to_slot( slot, - data_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_allocate_buffer_to_slot(slot, + data_length); + if (status != PSA_SUCCESS) { + return status; + } - memcpy( slot->key.data, data, data_length ); - return( PSA_SUCCESS ); + memcpy(slot->key.data, data, data_length); + return PSA_SUCCESS; } psa_status_t psa_import_key_into_slot( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = attributes->core.type; /* zero-length keys are never supported. */ - if( data_length == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (data_length == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( key_type_is_raw_bytes( type ) ) - { - *bits = PSA_BYTES_TO_BITS( data_length ); + if (key_type_is_raw_bytes(type)) { + *bits = PSA_BYTES_TO_BITS(data_length); /* Ensure that the bytes-to-bits conversion hasn't overflown. */ - if( data_length > SIZE_MAX / 8 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (data_length > SIZE_MAX / 8) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Enforce a size limit, and in particular ensure that the bit * size fits in its representation type. */ - if( ( *bits ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if ((*bits) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } - status = validate_unstructured_key_bit_size( type, *bits ); - if( status != PSA_SUCCESS ) - return( status ); + status = validate_unstructured_key_bit_size(type, *bits); + if (status != PSA_SUCCESS) { + return status; + } /* Copy the key material. */ - memcpy( key_buffer, data, data_length ); + memcpy(key_buffer, data, data_length); *key_buffer_length = data_length; - (void)key_buffer_size; + (void) key_buffer_size; - return( PSA_SUCCESS ); - } - else if( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ) - { + return PSA_SUCCESS; + } else if (PSA_KEY_TYPE_IS_ASYMMETRIC(type)) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { - return( mbedtls_psa_ecp_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, - bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_ECC(type)) { + return mbedtls_psa_ecp_import_key(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, + bits); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { - return( mbedtls_psa_rsa_import_key( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, - bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_RSA(type)) { + return mbedtls_psa_rsa_import_key(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, + bits); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /** Calculate the intersection of two algorithm usage policies. @@ -688,63 +673,61 @@ psa_status_t psa_import_key_into_slot( static psa_algorithm_t psa_key_policy_algorithm_intersection( psa_key_type_t key_type, psa_algorithm_t alg1, - psa_algorithm_t alg2 ) + psa_algorithm_t alg2) { /* Common case: both sides actually specify the same policy. */ - if( alg1 == alg2 ) - return( alg1 ); + if (alg1 == alg2) { + return alg1; + } /* If the policies are from the same hash-and-sign family, check * if one is a wildcard. If so the other has the specific algorithm. */ - if( PSA_ALG_IS_SIGN_HASH( alg1 ) && - PSA_ALG_IS_SIGN_HASH( alg2 ) && - ( alg1 & ~PSA_ALG_HASH_MASK ) == ( alg2 & ~PSA_ALG_HASH_MASK ) ) - { - if( PSA_ALG_SIGN_GET_HASH( alg1 ) == PSA_ALG_ANY_HASH ) - return( alg2 ); - if( PSA_ALG_SIGN_GET_HASH( alg2 ) == PSA_ALG_ANY_HASH ) - return( alg1 ); + if (PSA_ALG_IS_SIGN_HASH(alg1) && + PSA_ALG_IS_SIGN_HASH(alg2) && + (alg1 & ~PSA_ALG_HASH_MASK) == (alg2 & ~PSA_ALG_HASH_MASK)) { + if (PSA_ALG_SIGN_GET_HASH(alg1) == PSA_ALG_ANY_HASH) { + return alg2; + } + if (PSA_ALG_SIGN_GET_HASH(alg2) == PSA_ALG_ANY_HASH) { + return alg1; + } } /* If the policies are from the same AEAD family, check whether * one of them is a minimum-tag-length wildcard. Calculate the most * restrictive tag length. */ - if( PSA_ALG_IS_AEAD( alg1 ) && PSA_ALG_IS_AEAD( alg2 ) && - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg1, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg2, 0 ) ) ) - { - size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg1 ); - size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg2 ); + if (PSA_ALG_IS_AEAD(alg1) && PSA_ALG_IS_AEAD(alg2) && + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg1, 0) == + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg2, 0))) { + size_t alg1_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg1); + size_t alg2_len = PSA_ALG_AEAD_GET_TAG_LENGTH(alg2); size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len; /* If both are wildcards, return most restrictive wildcard */ - if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - alg1, restricted_len ) ); + if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + ((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + alg1, restricted_len); } /* If only one is a wildcard, return specific algorithm if compatible. */ - if( ( ( alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( alg1_len <= alg2_len ) ) - { - return( alg2 ); + if (((alg1 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + (alg1_len <= alg2_len)) { + return alg2; } - if( ( ( alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( alg2_len <= alg1_len ) ) - { - return( alg1 ); + if (((alg2 & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + (alg2_len <= alg1_len)) { + return alg1; } } /* If the policies are from the same MAC family, check whether one * of them is a minimum-MAC-length policy. Calculate the most * restrictive tag length. */ - if( PSA_ALG_IS_MAC( alg1 ) && PSA_ALG_IS_MAC( alg2 ) && - ( PSA_ALG_FULL_LENGTH_MAC( alg1 ) == - PSA_ALG_FULL_LENGTH_MAC( alg2 ) ) ) - { + if (PSA_ALG_IS_MAC(alg1) && PSA_ALG_IS_MAC(alg2) && + (PSA_ALG_FULL_LENGTH_MAC(alg1) == + PSA_ALG_FULL_LENGTH_MAC(alg2))) { /* Validate the combination of key type and algorithm. Since the base * algorithm of alg1 and alg2 are the same, we only need this once. */ - if( PSA_SUCCESS != psa_mac_key_can_do( alg1, key_type ) ) - return( 0 ); + if (PSA_SUCCESS != psa_mac_key_can_do(alg1, key_type)) { + return 0; + } /* Get the (exact or at-least) output lengths for both sides of the * requested intersection. None of the currently supported algorithms @@ -754,79 +737,76 @@ static psa_algorithm_t psa_key_policy_algorithm_intersection( * Note that for at-least-this-length wildcard algorithms, the output * length is set to the shortest allowed length, which allows us to * calculate the most restrictive tag length for the intersection. */ - size_t alg1_len = PSA_MAC_LENGTH( key_type, 0, alg1 ); - size_t alg2_len = PSA_MAC_LENGTH( key_type, 0, alg2 ); + size_t alg1_len = PSA_MAC_LENGTH(key_type, 0, alg1); + size_t alg2_len = PSA_MAC_LENGTH(key_type, 0, alg2); size_t restricted_len = alg1_len > alg2_len ? alg1_len : alg2_len; /* If both are wildcards, return most restrictive wildcard */ - if( ( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) && - ( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg1, restricted_len ) ); + if (((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) && + ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg1, restricted_len); } /* If only one is an at-least-this-length policy, the intersection would * be the other (fixed-length) policy as long as said fixed length is * equal to or larger than the shortest allowed length. */ - if( ( alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( ( alg1_len <= alg2_len ) ? alg2 : 0 ); + if ((alg1 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return (alg1_len <= alg2_len) ? alg2 : 0; } - if( ( alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( ( alg2_len <= alg1_len ) ? alg1 : 0 ); + if ((alg2 & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return (alg2_len <= alg1_len) ? alg1 : 0; } /* If none of them are wildcards, check whether they define the same tag * length. This is still possible here when one is default-length and * the other specific-length. Ensure to always return the * specific-length version for the intersection. */ - if( alg1_len == alg2_len ) - return( PSA_ALG_TRUNCATED_MAC( alg1, alg1_len ) ); + if (alg1_len == alg2_len) { + return PSA_ALG_TRUNCATED_MAC(alg1, alg1_len); + } } /* If the policies are incompatible, allow nothing. */ - return( 0 ); + return 0; } -static int psa_key_algorithm_permits( psa_key_type_t key_type, - psa_algorithm_t policy_alg, - psa_algorithm_t requested_alg ) +static int psa_key_algorithm_permits(psa_key_type_t key_type, + psa_algorithm_t policy_alg, + psa_algorithm_t requested_alg) { /* Common case: the policy only allows requested_alg. */ - if( requested_alg == policy_alg ) - return( 1 ); + if (requested_alg == policy_alg) { + return 1; + } /* If policy_alg is a hash-and-sign with a wildcard for the hash, * and requested_alg is the same hash-and-sign family with any hash, * then requested_alg is compliant with policy_alg. */ - if( PSA_ALG_IS_SIGN_HASH( requested_alg ) && - PSA_ALG_SIGN_GET_HASH( policy_alg ) == PSA_ALG_ANY_HASH ) - { - return( ( policy_alg & ~PSA_ALG_HASH_MASK ) == - ( requested_alg & ~PSA_ALG_HASH_MASK ) ); + if (PSA_ALG_IS_SIGN_HASH(requested_alg) && + PSA_ALG_SIGN_GET_HASH(policy_alg) == PSA_ALG_ANY_HASH) { + return (policy_alg & ~PSA_ALG_HASH_MASK) == + (requested_alg & ~PSA_ALG_HASH_MASK); } /* If policy_alg is a wildcard AEAD algorithm of the same base as * the requested algorithm, check the requested tag length to be * equal-length or longer than the wildcard-specified length. */ - if( PSA_ALG_IS_AEAD( policy_alg ) && - PSA_ALG_IS_AEAD( requested_alg ) && - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( requested_alg, 0 ) ) && - ( ( policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) ) - { - return( PSA_ALG_AEAD_GET_TAG_LENGTH( policy_alg ) <= - PSA_ALG_AEAD_GET_TAG_LENGTH( requested_alg ) ); + if (PSA_ALG_IS_AEAD(policy_alg) && + PSA_ALG_IS_AEAD(requested_alg) && + (PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, 0) == + PSA_ALG_AEAD_WITH_SHORTENED_TAG(requested_alg, 0)) && + ((policy_alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) != 0)) { + return PSA_ALG_AEAD_GET_TAG_LENGTH(policy_alg) <= + PSA_ALG_AEAD_GET_TAG_LENGTH(requested_alg); } /* If policy_alg is a MAC algorithm of the same base as the requested * algorithm, check whether their MAC lengths are compatible. */ - if( PSA_ALG_IS_MAC( policy_alg ) && - PSA_ALG_IS_MAC( requested_alg ) && - ( PSA_ALG_FULL_LENGTH_MAC( policy_alg ) == - PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ) ) - { + if (PSA_ALG_IS_MAC(policy_alg) && + PSA_ALG_IS_MAC(requested_alg) && + (PSA_ALG_FULL_LENGTH_MAC(policy_alg) == + PSA_ALG_FULL_LENGTH_MAC(requested_alg))) { /* Validate the combination of key type and algorithm. Since the policy * and requested algorithms are the same, we only need this once. */ - if( PSA_SUCCESS != psa_mac_key_can_do( policy_alg, key_type ) ) - return( 0 ); + if (PSA_SUCCESS != psa_mac_key_can_do(policy_alg, key_type)) { + return 0; + } /* Get both the requested output length for the algorithm which is to be * verified, and the default output length for the base algorithm. @@ -834,44 +814,42 @@ static int psa_key_algorithm_permits( psa_key_type_t key_type, * length dependent on actual key size, so setting it to a bogus value * of 0 is currently OK. */ size_t requested_output_length = PSA_MAC_LENGTH( - key_type, 0, requested_alg ); + key_type, 0, requested_alg); size_t default_output_length = PSA_MAC_LENGTH( - key_type, 0, - PSA_ALG_FULL_LENGTH_MAC( requested_alg ) ); + key_type, 0, + PSA_ALG_FULL_LENGTH_MAC(requested_alg)); /* If the policy is default-length, only allow an algorithm with * a declared exact-length matching the default. */ - if( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == 0 ) - return( requested_output_length == default_output_length ); + if (PSA_MAC_TRUNCATED_LENGTH(policy_alg) == 0) { + return requested_output_length == default_output_length; + } /* If the requested algorithm is default-length, allow it if the policy * length exactly matches the default length. */ - if( PSA_MAC_TRUNCATED_LENGTH( requested_alg ) == 0 && - PSA_MAC_TRUNCATED_LENGTH( policy_alg ) == default_output_length ) - { - return( 1 ); + if (PSA_MAC_TRUNCATED_LENGTH(requested_alg) == 0 && + PSA_MAC_TRUNCATED_LENGTH(policy_alg) == default_output_length) { + return 1; } /* If policy_alg is an at-least-this-length wildcard MAC algorithm, * check for the requested MAC length to be equal to or longer than the * minimum allowed length. */ - if( ( policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) != 0 ) - { - return( PSA_MAC_TRUNCATED_LENGTH( policy_alg ) <= - requested_output_length ); + if ((policy_alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) != 0) { + return PSA_MAC_TRUNCATED_LENGTH(policy_alg) <= + requested_output_length; } } /* If policy_alg is a generic key agreement operation, then using it for * a key derivation with that key agreement should also be allowed. This * behaviour is expected to be defined in a future specification version. */ - if( PSA_ALG_IS_RAW_KEY_AGREEMENT( policy_alg ) && - PSA_ALG_IS_KEY_AGREEMENT( requested_alg ) ) - { - return( PSA_ALG_KEY_AGREEMENT_GET_BASE( requested_alg ) == - policy_alg ); + if (PSA_ALG_IS_RAW_KEY_AGREEMENT(policy_alg) && + PSA_ALG_IS_KEY_AGREEMENT(requested_alg)) { + return PSA_ALG_KEY_AGREEMENT_GET_BASE(requested_alg) == + policy_alg; } /* If it isn't explicitly permitted, it's forbidden. */ - return( 0 ); + return 0; } /** Test whether a policy permits an algorithm. @@ -889,23 +867,26 @@ static int psa_key_algorithm_permits( psa_key_type_t key_type, * \retval PSA_ERROR_NOT_PERMITTED When \p alg is a specific algorithm, but * the \p policy does not allow it. */ -static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy, - psa_key_type_t key_type, - psa_algorithm_t alg ) +static psa_status_t psa_key_policy_permits(const psa_key_policy_t *policy, + psa_key_type_t key_type, + psa_algorithm_t alg) { /* '0' is not a valid algorithm */ - if( alg == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (alg == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* A requested algorithm cannot be a wildcard. */ - if( PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if( psa_key_algorithm_permits( key_type, policy->alg, alg ) || - psa_key_algorithm_permits( key_type, policy->alg2, alg ) ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_NOT_PERMITTED ); + if (PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (psa_key_algorithm_permits(key_type, policy->alg, alg) || + psa_key_algorithm_permits(key_type, policy->alg2, alg)) { + return PSA_SUCCESS; + } else { + return PSA_ERROR_NOT_PERMITTED; + } } /** Restrict a key policy based on a constraint. @@ -929,22 +910,24 @@ static psa_status_t psa_key_policy_permits( const psa_key_policy_t *policy, static psa_status_t psa_restrict_key_policy( psa_key_type_t key_type, psa_key_policy_t *policy, - const psa_key_policy_t *constraint ) + const psa_key_policy_t *constraint) { psa_algorithm_t intersection_alg = - psa_key_policy_algorithm_intersection( key_type, policy->alg, - constraint->alg ); + psa_key_policy_algorithm_intersection(key_type, policy->alg, + constraint->alg); psa_algorithm_t intersection_alg2 = - psa_key_policy_algorithm_intersection( key_type, policy->alg2, - constraint->alg2 ); - if( intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + psa_key_policy_algorithm_intersection(key_type, policy->alg2, + constraint->alg2); + if (intersection_alg == 0 && policy->alg != 0 && constraint->alg != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (intersection_alg2 == 0 && policy->alg2 != 0 && constraint->alg2 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } policy->usage &= constraint->usage; policy->alg = intersection_alg; policy->alg2 = intersection_alg2; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Get the description of a key given its identifier and policy constraints @@ -964,46 +947,47 @@ static psa_status_t psa_get_and_lock_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot( key, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot(key, p_slot); + if (status != PSA_SUCCESS) { + return status; + } slot = *p_slot; /* Enforce that usage policy for the key slot contains all the flags * required by the usage parameter. There is one exception: public * keys can always be exported, so we treat public key objects as * if they had the export flag. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) ) + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { usage &= ~PSA_KEY_USAGE_EXPORT; + } - if( ( slot->attr.policy.usage & usage ) != usage ) - { + if ((slot->attr.policy.usage & usage) != usage) { status = PSA_ERROR_NOT_PERMITTED; goto error; } - /* Enforce that the usage policy permits the requested algortihm. */ - if( alg != 0 ) - { - status = psa_key_policy_permits( &slot->attr.policy, - slot->attr.type, - alg ); - if( status != PSA_SUCCESS ) + /* Enforce that the usage policy permits the requested algorithm. */ + if (alg != 0) { + status = psa_key_policy_permits(&slot->attr.policy, + slot->attr.type, + alg); + if (status != PSA_SUCCESS) { goto error; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; error: *p_slot = NULL; - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } /** Get a key slot containing a transparent key and lock it. @@ -1023,42 +1007,43 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - psa_status_t status = psa_get_and_lock_key_slot_with_policy( key, p_slot, - usage, alg ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_get_and_lock_key_slot_with_policy(key, p_slot, + usage, alg); + if (status != PSA_SUCCESS) { + return status; + } - if( psa_key_lifetime_is_external( (*p_slot)->attr.lifetime ) ) - { - psa_unlock_key_slot( *p_slot ); + if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) { + psa_unlock_key_slot(*p_slot); *p_slot = NULL; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) +psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot) { /* Data pointer will always be either a valid pointer or NULL in an * initialized slot, so we can just free it. */ - if( slot->key.data != NULL ) - mbedtls_platform_zeroize( slot->key.data, slot->key.bytes); + if (slot->key.data != NULL) { + mbedtls_platform_zeroize(slot->key.data, slot->key.bytes); + } - mbedtls_free( slot->key.data ); + mbedtls_free(slot->key.data); slot->key.data = NULL; slot->key.bytes = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Completely wipe a slot in memory, including its policy. * Persistent storage is not affected. */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) +psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) { - psa_status_t status = psa_remove_key_data_from_memory( slot ); + psa_status_t status = psa_remove_key_data_from_memory(slot); /* * As the return error code may not be handled in case of multiple errors, @@ -1067,10 +1052,9 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) * part of the execution of a test suite this will stop the test suite * execution). */ - if( slot->lock_count != 1 ) - { + if (slot->lock_count != 1) { #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count == 1 ); + MBEDTLS_PARAM_FAILED(slot->lock_count == 1); #endif status = PSA_ERROR_CORRUPTION_DETECTED; } @@ -1083,11 +1067,11 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ) /* At this point, key material and other type-specific content has * been wiped. Clear remaining metadata. We can call memset and not * zeroize because the metadata is not particularly sensitive. */ - memset( slot, 0, sizeof( *slot ) ); - return( status ); + memset(slot, 0, sizeof(*slot)); + return status; } -psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) +psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) { psa_key_slot_t *slot; psa_status_t status; /* status of the last operation */ @@ -1096,8 +1080,9 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) psa_se_drv_table_entry_t *driver; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( mbedtls_svc_key_id_is_null( key ) ) - return( PSA_SUCCESS ); + if (mbedtls_svc_key_id_is_null(key)) { + return PSA_SUCCESS; + } /* * Get the description of the key in a key slot. In case of a persistent @@ -1106,9 +1091,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * the key is operated by an SE or not and this information is needed by * the current implementation. */ - status = psa_get_and_lock_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot(key, &slot); + if (status != PSA_SUCCESS) { + return status; + } /* * If the key slot containing the key description is under access by the @@ -1117,14 +1103,12 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) * implemented), the key should be destroyed when all accesses have * stopped. */ - if( slot->lock_count > 1 ) - { - psa_unlock_key_slot( slot ); - return( PSA_ERROR_GENERIC_ERROR ); + if (slot->lock_count > 1) { + psa_unlock_key_slot(slot); + return PSA_ERROR_GENERIC_ERROR; } - if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) { /* Refuse the destruction of a read-only key (which may or may not work * if we attempt it, depending on whether the key is merely read-only * by policy or actually physically read-only). @@ -1135,22 +1119,20 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - driver = psa_get_se_driver_entry( slot->attr.lifetime ); - if( driver != NULL ) - { + driver = psa_get_se_driver_entry(slot->attr.lifetime); + if (driver != NULL) { /* For a key in a secure element, we need to do three things: * remove the key file in internal storage, destroy the * key inside the secure element, and update the driver's * persistent data. Start a transaction that will encompass these * three actions. */ - psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_DESTROY_KEY ); + psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_DESTROY_KEY); psa_crypto_transaction.key.lifetime = slot->attr.lifetime; - psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number( slot ); + psa_crypto_transaction.key.slot = psa_key_slot_get_slot_number(slot); psa_crypto_transaction.key.id = slot->attr.id; - status = psa_crypto_save_transaction( ); - if( status != PSA_SUCCESS ) - { - (void) psa_crypto_stop_transaction( ); + status = psa_crypto_save_transaction(); + if (status != PSA_SUCCESS) { + (void) psa_crypto_stop_transaction(); /* We should still try to destroy the key in the secure * element and the key metadata in storage. This is especially * important if the error is that the storage is full. @@ -1162,19 +1144,20 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) goto exit; } - status = psa_destroy_se_key( driver, - psa_key_slot_get_slot_number( slot ) ); - if( overall_status == PSA_SUCCESS ) + status = psa_destroy_se_key(driver, + psa_key_slot_get_slot_number(slot)); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { - status = psa_destroy_persistent_key( slot->attr.id ); - if( overall_status == PSA_SUCCESS ) + if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { + status = psa_destroy_persistent_key(slot->attr.id); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } /* TODO: other slots may have a copy of the same key. We should * invalidate them. @@ -1184,96 +1167,100 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key ) #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { - status = psa_save_se_persistent_data( driver ); - if( overall_status == PSA_SUCCESS ) + if (driver != NULL) { + status = psa_save_se_persistent_data(driver); + if (overall_status == PSA_SUCCESS) { overall_status = status; - status = psa_crypto_stop_transaction( ); - if( overall_status == PSA_SUCCESS ) + } + status = psa_crypto_stop_transaction(); + if (overall_status == PSA_SUCCESS) { overall_status = status; + } } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ exit: - status = psa_wipe_key_slot( slot ); + status = psa_wipe_key_slot(slot); /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { overall_status = status; - return( overall_status ); + } + return overall_status; } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) static psa_status_t psa_get_rsa_public_exponent( const mbedtls_rsa_context *rsa, - psa_key_attributes_t *attributes ) + psa_key_attributes_t *attributes) { mbedtls_mpi mpi; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint8_t *buffer = NULL; size_t buflen; - mbedtls_mpi_init( &mpi ); + mbedtls_mpi_init(&mpi); - ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &mpi ); - if( ret != 0 ) + ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &mpi); + if (ret != 0) { goto exit; - if( mbedtls_mpi_cmp_int( &mpi, 65537 ) == 0 ) - { + } + if (mbedtls_mpi_cmp_int(&mpi, 65537) == 0) { /* It's the default value, which is reported as an empty string, * so there's nothing to do. */ goto exit; } - buflen = mbedtls_mpi_size( &mpi ); - buffer = mbedtls_calloc( 1, buflen ); - if( buffer == NULL ) - { + buflen = mbedtls_mpi_size(&mpi); + buffer = mbedtls_calloc(1, buflen); + if (buffer == NULL) { ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; goto exit; } - ret = mbedtls_mpi_write_binary( &mpi, buffer, buflen ); - if( ret != 0 ) + ret = mbedtls_mpi_write_binary(&mpi, buffer, buflen); + if (ret != 0) { goto exit; + } attributes->domain_parameters = buffer; attributes->domain_parameters_size = buflen; exit: - mbedtls_mpi_free( &mpi ); - if( ret != 0 ) - mbedtls_free( buffer ); - return( mbedtls_to_psa_error( ret ) ); + mbedtls_mpi_free(&mpi); + if (ret != 0) { + mbedtls_free(buffer); + } + return mbedtls_to_psa_error(ret); } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ /** Retrieve all the publicly-accessible attributes of a key. */ -psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, - psa_key_attributes_t *attributes ) +psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, + psa_key_attributes_t *attributes) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - psa_reset_key_attributes( attributes ); + psa_reset_key_attributes(attributes); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0); + if (status != PSA_SUCCESS) { + return status; + } attributes->core = slot->attr; - attributes->core.flags &= ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | - MBEDTLS_PSA_KA_MASK_DUAL_USE ); + attributes->core.flags &= (MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( psa_get_se_driver_entry( slot->attr.lifetime ) != NULL ) - psa_set_key_slot_number( attributes, - psa_key_slot_get_slot_number( slot ) ); + if (psa_get_se_driver_entry(slot->attr.lifetime) != NULL) { + psa_set_key_slot_number(attributes, + psa_key_slot_get_slot_number(slot)); + } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( slot->attr.type ) - { + switch (slot->attr.type) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) case PSA_KEY_TYPE_RSA_KEY_PAIR: @@ -1282,22 +1269,22 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, * is not yet implemented. * https://github.com/ARMmbed/mbed-crypto/issues/216 */ - if( ! psa_key_lifetime_is_external( slot->attr.lifetime ) ) - { + if (!psa_key_lifetime_is_external(slot->attr.lifetime)) { mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( - slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { break; + } - status = psa_get_rsa_public_exponent( rsa, - attributes ); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + status = psa_get_rsa_public_exponent(rsa, + attributes); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); } break; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || @@ -1307,72 +1294,70 @@ psa_status_t psa_get_key_attributes( mbedtls_svc_key_id_t key, break; } - if( status != PSA_SUCCESS ) - psa_reset_key_attributes( attributes ); + if (status != PSA_SUCCESS) { + psa_reset_key_attributes(attributes); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_status_t psa_get_key_slot_number( const psa_key_attributes_t *attributes, - psa_key_slot_number_t *slot_number ) + psa_key_slot_number_t *slot_number) { - if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER ) - { + if (attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER) { *slot_number = attributes->slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - return( PSA_ERROR_INVALID_ARGUMENT ); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -static psa_status_t psa_export_key_buffer_internal( const uint8_t *key_buffer, - size_t key_buffer_size, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t psa_export_key_buffer_internal(const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length) { - if( key_buffer_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, key_buffer, key_buffer_size ); - memset( data + key_buffer_size, 0, - data_size - key_buffer_size ); + if (key_buffer_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, key_buffer, key_buffer_size); + memset(data + key_buffer_size, 0, + data_size - key_buffer_size); *data_length = key_buffer_size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_export_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_key_type_t type = attributes->core.type; - if( key_type_is_raw_bytes( type ) || - PSA_KEY_TYPE_IS_RSA( type ) || - PSA_KEY_TYPE_IS_ECC( type ) ) - { - return( psa_export_key_buffer_internal( - key_buffer, key_buffer_size, - data, data_size, data_length ) ); - } - else - { + if (key_type_is_raw_bytes(type) || + PSA_KEY_TYPE_IS_RSA(type) || + PSA_KEY_TYPE_IS_ECC(type)) { + return psa_export_key_buffer_internal( + key_buffer, key_buffer_size, + data, data_size, data_length); + } else { /* This shouldn't happen in the reference implementation, but it is valid for a special-purpose implementation to omit support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_export_key( mbedtls_svc_key_id_t key, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t psa_export_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -1381,8 +1366,9 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, /* Reject a zero-length output buffer now, since this can never be a * valid key representation. This way we know that data must be a valid * pointer and we can do things like memset(data, ..., data_size). */ - if( data_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (data_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1394,21 +1380,22 @@ psa_status_t psa_export_key( mbedtls_svc_key_id_t key, * which don't require any flag, but * psa_get_and_lock_key_slot_with_policy() takes care of this. */ - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_EXPORT, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_EXPORT, 0); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { .core = slot->attr }; - status = psa_driver_wrapper_export_key( &attributes, - slot->key.data, slot->key.bytes, - data, data_size, data_length ); + status = psa_driver_wrapper_export_key(&attributes, + slot->key.data, slot->key.bytes, + data, data_size, data_length); - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } psa_status_t psa_export_public_key_internal( @@ -1417,76 +1404,71 @@ psa_status_t psa_export_public_key_internal( size_t key_buffer_size, uint8_t *data, size_t data_size, - size_t *data_length ) + size_t *data_length) { psa_key_type_t type = attributes->core.type; - if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) ) - { - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type)) { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Exporting public -> public */ - return( psa_export_key_buffer_internal( - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + return psa_export_key_buffer_internal( + key_buffer, key_buffer_size, + data, data_size, data_length); } - if( PSA_KEY_TYPE_IS_RSA( type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(type)) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else /* We don't know how to convert a private RSA key to public. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ - } - else - { + } else { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else /* We don't know how to convert a private ECC key to public */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ } - } - else - { + } else { /* This shouldn't happen in the reference implementation, but it is valid for a special-purpose implementation to omit support for exporting certain key types. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot; /* Reject a zero-length output buffer now, since this can never be a * valid key representation. This way we know that data must be a valid * pointer and we can do things like memset(data, ..., data_size). */ - if( data_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (data_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } /* Set the key to empty now, so that even when there are errors, we always * set data_length to a value between 0 and data_size. On error, setting @@ -1495,37 +1477,35 @@ psa_status_t psa_export_public_key( mbedtls_svc_key_id_t key, *data_length = 0; /* Exporting a public key doesn't require a usage flag. */ - status = psa_get_and_lock_key_slot_with_policy( key, &slot, 0, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_with_policy(key, &slot, 0, 0); + if (status != PSA_SUCCESS) { + return status; + } - if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; + if (!PSA_KEY_TYPE_IS_ASYMMETRIC(slot->attr.type)) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; status = psa_driver_wrapper_export_public_key( &attributes, slot->key.data, slot->key.bytes, - data, data_size, data_length ); + data, data_size, data_length); exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -#if defined(static_assert) -static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, - "One or more key attribute flag is listed as both external-only and dual-use" ); -static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0, - "One or more key attribute flag is listed as both internal-only and dual-use" ); -static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0, - "One or more key attribute flag is listed as both internal-only and external-only" ); -#endif +MBEDTLS_STATIC_ASSERT((MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both external-only and dual-use") +MBEDTLS_STATIC_ASSERT((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both internal-only and dual-use") +MBEDTLS_STATIC_ASSERT((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY) == 0, + "One or more key attribute flag is listed as both internal-only and external-only") /** Validate that a key policy is internally well-formed. * @@ -1533,20 +1513,21 @@ static_assert( ( PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) * consistency of the policy with respect to other attributes of the key * such as the key type. */ -static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) +static psa_status_t psa_validate_key_policy(const psa_key_policy_t *policy) { - if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_COPY | - PSA_KEY_USAGE_ENCRYPT | - PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_VERIFY_MESSAGE | - PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_DERIVE ) ) != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - return( PSA_SUCCESS ); + if ((policy->usage & ~(PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_COPY | + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE | + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_DERIVE)) != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + return PSA_SUCCESS; } /** Validate the internal consistency of key attributes. @@ -1564,48 +1545,52 @@ static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) */ static psa_status_t psa_validate_key_attributes( const psa_key_attributes_t *attributes, - psa_se_drv_table_entry_t **p_drv ) + psa_se_drv_table_entry_t **p_drv) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes ); - mbedtls_svc_key_id_t key = psa_get_key_id( attributes ); + psa_key_lifetime_t lifetime = psa_get_key_lifetime(attributes); + mbedtls_svc_key_id_t key = psa_get_key_id(attributes); - status = psa_validate_key_location( lifetime, p_drv ); - if( status != PSA_SUCCESS ) - return( status ); - - status = psa_validate_key_persistence( lifetime ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_location(lifetime, p_drv); + if (status != PSA_SUCCESS) { + return status; + } - if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_validate_key_persistence(lifetime); + if (status != PSA_SUCCESS) { + return status; } - else - { - if( !psa_is_valid_key_id( psa_get_key_id( attributes ), 0 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key) != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else { + if (!psa_is_valid_key_id(psa_get_key_id(attributes), 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - status = psa_validate_key_policy( &attributes->core.policy ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_policy(&attributes->core.policy); + if (status != PSA_SUCCESS) { + return status; + } /* Refuse to create overly large keys. * Note that this doesn't trigger on import if the attributes don't * explicitly specify a size (so psa_get_key_bits returns 0), so * psa_import_key() needs its own checks. */ - if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_key_bits(attributes) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Reject invalid flags. These should not be reachable through the API. */ - if( attributes->core.flags & ~ ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | - MBEDTLS_PSA_KA_MASK_DUAL_USE ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.flags & ~(MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY | + MBEDTLS_PSA_KA_MASK_DUAL_USE)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Prepare a key slot to receive key material. @@ -1641,7 +1626,7 @@ static psa_status_t psa_start_key_creation( psa_key_creation_method_t method, const psa_key_attributes_t *attributes, psa_key_slot_t **p_slot, - psa_se_drv_table_entry_t **p_drv ) + psa_se_drv_table_entry_t **p_drv) { psa_status_t status; psa_key_id_t volatile_key_id; @@ -1650,13 +1635,15 @@ static psa_status_t psa_start_key_creation( (void) method; *p_drv = NULL; - status = psa_validate_key_attributes( attributes, p_drv ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_validate_key_attributes(attributes, p_drv); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + if (status != PSA_SUCCESS) { + return status; + } slot = *p_slot; /* We're storing the declared bit-size of the key. It's up to each @@ -1668,8 +1655,7 @@ static psa_status_t psa_start_key_creation( * definition. */ slot->attr = attributes->core; - if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) slot->attr.id = volatile_key_id; #else @@ -1702,40 +1688,37 @@ static psa_status_t psa_start_key_creation( * secure element driver updates its persistent state, but we do not yet * save the driver's persistent state, so that if the power fails, * we can roll back to a state where the key doesn't exist. */ - if( *p_drv != NULL ) - { + if (*p_drv != NULL) { psa_key_slot_number_t slot_number; - status = psa_find_se_slot_for_key( attributes, method, *p_drv, - &slot_number ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_find_se_slot_for_key(attributes, method, *p_drv, + &slot_number); + if (status != PSA_SUCCESS) { + return status; + } - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) ) - { - psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->core.lifetime)) { + psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_CREATE_KEY); psa_crypto_transaction.key.lifetime = slot->attr.lifetime; psa_crypto_transaction.key.slot = slot_number; psa_crypto_transaction.key.id = slot->attr.id; - status = psa_crypto_save_transaction( ); - if( status != PSA_SUCCESS ) - { - (void) psa_crypto_stop_transaction( ); - return( status ); + status = psa_crypto_save_transaction(); + if (status != PSA_SUCCESS) { + (void) psa_crypto_stop_transaction(); + return status; } } status = psa_copy_key_material_into_slot( - slot, (uint8_t *)( &slot_number ), sizeof( slot_number ) ); + slot, (uint8_t *) (&slot_number), sizeof(slot_number)); } - if( *p_drv == NULL && method == PSA_KEY_CREATION_REGISTER ) - { + if (*p_drv == NULL && method == PSA_KEY_CREATION_REGISTER) { /* Key registration only makes sense with a secure element. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Finalize the creation of a key once its key material has been set. @@ -1758,12 +1741,12 @@ static psa_status_t psa_start_key_creation( * * \retval #PSA_SUCCESS * The key was successfully created. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. @@ -1778,33 +1761,29 @@ static psa_status_t psa_finish_key_creation( (void) driver; #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) - { + if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { psa_se_key_data_storage_t data; psa_key_slot_number_t slot_number = - psa_key_slot_get_slot_number( slot ) ; + psa_key_slot_get_slot_number(slot); -#if defined(static_assert) - static_assert( sizeof( slot_number ) == - sizeof( data.slot_number ), - "Slot number size does not match psa_se_key_data_storage_t" ); -#endif - memcpy( &data.slot_number, &slot_number, sizeof( slot_number ) ); - status = psa_save_persistent_key( &slot->attr, - (uint8_t*) &data, - sizeof( data ) ); - } - else + MBEDTLS_STATIC_ASSERT(sizeof(slot_number) == + sizeof(data.slot_number), + "Slot number size does not match psa_se_key_data_storage_t"); + + memcpy(&data.slot_number, &slot_number, sizeof(slot_number)); + status = psa_save_persistent_key(&slot->attr, + (uint8_t *) &data, + sizeof(data)); + } else #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ { /* Key material is saved in export representation in the slot, so * just pass the slot buffer for storage. */ - status = psa_save_persistent_key( &slot->attr, - slot->key.data, - slot->key.bytes ); + status = psa_save_persistent_key(&slot->attr, + slot->key.data, + slot->key.bytes); } } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ @@ -1815,28 +1794,26 @@ static psa_status_t psa_finish_key_creation( * by checking whether a transaction is in progress (actual * creation of a persistent key in a secure element requires a transaction, * but registration or volatile key creation doesn't use one). */ - if( driver != NULL && - psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY ) - { - status = psa_save_se_persistent_data( driver ); - if( status != PSA_SUCCESS ) - { - psa_destroy_persistent_key( slot->attr.id ); - return( status ); + if (driver != NULL && + psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY) { + status = psa_save_se_persistent_data(driver); + if (status != PSA_SUCCESS) { + psa_destroy_persistent_key(slot->attr.id); + return status; } - status = psa_crypto_stop_transaction( ); + status = psa_crypto_stop_transaction(); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( status == PSA_SUCCESS ) - { + if (status == PSA_SUCCESS) { *key = slot->attr.id; - status = psa_unlock_key_slot( slot ); - if( status != PSA_SUCCESS ) + status = psa_unlock_key_slot(slot); + if (status != PSA_SUCCESS) { *key = MBEDTLS_SVC_KEY_ID_INIT; + } } - return( status ); + return status; } /** Abort the creation of a key. @@ -1851,13 +1828,14 @@ static psa_status_t psa_finish_key_creation( * \param[in] driver The secure element driver for the key, * or NULL for a transparent key. */ -static void psa_fail_key_creation( psa_key_slot_t *slot, - psa_se_drv_table_entry_t *driver ) +static void psa_fail_key_creation(psa_key_slot_t *slot, + psa_se_drv_table_entry_t *driver) { (void) driver; - if( slot == NULL ) + if (slot == NULL) { return; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* TODO: If the key has already been created in the secure @@ -1873,10 +1851,10 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, * Earlier functions must already have done what it takes to undo any * partial creation. All that's left is to update the transaction data * itself. */ - (void) psa_crypto_stop_transaction( ); + (void) psa_crypto_stop_transaction(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - psa_wipe_key_slot( slot ); + psa_wipe_key_slot(slot); } /** Validate optional attributes during key creation. @@ -1890,74 +1868,76 @@ static void psa_fail_key_creation( psa_key_slot_t *slot, */ static psa_status_t psa_validate_optional_attributes( const psa_key_slot_t *slot, - const psa_key_attributes_t *attributes ) + const psa_key_attributes_t *attributes) { - if( attributes->core.type != 0 ) - { - if( attributes->core.type != slot->attr.type ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.type != 0) { + if (attributes->core.type != slot->attr.type) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - if( attributes->domain_parameters_size != 0 ) - { + if (attributes->domain_parameters_size != 0) { #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - { + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) { mbedtls_rsa_context *rsa = NULL; mbedtls_mpi actual, required; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = mbedtls_psa_rsa_load_representation( - slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) - return( status ); - - mbedtls_mpi_init( &actual ); - mbedtls_mpi_init( &required ); - ret = mbedtls_rsa_export( rsa, - NULL, NULL, NULL, NULL, &actual ); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); - if( ret != 0 ) + slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { + return status; + } + + mbedtls_mpi_init(&actual); + mbedtls_mpi_init(&required); + ret = mbedtls_rsa_export(rsa, + NULL, NULL, NULL, NULL, &actual); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); + if (ret != 0) { goto rsa_exit; - ret = mbedtls_mpi_read_binary( &required, - attributes->domain_parameters, - attributes->domain_parameters_size ); - if( ret != 0 ) + } + ret = mbedtls_mpi_read_binary(&required, + attributes->domain_parameters, + attributes->domain_parameters_size); + if (ret != 0) { goto rsa_exit; - if( mbedtls_mpi_cmp_mpi( &actual, &required ) != 0 ) + } + if (mbedtls_mpi_cmp_mpi(&actual, &required) != 0) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - rsa_exit: - mbedtls_mpi_free( &actual ); - mbedtls_mpi_free( &required ); - if( ret != 0) - return( mbedtls_to_psa_error( ret ) ); - } - else + } +rsa_exit: + mbedtls_mpi_free(&actual); + mbedtls_mpi_free(&required); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ { - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } - if( attributes->core.bits != 0 ) - { - if( attributes->core.bits != slot->attr.bits ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (attributes->core.bits != 0) { + if (attributes->core.bits != slot->attr.bits) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_import_key( const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -1969,57 +1949,61 @@ psa_status_t psa_import_key( const psa_key_attributes_t *attributes, /* Reject zero-length symmetric keys (including raw data key objects). * This also rejects any key which might be encoded as an empty string, * which is never valid. */ - if( data_length == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data_length == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_IMPORT, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } /* In the case of a transparent key or an opaque key stored in local * storage (thus not in the case of generating a key in a secure element * or cryptoprocessor with storage), we have to allocate a buffer to * hold the generated key material. */ - if( slot->key.data == NULL ) - { - status = psa_allocate_buffer_to_slot( slot, data_length ); - if( status != PSA_SUCCESS ) + if (slot->key.data == NULL) { + status = psa_allocate_buffer_to_slot(slot, data_length); + if (status != PSA_SUCCESS) { goto exit; + } } bits = slot->attr.bits; - status = psa_driver_wrapper_import_key( attributes, - data, data_length, - slot->key.data, - slot->key.bytes, - &slot->key.bytes, &bits ); - if( status != PSA_SUCCESS ) + status = psa_driver_wrapper_import_key(attributes, + data, data_length, + slot->key.data, + slot->key.bytes, + &slot->key.bytes, &bits); + if (status != PSA_SUCCESS) { goto exit; + } - if( slot->attr.bits == 0 ) + if (slot->attr.bits == 0) { slot->attr.bits = (psa_key_bits_t) bits; - else if( bits != slot->attr.bits ) - { + } else if (bits != slot->attr.bits) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_validate_optional_attributes( slot, attributes ); - if( status != PSA_SUCCESS ) + status = psa_validate_optional_attributes(slot, attributes); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( slot, driver, key ); + status = psa_finish_key_creation(slot, driver, key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } - return( status ); + return status; } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_status_t mbedtls_psa_register_se_key( - const psa_key_attributes_t *attributes ) + const psa_key_attributes_t *attributes) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -2030,46 +2014,51 @@ psa_status_t mbedtls_psa_register_se_key( * It could make sense to query the key type and size from the * secure element, but not all secure elements support this * and the driver HAL doesn't currently support it. */ - if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_NONE ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - - status = psa_start_key_creation( PSA_KEY_CREATION_REGISTER, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + if (psa_get_key_type(attributes) == PSA_KEY_TYPE_NONE) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + + status = psa_start_key_creation(PSA_KEY_CREATION_REGISTER, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( slot, driver, &key ); + status = psa_finish_key_creation(slot, driver, &key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } /* Registration doesn't keep the key in RAM. */ - psa_close_key( key ); - return( status ); + psa_close_key(key); + return status; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, - psa_key_slot_t *target ) +static psa_status_t psa_copy_key_material(const psa_key_slot_t *source, + psa_key_slot_t *target) { - psa_status_t status = psa_copy_key_material_into_slot( target, - source->key.data, - source->key.bytes ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = psa_copy_key_material_into_slot(target, + source->key.data, + source->key.bytes); + if (status != PSA_SUCCESS) { + return status; + } target->attr.type = source->attr.type; target->attr.bits = source->attr.bits; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, - const psa_key_attributes_t *specified_attributes, - mbedtls_svc_key_id_t *target_key ) +psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, + const psa_key_attributes_t *specified_attributes, + mbedtls_svc_key_id_t *target_key) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -2081,37 +2070,39 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, *target_key = MBEDTLS_SVC_KEY_ID_INIT; status = psa_get_and_lock_transparent_key_slot_with_policy( - source_key, &source_slot, PSA_KEY_USAGE_COPY, 0 ); - if( status != PSA_SUCCESS ) + source_key, &source_slot, PSA_KEY_USAGE_COPY, 0); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_validate_optional_attributes( source_slot, - specified_attributes ); - if( status != PSA_SUCCESS ) + status = psa_validate_optional_attributes(source_slot, + specified_attributes); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_restrict_key_policy( source_slot->attr.type, - &actual_attributes.core.policy, - &source_slot->attr.policy ); - if( status != PSA_SUCCESS ) + status = psa_restrict_key_policy(source_slot->attr.type, + &actual_attributes.core.policy, + &source_slot->attr.policy); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_start_key_creation( PSA_KEY_CREATION_COPY, &actual_attributes, - &target_slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_COPY, &actual_attributes, + &target_slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { /* Copying to a secure element is not implemented yet. */ status = PSA_ERROR_NOT_SUPPORTED; goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) ) - { + if (psa_key_lifetime_is_external(actual_attributes.core.lifetime)) { /* * Copying through an opaque driver is not implemented yet, consider * a lifetime with an external location as an invalid parameter for @@ -2121,18 +2112,20 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, goto exit; } - status = psa_copy_key_material( source_slot, target_slot ); - if( status != PSA_SUCCESS ) + status = psa_copy_key_material(source_slot, target_slot); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_finish_key_creation( target_slot, driver, target_key ); + status = psa_finish_key_creation(target_slot, driver, target_key); exit: - if( status != PSA_SUCCESS ) - psa_fail_key_creation( target_slot, driver ); + if (status != PSA_SUCCESS) { + psa_fail_key_creation(target_slot, driver); + } - unlock_status = psa_unlock_key_slot( source_slot ); + unlock_status = psa_unlock_key_slot(source_slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2141,178 +2134,185 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key, /* Message digests */ /****************************************************************/ -psa_status_t psa_hash_abort( psa_hash_operation_t *operation ) +psa_status_t psa_hash_abort(psa_hash_operation_t *operation) { /* Aborting a non-active operation is allowed */ - if( operation->id == 0 ) - return( PSA_SUCCESS ); + if (operation->id == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_hash_abort( operation ); + psa_status_t status = psa_driver_wrapper_hash_abort(operation); operation->id = 0; - return( status ); + return status; } -psa_status_t psa_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ) +psa_status_t psa_hash_setup(psa_hash_operation_t *operation, + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( !PSA_ALG_IS_HASH( alg ) ) - { + if (!PSA_ALG_IS_HASH(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } /* Ensure all of the context is zeroized, since PSA_HASH_OPERATION_INIT only * directly zeroes the int-sized dummy member of the context union. */ - memset( &operation->ctx, 0, sizeof( operation->ctx ) ); + memset(&operation->ctx, 0, sizeof(operation->ctx)); - status = psa_driver_wrapper_hash_setup( operation, alg ); + status = psa_driver_wrapper_hash_setup(operation, alg); exit: - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); + if (status != PSA_SUCCESS) { + psa_hash_abort(operation); + } return status; } -psa_status_t psa_hash_update( psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_hash_update(psa_hash_operation_t *operation, + const uint8_t *input, + size_t input_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); + if (input_length == 0) { + return PSA_SUCCESS; + } - status = psa_driver_wrapper_hash_update( operation, input, input_length ); + status = psa_driver_wrapper_hash_update(operation, input, input_length); exit: - if( status != PSA_SUCCESS ) - psa_hash_abort( operation ); + if (status != PSA_SUCCESS) { + psa_hash_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_hash_finish( psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length ) +psa_status_t psa_hash_finish(psa_hash_operation_t *operation, + uint8_t *hash, + size_t hash_size, + size_t *hash_length) { *hash_length = 0; - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->id == 0) { + return PSA_ERROR_BAD_STATE; + } psa_status_t status = psa_driver_wrapper_hash_finish( - operation, hash, hash_size, hash_length ); - psa_hash_abort( operation ); - return( status ); + operation, hash, hash_size, hash_length); + psa_hash_abort(operation); + return status; } -psa_status_t psa_hash_verify( psa_hash_operation_t *operation, - const uint8_t *hash, - size_t hash_length ) +psa_status_t psa_hash_verify(psa_hash_operation_t *operation, + const uint8_t *hash, + size_t hash_length) { uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_status_t status = psa_hash_finish( - operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ); + operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } - if( actual_hash_length != hash_length ) - { + if (actual_hash_length != hash_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } exit: - mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); - if( status != PSA_SUCCESS ) + mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash)); + if (status != PSA_SUCCESS) { psa_hash_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_hash_compute( psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, - size_t *hash_length ) +psa_status_t psa_hash_compute(psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + uint8_t *hash, size_t hash_size, + size_t *hash_length) { *hash_length = 0; - if( !PSA_ALG_IS_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( psa_driver_wrapper_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ) ); + return psa_driver_wrapper_hash_compute(alg, input, input_length, + hash, hash_size, hash_length); } -psa_status_t psa_hash_compare( psa_algorithm_t alg, - const uint8_t *input, size_t input_length, - const uint8_t *hash, size_t hash_length ) +psa_status_t psa_hash_compare(psa_algorithm_t alg, + const uint8_t *input, size_t input_length, + const uint8_t *hash, size_t hash_length) { uint8_t actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; - if( !PSA_ALG_IS_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } psa_status_t status = psa_driver_wrapper_hash_compute( - alg, input, input_length, - actual_hash, sizeof(actual_hash), - &actual_hash_length ); - if( status != PSA_SUCCESS ) + alg, input, input_length, + actual_hash, sizeof(actual_hash), + &actual_hash_length); + if (status != PSA_SUCCESS) { goto exit; - if( actual_hash_length != hash_length ) - { + } + if (actual_hash_length != hash_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } exit: - mbedtls_platform_zeroize( actual_hash, sizeof( actual_hash ) ); - return( status ); + mbedtls_platform_zeroize(actual_hash, sizeof(actual_hash)); + return status; } -psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ) +psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, + psa_hash_operation_t *target_operation) { - if( source_operation->id == 0 || - target_operation->id != 0 ) - { - return( PSA_ERROR_BAD_STATE ); + if (source_operation->id == 0 || + target_operation->id != 0) { + return PSA_ERROR_BAD_STATE; } - psa_status_t status = psa_driver_wrapper_hash_clone( source_operation, - target_operation ); - if( status != PSA_SUCCESS ) - psa_hash_abort( target_operation ); + psa_status_t status = psa_driver_wrapper_hash_clone(source_operation, + target_operation); + if (status != PSA_SUCCESS) { + psa_hash_abort(target_operation); + } - return( status ); + return status; } @@ -2320,192 +2320,205 @@ psa_status_t psa_hash_clone( const psa_hash_operation_t *source_operation, /* MAC */ /****************************************************************/ -psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) +psa_status_t psa_mac_abort(psa_mac_operation_t *operation) { /* Aborting a non-active operation is allowed */ - if( operation->id == 0 ) - return( PSA_SUCCESS ); + if (operation->id == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_mac_abort( operation ); + psa_status_t status = psa_driver_wrapper_mac_abort(operation); operation->mac_size = 0; operation->is_sign = 0; operation->id = 0; - return( status ); + return status; } static psa_status_t psa_mac_finalize_alg_and_key_validation( psa_algorithm_t alg, const psa_key_attributes_t *attributes, - uint8_t *mac_size ) + uint8_t *mac_size) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_type_t key_type = psa_get_key_type( attributes ); - size_t key_bits = psa_get_key_bits( attributes ); + psa_key_type_t key_type = psa_get_key_type(attributes); + size_t key_bits = psa_get_key_bits(attributes); - if( ! PSA_ALG_IS_MAC( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_MAC(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Validate the combination of key type and algorithm */ - status = psa_mac_key_can_do( alg, key_type ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_mac_key_can_do(alg, key_type); + if (status != PSA_SUCCESS) { + return status; + } /* Get the output length for the algorithm and key combination */ - *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg ); + *mac_size = PSA_MAC_LENGTH(key_type, key_bits, alg); - if( *mac_size < 4 ) - { + if (*mac_size < 4) { /* A very short MAC is too short for security since it can be * brute-forced. Ancient protocols with 32-bit MACs do exist, * so we make this our minimum, even though 32 bits is still * too small for security. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits, - PSA_ALG_FULL_LENGTH_MAC( alg ) ) ) - { + if (*mac_size > PSA_MAC_LENGTH(key_type, key_bits, + PSA_ALG_FULL_LENGTH_MAC(alg))) { /* It's impossible to "truncate" to a larger length than the full length * of the algorithm. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (*mac_size > PSA_MAC_MAX_SIZE) { + /* PSA_MAC_LENGTH returns the correct length even for a MAC algorithm + * that is disabled in the compile-time configuration. The result can + * therefore be larger than PSA_MAC_MAX_SIZE, which does take the + * configuration into account. In this case, force a return of + * PSA_ERROR_NOT_SUPPORTED here. Otherwise psa_mac_verify(), or + * psa_mac_compute(mac_size=PSA_MAC_MAX_SIZE), would return + * PSA_ERROR_BUFFER_TOO_SMALL for an unsupported algorithm whose MAC size + * is larger than PSA_MAC_MAX_SIZE, which is misleading and which breaks + * systematically generated tests. */ + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_mac_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - int is_sign ) +static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + int is_sign) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot = NULL; /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } status = psa_get_and_lock_key_slot_with_policy( - key, - &slot, - is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, - alg ); - if( status != PSA_SUCCESS ) + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; - status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, - &operation->mac_size ); - if( status != PSA_SUCCESS ) + status = psa_mac_finalize_alg_and_key_validation(alg, &attributes, + &operation->mac_size); + if (status != PSA_SUCCESS) { goto exit; + } operation->is_sign = is_sign; /* Dispatch the MAC setup call with validated input */ - if( is_sign ) - { - status = psa_driver_wrapper_mac_sign_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); - } - else - { - status = psa_driver_wrapper_mac_verify_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); + if (is_sign) { + status = psa_driver_wrapper_mac_sign_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } else { + status = psa_driver_wrapper_mac_verify_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); } exit: - if( status != PSA_SUCCESS ) - psa_mac_abort( operation ); + if (status != PSA_SUCCESS) { + psa_mac_abort(operation); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_mac_setup( operation, key, alg, 1 ) ); + return psa_mac_setup(operation, key, alg, 1); } -psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_mac_setup( operation, key, alg, 0 ) ); + return psa_mac_setup(operation, key, alg, 0); } -psa_status_t psa_mac_update( psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length ) +psa_status_t psa_mac_update(psa_mac_operation_t *operation, + const uint8_t *input, + size_t input_length) { - if( operation->id == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->id == 0) { + return PSA_ERROR_BAD_STATE; + } /* Don't require hash implementations to behave correctly on a * zero-length input, which may have an invalid pointer. */ - if( input_length == 0 ) - return( PSA_SUCCESS ); + if (input_length == 0) { + return PSA_SUCCESS; + } - psa_status_t status = psa_driver_wrapper_mac_update( operation, - input, input_length ); - if( status != PSA_SUCCESS ) - psa_mac_abort( operation ); + psa_status_t status = psa_driver_wrapper_mac_update(operation, + input, input_length); + if (status != PSA_SUCCESS) { + psa_mac_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length ) +psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, + uint8_t *mac, + size_t mac_size, + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( ! operation->is_sign ) - { + if (!operation->is_sign) { status = PSA_ERROR_BAD_STATE; goto exit; } /* Sanity check. This will guarantee that mac_size != 0 (and so mac != NULL) * once all the error checks are done. */ - if( operation->mac_size == 0 ) - { + if (operation->mac_size == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( mac_size < operation->mac_size ) - { + if (mac_size < operation->mac_size) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - status = psa_driver_wrapper_mac_sign_finish( operation, - mac, operation->mac_size, - mac_length ); + status = psa_driver_wrapper_mac_sign_finish(operation, + mac, operation->mac_size, + mac_length); exit: /* In case of success, set the potential excess room in the output buffer @@ -2514,98 +2527,97 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation, * such that in case the caller misses an error check, the output would be * an unachievable MAC. */ - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { *mac_length = mac_size; operation->mac_size = 0; } - if( mac_size > operation->mac_size ) - memset( &mac[operation->mac_size], '!', - mac_size - operation->mac_size ); + if (mac_size > operation->mac_size) { + memset(&mac[operation->mac_size], '!', + mac_size - operation->mac_size); + } - abort_status = psa_mac_abort( operation ); + abort_status = psa_mac_abort(operation); - return( status == PSA_SUCCESS ? abort_status : status ); + return status == PSA_SUCCESS ? abort_status : status; } -psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length ) +psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, + const uint8_t *mac, + size_t mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->is_sign ) - { + if (operation->is_sign) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->mac_size != mac_length ) - { + if (operation->mac_size != mac_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - status = psa_driver_wrapper_mac_verify_finish( operation, - mac, mac_length ); + status = psa_driver_wrapper_mac_verify_finish(operation, + mac, mac_length); exit: - abort_status = psa_mac_abort( operation ); + abort_status = psa_mac_abort(operation); - return( status == PSA_SUCCESS ? abort_status : status ); + return status == PSA_SUCCESS ? abort_status : status; } -static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length, - int is_sign ) +static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *mac, + size_t mac_size, + size_t *mac_length, + int is_sign) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot; uint8_t operation_mac_size = 0; status = psa_get_and_lock_key_slot_with_policy( - key, - &slot, - is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, - alg ); - if( status != PSA_SUCCESS ) + key, + &slot, + is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; - status = psa_mac_finalize_alg_and_key_validation( alg, &attributes, - &operation_mac_size ); - if( status != PSA_SUCCESS ) + status = psa_mac_finalize_alg_and_key_validation(alg, &attributes, + &operation_mac_size); + if (status != PSA_SUCCESS) { goto exit; + } - if( mac_size < operation_mac_size ) - { + if (mac_size < operation_mac_size) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } status = psa_driver_wrapper_mac_compute( - &attributes, - slot->key.data, slot->key.bytes, - alg, - input, input_length, - mac, operation_mac_size, mac_length ); + &attributes, + slot->key.data, slot->key.bytes, + alg, + input, input_length, + mac, operation_mac_size, mac_length); exit: /* In case of success, set the potential excess room in the output buffer @@ -2614,153 +2626,151 @@ static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key, * such that in case the caller misses an error check, the output would be * an unachievable MAC. */ - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { *mac_length = mac_size; operation_mac_size = 0; } - if( mac_size > operation_mac_size ) - memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size ); + if (mac_size > operation_mac_size) { + memset(&mac[operation_mac_size], '!', mac_size - operation_mac_size); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length) -{ - return( psa_mac_compute_internal( key, alg, - input, input_length, - mac, mac_size, mac_length, 1 ) ); -} - -psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key, +psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - const uint8_t *mac, - size_t mac_length) + uint8_t *mac, + size_t mac_size, + size_t *mac_length) +{ + return psa_mac_compute_internal(key, alg, + input, input_length, + mac, mac_size, mac_length, 1); +} + +psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *mac, + size_t mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t actual_mac[PSA_MAC_MAX_SIZE]; size_t actual_mac_length; - status = psa_mac_compute_internal( key, alg, - input, input_length, - actual_mac, sizeof( actual_mac ), - &actual_mac_length, 0 ); - if( status != PSA_SUCCESS ) + status = psa_mac_compute_internal(key, alg, + input, input_length, + actual_mac, sizeof(actual_mac), + &actual_mac_length, 0); + if (status != PSA_SUCCESS) { goto exit; + } - if( mac_length != actual_mac_length ) - { + if (mac_length != actual_mac_length) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 ) - { + if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } exit: - mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); + mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac)); - return ( status ); + return status; } /****************************************************************/ /* Asymmetric cryptography */ /****************************************************************/ -static psa_status_t psa_sign_verify_check_alg( int input_is_message, - psa_algorithm_t alg ) +static psa_status_t psa_sign_verify_check_alg(int input_is_message, + psa_algorithm_t alg) { - if( input_is_message ) - { - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (input_is_message) { + if (!PSA_ALG_IS_SIGN_MESSAGE(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_ALG_IS_SIGN_HASH(alg)) { + if (!PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(alg))) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } + } else { + if (!PSA_ALG_IS_SIGN_HASH(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; } - } - else - { - if( ! PSA_ALG_IS_SIGN_HASH( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, - int input_is_message, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ) +static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key, + int input_is_message, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot; *signature_length = 0; - status = psa_sign_verify_check_alg( input_is_message, alg ); - if( status != PSA_SUCCESS ) + status = psa_sign_verify_check_alg(input_is_message, alg); + if (status != PSA_SUCCESS) { return status; + } /* Immediately reject a zero-length signature buffer. This guarantees * that signature must be a valid pointer. (On the other hand, the input * buffer can in principle be empty since it doesn't actually have * to be a hash.) */ - if( signature_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (signature_size == 0) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, - input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE : - PSA_KEY_USAGE_SIGN_HASH, - alg ); + key, &slot, + input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH, + alg); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - { + if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - psa_key_attributes_t attributes = { - .core = slot->attr + attributes = (psa_key_attributes_t) { + .core = slot->attr }; - if( input_is_message ) - { + if (input_is_message) { status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_size, signature_length ); - } - else - { + signature, signature_size, signature_length); + } else { status = psa_driver_wrapper_sign_hash( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } @@ -2769,66 +2779,66 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, * the trailing part on success) with something that isn't a valid signature * (barring an attack on the signature and deliberately-crafted input), * in case the caller doesn't check the return status properly. */ - if( status == PSA_SUCCESS ) - memset( signature + *signature_length, '!', - signature_size - *signature_length ); - else - memset( signature, '!', signature_size ); + if (status == PSA_SUCCESS) { + memset(signature + *signature_length, '!', + signature_size - *signature_length); + } else { + memset(signature, '!', signature_size); + } /* If signature_size is 0 then we have nothing to do. We must not call * memset because signature may be NULL in this case. */ - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, - int input_is_message, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ) +static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key, + int input_is_message, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_sign_verify_check_alg( input_is_message, alg ); - if( status != PSA_SUCCESS ) + status = psa_sign_verify_check_alg(input_is_message, alg); + if (status != PSA_SUCCESS) { return status; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, - input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE : - PSA_KEY_USAGE_VERIFY_HASH, - alg ); + key, &slot, + input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_VERIFY_HASH, + alg); - if( status != PSA_SUCCESS ) - return( status ); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; - if( input_is_message ) - { + if (input_is_message) { status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_length ); - } - else - { + signature, signature_length); + } else { status = psa_driver_wrapper_verify_hash( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - signature, signature_length ); + signature, signature_length); } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2841,43 +2851,43 @@ psa_status_t psa_sign_message_builtin( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { + if (PSA_ALG_IS_SIGN_HASH(alg)) { size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; status = psa_driver_wrapper_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), + input, input_length, + hash, sizeof(hash), &hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } return psa_driver_wrapper_sign_hash( - attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ); + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ) +psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { return psa_sign_internal( key, 1, alg, input, input_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } psa_status_t psa_verify_message_builtin( @@ -2888,202 +2898,184 @@ psa_status_t psa_verify_message_builtin( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if ( PSA_ALG_IS_SIGN_HASH( alg ) ) - { + if (PSA_ALG_IS_SIGN_HASH(alg)) { size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; status = psa_driver_wrapper_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), + input, input_length, + hash, sizeof(hash), &hash_length); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } return psa_driver_wrapper_verify_hash( - attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ) +psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length) { return psa_verify_internal( key, 1, alg, input, input_length, - signature, signature_length ); + signature, signature_length); } psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { - if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)key_buffer; - (void)key_buffer_size; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; + (void) key_buffer; + (void) key_buffer_size; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { return psa_sign_internal( key, 0, alg, hash, hash_length, - signature, signature_size, signature_length ); + signature, signature_size, signature_length); } psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { - if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)key_buffer; - (void)key_buffer_size; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; + (void) key_buffer; + (void) key_buffer_size; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } -psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { return psa_verify_internal( key, 0, alg, hash, hash_length, - signature, signature_length ); + signature, signature_length); } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) -static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg, - mbedtls_rsa_context *rsa ) +static void psa_rsa_oaep_set_padding_mode(psa_algorithm_t alg, + mbedtls_rsa_context *rsa) { - psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); + psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info); + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ -psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -3097,107 +3089,101 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, *output_length = 0; - if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->attr.type ) || - PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) ) - { + key, &slot, PSA_KEY_USAGE_ENCRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } + if (!(PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type) || + PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type))) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) ) - { + if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; - status = mbedtls_psa_rsa_load_representation( slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { goto rsa_exit; + } - if( output_size < mbedtls_rsa_get_len( rsa ) ) - { + if (output_size < mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto rsa_exit; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) - { + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( - mbedtls_rsa_pkcs1_encrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - input_length, - input, - output ) ); + mbedtls_rsa_pkcs1_encrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + input_length, + input, + output)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ - } - else - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - { + } else + if (PSA_ALG_IS_RSA_OAEP(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - psa_rsa_oaep_set_padding_mode( alg, rsa ); + psa_rsa_oaep_set_padding_mode(alg, rsa); status = mbedtls_to_psa_error( - mbedtls_rsa_rsaes_oaep_encrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - salt, salt_length, - input_length, - input, - output ) ); + mbedtls_rsa_rsaes_oaep_encrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + salt, salt_length, + input_length, + input, + output)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ - } - else - { + } else { status = PSA_ERROR_INVALID_ARGUMENT; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: - if( status == PSA_SUCCESS ) - *output_length = mbedtls_rsa_get_len( rsa ); + if (status == PSA_SUCCESS) { + *output_length = mbedtls_rsa_get_len(rsa); + } - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - } - else - { + } else { status = PSA_ERROR_NOT_SUPPORTED; } exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *salt, + size_t salt_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; @@ -3211,96 +3197,89 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, *output_length = 0; - if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_RSA_OAEP(alg) && salt_length != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - { + key, &slot, PSA_KEY_USAGE_DECRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } + if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { + if (slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) mbedtls_rsa_context *rsa = NULL; - status = mbedtls_psa_rsa_load_representation( slot->attr.type, - slot->key.data, - slot->key.bytes, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(slot->attr.type, + slot->key.data, + slot->key.bytes, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - if( input_length != mbedtls_rsa_get_len( rsa ) ) - { + if (input_length != mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_INVALID_ARGUMENT; goto rsa_exit; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT ) - { + if (alg == PSA_ALG_RSA_PKCS1V15_CRYPT) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) status = mbedtls_to_psa_error( - mbedtls_rsa_pkcs1_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - output_length, - input, - output, - output_size ) ); + mbedtls_rsa_pkcs1_decrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + output_length, + input, + output, + output_size)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */ - } - else - if( PSA_ALG_IS_RSA_OAEP( alg ) ) - { + } else + if (PSA_ALG_IS_RSA_OAEP(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - psa_rsa_oaep_set_padding_mode( alg, rsa ); + psa_rsa_oaep_set_padding_mode(alg, rsa); status = mbedtls_to_psa_error( - mbedtls_rsa_rsaes_oaep_decrypt( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - salt, salt_length, - output_length, - input, - output, - output_size ) ); + mbedtls_rsa_rsaes_oaep_decrypt(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + salt, salt_length, + output_length, + input, + output, + output_size)); #else status = PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */ - } - else - { + } else { status = PSA_ERROR_INVALID_ARGUMENT; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) rsa_exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */ - } - else - { + } else { status = PSA_ERROR_NOT_SUPPORTED; } exit: - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -3309,373 +3288,365 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, /* Symmetric cryptography */ /****************************************************************/ -static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - mbedtls_operation_t cipher_operation ) +static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + mbedtls_operation_t cipher_operation) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot = NULL; - psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ? - PSA_KEY_USAGE_ENCRYPT : - PSA_KEY_USAGE_DECRYPT ); + psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_DECRYPT); /* A context must be freshly initialized before it can be set up. */ - if( operation->id != 0 ) - { + if (operation->id != 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, usage, alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, usage, alg); + if (status != PSA_SUCCESS) { goto exit; + } /* Initialize the operation struct members, except for id. The id member * is used to indicate to psa_cipher_abort that there are resources to free, * so we only set it (in the driver wrapper) after resources have been * allocated/initialized. */ operation->iv_set = 0; - if( alg == PSA_ALG_ECB_NO_PADDING ) + if (alg == PSA_ALG_ECB_NO_PADDING) { operation->iv_required = 0; - else + } else if (slot->attr.type == PSA_KEY_TYPE_ARC4) { + operation->iv_required = 0; + } else { operation->iv_required = 1; - operation->default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ); + } + operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); - psa_key_attributes_t attributes = { - .core = slot->attr + attributes = (psa_key_attributes_t) { + .core = slot->attr }; /* Try doing the operation through a driver before using software fallback. */ - if( cipher_operation == MBEDTLS_ENCRYPT ) - status = psa_driver_wrapper_cipher_encrypt_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); - else - status = psa_driver_wrapper_cipher_decrypt_setup( operation, - &attributes, - slot->key.data, - slot->key.bytes, - alg ); + if (cipher_operation == MBEDTLS_ENCRYPT) { + status = psa_driver_wrapper_cipher_encrypt_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } else { + status = psa_driver_wrapper_cipher_decrypt_setup(operation, + &attributes, + slot->key.data, + slot->key.bytes, + alg); + } exit: - if( status != PSA_SUCCESS ) - psa_cipher_abort( operation ); + if (status != PSA_SUCCESS) { + psa_cipher_abort(operation); + } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); + return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT); } -psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation, - mbedtls_svc_key_id_t key, - psa_algorithm_t alg ) +psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, + mbedtls_svc_key_id_t key, + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); + return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT); } -psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation, - uint8_t *iv, - size_t iv_size, - size_t *iv_length ) +psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, + uint8_t *iv, + size_t iv_size, + size_t *iv_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; - size_t default_iv_length; + size_t default_iv_length = 0; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_set || ! operation->iv_required ) - { + if (operation->iv_set || !operation->iv_required) { status = PSA_ERROR_BAD_STATE; goto exit; } default_iv_length = operation->default_iv_length; - if( iv_size < default_iv_length ) - { + if (iv_size < default_iv_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_GENERIC_ERROR; goto exit; } - status = psa_generate_random( local_iv, default_iv_length ); - if( status != PSA_SUCCESS ) + status = psa_generate_random(local_iv, default_iv_length); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_driver_wrapper_cipher_set_iv( operation, - local_iv, default_iv_length ); + status = psa_driver_wrapper_cipher_set_iv(operation, + local_iv, default_iv_length); exit: - if( status == PSA_SUCCESS ) - { - memcpy( iv, local_iv, default_iv_length ); + if (status == PSA_SUCCESS) { + memcpy(iv, local_iv, default_iv_length); *iv_length = default_iv_length; operation->iv_set = 1; - } - else - { + } else { *iv_length = 0; - psa_cipher_abort( operation ); + psa_cipher_abort(operation); } - return( status ); + return status; } -psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length ) +psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, + const uint8_t *iv, + size_t iv_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_set || ! operation->iv_required ) - { + if (operation->iv_set || !operation->iv_required) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + if (iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_driver_wrapper_cipher_set_iv( operation, - iv, - iv_length ); + status = psa_driver_wrapper_cipher_set_iv(operation, + iv, + iv_length); exit: - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->iv_set = 1; - else - psa_cipher_abort( operation ); - return( status ); + } else { + psa_cipher_abort(operation); + } + return status; } -psa_status_t psa_cipher_update( psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_required && ! operation->iv_set ) - { + if (operation->iv_required && !operation->iv_set) { status = PSA_ERROR_BAD_STATE; goto exit; } - status = psa_driver_wrapper_cipher_update( operation, - input, - input_length, - output, - output_size, - output_length ); + status = psa_driver_wrapper_cipher_update(operation, + input, + input_length, + output, + output_size, + output_length); exit: - if( status != PSA_SUCCESS ) - psa_cipher_abort( operation ); + if (status != PSA_SUCCESS) { + psa_cipher_abort(operation); + } - return( status ); + return status; } -psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; - if( operation->id == 0 ) - { + if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; goto exit; } - if( operation->iv_required && ! operation->iv_set ) - { + if (operation->iv_required && !operation->iv_set) { status = PSA_ERROR_BAD_STATE; goto exit; } - status = psa_driver_wrapper_cipher_finish( operation, - output, - output_size, - output_length ); + status = psa_driver_wrapper_cipher_finish(operation, + output, + output_size, + output_length); exit: - if( status == PSA_SUCCESS ) - return( psa_cipher_abort( operation ) ); - else - { + if (status == PSA_SUCCESS) { + return psa_cipher_abort(operation); + } else { *output_length = 0; - (void) psa_cipher_abort( operation ); + (void) psa_cipher_abort(operation); - return( status ); + return status; } } -psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation ) +psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation) { - if( operation->id == 0 ) - { + if (operation->id == 0) { /* The object has (apparently) been initialized but it is not (yet) * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - psa_driver_wrapper_cipher_abort( operation ); + psa_driver_wrapper_cipher_abort(operation); operation->id = 0; operation->iv_set = 0; operation->iv_required = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_cipher_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot = NULL; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; size_t default_iv_length = 0; - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_ENCRYPT, - alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_ENCRYPT, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - psa_key_attributes_t attributes = { - .core = slot->attr + attributes = (psa_key_attributes_t) { + .core = slot->attr }; - default_iv_length = PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ); - if( default_iv_length > PSA_CIPHER_IV_MAX_SIZE ) - { + default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); + if (default_iv_length > PSA_CIPHER_IV_MAX_SIZE) { status = PSA_ERROR_GENERIC_ERROR; goto exit; } - if( default_iv_length > 0 ) - { - if( output_size < default_iv_length ) - { + if (default_iv_length > 0) { + if (output_size < default_iv_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - status = psa_generate_random( local_iv, default_iv_length ); - if( status != PSA_SUCCESS ) + status = psa_generate_random(local_iv, default_iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } status = psa_driver_wrapper_cipher_encrypt( &attributes, slot->key.data, slot->key.bytes, alg, local_iv, default_iv_length, input, input_length, - output + default_iv_length, output_size - default_iv_length, - output_length ); + mbedtls_buffer_offset(output, default_iv_length), + output_size - default_iv_length, output_length); exit: - unlock_status = psa_unlock_key_slot( slot ); - if( status == PSA_SUCCESS ) + unlock_status = psa_unlock_key_slot(slot); + if (status == PSA_SUCCESS) { status = unlock_status; + } - if( status == PSA_SUCCESS ) - { - if( default_iv_length > 0 ) - memcpy( output, local_iv, default_iv_length ); + if (status == PSA_SUCCESS) { + if (default_iv_length > 0) { + memcpy(output, local_iv, default_iv_length); + } *output_length += default_iv_length; - } - else + } else { *output_length = 0; + } - return( status ); + return status; } -psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; psa_key_slot_t *slot = NULL; - if( ! PSA_ALG_IS_CIPHER( alg ) ) - { + if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_DECRYPT, - alg ); - if( status != PSA_SUCCESS ) + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_DECRYPT, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - psa_key_attributes_t attributes = { - .core = slot->attr + attributes = (psa_key_attributes_t) { + .core = slot->attr }; - if( input_length < PSA_CIPHER_IV_LENGTH( slot->attr.type, alg ) ) - { + if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -3683,17 +3654,19 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, status = psa_driver_wrapper_cipher_decrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, - output, output_size, output_length ); + output, output_size, output_length); exit: - unlock_status = psa_unlock_key_slot( slot ); - if( status == PSA_SUCCESS ) + unlock_status = psa_unlock_key_slot(slot); + if (status == PSA_SUCCESS) { status = unlock_status; + } - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { *output_length = 0; + } - return( status ); + return status; } @@ -3701,33 +3674,35 @@ psa_status_t psa_cipher_decrypt( mbedtls_svc_key_id_t key, /* AEAD */ /****************************************************************/ -psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *plaintext, - size_t plaintext_length, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length ) +psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *plaintext, + size_t plaintext_length, + uint8_t *ciphertext, + size_t ciphertext_size, + size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; *ciphertext_length = 0; - if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); + key, &slot, PSA_KEY_USAGE_ENCRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; status = psa_driver_wrapper_aead_encrypt( @@ -3736,43 +3711,46 @@ psa_status_t psa_aead_encrypt( mbedtls_svc_key_id_t key, nonce, nonce_length, additional_data, additional_data_length, plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + ciphertext, ciphertext_size, ciphertext_length); - if( status != PSA_SUCCESS && ciphertext_size != 0 ) - memset( ciphertext, 0, ciphertext_size ); + if (status != PSA_SUCCESS && ciphertext_size != 0) { + memset(ciphertext, 0, ciphertext_size); + } - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } -psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t *nonce, - size_t nonce_length, - const uint8_t *additional_data, - size_t additional_data_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length ) +psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t *nonce, + size_t nonce_length, + const uint8_t *additional_data, + size_t additional_data_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + uint8_t *plaintext, + size_t plaintext_size, + size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; *plaintext_length = 0; - if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (!PSA_ALG_IS_AEAD(alg) || PSA_ALG_IS_WILDCARD(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } status = psa_get_and_lock_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DECRYPT, alg ); - if( status != PSA_SUCCESS ) - return( status ); + key, &slot, PSA_KEY_USAGE_DECRYPT, alg); + if (status != PSA_SUCCESS) { + return status; + } psa_key_attributes_t attributes = { - .core = slot->attr + .core = slot->attr }; status = psa_driver_wrapper_aead_decrypt( @@ -3781,14 +3759,15 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key, nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + plaintext, plaintext_size, plaintext_length); - if( status != PSA_SUCCESS && plaintext_size != 0 ) - memset( plaintext, 0, plaintext_size ); + if (status != PSA_SUCCESS && plaintext_size != 0) { + memset(plaintext, 0, plaintext_size); + } - psa_unlock_key_slot( slot ); + psa_unlock_key_slot(slot); - return( status ); + return status; } /****************************************************************/ @@ -3808,24 +3787,24 @@ static psa_status_t psa_key_derivation_start_hmac( psa_mac_operation_t *operation, psa_algorithm_t hash_alg, const uint8_t *hmac_key, - size_t hmac_key_length ) + size_t hmac_key_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_HMAC ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( hmac_key_length ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(hmac_key_length)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); operation->is_sign = 1; - operation->mac_size = PSA_HASH_LENGTH( hash_alg ); + operation->mac_size = PSA_HASH_LENGTH(hash_alg); - status = psa_driver_wrapper_mac_sign_setup( operation, - &attributes, - hmac_key, hmac_key_length, - PSA_ALG_HMAC( hash_alg ) ); + status = psa_driver_wrapper_mac_sign_setup(operation, + &attributes, + hmac_key, hmac_key_length, + PSA_ALG_HMAC(hash_alg)); - psa_reset_key_attributes( &attributes ); - return( status ); + psa_reset_key_attributes(&attributes); + return status; } #endif /* KDF algorithms reliant on HMAC */ @@ -3835,172 +3814,172 @@ static psa_status_t psa_key_derivation_start_hmac( #define HKDF_STATE_OUTPUT 3 /* output started */ static psa_algorithm_t psa_key_derivation_get_kdf_alg( - const psa_key_derivation_operation_t *operation ) + const psa_key_derivation_operation_t *operation) { - if ( PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) - return( PSA_ALG_KEY_AGREEMENT_GET_KDF( operation->alg ) ); - else - return( operation->alg ); + if (PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { + return PSA_ALG_KEY_AGREEMENT_GET_KDF(operation->alg); + } else { + return operation->alg; + } } -psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation ) +psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) { psa_status_t status = PSA_SUCCESS; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - if( kdf_alg == 0 ) - { + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); + if (kdf_alg == 0) { /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - } - else + } else #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - mbedtls_free( operation->ctx.hkdf.info ); - status = psa_mac_abort( &operation->ctx.hkdf.hmac ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + mbedtls_free(operation->ctx.hkdf.info); + status = psa_mac_abort(&operation->ctx.hkdf.hmac); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - if( operation->ctx.tls12_prf.secret != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.secret, - operation->ctx.tls12_prf.secret_length ); - mbedtls_free( operation->ctx.tls12_prf.secret ); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + if (operation->ctx.tls12_prf.secret != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.secret, + operation->ctx.tls12_prf.secret_length); + mbedtls_free(operation->ctx.tls12_prf.secret); } - if( operation->ctx.tls12_prf.seed != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.seed, - operation->ctx.tls12_prf.seed_length ); - mbedtls_free( operation->ctx.tls12_prf.seed ); + if (operation->ctx.tls12_prf.seed != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.seed, + operation->ctx.tls12_prf.seed_length); + mbedtls_free(operation->ctx.tls12_prf.seed); } - if( operation->ctx.tls12_prf.label != NULL ) - { - mbedtls_platform_zeroize( operation->ctx.tls12_prf.label, - operation->ctx.tls12_prf.label_length ); - mbedtls_free( operation->ctx.tls12_prf.label ); + if (operation->ctx.tls12_prf.label != NULL) { + mbedtls_platform_zeroize(operation->ctx.tls12_prf.label, + operation->ctx.tls12_prf.label_length); + mbedtls_free(operation->ctx.tls12_prf.label); } status = PSA_SUCCESS; /* We leave the fields Ai and output_block to be erased safely by the * mbedtls_platform_zeroize() in the end of this function. */ - } - else + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || * defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) */ { status = PSA_ERROR_BAD_STATE; } - mbedtls_platform_zeroize( operation, sizeof( *operation ) ); - return( status ); + mbedtls_platform_zeroize(operation, sizeof(*operation)); + return status; } psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, - size_t *capacity) + size_t *capacity) { - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* This is a blank key derivation operation. */ - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } *capacity = operation->capacity; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, - size_t capacity ) +psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, + size_t capacity) { - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); - if( capacity > operation->capacity ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } + if (capacity > operation->capacity) { + return PSA_ERROR_INVALID_ARGUMENT; + } operation->capacity = capacity; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) /* Read some bytes from an HKDF-based operation. This performs a chunk * of the expand phase of the HKDF algorithm. */ -static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf, - psa_algorithm_t hash_alg, - uint8_t *output, - size_t output_length ) +static psa_status_t psa_key_derivation_hkdf_read(psa_hkdf_key_derivation_t *hkdf, + psa_algorithm_t hash_alg, + uint8_t *output, + size_t output_length) { - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); size_t hmac_output_length; psa_status_t status; - if( hkdf->state < HKDF_STATE_KEYED || ! hkdf->info_set ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->state < HKDF_STATE_KEYED || !hkdf->info_set) { + return PSA_ERROR_BAD_STATE; + } hkdf->state = HKDF_STATE_OUTPUT; - while( output_length != 0 ) - { + while (output_length != 0) { /* Copy what remains of the current block */ uint8_t n = hash_length - hkdf->offset_in_block; - if( n > output_length ) + if (n > output_length) { n = (uint8_t) output_length; - memcpy( output, hkdf->output_block + hkdf->offset_in_block, n ); + } + memcpy(output, hkdf->output_block + hkdf->offset_in_block, n); output += n; output_length -= n; hkdf->offset_in_block += n; - if( output_length == 0 ) + if (output_length == 0) { break; + } /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ - if( hkdf->block_number == 0xff ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->block_number == 0xff) { + return PSA_ERROR_BAD_STATE; + } /* We need a new block */ ++hkdf->block_number; hkdf->offset_in_block = 0; - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - hkdf->prk, - hash_length ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + hkdf->prk, + hash_length); + if (status != PSA_SUCCESS) { + return status; + } - if( hkdf->block_number != 1 ) - { - status = psa_mac_update( &hkdf->hmac, + if (hkdf->block_number != 1) { + status = psa_mac_update(&hkdf->hmac, + hkdf->output_block, + hash_length); + if (status != PSA_SUCCESS) { + return status; + } + } + status = psa_mac_update(&hkdf->hmac, + hkdf->info, + hkdf->info_length); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_update(&hkdf->hmac, + &hkdf->block_number, 1); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_sign_finish(&hkdf->hmac, hkdf->output_block, - hash_length ); - if( status != PSA_SUCCESS ) - return( status ); + sizeof(hkdf->output_block), + &hmac_output_length); + if (status != PSA_SUCCESS) { + return status; } - status = psa_mac_update( &hkdf->hmac, - hkdf->info, - hkdf->info_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_update( &hkdf->hmac, - &hkdf->block_number, 1 ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_sign_finish( &hkdf->hmac, - hkdf->output_block, - sizeof( hkdf->output_block ), - &hmac_output_length ); - if( status != PSA_SUCCESS ) - return( status ); - } - - return( PSA_SUCCESS ); + } + + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ @@ -4008,10 +3987,10 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( psa_tls12_prf_key_derivation_t *tls12_prf, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(alg); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); psa_mac_operation_t hmac = PSA_MAC_OPERATION_INIT; size_t hmac_output_length; psa_status_t status, cleanup_status; @@ -4021,8 +4000,9 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ - if( tls12_prf->block_number == 0xff ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (tls12_prf->block_number == 0xff) { + return PSA_ERROR_CORRUPTION_DETECTED; + } /* We need a new block */ ++tls12_prf->block_number; @@ -4045,125 +4025,133 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( * `block_number`. */ - status = psa_key_derivation_start_hmac( &hmac, - hash_alg, - tls12_prf->secret, - tls12_prf->secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_start_hmac(&hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length); + if (status != PSA_SUCCESS) { goto cleanup; + } /* Calculate A(i) where i = tls12_prf->block_number. */ - if( tls12_prf->block_number == 1 ) - { + if (tls12_prf->block_number == 1) { /* A(1) = HMAC_hash(secret, A(0)), where A(0) = seed. (The RFC overloads * the variable seed and in this instance means it in the context of the * P_hash function, where seed = label + seed.) */ - status = psa_mac_update( &hmac, - tls12_prf->label, - tls12_prf->label_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_update(&hmac, + tls12_prf->label, + tls12_prf->label_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, - tls12_prf->seed, - tls12_prf->seed_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, + tls12_prf->seed, + tls12_prf->seed_length); + if (status != PSA_SUCCESS) { goto cleanup; - } - else - { + } + } else { /* A(i) = HMAC_hash(secret, A(i-1)) */ - status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length); + if (status != PSA_SUCCESS) { goto cleanup; + } } - status = psa_mac_sign_finish( &hmac, - tls12_prf->Ai, hash_length, - &hmac_output_length ); - if( hmac_output_length != hash_length ) + status = psa_mac_sign_finish(&hmac, + tls12_prf->Ai, hash_length, + &hmac_output_length); + if (hmac_output_length != hash_length) { status = PSA_ERROR_CORRUPTION_DETECTED; - if( status != PSA_SUCCESS ) + } + if (status != PSA_SUCCESS) { goto cleanup; + } /* Calculate HMAC_hash(secret, A(i) + label + seed). */ - status = psa_key_derivation_start_hmac( &hmac, - hash_alg, - tls12_prf->secret, - tls12_prf->secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_start_hmac(&hmac, + hash_alg, + tls12_prf->secret, + tls12_prf->secret_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->Ai, hash_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->Ai, hash_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->label, tls12_prf->label_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->label, tls12_prf->label_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_update( &hmac, tls12_prf->seed, tls12_prf->seed_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_update(&hmac, tls12_prf->seed, tls12_prf->seed_length); + if (status != PSA_SUCCESS) { goto cleanup; - status = psa_mac_sign_finish( &hmac, - tls12_prf->output_block, hash_length, - &hmac_output_length ); - if( status != PSA_SUCCESS ) + } + status = psa_mac_sign_finish(&hmac, + tls12_prf->output_block, hash_length, + &hmac_output_length); + if (status != PSA_SUCCESS) { goto cleanup; + } cleanup: - cleanup_status = psa_mac_abort( &hmac ); - if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS ) + cleanup_status = psa_mac_abort(&hmac); + if (status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS) { status = cleanup_status; + } - return( status ); + return status; } static psa_status_t psa_key_derivation_tls12_prf_read( psa_tls12_prf_key_derivation_t *tls12_prf, psa_algorithm_t alg, uint8_t *output, - size_t output_length ) + size_t output_length) { - psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg ); - uint8_t hash_length = PSA_HASH_LENGTH( hash_alg ); + psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH(alg); + uint8_t hash_length = PSA_HASH_LENGTH(hash_alg); psa_status_t status; uint8_t offset, length; - switch( tls12_prf->state ) - { + switch (tls12_prf->state) { case PSA_TLS12_PRF_STATE_LABEL_SET: tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT; break; case PSA_TLS12_PRF_STATE_OUTPUT: break; default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - while( output_length != 0 ) - { + while (output_length != 0) { /* Check if we have fully processed the current block. */ - if( tls12_prf->left_in_block == 0 ) - { - status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf, - alg ); - if( status != PSA_SUCCESS ) - return( status ); + if (tls12_prf->left_in_block == 0) { + status = psa_key_derivation_tls12_prf_generate_next_block(tls12_prf, + alg); + if (status != PSA_SUCCESS) { + return status; + } continue; } - if( tls12_prf->left_in_block > output_length ) + if (tls12_prf->left_in_block > output_length) { length = (uint8_t) output_length; - else + } else { length = tls12_prf->left_in_block; + } offset = hash_length - tls12_prf->left_in_block; - memcpy( output, tls12_prf->output_block + offset, length ); + memcpy(output, tls12_prf->output_block + offset, length); output += length; output_length -= length; tls12_prf->left_in_block -= length; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ @@ -4171,140 +4159,143 @@ static psa_status_t psa_key_derivation_tls12_prf_read( psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, uint8_t *output, - size_t output_length ) + size_t output_length) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* This is a blank operation. */ - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - if( output_length > operation->capacity ) - { + if (output_length > operation->capacity) { operation->capacity = 0; /* Go through the error path to wipe all confidential data now * that the operation object is useless. */ status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && operation->capacity == 0 ) - { + if (output_length == 0 && operation->capacity == 0) { /* Edge case: this is a finished operation, and 0 bytes * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished * operation, for consistency with the case when * output_length > 0. */ - return( PSA_ERROR_INSUFFICIENT_DATA ); + return PSA_ERROR_INSUFFICIENT_DATA; } operation->capacity -= output_length; #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, - output, output_length ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); + status = psa_key_derivation_hkdf_read(&operation->ctx.hkdf, hash_alg, + output, output_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf, - kdf_alg, output, - output_length ); - } - else + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + status = psa_key_derivation_tls12_prf_read(&operation->ctx.tls12_prf, + kdf_alg, output, + output_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF || * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ { (void) kdf_alg; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* Preserve the algorithm upon errors, but clear all sensitive state. * This allows us to differentiate between exhausted operations and * blank operations, so we can return PSA_ERROR_BAD_STATE on blank * operations. */ psa_algorithm_t alg = operation->alg; - psa_key_derivation_abort( operation ); + psa_key_derivation_abort(operation); operation->alg = alg; - memset( output, '!', output_length ); + memset(output, '!', output_length); } - return( status ); + return status; } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) -static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) +static void psa_des_set_key_parity(uint8_t *data, size_t data_size) { - if( data_size >= 8 ) - mbedtls_des_key_set_parity( data ); - if( data_size >= 16 ) - mbedtls_des_key_set_parity( data + 8 ); - if( data_size >= 24 ) - mbedtls_des_key_set_parity( data + 16 ); + if (data_size >= 8) { + mbedtls_des_key_set_parity(data); + } + if (data_size >= 16) { + mbedtls_des_key_set_parity(data + 8); + } + if (data_size >= 24) { + mbedtls_des_key_set_parity(data + 16); + } } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, - psa_key_derivation_operation_t *operation ) + psa_key_derivation_operation_t *operation) { uint8_t *data = NULL; - size_t bytes = PSA_BITS_TO_BYTES( bits ); + size_t bytes = PSA_BITS_TO_BYTES(bits); psa_status_t status; + psa_key_attributes_t attributes; - if( ! key_type_is_raw_bytes( slot->attr.type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( bits % 8 != 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); - data = mbedtls_calloc( 1, bytes ); - if( data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (!key_type_is_raw_bytes(slot->attr.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (bits % 8 != 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + data = mbedtls_calloc(1, bytes); + if (data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - status = psa_key_derivation_output_bytes( operation, data, bytes ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_output_bytes(operation, data, bytes); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( slot->attr.type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( data, bytes ); + if (slot->attr.type == PSA_KEY_TYPE_DES) { + psa_des_set_key_parity(data, bytes); + } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ - status = psa_allocate_buffer_to_slot( slot, bytes ); - if( status != PSA_SUCCESS ) + status = psa_allocate_buffer_to_slot(slot, bytes); + if (status != PSA_SUCCESS) { goto exit; + } slot->attr.bits = (psa_key_bits_t) bits; - psa_key_attributes_t attributes = { - .core = slot->attr + attributes = (psa_key_attributes_t) { + .core = slot->attr }; - status = psa_driver_wrapper_import_key( &attributes, - data, bytes, - slot->key.data, - slot->key.bytes, - &slot->key.bytes, &bits ); - if( bits != slot->attr.bits ) + status = psa_driver_wrapper_import_key(&attributes, + data, bytes, + slot->key.data, + slot->key.bytes, + &slot->key.bytes, &bits); + if (bits != slot->attr.bits) { status = PSA_ERROR_INVALID_ARGUMENT; + } exit: - mbedtls_free( data ); - return( status ); + mbedtls_free(data); + return status; } -psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, + psa_key_derivation_operation_t *operation, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -4314,36 +4305,39 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( operation->alg == PSA_ALG_NONE ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == PSA_ALG_NONE) { + return PSA_ERROR_BAD_STATE; + } - if( ! operation->can_output_key ) - return( PSA_ERROR_NOT_PERMITTED ); + if (!operation->can_output_key) { + return PSA_ERROR_NOT_PERMITTED; + } - status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE, attributes, - &slot, &driver ); + status = psa_start_key_creation(PSA_KEY_CREATION_DERIVE, attributes, + &slot, &driver); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( driver != NULL ) - { + if (driver != NULL) { /* Deriving a key in a secure element is not implemented yet. */ status = PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - if( status == PSA_SUCCESS ) - { - status = psa_generate_derived_key_internal( slot, - attributes->core.bits, - operation ); + if (status == PSA_SUCCESS) { + status = psa_generate_derived_key_internal(slot, + attributes->core.bits, + operation); + } + if (status == PSA_SUCCESS) { + status = psa_finish_key_creation(slot, driver, key); + } + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); } - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver, key ); - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); - return( status ); + return status; } @@ -4353,243 +4347,284 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut /****************************************************************/ #if defined(AT_LEAST_ONE_BUILTIN_KDF) -static psa_status_t psa_key_derivation_setup_kdf( - psa_key_derivation_operation_t *operation, - psa_algorithm_t kdf_alg ) +static int is_kdf_alg_supported(psa_algorithm_t kdf_alg) { - int is_kdf_alg_supported; - - /* Make sure that operation->ctx is properly zero-initialised. (Macro - * initialisers for this union leave some bytes unspecified.) */ - memset( &operation->ctx, 0, sizeof( operation->ctx ) ); - - /* Make sure that kdf_alg is a supported key derivation algorithm. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - is_kdf_alg_supported = 1; - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) - is_kdf_alg_supported = 1; - else + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + return 1; + } #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - is_kdf_alg_supported = 1; - else + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + return 1; + } #endif - is_kdf_alg_supported = 0; + return 0; +} - if( is_kdf_alg_supported ) - { - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - size_t hash_size = PSA_HASH_LENGTH( hash_alg ); - if( hash_size == 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( ( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) && - ! ( hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384 ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - operation->capacity = 255 * hash_size; - return( PSA_SUCCESS ); +static psa_status_t psa_hash_try_support(psa_algorithm_t alg) +{ + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + psa_status_t status = psa_hash_setup(&operation, alg); + psa_hash_abort(&operation); + return status; +} + +static psa_status_t psa_key_derivation_setup_kdf( + psa_key_derivation_operation_t *operation, + psa_algorithm_t kdf_alg) +{ + /* Make sure that operation->ctx is properly zero-initialised. (Macro + * initialisers for this union leave some bytes unspecified.) */ + memset(&operation->ctx, 0, sizeof(operation->ctx)); + + /* Make sure that kdf_alg is a supported key derivation algorithm. */ + if (!is_kdf_alg_supported(kdf_alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } + + /* All currently supported key derivation algorithms are based on a + * hash algorithm. */ + psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + + /* Make sure that hash_alg is a supported hash algorithm. Otherwise + * we might fail later, which is somewhat unfriendly and potentially + * risk-prone. */ + psa_status_t status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; } - return( PSA_ERROR_NOT_SUPPORTED ); + if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && + !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + return PSA_ERROR_NOT_SUPPORTED; + } + + operation->capacity = 255 * hash_size; + return PSA_SUCCESS; +} + +static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg) +{ +#if defined(PSA_WANT_ALG_ECDH) + if (alg == PSA_ALG_ECDH) { + return PSA_SUCCESS; + } +#endif + (void) alg; + return PSA_ERROR_NOT_SUPPORTED; } #endif /* AT_LEAST_ONE_BUILTIN_KDF */ -psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation, - psa_algorithm_t alg ) +psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, + psa_algorithm_t alg) { psa_status_t status; - if( operation->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; + } - if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { + if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { #if defined(AT_LEAST_ONE_BUILTIN_KDF) - psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - status = psa_key_derivation_setup_kdf( operation, kdf_alg ); + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg); + status = psa_key_agreement_try_support(ka_alg); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_derivation_setup_kdf(operation, kdf_alg); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* AT_LEAST_ONE_BUILTIN_KDF */ - } - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - { + } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { #if defined(AT_LEAST_ONE_BUILTIN_KDF) - status = psa_key_derivation_setup_kdf( operation, alg ); + status = psa_key_derivation_setup_kdf(operation, alg); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* AT_LEAST_ONE_BUILTIN_KDF */ + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - return( PSA_ERROR_INVALID_ARGUMENT ); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->alg = alg; - return( status ); + } + return status; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) -static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, - psa_algorithm_t hash_alg, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_hkdf_input(psa_hkdf_key_derivation_t *hkdf, + psa_algorithm_t hash_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) { psa_status_t status; - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SALT: - if( hkdf->state != HKDF_STATE_INIT ) - return( PSA_ERROR_BAD_STATE ); - else - { - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - data, data_length ); - if( status != PSA_SUCCESS ) - return( status ); + if (hkdf->state != HKDF_STATE_INIT) { + return PSA_ERROR_BAD_STATE; + } else { + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + data, data_length); + if (status != PSA_SUCCESS) { + return status; + } hkdf->state = HKDF_STATE_STARTED; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } case PSA_KEY_DERIVATION_INPUT_SECRET: /* If no salt was provided, use an empty salt. */ - if( hkdf->state == HKDF_STATE_INIT ) - { - status = psa_key_derivation_start_hmac( &hkdf->hmac, - hash_alg, - NULL, 0 ); - if( status != PSA_SUCCESS ) - return( status ); + if (hkdf->state == HKDF_STATE_INIT) { + status = psa_key_derivation_start_hmac(&hkdf->hmac, + hash_alg, + NULL, 0); + if (status != PSA_SUCCESS) { + return status; + } hkdf->state = HKDF_STATE_STARTED; } - if( hkdf->state != HKDF_STATE_STARTED ) - return( PSA_ERROR_BAD_STATE ); - status = psa_mac_update( &hkdf->hmac, - data, data_length ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_mac_sign_finish( &hkdf->hmac, - hkdf->prk, - sizeof( hkdf->prk ), - &data_length ); - if( status != PSA_SUCCESS ) - return( status ); - hkdf->offset_in_block = PSA_HASH_LENGTH( hash_alg ); + if (hkdf->state != HKDF_STATE_STARTED) { + return PSA_ERROR_BAD_STATE; + } + status = psa_mac_update(&hkdf->hmac, + data, data_length); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_mac_sign_finish(&hkdf->hmac, + hkdf->prk, + sizeof(hkdf->prk), + &data_length); + if (status != PSA_SUCCESS) { + return status; + } + hkdf->offset_in_block = PSA_HASH_LENGTH(hash_alg); hkdf->block_number = 0; hkdf->state = HKDF_STATE_KEYED; - return( PSA_SUCCESS ); + return PSA_SUCCESS; case PSA_KEY_DERIVATION_INPUT_INFO: - if( hkdf->state == HKDF_STATE_OUTPUT ) - return( PSA_ERROR_BAD_STATE ); - if( hkdf->info_set ) - return( PSA_ERROR_BAD_STATE ); + if (hkdf->state == HKDF_STATE_OUTPUT) { + return PSA_ERROR_BAD_STATE; + } + if (hkdf->info_set) { + return PSA_ERROR_BAD_STATE; + } hkdf->info_length = data_length; - if( data_length != 0 ) - { - hkdf->info = mbedtls_calloc( 1, data_length ); - if( hkdf->info == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( hkdf->info, data, data_length ); + if (data_length != 0) { + hkdf->info = mbedtls_calloc(1, data_length); + if (hkdf->info == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(hkdf->info, data, data_length); } hkdf->info_set = 1; - return( PSA_SUCCESS ); + return PSA_SUCCESS; default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) -static psa_status_t psa_tls12_prf_set_seed( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_seed(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_INIT ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_INIT) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->seed = mbedtls_calloc( 1, data_length ); - if( prf->seed == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->seed = mbedtls_calloc(1, data_length); + if (prf->seed == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->seed, data, data_length ); + memcpy(prf->seed, data, data_length); prf->seed_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_SEED_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_set_key( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_key(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_SEED_SET ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_SEED_SET) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->secret = mbedtls_calloc( 1, data_length ); - if( prf->secret == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->secret = mbedtls_calloc(1, data_length); + if (prf->secret == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->secret, data, data_length ); + memcpy(prf->secret, data, data_length); prf->secret_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_KEY_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_set_label( psa_tls12_prf_key_derivation_t *prf, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_set_label(psa_tls12_prf_key_derivation_t *prf, + const uint8_t *data, + size_t data_length) { - if( prf->state != PSA_TLS12_PRF_STATE_KEY_SET ) - return( PSA_ERROR_BAD_STATE ); + if (prf->state != PSA_TLS12_PRF_STATE_KEY_SET) { + return PSA_ERROR_BAD_STATE; + } - if( data_length != 0 ) - { - prf->label = mbedtls_calloc( 1, data_length ); - if( prf->label == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (data_length != 0) { + prf->label = mbedtls_calloc(1, data_length); + if (prf->label == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - memcpy( prf->label, data, data_length ); + memcpy(prf->label, data, data_length); prf->label_length = data_length; } prf->state = PSA_TLS12_PRF_STATE_LABEL_SET; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, - psa_key_derivation_step_t step, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_tls12_prf_input(psa_tls12_prf_key_derivation_t *prf, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) { - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SEED: - return( psa_tls12_prf_set_seed( prf, data, data_length ) ); + return psa_tls12_prf_set_seed(prf, data, data_length); case PSA_KEY_DERIVATION_INPUT_SECRET: - return( psa_tls12_prf_set_key( prf, data, data_length ) ); + return psa_tls12_prf_set_key(prf, data, data_length); case PSA_KEY_DERIVATION_INPUT_LABEL: - return( psa_tls12_prf_set_label( prf, data, data_length ) ); + return psa_tls12_prf_set_label(prf, data, data_length); default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || @@ -4599,14 +4634,15 @@ static psa_status_t psa_tls12_prf_input( psa_tls12_prf_key_derivation_t *prf, static psa_status_t psa_tls12_prf_psk_to_ms_set_key( psa_tls12_prf_key_derivation_t *prf, const uint8_t *data, - size_t data_length ) + size_t data_length) { psa_status_t status; - uint8_t pms[ 4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ]; + uint8_t pms[4 + 2 * PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE]; uint8_t *cur = pms; - if( data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data_length > PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Quoting RFC 4279, Section 2: * @@ -4615,34 +4651,33 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( * uint16 with the value N, and the PSK itself. */ - *cur++ = MBEDTLS_BYTE_1( data_length ); - *cur++ = MBEDTLS_BYTE_0( data_length ); - memset( cur, 0, data_length ); + *cur++ = MBEDTLS_BYTE_1(data_length); + *cur++ = MBEDTLS_BYTE_0(data_length); + memset(cur, 0, data_length); cur += data_length; *cur++ = pms[0]; *cur++ = pms[1]; - memcpy( cur, data, data_length ); + memcpy(cur, data, data_length); cur += data_length; - status = psa_tls12_prf_set_key( prf, pms, cur - pms ); + status = psa_tls12_prf_set_key(prf, pms, cur - pms); - mbedtls_platform_zeroize( pms, sizeof( pms ) ); - return( status ); + mbedtls_platform_zeroize(pms, sizeof(pms)); + return status; } static psa_status_t psa_tls12_prf_psk_to_ms_input( psa_tls12_prf_key_derivation_t *prf, psa_key_derivation_step_t step, const uint8_t *data, - size_t data_length ) + size_t data_length) { - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) - { - return( psa_tls12_prf_psk_to_ms_set_key( prf, - data, data_length ) ); + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { + return psa_tls12_prf_psk_to_ms_set_key(prf, + data, data_length); } - return( psa_tls12_prf_input( prf, step, data, data_length ) ); + return psa_tls12_prf_input(prf, step, data, data_length); } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ @@ -4657,27 +4692,30 @@ static psa_status_t psa_tls12_prf_psk_to_ms_input( */ static int psa_key_derivation_check_input_type( psa_key_derivation_step_t step, - psa_key_type_t key_type ) + psa_key_type_t key_type) { - switch( step ) - { + switch (step) { case PSA_KEY_DERIVATION_INPUT_SECRET: - if( key_type == PSA_KEY_TYPE_DERIVE ) - return( PSA_SUCCESS ); - if( key_type == PSA_KEY_TYPE_NONE ) - return( PSA_SUCCESS ); + if (key_type == PSA_KEY_TYPE_DERIVE) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_NONE) { + return PSA_SUCCESS; + } break; case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: case PSA_KEY_DERIVATION_INPUT_SEED: - if( key_type == PSA_KEY_TYPE_RAW_DATA ) - return( PSA_SUCCESS ); - if( key_type == PSA_KEY_TYPE_NONE ) - return( PSA_SUCCESS ); + if (key_type == PSA_KEY_TYPE_RAW_DATA) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_NONE) { + return PSA_SUCCESS; + } break; } - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } static psa_status_t psa_key_derivation_input_internal( @@ -4685,95 +4723,91 @@ static psa_status_t psa_key_derivation_input_internal( psa_key_derivation_step_t step, psa_key_type_t key_type, const uint8_t *data, - size_t data_length ) + size_t data_length) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); - status = psa_key_derivation_check_input_type( step, key_type ); - if( status != PSA_SUCCESS ) + status = psa_key_derivation_check_input_type(step, key_type); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) - if( PSA_ALG_IS_HKDF( kdf_alg ) ) - { - status = psa_hkdf_input( &operation->ctx.hkdf, - PSA_ALG_HKDF_GET_HASH( kdf_alg ), - step, data, data_length ); - } - else + if (PSA_ALG_IS_HKDF(kdf_alg)) { + status = psa_hkdf_input(&operation->ctx.hkdf, + PSA_ALG_HKDF_GET_HASH(kdf_alg), + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) - if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ) - { - status = psa_tls12_prf_input( &operation->ctx.tls12_prf, - step, data, data_length ); - } - else + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + status = psa_tls12_prf_input(&operation->ctx.tls12_prf, + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - if( PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) - { - status = psa_tls12_prf_psk_to_ms_input( &operation->ctx.tls12_prf, - step, data, data_length ); - } - else + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + status = psa_tls12_prf_psk_to_ms_input(&operation->ctx.tls12_prf, + step, data, data_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ { /* This can't happen unless the operation object was not initialized */ (void) data; (void) data_length; (void) kdf_alg; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } exit: - if( status != PSA_SUCCESS ) - psa_key_derivation_abort( operation ); - return( status ); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + } + return status; } psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, - size_t data_length ) + size_t data_length) { - return( psa_key_derivation_input_internal( operation, step, - PSA_KEY_TYPE_NONE, - data, data_length ) ); + return psa_key_derivation_input_internal(operation, step, + PSA_KEY_TYPE_NONE, + data, data_length); } psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; status = psa_get_and_lock_transparent_key_slot_with_policy( - key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( operation ); - return( status ); + key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + return status; } /* Passing a key object as a SECRET input unlocks the permission * to output to a key object. */ - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { operation->can_output_key = 1; + } - status = psa_key_derivation_input_internal( operation, - step, slot->attr.type, - slot->key.data, - slot->key.bytes ); + status = psa_key_derivation_input_internal(operation, + step, slot->attr.type, + slot->key.data, + slot->key.bytes); - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -4783,205 +4817,234 @@ psa_status_t psa_key_derivation_input_key( /****************************************************************/ #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key, - size_t peer_key_length, - const mbedtls_ecp_keypair *our_key, - uint8_t *shared_secret, - size_t shared_secret_size, - size_t *shared_secret_length ) +static psa_status_t psa_key_agreement_ecdh(const uint8_t *peer_key, + size_t peer_key_length, + const mbedtls_ecp_keypair *our_key, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) { mbedtls_ecp_keypair *their_key = NULL; mbedtls_ecdh_context ecdh; psa_status_t status; size_t bits = 0; - psa_ecc_family_t curve = mbedtls_ecc_group_to_psa( our_key->grp.id, &bits ); - mbedtls_ecdh_init( &ecdh ); + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(our_key->grp.id, &bits); + mbedtls_ecdh_init(&ecdh); status = mbedtls_psa_ecp_load_representation( - PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve), - bits, - peer_key, - peer_key_length, - &their_key ); - if( status != PSA_SUCCESS ) + PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve), + bits, + peer_key, + peer_key_length, + &their_key); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_get_params(&ecdh, their_key, MBEDTLS_ECDH_THEIRS)); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_get_params(&ecdh, our_key, MBEDTLS_ECDH_OURS)); + if (status != PSA_SUCCESS) { goto exit; + } status = mbedtls_to_psa_error( - mbedtls_ecdh_calc_secret( &ecdh, - shared_secret_length, - shared_secret, shared_secret_size, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecdh_calc_secret(&ecdh, + shared_secret_length, + shared_secret, shared_secret_size, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); + if (status != PSA_SUCCESS) { goto exit; - if( PSA_BITS_TO_BYTES( bits ) != *shared_secret_length ) + } + if (PSA_BITS_TO_BYTES(bits) != *shared_secret_length) { status = PSA_ERROR_CORRUPTION_DETECTED; + } exit: - if( status != PSA_SUCCESS ) - mbedtls_platform_zeroize( shared_secret, shared_secret_size ); - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( their_key ); - mbedtls_free( their_key ); + if (status != PSA_SUCCESS) { + mbedtls_platform_zeroize(shared_secret, shared_secret_size); + } + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(their_key); + mbedtls_free(their_key); - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */ #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES -static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, - psa_key_slot_t *private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *shared_secret, - size_t shared_secret_size, - size_t *shared_secret_length ) +static psa_status_t psa_key_agreement_raw_internal(psa_algorithm_t alg, + psa_key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) { - switch( alg ) - { + mbedtls_ecp_keypair *ecp = NULL; + psa_status_t status; + + switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) case PSA_ALG_ECDH: - if( ! PSA_KEY_TYPE_IS_ECC_KEY_PAIR( private_key->attr.type ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - mbedtls_ecp_keypair *ecp = NULL; - psa_status_t status = mbedtls_psa_ecp_load_representation( - private_key->attr.type, - private_key->attr.bits, - private_key->key.data, - private_key->key.bytes, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_agreement_ecdh( peer_key, peer_key_length, - ecp, - shared_secret, shared_secret_size, - shared_secret_length ); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); - return( status ); + if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key->attr.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + status = mbedtls_psa_ecp_load_representation( + private_key->attr.type, + private_key->attr.bits, + private_key->key.data, + private_key->key.bytes, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_agreement_ecdh(peer_key, peer_key_length, + ecp, + shared_secret, shared_secret_size, + shared_secret_length); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); + return status; #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */ default: + (void) ecp; + (void) status; (void) private_key; (void) peer_key; (void) peer_key_length; (void) shared_secret; (void) shared_secret_size; (void) shared_secret_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } } /* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - psa_key_slot_t *private_key, - const uint8_t *peer_key, - size_t peer_key_length ) +static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + psa_key_slot_t *private_key, + const uint8_t *peer_key, + size_t peer_key_length) { psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; size_t shared_secret_length = 0; - psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( operation->alg ); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg); /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ - status = psa_key_agreement_raw_internal( ka_alg, - private_key, - peer_key, peer_key_length, - shared_secret, - sizeof( shared_secret ), - &shared_secret_length ); - if( status != PSA_SUCCESS ) + status = psa_key_agreement_raw_internal(ka_alg, + private_key, + peer_key, peer_key_length, + shared_secret, + sizeof(shared_secret), + &shared_secret_length); + if (status != PSA_SUCCESS) { goto exit; + } /* Step 2: set up the key derivation to generate key material from * the shared secret. A shared secret is permitted wherever a key * of type DERIVE is permitted. */ - status = psa_key_derivation_input_internal( operation, step, - PSA_KEY_TYPE_DERIVE, - shared_secret, - shared_secret_length ); + status = psa_key_derivation_input_internal(operation, step, + PSA_KEY_TYPE_DERIVE, + shared_secret, + shared_secret_length); exit: - mbedtls_platform_zeroize( shared_secret, shared_secret_length ); - return( status ); + mbedtls_platform_zeroize(shared_secret, shared_secret_length); + return status; } -psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, - psa_key_derivation_step_t step, - mbedtls_svc_key_id_t private_key, - const uint8_t *peer_key, - size_t peer_key_length ) +psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + mbedtls_svc_key_id_t private_key, + const uint8_t *peer_key, + size_t peer_key_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (!PSA_ALG_IS_KEY_AGREEMENT(operation->alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_get_and_lock_transparent_key_slot_with_policy( - private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_agreement_internal( operation, step, - slot, - peer_key, peer_key_length ); - if( status != PSA_SUCCESS ) - psa_key_derivation_abort( operation ); - else - { + private_key, &slot, PSA_KEY_USAGE_DERIVE, operation->alg); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_key_agreement_internal(operation, step, + slot, + peer_key, peer_key_length); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + } else { /* If a private key has been added as SECRET, we allow the derived * key material to be used as a key in PSA Crypto. */ - if( step == PSA_KEY_DERIVATION_INPUT_SECRET ) + if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { operation->can_output_key = 1; + } } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } -psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, - mbedtls_svc_key_id_t private_key, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, + mbedtls_svc_key_id_t private_key, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; + size_t expected_length; - if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { + if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } status = psa_get_and_lock_transparent_key_slot_with_policy( - private_key, &slot, PSA_KEY_USAGE_DERIVE, alg ); - if( status != PSA_SUCCESS ) + private_key, &slot, PSA_KEY_USAGE_DERIVE, alg); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_key_agreement_raw_internal( alg, slot, - peer_key, peer_key_length, - output, output_size, - output_length ); + /* PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is in general an upper bound + * for the output size. The PSA specification only guarantees that this + * function works if output_size >= PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(...), + * but it might be nice to allow smaller buffers if the output fits. + * At the time of writing this comment, with only ECDH implemented, + * PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot. + * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily + * be exact for it as well. */ + expected_length = + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits); + if (output_size < expected_length) { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + status = psa_key_agreement_raw_internal(alg, slot, + peer_key, peer_key_length, + output, output_size, + output_length); exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* If an error happens and is not handled properly, the output * may be used as a key to protect sensitive data. Arrange for such * a key to be random, which is likely to result in decryption or @@ -4989,13 +5052,13 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, * some constant data such as zeros, which would result in the data * being protected with a reproducible, easily knowable key. */ - psa_generate_random( output, output_size ); + psa_generate_random(output, output_size); *output_length = output_size; } - unlock_status = psa_unlock_key_slot( slot ); + unlock_status = psa_unlock_key_slot(slot); - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -5004,99 +5067,107 @@ psa_status_t psa_raw_key_agreement( psa_algorithm_t alg, /* Random generation */ /****************************************************************/ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include "mbedtls/entropy_poll.h" +#endif + /** Initialize the PSA random generator. */ -static void mbedtls_psa_random_init( mbedtls_psa_random_context_t *rng ) +static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset( rng, 0, sizeof( *rng ) ); + memset(rng, 0, sizeof(*rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ /* Set default configuration if * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */ - if( rng->entropy_init == NULL ) + if (rng->entropy_init == NULL) { rng->entropy_init = mbedtls_entropy_init; - if( rng->entropy_free == NULL ) + } + if (rng->entropy_free == NULL) { rng->entropy_free = mbedtls_entropy_free; + } - rng->entropy_init( &rng->entropy ); + rng->entropy_init(&rng->entropy); #if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) /* The PSA entropy injection feature depends on using NV seed as an entropy * source. Add NV seed as an entropy source for PSA entropy injection. */ - mbedtls_entropy_add_source( &rng->entropy, - mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + mbedtls_entropy_add_source(&rng->entropy, + mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); #endif - mbedtls_psa_drbg_init( MBEDTLS_PSA_RANDOM_STATE ); + mbedtls_psa_drbg_init(MBEDTLS_PSA_RANDOM_STATE); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } /** Deinitialize the PSA random generator. */ -static void mbedtls_psa_random_free( mbedtls_psa_random_context_t *rng ) +static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset( rng, 0, sizeof( *rng ) ); + memset(rng, 0, sizeof(*rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - mbedtls_psa_drbg_free( MBEDTLS_PSA_RANDOM_STATE ); - rng->entropy_free( &rng->entropy ); + mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); + rng->entropy_free(&rng->entropy); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } /** Seed the PSA random generator. */ -static psa_status_t mbedtls_psa_random_seed( mbedtls_psa_random_context_t *rng ) +static psa_status_t mbedtls_psa_random_seed(mbedtls_psa_random_context_t *rng) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /* Do nothing: the external RNG seeds itself. */ (void) rng; - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ const unsigned char drbg_seed[] = "PSA"; - int ret = mbedtls_psa_drbg_seed( &rng->entropy, - drbg_seed, sizeof( drbg_seed ) - 1 ); - return mbedtls_to_psa_error( ret ); + int ret = mbedtls_psa_drbg_seed(&rng->entropy, + drbg_seed, sizeof(drbg_seed) - 1); + return mbedtls_to_psa_error(ret); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } -psa_status_t psa_generate_random( uint8_t *output, - size_t output_size ) +psa_status_t psa_generate_random(uint8_t *output, + size_t output_size) { GUARD_MODULE_INITIALIZED; #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) size_t output_length = 0; - psa_status_t status = mbedtls_psa_external_get_random( &global_data.rng, - output, output_size, - &output_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_status_t status = mbedtls_psa_external_get_random(&global_data.rng, + output, output_size, + &output_length); + if (status != PSA_SUCCESS) { + return status; + } /* Breaking up a request into smaller chunks is currently not supported - * for the extrernal RNG interface. */ - if( output_length != output_size ) - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); - return( PSA_SUCCESS ); + * for the external RNG interface. */ + if (output_length != output_size) { + return PSA_ERROR_INSUFFICIENT_ENTROPY; + } + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - while( output_size > 0 ) - { + while (output_size > 0) { size_t request_size = - ( output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ? - MBEDTLS_PSA_RANDOM_MAX_REQUEST : - output_size ); - int ret = mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, request_size ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); + (output_size > MBEDTLS_PSA_RANDOM_MAX_REQUEST ? + MBEDTLS_PSA_RANDOM_MAX_REQUEST : + output_size); + int ret = mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, request_size); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } output_size -= request_size; output += request_size; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ } @@ -5113,10 +5184,10 @@ psa_status_t psa_generate_random( uint8_t *output, * classic API, psa_crypto_random_impl.h defines `mbedtls_psa_get_random` * as a constant function pointer to `mbedtls_xxx_drbg_random`. */ -#if defined (MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ) +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size) { /* This function takes a pointer to the RNG state because that's what * classic mbedtls functions using an RNG expect. The PSA RNG manages @@ -5124,29 +5195,30 @@ int mbedtls_psa_get_random( void *p_rng, * So we just ignore the state parameter, and in practice we'll pass * NULL. */ (void) p_rng; - psa_status_t status = psa_generate_random( output, output_size ); - if( status == PSA_SUCCESS ) - return( 0 ); - else - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + psa_status_t status = psa_generate_random(output, output_size); + if (status == PSA_SUCCESS) { + return 0; + } else { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } } #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #if defined(MBEDTLS_PSA_INJECT_ENTROPY) -#include "mbedtls/entropy_poll.h" - -psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, - size_t seed_size ) +psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, + size_t seed_size) { - if( global_data.initialized ) - return( PSA_ERROR_NOT_PERMITTED ); + if (global_data.initialized) { + return PSA_ERROR_NOT_PERMITTED; + } - if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || - ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) || - ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (((seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM) || + (seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE)) || + (seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( mbedtls_psa_storage_inject_entropy( seed, seed_size ) ); + return mbedtls_psa_storage_inject_entropy(seed, seed_size); } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ @@ -5164,103 +5236,97 @@ psa_status_t mbedtls_psa_inject_entropy( const uint8_t *seed, * the two is not supported. */ static psa_status_t psa_validate_key_type_and_size_for_key_generation( - psa_key_type_t type, size_t bits ) + psa_key_type_t type, size_t bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( key_type_is_raw_bytes( type ) ) - { - status = validate_unstructured_key_bit_size( type, bits ); - if( status != PSA_SUCCESS ) - return( status ); - } - else + if (key_type_is_raw_bytes(type)) { + status = validate_unstructured_key_bit_size(type, bits); + if (status != PSA_SUCCESS) { + return status; + } + } else #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) - if( PSA_KEY_TYPE_IS_RSA( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Accept only byte-aligned keys, for the same reasons as * in psa_import_rsa_key(). */ - if( bits % 8 != 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); - } - else + if (bits % 8 != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + } else #endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */ #if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) - if( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { /* To avoid empty block, return successfully here. */ - return( PSA_SUCCESS ); - } - else + return PSA_SUCCESS; + } else #endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */ { - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_type_t type = attributes->core.type; - if( ( attributes->domain_parameters == NULL ) && - ( attributes->domain_parameters_size != 0 ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ((attributes->domain_parameters == NULL) && + (attributes->domain_parameters_size != 0)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( key_type_is_raw_bytes( type ) ) - { - status = psa_generate_random( key_buffer, key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + if (key_type_is_raw_bytes(type)) { + status = psa_generate_random(key_buffer, key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( type == PSA_KEY_TYPE_DES ) - psa_des_set_key_parity( key_buffer, key_buffer_size ); + if (type == PSA_KEY_TYPE_DES) { + psa_des_set_key_parity(key_buffer, key_buffer_size); + } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ - } - else + } else #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) - if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - return( mbedtls_psa_rsa_generate_key( attributes, - key_buffer, - key_buffer_size, - key_buffer_length ) ); - } - else + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + return mbedtls_psa_rsa_generate_key(attributes, + key_buffer, + key_buffer_size, + key_buffer_length); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - { - return( mbedtls_psa_ecp_generate_key( attributes, - key_buffer, - key_buffer_size, - key_buffer_length ) ); - } - else + if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + return mbedtls_psa_ecp_generate_key(attributes, + key_buffer, + key_buffer_size, + key_buffer_length); + } else #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ { - (void)key_buffer_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) key_buffer_length; + return PSA_ERROR_NOT_SUPPORTED; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, - mbedtls_svc_key_id_t *key ) +psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t *key) { psa_status_t status; psa_key_slot_t *slot = NULL; @@ -5271,62 +5337,67 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, /* Reject any attempt to create a zero-length key so that we don't * risk tripping up later, e.g. on a malloc(0) that returns NULL. */ - if( psa_get_key_bits( attributes ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (psa_get_key_bits(attributes) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } /* Reject any attempt to create a public key. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE, attributes, - &slot, &driver ); - if( status != PSA_SUCCESS ) + status = psa_start_key_creation(PSA_KEY_CREATION_GENERATE, attributes, + &slot, &driver); + if (status != PSA_SUCCESS) { goto exit; + } /* In the case of a transparent key or an opaque key stored in local * storage (thus not in the case of generating a key in a secure element * or cryptoprocessor with storage), we have to allocate a buffer to * hold the generated key material. */ - if( slot->key.data == NULL ) - { - if ( PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ) == - PSA_KEY_LOCATION_LOCAL_STORAGE ) - { + if (slot->key.data == NULL) { + if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime) == + PSA_KEY_LOCATION_LOCAL_STORAGE) { status = psa_validate_key_type_and_size_for_key_generation( - attributes->core.type, attributes->core.bits ); - if( status != PSA_SUCCESS ) + attributes->core.type, attributes->core.bits); + if (status != PSA_SUCCESS) { goto exit; + } key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - attributes->core.type, - attributes->core.bits ); - } - else - { + attributes->core.type, + attributes->core.bits); + } else { status = psa_driver_wrapper_get_key_buffer_size( - attributes, &key_buffer_size ); - if( status != PSA_SUCCESS ) + attributes, &key_buffer_size); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); - if( status != PSA_SUCCESS ) + status = psa_allocate_buffer_to_slot(slot, key_buffer_size); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_driver_wrapper_generate_key( attributes, - slot->key.data, slot->key.bytes, &slot->key.bytes ); + status = psa_driver_wrapper_generate_key(attributes, + slot->key.data, slot->key.bytes, &slot->key.bytes); - if( status != PSA_SUCCESS ) - psa_remove_key_data_from_memory( slot ); + if (status != PSA_SUCCESS) { + psa_remove_key_data_from_memory(slot); + } exit: - if( status == PSA_SUCCESS ) - status = psa_finish_key_creation( slot, driver, key ); - if( status != PSA_SUCCESS ) - psa_fail_key_creation( slot, driver ); + if (status == PSA_SUCCESS) { + status = psa_finish_key_creation(slot, driver, key); + } + if (status != PSA_SUCCESS) { + psa_fail_key_creation(slot, driver); + } - return( status ); + return status; } /****************************************************************/ @@ -5335,31 +5406,31 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes, #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) psa_status_t mbedtls_psa_crypto_configure_entropy_sources( - void (* entropy_init )( mbedtls_entropy_context *ctx ), - void (* entropy_free )( mbedtls_entropy_context *ctx ) ) + void (* entropy_init)(mbedtls_entropy_context *ctx), + void (* entropy_free)(mbedtls_entropy_context *ctx)) { - if( global_data.rng_state != RNG_NOT_INITIALIZED ) - return( PSA_ERROR_BAD_STATE ); + if (global_data.rng_state != RNG_NOT_INITIALIZED) { + return PSA_ERROR_BAD_STATE; + } global_data.rng.entropy_init = entropy_init; global_data.rng.entropy_free = entropy_free; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ -void mbedtls_psa_crypto_free( void ) +void mbedtls_psa_crypto_free(void) { - psa_wipe_all_key_slots( ); - if( global_data.rng_state != RNG_NOT_INITIALIZED ) - { - mbedtls_psa_random_free( &global_data.rng ); + psa_wipe_all_key_slots(); + if (global_data.rng_state != RNG_NOT_INITIALIZED) { + mbedtls_psa_random_free(&global_data.rng); } /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value * indicating "uninitialized". */ - mbedtls_platform_zeroize( &global_data, sizeof( global_data ) ); + mbedtls_platform_zeroize(&global_data, sizeof(global_data)); /* Terminate drivers */ - psa_driver_wrapper_free( ); + psa_driver_wrapper_free(); } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -5370,60 +5441,61 @@ void mbedtls_psa_crypto_free( void ) * fails. */ static psa_status_t psa_crypto_recover_transaction( - const psa_crypto_transaction_t *transaction ) + const psa_crypto_transaction_t *transaction) { - switch( transaction->unknown.type ) - { + switch (transaction->unknown.type) { case PSA_CRYPTO_TRANSACTION_CREATE_KEY: case PSA_CRYPTO_TRANSACTION_DESTROY_KEY: - /* TODO - fall through to the failure case until this - * is implemented. - * https://github.com/ARMmbed/mbed-crypto/issues/218 - */ + /* TODO - fall through to the failure case until this + * is implemented. + * https://github.com/ARMmbed/mbed-crypto/issues/218 + */ default: /* We found an unsupported transaction in the storage. * We don't know what state the storage is in. Give up. */ - return( PSA_ERROR_DATA_INVALID ); + return PSA_ERROR_DATA_INVALID; } } #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ -psa_status_t psa_crypto_init( void ) +psa_status_t psa_crypto_init(void) { psa_status_t status; /* Double initialization is explicitly allowed. */ - if( global_data.initialized != 0 ) - return( PSA_SUCCESS ); + if (global_data.initialized != 0) { + return PSA_SUCCESS; + } /* Initialize and seed the random generator. */ - mbedtls_psa_random_init( &global_data.rng ); + mbedtls_psa_random_init(&global_data.rng); global_data.rng_state = RNG_INITIALIZED; - status = mbedtls_psa_random_seed( &global_data.rng ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_random_seed(&global_data.rng); + if (status != PSA_SUCCESS) { goto exit; + } global_data.rng_state = RNG_SEEDED; - status = psa_initialize_key_slots( ); - if( status != PSA_SUCCESS ) + status = psa_initialize_key_slots(); + if (status != PSA_SUCCESS) { goto exit; + } /* Init drivers */ - status = psa_driver_wrapper_init( ); - if( status != PSA_SUCCESS ) + status = psa_driver_wrapper_init(); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) - status = psa_crypto_load_transaction( ); - if( status == PSA_SUCCESS ) - { - status = psa_crypto_recover_transaction( &psa_crypto_transaction ); - if( status != PSA_SUCCESS ) + status = psa_crypto_load_transaction(); + if (status == PSA_SUCCESS) { + status = psa_crypto_recover_transaction(&psa_crypto_transaction); + if (status != PSA_SUCCESS) { goto exit; - status = psa_crypto_stop_transaction( ); - } - else if( status == PSA_ERROR_DOES_NOT_EXIST ) - { + } + status = psa_crypto_stop_transaction(); + } else if (status == PSA_ERROR_DOES_NOT_EXIST) { /* There's no transaction to complete. It's all good. */ status = PSA_SUCCESS; } @@ -5433,9 +5505,10 @@ psa_status_t psa_crypto_init( void ) global_data.initialized = 1; exit: - if( status != PSA_SUCCESS ) - mbedtls_psa_crypto_free( ); - return( status ); + if (status != PSA_SUCCESS) { + mbedtls_psa_crypto_free(); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_aead.c b/third_party/mbedtls/repo/library/psa_crypto_aead.c index 16a3711b98f..ed9e55ad6ae 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_aead.c +++ b/third_party/mbedtls/repo/library/psa_crypto_aead.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -24,18 +12,17 @@ #include "psa_crypto_aead.h" #include "psa_crypto_core.h" +#include "psa_crypto_cipher.h" #include "mbedtls/ccm.h" #include "mbedtls/chachapoly.h" #include "mbedtls/cipher.h" #include "mbedtls/gcm.h" -typedef struct -{ +typedef struct { psa_algorithm_t core_alg; uint8_t tag_length; - union - { + union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) mbedtls_ccm_context ccm; @@ -49,25 +36,24 @@ typedef struct } ctx; } aead_operation_t; -#define AEAD_OPERATION_INIT {0, 0, {0}} +#define AEAD_OPERATION_INIT { 0, 0, { 0 } } -static void psa_aead_abort_internal( aead_operation_t *operation ) +static void psa_aead_abort_internal(aead_operation_t *operation) { - switch( operation->core_alg ) - { + switch (operation->core_alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) case PSA_ALG_CCM: - mbedtls_ccm_free( &operation->ctx.ccm ); + mbedtls_ccm_free(&operation->ctx.ccm); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) case PSA_ALG_GCM: - mbedtls_gcm_free( &operation->ctx.gcm ); + mbedtls_gcm_free(&operation->ctx.gcm); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) case PSA_ALG_CHACHA20_POLY1305: - mbedtls_chachapoly_free( &operation->ctx.chachapoly ); + mbedtls_chachapoly_free(&operation->ctx.chachapoly); break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ } @@ -77,7 +63,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t key_bits; @@ -87,85 +73,92 @@ static psa_status_t psa_aead_setup( key_bits = attributes->core.bits; - cipher_info = mbedtls_cipher_info_from_psa( alg, - attributes->core.type, key_bits, - &cipher_id ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + cipher_info = mbedtls_cipher_info_from_psa(alg, + attributes->core.type, key_bits, + &cipher_id); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) ) - { + switch (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): operation->core_alg = PSA_ALG_CCM; full_tag_length = 16; /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16. * The call to mbedtls_ccm_encrypt_and_tag or * mbedtls_ccm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) { + return PSA_ERROR_INVALID_ARGUMENT; + } - mbedtls_ccm_init( &operation->ctx.ccm ); + mbedtls_ccm_init(&operation->ctx.ccm); status = mbedtls_to_psa_error( - mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id, - key_buffer, (unsigned int) key_bits ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_ccm_setkey(&operation->ctx.ccm, cipher_id, + key_buffer, (unsigned int) key_bits)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): operation->core_alg = PSA_ALG_GCM; full_tag_length = 16; /* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. * The call to mbedtls_gcm_crypt_and_tag or * mbedtls_gcm_auth_decrypt will validate the tag length. */ - if( PSA_BLOCK_CIPHER_BLOCK_LENGTH( attributes->core.type ) != 16 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_BLOCK_CIPHER_BLOCK_LENGTH(attributes->core.type) != 16) { + return PSA_ERROR_INVALID_ARGUMENT; + } - mbedtls_gcm_init( &operation->ctx.gcm ); + mbedtls_gcm_init(&operation->ctx.gcm); status = mbedtls_to_psa_error( - mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id, - key_buffer, (unsigned int) key_bits ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_gcm_setkey(&operation->ctx.gcm, cipher_id, + key_buffer, (unsigned int) key_bits)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): operation->core_alg = PSA_ALG_CHACHA20_POLY1305; full_tag_length = 16; /* We only support the default tag length. */ - if( alg != PSA_ALG_CHACHA20_POLY1305 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (alg != PSA_ALG_CHACHA20_POLY1305) { + return PSA_ERROR_NOT_SUPPORTED; + } - mbedtls_chachapoly_init( &operation->ctx.chachapoly ); + mbedtls_chachapoly_init(&operation->ctx.chachapoly); status = mbedtls_to_psa_error( - mbedtls_chachapoly_setkey( &operation->ctx.chachapoly, - key_buffer ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_chachapoly_setkey(&operation->ctx.chachapoly, + key_buffer)); + if (status != PSA_SUCCESS) { + return status; + } break; #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ default: (void) status; (void) key_buffer; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( PSA_AEAD_TAG_LENGTH( attributes->core.type, - key_bits, alg ) - > full_tag_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (PSA_AEAD_TAG_LENGTH(attributes->core.type, + key_bits, alg) + > full_tag_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } - operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type, - key_bits, - alg ); + operation->tag_length = PSA_AEAD_TAG_LENGTH(attributes->core.type, + key_bits, + alg); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_aead_encrypt( @@ -175,82 +168,75 @@ psa_status_t mbedtls_psa_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; aead_operation_t operation = AEAD_OPERATION_INIT; uint8_t *tag; (void) key_buffer_size; - status = psa_aead_setup( &operation, attributes, key_buffer, alg ); - if( status != PSA_SUCCESS ) + status = psa_aead_setup(&operation, attributes, key_buffer, alg); + if (status != PSA_SUCCESS) { goto exit; + } /* For all currently supported modes, the tag is at the end of the * ciphertext. */ - if( ciphertext_size < ( plaintext_length + operation.tag_length ) ) - { + if (ciphertext_size < (plaintext_length + operation.tag_length)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } tag = ciphertext + plaintext_length; #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation.core_alg == PSA_ALG_CCM ) - { + if (operation.core_alg == PSA_ALG_CCM) { status = mbedtls_to_psa_error( - mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm, - plaintext_length, - nonce, nonce_length, - additional_data, - additional_data_length, - plaintext, ciphertext, - tag, operation.tag_length ) ); - } - else + mbedtls_ccm_encrypt_and_tag(&operation.ctx.ccm, + plaintext_length, + nonce, nonce_length, + additional_data, + additional_data_length, + plaintext, ciphertext, + tag, operation.tag_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - if( operation.core_alg == PSA_ALG_GCM ) - { + if (operation.core_alg == PSA_ALG_GCM) { status = mbedtls_to_psa_error( - mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm, - MBEDTLS_GCM_ENCRYPT, - plaintext_length, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, ciphertext, - operation.tag_length, tag ) ); - } - else + mbedtls_gcm_crypt_and_tag(&operation.ctx.gcm, + MBEDTLS_GCM_ENCRYPT, + plaintext_length, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, ciphertext, + operation.tag_length, tag)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) - { - if( nonce_length != 12 ) - { - if( nonce_length == 8 ) + if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) { + if (nonce_length != 12) { + if (nonce_length == 8) { status = PSA_ERROR_NOT_SUPPORTED; - else + } else { status = PSA_ERROR_INVALID_ARGUMENT; + } goto exit; } - if( operation.tag_length != 16 ) - { + if (operation.tag_length != 16) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } status = mbedtls_to_psa_error( - mbedtls_chachapoly_encrypt_and_tag( &operation.ctx.chachapoly, - plaintext_length, - nonce, - additional_data, - additional_data_length, - plaintext, - ciphertext, - tag ) ); - } - else + mbedtls_chachapoly_encrypt_and_tag(&operation.ctx.chachapoly, + plaintext_length, + nonce, + additional_data, + additional_data_length, + plaintext, + ciphertext, + tag)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) tag; @@ -259,16 +245,17 @@ psa_status_t mbedtls_psa_aead_encrypt( (void) additional_data; (void) additional_data_length; (void) plaintext; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *ciphertext_length = plaintext_length + operation.tag_length; + } exit: - psa_aead_abort_internal( &operation ); + psa_aead_abort_internal(&operation); - return( status ); + return status; } /* Locate the tag in a ciphertext buffer containing the encrypted data @@ -276,20 +263,22 @@ psa_status_t mbedtls_psa_aead_encrypt( * *plaintext_length. This is the size of the plaintext in modes where * the encrypted data has the same size as the plaintext, such as * CCM and GCM. */ -static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length, - const uint8_t *ciphertext, - size_t ciphertext_length, - size_t plaintext_size, - const uint8_t **p_tag ) +static psa_status_t psa_aead_unpadded_locate_tag(size_t tag_length, + const uint8_t *ciphertext, + size_t ciphertext_length, + size_t plaintext_size, + const uint8_t **p_tag) { size_t payload_length; - if( tag_length > ciphertext_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (tag_length > ciphertext_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } payload_length = ciphertext_length - tag_length; - if( payload_length > plaintext_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (payload_length > plaintext_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *p_tag = ciphertext + payload_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_aead_decrypt( @@ -299,79 +288,74 @@ psa_status_t mbedtls_psa_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; aead_operation_t operation = AEAD_OPERATION_INIT; const uint8_t *tag = NULL; (void) key_buffer_size; - status = psa_aead_setup( &operation, attributes, key_buffer, alg ); - if( status != PSA_SUCCESS ) + status = psa_aead_setup(&operation, attributes, key_buffer, alg); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_aead_unpadded_locate_tag( operation.tag_length, - ciphertext, ciphertext_length, - plaintext_size, &tag ); - if( status != PSA_SUCCESS ) + status = psa_aead_unpadded_locate_tag(operation.tag_length, + ciphertext, ciphertext_length, + plaintext_size, &tag); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) - if( operation.core_alg == PSA_ALG_CCM ) - { + if (operation.core_alg == PSA_ALG_CCM) { status = mbedtls_to_psa_error( - mbedtls_ccm_auth_decrypt( &operation.ctx.ccm, - ciphertext_length - operation.tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - ciphertext, plaintext, - tag, operation.tag_length ) ); - } - else + mbedtls_ccm_auth_decrypt(&operation.ctx.ccm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + ciphertext, plaintext, + tag, operation.tag_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) - if( operation.core_alg == PSA_ALG_GCM ) - { + if (operation.core_alg == PSA_ALG_GCM) { status = mbedtls_to_psa_error( - mbedtls_gcm_auth_decrypt( &operation.ctx.gcm, - ciphertext_length - operation.tag_length, - nonce, nonce_length, - additional_data, - additional_data_length, - tag, operation.tag_length, - ciphertext, plaintext ) ); - } - else + mbedtls_gcm_auth_decrypt(&operation.ctx.gcm, + ciphertext_length - operation.tag_length, + nonce, nonce_length, + additional_data, + additional_data_length, + tag, operation.tag_length, + ciphertext, plaintext)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) - if( operation.core_alg == PSA_ALG_CHACHA20_POLY1305 ) - { - if( nonce_length != 12 ) - { - if( nonce_length == 8 ) + if (operation.core_alg == PSA_ALG_CHACHA20_POLY1305) { + if (nonce_length != 12) { + if (nonce_length == 8) { status = PSA_ERROR_NOT_SUPPORTED; - else + } else { status = PSA_ERROR_INVALID_ARGUMENT; + } goto exit; } - if( operation.tag_length != 16 ) - { + if (operation.tag_length != 16) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } status = mbedtls_to_psa_error( - mbedtls_chachapoly_auth_decrypt( &operation.ctx.chachapoly, - ciphertext_length - operation.tag_length, - nonce, - additional_data, - additional_data_length, - tag, - ciphertext, - plaintext ) ); - } - else + mbedtls_chachapoly_auth_decrypt(&operation.ctx.chachapoly, + ciphertext_length - operation.tag_length, + nonce, + additional_data, + additional_data_length, + tag, + ciphertext, + plaintext)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */ { (void) nonce; @@ -379,19 +363,20 @@ psa_status_t mbedtls_psa_aead_decrypt( (void) additional_data; (void) additional_data_length; (void) plaintext; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *plaintext_length = ciphertext_length - operation.tag_length; + } exit: - psa_aead_abort_internal( &operation ); + psa_aead_abort_internal(&operation); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *plaintext_length = ciphertext_length - operation.tag_length; - return( status ); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_C */ - diff --git a/third_party/mbedtls/repo/library/psa_crypto_aead.h b/third_party/mbedtls/repo/library/psa_crypto_aead.h index aab0f835c44..e1ff0e5e7c2 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_aead.h +++ b/third_party/mbedtls/repo/library/psa_crypto_aead.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_AEAD_H @@ -71,10 +59,10 @@ * \retval #PSA_SUCCESS Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * ciphertext_size is too small. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_aead_encrypt( const psa_key_attributes_t *attributes, @@ -83,7 +71,7 @@ psa_status_t mbedtls_psa_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); /** * \brief Process an authenticated decryption operation. @@ -134,10 +122,10 @@ psa_status_t mbedtls_psa_aead_encrypt( * The cipher is not authentic. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * plaintext_size is too small. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_aead_decrypt( const psa_key_attributes_t *attributes, @@ -146,6 +134,6 @@ psa_status_t mbedtls_psa_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); -#endif /* PSA_CRYPTO_AEAD */ +#endif /* PSA_CRYPTO_AEAD_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_cipher.c b/third_party/mbedtls/repo/library/psa_crypto_cipher.c index 1fb9172b766..545bb50cc87 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_cipher.c +++ b/third_party/mbedtls/repo/library/psa_crypto_cipher.c @@ -3,26 +3,14 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_PSA_CRYPTO_C) -#include +#include "psa_crypto_cipher.h" #include "psa_crypto_core.h" #include "psa_crypto_random_impl.h" @@ -35,95 +23,128 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, - mbedtls_cipher_id_t* cipher_id ) + mbedtls_cipher_id_t *cipher_id) { mbedtls_cipher_mode_t mode; mbedtls_cipher_id_t cipher_id_tmp; - if( PSA_ALG_IS_AEAD( alg ) ) - alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ); + if (PSA_ALG_IS_AEAD(alg)) { + alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0); + } - if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ) - { - switch( alg ) - { + if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg)) { + switch (alg) { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) case PSA_ALG_STREAM_CIPHER: mode = MBEDTLS_MODE_STREAM; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) case PSA_ALG_CTR: mode = MBEDTLS_MODE_CTR; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) case PSA_ALG_CFB: mode = MBEDTLS_MODE_CFB; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) case PSA_ALG_OFB: mode = MBEDTLS_MODE_OFB; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) case PSA_ALG_ECB_NO_PADDING: mode = MBEDTLS_MODE_ECB; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) case PSA_ALG_CBC_NO_PADDING: mode = MBEDTLS_MODE_CBC; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) case PSA_ALG_CBC_PKCS7: mode = MBEDTLS_MODE_CBC; break; - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ): +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): mode = MBEDTLS_MODE_CCM; break; - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ): +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): mode = MBEDTLS_MODE_GCM; break; - case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ): +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): mode = MBEDTLS_MODE_CHACHAPOLY; break; +#endif default: - return( NULL ); + return NULL; } - } - else if( alg == PSA_ALG_CMAC ) + } else if (alg == PSA_ALG_CMAC) { mode = MBEDTLS_MODE_ECB; - else - return( NULL ); + } else { + return NULL; + } - switch( key_type ) - { + switch (key_type) { +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES) case PSA_KEY_TYPE_AES: cipher_id_tmp = MBEDTLS_CIPHER_ID_AES; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA) case PSA_KEY_TYPE_ARIA: cipher_id_tmp = MBEDTLS_CIPHER_ID_ARIA; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) case PSA_KEY_TYPE_DES: /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES, * and 192 for three-key Triple-DES. */ - if( key_bits == 64 ) + if (key_bits == 64) { cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; - else + } else { cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; + } /* mbedtls doesn't recognize two-key Triple-DES as an algorithm, * but two-key Triple-DES is functionally three-key Triple-DES * with K1=K3, so that's how we present it to mbedtls. */ - if( key_bits == 128 ) + if (key_bits == 128) { key_bits = 192; + } break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA) case PSA_KEY_TYPE_CAMELLIA: cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4) case PSA_KEY_TYPE_ARC4: cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4; break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) case PSA_KEY_TYPE_CHACHA20: cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20; break; +#endif default: - return( NULL ); + return NULL; } - if( cipher_id != NULL ) + if (cipher_id != NULL) { *cipher_id = cipher_id_tmp; + } - return( mbedtls_cipher_info_from_values( cipher_id_tmp, - (int) key_bits, mode ) ); + return mbedtls_cipher_info_from_values(cipher_id_tmp, + (int) key_bits, mode); } #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) @@ -133,112 +154,115 @@ static psa_status_t psa_cipher_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, - mbedtls_operation_t cipher_operation ) + mbedtls_operation_t cipher_operation) { int ret = 0; size_t key_bits; const mbedtls_cipher_info_t *cipher_info = NULL; psa_key_type_t key_type = attributes->core.type; - (void)key_buffer_size; + (void) key_buffer_size; - mbedtls_cipher_init( &operation->ctx.cipher ); + mbedtls_cipher_init(&operation->ctx.cipher); operation->alg = alg; key_bits = attributes->core.bits; - cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, - key_bits, NULL ); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + cipher_info = mbedtls_cipher_info_from_psa(alg, key_type, + key_bits, NULL); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info ); - if( ret != 0 ) + ret = mbedtls_cipher_setup(&operation->ctx.cipher, cipher_info); + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) - if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 ) - { + if (key_type == PSA_KEY_TYPE_DES && key_bits == 128) { /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */ uint8_t keys[24]; - memcpy( keys, key_buffer, 16 ); - memcpy( keys + 16, key_buffer, 8 ); - ret = mbedtls_cipher_setkey( &operation->ctx.cipher, - keys, - 192, cipher_operation ); - } - else + memcpy(keys, key_buffer, 16); + memcpy(keys + 16, key_buffer, 8); + ret = mbedtls_cipher_setkey(&operation->ctx.cipher, + keys, + 192, cipher_operation); + } else #endif { - ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer, - (int) key_bits, cipher_operation ); + ret = mbedtls_cipher_setkey(&operation->ctx.cipher, key_buffer, + (int) key_bits, cipher_operation); } - if( ret != 0 ) + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) - switch( alg ) - { + switch (alg) { case PSA_ALG_CBC_NO_PADDING: - ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, - MBEDTLS_PADDING_NONE ); + ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, + MBEDTLS_PADDING_NONE); break; case PSA_ALG_CBC_PKCS7: - ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, - MBEDTLS_PADDING_PKCS7 ); + ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher, + MBEDTLS_PADDING_PKCS7); break; default: /* The algorithm doesn't involve padding. */ ret = 0; break; } - if( ret != 0 ) + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING || MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */ - operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 : - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg ); + operation->block_length = (PSA_ALG_IS_STREAM_CIPHER(alg) ? 1 : + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + operation->iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); exit: - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_ENCRYPT ) ); + return psa_cipher_setup(operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_ENCRYPT); } psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_cipher_setup( operation, attributes, - key_buffer, key_buffer_size, - alg, MBEDTLS_DECRYPT ) ); + return psa_cipher_setup(operation, attributes, + key_buffer, key_buffer_size, + alg, MBEDTLS_DECRYPT); } psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ) + const uint8_t *iv, size_t iv_length) { - if( iv_length != operation->iv_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (iv_length != operation->iv_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } - return( mbedtls_to_psa_error( - mbedtls_cipher_set_iv( &operation->ctx.cipher, - iv, iv_length ) ) ); + return mbedtls_to_psa_error( + mbedtls_cipher_set_iv(&operation->ctx.cipher, + iv, iv_length)); } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) /** Process input for which the algorithm is set to ECB mode. * * This requires manual processing, since the PSA API is defined as being @@ -267,43 +291,42 @@ static psa_status_t psa_cipher_update_ecb( const uint8_t *input, size_t input_length, uint8_t *output, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t block_size = ctx->cipher_info->block_size; size_t internal_output_length = 0; *output_length = 0; - if( input_length == 0 ) - { + if (input_length == 0) { status = PSA_SUCCESS; goto exit; } - if( ctx->unprocessed_len > 0 ) - { + if (ctx->unprocessed_len > 0) { /* Fill up to block size, and run the block if there's a full one. */ size_t bytes_to_copy = block_size - ctx->unprocessed_len; - if( input_length < bytes_to_copy ) + if (input_length < bytes_to_copy) { bytes_to_copy = input_length; + } - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), - input, bytes_to_copy ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), + input, bytes_to_copy); input_length -= bytes_to_copy; input += bytes_to_copy; ctx->unprocessed_len += bytes_to_copy; - if( ctx->unprocessed_len == block_size ) - { + if (ctx->unprocessed_len == block_size) { status = mbedtls_to_psa_error( - mbedtls_cipher_update( ctx, - ctx->unprocessed_data, - block_size, - output, &internal_output_length ) ); + mbedtls_cipher_update(ctx, + ctx->unprocessed_data, + block_size, + output, &internal_output_length)); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } output += internal_output_length; *output_length += internal_output_length; @@ -311,16 +334,16 @@ static psa_status_t psa_cipher_update_ecb( } } - while( input_length >= block_size ) - { + while (input_length >= block_size) { /* Run all full blocks we have, one by one */ status = mbedtls_to_psa_error( - mbedtls_cipher_update( ctx, input, - block_size, - output, &internal_output_length ) ); + mbedtls_cipher_update(ctx, input, + block_size, + output, &internal_output_length)); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } input_length -= block_size; input += block_size; @@ -329,170 +352,175 @@ static psa_status_t psa_cipher_update_ecb( *output_length += internal_output_length; } - if( input_length > 0 ) - { + if (input_length > 0) { /* Save unprocessed bytes for later processing */ - memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), - input, input_length ); + memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), + input, input_length); ctx->unprocessed_len += input_length; } status = PSA_SUCCESS; exit: - return( status ); + return status; } +#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */ psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t expected_output_size; - if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) - { + if (!PSA_ALG_IS_STREAM_CIPHER(operation->alg)) { /* Take the unprocessed partial block left over from previous * update calls, if any, plus the input to this call. Remove * the last partial block, if any. You get the data that will be * output in this call. */ expected_output_size = - ( operation->ctx.cipher.unprocessed_len + input_length ) + (operation->ctx.cipher.unprocessed_len + input_length) / operation->block_length * operation->block_length; - } - else - { + } else { expected_output_size = input_length; } - if( output_size < expected_output_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (output_size < expected_output_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - if( operation->alg == PSA_ALG_ECB_NO_PADDING ) - { +#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) + if (operation->alg == PSA_ALG_ECB_NO_PADDING) { /* mbedtls_cipher_update has an API inconsistency: it will only - * process a single block at a time in ECB mode. Abstract away that - * inconsistency here to match the PSA API behaviour. */ - status = psa_cipher_update_ecb( &operation->ctx.cipher, - input, - input_length, - output, - output_length ); - } - else + * process a single block at a time in ECB mode. Abstract away that + * inconsistency here to match the PSA API behaviour. */ + status = psa_cipher_update_ecb(&operation->ctx.cipher, + input, + input_length, + output, + output_length); + } else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */ { status = mbedtls_to_psa_error( - mbedtls_cipher_update( &operation->ctx.cipher, input, - input_length, output, output_length ) ); + mbedtls_cipher_update(&operation->ctx.cipher, input, + input_length, output, output_length)); - if( *output_length > output_size ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (*output_length > output_size) { + return PSA_ERROR_CORRUPTION_DETECTED; + } } - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { psa_status_t status = PSA_ERROR_GENERIC_ERROR; uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH]; - if( operation->ctx.cipher.unprocessed_len != 0 ) - { - if( operation->alg == PSA_ALG_ECB_NO_PADDING || - operation->alg == PSA_ALG_CBC_NO_PADDING ) - { + if (operation->ctx.cipher.unprocessed_len != 0) { + if (operation->alg == PSA_ALG_ECB_NO_PADDING || + operation->alg == PSA_ALG_CBC_NO_PADDING) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } } status = mbedtls_to_psa_error( - mbedtls_cipher_finish( &operation->ctx.cipher, - temp_output_buffer, - output_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_cipher_finish(&operation->ctx.cipher, + temp_output_buffer, + output_length)); + if (status != PSA_SUCCESS) { goto exit; + } - if( *output_length == 0 ) + if (*output_length == 0) { ; /* Nothing to copy. Note that output may be NULL in this case. */ - else if( output_size >= *output_length ) - memcpy( output, temp_output_buffer, *output_length ); - else + } else if (output_size >= *output_length) { + memcpy(output, temp_output_buffer, *output_length); + } else { status = PSA_ERROR_BUFFER_TOO_SMALL; + } exit: - mbedtls_platform_zeroize( temp_output_buffer, - sizeof( temp_output_buffer ) ); + mbedtls_platform_zeroize(temp_output_buffer, + sizeof(temp_output_buffer)); - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_abort( - mbedtls_psa_cipher_operation_t *operation ) + mbedtls_psa_cipher_operation_t *operation) { /* Sanity check (shouldn't happen: operation->alg should * always have been initialized to a valid value). */ - if( ! PSA_ALG_IS_CIPHER( operation->alg ) ) - return( PSA_ERROR_BAD_STATE ); + if (!PSA_ALG_IS_CIPHER(operation->alg)) { + return PSA_ERROR_BAD_STATE; + } - mbedtls_cipher_free( &operation->ctx.cipher ); + mbedtls_cipher_free(&operation->ctx.cipher); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *iv, - size_t iv_length, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ) +psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_length, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t update_output_length, finish_output_length; - status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_encrypt_setup(&operation, attributes, + key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( iv_length > 0 ) - { - status = mbedtls_psa_cipher_set_iv( &operation, iv, iv_length ); - if( status != PSA_SUCCESS ) + if (iv_length > 0) { + status = mbedtls_psa_cipher_set_iv(&operation, iv, iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } - status = mbedtls_psa_cipher_update( &operation, input, input_length, - output, output_size, &update_output_length ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_update(&operation, input, input_length, + output, output_size, &update_output_length); + if (status != PSA_SUCCESS) { goto exit; + } - status = mbedtls_psa_cipher_finish( &operation, output + update_output_length, - output_size - update_output_length, - &finish_output_length ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_finish( + &operation, + mbedtls_buffer_offset(output, update_output_length), + output_size - update_output_length, &finish_output_length); + if (status != PSA_SUCCESS) { goto exit; + } *output_length = update_output_length + finish_output_length; exit: - if( status == PSA_SUCCESS ) - status = mbedtls_psa_cipher_abort( &operation ); - else - mbedtls_psa_cipher_abort( &operation ); + if (status == PSA_SUCCESS) { + status = mbedtls_psa_cipher_abort(&operation); + } else { + mbedtls_psa_cipher_abort(&operation); + } - return( status ); + return status; } psa_status_t mbedtls_psa_cipher_decrypt( @@ -504,49 +532,56 @@ psa_status_t mbedtls_psa_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT; size_t olength, accumulated_length; - status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes, - key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_decrypt_setup(&operation, attributes, + key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( operation.iv_length > 0 ) - { - status = mbedtls_psa_cipher_set_iv( &operation, - input, operation.iv_length ); - if( status != PSA_SUCCESS ) + if (operation.iv_length > 0) { + status = mbedtls_psa_cipher_set_iv(&operation, + input, operation.iv_length); + if (status != PSA_SUCCESS) { goto exit; + } } - status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length, - input_length - operation.iv_length, - output, output_size, &olength ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_update( + &operation, + mbedtls_buffer_offset_const(input, operation.iv_length), + input_length - operation.iv_length, + output, output_size, &olength); + if (status != PSA_SUCCESS) { goto exit; + } accumulated_length = olength; - status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length, - output_size - accumulated_length, - &olength ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_cipher_finish( + &operation, + mbedtls_buffer_offset(output, accumulated_length), + output_size - accumulated_length, &olength); + if (status != PSA_SUCCESS) { goto exit; + } *output_length = accumulated_length + olength; exit: - if ( status == PSA_SUCCESS ) - status = mbedtls_psa_cipher_abort( &operation ); - else - mbedtls_psa_cipher_abort( &operation ); + if (status == PSA_SUCCESS) { + status = mbedtls_psa_cipher_abort(&operation); + } else { + mbedtls_psa_cipher_abort(&operation); + } - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_cipher.h b/third_party/mbedtls/repo/library/psa_crypto_cipher.h index fae98473c48..2478d586076 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_cipher.h +++ b/third_party/mbedtls/repo/library/psa_crypto_cipher.h @@ -1,21 +1,9 @@ /* - * PSA cipher driver entry points + * PSA cipher driver entry points and associated auxiliary functions */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CIPHER_H @@ -38,7 +26,7 @@ */ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, - mbedtls_cipher_id_t *cipher_id ); + mbedtls_cipher_id_t *cipher_id); /** * \brief Set the key for a multipart symmetric encryption operation. @@ -59,16 +47,16 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** * \brief Set the key for a multipart symmetric decryption operation. @@ -89,16 +77,16 @@ psa_status_t mbedtls_psa_cipher_encrypt_setup( * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** Set the IV for a symmetric encryption or decryption operation. * @@ -116,15 +104,15 @@ psa_status_t mbedtls_psa_cipher_decrypt_setup( * the core to be less or equal to * PSA_CIPHER_IV_MAX_SIZE. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, - const uint8_t *iv, size_t iv_length ); + const uint8_t *iv, size_t iv_length); /** Encrypt or decrypt a message fragment in an active cipher operation. * @@ -142,15 +130,15 @@ psa_status_t mbedtls_psa_cipher_set_iv( * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); /** Finish encrypting or decrypting a message in a cipher operation. * @@ -165,7 +153,7 @@ psa_status_t mbedtls_psa_cipher_update( * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input size passed to this operation is not valid for * this particular algorithm. For example, the algorithm is a based @@ -176,11 +164,11 @@ psa_status_t mbedtls_psa_cipher_update( * padding, and the ciphertext does not contain valid padding. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, - uint8_t *output, size_t output_size, size_t *output_length ); + uint8_t *output, size_t output_size, size_t *output_length); /** Abort a cipher operation. * @@ -195,9 +183,9 @@ psa_status_t mbedtls_psa_cipher_finish( * * \param[in,out] operation Initialized cipher operation. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ -psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation ); +psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation); /** Encrypt a message using a symmetric cipher. * @@ -224,10 +212,10 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * the returned output. Initialized to zero * by the core. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -241,17 +229,17 @@ psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. */ -psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *iv, - size_t iv_length, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); +psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_length, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); /** Decrypt a message using a symmetric cipher. * @@ -275,10 +263,10 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * the returned output. Initialized to zero * by the core. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -292,14 +280,14 @@ psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes, * This is a decryption operation for an algorithm that includes * padding, and the ciphertext does not contain valid padding. */ -psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length ); +psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *output, + size_t output_size, + size_t *output_length); #endif /* PSA_CRYPTO_CIPHER_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_client.c b/third_party/mbedtls/repo/library/psa_crypto_client.c index 629feb7dfaf..564463fedc1 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_client.c +++ b/third_party/mbedtls/repo/library/psa_crypto_client.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -25,37 +13,32 @@ #include #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -void psa_reset_key_attributes( psa_key_attributes_t *attributes ) +void psa_reset_key_attributes(psa_key_attributes_t *attributes) { - mbedtls_free( attributes->domain_parameters ); - memset( attributes, 0, sizeof( *attributes ) ); + mbedtls_free(attributes->domain_parameters); + memset(attributes, 0, sizeof(*attributes)); } -psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, - psa_key_type_t type, - const uint8_t *data, - size_t data_length ) +psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, + psa_key_type_t type, + const uint8_t *data, + size_t data_length) { uint8_t *copy = NULL; - if( data_length != 0 ) - { - copy = mbedtls_calloc( 1, data_length ); - if( copy == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( copy, data, data_length ); + if (data_length != 0) { + copy = mbedtls_calloc(1, data_length); + if (copy == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(copy, data, data_length); } /* After this point, this function is guaranteed to succeed, so it * can start modifying `*attributes`. */ - if( attributes->domain_parameters != NULL ) - { - mbedtls_free( attributes->domain_parameters ); + if (attributes->domain_parameters != NULL) { + mbedtls_free(attributes->domain_parameters); attributes->domain_parameters = NULL; attributes->domain_parameters_size = 0; } @@ -63,20 +46,22 @@ psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes, attributes->domain_parameters = copy; attributes->domain_parameters_size = data_length; attributes->core.type = type; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { - if( attributes->domain_parameters_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (attributes->domain_parameters_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *data_length = attributes->domain_parameters_size; - if( attributes->domain_parameters_size != 0 ) - memcpy( data, attributes->domain_parameters, - attributes->domain_parameters_size ); - return( PSA_SUCCESS ); + if (attributes->domain_parameters_size != 0) { + memcpy(data, attributes->domain_parameters, + attributes->domain_parameters_size); + } + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_core.h b/third_party/mbedtls/repo/library/psa_crypto_core.h index 4420ec25698..6bcd78fe08b 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_core.h +++ b/third_party/mbedtls/repo/library/psa_crypto_core.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CORE_H @@ -39,22 +27,22 @@ * \return 0 if the buffer contents are equal, non-zero otherwise */ static inline int mbedtls_psa_safer_memcmp( - const uint8_t *a, const uint8_t *b, size_t n ) + const uint8_t *a, const uint8_t *b, size_t n) { size_t i; unsigned char diff = 0; - for( i = 0; i < n; i++ ) + for (i = 0; i < n; i++) { diff |= a[i] ^ b[i]; + } - return( diff ); + return diff; } /** The data structure representing a key slot, containing key material * and metadata for one key. */ -typedef struct -{ +typedef struct { psa_core_key_attributes_t attr; /* @@ -84,8 +72,7 @@ typedef struct /* Dynamically allocated key data buffer. * Format as specified in psa_export_key(). */ - struct key_data - { + struct key_data { uint8_t *data; size_t bytes; } key; @@ -94,7 +81,7 @@ typedef struct /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ - 0 ) + 0) /** Test whether a key slot is occupied. * @@ -105,9 +92,9 @@ typedef struct * * \return 1 if the slot is occupied, 0 otherwise. */ -static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) +static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot) { - return( slot->attr.type != 0 ); + return slot->attr.type != 0; } /** Test whether a key slot is locked. @@ -118,9 +105,9 @@ static inline int psa_is_key_slot_occupied( const psa_key_slot_t *slot ) * * \return 1 if the slot is locked, 0 otherwise. */ -static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot ) +static inline int psa_is_key_slot_locked(const psa_key_slot_t *slot) { - return( slot->lock_count > 0 ); + return slot->lock_count > 0; } /** Retrieve flags from psa_key_slot_t::attr::core::flags. @@ -131,10 +118,10 @@ static inline int psa_is_key_slot_locked( const psa_key_slot_t *slot ) * \return The key attribute flags in the given slot, * bitwise-anded with \p mask. */ -static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot, - uint16_t mask ) +static inline uint16_t psa_key_slot_get_flags(const psa_key_slot_t *slot, + uint16_t mask) { - return( slot->attr.flags & mask ); + return slot->attr.flags & mask; } /** Set flags in psa_key_slot_t::attr::core::flags. @@ -143,12 +130,12 @@ static inline uint16_t psa_key_slot_get_flags( const psa_key_slot_t *slot, * \param mask The mask of bits to modify. * \param value The new value of the selected bits. */ -static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, - uint16_t mask, - uint16_t value ) +static inline void psa_key_slot_set_flags(psa_key_slot_t *slot, + uint16_t mask, + uint16_t value) { - slot->attr.flags = ( ( ~mask & slot->attr.flags ) | - ( mask & value ) ); + slot->attr.flags = ((~mask & slot->attr.flags) | + (mask & value)); } /** Turn on flags in psa_key_slot_t::attr::core::flags. @@ -156,8 +143,8 @@ static inline void psa_key_slot_set_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to set. */ -static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, - uint16_t mask ) +static inline void psa_key_slot_set_bits_in_flags(psa_key_slot_t *slot, + uint16_t mask) { slot->attr.flags |= mask; } @@ -167,8 +154,8 @@ static inline void psa_key_slot_set_bits_in_flags( psa_key_slot_t *slot, * \param[in,out] slot The key slot to modify. * \param mask The mask of bits to clear. */ -static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, - uint16_t mask ) +static inline void psa_key_slot_clear_bits(psa_key_slot_t *slot, + uint16_t mask) { slot->attr.flags &= ~mask; } @@ -181,9 +168,9 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot, * secure element, otherwise the behaviour is undefined. */ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( - const psa_key_slot_t *slot ) + const psa_key_slot_t *slot) { - return( *( (psa_key_slot_number_t *)( slot->key.data ) ) ); + return *((psa_key_slot_number_t *) (slot->key.data)); } #endif @@ -196,9 +183,9 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( * \retval #PSA_SUCCESS * Success. This includes the case of a key slot that was * already fully wiped. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ -psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); +psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); /** Try to allocate a buffer to an empty key slot. * @@ -212,11 +199,11 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot ); * \retval #PSA_ERROR_ALREADY_EXISTS * Trying to allocate a buffer to a non-empty key slot. */ -psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot, - size_t buffer_length ); +psa_status_t psa_allocate_buffer_to_slot(psa_key_slot_t *slot, + size_t buffer_length); /** Wipe key data from a slot. Preserves metadata such as the policy. */ -psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); +psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot); /** Copy key data (in export format) into an empty key slot. * @@ -235,36 +222,20 @@ psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ); * \retval #PSA_ERROR_ALREADY_EXISTS * There was other key material already present in the slot. */ -psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot, - const uint8_t *data, - size_t data_length ); +psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, + const uint8_t *data, + size_t data_length); -/** Convert an mbed TLS error code to a PSA error code +/** Convert an Mbed TLS error code to a PSA error code * * \note This function is provided solely for the convenience of * Mbed TLS and may be removed at any time without notice. * - * \param ret An mbed TLS-thrown error code + * \param ret An Mbed TLS-thrown error code * * \return The corresponding PSA error code */ -psa_status_t mbedtls_to_psa_error( int ret ); - -/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier - * as well as the PSA type and size of the key to be used with the cipher - * algorithm. - * - * \param alg PSA cipher algorithm identifier - * \param key_type PSA key type - * \param key_bits Size of the key in bits - * \param[out] cipher_id Mbed TLS cipher algorithm identifier - * - * \return The Mbed TLS cipher information of the cipher algorithm. - * \c NULL if the PSA cipher algorithm is not supported. - */ -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( - psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, - mbedtls_cipher_id_t *cipher_id ); +psa_status_t mbedtls_to_psa_error(int ret); /** Import a key in binary format. * @@ -288,15 +259,15 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( * \retval #PSA_SUCCESS The key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t psa_import_key_into_slot( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export a key in binary format * @@ -313,17 +284,17 @@ psa_status_t psa_import_key_into_slot( * \p data * * \retval #PSA_SUCCESS The key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_export_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** Export a public key or the public part of a key pair in binary format. * @@ -341,17 +312,17 @@ psa_status_t psa_export_key_internal( * \p data * * \retval #PSA_SUCCESS The public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_export_public_key_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate a key. @@ -367,16 +338,16 @@ psa_status_t psa_export_public_key_internal( * * \retval #PSA_SUCCESS * The key was generated successfully. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription * \retval #PSA_ERROR_NOT_SUPPORTED * Key size in bits or type not supported. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of \p key_buffer is too small. */ -psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, - size_t key_buffer_size, - size_t *key_buffer_length ); +psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length); /** Sign a message with a private key. For hash-and-sign algorithms, * this includes the hashing step. @@ -402,24 +373,24 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of the key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t psa_sign_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** Verify the signature of a message with a public key, using * a hash-and-sign verification algorithm. @@ -448,15 +419,15 @@ psa_status_t psa_sign_message_builtin( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_verify_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); /** Sign an already-calculated hash with a private key. * @@ -478,24 +449,24 @@ psa_status_t psa_verify_message_builtin( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of the key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify the signature a hash or short message using a public key. @@ -522,14 +493,14 @@ psa_status_t psa_sign_hash_builtin( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_CORE_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.c b/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.c index 16166fc5a5a..196cd2eda7d 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.c +++ b/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.c @@ -4,19 +4,7 @@ * Warning: This file will be auto-generated in the future. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "psa_crypto_aead.h" @@ -66,41 +54,44 @@ #include "psa_crypto_se.h" #endif -psa_status_t psa_driver_wrapper_init( void ) +psa_status_t psa_driver_wrapper_init(void) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) - status = psa_init_all_se_drivers( ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_init_all_se_drivers(); + if (status != PSA_SUCCESS) { + return status; + } #endif #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_test_transparent_init(); + if (status != PSA_SUCCESS) { + return status; + } - status = mbedtls_test_opaque_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_test_opaque_init(); + if (status != PSA_SUCCESS) { + return status; + } #endif (void) status; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void psa_driver_wrapper_free( void ) +void psa_driver_wrapper_free(void) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Unregister all secure element drivers, so that we restart from * a pristine state. */ - psa_unregister_all_se_drivers( ); + psa_unregister_all_se_drivers(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #if defined(PSA_CRYPTO_DRIVER_TEST) - mbedtls_test_transparent_free( ); - mbedtls_test_opaque_free( ); + mbedtls_test_transparent_free(); + mbedtls_test_opaque_free(); #endif } @@ -114,70 +105,71 @@ psa_status_t psa_driver_wrapper_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_sign_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_signature_sign_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; + (void) status; break; } - return( psa_sign_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ) ); + return psa_sign_message_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length); } psa_status_t psa_driver_wrapper_verify_message( @@ -188,150 +180,149 @@ psa_status_t psa_driver_wrapper_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_verify_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_verify_message( - attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + return mbedtls_test_opaque_signature_verify_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; + (void) status; break; } - return( psa_verify_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); + return psa_verify_message_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length); } psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_sign == NULL ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->asymmetric == NULL || + drv->asymmetric->p_sign == NULL) { /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->asymmetric->p_sign( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return drv->asymmetric->p_sign( + drv_context, *((psa_key_slot_number_t *) key_buffer), + alg, hash, hash_length, + signature, signature_size, signature_length); } -#endif /* PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ); + status = mbedtls_test_transparent_signature_sign_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_sign_hash_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); - - /* Add cases for opaque driver here */ + return psa_sign_hash_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); + + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_sign_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); + return mbedtls_test_opaque_signature_sign_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -339,81 +330,79 @@ psa_status_t psa_driver_wrapper_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_verify == NULL ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->asymmetric == NULL || + drv->asymmetric->p_verify == NULL) { /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->asymmetric->p_verify( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_length ) ); + return drv->asymmetric->p_verify( + drv_context, *((psa_key_slot_number_t *) key_buffer), + alg, hash, hash_length, + signature, signature_length); } -#endif /* PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_signature_verify_hash( - attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ); + attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - return( psa_verify_hash_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return psa_verify_hash_builtin(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_verify_hash( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return mbedtls_test_opaque_signature_verify_hash(attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -434,42 +423,40 @@ psa_status_t psa_driver_wrapper_verify_hash( */ psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, - size_t *key_buffer_size ) + size_t *key_buffer_size) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); psa_key_type_t key_type = attributes->core.type; size_t key_bits = attributes->core.bits; *key_buffer_size = 0; - switch( location ) - { + switch (location) { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) /* Emulate property 'builtin_key_size' */ - if( psa_key_id_is_builtin( + if (psa_key_id_is_builtin( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - psa_get_key_id( attributes ) ) ) ) - { - *key_buffer_size = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + psa_get_key_id(attributes)))) { + *key_buffer_size = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - *key_buffer_size = mbedtls_test_size_function( key_type, key_bits ); - return( ( *key_buffer_size != 0 ) ? - PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); + *key_buffer_size = mbedtls_test_size_function(key_type, key_bits); + return (*key_buffer_size != 0) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED; #endif /* PSA_CRYPTO_DRIVER_TEST */ default: - (void)key_type; - (void)key_bits; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) key_type; + (void) key_bits; + return PSA_ERROR_NOT_SUPPORTED; } } psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = @@ -480,52 +467,49 @@ psa_status_t psa_driver_wrapper_generate_key( const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { size_t pubkey_length = 0; /* We don't support this feature yet */ - if( drv->key_management == NULL || - drv->key_management->p_generate == NULL ) - { + if (drv->key_management == NULL || + drv->key_management->p_generate == NULL) { /* Key is defined as being in SE, but we have no way to generate it */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_generate( + return drv->key_management->p_generate( drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - attributes, NULL, 0, &pubkey_length ) ); + *((psa_key_slot_number_t *) key_buffer), + attributes, NULL, 0, &pubkey_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) /* Transparent drivers are limited to generating asymmetric keys */ - if( PSA_KEY_TYPE_IS_ASYMMETRIC( attributes->core.type ) ) - { - /* Cycle through all known transparent accelerators */ + if (PSA_KEY_TYPE_IS_ASYMMETRIC(attributes->core.type)) { + /* Cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_generate_key( attributes, key_buffer, key_buffer_size, - key_buffer_length ); + key_buffer_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) + if (status != PSA_ERROR_NOT_SUPPORTED) { break; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ } #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Software fallback */ status = psa_generate_key_internal( - attributes, key_buffer, key_buffer_size, key_buffer_length ); + attributes, key_buffer, key_buffer_size, key_buffer_length); break; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_generate_key( - attributes, key_buffer, key_buffer_size, key_buffer_length ); + attributes, key_buffer, key_buffer_size, key_buffer_length); break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -536,7 +520,7 @@ psa_status_t psa_driver_wrapper_generate_key( break; } - return( status ); + return status; } psa_status_t psa_driver_wrapper_import_key( @@ -546,69 +530,71 @@ psa_status_t psa_driver_wrapper_import_key( uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length, - size_t *bits ) + size_t *bits) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->key_management == NULL || - drv->key_management->p_import == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if (drv->key_management == NULL || + drv->key_management->p_import == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } /* The driver should set the number of key bits, however in * case it doesn't, we initialize bits to an invalid value. */ *bits = PSA_MAX_KEY_BITS + 1; status = drv->key_management->p_import( drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - attributes, data, data_length, bits ); + *((psa_key_slot_number_t *) key_buffer), + attributes, data, data_length, bits); - if( status != PSA_SUCCESS ) - return( status ); + if (status != PSA_SUCCESS) { + return status; + } - if( (*bits) > PSA_MAX_KEY_BITS ) - return( PSA_ERROR_NOT_SUPPORTED ); + if ((*bits) > PSA_MAX_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -#endif /* PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ); + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_import_key_into_slot( attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + return psa_import_key_into_slot(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); default: /* Importing a key with external storage in not yet supported. * Return in error indicating that the lifetime is not valid. */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -616,157 +602,151 @@ psa_status_t psa_driver_wrapper_import_key( psa_status_t psa_driver_wrapper_export_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export == NULL ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if ((drv->key_management == NULL) || + (drv->key_management->p_export == NULL)) { + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_export( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); + return drv->key_management->p_export( + drv_context, + *((psa_key_slot_number_t *) key_buffer), + data, data_size, data_length); } -#endif /* PSA_CRYPTO_SE_C */ +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: - return( psa_export_key_internal( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return psa_export_key_internal(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_export_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return mbedtls_test_opaque_export_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - return( status ); + return status; } } psa_status_t psa_driver_wrapper_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); + psa_get_key_lifetime(attributes)); /* Try dynamically-registered SE interface first */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export_public == NULL ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_se_driver(attributes->core.lifetime, &drv, &drv_context)) { + if ((drv->key_management == NULL) || + (drv->key_management->p_export_public == NULL)) { + return PSA_ERROR_NOT_SUPPORTED; } - return( drv->key_management->p_export_public( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); + return drv->key_management->p_export_public( + drv_context, + *((psa_key_slot_number_t *) key_buffer), + data, data_size, data_length); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_export_public_key( - attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ); + attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_export_public_key_internal( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); - - /* Add cases for opaque driver here */ + return psa_export_public_key_internal(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); + + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_export_public_key( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); + return mbedtls_test_opaque_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - return( status ); + return status; } } psa_status_t psa_driver_wrapper_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); - switch( location ) - { + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); + switch (location) { #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_get_builtin_key( - slot_number, - attributes, - key_buffer, key_buffer_size, key_buffer_length ) ); + return mbedtls_test_opaque_get_builtin_key( + slot_number, + attributes, + key_buffer, key_buffer_size, key_buffer_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ default: (void) slot_number; (void) key_buffer; (void) key_buffer_size; (void) key_buffer_length; - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } @@ -784,82 +764,84 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_encrypt( attributes, - key_buffer, - key_buffer_size, - alg, - iv, - iv_length, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_test_opaque_cipher_encrypt(attributes, + key_buffer, + key_buffer_size, + alg, + iv, + iv_length, + input, + input_length, + output, + output_size, + output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) iv; + (void) iv_length; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -872,76 +854,76 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - status = mbedtls_test_transparent_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ); + status = mbedtls_test_transparent_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); #else - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_cipher_decrypt( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_test_opaque_cipher_decrypt(attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + output, + output_size, + output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -949,14 +931,13 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -967,31 +948,35 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_cipher_encrypt_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, - key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_cipher_encrypt_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, + key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -999,22 +984,23 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)operation; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1022,14 +1008,13 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1040,89 +1025,93 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_cipher_decrypt_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, - key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_cipher_decrypt_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, + key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - return( status ); + return status; +#else /* MBEDTLS_PSA_BUILTIN_CIPHER */ + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ - return( PSA_ERROR_NOT_SUPPORTED ); - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_cipher_decrypt_setup( - &operation->ctx.opaque_test_driver_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); + &operation->ctx.opaque_test_driver_ctx, + attributes, + key_buffer, key_buffer_size, + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - (void)operation; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_cipher_set_iv( psa_cipher_operation_t *operation, const uint8_t *iv, - size_t iv_length ) + size_t iv_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_set_iv( &operation->ctx.mbedtls_ctx, - iv, - iv_length ) ); + return mbedtls_psa_cipher_set_iv(&operation->ctx.mbedtls_ctx, + iv, + iv_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_set_iv( - &operation->ctx.transparent_test_driver_ctx, - iv, iv_length ) ); + return mbedtls_test_transparent_cipher_set_iv( + &operation->ctx.transparent_test_driver_ctx, + iv, iv_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_set_iv( - &operation->ctx.opaque_test_driver_ctx, - iv, iv_length ) ); + return mbedtls_test_opaque_cipher_set_iv( + &operation->ctx.opaque_test_driver_ctx, + iv, iv_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)iv; - (void)iv_length; + (void) iv; + (void) iv_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_update( @@ -1131,119 +1120,116 @@ psa_status_t psa_driver_wrapper_cipher_update( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_update( &operation->ctx.mbedtls_ctx, - input, - input_length, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_update(&operation->ctx.mbedtls_ctx, + input, + input_length, + output, + output_size, + output_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_update( - &operation->ctx.transparent_test_driver_ctx, - input, input_length, - output, output_size, output_length ) ); + return mbedtls_test_transparent_cipher_update( + &operation->ctx.transparent_test_driver_ctx, + input, input_length, + output, output_size, output_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_update( - &operation->ctx.opaque_test_driver_ctx, - input, input_length, - output, output_size, output_length ) ); + return mbedtls_test_opaque_cipher_update( + &operation->ctx.opaque_test_driver_ctx, + input, input_length, + output, output_size, output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)input; - (void)input_length; - (void)output; - (void)output_size; - (void)output_length; + (void) input; + (void) input_length; + (void) output; + (void) output_size; + (void) output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_finish( psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_finish( &operation->ctx.mbedtls_ctx, - output, - output_size, - output_length ) ); + return mbedtls_psa_cipher_finish(&operation->ctx.mbedtls_ctx, + output, + output_size, + output_length); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_cipher_finish( - &operation->ctx.transparent_test_driver_ctx, - output, output_size, output_length ) ); + return mbedtls_test_transparent_cipher_finish( + &operation->ctx.transparent_test_driver_ctx, + output, output_size, output_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_cipher_finish( - &operation->ctx.opaque_test_driver_ctx, - output, output_size, output_length ) ); + return mbedtls_test_opaque_cipher_finish( + &operation->ctx.opaque_test_driver_ctx, + output, output_size, output_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)output; - (void)output_size; - (void)output_length; + (void) output; + (void) output_size; + (void) output_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } psa_status_t psa_driver_wrapper_cipher_abort( - psa_cipher_operation_t *operation ) + psa_cipher_operation_t *operation) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_cipher_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_cipher_abort(&operation->ctx.mbedtls_ctx); #endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: status = mbedtls_test_transparent_cipher_abort( - &operation->ctx.transparent_test_driver_ctx ); + &operation->ctx.transparent_test_driver_ctx); mbedtls_platform_zeroize( &operation->ctx.transparent_test_driver_ctx, - sizeof( operation->ctx.transparent_test_driver_ctx ) ); - return( status ); + sizeof(operation->ctx.transparent_test_driver_ctx)); + return status; case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: status = mbedtls_test_opaque_cipher_abort( - &operation->ctx.opaque_test_driver_ctx ); + &operation->ctx.opaque_test_driver_ctx); mbedtls_platform_zeroize( &operation->ctx.opaque_test_driver_ctx, - sizeof( operation->ctx.opaque_test_driver_ctx ) ); - return( status ); + sizeof(operation->ctx.opaque_test_driver_ctx)); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ } - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } /* @@ -1262,17 +1248,19 @@ psa_status_t psa_driver_wrapper_hash_compute( /* Try accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_hash_compute( - alg, input, input_length, hash, hash_size, hash_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + alg, input, input_length, hash, hash_size, hash_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) - status = mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + status = mbedtls_psa_hash_compute(alg, input, input_length, + hash, hash_size, hash_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif (void) status; (void) alg; @@ -1282,89 +1270,91 @@ psa_status_t psa_driver_wrapper_hash_compute( (void) hash_size; (void) hash_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Try setup on accelerators first */ #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_hash_setup( - &operation->ctx.test_driver_ctx, alg ); - if( status == PSA_SUCCESS ) + &operation->ctx.test_driver_ctx, alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* If software fallback is compiled in, try fallback */ #if defined(MBEDTLS_PSA_BUILTIN_HASH) - status = mbedtls_psa_hash_setup( &operation->ctx.mbedtls_ctx, alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_hash_setup(&operation->ctx.mbedtls_ctx, alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* Nothing left to try if we fall through here */ (void) status; (void) operation; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t psa_driver_wrapper_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ) + psa_hash_operation_t *target_operation) { - switch( source_operation->id ) - { + switch (source_operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: target_operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; - return( mbedtls_psa_hash_clone( &source_operation->ctx.mbedtls_ctx, - &target_operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_hash_clone(&source_operation->ctx.mbedtls_ctx, + &target_operation->ctx.mbedtls_ctx); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: target_operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; - return( mbedtls_test_transparent_hash_clone( - &source_operation->ctx.test_driver_ctx, - &target_operation->ctx.test_driver_ctx ) ); + return mbedtls_test_transparent_hash_clone( + &source_operation->ctx.test_driver_ctx, + &target_operation->ctx.test_driver_ctx); #endif default: (void) target_operation; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } psa_status_t psa_driver_wrapper_hash_update( psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_update( &operation->ctx.mbedtls_ctx, - input, input_length ) ); + return mbedtls_psa_hash_update(&operation->ctx.mbedtls_ctx, + input, input_length); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_update( - &operation->ctx.test_driver_ctx, - input, input_length ) ); + return mbedtls_test_transparent_hash_update( + &operation->ctx.test_driver_ctx, + input, input_length); #endif default: (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -1372,45 +1362,43 @@ psa_status_t psa_driver_wrapper_hash_finish( psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_finish( &operation->ctx.mbedtls_ctx, - hash, hash_size, hash_length ) ); + return mbedtls_psa_hash_finish(&operation->ctx.mbedtls_ctx, + hash, hash_size, hash_length); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_finish( - &operation->ctx.test_driver_ctx, - hash, hash_size, hash_length ) ); + return mbedtls_test_transparent_hash_finish( + &operation->ctx.test_driver_ctx, + hash, hash_size, hash_length); #endif default: (void) hash; (void) hash_size; (void) hash_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } psa_status_t psa_driver_wrapper_hash_abort( - psa_hash_operation_t *operation ) + psa_hash_operation_t *operation) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_HASH) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_hash_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_hash_abort(&operation->ctx.mbedtls_ctx); #endif #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_hash_abort( - &operation->ctx.test_driver_ctx ) ); + return mbedtls_test_transparent_hash_abort( + &operation->ctx.test_driver_ctx); #endif default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -1421,14 +1409,13 @@ psa_status_t psa_driver_wrapper_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1436,33 +1423,34 @@ psa_status_t psa_driver_wrapper_aead_encrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_aead_encrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( mbedtls_psa_aead_encrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ) ); + return mbedtls_psa_aead_encrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); /* Add cases for opaque driver here */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1473,14 +1461,13 @@ psa_status_t psa_driver_wrapper_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1488,33 +1475,34 @@ psa_status_t psa_driver_wrapper_aead_decrypt( #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) status = mbedtls_test_transparent_aead_decrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( mbedtls_psa_aead_decrypt( - attributes, key_buffer, key_buffer_size, - alg, - nonce, nonce_length, - additional_data, additional_data_length, - ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ) ); + return mbedtls_psa_aead_decrypt( + attributes, key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); /* Add cases for opaque driver here */ default: /* Key is declared with a lifetime not known to us */ - (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + (void) status; + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1531,14 +1519,13 @@ psa_status_t psa_driver_wrapper_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1547,10 +1534,11 @@ psa_status_t psa_driver_wrapper_mac_compute( status = mbedtls_test_transparent_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); /* Declared with fallback == true */ - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) @@ -1558,21 +1546,22 @@ psa_status_t psa_driver_wrapper_mac_compute( status = mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + mac, mac_size, mac_length); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: status = mbedtls_test_opaque_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); - return( status ); + mac, mac_size, mac_length); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1586,7 +1575,7 @@ psa_status_t psa_driver_wrapper_mac_compute( (void) mac_size; (void) mac_length; (void) status; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1595,14 +1584,13 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1612,30 +1600,34 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_sign_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_mac_sign_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -1643,12 +1635,13 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1658,7 +1651,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( (void) key_buffer; (void) key_buffer_size; (void) alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1667,14 +1660,13 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = - PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime); - switch( location ) - { + switch (location) { case PSA_KEY_LOCATION_LOCAL_STORAGE: /* Key is stored in the slot in export representation, so * cycle through all known transparent accelerators */ @@ -1684,30 +1676,34 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( &operation->ctx.transparent_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); /* Declared with fallback == true */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ #if defined(MBEDTLS_PSA_BUILTIN_MAC) /* Fell through, meaning no accelerator supports this operation */ - status = mbedtls_psa_mac_verify_setup( &operation->ctx.mbedtls_ctx, - attributes, - key_buffer, key_buffer_size, - alg ); - if( status == PSA_SUCCESS ) + status = mbedtls_psa_mac_verify_setup(&operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg); + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + } - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); + if (status != PSA_ERROR_NOT_SUPPORTED) { + return status; + } #endif /* MBEDTLS_PSA_BUILTIN_MAC */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; - /* Add cases for opaque driver here */ + /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: @@ -1715,12 +1711,13 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( &operation->ctx.opaque_test_driver_ctx, attributes, key_buffer, key_buffer_size, - alg ); + alg); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { operation->id = PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID; + } - return( status ); + return status; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -1730,40 +1727,39 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( (void) key_buffer; (void) key_buffer_size; (void) alg; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_update( psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_update( &operation->ctx.mbedtls_ctx, - input, input_length ) ); + return mbedtls_psa_mac_update(&operation->ctx.mbedtls_ctx, + input, input_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_update( - &operation->ctx.transparent_test_driver_ctx, - input, input_length ) ); + return mbedtls_test_transparent_mac_update( + &operation->ctx.transparent_test_driver_ctx, + input, input_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_update( - &operation->ctx.opaque_test_driver_ctx, - input, input_length ) ); + return mbedtls_test_opaque_mac_update( + &operation->ctx.opaque_test_driver_ctx, + input, input_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) input; (void) input_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } @@ -1771,92 +1767,89 @@ psa_status_t psa_driver_wrapper_mac_sign_finish( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_sign_finish( &operation->ctx.mbedtls_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_psa_mac_sign_finish(&operation->ctx.mbedtls_ctx, + mac, mac_size, mac_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_sign_finish( - &operation->ctx.transparent_test_driver_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_test_transparent_mac_sign_finish( + &operation->ctx.transparent_test_driver_ctx, + mac, mac_size, mac_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_sign_finish( - &operation->ctx.opaque_test_driver_ctx, - mac, mac_size, mac_length ) ); + return mbedtls_test_opaque_mac_sign_finish( + &operation->ctx.opaque_test_driver_ctx, + mac, mac_size, mac_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) mac; (void) mac_size; (void) mac_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_verify_finish( psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_verify_finish( &operation->ctx.mbedtls_ctx, - mac, mac_length ) ); + return mbedtls_psa_mac_verify_finish(&operation->ctx.mbedtls_ctx, + mac, mac_length); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_verify_finish( - &operation->ctx.transparent_test_driver_ctx, - mac, mac_length ) ); + return mbedtls_test_transparent_mac_verify_finish( + &operation->ctx.transparent_test_driver_ctx, + mac, mac_length); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_verify_finish( - &operation->ctx.opaque_test_driver_ctx, - mac, mac_length ) ); + return mbedtls_test_opaque_mac_verify_finish( + &operation->ctx.opaque_test_driver_ctx, + mac, mac_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: (void) mac; (void) mac_length; - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } psa_status_t psa_driver_wrapper_mac_abort( - psa_mac_operation_t *operation ) + psa_mac_operation_t *operation) { - switch( operation->id ) - { + switch (operation->id) { #if defined(MBEDTLS_PSA_BUILTIN_MAC) case PSA_CRYPTO_MBED_TLS_DRIVER_ID: - return( mbedtls_psa_mac_abort( &operation->ctx.mbedtls_ctx ) ); + return mbedtls_psa_mac_abort(&operation->ctx.mbedtls_ctx); #endif /* MBEDTLS_PSA_BUILTIN_MAC */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID: - return( mbedtls_test_transparent_mac_abort( - &operation->ctx.transparent_test_driver_ctx ) ); + return mbedtls_test_transparent_mac_abort( + &operation->ctx.transparent_test_driver_ctx); case PSA_CRYPTO_OPAQUE_TEST_DRIVER_ID: - return( mbedtls_test_opaque_mac_abort( - &operation->ctx.opaque_test_driver_ctx ) ); + return mbedtls_test_opaque_mac_abort( + &operation->ctx.opaque_test_driver_ctx); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; } } diff --git a/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.h b/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.h index 7cb88a0b4ea..7e769777cfd 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.h +++ b/third_party/mbedtls/repo/library/psa_crypto_driver_wrappers.h @@ -4,19 +4,7 @@ * Warning: This file will be auto-generated in the future. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_WRAPPERS_H @@ -28,8 +16,8 @@ /* * Initialization and termination functions */ -psa_status_t psa_driver_wrapper_init( void ); -void psa_driver_wrapper_free( void ); +psa_status_t psa_driver_wrapper_init(void); +void psa_driver_wrapper_free(void); /* * Signature functions @@ -43,7 +31,7 @@ psa_status_t psa_driver_wrapper_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t psa_driver_wrapper_verify_message( const psa_key_attributes_t *attributes, @@ -53,19 +41,19 @@ psa_status_t psa_driver_wrapper_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t psa_driver_wrapper_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); /* * Key handling functions @@ -75,30 +63,30 @@ psa_status_t psa_driver_wrapper_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); psa_status_t psa_driver_wrapper_export_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t psa_driver_wrapper_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t psa_driver_wrapper_get_key_buffer_size( const psa_key_attributes_t *attributes, - size_t *key_buffer_size ); + size_t *key_buffer_size); psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); psa_status_t psa_driver_wrapper_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /* * Cipher functions @@ -114,7 +102,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_decrypt( const psa_key_attributes_t *attributes, @@ -125,24 +113,24 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_encrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_cipher_set_iv( psa_cipher_operation_t *operation, const uint8_t *iv, - size_t iv_length ); + size_t iv_length); psa_status_t psa_driver_wrapper_cipher_update( psa_cipher_operation_t *operation, @@ -150,16 +138,16 @@ psa_status_t psa_driver_wrapper_cipher_update( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_finish( psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, - size_t *output_length ); + size_t *output_length); psa_status_t psa_driver_wrapper_cipher_abort( - psa_cipher_operation_t *operation ); + psa_cipher_operation_t *operation); /* * Hashing functions @@ -174,25 +162,25 @@ psa_status_t psa_driver_wrapper_hash_compute( psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_hash_clone( const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation ); + psa_hash_operation_t *target_operation); psa_status_t psa_driver_wrapper_hash_update( psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t psa_driver_wrapper_hash_finish( psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); psa_status_t psa_driver_wrapper_hash_abort( - psa_hash_operation_t *operation ); + psa_hash_operation_t *operation); /* * AEAD functions @@ -205,7 +193,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); psa_status_t psa_driver_wrapper_aead_decrypt( const psa_key_attributes_t *attributes, @@ -214,7 +202,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); /* * MAC functions @@ -228,40 +216,40 @@ psa_status_t psa_driver_wrapper_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t psa_driver_wrapper_mac_sign_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_mac_verify_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t psa_driver_wrapper_mac_update( psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t psa_driver_wrapper_mac_sign_finish( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t psa_driver_wrapper_mac_verify_finish( psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t psa_driver_wrapper_mac_abort( - psa_mac_operation_t *operation ); + psa_mac_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_ecp.c b/third_party/mbedtls/repo/library/psa_crypto_ecp.c index db6682c6dce..b00f558209c 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_ecp.c +++ b/third_party/mbedtls/repo/library/psa_crypto_ecp.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -31,10 +19,6 @@ #include #include #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include #include @@ -48,25 +32,25 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, size_t curve_bits, const uint8_t *data, size_t data_length, - mbedtls_ecp_keypair **p_ecp ) + mbedtls_ecp_keypair **p_ecp) { mbedtls_ecp_group_id grp_id = MBEDTLS_ECP_DP_NONE; psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; size_t curve_bytes = data_length; - int explicit_bits = ( curve_bits != 0 ); + int explicit_bits = (curve_bits != 0); - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) && - PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && + PSA_KEY_TYPE_ECC_GET_FAMILY(type) != PSA_ECC_FAMILY_MONTGOMERY) { /* A Weierstrass public key is represented as: * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian. * So its data length is 2m+1 where m is the curve size in bits. */ - if( ( data_length & 1 ) == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ((data_length & 1) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } curve_bytes = data_length / 2; /* Montgomery public keys are represented in compressed format, meaning @@ -76,31 +60,29 @@ psa_status_t mbedtls_psa_ecp_load_representation( * format, meaning their curve_bytes is equal to the amount of input. */ } - if( explicit_bits ) - { + if (explicit_bits) { /* With an explicit bit-size, the data must have the matching length. */ - if( curve_bytes != PSA_BITS_TO_BYTES( curve_bits ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + if (curve_bytes != PSA_BITS_TO_BYTES(curve_bits)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else { /* We need to infer the bit-size from the data. Since the only * information we have is the length in bytes, the value of curve_bits * at this stage is rounded up to the nearest multiple of 8. */ - curve_bits = PSA_BYTES_TO_BITS( curve_bytes ); + curve_bits = PSA_BYTES_TO_BITS(curve_bytes); } /* Allocate and initialize a key representation. */ - ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); - if( ecp == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - mbedtls_ecp_keypair_init( ecp ); + ecp = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); + if (ecp == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + mbedtls_ecp_keypair_init(ecp); /* Load the group. */ - grp_id = mbedtls_ecc_group_of_psa( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), - curve_bits, !explicit_bits ); - if( grp_id == MBEDTLS_ECP_DP_NONE ) - { + grp_id = mbedtls_ecc_group_of_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), + curve_bits, !explicit_bits); + if (grp_id == MBEDTLS_ECP_DP_NONE) { /* We can't distinguish between a nonsensical family/size combination * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a * well-regarded curve that Mbed TLS just doesn't know about (which @@ -112,48 +94,48 @@ psa_status_t mbedtls_psa_ecp_load_representation( } status = mbedtls_to_psa_error( - mbedtls_ecp_group_load( &ecp->grp, grp_id ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_group_load(&ecp->grp, grp_id)); + if (status != PSA_SUCCESS) { goto exit; + } /* Load the key material. */ - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Load the public value. */ status = mbedtls_to_psa_error( - mbedtls_ecp_point_read_binary( &ecp->grp, &ecp->Q, - data, - data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_point_read_binary(&ecp->grp, &ecp->Q, + data, + data_length)); + if (status != PSA_SUCCESS) { goto exit; + } /* Check that the point is on the curve. */ status = mbedtls_to_psa_error( - mbedtls_ecp_check_pubkey( &ecp->grp, &ecp->Q ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_check_pubkey(&ecp->grp, &ecp->Q)); + if (status != PSA_SUCCESS) { goto exit; - } - else - { + } + } else { /* Load and validate the secret value. */ status = mbedtls_to_psa_error( - mbedtls_ecp_read_key( ecp->grp.id, - ecp, - data, - data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_ecp_read_key(ecp->grp.id, + ecp, + data, + data_length)); + if (status != PSA_SUCCESS) { goto exit; + } } *p_ecp = ecp; exit: - if( status != PSA_SUCCESS ) - { - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + if (status != PSA_SUCCESS) { + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); } - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || @@ -168,116 +150,119 @@ psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; /* Parse input */ - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - data, - data_length, - &ecp ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + data, + data_length, + &ecp); + if (status != PSA_SUCCESS) { goto exit; + } - if( PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) == - PSA_ECC_FAMILY_MONTGOMERY ) + if (PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == + PSA_ECC_FAMILY_MONTGOMERY) { *bits = ecp->grp.nbits + 1; - else + } else { *bits = ecp->grp.nbits; + } /* Re-export the data to PSA export format. There is currently no support * for other input formats then the export format, so this is a 1-1 * copy operation. */ - status = mbedtls_psa_ecp_export_key( attributes->core.type, - ecp, - key_buffer, - key_buffer_size, - key_buffer_length ); + status = mbedtls_psa_ecp_export_key(attributes->core.type, + ecp, + key_buffer, + key_buffer_size, + key_buffer_length); exit: /* Always free the PK object (will also free contained ECP context) */ - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( status ); + return status; } -psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, - mbedtls_ecp_keypair *ecp, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type, + mbedtls_ecp_keypair *ecp, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status; - if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { /* Check whether the public part is loaded */ - if( mbedtls_ecp_is_zero( &ecp->Q ) ) - { + if (mbedtls_ecp_is_zero(&ecp->Q)) { /* Calculate the public key */ status = mbedtls_to_psa_error( - mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); - if( status != PSA_SUCCESS ) - return( status ); + mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); + if (status != PSA_SUCCESS) { + return status; + } } status = mbedtls_to_psa_error( - mbedtls_ecp_point_write_binary( &ecp->grp, &ecp->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - data_length, - data, - data_size ) ); - if( status != PSA_SUCCESS ) - memset( data, 0, data_size ); - - return( status ); - } - else - { - if( data_size < PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + mbedtls_ecp_point_write_binary(&ecp->grp, &ecp->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + data_length, + data, + data_size)); + if (status != PSA_SUCCESS) { + memset(data, 0, data_size); + } + + return status; + } else { + if (data_size < PSA_BITS_TO_BYTES(ecp->grp.nbits)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } status = mbedtls_to_psa_error( - mbedtls_ecp_write_key( ecp, - data, - PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) ); - if( status == PSA_SUCCESS ) - *data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits ); - else - memset( data, 0, data_size ); + mbedtls_ecp_write_key(ecp, + data, + PSA_BITS_TO_BYTES(ecp->grp.nbits))); + if (status == PSA_SUCCESS) { + *data_length = PSA_BITS_TO_BYTES(ecp->grp.nbits); + } else { + memset(data, 0, data_size); + } - return( status ); + return status; } } psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; status = mbedtls_psa_ecp_load_representation( attributes->core.type, attributes->core.bits, - key_buffer, key_buffer_size, &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + key_buffer, key_buffer_size, &ecp); + if (status != PSA_SUCCESS) { + return status; + } status = mbedtls_psa_ecp_export_key( - PSA_KEY_TYPE_ECC_PUBLIC_KEY( - PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type ) ), - ecp, data, data_size, data_length ); + PSA_KEY_TYPE_ECC_PUBLIC_KEY( + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type)), + ecp, data, data_size, data_length); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ @@ -285,45 +270,47 @@ psa_status_t mbedtls_psa_ecp_export_public_key( #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( - attributes->core.type ); + attributes->core.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_of_psa( curve, attributes->core.bits, 0 ); + mbedtls_ecc_group_of_psa(curve, attributes->core.bits, 0); const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); mbedtls_ecp_keypair ecp; - if( attributes->domain_parameters_size != 0 ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (attributes->domain_parameters_size != 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - mbedtls_ecp_keypair_init( &ecp ); - ret = mbedtls_ecp_gen_key( grp_id, &ecp, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ); - if( ret != 0 ) - { - mbedtls_ecp_keypair_free( &ecp ); - return( mbedtls_to_psa_error( ret ) ); + mbedtls_ecp_keypair_init(&ecp); + ret = mbedtls_ecp_gen_key(grp_id, &ecp, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE); + if (ret != 0) { + mbedtls_ecp_keypair_free(&ecp); + return mbedtls_to_psa_error(ret); } status = mbedtls_to_psa_error( - mbedtls_ecp_write_key( &ecp, key_buffer, key_buffer_size ) ); + mbedtls_ecp_write_key(&ecp, key_buffer, key_buffer_size)); - mbedtls_ecp_keypair_free( &ecp ); + mbedtls_ecp_keypair_free(&ecp); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *key_buffer_length = key_buffer_size; + } - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ @@ -337,7 +324,7 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; @@ -345,73 +332,71 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( size_t curve_bytes; mbedtls_mpi r, s; - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - key_buffer, - key_buffer_size, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } - curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( signature_size < 2 * curve_bytes ) - { + if (signature_size < 2 * curve_bytes) { ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; goto cleanup; } - if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) ) - { + if (PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info ); - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det_ext( - &ecp->grp, &r, &s, - &ecp->d, hash, - hash_length, md_alg, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_get_type(md_info); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_ext( + &ecp->grp, &r, &s, + &ecp->d, hash, + hash_length, md_alg, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); #else - ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; - goto cleanup; + ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + goto cleanup; #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ - } - else - { + } else { (void) alg; - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d, - hash, hash_length, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ecp->grp, &r, &s, &ecp->d, + hash, hash_length, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r, - signature, - curve_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s, - signature + curve_bytes, - curve_bytes ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&r, + signature, + curve_bytes)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&s, + signature + curve_bytes, + curve_bytes)); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - if( ret == 0 ) + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + if (ret == 0) { *signature_length = 2 * curve_bytes; + } - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; @@ -419,51 +404,50 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( size_t curve_bytes; mbedtls_mpi r, s; - (void)alg; + (void) alg; - status = mbedtls_psa_ecp_load_representation( attributes->core.type, - attributes->core.bits, - key_buffer, - key_buffer_size, - &ecp ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &ecp); + if (status != PSA_SUCCESS) { + return status; + } - curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); + curve_bytes = PSA_BITS_TO_BYTES(ecp->grp.pbits); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); - if( signature_length != 2 * curve_bytes ) - { + if (signature_length != 2 * curve_bytes) { ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, - signature, - curve_bytes ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s, - signature + curve_bytes, - curve_bytes ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, + signature, + curve_bytes)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&s, + signature + curve_bytes, + curve_bytes)); /* Check whether the public part is loaded. If not, load it. */ - if( mbedtls_ecp_is_zero( &ecp->Q ) ) - { + if (mbedtls_ecp_is_zero(&ecp->Q)) { MBEDTLS_MPI_CHK( - mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) ); + mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)); } - ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length, - &ecp->Q, &r, &s ); + ret = mbedtls_ecdsa_verify(&ecp->grp, hash, hash_length, + &ecp->Q, &r, &s); cleanup: - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - mbedtls_ecp_keypair_free( ecp ); - mbedtls_free( ecp ); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + mbedtls_ecp_keypair_free(ecp); + mbedtls_free(ecp); - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ diff --git a/third_party/mbedtls/repo/library/psa_crypto_ecp.h b/third_party/mbedtls/repo/library/psa_crypto_ecp.h index feddd8a1ed0..44c4a589e22 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_ecp.h +++ b/third_party/mbedtls/repo/library/psa_crypto_ecp.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ECP_H @@ -42,11 +30,11 @@ * contents of the context and the context itself * when done. */ -psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, - size_t curve_bits, - const uint8_t *data, - size_t data_length, - mbedtls_ecp_keypair **p_ecp ); +psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type, + size_t curve_bits, + const uint8_t *data, + size_t data_length, + mbedtls_ecp_keypair **p_ecp); /** Import an ECP key in binary format. * @@ -70,15 +58,15 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, * \retval #PSA_SUCCESS The ECP key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export an ECP key to export representation * @@ -88,11 +76,11 @@ psa_status_t mbedtls_psa_ecp_import_key( * \param[in] data_size The length of the buffer to export to * \param[out] data_length The amount of bytes written to \p data */ -psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, - mbedtls_ecp_keypair *ecp, - uint8_t *data, - size_t data_size, - size_t *data_length ); +psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type, + mbedtls_ecp_keypair *ecp, + uint8_t *data, + size_t data_size, + size_t *data_length); /** Export an ECP public key or the public part of an ECP key pair in binary * format. @@ -111,17 +99,17 @@ psa_status_t mbedtls_psa_ecp_export_key( psa_key_type_t type, * \p data * * \retval #PSA_SUCCESS The ECP public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate an ECP key. @@ -144,7 +132,7 @@ psa_status_t mbedtls_psa_ecp_export_public_key( */ psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /** Sign an already-calculated hash with ECDSA. * @@ -166,23 +154,23 @@ psa_status_t mbedtls_psa_ecp_generate_key( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_ECC_KEY_PAIR, \c key_bits, * \p alg) where \c key_bits is the bit-size of the ECC key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify an ECDSA hash or short message signature. @@ -209,14 +197,14 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_ECP_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_hash.c b/third_party/mbedtls/repo/library/psa_crypto_hash.c index 337e557b078..484c81bc996 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_hash.c +++ b/third_party/mbedtls/repo/library/psa_crypto_hash.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -33,48 +21,47 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) +const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg) { - switch( alg ) - { + switch (alg) { #if defined(MBEDTLS_MD2_C) case PSA_ALG_MD2: - return( &mbedtls_md2_info ); + return &mbedtls_md2_info; #endif #if defined(MBEDTLS_MD4_C) case PSA_ALG_MD4: - return( &mbedtls_md4_info ); + return &mbedtls_md4_info; #endif #if defined(MBEDTLS_MD5_C) case PSA_ALG_MD5: - return( &mbedtls_md5_info ); + return &mbedtls_md5_info; #endif #if defined(MBEDTLS_RIPEMD160_C) case PSA_ALG_RIPEMD160: - return( &mbedtls_ripemd160_info ); + return &mbedtls_ripemd160_info; #endif #if defined(MBEDTLS_SHA1_C) case PSA_ALG_SHA_1: - return( &mbedtls_sha1_info ); + return &mbedtls_sha1_info; #endif #if defined(MBEDTLS_SHA256_C) case PSA_ALG_SHA_224: - return( &mbedtls_sha224_info ); + return &mbedtls_sha224_info; #endif #if defined(MBEDTLS_SHA256_C) case PSA_ALG_SHA_256: - return( &mbedtls_sha256_info ); + return &mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case PSA_ALG_SHA_384: - return( &mbedtls_sha384_info ); + return &mbedtls_sha384_info; #endif #if defined(MBEDTLS_SHA512_C) case PSA_ALG_SHA_512: - return( &mbedtls_sha512_info ); + return &mbedtls_sha512_info; #endif default: - return( NULL ); + return NULL; } } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || @@ -84,10 +71,9 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) #if defined(MBEDTLS_PSA_BUILTIN_HASH) psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ) + mbedtls_psa_hash_operation_t *operation) { - switch( operation->alg ) - { + switch (operation->alg) { case 0: /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's @@ -95,289 +81,286 @@ psa_status_t mbedtls_psa_hash_abort( break; #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_free( &operation->ctx.md2 ); + mbedtls_md2_free(&operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_free( &operation->ctx.md4 ); + mbedtls_md4_free(&operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_free( &operation->ctx.md5 ); + mbedtls_md5_free(&operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_free( &operation->ctx.ripemd160 ); + mbedtls_ripemd160_free(&operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_free( &operation->ctx.sha1 ); + mbedtls_sha1_free(&operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_free( &operation->ctx.sha256 ); + mbedtls_sha256_free(&operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_free( &operation->ctx.sha256 ); + mbedtls_sha256_free(&operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_free( &operation->ctx.sha512 ); + mbedtls_sha512_free(&operation->ctx.sha512); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_free( &operation->ctx.sha512 ); + mbedtls_sha512_free(&operation->ctx.sha512); break; #endif default: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } operation->alg = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->alg != 0 ) - { - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; } - switch( alg ) - { + switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_init( &operation->ctx.md2 ); - ret = mbedtls_md2_starts_ret( &operation->ctx.md2 ); + mbedtls_md2_init(&operation->ctx.md2); + ret = mbedtls_md2_starts_ret(&operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_init( &operation->ctx.md4 ); - ret = mbedtls_md4_starts_ret( &operation->ctx.md4 ); + mbedtls_md4_init(&operation->ctx.md4); + ret = mbedtls_md4_starts_ret(&operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_init( &operation->ctx.md5 ); - ret = mbedtls_md5_starts_ret( &operation->ctx.md5 ); + mbedtls_md5_init(&operation->ctx.md5); + ret = mbedtls_md5_starts_ret(&operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_init( &operation->ctx.ripemd160 ); - ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 ); + mbedtls_ripemd160_init(&operation->ctx.ripemd160); + ret = mbedtls_ripemd160_starts_ret(&operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_init( &operation->ctx.sha1 ); - ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 ); + mbedtls_sha1_init(&operation->ctx.sha1); + ret = mbedtls_sha1_starts_ret(&operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 ); + mbedtls_sha256_init(&operation->ctx.sha256); + ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_init( &operation->ctx.sha256 ); - ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 ); + mbedtls_sha256_init(&operation->ctx.sha256); + ret = mbedtls_sha256_starts_ret(&operation->ctx.sha256, 0); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 ); + mbedtls_sha512_init(&operation->ctx.sha512); + ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_init( &operation->ctx.sha512 ); - ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 ); + mbedtls_sha512_init(&operation->ctx.sha512); + ret = mbedtls_sha512_starts_ret(&operation->ctx.sha512, 0); break; #endif default: - return( PSA_ALG_IS_HASH( alg ) ? - PSA_ERROR_NOT_SUPPORTED : - PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ALG_IS_HASH(alg) ? + PSA_ERROR_NOT_SUPPORTED : + PSA_ERROR_INVALID_ARGUMENT; } - if( ret == 0 ) + if (ret == 0) { operation->alg = alg; - else - mbedtls_psa_hash_abort( operation ); - return( mbedtls_to_psa_error( ret ) ); + } else { + mbedtls_psa_hash_abort(operation); + } + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ) + mbedtls_psa_hash_operation_t *target_operation) { - switch( source_operation->alg ) - { + switch (source_operation->alg) { case 0: - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - mbedtls_md2_clone( &target_operation->ctx.md2, - &source_operation->ctx.md2 ); + mbedtls_md2_clone(&target_operation->ctx.md2, + &source_operation->ctx.md2); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - mbedtls_md4_clone( &target_operation->ctx.md4, - &source_operation->ctx.md4 ); + mbedtls_md4_clone(&target_operation->ctx.md4, + &source_operation->ctx.md4); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - mbedtls_md5_clone( &target_operation->ctx.md5, - &source_operation->ctx.md5 ); + mbedtls_md5_clone(&target_operation->ctx.md5, + &source_operation->ctx.md5); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160, - &source_operation->ctx.ripemd160 ); + mbedtls_ripemd160_clone(&target_operation->ctx.ripemd160, + &source_operation->ctx.ripemd160); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - mbedtls_sha1_clone( &target_operation->ctx.sha1, - &source_operation->ctx.sha1 ); + mbedtls_sha1_clone(&target_operation->ctx.sha1, + &source_operation->ctx.sha1); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); + mbedtls_sha256_clone(&target_operation->ctx.sha256, + &source_operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - mbedtls_sha256_clone( &target_operation->ctx.sha256, - &source_operation->ctx.sha256 ); + mbedtls_sha256_clone(&target_operation->ctx.sha256, + &source_operation->ctx.sha256); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); + mbedtls_sha512_clone(&target_operation->ctx.sha512, + &source_operation->ctx.sha512); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - mbedtls_sha512_clone( &target_operation->ctx.sha512, - &source_operation->ctx.sha512 ); + mbedtls_sha512_clone(&target_operation->ctx.sha512, + &source_operation->ctx.sha512); break; #endif default: (void) source_operation; (void) target_operation; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } target_operation->alg = source_operation->alg; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( operation->alg ) - { + switch (operation->alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_update_ret( &operation->ctx.md2, - input, input_length ); + ret = mbedtls_md2_update_ret(&operation->ctx.md2, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_update_ret( &operation->ctx.md4, - input, input_length ); + ret = mbedtls_md4_update_ret(&operation->ctx.md4, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_update_ret( &operation->ctx.md5, - input, input_length ); + ret = mbedtls_md5_update_ret(&operation->ctx.md5, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160, - input, input_length ); + ret = mbedtls_ripemd160_update_ret(&operation->ctx.ripemd160, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_update_ret( &operation->ctx.sha1, - input, input_length ); + ret = mbedtls_sha1_update_ret(&operation->ctx.sha1, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); + ret = mbedtls_sha256_update_ret(&operation->ctx.sha256, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_update_ret( &operation->ctx.sha256, - input, input_length ); + ret = mbedtls_sha256_update_ret(&operation->ctx.sha256, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); + ret = mbedtls_sha512_update_ret(&operation->ctx.sha512, + input, input_length); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_update_ret( &operation->ctx.sha512, - input, input_length ); + ret = mbedtls_sha512_update_ret(&operation->ctx.sha512, + input, input_length); break; #endif default: (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { psa_status_t status; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t actual_hash_length = PSA_HASH_LENGTH( operation->alg ); + size_t actual_hash_length = PSA_HASH_LENGTH(operation->alg); /* Fill the output buffer with something that isn't a valid hash * (barring an attack on the hash and deliberately-crafted input), @@ -385,72 +368,72 @@ psa_status_t mbedtls_psa_hash_finish( *hash_length = hash_size; /* If hash_size is 0 then hash may be NULL and then the * call to memset would have undefined behavior. */ - if( hash_size != 0 ) - memset( hash, '!', hash_size ); + if (hash_size != 0) { + memset(hash, '!', hash_size); + } - if( hash_size < actual_hash_length ) - { + if (hash_size < actual_hash_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } - switch( operation->alg ) - { + switch (operation->alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) case PSA_ALG_MD2: - ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash ); + ret = mbedtls_md2_finish_ret(&operation->ctx.md2, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) case PSA_ALG_MD4: - ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash ); + ret = mbedtls_md4_finish_ret(&operation->ctx.md4, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) case PSA_ALG_MD5: - ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash ); + ret = mbedtls_md5_finish_ret(&operation->ctx.md5, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) case PSA_ALG_RIPEMD160: - ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash ); + ret = mbedtls_ripemd160_finish_ret(&operation->ctx.ripemd160, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) case PSA_ALG_SHA_1: - ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash ); + ret = mbedtls_sha1_finish_ret(&operation->ctx.sha1, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) case PSA_ALG_SHA_224: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) case PSA_ALG_SHA_256: - ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash ); + ret = mbedtls_sha256_finish_ret(&operation->ctx.sha256, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) case PSA_ALG_SHA_384: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash); break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) case PSA_ALG_SHA_512: - ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash ); + ret = mbedtls_sha512_finish_ret(&operation->ctx.sha512, hash); break; #endif default: (void) hash; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } - status = mbedtls_to_psa_error( ret ); + status = mbedtls_to_psa_error(ret); exit: - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { *hash_length = actual_hash_length; - return( status ); + } + return status; } psa_status_t mbedtls_psa_hash_compute( @@ -466,22 +449,26 @@ psa_status_t mbedtls_psa_hash_compute( psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; *hash_length = hash_size; - status = mbedtls_psa_hash_setup( &operation, alg ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_hash_setup(&operation, alg); + if (status != PSA_SUCCESS) { goto exit; - status = mbedtls_psa_hash_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) + } + status = mbedtls_psa_hash_update(&operation, input, input_length); + if (status != PSA_SUCCESS) { goto exit; - status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length ); - if( status != PSA_SUCCESS ) + } + status = mbedtls_psa_hash_finish(&operation, hash, hash_size, hash_length); + if (status != PSA_SUCCESS) { goto exit; + } exit: - abort_status = mbedtls_psa_hash_abort( &operation ); - if( status == PSA_SUCCESS ) - return( abort_status ); - else - return( status ); + abort_status = mbedtls_psa_hash_abort(&operation); + if (status == PSA_SUCCESS) { + return abort_status; + } else { + return status; + } } #endif /* MBEDTLS_PSA_BUILTIN_HASH */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_hash.h b/third_party/mbedtls/repo/library/psa_crypto_hash.h index 6b27c9b820a..5c196b2ab44 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_hash.h +++ b/third_party/mbedtls/repo/library/psa_crypto_hash.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HASH_H @@ -32,7 +20,7 @@ * \return The Mbed TLS MD information of the hash algorithm. \c NULL if the * PSA hash algorithm is not supported. */ -const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ); +const mbedtls_md_info_t *mbedtls_md_info_from_psa(psa_algorithm_t alg); /** Calculate the hash (digest) of a message using Mbed TLS routines. * @@ -57,8 +45,8 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ); * \p alg is not supported * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, @@ -97,12 +85,12 @@ psa_status_t mbedtls_psa_hash_compute( * \p alg is not supported * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); /** Clone an Mbed TLS hash operation. * @@ -124,17 +112,17 @@ psa_status_t mbedtls_psa_hash_setup( * \param[in,out] target_operation The operation object to set up. * It must be initialized but not active. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BAD_STATE * The \p source_operation state is not valid (it must be active). * \retval #PSA_ERROR_BAD_STATE * The \p target_operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, - mbedtls_psa_hash_operation_t *target_operation ); + mbedtls_psa_hash_operation_t *target_operation); /** Add a message fragment to a multipart Mbed TLS hash operation. * @@ -156,13 +144,13 @@ psa_status_t mbedtls_psa_hash_clone( * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); /** Finish the calculation of the Mbed TLS-calculated hash of a message. * @@ -175,7 +163,7 @@ psa_status_t mbedtls_psa_hash_update( * This function calculates the hash of the message formed by concatenating * the inputs passed to preceding calls to mbedtls_psa_hash_update(). * - * When this function returns successfuly, the operation becomes inactive. + * When this function returns successfully, the operation becomes inactive. * If this function returns an error status, the operation enters an error * state and must be aborted by calling mbedtls_psa_hash_abort(). * @@ -195,14 +183,14 @@ psa_status_t mbedtls_psa_hash_update( * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) * where \c alg is the hash algorithm that is calculated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); /** Abort an Mbed TLS hash operation. * @@ -225,10 +213,10 @@ psa_status_t mbedtls_psa_hash_finish( * * \param[in,out] operation Initialized hash operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_abort( - mbedtls_psa_hash_operation_t *operation ); + mbedtls_psa_hash_operation_t *operation); #endif /* PSA_CRYPTO_HASH_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_invasive.h b/third_party/mbedtls/repo/library/psa_crypto_invasive.h index 1e5a407118b..c70d896479a 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_invasive.h +++ b/third_party/mbedtls/repo/library/psa_crypto_invasive.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_INVASIVE_H @@ -73,14 +61,14 @@ * The library has already been initialized. */ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( - void (* entropy_init )( mbedtls_entropy_context *ctx ), - void (* entropy_free )( mbedtls_entropy_context *ctx ) ); + void (* entropy_init)(mbedtls_entropy_context *ctx), + void (* entropy_free)(mbedtls_entropy_context *ctx)); #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) psa_status_t psa_mac_key_can_do( psa_algorithm_t algorithm, - psa_key_type_t key_type ); + psa_key_type_t key_type); #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_PSA_CRYPTO_C */ #endif /* PSA_CRYPTO_INVASIVE_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_its.h b/third_party/mbedtls/repo/library/psa_crypto_its.h index 3a3f49a7255..877063b8786 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_its.h +++ b/third_party/mbedtls/repo/library/psa_crypto_its.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ITS_H @@ -45,8 +33,7 @@ typedef uint64_t psa_storage_uid_t; /** * \brief A container for metadata associated with a specific uid */ -struct psa_storage_info_t -{ +struct psa_storage_info_t { uint32_t size; /**< The size of the data associated with a uid **/ psa_storage_create_flags_t flags; /**< The flags set when the uid was created **/ }; @@ -54,11 +41,6 @@ struct psa_storage_info_t /** Flag indicating that \ref psa_storage_create and \ref psa_storage_set_extended are supported */ #define PSA_STORAGE_SUPPORT_SET_EXTENDED (1 << 0) -/** \brief PSA storage specific error codes - */ -#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)-149) -#define PSA_ERROR_DATA_CORRUPT ((psa_status_t)-152) - #define PSA_ITS_API_VERSION_MAJOR 1 /**< The major version number of the PSA ITS API. It will be incremented on significant updates that may include breaking changes */ #define PSA_ITS_API_VERSION_MINOR 1 /**< The minor version number of the PSA ITS API. It will be incremented in small updates that are unlikely to include breaking changes */ @@ -73,7 +55,7 @@ struct psa_storage_info_t * \return A status indicating the success/failure of the operation * * \retval #PSA_SUCCESS The operation completed successfully - * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided `uid` value was already created with PSA_STORAGE_FLAG_WRITE_ONCE * \retval #PSA_ERROR_NOT_SUPPORTED The operation failed because one or more of the flags provided in `create_flags` is not supported or is not valid * \retval #PSA_ERROR_INSUFFICIENT_STORAGE The operation failed because there was insufficient space on the storage medium * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) @@ -109,7 +91,7 @@ psa_status_t psa_its_get(psa_storage_uid_t uid, uint32_t data_offset, uint32_t data_length, void *p_data, - size_t *p_data_length ); + size_t *p_data_length); /** * \brief Retrieve the metadata about the provided uid @@ -137,7 +119,7 @@ psa_status_t psa_its_get_info(psa_storage_uid_t uid, * * \retval #PSA_SUCCESS The operation completed successfully * \retval #PSA_ERROR_DOES_NOT_EXIST The operation failed because the provided key value was not found in the storage - * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_WRITE_ONCE_FLAG + * \retval #PSA_ERROR_NOT_PERMITTED The operation failed because the provided key value was created with PSA_STORAGE_FLAG_WRITE_ONCE * \retval #PSA_ERROR_STORAGE_FAILURE The operation failed because the physical storage has failed (Fatal error) */ psa_status_t psa_its_remove(psa_storage_uid_t uid); diff --git a/third_party/mbedtls/repo/library/psa_crypto_mac.c b/third_party/mbedtls/repo/library/psa_crypto_mac.c index dcf065a6726..2e722d2a91e 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_mac.c +++ b/third_party/mbedtls/repo/library/psa_crypto_mac.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -24,6 +12,7 @@ #include #include "psa_crypto_core.h" +#include "psa_crypto_cipher.h" #include "psa_crypto_mac.h" #include @@ -32,22 +21,22 @@ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) static psa_status_t psa_hmac_abort_internal( - mbedtls_psa_hmac_operation_t *hmac ) + mbedtls_psa_hmac_operation_t *hmac) { - mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) ); - return( psa_hash_abort( &hmac->hash_ctx ) ); + mbedtls_platform_zeroize(hmac->opad, sizeof(hmac->opad)); + return psa_hash_abort(&hmac->hash_ctx); } static psa_status_t psa_hmac_setup_internal( mbedtls_psa_hmac_operation_t *hmac, const uint8_t *key, size_t key_length, - psa_algorithm_t hash_alg ) + psa_algorithm_t hash_alg) { uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; size_t i; - size_t hash_size = PSA_HASH_LENGTH( hash_alg ); - size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); psa_status_t status; hmac->alg = hash_alg; @@ -58,134 +47,149 @@ static psa_status_t psa_hmac_setup_internal( /* The size checks against the ipad and opad buffers cannot be written * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )` * because that triggers -Wlogical-op on GCC 7.3. */ - if( block_size > sizeof( ipad ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( block_size > sizeof( hmac->opad ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( block_size < hash_size ) - return( PSA_ERROR_NOT_SUPPORTED ); - - if( key_length > block_size ) - { - status = psa_hash_compute( hash_alg, key, key_length, - ipad, sizeof( ipad ), &key_length ); - if( status != PSA_SUCCESS ) + if (block_size > sizeof(ipad)) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (block_size > sizeof(hmac->opad)) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (block_size < hash_size) { + return PSA_ERROR_NOT_SUPPORTED; + } + + if (key_length > block_size) { + status = psa_hash_compute(hash_alg, key, key_length, + ipad, sizeof(ipad), &key_length); + if (status != PSA_SUCCESS) { goto cleanup; + } } /* A 0-length key is not commonly used in HMAC when used as a MAC, * but it is permitted. It is common when HMAC is used in HKDF, for * example. Don't call `memcpy` in the 0-length because `key` could be * an invalid pointer which would make the behavior undefined. */ - else if( key_length != 0 ) - memcpy( ipad, key, key_length ); + else if (key_length != 0) { + memcpy(ipad, key, key_length); + } /* ipad contains the key followed by garbage. Xor and fill with 0x36 * to create the ipad value. */ - for( i = 0; i < key_length; i++ ) + for (i = 0; i < key_length; i++) { ipad[i] ^= 0x36; - memset( ipad + key_length, 0x36, block_size - key_length ); + } + memset(ipad + key_length, 0x36, block_size - key_length); /* Copy the key material from ipad to opad, flipping the requisite bits, * and filling the rest of opad with the requisite constant. */ - for( i = 0; i < key_length; i++ ) + for (i = 0; i < key_length; i++) { hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C; - memset( hmac->opad + key_length, 0x5C, block_size - key_length ); + } + memset(hmac->opad + key_length, 0x5C, block_size - key_length); - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) + status = psa_hash_setup(&hmac->hash_ctx, hash_alg); + if (status != PSA_SUCCESS) { goto cleanup; + } - status = psa_hash_update( &hmac->hash_ctx, ipad, block_size ); + status = psa_hash_update(&hmac->hash_ctx, ipad, block_size); cleanup: - mbedtls_platform_zeroize( ipad, sizeof( ipad ) ); + mbedtls_platform_zeroize(ipad, sizeof(ipad)); - return( status ); + return status; } static psa_status_t psa_hmac_update_internal( mbedtls_psa_hmac_operation_t *hmac, const uint8_t *data, - size_t data_length ) + size_t data_length) { - return( psa_hash_update( &hmac->hash_ctx, data, data_length ) ); + return psa_hash_update(&hmac->hash_ctx, data, data_length); } static psa_status_t psa_hmac_finish_internal( mbedtls_psa_hmac_operation_t *hmac, uint8_t *mac, - size_t mac_size ) + size_t mac_size) { uint8_t tmp[PSA_HASH_MAX_SIZE]; psa_algorithm_t hash_alg = hmac->alg; size_t hash_size = 0; - size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg ); + size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); psa_status_t status; - status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size); + if (status != PSA_SUCCESS) { + return status; + } /* From here on, tmp needs to be wiped. */ - status = psa_hash_setup( &hmac->hash_ctx, hash_alg ); - if( status != PSA_SUCCESS ) + status = psa_hash_setup(&hmac->hash_ctx, hash_alg); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_update(&hmac->hash_ctx, hmac->opad, block_size); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_update(&hmac->hash_ctx, tmp, hash_size); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size ); - if( status != PSA_SUCCESS ) + status = psa_hash_finish(&hmac->hash_ctx, tmp, sizeof(tmp), &hash_size); + if (status != PSA_SUCCESS) { goto exit; + } - memcpy( mac, tmp, mac_size ); + memcpy(mac, tmp, mac_size); exit: - mbedtls_platform_zeroize( tmp, hash_size ); - return( status ); + mbedtls_platform_zeroize(tmp, hash_size); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) -static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer ) +static psa_status_t cmac_setup(mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(PSA_WANT_KEY_TYPE_DES) /* Mbed TLS CMAC does not accept 3DES with only two keys, nor does it accept * to do CMAC with pure DES, so return NOT_SUPPORTED here. */ - if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_DES && - ( psa_get_key_bits( attributes ) == 64 || - psa_get_key_bits( attributes ) == 128 ) ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (psa_get_key_type(attributes) == PSA_KEY_TYPE_DES && + (psa_get_key_bits(attributes) == 64 || + psa_get_key_bits(attributes) == 128)) { + return PSA_ERROR_NOT_SUPPORTED; + } #endif - const mbedtls_cipher_info_t * cipher_info = + const mbedtls_cipher_info_t *cipher_info = mbedtls_cipher_info_from_psa( PSA_ALG_CMAC, - psa_get_key_type( attributes ), - psa_get_key_bits( attributes ), - NULL ); + psa_get_key_type(attributes), + psa_get_key_bits(attributes), + NULL); - if( cipher_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (cipher_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); - if( ret != 0 ) + ret = mbedtls_cipher_setup(&operation->ctx.cmac, cipher_info); + if (ret != 0) { goto exit; + } - ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac, - key_buffer, - psa_get_key_bits( attributes ) ); + ret = mbedtls_cipher_cmac_starts(&operation->ctx.cmac, + key_buffer, + psa_get_key_bits(attributes)); exit: - return( mbedtls_to_psa_error( ret ) ); + return mbedtls_to_psa_error(ret); } #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ @@ -196,62 +200,53 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, * called, mbedtls_psa_mac_abort can run and will do the right thing. */ static psa_status_t mac_init( mbedtls_psa_mac_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; operation->alg = alg; #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - mbedtls_cipher_init( &operation->ctx.cmac ); + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + mbedtls_cipher_init(&operation->ctx.cmac); status = PSA_SUCCESS; - } - else + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { + if (PSA_ALG_IS_HMAC(operation->alg)) { /* We'll set up the hash operation later in psa_hmac_setup_internal. */ operation->ctx.hmac.alg = 0; status = PSA_SUCCESS; - } - else + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) operation; status = PSA_ERROR_NOT_SUPPORTED; } - if( status != PSA_SUCCESS ) - memset( operation, 0, sizeof( *operation ) ); - return( status ); + if (status != PSA_SUCCESS) { + memset(operation, 0, sizeof(*operation)); + } + return status; } -psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) +psa_status_t mbedtls_psa_mac_abort(mbedtls_psa_mac_operation_t *operation) { - if( operation->alg == 0 ) - { + if (operation->alg == 0) { /* The object has (apparently) been initialized but it is not * in use. It's ok to call abort on such an object, and there's * nothing to do. */ - return( PSA_SUCCESS ); - } - else + return PSA_SUCCESS; + } else #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - mbedtls_cipher_free( &operation->ctx.cmac ); - } - else + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + mbedtls_cipher_free(&operation->ctx.cmac); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - psa_hmac_abort_internal( &operation->ctx.hmac ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + psa_hmac_abort_internal(&operation->ctx.hmac); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* Sanity check (shouldn't happen: operation->alg should @@ -261,52 +256,50 @@ psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation ) operation->alg = 0; - return( PSA_SUCCESS ); + return PSA_SUCCESS; bad_state: /* If abort is called on an uninitialized object, we can't trust * anything. Wipe the object in case it contains confidential data. * This may result in a memory leak if a pointer gets overwritten, * but it's too late to do anything about this. */ - memset( operation, 0, sizeof( *operation ) ); - return( PSA_ERROR_BAD_STATE ); + memset(operation, 0, sizeof(*operation)); + return PSA_ERROR_BAD_STATE; } -static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg ) +static psa_status_t psa_mac_setup(mbedtls_psa_mac_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* A context must be freshly initialized before it can be set up. */ - if( operation->alg != 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg != 0) { + return PSA_ERROR_BAD_STATE; + } - status = mac_init( operation, alg ); - if( status != PSA_SUCCESS ) - return( status ); + status = mac_init(operation, alg); + if (status != PSA_SUCCESS) { + return status; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) - { + if (PSA_ALG_FULL_LENGTH_MAC(alg) == PSA_ALG_CMAC) { /* Key buffer size for CMAC is dictated by the key bits set on the * attributes, and previously validated by the core on key import. */ (void) key_buffer_size; - status = cmac_setup( operation, attributes, key_buffer ); - } - else + status = cmac_setup(operation, attributes, key_buffer); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( alg ) ) - { - status = psa_hmac_setup_internal( &operation->ctx.hmac, - key_buffer, - key_buffer_size, - PSA_ALG_HMAC_GET_HASH( alg ) ); - } - else + if (PSA_ALG_IS_HMAC(alg)) { + status = psa_hmac_setup_internal(&operation->ctx.hmac, + key_buffer, + key_buffer_size, + PSA_ALG_HMAC_GET_HASH(alg)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { (void) attributes; @@ -315,10 +308,11 @@ static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation, status = PSA_ERROR_NOT_SUPPORTED; } - if( status != PSA_SUCCESS ) - mbedtls_psa_mac_abort( operation ); + if (status != PSA_SUCCESS) { + mbedtls_psa_mac_abort(operation); + } - return( status ); + return status; } psa_status_t mbedtls_psa_mac_sign_setup( @@ -326,10 +320,10 @@ psa_status_t mbedtls_psa_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); + return psa_mac_setup(operation, attributes, + key_buffer, key_buffer_size, alg); } psa_status_t mbedtls_psa_mac_verify_setup( @@ -337,69 +331,63 @@ psa_status_t mbedtls_psa_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { - return( psa_mac_setup( operation, attributes, - key_buffer, key_buffer_size, alg ) ); + return psa_mac_setup(operation, attributes, + key_buffer, key_buffer_size, alg); } psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { - return( mbedtls_to_psa_error( - mbedtls_cipher_cmac_update( &operation->ctx.cmac, - input, input_length ) ) ); - } - else + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { + return mbedtls_to_psa_error( + mbedtls_cipher_cmac_update(&operation->ctx.cmac, + input, input_length)); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - return( psa_hmac_update_internal( &operation->ctx.hmac, - input, input_length ) ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + return psa_hmac_update_internal(&operation->ctx.hmac, + input, input_length); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by * a setup function. */ (void) input; (void) input_length; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } static psa_status_t psa_mac_finish_internal( mbedtls_psa_mac_operation_t *operation, - uint8_t *mac, size_t mac_size ) + uint8_t *mac, size_t mac_size) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) - if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC ) - { + if (PSA_ALG_FULL_LENGTH_MAC(operation->alg) == PSA_ALG_CMAC) { uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE]; - int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp ); - if( ret == 0 ) - memcpy( mac, tmp, mac_size ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); - return( mbedtls_to_psa_error( ret ) ); - } - else + int ret = mbedtls_cipher_cmac_finish(&operation->ctx.cmac, tmp); + if (ret == 0) { + memcpy(mac, tmp, mac_size); + } + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return mbedtls_to_psa_error(ret); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) - if( PSA_ALG_IS_HMAC( operation->alg ) ) - { - return( psa_hmac_finish_internal( &operation->ctx.hmac, - mac, mac_size ) ); - } - else + if (PSA_ALG_IS_HMAC(operation->alg)) { + return psa_hmac_finish_internal(&operation->ctx.hmac, + mac, mac_size); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ { /* This shouldn't happen if `operation` was initialized by @@ -407,7 +395,7 @@ static psa_status_t psa_mac_finish_internal( (void) operation; (void) mac; (void) mac_size; - return( PSA_ERROR_BAD_STATE ); + return PSA_ERROR_BAD_STATE; } } @@ -415,46 +403,52 @@ psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } - status = psa_mac_finish_internal( operation, mac, mac_size ); - if( status == PSA_SUCCESS ) + status = psa_mac_finish_internal(operation, mac, mac_size); + if (status == PSA_SUCCESS) { *mac_length = mac_size; + } - return( status ); + return status; } psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { uint8_t actual_mac[PSA_MAC_MAX_SIZE]; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - if( operation->alg == 0 ) - return( PSA_ERROR_BAD_STATE ); + if (operation->alg == 0) { + return PSA_ERROR_BAD_STATE; + } /* Consistency check: requested MAC length fits our local buffer */ - if( mac_length > sizeof( actual_mac ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (mac_length > sizeof(actual_mac)) { + return PSA_ERROR_INVALID_ARGUMENT; + } - status = psa_mac_finish_internal( operation, actual_mac, mac_length ); - if( status != PSA_SUCCESS ) + status = psa_mac_finish_internal(operation, actual_mac, mac_length); + if (status != PSA_SUCCESS) { goto cleanup; + } - if( mbedtls_psa_safer_memcmp( mac, actual_mac, mac_length ) != 0 ) + if (mbedtls_psa_safer_memcmp(mac, actual_mac, mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; + } cleanup: - mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) ); + mbedtls_platform_zeroize(actual_mac, sizeof(actual_mac)); - return( status ); + return status; } psa_status_t mbedtls_psa_mac_compute( @@ -466,32 +460,34 @@ psa_status_t mbedtls_psa_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT; - status = psa_mac_setup( &operation, - attributes, key_buffer, key_buffer_size, - alg ); - if( status != PSA_SUCCESS ) + status = psa_mac_setup(&operation, + attributes, key_buffer, key_buffer_size, + alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( input_length > 0 ) - { - status = mbedtls_psa_mac_update( &operation, input, input_length ); - if( status != PSA_SUCCESS ) + if (input_length > 0) { + status = mbedtls_psa_mac_update(&operation, input, input_length); + if (status != PSA_SUCCESS) { goto exit; + } } - status = psa_mac_finish_internal( &operation, mac, mac_size ); - if( status == PSA_SUCCESS ) + status = psa_mac_finish_internal(&operation, mac, mac_size); + if (status == PSA_SUCCESS) { *mac_length = mac_size; + } exit: - mbedtls_psa_mac_abort( &operation ); + mbedtls_psa_mac_abort(&operation); - return( status ); + return status; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_mac.h b/third_party/mbedtls/repo/library/psa_crypto_mac.h index a821e741164..2f614bcc6e7 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_mac.h +++ b/third_party/mbedtls/repo/library/psa_crypto_mac.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_MAC_H @@ -52,8 +40,8 @@ * \p alg is not supported. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p mac_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, @@ -89,8 +77,8 @@ psa_status_t mbedtls_psa_mac_compute( * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). */ @@ -124,8 +112,8 @@ psa_status_t mbedtls_psa_mac_sign_setup( * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). */ @@ -158,13 +146,13 @@ psa_status_t mbedtls_psa_mac_verify_setup( * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); /** Finish the calculation of the MAC of a message using Mbed TLS. * @@ -200,14 +188,14 @@ psa_status_t mbedtls_psa_mac_update( * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. A sufficient buffer size * can be determined by calling PSA_MAC_LENGTH(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); /** Finish the calculation of the MAC of a message and compare it with * an expected value using Mbed TLS. @@ -241,13 +229,13 @@ psa_status_t mbedtls_psa_mac_sign_finish( * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active mac verify * operation). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); /** Abort a MAC operation using Mbed TLS. * @@ -267,10 +255,10 @@ psa_status_t mbedtls_psa_mac_verify_finish( * * \param[in,out] operation Initialized MAC operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_abort( - mbedtls_psa_mac_operation_t *operation ); + mbedtls_psa_mac_operation_t *operation); #endif /* PSA_CRYPTO_MAC_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_random_impl.h b/third_party/mbedtls/repo/library/psa_crypto_random_impl.h index 3c4c09a2842..6150fee120f 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_random_impl.h +++ b/third_party/mbedtls/repo/library/psa_crypto_random_impl.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RANDOM_IMPL_H @@ -41,9 +29,9 @@ typedef mbedtls_psa_external_random_context_t mbedtls_psa_random_context_t; /* Trivial wrapper around psa_generate_random(). */ -int mbedtls_psa_get_random( void *p_rng, - unsigned char *output, - size_t output_size ); +int mbedtls_psa_get_random(void *p_rng, + unsigned char *output, + size_t output_size); /* The PSA RNG API doesn't need any externally maintained state. */ #define MBEDTLS_PSA_RANDOM_STATE NULL @@ -89,12 +77,12 @@ int mbedtls_psa_get_random( void *p_rng, * * \param p_rng Pointer to the Mbed TLS DRBG state. */ -static inline void mbedtls_psa_drbg_init( mbedtls_psa_drbg_context_t *p_rng ) +static inline void mbedtls_psa_drbg_init(mbedtls_psa_drbg_context_t *p_rng) { #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init( p_rng ); + mbedtls_ctr_drbg_init(p_rng); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init( p_rng ); + mbedtls_hmac_drbg_init(p_rng); #endif } @@ -102,12 +90,12 @@ static inline void mbedtls_psa_drbg_init( mbedtls_psa_drbg_context_t *p_rng ) * * \param p_rng Pointer to the Mbed TLS DRBG state. */ -static inline void mbedtls_psa_drbg_free( mbedtls_psa_drbg_context_t *p_rng ) +static inline void mbedtls_psa_drbg_free(mbedtls_psa_drbg_context_t *p_rng) { #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free( p_rng ); + mbedtls_ctr_drbg_free(p_rng); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free( p_rng ); + mbedtls_hmac_drbg_free(p_rng); #endif } @@ -116,10 +104,9 @@ static inline void mbedtls_psa_drbg_free( mbedtls_psa_drbg_context_t *p_rng ) * The random generator context is composed of an entropy context and * a DRBG context. */ -typedef struct -{ - void (* entropy_init )( mbedtls_entropy_context *ctx ); - void (* entropy_free )( mbedtls_entropy_context *ctx ); +typedef struct { + void (* entropy_init)(mbedtls_entropy_context *ctx); + void (* entropy_free)(mbedtls_entropy_context *ctx); mbedtls_entropy_context entropy; mbedtls_psa_drbg_context_t drbg; } mbedtls_psa_random_context_t; @@ -182,21 +169,21 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; */ static inline int mbedtls_psa_drbg_seed( mbedtls_entropy_context *entropy, - const unsigned char *custom, size_t len ) + const unsigned char *custom, size_t len) { #if defined(MBEDTLS_CTR_DRBG_C) - return( mbedtls_ctr_drbg_seed( MBEDTLS_PSA_RANDOM_STATE, - mbedtls_entropy_func, - entropy, - custom, len ) ); + return mbedtls_ctr_drbg_seed(MBEDTLS_PSA_RANDOM_STATE, + mbedtls_entropy_func, + entropy, + custom, len); #elif defined(MBEDTLS_HMAC_DRBG_C) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE ); - return( mbedtls_hmac_drbg_seed( MBEDTLS_PSA_RANDOM_STATE, - md_info, - mbedtls_entropy_func, - entropy, - custom, len ) ); + mbedtls_md_info_from_type(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE); + return mbedtls_hmac_drbg_seed(MBEDTLS_PSA_RANDOM_STATE, + md_info, + mbedtls_entropy_func, + entropy, + custom, len); #endif } diff --git a/third_party/mbedtls/repo/library/psa_crypto_rsa.c b/third_party/mbedtls/repo/library/psa_crypto_rsa.c index bafb55c7d4f..cc3cecafe9e 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_rsa.c +++ b/third_party/mbedtls/repo/library/psa_crypto_rsa.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -31,10 +19,6 @@ #include #include #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include #include @@ -54,45 +38,46 @@ * way to return the exact bit size of a key. * To keep things simple, reject non-byte-aligned key sizes. */ static psa_status_t psa_check_rsa_key_byte_aligned( - const mbedtls_rsa_context *rsa ) + const mbedtls_rsa_context *rsa) { mbedtls_mpi n; psa_status_t status; - mbedtls_mpi_init( &n ); + mbedtls_mpi_init(&n); status = mbedtls_to_psa_error( - mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) ); - if( status == PSA_SUCCESS ) - { - if( mbedtls_mpi_bitlen( &n ) % 8 != 0 ) + mbedtls_rsa_export(rsa, &n, NULL, NULL, NULL, NULL)); + if (status == PSA_SUCCESS) { + if (mbedtls_mpi_bitlen(&n) % 8 != 0) { status = PSA_ERROR_NOT_SUPPORTED; + } } - mbedtls_mpi_free( &n ); - return( status ); + mbedtls_mpi_free(&n); + return status; } psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type, const uint8_t *data, size_t data_length, - mbedtls_rsa_context **p_rsa ) + mbedtls_rsa_context **p_rsa) { psa_status_t status; mbedtls_pk_context ctx; size_t bits; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); /* Parse the data. */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { status = mbedtls_to_psa_error( - mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) ); - else + mbedtls_pk_parse_key(&ctx, data, data_length, NULL, 0)); + } else { status = mbedtls_to_psa_error( - mbedtls_pk_parse_public_key( &ctx, data, data_length ) ); - if( status != PSA_SUCCESS ) + mbedtls_pk_parse_public_key(&ctx, data, data_length)); + } + if (status != PSA_SUCCESS) { goto exit; + } /* We have something that the pkparse module recognizes. If it is a * valid RSA key, store it. */ - if( mbedtls_pk_get_type( &ctx ) != MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&ctx) != MBEDTLS_PK_RSA) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } @@ -100,24 +85,24 @@ psa_status_t mbedtls_psa_rsa_load_representation( /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS * supports non-byte-aligned key sizes, but not well. For example, * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */ - bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( mbedtls_pk_rsa( ctx ) ) ); - if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS ) - { + bits = PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(mbedtls_pk_rsa(ctx))); + if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } - status = psa_check_rsa_key_byte_aligned( mbedtls_pk_rsa( ctx ) ); - if( status != PSA_SUCCESS ) + status = psa_check_rsa_key_byte_aligned(mbedtls_pk_rsa(ctx)); + if (status != PSA_SUCCESS) { goto exit; + } /* Copy out the pointer to the RSA context, and reset the PK context * such that pk_free doesn't free the RSA context we just grabbed. */ - *p_rsa = mbedtls_pk_rsa( ctx ); + *p_rsa = mbedtls_pk_rsa(ctx); ctx.pk_info = NULL; exit: - mbedtls_pk_free( &ctx ); - return( status ); + mbedtls_pk_free(&ctx); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || @@ -133,179 +118,182 @@ psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ) + size_t *key_buffer_length, size_t *bits) { psa_status_t status; mbedtls_rsa_context *rsa = NULL; /* Parse input */ - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - data, - data_length, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + data, + data_length, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) ); + *bits = (psa_key_bits_t) PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(rsa)); /* Re-export the data to PSA export format, such that we can store export * representation in the key slot. Export representation in case of RSA is * the smallest representation that's allowed as input, so a straight-up * allocation of the same size as the input buffer will be large enough. */ - status = mbedtls_psa_rsa_export_key( attributes->core.type, - rsa, - key_buffer, - key_buffer_size, - key_buffer_length ); + status = mbedtls_psa_rsa_export_key(attributes->core.type, + rsa, + key_buffer, + key_buffer_size, + key_buffer_length); exit: /* Always free the RSA object */ - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } -psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, - mbedtls_rsa_context *rsa, - uint8_t *data, - size_t data_size, - size_t *data_length ) +psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, + mbedtls_rsa_context *rsa, + uint8_t *data, + size_t data_size, + size_t *data_length) { #if defined(MBEDTLS_PK_WRITE_C) int ret; mbedtls_pk_context pk; uint8_t *pos = data + data_size; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); pk.pk_info = &mbedtls_rsa_info; pk.pk_ctx = rsa; /* PSA Crypto API defines the format of an RSA key as a DER-encoded * representation of the non-encrypted PKCS#1 RSAPrivateKey for a * private key and of the RFC3279 RSAPublicKey for a public key. */ - if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) - ret = mbedtls_pk_write_key_der( &pk, data, data_size ); - else - ret = mbedtls_pk_write_pubkey( &pos, data, &pk ); + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + ret = mbedtls_pk_write_key_der(&pk, data, data_size); + } else { + ret = mbedtls_pk_write_pubkey(&pos, data, &pk); + } - if( ret < 0 ) - { + if (ret < 0) { /* Clean up in case pk_write failed halfway through. */ - memset( data, 0, data_size ); - return( mbedtls_to_psa_error( ret ) ); + memset(data, 0, data_size); + return mbedtls_to_psa_error(ret); } /* The mbedtls_pk_xxx functions write to the end of the buffer. * Move the data to the beginning and erase remaining data * at the original location. */ - if( 2 * (size_t) ret <= data_size ) - { - memcpy( data, data + data_size - ret, ret ); - memset( data + data_size - ret, 0, ret ); - } - else if( (size_t) ret < data_size ) - { - memmove( data, data + data_size - ret, ret ); - memset( data + ret, 0, data_size - ret ); + if (2 * (size_t) ret <= data_size) { + memcpy(data, data + data_size - ret, ret); + memset(data + data_size - ret, 0, ret); + } else if ((size_t) ret < data_size) { + memmove(data, data + data_size - ret, ret); + memset(data + ret, 0, data_size - ret); } *data_length = ret; - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else (void) type; (void) rsa; (void) data; (void) data_size; (void) data_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PK_WRITE_C */ } psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; status = mbedtls_psa_rsa_load_representation( - attributes->core.type, key_buffer, key_buffer_size, &rsa ); - if( status != PSA_SUCCESS ) - return( status ); + attributes->core.type, key_buffer, key_buffer_size, &rsa); + if (status != PSA_SUCCESS) { + return status; + } - status = mbedtls_psa_rsa_export_key( PSA_KEY_TYPE_RSA_PUBLIC_KEY, - rsa, - data, - data_size, - data_length ); + status = mbedtls_psa_rsa_export_key(PSA_KEY_TYPE_RSA_PUBLIC_KEY, + rsa, + data, + data_size, + data_length); - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ defined(MBEDTLS_GENPRIME) -static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, - size_t domain_parameters_size, - int *exponent ) +static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters, + size_t domain_parameters_size, + int *exponent) { size_t i; uint32_t acc = 0; - if( domain_parameters_size == 0 ) - { + if (domain_parameters_size == 0) { *exponent = 65537; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Mbed TLS encodes the public exponent as an int. For simplicity, only * support values that fit in a 32-bit integer, which is larger than * int on just about every platform anyway. */ - if( domain_parameters_size > sizeof( acc ) ) - return( PSA_ERROR_NOT_SUPPORTED ); - for( i = 0; i < domain_parameters_size; i++ ) - acc = ( acc << 8 ) | domain_parameters[i]; - if( acc > INT_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (domain_parameters_size > sizeof(acc)) { + return PSA_ERROR_NOT_SUPPORTED; + } + for (i = 0; i < domain_parameters_size; i++) { + acc = (acc << 8) | domain_parameters[i]; + } + if (acc > INT_MAX) { + return PSA_ERROR_NOT_SUPPORTED; + } *exponent = acc; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { psa_status_t status; mbedtls_rsa_context rsa; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int exponent; - status = psa_rsa_read_exponent( attributes->domain_parameters, - attributes->domain_parameters_size, - &exponent ); - if( status != PSA_SUCCESS ) - return( status ); - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_gen_key( &rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - (unsigned int)attributes->core.bits, - exponent ); - if( ret != 0 ) - return( mbedtls_to_psa_error( ret ) ); - - status = mbedtls_psa_rsa_export_key( attributes->core.type, - &rsa, key_buffer, key_buffer_size, - key_buffer_length ); - mbedtls_rsa_free( &rsa ); - - return( status ); + status = psa_rsa_read_exponent(attributes->domain_parameters, + attributes->domain_parameters_size, + &exponent); + if (status != PSA_SUCCESS) { + return status; + } + + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE); + ret = mbedtls_rsa_gen_key(&rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + (unsigned int) attributes->core.bits, + exponent); + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } + + status = mbedtls_psa_rsa_export_key(attributes->core.type, + &rsa, key_buffer, key_buffer_size, + key_buffer_length); + mbedtls_rsa_free(&rsa); + + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) * defined(MBEDTLS_GENPRIME) */ @@ -319,127 +307,129 @@ psa_status_t mbedtls_psa_rsa_generate_key( /* Decode the hash algorithm from alg and store the mbedtls encoding in * md_alg. Verify that the hash length is acceptable. */ -static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg, - size_t hash_length, - mbedtls_md_type_t *md_alg ) +static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg, + size_t hash_length, + mbedtls_md_type_t *md_alg) { - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg ); - *md_alg = mbedtls_md_get_type( md_info ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg); + *md_alg = mbedtls_md_get_type(md_info); /* The Mbed TLS RSA module uses an unsigned int for hash length * parameters. Validate that it fits so that we don't risk an * overflow later. */ #if SIZE_MAX > UINT_MAX - if( hash_length > UINT_MAX ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (hash_length > UINT_MAX) { + return PSA_ERROR_INVALID_ARGUMENT; + } #endif /* For signatures using a hash, the hash length must be correct. */ - if( alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW ) - { - if( md_info == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - if( mbedtls_md_get_size( md_info ) != hash_length ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { + if (md_info == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (mbedtls_md_get_size(md_info) != hash_length) { + return PSA_ERROR_INVALID_ARGUMENT; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - key_buffer, - key_buffer_size, - &rsa ); - if( status != PSA_SUCCESS ) - return( status ); + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + key_buffer, + key_buffer_size, + &rsa); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) + status = psa_rsa_decode_md_type(alg, hash_length, &md_alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( signature_size < mbedtls_rsa_get_len( rsa ) ) - { + if (signature_size < mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_BUFFER_TOO_SMALL; goto exit; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - md_alg, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE); + ret = mbedtls_rsa_pkcs1_sign(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + md_alg, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_sign( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_NONE, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PSS(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); + ret = mbedtls_rsa_rsassa_pss_sign(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PRIVATE, + MBEDTLS_MD_NONE, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } - if( ret == 0 ) - *signature_length = mbedtls_rsa_get_len( rsa ); - status = mbedtls_to_psa_error( ret ); + if (ret == 0) { + *signature_length = mbedtls_rsa_get_len(rsa); + } + status = mbedtls_to_psa_error(ret); exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) -static int rsa_pss_expected_salt_len( psa_algorithm_t alg, - const mbedtls_rsa_context *rsa, - size_t hash_length ) +static int rsa_pss_expected_salt_len(psa_algorithm_t alg, + const mbedtls_rsa_context *rsa, + size_t hash_length) { - if( PSA_ALG_IS_RSA_PSS_ANY_SALT( alg ) ) - return( MBEDTLS_RSA_SALT_LEN_ANY ); + if (PSA_ALG_IS_RSA_PSS_ANY_SALT(alg)) { + return MBEDTLS_RSA_SALT_LEN_ANY; + } /* Otherwise: standard salt length, i.e. largest possible salt length * up to the hash length. */ - int klen = (int) mbedtls_rsa_get_len( rsa ); // known to fit + int klen = (int) mbedtls_rsa_get_len(rsa); // known to fit int hlen = (int) hash_length; // known to fit int room = klen - 2 - hlen; - if( room < 0 ) - return( 0 ); // there is no valid signature in this case anyway - else if( room > hlen ) - return( hlen ); - else - return( room ); + if (room < 0) { + return 0; // there is no valid signature in this case anyway + } else if (room > hlen) { + return hlen; + } else { + return room; + } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ @@ -447,63 +437,60 @@ psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_rsa_context *rsa = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; - status = mbedtls_psa_rsa_load_representation( attributes->core.type, - key_buffer, - key_buffer_size, - &rsa ); - if( status != PSA_SUCCESS ) + status = mbedtls_psa_rsa_load_representation(attributes->core.type, + key_buffer, + key_buffer_size, + &rsa); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_rsa_decode_md_type( alg, hash_length, &md_alg ); - if( status != PSA_SUCCESS ) + status = psa_rsa_decode_md_type(alg, hash_length, &md_alg); + if (status != PSA_SUCCESS) { goto exit; + } - if( signature_length != mbedtls_rsa_get_len( rsa ) ) - { + if (signature_length != mbedtls_rsa_get_len(rsa)) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ) - { - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, - MBEDTLS_MD_NONE ); - ret = mbedtls_rsa_pkcs1_verify( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - md_alg, - (unsigned int) hash_length, - hash, - signature ); - } - else + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V15, + MBEDTLS_MD_NONE); + ret = mbedtls_rsa_pkcs1_verify(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + md_alg, + (unsigned int) hash_length, + hash, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if( PSA_ALG_IS_RSA_PSS( alg ) ) - { - int slen = rsa_pss_expected_salt_len( alg, rsa, hash_length ); - mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); - ret = mbedtls_rsa_rsassa_pss_verify_ext( rsa, - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, - md_alg, - (unsigned int) hash_length, - hash, - md_alg, - slen, - signature ); - } - else + if (PSA_ALG_IS_RSA_PSS(alg)) { + int slen = rsa_pss_expected_salt_len(alg, rsa, hash_length); + mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); + ret = mbedtls_rsa_rsassa_pss_verify_ext(rsa, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + MBEDTLS_RSA_PUBLIC, + md_alg, + (unsigned int) hash_length, + hash, + md_alg, + slen, + signature); + } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */ { status = PSA_ERROR_INVALID_ARGUMENT; @@ -513,15 +500,15 @@ psa_status_t mbedtls_psa_rsa_verify_hash( /* Mbed TLS distinguishes "invalid padding" from "valid padding but * the rest of the signature is invalid". This has little use in * practice and PSA doesn't report this distinction. */ - status = ( ret == MBEDTLS_ERR_RSA_INVALID_PADDING ) ? + status = (ret == MBEDTLS_ERR_RSA_INVALID_PADDING) ? PSA_ERROR_INVALID_SIGNATURE : - mbedtls_to_psa_error( ret ); + mbedtls_to_psa_error(ret); exit: - mbedtls_rsa_free( rsa ); - mbedtls_free( rsa ); + mbedtls_rsa_free(rsa); + mbedtls_free(rsa); - return( status ); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || diff --git a/third_party/mbedtls/repo/library/psa_crypto_rsa.h b/third_party/mbedtls/repo/library/psa_crypto_rsa.h index b76613e6c17..f4aadda73d4 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_rsa.h +++ b/third_party/mbedtls/repo/library/psa_crypto_rsa.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RSA_H @@ -34,10 +22,10 @@ * contents of the context and the context itself * when done. */ -psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type, - const uint8_t *data, - size_t data_length, - mbedtls_rsa_context **p_rsa ); +psa_status_t mbedtls_psa_rsa_load_representation(psa_key_type_t type, + const uint8_t *data, + size_t data_length, + mbedtls_rsa_context **p_rsa); /** Import an RSA key in binary format. * @@ -61,15 +49,15 @@ psa_status_t mbedtls_psa_rsa_load_representation( psa_key_type_t type, * \retval #PSA_SUCCESS The RSA key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits ); + size_t *key_buffer_length, size_t *bits); /** Export an RSA key to export representation * @@ -79,11 +67,11 @@ psa_status_t mbedtls_psa_rsa_import_key( * \param[in] data_size The length of the buffer to export to * \param[out] data_length The amount of bytes written to \p data */ -psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, - mbedtls_rsa_context *rsa, - uint8_t *data, - size_t data_size, - size_t *data_length ); +psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, + mbedtls_rsa_context *rsa, + uint8_t *data, + size_t data_size, + size_t *data_length); /** Export a public RSA key or the public part of an RSA key pair in binary * format. @@ -102,17 +90,17 @@ psa_status_t mbedtls_psa_rsa_export_key( psa_key_type_t type, * \p data. * * \retval #PSA_SUCCESS The RSA public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); /** * \brief Generate an RSA key. @@ -135,7 +123,7 @@ psa_status_t mbedtls_psa_rsa_export_public_key( */ psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); /** Sign an already-calculated hash with an RSA private key. * @@ -158,23 +146,23 @@ psa_status_t mbedtls_psa_rsa_generate_key( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_RSA_KEY_PAIR, \c key_bits, * \p alg) where \c key_bits is the bit-size of the RSA key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); /** * \brief Verify the signature a hash or short message using a public RSA key. @@ -202,14 +190,14 @@ psa_status_t mbedtls_psa_rsa_sign_hash( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_RSA_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_se.c b/third_party/mbedtls/repo/library/psa_crypto_se.c index 56678d6a90e..9628ff2899e 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_se.c +++ b/third_party/mbedtls/repo/library/psa_crypto_se.c @@ -3,26 +3,13 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#include #include #include @@ -38,10 +25,6 @@ #endif #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif @@ -52,19 +35,16 @@ /* This structure is identical to psa_drv_se_context_t declared in * `crypto_se_driver.h`, except that some parts are writable here * (non-const, or pointer to non-const). */ -typedef struct -{ +typedef struct { void *persistent_data; size_t persistent_data_size; uintptr_t transient_data; } psa_drv_se_internal_context_t; -struct psa_se_drv_table_entry_s -{ +struct psa_se_drv_table_entry_s { psa_key_location_t location; const psa_drv_se_t *methods; - union - { + union { psa_drv_se_internal_context_t internal; psa_drv_se_context_t context; } u; @@ -73,46 +53,49 @@ struct psa_se_drv_table_entry_s static psa_se_drv_table_entry_t driver_table[PSA_MAX_SE_DRIVERS]; psa_se_drv_table_entry_t *psa_get_se_driver_entry( - psa_key_lifetime_t lifetime ) + psa_key_lifetime_t lifetime) { size_t i; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); /* In the driver table, location=0 means an entry that isn't used. * No driver has a location of 0 because it's a reserved value * (which designates transparent keys). Make sure we never return * a driver entry for location 0. */ - if( location == 0 ) - return( NULL ); - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].location == location ) - return( &driver_table[i] ); + if (location == 0) { + return NULL; + } + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].location == location) { + return &driver_table[i]; + } } - return( NULL ); + return NULL; } const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { - return( driver->methods ); + return driver->methods; } psa_drv_se_context_t *psa_get_se_driver_context( - psa_se_drv_table_entry_t *driver ) + psa_se_drv_table_entry_t *driver) { - return( &driver->u.context ); + return &driver->u.context; } -int psa_get_se_driver( psa_key_lifetime_t lifetime, - const psa_drv_se_t **p_methods, - psa_drv_se_context_t **p_drv_context) +int psa_get_se_driver(psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context) { - psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime ); - if( p_methods != NULL ) - *p_methods = ( driver ? driver->methods : NULL ); - if( p_drv_context != NULL ) - *p_drv_context = ( driver ? &driver->u.context : NULL ); - return( driver != NULL ); + psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime); + if (p_methods != NULL) { + *p_methods = (driver ? driver->methods : NULL); + } + if (p_drv_context != NULL) { + *p_drv_context = (driver ? &driver->u.context : NULL); + } + return driver != NULL; } @@ -123,32 +106,35 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, static psa_status_t psa_get_se_driver_its_file_uid( const psa_se_drv_table_entry_t *driver, - psa_storage_uid_t *uid ) + psa_storage_uid_t *uid) { - if( driver->location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } #if SIZE_MAX > UINT32_MAX /* ITS file sizes are limited to 32 bits. */ - if( driver->u.internal.persistent_data_size > UINT32_MAX ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->u.internal.persistent_data_size > UINT32_MAX) { + return PSA_ERROR_NOT_SUPPORTED; + } #endif /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */ *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } psa_status_t psa_load_se_persistent_data( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { psa_status_t status; psa_storage_uid_t uid; size_t length; - status = psa_get_se_driver_its_file_uid( driver, &uid ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_se_driver_its_file_uid(driver, &uid); + if (status != PSA_SUCCESS) { + return status; + } /* Read the amount of persistent data that the driver requests. * If the data in storage is larger, it is truncated. If the data @@ -157,97 +143,98 @@ psa_status_t psa_load_se_persistent_data( /* psa_get_se_driver_its_file_uid ensures that the size_t * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ - return( psa_its_get( uid, 0, - (uint32_t) driver->u.internal.persistent_data_size, - driver->u.internal.persistent_data, - &length ) ); + return psa_its_get(uid, 0, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, + &length); } psa_status_t psa_save_se_persistent_data( - const psa_se_drv_table_entry_t *driver ) + const psa_se_drv_table_entry_t *driver) { psa_status_t status; psa_storage_uid_t uid; - status = psa_get_se_driver_its_file_uid( driver, &uid ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_se_driver_its_file_uid(driver, &uid); + if (status != PSA_SUCCESS) { + return status; + } /* psa_get_se_driver_its_file_uid ensures that the size_t * persistent_data_size is in range, but compilers don't know that, * so cast to reassure them. */ - return( psa_its_set( uid, - (uint32_t) driver->u.internal.persistent_data_size, - driver->u.internal.persistent_data, - 0 ) ); + return psa_its_set(uid, + (uint32_t) driver->u.internal.persistent_data_size, + driver->u.internal.persistent_data, + 0); } -psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ) +psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location) { psa_storage_uid_t uid; - if( location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + location; - return( psa_its_remove( uid ) ); + return psa_its_remove(uid); } psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t *slot_number ) + psa_key_slot_number_t *slot_number) { psa_status_t status; psa_key_location_t key_location = - PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( attributes ) ); + PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes)); /* If the location is wrong, it's a bug in the library. */ - if( driver->location != key_location ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (driver->location != key_location) { + return PSA_ERROR_CORRUPTION_DETECTED; + } /* If the driver doesn't support key creation in any way, give up now. */ - if( driver->methods->key_management == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (driver->methods->key_management == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } - if( psa_get_key_slot_number( attributes, slot_number ) == PSA_SUCCESS ) - { + if (psa_get_key_slot_number(attributes, slot_number) == PSA_SUCCESS) { /* The application wants to use a specific slot. Allow it if * the driver supports it. On a system with isolation, * the crypto service must check that the application is * permitted to request this slot. */ psa_drv_se_validate_slot_number_t p_validate_slot_number = driver->methods->key_management->p_validate_slot_number; - if( p_validate_slot_number == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = p_validate_slot_number( &driver->u.context, - driver->u.internal.persistent_data, - attributes, method, - *slot_number ); - } - else if( method == PSA_KEY_CREATION_REGISTER ) - { + if (p_validate_slot_number == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + status = p_validate_slot_number(&driver->u.context, + driver->u.internal.persistent_data, + attributes, method, + *slot_number); + } else if (method == PSA_KEY_CREATION_REGISTER) { /* The application didn't specify a slot number. This doesn't * make sense when registering a slot. */ - return( PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + return PSA_ERROR_INVALID_ARGUMENT; + } else { /* The application didn't tell us which slot to use. Let the driver * choose. This is the normal case. */ psa_drv_se_allocate_key_t p_allocate = driver->methods->key_management->p_allocate; - if( p_allocate == NULL ) - return( PSA_ERROR_NOT_SUPPORTED ); - status = p_allocate( &driver->u.context, - driver->u.internal.persistent_data, - attributes, method, - slot_number ); + if (p_allocate == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } + status = p_allocate(&driver->u.context, + driver->u.internal.persistent_data, + attributes, method, + slot_number); } - return( status ); + return status; } -psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t slot_number ) +psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number) { psa_status_t status; psa_status_t storage_status; @@ -259,40 +246,42 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, * locked in a read-only state: we can use the keys but not * destroy them. Hence, if the driver doesn't support destroying * keys, it's really a lack of permission. */ - if( driver->methods->key_management == NULL || - driver->methods->key_management->p_destroy == NULL ) - return( PSA_ERROR_NOT_PERMITTED ); + if (driver->methods->key_management == NULL || + driver->methods->key_management->p_destroy == NULL) { + return PSA_ERROR_NOT_PERMITTED; + } status = driver->methods->key_management->p_destroy( &driver->u.context, driver->u.internal.persistent_data, - slot_number ); - storage_status = psa_save_se_persistent_data( driver ); - return( status == PSA_SUCCESS ? storage_status : status ); + slot_number); + storage_status = psa_save_se_persistent_data(driver); + return status == PSA_SUCCESS ? storage_status : status; } -psa_status_t psa_init_all_se_drivers( void ) +psa_status_t psa_init_all_se_drivers(void) { size_t i; - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { psa_se_drv_table_entry_t *driver = &driver_table[i]; - if( driver->location == 0 ) + if (driver->location == 0) { continue; /* skipping unused entry */ - const psa_drv_se_t *methods = psa_get_se_driver_methods( driver ); - if( methods->p_init != NULL ) - { + } + const psa_drv_se_t *methods = psa_get_se_driver_methods(driver); + if (methods->p_init != NULL) { psa_status_t status = methods->p_init( &driver->u.context, driver->u.internal.persistent_data, - driver->location ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_save_se_persistent_data( driver ); - if( status != PSA_SUCCESS ) - return( status ); + driver->location); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_save_se_persistent_data(driver); + if (status != PSA_SUCCESS) { + return status; + } } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } @@ -308,70 +297,72 @@ psa_status_t psa_register_se_driver( size_t i; psa_status_t status; - if( methods->hal_version != PSA_DRV_SE_HAL_VERSION ) - return( PSA_ERROR_NOT_SUPPORTED ); + if (methods->hal_version != PSA_DRV_SE_HAL_VERSION) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Driver table entries are 0-initialized. 0 is not a valid driver * location because it means a transparent key. */ -#if defined(static_assert) - static_assert( PSA_KEY_LOCATION_LOCAL_STORAGE == 0, - "Secure element support requires 0 to mean a local key" ); -#endif - if( location == PSA_KEY_LOCATION_LOCAL_STORAGE ) - return( PSA_ERROR_INVALID_ARGUMENT ); - if( location > PSA_MAX_SE_LOCATION ) - return( PSA_ERROR_NOT_SUPPORTED ); - - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].location == 0 ) + MBEDTLS_STATIC_ASSERT(PSA_KEY_LOCATION_LOCAL_STORAGE == 0, + "Secure element support requires 0 to mean a local key"); + if (location == PSA_KEY_LOCATION_LOCAL_STORAGE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (location > PSA_MAX_SE_LOCATION) { + return PSA_ERROR_NOT_SUPPORTED; + } + + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].location == 0) { break; + } /* Check that location isn't already in use up to the first free * entry. Since entries are created in order and never deleted, * there can't be a used entry after the first free entry. */ - if( driver_table[i].location == location ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (driver_table[i].location == location) { + return PSA_ERROR_ALREADY_EXISTS; + } + } + if (i == PSA_MAX_SE_DRIVERS) { + return PSA_ERROR_INSUFFICIENT_MEMORY; } - if( i == PSA_MAX_SE_DRIVERS ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); driver_table[i].location = location; driver_table[i].methods = methods; driver_table[i].u.internal.persistent_data_size = methods->persistent_data_size; - if( methods->persistent_data_size != 0 ) - { + if (methods->persistent_data_size != 0) { driver_table[i].u.internal.persistent_data = - mbedtls_calloc( 1, methods->persistent_data_size ); - if( driver_table[i].u.internal.persistent_data == NULL ) - { + mbedtls_calloc(1, methods->persistent_data_size); + if (driver_table[i].u.internal.persistent_data == NULL) { status = PSA_ERROR_INSUFFICIENT_MEMORY; goto error; } /* Load the driver's persistent data. On first use, the persistent * data does not exist in storage, and is initialized to * all-bits-zero by the calloc call just above. */ - status = psa_load_se_persistent_data( &driver_table[i] ); - if( status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST ) + status = psa_load_se_persistent_data(&driver_table[i]); + if (status != PSA_SUCCESS && status != PSA_ERROR_DOES_NOT_EXIST) { goto error; + } } - return( PSA_SUCCESS ); + return PSA_SUCCESS; error: - memset( &driver_table[i], 0, sizeof( driver_table[i] ) ); - return( status ); + memset(&driver_table[i], 0, sizeof(driver_table[i])); + return status; } -void psa_unregister_all_se_drivers( void ) +void psa_unregister_all_se_drivers(void) { size_t i; - for( i = 0; i < PSA_MAX_SE_DRIVERS; i++ ) - { - if( driver_table[i].u.internal.persistent_data != NULL ) - mbedtls_free( driver_table[i].u.internal.persistent_data ); + for (i = 0; i < PSA_MAX_SE_DRIVERS; i++) { + if (driver_table[i].u.internal.persistent_data != NULL) { + mbedtls_free(driver_table[i].u.internal.persistent_data); + } } - memset( driver_table, 0, sizeof( driver_table ) ); + memset(driver_table, 0, sizeof(driver_table)); } diff --git a/third_party/mbedtls/repo/library/psa_crypto_se.h b/third_party/mbedtls/repo/library/psa_crypto_se.h index 710426168d6..14a700056c0 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_se.h +++ b/third_party/mbedtls/repo/library/psa_crypto_se.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_H @@ -51,7 +39,7 @@ * actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE * which doesn't have a driver. */ -#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 ) +#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ((psa_key_id_t) 0xfffffe00) /** The maximum number of registered secure element driver locations. */ #define PSA_MAX_SE_DRIVERS 4 @@ -62,13 +50,13 @@ * state. This function is only intended to be called at the end * of mbedtls_psa_crypto_free(). */ -void psa_unregister_all_se_drivers( void ); +void psa_unregister_all_se_drivers(void); /** Initialize all secure element drivers. * * Called from psa_crypto_init(). */ -psa_status_t psa_init_all_se_drivers( void ); +psa_status_t psa_init_all_se_drivers(void); /** A structure that describes a registered secure element driver. * @@ -93,9 +81,9 @@ typedef struct psa_se_drv_table_entry_s psa_se_drv_table_entry_t; * \retval 0 * \p lifetime does not correspond to a registered driver. */ -int psa_get_se_driver( psa_key_lifetime_t lifetime, - const psa_drv_se_t **p_methods, - psa_drv_se_context_t **p_drv_context); +int psa_get_se_driver(psa_key_lifetime_t lifetime, + const psa_drv_se_t **p_methods, + psa_drv_se_context_t **p_drv_context); /** Return the secure element driver table entry for a lifetime value. * @@ -105,7 +93,7 @@ int psa_get_se_driver( psa_key_lifetime_t lifetime, * \p NULL if \p lifetime does not correspond to a registered driver. */ psa_se_drv_table_entry_t *psa_get_se_driver_entry( - psa_key_lifetime_t lifetime ); + psa_key_lifetime_t lifetime); /** Return the method table for a secure element driver. * @@ -115,7 +103,7 @@ psa_se_drv_table_entry_t *psa_get_se_driver_entry( * \c NULL if \p driver is \c NULL. */ const psa_drv_se_t *psa_get_se_driver_methods( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Return the context of a secure element driver. * @@ -125,7 +113,7 @@ const psa_drv_se_t *psa_get_se_driver_methods( * \c NULL if \p driver is \c NULL. */ psa_drv_se_context_t *psa_get_se_driver_context( - psa_se_drv_table_entry_t *driver ); + psa_se_drv_table_entry_t *driver); /** Find a free slot for a key that is to be created. * @@ -141,15 +129,15 @@ psa_status_t psa_find_se_slot_for_key( const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t *slot_number ); + psa_key_slot_number_t *slot_number); -/** Destoy a key in a secure element. +/** Destroy a key in a secure element. * * This function calls the relevant driver method to destroy a key * and updates the driver's persistent data. */ -psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, - psa_key_slot_number_t slot_number ); +psa_status_t psa_destroy_se_key(psa_se_drv_table_entry_t *driver, + psa_key_slot_number_t slot_number); /** Load the persistent data of a secure element driver. * @@ -164,7 +152,7 @@ psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver, * \return #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_load_se_persistent_data( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Save the persistent data of a secure element driver. * @@ -180,7 +168,7 @@ psa_status_t psa_load_se_persistent_data( * \return #PSA_ERROR_INVALID_ARGUMENT */ psa_status_t psa_save_se_persistent_data( - const psa_se_drv_table_entry_t *driver ); + const psa_se_drv_table_entry_t *driver); /** Destroy the persistent data of a secure element driver. * @@ -189,14 +177,13 @@ psa_status_t psa_save_se_persistent_data( * \param[in] location The location identifier for the driver whose * persistent data is to be erased. */ -psa_status_t psa_destroy_se_persistent_data( psa_key_location_t location ); +psa_status_t psa_destroy_se_persistent_data(psa_key_location_t location); /** The storage representation of a key whose data is in a secure element. */ -typedef struct -{ - uint8_t slot_number[sizeof( psa_key_slot_number_t )]; +typedef struct { + uint8_t slot_number[sizeof(psa_key_slot_number_t)]; } psa_se_key_data_storage_t; #endif /* PSA_CRYPTO_SE_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_slot_management.c b/third_party/mbedtls/repo/library/psa_crypto_slot_management.c index 6f69fc88381..b79c713abba 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_slot_management.c +++ b/third_party/mbedtls/repo/library/psa_crypto_slot_management.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -34,37 +22,33 @@ #include #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) -typedef struct -{ +typedef struct { psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; unsigned key_slots_initialized : 1; } psa_global_data_t; static psa_global_data_t global_data; -int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) +int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok) { - psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); - if( ( PSA_KEY_ID_USER_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_USER_MAX ) ) - return( 1 ); + if ((PSA_KEY_ID_USER_MIN <= key_id) && + (key_id <= PSA_KEY_ID_USER_MAX)) { + return 1; + } - if( vendor_ok && - ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && - ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) - return( 1 ); + if (vendor_ok && + (PSA_KEY_ID_VENDOR_MIN <= key_id) && + (key_id <= PSA_KEY_ID_VENDOR_MAX)) { + return 1; + } - return( 0 ); + return 0; } /** Get the description in memory of a key given its identifier and lock it. @@ -99,16 +83,15 @@ int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) * There is no key with key identifier \p key in the key slots. */ static psa_status_t psa_get_and_lock_key_slot_in_memory( - mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot ) + mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); + psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); size_t slot_idx; psa_key_slot_t *slot = NULL; - if( psa_key_id_is_volatile( key_id ) ) - { - slot = &global_data.key_slots[ key_id - PSA_KEY_ID_VOLATILE_MIN ]; + if (psa_key_id_is_volatile(key_id)) { + slot = &global_data.key_slots[key_id - PSA_KEY_ID_VOLATILE_MIN]; /* * Check if both the PSA key identifier key_id and the owner @@ -118,83 +101,79 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( * is equal to zero. This is an invalid value for a PSA key identifier * and thus cannot be equal to the valid PSA key identifier key_id. */ - status = mbedtls_svc_key_id_equal( key, slot->attr.id ) ? + status = mbedtls_svc_key_id_equal(key, slot->attr.id) ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; - } - else - { - if ( !psa_is_valid_key_id( key, 1 ) ) - return( PSA_ERROR_INVALID_HANDLE ); + } else { + if (!psa_is_valid_key_id(key, 1)) { + return PSA_ERROR_INVALID_HANDLE; + } - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - slot = &global_data.key_slots[ slot_idx ]; - if( mbedtls_svc_key_id_equal( key, slot->attr.id ) ) + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + slot = &global_data.key_slots[slot_idx]; + if (mbedtls_svc_key_id_equal(key, slot->attr.id)) { break; + } } - status = ( slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT ) ? + status = (slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT) ? PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST; } - if( status == PSA_SUCCESS ) - { - status = psa_lock_key_slot( slot ); - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { + status = psa_lock_key_slot(slot); + if (status == PSA_SUCCESS) { *p_slot = slot; + } } - return( status ); + return status; } -psa_status_t psa_initialize_key_slots( void ) +psa_status_t psa_initialize_key_slots(void) { /* Nothing to do: program startup and psa_wipe_all_key_slots() both * guarantee that the key slots are initialized to all-zero, which * means that all the key slots are in a valid, empty state. */ global_data.key_slots_initialized = 1; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void psa_wipe_all_key_slots( void ) +void psa_wipe_all_key_slots(void) { size_t slot_idx; - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; slot->lock_count = 1; - (void) psa_wipe_key_slot( slot ); + (void) psa_wipe_key_slot(slot); } global_data.key_slots_initialized = 0; } -psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot ) +psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot; - if( ! global_data.key_slots_initialized ) - { + if (!global_data.key_slots_initialized) { status = PSA_ERROR_BAD_STATE; goto error; } selected_slot = unlocked_persistent_key_slot = NULL; - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( ! psa_is_key_slot_occupied( slot ) ) - { + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; + if (!psa_is_key_slot_occupied(slot)) { selected_slot = slot; break; } - if( ( unlocked_persistent_key_slot == NULL ) && - ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( ! psa_is_key_slot_locked( slot ) ) ) + if ((unlocked_persistent_key_slot == NULL) && + (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && + (!psa_is_key_slot_locked(slot))) { unlocked_persistent_key_slot = slot; + } } /* @@ -204,25 +183,24 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, * persistent key we are evicting now, we will reload its description from * storage. */ - if( ( selected_slot == NULL ) && - ( unlocked_persistent_key_slot != NULL ) ) - { + if ((selected_slot == NULL) && + (unlocked_persistent_key_slot != NULL)) { selected_slot = unlocked_persistent_key_slot; selected_slot->lock_count = 1; - psa_wipe_key_slot( selected_slot ); + psa_wipe_key_slot(selected_slot); } - if( selected_slot != NULL ) - { - status = psa_lock_key_slot( selected_slot ); - if( status != PSA_SUCCESS ) - goto error; + if (selected_slot != NULL) { + status = psa_lock_key_slot(selected_slot); + if (status != PSA_SUCCESS) { + goto error; + } *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + - ( (psa_key_id_t)( selected_slot - global_data.key_slots ) ); + ((psa_key_id_t) (selected_slot - global_data.key_slots)); *p_slot = selected_slot; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } status = PSA_ERROR_INSUFFICIENT_MEMORY; @@ -230,53 +208,52 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, *p_slot = NULL; *volatile_key_id = 0; - return( status ); + return status; } #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) -static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *slot ) +static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) { psa_status_t status = PSA_SUCCESS; uint8_t *key_data = NULL; size_t key_data_length = 0; - status = psa_load_persistent_key( &slot->attr, - &key_data, &key_data_length ); - if( status != PSA_SUCCESS ) + status = psa_load_persistent_key(&slot->attr, + &key_data, &key_data_length); + if (status != PSA_SUCCESS) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Special handling is required for loading keys associated with a * dynamically registered SE interface. */ const psa_drv_se_t *drv; psa_drv_se_context_t *drv_context; - if( psa_get_se_driver( slot->attr.lifetime, &drv, &drv_context ) ) - { + if (psa_get_se_driver(slot->attr.lifetime, &drv, &drv_context)) { psa_se_key_data_storage_t *data; - if( key_data_length != sizeof( *data ) ) - { + if (key_data_length != sizeof(*data)) { status = PSA_ERROR_DATA_INVALID; goto exit; } data = (psa_se_key_data_storage_t *) key_data; status = psa_copy_key_material_into_slot( - slot, data->slot_number, sizeof( data->slot_number ) ); + slot, data->slot_number, sizeof(data->slot_number)); goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - status = psa_copy_key_material_into_slot( slot, key_data, key_data_length ); + status = psa_copy_key_material_into_slot(slot, key_data, key_data_length); exit: - psa_free_persistent_key_data( key_data, key_data_length ); - return( status ); + psa_free_persistent_key_data(key_data, key_data_length); + return status; } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) -static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) +static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -285,91 +262,98 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot ) size_t key_buffer_size = 0; size_t key_buffer_length = 0; - if( ! psa_key_id_is_builtin( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ) ) ) - { - return( PSA_ERROR_DOES_NOT_EXIST ); + if (!psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id))) { + return PSA_ERROR_DOES_NOT_EXIST; } /* Check the platform function to see whether this key actually exists */ status = mbedtls_psa_platform_get_builtin_key( - slot->attr.id, &lifetime, &slot_number ); - if( status != PSA_SUCCESS ) - return( status ); + slot->attr.id, &lifetime, &slot_number); + if (status != PSA_SUCCESS) { + return status; + } /* Set required key attributes to ensure get_builtin_key can retrieve the * full attributes. */ - psa_set_key_id( &attributes, slot->attr.id ); - psa_set_key_lifetime( &attributes, lifetime ); + psa_set_key_id(&attributes, slot->attr.id); + psa_set_key_lifetime(&attributes, lifetime); /* Get the full key attributes from the driver in order to be able to * calculate the required buffer size. */ status = psa_driver_wrapper_get_builtin_key( - slot_number, &attributes, - NULL, 0, NULL ); - if( status != PSA_ERROR_BUFFER_TOO_SMALL ) - { + slot_number, &attributes, + NULL, 0, NULL); + if (status != PSA_ERROR_BUFFER_TOO_SMALL) { /* Builtin keys cannot be defined by the attributes alone */ - if( status == PSA_SUCCESS ) + if (status == PSA_SUCCESS) { status = PSA_ERROR_CORRUPTION_DETECTED; - return( status ); + } + return status; } /* If the key should exist according to the platform, then ask the driver * what its expected size is. */ - status = psa_driver_wrapper_get_key_buffer_size( &attributes, - &key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_driver_wrapper_get_key_buffer_size(&attributes, + &key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } /* Allocate a buffer of the required size and load the builtin key directly * into the (now properly sized) slot buffer. */ - status = psa_allocate_buffer_to_slot( slot, key_buffer_size ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_allocate_buffer_to_slot(slot, key_buffer_size); + if (status != PSA_SUCCESS) { + return status; + } status = psa_driver_wrapper_get_builtin_key( - slot_number, &attributes, - slot->key.data, slot->key.bytes, &key_buffer_length ); - if( status != PSA_SUCCESS ) + slot_number, &attributes, + slot->key.data, slot->key.bytes, &key_buffer_length); + if (status != PSA_SUCCESS) { goto exit; + } /* Copy actual key length and core attributes into the slot on success */ slot->key.bytes = key_buffer_length; slot->attr = attributes.core; exit: - if( status != PSA_SUCCESS ) - psa_remove_key_data_from_memory( slot ); - return( status ); + if (status != PSA_SUCCESS) { + psa_remove_key_data_from_memory(slot); + } + return status; } #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ) +psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; *p_slot = NULL; - if( ! global_data.key_slots_initialized ) - return( PSA_ERROR_BAD_STATE ); + if (!global_data.key_slots_initialized) { + return PSA_ERROR_BAD_STATE; + } /* * On success, the pointer to the slot is passed directly to the caller * thus no need to unlock the key slot here. */ - status = psa_get_and_lock_key_slot_in_memory( key, p_slot ); - if( status != PSA_ERROR_DOES_NOT_EXIST ) - return( status ); + status = psa_get_and_lock_key_slot_in_memory(key, p_slot); + if (status != PSA_ERROR_DOES_NOT_EXIST) { + return status; + } /* Loading keys from storage requires support for such a mechanism */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_key_id_t volatile_key_id; - status = psa_get_empty_key_slot( &volatile_key_id, p_slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + if (status != PSA_SUCCESS) { + return status; + } (*p_slot)->attr.id = key; (*p_slot)->attr.lifetime = PSA_KEY_LIFETIME_PERSISTENT; @@ -377,39 +361,40 @@ psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, status = PSA_ERROR_DOES_NOT_EXIST; #if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) /* Load keys in the 'builtin' range through their own interface */ - status = psa_load_builtin_key_into_slot( *p_slot ); + status = psa_load_builtin_key_into_slot(*p_slot); #endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( status == PSA_ERROR_DOES_NOT_EXIST ) - status = psa_load_persistent_key_into_slot( *p_slot ); + if (status == PSA_ERROR_DOES_NOT_EXIST) { + status = psa_load_persistent_key_into_slot(*p_slot); + } #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ - if( status != PSA_SUCCESS ) - { - psa_wipe_key_slot( *p_slot ); - if( status == PSA_ERROR_DOES_NOT_EXIST ) + if (status != PSA_SUCCESS) { + psa_wipe_key_slot(*p_slot); + if (status == PSA_ERROR_DOES_NOT_EXIST) { status = PSA_ERROR_INVALID_HANDLE; - } - else + } + } else { /* Add implicit usage flags. */ - psa_extend_key_usage_flags( &(*p_slot)->attr.policy.usage ); + psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage); + } - return( status ); + return status; #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - return( PSA_ERROR_INVALID_HANDLE ); + return PSA_ERROR_INVALID_HANDLE; #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } -psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) +psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot) { - if( slot == NULL ) - return( PSA_SUCCESS ); + if (slot == NULL) { + return PSA_SUCCESS; + } - if( slot->lock_count > 0 ) - { + if (slot->lock_count > 0) { slot->lock_count--; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* @@ -420,25 +405,24 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ) * test suite execution). */ #ifdef MBEDTLS_CHECK_PARAMS - MBEDTLS_PARAM_FAILED( slot->lock_count > 0 ); + MBEDTLS_PARAM_FAILED(slot->lock_count > 0); #endif - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; } -psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, - psa_se_drv_table_entry_t **p_drv ) +psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, + psa_se_drv_table_entry_t **p_drv) { - if ( psa_key_lifetime_is_external( lifetime ) ) - { + if (psa_key_lifetime_is_external(lifetime)) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Check whether a driver is registered against this lifetime */ - psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime ); - if( driver != NULL ) - { - if (p_drv != NULL) + psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry(lifetime); + if (driver != NULL) { + if (p_drv != NULL) { *p_drv = driver; - return( PSA_SUCCESS ); + } + return PSA_SUCCESS; } #else /* MBEDTLS_PSA_CRYPTO_SE_C */ (void) p_drv; @@ -446,139 +430,138 @@ psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) /* Key location for external keys gets checked by the wrapper */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; #else /* MBEDTLS_PSA_CRYPTO_DRIVERS */ /* No support for external lifetimes at all, or dynamic interface * did not find driver for requested lifetime. */ - return( PSA_ERROR_INVALID_ARGUMENT ); + return PSA_ERROR_INVALID_ARGUMENT; #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ - } - else + } else { /* Local/internal keys are always valid */ - return( PSA_SUCCESS ); + return PSA_SUCCESS; + } } -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ) +psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime) { - if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* Volatile keys are always supported */ - return( PSA_SUCCESS ); - } - else - { + return PSA_SUCCESS; + } else { /* Persistent keys require storage support */ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else - return( PSA_SUCCESS ); + if (PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime)) { + return PSA_ERROR_INVALID_ARGUMENT; + } else { + return PSA_SUCCESS; + } #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */ } } -psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle ) +psa_status_t psa_open_key(mbedtls_svc_key_id_t key, psa_key_handle_t *handle) { #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || \ defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_status_t status; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot( key, &slot ); - if( status != PSA_SUCCESS ) - { + status = psa_get_and_lock_key_slot(key, &slot); + if (status != PSA_SUCCESS) { *handle = PSA_KEY_HANDLE_INIT; - if( status == PSA_ERROR_INVALID_HANDLE ) + if (status == PSA_ERROR_INVALID_HANDLE) { status = PSA_ERROR_DOES_NOT_EXIST; + } - return( status ); + return status; } *handle = key; - return( psa_unlock_key_slot( slot ) ); + return psa_unlock_key_slot(slot); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) key; *handle = PSA_KEY_HANDLE_INIT; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } -psa_status_t psa_close_key( psa_key_handle_t handle ) +psa_status_t psa_close_key(psa_key_handle_t handle) { psa_status_t status; psa_key_slot_t *slot; - if( psa_key_handle_is_null( handle ) ) - return( PSA_SUCCESS ); + if (psa_key_handle_is_null(handle)) { + return PSA_SUCCESS; + } - status = psa_get_and_lock_key_slot_in_memory( handle, &slot ); - if( status != PSA_SUCCESS ) - { - if( status == PSA_ERROR_DOES_NOT_EXIST ) + status = psa_get_and_lock_key_slot_in_memory(handle, &slot); + if (status != PSA_SUCCESS) { + if (status == PSA_ERROR_DOES_NOT_EXIST) { status = PSA_ERROR_INVALID_HANDLE; + } - return( status ); + return status; + } + if (slot->lock_count <= 1) { + return psa_wipe_key_slot(slot); + } else { + return psa_unlock_key_slot(slot); } - if( slot->lock_count <= 1 ) - return( psa_wipe_key_slot( slot ) ); - else - return( psa_unlock_key_slot( slot ) ); } -psa_status_t psa_purge_key( mbedtls_svc_key_id_t key ) +psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) { psa_status_t status; psa_key_slot_t *slot; - status = psa_get_and_lock_key_slot_in_memory( key, &slot ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_get_and_lock_key_slot_in_memory(key, &slot); + if (status != PSA_SUCCESS) { + return status; + } - if( ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) && - ( slot->lock_count <= 1 ) ) - return( psa_wipe_key_slot( slot ) ); - else - return( psa_unlock_key_slot( slot ) ); + if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && + (slot->lock_count <= 1)) { + return psa_wipe_key_slot(slot); + } else { + return psa_unlock_key_slot(slot); + } } -void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats ) +void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats) { size_t slot_idx; - memset( stats, 0, sizeof( *stats ) ); + memset(stats, 0, sizeof(*stats)); - for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) - { - const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ]; - if( psa_is_key_slot_locked( slot ) ) - { + for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { + const psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; + if (psa_is_key_slot_locked(slot)) { ++stats->locked_slots; } - if( ! psa_is_key_slot_occupied( slot ) ) - { + if (!psa_is_key_slot_occupied(slot)) { ++stats->empty_slots; continue; } - if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) + if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { ++stats->volatile_slots; - else - { - psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); + } else { + psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id); ++stats->persistent_slots; - if( id > stats->max_open_internal_key_id ) + if (id > stats->max_open_internal_key_id) { stats->max_open_internal_key_id = id; + } } - if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) != - PSA_KEY_LOCATION_LOCAL_STORAGE ) - { - psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id ); + if (PSA_KEY_LIFETIME_GET_LOCATION(slot->attr.lifetime) != + PSA_KEY_LOCATION_LOCAL_STORAGE) { + psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(slot->attr.id); ++stats->external_slots; - if( id > stats->max_open_external_key_id ) + if (id > stats->max_open_external_key_id) { stats->max_open_external_key_id = id; + } } } } diff --git a/third_party/mbedtls/repo/library/psa_crypto_slot_management.h b/third_party/mbedtls/repo/library/psa_crypto_slot_management.h index d539bdd8661..6041a352891 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_slot_management.h +++ b/third_party/mbedtls/repo/library/psa_crypto_slot_management.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H @@ -35,8 +23,8 @@ /** The minimum value for a volatile key identifier. */ -#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \ - MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) +#define PSA_KEY_ID_VOLATILE_MIN (PSA_KEY_ID_VENDOR_MAX - \ + MBEDTLS_PSA_KEY_SLOT_COUNT + 1) /** The maximum value for a volatile key identifier. */ @@ -51,10 +39,10 @@ * \retval 0 * The key identifier is not a volatile key identifier. */ -static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) +static inline int psa_key_id_is_volatile(psa_key_id_t key_id) { - return( ( key_id >= PSA_KEY_ID_VOLATILE_MIN ) && - ( key_id <= PSA_KEY_ID_VOLATILE_MAX ) ); + return (key_id >= PSA_KEY_ID_VOLATILE_MIN) && + (key_id <= PSA_KEY_ID_VOLATILE_MAX); } /** Get the description of a key given its identifier and lock it. @@ -88,24 +76,24 @@ static inline int psa_key_id_is_volatile( psa_key_id_t key_id ) * due to a lack of empty key slot, or available memory. * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no key with key identifier \p key. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ -psa_status_t psa_get_and_lock_key_slot( mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, + psa_key_slot_t **p_slot); /** Initialize the key slot structures. * * \retval #PSA_SUCCESS * Currently this function always succeeds. */ -psa_status_t psa_initialize_key_slots( void ); +psa_status_t psa_initialize_key_slots(void); /** Delete all data from key slots in memory. * * This does not affect persistent storage. */ -void psa_wipe_all_key_slots( void ); +void psa_wipe_all_key_slots(void); /** Find a free key slot. * @@ -118,12 +106,12 @@ void psa_wipe_all_key_slots( void ); * associated to the returned slot. * \param[out] p_slot On success, a pointer to the slot. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_BAD_STATE \emptydescription */ -psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot ); +psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot); /** Lock a key slot. * @@ -137,14 +125,15 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id, * The lock counter already reached its maximum value and was not * increased. */ -static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot ) +static inline psa_status_t psa_lock_key_slot(psa_key_slot_t *slot) { - if( slot->lock_count >= SIZE_MAX ) - return( PSA_ERROR_CORRUPTION_DETECTED ); + if (slot->lock_count >= SIZE_MAX) { + return PSA_ERROR_CORRUPTION_DETECTED; + } slot->lock_count++; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** Unlock a key slot. @@ -163,7 +152,7 @@ static inline psa_status_t psa_lock_key_slot( psa_key_slot_t *slot ) * The lock counter was equal to 0. * */ -psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ); +psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot); /** Test whether a lifetime designates a key in an external cryptoprocessor. * @@ -177,10 +166,10 @@ psa_status_t psa_unlock_key_slot( psa_key_slot_t *slot ); * The lifetime designates a key that is volatile or in internal * storage. */ -static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) +static inline int psa_key_lifetime_is_external(psa_key_lifetime_t lifetime) { - return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) - != PSA_KEY_LOCATION_LOCAL_STORAGE ); + return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) + != PSA_KEY_LOCATION_LOCAL_STORAGE; } /** Validate a key's location. @@ -194,21 +183,21 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime ) * storage, returns a pointer to the driver table * associated with the key's storage location. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription */ -psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime, - psa_se_drv_table_entry_t **p_drv ); +psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, + psa_se_drv_table_entry_t **p_drv); /** Validate the persistence of a key. * * \param[in] lifetime The key lifetime attribute. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys * are not supported. */ -psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); +psa_status_t psa_validate_key_persistence(psa_key_lifetime_t lifetime); /** Validate a key identifier. * @@ -219,6 +208,6 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); * * \retval <> 0 if the key identifier is valid, 0 otherwise. */ -int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); +int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_storage.c b/third_party/mbedtls/repo/library/psa_crypto_storage.c index b485c50c69f..a0e40c8937e 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_storage.c +++ b/third_party/mbedtls/repo/library/psa_crypto_storage.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -36,13 +24,7 @@ #include "psa/internal_trusted_storage.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /****************************************************************/ /* Key storage */ @@ -53,22 +35,22 @@ * other than storing a key. Currently, the only such file is the random seed * file whose name is PSA_CRYPTO_ITS_RANDOM_SEED_UID and whose value is * 0xFFFFFF52. */ -static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) +static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key) { #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) /* Encode the owner in the upper 32 bits. This means that if * owner values are nonzero (as they are on a PSA platform), * no key file will ever have a value less than 0x100000000, so * the whole range 0..0xffffffff is available for non-key files. */ - uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ); - return( ( (uint64_t) unsigned_owner_id << 32 ) | - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) ); + uint32_t unsigned_owner_id = MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key); + return ((uint64_t) unsigned_owner_id << 32) | + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key); #else /* Use the key id directly as a file name. * psa_is_key_id_valid() in psa_crypto_slot_management.c * is responsible for ensuring that key identifiers do not have a * value that is reserved for non-key files. */ - return( key ); + return key; #endif } @@ -83,42 +65,45 @@ static psa_storage_uid_t psa_its_identifier_of_slot( mbedtls_svc_key_id_t key ) * \param[out] data Buffer where the data is to be written. * \param data_size Size of the \c data buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription */ static psa_status_t psa_crypto_storage_load( - const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size ) + const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; size_t data_length = 0; - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { + return status; + } - status = psa_its_get( data_identifier, 0, (uint32_t) data_size, data, &data_length ); - if( data_size != data_length ) - return( PSA_ERROR_DATA_INVALID ); + status = psa_its_get(data_identifier, 0, (uint32_t) data_size, data, &data_length); + if (data_size != data_length) { + return PSA_ERROR_DATA_INVALID; + } - return( status ); + return status; } -int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) +int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key) { psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( 0 ); - return( 1 ); + if (ret == PSA_ERROR_DOES_NOT_EXIST) { + return 0; + } + return 1; } /** @@ -132,71 +117,71 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ) * \param data_length The number of bytes * that make up the data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ -static psa_status_t psa_crypto_storage_store( const mbedtls_svc_key_id_t key, - const uint8_t *data, - size_t data_length ) +static psa_status_t psa_crypto_storage_store(const mbedtls_svc_key_id_t key, + const uint8_t *data, + size_t data_length) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - if( psa_is_key_present_in_storage( key ) == 1 ) - return( PSA_ERROR_ALREADY_EXISTS ); + if (psa_is_key_present_in_storage(key) == 1) { + return PSA_ERROR_ALREADY_EXISTS; + } - status = psa_its_set( data_identifier, (uint32_t) data_length, data, 0 ); - if( status != PSA_SUCCESS ) - { - return( PSA_ERROR_DATA_INVALID ); + status = psa_its_set(data_identifier, (uint32_t) data_length, data, 0); + if (status != PSA_SUCCESS) { + return PSA_ERROR_DATA_INVALID; } - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - { + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { goto exit; } - if( data_identifier_info.size != data_length ) - { + if (data_identifier_info.size != data_length) { status = PSA_ERROR_DATA_INVALID; goto exit; } exit: - if( status != PSA_SUCCESS ) - { + if (status != PSA_SUCCESS) { /* Remove the file in case we managed to create it but something * went wrong. It's ok if the file doesn't exist. If the file exists * but the removal fails, we're already reporting an error so there's * nothing else we can do. */ - (void) psa_its_remove( data_identifier ); + (void) psa_its_remove(data_identifier); } - return( status ); + return status; } -psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) +psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key) { psa_status_t ret; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret == PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_SUCCESS ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); + if (ret == PSA_ERROR_DOES_NOT_EXIST) { + return PSA_SUCCESS; + } - if( psa_its_remove( data_identifier ) != PSA_SUCCESS ) - return( PSA_ERROR_DATA_INVALID ); + if (psa_its_remove(data_identifier) != PSA_SUCCESS) { + return PSA_ERROR_DATA_INVALID; + } - ret = psa_its_get_info( data_identifier, &data_identifier_info ); - if( ret != PSA_ERROR_DOES_NOT_EXIST ) - return( PSA_ERROR_DATA_INVALID ); + ret = psa_its_get_info(data_identifier, &data_identifier_info); + if (ret != PSA_ERROR_DOES_NOT_EXIST) { + return PSA_ERROR_DATA_INVALID; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** @@ -206,194 +191,207 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ) * is to be obtained. * \param[out] data_length The number of bytes that make up the data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ static psa_status_t psa_crypto_storage_get_data_length( const mbedtls_svc_key_id_t key, - size_t *data_length ) + size_t *data_length) { psa_status_t status; - psa_storage_uid_t data_identifier = psa_its_identifier_of_slot( key ); + psa_storage_uid_t data_identifier = psa_its_identifier_of_slot(key); struct psa_storage_info_t data_identifier_info; - status = psa_its_get_info( data_identifier, &data_identifier_info ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_its_get_info(data_identifier, &data_identifier_info); + if (status != PSA_SUCCESS) { + return status; + } *data_length = (size_t) data_identifier_info.size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /** * Persistent key storage magic header. */ #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" -#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; - uint8_t lifetime[sizeof( psa_key_lifetime_t )]; + uint8_t lifetime[sizeof(psa_key_lifetime_t)]; uint8_t type[2]; uint8_t bits[2]; - uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t policy[sizeof(psa_key_policy_t)]; uint8_t data_len[4]; uint8_t key_data[]; } psa_persistent_key_storage_format; -void psa_format_key_data_for_storage( const uint8_t *data, - const size_t data_length, - const psa_core_key_attributes_t *attr, - uint8_t *storage_data ) +void psa_format_key_data_for_storage(const uint8_t *data, + const size_t data_length, + const psa_core_key_attributes_t *attr, + uint8_t *storage_data) { psa_persistent_key_storage_format *storage_format = (psa_persistent_key_storage_format *) storage_data; - memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ); - MBEDTLS_PUT_UINT32_LE( 0, storage_format->version, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 ); - MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 ); - MBEDTLS_PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 ); - MBEDTLS_PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) ); - MBEDTLS_PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) ); - MBEDTLS_PUT_UINT32_LE( data_length, storage_format->data_len, 0 ); - memcpy( storage_format->key_data, data, data_length ); + memcpy(storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, + PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH); + MBEDTLS_PUT_UINT32_LE(0, storage_format->version, 0); + MBEDTLS_PUT_UINT32_LE(attr->lifetime, storage_format->lifetime, 0); + MBEDTLS_PUT_UINT16_LE((uint16_t) attr->type, storage_format->type, 0); + MBEDTLS_PUT_UINT16_LE((uint16_t) attr->bits, storage_format->bits, 0); + MBEDTLS_PUT_UINT32_LE(attr->policy.usage, storage_format->policy, 0); + MBEDTLS_PUT_UINT32_LE(attr->policy.alg, storage_format->policy, sizeof(uint32_t)); + MBEDTLS_PUT_UINT32_LE(attr->policy.alg2, storage_format->policy, 2 * sizeof(uint32_t)); + MBEDTLS_PUT_UINT32_LE(data_length, storage_format->data_len, 0); + memcpy(storage_format->key_data, data, data_length); } -static psa_status_t check_magic_header( const uint8_t *data ) +static psa_status_t check_magic_header(const uint8_t *data) { - if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER, - PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 ) - return( PSA_ERROR_DATA_INVALID ); - return( PSA_SUCCESS ); + if (memcmp(data, PSA_KEY_STORAGE_MAGIC_HEADER, + PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH) != 0) { + return PSA_ERROR_DATA_INVALID; + } + return PSA_SUCCESS; } -psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, - size_t storage_data_length, - uint8_t **key_data, - size_t *key_data_length, - psa_core_key_attributes_t *attr ) +psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_core_key_attributes_t *attr) { psa_status_t status; const psa_persistent_key_storage_format *storage_format = - (const psa_persistent_key_storage_format *)storage_data; + (const psa_persistent_key_storage_format *) storage_data; uint32_t version; - if( storage_data_length < sizeof(*storage_format) ) - return( PSA_ERROR_DATA_INVALID ); + if (storage_data_length < sizeof(*storage_format)) { + return PSA_ERROR_DATA_INVALID; + } - status = check_magic_header( storage_data ); - if( status != PSA_SUCCESS ) - return( status ); + status = check_magic_header(storage_data); + if (status != PSA_SUCCESS) { + return status; + } - version = MBEDTLS_GET_UINT32_LE( storage_format->version, 0 ); - if( version != 0 ) - return( PSA_ERROR_DATA_INVALID ); + version = MBEDTLS_GET_UINT32_LE(storage_format->version, 0); + if (version != 0) { + return PSA_ERROR_DATA_INVALID; + } - *key_data_length = MBEDTLS_GET_UINT32_LE( storage_format->data_len, 0 ); - if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) || - *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) - return( PSA_ERROR_DATA_INVALID ); + *key_data_length = MBEDTLS_GET_UINT32_LE(storage_format->data_len, 0); + if (*key_data_length > (storage_data_length - sizeof(*storage_format)) || + *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) { + return PSA_ERROR_DATA_INVALID; + } - if( *key_data_length == 0 ) - { + if (*key_data_length == 0) { *key_data = NULL; - } - else - { - *key_data = mbedtls_calloc( 1, *key_data_length ); - if( *key_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( *key_data, storage_format->key_data, *key_data_length ); + } else { + *key_data = mbedtls_calloc(1, *key_data_length); + if (*key_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + memcpy(*key_data, storage_format->key_data, *key_data_length); } - attr->lifetime = MBEDTLS_GET_UINT32_LE( storage_format->lifetime, 0 ); - attr->type = MBEDTLS_GET_UINT16_LE( storage_format->type, 0 ); - attr->bits = MBEDTLS_GET_UINT16_LE( storage_format->bits, 0 ); - attr->policy.usage = MBEDTLS_GET_UINT32_LE( storage_format->policy, 0 ); - attr->policy.alg = MBEDTLS_GET_UINT32_LE( storage_format->policy, sizeof( uint32_t ) ); - attr->policy.alg2 = MBEDTLS_GET_UINT32_LE( storage_format->policy, 2 * sizeof( uint32_t ) ); + attr->lifetime = MBEDTLS_GET_UINT32_LE(storage_format->lifetime, 0); + attr->type = MBEDTLS_GET_UINT16_LE(storage_format->type, 0); + attr->bits = MBEDTLS_GET_UINT16_LE(storage_format->bits, 0); + attr->policy.usage = MBEDTLS_GET_UINT32_LE(storage_format->policy, 0); + attr->policy.alg = MBEDTLS_GET_UINT32_LE(storage_format->policy, sizeof(uint32_t)); + attr->policy.alg2 = MBEDTLS_GET_UINT32_LE(storage_format->policy, 2 * sizeof(uint32_t)); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, - const uint8_t *data, - const size_t data_length ) +psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, + const uint8_t *data, + const size_t data_length) { size_t storage_data_length; uint8_t *storage_data; psa_status_t status; /* All keys saved to persistent storage always have a key context */ - if( data == NULL || data_length == 0 ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if (data == NULL || data_length == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } - if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); - storage_data_length = data_length + sizeof( psa_persistent_key_storage_format ); + if (data_length > PSA_CRYPTO_MAX_STORAGE_SIZE) { + return PSA_ERROR_INSUFFICIENT_STORAGE; + } + storage_data_length = data_length + sizeof(psa_persistent_key_storage_format); - storage_data = mbedtls_calloc( 1, storage_data_length ); - if( storage_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + storage_data = mbedtls_calloc(1, storage_data_length); + if (storage_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - psa_format_key_data_for_storage( data, data_length, attr, storage_data ); + psa_format_key_data_for_storage(data, data_length, attr, storage_data); - status = psa_crypto_storage_store( attr->id, - storage_data, storage_data_length ); + status = psa_crypto_storage_store(attr->id, + storage_data, storage_data_length); - mbedtls_free( storage_data ); + mbedtls_platform_zeroize(storage_data, storage_data_length); + mbedtls_free(storage_data); - return( status ); + return status; } -void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ) +void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length) { - if( key_data != NULL ) - { - mbedtls_platform_zeroize( key_data, key_data_length ); + if (key_data != NULL) { + mbedtls_platform_zeroize(key_data, key_data_length); } - mbedtls_free( key_data ); + mbedtls_free(key_data); } -psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, - uint8_t **data, - size_t *data_length ) +psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, + uint8_t **data, + size_t *data_length) { psa_status_t status = PSA_SUCCESS; uint8_t *loaded_data; size_t storage_data_length = 0; mbedtls_svc_key_id_t key = attr->id; - status = psa_crypto_storage_get_data_length( key, &storage_data_length ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_crypto_storage_get_data_length(key, &storage_data_length); + if (status != PSA_SUCCESS) { + return status; + } - loaded_data = mbedtls_calloc( 1, storage_data_length ); + loaded_data = mbedtls_calloc(1, storage_data_length); - if( loaded_data == NULL ) - return( PSA_ERROR_INSUFFICIENT_MEMORY ); + if (loaded_data == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } - status = psa_crypto_storage_load( key, loaded_data, storage_data_length ); - if( status != PSA_SUCCESS ) + status = psa_crypto_storage_load(key, loaded_data, storage_data_length); + if (status != PSA_SUCCESS) { goto exit; + } - status = psa_parse_key_data_from_storage( loaded_data, storage_data_length, - data, data_length, attr ); + status = psa_parse_key_data_from_storage(loaded_data, storage_data_length, + data, data_length, attr); /* All keys saved to persistent storage always have a key context */ - if( status == PSA_SUCCESS && - ( *data == NULL || *data_length == 0 ) ) + if (status == PSA_SUCCESS && + (*data == NULL || *data_length == 0)) { status = PSA_ERROR_STORAGE_FAILURE; + } exit: - mbedtls_free( loaded_data ); - return( status ); + mbedtls_platform_zeroize(loaded_data, storage_data_length); + mbedtls_free(loaded_data); + return status; } @@ -406,47 +404,48 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, psa_crypto_transaction_t psa_crypto_transaction; -psa_status_t psa_crypto_save_transaction( void ) +psa_status_t psa_crypto_save_transaction(void) { struct psa_storage_info_t p_info; psa_status_t status; - status = psa_its_get_info( PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info ); - if( status == PSA_SUCCESS ) - { + status = psa_its_get_info(PSA_CRYPTO_ITS_TRANSACTION_UID, &p_info); + if (status == PSA_SUCCESS) { /* This shouldn't happen: we're trying to start a transaction while * there is still a transaction that hasn't been replayed. */ - return( PSA_ERROR_CORRUPTION_DETECTED ); + return PSA_ERROR_CORRUPTION_DETECTED; + } else if (status != PSA_ERROR_DOES_NOT_EXIST) { + return status; } - else if( status != PSA_ERROR_DOES_NOT_EXIST ) - return( status ); - return( psa_its_set( PSA_CRYPTO_ITS_TRANSACTION_UID, - sizeof( psa_crypto_transaction ), - &psa_crypto_transaction, - 0 ) ); + return psa_its_set(PSA_CRYPTO_ITS_TRANSACTION_UID, + sizeof(psa_crypto_transaction), + &psa_crypto_transaction, + 0); } -psa_status_t psa_crypto_load_transaction( void ) +psa_status_t psa_crypto_load_transaction(void) { psa_status_t status; size_t length; - status = psa_its_get( PSA_CRYPTO_ITS_TRANSACTION_UID, 0, - sizeof( psa_crypto_transaction ), - &psa_crypto_transaction, &length ); - if( status != PSA_SUCCESS ) - return( status ); - if( length != sizeof( psa_crypto_transaction ) ) - return( PSA_ERROR_DATA_INVALID ); - return( PSA_SUCCESS ); + status = psa_its_get(PSA_CRYPTO_ITS_TRANSACTION_UID, 0, + sizeof(psa_crypto_transaction), + &psa_crypto_transaction, &length); + if (status != PSA_SUCCESS) { + return status; + } + if (length != sizeof(psa_crypto_transaction)) { + return PSA_ERROR_DATA_INVALID; + } + return PSA_SUCCESS; } -psa_status_t psa_crypto_stop_transaction( void ) +psa_status_t psa_crypto_stop_transaction(void) { - psa_status_t status = psa_its_remove( PSA_CRYPTO_ITS_TRANSACTION_UID ); + psa_status_t status = psa_its_remove(PSA_CRYPTO_ITS_TRANSACTION_UID); /* Whether or not updating the storage succeeded, the transaction is * finished now. It's too late to go back, so zero out the in-memory * data. */ - memset( &psa_crypto_transaction, 0, sizeof( psa_crypto_transaction ) ); - return( status ); + memset(&psa_crypto_transaction, 0, sizeof(psa_crypto_transaction)); + return status; } #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ @@ -458,24 +457,21 @@ psa_status_t psa_crypto_stop_transaction( void ) /****************************************************************/ #if defined(MBEDTLS_PSA_INJECT_ENTROPY) -psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, - size_t seed_size ) +psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed, + size_t seed_size) { psa_status_t status; struct psa_storage_info_t p_info; - status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info ); + status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info); - if( PSA_ERROR_DOES_NOT_EXIST == status ) /* No seed exists */ - { - status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 ); - } - else if( PSA_SUCCESS == status ) - { + if (PSA_ERROR_DOES_NOT_EXIST == status) { /* No seed exists */ + status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0); + } else if (PSA_SUCCESS == status) { /* You should not be here. Seed needs to be injected only once */ status = PSA_ERROR_NOT_PERMITTED; } - return( status ); + return status; } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ diff --git a/third_party/mbedtls/repo/library/psa_crypto_storage.h b/third_party/mbedtls/repo/library/psa_crypto_storage.h index 970e1083a70..b6b5e154ad2 100644 --- a/third_party/mbedtls/repo/library/psa_crypto_storage.h +++ b/third_party/mbedtls/repo/library/psa_crypto_storage.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STORAGE_H @@ -35,11 +23,11 @@ extern "C" { /* Limit the maximum key size in storage. This should have no effect * since the key size is limited in memory. */ -#define PSA_CRYPTO_MAX_STORAGE_SIZE ( PSA_BITS_TO_BYTES( PSA_MAX_KEY_BITS ) ) +#define PSA_CRYPTO_MAX_STORAGE_SIZE (PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS)) /* Sanity check: a file size must fit in 32 bits. Allow a generous * 64kB of metadata. */ #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 -#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 +#error "PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000" #endif /** The maximum permitted persistent slot number. @@ -72,7 +60,7 @@ extern "C" { * \retval 1 * Persistent data present for slot number */ -int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); +int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key); /** * \brief Format key data and metadata and save to a location for given key @@ -96,18 +84,18 @@ int psa_is_key_present_in_storage( const mbedtls_svc_key_id_t key ); * \param[in] data Buffer containing the key data. * \param data_length The number of bytes that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ -psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, - const uint8_t *data, - const size_t data_length ); +psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, + const uint8_t *data, + const size_t data_length); /** * \brief Parses key data and metadata and load persistent key for given @@ -129,15 +117,15 @@ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr, * \param[out] data Pointer to an allocated key data buffer on return. * \param[out] data_length The number of bytes that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription */ -psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, - uint8_t **data, - size_t *data_length ); +psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, + uint8_t **data, + size_t *data_length); /** * \brief Remove persistent data for the given key slot number. @@ -148,9 +136,9 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr, * \retval #PSA_SUCCESS * The key was successfully removed, * or the key did not exist. - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ -psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ); +psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key); /** * \brief Free the temporary buffer allocated by psa_load_persistent_key(). @@ -162,7 +150,7 @@ psa_status_t psa_destroy_persistent_key( const mbedtls_svc_key_id_t key ); * \param key_data_length Size of the key data buffer. * */ -void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); +void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length); /** * \brief Formats key data and metadata for persistent storage @@ -173,10 +161,10 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length ); * \param[out] storage_data Output buffer for the formatted data. * */ -void psa_format_key_data_for_storage( const uint8_t *data, - const size_t data_length, - const psa_core_key_attributes_t *attr, - uint8_t *storage_data ); +void psa_format_key_data_for_storage(const uint8_t *data, + const size_t data_length, + const psa_core_key_attributes_t *attr, + uint8_t *storage_data); /** * \brief Parses persistent storage data into key data and metadata @@ -190,19 +178,19 @@ void psa_format_key_data_for_storage( const uint8_t *data, * \param[out] attr On success, the attribute structure is filled * with the loaded key metadata. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ -psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data, - size_t storage_data_length, - uint8_t **key_data, - size_t *key_data_length, - psa_core_key_attributes_t *attr ); +psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, + size_t storage_data_length, + uint8_t **key_data, + size_t *key_data_length, + psa_core_key_attributes_t *attr); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** This symbol is defined if transaction support is required. */ -#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS +#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS 1 #endif #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -220,7 +208,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * This has the value 0, so zero-initialization sets a transaction's type to * this value. */ -#define PSA_CRYPTO_TRANSACTION_NONE ( (psa_crypto_transaction_type_t) 0x0000 ) +#define PSA_CRYPTO_TRANSACTION_NONE ((psa_crypto_transaction_type_t) 0x0000) /** A key creation transaction. * @@ -228,7 +216,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * Keys in RAM or in internal storage are created atomically in storage * (simple file creation), so they do not need a transaction mechanism. */ -#define PSA_CRYPTO_TRANSACTION_CREATE_KEY ( (psa_crypto_transaction_type_t) 0x0001 ) +#define PSA_CRYPTO_TRANSACTION_CREATE_KEY ((psa_crypto_transaction_type_t) 0x0001) /** A key destruction transaction. * @@ -236,7 +224,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * Keys in RAM or in internal storage are destroyed atomically in storage * (simple file deletion), so they do not need a transaction mechanism. */ -#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY ( (psa_crypto_transaction_type_t) 0x0002 ) +#define PSA_CRYPTO_TRANSACTION_DESTROY_KEY ((psa_crypto_transaction_type_t) 0x0002) /** Transaction data. * @@ -274,8 +262,7 @@ typedef uint16_t psa_crypto_transaction_type_t; * in psa_crypto.c. If you add a new type of transaction, be * sure to add code for it in psa_crypto_recover_transaction(). */ -typedef union -{ +typedef union { /* Each element of this union must have the following properties * to facilitate serialization and deserialization: * @@ -284,8 +271,7 @@ typedef union * - Elements of the struct are arranged such a way that there is * no padding. */ - struct psa_crypto_transaction_unknown_s - { + struct psa_crypto_transaction_unknown_s { psa_crypto_transaction_type_t type; uint16_t unused1; uint32_t unused2; @@ -294,8 +280,7 @@ typedef union } unknown; /* ::type is #PSA_CRYPTO_TRANSACTION_CREATE_KEY or * #PSA_CRYPTO_TRANSACTION_DESTROY_KEY. */ - struct psa_crypto_transaction_key_s - { + struct psa_crypto_transaction_key_s { psa_crypto_transaction_type_t type; uint16_t unused1; psa_key_lifetime_t lifetime; @@ -315,7 +300,7 @@ extern psa_crypto_transaction_t psa_crypto_transaction; * \param type The type of transaction to start. */ static inline void psa_crypto_prepare_transaction( - psa_crypto_transaction_type_t type ) + psa_crypto_transaction_type_t type) { psa_crypto_transaction.unknown.type = type; } @@ -325,12 +310,12 @@ static inline void psa_crypto_prepare_transaction( * You may call this function multiple times during a transaction to * atomically update the transaction state. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription */ -psa_status_t psa_crypto_save_transaction( void ); +psa_status_t psa_crypto_save_transaction(void); /** Load the transaction data from storage, if any. * @@ -342,11 +327,11 @@ psa_status_t psa_crypto_save_transaction( void ); * #psa_crypto_transaction. * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no ongoing transaction. - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ -psa_status_t psa_crypto_load_transaction( void ); +psa_status_t psa_crypto_load_transaction(void); /** Indicate that the current transaction is finished. * @@ -366,13 +351,13 @@ psa_status_t psa_crypto_load_transaction( void ); * It was impossible to determine whether there was transaction data * in storage, or the transaction data could not be erased. */ -psa_status_t psa_crypto_stop_transaction( void ); +psa_status_t psa_crypto_stop_transaction(void); /** The ITS file identifier for the transaction data. * * 0xffffffNN = special file; 0x74 = 't' for transaction. */ -#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_key_id_t) 0xffffff74 ) +#define PSA_CRYPTO_ITS_TRANSACTION_UID ((psa_key_id_t) 0xffffff74) #endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */ @@ -383,13 +368,13 @@ psa_status_t psa_crypto_stop_transaction( void ); * * \retval #PSA_SUCCESS * Success - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The entropy seed file already exists. */ -psa_status_t mbedtls_psa_storage_inject_entropy( const unsigned char *seed, - size_t seed_size ); +psa_status_t mbedtls_psa_storage_inject_entropy(const unsigned char *seed, + size_t seed_size); #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ #ifdef __cplusplus diff --git a/third_party/mbedtls/repo/library/psa_its_file.c b/third_party/mbedtls/repo/library/psa_its_file.c index c4782cdba3f..7ac99bd3cc5 100644 --- a/third_party/mbedtls/repo/library/psa_its_file.c +++ b/third_party/mbedtls/repo/library/psa_its_file.c @@ -3,30 +3,14 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_PSA_ITS_FILE_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif #if defined(_WIN32) #include @@ -46,10 +30,10 @@ #define PSA_ITS_STORAGE_FILENAME_PATTERN "%08x%08x" #define PSA_ITS_STORAGE_SUFFIX ".psa_its" #define PSA_ITS_STORAGE_FILENAME_LENGTH \ - ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ - 1 /*terminating null byte*/ ) + (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/) #define PSA_ITS_STORAGE_TEMP \ PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX @@ -63,187 +47,206 @@ * use MoveFileExA with the MOVEFILE_REPLACE_EXISTING flag instead. * Returns 0 on success, nonzero on failure. */ #if defined(_WIN32) -#define rename_replace_existing( oldpath, newpath ) \ - ( ! MoveFileExA( oldpath, newpath, MOVEFILE_REPLACE_EXISTING ) ) +#define rename_replace_existing(oldpath, newpath) \ + (!MoveFileExA(oldpath, newpath, MOVEFILE_REPLACE_EXISTING)) #else -#define rename_replace_existing( oldpath, newpath ) rename( oldpath, newpath ) +#define rename_replace_existing(oldpath, newpath) rename(oldpath, newpath) #endif -typedef struct -{ +typedef struct { uint8_t magic[PSA_ITS_MAGIC_LENGTH]; - uint8_t size[sizeof( uint32_t )]; - uint8_t flags[sizeof( psa_storage_create_flags_t )]; + uint8_t size[sizeof(uint32_t)]; + uint8_t flags[sizeof(psa_storage_create_flags_t)]; } psa_its_file_header_t; -static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) +static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename) { /* Break up the UID into two 32-bit pieces so as not to rely on * long long support in snprintf. */ - mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, - "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", - PSA_ITS_STORAGE_PREFIX, - (unsigned) ( uid >> 32 ), - (unsigned) ( uid & 0xffffffff ), - PSA_ITS_STORAGE_SUFFIX ); + mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned) (uid >> 32), + (unsigned) (uid & 0xffffffff), + PSA_ITS_STORAGE_SUFFIX); } -static psa_status_t psa_its_read_file( psa_storage_uid_t uid, - struct psa_storage_info_t *p_info, - FILE **p_stream ) +static psa_status_t psa_its_read_file(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info, + FILE **p_stream) { char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; psa_its_file_header_t header; size_t n; *p_stream = NULL; - psa_its_fill_filename( uid, filename ); - *p_stream = fopen( filename, "rb" ); - if( *p_stream == NULL ) - return( PSA_ERROR_DOES_NOT_EXIST ); - - n = fread( &header, 1, sizeof( header ), *p_stream ); - if( n != sizeof( header ) ) - return( PSA_ERROR_DATA_CORRUPT ); - if( memcmp( header.magic, PSA_ITS_MAGIC_STRING, - PSA_ITS_MAGIC_LENGTH ) != 0 ) - return( PSA_ERROR_DATA_CORRUPT ); - - p_info->size = ( header.size[0] | - header.size[1] << 8 | - header.size[2] << 16 | - header.size[3] << 24 ); - p_info->flags = ( header.flags[0] | - header.flags[1] << 8 | - header.flags[2] << 16 | - header.flags[3] << 24 ); - return( PSA_SUCCESS ); + psa_its_fill_filename(uid, filename); + *p_stream = fopen(filename, "rb"); + if (*p_stream == NULL) { + return PSA_ERROR_DOES_NOT_EXIST; + } + + n = fread(&header, 1, sizeof(header), *p_stream); + if (n != sizeof(header)) { + return PSA_ERROR_DATA_CORRUPT; + } + if (memcmp(header.magic, PSA_ITS_MAGIC_STRING, + PSA_ITS_MAGIC_LENGTH) != 0) { + return PSA_ERROR_DATA_CORRUPT; + } + + p_info->size = (header.size[0] | + header.size[1] << 8 | + header.size[2] << 16 | + header.size[3] << 24); + p_info->flags = (header.flags[0] | + header.flags[1] << 8 | + header.flags[2] << 16 | + header.flags[3] << 24); + return PSA_SUCCESS; } -psa_status_t psa_its_get_info( psa_storage_uid_t uid, - struct psa_storage_info_t *p_info ) +psa_status_t psa_its_get_info(psa_storage_uid_t uid, + struct psa_storage_info_t *p_info) { psa_status_t status; FILE *stream = NULL; - status = psa_its_read_file( uid, p_info, &stream ); - if( stream != NULL ) - fclose( stream ); - return( status ); + status = psa_its_read_file(uid, p_info, &stream); + if (stream != NULL) { + fclose(stream); + } + return status; } -psa_status_t psa_its_get( psa_storage_uid_t uid, - uint32_t data_offset, - uint32_t data_length, - void *p_data, - size_t *p_data_length ) +psa_status_t psa_its_get(psa_storage_uid_t uid, + uint32_t data_offset, + uint32_t data_length, + void *p_data, + size_t *p_data_length) { psa_status_t status; FILE *stream = NULL; size_t n; struct psa_storage_info_t info; - status = psa_its_read_file( uid, &info, &stream ); - if( status != PSA_SUCCESS ) + status = psa_its_read_file(uid, &info, &stream); + if (status != PSA_SUCCESS) { goto exit; + } status = PSA_ERROR_INVALID_ARGUMENT; - if( data_offset + data_length < data_offset ) + if (data_offset + data_length < data_offset) { goto exit; + } #if SIZE_MAX < 0xffffffff - if( data_offset + data_length > SIZE_MAX ) + if (data_offset + data_length > SIZE_MAX) { goto exit; + } #endif - if( data_offset + data_length > info.size ) + if (data_offset + data_length > info.size) { goto exit; + } status = PSA_ERROR_STORAGE_FAILURE; #if LONG_MAX < 0xffffffff - while( data_offset > LONG_MAX ) - { - if( fseek( stream, LONG_MAX, SEEK_CUR ) != 0 ) + while (data_offset > LONG_MAX) { + if (fseek(stream, LONG_MAX, SEEK_CUR) != 0) { goto exit; + } data_offset -= LONG_MAX; } #endif - if( fseek( stream, data_offset, SEEK_CUR ) != 0 ) + if (fseek(stream, data_offset, SEEK_CUR) != 0) { goto exit; - n = fread( p_data, 1, data_length, stream ); - if( n != data_length ) + } + n = fread(p_data, 1, data_length, stream); + if (n != data_length) { goto exit; + } status = PSA_SUCCESS; - if( p_data_length != NULL ) + if (p_data_length != NULL) { *p_data_length = n; + } exit: - if( stream != NULL ) - fclose( stream ); - return( status ); + if (stream != NULL) { + fclose(stream); + } + return status; } -psa_status_t psa_its_set( psa_storage_uid_t uid, - uint32_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags ) +psa_status_t psa_its_set(psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) { + if (uid == 0) { + return PSA_ERROR_INVALID_HANDLE; + } + psa_status_t status = PSA_ERROR_STORAGE_FAILURE; char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; FILE *stream = NULL; psa_its_file_header_t header; size_t n; - memcpy( header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH ); - MBEDTLS_PUT_UINT32_LE( data_length, header.size, 0 ); - MBEDTLS_PUT_UINT32_LE( create_flags, header.flags, 0 ); + memcpy(header.magic, PSA_ITS_MAGIC_STRING, PSA_ITS_MAGIC_LENGTH); + MBEDTLS_PUT_UINT32_LE(data_length, header.size, 0); + MBEDTLS_PUT_UINT32_LE(create_flags, header.flags, 0); - psa_its_fill_filename( uid, filename ); - stream = fopen( PSA_ITS_STORAGE_TEMP, "wb" ); - if( stream == NULL ) + psa_its_fill_filename(uid, filename); + stream = fopen(PSA_ITS_STORAGE_TEMP, "wb"); + if (stream == NULL) { goto exit; + } status = PSA_ERROR_INSUFFICIENT_STORAGE; - n = fwrite( &header, 1, sizeof( header ), stream ); - if( n != sizeof( header ) ) + n = fwrite(&header, 1, sizeof(header), stream); + if (n != sizeof(header)) { goto exit; - if( data_length != 0 ) - { - n = fwrite( p_data, 1, data_length, stream ); - if( n != data_length ) + } + if (data_length != 0) { + n = fwrite(p_data, 1, data_length, stream); + if (n != data_length) { goto exit; + } } status = PSA_SUCCESS; exit: - if( stream != NULL ) - { - int ret = fclose( stream ); - if( status == PSA_SUCCESS && ret != 0 ) + if (stream != NULL) { + int ret = fclose(stream); + if (status == PSA_SUCCESS && ret != 0) { status = PSA_ERROR_INSUFFICIENT_STORAGE; + } } - if( status == PSA_SUCCESS ) - { - if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 ) + if (status == PSA_SUCCESS) { + if (rename_replace_existing(PSA_ITS_STORAGE_TEMP, filename) != 0) { status = PSA_ERROR_STORAGE_FAILURE; + } } /* The temporary file may still exist, but only in failure cases where * we're already reporting an error. So there's nothing we can do on * failure. If the function succeeded, and in some error cases, the * temporary file doesn't exist and so remove() is expected to fail. * Thus we just ignore the return status of remove(). */ - (void) remove( PSA_ITS_STORAGE_TEMP ); - return( status ); + (void) remove(PSA_ITS_STORAGE_TEMP); + return status; } -psa_status_t psa_its_remove( psa_storage_uid_t uid ) +psa_status_t psa_its_remove(psa_storage_uid_t uid) { char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; FILE *stream; - psa_its_fill_filename( uid, filename ); - stream = fopen( filename, "rb" ); - if( stream == NULL ) - return( PSA_ERROR_DOES_NOT_EXIST ); - fclose( stream ); - if( remove( filename ) != 0 ) - return( PSA_ERROR_STORAGE_FAILURE ); - return( PSA_SUCCESS ); + psa_its_fill_filename(uid, filename); + stream = fopen(filename, "rb"); + if (stream == NULL) { + return PSA_ERROR_DOES_NOT_EXIST; + } + fclose(stream); + if (remove(filename) != 0) { + return PSA_ERROR_STORAGE_FAILURE; + } + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_ITS_FILE_C */ diff --git a/third_party/mbedtls/repo/library/ripemd160.c b/third_party/mbedtls/repo/library/ripemd160.c index aed7322cff5..3e8ede30510 100644 --- a/third_party/mbedtls/repo/library/ripemd160.c +++ b/third_party/mbedtls/repo/library/ripemd160.c @@ -2,19 +2,7 @@ * RIPE MD-160 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -33,32 +21,26 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_RIPEMD160_ALT) -void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); + memset(ctx, 0, sizeof(mbedtls_ripemd160_context)); } -void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ripemd160_context)); } -void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, - const mbedtls_ripemd160_context *src ) +void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst, + const mbedtls_ripemd160_context *src) { *dst = *src; } @@ -66,7 +48,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst, /* * RIPEMD-160 context setup */ -int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ) +int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx) { ctx->total[0] = 0; ctx->total[1] = 0; @@ -77,13 +59,13 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx ) ctx->state[3] = 0x10325476; ctx->state[4] = 0xC3D2E1F0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) +void mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx) { - mbedtls_ripemd160_starts_ret( ctx ); + mbedtls_ripemd160_starts_ret(ctx); } #endif @@ -91,30 +73,29 @@ void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx ) /* * Process one block */ -int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; } local; - local.X[ 0] = MBEDTLS_GET_UINT32_LE( data, 0 ); - local.X[ 1] = MBEDTLS_GET_UINT32_LE( data, 4 ); - local.X[ 2] = MBEDTLS_GET_UINT32_LE( data, 8 ); - local.X[ 3] = MBEDTLS_GET_UINT32_LE( data, 12 ); - local.X[ 4] = MBEDTLS_GET_UINT32_LE( data, 16 ); - local.X[ 5] = MBEDTLS_GET_UINT32_LE( data, 20 ); - local.X[ 6] = MBEDTLS_GET_UINT32_LE( data, 24 ); - local.X[ 7] = MBEDTLS_GET_UINT32_LE( data, 28 ); - local.X[ 8] = MBEDTLS_GET_UINT32_LE( data, 32 ); - local.X[ 9] = MBEDTLS_GET_UINT32_LE( data, 36 ); - local.X[10] = MBEDTLS_GET_UINT32_LE( data, 40 ); - local.X[11] = MBEDTLS_GET_UINT32_LE( data, 44 ); - local.X[12] = MBEDTLS_GET_UINT32_LE( data, 48 ); - local.X[13] = MBEDTLS_GET_UINT32_LE( data, 52 ); - local.X[14] = MBEDTLS_GET_UINT32_LE( data, 56 ); - local.X[15] = MBEDTLS_GET_UINT32_LE( data, 60 ); + local.X[0] = MBEDTLS_GET_UINT32_LE(data, 0); + local.X[1] = MBEDTLS_GET_UINT32_LE(data, 4); + local.X[2] = MBEDTLS_GET_UINT32_LE(data, 8); + local.X[3] = MBEDTLS_GET_UINT32_LE(data, 12); + local.X[4] = MBEDTLS_GET_UINT32_LE(data, 16); + local.X[5] = MBEDTLS_GET_UINT32_LE(data, 20); + local.X[6] = MBEDTLS_GET_UINT32_LE(data, 24); + local.X[7] = MBEDTLS_GET_UINT32_LE(data, 28); + local.X[8] = MBEDTLS_GET_UINT32_LE(data, 32); + local.X[9] = MBEDTLS_GET_UINT32_LE(data, 36); + local.X[10] = MBEDTLS_GET_UINT32_LE(data, 40); + local.X[11] = MBEDTLS_GET_UINT32_LE(data, 44); + local.X[12] = MBEDTLS_GET_UINT32_LE(data, 48); + local.X[13] = MBEDTLS_GET_UINT32_LE(data, 52); + local.X[14] = MBEDTLS_GET_UINT32_LE(data, 56); + local.X[15] = MBEDTLS_GET_UINT32_LE(data, 60); local.A = local.Ap = ctx->state[0]; local.B = local.Bp = ctx->state[1]; @@ -122,50 +103,50 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, local.D = local.Dp = ctx->state[3]; local.E = local.Ep = ctx->state[4]; -#define F1( x, y, z ) ( (x) ^ (y) ^ (z) ) -#define F2( x, y, z ) ( ( (x) & (y) ) | ( ~(x) & (z) ) ) -#define F3( x, y, z ) ( ( (x) | ~(y) ) ^ (z) ) -#define F4( x, y, z ) ( ( (x) & (z) ) | ( (y) & ~(z) ) ) -#define F5( x, y, z ) ( (x) ^ ( (y) | ~(z) ) ) +#define F1(x, y, z) ((x) ^ (y) ^ (z)) +#define F2(x, y, z) (((x) & (y)) | (~(x) & (z))) +#define F3(x, y, z) (((x) | ~(y)) ^ (z)) +#define F4(x, y, z) (((x) & (z)) | ((y) & ~(z))) +#define F5(x, y, z) ((x) ^ ((y) | ~(z))) -#define S( x, n ) ( ( (x) << (n) ) | ( (x) >> (32 - (n)) ) ) +#define S(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) -#define P( a, b, c, d, e, r, s, f, k ) \ +#define P(a, b, c, d, e, r, s, f, k) \ do \ { \ - (a) += f( (b), (c), (d) ) + local.X[r] + (k); \ - (a) = S( (a), (s) ) + (e); \ - (c) = S( (c), 10 ); \ - } while( 0 ) + (a) += f((b), (c), (d)) + local.X[r] + (k); \ + (a) = S((a), (s)) + (e); \ + (c) = S((c), 10); \ + } while (0) -#define P2( a, b, c, d, e, r, s, rp, sp ) \ +#define P2(a, b, c, d, e, r, s, rp, sp) \ do \ { \ - P( (a), (b), (c), (d), (e), (r), (s), F, K ); \ - P( a ## p, b ## p, c ## p, d ## p, e ## p, \ - (rp), (sp), Fp, Kp ); \ - } while( 0 ) + P((a), (b), (c), (d), (e), (r), (s), F, K); \ + P(a ## p, b ## p, c ## p, d ## p, e ## p, \ + (rp), (sp), Fp, Kp); \ + } while (0) #define F F1 #define K 0x00000000 #define Fp F5 #define Kp 0x50A28BE6 - P2( local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9 ); - P2( local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13 ); - P2( local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15 ); - P2( local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15 ); - P2( local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7 ); - P2( local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11 ); - P2( local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14 ); - P2( local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12 ); - P2( local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6 ); + P2(local.A, local.B, local.C, local.D, local.E, 0, 11, 5, 8); + P2(local.E, local.A, local.B, local.C, local.D, 1, 14, 14, 9); + P2(local.D, local.E, local.A, local.B, local.C, 2, 15, 7, 9); + P2(local.C, local.D, local.E, local.A, local.B, 3, 12, 0, 11); + P2(local.B, local.C, local.D, local.E, local.A, 4, 5, 9, 13); + P2(local.A, local.B, local.C, local.D, local.E, 5, 8, 2, 15); + P2(local.E, local.A, local.B, local.C, local.D, 6, 7, 11, 15); + P2(local.D, local.E, local.A, local.B, local.C, 7, 9, 4, 5); + P2(local.C, local.D, local.E, local.A, local.B, 8, 11, 13, 7); + P2(local.B, local.C, local.D, local.E, local.A, 9, 13, 6, 7); + P2(local.A, local.B, local.C, local.D, local.E, 10, 14, 15, 8); + P2(local.E, local.A, local.B, local.C, local.D, 11, 15, 8, 11); + P2(local.D, local.E, local.A, local.B, local.C, 12, 6, 1, 14); + P2(local.C, local.D, local.E, local.A, local.B, 13, 7, 10, 14); + P2(local.B, local.C, local.D, local.E, local.A, 14, 9, 3, 12); + P2(local.A, local.B, local.C, local.D, local.E, 15, 8, 12, 6); #undef F #undef K #undef Fp @@ -175,22 +156,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x5A827999 #define Fp F4 #define Kp 0x5C4DD124 - P2( local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9 ); - P2( local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13 ); - P2( local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15 ); - P2( local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8 ); - P2( local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7 ); - P2( local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7 ); - P2( local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12 ); - P2( local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7 ); - P2( local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13 ); - P2( local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11 ); + P2(local.E, local.A, local.B, local.C, local.D, 7, 7, 6, 9); + P2(local.D, local.E, local.A, local.B, local.C, 4, 6, 11, 13); + P2(local.C, local.D, local.E, local.A, local.B, 13, 8, 3, 15); + P2(local.B, local.C, local.D, local.E, local.A, 1, 13, 7, 7); + P2(local.A, local.B, local.C, local.D, local.E, 10, 11, 0, 12); + P2(local.E, local.A, local.B, local.C, local.D, 6, 9, 13, 8); + P2(local.D, local.E, local.A, local.B, local.C, 15, 7, 5, 9); + P2(local.C, local.D, local.E, local.A, local.B, 3, 15, 10, 11); + P2(local.B, local.C, local.D, local.E, local.A, 12, 7, 14, 7); + P2(local.A, local.B, local.C, local.D, local.E, 0, 12, 15, 7); + P2(local.E, local.A, local.B, local.C, local.D, 9, 15, 8, 12); + P2(local.D, local.E, local.A, local.B, local.C, 5, 9, 12, 7); + P2(local.C, local.D, local.E, local.A, local.B, 2, 11, 4, 6); + P2(local.B, local.C, local.D, local.E, local.A, 14, 7, 9, 15); + P2(local.A, local.B, local.C, local.D, local.E, 11, 13, 1, 13); + P2(local.E, local.A, local.B, local.C, local.D, 8, 12, 2, 11); #undef F #undef K #undef Fp @@ -200,22 +181,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x6ED9EBA1 #define Fp F3 #define Kp 0x6D703EF3 - P2( local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7 ); - P2( local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15 ); - P2( local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11 ); - P2( local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8 ); - P2( local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6 ); - P2( local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14 ); - P2( local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13 ); - P2( local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5 ); - P2( local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7 ); - P2( local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5 ); + P2(local.D, local.E, local.A, local.B, local.C, 3, 11, 15, 9); + P2(local.C, local.D, local.E, local.A, local.B, 10, 13, 5, 7); + P2(local.B, local.C, local.D, local.E, local.A, 14, 6, 1, 15); + P2(local.A, local.B, local.C, local.D, local.E, 4, 7, 3, 11); + P2(local.E, local.A, local.B, local.C, local.D, 9, 14, 7, 8); + P2(local.D, local.E, local.A, local.B, local.C, 15, 9, 14, 6); + P2(local.C, local.D, local.E, local.A, local.B, 8, 13, 6, 6); + P2(local.B, local.C, local.D, local.E, local.A, 1, 15, 9, 14); + P2(local.A, local.B, local.C, local.D, local.E, 2, 14, 11, 12); + P2(local.E, local.A, local.B, local.C, local.D, 7, 8, 8, 13); + P2(local.D, local.E, local.A, local.B, local.C, 0, 13, 12, 5); + P2(local.C, local.D, local.E, local.A, local.B, 6, 6, 2, 14); + P2(local.B, local.C, local.D, local.E, local.A, 13, 5, 10, 13); + P2(local.A, local.B, local.C, local.D, local.E, 11, 12, 0, 13); + P2(local.E, local.A, local.B, local.C, local.D, 5, 7, 4, 7); + P2(local.D, local.E, local.A, local.B, local.C, 12, 5, 13, 5); #undef F #undef K #undef Fp @@ -225,22 +206,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0x8F1BBCDC #define Fp F2 #define Kp 0x7A6D76E9 - P2( local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15 ); - P2( local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5 ); - P2( local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8 ); - P2( local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11 ); - P2( local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14 ); - P2( local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6 ); - P2( local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14 ); - P2( local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6 ); - P2( local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12 ); - P2( local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9 ); - P2( local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5 ); - P2( local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15 ); - P2( local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8 ); + P2(local.C, local.D, local.E, local.A, local.B, 1, 11, 8, 15); + P2(local.B, local.C, local.D, local.E, local.A, 9, 12, 6, 5); + P2(local.A, local.B, local.C, local.D, local.E, 11, 14, 4, 8); + P2(local.E, local.A, local.B, local.C, local.D, 10, 15, 1, 11); + P2(local.D, local.E, local.A, local.B, local.C, 0, 14, 3, 14); + P2(local.C, local.D, local.E, local.A, local.B, 8, 15, 11, 14); + P2(local.B, local.C, local.D, local.E, local.A, 12, 9, 15, 6); + P2(local.A, local.B, local.C, local.D, local.E, 4, 8, 0, 14); + P2(local.E, local.A, local.B, local.C, local.D, 13, 9, 5, 6); + P2(local.D, local.E, local.A, local.B, local.C, 3, 14, 12, 9); + P2(local.C, local.D, local.E, local.A, local.B, 7, 5, 2, 12); + P2(local.B, local.C, local.D, local.E, local.A, 15, 6, 13, 9); + P2(local.A, local.B, local.C, local.D, local.E, 14, 8, 9, 12); + P2(local.E, local.A, local.B, local.C, local.D, 5, 6, 7, 5); + P2(local.D, local.E, local.A, local.B, local.C, 6, 5, 10, 15); + P2(local.C, local.D, local.E, local.A, local.B, 2, 12, 14, 8); #undef F #undef K #undef Fp @@ -250,22 +231,22 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, #define K 0xA953FD4E #define Fp F1 #define Kp 0x00000000 - P2( local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8 ); - P2( local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5 ); - P2( local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12 ); - P2( local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9 ); - P2( local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12 ); - P2( local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5 ); - P2( local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14 ); - P2( local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6 ); - P2( local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8 ); - P2( local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13 ); - P2( local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6 ); - P2( local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5 ); - P2( local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15 ); - P2( local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13 ); - P2( local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11 ); - P2( local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11 ); + P2(local.B, local.C, local.D, local.E, local.A, 4, 9, 12, 8); + P2(local.A, local.B, local.C, local.D, local.E, 0, 15, 15, 5); + P2(local.E, local.A, local.B, local.C, local.D, 5, 5, 10, 12); + P2(local.D, local.E, local.A, local.B, local.C, 9, 11, 4, 9); + P2(local.C, local.D, local.E, local.A, local.B, 7, 6, 1, 12); + P2(local.B, local.C, local.D, local.E, local.A, 12, 8, 5, 5); + P2(local.A, local.B, local.C, local.D, local.E, 2, 13, 8, 14); + P2(local.E, local.A, local.B, local.C, local.D, 10, 12, 7, 6); + P2(local.D, local.E, local.A, local.B, local.C, 14, 5, 6, 8); + P2(local.C, local.D, local.E, local.A, local.B, 1, 12, 2, 13); + P2(local.B, local.C, local.D, local.E, local.A, 3, 13, 13, 6); + P2(local.A, local.B, local.C, local.D, local.E, 8, 14, 14, 5); + P2(local.E, local.A, local.B, local.C, local.D, 11, 11, 0, 15); + P2(local.D, local.E, local.A, local.B, local.C, 6, 8, 3, 13); + P2(local.C, local.D, local.E, local.A, local.B, 15, 5, 9, 11); + P2(local.B, local.C, local.D, local.E, local.A, 13, 6, 11, 11); #undef F #undef K #undef Fp @@ -279,16 +260,16 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, ctx->state[0] = local.C; /* Zeroise variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, - const unsigned char data[64] ) +void mbedtls_ripemd160_process(mbedtls_ripemd160_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_ripemd160_process( ctx, data ); + mbedtls_internal_ripemd160_process(ctx, data); } #endif #endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */ @@ -296,16 +277,17 @@ void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, /* * RIPEMD-160 process buffer */ -int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -313,50 +295,50 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_ripemd160_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_ripemd160_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_ripemd160_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_ripemd160_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - { - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_ripemd160_update_ret( ctx, input, ilen ); + mbedtls_ripemd160_update_ret(ctx, input, ilen); } #endif static const unsigned char ripemd160_padding[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 @@ -365,46 +347,48 @@ static const unsigned char ripemd160_padding[64] = /* * RIPEMD-160 final digest */ -int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ) +int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t last, padn; uint32_t high, low; unsigned char msglen[8]; - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_LE( low, msglen, 0 ); - MBEDTLS_PUT_UINT32_LE( high, msglen, 4 ); + MBEDTLS_PUT_UINT32_LE(low, msglen, 0); + MBEDTLS_PUT_UINT32_LE(high, msglen, 4); last = ctx->total[0] & 0x3F; - padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + padn = (last < 56) ? (56 - last) : (120 - last); - ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ripemd160_update_ret(ctx, ripemd160_padding, padn); + if (ret != 0) { + return ret; + } - ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ripemd160_update_ret(ctx, msglen, 8); + if (ret != 0) { + return ret; + } - MBEDTLS_PUT_UINT32_LE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_LE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_LE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, - unsigned char output[20] ) +void mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx, + unsigned char output[20]) { - mbedtls_ripemd160_finish_ret( ctx, output ); + mbedtls_ripemd160_finish_ret(ctx, output); } #endif @@ -413,36 +397,39 @@ void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, /* * output = RIPEMD-160( input buffer ) */ -int mbedtls_ripemd160_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +int mbedtls_ripemd160_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ripemd160_context ctx; - mbedtls_ripemd160_init( &ctx ); + mbedtls_ripemd160_init(&ctx); - if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_ripemd160_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_ripemd160_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_ripemd160_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_ripemd160_free( &ctx ); + mbedtls_ripemd160_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_ripemd160( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +void mbedtls_ripemd160(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { - mbedtls_ripemd160_ret( input, ilen, output ); + mbedtls_ripemd160_ret(input, ilen, output); } #endif @@ -492,43 +479,46 @@ static const unsigned char ripemd160_test_md[TESTS][20] = /* * Checkup routine */ -int mbedtls_ripemd160_self_test( int verbose ) +int mbedtls_ripemd160_self_test(int verbose) { int i, ret = 0; unsigned char output[20]; - memset( output, 0, sizeof output ); + memset(output, 0, sizeof(output)); - for( i = 0; i < TESTS; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 ); + for (i = 0; i < TESTS; i++) { + if (verbose != 0) { + mbedtls_printf(" RIPEMD-160 test #%d: ", i + 1); + } - ret = mbedtls_ripemd160_ret( ripemd160_test_str[i], - ripemd160_test_strlen[i], output ); - if( ret != 0 ) + ret = mbedtls_ripemd160_ret(ripemd160_test_str[i], + ripemd160_test_strlen[i], output); + if (ret != 0) { goto fail; + } - if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 ) - { + if (memcmp(output, ripemd160_test_md[i], 20) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/rsa.c b/third_party/mbedtls/repo/library/rsa.c index 8a5d40ff1ef..0a0c2e38809 100644 --- a/third_party/mbedtls/repo/library/rsa.c +++ b/third_party/mbedtls/repo/library/rsa.c @@ -2,19 +2,7 @@ * The RSA public-key cryptosystem * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -46,6 +34,7 @@ #include "mbedtls/error.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" +#include "bignum_internal.h" #include @@ -57,80 +46,77 @@ #include #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #if !defined(MBEDTLS_RSA_ALT) /* Parameter validation macros */ -#define RSA_VALIDATE_RET( cond ) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) -#define RSA_VALIDATE( cond ) \ - MBEDTLS_INTERNAL_VALIDATE( cond ) - -int mbedtls_rsa_import( mbedtls_rsa_context *ctx, - const mbedtls_mpi *N, - const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *E ) +#define RSA_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA) +#define RSA_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) + +int mbedtls_rsa_import(mbedtls_rsa_context *ctx, + const mbedtls_mpi *N, + const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *E) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || - ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) || - ( Q != NULL && ( ret = mbedtls_mpi_copy( &ctx->Q, Q ) ) != 0 ) || - ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || - ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((N != NULL && (ret = mbedtls_mpi_copy(&ctx->N, N)) != 0) || + (P != NULL && (ret = mbedtls_mpi_copy(&ctx->P, P)) != 0) || + (Q != NULL && (ret = mbedtls_mpi_copy(&ctx->Q, Q)) != 0) || + (D != NULL && (ret = mbedtls_mpi_copy(&ctx->D, D)) != 0) || + (E != NULL && (ret = mbedtls_mpi_copy(&ctx->E, E)) != 0)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } - if( N != NULL ) - ctx->len = mbedtls_mpi_size( &ctx->N ); + if (N != NULL) { + ctx->len = mbedtls_mpi_size(&ctx->N); + } - return( 0 ); + return 0; } -int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, - unsigned char const *N, size_t N_len, - unsigned char const *P, size_t P_len, - unsigned char const *Q, size_t Q_len, - unsigned char const *D, size_t D_len, - unsigned char const *E, size_t E_len ) +int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, + unsigned char const *N, size_t N_len, + unsigned char const *P, size_t P_len, + unsigned char const *Q, size_t Q_len, + unsigned char const *D, size_t D_len, + unsigned char const *E, size_t E_len) { int ret = 0; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( N != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->N, N, N_len ) ); - ctx->len = mbedtls_mpi_size( &ctx->N ); + if (N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->N, N, N_len)); + ctx->len = mbedtls_mpi_size(&ctx->N); } - if( P != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->P, P, P_len ) ); + if (P != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->P, P, P_len)); + } - if( Q != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->Q, Q, Q_len ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->Q, Q, Q_len)); + } - if( D != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->D, D, D_len ) ); + if (D != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->D, D, D_len)); + } - if( E != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->E, E, E_len ) ); + if (E != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->E, E, E_len)); + } cleanup: - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } - return( 0 ); + return 0; } /* @@ -138,8 +124,8 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, * that the RSA primitives will be able to execute without error. * It does *not* make guarantees for consistency of the parameters. */ -static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, - int blinding_needed ) +static int rsa_check_context(mbedtls_rsa_context const *ctx, int is_priv, + int blinding_needed) { #if !defined(MBEDTLS_RSA_NO_CRT) /* blinding_needed is only used for NO_CRT to decide whether @@ -147,10 +133,9 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, ((void) blinding_needed); #endif - if( ctx->len != mbedtls_mpi_size( &ctx->N ) || - ctx->len > MBEDTLS_MPI_MAX_SIZE ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ctx->len != mbedtls_mpi_size(&ctx->N) || + ctx->len > MBEDTLS_MPI_MAX_SIZE) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } /* @@ -159,23 +144,21 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, /* Modular exponentiation wrt. N is always used for * RSA public key operations. */ - if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->N, 0 ) == 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(&ctx->N, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->N, 0) == 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #if !defined(MBEDTLS_RSA_NO_CRT) /* Modular exponentiation for P and Q is only * used for private key operations and if CRT * is used. */ - if( is_priv && - ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->P, 0 ) == 0 || - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 || - mbedtls_mpi_get_bit( &ctx->Q, 0 ) == 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->P, 0) == 0 || + mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0 || + mbedtls_mpi_get_bit(&ctx->Q, 0) == 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* !MBEDTLS_RSA_NO_CRT */ @@ -184,20 +167,21 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, */ /* Always need E for public key operations */ - if( mbedtls_mpi_cmp_int( &ctx->E, 0 ) <= 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(&ctx->E, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #if defined(MBEDTLS_RSA_NO_CRT) /* For private key operations, use D or DP & DQ * as (unblinded) exponents. */ - if( is_priv && mbedtls_mpi_cmp_int( &ctx->D, 0 ) <= 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && mbedtls_mpi_cmp_int(&ctx->D, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #else - if( is_priv && - ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) <= 0 || - mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) <= 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + (mbedtls_mpi_cmp_int(&ctx->DP, 0) <= 0 || + mbedtls_mpi_cmp_int(&ctx->DQ, 0) <= 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -205,28 +189,26 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, * so check that P, Q >= 1 if that hasn't yet been * done as part of 1. */ #if defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && blinding_needed && - ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && blinding_needed && + (mbedtls_mpi_cmp_int(&ctx->P, 0) <= 0 || + mbedtls_mpi_cmp_int(&ctx->Q, 0) <= 0)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif /* It wouldn't lead to an error if it wasn't satisfied, * but check for QP >= 1 nonetheless. */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && - mbedtls_mpi_cmp_int( &ctx->QP, 0 ) <= 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (is_priv && + mbedtls_mpi_cmp_int(&ctx->QP, 0) <= 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #endif - return( 0 ); + return 0; } -int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) +int mbedtls_rsa_complete(mbedtls_rsa_context *ctx) { int ret = 0; int have_N, have_P, have_Q, have_D, have_E; @@ -235,18 +217,18 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) #endif int n_missing, pq_missing, d_missing, is_pub, is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); - have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); - have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); - have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); - have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); + have_N = (mbedtls_mpi_cmp_int(&ctx->N, 0) != 0); + have_P = (mbedtls_mpi_cmp_int(&ctx->P, 0) != 0); + have_Q = (mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0); + have_D = (mbedtls_mpi_cmp_int(&ctx->D, 0) != 0); + have_E = (mbedtls_mpi_cmp_int(&ctx->E, 0) != 0); #if !defined(MBEDTLS_RSA_NO_CRT) - have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 ); - have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 ); - have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 ); + have_DP = (mbedtls_mpi_cmp_int(&ctx->DP, 0) != 0); + have_DQ = (mbedtls_mpi_cmp_int(&ctx->DQ, 0) != 0); + have_QP = (mbedtls_mpi_cmp_int(&ctx->QP, 0) != 0); #endif /* @@ -267,44 +249,40 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) /* These three alternatives are mutually exclusive */ is_priv = n_missing || pq_missing || d_missing; - if( !is_priv && !is_pub ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (!is_priv && !is_pub) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Step 1: Deduce N if P, Q are provided. */ - if( !have_N && have_P && have_Q ) - { - if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, - &ctx->Q ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (!have_N && have_P && have_Q) { + if ((ret = mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P, + &ctx->Q)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } - ctx->len = mbedtls_mpi_size( &ctx->N ); + ctx->len = mbedtls_mpi_size(&ctx->N); } /* * Step 2: Deduce and verify all remaining core parameters. */ - if( pq_missing ) - { - ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, - &ctx->P, &ctx->Q ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); - - } - else if( d_missing ) - { - if( ( ret = mbedtls_rsa_deduce_private_exponent( &ctx->P, - &ctx->Q, - &ctx->E, - &ctx->D ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (pq_missing) { + ret = mbedtls_rsa_deduce_primes(&ctx->N, &ctx->E, &ctx->D, + &ctx->P, &ctx->Q); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } + + } else if (d_missing) { + if ((ret = mbedtls_rsa_deduce_private_exponent(&ctx->P, + &ctx->Q, + &ctx->E, + &ctx->D)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } } @@ -314,12 +292,12 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) */ #if !defined(MBEDTLS_RSA_NO_CRT) - if( is_priv && ! ( have_DP && have_DQ && have_QP ) ) - { - ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if (is_priv && !(have_DP && have_DQ && have_QP)) { + ret = mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); + } } #endif /* MBEDTLS_RSA_NO_CRT */ @@ -327,94 +305,98 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) * Step 3: Basic sanity checks */ - return( rsa_check_context( ctx, is_priv, 1 ) ); + return rsa_check_context(ctx, is_priv, 1); } -int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, - unsigned char *N, size_t N_len, - unsigned char *P, size_t P_len, - unsigned char *Q, size_t Q_len, - unsigned char *D, size_t D_len, - unsigned char *E, size_t E_len ) +int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, + unsigned char *N, size_t N_len, + unsigned char *P, size_t P_len, + unsigned char *Q, size_t Q_len, + unsigned char *D, size_t D_len, + unsigned char *E, size_t E_len) { int ret = 0; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; - - if( !is_priv ) - { + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; + + if (!is_priv) { /* If we're trying to export private parameters for a public key, * something must be wrong. */ - if( P != NULL || Q != NULL || D != NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (P != NULL || Q != NULL || D != NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } } - if( N != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->N, N, N_len ) ); + if (N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->N, N, N_len)); + } - if( P != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->P, P, P_len ) ); + if (P != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->P, P, P_len)); + } - if( Q != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->Q, Q, Q_len ) ); + if (Q != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->Q, Q, Q_len)); + } - if( D != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->D, D, D_len ) ); + if (D != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->D, D, D_len)); + } - if( E != NULL ) - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->E, E, E_len ) ); + if (E != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&ctx->E, E, E_len)); + } cleanup: - return( ret ); + return ret; } -int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, - mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, - mbedtls_mpi *D, mbedtls_mpi *E ) +int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, + mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, + mbedtls_mpi *D, mbedtls_mpi *E) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; - - if( !is_priv ) - { + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; + + if (!is_priv) { /* If we're trying to export private parameters for a public key, * something must be wrong. */ - if( P != NULL || Q != NULL || D != NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (P != NULL || Q != NULL || D != NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } } /* Export all requested core parameters. */ - if( ( N != NULL && ( ret = mbedtls_mpi_copy( N, &ctx->N ) ) != 0 ) || - ( P != NULL && ( ret = mbedtls_mpi_copy( P, &ctx->P ) ) != 0 ) || - ( Q != NULL && ( ret = mbedtls_mpi_copy( Q, &ctx->Q ) ) != 0 ) || - ( D != NULL && ( ret = mbedtls_mpi_copy( D, &ctx->D ) ) != 0 ) || - ( E != NULL && ( ret = mbedtls_mpi_copy( E, &ctx->E ) ) != 0 ) ) - { - return( ret ); + if ((N != NULL && (ret = mbedtls_mpi_copy(N, &ctx->N)) != 0) || + (P != NULL && (ret = mbedtls_mpi_copy(P, &ctx->P)) != 0) || + (Q != NULL && (ret = mbedtls_mpi_copy(Q, &ctx->Q)) != 0) || + (D != NULL && (ret = mbedtls_mpi_copy(D, &ctx->D)) != 0) || + (E != NULL && (ret = mbedtls_mpi_copy(E, &ctx->E)) != 0)) { + return ret; } - return( 0 ); + return 0; } /* @@ -423,75 +405,74 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * write DER encoded RSA keys. The helper function mbedtls_rsa_deduce_crt * can be used in this case. */ -int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, - mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ) +int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, + mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int is_priv; - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); /* Check if key is private or public */ is_priv = - mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && - mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; + mbedtls_mpi_cmp_int(&ctx->N, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->P, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->Q, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->D, 0) != 0 && + mbedtls_mpi_cmp_int(&ctx->E, 0) != 0; - if( !is_priv ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (!is_priv) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } #if !defined(MBEDTLS_RSA_NO_CRT) /* Export all requested blinding parameters. */ - if( ( DP != NULL && ( ret = mbedtls_mpi_copy( DP, &ctx->DP ) ) != 0 ) || - ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || - ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((DP != NULL && (ret = mbedtls_mpi_copy(DP, &ctx->DP)) != 0) || + (DQ != NULL && (ret = mbedtls_mpi_copy(DQ, &ctx->DQ)) != 0) || + (QP != NULL && (ret = mbedtls_mpi_copy(QP, &ctx->QP)) != 0)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } #else - if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - DP, DQ, QP ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret ) ); + if ((ret = mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + DP, DQ, QP)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, ret); } #endif - return( 0 ); + return 0; } /* * Initialize an RSA context */ -void mbedtls_rsa_init( mbedtls_rsa_context *ctx, - int padding, - int hash_id ) +void mbedtls_rsa_init(mbedtls_rsa_context *ctx, + int padding, + int hash_id) { - RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); + RSA_VALIDATE(ctx != NULL); + RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21); - memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); + memset(ctx, 0, sizeof(mbedtls_rsa_context)); - mbedtls_rsa_set_padding( ctx, padding, hash_id ); + mbedtls_rsa_set_padding(ctx, padding, hash_id); #if defined(MBEDTLS_THREADING_C) /* Set ctx->ver to nonzero to indicate that the mutex has been * initialized and will need to be freed. */ ctx->ver = 1; - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } /* * Set padding for an existing RSA context */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id ) +void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, + int hash_id) { - RSA_VALIDATE( ctx != NULL ); - RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || - padding == MBEDTLS_RSA_PKCS_V21 ); + RSA_VALIDATE(ctx != NULL); + RSA_VALIDATE(padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21); ctx->padding = padding; ctx->hash_id = hash_id; @@ -501,9 +482,9 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, * Get length in bytes of RSA modulus */ -size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) +size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) { - return( ctx->len ); + return ctx->len; } @@ -515,31 +496,31 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) * This generation method follows the RSA key pair generation procedure of * FIPS 186-4 if 2^16 < exponent < 2^256 and nbits = 2048 or nbits = 3072. */ -int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - unsigned int nbits, int exponent ) +int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi H, G, L; int prime_quality = 0; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( f_rng != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(f_rng != NULL); /* * If the modulus is 1024 bit long or shorter, then the security strength of * the RSA algorithm is less than or equal to 80 bits and therefore an error * rate of 2^-80 is sufficient. */ - if( nbits > 1024 ) + if (nbits > 1024) { prime_quality = MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR; + } - mbedtls_mpi_init( &H ); - mbedtls_mpi_init( &G ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&H); + mbedtls_mpi_init(&G); + mbedtls_mpi_init(&L); - if( nbits < 128 || exponent < 3 || nbits % 2 != 0 ) - { + if (nbits < 128 || exponent < 3 || nbits % 2 != 0) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } @@ -550,54 +531,56 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * 2. GCD( E, (P-1)*(Q-1) ) == 1 * 3. E^-1 mod LCM(P-1, Q-1) > 2^( nbits / 2 ) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ctx->E, exponent)); - do - { - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, - prime_quality, f_rng, p_rng ) ); + do { + MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->P, nbits >> 1, + prime_quality, f_rng, p_rng)); - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, - prime_quality, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gen_prime(&ctx->Q, nbits >> 1, + prime_quality, f_rng, p_rng)); /* make sure the difference between p and q is not too small (FIPS 186-4 §B.3.3 step 5.4) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &H, &ctx->P, &ctx->Q ) ); - if( mbedtls_mpi_bitlen( &H ) <= ( ( nbits >= 200 ) ? ( ( nbits >> 1 ) - 99 ) : 0 ) ) + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&H, &ctx->P, &ctx->Q)); + if (mbedtls_mpi_bitlen(&H) <= ((nbits >= 200) ? ((nbits >> 1) - 99) : 0)) { continue; + } /* not required by any standards, but some users rely on the fact that P > Q */ - if( H.s < 0 ) - mbedtls_mpi_swap( &ctx->P, &ctx->Q ); + if (H.s < 0) { + mbedtls_mpi_swap(&ctx->P, &ctx->Q); + } /* Temporarily replace P,Q by P-1, Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->P, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->Q, &ctx->Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &ctx->P, &ctx->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->P, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&ctx->Q, &ctx->Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &ctx->P, &ctx->Q)); /* check GCD( E, (P-1)*(Q-1) ) == 1 (FIPS 186-4 §B.3.1 criterion 2(a)) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H ) ); - if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->E, &H)); + if (mbedtls_mpi_cmp_int(&G, 1) != 0) { continue; + } /* compute smallest possible D = E^-1 mod LCM(P-1, Q-1) (FIPS 186-4 §B.3.1 criterion 3(b)) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->P, &ctx->Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &L, NULL, &H, &G ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D, &ctx->E, &L ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(&G, &ctx->P, &ctx->Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&L, NULL, &H, &G)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&ctx->D, &ctx->E, &L)); - if( mbedtls_mpi_bitlen( &ctx->D ) <= ( ( nbits + 1 ) / 2 ) ) // (FIPS 186-4 §B.3.1 criterion 3(a)) + if (mbedtls_mpi_bitlen(&ctx->D) <= ((nbits + 1) / 2)) { // (FIPS 186-4 §B.3.1 criterion 3(a)) continue; + } break; - } - while( 1 ); + } while (1); /* Restore P,Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->P, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->Q, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->P, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&ctx->Q, &ctx->Q, 1)); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->N, &ctx->P, &ctx->Q)); - ctx->len = mbedtls_mpi_size( &ctx->N ); + ctx->len = mbedtls_mpi_size(&ctx->N); #if !defined(MBEDTLS_RSA_NO_CRT) /* @@ -605,29 +588,29 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * DQ = D mod (Q - 1) * QP = Q^-1 mod P */ - MBEDTLS_MPI_CHK( mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_deduce_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP)); #endif /* MBEDTLS_RSA_NO_CRT */ /* Double-check */ - MBEDTLS_MPI_CHK( mbedtls_rsa_check_privkey( ctx ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_check_privkey(ctx)); cleanup: - mbedtls_mpi_free( &H ); - mbedtls_mpi_free( &G ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&H); + mbedtls_mpi_free(&G); + mbedtls_mpi_free(&L); - if( ret != 0 ) - { - mbedtls_rsa_free( ctx ); + if (ret != 0) { + mbedtls_rsa_free(ctx); - if( ( -ret & ~0x7f ) == 0 ) - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret ); - return( ret ); + if ((-ret & ~0x7f) == 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_KEY_GEN_FAILED, ret); + } + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_GENPRIME */ @@ -635,130 +618,127 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, /* * Check a public RSA key */ -int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) +int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx) { - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 ) - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; + } - if( mbedtls_mpi_bitlen( &ctx->N ) < 128 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_bitlen(&ctx->N) < 128) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_mpi_get_bit( &ctx->E, 0 ) == 0 || - mbedtls_mpi_bitlen( &ctx->E ) < 2 || - mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_get_bit(&ctx->E, 0) == 0 || + mbedtls_mpi_bitlen(&ctx->E) < 2 || + mbedtls_mpi_cmp_mpi(&ctx->E, &ctx->N) >= 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } /* * Check for the consistency of all fields in an RSA private key context */ -int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) +int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx) { - RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET(ctx != NULL); - if( mbedtls_rsa_check_pubkey( ctx ) != 0 || - rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_check_pubkey(ctx) != 0 || + rsa_check_context(ctx, 1 /* private */, 1 /* blinding */) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q, - &ctx->D, &ctx->E, NULL, NULL ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_validate_params(&ctx->N, &ctx->P, &ctx->Q, + &ctx->D, &ctx->E, NULL, NULL) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } #if !defined(MBEDTLS_RSA_NO_CRT) - else if( mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D, - &ctx->DP, &ctx->DQ, &ctx->QP ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + else if (mbedtls_rsa_validate_crt(&ctx->P, &ctx->Q, &ctx->D, + &ctx->DP, &ctx->DQ, &ctx->QP) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } #endif - return( 0 ); + return 0; } /* * Check if contexts holding a public and private key match */ -int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, - const mbedtls_rsa_context *prv ) +int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, + const mbedtls_rsa_context *prv) { - RSA_VALIDATE_RET( pub != NULL ); - RSA_VALIDATE_RET( prv != NULL ); + RSA_VALIDATE_RET(pub != NULL); + RSA_VALIDATE_RET(prv != NULL); - if( mbedtls_rsa_check_pubkey( pub ) != 0 || - mbedtls_rsa_check_privkey( prv ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_rsa_check_pubkey(pub) != 0 || + mbedtls_rsa_check_privkey(prv) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - if( mbedtls_mpi_cmp_mpi( &pub->N, &prv->N ) != 0 || - mbedtls_mpi_cmp_mpi( &pub->E, &prv->E ) != 0 ) - { - return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + if (mbedtls_mpi_cmp_mpi(&pub->N, &prv->N) != 0 || + mbedtls_mpi_cmp_mpi(&pub->E, &prv->E) != 0) { + return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( 0 ); + return 0; } /* * Do an RSA public key operation */ -int mbedtls_rsa_public( mbedtls_rsa_context *ctx, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_public(mbedtls_rsa_context *ctx, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; mbedtls_mpi T; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(output != NULL); - if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (rsa_check_context(ctx, 0 /* public */, 0 /* no blinding */)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len)); - if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) - { + if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } olen = ctx->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, &ctx->E, &ctx->N, &ctx->RN)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen)); cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PUBLIC_FAILED, ret); + } - return( 0 ); + return 0; } /* @@ -767,63 +747,102 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * Berlin Heidelberg, 1996. p. 104-113. */ -static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +static int rsa_prepare_blinding(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret, count = 0; mbedtls_mpi R; - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&R); - if( ctx->Vf.p != NULL ) - { + if (ctx->Vf.p != NULL) { /* We already have blinding values, just update them by squaring */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vf, &ctx->Vf, &ctx->Vf)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vf, &ctx->Vf, &ctx->N)); goto cleanup; } /* Unblinding value: Vf = random number, invertible mod N */ do { - if( count++ > 10 ) - { + if (count++ > 10) { ret = MBEDTLS_ERR_RSA_RNG_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&ctx->Vf, ctx->len - 1, f_rng, p_rng)); /* Compute Vf^-1 as R * (R Vf)^-1 to avoid leaks from inv_mod. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, ctx->len - 1, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vf, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, ctx->len - 1, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vf, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); /* At this point, Vi is invertible mod N if and only if both Vf and R * are invertible mod N. If one of them isn't, we don't need to know * which one, we just loop and choose new values for both of them. * (Each iteration succeeds with overwhelming probability.) */ - ret = mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vi, &ctx->N ); - if( ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) + ret = mbedtls_mpi_inv_mod(&ctx->Vi, &ctx->Vi, &ctx->N); + if (ret != 0 && ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) { goto cleanup; + } - } while( ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); + } while (ret == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE); /* Finish the computation of Vf^-1 = R * (R Vf)^-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&ctx->Vi, &ctx->Vi, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&ctx->Vi, &ctx->Vi, &ctx->N)); /* Blinding value: Vi = Vf^(-e) mod N * (Vi already contains Vf^-1 at this point) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN)); + + +cleanup: + mbedtls_mpi_free(&R); + + return ret; +} + +/* + * Unblind + * T = T * Vf mod N + */ +static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, const mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + const size_t nlimbs = N->n; + const size_t tlimbs = 2 * (nlimbs + 1); + + mbedtls_mpi_uint mm = mbedtls_mpi_montmul_init(N->p); + mbedtls_mpi RR, M_T; + + mbedtls_mpi_init(&RR); + mbedtls_mpi_init(&M_T); + + MBEDTLS_MPI_CHK(mbedtls_mpi_get_mont_r2_unsafe(&RR, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&M_T, tlimbs)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(T, nlimbs)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Vf, nlimbs)); + + /* T = T * Vf mod N + * Reminder: montmul(A, B, N) = A * B * R^-1 mod N + * Usually both operands are multiplied by R mod N beforehand, yielding a + * result that's also * R mod N (aka "in the Montgomery domain"). Here we + * only multiply one operand by R mod N, so the result is directly what we + * want - no need to call `mpi_montred()` on it. */ + mbedtls_mpi_montmul(T, &RR, N, mm, &M_T); + mbedtls_mpi_montmul(T, Vf, N, mm, &M_T); cleanup: - mbedtls_mpi_free( &R ); - return( ret ); + mbedtls_mpi_free(&RR); + mbedtls_mpi_free(&M_T); + + return ret; } /* @@ -832,10 +851,10 @@ static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, * the more bits of the key can be recovered. See [3]. * * Collecting n collisions with m bit long blinding value requires 2^(m-m/n) - * observations on avarage. + * observations on average. * * For example with 28 byte blinding to achieve 2 collisions the adversary has - * to make 2^112 observations on avarage. + * to make 2^112 observations on average. * * (With the currently (as of 2017 April) known best algorithms breaking 2048 * bit RSA requires approximately as much time as trying out 2^112 random keys. @@ -850,11 +869,11 @@ static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, /* * Do an RSA private key operation */ -int mbedtls_rsa_private( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_private(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + const unsigned char *input, + unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; @@ -889,112 +908,110 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, /* Temporaries holding the initial input and the double * checked result; should be the same in the end. */ - mbedtls_mpi I, C; + mbedtls_mpi input_blinded, check_result_blinded; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(output != NULL); - if( rsa_check_context( ctx, 1 /* private key checks */, - f_rng != NULL /* blinding y/n */ ) != 0 ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (rsa_check_context(ctx, 1 /* private key checks */, + f_rng != NULL /* blinding y/n */) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif /* MPI Initialization */ - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&T); - mbedtls_mpi_init( &P1 ); - mbedtls_mpi_init( &Q1 ); - mbedtls_mpi_init( &R ); + mbedtls_mpi_init(&P1); + mbedtls_mpi_init(&Q1); + mbedtls_mpi_init(&R); - if( f_rng != NULL ) - { + if (f_rng != NULL) { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_init( &D_blind ); + mbedtls_mpi_init(&D_blind); #else - mbedtls_mpi_init( &DP_blind ); - mbedtls_mpi_init( &DQ_blind ); + mbedtls_mpi_init(&DP_blind); + mbedtls_mpi_init(&DQ_blind); #endif } #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ ); + mbedtls_mpi_init(&TP); mbedtls_mpi_init(&TQ); #endif - mbedtls_mpi_init( &I ); - mbedtls_mpi_init( &C ); + mbedtls_mpi_init(&input_blinded); + mbedtls_mpi_init(&check_result_blinded); /* End of MPI initialization */ - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); - if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&T, input, ctx->len)); + if (mbedtls_mpi_cmp_mpi(&T, &ctx->N) >= 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) ); - - if( f_rng != NULL ) - { + if (f_rng != NULL) { /* * Blinding * T = T * Vi mod N */ - MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); + MBEDTLS_MPI_CHK(rsa_prepare_blinding(ctx, f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); /* * Exponent blinding */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P1, &ctx->P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q1, &ctx->Q, 1)); #if defined(MBEDTLS_RSA_NO_CRT) /* * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &P1, &Q1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &D_blind, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&D_blind, &D_blind, &ctx->D)); D = &D_blind; #else /* * DP_blind = ( P - 1 ) * R + DP */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind, - &ctx->DP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DP_blind, &P1, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DP_blind, &DP_blind, + &ctx->DP)); DP = &DP_blind; /* * DQ_blind = ( Q - 1 ) * R + DQ */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING, - f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind, - &ctx->DQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_fill_random(&R, RSA_EXPONENT_BLINDING, + f_rng, p_rng)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DQ_blind, &Q1, &R)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DQ_blind, &DQ_blind, + &ctx->DQ)); DQ = &DQ_blind; #endif /* MBEDTLS_RSA_NO_CRT */ } + /* Make a copy of the input (after blinding if there was any) */ + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&input_blinded, &T)); + #if defined(MBEDTLS_RSA_NO_CRT) - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, D, &ctx->N, &ctx->RN)); #else /* * Faster decryption using the CRT @@ -1003,78 +1020,76 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * TQ = input ^ dQ mod Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TP, &T, DP, &ctx->P, &ctx->RP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TQ, &T, DQ, &ctx->Q, &ctx->RQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TP, &T, DP, &ctx->P, &ctx->RP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TQ, &T, DQ, &ctx->Q, &ctx->RQ)); /* * T = (TP - TQ) * (Q^-1 mod P) mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &TP, &TQ ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->QP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &TP, &ctx->P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&T, &TP, &TQ)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->QP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &TP, &ctx->P)); /* * T = TQ + T * Q */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&TP, &T, &ctx->Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&T, &TQ, &TP)); #endif /* MBEDTLS_RSA_NO_CRT */ - if( f_rng != NULL ) - { + /* Verify the result to prevent glitching attacks. */ + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&check_result_blinded, &T, &ctx->E, + &ctx->N, &ctx->RN)); + if (mbedtls_mpi_cmp_mpi(&check_result_blinded, &input_blinded) != 0) { + ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; + goto cleanup; + } + + if (f_rng != NULL) { /* * Unblind * T = T * Vf mod N */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); - } - - /* Verify the result to prevent glitching attacks. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E, - &ctx->N, &ctx->RN ) ); - if( mbedtls_mpi_cmp_mpi( &C, &I ) != 0 ) - { - ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; - goto cleanup; + MBEDTLS_MPI_CHK(rsa_unblind(&T, &ctx->Vf, &ctx->N)); } olen = ctx->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen)); cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - mbedtls_mpi_free( &P1 ); - mbedtls_mpi_free( &Q1 ); - mbedtls_mpi_free( &R ); + mbedtls_mpi_free(&P1); + mbedtls_mpi_free(&Q1); + mbedtls_mpi_free(&R); - if( f_rng != NULL ) - { + if (f_rng != NULL) { #if defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &D_blind ); + mbedtls_mpi_free(&D_blind); #else - mbedtls_mpi_free( &DP_blind ); - mbedtls_mpi_free( &DQ_blind ); + mbedtls_mpi_free(&DP_blind); + mbedtls_mpi_free(&DQ_blind); #endif } - mbedtls_mpi_free( &T ); + mbedtls_mpi_free(&T); #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &TP ); mbedtls_mpi_free( &TQ ); + mbedtls_mpi_free(&TP); mbedtls_mpi_free(&TQ); #endif - mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &I ); + mbedtls_mpi_free(&check_result_blinded); + mbedtls_mpi_free(&input_blinded); - if( ret != 0 && ret >= -0x007f ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret ) ); + if (ret != 0 && ret >= -0x007f) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret); + } - return( ret ); + return ret; } #if defined(MBEDTLS_PKCS1_V21) @@ -1087,8 +1102,8 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * \param slen length of the source buffer * \param md_ctx message digest context to use */ -static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, - size_t slen, mbedtls_md_context_t *md_ctx ) +static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, + size_t slen, mbedtls_md_context_t *md_ctx) { unsigned char mask[MBEDTLS_MD_MAX_SIZE]; unsigned char counter[4]; @@ -1097,31 +1112,36 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t i, use_len; int ret = 0; - memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); - memset( counter, 0, 4 ); + memset(mask, 0, MBEDTLS_MD_MAX_SIZE); + memset(counter, 0, 4); - hlen = mbedtls_md_get_size( md_ctx->md_info ); + hlen = mbedtls_md_get_size(md_ctx->md_info); /* Generate and apply dbMask */ p = dst; - while( dlen > 0 ) - { + while (dlen > 0) { use_len = hlen; - if( dlen < hlen ) + if (dlen < hlen) { use_len = dlen; + } - if( ( ret = mbedtls_md_starts( md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( md_ctx, src, slen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(md_ctx, src, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( md_ctx, counter, 4 ) ) != 0 ) + } + if ((ret = mbedtls_md_update(md_ctx, counter, 4)) != 0) { goto exit; - if( ( ret = mbedtls_md_finish( md_ctx, mask ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(md_ctx, mask)) != 0) { goto exit; + } - for( i = 0; i < use_len; ++i ) + for (i = 0; i < use_len; ++i) { *p++ ^= mask[i]; + } counter[3]++; @@ -1129,9 +1149,9 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, } exit: - mbedtls_platform_zeroize( mask, sizeof( mask ) ); + mbedtls_platform_zeroize(mask, sizeof(mask)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1139,14 +1159,14 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function */ -int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output) { size_t olen; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1155,72 +1175,83 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); - RSA_VALIDATE_RET( label_len == 0 || label != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); + RSA_VALIDATE_RET(label_len == 0 || label != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); /* first comparison checks for overflow */ - if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - memset( output, 0, olen ); + memset(output, 0, olen); *p++ = 0; /* Generate a random octet string seed */ - if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if ((ret = f_rng(p_rng, p, hlen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p += hlen; /* Construct DB */ - if( ( ret = mbedtls_md( md_info, label, label_len, p ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_md(md_info, label, label_len, p)) != 0) { + return ret; + } p += hlen; p += olen - 2 * hlen - 2 - ilen; *p++ = 1; - if( ilen != 0 ) - memcpy( p, input, ilen ); + if (ilen != 0) { + memcpy(p, input, ilen); + } - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } /* maskedDB: Apply dbMask to DB */ - if( ( ret = mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(output + hlen + 1, olen - hlen - 1, output + 1, hlen, + &md_ctx)) != 0) { goto exit; + } /* maskedSeed: Apply seedMask to seed */ - if( ( ret = mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(output + 1, hlen, output + hlen + 1, olen - hlen - 1, + &md_ctx)) != 0) { goto exit; + } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, output, output) + : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1228,107 +1259,108 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function */ -int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output) { size_t nb_pad, olen; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = output; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; /* first comparison checks for overflow */ - if( ilen + 11 < ilen || olen < ilen + 11 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen + 11 < ilen || olen < ilen + 11) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad = olen - 3 - ilen; *p++ = 0; - if( mode == MBEDTLS_RSA_PUBLIC ) - { - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PUBLIC) { + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } *p++ = MBEDTLS_RSA_CRYPT; - while( nb_pad-- > 0 ) - { + while (nb_pad-- > 0) { int rng_dl = 100; do { - ret = f_rng( p_rng, p, 1 ); - } while( *p == 0 && --rng_dl && ret == 0 ); + ret = f_rng(p_rng, p, 1); + } while (*p == 0 && --rng_dl && ret == 0); /* Check if RNG failed to generate data */ - if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if (rng_dl == 0 || ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p++; } - } - else - { + } else { *p++ = MBEDTLS_RSA_SIGN; - while( nb_pad-- > 0 ) + while (nb_pad-- > 0) { *p++ = 0xFF; + } } *p++ = 0; - if( ilen != 0 ) - memcpy( p, input, ilen ); + if (ilen != 0) { + memcpy(p, input, ilen); + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, output, output) + : mbedtls_rsa_private(ctx, f_rng, p_rng, output, output); } #endif /* MBEDTLS_PKCS1_V15 */ /* * Add the message padding, then do an RSA operation */ -int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ) +int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output != NULL ); - RSA_VALIDATE_RET( ilen == 0 || input != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output != NULL); + RSA_VALIDATE_RET(ilen == 0 || input != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, - input, output ); + return mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx, f_rng, p_rng, mode, ilen, + input, output); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, - ilen, input, output ); + return mbedtls_rsa_rsaes_oaep_encrypt(ctx, f_rng, p_rng, mode, NULL, 0, + ilen, input, output); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } @@ -1336,90 +1368,95 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function */ -int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - const unsigned char *label, size_t label_len, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, pad_len; - unsigned char *p, bad, pad_done; + unsigned char *p, pad_done; + int bad; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( label_len == 0 || label != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(label_len == 0 || label != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); /* * Parameters sanity checks */ - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } ilen = ctx->len; - if( ilen < 16 || ilen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen < 16 || ilen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); // checking for integer underflow - if( 2 * hlen + 2 > ilen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (2 * hlen + 2 > ilen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * RSA operation */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, input, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf); - if( ret != 0 ) + if (ret != 0) { goto cleanup; + } /* * Unmask data and generate lHash */ - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) - { - mbedtls_md_free( &md_ctx ); + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { + mbedtls_md_free(&md_ctx); goto cleanup; } /* seed: Apply seedMask to maskedSeed */ - if( ( ret = mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, - &md_ctx ) ) != 0 || - /* DB: Apply dbMask to maskedDB */ - ( ret = mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, - &md_ctx ) ) != 0 ) - { - mbedtls_md_free( &md_ctx ); + if ((ret = mgf_mask(buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, + &md_ctx)) != 0 || + /* DB: Apply dbMask to maskedDB */ + (ret = mgf_mask(buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, + &md_ctx)) != 0) { + mbedtls_md_free(&md_ctx); goto cleanup; } - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); /* Generate lHash */ - if( ( ret = mbedtls_md( md_info, label, label_len, lhash ) ) != 0 ) + if ((ret = mbedtls_md(md_info, label, label_len, lhash)) != 0) { goto cleanup; + } /* * Check contents, in "constant-time" @@ -1432,17 +1469,16 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, p += hlen; /* Skip seed */ /* Check lHash */ - for( i = 0; i < hlen; i++ ) - bad |= lhash[i] ^ *p++; + bad |= mbedtls_ct_memcmp(lhash, p, hlen); + p += hlen; /* Get zero-padding len, but always read till end of buffer * (minus one, for the 01 byte) */ pad_len = 0; pad_done = 0; - for( i = 0; i < ilen - 2 * hlen - 2; i++ ) - { + for (i = 0; i < ilen - 2 * hlen - 2; i++) { pad_done |= p[i]; - pad_len += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; + pad_len += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; } p += pad_len; @@ -1454,28 +1490,27 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between * the different error conditions. */ - if( bad != 0 ) - { + if (bad != 0) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto cleanup; } - if( ilen - ( p - buf ) > output_max_len ) - { + if (ilen - (p - buf) > output_max_len) { ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; goto cleanup; } *olen = ilen - (p - buf); - if( *olen != 0 ) - memcpy( output, p, *olen ); + if (*olen != 0) { + memcpy(output, p, *olen); + } ret = 0; cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); - mbedtls_platform_zeroize( lhash, sizeof( lhash ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); + mbedtls_platform_zeroize(lhash, sizeof(lhash)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1483,99 +1518,101 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function */ -int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); ilen = ctx->len; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( ilen < 16 || ilen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (ilen < 16 || ilen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, input, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, input, buf); - if( ret != 0 ) + if (ret != 0) { goto cleanup; + } - ret = mbedtls_ct_rsaes_pkcs1_v15_unpadding( mode, buf, ilen, - output, output_max_len, olen ); + ret = mbedtls_ct_rsaes_pkcs1_v15_unpadding(mode, buf, ilen, + output, output_max_len, olen); cleanup: - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation, then remove the message padding */ -int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len) +int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); - RSA_VALIDATE_RET( input != NULL ); - RSA_VALIDATE_RET( olen != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(output_max_len == 0 || output != NULL); + RSA_VALIDATE_RET(input != NULL); + RSA_VALIDATE_RET(olen != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, - input, output, output_max_len ); + return mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx, f_rng, p_rng, mode, olen, + input, output, output_max_len); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, - olen, input, output, - output_max_len ); + return mbedtls_rsa_rsaes_oaep_decrypt(ctx, f_rng, p_rng, mode, NULL, 0, + olen, input, output, + output_max_len); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } #if defined(MBEDTLS_PKCS1_V21) -static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ) +static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) { size_t olen; unsigned char *p = sig; @@ -1585,152 +1622,161 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (f_rng == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } olen = ctx->len; - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); } - md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ctx->hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); - if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY) - { - /* Calculate the largest possible salt length, up to the hash size. - * Normally this is the hash length, which is the maximum salt length - * according to FIPS 185-4 §5.5 (e) and common practice. If there is not - * enough room, use the maximum salt length that fits. The constraint is - * that the hash length plus the salt length plus 2 bytes must be at most - * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017 - * (PKCS#1 v2.2) §9.1.1 step 3. */ + if (saltlen == MBEDTLS_RSA_SALT_LEN_ANY) { + /* Calculate the largest possible salt length, up to the hash size. + * Normally this is the hash length, which is the maximum salt length + * according to FIPS 185-4 §5.5 (e) and common practice. If there is not + * enough room, use the maximum salt length that fits. The constraint is + * that the hash length plus the salt length plus 2 bytes must be at most + * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017 + * (PKCS#1 v2.2) §9.1.1 step 3. */ min_slen = hlen - 2; - if( olen < hlen + min_slen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - else if( olen >= hlen + hlen + 2 ) + if (olen < hlen + min_slen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } else if (olen >= hlen + hlen + 2) { slen = hlen; - else + } else { slen = olen - hlen - 2; - } - else if ( (saltlen < 0) || (saltlen + hlen + 2 > olen) ) - { - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - } - else - { + } + } else if ((saltlen < 0) || (saltlen + hlen + 2 > olen)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } else { slen = (size_t) saltlen; } - memset( sig, 0, olen ); + memset(sig, 0, olen); /* Note: EMSA-PSS encoding is over the length of N - 1 bits */ - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; p += olen - hlen - slen - 2; *p++ = 0x01; /* Generate salt of length slen in place in the encoded message */ salt = p; - if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); + if ((ret = f_rng(p_rng, salt, slen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_RNG_FAILED, ret); + } p += slen; - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } /* Generate H = Hash( M' ) */ - if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) + if ((ret = mbedtls_md_starts(&md_ctx)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, p, 8 ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, p, 8)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, hash, hashlen)) != 0) { goto exit; - if( ( ret = mbedtls_md_update( &md_ctx, salt, slen ) ) != 0 ) + } + if ((ret = mbedtls_md_update(&md_ctx, salt, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md_finish( &md_ctx, p ) ) != 0 ) + } + if ((ret = mbedtls_md_finish(&md_ctx, p)) != 0) { goto exit; + } /* Compensate for boundary condition when applying mask */ - if( msb % 8 == 0 ) + if (msb % 8 == 0) { offset = 1; + } /* maskedDB: Apply dbMask to DB */ - if( ( ret = mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, - &md_ctx ) ) != 0 ) + if ((ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, + &md_ctx)) != 0) { goto exit; + } - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; - sig[0] &= 0xFF >> ( olen * 8 - msb ); + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; + sig[0] &= 0xFF >> (olen * 8 - msb); p += hlen; *p++ = 0xBC; exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, sig ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); + return (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, sig) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig); } /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with * the option to pass in the salt length. */ -int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, - hashlen, hash, saltlen, sig ); + return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, + hashlen, hash, saltlen, sig); } /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function */ -int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig ); + return rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1757,11 +1803,11 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * - dst points to a buffer of size at least dst_len. * */ -static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - size_t dst_len, - unsigned char *dst ) +static int rsa_rsassa_pkcs1_v15_encode(mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + size_t dst_len, + unsigned char *dst) { size_t oid_size = 0; size_t nb_pad = dst_len; @@ -1769,23 +1815,25 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, const char *oid = NULL; /* Are we signing hashed or raw data? */ - if( md_alg != MBEDTLS_MD_NONE ) - { - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (md_alg != MBEDTLS_MD_NONE) { + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); /* Double-check that 8 + hashlen + oid_size can be used as a * 1-byte ASN.1 length encoding and that there's no overflow. */ - if( 8 + hashlen + oid_size >= 0x80 || + if (8 + hashlen + oid_size >= 0x80 || 10 + hashlen < hashlen || - 10 + hashlen + oid_size < 10 + hashlen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + 10 + hashlen + oid_size < 10 + hashlen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Static bounds check: @@ -1795,22 +1843,23 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * - Need hashlen bytes for hash * - Need oid_size bytes for hash alg OID. */ - if( nb_pad < 10 + hashlen + oid_size ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (nb_pad < 10 + hashlen + oid_size) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= 10 + hashlen + oid_size; - } - else - { - if( nb_pad < hashlen ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + } else { + if (nb_pad < hashlen) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= hashlen; } /* Need space for signature header and padding delimiter (3 bytes), * and 8 bytes for the minimal padding */ - if( nb_pad < 3 + 8 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (nb_pad < 3 + 8) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } nb_pad -= 3; /* Now nb_pad is the amount of memory to be filled @@ -1819,15 +1868,14 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Write signature header and padding */ *p++ = 0; *p++ = MBEDTLS_RSA_SIGN; - memset( p, 0xFF, nb_pad ); + memset(p, 0xFF, nb_pad); p += nb_pad; *p++ = 0; /* Are we signing raw data? */ - if( md_alg == MBEDTLS_MD_NONE ) - { - memcpy( p, hash, hashlen ); - return( 0 ); + if (md_alg == MBEDTLS_MD_NONE) { + memcpy(p, hash, hashlen); + return 0; } /* Signing hashed data, add corresponding ASN.1 structure @@ -1844,73 +1892,73 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, * TAG-OCTET + LEN [ HASH ] ] */ *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char)( 0x08 + oid_size + hashlen ); + *p++ = (unsigned char) (0x08 + oid_size + hashlen); *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED; - *p++ = (unsigned char)( 0x04 + oid_size ); + *p++ = (unsigned char) (0x04 + oid_size); *p++ = MBEDTLS_ASN1_OID; *p++ = (unsigned char) oid_size; - memcpy( p, oid, oid_size ); + memcpy(p, oid, oid_size); p += oid_size; *p++ = MBEDTLS_ASN1_NULL; *p++ = 0x00; *p++ = MBEDTLS_ASN1_OCTET_STRING; *p++ = (unsigned char) hashlen; - memcpy( p, hash, hashlen ); + memcpy(p, hash, hashlen); p += hashlen; /* Just a sanity-check, should be automatic * after the initial bounds check. */ - if( p != dst + dst_len ) - { - mbedtls_platform_zeroize( dst, dst_len ); - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (p != dst + dst_len) { + mbedtls_platform_zeroize(dst, dst_len); + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - return( 0 ); + return 0; } /* * Do an RSA operation to sign the message digest */ -int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *sig_try = NULL, *verif = NULL; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Prepare PKCS1-v1.5 encoding (padding and hash identifier) */ - if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, - ctx->len, sig ) ) != 0 ) - return( ret ); + if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash, + ctx->len, sig)) != 0) { + return ret; + } /* * Call respective RSA primitive */ - if( mode == MBEDTLS_RSA_PUBLIC ) - { + if (mode == MBEDTLS_RSA_PUBLIC) { /* Skip verification on a public key operation */ - return( mbedtls_rsa_public( ctx, sig, sig ) ); + return mbedtls_rsa_public(ctx, sig, sig); } /* Private key operation @@ -1919,76 +1967,75 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * temporary buffer and check it before returning it. */ - sig_try = mbedtls_calloc( 1, ctx->len ); - if( sig_try == NULL ) - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + sig_try = mbedtls_calloc(1, ctx->len); + if (sig_try == NULL) { + return MBEDTLS_ERR_MPI_ALLOC_FAILED; + } - verif = mbedtls_calloc( 1, ctx->len ); - if( verif == NULL ) - { - mbedtls_free( sig_try ); - return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); + verif = mbedtls_calloc(1, ctx->len); + if (verif == NULL) { + mbedtls_free(sig_try); + return MBEDTLS_ERR_MPI_ALLOC_FAILED; } - MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig_try)); + MBEDTLS_MPI_CHK(mbedtls_rsa_public(ctx, sig_try, verif)); - if( mbedtls_ct_memcmp( verif, sig, ctx->len ) != 0 ) - { + if (mbedtls_ct_memcmp(verif, sig, ctx->len) != 0) { ret = MBEDTLS_ERR_RSA_PRIVATE_FAILED; goto cleanup; } - memcpy( sig, sig_try, ctx->len ); + memcpy(sig, sig_try, ctx->len); cleanup: - mbedtls_platform_zeroize( sig_try, ctx->len ); - mbedtls_platform_zeroize( verif, ctx->len ); - mbedtls_free( sig_try ); - mbedtls_free( verif ); - - if( ret != 0 ) - memset( sig, '!', ctx->len ); - return( ret ); + mbedtls_platform_zeroize(sig_try, ctx->len); + mbedtls_platform_zeroize(verif, ctx->len); + mbedtls_free(sig_try); + mbedtls_free(verif); + + if (ret != 0) { + memset(sig, '!', ctx->len); + } + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation to sign the message digest */ -int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ) +int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - RSA_VALIDATE_RET( sig != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + RSA_VALIDATE_RET(sig != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_sign(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } @@ -1996,16 +2043,16 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - mbedtls_md_type_t mgf1_hash_id, - int expected_salt_len, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + mbedtls_md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t siglen; @@ -2019,95 +2066,102 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } siglen = ctx->len; - if( siglen < 16 || siglen > sizeof( buf ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (siglen < 16 || siglen > sizeof(buf)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, buf) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, buf); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } p = buf; - if( buf[siglen - 1] != 0xBC ) - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + if (buf[siglen - 1] != 0xBC) { + return MBEDTLS_ERR_RSA_INVALID_PADDING; + } - if( md_alg != MBEDTLS_MD_NONE ) - { + if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - md_info = mbedtls_md_info_from_type( md_alg ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hashlen = mbedtls_md_get_size( md_info ); + hashlen = mbedtls_md_get_size(md_info); } - md_info = mbedtls_md_info_from_type( mgf1_hash_id ); - if( md_info == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(mgf1_hash_id); + if (md_info == NULL) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_md_get_size(md_info); - memset( zeros, 0, 8 ); + memset(zeros, 0, 8); /* * Note: EMSA-PSS verification is over the length of N - 1 bits */ - msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; + msb = mbedtls_mpi_bitlen(&ctx->N) - 1; - if( buf[0] >> ( 8 - siglen * 8 + msb ) ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (buf[0] >> (8 - siglen * 8 + msb)) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* Compensate for boundary condition when applying mask */ - if( msb % 8 == 0 ) - { + if (msb % 8 == 0) { p++; siglen -= 1; } - if( siglen < hlen + 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (siglen < hlen + 2) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } hash_start = p + siglen - hlen - 1; - mbedtls_md_init( &md_ctx ); - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + mbedtls_md_init(&md_ctx); + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 0)) != 0) { goto exit; + } - ret = mgf_mask( p, siglen - hlen - 1, hash_start, hlen, &md_ctx ); - if( ret != 0 ) + ret = mgf_mask(p, siglen - hlen - 1, hash_start, hlen, &md_ctx); + if (ret != 0) { goto exit; + } - buf[0] &= 0xFF >> ( siglen * 8 - msb ); + buf[0] &= 0xFF >> (siglen * 8 - msb); - while( p < hash_start - 1 && *p == 0 ) + while (p < hash_start - 1 && *p == 0) { p++; + } - if( *p++ != 0x01 ) - { + if (*p++ != 0x01) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto exit; } observed_salt_len = hash_start - p; - if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && - observed_salt_len != (size_t) expected_salt_len ) - { + if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && + observed_salt_len != (size_t) expected_salt_len) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto exit; } @@ -2115,63 +2169,67 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, /* * Generate H = Hash( M' ) */ - ret = mbedtls_md_starts( &md_ctx ); - if ( ret != 0 ) + ret = mbedtls_md_starts(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, zeros, 8 ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, zeros, 8); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, hash, hashlen ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, hash, hashlen); + if (ret != 0) { goto exit; - ret = mbedtls_md_update( &md_ctx, p, observed_salt_len ); - if ( ret != 0 ) + } + ret = mbedtls_md_update(&md_ctx, p, observed_salt_len); + if (ret != 0) { goto exit; - ret = mbedtls_md_finish( &md_ctx, result ); - if ( ret != 0 ) + } + ret = mbedtls_md_finish(&md_ctx, result); + if (ret != 0) { goto exit; + } - if( memcmp( hash_start, result, hlen ) != 0 ) - { + if (memcmp(hash_start, result, hlen) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto exit; } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - return( ret ); + return ret; } /* * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { mbedtls_md_type_t mgf1_hash_id; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - - mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + + mgf1_hash_id = (ctx->hash_id != MBEDTLS_MD_NONE) ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, - md_alg, hashlen, hash, - mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, - sig ) ); + return mbedtls_rsa_rsassa_pss_verify_ext(ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, + mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, + sig); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -2180,196 +2238,195 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function */ -int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { int ret = 0; size_t sig_len; unsigned char *encoded = NULL, *encoded_expected = NULL; - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); sig_len = ctx->len; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if (mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } /* * Prepare expected PKCS1 v1.5 encoding of hash. */ - if( ( encoded = mbedtls_calloc( 1, sig_len ) ) == NULL || - ( encoded_expected = mbedtls_calloc( 1, sig_len ) ) == NULL ) - { + if ((encoded = mbedtls_calloc(1, sig_len)) == NULL || + (encoded_expected = mbedtls_calloc(1, sig_len)) == NULL) { ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; goto cleanup; } - if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, sig_len, - encoded_expected ) ) != 0 ) + if ((ret = rsa_rsassa_pkcs1_v15_encode(md_alg, hashlen, hash, sig_len, + encoded_expected)) != 0) { goto cleanup; + } /* * Apply RSA primitive to get what should be PKCS1 encoded hash. */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, encoded ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded ); - if( ret != 0 ) + ret = (mode == MBEDTLS_RSA_PUBLIC) + ? mbedtls_rsa_public(ctx, sig, encoded) + : mbedtls_rsa_private(ctx, f_rng, p_rng, sig, encoded); + if (ret != 0) { goto cleanup; + } /* * Compare */ - if( ( ret = mbedtls_ct_memcmp( encoded, encoded_expected, - sig_len ) ) != 0 ) - { + if ((ret = mbedtls_ct_memcmp(encoded, encoded_expected, + sig_len)) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto cleanup; } cleanup: - if( encoded != NULL ) - { - mbedtls_platform_zeroize( encoded, sig_len ); - mbedtls_free( encoded ); + if (encoded != NULL) { + mbedtls_platform_zeroize(encoded, sig_len); + mbedtls_free(encoded); } - if( encoded_expected != NULL ) - { - mbedtls_platform_zeroize( encoded_expected, sig_len ); - mbedtls_free( encoded_expected ); + if (encoded_expected != NULL) { + mbedtls_platform_zeroize(encoded_expected, sig_len); + mbedtls_free(encoded_expected); } - return( ret ); + return ret; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Do an RSA operation and check the message digest */ -int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig) { - RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); - RSA_VALIDATE_RET( sig != NULL ); - RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && - hashlen == 0 ) || - hash != NULL ); - - switch( ctx->padding ) - { + RSA_VALIDATE_RET(ctx != NULL); + RSA_VALIDATE_RET(mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC); + RSA_VALIDATE_RET(sig != NULL); + RSA_VALIDATE_RET((md_alg == MBEDTLS_MD_NONE && + hashlen == 0) || + hash != NULL); + + switch (ctx->padding) { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_verify(ctx, f_rng, p_rng, mode, md_alg, + hashlen, hash, sig); #endif default: - return( MBEDTLS_ERR_RSA_INVALID_PADDING ); + return MBEDTLS_ERR_RSA_INVALID_PADDING; } } /* * Copy the components of an RSA key */ -int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) +int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - RSA_VALIDATE_RET( dst != NULL ); - RSA_VALIDATE_RET( src != NULL ); + RSA_VALIDATE_RET(dst != NULL); + RSA_VALIDATE_RET(src != NULL); dst->len = src->len; - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->E, &src->E ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->N, &src->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->E, &src->E)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->D, &src->D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->P, &src->P ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Q, &src->Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->D, &src->D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->P, &src->P)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Q, &src->Q)); #if !defined(MBEDTLS_RSA_NO_CRT) - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DP, &src->DP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DQ, &src->DQ ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->QP, &src->QP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RP, &src->RP ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RQ, &src->RQ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DP, &src->DP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->DQ, &src->DQ)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->QP, &src->QP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RP, &src->RP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RQ, &src->RQ)); #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RN, &src->RN ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->RN, &src->RN)); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vi, &src->Vi ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vf, &src->Vf ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vi, &src->Vi)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&dst->Vf, &src->Vf)); dst->padding = src->padding; dst->hash_id = src->hash_id; cleanup: - if( ret != 0 ) - mbedtls_rsa_free( dst ); + if (ret != 0) { + mbedtls_rsa_free(dst); + } - return( ret ); + return ret; } /* * Free the components of an RSA key */ -void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) +void mbedtls_rsa_free(mbedtls_rsa_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_mpi_free( &ctx->Vi ); - mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->RN ); - mbedtls_mpi_free( &ctx->D ); - mbedtls_mpi_free( &ctx->Q ); - mbedtls_mpi_free( &ctx->P ); - mbedtls_mpi_free( &ctx->E ); - mbedtls_mpi_free( &ctx->N ); + mbedtls_mpi_free(&ctx->Vi); + mbedtls_mpi_free(&ctx->Vf); + mbedtls_mpi_free(&ctx->RN); + mbedtls_mpi_free(&ctx->D); + mbedtls_mpi_free(&ctx->Q); + mbedtls_mpi_free(&ctx->P); + mbedtls_mpi_free(&ctx->E); + mbedtls_mpi_free(&ctx->N); #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &ctx->RQ ); - mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->QP ); - mbedtls_mpi_free( &ctx->DQ ); - mbedtls_mpi_free( &ctx->DP ); + mbedtls_mpi_free(&ctx->RQ); + mbedtls_mpi_free(&ctx->RP); + mbedtls_mpi_free(&ctx->QP); + mbedtls_mpi_free(&ctx->DQ); + mbedtls_mpi_free(&ctx->DP); #endif /* MBEDTLS_RSA_NO_CRT */ #if defined(MBEDTLS_THREADING_C) /* Free the mutex, but only if it hasn't been freed already. */ - if( ctx->ver != 0 ) - { - mbedtls_mutex_free( &ctx->mutex ); + if (ctx->ver != 0) { + mbedtls_mutex_free(&ctx->mutex); ctx->ver = 0; } #endif @@ -2421,31 +2478,34 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD" #if defined(MBEDTLS_PKCS1_V15) -static int myrand( void *rng_state, unsigned char *output, size_t len ) +static int myrand(void *rng_state, unsigned char *output, size_t len) { #if !defined(__OpenBSD__) && !defined(__NetBSD__) size_t i; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - for( i = 0; i < len; ++i ) + for (i = 0; i < len; ++i) { output[i] = rand(); + } #else - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - arc4random_buf( output, len ); + arc4random_buf(output, len); #endif /* !OpenBSD && !NetBSD */ - return( 0 ); + return 0; } #endif /* MBEDTLS_PKCS1_V15 */ /* * Checkup routine */ -int mbedtls_rsa_self_test( int verbose ) +int mbedtls_rsa_self_test(int verbose) { int ret = 0; #if defined(MBEDTLS_PKCS1_V15) @@ -2460,128 +2520,136 @@ int mbedtls_rsa_self_test( int verbose ) mbedtls_mpi K; - mbedtls_mpi_init( &K ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&K); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_N ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, &K, NULL, NULL, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_P ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, &K, NULL, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_Q ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, &K, NULL, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_D ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, &K, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_E ) ); - MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, NULL, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_N)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, &K, NULL, NULL, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_P)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, &K, NULL, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_Q)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, &K, NULL, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_D)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, &K, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&K, 16, RSA_E)); + MBEDTLS_MPI_CHK(mbedtls_rsa_import(&rsa, NULL, NULL, NULL, NULL, &K)); - MBEDTLS_MPI_CHK( mbedtls_rsa_complete( &rsa ) ); + MBEDTLS_MPI_CHK(mbedtls_rsa_complete(&rsa)); - if( verbose != 0 ) - mbedtls_printf( " RSA key validation: " ); + if (verbose != 0) { + mbedtls_printf(" RSA key validation: "); + } - if( mbedtls_rsa_check_pubkey( &rsa ) != 0 || - mbedtls_rsa_check_privkey( &rsa ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_check_pubkey(&rsa) != 0 || + mbedtls_rsa_check_privkey(&rsa) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 encryption : " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 encryption : "); + } - memcpy( rsa_plaintext, RSA_PT, PT_LEN ); + memcpy(rsa_plaintext, RSA_PT, PT_LEN); - if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, - PT_LEN, rsa_plaintext, - rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_encrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, + PT_LEN, rsa_plaintext, + rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 decryption : " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 decryption : "); + } - if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, - &len, rsa_ciphertext, rsa_decrypted, - sizeof(rsa_decrypted) ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_decrypt(&rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, + &len, rsa_ciphertext, rsa_decrypted, + sizeof(rsa_decrypted)) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(rsa_decrypted, rsa_plaintext, len) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #if defined(MBEDTLS_SHA1_C) - if( verbose != 0 ) - mbedtls_printf( " PKCS#1 data sign : " ); + if (verbose != 0) { + mbedtls_printf(" PKCS#1 data sign : "); + } - if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_sha1_ret(rsa_plaintext, PT_LEN, sha1sum) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } - return( 1 ); + return 1; } - if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, - sha1sum, rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_sign(&rsa, myrand, NULL, + MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, + sha1sum, rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); + if (verbose != 0) { + mbedtls_printf("passed\n PKCS#1 sig. verify: "); + } - if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, - sha1sum, rsa_ciphertext ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, + sha1sum, rsa_ciphertext) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } #endif /* MBEDTLS_SHA1_C */ - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } cleanup: - mbedtls_mpi_free( &K ); - mbedtls_rsa_free( &rsa ); + mbedtls_mpi_free(&K); + mbedtls_rsa_free(&rsa); #else /* MBEDTLS_PKCS1_V15 */ ((void) verbose); #endif /* MBEDTLS_PKCS1_V15 */ - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/rsa_internal.c b/third_party/mbedtls/repo/library/rsa_internal.c index d6ba97a14ba..5a9e5c34fc0 100644 --- a/third_party/mbedtls/repo/library/rsa_internal.c +++ b/third_party/mbedtls/repo/library/rsa_internal.c @@ -2,19 +2,7 @@ * Helper functions for the RSA module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ @@ -59,9 +47,9 @@ * of (a) and (b) above to attempt to factor N. * */ -int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, - mbedtls_mpi const *E, mbedtls_mpi const *D, - mbedtls_mpi *P, mbedtls_mpi *Q ) +int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, + mbedtls_mpi const *E, mbedtls_mpi const *D, + mbedtls_mpi *P, mbedtls_mpi *Q) { int ret = 0; @@ -74,48 +62,46 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi K; /* Temporary holding the current candidate */ const unsigned char primes[] = { 2, - 3, 5, 7, 11, 13, 17, 19, 23, - 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, - 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, - 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251 - }; - - const size_t num_primes = sizeof( primes ) / sizeof( *primes ); - - if( P == NULL || Q == NULL || P->p != NULL || Q->p != NULL ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - - if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || - mbedtls_mpi_cmp_int( D, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( D, N ) >= 0 || - mbedtls_mpi_cmp_int( E, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( E, N ) >= 0 ) - { - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + 3, 5, 7, 11, 13, 17, 19, 23, + 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, + 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, + 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251 }; + + const size_t num_primes = sizeof(primes) / sizeof(*primes); + + if (P == NULL || Q == NULL || P->p != NULL || Q->p != NULL) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + if (mbedtls_mpi_cmp_int(N, 0) <= 0 || + mbedtls_mpi_cmp_int(D, 1) <= 0 || + mbedtls_mpi_cmp_mpi(D, N) >= 0 || + mbedtls_mpi_cmp_int(E, 1) <= 0 || + mbedtls_mpi_cmp_mpi(E, N) >= 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } /* * Initializations and temporary changes */ - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &T ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&T); /* T := DE - 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &T, &T, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&T, &T, 1)); - if( ( order = (uint16_t) mbedtls_mpi_lsb( &T ) ) == 0 ) - { + if ((order = (uint16_t) mbedtls_mpi_lsb(&T)) == 0) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } /* After this operation, T holds the largest odd divisor of DE - 1. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &T, order ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&T, order)); /* * Actual work @@ -123,49 +109,49 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, /* Skip trying 2 if N == 1 mod 8 */ attempt = 0; - if( N->p[0] % 8 == 1 ) + if (N->p[0] % 8 == 1) { attempt = 1; + } - for( ; attempt < num_primes; ++attempt ) - { - mbedtls_mpi_lset( &K, primes[attempt] ); + for (; attempt < num_primes; ++attempt) { + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&K, primes[attempt])); /* Check if gcd(K,N) = 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) ); - if( mbedtls_mpi_cmp_int( P, 1 ) != 0 ) + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); + if (mbedtls_mpi_cmp_int(P, 1) != 0) { continue; + } /* Go through K^T + 1, K^(2T) + 1, K^(4T) + 1, ... * and check whether they have nontrivial GCD with N. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &K, &K, &T, N, - Q /* temporarily use Q for storing Montgomery - * multiplication helper values */ ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &K, &T, N, + Q /* temporarily use Q for storing Montgomery + * multiplication helper values */)); - for( iter = 1; iter <= order; ++iter ) - { + for (iter = 1; iter <= order; ++iter) { /* If we reach 1 prematurely, there's no point * in continuing to square K */ - if( mbedtls_mpi_cmp_int( &K, 1 ) == 0 ) + if (mbedtls_mpi_cmp_int(&K, 1) == 0) { break; + } - MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_add_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); - if( mbedtls_mpi_cmp_int( P, 1 ) == 1 && - mbedtls_mpi_cmp_mpi( P, N ) == -1 ) - { + if (mbedtls_mpi_cmp_int(P, 1) == 1 && + mbedtls_mpi_cmp_mpi(P, N) == -1) { /* * Have found a nontrivial divisor P of N. * Set Q := N / P. */ - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( Q, NULL, N, P ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(Q, NULL, N, P)); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &K ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, N ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &K)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, N)); } /* @@ -175,8 +161,7 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, * Check if that's the case and abort if not, to avoid very long, * yet eventually failing, computations if N,D,E were not sane. */ - if( mbedtls_mpi_cmp_int( &K, 1 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&K, 1) != 0) { break; } } @@ -185,125 +170,116 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &T ); - return( ret ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&T); + return ret; } /* * Given P, Q and the public exponent E, deduce D. * This is essentially a modular inversion. */ -int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P, - mbedtls_mpi const *Q, - mbedtls_mpi const *E, - mbedtls_mpi *D ) +int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P, + mbedtls_mpi const *Q, + mbedtls_mpi const *E, + mbedtls_mpi *D) { int ret = 0; mbedtls_mpi K, L; - if( D == NULL || mbedtls_mpi_cmp_int( D, 0 ) != 0 ) - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (D == NULL || mbedtls_mpi_cmp_int(D, 0) != 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } - if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 || - mbedtls_mpi_cmp_int( Q, 1 ) <= 0 || - mbedtls_mpi_cmp_int( E, 0 ) == 0 ) - { - return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + if (mbedtls_mpi_cmp_int(P, 1) <= 0 || + mbedtls_mpi_cmp_int(Q, 1) <= 0 || + mbedtls_mpi_cmp_int(E, 0) == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* Temporarily put K := P-1 and L := Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1)); /* Temporarily put D := gcd(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( D, &K, &L ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(D, &K, &L)); /* K := LCM(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &L ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &K, NULL, &K, D ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, &K, &L)); + MBEDTLS_MPI_CHK(mbedtls_mpi_div_mpi(&K, NULL, &K, D)); /* Compute modular inverse of E in LCM(P-1, Q-1) */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( D, E, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(D, E, &K)); cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); - return( ret ); + return ret; } /* * Check that RSA CRT parameters are in accordance with core parameters. */ -int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, const mbedtls_mpi *DP, - const mbedtls_mpi *DQ, const mbedtls_mpi *QP ) +int mbedtls_rsa_validate_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, const mbedtls_mpi *DP, + const mbedtls_mpi *DQ, const mbedtls_mpi *QP) { int ret = 0; mbedtls_mpi K, L; - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* Check that DP - D == 0 mod P - 1 */ - if( DP != NULL ) - { - if( P == NULL ) - { + if (DP != NULL) { + if (P == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DP, D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DP, D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K)); - if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&L, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } } /* Check that DQ - D == 0 mod Q - 1 */ - if( DQ != NULL ) - { - if( Q == NULL ) - { + if (DQ != NULL) { + if (Q == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DQ, D ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_mpi(&L, DQ, D)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&L, &L, &K)); - if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 ) - { + if (mbedtls_mpi_cmp_int(&L, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } } /* Check that QP * Q - 1 == 0 mod P */ - if( QP != NULL ) - { - if( P == NULL || Q == NULL ) - { + if (QP != NULL) { + if (P == NULL || Q == NULL) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, QP, Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, P ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, QP, Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, P)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -312,33 +288,32 @@ int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, cleanup: /* Wrap MPI error codes by RSA check failure error code */ - if( ret != 0 && + if (ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED && - ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) - { + ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); - return( ret ); + return ret; } /* * Check that core RSA parameters are sane. */ -int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, - const mbedtls_mpi *Q, const mbedtls_mpi *D, - const mbedtls_mpi *E, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P, + const mbedtls_mpi *Q, const mbedtls_mpi *D, + const mbedtls_mpi *E, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = 0; mbedtls_mpi K, L; - mbedtls_mpi_init( &K ); - mbedtls_mpi_init( &L ); + mbedtls_mpi_init(&K); + mbedtls_mpi_init(&L); /* * Step 1: If PRNG provided, check that P and Q are prime @@ -350,16 +325,14 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * rate of at most 2^-100 and we are aiming for the same certainty here as * well. */ - if( f_rng != NULL && P != NULL && - ( ret = mbedtls_mpi_is_prime_ext( P, 50, f_rng, p_rng ) ) != 0 ) - { + if (f_rng != NULL && P != NULL && + (ret = mbedtls_mpi_is_prime_ext(P, 50, f_rng, p_rng)) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } - if( f_rng != NULL && Q != NULL && - ( ret = mbedtls_mpi_is_prime_ext( Q, 50, f_rng, p_rng ) ) != 0 ) - { + if (f_rng != NULL && Q != NULL && + (ret = mbedtls_mpi_is_prime_ext(Q, 50, f_rng, p_rng)) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -372,12 +345,10 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 2: Check that 1 < N = P * Q */ - if( P != NULL && Q != NULL && N != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) ); - if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( &K, N ) != 0 ) - { + if (P != NULL && Q != NULL && N != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, P, Q)); + if (mbedtls_mpi_cmp_int(N, 1) <= 0 || + mbedtls_mpi_cmp_mpi(&K, N) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -387,13 +358,11 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 3: Check and 1 < D, E < N if present. */ - if( N != NULL && D != NULL && E != NULL ) - { - if ( mbedtls_mpi_cmp_int( D, 1 ) <= 0 || - mbedtls_mpi_cmp_int( E, 1 ) <= 0 || - mbedtls_mpi_cmp_mpi( D, N ) >= 0 || - mbedtls_mpi_cmp_mpi( E, N ) >= 0 ) - { + if (N != NULL && D != NULL && E != NULL) { + if (mbedtls_mpi_cmp_int(D, 1) <= 0 || + mbedtls_mpi_cmp_int(E, 1) <= 0 || + mbedtls_mpi_cmp_mpi(D, N) >= 0 || + mbedtls_mpi_cmp_mpi(E, N) >= 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -403,33 +372,29 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, * Step 4: Check that D, E are inverse modulo P-1 and Q-1 */ - if( P != NULL && Q != NULL && D != NULL && E != NULL ) - { - if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 || - mbedtls_mpi_cmp_int( Q, 1 ) <= 0 ) - { + if (P != NULL && Q != NULL && D != NULL && E != NULL) { + if (mbedtls_mpi_cmp_int(P, 1) <= 0 || + mbedtls_mpi_cmp_int(Q, 1) <= 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } /* Compute DE-1 mod P-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } /* Compute DE-1 mod Q-1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) ); - if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) - { + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&K, D, E)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, &K, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&L, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&K, &K, &L)); + if (mbedtls_mpi_cmp_int(&K, 0) != 0) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } @@ -437,50 +402,46 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, cleanup: - mbedtls_mpi_free( &K ); - mbedtls_mpi_free( &L ); + mbedtls_mpi_free(&K); + mbedtls_mpi_free(&L); /* Wrap MPI error codes by RSA check failure error code */ - if( ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ) - { + if (ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) { ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } - return( ret ); + return ret; } -int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q, - const mbedtls_mpi *D, mbedtls_mpi *DP, - mbedtls_mpi *DQ, mbedtls_mpi *QP ) +int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q, + const mbedtls_mpi *D, mbedtls_mpi *DP, + mbedtls_mpi *DQ, mbedtls_mpi *QP) { int ret = 0; mbedtls_mpi K; - mbedtls_mpi_init( &K ); + mbedtls_mpi_init(&K); /* DP = D mod P-1 */ - if( DP != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DP, D, &K ) ); + if (DP != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DP, D, &K)); } /* DQ = D mod Q-1 */ - if( DQ != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DQ, D, &K ) ); + if (DQ != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&K, Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(DQ, D, &K)); } /* QP = Q^{-1} mod P */ - if( QP != NULL ) - { - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( QP, Q, P ) ); + if (QP != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(QP, Q, P)); } cleanup: - mbedtls_mpi_free( &K ); + mbedtls_mpi_free(&K); - return( ret ); + return ret; } #endif /* MBEDTLS_RSA_C */ diff --git a/third_party/mbedtls/repo/library/sha1.c b/third_party/mbedtls/repo/library/sha1.c index 0a5edafaff9..9dd958ef4c4 100644 --- a/third_party/mbedtls/repo/library/sha1.c +++ b/third_party/mbedtls/repo/library/sha1.c @@ -2,19 +2,7 @@ * FIPS-180-1 compliant SHA-1 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-1 standard was published by NIST in 1993. @@ -32,42 +20,36 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #define SHA1_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA) -#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) +#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA1_ALT) -void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_init(mbedtls_sha1_context *ctx) { - SHA1_VALIDATE( ctx != NULL ); + SHA1_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha1_context)); } -void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_free(mbedtls_sha1_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha1_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha1_context)); } -void mbedtls_sha1_clone( mbedtls_sha1_context *dst, - const mbedtls_sha1_context *src ) +void mbedtls_sha1_clone(mbedtls_sha1_context *dst, + const mbedtls_sha1_context *src) { - SHA1_VALIDATE( dst != NULL ); - SHA1_VALIDATE( src != NULL ); + SHA1_VALIDATE(dst != NULL); + SHA1_VALIDATE(src != NULL); *dst = *src; } @@ -75,9 +57,9 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, /* * SHA-1 context setup */ -int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) +int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx) { - SHA1_VALIDATE_RET( ctx != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); ctx->total[0] = 0; ctx->total[1] = 0; @@ -88,62 +70,61 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) ctx->state[3] = 0x10325476; ctx->state[4] = 0xC3D2E1F0; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ) +void mbedtls_sha1_starts(mbedtls_sha1_context *ctx) { - mbedtls_sha1_starts_ret( ctx ); + mbedtls_sha1_starts_ret(ctx); } #endif #if !defined(MBEDTLS_SHA1_PROCESS_ALT) -int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t temp, W[16], A, B, C, D, E; } local; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); - - local.W[ 0] = MBEDTLS_GET_UINT32_BE( data, 0 ); - local.W[ 1] = MBEDTLS_GET_UINT32_BE( data, 4 ); - local.W[ 2] = MBEDTLS_GET_UINT32_BE( data, 8 ); - local.W[ 3] = MBEDTLS_GET_UINT32_BE( data, 12 ); - local.W[ 4] = MBEDTLS_GET_UINT32_BE( data, 16 ); - local.W[ 5] = MBEDTLS_GET_UINT32_BE( data, 20 ); - local.W[ 6] = MBEDTLS_GET_UINT32_BE( data, 24 ); - local.W[ 7] = MBEDTLS_GET_UINT32_BE( data, 28 ); - local.W[ 8] = MBEDTLS_GET_UINT32_BE( data, 32 ); - local.W[ 9] = MBEDTLS_GET_UINT32_BE( data, 36 ); - local.W[10] = MBEDTLS_GET_UINT32_BE( data, 40 ); - local.W[11] = MBEDTLS_GET_UINT32_BE( data, 44 ); - local.W[12] = MBEDTLS_GET_UINT32_BE( data, 48 ); - local.W[13] = MBEDTLS_GET_UINT32_BE( data, 52 ); - local.W[14] = MBEDTLS_GET_UINT32_BE( data, 56 ); - local.W[15] = MBEDTLS_GET_UINT32_BE( data, 60 ); - -#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET((const unsigned char *) data != NULL); + + local.W[0] = MBEDTLS_GET_UINT32_BE(data, 0); + local.W[1] = MBEDTLS_GET_UINT32_BE(data, 4); + local.W[2] = MBEDTLS_GET_UINT32_BE(data, 8); + local.W[3] = MBEDTLS_GET_UINT32_BE(data, 12); + local.W[4] = MBEDTLS_GET_UINT32_BE(data, 16); + local.W[5] = MBEDTLS_GET_UINT32_BE(data, 20); + local.W[6] = MBEDTLS_GET_UINT32_BE(data, 24); + local.W[7] = MBEDTLS_GET_UINT32_BE(data, 28); + local.W[8] = MBEDTLS_GET_UINT32_BE(data, 32); + local.W[9] = MBEDTLS_GET_UINT32_BE(data, 36); + local.W[10] = MBEDTLS_GET_UINT32_BE(data, 40); + local.W[11] = MBEDTLS_GET_UINT32_BE(data, 44); + local.W[12] = MBEDTLS_GET_UINT32_BE(data, 48); + local.W[13] = MBEDTLS_GET_UINT32_BE(data, 52); + local.W[14] = MBEDTLS_GET_UINT32_BE(data, 56); + local.W[15] = MBEDTLS_GET_UINT32_BE(data, 60); + +#define S(x, n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n)))) #define R(t) \ ( \ - local.temp = local.W[( (t) - 3 ) & 0x0F] ^ \ - local.W[( (t) - 8 ) & 0x0F] ^ \ - local.W[( (t) - 14 ) & 0x0F] ^ \ - local.W[ (t) & 0x0F], \ - ( local.W[(t) & 0x0F] = S(local.temp,1) ) \ + local.temp = local.W[((t) - 3) & 0x0F] ^ \ + local.W[((t) - 8) & 0x0F] ^ \ + local.W[((t) - 14) & 0x0F] ^ \ + local.W[(t) & 0x0F], \ + (local.W[(t) & 0x0F] = S(local.temp, 1)) \ ) -#define P(a,b,c,d,e,x) \ +#define P(a, b, c, d, e, x) \ do \ { \ - (e) += S((a),5) + F((b),(c),(d)) + K + (x); \ - (b) = S((b),30); \ - } while( 0 ) + (e) += S((a), 5) + F((b), (c), (d)) + K + (x); \ + (b) = S((b), 30); \ + } while (0) local.A = ctx->state[0]; local.B = ctx->state[1]; @@ -151,110 +132,110 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, local.D = ctx->state[3]; local.E = ctx->state[4]; -#define F(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) #define K 0x5A827999 - P( local.A, local.B, local.C, local.D, local.E, local.W[0] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[1] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[2] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[3] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[4] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[5] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[6] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[7] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[8] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[9] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[10] ); - P( local.E, local.A, local.B, local.C, local.D, local.W[11] ); - P( local.D, local.E, local.A, local.B, local.C, local.W[12] ); - P( local.C, local.D, local.E, local.A, local.B, local.W[13] ); - P( local.B, local.C, local.D, local.E, local.A, local.W[14] ); - P( local.A, local.B, local.C, local.D, local.E, local.W[15] ); - P( local.E, local.A, local.B, local.C, local.D, R(16) ); - P( local.D, local.E, local.A, local.B, local.C, R(17) ); - P( local.C, local.D, local.E, local.A, local.B, R(18) ); - P( local.B, local.C, local.D, local.E, local.A, R(19) ); + P(local.A, local.B, local.C, local.D, local.E, local.W[0]); + P(local.E, local.A, local.B, local.C, local.D, local.W[1]); + P(local.D, local.E, local.A, local.B, local.C, local.W[2]); + P(local.C, local.D, local.E, local.A, local.B, local.W[3]); + P(local.B, local.C, local.D, local.E, local.A, local.W[4]); + P(local.A, local.B, local.C, local.D, local.E, local.W[5]); + P(local.E, local.A, local.B, local.C, local.D, local.W[6]); + P(local.D, local.E, local.A, local.B, local.C, local.W[7]); + P(local.C, local.D, local.E, local.A, local.B, local.W[8]); + P(local.B, local.C, local.D, local.E, local.A, local.W[9]); + P(local.A, local.B, local.C, local.D, local.E, local.W[10]); + P(local.E, local.A, local.B, local.C, local.D, local.W[11]); + P(local.D, local.E, local.A, local.B, local.C, local.W[12]); + P(local.C, local.D, local.E, local.A, local.B, local.W[13]); + P(local.B, local.C, local.D, local.E, local.A, local.W[14]); + P(local.A, local.B, local.C, local.D, local.E, local.W[15]); + P(local.E, local.A, local.B, local.C, local.D, R(16)); + P(local.D, local.E, local.A, local.B, local.C, R(17)); + P(local.C, local.D, local.E, local.A, local.B, R(18)); + P(local.B, local.C, local.D, local.E, local.A, R(19)); #undef K #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) +#define F(x, y, z) ((x) ^ (y) ^ (z)) #define K 0x6ED9EBA1 - P( local.A, local.B, local.C, local.D, local.E, R(20) ); - P( local.E, local.A, local.B, local.C, local.D, R(21) ); - P( local.D, local.E, local.A, local.B, local.C, R(22) ); - P( local.C, local.D, local.E, local.A, local.B, R(23) ); - P( local.B, local.C, local.D, local.E, local.A, R(24) ); - P( local.A, local.B, local.C, local.D, local.E, R(25) ); - P( local.E, local.A, local.B, local.C, local.D, R(26) ); - P( local.D, local.E, local.A, local.B, local.C, R(27) ); - P( local.C, local.D, local.E, local.A, local.B, R(28) ); - P( local.B, local.C, local.D, local.E, local.A, R(29) ); - P( local.A, local.B, local.C, local.D, local.E, R(30) ); - P( local.E, local.A, local.B, local.C, local.D, R(31) ); - P( local.D, local.E, local.A, local.B, local.C, R(32) ); - P( local.C, local.D, local.E, local.A, local.B, R(33) ); - P( local.B, local.C, local.D, local.E, local.A, R(34) ); - P( local.A, local.B, local.C, local.D, local.E, R(35) ); - P( local.E, local.A, local.B, local.C, local.D, R(36) ); - P( local.D, local.E, local.A, local.B, local.C, R(37) ); - P( local.C, local.D, local.E, local.A, local.B, R(38) ); - P( local.B, local.C, local.D, local.E, local.A, R(39) ); + P(local.A, local.B, local.C, local.D, local.E, R(20)); + P(local.E, local.A, local.B, local.C, local.D, R(21)); + P(local.D, local.E, local.A, local.B, local.C, R(22)); + P(local.C, local.D, local.E, local.A, local.B, R(23)); + P(local.B, local.C, local.D, local.E, local.A, R(24)); + P(local.A, local.B, local.C, local.D, local.E, R(25)); + P(local.E, local.A, local.B, local.C, local.D, R(26)); + P(local.D, local.E, local.A, local.B, local.C, R(27)); + P(local.C, local.D, local.E, local.A, local.B, R(28)); + P(local.B, local.C, local.D, local.E, local.A, R(29)); + P(local.A, local.B, local.C, local.D, local.E, R(30)); + P(local.E, local.A, local.B, local.C, local.D, R(31)); + P(local.D, local.E, local.A, local.B, local.C, R(32)); + P(local.C, local.D, local.E, local.A, local.B, R(33)); + P(local.B, local.C, local.D, local.E, local.A, R(34)); + P(local.A, local.B, local.C, local.D, local.E, R(35)); + P(local.E, local.A, local.B, local.C, local.D, R(36)); + P(local.D, local.E, local.A, local.B, local.C, R(37)); + P(local.C, local.D, local.E, local.A, local.B, R(38)); + P(local.B, local.C, local.D, local.E, local.A, R(39)); #undef K #undef F -#define F(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) #define K 0x8F1BBCDC - P( local.A, local.B, local.C, local.D, local.E, R(40) ); - P( local.E, local.A, local.B, local.C, local.D, R(41) ); - P( local.D, local.E, local.A, local.B, local.C, R(42) ); - P( local.C, local.D, local.E, local.A, local.B, R(43) ); - P( local.B, local.C, local.D, local.E, local.A, R(44) ); - P( local.A, local.B, local.C, local.D, local.E, R(45) ); - P( local.E, local.A, local.B, local.C, local.D, R(46) ); - P( local.D, local.E, local.A, local.B, local.C, R(47) ); - P( local.C, local.D, local.E, local.A, local.B, R(48) ); - P( local.B, local.C, local.D, local.E, local.A, R(49) ); - P( local.A, local.B, local.C, local.D, local.E, R(50) ); - P( local.E, local.A, local.B, local.C, local.D, R(51) ); - P( local.D, local.E, local.A, local.B, local.C, R(52) ); - P( local.C, local.D, local.E, local.A, local.B, R(53) ); - P( local.B, local.C, local.D, local.E, local.A, R(54) ); - P( local.A, local.B, local.C, local.D, local.E, R(55) ); - P( local.E, local.A, local.B, local.C, local.D, R(56) ); - P( local.D, local.E, local.A, local.B, local.C, R(57) ); - P( local.C, local.D, local.E, local.A, local.B, R(58) ); - P( local.B, local.C, local.D, local.E, local.A, R(59) ); + P(local.A, local.B, local.C, local.D, local.E, R(40)); + P(local.E, local.A, local.B, local.C, local.D, R(41)); + P(local.D, local.E, local.A, local.B, local.C, R(42)); + P(local.C, local.D, local.E, local.A, local.B, R(43)); + P(local.B, local.C, local.D, local.E, local.A, R(44)); + P(local.A, local.B, local.C, local.D, local.E, R(45)); + P(local.E, local.A, local.B, local.C, local.D, R(46)); + P(local.D, local.E, local.A, local.B, local.C, R(47)); + P(local.C, local.D, local.E, local.A, local.B, R(48)); + P(local.B, local.C, local.D, local.E, local.A, R(49)); + P(local.A, local.B, local.C, local.D, local.E, R(50)); + P(local.E, local.A, local.B, local.C, local.D, R(51)); + P(local.D, local.E, local.A, local.B, local.C, R(52)); + P(local.C, local.D, local.E, local.A, local.B, R(53)); + P(local.B, local.C, local.D, local.E, local.A, R(54)); + P(local.A, local.B, local.C, local.D, local.E, R(55)); + P(local.E, local.A, local.B, local.C, local.D, R(56)); + P(local.D, local.E, local.A, local.B, local.C, R(57)); + P(local.C, local.D, local.E, local.A, local.B, R(58)); + P(local.B, local.C, local.D, local.E, local.A, R(59)); #undef K #undef F -#define F(x,y,z) ((x) ^ (y) ^ (z)) +#define F(x, y, z) ((x) ^ (y) ^ (z)) #define K 0xCA62C1D6 - P( local.A, local.B, local.C, local.D, local.E, R(60) ); - P( local.E, local.A, local.B, local.C, local.D, R(61) ); - P( local.D, local.E, local.A, local.B, local.C, R(62) ); - P( local.C, local.D, local.E, local.A, local.B, R(63) ); - P( local.B, local.C, local.D, local.E, local.A, R(64) ); - P( local.A, local.B, local.C, local.D, local.E, R(65) ); - P( local.E, local.A, local.B, local.C, local.D, R(66) ); - P( local.D, local.E, local.A, local.B, local.C, R(67) ); - P( local.C, local.D, local.E, local.A, local.B, R(68) ); - P( local.B, local.C, local.D, local.E, local.A, R(69) ); - P( local.A, local.B, local.C, local.D, local.E, R(70) ); - P( local.E, local.A, local.B, local.C, local.D, R(71) ); - P( local.D, local.E, local.A, local.B, local.C, R(72) ); - P( local.C, local.D, local.E, local.A, local.B, R(73) ); - P( local.B, local.C, local.D, local.E, local.A, R(74) ); - P( local.A, local.B, local.C, local.D, local.E, R(75) ); - P( local.E, local.A, local.B, local.C, local.D, R(76) ); - P( local.D, local.E, local.A, local.B, local.C, R(77) ); - P( local.C, local.D, local.E, local.A, local.B, R(78) ); - P( local.B, local.C, local.D, local.E, local.A, R(79) ); + P(local.A, local.B, local.C, local.D, local.E, R(60)); + P(local.E, local.A, local.B, local.C, local.D, R(61)); + P(local.D, local.E, local.A, local.B, local.C, R(62)); + P(local.C, local.D, local.E, local.A, local.B, R(63)); + P(local.B, local.C, local.D, local.E, local.A, R(64)); + P(local.A, local.B, local.C, local.D, local.E, R(65)); + P(local.E, local.A, local.B, local.C, local.D, R(66)); + P(local.D, local.E, local.A, local.B, local.C, R(67)); + P(local.C, local.D, local.E, local.A, local.B, R(68)); + P(local.B, local.C, local.D, local.E, local.A, R(69)); + P(local.A, local.B, local.C, local.D, local.E, R(70)); + P(local.E, local.A, local.B, local.C, local.D, R(71)); + P(local.D, local.E, local.A, local.B, local.C, R(72)); + P(local.C, local.D, local.E, local.A, local.B, R(73)); + P(local.B, local.C, local.D, local.E, local.A, R(74)); + P(local.A, local.B, local.C, local.D, local.E, R(75)); + P(local.E, local.A, local.B, local.C, local.D, R(76)); + P(local.D, local.E, local.A, local.B, local.C, R(77)); + P(local.C, local.D, local.E, local.A, local.B, R(78)); + P(local.B, local.C, local.D, local.E, local.A, R(79)); #undef K #undef F @@ -266,16 +247,16 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, ctx->state[4] += local.E; /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_process( mbedtls_sha1_context *ctx, - const unsigned char data[64] ) +void mbedtls_sha1_process(mbedtls_sha1_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_sha1_process( ctx, data ); + mbedtls_internal_sha1_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA1_PROCESS_ALT */ @@ -283,19 +264,20 @@ void mbedtls_sha1_process( mbedtls_sha1_context *ctx, /* * SHA-1 process buffer */ -int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -303,57 +285,59 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_sha1_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_update( mbedtls_sha1_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha1_update(mbedtls_sha1_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha1_update_ret( ctx, input, ilen ); + mbedtls_sha1_update_ret(ctx, input, ilen); } #endif /* * SHA-1 final digest */ -int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, - unsigned char output[20] ) +int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; - SHA1_VALIDATE_RET( ctx != NULL ); - SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA1_VALIDATE_RET(ctx != NULL); + SHA1_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -362,52 +346,51 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); - if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); + MBEDTLS_PUT_UINT32_BE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_BE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_BE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, - unsigned char output[20] ) +void mbedtls_sha1_finish(mbedtls_sha1_context *ctx, + unsigned char output[20]) { - mbedtls_sha1_finish_ret( ctx, output ); + mbedtls_sha1_finish_ret(ctx, output); } #endif @@ -416,39 +399,42 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, /* * output = SHA-1( input buffer ) */ -int mbedtls_sha1_ret( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +int mbedtls_sha1_ret(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha1_context ctx; - SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA1_VALIDATE_RET(ilen == 0 || input != NULL); + SHA1_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha1_init( &ctx ); + mbedtls_sha1_init(&ctx); - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha1_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha1_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha1_free( &ctx ); + mbedtls_sha1_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha1( const unsigned char *input, - size_t ilen, - unsigned char output[20] ) +void mbedtls_sha1(const unsigned char *input, + size_t ilen, + unsigned char output[20]) { - mbedtls_sha1_ret( input, ilen, output ); + mbedtls_sha1_ret(input, ilen, output); } #endif @@ -481,71 +467,73 @@ static const unsigned char sha1_test_sum[3][20] = /* * Checkup routine */ -int mbedtls_sha1_self_test( int verbose ) +int mbedtls_sha1_self_test(int verbose) { int i, j, buflen, ret = 0; unsigned char buf[1024]; unsigned char sha1sum[20]; mbedtls_sha1_context ctx; - mbedtls_sha1_init( &ctx ); + mbedtls_sha1_init(&ctx); /* * SHA-1 */ - for( i = 0; i < 3; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); + for (i = 0; i < 3; i++) { + if (verbose != 0) { + mbedtls_printf(" SHA-1 test #%d: ", i + 1); + } - if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&ctx)) != 0) { goto fail; + } - if( i == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (i == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha1_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha1_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i], - sha1_test_buflen[i] ); - if( ret != 0 ) + } else { + ret = mbedtls_sha1_update_ret(&ctx, sha1_test_buf[i], + sha1_test_buflen[i]); + if (ret != 0) { goto fail; + } } - if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 ) + if ((ret = mbedtls_sha1_finish_ret(&ctx, sha1sum)) != 0) { goto fail; + } - if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) - { + if (memcmp(sha1sum, sha1_test_sum[i], 20) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha1_free( &ctx ); + mbedtls_sha1_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/sha256.c b/third_party/mbedtls/repo/library/sha256.c index db675efd1ba..74f32369bb7 100644 --- a/third_party/mbedtls/repo/library/sha256.c +++ b/third_party/mbedtls/repo/library/sha256.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-256 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-256 Secure Hash Standard was published by NIST in 2002. @@ -32,44 +20,35 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #define SHA256_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA ) -#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA) +#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA256_ALT) -void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) +void mbedtls_sha256_init(mbedtls_sha256_context *ctx) { - SHA256_VALIDATE( ctx != NULL ); + SHA256_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha256_context)); } -void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) +void mbedtls_sha256_free(mbedtls_sha256_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha256_context)); } -void mbedtls_sha256_clone( mbedtls_sha256_context *dst, - const mbedtls_sha256_context *src ) +void mbedtls_sha256_clone(mbedtls_sha256_context *dst, + const mbedtls_sha256_context *src) { - SHA256_VALIDATE( dst != NULL ); - SHA256_VALIDATE( src != NULL ); + SHA256_VALIDATE(dst != NULL); + SHA256_VALIDATE(src != NULL); *dst = *src; } @@ -77,16 +56,15 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, /* * SHA-256 context setup */ -int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) +int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224) { - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET(is224 == 0 || is224 == 1); ctx->total[0] = 0; ctx->total[1] = 0; - if( is224 == 0 ) - { + if (is224 == 0) { /* SHA-256 */ ctx->state[0] = 0x6A09E667; ctx->state[1] = 0xBB67AE85; @@ -96,9 +74,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) ctx->state[5] = 0x9B05688C; ctx->state[6] = 0x1F83D9AB; ctx->state[7] = 0x5BE0CD19; - } - else - { + } else { /* SHA-224 */ ctx->state[0] = 0xC1059ED8; ctx->state[1] = 0x367CD507; @@ -112,14 +88,14 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) ctx->is224 = is224; - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, - int is224 ) +void mbedtls_sha256_starts(mbedtls_sha256_context *ctx, + int is224) { - mbedtls_sha256_starts_ret( ctx, is224 ); + mbedtls_sha256_starts_ret(ctx, is224); } #endif @@ -144,17 +120,17 @@ static const uint32_t K[] = 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, }; -#define SHR(x,n) (((x) & 0xFFFFFFFF) >> (n)) -#define ROTR(x,n) (SHR(x,n) | ((x) << (32 - (n)))) +#define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) +#define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) -#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) -#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) +#define S0(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHR(x, 3)) +#define S1(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHR(x, 10)) -#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) -#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) +#define S2(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) +#define S3(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) -#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) -#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) #define R(t) \ ( \ @@ -162,41 +138,41 @@ static const uint32_t K[] = S0(local.W[(t) - 15]) + local.W[(t) - 16] \ ) -#define P(a,b,c,d,e,f,g,h,x,K) \ +#define P(a, b, c, d, e, f, g, h, x, K) \ do \ { \ - local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ - local.temp2 = S2(a) + F0((a),(b),(c)); \ + local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x); \ + local.temp2 = S2(a) + F0((a), (b), (c)); \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \ - } while( 0 ) + } while (0) -int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ) +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]) { - struct - { + struct { uint32_t temp1, temp2, W[64]; uint32_t A[8]; } local; unsigned int i; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( (const unsigned char *)data != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET((const unsigned char *) data != NULL); - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { local.A[i] = ctx->state[i]; + } #if defined(MBEDTLS_SHA256_SMALLER) - for( i = 0; i < 64; i++ ) - { - if( i < 16 ) - local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); - else - R( i ); + for (i = 0; i < 64; i++) { + if (i < 16) { + local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i); + } else { + R(i); + } - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); local.temp1 = local.A[7]; local.A[7] = local.A[6]; local.A[6] = local.A[5]; local.A[5] = local.A[4]; @@ -205,64 +181,64 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, local.A[0] = local.temp1; } #else /* MBEDTLS_SHA256_SMALLER */ - for( i = 0; i < 16; i++ ) - local.W[i] = MBEDTLS_GET_UINT32_BE( data, 4 * i ); - - for( i = 0; i < 16; i += 8 ) - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0] ); - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1] ); - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2] ); - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3] ); - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4] ); - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5] ); - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6] ); - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7] ); + for (i = 0; i < 16; i++) { + local.W[i] = MBEDTLS_GET_UINT32_BE(data, 4 * i); } - for( i = 16; i < 64; i += 8 ) - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], R(i+0), K[i+0] ); - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], R(i+1), K[i+1] ); - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], R(i+2), K[i+2] ); - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], R(i+3), K[i+3] ); - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], R(i+4), K[i+4] ); - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], R(i+5), K[i+5] ); - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], R(i+6), K[i+6] ); - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], R(i+7), K[i+7] ); + for (i = 0; i < 16; i += 8) { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i+0], K[i+0]); + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], local.W[i+1], K[i+1]); + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], local.W[i+2], K[i+2]); + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], local.W[i+3], K[i+3]); + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], local.W[i+4], K[i+4]); + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], local.W[i+5], K[i+5]); + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], local.W[i+6], K[i+6]); + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], local.W[i+7], K[i+7]); + } + + for (i = 16; i < 64; i += 8) { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], R(i+0), K[i+0]); + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], R(i+1), K[i+1]); + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], R(i+2), K[i+2]); + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], R(i+3), K[i+3]); + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], R(i+4), K[i+4]); + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], R(i+5), K[i+5]); + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], R(i+6), K[i+6]); + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], R(i+7), K[i+7]); } #endif /* MBEDTLS_SHA256_SMALLER */ - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { ctx->state[i] += local.A[i]; + } /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_process( mbedtls_sha256_context *ctx, - const unsigned char data[64] ) +void mbedtls_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]) { - mbedtls_internal_sha256_process( ctx, data ); + mbedtls_internal_sha256_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA256_PROCESS_ALT */ @@ -270,19 +246,20 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, /* * SHA-256 process buffer */ -int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; uint32_t left; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = ctx->total[0] & 0x3F; fill = 64 - left; @@ -290,57 +267,59 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, ctx->total[0] += (uint32_t) ilen; ctx->total[0] &= 0xFFFFFFFF; - if( ctx->total[0] < (uint32_t) ilen ) + if (ctx->total[0] < (uint32_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 64 ) - { - if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 64) { + if ((ret = mbedtls_internal_sha256_process(ctx, input)) != 0) { + return ret; + } input += 64; ilen -= 64; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_update( mbedtls_sha256_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha256_update(mbedtls_sha256_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha256_update_ret( ctx, input, ilen ); + mbedtls_sha256_update_ret(ctx, input, ilen); } #endif /* * SHA-256 final digest */ -int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ) +int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx, + unsigned char output[32]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; - SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA256_VALIDATE_RET(ctx != NULL); + SHA256_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -349,57 +328,57 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 56 ) - { + if (used <= 56) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); - } - else - { + memset(ctx->buffer + used, 0, 56 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + memset(ctx->buffer + used, 0, 64 - used); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 56 ); + memset(ctx->buffer, 0, 56); } /* * Add message length */ - high = ( ctx->total[0] >> 29 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 29) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - MBEDTLS_PUT_UINT32_BE( high, ctx->buffer, 56 ); - MBEDTLS_PUT_UINT32_BE( low, ctx->buffer, 60 ); + MBEDTLS_PUT_UINT32_BE(high, ctx->buffer, 56); + MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); - if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - MBEDTLS_PUT_UINT32_BE( ctx->state[0], output, 0 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[1], output, 4 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[2], output, 8 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[3], output, 12 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[4], output, 16 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 ); - MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 ); - - if( ctx->is224 == 0 ) - MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 ); - - return( 0 ); + MBEDTLS_PUT_UINT32_BE(ctx->state[0], output, 0); + MBEDTLS_PUT_UINT32_BE(ctx->state[1], output, 4); + MBEDTLS_PUT_UINT32_BE(ctx->state[2], output, 8); + MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12); + MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16); + MBEDTLS_PUT_UINT32_BE(ctx->state[5], output, 20); + MBEDTLS_PUT_UINT32_BE(ctx->state[6], output, 24); + + if (ctx->is224 == 0) { + MBEDTLS_PUT_UINT32_BE(ctx->state[7], output, 28); + } + + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, - unsigned char output[32] ) +void mbedtls_sha256_finish(mbedtls_sha256_context *ctx, + unsigned char output[32]) { - mbedtls_sha256_finish_ret( ctx, output ); + mbedtls_sha256_finish_ret(ctx, output); } #endif @@ -408,42 +387,45 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, /* * output = SHA-256( input buffer ) */ -int mbedtls_sha256_ret( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ) +int mbedtls_sha256_ret(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; - SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); - SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA256_VALIDATE_RET(is224 == 0 || is224 == 1); + SHA256_VALIDATE_RET(ilen == 0 || input != NULL); + SHA256_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha256_init( &ctx ); + mbedtls_sha256_init(&ctx); - if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 ) + if ((ret = mbedtls_sha256_starts_ret(&ctx, is224)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha256_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha256_free( &ctx ); + mbedtls_sha256_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha256( const unsigned char *input, - size_t ilen, - unsigned char output[32], - int is224 ) +void mbedtls_sha256(const unsigned char *input, + size_t ilen, + unsigned char output[32], + int is224) { - mbedtls_sha256_ret( input, ilen, output, is224 ); + mbedtls_sha256_ret(input, ilen, output, is224); } #endif @@ -501,83 +483,85 @@ static const unsigned char sha256_test_sum[6][32] = /* * Checkup routine */ -int mbedtls_sha256_self_test( int verbose ) +int mbedtls_sha256_self_test(int verbose) { int i, j, k, buflen, ret = 0; unsigned char *buf; unsigned char sha256sum[32]; mbedtls_sha256_context ctx; - buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); - if( NULL == buf ) - { - if( verbose != 0 ) - mbedtls_printf( "Buffer allocation failed\n" ); + buf = mbedtls_calloc(1024, sizeof(unsigned char)); + if (NULL == buf) { + if (verbose != 0) { + mbedtls_printf("Buffer allocation failed\n"); + } - return( 1 ); + return 1; } - mbedtls_sha256_init( &ctx ); + mbedtls_sha256_init(&ctx); - for( i = 0; i < 6; i++ ) - { + for (i = 0; i < 6; i++) { j = i % 3; k = i < 3; - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + if (verbose != 0) { + mbedtls_printf(" SHA-%d test #%d: ", 256 - k * 32, j + 1); + } - if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 ) + if ((ret = mbedtls_sha256_starts_ret(&ctx, k)) != 0) { goto fail; + } - if( j == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (j == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha256_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha256_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j], - sha256_test_buflen[j] ); - if( ret != 0 ) - goto fail; + } else { + ret = mbedtls_sha256_update_ret(&ctx, sha256_test_buf[j], + sha256_test_buflen[j]); + if (ret != 0) { + goto fail; + } } - if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 ) + if ((ret = mbedtls_sha256_finish_ret(&ctx, sha256sum)) != 0) { goto fail; + } - if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) - { + if (memcmp(sha256sum, sha256_test_sum[i], 32 - k * 4) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha256_free( &ctx ); - mbedtls_free( buf ); + mbedtls_sha256_free(&ctx); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/sha512.c b/third_party/mbedtls/repo/library/sha512.c index 02a135ca926..77bdc2ec234 100644 --- a/third_party/mbedtls/repo/library/sha512.c +++ b/third_party/mbedtls/repo/library/sha512.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-384/512 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-512 Secure Hash Standard was published by NIST in 2002. @@ -38,26 +26,16 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #define SHA512_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ) -#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA) +#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE(cond) #if !defined(MBEDTLS_SHA512_ALT) #if defined(MBEDTLS_SHA512_SMALLER) -static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) +static void sha512_put_uint64_be(uint64_t n, unsigned char *b, uint8_t i) { MBEDTLS_PUT_UINT64_BE(n, b, i); } @@ -65,26 +43,27 @@ static void sha512_put_uint64_be( uint64_t n, unsigned char *b, uint8_t i ) #define sha512_put_uint64_be MBEDTLS_PUT_UINT64_BE #endif /* MBEDTLS_SHA512_SMALLER */ -void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) +void mbedtls_sha512_init(mbedtls_sha512_context *ctx) { - SHA512_VALIDATE( ctx != NULL ); + SHA512_VALIDATE(ctx != NULL); - memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); + memset(ctx, 0, sizeof(mbedtls_sha512_context)); } -void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) +void mbedtls_sha512_free(mbedtls_sha512_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha512_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha512_context)); } -void mbedtls_sha512_clone( mbedtls_sha512_context *dst, - const mbedtls_sha512_context *src ) +void mbedtls_sha512_clone(mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src) { - SHA512_VALIDATE( dst != NULL ); - SHA512_VALIDATE( src != NULL ); + SHA512_VALIDATE(dst != NULL); + SHA512_VALIDATE(src != NULL); *dst = *src; } @@ -92,20 +71,19 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, /* * SHA-512 context setup */ -int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) +int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384) { - SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); #if !defined(MBEDTLS_SHA512_NO_SHA384) - SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + SHA512_VALIDATE_RET(is384 == 0 || is384 == 1); #else - SHA512_VALIDATE_RET( is384 == 0 ); + SHA512_VALIDATE_RET(is384 == 0); #endif ctx->total[0] = 0; ctx->total[1] = 0; - if( is384 == 0 ) - { + if (is384 == 0) { /* SHA-512 */ ctx->state[0] = UL64(0x6A09E667F3BCC908); ctx->state[1] = UL64(0xBB67AE8584CAA73B); @@ -115,11 +93,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x9B05688C2B3E6C1F); ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); ctx->state[7] = UL64(0x5BE0CD19137E2179); - } - else - { + } else { #if defined(MBEDTLS_SHA512_NO_SHA384) - return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); + return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA; #else /* SHA-384 */ ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); @@ -137,14 +113,14 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->is384 = is384; #endif - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, - int is384 ) +void mbedtls_sha512_starts(mbedtls_sha512_context *ctx, + int is384) { - mbedtls_sha512_starts_ret( ctx, is384 ); + mbedtls_sha512_starts_ret(ctx, is384); } #endif @@ -197,57 +173,53 @@ static const uint64_t K[80] = UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) }; -int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ) +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]) { int i; - struct - { + struct { uint64_t temp1, temp2, W[80]; uint64_t A[8]; } local; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET((const unsigned char *) data != NULL); -#define SHR(x,n) ((x) >> (n)) -#define ROTR(x,n) (SHR((x),(n)) | ((x) << (64 - (n)))) +#define SHR(x, n) ((x) >> (n)) +#define ROTR(x, n) (SHR((x), (n)) | ((x) << (64 - (n)))) #define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) -#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) +#define S1(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHR(x, 6)) -#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) -#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) +#define S2(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39)) +#define S3(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41)) -#define F0(x,y,z) (((x) & (y)) | ((z) & ((x) | (y)))) -#define F1(x,y,z) ((z) ^ ((x) & ((y) ^ (z)))) +#define F0(x, y, z) (((x) & (y)) | ((z) & ((x) | (y)))) +#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) -#define P(a,b,c,d,e,f,g,h,x,K) \ +#define P(a, b, c, d, e, f, g, h, x, K) \ do \ { \ - local.temp1 = (h) + S3(e) + F1((e),(f),(g)) + (K) + (x); \ - local.temp2 = S2(a) + F0((a),(b),(c)); \ + local.temp1 = (h) + S3(e) + F1((e), (f), (g)) + (K) + (x); \ + local.temp2 = S2(a) + F0((a), (b), (c)); \ (d) += local.temp1; (h) = local.temp1 + local.temp2; \ - } while( 0 ) + } while (0) - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { local.A[i] = ctx->state[i]; + } #if defined(MBEDTLS_SHA512_SMALLER) - for( i = 0; i < 80; i++ ) - { - if( i < 16 ) - { - local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); - } - else - { + for (i = 0; i < 80; i++) { + if (i < 16) { + local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3); + } else { local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] + - S0(local.W[i - 15]) + local.W[i - 16]; + S0(local.W[i - 15]) + local.W[i - 16]; } - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); local.temp1 = local.A[7]; local.A[7] = local.A[6]; local.A[6] = local.A[5]; local.A[5] = local.A[4]; @@ -256,54 +228,51 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, local.A[0] = local.temp1; } #else /* MBEDTLS_SHA512_SMALLER */ - for( i = 0; i < 16; i++ ) - { - local.W[i] = MBEDTLS_GET_UINT64_BE( data, i << 3 ); + for (i = 0; i < 16; i++) { + local.W[i] = MBEDTLS_GET_UINT64_BE(data, i << 3); } - for( ; i < 80; i++ ) - { + for (; i < 80; i++) { local.W[i] = S1(local.W[i - 2]) + local.W[i - 7] + - S0(local.W[i - 15]) + local.W[i - 16]; + S0(local.W[i - 15]) + local.W[i - 16]; } i = 0; - do - { - P( local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], - local.A[5], local.A[6], local.A[7], local.W[i], K[i] ); i++; - P( local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], - local.A[4], local.A[5], local.A[6], local.W[i], K[i] ); i++; - P( local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], - local.A[3], local.A[4], local.A[5], local.W[i], K[i] ); i++; - P( local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], - local.A[2], local.A[3], local.A[4], local.W[i], K[i] ); i++; - P( local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], - local.A[1], local.A[2], local.A[3], local.W[i], K[i] ); i++; - P( local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], - local.A[0], local.A[1], local.A[2], local.W[i], K[i] ); i++; - P( local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], - local.A[7], local.A[0], local.A[1], local.W[i], K[i] ); i++; - P( local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], - local.A[6], local.A[7], local.A[0], local.W[i], K[i] ); i++; - } - while( i < 80 ); + do { + P(local.A[0], local.A[1], local.A[2], local.A[3], local.A[4], + local.A[5], local.A[6], local.A[7], local.W[i], K[i]); i++; + P(local.A[7], local.A[0], local.A[1], local.A[2], local.A[3], + local.A[4], local.A[5], local.A[6], local.W[i], K[i]); i++; + P(local.A[6], local.A[7], local.A[0], local.A[1], local.A[2], + local.A[3], local.A[4], local.A[5], local.W[i], K[i]); i++; + P(local.A[5], local.A[6], local.A[7], local.A[0], local.A[1], + local.A[2], local.A[3], local.A[4], local.W[i], K[i]); i++; + P(local.A[4], local.A[5], local.A[6], local.A[7], local.A[0], + local.A[1], local.A[2], local.A[3], local.W[i], K[i]); i++; + P(local.A[3], local.A[4], local.A[5], local.A[6], local.A[7], + local.A[0], local.A[1], local.A[2], local.W[i], K[i]); i++; + P(local.A[2], local.A[3], local.A[4], local.A[5], local.A[6], + local.A[7], local.A[0], local.A[1], local.W[i], K[i]); i++; + P(local.A[1], local.A[2], local.A[3], local.A[4], local.A[5], + local.A[6], local.A[7], local.A[0], local.W[i], K[i]); i++; + } while (i < 80); #endif /* MBEDTLS_SHA512_SMALLER */ - for( i = 0; i < 8; i++ ) + for (i = 0; i < 8; i++) { ctx->state[i] += local.A[i]; + } /* Zeroise buffers and variables to clear sensitive data from memory. */ - mbedtls_platform_zeroize( &local, sizeof( local ) ); + mbedtls_platform_zeroize(&local, sizeof(local)); - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_process( mbedtls_sha512_context *ctx, - const unsigned char data[128] ) +void mbedtls_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]) { - mbedtls_internal_sha512_process( ctx, data ); + mbedtls_internal_sha512_process(ctx, data); } #endif #endif /* !MBEDTLS_SHA512_PROCESS_ALT */ @@ -311,76 +280,79 @@ void mbedtls_sha512_process( mbedtls_sha512_context *ctx, /* * SHA-512 process buffer */ -int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ) +int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t fill; unsigned int left; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET(ilen == 0 || input != NULL); - if( ilen == 0 ) - return( 0 ); + if (ilen == 0) { + return 0; + } left = (unsigned int) (ctx->total[0] & 0x7F); fill = 128 - left; ctx->total[0] += (uint64_t) ilen; - if( ctx->total[0] < (uint64_t) ilen ) + if (ctx->total[0] < (uint64_t) ilen) { ctx->total[1]++; + } - if( left && ilen >= fill ) - { - memcpy( (void *) (ctx->buffer + left), input, fill ); + if (left && ilen >= fill) { + memcpy((void *) (ctx->buffer + left), input, fill); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } input += fill; ilen -= fill; left = 0; } - while( ilen >= 128 ) - { - if( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 ) - return( ret ); + while (ilen >= 128) { + if ((ret = mbedtls_internal_sha512_process(ctx, input)) != 0) { + return ret; + } input += 128; ilen -= 128; } - if( ilen > 0 ) - memcpy( (void *) (ctx->buffer + left), input, ilen ); + if (ilen > 0) { + memcpy((void *) (ctx->buffer + left), input, ilen); + } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_update( mbedtls_sha512_context *ctx, - const unsigned char *input, - size_t ilen ) +void mbedtls_sha512_update(mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen) { - mbedtls_sha512_update_ret( ctx, input, ilen ); + mbedtls_sha512_update_ret(ctx, input, ilen); } #endif /* * SHA-512 final digest */ -int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ) +int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx, + unsigned char output[64]) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; - SHA512_VALIDATE_RET( ctx != NULL ); - SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA512_VALIDATE_RET(ctx != NULL); + SHA512_VALIDATE_RET((unsigned char *) output != NULL); /* * Add padding: 0x80 then 0x00 until 16 bytes remain for the length @@ -389,61 +361,61 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, ctx->buffer[used++] = 0x80; - if( used <= 112 ) - { + if (used <= 112) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 112 - used ); - } - else - { + memset(ctx->buffer + used, 0, 112 - used); + } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 128 - used ); + memset(ctx->buffer + used, 0, 128 - used); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } - memset( ctx->buffer, 0, 112 ); + memset(ctx->buffer, 0, 112); } /* * Add message length */ - high = ( ctx->total[0] >> 61 ) - | ( ctx->total[1] << 3 ); - low = ( ctx->total[0] << 3 ); + high = (ctx->total[0] >> 61) + | (ctx->total[1] << 3); + low = (ctx->total[0] << 3); - sha512_put_uint64_be( high, ctx->buffer, 112 ); - sha512_put_uint64_be( low, ctx->buffer, 120 ); + sha512_put_uint64_be(high, ctx->buffer, 112); + sha512_put_uint64_be(low, ctx->buffer, 120); - if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { + return ret; + } /* * Output final state */ - sha512_put_uint64_be( ctx->state[0], output, 0 ); - sha512_put_uint64_be( ctx->state[1], output, 8 ); - sha512_put_uint64_be( ctx->state[2], output, 16 ); - sha512_put_uint64_be( ctx->state[3], output, 24 ); - sha512_put_uint64_be( ctx->state[4], output, 32 ); - sha512_put_uint64_be( ctx->state[5], output, 40 ); - + sha512_put_uint64_be(ctx->state[0], output, 0); + sha512_put_uint64_be(ctx->state[1], output, 8); + sha512_put_uint64_be(ctx->state[2], output, 16); + sha512_put_uint64_be(ctx->state[3], output, 24); + sha512_put_uint64_be(ctx->state[4], output, 32); + sha512_put_uint64_be(ctx->state[5], output, 40); + + int truncated = 0; #if !defined(MBEDTLS_SHA512_NO_SHA384) - if( ctx->is384 == 0 ) + truncated = ctx->is384; #endif - { - sha512_put_uint64_be( ctx->state[6], output, 48 ); - sha512_put_uint64_be( ctx->state[7], output, 56 ); + if (!truncated) { + sha512_put_uint64_be(ctx->state[6], output, 48); + sha512_put_uint64_be(ctx->state[7], output, 56); } - return( 0 ); + return 0; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, - unsigned char output[64] ) +void mbedtls_sha512_finish(mbedtls_sha512_context *ctx, + unsigned char output[64]) { - mbedtls_sha512_finish_ret( ctx, output ); + mbedtls_sha512_finish_ret(ctx, output); } #endif @@ -452,46 +424,49 @@ void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, /* * output = SHA-512( input buffer ) */ -int mbedtls_sha512_ret( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ) +int mbedtls_sha512_ret(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; #if !defined(MBEDTLS_SHA512_NO_SHA384) - SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + SHA512_VALIDATE_RET(is384 == 0 || is384 == 1); #else - SHA512_VALIDATE_RET( is384 == 0 ); + SHA512_VALIDATE_RET(is384 == 0); #endif - SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); - SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + SHA512_VALIDATE_RET(ilen == 0 || input != NULL); + SHA512_VALIDATE_RET((unsigned char *) output != NULL); - mbedtls_sha512_init( &ctx ); + mbedtls_sha512_init(&ctx); - if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 ) + if ((ret = mbedtls_sha512_starts_ret(&ctx, is384)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 ) + if ((ret = mbedtls_sha512_update_ret(&ctx, input, ilen)) != 0) { goto exit; + } - if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx, output)) != 0) { goto exit; + } exit: - mbedtls_sha512_free( &ctx ); + mbedtls_sha512_free(&ctx); - return( ret ); + return ret; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -void mbedtls_sha512( const unsigned char *input, - size_t ilen, - unsigned char output[64], - int is384 ) +void mbedtls_sha512(const unsigned char *input, + size_t ilen, + unsigned char output[64], + int is384) { - mbedtls_sha512_ret( input, ilen, output, is384 ); + mbedtls_sha512_ret(input, ilen, output, is384); } #endif @@ -503,7 +478,9 @@ void mbedtls_sha512( const unsigned char *input, static const unsigned char sha512_test_buf[3][113] = { { "abc" }, - { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, + { + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }, { "" } }; @@ -567,31 +544,30 @@ static const unsigned char sha512_test_sum[][64] = 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } }; -#define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( ( a )[0] ) ) +#define ARRAY_LENGTH(a) (sizeof(a) / sizeof((a)[0])) /* * Checkup routine */ -int mbedtls_sha512_self_test( int verbose ) +int mbedtls_sha512_self_test(int verbose) { int i, j, k, buflen, ret = 0; unsigned char *buf; unsigned char sha512sum[64]; mbedtls_sha512_context ctx; - buf = mbedtls_calloc( 1024, sizeof(unsigned char) ); - if( NULL == buf ) - { - if( verbose != 0 ) - mbedtls_printf( "Buffer allocation failed\n" ); + buf = mbedtls_calloc(1024, sizeof(unsigned char)); + if (NULL == buf) { + if (verbose != 0) { + mbedtls_printf("Buffer allocation failed\n"); + } - return( 1 ); + return 1; } - mbedtls_sha512_init( &ctx ); + mbedtls_sha512_init(&ctx); - for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) - { + for (i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++) { j = i % 3; #if !defined(MBEDTLS_SHA512_NO_SHA384) k = i < 3; @@ -599,58 +575,61 @@ int mbedtls_sha512_self_test( int verbose ) k = 0; #endif - if( verbose != 0 ) - mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + if (verbose != 0) { + mbedtls_printf(" SHA-%d test #%d: ", 512 - k * 128, j + 1); + } - if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 ) + if ((ret = mbedtls_sha512_starts_ret(&ctx, k)) != 0) { goto fail; + } - if( j == 2 ) - { - memset( buf, 'a', buflen = 1000 ); + if (j == 2) { + memset(buf, 'a', buflen = 1000); - for( j = 0; j < 1000; j++ ) - { - ret = mbedtls_sha512_update_ret( &ctx, buf, buflen ); - if( ret != 0 ) + for (j = 0; j < 1000; j++) { + ret = mbedtls_sha512_update_ret(&ctx, buf, buflen); + if (ret != 0) { goto fail; + } } - } - else - { - ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ); - if( ret != 0 ) + } else { + ret = mbedtls_sha512_update_ret(&ctx, sha512_test_buf[j], + sha512_test_buflen[j]); + if (ret != 0) { goto fail; + } } - if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 ) + if ((ret = mbedtls_sha512_finish_ret(&ctx, sha512sum)) != 0) { goto fail; + } - if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) - { + if (memcmp(sha512sum, sha512_test_sum[i], 64 - k * 16) != 0) { ret = 1; goto fail; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } goto exit; fail: - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (verbose != 0) { + mbedtls_printf("failed\n"); + } exit: - mbedtls_sha512_free( &ctx ); - mbedtls_free( buf ); + mbedtls_sha512_free(&ctx); + mbedtls_free(buf); - return( ret ); + return ret; } #undef ARRAY_LENGTH diff --git a/third_party/mbedtls/repo/library/ssl_cache.c b/third_party/mbedtls/repo/library/ssl_cache.c index 32188cf3f6f..21e38cd86a3 100644 --- a/third_party/mbedtls/repo/library/ssl_cache.c +++ b/third_party/mbedtls/repo/library/ssl_cache.c @@ -2,19 +2,7 @@ * SSL session cache implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list @@ -25,98 +13,87 @@ #if defined(MBEDTLS_SSL_CACHE_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif +#include "mbedtls/error.h" #include "mbedtls/ssl_cache.h" #include "mbedtls/ssl_internal.h" #include -void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) +void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache) { - memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); + memset(cache, 0, sizeof(mbedtls_ssl_cache_context)); cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &cache->mutex ); + mbedtls_mutex_init(&cache->mutex); #endif } -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session) { - int ret = 1; + int ret = MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ); + mbedtls_time_t t = mbedtls_time(NULL); #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur, *entry; #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) - return( 1 ); + if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) { + return ret; + } #endif cur = cache->chain; entry = NULL; - while( cur != NULL ) - { + while (cur != NULL) { entry = cur; cur = cur->next; #if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - entry->timestamp ) > cache->timeout ) + if (cache->timeout != 0 && + (int) (t - entry->timestamp) > cache->timeout) { continue; + } #endif - if( session->id_len != entry->session.id_len || - memcmp( session->id, entry->session.id, - entry->session.id_len ) != 0 ) - { + if (session->id_len != entry->session.id_len || + memcmp(session->id, entry->session.id, + entry->session.id_len) != 0) { continue; } - ret = mbedtls_ssl_session_copy( session, &entry->session ); - if( ret != 0 ) - { - ret = 1; + ret = mbedtls_ssl_session_copy(session, &entry->session); + if (ret != 0) { goto exit; } #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* * Restore peer certificate (without rest of the original chain) */ - if( entry->peer_cert.p != NULL ) - { + if (entry->peer_cert.p != NULL) { /* `session->peer_cert` is NULL after the call to * mbedtls_ssl_session_copy(), because cache entries * have the `peer_cert` field set to NULL. */ - if( ( session->peer_cert = mbedtls_calloc( 1, - sizeof(mbedtls_x509_crt) ) ) == NULL ) - { - ret = 1; + if ((session->peer_cert = mbedtls_calloc(1, + sizeof(mbedtls_x509_crt))) == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - mbedtls_x509_crt_init( session->peer_cert ); - if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, - entry->peer_cert.len ) != 0 ) - { - mbedtls_free( session->peer_cert ); + mbedtls_x509_crt_init(session->peer_cert); + if ((ret = mbedtls_x509_crt_parse(session->peer_cert, entry->peer_cert.p, + entry->peer_cert.len)) != 0) { + mbedtls_free(session->peer_cert); session->peer_cert = NULL; - ret = 1; goto exit; } } @@ -128,18 +105,19 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) - ret = 1; + if (mbedtls_mutex_unlock(&cache->mutex) != 0) { + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session) { - int ret = 1; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; + mbedtls_time_t t = mbedtls_time(NULL), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; #endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; @@ -147,32 +125,31 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) int count = 0; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) { + return ret; + } #endif cur = cache->chain; prv = NULL; - while( cur != NULL ) - { + while (cur != NULL) { count++; #if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - cur->timestamp ) > cache->timeout ) - { + if (cache->timeout != 0 && + (int) (t - cur->timestamp) > cache->timeout) { cur->timestamp = t; break; /* expired, reuse this slot, update timestamp */ } #endif - if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) + if (memcmp(session->id, cur->session.id, cur->session.id_len) == 0) { break; /* client reconnected, keep timestamp for session id */ + } #if defined(MBEDTLS_HAVE_TIME) - if( oldest == 0 || cur->timestamp < oldest ) - { + if (oldest == 0 || cur->timestamp < oldest) { oldest = cur->timestamp; old = cur; } @@ -182,17 +159,16 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) cur = cur->next; } - if( cur == NULL ) - { + if (cur == NULL) { #if defined(MBEDTLS_HAVE_TIME) /* * Reuse oldest entry if max_entries reached */ - if( count >= cache->max_entries ) - { - if( old == NULL ) - { - ret = 1; + if (count >= cache->max_entries) { + if (old == NULL) { + /* This should only happen on an ill-configured cache + * with max_entries == 0. */ + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } @@ -203,11 +179,9 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) * Reuse first entry in chain if max_entries reached, * but move to last place */ - if( count >= cache->max_entries ) - { - if( cache->chain == NULL ) - { - ret = 1; + if (count >= cache->max_entries) { + if (cache->chain == NULL) { + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } @@ -217,22 +191,21 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) prv->next = cur; } #endif /* MBEDTLS_HAVE_TIME */ - else - { + else { /* * max_entries not reached, create new entry */ - cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); - if( cur == NULL ) - { - ret = 1; + cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry)); + if (cur == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - if( prv == NULL ) + if (prv == NULL) { cache->chain = cur; - else + } else { prv->next = cur; + } } #if defined(MBEDTLS_HAVE_TIME) @@ -245,10 +218,9 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) /* * If we're reusing an entry, free its certificate first */ - if( cur->peer_cert.p != NULL ) - { - mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + if (cur->peer_cert.p != NULL) { + mbedtls_free(cur->peer_cert.p); + memset(&cur->peer_cert, 0, sizeof(mbedtls_x509_buf)); } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -257,33 +229,29 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) * This inefficiency will go away as soon as we implement on-demand * parsing of CRTs, in which case there's no need for the `peer_cert` * field anymore in the first place, and we're done after this call. */ - ret = mbedtls_ssl_session_copy( &cur->session, session ); - if( ret != 0 ) - { - ret = 1; + ret = mbedtls_ssl_session_copy(&cur->session, session); + if (ret != 0) { goto exit; } #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* If present, free the X.509 structure and only store the raw CRT data. */ - if( cur->session.peer_cert != NULL ) - { + if (cur->session.peer_cert != NULL) { cur->peer_cert.p = - mbedtls_calloc( 1, cur->session.peer_cert->raw.len ); - if( cur->peer_cert.p == NULL ) - { - ret = 1; + mbedtls_calloc(1, cur->session.peer_cert->raw.len); + if (cur->peer_cert.p == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - memcpy( cur->peer_cert.p, - cur->session.peer_cert->raw.p, - cur->session.peer_cert->raw.len ); + memcpy(cur->peer_cert.p, + cur->session.peer_cert->raw.p, + cur->session.peer_cert->raw.len); cur->peer_cert.len = session->peer_cert->raw.len; - mbedtls_x509_crt_free( cur->session.peer_cert ); - mbedtls_free( cur->session.peer_cert ); + mbedtls_x509_crt_free(cur->session.peer_cert); + mbedtls_free(cur->session.peer_cert); cur->session.peer_cert = NULL; } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -292,52 +260,56 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) exit: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &cache->mutex ) != 0 ) - ret = 1; + if (mbedtls_mutex_unlock(&cache->mutex) != 0) { + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_HAVE_TIME) -void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout ) +void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout) { - if( timeout < 0 ) timeout = 0; + if (timeout < 0) { + timeout = 0; + } cache->timeout = timeout; } #endif /* MBEDTLS_HAVE_TIME */ -void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max ) +void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max) { - if( max < 0 ) max = 0; + if (max < 0) { + max = 0; + } cache->max_entries = max; } -void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) +void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache) { mbedtls_ssl_cache_entry *cur, *prv; cur = cache->chain; - while( cur != NULL ) - { + while (cur != NULL) { prv = cur; cur = cur->next; - mbedtls_ssl_session_free( &prv->session ); + mbedtls_ssl_session_free(&prv->session); #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_free( prv->peer_cert.p ); + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + mbedtls_free(prv->peer_cert.p); #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - mbedtls_free( prv ); + mbedtls_free(prv); } #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &cache->mutex ); + mbedtls_mutex_free(&cache->mutex); #endif cache->chain = NULL; } diff --git a/third_party/mbedtls/repo/library/ssl_ciphersuites.c b/third_party/mbedtls/repo/library/ssl_ciphersuites.c index 3826ad27fab..7a46537809c 100644 --- a/third_party/mbedtls/repo/library/ssl_ciphersuites.c +++ b/third_party/mbedtls/repo/library/ssl_ciphersuites.c @@ -1,33 +1,17 @@ /** * \file ssl_ciphersuites.c * - * \brief SSL ciphersuites for mbed TLS + * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_SSL_TLS_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#endif #include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/ssl.h" @@ -459,14 +443,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -476,14 +462,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -578,14 +566,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -595,14 +585,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -986,14 +978,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1003,14 +997,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1105,14 +1101,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1122,14 +1120,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", + { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, + "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1482,7 +1482,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_SHA256_C) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1490,7 +1491,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SHA256_C */ #if defined(HAVE_SHA384) - { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1812,7 +1814,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1820,7 +1822,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1828,7 +1830,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1836,7 +1838,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1849,7 +1851,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", + "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1857,7 +1859,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1865,7 +1867,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1873,7 +1875,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1886,15 +1888,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-PSK-WITH-ARIA-256-GCM-SHA384", - MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, + "TLS-PSK-WITH-ARIA-256-GCM-SHA384", + MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1902,7 +1904,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1910,7 +1912,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1923,7 +1925,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1931,7 +1933,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1939,7 +1941,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1947,7 +1949,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1960,7 +1962,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1968,7 +1970,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1976,7 +1978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1984,7 +1986,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -1997,7 +1999,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2005,7 +2007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2018,7 +2020,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2026,7 +2028,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2034,7 +2036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2042,7 +2044,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2055,7 +2057,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", + "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2063,7 +2065,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, - "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", + "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2071,7 +2073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", + "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2079,7 +2081,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, - "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", + "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2092,7 +2094,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", + "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2100,7 +2102,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", + "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2108,7 +2110,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", + "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2116,7 +2118,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", + "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2129,7 +2131,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", + "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2137,7 +2139,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, - "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", + "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2145,7 +2147,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", + "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2153,7 +2155,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, - "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", + "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, @@ -2171,55 +2173,53 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = }; #if defined(MBEDTLS_SSL_CIPHERSUITES) -const int *mbedtls_ssl_list_ciphersuites( void ) +const int *mbedtls_ssl_list_ciphersuites(void) { - return( ciphersuite_preference ); + return ciphersuite_preference; } #else -#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ - sizeof( ciphersuite_definitions[0] ) +#define MAX_CIPHERSUITES sizeof(ciphersuite_definitions) / \ + sizeof(ciphersuite_definitions[0]) static int supported_ciphersuites[MAX_CIPHERSUITES]; static int supported_init = 0; -static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info) { - (void)cs_info; + (void) cs_info; #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); + if (cs_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + return 1; + } #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || - cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) - { - return( 1 ); + if (cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || + cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC) { + return 1; } #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - return( 0 ); + return 0; } -const int *mbedtls_ssl_list_ciphersuites( void ) +const int *mbedtls_ssl_list_ciphersuites(void) { /* * On initial call filter out all ciphersuites not supported by current * build based on presence in the ciphersuite_definitions. */ - if( supported_init == 0 ) - { + if (supported_init == 0) { const int *p; int *q; - for( p = ciphersuite_preference, q = supported_ciphersuites; + for (p = ciphersuite_preference, q = supported_ciphersuites; *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; - p++ ) - { + p++) { const mbedtls_ssl_ciphersuite_t *cs_info; - if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && - !ciphersuite_is_removed( cs_info ) ) - { + if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL && + !ciphersuite_is_removed(cs_info)) { *(q++) = *p; } } @@ -2228,105 +2228,106 @@ const int *mbedtls_ssl_list_ciphersuites( void ) supported_init = 1; } - return( supported_ciphersuites ); + return supported_ciphersuites; } #endif /* MBEDTLS_SSL_CIPHERSUITES */ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( - const char *ciphersuite_name ) + const char *ciphersuite_name) { const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - if( NULL == ciphersuite_name ) - return( NULL ); + if (NULL == ciphersuite_name) { + return NULL; + } - while( cur->id != 0 ) - { - if( 0 == strcmp( cur->name, ciphersuite_name ) ) - return( cur ); + while (cur->id != 0) { + if (0 == strcmp(cur->name, ciphersuite_name)) { + return cur; + } cur++; } - return( NULL ); + return NULL; } -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) +const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite) { const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; - while( cur->id != 0 ) - { - if( cur->id == ciphersuite ) - return( cur ); + while (cur->id != 0) { + if (cur->id == ciphersuite) { + return cur; + } cur++; } - return( NULL ); + return NULL; } -const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) +const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id) { const mbedtls_ssl_ciphersuite_t *cur; - cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); + cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); - if( cur == NULL ) - return( "unknown" ); + if (cur == NULL) { + return "unknown"; + } - return( cur->name ); + return cur->name; } -int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) +int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name) { const mbedtls_ssl_ciphersuite_t *cur; - cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); + cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name); - if( cur == NULL ) - return( 0 ); + if (cur == NULL) { + return 0; + } - return( cur->id ); + return cur->id; } #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( MBEDTLS_PK_ECKEY ); + return MBEDTLS_PK_ECKEY; default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } @@ -2334,37 +2335,35 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) { - switch( info->key_exchange ) - { + switch (info->key_exchange) { case MBEDTLS_KEY_EXCHANGE_PSK: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ diff --git a/third_party/mbedtls/repo/library/ssl_cli.c b/third_party/mbedtls/repo/library/ssl_cli.c index b87879ce6a6..4fde783d3e7 100644 --- a/third_party/mbedtls/repo/library/ssl_cli.c +++ b/third_party/mbedtls/repo/library/ssl_cli.c @@ -2,32 +2,14 @@ * SSLv3/TLSv1 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_SSL_CLI_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -53,64 +35,69 @@ #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_conf_has_static_psk(mbedtls_ssl_config const *conf) { - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); + if (conf->psk_identity == NULL || + conf->psk_identity_len == 0) { + return 0; } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { + return 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_conf_has_static_raw_psk(mbedtls_ssl_config const *conf) { - if( conf->psk_identity == NULL || - conf->psk_identity_len == 0 ) - { - return( 0 ); + if (conf->psk_identity == NULL || + conf->psk_identity_len == 0) { + return 0; } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_hostname_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t hostname_len; *olen = 0; - if( ssl->hostname == NULL ) - return( 0 ); + if (ssl->hostname == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding server name extension: %s", - ssl->hostname ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding server name extension: %s", + ssl->hostname)); - hostname_len = strlen( ssl->hostname ); + hostname_len = strlen(ssl->hostname); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, hostname_len + 9 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, hostname_len + 9); /* * Sect. 3, RFC 6066 (TLS Extensions Definitions) @@ -138,64 +125,66 @@ static int ssl_write_hostname_ext( mbedtls_ssl_context *ssl, * } ServerNameList; * */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SERVERNAME, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SERVERNAME, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( hostname_len + 5, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len + 5, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( hostname_len + 3, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len + 3, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ); + *p++ = MBEDTLS_BYTE_0(MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME); - MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(hostname_len, p, 0); p += 2; - memcpy( p, ssl->hostname, hostname_len ); + memcpy(p, ssl->hostname, hostname_len); *olen = hostname_len + 9; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_RENEGOTIATION) -static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the + /* We're always including a TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the * initial ClientHello, in which case also adding the renegotiation * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - return( 0 ); + if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding renegotiation extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 + ssl->verify_data_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5 + ssl->verify_data_len); /* * Secure renegotiation */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0); p += 2; *p++ = 0x00; - *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len + 1 ); - *p++ = MBEDTLS_BYTE_0( ssl->verify_data_len ); + *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len + 1); + *p++ = MBEDTLS_BYTE_0(ssl->verify_data_len); - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->own_verify_data, ssl->verify_data_len); *olen = 5 + ssl->verify_data_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ @@ -204,10 +193,11 @@ static int ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) -static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_signature_algorithms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t sig_alg_len = 0; @@ -219,50 +209,50 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return( 0 ); + if (ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding signature_algorithms extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding signature_algorithms extension")); - if( ssl->conf->sig_hashes == NULL ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (ssl->conf->sig_hashes == NULL) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { + for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) { #if defined(MBEDTLS_ECDSA_C) sig_alg_len += 2; #endif #if defined(MBEDTLS_RSA_C) sig_alg_len += 2; #endif - if( sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "length in bytes of sig-hash-alg extension too big" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (sig_alg_len > MBEDTLS_SSL_MAX_SIG_HASH_ALG_LIST_LEN) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("length in bytes of sig-hash-alg extension too big")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } } /* Empty signature algorithms list, this is a configuration error. */ - if( sig_alg_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (sig_alg_len == 0) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, sig_alg_len + 6 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, sig_alg_len + 6); /* * Prepare signature_algorithms extension (TLS 1.2) */ sig_alg_len = 0; - for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ ) - { + for (md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++) { #if defined(MBEDTLS_ECDSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md); sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA; #endif #if defined(MBEDTLS_RSA_C) - sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md ); + sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg(*md); sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA; #endif } @@ -284,28 +274,29 @@ static int ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl, * SignatureAndHashAlgorithm * supported_signature_algorithms<2..2^16-2>; */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SIG_ALG, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sig_alg_len + 2, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( sig_alg_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sig_alg_len, p, 0); p += 2; *olen = 6 + sig_alg_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_supported_elliptic_curves_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; unsigned char *elliptic_curve_list = p + 6; @@ -315,79 +306,78 @@ static int ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl, *olen = 0; - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding supported_elliptic_curves extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding supported_elliptic_curves extension")); - if( ssl->conf->curve_list == NULL ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (ssl->conf->curve_list == NULL) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - for( grp_id = ssl->conf->curve_list; + for (grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; - grp_id++ ) - { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - if( info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "invalid curve in ssl configuration" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + grp_id++) { + info = mbedtls_ecp_curve_info_from_grp_id(*grp_id); + if (info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("invalid curve in ssl configuration")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } elliptic_curve_len += 2; - if( elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "malformed supported_elliptic_curves extension in config" ) ); - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (elliptic_curve_len > MBEDTLS_SSL_MAX_CURVE_LIST_LEN) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("malformed supported_elliptic_curves extension in config")); + return MBEDTLS_ERR_SSL_BAD_CONFIG; } } /* Empty elliptic curve list, this is a configuration error. */ - if( elliptic_curve_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_CONFIG ); + if (elliptic_curve_len == 0) { + return MBEDTLS_ERR_SSL_BAD_CONFIG; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + elliptic_curve_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + elliptic_curve_len); elliptic_curve_len = 0; - for( grp_id = ssl->conf->curve_list; + for (grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; - grp_id++ ) - { - info = mbedtls_ecp_curve_info_from_grp_id( *grp_id ); - elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1( info->tls_id ); - elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0( info->tls_id ); + grp_id++) { + info = mbedtls_ecp_curve_info_from_grp_id(*grp_id); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_1(info->tls_id); + elliptic_curve_list[elliptic_curve_len++] = MBEDTLS_BYTE_0(info->tls_id); } - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( elliptic_curve_len + 2, p, 0 ); + MBEDTLS_PUT_UINT16_BE(elliptic_curve_len + 2, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( elliptic_curve_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(elliptic_curve_len, p, 0); p += 2; *olen = 6 + elliptic_curve_len; - return( 0 ); + return 0; } -static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; (void) ssl; /* ssl used for debugging only */ *olen = 0; - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding supported_point_formats extension" ) ); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding supported_point_formats extension")); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0); p += 2; *p++ = 0x00; @@ -398,16 +388,17 @@ static int ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, *olen = 6; - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; @@ -416,15 +407,16 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, *olen = 0; /* Skip costly extension if we can't use EC J-PAKE anyway */ - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return( 0 ); + if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding ecjpake_kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding ecjpake_kkpp extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0); p += 2; /* @@ -432,55 +424,51 @@ static int ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, * We don't want to compute fresh values every time (both for performance * and consistency reasons), so cache the extension content. */ - if( ssl->handshake->ecjpake_cache == NULL || - ssl->handshake->ecjpake_cache_len == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) ); - - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , - "mbedtls_ecjpake_write_round_one", ret ); - return( ret ); + if (ssl->handshake->ecjpake_cache == NULL || + ssl->handshake->ecjpake_cache_len == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("generating new ecjpake parameters")); + + ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, + "mbedtls_ecjpake_write_round_one", ret); + return ret; } - ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len ); - if( ssl->handshake->ecjpake_cache == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ssl->handshake->ecjpake_cache = mbedtls_calloc(1, kkpp_len); + if (ssl->handshake->ecjpake_cache == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("allocation failed")); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len ); + memcpy(ssl->handshake->ecjpake_cache, p + 2, kkpp_len); ssl->handshake->ecjpake_cache_len = kkpp_len; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("re-using cached ecjpake parameters")); kkpp_len = ssl->handshake->ecjpake_cache_len; - MBEDTLS_SSL_CHK_BUF_PTR( p + 2, end, kkpp_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p + 2, end, kkpp_len); - memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len ); + memcpy(p + 2, ssl->handshake->ecjpake_cache, kkpp_len); } - MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0); p += 2; *olen = kkpp_len + 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_cid_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t ext_len; @@ -492,55 +480,56 @@ static int ssl_write_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ + */ *olen = 0; - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { - return( 0 ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding CID extension")); /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX * which is at most 255, so the increment cannot overflow. */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, (unsigned)( ssl->own_cid_len + 5 ) ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, (unsigned) (ssl->own_cid_len + 5)); /* Add extension ID + size */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0); p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; *p++ = (uint8_t) ssl->own_cid_len; - memcpy( p, ssl->own_cid, ssl->own_cid_len ); + memcpy(p, ssl->own_cid, ssl->own_cid_len); *olen = ssl->own_cid_len + 5; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - return( 0 ); + if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding max_fragment_length extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 5 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 5); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0); p += 2; *p++ = 0x00; @@ -550,29 +539,31 @@ static int ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, *olen = 5; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - return( 0 ); + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding truncated_hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding truncated_hmac extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0); p += 2; *p++ = 0x00; @@ -580,30 +571,32 @@ static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - return( 0 ); + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding encrypt_then_mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding encrypt_then_mac extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0); p += 2; *p++ = 0x00; @@ -611,30 +604,32 @@ static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; *olen = 0; - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - return( 0 ); + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding extended_master_secret extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding extended_master_secret extension")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0); p += 2; *p++ = 0x00; @@ -642,57 +637,61 @@ static int ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, *olen = 4; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t tlen = ssl->session_negotiate->ticket_len; *olen = 0; - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ) - return( 0 ); + if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, adding session ticket extension")); /* The addition is safe here since the ticket length is 16 bit. */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 + tlen ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4 + tlen); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( tlen, p, 0 ); + MBEDTLS_PUT_UINT16_BE(tlen, p, 0); p += 2; *olen = 4; - if( ssl->session_negotiate->ticket == NULL || tlen == 0 ) - return( 0 ); + if (ssl->session_negotiate->ticket == NULL || tlen == 0) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("sending session ticket of length %" MBEDTLS_PRINTF_SIZET, tlen)); - memcpy( p, ssl->session_negotiate->ticket, tlen ); + memcpy(p, ssl->session_negotiate->ticket, tlen); *olen += tlen; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) -static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t alpnlen = 0; @@ -700,17 +699,19 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ssl->conf->alpn_list == NULL ) - return( 0 ); + if (ssl->conf->alpn_list == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding alpn extension")); - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - alpnlen += strlen( *cur ) + 1; + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { + alpnlen += strlen(*cur) + 1; + } - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 + alpnlen ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6 + alpnlen); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, p, 0); p += 2; /* @@ -724,34 +725,34 @@ static int ssl_write_alpn_ext( mbedtls_ssl_context *ssl, /* Skip writing extension and list length for now */ p += 4; - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - { + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { /* * mbedtls_ssl_conf_set_alpn_protocols() checked that the length of * protocol names is less than 255. */ - *p = (unsigned char)strlen( *cur ); - memcpy( p + 1, *cur, *p ); + *p = (unsigned char) strlen(*cur); + memcpy(p + 1, *cur, *p); p += 1 + *p; } *olen = p - buf; /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ - MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); + MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4); /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */ - MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) -static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *olen) { unsigned char *p = buf; size_t protection_profiles_index = 0, ext_len = 0; @@ -759,11 +760,10 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - { - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; } /* RFC 5764 section 4.1.1 @@ -775,28 +775,27 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * } UseSRTPData; * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>; */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } /* Extension length = 2 bytes for profiles length, * ssl->conf->dtls_srtp_profile_list_len * 2 (each profile is 2 bytes length ), * 1 byte for srtp_mki vector length and the mki_len value */ - ext_len = 2 + 2 * ( ssl->conf->dtls_srtp_profile_list_len ) + 1 + mki_len; + ext_len = 2 + 2 * (ssl->conf->dtls_srtp_profile_list_len) + 1 + mki_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, adding use_srtp extension")); /* Check there is room in the buffer for the extension + 4 bytes * - the extension tag (2 bytes) * - the extension length (2 bytes) */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, ext_len + 4); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_USE_SRTP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, p, 0); p += 2; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ @@ -808,47 +807,42 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * >> 8 ) & 0xFF ); */ *p++ = 0; - *p++ = MBEDTLS_BYTE_0( 2 * ssl->conf->dtls_srtp_profile_list_len ); + *p++ = MBEDTLS_BYTE_0(2 * ssl->conf->dtls_srtp_profile_list_len); - for( protection_profiles_index=0; + for (protection_profiles_index = 0; protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len; - protection_profiles_index++ ) - { + protection_profiles_index++) { profile_value = mbedtls_ssl_check_srtp_profile_value - ( ssl->conf->dtls_srtp_profile_list[protection_profiles_index] ); - if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x", - profile_value ) ); - MBEDTLS_PUT_UINT16_BE( profile_value, p, 0 ); + (ssl->conf->dtls_srtp_profile_list[protection_profiles_index]); + if (profile_value != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_write_use_srtp_ext, add profile: %04x", + profile_value)); + MBEDTLS_PUT_UINT16_BE(profile_value, p, 0); p += 2; - } - else - { + } else { /* * Note: we shall never arrive here as protection profiles * is checked by mbedtls_ssl_conf_dtls_srtp_protection_profiles function */ - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, " - "illegal DTLS-SRTP protection profile %d", - ssl->conf->dtls_srtp_profile_list[protection_profiles_index] - ) ); - return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, " + "illegal DTLS-SRTP protection profile %d", + ssl->conf->dtls_srtp_profile_list[protection_profiles_index] + )); + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } } *p++ = mki_len & 0xFF; - if( mki_len != 0 ) - { - memcpy( p, ssl->dtls_srtp_info.mki_value, mki_len ); + if (mki_len != 0) { + memcpy(p, ssl->dtls_srtp_info.mki_value, mki_len); /* * Increment p to point to the current position. */ p += mki_len; - MBEDTLS_SSL_DEBUG_BUF( 3, "sending mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "sending mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } /* @@ -861,14 +855,15 @@ static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, */ *olen = p - buf; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ /* * Generate random bytes for ClientHello */ -static int ssl_generate_random( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_generate_random(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = ssl->handshake->randbytes; @@ -880,31 +875,32 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie != NULL ) - { - return( 0 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie != NULL) { + return 0; } #endif #if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + t = mbedtls_time(NULL); + MBEDTLS_PUT_UINT32_BE(t, p, 0); p += 4; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, - (long long) t ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, current time: %" MBEDTLS_PRINTF_LONGLONG, + (long long) t)); #else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) { + return ret; + } p += 4; #endif /* MBEDTLS_HAVE_TIME */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) { + return ret; + } - return( 0 ); + return 0; } /** @@ -917,50 +913,56 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) * * \return 0 if valid, else 1 */ +MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_validate_ciphersuite( - const mbedtls_ssl_ciphersuite_t * suite_info, - const mbedtls_ssl_context * ssl, - int min_minor_ver, int max_minor_ver ) + const mbedtls_ssl_ciphersuite_t *suite_info, + const mbedtls_ssl_context *ssl, + int min_minor_ver, int max_minor_ver) { (void) ssl; - if( suite_info == NULL ) - return( 1 ); + if (suite_info == NULL) { + return 1; + } - if( suite_info->min_minor_ver > max_minor_ver || - suite_info->max_minor_ver < min_minor_ver ) - return( 1 ); + if (suite_info->min_minor_ver > max_minor_ver || + suite_info->max_minor_ver < min_minor_ver) { + return 1; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) { + return 1; + } #endif #if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - return( 1 ); + if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + return 1; + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - return( 1 ); + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + return 1; + } #endif /* Don't suggest PSK-based ciphersuite if no PSK is available. */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { - return( 1 ); + if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) && + ssl_conf_has_static_psk(ssl->conf) == 0) { + return 1; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ - return( 0 ); + return 0; } -static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_client_hello(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, olen, ext_len = 0; @@ -977,27 +979,29 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) int uses_ec = 0; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client hello")); - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); + if (ssl->conf->f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided")); + return MBEDTLS_ERR_SSL_NO_RNG; } + int renegotiating = 0; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + renegotiating = 1; + } #endif - { + if (!renegotiating) { ssl->major_ver = ssl->conf->min_major_ver; ssl->minor_ver = ssl->conf->min_minor_ver; } - if( ssl->conf->max_major_ver == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->max_major_ver == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "configured max major version is invalid, consider using mbedtls_ssl_config_defaults()")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } buf = ssl->out_msg; @@ -1011,7 +1015,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * Use static upper bounds instead of the actual values * to allow the compiler to optimize this away. */ - MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 38 + 1 + 32 ); + MBEDTLS_SSL_CHK_BUF_PTR(buf, end, 38 + 1 + 32); /* * The 38 first bytes of the ClientHello: @@ -1027,22 +1031,21 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ p = buf + 4; - mbedtls_ssl_write_version( ssl->conf->max_major_ver, - ssl->conf->max_minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->conf->max_major_ver, + ssl->conf->max_minor_ver, + ssl->conf->transport, p); p += 2; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", - buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, max version: [%d:%d]", + buf[4], buf[5])); - if( ( ret = ssl_generate_random( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret ); - return( ret ); + if ((ret = ssl_generate_random(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_generate_random", ret); + return ret; } - memcpy( p, ssl->handshake->randbytes, 32 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 ); + memcpy(p, ssl->handshake->randbytes, 32); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", p, 32); p += 32; /* @@ -1059,12 +1062,11 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ n = ssl->session_negotiate->id_len; - if( n < 16 || n > 32 || + if (n < 16 || n > 32 || #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif - ssl->handshake->resume == 0 ) - { + ssl->handshake->resume == 0) { n = 0; } @@ -1073,18 +1075,15 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * RFC 5077 section 3.4: "When presenting a ticket, the client MAY * generate and include a Session ID in the TLS ClientHello." */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - if( ssl->session_negotiate->ticket != NULL && - ssl->session_negotiate->ticket_len != 0 ) - { - ret = ssl->conf->f_rng( ssl->conf->p_rng, - ssl->session_negotiate->id, 32 ); - - if( ret != 0 ) - return( ret ); + if (!renegotiating) { + if (ssl->session_negotiate->ticket != NULL && + ssl->session_negotiate->ticket_len != 0) { + ret = ssl->conf->f_rng(ssl->conf->p_rng, + ssl->session_negotiate->id, 32); + + if (ret != 0) { + return ret; + } ssl->session_negotiate->id_len = n = 32; } @@ -1099,11 +1098,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) */ *p++ = (unsigned char) n; - for( i = 0; i < n; i++ ) + for (i = 0; i < n; i++) { *p++ = ssl->session_negotiate->id[i]; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", buf + 39, n); /* * With 'n' being the length of the session identifier @@ -1122,27 +1122,23 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * DTLS cookie */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 1); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) ); + if (ssl->handshake->verify_cookie == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("no verify cookie to send")); *p++ = 0; - } - else - { - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); + } else { + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie", + ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len); *p++ = ssl->handshake->verify_cookie_len; - MBEDTLS_SSL_CHK_BUF_PTR( p, end, - ssl->handshake->verify_cookie_len ); - memcpy( p, ssl->handshake->verify_cookie, - ssl->handshake->verify_cookie_len ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, + ssl->handshake->verify_cookie_len); + memcpy(p, ssl->handshake->verify_cookie, + ssl->handshake->verify_cookie_len); p += ssl->handshake->verify_cookie_len; } } @@ -1157,65 +1153,62 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) n = 0; q = p; - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); p += 2; - for( i = 0; ciphersuites[i] != 0; i++ ) - { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); + for (i = 0; ciphersuites[i] != 0; i++) { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuites[i]); - if( ssl_validate_ciphersuite( ciphersuite_info, ssl, - ssl->conf->min_minor_ver, - ssl->conf->max_minor_ver ) != 0 ) + if (ssl_validate_ciphersuite(ciphersuite_info, ssl, + ssl->conf->min_minor_ver, + ssl->conf->max_minor_ver) != 0) { continue; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %#04x (%s)", - (unsigned int)ciphersuites[i], ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, add ciphersuite: %#04x (%s)", + (unsigned int) ciphersuites[i], ciphersuite_info->name)); #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info ); + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + uses_ec |= mbedtls_ssl_ciphersuite_uses_ec(ciphersuite_info); #endif - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); n++; - MBEDTLS_PUT_UINT16_BE( ciphersuites[i], p, 0 ); + MBEDTLS_PUT_UINT16_BE(ciphersuites[i], p, 0); p += 2; } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites (excluding SCSVs)", n ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("client hello, got %" MBEDTLS_PRINTF_SIZET + " ciphersuites (excluding SCSVs)", n)); /* * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) -#endif - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) ); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0 ); + if (!renegotiating) { + MBEDTLS_SSL_DEBUG_MSG(3, ("adding EMPTY_RENEGOTIATION_INFO_SCSV")); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO, p, 0); p += 2; n++; } /* Some versions of OpenSSL don't handle it correctly if not at end */ #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); + if (ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK) { + MBEDTLS_SSL_DEBUG_MSG(3, ("adding FALLBACK_SCSV")); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_FALLBACK_SCSV_VALUE, p, 0); p += 2; n++; } #endif - *q++ = (unsigned char)( n >> 7 ); - *q++ = (unsigned char)( n << 1 ); + *q++ = (unsigned char) (n >> 7); + *q++ = (unsigned char) (n << 1); #if defined(MBEDTLS_ZLIB_SUPPORT) offer_compress = 1; @@ -1230,43 +1223,40 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) * an actual need for it. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { offer_compress = 0; + } #endif - if( offer_compress ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", - MBEDTLS_SSL_COMPRESS_DEFLATE, - MBEDTLS_SSL_COMPRESS_NULL ) ); + if (offer_compress) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 2)); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d %d", + MBEDTLS_SSL_COMPRESS_DEFLATE, + MBEDTLS_SSL_COMPRESS_NULL)); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 3); *p++ = 2; *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE; *p++ = MBEDTLS_SSL_COMPRESS_NULL; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", - MBEDTLS_SSL_COMPRESS_NULL ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress len.: %d", 1)); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, compress alg.: %d", + MBEDTLS_SSL_COMPRESS_NULL)); - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); *p++ = 1; *p++ = MBEDTLS_SSL_COMPRESS_NULL; } /* First write extensions, then the total length */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ( ret = ssl_write_hostname_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_hostname_ext", ret ); - return( ret ); + if ((ret = ssl_write_hostname_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_hostname_ext", ret); + return ret; } ext_len += olen; #endif @@ -1274,133 +1264,119 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ( ret = ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_renegotiation_ext", ret ); - return( ret ); + if ((ret = ssl_write_renegotiation_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_renegotiation_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ( ret = ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_signature_algorithms_ext", ret ); - return( ret ); + if ((ret = ssl_write_signature_algorithms_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_signature_algorithms_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( uses_ec ) - { - if( ( ret = ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_elliptic_curves_ext", ret ); - return( ret ); + if (uses_ec) { + if ((ret = ssl_write_supported_elliptic_curves_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_elliptic_curves_ext", ret); + return ret; } ext_len += olen; - if( ( ret = ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_supported_point_formats_ext", ret ); - return( ret ); + if ((ret = ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_supported_point_formats_ext", ret); + return ret; } ext_len += olen; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ( ret = ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_ecjpake_kkpp_ext", ret ); - return( ret ); + if ((ret = ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_ecjpake_kkpp_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( ( ret = ssl_write_cid_ext( ssl, p + 2 + ext_len, end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_cid_ext", ret ); - return( ret ); + if ((ret = ssl_write_cid_ext(ssl, p + 2 + ext_len, end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_cid_ext", ret); + return ret; } ext_len += olen; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_max_fragment_length_ext", ret ); - return( ret ); + if ((ret = ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_max_fragment_length_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( ( ret = ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_truncated_hmac_ext", ret ); - return( ret ); + if ((ret = ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_truncated_hmac_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( ( ret = ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_encrypt_then_mac_ext", ret ); - return( ret ); + if ((ret = ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_encrypt_then_mac_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( ( ret = ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_extended_ms_ext", ret ); - return( ret ); + if ((ret = ssl_write_extended_ms_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_extended_ms_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_ALPN) - if( ( ret = ssl_write_alpn_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_alpn_ext", ret ); - return( ret ); + if ((ret = ssl_write_alpn_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_alpn_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - if( ( ret = ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_use_srtp_ext", ret ); - return( ret ); + if ((ret = ssl_write_use_srtp_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_use_srtp_ext", ret); + return ret; } ext_len += olen; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ( ret = ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, - end, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_session_ticket_ext", ret ); - return( ret ); + if ((ret = ssl_write_session_ticket_ext(ssl, p + 2 + ext_len, + end, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_session_ticket_ext", ret); + return ret; } ext_len += olen; #endif @@ -1408,14 +1384,13 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* olen unused if all extensions are disabled */ ((void) olen); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET, - ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - if( ext_len > 0 ) - { + if (ext_len > 0) { /* No need to check for space here, because the extension * writing functions already took care of that. */ - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2 + ext_len; } @@ -1426,353 +1401,343 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello")); - return( 0 ); + return 0; } -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len * 2 || + if (len != 1 + ssl->verify_data_len * 2 || buf[0] != ssl->verify_data_len * 2 || - mbedtls_ct_memcmp( buf + 1, - ssl->own_verify_data, ssl->verify_data_len ) != 0 || - mbedtls_ct_memcmp( buf + 1 + ssl->verify_data_len, - ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); + mbedtls_ct_memcmp(buf + 1, + ssl->own_verify_data, ssl->verify_data_len) != 0 || + mbedtls_ct_memcmp(buf + 1 + ssl->verify_data_len, + ssl->peer_verify_data, ssl->verify_data_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { - if( len != 1 || buf[0] != 0x00 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-zero length renegotiation info" ) ); + if (len != 1 || buf[0] != 0x00) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-zero length renegotiation info")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { /* * server should use the extension only if we did, * and if so the server's value should match ours (and len is always 1) */ - if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || + if (ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE || len != 1 || - buf[0] != ssl->conf->mfl_code ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching max fragment length extension" ) ); + buf[0] != ssl->conf->mfl_code) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching max fragment length extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching truncated HMAC extension" ) ); + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED || + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching truncated HMAC extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t peer_cid_len; - if( /* CID extension only makes sense in DTLS */ + if ( /* CID extension only makes sense in DTLS */ ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || /* The server must only send the CID extension if we have offered it. */ - ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension unexpected")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( len == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } peer_cid_len = *buf++; len--; - if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( len != peer_cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len != peer_cid_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("CID extension invalid")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; - memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Server CID", buf, peer_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated")); + MBEDTLS_SSL_DEBUG_BUF(3, "Server CID", buf, peer_cid_len); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching encrypt-then-MAC extension" ) ); + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching encrypt-then-MAC extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching extended master secret extension" ) ); + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching extended master secret extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || - len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-matching session ticket extension" ) ); + if (ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED || + len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-matching session ticket extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ((void) buf); ssl->handshake->new_session_ticket = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size; const unsigned char *p; - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len == 0 || (size_t) (buf[0] + 1) != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } list_size = buf[0]; p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { + while (list_size > 0) { + if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED) { #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) ssl->handshake->ecjpake_ctx.point_format = p[0]; #endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0])); + return 0; } list_size--; p++; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("no point format in common")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl->handshake->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); + if (ssl->handshake->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension")); + return 0; } /* If we got here, we no longer need our cached extension */ - mbedtls_free( ssl->handshake->ecjpake_cache ); + mbedtls_free(ssl->handshake->ecjpake_cache); ssl->handshake->ecjpake_cache = NULL; ssl->handshake->ecjpake_cache_len = 0; - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); + if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx, + buf, len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { size_t list_len, name_len; const char **p; /* If we didn't send it, the server shouldn't send it */ - if( ssl->conf->alpn_list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) ); + if (ssl->conf->alpn_list == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching ALPN extension")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -1786,61 +1751,58 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len < 4) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + list_len = (buf[0] << 8) | buf[1]; + if (list_len != len - 2) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } name_len = buf[2]; - if( name_len != list_len - 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (name_len != list_len - 1) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* Check that the server chosen protocol was in our list and save it */ - for( p = ssl->conf->alpn_list; *p != NULL; p++ ) - { - if( name_len == strlen( *p ) && - memcmp( buf + 3, *p, name_len ) == 0 ) - { + for (p = ssl->conf->alpn_list; *p != NULL; p++) { + if (name_len == strlen(*p) && + memcmp(buf + 3, *p, name_len) == 0) { ssl->alpn_chosen = *p; - return( 0 ); + return 0; } } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("ALPN extension: no matching protocol")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) -static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { mbedtls_ssl_srtp_profile server_protection = MBEDTLS_TLS_SRTP_UNSET; size_t i, mki_len = 0; uint16_t server_protection_profile_value = 0; /* If use_srtp is not configured, just ignore the extension */ - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; + } /* RFC 5764 section 4.1.1 * uint8 SRTPProtectionProfile[2]; @@ -1853,8 +1815,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>; * */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } @@ -1864,8 +1825,9 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * + mki_len(1 byte) * and optional srtp_mki */ - if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((len < 5) || (len != (buf[4] + 5u))) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } /* * get the server protection profile @@ -1875,17 +1837,17 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * protection profile length must be 0x0002 as we must have only * one protection profile in server Hello */ - if( ( buf[0] != 0 ) || ( buf[1] != 2 ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((buf[0] != 0) || (buf[1] != 2)) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } - server_protection_profile_value = ( buf[2] << 8 ) | buf[3]; + server_protection_profile_value = (buf[2] << 8) | buf[3]; server_protection = mbedtls_ssl_check_srtp_profile_value( - server_protection_profile_value ); - if( server_protection != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - server_protection ) ) ); + server_protection_profile_value); + if (server_protection != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + server_protection))); } ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; @@ -1893,30 +1855,26 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, /* * Check we have the server profile in our list */ - for( i=0; i < ssl->conf->dtls_srtp_profile_list_len; i++) - { - if( server_protection == ssl->conf->dtls_srtp_profile_list[i] ) - { + for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) { + if (server_protection == ssl->conf->dtls_srtp_profile_list[i]) { ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s", + MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s", mbedtls_ssl_get_srtp_profile_as_string( - server_protection ) ) ); + server_protection))); break; } } /* If no match was found : server problem, it shall never answer with incompatible profile */ - if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* If server does not use mki in its reply, make sure the client won't keep * one as negotiated */ - if( len == 5 ) - { + if (len == 5) { ssl->dtls_srtp_info.mki_len = 0; } @@ -1926,21 +1884,19 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * that is different than the one the client offered, then the client * MUST abort the handshake and SHOULD send an invalid_parameter alert. */ - if( len > 5 && ( buf[4] != mki_len || - ( memcmp( ssl->dtls_srtp_info.mki_value, &buf[5], mki_len ) ) ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (len > 5 && (buf[4] != mki_len || + (memcmp(ssl->dtls_srtp_info.mki_value, &buf[5], mki_len)))) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } -#if defined (MBEDTLS_DEBUG_C) - if( len > 5 ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "received mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); +#if defined(MBEDTLS_DEBUG_C) + if (len > 5) { + MBEDTLS_SSL_DEBUG_BUF(3, "received mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } #endif - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ @@ -1948,25 +1904,25 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * Parse HelloVerifyRequest. Only called after verifying the HS type. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl) { - const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); int major_ver, minor_ver; unsigned char cookie_len; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse hello verify request")); /* Check that there is enough room for: * - 2 bytes of version * - 1 byte of cookie_len */ - if( mbedtls_ssl_hs_hdr_len( ssl ) + 3 > ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "incoming HelloVerifyRequest message is too short" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (mbedtls_ssl_hs_hdr_len(ssl) + 3 > ssl->in_msglen) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("incoming HelloVerifyRequest message is too short")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -1975,146 +1931,159 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) * opaque cookie<0..2^8-1>; * } HelloVerifyRequest; */ - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); - mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); + MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2); + mbedtls_ssl_read_version(&major_ver, &minor_ver, ssl->conf->transport, p); p += 2; /* * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) * even is lower than our min version. */ - if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || + if (major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || major_ver > ssl->conf->max_major_ver || - minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); + minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server version")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } cookie_len = *p++; - if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "cookie length does not match incoming message size" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if ((ssl->in_msg + ssl->in_msglen) - p < cookie_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("cookie length does not match incoming message size")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "cookie", p, cookie_len); - mbedtls_free( ssl->handshake->verify_cookie ); + mbedtls_free(ssl->handshake->verify_cookie); - ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len ); - if( ssl->handshake->verify_cookie == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ssl->handshake->verify_cookie = mbedtls_calloc(1, cookie_len); + if (ssl->handshake->verify_cookie == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc failed (%d bytes)", cookie_len)); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ssl->handshake->verify_cookie, p, cookie_len ); + memcpy(ssl->handshake->verify_cookie, p, cookie_len); ssl->handshake->verify_cookie_len = cookie_len; /* Start over at ClientHello */ ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - mbedtls_ssl_reset_checksum( ssl ); + mbedtls_ssl_reset_checksum(ssl); - mbedtls_ssl_recv_flight_completed( ssl ); + mbedtls_ssl_recv_flight_completed(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse hello verify request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) +static int is_compression_bad(mbedtls_ssl_context *ssl, unsigned char comp) +{ + int bad_comp = 0; + + /* Suppress warnings in some configurations */ + (void) ssl; +#if defined(MBEDTLS_ZLIB_SUPPORT) + /* See comments in ssl_write_client_hello() */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + comp != MBEDTLS_SSL_COMPRESS_NULL) { + bad_comp = 1; + } +#endif + + if (comp != MBEDTLS_SSL_COMPRESS_NULL && + comp != MBEDTLS_SSL_COMPRESS_DEFLATE) { + bad_comp = 1; + } +#else /* MBEDTLS_ZLIB_SUPPORT */ + if (comp != MBEDTLS_SSL_COMPRESS_NULL) { + bad_comp = 1; + } +#endif /* MBEDTLS_ZLIB_SUPPORT */ + return bad_comp; +} + +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) { int ret, i; size_t n; size_t ext_len; unsigned char *buf, *ext; unsigned char comp; -#if defined(MBEDTLS_ZLIB_SUPPORT) - int accept_comp; -#endif #if defined(MBEDTLS_SSL_RENEGOTIATION) int renegotiation_info_seen = 0; #endif int handshake_failure = 0; const mbedtls_ssl_ciphersuite_t *suite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } buf = ssl->in_msg; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { ssl->renego_records_seen++; - if( ssl->conf->renego_max_records >= 0 && - ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation requested, but not honored by server" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->conf->renego_max_records >= 0 && + ssl->renego_records_seen > ssl->conf->renego_max_records) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation requested, but not honored by server")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "non-handshake message during renegotiation" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, + ("non-handshake message during renegotiation")); ssl->keep_current_message = 1; - return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); + return MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); - return( ssl_parse_hello_verify_request( ssl ) ); - } - else - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received hello verify request")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello")); + return ssl_parse_hello_verify_request(ssl); + } else { /* We made it through the verification process */ - mbedtls_free( ssl->handshake->verify_cookie ); + mbedtls_free(ssl->handshake->verify_cookie); ssl->handshake->verify_cookie = NULL; ssl->handshake->verify_cookie_len = 0; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) || - buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len(ssl) || + buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* @@ -2128,472 +2097,433 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) * 38+n . 39+n extensions length (optional) * 40+n . .. extensions */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); + buf += mbedtls_ssl_hs_hdr_len(ssl); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf + 0 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, version", buf + 0, 2); + mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf + 0); - if( ssl->major_ver < ssl->conf->min_major_ver || + if (ssl->major_ver < ssl->conf->min_major_ver || ssl->minor_ver < ssl->conf->min_minor_ver || ssl->major_ver > ssl->conf->max_major_ver || - ssl->minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server version out of bounds - min: [%d:%d], server: [%d:%d], max: [%d:%d]", - ssl->conf->min_major_ver, - ssl->conf->min_minor_ver, - ssl->major_ver, ssl->minor_ver, - ssl->conf->max_major_ver, - ssl->conf->max_minor_ver ) ); + ssl->minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "server version out of bounds - min: [%d:%d], server: [%d:%d], max: [%d:%d]", + ssl->conf->min_major_ver, + ssl->conf->min_minor_ver, + ssl->major_ver, ssl->minor_ver, + ssl->conf->max_major_ver, + ssl->conf->max_minor_ver)); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", - ( (unsigned long) buf[2] << 24 ) | - ( (unsigned long) buf[3] << 16 ) | - ( (unsigned long) buf[4] << 8 ) | - ( (unsigned long) buf[5] ) ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %lu", + ((unsigned long) buf[2] << 24) | + ((unsigned long) buf[3] << 16) | + ((unsigned long) buf[4] << 8) | + ((unsigned long) buf[5]))); - memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 ); + memcpy(ssl->handshake->randbytes + 32, buf + 2, 32); n = buf[34]; - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 2, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, random bytes", buf + 2, 32); - if( n > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (n > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) - { - ext_len = ( ( buf[38 + n] << 8 ) - | ( buf[39 + n] ) ); + if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) { + ext_len = ((buf[38 + n] << 8) + | (buf[39 + n])); - if( ( ext_len > 0 && ext_len < 4 ) || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + if ((ext_len > 0 && ext_len < 4) || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - } - else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) - { + } else if (ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl) + 38 + n) { ext_len = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } /* ciphersuite (used later) */ - i = ( buf[35 + n] << 8 ) | buf[36 + n]; + i = (buf[35 + n] << 8) | buf[36 + n]; /* * Read and check compression */ comp = buf[37 + n]; -#if defined(MBEDTLS_ZLIB_SUPPORT) - /* See comments in ssl_write_client_hello() */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - accept_comp = 0; - else -#endif - accept_comp = 1; - - if( comp != MBEDTLS_SSL_COMPRESS_NULL && - ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) ) -#else /* MBEDTLS_ZLIB_SUPPORT */ - if( comp != MBEDTLS_SSL_COMPRESS_NULL ) -#endif/* MBEDTLS_ZLIB_SUPPORT */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server hello, bad compression: %d", comp ) ); + if (is_compression_bad(ssl, comp)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server hello, bad compression: %d", comp)); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } /* * Initialize update checksum functions */ - ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - if( ssl->handshake->ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "ciphersuite info for %04x not found", (unsigned int)i ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(i); + if (ssl->handshake->ciphersuite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("ciphersuite info for %04x not found", (unsigned int) i)); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info ); + mbedtls_ssl_optimize_checksum(ssl, ssl->handshake->ciphersuite_info); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, session id", buf + 35, n); /* * Check if the session can be resumed */ - if( ssl->handshake->resume == 0 || n == 0 || + if (ssl->handshake->resume == 0 || n == 0 || #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE || #endif ssl->session_negotiate->ciphersuite != i || ssl->session_negotiate->compression != comp || ssl->session_negotiate->id_len != n || - memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) - { + memcmp(ssl->session_negotiate->id, buf + 35, n) != 0) { ssl->state++; ssl->handshake->resume = 0; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->compression = comp; ssl->session_negotiate->id_len = n; - memcpy( ssl->session_negotiate->id, buf + 35, n ); - } - else - { + memcpy(ssl->session_negotiate->id, buf + 35, n); + } else { ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - mbedtls_ssl_send_alert_message( - ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( ret ); - } } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed", + ssl->handshake->resume ? "a" : "no")); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", (unsigned) i ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", - buf[37 + n] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %04x", (unsigned) i)); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: %d", + buf[37 + n])); /* * Perform cipher suite validation in same way as in ssl_write_client_hello. */ i = 0; - while( 1 ) - { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + while (1) { + if (ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { + if (ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == + ssl->session_negotiate->ciphersuite) { break; } } suite_info = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ); - if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver, - ssl->minor_ver ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + ssl->session_negotiate->ciphersuite); + if (ssl_validate_ciphersuite(suite_info, ssl, ssl->minor_ver, + ssl->minor_ver) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, + ("server hello, chosen ciphersuite: %s", suite_info->name)); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { ssl->handshake->ecrs_enabled = 1; } #endif - if( comp != MBEDTLS_SSL_COMPRESS_NULL + if (comp != MBEDTLS_SSL_COMPRESS_NULL #if defined(MBEDTLS_ZLIB_SUPPORT) && comp != MBEDTLS_SSL_COMPRESS_DEFLATE #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } ssl->session_negotiate->compression = comp; ext = buf + 40 + n; - MBEDTLS_SSL_DEBUG_MSG( 2, - ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - while( ext_len ) - { - unsigned int ext_id = ( ( ext[0] << 8 ) - | ( ext[1] ) ); - unsigned int ext_size = ( ( ext[2] << 8 ) - | ( ext[3] ) ); + while (ext_len) { + unsigned int ext_id = ((ext[0] << 8) + | (ext[1])); + unsigned int ext_size = ((ext[2] << 8) + | (ext[3])); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + if (ext_size + 4 > ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - switch( ext_id ) - { - case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + switch (ext_id) { + case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: + MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - renegotiation_info_seen = 1; + renegotiation_info_seen = 1; #endif - if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, - ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_renegotiation_info(ssl, ext + 4, + ext_size)) != 0) { + return ret; + } - break; + break; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found max_fragment_length extension" ) ); - - if( ( ret = ssl_parse_max_fragment_length_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found max_fragment_length extension")); - break; + if ((ret = ssl_parse_max_fragment_length_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); + case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: + MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated_hmac extension")); - if( ( ret = ssl_parse_truncated_hmac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_truncated_hmac_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - case MBEDTLS_TLS_EXT_CID: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); - - if( ( ret = ssl_parse_cid_ext( ssl, - ext + 4, - ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_CID: + MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension")); - break; + if ((ret = ssl_parse_cid_ext(ssl, + ext + 4, + ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); + case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: + MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt_then_mac extension")); - if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_encrypt_then_mac_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found extended_master_secret extension" ) ); - - if( ( ret = ssl_parse_extended_ms_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found extended_master_secret extension")); - break; + if ((ret = ssl_parse_extended_ms_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) ); + case MBEDTLS_TLS_EXT_SESSION_TICKET: + MBEDTLS_SSL_DEBUG_MSG(3, ("found session_ticket extension")); - if( ( ret = ssl_parse_session_ticket_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_session_ticket_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "found supported_point_formats extension" ) ); - - if( ( ret = ssl_parse_supported_point_formats_ext( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: + MBEDTLS_SSL_DEBUG_MSG(3, + ("found supported_point_formats extension")); - break; + if ((ret = ssl_parse_supported_point_formats_ext(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } + + break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) ); + case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: + MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake_kkpp extension")); - if( ( ret = ssl_parse_ecjpake_kkpp( ssl, - ext + 4, ext_size ) ) != 0 ) - { - return( ret ); - } + if ((ret = ssl_parse_ecjpake_kkpp(ssl, + ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_ALPN) - case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension")); - if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - case MBEDTLS_TLS_EXT_USE_SRTP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) ); + case MBEDTLS_TLS_EXT_USE_SRTP: + MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension")); - if( ( ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ) ) != 0 ) - return( ret ); + if ((ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size)) != 0) { + return ret; + } - break; + break; #endif /* MBEDTLS_SSL_DTLS_SRTP */ - default: - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "unknown extension found: %u (ignoring)", ext_id ) ); + default: + MBEDTLS_SSL_DEBUG_MSG(3, + ("unknown extension found: %u (ignoring)", ext_id)); } ext_len -= 4 + ext_size; ext += 4 + ext_size; - if( ext_len > 0 && ext_len < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + if (ext_len > 0 && ext_len < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; + } + } + + /* + * mbedtls_ssl_derive_keys() has to be called after the parsing of the + * extensions. It sets the transform data for the resumed session which in + * case of DTLS includes the server CID extracted from the CID extension. + */ + if (ssl->handshake->resume) { + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + mbedtls_ssl_send_alert_message( + ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return ret; } } /* * Renegotiation security checks */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "legacy renegotiation, breaking off handshake" ) ); + MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("legacy renegotiation, breaking off handshake")); handshake_failure = 1; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation_info extension missing (secure)" ) ); + renegotiation_info_seen == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation_info extension missing (secure)")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "renegotiation_info extension present (legacy)" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("renegotiation_info extension present (legacy)")); handshake_failure = 1; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - if( handshake_failure == 1 ) - { + if (handshake_failure == 1) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello")); - return( 0 ); + return 0; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_dh_params(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t dhm_actual_bitlen; @@ -2607,27 +2537,25 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, - p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret ); - return( ret ); + if ((ret = mbedtls_dhm_read_params(&ssl->handshake->dhm_ctx, + p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(2, ("mbedtls_dhm_read_params"), ret); + return ret; } - dhm_actual_bitlen = mbedtls_mpi_bitlen( &ssl->handshake->dhm_ctx.P ); - if( dhm_actual_bitlen < ssl->conf->dhm_min_bitlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", - dhm_actual_bitlen, - ssl->conf->dhm_min_bitlen ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + dhm_actual_bitlen = mbedtls_mpi_bitlen(&ssl->handshake->dhm_ctx.P); + if (dhm_actual_bitlen < ssl->conf->dhm_min_bitlen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", + dhm_actual_bitlen, + ssl->conf->dhm_min_bitlen)); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -2637,7 +2565,8 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_server_ecdh_params(const mbedtls_ssl_context *ssl) { const mbedtls_ecp_curve_info *curve_info; mbedtls_ecp_group_id grp_id; @@ -2645,29 +2574,31 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) grp_id = ssl->handshake->ecdh_ctx.grp.id; #else grp_id = ssl->handshake->ecdh_ctx.grp_id; -#endif +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ - curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); - if( curve_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + curve_info = mbedtls_ecp_curve_info_from_grp_id(grp_id); + if (curve_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH curve: %s", curve_info->name)); #if defined(MBEDTLS_ECP_C) - if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) + if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { + return -1; + } #else - if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || - ssl->handshake->ecdh_ctx.grp.nbits > 521 ) -#endif - return( -1 ); + if (ssl->handshake->ecdh_ctx.grp.nbits < 163 || + ssl->handshake->ecdh_ctx.grp.nbits > 521) { + return -1; + } +#endif /* MBEDTLS_ECP_C */ - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || @@ -2676,11 +2607,12 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) -static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_ecdh_params_psa(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { uint16_t tls_id; size_t ecdh_bits = 0; @@ -2691,26 +2623,33 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, * Parse ECC group */ - if( end - *p < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - *p < 4) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* First byte is curve_type; only named_curve is handled */ - if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (*(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; tls_id <<= 8; tls_id |= *(*p)++; + /* Check it's a curve we offered */ + if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } + /* Convert EC group to PSA key type. */ - if( ( handshake->ecdh_psa_type = - mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((handshake->ecdh_psa_type = + mbedtls_psa_parse_tls_ecc_group(tls_id, &ecdh_bits)) == 0) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } + if (ecdh_bits > 0xffff) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - if( ecdh_bits > 0xffff ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); handshake->ecdh_bits = (uint16_t) ecdh_bits; /* @@ -2718,20 +2657,20 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, */ ecpoint_len = *(*p)++; - if( (size_t)( end - *p ) < ecpoint_len ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - - if( mbedtls_psa_tls_ecpoint_to_psa_ec( - *p, ecpoint_len, - handshake->ecdh_psa_peerkey, - sizeof( handshake->ecdh_psa_peerkey ), - &handshake->ecdh_psa_peerkey_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if ((size_t) (end - *p) < ecpoint_len) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } + + if (mbedtls_psa_tls_ecpoint_to_psa_ec( + *p, ecpoint_len, + handshake->ecdh_psa_peerkey, + sizeof(handshake->ecdh_psa_peerkey), + &handshake->ecdh_psa_peerkey_len) != 0) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } *p += ecpoint_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -2740,9 +2679,10 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -2754,34 +2694,34 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, * ECPoint public; * } ServerECDHParams; */ - if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx, - (const unsigned char **) p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); + if ((ret = mbedtls_ecdh_read_params(&ssl->handshake->ecdh_ctx, + (const unsigned char **) p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_read_params"), ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (ssl_check_server_ecdh_params(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (ECDHE curve)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_psk_hint(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; uint16_t len; @@ -2792,31 +2732,29 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, * * opaque psk_identity_hint<0..2^16-1>; */ - if( end - (*p) < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - (*p) < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (psk_identity_hint length)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } len = (*p)[0] << 8 | (*p)[1]; *p += 2; - if( end - (*p) < len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (end - (*p) < len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message (psk_identity_hint length)")); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* - * Note: we currently ignore the PKS identity hint, as we only allow one - * PSK to be provisionned on the client. This could be changed later if + * Note: we currently ignore the PSK identity hint, as we only allow one + * PSK to be provisioned on the client. This could be changed later if * someone needs that feature. */ *p += len; ret = 0; - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -2825,19 +2763,19 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, /* * Generate a pre-master secret and encrypt it with the server's RSA key */ -static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, - size_t offset, size_t *olen, - size_t pms_offset ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_encrypted_pms(mbedtls_ssl_context *ssl, + size_t offset, size_t *olen, + size_t pms_offset) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2; unsigned char *p = ssl->handshake->premaster + pms_offset; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; - if( offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (offset + len_bytes > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small for encrypted pms")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* @@ -2847,14 +2785,13 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, * opaque random[46]; * } PreMasterSecret; */ - mbedtls_ssl_write_version( ssl->conf->max_major_ver, - ssl->conf->max_minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->conf->max_major_ver, + ssl->conf->max_minor_ver, + ssl->conf->transport, p); - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret ); - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p + 2, 46)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "f_rng", ret); + return ret; } ssl->handshake->pmslen = 48; @@ -2862,11 +2799,10 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -2874,36 +2810,33 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, /* * Now write it out, encrypted */ - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_RSA)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("certificate key type mismatch")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - if( ( ret = mbedtls_pk_encrypt( peer_pk, - p, ssl->handshake->pmslen, - ssl->out_msg + offset + len_bytes, olen, - MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret ); - return( ret ); + if ((ret = mbedtls_pk_encrypt(peer_pk, + p, ssl->handshake->pmslen, + ssl->out_msg + offset + len_bytes, olen, + MBEDTLS_SSL_OUT_CONTENT_LEN - offset - len_bytes, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_rsa_pkcs1_encrypt", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( len_bytes == 2 ) - { - MBEDTLS_PUT_UINT16_BE( *olen, ssl->out_msg, offset ); + if (len_bytes == 2) { + MBEDTLS_PUT_UINT16_BE(*olen, ssl->out_msg, offset); *olen += 2; } #endif #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ @@ -2912,64 +2845,62 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, - unsigned char **p, - unsigned char *end, - mbedtls_md_type_t *md_alg, - mbedtls_pk_type_t *pk_alg ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_signature_algorithm(mbedtls_ssl_context *ssl, + unsigned char **p, + unsigned char *end, + mbedtls_md_type_t *md_alg, + mbedtls_pk_type_t *pk_alg) { ((void) ssl); *md_alg = MBEDTLS_MD_NONE; *pk_alg = MBEDTLS_PK_NONE; /* Only in TLS 1.2 */ - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - return( 0 ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + return 0; } - if( (*p) + 2 > end ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*p) + 2 > end) { + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; + } /* * Get hash algorithm */ - if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) - == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*md_alg = mbedtls_ssl_md_alg_from_hash((*p)[0])) + == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("Server used unsupported HashAlgorithm %d", *(p)[0])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* * Get signature algorithm */ - if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) - == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if ((*pk_alg = mbedtls_ssl_pk_alg_from_sig((*p)[1])) + == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server used unsupported SignatureAlgorithm %d", (*p)[1])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } /* * Check if the hash is acceptable */ - if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server used HashAlgorithm %d that was not offered", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (mbedtls_ssl_check_sig_hash(ssl, *md_alg) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("server used HashAlgorithm %d that was not offered", *(p)[0])); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", - (*p)[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", - (*p)[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Server used SignatureAlgorithm %d", + (*p)[1])); + MBEDTLS_SSL_DEBUG_MSG(2, ("Server used HashAlgorithm %d", + (*p)[0])); *p += 2; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -2978,72 +2909,71 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ecp_keypair *peer_key; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ! mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECKEY ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + /* This is a public key, so it can't be opaque, so can_do() is a good + * enough check to ensure pk_ec() is safe to use below. */ + if (!mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECKEY)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - peer_key = mbedtls_pk_ec( *peer_pk ); + peer_key = mbedtls_pk_ec(*peer_pk); - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key, - MBEDTLS_ECDH_THEIRS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); + if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, peer_key, + MBEDTLS_ECDH_THEIRS)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); + return ret; } - if( ssl_check_server_ecdh_params( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl_check_server_ecdh_params(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it, * so that more RAM is available for upcoming expensive * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; unsigned char *p = NULL, *end = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange")); ssl->state++; - return( 0 ); + return 0; } ((void) p); ((void) end); @@ -3051,22 +2981,20 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { + if ((ret = ssl_get_ecdh_params_from_cert(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( ret ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse server key exchange")); ssl->state++; - return( 0 ); + return 0; } ((void) p); ((void) end); @@ -3074,174 +3002,155 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing) { goto start_processing; } #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server * doesn't use a psk_identity_hint */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE) { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { /* Current message is probably either * CertificateRequest or ServerHelloDone */ ssl->keep_current_message = 1; goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "server key exchange message must not be skipped" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, + ("server key exchange message must not be skipped")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; + } start_processing: #endif - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); end = ssl->in_msg + ssl->in_hslen; - MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); + MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, end - p); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { + if (ssl_parse_server_psk_hint(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } /* FALLTROUGH */ + } /* FALLTHROUGH */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { ; /* nothing more to do */ - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { + if (ssl_parse_server_dh_params(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params_psa( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { + if (ssl_parse_server_ecdh_params_psa(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { + if (ssl_parse_server_ecdh_params(ssl, &p, end) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, + p, end - p); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) { size_t sig_len, hashlen; #if defined(MBEDTLS_USE_PSA_CRYPTO) unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -3250,133 +3159,123 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #endif mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; - unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); size_t params_len = p - params; void *rs_ctx = NULL; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; /* * Handle the digitally-signed structure */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( ssl_parse_signature_algorithm( ssl, &p, end, - &md_alg, &pk_alg ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message" ) ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + if (ssl_parse_signature_algorithm(ssl, &p, end, + &md_alg, &pk_alg) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - if( pk_alg != - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "bad server key exchange message" ) ); + if (pk_alg != + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { + pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); /* Default hash for ECDSA is SHA-1 */ - if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) + if (pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE) { md_alg = MBEDTLS_MD_SHA1; - } - else + } + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* * Read signature */ - if( p > end - 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (p > end - 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - sig_len = ( p[0] << 8 ) | p[1]; + sig_len = (p[0] << 8) | p[1]; p += 2; - if( p != end - sig_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (p != end - sig_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "signature", p, sig_len); /* * Compute the hash that has been signed */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (md_alg == MBEDTLS_MD_NONE) { hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params, - params_len ); - if( ret != 0 ) - return( ret ); - } - else + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash, params, + params_len); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - params, params_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (md_alg != MBEDTLS_MD_NONE) { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen, + params, params_len, + md_alg); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen); #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -3384,44 +3283,42 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) /* * Verify signature */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + if (!mbedtls_pk_can_do(peer_pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server key exchange message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx.pk; -#endif + } +#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */ - if( ( ret = mbedtls_pk_verify_restartable( peer_pk, - md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) - { + if ((ret = mbedtls_pk_verify_restartable(peer_pk, + md_alg, hash, hashlen, p, sig_len, rs_ctx)) != 0) { #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) -#endif - mbedtls_ssl_send_alert_message( - ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); -#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; -#endif - return( ret ); + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } +#endif /* MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED */ + mbedtls_ssl_send_alert_message( + ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return ret; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it, * so that more RAM is available for upcoming expensive * operations like ECDHE. */ - mbedtls_pk_free( peer_pk ); + mbedtls_pk_free(peer_pk); #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ @@ -3429,31 +3326,32 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) exit: ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server key exchange")); - return( 0 ); + return 0; } -#if ! defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +#if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request")); - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *buf; @@ -3462,39 +3360,35 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate request")); - if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate request")); ssl->state++; - return( 0 ); + return 0; } - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } ssl->state++; - ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); + ssl->client_auth = (ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request", - ssl->client_auth ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("got %s certificate request", + ssl->client_auth ? "a" : "no")); - if( ssl->client_auth == 0 ) - { + if (ssl->client_auth == 0) { /* Current message is probably the ServerHelloDone */ ssl->keep_current_message = 1; goto exit; @@ -3527,14 +3421,13 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) buf = ssl->in_msg; /* certificate_types */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } - cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; + cert_type_len = buf[mbedtls_ssl_hs_hdr_len(ssl)]; n = cert_type_len; /* @@ -3547,23 +3440,21 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * therefore the buffer length at this point must be greater than that * regardless of the actual code path. */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + 2 + n) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } /* supported_signature_algorithms */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { size_t sig_alg_len = - ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); + ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) + | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); #if defined(MBEDTLS_DEBUG_C) - unsigned char* sig_alg; + unsigned char *sig_alg; size_t i; #endif @@ -3579,24 +3470,22 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * buf[...hdr_len + 3 + n + sig_alg_len], * which is one less than we need the buf to be. */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) - + 3 + n + sig_alg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + if (ssl->in_hslen <= mbedtls_ssl_hs_hdr_len(ssl) + + 3 + n + sig_alg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } #if defined(MBEDTLS_DEBUG_C) - sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n; - for( i = 0; i < sig_alg_len; i += 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, - ( "Supported Signature Algorithm found: %d,%d", - sig_alg[i], sig_alg[i + 1] ) ); + sig_alg = buf + mbedtls_ssl_hs_hdr_len(ssl) + 3 + n; + for (i = 0; i < sig_alg_len; i += 2) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("Supported Signature Algorithm found: %d,%d", + sig_alg[i], sig_alg[i + 1])); } #endif @@ -3605,65 +3494,64 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* certificate_authorities */ - dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 ) - | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) ); + dn_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) + | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); n += dn_len; - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate request message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST; } exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_server_hello_done(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse server hello done")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) || - ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) || + ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello done message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE; } ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse server hello done")); - return( 0 ); + return 0; } -static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -3672,53 +3560,49 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write client key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) { /* * DHM key exchange -- send G^X mod P */ content_len = ssl->handshake->dhm_ctx.len; - MBEDTLS_PUT_UINT16_BE( content_len, ssl->out_msg, 4 ); + MBEDTLS_PUT_UINT16_BE(content_len, ssl->out_msg, 4); header_len = 6; - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); + ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX); - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - psa_status_t status; + (defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t destruction_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t key_attributes; mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -3730,7 +3614,7 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) header_len = 4; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Perform PSA-based ECDH computation." ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation.")); /* * Generate EC private key for ECDHE exchange. @@ -3744,58 +3628,62 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) * For the time being, we therefore need to split the computation * of the ECDH secret and the application of the TLS 1.2 PRF. */ key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, PSA_ALG_ECDH ); - psa_set_key_type( &key_attributes, handshake->ecdh_psa_type ); - psa_set_key_bits( &key_attributes, handshake->ecdh_bits ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); + psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->ecdh_bits); /* Generate ECDH private key. */ - status = psa_generate_key( &key_attributes, - &handshake->ecdh_psa_privkey ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_generate_key(&key_attributes, + &handshake->ecdh_psa_privkey); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } /* Export the public part of the ECDH private key from PSA * and convert it to ECPoint format used in ClientKeyExchange. */ - status = psa_export_public_key( handshake->ecdh_psa_privkey, - own_pubkey, sizeof( own_pubkey ), - &own_pubkey_len ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - if( mbedtls_psa_tls_psa_ec_to_ecpoint( own_pubkey, - own_pubkey_len, - &own_pubkey_ecpoint, - &own_pubkey_ecpoint_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_export_public_key(handshake->ecdh_psa_privkey, + own_pubkey, sizeof(own_pubkey), + &own_pubkey_len); + if (status != PSA_SUCCESS) { + psa_destroy_key(handshake->ecdh_psa_privkey); + handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + + if (mbedtls_psa_tls_psa_ec_to_ecpoint(own_pubkey, + own_pubkey_len, + &own_pubkey_ecpoint, + &own_pubkey_ecpoint_len) != 0) { + psa_destroy_key(handshake->ecdh_psa_privkey); + handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } /* Copy ECPoint structure to outgoing message buffer. */ ssl->out_msg[header_len] = (unsigned char) own_pubkey_ecpoint_len; - memcpy( ssl->out_msg + header_len + 1, - own_pubkey_ecpoint, own_pubkey_ecpoint_len ); + memcpy(ssl->out_msg + header_len + 1, + own_pubkey_ecpoint, own_pubkey_ecpoint_len); content_len = own_pubkey_ecpoint_len + 1; /* The ECDH secret is the premaster secret used for key derivation. */ /* Compute ECDH shared secret. */ - status = psa_raw_key_agreement( PSA_ALG_ECDH, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, - ssl->handshake->premaster, - sizeof( ssl->handshake->premaster ), - &ssl->handshake->pmslen ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - - status = psa_destroy_key( handshake->ecdh_psa_privkey ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_raw_key_agreement(PSA_ALG_ECDH, + handshake->ecdh_psa_privkey, + handshake->ecdh_psa_peerkey, + handshake->ecdh_psa_peerkey_len, + ssl->handshake->premaster, + sizeof(ssl->handshake->premaster), + &ssl->handshake->pmslen); + + destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey); handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - } - else + + if (status != PSA_SUCCESS || destruction_status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && ( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ) */ @@ -3803,137 +3691,132 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { /* * ECDH key exchange -- send client public value */ header_len = 4; #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) - { - if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) + if (ssl->handshake->ecrs_enabled) { + if (ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret) { goto ecdh_calc_secret; + } - mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); + mbedtls_ecdh_enable_restart(&ssl->handshake->ecdh_ctx); } #endif - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], 1000, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); + ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], 1000, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) - { + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_n = content_len; ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; } ecdh_calc_secret: - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { content_len = ssl->handshake->ecrs_n; + } #endif - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_psk(ciphersuite_info)) { /* * opaque psk_identity<0..2^16-1>; */ - if( ssl_conf_has_static_psk( ssl->conf ) == 0 ) - { + if (ssl_conf_has_static_psk(ssl->conf) == 0) { /* We don't offer PSK suites if we don't have a PSK, * and we check that the server's choice is among the * ciphersuites we offered, so this should never happen. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } header_len = 4; content_len = ssl->conf->psk_identity_len; - if( header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "psk identity too long or SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (header_len + 2 + content_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("psk identity too long or SSL buffer too short")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len); - memcpy( ssl->out_msg + header_len, - ssl->conf->psk_identity, - ssl->conf->psk_identity_len ); + memcpy(ssl->out_msg + header_len, + ssl->conf->psk_identity, + ssl->conf->psk_identity_len); header_len += ssl->conf->psk_identity_len; #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) { content_len = 0; - } - else + } else #endif #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 2 ) ) != 0 ) - return( ret ); - } - else + if ((ret = ssl_write_encrypted_pms(ssl, header_len, + &content_len, 2)) != 0) { + return ret; + } + } else #endif #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* @@ -3941,125 +3824,112 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ content_len = ssl->handshake->dhm_ctx.len; - if( header_len + 2 + content_len > - MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "psk identity or DHM size too long or SSL buffer too short" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (header_len + 2 + content_len > + MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("psk identity or DHM size too long or SSL buffer too short")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl->out_msg[header_len++] = MBEDTLS_BYTE_1( content_len ); - ssl->out_msg[header_len++] = MBEDTLS_BYTE_0( content_len ); - - ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[header_len], content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret ); - return( ret ); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_1(content_len); + ssl->out_msg[header_len++] = MBEDTLS_BYTE_0(content_len); + + ret = mbedtls_dhm_make_public(&ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + &ssl->out_msg[header_len], content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_public", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only suites. */ - if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* * ClientECDiffieHellmanPublic public; */ - ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, - &content_len, - &ssl->out_msg[header_len], - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); - return( ret ); + ret = mbedtls_ecdh_make_public(&ssl->handshake->ecdh_ctx, + &content_len, + &ssl->out_msg[header_len], + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_public", ret); + return ret; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_conf_has_static_raw_psk( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "skip PMS generation for opaque PSK" ) ); - } - else + ssl_conf_has_static_raw_psk(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("skip PMS generation for opaque PSK")); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, - "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, + "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { header_len = 4; - if( ( ret = ssl_write_encrypted_pms( ssl, header_len, - &content_len, 0 ) ) != 0 ) - return( ret ); - } - else + if ((ret = ssl_write_encrypted_pms(ssl, header_len, + &content_len, 0)) != 0) { + return ret; + } + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { header_len = 4; - ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx, - ssl->out_msg + header_len, - MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, - &content_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); + ret = mbedtls_ecjpake_write_round_two(&ssl->handshake->ecjpake_ctx, + ssl->out_msg + header_len, + MBEDTLS_SSL_OUT_CONTENT_LEN - header_len, + &content_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret); + return ret; } - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); + ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ { ((void) ciphersuite_info); - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->out_msglen = header_len + content_len; @@ -4068,44 +3938,43 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client key exchange")); - return( 0 ); + return 0; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -4117,58 +3986,53 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) size_t hashlen; void *rs_ctx = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign) { goto sign; } #endif - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + if (ssl->client_auth == 0 || mbedtls_ssl_own_cert(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate verify")); ssl->state++; - return( 0 ); + return 0; } - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (mbedtls_ssl_own_key(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key for certificate")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* * Make a signature of the handshake digests */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; + } sign: #endif - ssl->handshake->calc_verify( ssl, hash, &hashlen ); + ssl->handshake->calc_verify(ssl, hash, &hashlen); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { /* * digitally-signed struct { * opaque md5_hash[16]; @@ -4186,19 +4050,16 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) /* * For ECDSA, default hash is SHA-1 only */ - if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) - { + if (mbedtls_pk_can_do(mbedtls_ssl_own_key(ssl), MBEDTLS_PK_ECDSA)) { hash_start += 16; hashlen -= 16; md_alg = MBEDTLS_MD_SHA1; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* * digitally-signed struct { * opaque handshake_messages[handshake_messages_length]; @@ -4215,48 +4076,45 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) * SHA224 in order to satisfy 'weird' needs from the server * side. */ - if( ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - { + if (ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384) { md_alg = MBEDTLS_MD_SHA384; ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; - } - else - { + } else { md_alg = MBEDTLS_MD_SHA256; ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256; } - ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) ); + ssl->out_msg[5] = mbedtls_ssl_sig_from_pk(mbedtls_ssl_own_key(ssl)); /* Info from md_alg will be used instead */ hashlen = 0; offset = 2; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled ) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx.pk; + } #endif - if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), - md_alg, hash_start, hashlen, - ssl->out_msg + 6 + offset, &n, - ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); + if ((ret = mbedtls_pk_sign_restartable(mbedtls_ssl_own_key(ssl), + md_alg, hash_start, hashlen, + ssl->out_msg + 6 + offset, &n, + ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret); #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif - return( ret ); + return ret; } - MBEDTLS_PUT_UINT16_BE( n, ssl->out_msg, offset + 4 ); + MBEDTLS_PUT_UINT16_BE(n, ssl->out_msg, offset + 4); ssl->out_msglen = 6 + n + offset; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -4264,20 +4122,20 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate verify")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t lifetime; @@ -4285,22 +4143,20 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) unsigned char *ticket; const unsigned char *msg; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse new session ticket")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* @@ -4313,31 +4169,29 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * 4 . 5 ticket_len (n) * 6 . 5+n ticket content */ - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || - ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET || + ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET; } - msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); - lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) | - ( msg[2] << 8 ) | ( msg[3] ); + lifetime = (((uint32_t) msg[0]) << 24) | (msg[1] << 16) | + (msg[2] << 8) | (msg[3]); - ticket_len = ( msg[4] << 8 ) | ( msg[5] ); + ticket_len = (msg[4] << 8) | (msg[5]); - if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len)); /* We're not waiting for a NewSessionTicket message any more */ ssl->handshake->new_session_ticket = 0; @@ -4347,33 +4201,32 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * Zero-length ticket means the server changed his mind and doesn't want * to send a ticket after all, so just forget it */ - if( ticket_len == 0 ) - return( 0 ); + if (ticket_len == 0) { + return 0; + } - if( ssl->session != NULL && ssl->session->ticket != NULL ) - { - mbedtls_platform_zeroize( ssl->session->ticket, - ssl->session->ticket_len ); - mbedtls_free( ssl->session->ticket ); + if (ssl->session != NULL && ssl->session->ticket != NULL) { + mbedtls_platform_zeroize(ssl->session->ticket, + ssl->session->ticket_len); + mbedtls_free(ssl->session->ticket); ssl->session->ticket = NULL; ssl->session->ticket_len = 0; } - mbedtls_platform_zeroize( ssl->session_negotiate->ticket, - ssl->session_negotiate->ticket_len ); - mbedtls_free( ssl->session_negotiate->ticket ); + mbedtls_platform_zeroize(ssl->session_negotiate->ticket, + ssl->session_negotiate->ticket_len); + mbedtls_free(ssl->session_negotiate->ticket); ssl->session_negotiate->ticket = NULL; ssl->session_negotiate->ticket_len = 0; - if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ticket = mbedtls_calloc(1, ticket_len)) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ticket alloc failed")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - memcpy( ticket, msg + 6, ticket_len ); + memcpy(ticket, msg + 6, ticket_len); ssl->session_negotiate->ticket = ticket; ssl->session_negotiate->ticket_len = ticket_len; @@ -4384,149 +4237,149 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) * "If the client receives a session ticket from the server, then it * discards any Session ID that was sent in the ServerHello." */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket in use, discarding session id")); ssl->session_negotiate->id_len = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse new session ticket")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- client side -- single step */ -int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("client state: %d", ssl->state)); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && - ssl->handshake->new_session_ticket != 0 ) - { + if (ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && + ssl->handshake->new_session_ticket != 0) { ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; } #endif - switch( ssl->state ) - { + switch (ssl->state) { case MBEDTLS_SSL_HELLO_REQUEST: ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; - /* - * ==> ClientHello - */ - case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_write_client_hello( ssl ); - break; - - /* - * <== ServerHello - * Certificate - * ( ServerKeyExchange ) - * ( CertificateRequest ) - * ServerHelloDone - */ - case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_parse_server_hello( ssl ); - break; - - case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); - break; - - case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_parse_server_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_parse_certificate_request( ssl ); - break; - - case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_parse_server_hello_done( ssl ); - break; - - /* - * ==> ( Certificate/Alert ) - * ClientKeyExchange - * ( CertificateVerify ) - * ChangeCipherSpec - * Finished - */ - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_write_client_key_exchange( ssl ); - break; - - case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_write_certificate_verify( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); - break; - - case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); - break; - - /* - * <== ( NewSessionTicket ) - * ChangeCipherSpec - * Finished - */ + /* + * ==> ClientHello + */ + case MBEDTLS_SSL_CLIENT_HELLO: + ret = ssl_write_client_hello(ssl); + break; + + /* + * <== ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case MBEDTLS_SSL_SERVER_HELLO: + ret = ssl_parse_server_hello(ssl); + break; + + case MBEDTLS_SSL_SERVER_CERTIFICATE: + ret = mbedtls_ssl_parse_certificate(ssl); + break; + + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: + ret = ssl_parse_server_key_exchange(ssl); + break; + + case MBEDTLS_SSL_CERTIFICATE_REQUEST: + ret = ssl_parse_certificate_request(ssl); + break; + + case MBEDTLS_SSL_SERVER_HELLO_DONE: + ret = ssl_parse_server_hello_done(ssl); + break; + + /* + * ==> ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + ret = mbedtls_ssl_write_certificate(ssl); + break; + + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_write_client_key_exchange(ssl); + break; + + case MBEDTLS_SSL_CERTIFICATE_VERIFY: + ret = ssl_write_certificate_verify(ssl); + break; + + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_write_change_cipher_spec(ssl); + break; + + case MBEDTLS_SSL_CLIENT_FINISHED: + ret = mbedtls_ssl_write_finished(ssl); + break; + + /* + * <== ( NewSessionTicket ) + * ChangeCipherSpec + * Finished + */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) - case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: - ret = ssl_parse_new_session_ticket( ssl ); - break; + case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: + ret = ssl_parse_new_session_ticket(ssl); + break; #endif - case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); - break; + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = mbedtls_ssl_parse_change_cipher_spec(ssl); + break; - case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); - break; + case MBEDTLS_SSL_SERVER_FINISHED: + ret = mbedtls_ssl_parse_finished(ssl); + break; - case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); - ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; - break; + case MBEDTLS_SSL_FLUSH_BUFFERS: + MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done")); + ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + break; - case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); - break; + case MBEDTLS_SSL_HANDSHAKE_WRAPUP: + mbedtls_ssl_handshake_wrapup(ssl); + break; - default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } + default: + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/third_party/mbedtls/repo/library/ssl_cookie.c b/third_party/mbedtls/repo/library/ssl_cookie.c index abf29ae717e..067a4916a5c 100644 --- a/third_party/mbedtls/repo/library/ssl_cookie.c +++ b/third_party/mbedtls/repo/library/ssl_cookie.c @@ -2,19 +2,7 @@ * DTLS cookie callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list @@ -25,12 +13,7 @@ #if defined(MBEDTLS_SSL_COOKIE_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl_cookie.h" #include "mbedtls/ssl_internal.h" @@ -63,106 +46,110 @@ /* * Cookies are formed of a 4-bytes timestamp (or serial number) and - * an HMAC of timestemp and client ID. + * an HMAC of timestamp and client ID. */ -#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN ) +#define COOKIE_LEN (4 + COOKIE_HMAC_LEN) -void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) +void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx) { - mbedtls_md_init( &ctx->hmac_ctx ); + mbedtls_md_init(&ctx->hmac_ctx); #if !defined(MBEDTLS_HAVE_TIME) ctx->serial = 0; #endif ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT; #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } -void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay ) +void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay) { ctx->timeout = delay; } -void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) +void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx) { - mbedtls_md_free( &ctx->hmac_ctx ); + mbedtls_md_free(&ctx->hmac_ctx); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_cookie_ctx)); } -int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char key[COOKIE_MD_OUTLEN]; - if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 ) - return( ret ); + if ((ret = f_rng(p_rng, key, sizeof(key))) != 0) { + return ret; + } - ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md_setup(&ctx->hmac_ctx, mbedtls_md_info_from_type(COOKIE_MD), 1); + if (ret != 0) { + return ret; + } - ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md_hmac_starts(&ctx->hmac_ctx, key, sizeof(key)); + if (ret != 0) { + return ret; + } - mbedtls_platform_zeroize( key, sizeof( key ) ); + mbedtls_platform_zeroize(key, sizeof(key)); - return( 0 ); + return 0; } /* * Generate the HMAC part of a cookie */ -static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx, - const unsigned char time[4], - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_cookie_hmac(mbedtls_md_context_t *hmac_ctx, + const unsigned char time[4], + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { unsigned char hmac_out[COOKIE_MD_OUTLEN]; - MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_HMAC_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_HMAC_LEN); - if( mbedtls_md_hmac_reset( hmac_ctx ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 || - mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 || - mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (mbedtls_md_hmac_reset(hmac_ctx) != 0 || + mbedtls_md_hmac_update(hmac_ctx, time, 4) != 0 || + mbedtls_md_hmac_update(hmac_ctx, cli_id, cli_id_len) != 0 || + mbedtls_md_hmac_finish(hmac_ctx, hmac_out) != 0) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( *p, hmac_out, COOKIE_HMAC_LEN ); + memcpy(*p, hmac_out, COOKIE_HMAC_LEN); *p += COOKIE_HMAC_LEN; - return( 0 ); + return 0; } /* * Generate cookie for DTLS ClientHello verification */ -int mbedtls_ssl_cookie_write( void *p_ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +int mbedtls_ssl_cookie_write(void *p_ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; unsigned long t; - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || cli_id == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_CHK_BUF_PTR( *p, end, COOKIE_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(*p, end, COOKIE_LEN); #if defined(MBEDTLS_HAVE_TIME) - t = (unsigned long) mbedtls_time( NULL ); + t = (unsigned long) mbedtls_time(NULL); #else t = ctx->serial++; #endif @@ -171,28 +158,30 @@ int mbedtls_ssl_cookie_write( void *p_ctx, *p += 4; #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret); + } #endif - ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4, - p, end, cli_id, cli_id_len ); + ret = ssl_cookie_hmac(&ctx->hmac_ctx, *p - 4, + p, end, cli_id, cli_id_len); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, - MBEDTLS_ERR_THREADING_MUTEX_ERROR ) ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR); + } #endif - return( ret ); + return ret; } /* * Check a cookie */ -int mbedtls_ssl_cookie_check( void *p_ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) +int mbedtls_ssl_cookie_check(void *p_ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len) { unsigned char ref_hmac[COOKIE_HMAC_LEN]; int ret = 0; @@ -200,58 +189,60 @@ int mbedtls_ssl_cookie_check( void *p_ctx, mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx; unsigned long cur_time, cookie_time; - if( ctx == NULL || cli_id == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || cli_id == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( cookie_len != COOKIE_LEN ) - return( -1 ); + if (cookie_len != COOKIE_LEN) { + return -1; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret ) ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, ret); + } #endif - if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie, - &p, p + sizeof( ref_hmac ), - cli_id, cli_id_len ) != 0 ) + if (ssl_cookie_hmac(&ctx->hmac_ctx, cookie, + &p, p + sizeof(ref_hmac), + cli_id, cli_id_len) != 0) { ret = -1; + } #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - { - ret = MBEDTLS_ERROR_ADD( MBEDTLS_ERR_SSL_INTERNAL_ERROR, - MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_SSL_INTERNAL_ERROR, + MBEDTLS_ERR_THREADING_MUTEX_ERROR); } #endif - if( ret != 0 ) + if (ret != 0) { goto exit; + } - if( mbedtls_ct_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 ) - { + if (mbedtls_ct_memcmp(cookie + 4, ref_hmac, sizeof(ref_hmac)) != 0) { ret = -1; goto exit; } #if defined(MBEDTLS_HAVE_TIME) - cur_time = (unsigned long) mbedtls_time( NULL ); + cur_time = (unsigned long) mbedtls_time(NULL); #else cur_time = ctx->serial; #endif - cookie_time = ( (unsigned long) cookie[0] << 24 ) | - ( (unsigned long) cookie[1] << 16 ) | - ( (unsigned long) cookie[2] << 8 ) | - ( (unsigned long) cookie[3] ); + cookie_time = ((unsigned long) cookie[0] << 24) | + ((unsigned long) cookie[1] << 16) | + ((unsigned long) cookie[2] << 8) | + ((unsigned long) cookie[3]); - if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout ) - { + if (ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout) { ret = -1; goto exit; } exit: - mbedtls_platform_zeroize( ref_hmac, sizeof( ref_hmac ) ); - return( ret ); + mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac)); + return ret; } #endif /* MBEDTLS_SSL_COOKIE_C */ diff --git a/third_party/mbedtls/repo/library/ssl_msg.c b/third_party/mbedtls/repo/library/ssl_msg.c index 0b696dd5612..5e856795931 100644 --- a/third_party/mbedtls/repo/library/ssl_msg.c +++ b/third_party/mbedtls/repo/library/ssl_msg.c @@ -3,19 +3,7 @@ * (record layer + retransmission state machine) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SSL 3.0 specification was drafted by Netscape in 1996, @@ -30,13 +18,7 @@ #if defined(MBEDTLS_SSL_TLS_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -58,80 +40,77 @@ #include "mbedtls/oid.h" #endif -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); +static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl); /* * Start a timer. * Passing millisecs = 0 cancels a running timer. */ -void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs ) +void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs) { - if( ssl->f_set_timer == NULL ) + if (ssl->f_set_timer == NULL) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) ); - ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs ); + MBEDTLS_SSL_DEBUG_MSG(3, ("set_timer to %d ms", (int) millisecs)); + ssl->f_set_timer(ssl->p_timer, millisecs / 4, millisecs); } /* * Return -1 is timer is expired, 0 if it isn't. */ -int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl) { - if( ssl->f_get_timer == NULL ) - return( 0 ); + if (ssl->f_get_timer == NULL) { + return 0; + } - if( ssl->f_get_timer( ssl->p_timer ) == 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) ); - return( -1 ); + if (ssl->f_get_timer(ssl->p_timer) == 2) { + MBEDTLS_SSL_DEBUG_MSG(3, ("timer expired")); + return -1; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_RECORD_CHECKING) -static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t len, - mbedtls_record *rec ); - -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t len, + mbedtls_record *rec); + +int mbedtls_ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen) { int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen ); + MBEDTLS_SSL_DEBUG_MSG(1, ("=> mbedtls_ssl_check_record")); + MBEDTLS_SSL_DEBUG_BUF(3, "record buffer", buf, buflen); /* We don't support record checking in TLS because * (a) there doesn't seem to be a usecase for it, and * (b) In SSLv3 and TLS 1.0, CBC record decryption has state * and we'd need to backup the transform here. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM) { ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; goto exit; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - else - { + else { mbedtls_record rec; - ret = ssl_parse_record_header( ssl, buf, buflen, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret ); + ret = ssl_parse_record_header(ssl, buf, buflen, &rec); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(3, "ssl_parse_record_header", ret); goto exit; } - if( ssl->transform_in != NULL ) - { - ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret ); + if (ssl->transform_in != NULL) { + ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, &rec); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(3, "mbedtls_ssl_decrypt_buf", ret); goto exit; } } @@ -141,18 +120,17 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, exit: /* On success, we have decrypted the buffer in-place, so make * sure we don't leak any plaintext data. */ - mbedtls_platform_zeroize( buf, buflen ); + mbedtls_platform_zeroize(buf, buflen); /* For the purpose of this API, treat messages with unexpected CID * as well as such from future epochs as unexpected. */ - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || - ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || + ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(1, ("<= mbedtls_ssl_check_record")); + return ret; } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ @@ -162,58 +140,66 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) /* Forward declarations for functions related to message buffering. */ -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ); -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); -static int ssl_buffer_message( mbedtls_ssl_context *ssl ); -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, - mbedtls_record const *rec ); -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); - -static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) +static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, + uint8_t slot); +static void ssl_free_buffered_record(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_load_buffered_message(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_load_buffered_record(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_buffer_message(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_buffer_future_record(mbedtls_ssl_context *ssl, + mbedtls_record const *rec); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl); + +static size_t ssl_get_maximum_datagram_size(mbedtls_ssl_context const *ssl) { - size_t mtu = mbedtls_ssl_get_current_mtu( ssl ); + size_t mtu = mbedtls_ssl_get_current_mtu(ssl); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t out_buf_len = ssl->out_buf_len; #else size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - if( mtu != 0 && mtu < out_buf_len ) - return( mtu ); + if (mtu != 0 && mtu < out_buf_len) { + return mtu; + } - return( out_buf_len ); + return out_buf_len; } -static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_remaining_space_in_datagram(mbedtls_ssl_context const *ssl) { size_t const bytes_written = ssl->out_left; - size_t const mtu = ssl_get_maximum_datagram_size( ssl ); + size_t const mtu = ssl_get_maximum_datagram_size(ssl); /* Double-check that the write-index hasn't gone * past what we can transmit in a single datagram. */ - if( bytes_written > mtu ) - { + if (bytes_written > mtu) { /* Should never happen... */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( (int) ( mtu - bytes_written ) ); + return (int) (mtu - bytes_written); } -static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_remaining_payload_in_datagram(mbedtls_ssl_context const *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t remaining, expansion; size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl ); + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if( max_len > mfl ) + if (max_len > mfl) { max_len = mfl; + } /* By the standard (RFC 6066 Sect. 4), the MFL extension * only limits the maximum record payload size, so in theory @@ -224,42 +210,49 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl * The following reduction of max_len makes sure that we never * write datagrams larger than MFL + Record Expansion Overhead. */ - if( max_len <= ssl->out_left ) - return( 0 ); + if (max_len <= ssl->out_left) { + return 0; + } max_len -= ssl->out_left; #endif - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + ret = ssl_get_remaining_space_in_datagram(ssl); + if (ret < 0) { + return ret; + } remaining = (size_t) ret; - ret = mbedtls_ssl_get_record_expansion( ssl ); - if( ret < 0 ) - return( ret ); + ret = mbedtls_ssl_get_record_expansion(ssl); + if (ret < 0) { + return ret; + } expansion = (size_t) ret; - if( remaining <= expansion ) - return( 0 ); + if (remaining <= expansion) { + return 0; + } remaining -= expansion; - if( remaining >= max_len ) + if (remaining >= max_len) { remaining = max_len; + } - return( (int) remaining ); + return (int) remaining; } /* * Double the retransmit timeout value, within the allowed range, * returning -1 if the maximum value has already been reached. */ -static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_double_retransmit_timeout(mbedtls_ssl_context *ssl) { uint32_t new_timeout; - if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) - return( -1 ); + if (ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max) { + return -1; + } /* Implement the final paragraph of RFC 6347 section 4.1.1.1 * in the following way: after the initial transmission and a first @@ -267,49 +260,47 @@ static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) * This value is guaranteed to be deliverable (if not guaranteed to be * delivered) of any compliant IPv4 (and IPv6) network, and should work * on most non-IP stacks too. */ - if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) - { + if (ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min) { ssl->handshake->mtu = 508; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("mtu autoreduction to %d bytes", ssl->handshake->mtu)); } new_timeout = 2 * ssl->handshake->retransmit_timeout; /* Avoid arithmetic overflow and range overflow */ - if( new_timeout < ssl->handshake->retransmit_timeout || - new_timeout > ssl->conf->hs_timeout_max ) - { + if (new_timeout < ssl->handshake->retransmit_timeout || + new_timeout > ssl->conf->hs_timeout_max) { new_timeout = ssl->conf->hs_timeout_max; } ssl->handshake->retransmit_timeout = new_timeout; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs", - (unsigned long) ssl->handshake->retransmit_timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs", + (unsigned long) ssl->handshake->retransmit_timeout)); - return( 0 ); + return 0; } -static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl ) +static void ssl_reset_retransmit_timeout(mbedtls_ssl_context *ssl) { ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %lu millisecs", - (unsigned long) ssl->handshake->retransmit_timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("update timeout value to %lu millisecs", + (unsigned long) ssl->handshake->retransmit_timeout)); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) -int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl, - const unsigned char *key_enc, const unsigned char *key_dec, - size_t keylen, - const unsigned char *iv_enc, const unsigned char *iv_dec, - size_t ivlen, - const unsigned char *mac_enc, const unsigned char *mac_dec, - size_t maclen ) = NULL; -int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL; -int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL; -int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; +int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + size_t keylen, + const unsigned char *iv_enc, const unsigned char *iv_dec, + size_t ivlen, + const unsigned char *mac_enc, const unsigned char *mac_dec, + size_t maclen) = NULL; +int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction) = NULL; +int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl) = NULL; +int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl) = NULL; #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ /* @@ -319,10 +310,10 @@ int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || \ defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) -static size_t ssl_compute_padding_length( size_t len, - size_t granularity ) +static size_t ssl_compute_padding_length(size_t len, + size_t granularity) { - return( ( granularity - ( len + 1 ) % granularity ) % granularity ); + return (granularity - (len + 1) % granularity) % granularity; } /* This functions transforms a (D)TLS plaintext fragment and a record content @@ -353,61 +344,65 @@ static size_t ssl_compute_padding_length( size_t len, * - A negative error code if `max_len` didn't offer enough space * for the expansion. */ -static int ssl_build_inner_plaintext( unsigned char *content, - size_t *content_size, - size_t remaining, - uint8_t rec_type, - size_t pad ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_build_inner_plaintext(unsigned char *content, + size_t *content_size, + size_t remaining, + uint8_t rec_type, + size_t pad) { size_t len = *content_size; /* Write real content type */ - if( remaining == 0 ) - return( -1 ); - content[ len ] = rec_type; + if (remaining == 0) { + return -1; + } + content[len] = rec_type; len++; remaining--; - if( remaining < pad ) - return( -1 ); - memset( content + len, 0, pad ); + if (remaining < pad) { + return -1; + } + memset(content + len, 0, pad); len += pad; remaining -= pad; *content_size = len; - return( 0 ); + return 0; } /* This function parses a (D)TLSInnerPlaintext structure. * See ssl_build_inner_plaintext() for details. */ -static int ssl_parse_inner_plaintext( unsigned char const *content, - size_t *content_size, - uint8_t *rec_type ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_inner_plaintext(unsigned char const *content, + size_t *content_size, + uint8_t *rec_type) { size_t remaining = *content_size; /* Determine length of padding by skipping zeroes from the back. */ - do - { - if( remaining == 0 ) - return( -1 ); + do { + if (remaining == 0) { + return -1; + } remaining--; - } while( content[ remaining ] == 0 ); + } while (content[remaining] == 0); *content_size = remaining; - *rec_type = content[ remaining ]; + *rec_type = content[remaining]; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID || MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* `add_data` must have size 13 Bytes if the CID extension is disabled, * and 13 + 1 + CID-length Bytes if the CID extension is enabled. */ -static void ssl_extract_add_data_from_record( unsigned char* add_data, - size_t *add_data_len, - mbedtls_record *rec, - unsigned minor_ver ) +static void ssl_extract_add_data_from_record(unsigned char *add_data, + size_t *add_data_len, + mbedtls_record *rec, + unsigned minor_ver) { /* Quoting RFC 5246 (TLS 1.2): * @@ -430,37 +425,38 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, unsigned char *cur = add_data; + int is_tls13 = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ) + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { + is_tls13 = 1; + } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - { + if (!is_tls13) { ((void) minor_ver); - memcpy( cur, rec->ctr, sizeof( rec->ctr ) ); - cur += sizeof( rec->ctr ); + memcpy(cur, rec->ctr, sizeof(rec->ctr)); + cur += sizeof(rec->ctr); } *cur = rec->type; cur++; - memcpy( cur, rec->ver, sizeof( rec->ver ) ); - cur += sizeof( rec->ver ); + memcpy(cur, rec->ver, sizeof(rec->ver)); + cur += sizeof(rec->ver); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec->cid_len != 0 ) - { - memcpy( cur, rec->cid, rec->cid_len ); + if (rec->cid_len != 0) { + memcpy(cur, rec->cid, rec->cid_len); cur += rec->cid_len; *cur = rec->cid_len; cur++; - MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 ); + MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0); cur += 2; - } - else + } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - MBEDTLS_PUT_UINT16_BE( rec->data_len, cur, 0 ); + MBEDTLS_PUT_UINT16_BE(rec->data_len, cur, 0); cur += 2; } @@ -474,77 +470,91 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data, /* * SSLv3.0 MAC functions */ -static int ssl_mac( mbedtls_md_context_t *md_ctx, - const unsigned char *secret, - const unsigned char *buf, size_t len, - const unsigned char *ctr, int type, - unsigned char out[SSL3_MAC_MAX_BYTES] ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_mac(mbedtls_md_context_t *md_ctx, + const unsigned char *secret, + const unsigned char *buf, size_t len, + const unsigned char *ctr, int type, + unsigned char out[SSL3_MAC_MAX_BYTES]) { unsigned char header[11]; unsigned char padding[48]; int padlen; - int md_size = mbedtls_md_get_size( md_ctx->md_info ); - int md_type = mbedtls_md_get_type( md_ctx->md_info ); + int md_size = mbedtls_md_get_size(md_ctx->md_info); + int md_type = mbedtls_md_get_type(md_ctx->md_info); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Only MD5 and SHA-1 supported */ - if( md_type == MBEDTLS_MD_MD5 ) + if (md_type == MBEDTLS_MD_MD5) { padlen = 48; - else + } else { padlen = 40; + } - memcpy( header, ctr, 8 ); + memcpy(header, ctr, 8); header[8] = (unsigned char) type; - MBEDTLS_PUT_UINT16_BE( len, header, 9); - - memset( padding, 0x36, padlen ); - ret = mbedtls_md_starts( md_ctx ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, secret, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, padding, padlen ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, header, 11 ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, buf, len ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_finish( md_ctx, out ); - if( ret != 0 ) - return( ret ); - - memset( padding, 0x5C, padlen ); - ret = mbedtls_md_starts( md_ctx ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, secret, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, padding, padlen ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_update( md_ctx, out, md_size ); - if( ret != 0 ) - return( ret ); - ret = mbedtls_md_finish( md_ctx, out ); - if( ret != 0 ) - return( ret ); - - return( 0 ); + MBEDTLS_PUT_UINT16_BE(len, header, 9); + + memset(padding, 0x36, padlen); + ret = mbedtls_md_starts(md_ctx); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, secret, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, padding, padlen); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, header, 11); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, buf, len); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_finish(md_ctx, out); + if (ret != 0) { + return ret; + } + + memset(padding, 0x5C, padlen); + ret = mbedtls_md_starts(md_ctx); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, secret, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, padding, padlen); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_update(md_ctx, out, md_size); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_finish(md_ctx, out); + if (ret != 0) { + return ret; + } + + return 0; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) +MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( - mbedtls_ssl_transform const *transform ) + mbedtls_ssl_transform const *transform) { - return( transform->ivlen != transform->fixed_ivlen ); + return transform->ivlen != transform->fixed_ivlen; } /* Compute IV := ( fixed_iv || 0 ) XOR ( 0 || dynamic_IV ) @@ -570,35 +580,36 @@ static int ssl_transform_aead_dynamic_iv_is_explicit( * which has to be ensured by the caller. If this precondition * violated, the behavior of this function is undefined. */ -static void ssl_build_record_nonce( unsigned char *dst_iv, - size_t dst_iv_len, - unsigned char const *fixed_iv, - size_t fixed_iv_len, - unsigned char const *dynamic_iv, - size_t dynamic_iv_len ) +static void ssl_build_record_nonce(unsigned char *dst_iv, + size_t dst_iv_len, + unsigned char const *fixed_iv, + size_t fixed_iv_len, + unsigned char const *dynamic_iv, + size_t dynamic_iv_len) { size_t i; /* Start with Fixed IV || 0 */ - memset( dst_iv, 0, dst_iv_len ); - memcpy( dst_iv, fixed_iv, fixed_iv_len ); + memset(dst_iv, 0, dst_iv_len); + memcpy(dst_iv, fixed_iv, fixed_iv_len); dst_iv += dst_iv_len - dynamic_iv_len; - for( i = 0; i < dynamic_iv_len; i++ ) + for (i = 0; i < dynamic_iv_len; i++) { dst_iv[i] ^= dynamic_iv[i]; + } } #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ -int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { mbedtls_cipher_mode_t mode; int auth_done = 0; - unsigned char * data; - unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char *data; + unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t add_data_len; size_t post_avail; @@ -610,46 +621,43 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, /* The PRNG is used for dynamic IV generation that's used * for CBC transformations in TLS 1.1 and TLS 1.2. */ -#if !( defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) ) ) +#if !(defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ + (defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2))) ((void) f_rng); ((void) p_rng); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> encrypt buf")); - if( transform == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no transform provided to encrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (transform == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no transform provided to encrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( rec == NULL + if (rec == NULL || rec->buf == NULL || rec->buf_len < rec->data_offset || rec->buf_len - rec->data_offset < rec->data_len #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) || rec->cid_len != 0 #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to encrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to encrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } data = rec->buf + rec->data_offset; - post_avail = rec->buf_len - ( rec->data_len + rec->data_offset ); - MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", - data, rec->data_len ); + post_avail = rec->buf_len - (rec->data_len + rec->data_offset); + MBEDTLS_SSL_DEBUG_BUF(4, "before encrypt: output payload", + data, rec->data_len); - mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ); + mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc); - if( rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %" MBEDTLS_PRINTF_SIZET - " too large, maximum %" MBEDTLS_PRINTF_SIZET, - rec->data_len, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Record content %" MBEDTLS_PRINTF_SIZET + " too large, maximum %" MBEDTLS_PRINTF_SIZET, + rec->data_len, + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* The following two code paths implement the (D)TLSInnerPlaintext @@ -665,18 +673,16 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * is hence no risk of double-addition of the inner plaintext. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { size_t padding = - ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY ); - if( ssl_build_inner_plaintext( data, - &rec->data_len, - post_avail, - rec->type, - padding ) != 0 ) - { - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + ssl_compute_padding_length(rec->data_len, + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY); + if (ssl_build_inner_plaintext(data, + &rec->data_len, + post_avail, + rec->type, + padding) != 0) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } rec->type = MBEDTLS_SSL_MSG_APPLICATION_DATA; @@ -688,14 +694,13 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Add CID information */ rec->cid_len = transform->out_cid_len; - memcpy( rec->cid, transform->out_cid, transform->out_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "CID", rec->cid, rec->cid_len ); + memcpy(rec->cid, transform->out_cid, transform->out_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "CID", rec->cid, rec->cid_len); - if( rec->cid_len != 0 ) - { + if (rec->cid_len != 0) { size_t padding = - ssl_compute_padding_length( rec->data_len, - MBEDTLS_SSL_CID_PADDING_GRANULARITY ); + ssl_compute_padding_length(rec->data_len, + MBEDTLS_SSL_CID_PADDING_GRANULARITY); /* * Wrap plaintext into DTLSInnerPlaintext structure. * See ssl_build_inner_plaintext() for more information. @@ -703,100 +708,96 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Note that this changes `rec->data_len`, and hence * `post_avail` needs to be recalculated afterwards. */ - if( ssl_build_inner_plaintext( data, - &rec->data_len, - post_avail, - rec->type, - padding ) != 0 ) - { - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (ssl_build_inner_plaintext(data, + &rec->data_len, + post_avail, + rec->type, + padding) != 0) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } rec->type = MBEDTLS_SSL_MSG_CID; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - post_avail = rec->buf_len - ( rec->data_len + rec->data_offset ); + post_avail = rec->buf_len - (rec->data_len + rec->data_offset); /* * Add MAC before if needed */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( mode == MBEDTLS_MODE_STREAM || - ( mode == MBEDTLS_MODE_CBC + if (mode == MBEDTLS_MODE_STREAM || + (mode == MBEDTLS_MODE_CBC #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED + && transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED #endif - ) ) - { - if( post_avail < transform->maclen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + )) { + if (post_avail < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { unsigned char mac[SSL3_MAC_MAX_BYTES]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = ssl_mac( &transform->md_ctx_enc, transform->mac_enc, - data, rec->data_len, rec->ctr, rec->type, mac ); - if( ret == 0 ) - memcpy( data + rec->data_len, mac, transform->maclen ); - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); - return( ret ); + ret = ssl_mac(&transform->md_ctx_enc, transform->mac_enc, + data, rec->data_len, rec->ctr, rec->type, mac); + if (ret == 0) { + memcpy(data + rec->data_len, mac, transform->maclen); } - } - else + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret); + return ret; + } + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - add_data, add_data_len ); - if( ret != 0 ) + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + add_data, add_data_len); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac); + if (ret != 0) { goto hmac_failed_etm_disabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc); + if (ret != 0) { goto hmac_failed_etm_disabled; + } - memcpy( data + rec->data_len, mac, transform->maclen ); + memcpy(data + rec->data_len, mac, transform->maclen); - hmac_failed_etm_disabled: - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_hmac_xxx", ret ); - return( ret ); +hmac_failed_etm_disabled: + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_hmac_xxx", ret); + return ret; } - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac", data + rec->data_len, - transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "computed mac", data + rec->data_len, + transform->maclen); rec->data_len += transform->maclen; post_avail -= transform->maclen; @@ -808,51 +809,45 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Encrypt */ #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { + if (mode == MBEDTLS_MODE_STREAM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including %d bytes of padding", - rec->data_len, 0 ) ); - - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc, - transform->iv_enc, transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including %d bytes of padding", + rec->data_len, 0)); + + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + transform->iv_enc, transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || + if (mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { + mode == MBEDTLS_MODE_CHACHAPOLY) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char iv[12]; unsigned char *dynamic_iv; size_t dynamic_iv_len; int dynamic_iv_is_explicit = - ssl_transform_aead_dynamic_iv_is_explicit( transform ); + ssl_transform_aead_dynamic_iv_is_explicit(transform); /* Check that there's space for the authentication tag. */ - if( post_avail < transform->taglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < transform->taglen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* @@ -868,95 +863,91 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * record sequence number here in all cases. */ dynamic_iv = rec->ctr; - dynamic_iv_len = sizeof( rec->ctr ); + dynamic_iv_len = sizeof(rec->ctr); - ssl_build_record_nonce( iv, sizeof( iv ), - transform->iv_enc, - transform->fixed_ivlen, - dynamic_iv, - dynamic_iv_len ); + ssl_build_record_nonce(iv, sizeof(iv), + transform->iv_enc, + transform->fixed_ivlen, + dynamic_iv, + dynamic_iv_len); /* * Build additional data for AEAD encryption. * This depends on the TLS version. */ - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); - - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)", - iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (transmitted)", - dynamic_iv, - dynamic_iv_is_explicit ? dynamic_iv_len : 0 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", - add_data, add_data_len ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including 0 bytes of padding", - rec->data_len ) ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); + + MBEDTLS_SSL_DEBUG_BUF(4, "IV used (internal)", + iv, transform->ivlen); + MBEDTLS_SSL_DEBUG_BUF(4, "IV used (transmitted)", + dynamic_iv, + dynamic_iv_is_explicit ? dynamic_iv_len : 0); + MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD", + add_data, add_data_len); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including 0 bytes of padding", + rec->data_len)); /* * Encrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_encrypt_ext( &transform->cipher_ctx_enc, - iv, transform->ivlen, - add_data, add_data_len, - data, rec->data_len, /* src */ - data, rec->buf_len - (data - rec->buf), /* dst */ - &rec->data_len, - transform->taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret ); - return( ret ); - } - MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", - data + rec->data_len - transform->taglen, - transform->taglen ); + if ((ret = mbedtls_cipher_auth_encrypt_ext(&transform->cipher_ctx_enc, + iv, transform->ivlen, + add_data, add_data_len, + data, rec->data_len, /* src */ + data, rec->buf_len - (data - rec->buf), /* dst */ + &rec->data_len, + transform->taglen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt", ret); + return ret; + } + MBEDTLS_SSL_DEBUG_BUF(4, "after encrypt: tag", + data + rec->data_len - transform->taglen, + transform->taglen); /* Account for authentication tag. */ post_avail -= transform->taglen; /* * Prefix record content with dynamic IV in case it is explicit. */ - if( dynamic_iv_is_explicit != 0 ) - { - if( rec->data_offset < dynamic_iv_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (dynamic_iv_is_explicit != 0) { + if (rec->data_offset < dynamic_iv_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - memcpy( data - dynamic_iv_len, dynamic_iv, dynamic_iv_len ); + memcpy(data - dynamic_iv_len, dynamic_iv, dynamic_iv_len); rec->data_offset -= dynamic_iv_len; rec->data_len += dynamic_iv_len; } auth_done++; - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) - if( mode == MBEDTLS_MODE_CBC ) - { + if (mode == MBEDTLS_MODE_CBC) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t padlen, i; size_t olen; /* Currently we're always using minimal padding * (up to 255 bytes would be allowed). */ - padlen = transform->ivlen - ( rec->data_len + 1 ) % transform->ivlen; - if( padlen == transform->ivlen ) + padlen = transform->ivlen - (rec->data_len + 1) % transform->ivlen; + if (padlen == transform->ivlen) { padlen = 0; + } /* Check there's enough space in the buffer for the padding. */ - if( post_avail < padlen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < padlen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - for( i = 0; i <= padlen; i++ ) + for (i = 0; i <= padlen; i++) { data[rec->data_len + i] = (unsigned char) padlen; + } rec->data_len += padlen + 1; post_avail -= padlen + 1; @@ -966,65 +957,60 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * Prepend per-record IV for block cipher in TLS v1.1 and up as per * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - if( f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "No PRNG provided to encrypt_record routine" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { + if (f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("No PRNG provided to encrypt_record routine")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( rec->data_offset < transform->ivlen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (rec->data_offset < transform->ivlen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } /* * Generate IV */ - ret = f_rng( p_rng, transform->iv_enc, transform->ivlen ); - if( ret != 0 ) - return( ret ); + ret = f_rng(p_rng, transform->iv_enc, transform->ivlen); + if (ret != 0) { + return ret; + } - memcpy( data - transform->ivlen, transform->iv_enc, - transform->ivlen ); + memcpy(data - transform->ivlen, transform->iv_enc, + transform->ivlen); } #endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " - "including %" MBEDTLS_PRINTF_SIZET - " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding", - rec->data_len, transform->ivlen, - padlen + 1 ) ); - - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_enc, - transform->iv_enc, - transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " + "including %" + MBEDTLS_PRINTF_SIZET + " bytes of IV and %" MBEDTLS_PRINTF_SIZET " bytes of padding", + rec->data_len, transform->ivlen, + padlen + 1)); + + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + transform->iv_enc, + transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { /* * Save IV in SSL3 and TLS1 */ - memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv, - transform->ivlen ); - } - else + memcpy(transform->iv_enc, transform->cipher_ctx_enc.iv, + transform->ivlen); + } else #endif { data -= transform->ivlen; @@ -1033,8 +1019,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( auth_done == 0 ) - { + if (auth_done == 0) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; /* @@ -1046,72 +1031,72 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, * ENC(content + padding + padding_length)); */ - if( post_avail < transform->maclen) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (post_avail < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Buffer provided for encrypted record not large enough")); + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - ssl_extract_add_data_from_record( add_data, &add_data_len, - rec, transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, + rec, transform->minor_ver); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, - add_data_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac")); + MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data, + add_data_len); - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data, - add_data_len ); - if( ret != 0 ) + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, add_data, + add_data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_enc, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_enc, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_enc, mac ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_enc, mac); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_enc ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_enc); + if (ret != 0) { goto hmac_failed_etm_enabled; + } - memcpy( data + rec->data_len, mac, transform->maclen ); + memcpy(data + rec->data_len, mac, transform->maclen); rec->data_len += transform->maclen; post_avail -= transform->maclen; auth_done++; - hmac_failed_etm_enabled: - mbedtls_platform_zeroize( mac, transform->maclen ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "HMAC calculation failed", ret ); - return( ret ); +hmac_failed_etm_enabled: + mbedtls_platform_zeroize(mac, transform->maclen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "HMAC calculation failed", ret); + return ret; } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - } - else + } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC) */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (auth_done != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= encrypt buf")); - return( 0 ); + return 0; } -int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, - mbedtls_ssl_transform *transform, - mbedtls_record *rec ) +int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, + mbedtls_ssl_transform *transform, + mbedtls_record *rec) { size_t olen; mbedtls_cipher_mode_t mode; @@ -1119,8 +1104,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) size_t padlen = 0, correct = 1; #endif - unsigned char* data; - unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX ]; + unsigned char *data; + unsigned char add_data[13 + 1 + MBEDTLS_SSL_CID_IN_LEN_MAX]; size_t add_data_len; #if !defined(MBEDTLS_DEBUG_C) @@ -1128,59 +1113,60 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, ((void) ssl); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); - if( rec == NULL || + MBEDTLS_SSL_DEBUG_MSG(2, ("=> decrypt buf")); + if (rec == NULL || rec->buf == NULL || rec->buf_len < rec->data_offset || - rec->buf_len - rec->data_offset < rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad record structure provided to decrypt_buf" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + rec->buf_len - rec->data_offset < rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad record structure provided to decrypt_buf")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } data = rec->buf + rec->data_offset; - mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec ); + mode = mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* * Match record's CID with incoming CID. */ - if( rec->cid_len != transform->in_cid_len || - memcmp( rec->cid, transform->in_cid, rec->cid_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_UNEXPECTED_CID ); + if (rec->cid_len != transform->in_cid_len || + memcmp(rec->cid, transform->in_cid, rec->cid_len) != 0) { + return MBEDTLS_ERR_SSL_UNEXPECTED_CID; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( mode == MBEDTLS_MODE_STREAM ) - { + if (mode == MBEDTLS_MODE_STREAM) { + if (rec->data_len < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("Record too short for MAC:" + " %" MBEDTLS_PRINTF_SIZET " < %" MBEDTLS_PRINTF_SIZET, + rec->data_len, transform->maclen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; + } + padlen = 0; - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec, - transform->iv_dec, - transform->ivlen, - data, rec->data_len, - data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec, + transform->iv_dec, + transform->ivlen, + data, rec->data_len, + data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( mode == MBEDTLS_MODE_GCM || + if (mode == MBEDTLS_MODE_GCM || mode == MBEDTLS_MODE_CCM || - mode == MBEDTLS_MODE_CHACHAPOLY ) - { + mode == MBEDTLS_MODE_CHACHAPOLY) { unsigned char iv[12]; unsigned char *dynamic_iv; size_t dynamic_iv_len; @@ -1193,106 +1179,97 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * can be chosen freely - in particular, it need not * agree with the record sequence number. */ - dynamic_iv_len = sizeof( rec->ctr ); - if( ssl_transform_aead_dynamic_iv_is_explicit( transform ) == 1 ) - { - if( rec->data_len < dynamic_iv_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ", - rec->data_len, - dynamic_iv_len ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + dynamic_iv_len = sizeof(rec->ctr); + if (ssl_transform_aead_dynamic_iv_is_explicit(transform) == 1) { + if (rec->data_len < dynamic_iv_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + " ) < explicit_iv_len (%" MBEDTLS_PRINTF_SIZET ") ", + rec->data_len, + dynamic_iv_len)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } dynamic_iv = data; data += dynamic_iv_len; rec->data_offset += dynamic_iv_len; rec->data_len -= dynamic_iv_len; - } - else - { + } else { dynamic_iv = rec->ctr; } /* Check that there's space for the authentication tag. */ - if( rec->data_len < transform->taglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ", - rec->data_len, - transform->taglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len < transform->taglen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < taglen (%" MBEDTLS_PRINTF_SIZET ") ", + rec->data_len, + transform->taglen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } rec->data_len -= transform->taglen; /* * Prepare nonce from dynamic and static parts. */ - ssl_build_record_nonce( iv, sizeof( iv ), - transform->iv_dec, - transform->fixed_ivlen, - dynamic_iv, - dynamic_iv_len ); + ssl_build_record_nonce(iv, sizeof(iv), + transform->iv_dec, + transform->fixed_ivlen, + dynamic_iv, + dynamic_iv_len); /* * Build additional data for AEAD encryption. * This depends on the TLS version. */ - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); - MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD", - add_data, add_data_len ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); + MBEDTLS_SSL_DEBUG_BUF(4, "additional data used for AEAD", + add_data, add_data_len); /* Because of the check above, we know that there are - * explicit_iv_len Bytes preceeding data, and taglen + * explicit_iv_len Bytes preceding data, and taglen * bytes following data + data_len. This justifies * the debug message and the invocation of * mbedtls_cipher_auth_decrypt() below. */ - MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", iv, transform->ivlen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", data + rec->data_len, - transform->taglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "IV used", iv, transform->ivlen); + MBEDTLS_SSL_DEBUG_BUF(4, "TAG used", data + rec->data_len, + transform->taglen); /* * Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt_ext( &transform->cipher_ctx_dec, - iv, transform->ivlen, - add_data, add_data_len, - data, rec->data_len + transform->taglen, /* src */ - data, rec->buf_len - (data - rec->buf), &olen, /* dst */ - transform->taglen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret ); - - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec, + iv, transform->ivlen, + add_data, add_data_len, + data, rec->data_len + transform->taglen, /* src */ + data, rec->buf_len - (data - rec->buf), &olen, /* dst */ + transform->taglen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt", ret); + + if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) { + return MBEDTLS_ERR_SSL_INVALID_MAC; + } - return( ret ); + return ret; } auth_done++; /* Double-check that AEAD decryption doesn't change content length. */ - if( olen != rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (olen != rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) - if( mode == MBEDTLS_MODE_CBC ) - { + if (mode == MBEDTLS_MODE_CBC) { size_t minlen = 0; /* * Check immediate ciphertext sanity */ #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { /* The ciphertext is prefixed with the CBC IV. */ minlen += transform->ivlen; } @@ -1319,27 +1296,26 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * lower bound minlen + maclen + 1 on the record size, which * we test for in the second check below. */ - if( rec->data_len < minlen + transform->ivlen || - rec->data_len < minlen + transform->maclen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET - "), maclen (%" MBEDTLS_PRINTF_SIZET ") " - "+ 1 ) ( + expl IV )", rec->data_len, - transform->ivlen, - transform->maclen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len < minlen + transform->ivlen || + rec->data_len < minlen + transform->maclen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < max( ivlen(%" MBEDTLS_PRINTF_SIZET + "), maclen (%" MBEDTLS_PRINTF_SIZET ") " + "+ 1 ) ( + expl IV )", + rec->data_len, + transform->ivlen, + transform->maclen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } /* * Authenticate before decrypt if enabled */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { + if (transform->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) { unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("using encrypt then mac")); /* Update data_len in tandem with add_data. * @@ -1352,49 +1328,52 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * * Further, we still know that data_len > minlen */ rec->data_len -= transform->maclen; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); /* Calculate expected MAC. */ - MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data, - add_data_len ); - ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, add_data, - add_data_len ); - if( ret != 0 ) + MBEDTLS_SSL_DEBUG_BUF(4, "MAC'd meta-data", add_data, + add_data_len); + ret = mbedtls_md_hmac_update(&transform->md_ctx_dec, add_data, + add_data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_update( &transform->md_ctx_dec, - data, rec->data_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&transform->md_ctx_dec, + data, rec->data_len); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_finish( &transform->md_ctx_dec, mac_expect ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&transform->md_ctx_dec, mac_expect); + if (ret != 0) { goto hmac_failed_etm_enabled; - ret = mbedtls_md_hmac_reset( &transform->md_ctx_dec ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_reset(&transform->md_ctx_dec); + if (ret != 0) { goto hmac_failed_etm_enabled; + } - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", data + rec->data_len, - transform->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, - transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "message mac", data + rec->data_len, + transform->maclen); + MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect, + transform->maclen); /* Compare expected MAC with MAC at the end of the record. */ - if( mbedtls_ct_memcmp( data + rec->data_len, mac_expect, - transform->maclen ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + if (mbedtls_ct_memcmp(data + rec->data_len, mac_expect, + transform->maclen) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); ret = MBEDTLS_ERR_SSL_INVALID_MAC; goto hmac_failed_etm_enabled; } auth_done++; - hmac_failed_etm_enabled: - mbedtls_platform_zeroize( mac_expect, transform->maclen ); - if( ret != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_INVALID_MAC ) - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_hmac_xxx", ret ); - return( ret ); +hmac_failed_etm_enabled: + mbedtls_platform_zeroize(mac_expect, transform->maclen); + if (ret != 0) { + if (ret != MBEDTLS_ERR_SSL_INVALID_MAC) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_hmac_xxx", ret); + } + return ret; } } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ @@ -1406,22 +1385,20 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* We know from above that data_len > minlen >= 0, * so the following check in particular implies that * data_len >= minlen + ivlen ( = minlen or 2 * minlen ). */ - if( rec->data_len % transform->ivlen != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0", - rec->data_len, transform->ivlen ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (rec->data_len % transform->ivlen != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") %% ivlen (%" MBEDTLS_PRINTF_SIZET ") != 0", + rec->data_len, transform->ivlen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; } #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * Initialize for prepended IV for block cipher in TLS v1.1 and up */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */ - memcpy( transform->iv_dec, data, transform->ivlen ); + memcpy(transform->iv_dec, data, transform->ivlen); data += transform->ivlen; rec->data_offset += transform->ivlen; @@ -1431,32 +1408,29 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */ - if( ( ret = mbedtls_cipher_crypt( &transform->cipher_ctx_dec, - transform->iv_dec, transform->ivlen, - data, rec->data_len, data, &olen ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret ); - return( ret ); + if ((ret = mbedtls_cipher_crypt(&transform->cipher_ctx_dec, + transform->iv_dec, transform->ivlen, + data, rec->data_len, data, &olen)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_crypt", ret); + return ret; } /* Double-check that length hasn't changed during decryption. */ - if( rec->data_len != olen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec->data_len != olen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { /* * Save IV in SSL3 and TLS1, where CBC decryption of consecutive * records is equivalent to CBC decryption of the concatenation * of the records; in other words, IVs are maintained across * record decryptions. */ - memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv, - transform->ivlen ); + memcpy(transform->iv_dec, transform->cipher_ctx_dec.iv, + transform->ivlen); } #endif @@ -1466,31 +1440,27 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * >= ivlen ). */ padlen = data[rec->data_len - 1]; - if( auth_done == 1 ) - { + if (auth_done == 1) { const size_t mask = mbedtls_ct_size_mask_ge( - rec->data_len, - padlen + 1 ); + rec->data_len, + padlen + 1); correct &= mask; padlen &= mask; - } - else - { + } else { #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( rec->data_len < transform->maclen + padlen + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%" MBEDTLS_PRINTF_SIZET - ") < maclen (%" MBEDTLS_PRINTF_SIZET - ") + padlen (%" MBEDTLS_PRINTF_SIZET ")", - rec->data_len, - transform->maclen, - padlen + 1 ) ); + if (rec->data_len < transform->maclen + padlen + 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("msglen (%" MBEDTLS_PRINTF_SIZET + ") < maclen (%" MBEDTLS_PRINTF_SIZET + ") + padlen (%" MBEDTLS_PRINTF_SIZET ")", + rec->data_len, + transform->maclen, + padlen + 1)); } #endif const size_t mask = mbedtls_ct_size_mask_ge( - rec->data_len, - transform->maclen + padlen + 1 ); + rec->data_len, + transform->maclen + padlen + 1); correct &= mask; padlen &= mask; } @@ -1501,28 +1471,25 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * we have data_len >= padlen here. */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { /* This is the SSL 3.0 path, we don't have to worry about Lucky * 13, because there's a strictly worse padding attack built in * the protocol (known as part of POODLE), so we don't care if the * code is not constant-time, in particular branches are OK. */ - if( padlen > transform->ivlen ) - { + if (padlen > transform->ivlen) { #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %" MBEDTLS_PRINTF_SIZET ", " - "should be no more than %" MBEDTLS_PRINTF_SIZET, - padlen, transform->ivlen ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding length: is %" MBEDTLS_PRINTF_SIZET ", " + "should be no more than %" + MBEDTLS_PRINTF_SIZET, + padlen, transform->ivlen)); #endif correct = 0; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) { /* The padding check involves a series of up to 256 * consecutive memory reads at the end of the record * plaintext buffer. In order to hide the length and @@ -1530,7 +1497,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * `min(256,plaintext_len)` reads (but take into account * only the last `padlen` bytes for the padding check). */ size_t pad_count = 0; - volatile unsigned char* const check = data; + volatile unsigned char * const check = data; /* Index of first padding byte; it has been ensured above * that the subtraction is safe. */ @@ -1539,30 +1506,29 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, size_t const start_idx = rec->data_len - num_checks; size_t idx; - for( idx = start_idx; idx < rec->data_len; idx++ ) - { + for (idx = start_idx; idx < rec->data_len; idx++) { /* pad_count += (idx >= padding_idx) && * (check[idx] == padlen - 1); */ - const size_t mask = mbedtls_ct_size_mask_ge( idx, padding_idx ); - const size_t equal = mbedtls_ct_size_bool_eq( check[idx], - padlen - 1 ); + const size_t mask = mbedtls_ct_size_mask_ge(idx, padding_idx); + const size_t equal = mbedtls_ct_size_bool_eq(check[idx], + padlen - 1); pad_count += mask & equal; } - correct &= mbedtls_ct_size_bool_eq( pad_count, padlen ); + correct &= mbedtls_ct_size_bool_eq(pad_count, padlen); #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( padlen > 0 && correct == 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); + if (padlen > 0 && correct == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected")); + } #endif - padlen &= mbedtls_ct_size_mask( correct ); - } - else + padlen &= mbedtls_ct_size_mask(correct); + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* If the padding was found to be invalid, padlen == 0 @@ -1570,17 +1536,16 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * padlen hasn't been changed and the previous assertion * data_len >= padlen still holds. */ rec->data_len -= padlen; - } - else + } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption", - data, rec->data_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "raw buffer after decryption", + data, rec->data_len); #endif /* @@ -1588,12 +1553,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( auth_done == 0 ) - { - unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; - unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD]; + if (auth_done == 0) { + unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 }; + unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 }; - /* If the initial value of padlen was such that + /* For CBC+MAC, If the initial value of padlen was such that * data_len < maclen + padlen + 1, then padlen * got reset to 1, and the initial check * data_len >= minlen + maclen + 1 @@ -1605,32 +1569,31 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * subtracted either padlen + 1 (if the padding was correct) * or 0 (if the padding was incorrect) since then, * hence data_len >= maclen in any case. + * + * For stream ciphers, we checked above that + * data_len >= maclen. */ rec->data_len -= transform->maclen; - ssl_extract_add_data_from_record( add_data, &add_data_len, rec, - transform->minor_ver ); + ssl_extract_add_data_from_record(add_data, &add_data_len, rec, + transform->minor_ver); #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - ret = ssl_mac( &transform->md_ctx_dec, - transform->mac_dec, - data, rec->data_len, - rec->ctr, rec->type, - mac_expect ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_mac", ret ); + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + ret = ssl_mac(&transform->md_ctx_dec, + transform->mac_dec, + data, rec->data_len, + rec->ctr, rec->type, + mac_expect); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_mac", ret); goto hmac_failed_etm_disabled; } - memcpy( mac_peer, data + rec->data_len, transform->maclen ); - } - else + memcpy(mac_peer, data + rec->data_len, transform->maclen); + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (transform->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0) { /* * The next two sizes are the minimum and maximum values of * data_len over all padlen values. @@ -1642,92 +1605,90 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * length, as we previously did in_msglen -= maclen too. */ const size_t max_len = rec->data_len + padlen; - const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0; - - ret = mbedtls_ct_hmac( &transform->md_ctx_dec, - add_data, add_data_len, - data, rec->data_len, min_len, max_len, - mac_expect ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ct_hmac", ret ); + const size_t min_len = (max_len > 256) ? max_len - 256 : 0; + + ret = mbedtls_ct_hmac(&transform->md_ctx_dec, + add_data, add_data_len, + data, rec->data_len, min_len, max_len, + mac_expect); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ct_hmac", ret); goto hmac_failed_etm_disabled; } - mbedtls_ct_memcpy_offset( mac_peer, data, - rec->data_len, - min_len, max_len, - transform->maclen ); - } - else + mbedtls_ct_memcpy_offset(mac_peer, data, + rec->data_len, + min_len, max_len, + transform->maclen); + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, transform->maclen ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message mac", mac_peer, transform->maclen ); + MBEDTLS_SSL_DEBUG_BUF(4, "expected mac", mac_expect, transform->maclen); + MBEDTLS_SSL_DEBUG_BUF(4, "message mac", mac_peer, transform->maclen); #endif - if( mbedtls_ct_memcmp( mac_peer, mac_expect, - transform->maclen ) != 0 ) - { + if (mbedtls_ct_memcmp(mac_peer, mac_expect, + transform->maclen) != 0) { #if defined(MBEDTLS_SSL_DEBUG_ALL) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); #endif correct = 0; } auth_done++; - hmac_failed_etm_disabled: - mbedtls_platform_zeroize( mac_peer, transform->maclen ); - mbedtls_platform_zeroize( mac_expect, transform->maclen ); - if( ret != 0 ) - return( ret ); +hmac_failed_etm_disabled: + mbedtls_platform_zeroize(mac_peer, transform->maclen); + mbedtls_platform_zeroize(mac_expect, transform->maclen); + if (ret != 0) { + return ret; + } } /* * Finally check the correct flag */ - if( correct == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (correct == 0) { + return MBEDTLS_ERR_SSL_INVALID_MAC; + } #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ /* Make extra sure authentication was performed, exactly once */ - if( auth_done != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (auth_done != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* Remove inner padding and infer true content type. */ - ret = ssl_parse_inner_plaintext( data, &rec->data_len, - &rec->type ); + ret = ssl_parse_inner_plaintext(data, &rec->data_len, + &rec->type); - if( ret != 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ret != 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec->cid_len != 0 ) - { - ret = ssl_parse_inner_plaintext( data, &rec->data_len, - &rec->type ); - if( ret != 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->cid_len != 0) { + ret = ssl_parse_inner_plaintext(data, &rec->data_len, + &rec->type); + if (ret != 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= decrypt buf")); - return( 0 ); + return 0; } #undef MAC_NONE @@ -1738,7 +1699,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* * Compression/decompression functions */ -static int ssl_compress_buf( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_compress_buf(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *msg_post = ssl->out_msg; @@ -1751,46 +1713,47 @@ static int ssl_compress_buf( mbedtls_ssl_context *ssl ) size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> compress buf")); - if( len_pre == 0 ) - return( 0 ); + if (len_pre == 0) { + return 0; + } - memcpy( msg_pre, ssl->out_msg, len_pre ); + memcpy(msg_pre, ssl->out_msg, len_pre); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->out_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->out_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "before compression: output payload", + ssl->out_msg, ssl->out_msglen); ssl->transform_out->ctx_deflate.next_in = msg_pre; ssl->transform_out->ctx_deflate.avail_in = len_pre; ssl->transform_out->ctx_deflate.next_out = msg_post; ssl->transform_out->ctx_deflate.avail_out = out_buf_len - bytes_written; - ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + ret = deflate(&ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH); + if (ret != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform compression (%d)", ret)); + return MBEDTLS_ERR_SSL_COMPRESSION_FAILED; } ssl->out_msglen = out_buf_len - ssl->transform_out->ctx_deflate.avail_out - bytes_written; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->out_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("after compression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->out_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "after compression: output payload", + ssl->out_msg, ssl->out_msglen); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= compress buf")); - return( 0 ); + return 0; } -static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_decompress_buf(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *msg_post = ssl->in_msg; @@ -1803,43 +1766,43 @@ static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> decompress buf")); - if( len_pre == 0 ) - return( 0 ); + if (len_pre == 0) { + return 0; + } - memcpy( msg_pre, ssl->in_msg, len_pre ); + memcpy(msg_pre, ssl->in_msg, len_pre); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->in_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("before decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->in_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload", - ssl->in_msg, ssl->in_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "before decompression: input payload", + ssl->in_msg, ssl->in_msglen); ssl->transform_in->ctx_inflate.next_in = msg_pre; ssl->transform_in->ctx_inflate.avail_in = len_pre; ssl->transform_in->ctx_inflate.next_out = msg_post; ssl->transform_in->ctx_inflate.avail_out = in_buf_len - header_bytes; - ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); - if( ret != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); - return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED ); + ret = inflate(&ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH); + if (ret != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("failed to perform decompression (%d)", ret)); + return MBEDTLS_ERR_SSL_COMPRESSION_FAILED; } ssl->in_msglen = in_buf_len - ssl->transform_in->ctx_inflate.avail_out - header_bytes; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", - ssl->in_msglen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("after decompression: msglen = %" MBEDTLS_PRINTF_SIZET ", ", + ssl->in_msglen)); - MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload", - ssl->in_msg, ssl->in_msglen ); + MBEDTLS_SSL_DEBUG_BUF(4, "after decompression: input payload", + ssl->in_msg, ssl->in_msglen); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= decompress buf")); - return( 0 ); + return 0; } #endif /* MBEDTLS_ZLIB_SUPPORT */ @@ -1858,7 +1821,7 @@ static int ssl_decompress_buf( mbedtls_ssl_context *ssl ) * For DTLS, it is up to the caller to set ssl->next_record_offset when * they're done reading a record. */ -int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) +int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -1868,24 +1831,20 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> fetch input")); - if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " - "or mbedtls_ssl_set_bio()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->f_recv == NULL && ssl->f_recv_timeout == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() ")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( nb_want > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (nb_want > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("requesting more data than fits")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { uint32_t timeout; /* @@ -1898,40 +1857,36 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) /* * Move to the next record in the already read datagram if applicable */ - if( ssl->next_record_offset != 0 ) - { - if( ssl->in_left < ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->next_record_offset != 0) { + if (ssl->in_left < ssl->next_record_offset) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->in_left -= ssl->next_record_offset; - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %" - MBEDTLS_PRINTF_SIZET, - ssl->next_record_offset ) ); - memmove( ssl->in_hdr, - ssl->in_hdr + ssl->next_record_offset, - ssl->in_left ); + if (ssl->in_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("next record in same datagram, offset: %" + MBEDTLS_PRINTF_SIZET, + ssl->next_record_offset)); + memmove(ssl->in_hdr, + ssl->in_hdr + ssl->next_record_offset, + ssl->in_left); } ssl->next_record_offset = 0; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); /* * Done if we already have enough data. */ - if( nb_want <= ssl->in_left) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); - return( 0 ); + if (nb_want <= ssl->in_left) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input")); + return 0; } /* @@ -1939,10 +1894,9 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) * are not at the beginning of a new record, the caller did something * wrong. */ - if( ssl->in_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->in_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -1950,196 +1904,182 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) * This avoids by-passing the timer when repeatedly receiving messages * that will end up being dropped. */ - if( mbedtls_ssl_check_timer( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timer has expired" ) ); + if (mbedtls_ssl_check_timer(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired")); ret = MBEDTLS_ERR_SSL_TIMEOUT; - } - else - { - len = in_buf_len - ( ssl->in_hdr - ssl->in_buf ); + } else { + len = in_buf_len - (ssl->in_hdr - ssl->in_buf); - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { timeout = ssl->handshake->retransmit_timeout; - else + } else { timeout = ssl->conf->read_timeout; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %lu ms", (unsigned long) timeout ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("f_recv_timeout: %lu ms", (unsigned long) timeout)); - if( ssl->f_recv_timeout != NULL ) - ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len, - timeout ); - else - ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len ); + if (ssl->f_recv_timeout != NULL) { + ret = ssl->f_recv_timeout(ssl->p_bio, ssl->in_hdr, len, + timeout); + } else { + ret = ssl->f_recv(ssl->p_bio, ssl->in_hdr, len); + } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret); - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_CONN_EOF; + } } - if( ret == MBEDTLS_ERR_SSL_TIMEOUT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) ); - mbedtls_ssl_set_timer( ssl, 0 ); + if (ret == MBEDTLS_ERR_SSL_TIMEOUT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("timeout")); + mbedtls_ssl_set_timer(ssl, 0); - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ssl_double_retransmit_timeout( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) ); - return( MBEDTLS_ERR_SSL_TIMEOUT ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + if (ssl_double_retransmit_timeout(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake timeout")); + return MBEDTLS_ERR_SSL_TIMEOUT; } - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); + if ((ret = mbedtls_ssl_resend(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret); + return ret; } - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request", - ret ); - return( ret ); + else if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request", + ret); + return ret; } - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ } - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } ssl->in_left = ret; - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); - while( ssl->in_left < nb_want ) - { + while (ssl->in_left < nb_want) { len = nb_want - ssl->in_left; - if( mbedtls_ssl_check_timer( ssl ) != 0 ) + if (mbedtls_ssl_check_timer(ssl) != 0) { ret = MBEDTLS_ERR_SSL_TIMEOUT; - else - { - if( ssl->f_recv_timeout != NULL ) - { - ret = ssl->f_recv_timeout( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len, - ssl->conf->read_timeout ); - } - else - { - ret = ssl->f_recv( ssl->p_bio, - ssl->in_hdr + ssl->in_left, len ); + } else { + if (ssl->f_recv_timeout != NULL) { + ret = ssl->f_recv_timeout(ssl->p_bio, + ssl->in_hdr + ssl->in_left, len, + ssl->conf->read_timeout); + } else { + ret = ssl->f_recv(ssl->p_bio, + ssl->in_hdr + ssl->in_left, len); } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %" MBEDTLS_PRINTF_SIZET - ", nb_want: %" MBEDTLS_PRINTF_SIZET, - ssl->in_left, nb_want ) ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("in_left: %" MBEDTLS_PRINTF_SIZET + ", nb_want: %" MBEDTLS_PRINTF_SIZET, + ssl->in_left, nb_want)); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_recv(_timeout)", ret); - if( ret == 0 ) - return( MBEDTLS_ERR_SSL_CONN_EOF ); + if (ret == 0) { + return MBEDTLS_ERR_SSL_CONN_EOF; + } - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } - if ( (size_t)ret > len || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " were requested", - ret, len ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((size_t) ret > len || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET + " were requested", + ret, len)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->in_left += ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= fetch input")); - return( 0 ); + return 0; } /* * Flush any data not yet written */ -int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *buf; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> flush output")); - if( ssl->f_send == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() " - "or mbedtls_ssl_set_bio()" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->f_send == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Bad usage of mbedtls_ssl_set_bio() ")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Avoid incrementing counter if data is flushed */ - if( ssl->out_left == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); - return( 0 ); + if (ssl->out_left == 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output")); + return 0; } - while( ssl->out_left > 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %" MBEDTLS_PRINTF_SIZET - ", out_left: %" MBEDTLS_PRINTF_SIZET, - mbedtls_ssl_out_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); + while (ssl->out_left > 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("message length: %" MBEDTLS_PRINTF_SIZET + ", out_left: %" MBEDTLS_PRINTF_SIZET, + mbedtls_ssl_out_hdr_len(ssl) + ssl->out_msglen, ssl->out_left)); buf = ssl->out_hdr - ssl->out_left; - ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); + ret = ssl->f_send(ssl->p_bio, buf, ssl->out_left); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", ret); - if( ret <= 0 ) - return( ret ); + if (ret <= 0) { + return ret; + } - if( (size_t)ret > ssl->out_left || ( INT_MAX > SIZE_MAX && ret > (int)SIZE_MAX ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, - ( "f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " bytes were sent", - ret, ssl->out_left ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((size_t) ret > ssl->out_left || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET + " bytes were sent", + ret, ssl->out_left)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->out_left -= ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_hdr = ssl->out_buf; - } - else + } else #endif { ssl->out_hdr = ssl->out_buf + 8; } - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= flush output")); - return( 0 ); + return 0; } /* @@ -2149,64 +2089,62 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) /* * Append current handshake message to current outgoing flight */ -static int ssl_flight_append( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_flight_append(mbedtls_ssl_context *ssl) { mbedtls_ssl_flight_item *msg; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight", - ssl->out_msg, ssl->out_msglen ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_flight_append")); + MBEDTLS_SSL_DEBUG_BUF(4, "message appended to flight", + ssl->out_msg, ssl->out_msglen); /* Allocate space for current message */ - if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", - sizeof( mbedtls_ssl_flight_item ) ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((msg = mbedtls_calloc(1, sizeof(mbedtls_ssl_flight_item))) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", + sizeof(mbedtls_ssl_flight_item))); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", - ssl->out_msglen ) ); - mbedtls_free( msg ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((msg->p = mbedtls_calloc(1, ssl->out_msglen)) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc %" MBEDTLS_PRINTF_SIZET " bytes failed", + ssl->out_msglen)); + mbedtls_free(msg); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* Copy current handshake message with headers */ - memcpy( msg->p, ssl->out_msg, ssl->out_msglen ); + memcpy(msg->p, ssl->out_msg, ssl->out_msglen); msg->len = ssl->out_msglen; msg->type = ssl->out_msgtype; msg->next = NULL; /* Append to the current flight */ - if( ssl->handshake->flight == NULL ) + if (ssl->handshake->flight == NULL) { ssl->handshake->flight = msg; - else - { + } else { mbedtls_ssl_flight_item *cur = ssl->handshake->flight; - while( cur->next != NULL ) + while (cur->next != NULL) { cur = cur->next; + } cur->next = msg; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_flight_append")); + return 0; } /* * Free the current flight of handshake messages */ -void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ) +void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight) { mbedtls_ssl_flight_item *cur = flight; mbedtls_ssl_flight_item *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur->p ); - mbedtls_free( cur ); + mbedtls_free(cur->p); + mbedtls_free(cur); cur = next; } @@ -2215,18 +2153,18 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ) /* * Swap transform_out and out_ctr with the alternative ones */ -static int ssl_swap_epochs( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_swap_epochs(mbedtls_ssl_context *ssl) { mbedtls_ssl_transform *tmp_transform; unsigned char tmp_out_ctr[8]; - if( ssl->transform_out == ssl->handshake->alt_transform_out ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) ); - return( 0 ); + if (ssl->transform_out == ssl->handshake->alt_transform_out) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip swap epochs")); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("swap epochs")); /* Swap transforms */ tmp_transform = ssl->transform_out; @@ -2234,42 +2172,40 @@ static int ssl_swap_epochs( mbedtls_ssl_context *ssl ) ssl->handshake->alt_transform_out = tmp_transform; /* Swap epoch + sequence_number */ - memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); - memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); - memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); + memcpy(tmp_out_ctr, ssl->cur_out_ctr, 8); + memcpy(ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8); + memcpy(ssl->handshake->alt_out_ctr, tmp_out_ctr, 8); /* Adjust to the newly activated transform */ - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - int ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + int ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif - return( 0 ); + return 0; } /* * Retransmit the current flight of messages. */ -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_resend(mbedtls_ssl_context *ssl) { int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_resend")); - ret = mbedtls_ssl_flight_transmit( ssl ); + ret = mbedtls_ssl_flight_transmit(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_resend")); - return( ret ); + return ret; } /* @@ -2279,121 +2215,117 @@ int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) * WANT_WRITE, causing us to exit this function and come back later. * This function must be called until state is no longer SENDING. */ -int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_flight_transmit")); - if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) ); + if (ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING) { + MBEDTLS_SSL_DEBUG_MSG(2, ("initialise flight transmission")); ssl->handshake->cur_msg = ssl->handshake->flight; ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; } - while( ssl->handshake->cur_msg != NULL ) - { + while (ssl->handshake->cur_msg != NULL) { size_t max_frag_len; const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; int const is_finished = - ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && - cur->p[0] == MBEDTLS_SSL_HS_FINISHED ); + (cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && + cur->p[0] == MBEDTLS_SSL_HS_FINISHED); uint8_t const force_flush = ssl->disable_datagram_packing == 1 ? - SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; + SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; /* Swap epochs before sending Finished: we can't do it after * sending ChangeCipherSpec, in case write returns WANT_READ. * Must be done before copying, may change out_msg pointer */ - if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) ); - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + if (is_finished && ssl->handshake->cur_msg_p == (cur->p + 12)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("swap epochs to send finished message")); + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } } - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + ret = ssl_get_remaining_payload_in_datagram(ssl); + if (ret < 0) { + return ret; + } max_frag_len = (size_t) ret; /* CCS is copied as is, while HS messages may need fragmentation */ - if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( max_frag_len == 0 ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if (cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + if (max_frag_len == 0) { + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } continue; } - memcpy( ssl->out_msg, cur->p, cur->len ); + memcpy(ssl->out_msg, cur->p, cur->len); ssl->out_msglen = cur->len; ssl->out_msgtype = cur->type; /* Update position inside current message */ ssl->handshake->cur_msg_p += cur->len; - } - else - { + } else { const unsigned char * const p = ssl->handshake->cur_msg_p; const size_t hs_len = cur->len - 12; - const size_t frag_off = p - ( cur->p + 12 ); + const size_t frag_off = p - (cur->p + 12); const size_t rem_len = hs_len - frag_off; size_t cur_hs_frag_len, max_hs_frag_len; - if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) ) - { - if( is_finished ) - { - ret = ssl_swap_epochs( ssl ); - if( ret != 0 ) - return( ret ); + if ((max_frag_len < 12) || (max_frag_len == 12 && hs_len != 0)) { + if (is_finished) { + ret = ssl_swap_epochs(ssl); + if (ret != 0) { + return ret; + } } - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } continue; } max_hs_frag_len = max_frag_len - 12; cur_hs_frag_len = rem_len > max_hs_frag_len ? - max_hs_frag_len : rem_len; + max_hs_frag_len : rem_len; - if( frag_off == 0 && cur_hs_frag_len != hs_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)", - (unsigned) cur_hs_frag_len, - (unsigned) max_hs_frag_len ) ); + if (frag_off == 0 && cur_hs_frag_len != hs_len) { + MBEDTLS_SSL_DEBUG_MSG(2, ("fragmenting handshake message (%u > %u)", + (unsigned) cur_hs_frag_len, + (unsigned) max_hs_frag_len)); } /* Messages are stored with handshake headers as if not fragmented, * copy beginning of headers then fill fragmentation fields. * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ - memcpy( ssl->out_msg, cur->p, 6 ); + memcpy(ssl->out_msg, cur->p, 6); - ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off ); - ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off ); - ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off ); + ssl->out_msg[6] = MBEDTLS_BYTE_2(frag_off); + ssl->out_msg[7] = MBEDTLS_BYTE_1(frag_off); + ssl->out_msg[8] = MBEDTLS_BYTE_0(frag_off); - ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len ); - ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len ); - ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len ); + ssl->out_msg[9] = MBEDTLS_BYTE_2(cur_hs_frag_len); + ssl->out_msg[10] = MBEDTLS_BYTE_1(cur_hs_frag_len); + ssl->out_msg[11] = MBEDTLS_BYTE_0(cur_hs_frag_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); + MBEDTLS_SSL_DEBUG_BUF(3, "handshake header", ssl->out_msg, 12); /* Copy the handshake message content and set records fields */ - memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); + memcpy(ssl->out_msg + 12, p, cur_hs_frag_len); ssl->out_msglen = cur_hs_frag_len + 12; ssl->out_msgtype = cur->type; @@ -2402,52 +2334,47 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) } /* If done with the current message move to the next one if any */ - if( ssl->handshake->cur_msg_p >= cur->p + cur->len ) - { - if( cur->next != NULL ) - { + if (ssl->handshake->cur_msg_p >= cur->p + cur->len) { + if (cur->next != NULL) { ssl->handshake->cur_msg = cur->next; ssl->handshake->cur_msg_p = cur->next->p + 12; - } - else - { + } else { ssl->handshake->cur_msg = NULL; ssl->handshake->cur_msg_p = NULL; } } /* Actually send the message out */ - if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, force_flush)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } } - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } /* Update state and set timer */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - else - { + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; - mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_flight_transmit")); - return( 0 ); + return 0; } /* * To be called when the last message of an incoming flight is received. */ -void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl) { /* We won't need to resend that one any more */ - mbedtls_ssl_flight_free( ssl->handshake->flight ); + mbedtls_ssl_flight_free(ssl->handshake->flight); ssl->handshake->flight = NULL; ssl->handshake->cur_msg = NULL; @@ -2458,35 +2385,33 @@ void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) ssl->handshake->buffering.seen_ccs = 0; /* Clear future message buffering structure. */ - mbedtls_ssl_buffering_free( ssl ); + mbedtls_ssl_buffering_free(ssl); /* Cancel timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; + } } /* * To be called when the last message of an outgoing flight is send. */ -void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl) { - ssl_reset_retransmit_timeout( ssl ); - mbedtls_ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); + ssl_reset_retransmit_timeout(ssl); + mbedtls_ssl_set_timer(ssl, ssl->handshake->retransmit_timeout); - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; - } - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2516,49 +2441,46 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) * (including handshake headers but excluding record headers) * - ssl->out_msg: the record contents (handshake headers + content) */ -int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; const unsigned char hs_type = ssl->out_msg[0]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write handshake message")); /* * Sanity checks */ - if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { + if (ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { /* In SSLv3, the client might send a NoCertificate alert. */ #if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) - if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && - ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) ) + if (!(ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT)) #endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } /* Whenever we send anything different from a * HelloRequest we should be in a handshake - double check. */ - if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) && - ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (!(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST) && + ssl->handshake == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #endif @@ -2570,24 +2492,22 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * * Note: We deliberately do not check for the MTU or MFL here. */ - if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: " - "size %" MBEDTLS_PRINTF_SIZET - ", maximum %" MBEDTLS_PRINTF_SIZET, - ssl->out_msglen, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Record too large: " + "size %" MBEDTLS_PRINTF_SIZET + ", maximum %" MBEDTLS_PRINTF_SIZET, + ssl->out_msglen, + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* * Fill handshake headers */ - if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len ); - ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len ); - ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len ); + if (ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + ssl->out_msg[1] = MBEDTLS_BYTE_2(hs_len); + ssl->out_msg[2] = MBEDTLS_BYTE_1(hs_len); + ssl->out_msg[3] = MBEDTLS_BYTE_0(hs_len); /* * DTLS has additional fields in the Handshake layer, @@ -2597,70 +2517,63 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * uint24 fragment_length; */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Make room for the additional DTLS fields */ - if( MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: " - "size %" MBEDTLS_PRINTF_SIZET ", maximum %" MBEDTLS_PRINTF_SIZET, - hs_len, - (size_t) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen < 8) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS handshake message too large: " + "size %" MBEDTLS_PRINTF_SIZET ", maximum %" + MBEDTLS_PRINTF_SIZET, + hs_len, + (size_t) (MBEDTLS_SSL_OUT_CONTENT_LEN - 12))); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len ); + memmove(ssl->out_msg + 12, ssl->out_msg + 4, hs_len); ssl->out_msglen += 8; /* Write message_seq and update it, except for HelloRequest */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - { - MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 ); - ++( ssl->handshake->out_msg_seq ); - } - else - { + if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) { + MBEDTLS_PUT_UINT16_BE(ssl->handshake->out_msg_seq, ssl->out_msg, 4); + ++(ssl->handshake->out_msg_seq); + } else { ssl->out_msg[4] = 0; ssl->out_msg[5] = 0; } /* Handshake hashes are computed without fragmentation, * so set frag_offset = 0 and frag_len = hs_len for now */ - memset( ssl->out_msg + 6, 0x00, 3 ); - memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); + memset(ssl->out_msg + 6, 0x00, 3); + memcpy(ssl->out_msg + 9, ssl->out_msg + 1, 3); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Update running hashes of handshake messages seen */ - if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); + if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST) { + ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen); + } } /* Either send now, or just save to be sent (and resent) later */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) ) - { - if( ( ret = ssl_flight_append( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret ); - return( ret ); - } - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + !(ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST)) { + if ((ret = ssl_flight_append(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_flight_append", ret); + return ret; + } + } else #endif { - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_write_record", ret); + return ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write handshake message")); - return( 0 ); + return 0; } /* @@ -2675,22 +2588,20 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) * - ssl->out_msglen: length of the record content (excl headers) * - ssl->out_msg: record content */ -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) +int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush) { int ret, done = 0; size_t len = ssl->out_msglen; uint8_t flush = force_flush; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write record")); #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_out != NULL && - ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); - return( ret ); + if (ssl->transform_out != NULL && + ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + if ((ret = ssl_compress_buf(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_compress_buf", ret); + return ret; } len = ssl->out_msglen; @@ -2698,23 +2609,21 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) #endif /*MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_write != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) ); + if (mbedtls_ssl_hw_record_write != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_write()")); - ret = mbedtls_ssl_hw_record_write( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + ret = mbedtls_ssl_hw_record_write(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_write", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ret == 0 ) + if (ret == 0) { done = 1; + } } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done ) - { + if (!done) { unsigned i; size_t protected_record_size; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -2725,24 +2634,23 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) /* Skip writing the record content type to after the encryption, * as it may change when using the CID extension. */ - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, ssl->out_hdr + 1 ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, ssl->out_hdr + 1); - memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); - MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); + memcpy(ssl->out_ctr, ssl->cur_out_ctr, 8); + MBEDTLS_PUT_UINT16_BE(len, ssl->out_len, 0); - if( ssl->transform_out != NULL ) - { + if (ssl->transform_out != NULL) { mbedtls_record rec; rec.buf = ssl->out_iv; - rec.buf_len = out_buf_len - ( ssl->out_iv - ssl->out_buf ); + rec.buf_len = out_buf_len - (ssl->out_iv - ssl->out_buf); rec.data_len = ssl->out_msglen; rec.data_offset = ssl->out_msg - rec.buf; - memcpy( &rec.ctr[0], ssl->out_ctr, 8 ); - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, rec.ver ); + memcpy(&rec.ctr[0], ssl->out_ctr, 8); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, rec.ver); rec.type = ssl->out_msgtype; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) @@ -2750,43 +2658,40 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) rec.cid_len = 0; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( ( ret = mbedtls_ssl_encrypt_buf( ssl, ssl->transform_out, &rec, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); - return( ret ); + if ((ret = mbedtls_ssl_encrypt_buf(ssl, ssl->transform_out, &rec, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_encrypt_buf", ret); + return ret; } - if( rec.data_offset != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec.data_offset != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Update the record content type and CID. */ ssl->out_msgtype = rec.type; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID ) - memcpy( ssl->out_cid, rec.cid, rec.cid_len ); +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + memcpy(ssl->out_cid, rec.cid, rec.cid_len); #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_msglen = len = rec.data_len; - MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 ); + MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->out_len, 0); } - protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl ); + protected_record_size = len + mbedtls_ssl_out_hdr_len(ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) /* In case of DTLS, double-check that we don't exceed * the remaining space in the datagram. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ret = ssl_get_remaining_space_in_datagram( ssl ); - if( ret < 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + ret = ssl_get_remaining_space_in_datagram(ssl); + if (ret < 0) { + return ret; + } - if( protected_record_size > (size_t) ret ) - { + if (protected_record_size > (size_t) ret) { /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -2794,131 +2699,131 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) /* Now write the potentially updated record content type. */ ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %u, " - "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET, - ssl->out_hdr[0], ssl->out_hdr[1], - ssl->out_hdr[2], len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("output record: msgtype = %u, " + "version = [%u:%u], msglen = %" MBEDTLS_PRINTF_SIZET, + ssl->out_hdr[0], ssl->out_hdr[1], + ssl->out_hdr[2], len)); - MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, protected_record_size ); + MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network", + ssl->out_hdr, protected_record_size); ssl->out_left += protected_record_size; ssl->out_hdr += protected_record_size; - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_out); - for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) + for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) { + if (++ssl->cur_out_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == mbedtls_ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == mbedtls_ssl_ep_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("outgoing message counter would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - flush == SSL_DONT_FORCE_FLUSH ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + flush == SSL_DONT_FORCE_FLUSH) { size_t remaining; - ret = ssl_get_remaining_payload_in_datagram( ssl ); - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram", - ret ); - return( ret ); + ret = ssl_get_remaining_payload_in_datagram(ssl); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_remaining_payload_in_datagram", + ret); + return ret; } remaining = (size_t) ret; - if( remaining == 0 ) - { + if (remaining == 0) { flush = SSL_FORCE_FLUSH; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Still %u bytes available in current datagram", + (unsigned) remaining)); } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( ( flush == SSL_FORCE_FLUSH ) && - ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); + if ((flush == SSL_FORCE_FLUSH) && + (ret = mbedtls_ssl_flush_output(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write record")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_hs_is_proper_fragment(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen < ssl->in_hslen || - memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || - memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ) - { - return( 1 ); + if (ssl->in_msglen < ssl->in_hslen || + memcmp(ssl->in_msg + 6, "\0\0\0", 3) != 0 || + memcmp(ssl->in_msg + 9, ssl->in_msg + 1, 3) != 0) { + return 1; } - return( 0 ); + return 0; } -static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[9] << 16 ) | - ( ssl->in_msg[10] << 8 ) | - ssl->in_msg[11] ); + return (ssl->in_msg[9] << 16) | + (ssl->in_msg[10] << 8) | + ssl->in_msg[11]; } -static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[6] << 16 ) | - ( ssl->in_msg[7] << 8 ) | - ssl->in_msg[8] ); + return (ssl->in_msg[6] << 16) | + (ssl->in_msg[7] << 8) | + ssl->in_msg[8]; } -static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_hs_header(mbedtls_ssl_context const *ssl) { uint32_t msg_len, frag_off, frag_len; - msg_len = ssl_get_hs_total_len( ssl ); - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); + msg_len = ssl_get_hs_total_len(ssl); + frag_off = ssl_get_hs_frag_off(ssl); + frag_len = ssl_get_hs_frag_len(ssl); - if( frag_off > msg_len ) - return( -1 ); + if (frag_off > msg_len) { + return -1; + } - if( frag_len > msg_len - frag_off ) - return( -1 ); + if (frag_len > msg_len - frag_off) { + return -1; + } - if( frag_len + 12 > ssl->in_msglen ) - return( -1 ); + if (frag_len + 12 > ssl->in_msglen) { + return -1; + } - return( 0 ); + return 0; } /* * Mark bits in bitmask (used for DTLS HS reassembly) */ -static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) +static void ssl_bitmask_set(unsigned char *mask, size_t offset, size_t len) { unsigned int start_bits, end_bits; - start_bits = 8 - ( offset % 8 ); - if( start_bits != 8 ) - { + start_bits = 8 - (offset % 8); + if (start_bits != 8) { size_t first_byte_idx = offset / 8; /* Special case */ - if( len <= start_bits ) - { - for( ; len != 0; len-- ) - mask[first_byte_idx] |= 1 << ( start_bits - len ); + if (len <= start_bits) { + for (; len != 0; len--) { + mask[first_byte_idx] |= 1 << (start_bits - len); + } /* Avoid potential issues with offset or len becoming invalid */ return; @@ -2927,133 +2832,134 @@ static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) offset += start_bits; /* Now offset % 8 == 0 */ len -= start_bits; - for( ; start_bits != 0; start_bits-- ) - mask[first_byte_idx] |= 1 << ( start_bits - 1 ); + for (; start_bits != 0; start_bits--) { + mask[first_byte_idx] |= 1 << (start_bits - 1); + } } end_bits = len % 8; - if( end_bits != 0 ) - { - size_t last_byte_idx = ( offset + len ) / 8; + if (end_bits != 0) { + size_t last_byte_idx = (offset + len) / 8; len -= end_bits; /* Now len % 8 == 0 */ - for( ; end_bits != 0; end_bits-- ) - mask[last_byte_idx] |= 1 << ( 8 - end_bits ); + for (; end_bits != 0; end_bits--) { + mask[last_byte_idx] |= 1 << (8 - end_bits); + } } - memset( mask + offset / 8, 0xFF, len / 8 ); + memset(mask + offset / 8, 0xFF, len / 8); } /* * Check that bitmask is full */ -static int ssl_bitmask_check( unsigned char *mask, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_bitmask_check(unsigned char *mask, size_t len) { size_t i; - for( i = 0; i < len / 8; i++ ) - if( mask[i] != 0xFF ) - return( -1 ); + for (i = 0; i < len / 8; i++) { + if (mask[i] != 0xFF) { + return -1; + } + } - for( i = 0; i < len % 8; i++ ) - if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 ) - return( -1 ); + for (i = 0; i < len % 8; i++) { + if ((mask[len / 8] & (1 << (7 - i))) == 0) { + return -1; + } + } - return( 0 ); + return 0; } /* msg_len does not include the handshake header */ -static size_t ssl_get_reassembly_buffer_size( size_t msg_len, - unsigned add_bitmap ) +static size_t ssl_get_reassembly_buffer_size(size_t msg_len, + unsigned add_bitmap) { size_t alloc_len; alloc_len = 12; /* Handshake header */ alloc_len += msg_len; /* Content buffer */ - if( add_bitmap ) - alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */ + if (add_bitmap) { + alloc_len += msg_len / 8 + (msg_len % 8 != 0); /* Bitmap */ - return( alloc_len ); + } + return alloc_len; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) +static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl) { - return( ( ssl->in_msg[1] << 16 ) | - ( ssl->in_msg[2] << 8 ) | - ssl->in_msg[3] ); + return (ssl->in_msg[1] << 16) | + (ssl->in_msg[2] << 8) | + ssl->in_msg[3]; } -int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msglen < mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake message too short: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl ); + ssl->in_hslen = mbedtls_ssl_hs_hdr_len(ssl) + ssl_get_hs_total_len(ssl); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" - " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("handshake message: msglen =" + " %" MBEDTLS_PRINTF_SIZET ", type = %u, hslen = %" + MBEDTLS_PRINTF_SIZET, + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen)); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; - - if( ssl_check_hs_header( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( ssl->handshake != NULL && - ( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && - recv_msg_seq != ssl->handshake->in_msg_seq ) || - ( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) ) - { - if( recv_msg_seq > ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + unsigned int recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; + + if (ssl_check_hs_header(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid handshake header")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } + + if (ssl->handshake != NULL && + ((ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && + recv_msg_seq != ssl->handshake->in_msg_seq) || + (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO))) { + if (recv_msg_seq > ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(2, + ( + "received future handshake message of sequence number %u (next %u)", + recv_msg_seq, + ssl->handshake->in_msg_seq)); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } /* Retransmit only on last message from previous flight, to avoid * too many retransmissions. * Besides, No sane server ever retransmits HelloVerifyRequest */ - if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && - ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, " - "message_seq = %u, start_of_flight = %u", - recv_msg_seq, - ssl->handshake->in_flight_start_seq ) ); - - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret ); - return( ret ); + if (recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 && + ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received message from last flight, " + "message_seq = %u, start_of_flight = %u", + recv_msg_seq, + ssl->handshake->in_flight_start_seq)); + + if ((ret = mbedtls_ssl_resend(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend", ret); + return ret; } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: " - "message_seq = %u, expected = %u", - recv_msg_seq, - ssl->handshake->in_msg_seq ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("dropping out-of-sequence message: " + "message_seq = %u, expected = %u", + recv_msg_seq, + ssl->handshake->in_msg_seq)); } - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } /* Wait until message completion to increment in_msg_seq */ @@ -3061,38 +2967,33 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) * messages; the commonality is that both handshake fragments and * future messages cannot be forwarded immediately to the * handshake logic layer. */ - if( ssl_hs_is_proper_fragment( ssl ) == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + if (ssl_hs_is_proper_fragment(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("found fragmented DTLS handshake message")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* With TLS we don't handle fragmentation (for now) */ - if( ssl->in_msglen < ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->in_msglen < ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("TLS handshake fragmentation not supported")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } -void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL ) - { - ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL) { + ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen); } /* Handshake message is complete, increment counter */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake != NULL) { unsigned offset; mbedtls_ssl_hs_buffer *hs_buf; @@ -3104,18 +3005,17 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) */ /* Free first entry */ - ssl_buffering_free_slot( ssl, 0 ); + ssl_buffering_free_slot(ssl, 0); /* Shift all other entries */ - for( offset = 0, hs_buf = &hs->buffering.hs[0]; + for (offset = 0, hs_buf = &hs->buffering.hs[0]; offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS; - offset++, hs_buf++ ) - { + offset++, hs_buf++) { *hs_buf = *(hs_buf + 1); } /* Create a fresh last entry */ - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } #endif } @@ -3131,23 +3031,24 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) * not seen yet). */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl) { ssl->in_window_top = 0; ssl->in_window = 0; } -static inline uint64_t ssl_load_six_bytes( unsigned char *buf ) +static inline uint64_t ssl_load_six_bytes(unsigned char *buf) { - return( ( (uint64_t) buf[0] << 40 ) | - ( (uint64_t) buf[1] << 32 ) | - ( (uint64_t) buf[2] << 24 ) | - ( (uint64_t) buf[3] << 16 ) | - ( (uint64_t) buf[4] << 8 ) | - ( (uint64_t) buf[5] ) ); + return ((uint64_t) buf[0] << 40) | + ((uint64_t) buf[1] << 32) | + ((uint64_t) buf[2] << 24) | + ((uint64_t) buf[3] << 16) | + ((uint64_t) buf[4] << 8) | + ((uint64_t) buf[5]); } -static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8_t *record_in_ctr ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int mbedtls_ssl_dtls_record_replay_check(mbedtls_ssl_context *ssl, uint8_t *record_in_ctr) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *original_in_ctr; @@ -3158,7 +3059,7 @@ static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8 // use counter from record ssl->in_ctr = record_in_ctr; - ret = mbedtls_ssl_dtls_replay_check( (mbedtls_ssl_context const *) ssl ); + ret = mbedtls_ssl_dtls_replay_check((mbedtls_ssl_context const *) ssl); // restore the counter ssl->in_ctr = original_in_ctr; @@ -3169,68 +3070,70 @@ static int mbedtls_ssl_dtls_record_replay_check( mbedtls_ssl_context *ssl, uint8 /* * Return 0 if sequence number is acceptable, -1 otherwise */ -int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl ) +int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl) { - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); uint64_t bit; - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) - return( 0 ); + if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { + return 0; + } - if( rec_seqnum > ssl->in_window_top ) - return( 0 ); + if (rec_seqnum > ssl->in_window_top) { + return 0; + } bit = ssl->in_window_top - rec_seqnum; - if( bit >= 64 ) - return( -1 ); + if (bit >= 64) { + return -1; + } - if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 ) - return( -1 ); + if ((ssl->in_window & ((uint64_t) 1 << bit)) != 0) { + return -1; + } - return( 0 ); + return 0; } /* * Update replay window on new validated record */ -void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl) { - uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 ); + uint64_t rec_seqnum = ssl_load_six_bytes(ssl->in_ctr + 2); - if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED ) + if (ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED) { return; + } - if( rec_seqnum > ssl->in_window_top ) - { + if (rec_seqnum > ssl->in_window_top) { /* Update window_top and the contents of the window */ uint64_t shift = rec_seqnum - ssl->in_window_top; - if( shift >= 64 ) + if (shift >= 64) { ssl->in_window = 1; - else - { + } else { ssl->in_window <<= shift; ssl->in_window |= 1; } ssl->in_window_top = rec_seqnum; - } - else - { + } else { /* Mark that number as seen in the current window */ uint64_t bit = ssl->in_window_top - rec_seqnum; - if( bit < 64 ) /* Always true, but be extra sure */ + if (bit < 64) { /* Always true, but be extra sure */ ssl->in_window |= (uint64_t) 1 << bit; + } } } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) /* - * Without any SSL context, check if a datagram looks like a ClientHello with - * a valid cookie, and if it doesn't, generate a HelloVerifyRequest message. + * Check if a datagram looks like a ClientHello with a valid cookie, + * and if it doesn't, generate a HelloVerifyRequest message. * Both input and output include full DTLS headers. * * - if cookie is valid, return 0 @@ -3239,13 +3142,13 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl ) * return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED * - otherwise return a specific error code */ -static int ssl_check_dtls_clihlo_cookie( - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie, - const unsigned char *cli_id, size_t cli_id_len, - const unsigned char *in, size_t in_len, - unsigned char *obuf, size_t buf_len, size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +MBEDTLS_STATIC_TESTABLE +int mbedtls_ssl_check_dtls_clihlo_cookie( + mbedtls_ssl_context *ssl, + const unsigned char *cli_id, size_t cli_id_len, + const unsigned char *in, size_t in_len, + unsigned char *obuf, size_t buf_len, size_t *olen) { size_t sid_len, cookie_len; unsigned char *p; @@ -3276,27 +3179,49 @@ static int ssl_check_dtls_clihlo_cookie( * * Minimum length is 61 bytes. */ - if( in_len < 61 || - in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: in_len=%u", + (unsigned) in_len)); + MBEDTLS_SSL_DEBUG_BUF(4, "cli_id", cli_id, cli_id_len); + if (in_len < 61) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: record too short")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + if (in[0] != MBEDTLS_SSL_MSG_HANDSHAKE || in[3] != 0 || in[4] != 0 || - in[19] != 0 || in[20] != 0 || in[21] != 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + in[19] != 0 || in[20] != 0 || in[21] != 0) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: not a good ClientHello")); + MBEDTLS_SSL_DEBUG_MSG(4, (" type=%u epoch=%u fragment_offset=%u", + in[0], + (unsigned) in[3] << 8 | in[4], + (unsigned) in[19] << 16 | in[20] << 8 | in[21])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } sid_len = in[59]; - if( sid_len > in_len - 61 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (59 + 1 + sid_len + 1 > in_len) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: sid_len=%u > %u", + (unsigned) sid_len, + (unsigned) in_len - 61)); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + MBEDTLS_SSL_DEBUG_BUF(4, "sid received from network", + in + 60, sid_len); cookie_len = in[60 + sid_len]; - if( cookie_len > in_len - 60 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (59 + 1 + sid_len + 1 + cookie_len > in_len) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: cookie_len=%u > %u", + (unsigned) cookie_len, + (unsigned) (in_len - sid_len - 61))); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } - if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len, - cli_id, cli_id_len ) == 0 ) - { - /* Valid cookie */ - return( 0 ); + MBEDTLS_SSL_DEBUG_BUF(4, "cookie received from network", + in + sid_len + 61, cookie_len); + if (ssl->conf->f_cookie_check(ssl->conf->p_cookie, + in + sid_len + 61, cookie_len, + cli_id, cli_id_len) == 0) { + MBEDTLS_SSL_DEBUG_MSG(4, ("check cookie: valid")); + return 0; } /* @@ -3319,35 +3244,36 @@ static int ssl_check_dtls_clihlo_cookie( * * Minimum length is 28. */ - if( buf_len < 28 ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (buf_len < 28) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } /* Copy most fields and adapt others */ - memcpy( obuf, in, 25 ); + memcpy(obuf, in, 25); obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; obuf[25] = 0xfe; obuf[26] = 0xff; /* Generate and write actual cookie */ p = obuf + 28; - if( f_cookie_write( p_cookie, - &p, obuf + buf_len, cli_id, cli_id_len ) != 0 ) - { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->conf->f_cookie_write(ssl->conf->p_cookie, + &p, obuf + buf_len, + cli_id, cli_id_len) != 0) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } *olen = p - obuf; /* Go back and fill length fields */ - obuf[27] = (unsigned char)( *olen - 28 ); + obuf[27] = (unsigned char) (*olen - 28); - obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 ); - obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 ); - obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 ); + obuf[14] = obuf[22] = MBEDTLS_BYTE_2(*olen - 25); + obuf[15] = obuf[23] = MBEDTLS_BYTE_1(*olen - 25); + obuf[16] = obuf[24] = MBEDTLS_BYTE_0(*olen - 25); - MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 ); + MBEDTLS_PUT_UINT16_BE(*olen - 13, obuf, 11); - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); + return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED; } /* @@ -3370,74 +3296,69 @@ static int ssl_check_dtls_clihlo_cookie( * includes the case of MBEDTLS_ERR_SSL_CLIENT_RECONNECT and of unexpected * errors, and is the right thing to do in both cases). */ -static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ssl->conf->f_cookie_write == NULL || - ssl->conf->f_cookie_check == NULL ) - { + if (ssl->conf->f_cookie_write == NULL || + ssl->conf->f_cookie_check == NULL) { /* If we can't use cookies to verify reachability of the peer, * drop the record. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no cookie callbacks, " - "can't check reconnect validity" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(1, ("no cookie callbacks, " + "can't check reconnect validity")); + return 0; } - ret = ssl_check_dtls_clihlo_cookie( - ssl->conf->f_cookie_write, - ssl->conf->f_cookie_check, - ssl->conf->p_cookie, - ssl->cli_id, ssl->cli_id_len, - ssl->in_buf, ssl->in_left, - ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len ); + ret = mbedtls_ssl_check_dtls_clihlo_cookie( + ssl, + ssl->cli_id, ssl->cli_id_len, + ssl->in_buf, ssl->in_left, + ssl->out_buf, MBEDTLS_SSL_OUT_CONTENT_LEN, &len); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret ); + MBEDTLS_SSL_DEBUG_RET(2, "mbedtls_ssl_check_dtls_clihlo_cookie", ret); - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { int send_ret; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "sending HelloVerifyRequest" ) ); - MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_buf, len ); + MBEDTLS_SSL_DEBUG_MSG(1, ("sending HelloVerifyRequest")); + MBEDTLS_SSL_DEBUG_BUF(4, "output record sent to network", + ssl->out_buf, len); /* Don't check write errors as we can't do anything here. * If the error is permanent we'll catch it later, * if it's not, then hopefully it'll work next time. */ - send_ret = ssl->f_send( ssl->p_bio, ssl->out_buf, len ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", send_ret ); + send_ret = ssl->f_send(ssl->p_bio, ssl->out_buf, len); + MBEDTLS_SSL_DEBUG_RET(2, "ssl->f_send", send_ret); (void) send_ret; - return( 0 ); + return 0; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cookie is valid, resetting context" ) ); - if( ( ret = mbedtls_ssl_session_reset_int( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret ); - return( ret ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cookie is valid, resetting context")); + if ((ret = mbedtls_ssl_session_reset_int(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "reset", ret); + return ret; } - return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT ); + return MBEDTLS_ERR_SSL_CLIENT_RECONNECT; } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ -static int ssl_check_record_type( uint8_t record_type ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_record_type(uint8_t record_type) { - if( record_type != MBEDTLS_SSL_MSG_HANDSHAKE && + if (record_type != MBEDTLS_SSL_MSG_HANDSHAKE && record_type != MBEDTLS_SSL_MSG_ALERT && record_type != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && - record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + record_type != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - return( 0 ); + return 0; } /* @@ -3459,10 +3380,11 @@ static int ssl_check_record_type( uint8_t record_type ) * Point 2 is needed when the peer is resending, and we have already received * the first record from a datagram but are still waiting for the others. */ -static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t len, - mbedtls_record *rec ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t len, + mbedtls_record *rec) { int major_ver, minor_ver; @@ -3494,38 +3416,36 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { rec_hdr_len_offset = rec_hdr_ctr_offset + rec_hdr_ctr_len; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { rec_hdr_len_offset = rec_hdr_version_offset + rec_hdr_version_len; } - if( len < rec_hdr_len_offset + rec_hdr_len_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header of length %u", - (unsigned) len, - (unsigned)( rec_hdr_len_len + rec_hdr_len_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec_hdr_len_offset + rec_hdr_len_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "datagram of length %u too small to hold DTLS record header of length %u", + (unsigned) len, + (unsigned) (rec_hdr_len_len + rec_hdr_len_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* * Parse and validate record content type */ - rec->type = buf[ rec_hdr_type_offset ]; + rec->type = buf[rec_hdr_type_offset]; /* Check record content type */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) rec->cid_len = 0; - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->conf->cid_len != 0 && - rec->type == MBEDTLS_SSL_MSG_CID ) - { + rec->type == MBEDTLS_SSL_MSG_CID) { /* Shift pointers to account for record header including CID * struct { * ContentType special_type = tls12_cid; @@ -3544,68 +3464,65 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, rec_hdr_cid_len = ssl->conf->cid_len; rec_hdr_len_offset += rec_hdr_cid_len; - if( len < rec_hdr_len_offset + rec_hdr_len_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram of length %u too small to hold DTLS record header including CID, length %u", - (unsigned) len, - (unsigned)( rec_hdr_len_offset + rec_hdr_len_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec_hdr_len_offset + rec_hdr_len_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "datagram of length %u too small to hold DTLS record header including CID, length %u", + (unsigned) len, + (unsigned) (rec_hdr_len_offset + rec_hdr_len_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* configured CID len is guaranteed at most 255, see * MBEDTLS_SSL_CID_OUT_LEN_MAX in check_config.h */ rec->cid_len = (uint8_t) rec_hdr_cid_len; - memcpy( rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len ); - } - else + memcpy(rec->cid, buf + rec_hdr_cid_offset, rec_hdr_cid_len); + } else #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ { - if( ssl_check_record_type( rec->type ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type %u", - (unsigned) rec->type ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl_check_record_type(rec->type)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type %u", + (unsigned) rec->type)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } } /* * Parse and validate record version */ + rec->ver[0] = buf[rec_hdr_version_offset + 0]; + rec->ver[1] = buf[rec_hdr_version_offset + 1]; + mbedtls_ssl_read_version(&major_ver, &minor_ver, + ssl->conf->transport, + &rec->ver[0]); - rec->ver[0] = buf[ rec_hdr_version_offset + 0 ]; - rec->ver[1] = buf[ rec_hdr_version_offset + 1 ]; - mbedtls_ssl_read_version( &major_ver, &minor_ver, - ssl->conf->transport, - &rec->ver[0] ); - - if( major_ver != ssl->major_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (major_ver != ssl->major_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("major version mismatch: got %u, expected %u", + (unsigned) major_ver, + (unsigned) ssl->major_ver)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - if( minor_ver > ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (minor_ver > ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("minor version mismatch: got %u, expected max %u", + (unsigned) minor_ver, + (unsigned) ssl->conf->max_minor_ver)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - /* * Parse/Copy record sequence number. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Copy explicit record sequence number from input buffer. */ - memcpy( &rec->ctr[0], buf + rec_hdr_ctr_offset, - rec_hdr_ctr_len ); - } - else + memcpy(&rec->ctr[0], buf + rec_hdr_ctr_offset, + rec_hdr_ctr_len); + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { /* Copy implicit record sequence number from SSL context structure. */ - memcpy( &rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len ); + memcpy(&rec->ctr[0], ssl->in_ctr, rec_hdr_ctr_len); } /* @@ -3613,20 +3530,21 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, */ rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len; - rec->data_len = ( (size_t) buf[ rec_hdr_len_offset + 0 ] << 8 ) | - ( (size_t) buf[ rec_hdr_len_offset + 1 ] << 0 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset ); + rec->data_len = ((size_t) buf[rec_hdr_len_offset + 0] << 8) | + ((size_t) buf[rec_hdr_len_offset + 1] << 0); + MBEDTLS_SSL_DEBUG_BUF(4, "input record header", buf, rec->data_offset); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %u, " - "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET, - rec->type, - major_ver, minor_ver, rec->data_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("input record: msgtype = %u, " + "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET, + rec->type, + major_ver, minor_ver, rec->data_len)); rec->buf = buf; rec->buf_len = rec->data_offset + rec->data_len; - if( rec->data_len == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->data_len == 0) { + return MBEDTLS_ERR_SSL_INVALID_RECORD; + } /* * DTLS-related tests. @@ -3641,60 +3559,58 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, * record leads to the entire datagram being dropped. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - rec_epoch = ( rec->ctr[0] << 8 ) | rec->ctr[1]; + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + rec_epoch = (rec->ctr[0] << 8) | rec->ctr[1]; /* Check that the datagram is large enough to contain a record * of the advertised length. */ - if( len < rec->data_offset + rec->data_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Datagram of length %u too small to contain record of advertised length %u.", - (unsigned) len, - (unsigned)( rec->data_offset + rec->data_len ) ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (len < rec->data_offset + rec->data_len) { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Datagram of length %u too small to contain record of advertised length %u.", + (unsigned) len, + (unsigned) (rec->data_offset + rec->data_len))); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } /* Records from other, non-matching epochs are silently discarded. * (The case of same-port Client reconnects must be considered in * the caller). */ - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: " - "expected %u, received %lu", - ssl->in_epoch, (unsigned long) rec_epoch ) ); + if (rec_epoch != ssl->in_epoch) { + MBEDTLS_SSL_DEBUG_MSG(1, ("record from another epoch: " + "expected %u, received %lu", + ssl->in_epoch, (unsigned long) rec_epoch)); /* Records from the next epoch are considered for buffering * (concretely: early Finished messages). */ - if( rec_epoch == (unsigned) ssl->in_epoch + 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + if (rec_epoch == (unsigned) ssl->in_epoch + 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Consider record for buffering")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) /* For records from the correct epoch, check whether their * sequence number has been seen before. */ - else if( mbedtls_ssl_dtls_record_replay_check( (mbedtls_ssl_context *) ssl, - &rec->ctr[0] ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + else if (mbedtls_ssl_dtls_record_replay_check((mbedtls_ssl_context *) ssl, + &rec->ctr[0]) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record")); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) -static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl) { - unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1]; + unsigned int rec_epoch = (ssl->in_ctr[0] << 8) | ssl->in_ctr[1]; /* * Check for an epoch 0 ClientHello. We can't use in_msg here to @@ -3702,79 +3618,74 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl ) * have an active transform (possibly iv_len != 0), so use the * fact that the record header len is 13 instead. */ - if( rec_epoch == 0 && + if (rec_epoch == 0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_left > 13 && - ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect " - "from the same port" ) ); - return( ssl_handle_possible_reconnect( ssl ) ); + ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("possible client reconnect " + "from the same port")); + return ssl_handle_possible_reconnect(ssl); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ /* * If applicable, decrypt record content */ -static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, - mbedtls_record *rec ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, + mbedtls_record *rec) { int ret, done = 0; - MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network", - rec->buf, rec->buf_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "input record from network", + rec->buf, rec->buf_len); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_read != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) ); + if (mbedtls_ssl_hw_record_read != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_read()")); - ret = mbedtls_ssl_hw_record_read( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + ret = mbedtls_ssl_hw_record_read(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_read", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ret == 0 ) + if (ret == 0) { done = 1; + } } #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ - if( !done && ssl->transform_in != NULL ) - { + if (!done && ssl->transform_in != NULL) { unsigned char const old_msg_type = rec->type; - if( ( ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, - rec ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); + if ((ret = mbedtls_ssl_decrypt_buf(ssl, ssl->transform_in, + rec)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_decrypt_buf", ret); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && ssl->conf->ignore_unexpected_cid - == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ignoring unexpected CID" ) ); + == MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ignoring unexpected CID")); ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - return( ret ); + return ret; } - if( old_msg_type != rec->type ) - { - MBEDTLS_SSL_DEBUG_MSG( 4, ( "record type after decrypt (before %d): %d", - old_msg_type, rec->type ) ); + if (old_msg_type != rec->type) { + MBEDTLS_SSL_DEBUG_MSG(4, ("record type after decrypt (before %d): %d", + old_msg_type, rec->type)); } - MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", - rec->buf + rec->data_offset, rec->data_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "input payload after decrypt", + rec->buf + rec->data_offset, rec->data_len); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* We have already checked the record content type @@ -3784,22 +3695,19 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, * Since with the use of CIDs, the record content type * might change during decryption, re-check the record * content type, but treat a failure as fatal this time. */ - if( ssl_check_record_type( rec->type ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl_check_record_type(rec->type)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("unknown record type")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( rec->data_len == 0 ) - { + if (rec->data_len == 0) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 - && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 + && rec->type != MBEDTLS_SSL_MSG_APPLICATION_DATA) { /* TLS v1.2 explicitly disallows zero-length messages which are not application data */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid zero-length message type: %d", ssl->in_msgtype ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid zero-length message type: %d", ssl->in_msgtype)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3809,58 +3717,54 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, * Three or more empty messages may be a DoS attack * (excessive CPU consumption). */ - if( ssl->nb_zero > 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty " - "messages, possible DoS attack" ) ); + if (ssl->nb_zero > 3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received four consecutive empty " + "messages, possible DoS attack")); /* Treat the records as if they were not properly authenticated, * thereby failing the connection if we see more than allowed * by the configured bad MAC threshold. */ - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + return MBEDTLS_ERR_SSL_INVALID_MAC; } - } - else + } else { ssl->nb_zero = 0; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ; /* in_ctr read from peer, not maintained internally */ - } - else + } else #endif { unsigned i; - for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- ) - if( ++ssl->in_ctr[i - 1] != 0 ) + for (i = 8; i > mbedtls_ssl_ep_len(ssl); i--) { + if (++ssl->in_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == mbedtls_ssl_ep_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == mbedtls_ssl_ep_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("incoming message counter would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } } } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - mbedtls_ssl_dtls_replay_update( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_dtls_replay_update(ssl); } #endif /* Check actual (decrypted) record content length against * configured maximum. */ - if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (rec->data_len > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - return( 0 ); + return 0; } /* @@ -3872,127 +3776,126 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, */ /* Helper functions for mbedtls_ssl_read_record(). */ -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); -static int ssl_get_next_record( mbedtls_ssl_context *ssl ); -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); - -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, - unsigned update_hs_digest ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_consume_current_message(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_next_record(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl); + +int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, + unsigned update_hs_digest) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> read record")); - if( ssl->keep_current_message == 0 ) - { + if (ssl->keep_current_message == 0) { do { - ret = ssl_consume_current_message( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_consume_current_message(ssl); + if (ret != 0) { + return ret; + } - if( ssl_record_is_in_progress( ssl ) == 0 ) - { + if (ssl_record_is_in_progress(ssl) == 0) { + int dtls_have_buffered = 0; #if defined(MBEDTLS_SSL_PROTO_DTLS) - int have_buffered = 0; /* We only check for buffered messages if the * current datagram is fully consumed. */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl_next_record_is_in_datagram( ssl ) == 0 ) - { - if( ssl_load_buffered_message( ssl ) == 0 ) - have_buffered = 1; + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl_next_record_is_in_datagram(ssl) == 0) { + if (ssl_load_buffered_message(ssl) == 0) { + dtls_have_buffered = 1; + } } - if( have_buffered == 0 ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ - { - ret = ssl_get_next_record( ssl ); - if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) + if (dtls_have_buffered == 0) { + ret = ssl_get_next_record(ssl); + if (ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING) { continue; + } - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); - return( ret ); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_get_next_record"), ret); + return ret; } } } - ret = mbedtls_ssl_handle_message_type( ssl ); + ret = mbedtls_ssl_handle_message_type(ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { + if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { /* Buffer future message */ - ret = ssl_buffer_message( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_buffer_message(ssl); + if (ret != 0) { + return ret; + } ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || - MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); + } while (MBEDTLS_ERR_SSL_NON_FATAL == ret || + MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret); - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret ); - return( ret ); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_handle_message_type"), ret); + return ret; } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - update_hs_digest == 1 ) - { - mbedtls_ssl_update_handshake_status( ssl ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + update_hs_digest == 1) { + mbedtls_ssl_update_handshake_status(ssl); } - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message")); ssl->keep_current_message = 0; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= read record")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_next_record_is_in_datagram(mbedtls_ssl_context *ssl) { - if( ssl->in_left > ssl->next_record_offset ) - return( 1 ); + if (ssl->in_left > ssl->next_record_offset) { + return 1; + } - return( 0 ); + return 0; } -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - mbedtls_ssl_hs_buffer * hs_buf; + mbedtls_ssl_hs_buffer *hs_buf; int ret = 0; - if( hs == NULL ) - return( -1 ); + if (hs == NULL) { + return -1; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_message")); - if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || - ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { + if (ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || + ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { /* Check if we have seen a ChangeCipherSpec before. * If yes, synthesize a CCS record. */ - if( !hs->buffering.seen_ccs ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) ); + if (!hs->buffering.seen_ccs) { + MBEDTLS_SSL_DEBUG_MSG(2, ("CCS not seen in the current flight")); ret = -1; goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Injecting buffered CCS message")); ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->in_msglen = 1; ssl->in_msg[0] = 1; @@ -4009,14 +3912,12 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) /* Debug only */ { unsigned offset; - for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - { + for (offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) { hs_buf = &hs->buffering.hs[offset]; - if( hs_buf->is_valid == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", - hs->in_msg_seq + offset, - hs_buf->is_complete ? "fully" : "partially" ) ); + if (hs_buf->is_valid == 1) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Future message with sequence number %u %s buffered.", + hs->in_msg_seq + offset, + hs_buf->is_complete ? "fully" : "partially")); } } } @@ -4025,103 +3926,100 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) /* Check if we have buffered and/or fully reassembled the * next handshake message. */ hs_buf = &hs->buffering.hs[0]; - if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) ) - { + if ((hs_buf->is_valid == 1) && (hs_buf->is_complete == 1)) { /* Synthesize a record containing the buffered HS message. */ - size_t msg_len = ( hs_buf->data[1] << 16 ) | - ( hs_buf->data[2] << 8 ) | - hs_buf->data[3]; + size_t msg_len = (hs_buf->data[1] << 16) | + (hs_buf->data[2] << 8) | + hs_buf->data[3]; /* Double-check that we haven't accidentally buffered * a message that doesn't fit into the input buffer. */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)", - hs_buf->data, msg_len + 12 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message has been buffered - load")); + MBEDTLS_SSL_DEBUG_BUF(3, "Buffered handshake message (incl. header)", + hs_buf->data, msg_len + 12); ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->in_hslen = msg_len + 12; ssl->in_msglen = msg_len + 12; - memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen ); + memcpy(ssl->in_msg, hs_buf->data, ssl->in_hslen); ret = 0; goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered", - hs->in_msg_seq ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Next handshake message %u not or only partially bufffered", + hs->in_msg_seq)); } ret = -1; exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_message")); + return ret; } -static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, - size_t desired ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_buffer_make_space(mbedtls_ssl_context *ssl, + size_t desired) { int offset; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available", - (unsigned) desired ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Attempt to free buffered messages to have %u bytes available", + (unsigned) desired)); /* Get rid of future records epoch first, if such exist. */ - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) ); - return( 0 ); + if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing future epoch record")); + return 0; } /* We don't have enough space to buffer the next expected handshake * message. Remove buffers used for future messages to gain space, * starting with the most distant one. */ - for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; - offset >= 0; offset-- ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message", - offset ) ); + for (offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; + offset >= 0; offset--) { + MBEDTLS_SSL_DEBUG_MSG(2, + ( + "Free buffering slot %d to make space for reassembly of next handshake message", + offset)); - ssl_buffering_free_slot( ssl, (uint8_t) offset ); + ssl_buffering_free_slot(ssl, (uint8_t) offset); /* Check if we have enough space available now. */ - if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) ); - return( 0 ); + if (desired <= (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Enough space available after freeing buffered HS messages")); + return 0; } } - return( -1 ); + return -1; } -static int ssl_buffer_message( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_buffer_message(mbedtls_ssl_context *ssl) { int ret = 0; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_buffer_message")); - switch( ssl->in_msgtype ) - { + switch (ssl->in_msgtype) { case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Remember CCS message")); hs->buffering.seen_ccs = 1; break; @@ -4129,113 +4027,115 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) case MBEDTLS_SSL_MSG_HANDSHAKE: { unsigned recv_msg_seq_offset; - unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + unsigned recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; mbedtls_ssl_hs_buffer *hs_buf; size_t msg_len = ssl->in_hslen - 12; /* We should never receive an old handshake * message - double-check nonetheless. */ - if( recv_msg_seq < ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (recv_msg_seq < ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; - if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS ) - { + if (recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS) { /* Silently ignore -- message too far in the future */ - MBEDTLS_SSL_DEBUG_MSG( 2, - ( "Ignore future HS message with sequence number %u, " - "buffering window %u - %u", - recv_msg_seq, ssl->handshake->in_msg_seq, - ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("Ignore future HS message with sequence number %u, " + "buffering window %u - %u", + recv_msg_seq, ssl->handshake->in_msg_seq, + ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - + 1)); goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ", - recv_msg_seq, recv_msg_seq_offset ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering HS message with sequence number %u, offset %u ", + recv_msg_seq, recv_msg_seq_offset)); - hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ]; + hs_buf = &hs->buffering.hs[recv_msg_seq_offset]; /* Check if the buffering for this seq nr has already commenced. */ - if( !hs_buf->is_valid ) - { + if (!hs_buf->is_valid) { size_t reassembly_buf_sz; hs_buf->is_fragmented = - ( ssl_hs_is_proper_fragment( ssl ) == 1 ); + (ssl_hs_is_proper_fragment(ssl) == 1); /* We copy the message back into the input buffer * after reassembly, so check that it's not too large. * This is an implementation-specific limitation * and not one from the standard, hence it is not * checked in ssl_check_hs_header(). */ - if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) - { + if (msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN) { /* Ignore message */ goto exit; } /* Check if we have enough space to buffer the message. */ - if( hs->buffering.total_bytes_buffered > - MBEDTLS_SSL_DTLS_MAX_BUFFERING ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (hs->buffering.total_bytes_buffered > + MBEDTLS_SSL_DTLS_MAX_BUFFERING) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len, - hs_buf->is_fragmented ); + reassembly_buf_sz = ssl_get_reassembly_buffer_size(msg_len, + hs_buf->is_fragmented); - if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - if( recv_msg_seq_offset > 0 ) - { + if (reassembly_buf_sz > (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + if (recv_msg_seq_offset > 0) { /* If we can't buffer a future message because * of space limitations -- ignore. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- ignore\n", - msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("Buffering of future message of size %" + MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- ignore\n", + msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); goto exit; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- attempt to make space by freeing buffered future messages\n", - msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Buffering of future message of size %" + MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- attempt to make space by freeing buffered future messages\n", + msg_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); } - if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %" MBEDTLS_PRINTF_SIZET - " (%" MBEDTLS_PRINTF_SIZET " with bitmap) would exceed" - " the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- fail\n", - msg_len, - reassembly_buf_sz, - (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); + if (ssl_buffer_make_space(ssl, reassembly_buf_sz) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, + ("Reassembly of next message of size %" + MBEDTLS_PRINTF_SIZET + " (%" MBEDTLS_PRINTF_SIZET + " with bitmap) would exceed" + " the compile-time limit %" + MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- fail\n", + msg_len, + reassembly_buf_sz, + (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; goto exit; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %" MBEDTLS_PRINTF_SIZET, - msg_len ) ); + MBEDTLS_SSL_DEBUG_MSG(2, + ("initialize reassembly, total length = %" + MBEDTLS_PRINTF_SIZET, + msg_len)); - hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz ); - if( hs_buf->data == NULL ) - { + hs_buf->data = mbedtls_calloc(1, reassembly_buf_sz); + if (hs_buf->data == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } @@ -4243,27 +4143,23 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) /* Prepare final header: copy msg_type, length and message_seq, * then add standardised fragment_offset and fragment_length */ - memcpy( hs_buf->data, ssl->in_msg, 6 ); - memset( hs_buf->data + 6, 0, 3 ); - memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); + memcpy(hs_buf->data, ssl->in_msg, 6); + memset(hs_buf->data + 6, 0, 3); + memcpy(hs_buf->data + 9, hs_buf->data + 1, 3); hs_buf->is_valid = 1; hs->buffering.total_bytes_buffered += reassembly_buf_sz; - } - else - { + } else { /* Make sure msg_type and length are consistent */ - if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); + if (memcmp(hs_buf->data, ssl->in_msg, 4) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Fragment header mismatch - ignore")); /* Ignore */ goto exit; } } - if( !hs_buf->is_complete ) - { + if (!hs_buf->is_complete) { size_t frag_len, frag_off; unsigned char * const msg = hs_buf->data + 12; @@ -4273,28 +4169,25 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) /* Validation of header fields already done in * mbedtls_ssl_prepare_handshake_record(). */ - frag_off = ssl_get_hs_frag_off( ssl ); - frag_len = ssl_get_hs_frag_len( ssl ); + frag_off = ssl_get_hs_frag_off(ssl); + frag_len = ssl_get_hs_frag_len(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %" MBEDTLS_PRINTF_SIZET - ", length = %" MBEDTLS_PRINTF_SIZET, - frag_off, frag_len ) ); - memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); + MBEDTLS_SSL_DEBUG_MSG(2, ("adding fragment, offset = %" MBEDTLS_PRINTF_SIZET + ", length = %" MBEDTLS_PRINTF_SIZET, + frag_off, frag_len)); + memcpy(msg + frag_off, ssl->in_msg + 12, frag_len); - if( hs_buf->is_fragmented ) - { + if (hs_buf->is_fragmented) { unsigned char * const bitmask = msg + msg_len; - ssl_bitmask_set( bitmask, frag_off, frag_len ); - hs_buf->is_complete = ( ssl_bitmask_check( bitmask, - msg_len ) == 0 ); - } - else - { + ssl_bitmask_set(bitmask, frag_off, frag_len); + hs_buf->is_complete = (ssl_bitmask_check(bitmask, + msg_len) == 0); + } else { hs_buf->is_complete = 1; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete", - hs_buf->is_complete ? "" : "not yet " ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("message %scomplete", + hs_buf->is_complete ? "" : "not yet ")); } break; @@ -4307,12 +4200,13 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) ); - return( ret ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_buffer_message")); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_consume_current_message(mbedtls_ssl_context *ssl) { /* * Consume last content-layer message and potentially @@ -4337,15 +4231,13 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) */ /* Case (1): Handshake messages */ - if( ssl->in_hslen != 0 ) - { + if (ssl->in_hslen != 0) { /* Hard assertion to be sure that no application data * is in flight, as corrupting ssl->in_msglen during * ssl->in_offt != NULL is fatal. */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->in_offt != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -4369,66 +4261,64 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) * bounds after handling a DTLS message with an unexpected * sequence number, see mbedtls_ssl_prepare_handshake_record. */ - if( ssl->in_hslen < ssl->in_msglen ) - { + if (ssl->in_hslen < ssl->in_msglen) { ssl->in_msglen -= ssl->in_hslen; - memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, - ssl->in_msglen ); + memmove(ssl->in_msg, ssl->in_msg + ssl->in_hslen, + ssl->in_msglen); - MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record", - ssl->in_msg, ssl->in_msglen ); - } - else - { + MBEDTLS_SSL_DEBUG_BUF(4, "remaining content in record", + ssl->in_msg, ssl->in_msglen); + } else { ssl->in_msglen = 0; } ssl->in_hslen = 0; } /* Case (4): Application data */ - else if( ssl->in_offt != NULL ) - { - return( 0 ); + else if (ssl->in_offt != NULL) { + return 0; } /* Everything else (CCS & Alerts) */ - else - { + else { ssl->in_msglen = 0; } - return( 0 ); + return 0; } -static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_record_is_in_progress(mbedtls_ssl_context *ssl) { - if( ssl->in_msglen > 0 ) - return( 1 ); + if (ssl->in_msglen > 0) { + return 1; + } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) +static void ssl_free_buffered_record(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) + if (hs == NULL) { return; + } - if( hs->buffering.future_record.data != NULL ) - { + if (hs->buffering.future_record.data != NULL) { hs->buffering.total_bytes_buffered -= hs->buffering.future_record.len; - mbedtls_free( hs->buffering.future_record.data ); + mbedtls_free(hs->buffering.future_record.data); hs->buffering.future_record.data = NULL; } } -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_load_buffered_record(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; - unsigned char * rec; + unsigned char *rec; size_t rec_len; unsigned rec_epoch; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -4436,87 +4326,92 @@ static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) #else size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; + } - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } rec = hs->buffering.future_record.data; rec_len = hs->buffering.future_record.len; rec_epoch = hs->buffering.future_record.epoch; - if( rec == NULL ) - return( 0 ); + if (rec == NULL) { + return 0; + } /* Only consider loading future records if the * input buffer is empty. */ - if( ssl_next_record_is_in_datagram( ssl ) == 1 ) - return( 0 ); + if (ssl_next_record_is_in_datagram(ssl) == 1) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_load_buffered_record")); - if( rec_epoch != ssl->in_epoch ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) ); + if (rec_epoch != ssl->in_epoch) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffered record not from current epoch.")); goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Found buffered record from current epoch - load")); /* Double-check that the record is not too large */ - if( rec_len > in_buf_len - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (rec_len > in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( ssl->in_hdr, rec, rec_len ); + memcpy(ssl->in_hdr, rec, rec_len); ssl->in_left = rec_len; ssl->next_record_offset = 0; - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); exit: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_load_buffered_record")); + return 0; } -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, - mbedtls_record const *rec ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_buffer_future_record(mbedtls_ssl_context *ssl, + mbedtls_record const *rec) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; /* Don't buffer future records outside handshakes. */ - if( hs == NULL ) - return( 0 ); + if (hs == NULL) { + return 0; + } /* Only buffer handshake records (we are only interested * in Finished messages). */ - if( rec->type != MBEDTLS_SSL_MSG_HANDSHAKE ) - return( 0 ); + if (rec->type != MBEDTLS_SSL_MSG_HANDSHAKE) { + return 0; + } /* Don't buffer more than one future epoch record. */ - if( hs->buffering.future_record.data != NULL ) - return( 0 ); + if (hs->buffering.future_record.data != NULL) { + return 0; + } /* Don't buffer record if there's not enough buffering space remaining. */ - if( rec->buf_len > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - - hs->buffering.total_bytes_buffered ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET - " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET - " (already %" MBEDTLS_PRINTF_SIZET - " bytes buffered) -- ignore\n", - rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, - hs->buffering.total_bytes_buffered ) ); - return( 0 ); + if (rec->buf_len > (MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffering of future epoch record of size %" MBEDTLS_PRINTF_SIZET + " would exceed the compile-time limit %" MBEDTLS_PRINTF_SIZET + " (already %" MBEDTLS_PRINTF_SIZET + " bytes buffered) -- ignore\n", + rec->buf_len, (size_t) MBEDTLS_SSL_DTLS_MAX_BUFFERING, + hs->buffering.total_bytes_buffered)); + return 0; } /* Buffer record */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u", - ssl->in_epoch + 1U ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", rec->buf, rec->buf_len ); + MBEDTLS_SSL_DEBUG_MSG(2, ("Buffer record from epoch %u", + ssl->in_epoch + 1U)); + MBEDTLS_SSL_DEBUG_BUF(3, "Buffered record", rec->buf, rec->buf_len); /* ssl_parse_record_header() only considers records * of the next epoch as candidates for buffering. */ @@ -4524,23 +4419,23 @@ static int ssl_buffer_future_record( mbedtls_ssl_context *ssl, hs->buffering.future_record.len = rec->buf_len; hs->buffering.future_record.data = - mbedtls_calloc( 1, hs->buffering.future_record.len ); - if( hs->buffering.future_record.data == NULL ) - { + mbedtls_calloc(1, hs->buffering.future_record.len); + if (hs->buffering.future_record.data == NULL) { /* If we run out of RAM trying to buffer a * record from the next epoch, just ignore. */ - return( 0 ); + return 0; } - memcpy( hs->buffering.future_record.data, rec->buf, rec->buf_len ); + memcpy(hs->buffering.future_record.data, rec->buf, rec->buf_len); hs->buffering.total_bytes_buffered += rec->buf_len; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static int ssl_get_next_record( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_next_record(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_record rec; @@ -4552,44 +4447,41 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) * the length of the buffered record, so that * the calls to ssl_fetch_input() below will * essentially be no-ops. */ - ret = ssl_load_buffered_record( ssl ); - if( ret != 0 ) - return( ret ); + ret = ssl_load_buffered_record(ssl); + if (ret != 0) { + return ret; + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Ensure that we have enough space available for the default form * of TLS / DTLS record headers (5 Bytes for TLS, 13 Bytes for DTLS, * with no space for CIDs counted in). */ - ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_in_hdr_len( ssl ) ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + ret = mbedtls_ssl_fetch_input(ssl, mbedtls_ssl_in_hdr_len(ssl)); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - ret = ssl_parse_record_header( ssl, ssl->in_hdr, ssl->in_left, &rec ); - if( ret != 0 ) - { + ret = ssl_parse_record_header(ssl, ssl->in_hdr, ssl->in_left, &rec); + if (ret != 0) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { - ret = ssl_buffer_future_record( ssl, &rec ); - if( ret != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE) { + ret = ssl_buffer_future_record(ssl, &rec); + if (ret != 0) { + return ret; + } /* Fall through to handling of unexpected records */ ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) - { + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) { #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) /* Reset in pointers to default state for TLS/DTLS records, * assuming no CID and no offset between record content and * record plaintext. */ - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); /* Setup internal message pointers from record structure. */ ssl->in_msgtype = rec.type; @@ -4599,59 +4491,53 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_iv = ssl->in_msg = ssl->in_len + 2; ssl->in_msglen = rec.data_len; - ret = ssl_check_client_reconnect( ssl ); - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_client_reconnect", ret ); - if( ret != 0 ) - return( ret ); + ret = ssl_check_client_reconnect(ssl); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_check_client_reconnect", ret); + if (ret != 0) { + return ret; + } #endif /* Skip unexpected record (but not whole datagram) */ ssl->next_record_offset = rec.buf_len; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record " - "(header)" ) ); - } - else - { + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding unexpected record " + "(header)")); + } else { /* Skip invalid record and the rest of the datagram */ ssl->next_record_offset = 0; ssl->in_left = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record " - "(header)" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record " + "(header)")); } /* Get next record */ - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } - else + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } else #endif { - return( ret ); + return ret; } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Remember offset of next record within datagram. */ ssl->next_record_offset = rec.buf_len; - if( ssl->next_record_offset < ssl->in_left ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "more than one record within datagram" ) ); + if (ssl->next_record_offset < ssl->in_left) { + MBEDTLS_SSL_DEBUG_MSG(3, ("more than one record within datagram")); } - } - else + } else #endif { /* * Fetch record contents from underlying transport. */ - ret = mbedtls_ssl_fetch_input( ssl, rec.buf_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + ret = mbedtls_ssl_fetch_input(ssl, rec.buf_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } ssl->in_left = 0; @@ -4661,37 +4547,31 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) * Decrypt record contents. */ - if( ( ret = ssl_prepare_record_content( ssl, &rec ) ) != 0 ) - { + if ((ret = ssl_prepare_record_content(ssl, &rec)) != 0) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Silently discard invalid records */ - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { /* Except when waiting for Finished as a bad mac here * probably means something went wrong in the handshake * (eg wrong psk used, mitm downgrade attempt, etc.) */ - if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || - ssl->state == MBEDTLS_SSL_SERVER_FINISHED ) - { + if (ssl->state == MBEDTLS_SSL_CLIENT_FINISHED || + ssl->state == MBEDTLS_SSL_SERVER_FINISHED) { #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC); } #endif - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( ssl->conf->badmac_limit != 0 && - ++ssl->badmac_seen >= ssl->conf->badmac_limit ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); - return( MBEDTLS_ERR_SSL_INVALID_MAC ); + if (ssl->conf->badmac_limit != 0 && + ++ssl->badmac_seen >= ssl->conf->badmac_limit) { + MBEDTLS_SSL_DEBUG_MSG(1, ("too many records with bad MAC")); + return MBEDTLS_ERR_SSL_INVALID_MAC; } #endif @@ -4701,25 +4581,23 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->next_record_offset = 0; ssl->in_left = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) ); - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); + MBEDTLS_SSL_DEBUG_MSG(1, ("discarding invalid record (mac)")); + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } - return( ret ); - } - else + return ret; + } else #endif { /* Error out (and send alert) on invalid records */ #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - { - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC ); + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC); } #endif - return( ret ); + return ret; } } @@ -4727,7 +4605,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) /* Reset in pointers to default state for TLS/DTLS records, * assuming no CID and no offset between record content and * record plaintext. */ - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->in_len = ssl->in_cid + rec.cid_len; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -4743,130 +4621,114 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) ssl->in_hdr[0] = rec.type; ssl->in_msg = rec.buf + rec.data_offset; ssl->in_msglen = rec.data_len; - MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 ); + MBEDTLS_PUT_UINT16_BE(rec.data_len, ssl->in_len, 0); #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->transform_in != NULL && - ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); - return( ret ); + if (ssl->transform_in != NULL && + ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + if ((ret = ssl_decompress_buf(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_decompress_buf", ret); + return ret; } /* Check actual (decompress) record content length against * configured maximum. */ - if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad message length")); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } } #endif /* MBEDTLS_ZLIB_SUPPORT */ - return( 0 ); + return 0; } -int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* * Handle particular types of records */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 ) - { - return( ret ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + if ((ret = mbedtls_ssl_prepare_handshake_record(ssl)) != 0) { + return ret; } } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - if( ssl->in_msglen != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + if (ssl->in_msglen != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, len: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - if( ssl->in_msg[0] != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x", - ssl->in_msg[0] ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + if (ssl->in_msg[0] != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid CCS message, content: %02x", + ssl->in_msg[0])); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && - ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { - if( ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC) { + if (ssl->handshake == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("dropping ChangeCipherSpec outside handshake")); + return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) ); - return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + MBEDTLS_SSL_DEBUG_MSG(1, ("received out-of-order ChangeCipherSpec - remember")); + return MBEDTLS_ERR_SSL_EARLY_MESSAGE; } #endif } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - if( ssl->in_msglen != 2 ) - { + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { + if (ssl->in_msglen != 2) { /* Note: Standard allows for more than one 2 byte alert to be packed in a single message, but Mbed TLS doesn't currently support this. */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %" MBEDTLS_PRINTF_SIZET, - ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid alert message, len: %" MBEDTLS_PRINTF_SIZET, + ssl->in_msglen)); + return MBEDTLS_ERR_SSL_INVALID_RECORD; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%u:%u]", - ssl->in_msg[0], ssl->in_msg[1] ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("got an alert message, type: [%u:%u]", + ssl->in_msg[0], ssl->in_msg[1])); /* * Ignore non-fatal alerts, except close_notify and no_renegotiation */ - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", - ssl->in_msg[1] ) ); - return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("is a fatal alert message (msg %d)", + ssl->in_msg[1])); + return MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE; } - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); - return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a close notify message")); + return MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY; } #if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED) - if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no renegotiation alert" ) ); + if (ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no renegotiation alert")); /* Will be handled when trying to parse ServerHello */ - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) ); + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("is a SSLv3 no_cert")); /* Will be handled in mbedtls_ssl_parse_certificate() */ - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ @@ -4875,72 +4737,73 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Drop unexpected ApplicationData records, * except at the beginning of renegotiations */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER #if defined(MBEDTLS_SSL_RENEGOTIATION) - && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) + && !(ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->state == MBEDTLS_SSL_SERVER_HELLO) #endif - ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); - return( MBEDTLS_ERR_SSL_NON_FATAL ); + ) { + MBEDTLS_SSL_DEBUG_MSG(1, ("dropping unexpected ApplicationData")); + return MBEDTLS_ERR_SSL_NON_FATAL; } - if( ssl->handshake != NULL && - ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl ); + if (ssl->handshake != NULL && + ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); + return 0; } -int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl) { - return( mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ); + return mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); } -int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, - unsigned char level, - unsigned char message ) +int mbedtls_ssl_send_alert_message(mbedtls_ssl_context *ssl, + unsigned char level, + unsigned char message) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + if (ssl->out_left != 0) { + return mbedtls_ssl_flush_output(ssl); + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message )); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> send alert message")); + MBEDTLS_SSL_DEBUG_MSG(3, ("send alert level=%u message=%u", level, message)); ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; ssl->out_msglen = 2; ssl->out_msg[0] = level; ssl->out_msg[1] = message; - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= send alert message")); - return( 0 ); + return 0; } -int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec")); ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->out_msglen = 1; @@ -4948,35 +4811,32 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write change cipher spec")); - return( 0 ); + return 0; } -int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse change cipher spec")); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad change cipher spec message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* CCS records are only accepted if they have length 1 and content '1', @@ -4986,50 +4846,45 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) * Switch to our negotiated transform and session parameters for inbound * data. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for inbound data")); ssl->transform_in = ssl->transform_negotiate; ssl->session_in = ssl->session_negotiate; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); + mbedtls_ssl_dtls_replay_reset(ssl); #endif /* Increment epoch */ - if( ++ssl->in_epoch == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); + if (++ssl->in_epoch == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap")); /* This is highly unlikely to happen for legitimate reasons, so treat it as an attack and don't send an alert. */ - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->in_ctr, 0, 8 ); + memset(ssl->in_ctr, 0, 8); - mbedtls_ssl_update_in_pointers( ssl ); + mbedtls_ssl_update_in_pointers(ssl); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_INBOUND)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse change cipher spec")); - return( 0 ); + return 0; } /* Once ssl->out_hdr as the address of the beginning of the @@ -5041,32 +4896,32 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) */ static size_t ssl_transform_get_explicit_iv_len( - mbedtls_ssl_transform const *transform ) + mbedtls_ssl_transform const *transform) { - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - return( 0 ); + if (transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2) { + return 0; + } - return( transform->ivlen - transform->fixed_ivlen ); + return transform->ivlen - transform->fixed_ivlen; } -void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, - mbedtls_ssl_transform *transform ) +void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_ctr = ssl->out_hdr + 3; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) ssl->out_cid = ssl->out_ctr + 8; ssl->out_len = ssl->out_cid; - if( transform != NULL ) + if (transform != NULL) { ssl->out_len += transform->out_cid_len; + } #else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_len = ssl->out_ctr + 8; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->out_iv = ssl->out_len + 2; - } - else + } else #endif { ssl->out_ctr = ssl->out_hdr - 8; @@ -5079,8 +4934,9 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, ssl->out_msg = ssl->out_iv; /* Adjust out_msg to make space for explicit IV, if used. */ - if( transform != NULL ) - ssl->out_msg += ssl_transform_get_explicit_iv_len( transform ); + if (transform != NULL) { + ssl->out_msg += ssl_transform_get_explicit_iv_len(transform); + } } /* Once ssl->in_hdr as the address of the beginning of the @@ -5091,7 +4947,7 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl, * and the caller has to make sure there's space for this. */ -void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl) { /* This function sets the pointers to match the case * of unprotected TLS/DTLS records, with both ssl->in_iv @@ -5104,8 +4960,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* This sets the header pointers to match records * without CID. When we receive a record containing * a CID, the fields are shifted accordingly in @@ -5118,8 +4973,7 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) ssl->in_len = ssl->in_ctr + 8; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ ssl->in_iv = ssl->in_len + 2; - } - else + } else #endif { ssl->in_ctr = ssl->in_hdr - 8; @@ -5138,16 +4992,14 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl ) * Setup an SSL context */ -void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl) { /* Set the incoming and outgoing record pointers. */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->out_hdr = ssl->out_buf; ssl->in_hdr = ssl->in_buf; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ { ssl->out_hdr = ssl->out_buf + 8; @@ -5155,29 +5007,28 @@ void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) } /* Derive other internal pointers. */ - mbedtls_ssl_update_out_pointers( ssl, NULL /* no transform enabled */ ); - mbedtls_ssl_update_in_pointers ( ssl ); + mbedtls_ssl_update_out_pointers(ssl, NULL /* no transform enabled */); + mbedtls_ssl_update_in_pointers(ssl); } /* * SSL get accessors */ -size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_bytes_avail(const mbedtls_ssl_context *ssl) { - return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); + return ssl->in_offt == NULL ? 0 : ssl->in_msglen; } -int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_check_pending(const mbedtls_ssl_context *ssl) { /* * Case A: We're currently holding back * a message for further processing. */ - if( ssl->keep_current_message == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: record held back for processing" ) ); - return( 1 ); + if (ssl->keep_current_message == 1) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: record held back for processing")); + return 1; } /* @@ -5185,11 +5036,10 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->in_left > ssl->next_record_offset ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more records within current datagram" ) ); - return( 1 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->in_left > ssl->next_record_offset) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: more records within current datagram")); + return 1; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -5197,19 +5047,18 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) * Case C: A handshake message is being processed. */ - if( ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: more handshake messages within current record" ) ); - return( 1 ); + if (ssl->in_hslen > 0 && ssl->in_hslen < ssl->in_msglen) { + MBEDTLS_SSL_DEBUG_MSG(3, + ("ssl_check_pending: more handshake messages within current record")); + return 1; } /* * Case D: An application data message is being processed */ - if( ssl->in_offt != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: application data record is being processed" ) ); - return( 1 ); + if (ssl->in_offt != NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: application data record is being processed")); + return 1; } /* @@ -5218,29 +5067,30 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) * we implement support for multiple alerts in single records. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_check_pending: nothing pending" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ssl_check_pending: nothing pending")); + return 0; } -int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context *ssl) { size_t transform_expansion = 0; const mbedtls_ssl_transform *transform = ssl->transform_out; unsigned block_size; - size_t out_hdr_len = mbedtls_ssl_out_hdr_len( ssl ); + size_t out_hdr_len = mbedtls_ssl_out_hdr_len(ssl); - if( transform == NULL ) - return( (int) out_hdr_len ); + if (transform == NULL) { + return (int) out_hdr_len; + } #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL) { + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif - switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) - { + switch (mbedtls_cipher_get_cipher_mode(&transform->cipher_ctx_enc)) { case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_CCM: case MBEDTLS_MODE_CHACHAPOLY: @@ -5251,7 +5101,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) case MBEDTLS_MODE_CBC: block_size = mbedtls_cipher_get_block_size( - &transform->cipher_ctx_enc ); + &transform->cipher_ctx_enc); /* Expansion due to the addition of the MAC. */ transform_expansion += transform->maclen; @@ -5264,81 +5114,83 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) /* For TLS 1.1 or higher, an explicit IV is added * after the record header. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2) { transform_expansion += block_size; + } #endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ break; default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( transform->out_cid_len != 0 ) + if (transform->out_cid_len != 0) { transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - return( (int)( out_hdr_len + transform_expansion ) ); + return (int) (out_hdr_len + transform_expansion); } #if defined(MBEDTLS_SSL_RENEGOTIATION) /* * Check record counters and renegotiate if they're above the limit. */ -static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl) { - size_t ep_len = mbedtls_ssl_ep_len( ssl ); + size_t ep_len = mbedtls_ssl_ep_len(ssl); int in_ctr_cmp; int out_ctr_cmp; - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER || ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING || - ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ) - { - return( 0 ); + ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED) { + return 0; } - in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); - out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, - ssl->conf->renego_period + ep_len, 8 - ep_len ); + in_ctr_cmp = memcmp(ssl->in_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len); + out_ctr_cmp = memcmp(ssl->cur_out_ctr + ep_len, + ssl->conf->renego_period + ep_len, 8 - ep_len); - if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) - { - return( 0 ); + if (in_ctr_cmp <= 0 && out_ctr_cmp <= 0) { + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) ); - return( mbedtls_ssl_renegotiate( ssl ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("record counter limit reached: renegotiate")); + return mbedtls_ssl_renegotiate(ssl); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Receive application data decrypted from the SSL layer */ -int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> read")); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } - if( ssl->handshake != NULL && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->handshake != NULL && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } } #endif @@ -5356,64 +5208,57 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - ret = ssl_check_ctr_renegotiate( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); + ret = ssl_check_ctr_renegotiate(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret); + return ret; } #endif - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } /* Loop as long as no application data record is available */ - while( ssl->in_offt == NULL ) - { + while (ssl->in_offt == NULL) { /* Start timer if not already running */ - if( ssl->f_get_timer != NULL && - ssl->f_get_timer( ssl->p_timer ) == -1 ) - { - mbedtls_ssl_set_timer( ssl, ssl->conf->read_timeout ); + if (ssl->f_get_timer != NULL && + ssl->f_get_timer(ssl->p_timer) == -1) { + mbedtls_ssl_set_timer(ssl, ssl->conf->read_timeout); } - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + if (ret == MBEDTLS_ERR_SSL_CONN_EOF) { + return 0; + } - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - if( ssl->in_msglen == 0 && - ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { + if (ssl->in_msglen == 0 && + ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { /* * OpenSSL sends empty messages to randomize the IV */ - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) - return( 0 ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + if (ret == MBEDTLS_ERR_SSL_CONN_EOF) { + return 0; + } - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received handshake message")); /* * - For client-side, expect SERVER_HELLO_REQUEST. @@ -5422,105 +5267,93 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) */ #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + (ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl))) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not HelloRequest)")); /* With DTLS, drop the packet (probably from last handshake) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { continue; } #endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("handshake received (not ClientHello)")); /* With DTLS, drop the packet (probably from last handshake) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { continue; } #endif - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_RENEGOTIATION) /* Determine whether renegotiation attempt should be accepted */ - if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || - ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == - MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) ) - { + if (!(ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED || + (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == + MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION))) { /* * Accept renegotiation request */ /* DTLS clients need to know renego is server-initiated */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; } #endif - ret = mbedtls_ssl_start_renegotiation( ssl ); - if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && - ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", - ret ); - return( ret ); + ret = mbedtls_ssl_start_renegotiation(ssl); + if (ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO && + ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation", + ret); + return ret; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { /* * Refuse renegotiation */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("refusing renegotiation, sending alert")); #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { /* SSLv3 does not have a "no_renegotiation" warning, so we send a fatal alert and abort the connection. */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); - } - else + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) - { - return( ret ); + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { + if ((ret = mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION)) + != 0) { + return ret; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } @@ -5545,84 +5378,77 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) continue; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->renego_max_records >= 0 ) - { - if( ++ssl->renego_records_seen > ssl->conf->renego_max_records ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, " - "but not honored by client" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if (ssl->conf->renego_max_records >= 0) { + if (++ssl->renego_records_seen > ssl->conf->renego_max_records) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation requested, " + "but not honored by client")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } } } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) ); - return( MBEDTLS_ERR_SSL_WANT_READ ); + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT) { + MBEDTLS_SSL_DEBUG_MSG(2, ("ignoring non-fatal non-closure alert")); + return MBEDTLS_ERR_SSL_WANT_READ; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad application data message")); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } ssl->in_offt = ssl->in_msg; /* We're going to return something now, cancel timer, * except if handshake (renegotiation) is in progress */ - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - mbedtls_ssl_set_timer( ssl, 0 ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + mbedtls_ssl_set_timer(ssl, 0); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) /* If we requested renego but received AppData, resend HelloRequest. * Do it now, after setting in_offt, to avoid taking this branch * again if ssl_write_hello_request() returns WANT_WRITE */ #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ( ret = mbedtls_ssl_resend_hello_request( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend_hello_request", - ret ); - return( ret ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if ((ret = mbedtls_ssl_resend_hello_request(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_resend_hello_request", + ret); + return ret; } } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ } - n = ( len < ssl->in_msglen ) + n = (len < ssl->in_msglen) ? len : ssl->in_msglen; - memcpy( buf, ssl->in_offt, n ); - ssl->in_msglen -= n; + if (len != 0) { + memcpy(buf, ssl->in_offt, n); + ssl->in_msglen -= n; + } /* Zeroising the plaintext buffer to erase unused application data from the memory. */ - mbedtls_platform_zeroize( ssl->in_offt, n ); + mbedtls_platform_zeroize(ssl->in_offt, n); - if( ssl->in_msglen == 0 ) - { + if (ssl->in_msglen == 0) { /* all bytes consumed */ ssl->in_offt = NULL; ssl->keep_current_message = 0; - } - else - { + } else { /* more data available */ ssl->in_offt += n; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= read")); - return( (int) n ); + return (int) n; } /* @@ -5637,50 +5463,43 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * Therefore, it is possible that the input message length is 0 and the * corresponding return code is 0 on success. */ -static int ssl_write_real( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_real(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { - int ret = mbedtls_ssl_get_max_out_record_payload( ssl ); + int ret = mbedtls_ssl_get_max_out_record_payload(ssl); const size_t max_len = (size_t) ret; - if( ret < 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret ); - return( ret ); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_get_max_out_record_payload", ret); + return ret; } - if( len > max_len ) - { + if (len > max_len) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) " - "maximum fragment length: %" MBEDTLS_PRINTF_SIZET - " > %" MBEDTLS_PRINTF_SIZET, - len, max_len ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("fragment larger than the (negotiated) " + "maximum fragment length: %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + len, max_len)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } else #endif - len = max_len; + len = max_len; } - if( ssl->out_left != 0 ) - { + if (ssl->out_left != 0) { /* * The user has previously tried to send the data and * MBEDTLS_ERR_SSL_WANT_WRITE or the message was only partially * written. In this case, we expect the high-level write function * (e.g. mbedtls_ssl_write()) to be called with the same parameters */ - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flush_output", ret); + return ret; } - } - else - { + } else { /* * The user is trying to send a message the first time, so we need to * copy the data into the internal buffers and setup the data structure @@ -5688,16 +5507,17 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, */ ssl->out_msglen = len; ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; - memcpy( ssl->out_msg, buf, len ); + if (len > 0) { + memcpy(ssl->out_msg, buf, len); + } - if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); + return ret; } } - return( (int) len ); + return (int) len; } /* @@ -5708,159 +5528,157 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, * remember whether we already did the split or not. */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -static int ssl_write_split( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_split(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl->conf->cbc_record_splitting == - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || + if (ssl->conf->cbc_record_splitting == + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || len <= 1 || ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || - mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) - != MBEDTLS_MODE_CBC ) - { - return( ssl_write_real( ssl, buf, len ) ); + mbedtls_cipher_get_cipher_mode(&ssl->transform_out->cipher_ctx_enc) + != MBEDTLS_MODE_CBC) { + return ssl_write_real(ssl, buf, len); } - if( ssl->split_done == 0 ) - { - if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 ) - return( ret ); + if (ssl->split_done == 0) { + if ((ret = ssl_write_real(ssl, buf, 1)) <= 0) { + return ret; + } ssl->split_done = 1; } - if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 ) - return( ret ); + if ((ret = ssl_write_real(ssl, buf + 1, len - 1)) <= 0) { + return ret; + } ssl->split_done = 0; - return( ret + 1 ); + return ret + 1; } #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * Write application data (public-facing wrapper) */ -int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) +int mbedtls_ssl_write(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write")); - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); - return( ret ); + if ((ret = ssl_check_ctr_renegotiate(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_check_ctr_renegotiate", ret); + return ret; } #endif - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - ret = ssl_write_split( ssl, buf, len ); + ret = ssl_write_split(ssl, buf, len); #else - ret = ssl_write_real( ssl, buf, len ); + ret = ssl_write_real(ssl, buf, len); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write")); - return( ret ); + return ret; } /* * Notify the peer that the connection is being closed */ -int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write close notify")); - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) - { - if( ( ret = mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_WARNING, - MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret ); - return( ret ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + if ((ret = mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_WARNING, + MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_send_alert_message", ret); + return ret; } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write close notify")); - return( 0 ); + return 0; } -void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) +void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform) { - if( transform == NULL ) + if (transform == NULL) { return; + } #if defined(MBEDTLS_ZLIB_SUPPORT) - deflateEnd( &transform->ctx_deflate ); - inflateEnd( &transform->ctx_inflate ); + deflateEnd(&transform->ctx_deflate); + inflateEnd(&transform->ctx_inflate); #endif - mbedtls_cipher_free( &transform->cipher_ctx_enc ); - mbedtls_cipher_free( &transform->cipher_ctx_dec ); + mbedtls_cipher_free(&transform->cipher_ctx_enc); + mbedtls_cipher_free(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - mbedtls_md_free( &transform->md_ctx_enc ); - mbedtls_md_free( &transform->md_ctx_dec ); + mbedtls_md_free(&transform->md_ctx_enc); + mbedtls_md_free(&transform->md_ctx_dec); #endif - mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) ); + mbedtls_platform_zeroize(transform, sizeof(mbedtls_ssl_transform)); } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl) { unsigned offset; mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( hs == NULL ) + if (hs == NULL) { return; + } - ssl_free_buffered_record( ssl ); + ssl_free_buffered_record(ssl); - for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) - ssl_buffering_free_slot( ssl, offset ); + for (offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++) { + ssl_buffering_free_slot(ssl, offset); + } } -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ) +static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, + uint8_t slot) { mbedtls_ssl_handshake_params * const hs = ssl->handshake; mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot]; - if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + if (slot >= MBEDTLS_SSL_MAX_BUFFERED_HS) { return; + } - if( hs_buf->is_valid == 1 ) - { + if (hs_buf->is_valid == 1) { hs->buffering.total_bytes_buffered -= hs_buf->data_len; - mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); - mbedtls_free( hs_buf->data ); - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + mbedtls_platform_zeroize(hs_buf->data, hs_buf->data_len); + mbedtls_free(hs_buf->data); + memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } } @@ -5875,19 +5693,18 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, * 1.0 <-> 3.2 (DTLS 1.0 is based on TLS 1.1) * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ) +void mbedtls_ssl_write_version(int major, int minor, int transport, + unsigned char ver[2]) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if (minor == MBEDTLS_SSL_MINOR_VERSION_2) { --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - ver[0] = (unsigned char)( 255 - ( major - 2 ) ); - ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); - } - else + } + ver[0] = (unsigned char) (255 - (major - 2)); + ver[1] = (unsigned char) (255 - (minor - 1)); + } else #else ((void) transport); #endif @@ -5897,19 +5714,18 @@ void mbedtls_ssl_write_version( int major, int minor, int transport, } } -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ) +void mbedtls_ssl_read_version(int *major, int *minor, int transport, + const unsigned char ver[2]) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { *major = 255 - ver[0] + 2; *minor = 255 - ver[1] + 1; - if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) + if (*minor == MBEDTLS_SSL_MINOR_VERSION_1) { ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - } - else + } + } else #else ((void) transport); #endif diff --git a/third_party/mbedtls/repo/library/ssl_srv.c b/third_party/mbedtls/repo/library/ssl_srv.c index 1a63173204f..544e50e6753 100644 --- a/third_party/mbedtls/repo/library/ssl_srv.c +++ b/third_party/mbedtls/repo/library/ssl_srv.c @@ -2,32 +2,14 @@ * SSLv3/TLSv1 server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_SSL_SRV_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -48,28 +30,30 @@ #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, - const unsigned char *info, - size_t ilen ) +int mbedtls_ssl_set_client_transport_id(mbedtls_ssl_context *ssl, + const unsigned char *info, + size_t ilen) { - if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - mbedtls_free( ssl->cli_id ); + mbedtls_free(ssl->cli_id); - if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ssl->cli_id = mbedtls_calloc(1, ilen)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( ssl->cli_id, info, ilen ); + memcpy(ssl->cli_id, info, ilen); ssl->cli_id_len = ilen; - return( 0 ); + return 0; } -void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, - mbedtls_ssl_cookie_write_t *f_cookie_write, - mbedtls_ssl_cookie_check_t *f_cookie_check, - void *p_cookie ) +void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf, + mbedtls_ssl_cookie_write_t *f_cookie_write, + mbedtls_ssl_cookie_check_t *f_cookie_check, + void *p_cookie) { conf->f_cookie_write = f_cookie_write; conf->f_cookie_check = f_cookie_check; @@ -78,150 +62,148 @@ void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_servername_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t servername_list_size, hostname_len; const unsigned char *p; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("parse ServerName extension")); - if( len < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( servername_list_size + 2 != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + servername_list_size = ((buf[0] << 8) | (buf[1])); + if (servername_list_size + 2 != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } p = buf + 2; - while( servername_list_size > 2 ) - { - hostname_len = ( ( p[1] << 8 ) | p[2] ); - if( hostname_len + 3 > servername_list_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + while (servername_list_size > 2) { + hostname_len = ((p[1] << 8) | p[2]); + if (hostname_len + 3 > servername_list_size) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) - { - ret = ssl->conf->f_sni( ssl->conf->p_sni, - ssl, p + 3, hostname_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME) { + ret = ssl->conf->f_sni(ssl->conf->p_sni, + ssl, p + 3, hostname_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_sni_wrapper", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - return( 0 ); + return 0; } servername_list_size -= hostname_len + 3; p += hostname_len + 3; } - if( servername_list_size != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (servername_list_size != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_conf_has_psk_or_cb(mbedtls_ssl_config const *conf) { - if( conf->f_psk != NULL ) - return( 1 ); + if (conf->f_psk != NULL) { + return 1; + } - if( conf->psk_identity_len == 0 || conf->psk_identity == NULL ) - return( 0 ); + if (conf->psk_identity_len == 0 || conf->psk_identity == NULL) { + return 0; + } - if( conf->psk != NULL && conf->psk_len != 0 ) - return( 1 ); + if (conf->psk != NULL && conf->psk_len != 0) { + return 1; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { + return 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl) { - if( ssl->conf->f_psk != NULL ) - { + if (ssl->conf->f_psk != NULL) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ -static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Check verify-data in constant-time. The length OTOH is no secret */ - if( len != 1 + ssl->verify_data_len || + if (len != 1 + ssl->verify_data_len || buf[0] != ssl->verify_data_len || - mbedtls_ct_memcmp( buf + 1, ssl->peer_verify_data, - ssl->verify_data_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ct_memcmp(buf + 1, ssl->peer_verify_data, + ssl->verify_data_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-matching renegotiation info")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { - if( len != 1 || buf[0] != 0x0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 1 || buf[0] != 0x0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("non-zero length renegotiation info")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; } - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ @@ -239,9 +221,10 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, * This needs to be done at a later stage. * */ -static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_signature_algorithms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t sig_alg_list_size; @@ -251,20 +234,19 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, mbedtls_md_type_t md_cur; mbedtls_pk_type_t sig_cur; - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( sig_alg_list_size + 2 != len || - sig_alg_list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + sig_alg_list_size = ((buf[0] << 8) | (buf[1])); + if (sig_alg_list_size + 2 != len || + sig_alg_list_size % 2 != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Currently we only guarantee signing the ServerKeyExchange message according @@ -276,102 +258,93 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, * pair list from the extension. */ - for( p = buf + 2; p < end; p += 2 ) - { + for (p = buf + 2; p < end; p += 2) { /* Silently ignore unknown signature or hash algorithms. */ - if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext" - " unknown sig alg encoding %d", p[1] ) ); + if ((sig_cur = mbedtls_ssl_pk_alg_from_sig(p[1])) == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext" + " unknown sig alg encoding %d", p[1])); continue; } /* Check if we support the hash the user proposes */ - md_cur = mbedtls_ssl_md_alg_from_hash( p[0] ); - if( md_cur == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " unknown hash alg encoding %d", p[0] ) ); + md_cur = mbedtls_ssl_md_alg_from_hash(p[0]); + if (md_cur == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:" + " unknown hash alg encoding %d", p[0])); continue; } - if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 ) - { - mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:" - " match sig %u and hash %u", - (unsigned) sig_cur, (unsigned) md_cur ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: " - "hash alg %u not supported", (unsigned) md_cur ) ); + if (mbedtls_ssl_check_sig_hash(ssl, md_cur) == 0) { + mbedtls_ssl_sig_hash_set_add(&ssl->handshake->hash_algs, sig_cur, md_cur); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext:" + " match sig %u and hash %u", + (unsigned) sig_cur, (unsigned) md_cur)); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: " + "hash alg %u not supported", (unsigned) md_cur)); } } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_supported_elliptic_curves(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size, our_size; const unsigned char *p; const mbedtls_ecp_curve_info *curve_info, **curves; - if ( len < 2 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); - if( list_size + 2 != len || - list_size % 2 != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + list_size = ((buf[0] << 8) | (buf[1])); + if (list_size + 2 != len || + list_size % 2 != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Should never happen unless client duplicates the extension */ - if( ssl->handshake->curves != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->handshake->curves != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Don't allow our peer to make us allocate too much memory, * and leave room for a final 0 */ our_size = list_size / 2 + 1; - if( our_size > MBEDTLS_ECP_DP_MAX ) + if (our_size > MBEDTLS_ECP_DP_MAX) { our_size = MBEDTLS_ECP_DP_MAX; + } - if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((curves = mbedtls_calloc(our_size, sizeof(*curves))) == NULL) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } ssl->handshake->curves = curves; p = buf + 2; - while( list_size > 0 && our_size > 1 ) - { - curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] ); + while (list_size > 0 && our_size > 1) { + curve_info = mbedtls_ecp_curve_info_from_tls_id((p[0] << 8) | p[1]); - if( curve_info != NULL ) - { + if (curve_info != NULL) { *curves++ = curve_info; our_size--; } @@ -380,112 +353,109 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, p += 2; } - return( 0 ); + return 0; } -static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t list_size; const unsigned char *p; - if( len == 0 || (size_t)( buf[0] + 1 ) != len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len == 0 || (size_t) (buf[0] + 1) != len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } list_size = buf[0]; p = buf + 1; - while( list_size > 0 ) - { - if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || - p[0] == MBEDTLS_ECP_PF_COMPRESSED ) - { + while (list_size > 0) { + if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || + p[0] == MBEDTLS_ECP_PF_COMPRESSED) { #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ssl->handshake->ecdh_ctx.point_format = p[0]; #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) ssl->handshake->ecjpake_ctx.point_format = p[0]; #endif - MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(4, ("point format selected: %d", p[0])); + return 0; } list_size--; p++; } - return( 0 ); + return 0; } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_ecjpake_kkpp(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); - return( 0 ); + if (mbedtls_ecjpake_check(&ssl->handshake->ecjpake_ctx) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("skip ecjpake kkpp extension")); + return 0; } - if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx, - buf, len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( ret ); + if ((ret = mbedtls_ecjpake_read_round_one(&ssl->handshake->ecjpake_ctx, + buf, len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_one", ret); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return ret; } /* Only mark the extension as OK when we're sure it is */ ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_max_fragment_length_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->session_negotiate->mfl_code = buf[0]; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_cid_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { size_t peer_cid_len; /* CID extension only makes sense in DTLS */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -495,175 +465,170 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ + */ - if( len < 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } peer_cid_len = *buf++; len--; - if( len != peer_cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != peer_cid_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Ignore CID if the user has disabled its use. */ - if( ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) - { + if (ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED) { /* Leave ssl->handshake->cid_in_use in its default * value of MBEDTLS_SSL_CID_DISABLED. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Client sent CID extension, but CID disabled" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Client sent CID extension, but CID disabled")); + return 0; } - if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; - memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + memcpy(ssl->handshake->peer_cid, buf, peer_cid_len); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Client CID", buf, peer_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Use of CID extension negotiated")); + MBEDTLS_SSL_DEBUG_BUF(3, "Client CID", buf, peer_cid_len); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_truncated_hmac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) + if (ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) { ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_extended_ms_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { - if( len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ((void) buf); - if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && - ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED && + ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_session session; - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); - if( ssl->conf->f_ticket_parse == NULL || - ssl->conf->f_ticket_write == NULL ) - { - return( 0 ); + if (ssl->conf->f_ticket_parse == NULL || + ssl->conf->f_ticket_write == NULL) { + return 0; } /* Remember the client asked us to send a new ticket */ ssl->handshake->new_session_ticket = 1; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket length: %" MBEDTLS_PRINTF_SIZET, len)); - if( len == 0 ) - return( 0 ); + if (len == 0) { + return 0; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); - return( 0 ); + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket rejected: renegotiating")); + return 0; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ /* * Failures are ok: just ignore the ticket and proceed. */ - if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session, - buf, len ) ) != 0 ) - { - mbedtls_ssl_session_free( &session ); - - if( ret == MBEDTLS_ERR_SSL_INVALID_MAC ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) ); - else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED ) - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) ); - else - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret ); + if ((ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket, &session, + buf, len)) != 0) { + mbedtls_ssl_session_free(&session); + + if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic")); + } else if (ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired")); + } else { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_parse", ret); + } - return( 0 ); + return 0; } /* @@ -671,36 +636,38 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, * inform them we're accepting the ticket (RFC 5077 section 3.4) */ session.id_len = ssl->session_negotiate->id_len; - memcpy( &session.id, ssl->session_negotiate->id, session.id_len ); + memcpy(&session.id, ssl->session_negotiate->id, session.id_len); - mbedtls_ssl_session_free( ssl->session_negotiate ); - memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) ); + mbedtls_ssl_session_free(ssl->session_negotiate); + memcpy(ssl->session_negotiate, &session, sizeof(mbedtls_ssl_session)); /* Zeroize instead of free as we copied the content */ - mbedtls_platform_zeroize( &session, sizeof( mbedtls_ssl_session ) ); + mbedtls_platform_zeroize(&session, sizeof(mbedtls_ssl_session)); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from ticket")); ssl->handshake->resume = 1; /* Don't send a new ticket after all, this one is OK */ ssl->handshake->new_session_ticket = 0; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { size_t list_len, cur_len, ours_len; const unsigned char *theirs, *start, *end; const char **ours; /* If ALPN not configured, just ignore the extension */ - if( ssl->conf->alpn_list == NULL ) - return( 0 ); + if (ssl->conf->alpn_list == NULL) { + return 0; + } /* * opaque ProtocolName<1..2^8-1>; @@ -711,19 +678,17 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < 4) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + list_len = (buf[0] << 8) | buf[1]; + if (list_len != len - 2) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -731,71 +696,65 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, */ start = buf + 2; end = buf + len; - for( theirs = start; theirs != end; theirs += cur_len ) - { + for (theirs = start; theirs != end; theirs += cur_len) { cur_len = *theirs++; /* Current identifier must fit in list */ - if( cur_len > (size_t)( end - theirs ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cur_len > (size_t) (end - theirs)) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Empty strings MUST NOT be included */ - if( cur_len == 0 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cur_len == 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } } /* * Use our order of preference */ - for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) - { - ours_len = strlen( *ours ); - for( theirs = start; theirs != end; theirs += cur_len ) - { + for (ours = ssl->conf->alpn_list; *ours != NULL; ours++) { + ours_len = strlen(*ours); + for (theirs = start; theirs != end; theirs += cur_len) { cur_len = *theirs++; - if( cur_len == ours_len && - memcmp( theirs, *ours, cur_len ) == 0 ) - { + if (cur_len == ours_len && + memcmp(theirs, *ours, cur_len) == 0) { ssl->alpn_chosen = *ours; - return( 0 ); + return 0; } } } /* If we get there, no match was found */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) -static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { mbedtls_ssl_srtp_profile client_protection = MBEDTLS_TLS_SRTP_UNSET; - size_t i,j; + size_t i, j; size_t profile_length; uint16_t mki_length; /*! 2 bytes for profile length and 1 byte for mki len */ const size_t size_of_lengths = 3; /* If use_srtp is not configured, just ignore the extension */ - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->conf->dtls_srtp_profile_list == NULL ) || - ( ssl->conf->dtls_srtp_profile_list_len == 0 ) ) - { - return( 0 ); + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->conf->dtls_srtp_profile_list == NULL) || + (ssl->conf->dtls_srtp_profile_list_len == 0)) { + return 0; } /* RFC5764 section 4.1.1 @@ -815,86 +774,77 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * Check here that we have at least 2 bytes of protection profiles length * and one of srtp_mki length */ - if( len < size_of_lengths ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (len < size_of_lengths) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; + ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; /* first 2 bytes are protection profile length(in bytes) */ - profile_length = ( buf[0] << 8 ) | buf[1]; + profile_length = (buf[0] << 8) | buf[1]; buf += 2; /* The profile length cannot be bigger than input buffer size - lengths fields */ - if( profile_length > len - size_of_lengths || - profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */ - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (profile_length > len - size_of_lengths || + profile_length % 2 != 0) { /* profiles are 2 bytes long, so the length must be even */ + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* * parse the extension list values are defined in * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml */ - for( j = 0; j < profile_length; j += 2 ) - { + for (j = 0; j < profile_length; j += 2) { uint16_t protection_profile_value = buf[j] << 8 | buf[j + 1]; - client_protection = mbedtls_ssl_check_srtp_profile_value( protection_profile_value ); + client_protection = mbedtls_ssl_check_srtp_profile_value(protection_profile_value); - if( client_protection != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - client_protection ) ) ); - } - else - { + if (client_protection != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_SSL_DEBUG_MSG(3, ("found srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + client_protection))); + } else { continue; } /* check if suggested profile is in our list */ - for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) - { - if( client_protection == ssl->conf->dtls_srtp_profile_list[i] ) - { + for (i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++) { + if (client_protection == ssl->conf->dtls_srtp_profile_list[i]) { ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s", - mbedtls_ssl_get_srtp_profile_as_string( - client_protection ) ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("selected srtp profile: %s", + mbedtls_ssl_get_srtp_profile_as_string( + client_protection))); break; } } - if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET ) + if (ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET) { break; + } } buf += profile_length; /* buf points to the mki length */ mki_length = *buf; buf++; - if( mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH || - mki_length + profile_length + size_of_lengths != len ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH || + mki_length + profile_length + size_of_lengths != len) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* Parse the mki only if present and mki is supported locally */ - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED && - mki_length > 0 ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED && + mki_length > 0) { ssl->dtls_srtp_info.mki_len = mki_length; - memcpy( ssl->dtls_srtp_info.mki_value, buf, mki_length ); + memcpy(ssl->dtls_srtp_info.mki_value, buf, mki_length); - MBEDTLS_SSL_DEBUG_BUF( 3, "using mki", ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "using mki", ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ @@ -907,20 +857,21 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * Return 0 if the given key uses one of the acceptable curves, -1 otherwise */ #if defined(MBEDTLS_ECDSA_C) -static int ssl_check_key_curve( mbedtls_pk_context *pk, - const mbedtls_ecp_curve_info **curves ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_key_curve(mbedtls_pk_context *pk, + const mbedtls_ecp_curve_info **curves) { const mbedtls_ecp_curve_info **crv = curves; - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id; + mbedtls_ecp_group_id grp_id = mbedtls_pk_ec(*pk)->grp.id; - while( *crv != NULL ) - { - if( (*crv)->grp_id == grp_id ) - return( 0 ); + while (*crv != NULL) { + if ((*crv)->grp_id == grp_id) { + return 0; + } crv++; } - return( -1 ); + return -1; } #endif /* MBEDTLS_ECDSA_C */ @@ -928,41 +879,40 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk, * Try picking a certificate for this ciphersuite, * return 0 on success and -1 on failure. */ -static int ssl_pick_cert( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t * ciphersuite_info ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_pick_cert(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info) { mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; mbedtls_pk_type_t pk_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); uint32_t flags; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_key_cert != NULL ) + if (ssl->handshake->sni_key_cert != NULL) { list = ssl->handshake->sni_key_cert; - else + } else #endif - list = ssl->conf->key_cert; + list = ssl->conf->key_cert; - if( pk_alg == MBEDTLS_PK_NONE ) - return( 0 ); + if (pk_alg == MBEDTLS_PK_NONE) { + return 0; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite requires certificate")); - if( list == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) ); - return( -1 ); + if (list == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("server has no certificate")); + return -1; } - for( cur = list; cur != NULL; cur = cur->next ) - { + for (cur = list; cur != NULL; cur = cur->next) { flags = 0; - MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate", - cur->cert ); + MBEDTLS_SSL_DEBUG_CRT(3, "candidate certificate chain, certificate", + cur->cert); - if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) ); + if (!mbedtls_pk_can_do(&cur->cert->pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: key type")); continue; } @@ -974,19 +924,17 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * different uses based on keyUsage, eg if they want to avoid signing * and decrypting with the same RSA key. */ - if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info, - MBEDTLS_SSL_IS_SERVER, &flags ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: " - "(extended) key usage extension" ) ); + if (mbedtls_ssl_check_cert_usage(cur->cert, ciphersuite_info, + MBEDTLS_SSL_IS_SERVER, &flags) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: " + "(extended) key usage extension")); continue; } #if defined(MBEDTLS_ECDSA_C) - if( pk_alg == MBEDTLS_PK_ECDSA && - ssl_check_key_curve( &cur->cert->pk, ssl->handshake->curves ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) ); + if (pk_alg == MBEDTLS_PK_ECDSA && + ssl_check_key_curve(&cur->cert->pk, ssl->handshake->curves) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate mismatch: elliptic curve")); continue; } #endif @@ -996,15 +944,15 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * present them a SHA-higher cert rather than failing if it's the only * one we got that satisfies the other conditions. */ - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && - cur->cert->sig_md != MBEDTLS_MD_SHA1 ) - { - if( fallback == NULL ) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 && + cur->cert->sig_md != MBEDTLS_MD_SHA1) { + if (fallback == NULL) { fallback = cur; + } { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: " - "sha-2 with pre-TLS 1.2 client" ) ); - continue; + MBEDTLS_SSL_DEBUG_MSG(3, ("certificate not preferred: " + "sha-2 with pre-TLS 1.2 client")); + continue; } } @@ -1012,19 +960,19 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, break; } - if( cur == NULL ) + if (cur == NULL) { cur = fallback; + } /* Do not update ssl->handshake->key_cert unless there is a match */ - if( cur != NULL ) - { + if (cur != NULL) { ssl->handshake->key_cert = cur; - MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate", - ssl->handshake->key_cert->cert ); - return( 0 ); + MBEDTLS_SSL_DEBUG_CRT(3, "selected certificate chain, certificate", + ssl->handshake->key_cert->cert); + return 0; } - return( -1 ); + return -1; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ @@ -1032,8 +980,9 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * Check if a given ciphersuite is suitable for use with our config/keys/etc * Sets ciphersuite_info only if the suite matches. */ -static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, - const mbedtls_ssl_ciphersuite_t **ciphersuite_info ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_ciphersuite_match(mbedtls_ssl_context *ssl, int suite_id, + const mbedtls_ssl_ciphersuite_t **ciphersuite_info) { const mbedtls_ssl_ciphersuite_t *suite_info; @@ -1042,68 +991,63 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, mbedtls_pk_type_t sig_type; #endif - suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + suite_info = mbedtls_ssl_ciphersuite_from_id(suite_id); + if (suite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %#04x (%s)", - (unsigned int) suite_id, suite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("trying ciphersuite: %#04x (%s)", + (unsigned int) suite_id, suite_info->name)); - if( suite_info->min_minor_ver > ssl->minor_ver || - suite_info->max_minor_ver < ssl->minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); - return( 0 ); + if (suite_info->min_minor_ver > ssl->minor_ver || + suite_info->max_minor_ver < ssl->minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: version")); + return 0; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) - return( 0 ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS)) { + return 0; + } #endif #if defined(MBEDTLS_ARC4_C) - if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); - return( 0 ); + if (ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && + suite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: rc4")); + return 0; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake " - "not configured or ext missing" ) ); - return( 0 ); + if (suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + (ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK) == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: ecjpake " + "not configured or ext missing")); + return 0; } #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) - if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && - ( ssl->handshake->curves == NULL || - ssl->handshake->curves[0] == NULL ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no common elliptic curve" ) ); - return( 0 ); + if (mbedtls_ssl_ciphersuite_uses_ec(suite_info) && + (ssl->handshake->curves == NULL || + ssl->handshake->curves[0] == NULL)) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: " + "no common elliptic curve")); + return 0; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /* If the ciphersuite requires a pre-shared key and we don't * have one, skip it now rather than failing later */ - if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) && - ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) ); - return( 0 ); + if (mbedtls_ssl_ciphersuite_uses_psk(suite_info) && + ssl_conf_has_psk_or_cb(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no pre-shared key")); + return 0; } #endif @@ -1111,15 +1055,14 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* If the ciphersuite requires signing, check whether * a suitable hash algorithm is present. */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info ); - if( sig_type != MBEDTLS_PK_NONE && - mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm " - "for signature algorithm %u", (unsigned) sig_type ) ); - return( 0 ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + sig_type = mbedtls_ssl_get_ciphersuite_sig_alg(suite_info); + if (sig_type != MBEDTLS_PK_NONE && + mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_type) == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: no suitable hash algorithm " + "for signature algorithm %u", (unsigned) sig_type)); + return 0; } } @@ -1134,20 +1077,20 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, * - try the next ciphersuite if we don't * This must be done last since we modify the key_cert list. */ - if( ssl_pick_cert( ssl, suite_info ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " - "no suitable certificate" ) ); - return( 0 ); + if (ssl_pick_cert(ssl, suite_info) != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite mismatch: " + "no suitable certificate")); + return 0; } #endif *ciphersuite_info = suite_info; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) -static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_client_hello_v2(mbedtls_ssl_context *ssl) { int ret, got_common_suite; unsigned int i, j; @@ -1157,28 +1100,27 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) const int *ciphersuites; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello v2")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client hello v2 illegal for renegotiation")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ buf = ssl->in_hdr; - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, 5); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", - buf[2] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", - ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", - buf[3], buf[4] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message type: %d", + buf[2])); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, message len.: %d", + ((buf[0] & 0x7F) << 8) | buf[1])); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v2, max. version: [%d:%d]", + buf[3], buf[4])); /* * SSLv2 Client Hello @@ -1190,47 +1132,43 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) * 2 . 2 message type * 3 . 4 protocol version */ - if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || - buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO || + buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; + n = ((buf[0] << 8) | buf[1]) & 0x7FFF; - if( n < 17 || n > 512 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (n < 17 || n > 512) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; - ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver ) + ssl->minor_ver = (buf[4] <= ssl->conf->max_minor_ver) ? buf[4] : ssl->conf->max_minor_ver; - if( ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); + if (ssl->minor_ver < ssl->conf->min_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver)); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } ssl->handshake->max_major_ver = buf[3]; ssl->handshake->max_minor_ver = buf[4]; - if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + if ((ret = mbedtls_ssl_fetch_input(ssl, 2 + n)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - ssl->handshake->update_checksum( ssl, buf + 2, n ); + ssl->handshake->update_checksum(ssl, buf + 2, n); buf = ssl->in_msg; n = ssl->in_left - 5; @@ -1243,76 +1181,69 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) * .. . .. session id * .. . .. challenge */ - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n ); + MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, n); - ciph_len = ( buf[0] << 8 ) | buf[1]; - sess_len = ( buf[2] << 8 ) | buf[3]; - chal_len = ( buf[4] << 8 ) | buf[5]; + ciph_len = (buf[0] << 8) | buf[1]; + sess_len = (buf[2] << 8) | buf[3]; + chal_len = (buf[4] << 8) | buf[5]; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %u, sess_len: %u, chal_len: %u", - ciph_len, sess_len, chal_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciph_len: %u, sess_len: %u, chal_len: %u", + ciph_len, sess_len, chal_len)); /* * Make sure each parameter length is valid */ - if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ciph_len < 3 || (ciph_len % 3) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( sess_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (sess_len > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( chal_len < 8 || chal_len > 32 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (chal_len < 8 || chal_len > 32) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( n != 6 + ciph_len + sess_len + chal_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (n != 6 + ciph_len + sess_len + chal_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + 6, ciph_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", - buf + 6 + ciph_len, sess_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge", - buf + 6 + ciph_len + sess_len, chal_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist", + buf + 6, ciph_len); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", + buf + 6 + ciph_len, sess_len); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, challenge", + buf + 6 + ciph_len + sess_len, chal_len); p = buf + 6 + ciph_len; ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); + memset(ssl->session_negotiate->id, 0, + sizeof(ssl->session_negotiate->id)); + memcpy(ssl->session_negotiate->id, p, ssl->session_negotiate->id_len); p += sess_len; - memset( ssl->handshake->randbytes, 0, 64 ); - memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); + memset(ssl->handshake->randbytes, 0, 64); + memcpy(ssl->handshake->randbytes + 32 - chal_len, p, chal_len); /* * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) { + if (p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO ")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV " + "during renegotiation")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1321,21 +1252,18 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) - { - if( p[0] == 0 && - MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) ); + for (i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3) { + if (p[0] == 0 && + MBEDTLS_GET_UINT16_BE(p, 1) != MBEDTLS_SSL_FALLBACK_SCSV_VALUE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received FALLBACK_SCSV")); - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + if (ssl->minor_ver < ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } break; @@ -1347,41 +1275,58 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) -#endif - { - if( p[0] != 0 || - MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i] ) + for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) { + for (i = 0; ciphersuites[i] != 0; i++) { + if (p[0] != 0 || + MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite_v2; + } } + } +#else + for (i = 0; ciphersuites[i] != 0; i++) { + for (j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3) { + if (p[0] != 0 || + MBEDTLS_GET_UINT16_BE(p, 1) != ciphersuites[i]) { + continue; + } - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + got_common_suite = 1; + + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } + + if (ciphersuite_info != NULL) { + goto have_ciphersuite_v2; + } + } } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); +#endif + + if (got_common_suite) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, " + "but none of them usable")); + return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE; + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common")); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } have_ciphersuite_v2: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name)); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->handshake->ciphersuite_info = ciphersuite_info; @@ -1389,28 +1334,28 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) /* * SSLv2 Client Hello relevant renegotiation security checks */ - if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->in_left = 0; ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello v2")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ /* This function doesn't alert on errors that happen early during ClientHello parsing because they might indicate that the client is not talking SSL/TLS at all and would not understand our alert. */ -static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_client_hello(mbedtls_ssl_context *ssl) { int ret, got_common_suite; size_t i, j; @@ -1437,8 +1382,9 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client hello")); + int renegotiating = 0; #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) read_record_header: #endif @@ -1448,28 +1394,35 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * ClientHello, which doesn't use the same record layer format. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { + renegotiating = 1; + } #endif - { - if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 ) - { + if (!renegotiating) { + if ((ret = mbedtls_ssl_fetch_input(ssl, 5)) != 0) { /* No alert on a read error. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } } buf = ssl->in_hdr; #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + int is_dtls = 0; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + is_dtls = 1; + } #endif - if( ( buf[0] & 0x80 ) != 0 ) - return( ssl_parse_client_hello_v2( ssl ) ); + if (!is_dtls) { + if ((buf[0] & 0x80) != 0) { + return ssl_parse_client_hello_v2(ssl); + } + } #endif - MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_in_hdr_len( ssl ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "record header", buf, mbedtls_ssl_in_hdr_len(ssl)); /* * SSLv3/TLS Client Hello @@ -1480,167 +1433,158 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * 3 . 11 DTLS: epoch + record sequence number * 3 . 4 message length */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", - buf[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message type: %d", + buf[0])); - if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", - ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, message len.: %d", + (ssl->in_len[0] << 8) | ssl->in_len[1])); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]", - buf[1], buf[2] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, protocol version: [%d:%d]", + buf[1], buf[2])); - mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); + mbedtls_ssl_read_version(&major, &minor, ssl->conf->transport, buf + 1); /* According to RFC 5246 Appendix E.1, the version here is typically * "{03,00}, the lowest version number supported by the client, [or] the * value of ClientHello.client_version", so the only meaningful check here * is the major version shouldn't be less than 3 */ - if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (major < MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* For DTLS if this is the initial handshake, remember the client sequence * number to use it in our next message (RFC 6347 4.2.1) */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM #if defined(MBEDTLS_SSL_RENEGOTIATION) && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE #endif - ) - { + ) { /* Epoch should be 0 for initial handshakes */ - if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); + memcpy(ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6); #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) ); + if (mbedtls_ssl_dtls_replay_check(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("replayed record, discarding")); ssl->next_record_offset = 0; ssl->in_left = 0; goto read_record_header; } /* No MAC to check yet, so we can update right now */ - mbedtls_ssl_dtls_replay_update( ssl ); + mbedtls_ssl_dtls_replay_update(ssl); #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; + msg_len = (ssl->in_len[0] << 8) | ssl->in_len[1]; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { /* Set by mbedtls_ssl_read_record() */ msg_len = ssl->in_hslen; - } - else + } else #endif { - if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - if( ( ret = mbedtls_ssl_fetch_input( ssl, - mbedtls_ssl_in_hdr_len( ssl ) + msg_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret ); - return( ret ); + if ((ret = mbedtls_ssl_fetch_input(ssl, + mbedtls_ssl_in_hdr_len(ssl) + msg_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; } - /* Done reading this record, get ready for the next one */ + /* Done reading this record, get ready for the next one */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len( ssl ); - else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len(ssl); + } else #endif - ssl->in_left = 0; + ssl->in_left = 0; } buf = ssl->in_msg; - MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len ); + MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len); - ssl->handshake->update_checksum( ssl, buf, msg_len ); + ssl->handshake->update_checksum(ssl, buf, msg_len); /* * Handshake layer: * 0 . 0 handshake type * 1 . 3 handshake length - * 4 . 5 DTLS only: message seqence number + * 4 . 5 DTLS only: message sequence number * 6 . 8 DTLS only: fragment offset * 9 . 11 DTLS only: fragment length */ - if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len < mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake type: %d", buf[0])); - if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", - ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, handshake len.: %d", + (buf[1] << 16) | (buf[2] << 8) | buf[3])); + if (buf[1] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != 0", + (unsigned) buf[1])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } /* We don't support fragmentation of ClientHello (yet?) */ - if( buf[1] != 0 || - msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len != mbedtls_ssl_hs_hdr_len(ssl) + ((buf[2] << 8) | buf[3])) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message: %u != %u + %u", + (unsigned) msg_len, + (unsigned) mbedtls_ssl_hs_hdr_len(ssl), + (unsigned) (buf[2] << 8) | buf[3])); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* * Copy the client's handshake message_seq on initial handshakes, * check sequence number on renego. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { /* This couldn't be done in ssl_prepare_handshake_record() */ - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; - - if( cli_msg_seq != ssl->handshake->in_msg_seq ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " - "%u (expected %u)", cli_msg_seq, - ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | + ssl->in_msg[5]; + + if (cli_msg_seq != ssl->handshake->in_msg_seq) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message_seq: " + "%u (expected %u)", cli_msg_seq, + ssl->handshake->in_msg_seq)); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } ssl->handshake->in_msg_seq++; - } - else + } else #endif { - unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | - ssl->in_msg[5]; + unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | + ssl->in_msg[5]; ssl->handshake->out_msg_seq = cli_msg_seq; ssl->handshake->in_msg_seq = cli_msg_seq + 1; } @@ -1649,17 +1593,21 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * For now we don't support fragmentation, so make sure * fragment_offset == 0 and fragment_length == length */ - if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || - memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + MBEDTLS_SSL_DEBUG_MSG( + 4, ("fragment_offset=%u fragment_length=%u length=%u", + (unsigned) (ssl->in_msg[6] << 16 | ssl->in_msg[7] << 8 | ssl->in_msg[8]), + (unsigned) (ssl->in_msg[9] << 16 | ssl->in_msg[10] << 8 | ssl->in_msg[11]), + (unsigned) (ssl->in_msg[1] << 16 | ssl->in_msg[2] << 8 | ssl->in_msg[3]))); + if (ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 || + memcmp(ssl->in_msg + 1, ssl->in_msg + 9, 3) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ClientHello fragmentation not supported")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - buf += mbedtls_ssl_hs_hdr_len( ssl ); - msg_len -= mbedtls_ssl_hs_hdr_len( ssl ); + buf += mbedtls_ssl_hs_hdr_len(ssl); + msg_len -= mbedtls_ssl_hs_hdr_len(ssl); /* * ClientHello layer: @@ -1682,150 +1630,136 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can * read at least up to session id length without worrying. */ - if( msg_len < 38 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (msg_len < 38) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* * Check and save the protocol version */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, version", buf, 2); - mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver, - ssl->conf->transport, buf ); + mbedtls_ssl_read_version(&ssl->major_ver, &ssl->minor_ver, + ssl->conf->transport, buf); ssl->handshake->max_major_ver = ssl->major_ver; ssl->handshake->max_minor_ver = ssl->minor_ver; - if( ssl->major_ver < ssl->conf->min_major_ver || - ssl->minor_ver < ssl->conf->min_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" - " [%d:%d] < [%d:%d]", - ssl->major_ver, ssl->minor_ver, - ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + if (ssl->major_ver < ssl->conf->min_major_ver || + ssl->minor_ver < ssl->conf->min_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", + ssl->major_ver, ssl->minor_ver, + ssl->conf->min_major_ver, ssl->conf->min_minor_ver)); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; } - if( ssl->major_ver > ssl->conf->max_major_ver ) - { + if (ssl->major_ver > ssl->conf->max_major_ver) { ssl->major_ver = ssl->conf->max_major_ver; ssl->minor_ver = ssl->conf->max_minor_ver; - } - else if( ssl->minor_ver > ssl->conf->max_minor_ver ) + } else if (ssl->minor_ver > ssl->conf->max_minor_ver) { ssl->minor_ver = ssl->conf->max_minor_ver; + } /* * Save client random (inc. Unix time) */ - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", buf + 2, 32); - memcpy( ssl->handshake->randbytes, buf + 2, 32 ); + memcpy(ssl->handshake->randbytes, buf + 2, 32); /* * Check the session ID length and save session ID */ sess_len = buf[34]; - if( sess_len > sizeof( ssl->session_negotiate->id ) || - sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */ - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (sess_len > sizeof(ssl->session_negotiate->id) || + sess_len + 34 + 2 > msg_len) { /* 2 for cipherlist length field */ + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", buf + 35, sess_len); ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, - sizeof( ssl->session_negotiate->id ) ); - memcpy( ssl->session_negotiate->id, buf + 35, - ssl->session_negotiate->id_len ); + memset(ssl->session_negotiate->id, 0, + sizeof(ssl->session_negotiate->id)); + memcpy(ssl->session_negotiate->id, buf + 35, + ssl->session_negotiate->id_len); /* * Check the cookie length and content */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { cookie_offset = 35 + sess_len; cookie_len = buf[cookie_offset]; - if( cookie_offset + 1 + cookie_len + 2 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (cookie_offset + 1 + cookie_len + 2 > msg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", - buf + cookie_offset + 1, cookie_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, cookie", + buf + cookie_offset + 1, cookie_len); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->f_cookie_check != NULL + if (ssl->conf->f_cookie_check != NULL #if defined(MBEDTLS_SSL_RENEGOTIATION) && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE #endif - ) - { - if( ssl->conf->f_cookie_check( ssl->conf->p_cookie, - buf + cookie_offset + 1, cookie_len, - ssl->cli_id, ssl->cli_id_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); + ) { + if (ssl->conf->f_cookie_check(ssl->conf->p_cookie, + buf + cookie_offset + 1, cookie_len, + ssl->cli_id, ssl->cli_id_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification failed")); ssl->handshake->verify_cookie_len = 1; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification passed")); ssl->handshake->verify_cookie_len = 0; } - } - else + } else #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ { /* We know we didn't send a cookie, so it should be empty */ - if( cookie_len != 0 ) - { + if (cookie_len != 0) { /* This may be an attacker's probe, so don't send an alert */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("cookie verification skipped")); } - /* - * Check the ciphersuitelist length (will be parsed later) - */ + /* + * Check the ciphersuitelist length (will be parsed later) + */ ciph_offset = cookie_offset + 1 + cookie_len; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - ciph_offset = 35 + sess_len; + ciph_offset = 35 + sess_len; - ciph_len = ( buf[ciph_offset + 0] << 8 ) - | ( buf[ciph_offset + 1] ); + ciph_len = (buf[ciph_offset + 0] << 8) + | (buf[ciph_offset + 1]); - if( ciph_len < 2 || + if (ciph_len < 2 || ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ - ( ciph_len % 2 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + (ciph_len % 2) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", - buf + ciph_offset + 2, ciph_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist", + buf + ciph_offset + 2, ciph_len); /* * Check the compression algorithms length and pick one @@ -1834,25 +1768,22 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) comp_len = buf[comp_offset]; - if( comp_len < 1 || + if (comp_len < 1 || comp_len > 16 || - comp_len + comp_offset + 1 > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + comp_len + comp_offset + 1 > msg_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", - buf + comp_offset + 1, comp_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, compression", + buf + comp_offset + 1, comp_len); ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; #if defined(MBEDTLS_ZLIB_SUPPORT) - for( i = 0; i < comp_len; ++i ) - { - if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { + for (i = 0; i < comp_len; ++i) { + if (buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE) { ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE; break; } @@ -1861,99 +1792,97 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* See comments in ssl_write_client_hello() */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL; + } #endif /* Do not parse the extensions if the protocol is SSLv3 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { + if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) { #endif - /* - * Check the extension length - */ - ext_offset = comp_offset + 1 + comp_len; - if( msg_len > ext_offset ) - { - if( msg_len < ext_offset + 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + /* + * Check the extension length + */ + ext_offset = comp_offset + 1 + comp_len; + if (msg_len > ext_offset) { + if (msg_len < ext_offset + 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } - ext_len = ( buf[ext_offset + 0] << 8 ) - | ( buf[ext_offset + 1] ); + ext_len = (buf[ext_offset + 0] << 8) + | (buf[ext_offset + 1]); - if( msg_len != ext_offset + 2 + ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } + if (msg_len != ext_offset + 2 + ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } - else - ext_len = 0; - - ext = buf + ext_offset + 2; - MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len ); + } else { + ext_len = 0; + } - while( ext_len != 0 ) - { - unsigned int ext_id; - unsigned int ext_size; - if ( ext_len < 4 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); - ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); + ext = buf + ext_offset + 2; + MBEDTLS_SSL_DEBUG_BUF(3, "client hello extensions", ext, ext_len); - if( ext_size + 4 > ext_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - switch( ext_id ) - { + while (ext_len != 0) { + unsigned int ext_id; + unsigned int ext_size; + if (ext_len < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + ext_id = ((ext[0] << 8) | (ext[1])); + ext_size = ((ext[2] << 8) | (ext[3])); + + if (ext_size + 4 > ext_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; + } + switch (ext_id) { #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) case MBEDTLS_TLS_EXT_SERVERNAME: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); - if( ssl->conf->f_sni == NULL ) + MBEDTLS_SSL_DEBUG_MSG(3, ("found ServerName extension")); + if (ssl->conf->f_sni == NULL) { break; + } - ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_servername_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found renegotiation extension")); #if defined(MBEDTLS_SSL_RENEGOTIATION) renegotiation_info_seen = 1; #endif - ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_renegotiation_info(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) case MBEDTLS_TLS_EXT_SIG_ALG: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found signature_algorithms extension")); - ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_signature_algorithms_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } sig_hash_alg_ext_present = 1; break; @@ -1961,143 +1890,151 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found supported elliptic curves extension")); - ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_supported_elliptic_curves(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found supported point formats extension")); ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT; - ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_supported_point_formats(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_ECJPAKE_KKPP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found ecjpake kkpp extension")); - ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_ecjpake_kkpp(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found max fragment length extension")); - ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_max_fragment_length_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) case MBEDTLS_TLS_EXT_TRUNCATED_HMAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found truncated hmac extension")); - ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_truncated_hmac_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) case MBEDTLS_TLS_EXT_CID: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found CID extension")); - ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_cid_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found encrypt then mac extension")); - ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_encrypt_then_mac_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found extended master secret extension")); - ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_extended_ms_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) case MBEDTLS_TLS_EXT_SESSION_TICKET: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found session ticket extension")); - ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_session_ticket_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_ALPN) case MBEDTLS_TLS_EXT_ALPN: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension")); - ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_alpn_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_DTLS_SRTP) case MBEDTLS_TLS_EXT_USE_SRTP: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("found use_srtp extension")); - ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ); - if( ret != 0 ) - return( ret ); + ret = ssl_parse_use_srtp_ext(ssl, ext + 4, ext_size); + if (ret != 0) { + return ret; + } break; #endif /* MBEDTLS_SSL_DTLS_SRTP */ default: - MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %u (ignoring)", - ext_id ) ); - } - - ext_len -= 4 + ext_size; - ext += 4 + ext_size; + MBEDTLS_SSL_DEBUG_MSG(3, ("unknown extension found: %u (ignoring)", + ext_id)); } -#if defined(MBEDTLS_SSL_PROTO_SSL3) + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; } +#if defined(MBEDTLS_SSL_PROTO_SSL3) +} #endif #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( MBEDTLS_GET_UINT16_BE( p, 0 ) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) ); + for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) { + if (MBEDTLS_GET_UINT16_BE(p, 0) == MBEDTLS_SSL_FALLBACK_SCSV_VALUE) { + MBEDTLS_SSL_DEBUG_MSG(2, ("received FALLBACK_SCSV")); - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); + if (ssl->minor_ver < ssl->conf->max_minor_ver) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inapropriate fallback")); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } break; @@ -2112,14 +2049,14 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) * Try to fall back to default hash SHA1 if the client * hasn't provided any preferred signature-hash combinations. */ - if( sig_hash_alg_ext_present == 0 ) - { + if (sig_hash_alg_ext_present == 0) { mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1; - if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 ) + if (mbedtls_ssl_check_sig_hash(ssl, md_default) != 0) { md_default = MBEDTLS_MD_NONE; + } - mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default ); + mbedtls_ssl_sig_hash_set_const_hash(&ssl->handshake->hash_algs, md_default); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && @@ -2128,19 +2065,16 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */ - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + for (i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2) { + if (p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO) { + MBEDTLS_SSL_DEBUG_MSG(3, ("received TLS_EMPTY_RENEGOTIATION_INFO ")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " - "during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(1, ("received RENEGOTIATION SCSV " + "during renegotiation")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -2151,41 +2085,34 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) /* * Renegotiation security checks */ - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation, breaking off handshake")); handshake_failure = 1; } #if defined(MBEDTLS_SSL_RENEGOTIATION) - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION && - renegotiation_info_seen == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + renegotiation_info_seen == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension missing (secure)")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION) { + MBEDTLS_SSL_DEBUG_MSG(1, ("legacy renegotiation not allowed")); handshake_failure = 1; - } - else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && - ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && - renegotiation_info_seen == 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + } else if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS && + ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("renegotiation_info extension present (legacy)")); handshake_failure = 1; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ - if( handshake_failure == 1 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + if (handshake_failure == 1) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO; } /* @@ -2197,44 +2124,60 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - for( i = 0; ciphersuites[i] != 0; i++ ) + for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) { + for (i = 0; ciphersuites[i] != 0; i++) { + if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) { + continue; + } + + got_common_suite = 1; + + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } + + if (ciphersuite_info != NULL) { + goto have_ciphersuite; + } + } + } #else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) -#endif - { - if( MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i] ) + for (i = 0; ciphersuites[i] != 0; i++) { + for (j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2) { + if (MBEDTLS_GET_UINT16_BE(p, 0) != ciphersuites[i]) { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info ) ) != 0 ) - return( ret ); + if ((ret = ssl_ciphersuite_match(ssl, ciphersuites[i], + &ciphersuite_info)) != 0) { + return ret; + } - if( ciphersuite_info != NULL ) + if (ciphersuite_info != NULL) { goto have_ciphersuite; + } } - - if( got_common_suite ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, " - "but none of them usable" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); +#endif + + if (got_common_suite) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got ciphersuites in common, " + "but none of them usable")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE; + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no ciphersuites in common")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } have_ciphersuite: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %s", ciphersuite_info->name)); ssl->session_negotiate->ciphersuite = ciphersuites[i]; ssl->handshake->ciphersuite_info = ciphersuite_info; @@ -2242,53 +2185,49 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif /* Debugging-only output for testsuite */ #if defined(MBEDTLS_DEBUG_C) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info ); - if( sig_alg != MBEDTLS_PK_NONE ) - { - mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", - mbedtls_ssl_hash_from_md_alg( md_alg ) ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm " - "%u - should not happen", (unsigned) sig_alg ) ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg(ciphersuite_info); + if (sig_alg != MBEDTLS_PK_NONE) { + mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_alg); + MBEDTLS_SSL_DEBUG_MSG(3, ("client hello v3, signature_algorithm ext: %d", + mbedtls_ssl_hash_from_md_alg(md_alg))); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("no hash algorithm for signature algorithm " + "%u - should not happen", (unsigned) sig_alg)); } } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client hello")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_truncated_hmac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ) - { + if (ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding truncated hmac extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_TRUNCATED_HMAC, p, 0); p += 2; *p++ = 0x00; @@ -2299,9 +2238,9 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_cid_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; size_t ext_len; @@ -2311,18 +2250,18 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, /* Skip writing the extension if we don't want to use it or if * the client hasn't offered it. */ - if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED ) + if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED) { return; + } /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX * which is at most 255, so the increment cannot overflow. */ - if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if (end < p || (size_t) (end - p) < (unsigned) (ssl->own_cid_len + 5)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding CID extension")); /* * Quoting draft-ietf-tls-dtls-connection-id-05 @@ -2331,34 +2270,31 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, * struct { * opaque cid<0..2^8-1>; * } ConnectionId; - */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_CID, p, 0 ); + */ + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_CID, p, 0); p += 2; ext_len = (size_t) ssl->own_cid_len + 1; - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2; *p++ = (uint8_t) ssl->own_cid_len; - memcpy( p, ssl->own_cid, ssl->own_cid_len ); + memcpy(p, ssl->own_cid, ssl->own_cid_len); *olen = ssl->own_cid_len + 5; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_encrypt_then_mac_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; const mbedtls_ssl_ciphersuite_t *suite = NULL; const mbedtls_cipher_info_t *cipher = NULL; - if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - *olen = 0; - return; + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED; } /* @@ -2367,18 +2303,21 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, * with Associated Data (AEAD) ciphersuite, it MUST NOT send an * encrypt-then-MAC response extension back to the client." */ - if( ( suite = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ) ) == NULL || - ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || - cipher->mode != MBEDTLS_MODE_CBC ) - { + if ((suite = mbedtls_ssl_ciphersuite_from_id( + ssl->session_negotiate->ciphersuite)) == NULL || + (cipher = mbedtls_cipher_info_from_type(suite->cipher)) == NULL || + cipher->mode != MBEDTLS_MODE_CBC) { + ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_DISABLED; + } + + if (ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding encrypt then mac extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, p, 0); p += 2; *p++ = 0x00; @@ -2389,23 +2328,22 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_extended_ms_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED || + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret " - "extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding extended master secret " + "extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, p, 0); p += 2; *p++ = 0x00; @@ -2416,21 +2354,20 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_session_ticket_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->handshake->new_session_ticket == 0 ) - { + if (ssl->handshake->new_session_ticket == 0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding session ticket extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SESSION_TICKET, p, 0); p += 2; *p++ = 0x00; @@ -2440,36 +2377,33 @@ static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION ) - { + if (ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, secure renegotiation extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RENEGOTIATION_INFO, p, 0); p += 2; #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) - { + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { *p++ = 0x00; - *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; + *p++ = (ssl->verify_data_len * 2 + 1) & 0xFF; *p++ = ssl->verify_data_len * 2 & 0xFF; - memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->peer_verify_data, ssl->verify_data_len); p += ssl->verify_data_len; - memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + memcpy(p, ssl->own_verify_data, ssl->verify_data_len); p += ssl->verify_data_len; - } - else + } else #endif /* MBEDTLS_SSL_RENEGOTIATION */ { *p++ = 0x00; @@ -2481,21 +2415,20 @@ static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; - if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) - { + if (ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, max_fragment_length extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, p, 0); p += 2; *p++ = 0x00; @@ -2509,23 +2442,22 @@ static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { unsigned char *p = buf; ((void) ssl); - if( ( ssl->handshake->cli_exts & - MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 ) - { + if ((ssl->handshake->cli_exts & + MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT) == 0) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, supported_point_formats extension")); - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, p, 0); p += 2; *p++ = 0x00; @@ -2539,9 +2471,9 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; @@ -2551,48 +2483,46 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, *olen = 0; /* Skip costly computation if not needed */ - if( ssl->handshake->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if (ssl->handshake->ciphersuite_info->key_exchange != + MBEDTLS_KEY_EXCHANGE_ECJPAKE) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, ecjpake kkpp extension")); - if( end - p < 4 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if (end - p < 4) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ECJPAKE_KKPP, p, 0); p += 2; - ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret ); + ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, + p + 2, end - p - 2, &kkpp_len, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret); return; } - MBEDTLS_PUT_UINT16_BE( kkpp_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(kkpp_len, p, 0); p += 2; *olen = kkpp_len + 4; } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_SSL_ALPN ) -static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) +#if defined(MBEDTLS_SSL_ALPN) +static void ssl_write_alpn_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, size_t *olen) { - if( ssl->alpn_chosen == NULL ) - { + if (ssl->alpn_chosen == NULL) { *olen = 0; return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding alpn extension")); /* * 0 . 1 ext identifier @@ -2601,24 +2531,24 @@ static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, * 6 . 6 protocol name length * 7 . 7+n protocol name */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_ALPN, buf, 0); - *olen = 7 + strlen( ssl->alpn_chosen ); + *olen = 7 + strlen(ssl->alpn_chosen); - MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(*olen - 4, buf, 2); - MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); + MBEDTLS_PUT_UINT16_BE(*olen - 6, buf, 4); - buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); + buf[6] = MBEDTLS_BYTE_0(*olen - 7); - memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); + memcpy(buf + 7, ssl->alpn_chosen, *olen - 7); } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_SSL_DTLS_SRTP ) && defined(MBEDTLS_SSL_PROTO_DTLS) -static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t *olen ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) && defined(MBEDTLS_SSL_PROTO_DTLS) +static void ssl_write_use_srtp_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen) { size_t mki_len = 0, ext_len = 0; uint16_t profile_value = 0; @@ -2626,16 +2556,14 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, *olen = 0; - if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) || - ( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) - { + if ((ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET)) { return; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding use_srtp extension" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, adding use_srtp extension")); - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ) - { + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED) { mki_len = ssl->dtls_srtp_info.mki_len; } @@ -2647,51 +2575,48 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, * - 1 byte for the mki length * + the actual mki length * Check we have enough room in the output buffer */ - if( (size_t)( end - buf ) < mki_len + 9 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + if ((size_t) (end - buf) < mki_len + 9) { + MBEDTLS_SSL_DEBUG_MSG(1, ("buffer too small")); return; } /* extension */ - MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0 ); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_USE_SRTP, buf, 0); /* * total length 5 and mki value: only one profile(2 bytes) * and length(2 bytes) and srtp_mki ) */ ext_len = 5 + mki_len; - MBEDTLS_PUT_UINT16_BE( ext_len, buf, 2 ); + MBEDTLS_PUT_UINT16_BE(ext_len, buf, 2); /* protection profile length: 2 */ buf[4] = 0x00; buf[5] = 0x02; profile_value = mbedtls_ssl_check_srtp_profile_value( - ssl->dtls_srtp_info.chosen_dtls_srtp_profile ); - if( profile_value != MBEDTLS_TLS_SRTP_UNSET ) - { - MBEDTLS_PUT_UINT16_BE( profile_value, buf, 6 ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "use_srtp extension invalid profile" ) ); + ssl->dtls_srtp_info.chosen_dtls_srtp_profile); + if (profile_value != MBEDTLS_TLS_SRTP_UNSET) { + MBEDTLS_PUT_UINT16_BE(profile_value, buf, 6); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("use_srtp extension invalid profile")); return; } buf[8] = mki_len & 0xFF; - memcpy( &buf[9], ssl->dtls_srtp_info.mki_value, mki_len ); + memcpy(&buf[9], ssl->dtls_srtp_info.mki_value, mki_len); *olen = 9 + mki_len; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) -static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_hello_verify_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = ssl->out_msg + 4; unsigned char *cookie_len_byte; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello verify request")); /* * struct { @@ -2702,32 +2627,30 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) /* The RFC is not clear on this point, but sending the actual negotiated * version looks like the most interoperable thing to do. */ - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p); + MBEDTLS_SSL_DEBUG_BUF(3, "server version", p, 2); p += 2; /* If we get here, f_cookie_check is not null */ - if( ssl->conf->f_cookie_write == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (ssl->conf->f_cookie_write == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("inconsistent cookie callbacks")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* Skip length byte until we know the length */ cookie_len_byte = p++; - if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie, - &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, - ssl->cli_id, ssl->cli_id_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret ); - return( ret ); + if ((ret = ssl->conf->f_cookie_write(ssl->conf->p_cookie, + &p, ssl->out_buf + MBEDTLS_SSL_OUT_BUFFER_LEN, + ssl->cli_id, ssl->cli_id_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "f_cookie_write", ret); + return ret; } - *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) ); + *cookie_len_byte = (unsigned char) (p - (cookie_len_byte + 1)); - MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte ); + MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte); ssl->out_msglen = p - ssl->out_msg; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -2735,28 +2658,26 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello verify request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) +static void ssl_handle_id_based_session_resumption(mbedtls_ssl_context *ssl) { int ret; mbedtls_ssl_session session_tmp; @@ -2764,48 +2685,53 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) /* Resume is 0 by default, see ssl_handshake_init(). * It may be already set to 1 by ssl_parse_session_ticket_ext(). */ - if( ssl->handshake->resume == 1 ) + if (ssl->handshake->resume == 1) { return; - if( session->id_len == 0 ) + } + if (session->id_len == 0) { return; - if( ssl->conf->f_get_cache == NULL ) + } + if (ssl->conf->f_get_cache == NULL) { return; + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { return; + } #endif - mbedtls_ssl_session_init( &session_tmp ); + mbedtls_ssl_session_init(&session_tmp); session_tmp.id_len = session->id_len; - memcpy( session_tmp.id, session->id, session->id_len ); + memcpy(session_tmp.id, session->id, session->id_len); - ret = ssl->conf->f_get_cache( ssl->conf->p_cache, - &session_tmp ); - if( ret != 0 ) + ret = ssl->conf->f_get_cache(ssl->conf->p_cache, + &session_tmp); + if (ret != 0) { goto exit; + } - if( session->ciphersuite != session_tmp.ciphersuite || - session->compression != session_tmp.compression ) - { + if (session->ciphersuite != session_tmp.ciphersuite || + session->compression != session_tmp.compression) { /* Mismatch between cached and negotiated session */ goto exit; } /* Move semantics */ - mbedtls_ssl_session_free( session ); + mbedtls_ssl_session_free(session); *session = session_tmp; - memset( &session_tmp, 0, sizeof( session_tmp ) ); + memset(&session_tmp, 0, sizeof(session_tmp)); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("session successfully restored from cache")); ssl->handshake->resume = 1; exit: - mbedtls_ssl_session_free( &session_tmp ); + mbedtls_ssl_session_free(&session_tmp); } -static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_server_hello(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t; @@ -2814,23 +2740,21 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) size_t olen, ext_len = 0, n; unsigned char *buf, *p; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello")); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->verify_cookie_len != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->verify_cookie_len != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("client hello was not authenticated")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello")); - return( ssl_write_hello_verify_request( ssl ) ); + return ssl_write_hello_verify_request(ssl); } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - if( ssl->conf->f_rng == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") ); - return( MBEDTLS_ERR_SSL_NO_RNG ); + if (ssl->conf->f_rng == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no RNG provided")); + return MBEDTLS_ERR_SSL_NO_RNG; } /* @@ -2843,40 +2767,41 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) buf = ssl->out_msg; p = buf + 4; - mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, - ssl->conf->transport, p ); + mbedtls_ssl_write_version(ssl->major_ver, ssl->minor_ver, + ssl->conf->transport, p); p += 2; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", - buf[4], buf[5] ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen version: [%d:%d]", + buf[4], buf[5])); #if defined(MBEDTLS_HAVE_TIME) - t = mbedtls_time( NULL ); - MBEDTLS_PUT_UINT32_BE( t, p, 0 ); + t = mbedtls_time(NULL); + MBEDTLS_PUT_UINT32_BE(t, p, 0); p += 4; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, - (long long) t ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, current time: %" MBEDTLS_PRINTF_LONGLONG, + (long long) t)); #else - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 4)) != 0) { + return ret; + } p += 4; #endif /* MBEDTLS_HAVE_TIME */ - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) { + return ret; + } p += 28; - memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + memcpy(ssl->handshake->randbytes + 32, buf + 6, 32); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, random bytes", buf + 6, 32); - ssl_handle_id_based_session_resumption( ssl ); + ssl_handle_id_based_session_resumption(ssl); - if( ssl->handshake->resume == 0 ) - { + if (ssl->handshake->resume == 0) { /* * New session, create a new session id, * unless we're about to issue a session ticket @@ -2884,36 +2809,32 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = mbedtls_time( NULL ); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - { + if (ssl->handshake->new_session_ticket != 0) { ssl->session_negotiate->id_len = n = 0; - memset( ssl->session_negotiate->id, 0, 32 ); - } - else + memset(ssl->session_negotiate->id, 0, 32); + } else #endif /* MBEDTLS_SSL_SESSION_TICKETS */ { ssl->session_negotiate->id_len = n = 32; - if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, - n ) ) != 0 ) - return( ret ); + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, ssl->session_negotiate->id, + n)) != 0) { + return ret; + } } - } - else - { + } else { /* * Resuming a session */ n = ssl->session_negotiate->id_len; ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } } @@ -2926,134 +2847,132 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) * 44+n . 43+n+m extensions */ *p++ = (unsigned char) ssl->session_negotiate->id_len; - memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len ); + memcpy(p, ssl->session_negotiate->id, ssl->session_negotiate->id_len); p += ssl->session_negotiate->id_len; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", - ssl->handshake->resume ? "a" : "no" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, session id len.: %" MBEDTLS_PRINTF_SIZET, n)); + MBEDTLS_SSL_DEBUG_BUF(3, "server hello, session id", buf + 39, n); + MBEDTLS_SSL_DEBUG_MSG(3, ("%s session has been resumed", + ssl->handshake->resume ? "a" : "no")); - MBEDTLS_PUT_UINT16_BE( ssl->session_negotiate->ciphersuite, p, 0 ); + MBEDTLS_PUT_UINT16_BE(ssl->session_negotiate->ciphersuite, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( ssl->session_negotiate->compression ); + *p++ = MBEDTLS_BYTE_0(ssl->session_negotiate->compression); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", - mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", - (unsigned int) ssl->session_negotiate->compression ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name(ssl->session_negotiate->ciphersuite))); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, compress alg.: 0x%02X", + (unsigned int) ssl->session_negotiate->compression)); /* Do not write the extensions if the protocol is SSLv3 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) ) - { + if ((ssl->major_ver != 3) || (ssl->minor_ver != 0)) { #endif /* * First write extensions, then the total length */ - ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_renegotiation_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_max_fragment_length_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_truncated_hmac_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_cid_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_encrypt_then_mac_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_extended_ms_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_session_ticket_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if ( mbedtls_ssl_ciphersuite_uses_ec( - mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) - { - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + if (mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_from_id(ssl->session_negotiate->ciphersuite))) { + ssl_write_supported_point_formats_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_ecjpake_kkpp_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_alpn_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, &olen ); + ssl_write_use_srtp_ext(ssl, p + 2 + ext_len, &olen); ext_len += olen; #endif - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, - ext_len ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, total extension length: %" MBEDTLS_PRINTF_SIZET, + ext_len)); - if( ext_len > 0 ) - { - MBEDTLS_PUT_UINT16_BE( ext_len, p, 0 ); + if (ext_len > 0) { + MBEDTLS_PUT_UINT16_BE(ext_len, p, 0); p += 2 + ext_len; } #if defined(MBEDTLS_SSL_PROTO_SSL3) - } +} #endif ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - ret = mbedtls_ssl_write_handshake_msg( ssl ); + ret = mbedtls_ssl_write_handshake_msg(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello")); - return( ret ); + return ret; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -3065,22 +2984,21 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) const mbedtls_x509_crt *crt; int authmode; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate request")); ssl->state++; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) + if (ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET) { authmode = ssl->handshake->sni_authmode; - else + } else #endif - authmode = ssl->conf->authmode; + authmode = ssl->conf->authmode; - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) || - authmode == MBEDTLS_SSL_VERIFY_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - return( 0 ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info) || + authmode == MBEDTLS_SSL_VERIFY_NONE) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate request")); + return 0; } /* @@ -3131,19 +3049,18 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) * enum { (255) } HashAlgorithm; * enum { (255) } SignatureAlgorithm; */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { const int *cur; /* * Supported signature algorithms */ - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - { - unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur ); + for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) { + unsigned char hash = mbedtls_ssl_hash_from_md_alg(*cur); - if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) ) + if (MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md(ssl, hash)) { continue; + } #if defined(MBEDTLS_RSA_C) p[2 + sa_len++] = hash; @@ -3155,7 +3072,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) #endif } - MBEDTLS_PUT_UINT16_BE( sa_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(sa_len, p, 0); sa_len += 2; p += sa_len; } @@ -3169,38 +3086,35 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) total_dn_size = 0; - if( ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED ) - { + if (ssl->conf->cert_req_ca_list == MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED) { /* NOTE: If trusted certificates are provisioned * via a CA callback (configured through * `mbedtls_ssl_conf_ca_cb()`, then the * CertificateRequest is currently left empty. */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) + if (ssl->handshake->sni_ca_chain != NULL) { crt = ssl->handshake->sni_ca_chain; - else + } else #endif - crt = ssl->conf->ca_chain; + crt = ssl->conf->ca_chain; - while( crt != NULL && crt->version != 0 ) - { + while (crt != NULL && crt->version != 0) { /* It follows from RFC 5280 A.1 that this length * can be represented in at most 11 bits. */ dn_size = (uint16_t) crt->subject_raw.len; - if( end < p || (size_t)( end - p ) < 2 + (size_t) dn_size ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) ); + if (end < p || (size_t) (end - p) < 2 + (size_t) dn_size) { + MBEDTLS_SSL_DEBUG_MSG(1, ("skipping CAs: buffer too short")); break; } - MBEDTLS_PUT_UINT16_BE( dn_size, p, 0 ); + MBEDTLS_PUT_UINT16_BE(dn_size, p, 0); p += 2; - memcpy( p, crt->subject_raw.p, dn_size ); + memcpy(p, crt->subject_raw.p, dn_size); p += dn_size; - MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size ); + MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size); total_dn_size += 2 + dn_size; crt = crt->next; @@ -3210,45 +3124,49 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msglen = p - buf; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; - MBEDTLS_PUT_UINT16_BE( total_dn_size, ssl->out_msg, 4 + ct_len + sa_len ); + MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len); - ret = mbedtls_ssl_write_handshake_msg( ssl ); + ret = mbedtls_ssl_write_handshake_msg(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate request")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_pk_context *own_key = mbedtls_ssl_own_key(ssl); - if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) ); - return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); + /* Check if the key is a transparent ECDH key. + * This also ensures that it is safe to call mbedtls_pk_ec(). */ + if (mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY && + mbedtls_pk_get_type(own_key) != MBEDTLS_PK_ECKEY_DH) { + MBEDTLS_SSL_DEBUG_MSG(1, ("server key not ECDH capable")); + return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, - mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ), - MBEDTLS_ECDH_OURS ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret ); - return( ret ); + if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, + mbedtls_pk_ec(*own_key), + MBEDTLS_ECDH_OURS)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \ defined(MBEDTLS_SSL_ASYNC_PRIVATE) -static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_resume_server_key_exchange(mbedtls_ssl_context *ssl, + size_t *signature_len) { /* Append the signature to ssl->out_msg, leaving 2 bytes for the * signature length which will be added in ssl_write_server_key_exchange @@ -3256,17 +3174,16 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, * ssl_write_server_key_exchange also takes care of incrementing * ssl->out_msglen. */ unsigned char *sig_start = ssl->out_msg + ssl->out_msglen + 2; - size_t sig_max_len = ( ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN - - sig_start ); - int ret = ssl->conf->f_async_resume( ssl, - sig_start, signature_len, sig_max_len ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { + size_t sig_max_len = (ssl->out_buf + MBEDTLS_SSL_OUT_CONTENT_LEN + - sig_start); + int ret = ssl->conf->f_async_resume(ssl, + sig_start, signature_len, sig_max_len); + if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); + mbedtls_ssl_set_async_operation_data(ssl, NULL); } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_resume_server_key_exchange", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_resume_server_key_exchange", ret); + return ret; } #endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ @@ -3274,8 +3191,9 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, /* Prepare the ServerKeyExchange message, up to and including * calculating the signature if any, but excluding formatting the * signature and sending the message. */ -static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, - size_t *signature_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_prepare_server_key_exchange(mbedtls_ssl_context *ssl, + size_t *signature_len) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; @@ -3303,8 +3221,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - ECJPAKE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; @@ -3312,11 +3229,10 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, &ssl->handshake->ecjpake_ctx, ssl->out_msg + ssl->out_msglen, MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret ); - return( ret ); + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_two", ret); + return ret; } ssl->out_msglen += len; @@ -3330,9 +3246,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, **/ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { ssl->out_msg[ssl->out_msglen++] = 0x00; ssl->out_msg[ssl->out_msglen++] = 0x00; } @@ -3343,15 +3258,13 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - DHE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_dhe(ciphersuite_info)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no DH parameters set")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* @@ -3363,22 +3276,20 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * opaque dh_Ys<1..2^16-1>; * } ServerDHParams; */ - if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx, - &ssl->conf->dhm_P, - &ssl->conf->dhm_G ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret ); - return( ret ); + if ((ret = mbedtls_dhm_set_group(&ssl->handshake->dhm_ctx, + &ssl->conf->dhm_P, + &ssl->conf->dhm_G)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_set_group", ret); + return ret; } - if( ( ret = mbedtls_dhm_make_params( - &ssl->handshake->dhm_ctx, - (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ), - ssl->out_msg + ssl->out_msglen, &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret ); - return( ret ); + if ((ret = mbedtls_dhm_make_params( + &ssl->handshake->dhm_ctx, + (int) mbedtls_mpi_size(&ssl->handshake->dhm_ctx.P), + ssl->out_msg + ssl->out_msglen, &len, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_make_params", ret); + return ret; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) @@ -3387,10 +3298,10 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen += len; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: X ", &ssl->handshake->dhm_ctx.X); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: P ", &ssl->handshake->dhm_ctx.P); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: G ", &ssl->handshake->dhm_ctx.G); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GX", &ssl->handshake->dhm_ctx.GX); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED */ @@ -3398,8 +3309,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - ECDHE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_ecdhe(ciphersuite_info)) { /* * Ephemeral ECDH parameters: * @@ -3414,35 +3324,35 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, size_t len = 0; /* Match our preference list against the offered curves */ - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - for( curve = ssl->handshake->curves; *curve != NULL; curve++ ) - if( (*curve)->grp_id == *gid ) + for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) { + for (curve = ssl->handshake->curves; *curve != NULL; curve++) { + if ((*curve)->grp_id == *gid) { goto curve_matching_done; + } + } + } curve_matching_done: - if( curve == NULL || *curve == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + if (curve == NULL || *curve == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("no matching curve for ECDHE")); + return MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("ECDHE curve: %s", (*curve)->name)); - if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, - (*curve)->grp_id ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_setup(&ssl->handshake->ecdh_ctx, + (*curve)->grp_id)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecp_group_load", ret); + return ret; } - if( ( ret = mbedtls_ecdh_make_params( - &ssl->handshake->ecdh_ctx, &len, - ssl->out_msg + ssl->out_msglen, - MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_make_params( + &ssl->handshake->ecdh_ctx, &len, + ssl->out_msg + ssl->out_msglen, + MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_make_params", ret); + return ret; } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) @@ -3451,8 +3361,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, ssl->out_msglen += len; - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Q ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q); } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED */ @@ -3463,8 +3373,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) { size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; size_t hashlen = 0; #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -3487,31 +3396,26 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) mbedtls_pk_type_t sig_alg = - mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* A: For TLS 1.2, obey signature-hash-algorithm extension * (RFC 5246, Sec. 7.4.1.4.1). */ - if( sig_alg == MBEDTLS_PK_NONE || - ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, - sig_alg ) ) == MBEDTLS_MD_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + if (sig_alg == MBEDTLS_PK_NONE || + (md_alg = mbedtls_ssl_sig_hash_set_find(&ssl->handshake->hash_algs, + sig_alg)) == MBEDTLS_MD_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); /* (... because we choose a cipher suite * only if there is a matching hash.) */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA) { /* B: Default hash SHA1 */ md_alg = MBEDTLS_MD_SHA1; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ { @@ -3519,52 +3423,49 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, md_alg = MBEDTLS_MD_NONE; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %u for signing", (unsigned) md_alg ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("pick hash algorithm %u for signing", (unsigned) md_alg)); /* * 2.2: Compute the hash to be signed */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { + defined(MBEDTLS_SSL_PROTO_TLS1_1) + if (md_alg == MBEDTLS_MD_NONE) { hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, - dig_signed, - dig_signed_len ); - if( ret != 0 ) - return( ret ); - } - else + ret = mbedtls_ssl_get_key_exchange_md_ssl_tls(ssl, hash, + dig_signed, + dig_signed_len); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( md_alg != MBEDTLS_MD_NONE ) - { - ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, - dig_signed, - dig_signed_len, - md_alg ); - if( ret != 0 ) - return( ret ); - } - else + defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (md_alg != MBEDTLS_MD_NONE) { + ret = mbedtls_ssl_get_key_exchange_md_tls1_2(ssl, hash, &hashlen, + dig_signed, + dig_signed_len, + md_alg); + if (ret != 0) { + return ret; + } + } else #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + MBEDTLS_SSL_DEBUG_BUF(3, "parameters hash", hash, hashlen); /* * 2.3: Compute and add the signature */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { /* * For TLS 1.2, we need to specify signature and hash algorithm * explicitly through a prefix to the signature. @@ -3582,40 +3483,37 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, */ ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_hash_from_md_alg( md_alg ); + mbedtls_ssl_hash_from_md_alg(md_alg); ssl->out_msg[ssl->out_msglen++] = - mbedtls_ssl_sig_from_pk_alg( sig_alg ); + mbedtls_ssl_sig_from_pk_alg(sig_alg); } #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_sign_start != NULL ) - { - ret = ssl->conf->f_async_sign_start( ssl, - mbedtls_ssl_own_cert( ssl ), - md_alg, hash, hashlen ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_sign was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_server_key_exchange( ssl, signature_len ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_sign_start", ret ); - return( ret ); + if (ssl->conf->f_async_sign_start != NULL) { + ret = ssl->conf->f_async_sign_start(ssl, + mbedtls_ssl_own_cert(ssl), + md_alg, hash, hashlen); + switch (ret) { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_sign was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return ssl_resume_server_key_exchange(ssl, signature_len); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + default: + MBEDTLS_SSL_DEBUG_RET(1, "f_async_sign_start", ret); + return ret; } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( mbedtls_ssl_own_key( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (mbedtls_ssl_own_key(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no private key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* Append the signature to ssl->out_msg, leaving 2 bytes for the @@ -3623,56 +3521,58 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * after the call to ssl_prepare_server_key_exchange. * ssl_write_server_key_exchange also takes care of incrementing * ssl->out_msglen. */ - if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), - md_alg, hash, hashlen, - ssl->out_msg + ssl->out_msglen + 2, - signature_len, - ssl->conf->f_rng, - ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); - return( ret ); + if ((ret = mbedtls_pk_sign(mbedtls_ssl_own_key(ssl), + md_alg, hash, hashlen, + ssl->out_msg + ssl->out_msglen + 2, + signature_len, + ssl->conf->f_rng, + ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret); + return ret; } } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ - return( 0 ); + return 0; } /* Prepare the ServerKeyExchange message and send it. For ciphersuites * that do not include a ServerKeyExchange message, do nothing. Either * way, if successful, move on to the next step in the SSL state * machine. */ -static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_server_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t signature_len = 0; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + ssl->handshake->ciphersuite_info; #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server key exchange")); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) /* Extract static ECDH parameters and abort if ServerKeyExchange * is not needed. */ - if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) ) - { + if (mbedtls_ssl_ciphersuite_no_pfs(ciphersuite_info)) { /* For suites involving ECDH, extract DH parameters * from certificate at this point. */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) - if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) ) - { - ssl_get_ecdh_params_from_cert( ssl ); + if (mbedtls_ssl_ciphersuite_uses_ecdh(ciphersuite_info)) { + ret = ssl_get_ecdh_params_from_cert(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_get_ecdh_params_from_cert", ret); + return ret; + } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ /* Key exchanges not involving ephemeral keys don't use * ServerKeyExchange, so end here. */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write server key exchange")); ssl->state++; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ @@ -3680,44 +3580,41 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_SSL_ASYNC_PRIVATE) /* If we have already prepared the message and there is an ongoing * signature operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming signature operation" ) ); - ret = ssl_resume_server_key_exchange( ssl, &signature_len ); - } - else + if (ssl->handshake->async_in_progress != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("resuming signature operation")); + ret = ssl_resume_server_key_exchange(ssl, &signature_len); + } else #endif /* defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && defined(MBEDTLS_SSL_ASYNC_PRIVATE) */ { /* ServerKeyExchange is needed. Prepare the message. */ - ret = ssl_prepare_server_key_exchange( ssl, &signature_len ); + ret = ssl_prepare_server_key_exchange(ssl, &signature_len); } - if( ret != 0 ) - { + if (ret != 0) { /* If we're starting to write a new message, set ssl->out_msglen * to 0. But if we're resuming after an asynchronous message, * out_msglen is the amount of data written so far and mst be * preserved. */ - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange (pending)" ) ); - else + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange (pending)")); + } else { ssl->out_msglen = 0; - return( ret ); + } + return ret; } /* If there is a signature, write its length. * ssl_prepare_server_key_exchange already wrote the signature * itself at its proper place in the output buffer. */ #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) - if( signature_len != 0 ) - { - ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1( signature_len ); - ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0( signature_len ); + if (signature_len != 0) { + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_1(signature_len); + ssl->out_msg[ssl->out_msglen++] = MBEDTLS_BYTE_0(signature_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", - ssl->out_msg + ssl->out_msglen, - signature_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "my signature", + ssl->out_msg + ssl->out_msglen, + signature_len); /* Skip over the already-written signature */ ssl->out_msglen += signature_len; @@ -3730,21 +3627,21 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); - return( 0 ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server key exchange")); + return 0; } -static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_server_hello_done(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server hello done")); ssl->out_msglen = 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -3753,34 +3650,34 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) ssl->state++; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write server hello done")); - return( 0 ); + return 0; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_client_dh_public(mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t n; @@ -3788,32 +3685,29 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * /* * Receive G^Y mod P, premaster = (G^Y)^X mod P */ - if( *p + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p + 2 > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; *p += 2; - if( *p + n > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p + n > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + if ((ret = mbedtls_dhm_read_public(&ssl->handshake->dhm_ctx, *p, n)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } *p += n; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: GY", &ssl->handshake->dhm_ctx.GY); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -3822,43 +3716,49 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -static int ssl_resume_decrypt_pms( mbedtls_ssl_context *ssl, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_resume_decrypt_pms(mbedtls_ssl_context *ssl, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize) { - int ret = ssl->conf->f_async_resume( ssl, - peer_pms, peer_pmslen, peer_pmssize ); - if( ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - { + int ret = ssl->conf->f_async_resume(ssl, + peer_pms, peer_pmslen, peer_pmssize); + if (ret != MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { ssl->handshake->async_in_progress = 0; - mbedtls_ssl_set_async_operation_data( ssl, NULL ); + mbedtls_ssl_set_async_operation_data(ssl, NULL); } - MBEDTLS_SSL_DEBUG_RET( 2, "ssl_decrypt_encrypted_pms", ret ); - return( ret ); + MBEDTLS_SSL_DEBUG_RET(2, "ssl_decrypt_encrypted_pms", ret); + return ret; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - unsigned char *peer_pms, - size_t *peer_pmslen, - size_t peer_pmssize ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_decrypt_encrypted_pms(mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + unsigned char *peer_pms, + size_t *peer_pmslen, + size_t peer_pmssize) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_pk_context *private_key = mbedtls_ssl_own_key( ssl ); - mbedtls_pk_context *public_key = &mbedtls_ssl_own_cert( ssl )->pk; - size_t len = mbedtls_pk_get_len( public_key ); + + mbedtls_x509_crt *own_cert = mbedtls_ssl_own_cert(ssl); + if (own_cert == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no local certificate")); + return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; + } + mbedtls_pk_context *public_key = &own_cert->pk; + mbedtls_pk_context *private_key = mbedtls_ssl_own_key(ssl); + size_t len = mbedtls_pk_get_len(public_key); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) /* If we have already started decoding the message and there is an ongoing * decryption operation, resume signing. */ - if( ssl->handshake->async_in_progress != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "resuming decryption operation" ) ); - return( ssl_resume_decrypt_pms( ssl, - peer_pms, peer_pmslen, peer_pmssize ) ); + if (ssl->handshake->async_in_progress != 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("resuming decryption operation")); + return ssl_resume_decrypt_pms(ssl, + peer_pms, peer_pmslen, peer_pmssize); } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ @@ -3867,74 +3767,68 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if ( p + 2 > end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0) { + if (p + 2 > end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( *p++ != MBEDTLS_BYTE_1( len ) || - *p++ != MBEDTLS_BYTE_0( len ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (*p++ != MBEDTLS_BYTE_1(len) || + *p++ != MBEDTLS_BYTE_0(len)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } } #endif - if( p + len != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p + len != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } /* * Decrypt the premaster secret */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_decrypt_start != NULL ) - { - ret = ssl->conf->f_async_decrypt_start( ssl, - mbedtls_ssl_own_cert( ssl ), - p, len ); - switch( ret ) - { - case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: - /* act as if f_async_decrypt_start was null */ - break; - case 0: - ssl->handshake->async_in_progress = 1; - return( ssl_resume_decrypt_pms( ssl, - peer_pms, - peer_pmslen, - peer_pmssize ) ); - case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: - ssl->handshake->async_in_progress = 1; - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); - default: - MBEDTLS_SSL_DEBUG_RET( 1, "f_async_decrypt_start", ret ); - return( ret ); + if (ssl->conf->f_async_decrypt_start != NULL) { + ret = ssl->conf->f_async_decrypt_start(ssl, + mbedtls_ssl_own_cert(ssl), + p, len); + switch (ret) { + case MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH: + /* act as if f_async_decrypt_start was null */ + break; + case 0: + ssl->handshake->async_in_progress = 1; + return ssl_resume_decrypt_pms(ssl, + peer_pms, + peer_pmslen, + peer_pmssize); + case MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS: + ssl->handshake->async_in_progress = 1; + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + default: + MBEDTLS_SSL_DEBUG_RET(1, "f_async_decrypt_start", ret); + return ret; } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ! mbedtls_pk_can_do( private_key, MBEDTLS_PK_RSA ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (!mbedtls_pk_can_do(private_key, MBEDTLS_PK_RSA)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no RSA private key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } - ret = mbedtls_pk_decrypt( private_key, p, len, - peer_pms, peer_pmslen, peer_pmssize, - ssl->conf->f_rng, ssl->conf->p_rng ); - return( ret ); + ret = mbedtls_pk_decrypt(private_key, p, len, + peer_pms, peer_pmslen, peer_pmssize, + ssl->conf->f_rng, ssl->conf->p_rng); + return ret; } -static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, - const unsigned char *p, - const unsigned char *end, - size_t pms_offset ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + size_t pms_offset) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *pms = ssl->handshake->premaster + pms_offset; @@ -3954,19 +3848,20 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, peer_pms[0] = peer_pms[1] = ~0; peer_pmslen = 0; - ret = ssl_decrypt_encrypted_pms( ssl, p, end, - peer_pms, - &peer_pmslen, - sizeof( peer_pms ) ); + ret = ssl_decrypt_encrypted_pms(ssl, p, end, + peer_pms, + &peer_pmslen, + sizeof(peer_pms)); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ) - return( ret ); + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) { + return ret; + } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - mbedtls_ssl_write_version( ssl->handshake->max_major_ver, - ssl->handshake->max_minor_ver, - ssl->conf->transport, ver ); + mbedtls_ssl_write_version(ssl->handshake->max_major_ver, + ssl->handshake->max_minor_ver, + ssl->conf->transport, ver); /* Avoid data-dependent branches while checking for invalid * padding, to protect against timing-based Bleichenbacher-type @@ -3977,7 +3872,7 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, diff |= peer_pms[1] ^ ver[1]; /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ - mask = mbedtls_ct_uint_mask( diff ); + mask = mbedtls_ct_uint_mask(diff); /* * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding @@ -3988,99 +3883,94 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, * successful. In particular, always generate the fake premaster secret, * regardless of whether it will ultimately influence the output or not. */ - ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) ); - if( ret != 0 ) - { + ret = ssl->conf->f_rng(ssl->conf->p_rng, fake_pms, sizeof(fake_pms)); + if (ret != 0) { /* It's ok to abort on an RNG failure, since this does not reveal * anything about the RSA decryption. */ - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_DEBUG_ALL) - if( diff != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + if (diff != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + } #endif - if( sizeof( ssl->handshake->premaster ) < pms_offset || - sizeof( ssl->handshake->premaster ) - pms_offset < 48 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if (sizeof(ssl->handshake->premaster) < pms_offset || + sizeof(ssl->handshake->premaster) - pms_offset < 48) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } ssl->handshake->pmslen = 48; /* Set pms to either the true or the fake PMS, without * data-dependent branches. */ - for( i = 0; i < ssl->handshake->pmslen; i++ ) - pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] ); + for (i = 0; i < ssl->handshake->pmslen; i++) { + pms[i] = (mask & fake_pms[i]) | ((~mask) & peer_pms[i]); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p, - const unsigned char *end ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_client_psk_identity(mbedtls_ssl_context *ssl, unsigned char **p, + const unsigned char *end) { int ret = 0; uint16_t n; - if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) ); - return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ); + if (ssl_conf_has_psk_or_cb(ssl->conf) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no pre-shared key")); + return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED; } /* * Receive client pre-shared key identity name */ - if( end - *p < 2 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (end - *p < 2) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - n = ( (*p)[0] << 8 ) | (*p)[1]; + n = ((*p)[0] << 8) | (*p)[1]; *p += 2; - if( n == 0 || n > end - *p ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (n == 0 || n > end - *p) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ssl->conf->f_psk != NULL ) - { - if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 ) + if (ssl->conf->f_psk != NULL) { + if (ssl->conf->f_psk(ssl->conf->p_psk, ssl, *p, n) != 0) { ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; - } - else - { + } + } else { /* Identity is not a big secret since clients send it in the clear, * but treat it carefully anyway, just in case */ - if( n != ssl->conf->psk_identity_len || - mbedtls_ct_memcmp( ssl->conf->psk_identity, *p, n ) != 0 ) - { + if (n != ssl->conf->psk_identity_len || + mbedtls_ct_memcmp(ssl->conf->psk_identity, *p, n) != 0) { ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } } - if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ) - { - MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ); - return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); + if (ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) { + MBEDTLS_SSL_DEBUG_BUF(3, "Unknown PSK identity", *p, n); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY); + return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; } *p += n; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ -static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; @@ -4088,323 +3978,285 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse client key exchange")); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \ - ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) ) - if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) && - ( ssl->handshake->async_in_progress != 0 ) ) - { + (defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)) + if ((ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) && + (ssl->handshake->async_in_progress != 0)) { /* We've already read a record and there is an asynchronous * operation in progress to decrypt it. So skip reading the * record. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "will resume decryption of previously-read record" ) ); - } - else + MBEDTLS_SSL_DEBUG_MSG(3, ("will resume decryption of previously-read record")); + } else #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; } - p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); + p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); end = ssl->in_msg + ssl->in_hslen; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) - { - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA) { + if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret); + return ret; } - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - ssl->handshake->premaster, - MBEDTLS_PREMASTER_SIZE, - &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + MBEDTLS_PREMASTER_SIZE, + &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS; } - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) - { - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA) { + if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, + p, end - p)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, - &ssl->handshake->pmslen, - ssl->handshake->premaster, - MBEDTLS_MPI_MAX_SIZE, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, + &ssl->handshake->pmslen, + ssl->handshake->premaster, + MBEDTLS_MPI_MAX_SIZE, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS; } - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically + /* For opaque PSKs, we perform the PSK-to-MS derivation automatically * and skip the intermediate PMS. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) ); - else + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("skip PMS generation for opaque PSK")); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if ( ssl->handshake->async_in_progress != 0 ) - { + if (ssl->handshake->async_in_progress != 0) { /* There is an asynchronous operation in progress to * decrypt the encrypted premaster secret, so skip * directly to resuming this operation. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "PSK identity already parsed" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("PSK identity already parsed")); /* Update p to skip the PSK identity. ssl_parse_encrypted_pms * won't actually use it, but maintain p anyway for robustness. */ p += ssl->conf->psk_identity_len + 2; - } - else + } else #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with RSA-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); - return( ret ); + if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 2)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_encrypted_pms"), ret); + return ret; } - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret ); - return( ret ); + if ((ret = ssl_parse_client_dh_public(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_dh_public"), ret); + return ret; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with DHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif - if( p != end ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + if (p != end) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange")); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE; } - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { - if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { + if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); + return ret; } - if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, - p, end - p ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, + p, end - p)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); + return MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP; } #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Opaque PSKs are currently only supported for PSK-only. */ - if( ssl_use_opaque_psk( ssl ) == 1 ) - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl_use_opaque_psk(ssl) == 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("opaque PSK not supported with ECDHE-PSK")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + } #endif - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_QP ); + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP); - if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); - return( ret ); + if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, + ciphersuite_info->key_exchange)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) - { - if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret ); - return( ret ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA) { + if ((ret = ssl_parse_encrypted_pms(ssl, p, end, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_parse_encrypted_pms_secret"), ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, - p, end - p ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { + ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, + p, end - p); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret); + return MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE; } - ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, - ssl->handshake->premaster, 32, &ssl->handshake->pmslen, - ssl->conf->f_rng, ssl->conf->p_rng ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret ); - return( ret ); + ret = mbedtls_ecjpake_derive_secret(&ssl->handshake->ecjpake_ctx, + ssl->handshake->premaster, 32, &ssl->handshake->pmslen, + ssl->conf->f_rng, ssl->conf->p_rng); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_derive_secret", ret); + return ret; } - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); - return( ret ); + if ((ret = mbedtls_ssl_derive_keys(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_derive_keys", ret); + return ret; } ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse client key exchange")); - return( 0 ); + return 0; } #if !defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* !MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, sig_len; @@ -4417,60 +4269,54 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) mbedtls_md_type_t md_alg; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - mbedtls_pk_context * peer_pk; + mbedtls_pk_context *peer_pk; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); - if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (!mbedtls_ssl_ciphersuite_cert_req_allowed(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( ssl->session_negotiate->peer_cert == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (ssl->session_negotiate->peer_cert == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + if (ssl->session_negotiate->peer_cert_digest == NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate verify")); ssl->state++; - return( 0 ); + return 0; } #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Read the message without adding it to the checksum */ - ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); - if( 0 != ret ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret ); - return( ret ); + ret = mbedtls_ssl_read_record(ssl, 0 /* no checksum update */); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_read_record"), ret); + return ret; } ssl->state++; /* Process the message contents */ - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || - ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE || + ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } - i = mbedtls_ssl_hs_hdr_len( ssl ); + i = mbedtls_ssl_hs_hdr_len(ssl); #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) peer_pk = &ssl->handshake->peer_pubkey; #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( ssl->session_negotiate->peer_cert == NULL ) - { + if (ssl->session_negotiate->peer_cert == NULL) { /* Should never happen */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } peer_pk = &ssl->session_negotiate->peer_cert->pk; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -4483,46 +4329,41 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { md_alg = MBEDTLS_MD_NONE; hashlen = 36; /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ - if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) ) - { + if (mbedtls_pk_can_do(peer_pk, MBEDTLS_PK_ECDSA)) { hash_start += 16; hashlen -= 16; md_alg = MBEDTLS_MD_SHA1; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + if (i + 2 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* * Hash */ - md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] ); + md_alg = mbedtls_ssl_md_alg_from_hash(ssl->in_msg[i]); - if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md(ssl, ssl->in_msg[i])) { + MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg" + " for verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } #if !defined(MBEDTLS_MD_SHA1) - if( MBEDTLS_MD_SHA1 == md_alg ) + if (MBEDTLS_MD_SHA1 == md_alg) { hash_start += 16; + } #endif /* Info from md_alg will be used instead */ @@ -4533,77 +4374,72 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) /* * Signature */ - if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) ) - == MBEDTLS_PK_NONE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" - " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if ((pk_alg = mbedtls_ssl_pk_alg_from_sig(ssl->in_msg[i])) + == MBEDTLS_PK_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("peer not adhering to requested sig_alg" + " for verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* * Check the certificate's key type matches the signature alg */ - if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (!mbedtls_pk_can_do(peer_pk, pk_alg)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("sig_alg doesn't match cert key")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } i++; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( i + 2 > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (i + 2 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } - sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; + sig_len = (ssl->in_msg[i] << 8) | ssl->in_msg[i+1]; i += 2; - if( i + sig_len != ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + if (i + sig_len != ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate verify message")); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY; } /* Calculate hash and verify signature */ { size_t dummy_hlen; - ssl->handshake->calc_verify( ssl, hash, &dummy_hlen ); + ssl->handshake->calc_verify(ssl, hash, &dummy_hlen); } - if( ( ret = mbedtls_pk_verify( peer_pk, - md_alg, hash_start, hashlen, - ssl->in_msg + i, sig_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); - return( ret ); + if ((ret = mbedtls_pk_verify(peer_pk, + md_alg, hash_start, hashlen, + ssl->in_msg + i, sig_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret); + return ret; } - mbedtls_ssl_update_handshake_status( ssl ); + mbedtls_ssl_update_handshake_status(ssl); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify")); - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) -static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_new_session_ticket(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t tlen; uint32_t lifetime; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write new session ticket")); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_NEW_SESSION_TICKET; @@ -4619,18 +4455,17 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) * 10 . 9+n ticket content */ - if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket, - ssl->session_negotiate, - ssl->out_msg + 10, - ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, - &tlen, &lifetime ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret ); + if ((ret = ssl->conf->f_ticket_write(ssl->conf->p_ticket, + ssl->session_negotiate, + ssl->out_msg + 10, + ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, + &tlen, &lifetime)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_ticket_write", ret); tlen = 0; } - MBEDTLS_PUT_UINT32_BE( lifetime, ssl->out_msg, 4 ); - MBEDTLS_PUT_UINT16_BE( tlen, ssl->out_msg, 8 ); + MBEDTLS_PUT_UINT32_BE(lifetime, ssl->out_msg, 4); + MBEDTLS_PUT_UINT16_BE(tlen, ssl->out_msg, 8); ssl->out_msglen = 10 + tlen; /* @@ -4639,44 +4474,44 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) */ ssl->handshake->new_session_ticket = 0; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ /* * SSL handshake -- server side -- single step */ -int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl) { int ret = 0; - if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("server state: %d", ssl->state)); - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_flush_output(ssl)) != 0) { + return ret; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) - { - if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING) { + if ((ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + return ret; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - switch( ssl->state ) - { + switch (ssl->state) { case MBEDTLS_SSL_HELLO_REQUEST: ssl->state = MBEDTLS_SSL_CLIENT_HELLO; break; @@ -4685,12 +4520,12 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * <== ClientHello */ case MBEDTLS_SSL_CLIENT_HELLO: - ret = ssl_parse_client_hello( ssl ); + ret = ssl_parse_client_hello(ssl); break; #if defined(MBEDTLS_SSL_PROTO_DTLS) case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: - return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ); + return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED; #endif /* @@ -4701,23 +4536,23 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * ServerHelloDone */ case MBEDTLS_SSL_SERVER_HELLO: - ret = ssl_write_server_hello( ssl ); + ret = ssl_write_server_hello(ssl); break; case MBEDTLS_SSL_SERVER_CERTIFICATE: - ret = mbedtls_ssl_write_certificate( ssl ); + ret = mbedtls_ssl_write_certificate(ssl); break; case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - ret = ssl_write_server_key_exchange( ssl ); + ret = ssl_write_server_key_exchange(ssl); break; case MBEDTLS_SSL_CERTIFICATE_REQUEST: - ret = ssl_write_certificate_request( ssl ); + ret = ssl_write_certificate_request(ssl); break; case MBEDTLS_SSL_SERVER_HELLO_DONE: - ret = ssl_write_server_hello_done( ssl ); + ret = ssl_write_server_hello_done(ssl); break; /* @@ -4728,23 +4563,23 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) * Finished */ case MBEDTLS_SSL_CLIENT_CERTIFICATE: - ret = mbedtls_ssl_parse_certificate( ssl ); + ret = mbedtls_ssl_parse_certificate(ssl); break; case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - ret = ssl_parse_client_key_exchange( ssl ); + ret = ssl_parse_client_key_exchange(ssl); break; case MBEDTLS_SSL_CERTIFICATE_VERIFY: - ret = ssl_parse_certificate_verify( ssl ); + ret = ssl_parse_certificate_verify(ssl); break; case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - ret = mbedtls_ssl_parse_change_cipher_spec( ssl ); + ret = mbedtls_ssl_parse_change_cipher_spec(ssl); break; case MBEDTLS_SSL_CLIENT_FINISHED: - ret = mbedtls_ssl_parse_finished( ssl ); + ret = mbedtls_ssl_parse_finished(ssl); break; /* @@ -4754,31 +4589,31 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) */ case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: #if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( ssl->handshake->new_session_ticket != 0 ) - ret = ssl_write_new_session_ticket( ssl ); - else + if (ssl->handshake->new_session_ticket != 0) { + ret = ssl_write_new_session_ticket(ssl); + } else #endif - ret = mbedtls_ssl_write_change_cipher_spec( ssl ); + ret = mbedtls_ssl_write_change_cipher_spec(ssl); break; case MBEDTLS_SSL_SERVER_FINISHED: - ret = mbedtls_ssl_write_finished( ssl ); + ret = mbedtls_ssl_write_finished(ssl); break; case MBEDTLS_SSL_FLUSH_BUFFERS: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("handshake: done")); ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; break; case MBEDTLS_SSL_HANDSHAKE_WRAPUP: - mbedtls_ssl_handshake_wrapup( ssl ); + mbedtls_ssl_handshake_wrapup(ssl); break; default: - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid state %d", ssl->state)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/third_party/mbedtls/repo/library/ssl_ticket.c b/third_party/mbedtls/repo/library/ssl_ticket.c index 046ed1b2ff7..f9102904660 100644 --- a/third_party/mbedtls/repo/library/ssl_ticket.c +++ b/third_party/mbedtls/repo/library/ssl_ticket.c @@ -2,32 +2,14 @@ * TLS server tickets callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_SSL_TICKET_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl_internal.h" #include "mbedtls/ssl_ticket.h" @@ -37,14 +19,14 @@ #include /* - * Initialze context + * Initialize context */ -void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) +void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); + memset(ctx, 0, sizeof(mbedtls_ssl_ticket_context)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif } @@ -55,79 +37,80 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) #define TICKET_CRYPT_LEN_BYTES 2 #define TICKET_AUTH_TAG_BYTES 16 -#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES + \ - TICKET_AUTH_TAG_BYTES ) -#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES + \ - TICKET_IV_BYTES + \ - TICKET_CRYPT_LEN_BYTES ) +#define TICKET_MIN_LEN (TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES + \ + TICKET_AUTH_TAG_BYTES) +#define TICKET_ADD_DATA_LEN (TICKET_KEY_NAME_BYTES + \ + TICKET_IV_BYTES + \ + TICKET_CRYPT_LEN_BYTES) /* * Generate/update a key */ -static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx, - unsigned char index ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx, + unsigned char index) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MAX_KEY_BYTES]; mbedtls_ssl_ticket_key *key = ctx->keys + index; #if defined(MBEDTLS_HAVE_TIME) - key->generation_time = (uint32_t) mbedtls_time( NULL ); + key->generation_time = (uint32_t) mbedtls_time(NULL); #endif - if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 ) - return( ret ); + if ((ret = ctx->f_rng(ctx->p_rng, key->name, sizeof(key->name))) != 0) { + return ret; + } - if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 ) - return( ret ); + if ((ret = ctx->f_rng(ctx->p_rng, buf, sizeof(buf))) != 0) { + return ret; + } /* With GCM and CCM, same context can encrypt & decrypt */ - ret = mbedtls_cipher_setkey( &key->ctx, buf, - mbedtls_cipher_get_key_bitlen( &key->ctx ), - MBEDTLS_ENCRYPT ); + ret = mbedtls_cipher_setkey(&key->ctx, buf, + mbedtls_cipher_get_key_bitlen(&key->ctx), + MBEDTLS_ENCRYPT); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + mbedtls_platform_zeroize(buf, sizeof(buf)); - return( ret ); + return ret; } /* * Rotate/generate keys if necessary */ -static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx) { #if !defined(MBEDTLS_HAVE_TIME) ((void) ctx); #else - if( ctx->ticket_lifetime != 0 ) - { - uint32_t current_time = (uint32_t) mbedtls_time( NULL ); + if (ctx->ticket_lifetime != 0) { + uint32_t current_time = (uint32_t) mbedtls_time(NULL); uint32_t key_time = ctx->keys[ctx->active].generation_time; - if( current_time >= key_time && - current_time - key_time < ctx->ticket_lifetime ) - { - return( 0 ); + if (current_time >= key_time && + current_time - key_time < ctx->ticket_lifetime) { + return 0; } ctx->active = 1 - ctx->active; - return( ssl_ticket_gen_key( ctx, ctx->active ) ); - } - else + return ssl_ticket_gen_key(ctx, ctx->active); + } else #endif /* MBEDTLS_HAVE_TIME */ - return( 0 ); + return 0; } /* * Setup context for actual use */ -int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - mbedtls_cipher_type_t cipher, - uint32_t lifetime ) +int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_cipher_type_t cipher, + uint32_t lifetime) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_cipher_info_t *cipher_info; @@ -137,48 +120,71 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, ctx->ticket_lifetime = lifetime; - cipher_info = mbedtls_cipher_info_from_type( cipher); - if( cipher_info == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type(cipher); + if (cipher_info == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( cipher_info->mode != MBEDTLS_MODE_GCM && - cipher_info->mode != MBEDTLS_MODE_CCM ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cipher_info->mode != MBEDTLS_MODE_GCM && + cipher_info->mode != MBEDTLS_MODE_CCM) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cipher_info->key_bitlen > 8 * MAX_KEY_BYTES) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + int do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - return( ret ); - /* We don't yet expect to support all ciphers through PSA, - * so allow fallback to ordinary mbedtls_cipher_setup(). */ - if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + ret = mbedtls_cipher_setup_psa(&ctx->keys[0].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES); + + switch (ret) { + case 0: + do_mbedtls_cipher_setup = 0; + break; + case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: + /* We don't yet expect to support all ciphers through PSA, + * so allow fallback to ordinary mbedtls_cipher_setup(). */ + do_mbedtls_cipher_setup = 1; + break; + default: + return ret; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ) - return( ret ); + if (do_mbedtls_cipher_setup) { + if ((ret = mbedtls_cipher_setup(&ctx->keys[0].ctx, cipher_info)) + != 0) { + return ret; + } + } + do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx, - cipher_info, TICKET_AUTH_TAG_BYTES ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - return( ret ); - if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) + do_mbedtls_cipher_setup = 0; + + ret = mbedtls_cipher_setup_psa(&ctx->keys[1].ctx, + cipher_info, TICKET_AUTH_TAG_BYTES); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + return ret; + } + if (ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + do_mbedtls_cipher_setup = 1; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 ) - return( ret ); + if (do_mbedtls_cipher_setup) { + if ((ret = mbedtls_cipher_setup(&ctx->keys[1].ctx, cipher_info)) + != 0) { + return ret; + } + } - if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 || - ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 ) - { - return( ret ); + if ((ret = ssl_ticket_gen_key(ctx, 0)) != 0 || + (ret = ssl_ticket_gen_key(ctx, 1)) != 0) { + return ret; } - return( 0 ); + return 0; } /* @@ -195,12 +201,12 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx, * authenticated data. */ -int mbedtls_ssl_ticket_write( void *p_ticket, - const mbedtls_ssl_session *session, - unsigned char *start, - const unsigned char *end, - size_t *tlen, - uint32_t *ticket_lifetime ) +int mbedtls_ssl_ticket_write(void *p_ticket, + const mbedtls_ssl_session *session, + unsigned char *start, + const unsigned char *end, + size_t *tlen, + uint32_t *ticket_lifetime) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_ticket_context *ctx = p_ticket; @@ -213,53 +219,54 @@ int mbedtls_ssl_ticket_write( void *p_ticket, *tlen = 0; - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->f_rng == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag, * in addition to session itself, that will be checked when writing it. */ - MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN ); + MBEDTLS_SSL_CHK_BUF_PTR(start, end, TICKET_MIN_LEN); #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + if ((ret = ssl_ticket_update_keys(ctx)) != 0) { goto cleanup; + } key = &ctx->keys[ctx->active]; *ticket_lifetime = ctx->ticket_lifetime; - memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES ); + memcpy(key_name, key->name, TICKET_KEY_NAME_BYTES); - if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 ) + if ((ret = ctx->f_rng(ctx->p_rng, iv, TICKET_IV_BYTES)) != 0) { goto cleanup; + } /* Dump session state */ - if( ( ret = mbedtls_ssl_session_save( session, - state, end - state, - &clear_len ) ) != 0 || - (unsigned long) clear_len > 65535 ) - { - goto cleanup; + if ((ret = mbedtls_ssl_session_save(session, + state, end - state, + &clear_len)) != 0 || + (unsigned long) clear_len > 65535) { + goto cleanup; } - MBEDTLS_PUT_UINT16_BE( clear_len, state_len_bytes, 0 ); + MBEDTLS_PUT_UINT16_BE(clear_len, state_len_bytes, 0); /* Encrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_encrypt_ext( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - state, clear_len, - state, end - state, &ciph_len, - TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { + if ((ret = mbedtls_cipher_auth_encrypt_ext(&key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + state, clear_len, + state, end - state, &ciph_len, + TICKET_AUTH_TAG_BYTES)) != 0) { goto cleanup; } - if( ciph_len != clear_len + TICKET_AUTH_TAG_BYTES ) - { + if (ciph_len != clear_len + TICKET_AUTH_TAG_BYTES) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto cleanup; } @@ -268,36 +275,39 @@ int mbedtls_ssl_ticket_write( void *p_ticket, cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Select key based on name */ static mbedtls_ssl_ticket_key *ssl_ticket_select_key( - mbedtls_ssl_ticket_context *ctx, - const unsigned char name[4] ) + mbedtls_ssl_ticket_context *ctx, + const unsigned char name[4]) { unsigned char i; - for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ ) - if( memcmp( name, ctx->keys[i].name, 4 ) == 0 ) - return( &ctx->keys[i] ); + for (i = 0; i < sizeof(ctx->keys) / sizeof(*ctx->keys); i++) { + if (memcmp(name, ctx->keys[i].name, 4) == 0) { + return &ctx->keys[i]; + } + } - return( NULL ); + return NULL; } /* * Load session ticket (see mbedtls_ssl_ticket_write for structure) */ -int mbedtls_ssl_ticket_parse( void *p_ticket, - mbedtls_ssl_session *session, - unsigned char *buf, - size_t len ) +int mbedtls_ssl_ticket_parse(void *p_ticket, + mbedtls_ssl_session *session, + unsigned char *buf, + size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_ticket_context *ctx = p_ticket; @@ -308,31 +318,33 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES; size_t enc_len, clear_len; - if( ctx == NULL || ctx->f_rng == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ctx == NULL || ctx->f_rng == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( len < TICKET_MIN_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (len < TICKET_MIN_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_mutex_lock(&ctx->mutex)) != 0) { + return ret; + } #endif - if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 ) + if ((ret = ssl_ticket_update_keys(ctx)) != 0) { goto cleanup; + } - enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1]; + enc_len = (enc_len_p[0] << 8) | enc_len_p[1]; - if( len != TICKET_MIN_LEN + enc_len ) - { + if (len != TICKET_MIN_LEN + enc_len) { ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; goto cleanup; } /* Select key */ - if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL ) - { + if ((key = ssl_ticket_select_key(ctx, key_name)) == NULL) { /* We can't know for sure but this is a likely option unless we're * under attack - this is only informative anyway */ ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; @@ -340,37 +352,36 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, } /* Decrypt and authenticate */ - if( ( ret = mbedtls_cipher_auth_decrypt_ext( &key->ctx, - iv, TICKET_IV_BYTES, - /* Additional data: key name, IV and length */ - key_name, TICKET_ADD_DATA_LEN, - ticket, enc_len + TICKET_AUTH_TAG_BYTES, - ticket, enc_len, &clear_len, - TICKET_AUTH_TAG_BYTES ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ) + if ((ret = mbedtls_cipher_auth_decrypt_ext(&key->ctx, + iv, TICKET_IV_BYTES, + /* Additional data: key name, IV and length */ + key_name, TICKET_ADD_DATA_LEN, + ticket, enc_len + TICKET_AUTH_TAG_BYTES, + ticket, enc_len, &clear_len, + TICKET_AUTH_TAG_BYTES)) != 0) { + if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) { ret = MBEDTLS_ERR_SSL_INVALID_MAC; + } goto cleanup; } - if( clear_len != enc_len ) - { + if (clear_len != enc_len) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto cleanup; } /* Actually load session */ - if( ( ret = mbedtls_ssl_session_load( session, ticket, clear_len ) ) != 0 ) + if ((ret = mbedtls_ssl_session_load(session, ticket, clear_len)) != 0) { goto cleanup; + } #if defined(MBEDTLS_HAVE_TIME) { /* Check for expiration */ - mbedtls_time_t current_time = mbedtls_time( NULL ); + mbedtls_time_t current_time = mbedtls_time(NULL); - if( current_time < session->start || - (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime ) - { + if (current_time < session->start || + (uint32_t) (current_time - session->start) > ctx->ticket_lifetime) { ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; goto cleanup; } @@ -379,26 +390,27 @@ int mbedtls_ssl_ticket_parse( void *p_ticket, cleanup: #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (mbedtls_mutex_unlock(&ctx->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif - return( ret ); + return ret; } /* * Free context */ -void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx ) +void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx) { - mbedtls_cipher_free( &ctx->keys[0].ctx ); - mbedtls_cipher_free( &ctx->keys[1].ctx ); + mbedtls_cipher_free(&ctx->keys[0].ctx); + mbedtls_cipher_free(&ctx->keys[1].ctx); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_free( &ctx->mutex ); + mbedtls_mutex_free(&ctx->mutex); #endif - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ssl_ticket_context)); } #endif /* MBEDTLS_SSL_TICKET_C */ diff --git a/third_party/mbedtls/repo/library/ssl_tls.c b/third_party/mbedtls/repo/library/ssl_tls.c index 2e6469de839..1a2bc7bc9eb 100644 --- a/third_party/mbedtls/repo/library/ssl_tls.c +++ b/third_party/mbedtls/repo/library/ssl_tls.c @@ -2,19 +2,7 @@ * SSLv3/TLSv1 shared functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SSL 3.0 specification was drafted by Netscape in 1996, @@ -29,13 +17,7 @@ #if defined(MBEDTLS_SSL_TLS_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif #include "mbedtls/ssl.h" #include "mbedtls/ssl_internal.h" @@ -61,93 +43,88 @@ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Top-level Connection ID API */ -int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, - size_t len, - int ignore_other_cid ) +int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, + size_t len, + int ignore_other_cid) { - if( len > MBEDTLS_SSL_CID_IN_LEN_MAX ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (len > MBEDTLS_SSL_CID_IN_LEN_MAX) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL && - ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_FAIL && + ignore_other_cid != MBEDTLS_SSL_UNEXPECTED_CID_IGNORE) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->ignore_unexpected_cid = ignore_other_cid; conf->cid_len = len; - return( 0 ); + return 0; } -int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, - int enable, - unsigned char const *own_cid, - size_t own_cid_len ) +int mbedtls_ssl_set_cid(mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len) { - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->negotiate_cid = enable; - if( enable == MBEDTLS_SSL_CID_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Disable use of CID extension." ) ); - return( 0 ); + if (enable == MBEDTLS_SSL_CID_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Disable use of CID extension.")); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Enable use of CID extension." ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Enable use of CID extension.")); + MBEDTLS_SSL_DEBUG_BUF(3, "Own CID", own_cid, own_cid_len); - if( own_cid_len != ssl->conf->cid_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "CID length %u does not match CID length %u in config", - (unsigned) own_cid_len, - (unsigned) ssl->conf->cid_len ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (own_cid_len != ssl->conf->cid_len) { + MBEDTLS_SSL_DEBUG_MSG(3, ("CID length %u does not match CID length %u in config", + (unsigned) own_cid_len, + (unsigned) ssl->conf->cid_len)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - memcpy( ssl->own_cid, own_cid, own_cid_len ); + memcpy(ssl->own_cid, own_cid, own_cid_len); /* Truncation is not an issue here because * MBEDTLS_SSL_CID_IN_LEN_MAX at most 255. */ ssl->own_cid_len = (uint8_t) own_cid_len; - return( 0 ); + return 0; } -int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, - int *enabled, - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], - size_t *peer_cid_len ) +int mbedtls_ssl_get_peer_cid(mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX], + size_t *peer_cid_len) { *enabled = MBEDTLS_SSL_CID_DISABLED; - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions * were used, but client and server requested the empty CID. * This is indistinguishable from not using the CID extension * in the first place. */ - if( ssl->transform_in->in_cid_len == 0 && - ssl->transform_in->out_cid_len == 0 ) - { - return( 0 ); + if (ssl->transform_in->in_cid_len == 0 && + ssl->transform_in->out_cid_len == 0) { + return 0; } - if( peer_cid_len != NULL ) - { + if (peer_cid_len != NULL) { *peer_cid_len = ssl->transform_in->out_cid_len; - if( peer_cid != NULL ) - { - memcpy( peer_cid, ssl->transform_in->out_cid, - ssl->transform_in->out_cid_len ); + if (peer_cid != NULL) { + memcpy(peer_cid, ssl->transform_in->out_cid, + ssl->transform_in->out_cid_len); } } *enabled = MBEDTLS_SSL_CID_ENABLED; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -162,31 +139,30 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, * } MaxFragmentLength; * and we add 0 -> extension unused */ -static unsigned int ssl_mfl_code_to_length( int mfl ) -{ - switch( mfl ) - { - case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); - case MBEDTLS_SSL_MAX_FRAG_LEN_512: - return 512; - case MBEDTLS_SSL_MAX_FRAG_LEN_1024: - return 1024; - case MBEDTLS_SSL_MAX_FRAG_LEN_2048: - return 2048; - case MBEDTLS_SSL_MAX_FRAG_LEN_4096: - return 4096; - default: - return ( MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ); +static unsigned int ssl_mfl_code_to_length(int mfl) +{ + switch (mfl) { + case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: + return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN; + case MBEDTLS_SSL_MAX_FRAG_LEN_512: + return 512; + case MBEDTLS_SSL_MAX_FRAG_LEN_1024: + return 1024; + case MBEDTLS_SSL_MAX_FRAG_LEN_2048: + return 2048; + case MBEDTLS_SSL_MAX_FRAG_LEN_4096: + return 4096; + default: + return MBEDTLS_TLS_EXT_ADV_CONTENT_LEN; } } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, - const mbedtls_ssl_session *src ) +int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst, + const mbedtls_ssl_session *src) { - mbedtls_ssl_session_free( dst ); - memcpy( dst, src, sizeof( mbedtls_ssl_session ) ); + mbedtls_ssl_session_free(dst); + memcpy(dst, src, sizeof(mbedtls_ssl_session)); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) dst->ticket = NULL; @@ -195,34 +171,33 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( src->peer_cert != NULL ) - { + if (src->peer_cert != NULL) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) ); - if( dst->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + dst->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (dst->peer_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - mbedtls_x509_crt_init( dst->peer_cert ); + mbedtls_x509_crt_init(dst->peer_cert); - if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p, - src->peer_cert->raw.len ) ) != 0 ) - { - mbedtls_free( dst->peer_cert ); + if ((ret = mbedtls_x509_crt_parse_der(dst->peer_cert, src->peer_cert->raw.p, + src->peer_cert->raw.len)) != 0) { + mbedtls_free(dst->peer_cert); dst->peer_cert = NULL; - return( ret ); + return ret; } } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( src->peer_cert_digest != NULL ) - { + if (src->peer_cert_digest != NULL) { dst->peer_cert_digest = - mbedtls_calloc( 1, src->peer_cert_digest_len ); - if( dst->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + mbedtls_calloc(1, src->peer_cert_digest_len); + if (dst->peer_cert_digest == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( dst->peer_cert_digest, src->peer_cert_digest, - src->peer_cert_digest_len ); + memcpy(dst->peer_cert_digest, src->peer_cert_digest, + src->peer_cert_digest_len); dst->peer_cert_digest_type = src->peer_cert_digest_type; dst->peer_cert_digest_len = src->peer_cert_digest_len; } @@ -231,34 +206,36 @@ int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( src->ticket != NULL ) - { - dst->ticket = mbedtls_calloc( 1, src->ticket_len ); - if( dst->ticket == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (src->ticket != NULL) { + dst->ticket = mbedtls_calloc(1, src->ticket_len); + if (dst->ticket == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( dst->ticket, src->ticket, src->ticket_len ); + memcpy(dst->ticket, src->ticket, src->ticket_len); } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) -static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_old ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old) { - unsigned char* resized_buffer = mbedtls_calloc( 1, len_new ); - if( resized_buffer == NULL ) + unsigned char *resized_buffer = mbedtls_calloc(1, len_new); + if (resized_buffer == NULL) { return -1; + } /* We want to copy len_new bytes when downsizing the buffer, and * len_old bytes when upsizing, so we choose the smaller of two sizes, * to fit one buffer into another. Size checks, ensuring that no data is * lost, are done outside of this function. */ - memcpy( resized_buffer, *buffer, - ( len_new < *len_old ) ? len_new : *len_old ); - mbedtls_platform_zeroize( *buffer, *len_old ); - mbedtls_free( *buffer ); + memcpy(resized_buffer, *buffer, + (len_new < *len_old) ? len_new : *len_old); + mbedtls_platform_zeroize(*buffer, *len_old); + mbedtls_free(*buffer); *buffer = resized_buffer; *len_old = len_new; @@ -266,60 +243,49 @@ static int resize_buffer( unsigned char **buffer, size_t len_new, size_t *len_ol return 0; } -static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, - size_t in_buf_new_len, - size_t out_buf_new_len ) +static void handle_buffer_resizing(mbedtls_ssl_context *ssl, int downsizing, + size_t in_buf_new_len, + size_t out_buf_new_len) { int modified = 0; size_t written_in = 0, iv_offset_in = 0, len_offset_in = 0; size_t written_out = 0, iv_offset_out = 0, len_offset_out = 0; - if( ssl->in_buf != NULL ) - { + if (ssl->in_buf != NULL) { written_in = ssl->in_msg - ssl->in_buf; iv_offset_in = ssl->in_iv - ssl->in_buf; len_offset_in = ssl->in_len - ssl->in_buf; - if( downsizing ? + if (downsizing ? ssl->in_buf_len > in_buf_new_len && ssl->in_left < in_buf_new_len : - ssl->in_buf_len < in_buf_new_len ) - { - if( resize_buffer( &ssl->in_buf, in_buf_new_len, &ssl->in_buf_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET, - in_buf_new_len ) ); + ssl->in_buf_len < in_buf_new_len) { + if (resize_buffer(&ssl->in_buf, in_buf_new_len, &ssl->in_buf_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("input buffer resizing failed - out of memory")); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating in_buf to %" MBEDTLS_PRINTF_SIZET, + in_buf_new_len)); modified = 1; } } } - if( ssl->out_buf != NULL ) - { + if (ssl->out_buf != NULL) { written_out = ssl->out_msg - ssl->out_buf; iv_offset_out = ssl->out_iv - ssl->out_buf; len_offset_out = ssl->out_len - ssl->out_buf; - if( downsizing ? + if (downsizing ? ssl->out_buf_len > out_buf_new_len && ssl->out_left < out_buf_new_len : - ssl->out_buf_len < out_buf_new_len ) - { - if( resize_buffer( &ssl->out_buf, out_buf_new_len, &ssl->out_buf_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET, - out_buf_new_len ) ); + ssl->out_buf_len < out_buf_new_len) { + if (resize_buffer(&ssl->out_buf, out_buf_new_len, &ssl->out_buf_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("output buffer resizing failed - out of memory")); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("Reallocating out_buf to %" MBEDTLS_PRINTF_SIZET, + out_buf_new_len)); modified = 1; } } } - if( modified ) - { + if (modified) { /* Update pointers here to avoid doing it twice. */ - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); /* Fields below might not be properly updated with record * splitting or with CID, so they are manually updated here. */ ssl->out_msg = ssl->out_buf + written_out; @@ -337,10 +303,11 @@ static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, * Key material generation */ #if defined(MBEDTLS_SSL_PROTO_SSL3) -static int ssl3_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl3_prf(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { int ret = 0; size_t i; @@ -348,10 +315,10 @@ static int ssl3_prf( const unsigned char *secret, size_t slen, mbedtls_sha1_context sha1; unsigned char padding[16]; unsigned char sha1sum[20]; - ((void)label); + ((void) label); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); /* * SSLv3: @@ -361,47 +328,56 @@ static int ssl3_prf( const unsigned char *secret, size_t slen, * MD5( secret + SHA1( 'CCC' + secret + random ) ) + * ... */ - for( i = 0; i < dlen / 16; i++ ) - { - memset( padding, (unsigned char) ('A' + i), 1 + i ); + for (i = 0; i < dlen / 16; i++) { + memset(padding, (unsigned char) ('A' + i), 1 + i); - if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 ) + if ((ret = mbedtls_sha1_starts_ret(&sha1)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, padding, 1 + i)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, secret, slen)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 ) + } + if ((ret = mbedtls_sha1_update_ret(&sha1, random, rlen)) != 0) { goto exit; - if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 ) + } + if ((ret = mbedtls_sha1_finish_ret(&sha1, sha1sum)) != 0) { goto exit; + } - if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 ) + if ((ret = mbedtls_md5_starts_ret(&md5)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5, secret, slen)) != 0) { goto exit; - if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 ) + } + if ((ret = mbedtls_md5_update_ret(&md5, sha1sum, 20)) != 0) { goto exit; - if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 ) + } + if ((ret = mbedtls_md5_finish_ret(&md5, dstbuf + i * 16)) != 0) { goto exit; + } } exit: - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padding, sizeof( padding ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_platform_zeroize(padding, sizeof(padding)); + mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum)); - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static int tls1_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int tls1_prf(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { size_t nb, hs; size_t i, j, k; @@ -413,203 +389,216 @@ static int tls1_prf( const unsigned char *secret, size_t slen, mbedtls_md_context_t md_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - tmp_len = 20 + strlen( label ) + rlen; - tmp = mbedtls_calloc( 1, tmp_len ); - if( tmp == NULL ) - { + tmp_len = 20 + strlen(label) + rlen; + tmp = mbedtls_calloc(1, tmp_len); + if (tmp == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - hs = ( slen + 1 ) / 2; + hs = (slen + 1) / 2; S1 = secret; S2 = secret + slen - hs; - nb = strlen( label ); - memcpy( tmp + 20, label, nb ); - memcpy( tmp + 20 + nb, random, rlen ); + nb = strlen(label); + memcpy(tmp + 20, label, nb); + memcpy(tmp + 20 + nb, random, rlen); nb += rlen; /* * First compute P_md5(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) - { + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_MD5)) == NULL) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; } - ret = mbedtls_md_hmac_starts( &md_ctx, S1, hs ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, S1, hs); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += 16 ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += 16) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16 + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, 4 + tmp, 16); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, 4 + tmp); + if (ret != 0) { goto exit; + } - k = ( i + 16 > dlen ) ? dlen % 16 : 16; + k = (i + 16 > dlen) ? dlen % 16 : 16; - for( j = 0; j < k; j++ ) + for (j = 0; j < k; j++) { dstbuf[i + j] = h_i[j]; + } } - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); /* * XOR out with P_sha1(secret,label+random)[0..dlen] */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) - { + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) { ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; } - ret = mbedtls_md_hmac_starts( &md_ctx, S2, hs ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, S2, hs); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + 20, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += 20 ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += 20) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20 + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, 20); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - k = ( i + 20 > dlen ) ? dlen % 20 : 20; + k = (i + 20 > dlen) ? dlen % 20 : 20; - for( j = 0; j < k; j++ ) - dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); + for (j = 0; j < k; j++) { + dstbuf[i + j] = (unsigned char) (dstbuf[i + j] ^ h_i[j]); + } } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - mbedtls_platform_zeroize( tmp, tmp_len ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + mbedtls_platform_zeroize(tmp, tmp_len); + mbedtls_platform_zeroize(h_i, sizeof(h_i)); - mbedtls_free( tmp ); - return( ret ); + mbedtls_free(tmp); + return ret; } #endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t setup_psa_key_derivation( psa_key_derivation_operation_t* derivation, - psa_key_id_t key, - psa_algorithm_t alg, - const unsigned char* seed, size_t seed_length, - const unsigned char* label, size_t label_length, - size_t capacity ) +static psa_status_t setup_psa_key_derivation(psa_key_derivation_operation_t *derivation, + psa_key_id_t key, + psa_algorithm_t alg, + const unsigned char *seed, size_t seed_length, + const unsigned char *label, size_t label_length, + size_t capacity) { psa_status_t status; - status = psa_key_derivation_setup( derivation, alg ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_setup(derivation, alg); + if (status != PSA_SUCCESS) { + return status; + } - if( PSA_ALG_IS_TLS12_PRF( alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - status = psa_key_derivation_input_bytes( derivation, - PSA_KEY_DERIVATION_INPUT_SEED, - seed, seed_length ); - if( status != PSA_SUCCESS ) - return( status ); + if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + status = psa_key_derivation_input_bytes(derivation, + PSA_KEY_DERIVATION_INPUT_SEED, + seed, seed_length); + if (status != PSA_SUCCESS) { + return status; + } - if( mbedtls_svc_key_id_is_null( key ) ) - { + if (mbedtls_svc_key_id_is_null(key)) { status = psa_key_derivation_input_bytes( derivation, PSA_KEY_DERIVATION_INPUT_SECRET, - NULL, 0 ); - } - else - { + NULL, 0); + } else { status = psa_key_derivation_input_key( - derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key ); + derivation, PSA_KEY_DERIVATION_INPUT_SECRET, key); + } + if (status != PSA_SUCCESS) { + return status; } - if( status != PSA_SUCCESS ) - return( status ); - status = psa_key_derivation_input_bytes( derivation, - PSA_KEY_DERIVATION_INPUT_LABEL, - label, label_length ); - if( status != PSA_SUCCESS ) - return( status ); - } - else - { - return( PSA_ERROR_NOT_SUPPORTED ); + status = psa_key_derivation_input_bytes(derivation, + PSA_KEY_DERIVATION_INPUT_LABEL, + label, label_length); + if (status != PSA_SUCCESS) { + return status; + } + } else { + return PSA_ERROR_NOT_SUPPORTED; } - status = psa_key_derivation_set_capacity( derivation, capacity ); - if( status != PSA_SUCCESS ) - return( status ); + status = psa_key_derivation_set_capacity(derivation, capacity); + if (status != PSA_SUCCESS) { + return status; + } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int tls_prf_generic(mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { psa_status_t status; psa_algorithm_t alg; @@ -617,10 +606,11 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; - if( md_type == MBEDTLS_MD_SHA384 ) + if (md_type == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384); - else + } else { alg = PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256); + } /* Normally a "secret" should be long enough to be impossible to * find by brute force, and in particular should not be empty. But @@ -629,61 +619,61 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, * Since the key API doesn't allow importing a key of length 0, * keep master_key=0, which setup_psa_key_derivation() understands * to mean a 0-length "secret" input. */ - if( slen != 0 ) - { + if (slen != 0) { psa_key_attributes_t key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); - - status = psa_import_key( &key_attributes, secret, slen, &master_key ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - - status = setup_psa_key_derivation( &derivation, - master_key, alg, - random, rlen, - (unsigned char const *) label, - (size_t) strlen( label ), - dlen ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); + + status = psa_import_key(&key_attributes, secret, slen, &master_key); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } } - status = psa_key_derivation_output_bytes( &derivation, dstbuf, dlen ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = setup_psa_key_derivation(&derivation, + master_key, alg, + random, rlen, + (unsigned char const *) label, + (size_t) strlen(label), + dlen); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_abort( &derivation ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( master_key ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_key_derivation_output_bytes(&derivation, dstbuf, dlen); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - if( ! mbedtls_svc_key_id_is_null( master_key ) ) - status = psa_destroy_key( master_key ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_key_derivation_abort(&derivation); + if (status != PSA_SUCCESS) { + psa_destroy_key(master_key); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } - return( 0 ); + if (!mbedtls_svc_key_id_is_null(master_key)) { + status = psa_destroy_key(master_key); + } + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + + return 0; } #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int tls_prf_generic( mbedtls_md_type_t md_type, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int tls_prf_generic(mbedtls_md_type_t md_type, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { size_t nb; size_t i, j, k, md_len; @@ -694,232 +684,240 @@ static int tls_prf_generic( mbedtls_md_type_t md_type, mbedtls_md_context_t md_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL ) - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + if ((md_info = mbedtls_md_info_from_type(md_type)) == NULL) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; + } - md_len = mbedtls_md_get_size( md_info ); + md_len = mbedtls_md_get_size(md_info); - tmp_len = md_len + strlen( label ) + rlen; - tmp = mbedtls_calloc( 1, tmp_len ); - if( tmp == NULL ) - { + tmp_len = md_len + strlen(label) + rlen; + tmp = mbedtls_calloc(1, tmp_len); + if (tmp == NULL) { ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - nb = strlen( label ); - memcpy( tmp + md_len, label, nb ); - memcpy( tmp + md_len + nb, random, rlen ); + nb = strlen(label); + memcpy(tmp + md_len, label, nb); + memcpy(tmp + md_len + nb, random, rlen); nb += rlen; /* * Compute P_(secret, label + random)[0..dlen] */ - if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) + if ((ret = mbedtls_md_setup(&md_ctx, md_info, 1)) != 0) { goto exit; + } - ret = mbedtls_md_hmac_starts( &md_ctx, secret, slen ); - if( ret != 0 ) + ret = mbedtls_md_hmac_starts(&md_ctx, secret, slen); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp + md_len, nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - for( i = 0; i < dlen; i += md_len ) - { - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + for (i = 0; i < dlen; i += md_len) { + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len + nb); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, h_i ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, h_i); + if (ret != 0) { goto exit; + } - ret = mbedtls_md_hmac_reset ( &md_ctx ); - if( ret != 0 ) + ret = mbedtls_md_hmac_reset(&md_ctx); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_update( &md_ctx, tmp, md_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_update(&md_ctx, tmp, md_len); + if (ret != 0) { goto exit; - ret = mbedtls_md_hmac_finish( &md_ctx, tmp ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_finish(&md_ctx, tmp); + if (ret != 0) { goto exit; + } - k = ( i + md_len > dlen ) ? dlen % md_len : md_len; + k = (i + md_len > dlen) ? dlen % md_len : md_len; - for( j = 0; j < k; j++ ) + for (j = 0; j < k; j++) { dstbuf[i + j] = h_i[j]; + } } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); + + if (tmp != NULL) { + mbedtls_platform_zeroize(tmp, tmp_len); + } - mbedtls_platform_zeroize( tmp, tmp_len ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); + mbedtls_platform_zeroize(h_i, sizeof(h_i)); - mbedtls_free( tmp ); + mbedtls_free(tmp); - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_SHA256_C) -static int tls_prf_sha256( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int tls_prf_sha256(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { - return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen, - label, random, rlen, dstbuf, dlen ) ); + return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen, + label, random, rlen, dstbuf, dlen); } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -static int tls_prf_sha384( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int tls_prf_sha384(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { - return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, - label, random, rlen, dstbuf, dlen ) ); + return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen, + label, random, rlen, dstbuf, dlen); } #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); +static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *, const unsigned char *, size_t); #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) -static void ssl_calc_verify_ssl( const mbedtls_ssl_context *, unsigned char *, size_t * ); -static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_calc_verify_ssl(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_ssl(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char*, size_t * ); -static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_calc_verify_tls(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char*, size_t * ); -static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); +static void ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t); +static void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int); #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); -static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * ); -static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); +static void ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t); +static void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *); +static void ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int); #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) -static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_use_opaque_psk(mbedtls_ssl_context const *ssl) { - if( ssl->conf->f_psk != NULL ) - { + if (ssl->conf->f_psk != NULL) { /* If we've used a callback to select the PSK, * the static configuration is irrelevant. */ - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } - if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) ) - return( 1 ); + if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) { + return 1; + } - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) +static mbedtls_tls_prf_types tls_prf_get_type(mbedtls_ssl_tls_prf_cb *tls_prf) { #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( tls_prf == ssl3_prf ) - { - return( MBEDTLS_SSL_TLS_PRF_SSL3 ); - } - else + if (tls_prf == ssl3_prf) { + return MBEDTLS_SSL_TLS_PRF_SSL3; + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( tls_prf == tls1_prf ) - { - return( MBEDTLS_SSL_TLS_PRF_TLS1 ); - } - else + if (tls_prf == tls1_prf) { + return MBEDTLS_SSL_TLS_PRF_TLS1; + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( tls_prf == tls_prf_sha384 ) - { - return( MBEDTLS_SSL_TLS_PRF_SHA384 ); - } - else + if (tls_prf == tls_prf_sha384) { + return MBEDTLS_SSL_TLS_PRF_SHA384; + } else #endif #if defined(MBEDTLS_SHA256_C) - if( tls_prf == tls_prf_sha256 ) - { - return( MBEDTLS_SSL_TLS_PRF_SHA256 ); - } - else + if (tls_prf == tls_prf_sha256) { + return MBEDTLS_SSL_TLS_PRF_SHA256; + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - return( MBEDTLS_SSL_TLS_PRF_NONE ); + return MBEDTLS_SSL_TLS_PRF_NONE; } #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, - const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) +int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, + const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen) { mbedtls_ssl_tls_prf_cb *tls_prf = NULL; - switch( prf ) - { + switch (prf) { #if defined(MBEDTLS_SSL_PROTO_SSL3) case MBEDTLS_SSL_TLS_PRF_SSL3: tls_prf = ssl3_prf; - break; + break; #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) case MBEDTLS_SSL_TLS_PRF_TLS1: tls_prf = tls1_prf; - break; + break; #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_SSL_TLS_PRF_SHA384: tls_prf = tls_prf_sha384; - break; + break; #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_TLS_PRF_SHA256: tls_prf = tls_prf_sha256; - break; + break; #endif /* MBEDTLS_SHA256_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - default: - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + default: + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - return( tls_prf( secret, slen, label, random, rlen, dstbuf, dlen ) ); + return tls_prf(secret, slen, label, random, rlen, dstbuf, dlen); } /* Type for the TLS PRF */ @@ -949,33 +947,35 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, * - MBEDTLS_SSL_EXPORT_KEYS: ssl->conf->{f,p}_export_keys * - MBEDTLS_DEBUG_C: ssl->conf->{f,p}_dbg */ -static int ssl_populate_transform( mbedtls_ssl_transform *transform, - int ciphersuite, - const unsigned char master[48], +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_populate_transform(mbedtls_ssl_transform *transform, + int ciphersuite, + const unsigned char master[48], #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - int encrypt_then_mac, + int encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - int trunc_hmac, + int trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - int compression, + int compression, #endif - ssl_tls_prf_t tls_prf, - const unsigned char randbytes[64], - int minor_ver, - unsigned endpoint, + ssl_tls_prf_t tls_prf, + const unsigned char randbytes[64], + int minor_ver, + unsigned endpoint, #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - const + const #endif - mbedtls_ssl_context *ssl ) + mbedtls_ssl_context *ssl) { int ret = 0; #if defined(MBEDTLS_USE_PSA_CRYPTO) int psa_fallthrough; #endif /* MBEDTLS_USE_PSA_CRYPTO */ + int do_mbedtls_cipher_setup; unsigned char keyblk[256]; unsigned char *key1; unsigned char *key2; @@ -990,6 +990,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if !defined(MBEDTLS_SSL_HW_RECORD_ACCEL) && \ !defined(MBEDTLS_SSL_EXPORT_KEYS) && \ + !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \ !defined(MBEDTLS_DEBUG_C) ssl = NULL; /* make sure we don't use it except for those cases */ (void) ssl; @@ -1005,71 +1006,66 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, transform->minor_ver = minor_ver; #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - memcpy( transform->randbytes, randbytes, sizeof( transform->randbytes ) ); + memcpy(transform->randbytes, randbytes, sizeof(transform->randbytes)); #endif /* * Get various info structures */ - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); - if( ciphersuite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found", - ciphersuite ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite); + if (ciphersuite_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("ciphersuite info for %d not found", + ciphersuite)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); - if( cipher_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found", - ciphersuite_info->cipher ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); + if (cipher_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cipher info for %u not found", + ciphersuite_info->cipher)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - md_info = mbedtls_md_info_from_type( ciphersuite_info->mac ); - if( md_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %u not found", - (unsigned) ciphersuite_info->mac ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); + if (md_info == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_md info for %u not found", + (unsigned) ciphersuite_info->mac)); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Copy own and peer's CID if the use of the CID * extension has been negotiated. */ - if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Copy CIDs into SSL transform" ) ); + if (ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Copy CIDs into SSL transform")); transform->in_cid_len = ssl->own_cid_len; - memcpy( transform->in_cid, ssl->own_cid, ssl->own_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Incoming CID", transform->in_cid, - transform->in_cid_len ); + memcpy(transform->in_cid, ssl->own_cid, ssl->own_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "Incoming CID", transform->in_cid, + transform->in_cid_len); transform->out_cid_len = ssl->handshake->peer_cid_len; - memcpy( transform->out_cid, ssl->handshake->peer_cid, - ssl->handshake->peer_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid, - transform->out_cid_len ); + memcpy(transform->out_cid, ssl->handshake->peer_cid, + ssl->handshake->peer_cid_len); + MBEDTLS_SSL_DEBUG_BUF(3, "Outgoing CID", transform->out_cid, + transform->out_cid_len); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* * Compute key block using the PRF */ - ret = tls_prf( master, 48, "key expansion", randbytes, 64, keyblk, 256 ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); + ret = tls_prf(master, 48, "key expansion", randbytes, 64, keyblk, 256); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "prf", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", - mbedtls_ssl_get_ciphersuite_name( ciphersuite ) ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", master, 48 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", randbytes, 64 ); - MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); + MBEDTLS_SSL_DEBUG_MSG(3, ("ciphersuite = %s", + mbedtls_ssl_get_ciphersuite_name(ciphersuite))); + MBEDTLS_SSL_DEBUG_BUF(3, "master secret", master, 48); + MBEDTLS_SSL_DEBUG_BUF(4, "random bytes", randbytes, 64); + MBEDTLS_SSL_DEBUG_BUF(4, "key block", keyblk, 256); /* * Determine the appropriate key, IV and MAC length. @@ -1080,10 +1076,9 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) - if( cipher_info->mode == MBEDTLS_MODE_GCM || + if (cipher_info->mode == MBEDTLS_MODE_GCM || cipher_info->mode == MBEDTLS_MODE_CCM || - cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) - { + cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) { size_t explicit_ivlen; transform->maclen = 0; @@ -1101,39 +1096,35 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, */ transform->ivlen = 12; #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { transform->fixed_ivlen = 12; - } - else + } else #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ { - if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY ) + if (cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY) { transform->fixed_ivlen = 12; - else + } else { transform->fixed_ivlen = 4; + } } /* Minimum length of encrypted record */ explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; - } - else + } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( cipher_info->mode == MBEDTLS_MODE_STREAM || - cipher_info->mode == MBEDTLS_MODE_CBC ) - { + if (cipher_info->mode == MBEDTLS_MODE_STREAM || + cipher_info->mode == MBEDTLS_MODE_CBC) { /* Initialize HMAC contexts */ - if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 || - ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + if ((ret = mbedtls_md_setup(&transform->md_ctx_enc, md_info, 1)) != 0 || + (ret = mbedtls_md_setup(&transform->md_ctx_dec, md_info, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret); goto end; } /* Get MAC length */ - mac_key_len = mbedtls_md_get_size( md_info ); + mac_key_len = mbedtls_md_get_size(md_info); transform->maclen = mac_key_len; #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) @@ -1142,8 +1133,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * (rfc 6066 page 13 or rfc 2104 section 4), * so we only need to adjust the length here. */ - if( trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED ) - { + if (trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED) { transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN; #if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) @@ -1159,10 +1149,9 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = cipher_info->iv_size; /* Minimum length */ - if( cipher_info->mode == MBEDTLS_MODE_STREAM ) + if (cipher_info->mode == MBEDTLS_MODE_STREAM) { transform->minlen = transform->maclen; - else - { + } else { /* * GenericBlockCipher: * 1. if EtM is in use: one block plus MAC @@ -1170,59 +1159,53 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * 2. IV except for SSL3 and TLS 1.0 */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED ) - { + if (encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED) { transform->minlen = transform->maclen - + cipher_info->block_size; - } - else + + cipher_info->block_size; + } else #endif { transform->minlen = transform->maclen - + cipher_info->block_size - - transform->maclen % cipher_info->block_size; + + cipher_info->block_size + - transform->maclen % cipher_info->block_size; } #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || - minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 || + minor_ver == MBEDTLS_SSL_MINOR_VERSION_1) { ; /* No need to adjust minlen */ - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || - minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || + minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { transform->minlen += transform->ivlen; - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } } - } - else + } else #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %u, minlen: %u, ivlen: %u, maclen: %u", - (unsigned) keylen, - (unsigned) transform->minlen, - (unsigned) transform->ivlen, - (unsigned) transform->maclen ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("keylen: %u, minlen: %u, ivlen: %u, maclen: %u", + (unsigned) keylen, + (unsigned) transform->minlen, + (unsigned) transform->ivlen, + (unsigned) transform->maclen)); /* * Finally setup the cipher contexts, IVs and MAC secrets. */ #if defined(MBEDTLS_SSL_CLI_C) - if( endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (endpoint == MBEDTLS_SSL_IS_CLIENT) { key1 = keyblk + mac_key_len * 2; key2 = keyblk + mac_key_len * 2 + keylen; @@ -1232,17 +1215,15 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* * This is not used in TLS v1.1. */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_enc, key2 + keylen, iv_copy_len ); - memcpy( transform->iv_dec, key2 + keylen + iv_copy_len, - iv_copy_len ); - } - else + iv_copy_len = (transform->fixed_ivlen) ? + transform->fixed_ivlen : transform->ivlen; + memcpy(transform->iv_enc, key2 + keylen, iv_copy_len); + memcpy(transform->iv_dec, key2 + keylen + iv_copy_len, + iv_copy_len); + } else #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (endpoint == MBEDTLS_SSL_IS_SERVER) { key1 = keyblk + mac_key_len * 2 + keylen; key2 = keyblk + mac_key_len * 2; @@ -1252,77 +1233,70 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* * This is not used in TLS v1.1. */ - iv_copy_len = ( transform->fixed_ivlen ) ? - transform->fixed_ivlen : transform->ivlen; - memcpy( transform->iv_dec, key1 + keylen, iv_copy_len ); - memcpy( transform->iv_enc, key1 + keylen + iv_copy_len, - iv_copy_len ); - } - else + iv_copy_len = (transform->fixed_ivlen) ? + transform->fixed_ivlen : transform->ivlen; + memcpy(transform->iv_dec, key1 + keylen, iv_copy_len); + memcpy(transform->iv_enc, key1 + keylen + iv_copy_len, + iv_copy_len); + } else #endif /* MBEDTLS_SSL_SRV_C */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( mac_key_len > sizeof( transform->mac_enc ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + if (mac_key_len > sizeof(transform->mac_enc)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } - memcpy( transform->mac_enc, mac_enc, mac_key_len ); - memcpy( transform->mac_dec, mac_dec, mac_key_len ); - } - else + memcpy(transform->mac_enc, mac_enc, mac_key_len); + memcpy(transform->mac_dec, mac_dec, mac_key_len); + } else #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1) { /* For HMAC-based ciphersuites, initialize the HMAC transforms. For AEAD-based ciphersuites, there is nothing to do here. */ - if( mac_key_len != 0 ) - { - ret = mbedtls_md_hmac_starts( &transform->md_ctx_enc, - mac_enc, mac_key_len ); - if( ret != 0 ) + if (mac_key_len != 0) { + ret = mbedtls_md_hmac_starts(&transform->md_ctx_enc, + mac_enc, mac_key_len); + if (ret != 0) { goto end; - ret = mbedtls_md_hmac_starts( &transform->md_ctx_dec, - mac_dec, mac_key_len ); - if( ret != 0 ) + } + ret = mbedtls_md_hmac_starts(&transform->md_ctx_dec, + mac_dec, mac_key_len); + if (ret != 0) { goto end; + } } - } - else + } else #endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_init != NULL ) - { + if (mbedtls_ssl_hw_record_init != NULL) { ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_init()")); - if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, keylen, - transform->iv_enc, transform->iv_dec, - iv_copy_len, - mac_enc, mac_dec, - mac_key_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret ); + if ((ret = mbedtls_ssl_hw_record_init(ssl, key1, key2, keylen, + transform->iv_enc, transform->iv_dec, + iv_copy_len, + mac_enc, mac_dec, + mac_key_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_init", ret); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto end; } @@ -1333,26 +1307,25 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( ssl->conf->f_export_keys != NULL ) - { - ssl->conf->f_export_keys( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len ); + if (ssl->conf->f_export_keys != NULL) { + ssl->conf->f_export_keys(ssl->conf->p_export_keys, + master, keyblk, + mac_key_len, keylen, + iv_copy_len); } - if( ssl->conf->f_export_keys_ext != NULL ) - { - ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys, - master, keyblk, - mac_key_len, keylen, - iv_copy_len, - randbytes + 32, - randbytes, - tls_prf_get_type( tls_prf ) ); + if (ssl->conf->f_export_keys_ext != NULL) { + ssl->conf->f_export_keys_ext(ssl->conf->p_export_keys, + master, keyblk, + mac_key_len, keylen, + iv_copy_len, + randbytes + 32, + randbytes, + tls_prf_get_type(tls_prf)); } #endif + do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Only use PSA-based ciphers for TLS-1.2. @@ -1361,42 +1334,42 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * the structure field for the IV, which the PSA-based * implementation currently doesn't. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc, - cipher_info, transform->taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_enc, + cipher_info, transform->taglen); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret); goto end; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based encryption cipher context" ) ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based encryption cipher context")); psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Failed to setup PSA-based cipher context for record encryption - fall through to default setup.")); psa_fallthrough = 1; } - } - else + } else { psa_fallthrough = 1; + } #else psa_fallthrough = 1; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( psa_fallthrough == 1 ) + if (psa_fallthrough == 0) { + do_mbedtls_cipher_setup = 0; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + if (do_mbedtls_cipher_setup && + (ret = mbedtls_cipher_setup(&transform->cipher_ctx_enc, + cipher_info)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret); goto end; } + do_mbedtls_cipher_setup = 1; #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Only use PSA-based ciphers for TLS-1.2. * That's relevant at least for TLS-1.0, where @@ -1404,72 +1377,66 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * the structure field for the IV, which the PSA-based * implementation currently doesn't. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { - ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec, - cipher_info, transform->taglen ); - if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret ); + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { + ret = mbedtls_cipher_setup_psa(&transform->cipher_ctx_dec, + cipher_info, transform->taglen); + if (ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup_psa", ret); goto end; } - if( ret == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Successfully setup PSA-based decryption cipher context" ) ); + if (ret == 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Successfully setup PSA-based decryption cipher context")); psa_fallthrough = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, + ( + "Failed to setup PSA-based cipher context for record decryption - fall through to default setup.")); psa_fallthrough = 1; } - } - else + } else { psa_fallthrough = 1; + } #else psa_fallthrough = 1; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - if( psa_fallthrough == 1 ) + if (psa_fallthrough == 0) { + do_mbedtls_cipher_setup = 0; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec, - cipher_info ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret ); + if (do_mbedtls_cipher_setup && + (ret = mbedtls_cipher_setup(&transform->cipher_ctx_dec, + cipher_info)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setup", ret); goto end; } - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1, - cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, key1, + cipher_info->key_bitlen, + MBEDTLS_ENCRYPT)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); goto end; } - if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2, - cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret ); + if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, key2, + cipher_info->key_bitlen, + MBEDTLS_DECRYPT)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); goto end; } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) - { - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + if (cipher_info->mode == MBEDTLS_MODE_CBC) { + if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_enc, + MBEDTLS_PADDING_NONE)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret); goto end; } - if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret ); + if ((ret = mbedtls_cipher_set_padding_mode(&transform->cipher_ctx_dec, + MBEDTLS_PADDING_NONE)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_set_padding_mode", ret); goto end; } } @@ -1478,18 +1445,16 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, /* Initialize Zlib contexts */ #if defined(MBEDTLS_ZLIB_SUPPORT) - if( compression == MBEDTLS_SSL_COMPRESS_DEFLATE ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); + if (compression == MBEDTLS_SSL_COMPRESS_DEFLATE) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Initializing zlib states")); - memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); - memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); + memset(&transform->ctx_deflate, 0, sizeof(transform->ctx_deflate)); + memset(&transform->ctx_inflate, 0, sizeof(transform->ctx_inflate)); - if( deflateInit( &transform->ctx_deflate, - Z_DEFAULT_COMPRESSION ) != Z_OK || - inflateInit( &transform->ctx_inflate ) != Z_OK ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); + if (deflateInit(&transform->ctx_deflate, + Z_DEFAULT_COMPRESSION) != Z_OK || + inflateInit(&transform->ctx_inflate) != Z_OK) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Failed to initialize compression")); ret = MBEDTLS_ERR_SSL_COMPRESSION_FAILED; goto end; } @@ -1497,8 +1462,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, #endif /* MBEDTLS_ZLIB_SUPPORT */ end: - mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) ); - return( ret ); + mbedtls_platform_zeroize(keyblk, sizeof(keyblk)); + return ret; } /* @@ -1511,59 +1476,52 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * Outputs: * - the tls_prf, calc_verify and calc_finished members of handshake structure */ -static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, - int minor_ver, - mbedtls_md_type_t hash ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake, + int minor_ver, + mbedtls_md_type_t hash) { #if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || \ - !( defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) ) + !(defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)) (void) hash; #endif #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { handshake->tls_prf = ssl3_prf; handshake->calc_verify = ssl_calc_verify_ssl; handshake->calc_finished = ssl_calc_finished_ssl; - } - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { handshake->tls_prf = tls1_prf; handshake->calc_verify = ssl_calc_verify_tls; handshake->calc_finished = ssl_calc_finished_tls; - } - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - hash == MBEDTLS_MD_SHA384 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && + hash == MBEDTLS_MD_SHA384) { handshake->tls_prf = tls_prf_sha384; handshake->calc_verify = ssl_calc_verify_tls_sha384; handshake->calc_finished = ssl_calc_finished_tls_sha384; - } - else + } else #endif #if defined(MBEDTLS_SHA256_C) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) - { + if (minor_ver == MBEDTLS_SSL_MINOR_VERSION_3) { handshake->tls_prf = tls_prf_sha256; handshake->calc_verify = ssl_calc_verify_tls_sha256; handshake->calc_finished = ssl_calc_finished_tls_sha256; - } - else + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( 0 ); + return 0; } /* @@ -1580,9 +1538,10 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, * EMS: passed to calc_verify (debug + (SSL3) session_negotiate) * PSA-PSA: minor_ver, conf */ -static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, - unsigned char *master, - const mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake, + unsigned char *master, + const mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1613,35 +1572,32 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, #if !defined(MBEDTLS_DEBUG_C) && \ !defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ !(defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)) + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)) ssl = NULL; /* make sure we don't use it except for those cases */ (void) ssl; #endif - if( handshake->resume != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); - return( 0 ); + if (handshake->resume != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("no premaster (session resumed)")); + return 0; } #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED ) - { + if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) { lbl = "extended master secret"; salt = session_hash; - handshake->calc_verify( ssl, session_hash, &salt_len ); + handshake->calc_verify(ssl, session_hash, &salt_len); - MBEDTLS_SSL_DEBUG_BUF( 3, "session hash for extended master secret", - session_hash, salt_len ); + MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret", + session_hash, salt_len); } #endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && + if (handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && - ssl_use_opaque_psk( ssl ) == 1 ) - { + ssl_use_opaque_psk(ssl) == 1) { /* Perform PSK-to-MS expansion in a single step. */ psa_status_t status; psa_algorithm_t alg; @@ -1650,89 +1606,85 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, PSA_KEY_DERIVATION_OPERATION_INIT; mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("perform PSA-based PSK-to-MS expansion")); - psk = mbedtls_ssl_get_opaque_psk( ssl ); + psk = mbedtls_ssl_get_opaque_psk(ssl); - if( hash_alg == MBEDTLS_MD_SHA384 ) + if (hash_alg == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + } - status = setup_psa_key_derivation( &derivation, psk, alg, - salt, salt_len, - (unsigned char const *) lbl, - (size_t) strlen( lbl ), - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = setup_psa_key_derivation(&derivation, psk, alg, + salt, salt_len, + (unsigned char const *) lbl, + (size_t) strlen(lbl), + master_secret_len); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_output_bytes( &derivation, - master, - master_secret_len ); - if( status != PSA_SUCCESS ) - { - psa_key_derivation_abort( &derivation ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + status = psa_key_derivation_output_bytes(&derivation, + master, + master_secret_len); + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(&derivation); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } - status = psa_key_derivation_abort( &derivation ); - if( status != PSA_SUCCESS ) - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); - } - else + status = psa_key_derivation_abort(&derivation); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } + } else #endif { - ret = handshake->tls_prf( handshake->premaster, handshake->pmslen, - lbl, salt, salt_len, - master, - master_secret_len ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret ); - return( ret ); + ret = handshake->tls_prf(handshake->premaster, handshake->pmslen, + lbl, salt, salt_len, + master, + master_secret_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "prf", ret); + return ret; } - MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", - handshake->premaster, - handshake->pmslen ); + MBEDTLS_SSL_DEBUG_BUF(3, "premaster secret", + handshake->premaster, + handshake->pmslen); - mbedtls_platform_zeroize( handshake->premaster, - sizeof(handshake->premaster) ); + mbedtls_platform_zeroize(handshake->premaster, + sizeof(handshake->premaster)); } - return( 0 ); + return 0; } -int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive keys")); /* Set PRF, calc_verify and calc_finished function pointers */ - ret = ssl_set_handshake_prfs( ssl->handshake, - ssl->minor_ver, - ciphersuite_info->mac ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_set_handshake_prfs", ret ); - return( ret ); + ret = ssl_set_handshake_prfs(ssl->handshake, + ssl->minor_ver, + ciphersuite_info->mac); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_set_handshake_prfs", ret); + return ret; } /* Compute master secret if needed */ - ret = ssl_compute_master( ssl->handshake, - ssl->session_negotiate->master, - ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compute_master", ret ); - return( ret ); + ret = ssl_compute_master(ssl->handshake, + ssl->session_negotiate->master, + ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_compute_master", ret); + return ret; } /* Swap the client and server random values: @@ -1740,142 +1692,139 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) * - key derivation wants server+client (RFC 5246 6.3) */ { unsigned char tmp[64]; - memcpy( tmp, ssl->handshake->randbytes, 64 ); - memcpy( ssl->handshake->randbytes, tmp + 32, 32 ); - memcpy( ssl->handshake->randbytes + 32, tmp, 32 ); - mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + memcpy(tmp, ssl->handshake->randbytes, 64); + memcpy(ssl->handshake->randbytes, tmp + 32, 32); + memcpy(ssl->handshake->randbytes + 32, tmp, 32); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); } /* Populate transform structure */ - ret = ssl_populate_transform( ssl->transform_negotiate, - ssl->session_negotiate->ciphersuite, - ssl->session_negotiate->master, + ret = ssl_populate_transform(ssl->transform_negotiate, + ssl->session_negotiate->ciphersuite, + ssl->session_negotiate->master, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session_negotiate->encrypt_then_mac, + ssl->session_negotiate->encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session_negotiate->trunc_hmac, + ssl->session_negotiate->trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - ssl->session_negotiate->compression, -#endif - ssl->handshake->tls_prf, - ssl->handshake->randbytes, - ssl->minor_ver, - ssl->conf->endpoint, - ssl ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret ); - return( ret ); + ssl->session_negotiate->compression, +#endif + ssl->handshake->tls_prf, + ssl->handshake->randbytes, + ssl->minor_ver, + ssl->conf->endpoint, + ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_populate_transform", ret); + return ret; } /* We no longer need Server/ClientHello.random values */ - mbedtls_platform_zeroize( ssl->handshake->randbytes, - sizeof( ssl->handshake->randbytes ) ); + mbedtls_platform_zeroize(ssl->handshake->randbytes, + sizeof(ssl->handshake->randbytes)); /* Allocate compression buffer */ #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE && - ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) ); - ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - if( ssl->compress_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - MBEDTLS_SSL_COMPRESS_BUFFER_LEN ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (ssl->session_negotiate->compression == MBEDTLS_SSL_COMPRESS_DEFLATE && + ssl->compress_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Allocating compression buffer")); + ssl->compress_buf = mbedtls_calloc(1, MBEDTLS_SSL_COMPRESS_BUFFER_LEN); + if (ssl->compress_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed", + MBEDTLS_SSL_COMPRESS_BUFFER_LEN)); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= derive keys")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) -void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_ssl(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { mbedtls_md5_context md5; mbedtls_sha1_context sha1; unsigned char pad_1[48]; unsigned char pad_2[48]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify ssl")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); - memset( pad_1, 0x36, 48 ); - memset( pad_2, 0x5C, 48 ); + memset(pad_1, 0x36, 48); + memset(pad_2, 0x5C, 48); - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_1, 48 ); - mbedtls_md5_finish_ret( &md5, hash ); + mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48); + mbedtls_md5_update_ret(&md5, pad_1, 48); + mbedtls_md5_finish_ret(&md5, hash); - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); - mbedtls_md5_update_ret( &md5, pad_2, 48 ); - mbedtls_md5_update_ret( &md5, hash, 16 ); - mbedtls_md5_finish_ret( &md5, hash ); + mbedtls_md5_starts_ret(&md5); + mbedtls_md5_update_ret(&md5, ssl->session_negotiate->master, 48); + mbedtls_md5_update_ret(&md5, pad_2, 48); + mbedtls_md5_update_ret(&md5, hash, 16); + mbedtls_md5_finish_ret(&md5, hash); - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_1, 40 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48); + mbedtls_sha1_update_ret(&sha1, pad_1, 40); + mbedtls_sha1_finish_ret(&sha1, hash + 16); - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 ); - mbedtls_sha1_update_ret( &sha1, pad_2, 40 ); - mbedtls_sha1_update_ret( &sha1, hash + 16, 20 ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_sha1_starts_ret(&sha1); + mbedtls_sha1_update_ret(&sha1, ssl->session_negotiate->master, 48); + mbedtls_sha1_update_ret(&sha1, pad_2, 40); + mbedtls_sha1_update_ret(&sha1, hash + 16, 20); + mbedtls_sha1_finish_ret(&sha1, hash + 16); *hlen = 36; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); return; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { mbedtls_md5_context md5; mbedtls_sha1_context sha1; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify tls")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); - mbedtls_md5_finish_ret( &md5, hash ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); + mbedtls_md5_finish_ret(&md5, hash); + mbedtls_sha1_finish_ret(&sha1, hash + 16); *hlen = 36; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); return; } @@ -1883,98 +1832,94 @@ void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; psa_status_t status; psa_hash_operation_t sha256_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha256" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha256")); + status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha256_psa, hash, 32, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha256_psa, hash, 32, &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } *hlen = 32; - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); #else mbedtls_sha256_context sha256; - mbedtls_sha256_init( &sha256 ); + mbedtls_sha256_init(&sha256); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha256")); - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); - mbedtls_sha256_finish_ret( &sha256, hash ); + mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); + mbedtls_sha256_finish_ret(&sha256, hash); *hlen = 32; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_sha256_free( &sha256 ); + mbedtls_sha256_free(&sha256); #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) +void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_size; psa_status_t status; psa_hash_operation_t sha384_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> PSA calc verify sha384" ) ); - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha384")); + status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha384_psa, hash, 48, &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha384_psa, hash, 48, &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } *hlen = 48; - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= PSA calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); #else mbedtls_sha512_context sha512; - mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_init(&sha512); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha384")); - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); - mbedtls_sha512_finish_ret( &sha512, hash ); + mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512); + mbedtls_sha512_finish_ret(&sha512, hash); *hlen = 48; - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_sha512_free( &sha512 ); + mbedtls_sha512_free(&sha512); #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } @@ -1982,22 +1927,21 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ) +int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex) { unsigned char *p = ssl->handshake->premaster; - unsigned char *end = p + sizeof( ssl->handshake->premaster ); + unsigned char *end = p + sizeof(ssl->handshake->premaster); const unsigned char *psk = NULL; size_t psk_len = 0; - if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len ) - == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED ) - { + if (mbedtls_ssl_get_psk(ssl, &psk, &psk_len) + == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) { /* * This should never happen because the existence of a PSK is always * checked before calling this function */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* @@ -2008,151 +1952,142 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch * with "other_secret" depending on the particular key exchange */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK ) - { - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (key_ex == MBEDTLS_KEY_EXCHANGE_PSK) { + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(psk_len, p, 0); p += 2; - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end < p || (size_t) (end - p) < psk_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memset( p, 0, psk_len ); + memset(p, 0, psk_len); p += psk_len; - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { /* * other_secret already set by the ClientKeyExchange message, * and is 48 bytes long */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } *p++ = 0; *p++ = 48; p += 48; - } - else + } else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; /* Write length only when we know the actual value */ - if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, - p + 2, end - ( p + 2 ), &len, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, + p + 2, end - (p + 2), &len, + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); + return ret; } - MBEDTLS_PUT_UINT16_BE( len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(len, p, 0); p += 2 + len; - MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - } - else + MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); + } else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) - { + if (key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t zlen; - if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, - p + 2, end - ( p + 2 ), - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( ret ); + if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, + p + 2, end - (p + 2), + ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); + return ret; } - MBEDTLS_PUT_UINT16_BE( zlen, p, 0 ); + MBEDTLS_PUT_UINT16_BE(zlen, p, 0); p += 2 + zlen; - MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, - MBEDTLS_DEBUG_ECDH_Z ); - } - else + MBEDTLS_SSL_DEBUG_ECDH(3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z); + } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } /* opaque psk<0..2^16-1>; */ - if( end - p < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - MBEDTLS_PUT_UINT16_BE( psk_len, p, 0 ); + MBEDTLS_PUT_UINT16_BE(psk_len, p, 0); p += 2; - if( end < p || (size_t)( end - p ) < psk_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (end < p || (size_t) (end - p) < psk_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( p, psk, psk_len ); + memcpy(p, psk, psk_len); p += psk_len; ssl->handshake->pmslen = p - ssl->handshake->premaster; - return( 0 ); + return 0; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION) -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_hello_request(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_PROTO_DTLS) -int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl) { /* If renegotiation is not enforced, retransmit until we would reach max * timeout if we were using the usual handshake doubling scheme */ - if( ssl->conf->renego_max_records < 0 ) - { + if (ssl->conf->renego_max_records < 0) { uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1; unsigned char doublings = 1; - while( ratio != 0 ) - { + while (ratio != 0) { ++doublings; ratio >>= 1; } - if( ++ssl->renego_records_seen > doublings ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) ); - return( 0 ); + if (++ssl->renego_records_seen > doublings) { + MBEDTLS_SSL_DEBUG_MSG(2, ("no longer retransmitting hello request")); + return 0; } } - return( ssl_write_hello_request( ssl ) ); + return ssl_write_hello_request(ssl); } #endif #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) +static void ssl_clear_peer_cert(mbedtls_ssl_session *session) { #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert != NULL ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); + if (session->peer_cert != NULL) { + mbedtls_x509_crt_free(session->peer_cert); + mbedtls_free(session->peer_cert); session->peer_cert = NULL; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - { + if (session->peer_cert_digest != NULL) { /* Zeroization is not necessary. */ - mbedtls_free( session->peer_cert_digest ); + mbedtls_free(session->peer_cert_digest); session->peer_cert_digest = NULL; session->peer_cert_digest_type = MBEDTLS_MD_NONE; session->peer_cert_digest_len = 0; @@ -2166,46 +2101,44 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) */ #if !defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* No certificate support -> dummy functions */ -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate")); ssl->state++; - return( 0 ); + return 0; } - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* Some certificate support -> implement write and parse */ -int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, n; @@ -2213,23 +2146,20 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - if( ssl->client_auth == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + if (ssl->client_auth == 0) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write certificate")); ssl->state++; - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) @@ -2237,32 +2167,29 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) * If using SSLv3 and got no cert, send an Alert message * (otherwise an empty Certificate message will be sent). */ - if( mbedtls_ssl_own_cert( ssl ) == NULL && - ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { + if (mbedtls_ssl_own_cert(ssl) == NULL && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { ssl->out_msglen = 2; ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT; ssl->out_msg[0] = MBEDTLS_SSL_ALERT_LEVEL_WARNING; ssl->out_msg[1] = MBEDTLS_SSL_ALERT_MSG_NO_CERT; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("got no certificate to send")); goto write_msg; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ } #endif /* MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( mbedtls_ssl_own_cert( ssl ) == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (mbedtls_ssl_own_cert(ssl) == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no certificate to send")); + return MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED; } } #endif - MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) ); + MBEDTLS_SSL_DEBUG_CRT(3, "own certificate", mbedtls_ssl_own_cert(ssl)); /* * 0 . 0 handshake type @@ -2274,30 +2201,28 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) * n+3 . ... upper level cert, etc. */ i = 7; - crt = mbedtls_ssl_own_cert( ssl ); + crt = mbedtls_ssl_own_cert(ssl); - while( crt != NULL ) - { + while (crt != NULL) { n = crt->raw.len; - if( n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %" MBEDTLS_PRINTF_SIZET - " > %" MBEDTLS_PRINTF_SIZET, - i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); + if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) { + MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + return MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE; } - ssl->out_msg[i ] = MBEDTLS_BYTE_2( n ); - ssl->out_msg[i + 1] = MBEDTLS_BYTE_1( n ); - ssl->out_msg[i + 2] = MBEDTLS_BYTE_0( n ); + ssl->out_msg[i] = MBEDTLS_BYTE_2(n); + ssl->out_msg[i + 1] = MBEDTLS_BYTE_1(n); + ssl->out_msg[i + 2] = MBEDTLS_BYTE_0(n); - i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); + i += 3; memcpy(ssl->out_msg + i, crt->raw.p, n); i += n; crt = crt->next; } - ssl->out_msg[4] = MBEDTLS_BYTE_2( i - 7 ); - ssl->out_msg[5] = MBEDTLS_BYTE_1( i - 7 ); - ssl->out_msg[6] = MBEDTLS_BYTE_0( i - 7 ); + ssl->out_msg[4] = MBEDTLS_BYTE_2(i - 7); + ssl->out_msg[5] = MBEDTLS_BYTE_1(i - 7); + ssl->out_msg[6] = MBEDTLS_BYTE_0(i - 7); ssl->out_msglen = i; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; @@ -2309,38 +2234,41 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write certificate")); - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len) { mbedtls_x509_crt const * const peer_crt = ssl->session->peer_cert; - if( peer_crt == NULL ) - return( -1 ); + if (peer_crt == NULL) { + return -1; + } - if( peer_crt->raw.len != crt_buf_len ) - return( -1 ); + if (peer_crt->raw.len != crt_buf_len) { + return -1; + } - return( memcmp( peer_crt->raw.p, crt_buf, peer_crt->raw.len ) ); + return memcmp(peer_crt->raw.p, crt_buf, peer_crt->raw.len); } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, - unsigned char *crt_buf, - size_t crt_buf_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_check_peer_crt_unchanged(mbedtls_ssl_context *ssl, + unsigned char *crt_buf, + size_t crt_buf_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char const * const peer_cert_digest = @@ -2348,22 +2276,25 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, mbedtls_md_type_t const peer_cert_digest_type = ssl->session->peer_cert_digest_type; mbedtls_md_info_t const * const digest_info = - mbedtls_md_info_from_type( peer_cert_digest_type ); + mbedtls_md_info_from_type(peer_cert_digest_type); unsigned char tmp_digest[MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN]; size_t digest_len; - if( peer_cert_digest == NULL || digest_info == NULL ) - return( -1 ); + if (peer_cert_digest == NULL || digest_info == NULL) { + return -1; + } - digest_len = mbedtls_md_get_size( digest_info ); - if( digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN ) - return( -1 ); + digest_len = mbedtls_md_get_size(digest_info); + if (digest_len > MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN) { + return -1; + } - ret = mbedtls_md( digest_info, crt_buf, crt_buf_len, tmp_digest ); - if( ret != 0 ) - return( -1 ); + ret = mbedtls_md(digest_info, crt_buf, crt_buf_len, tmp_digest); + if (ret != 0) { + return -1; + } - return( memcmp( tmp_digest, peer_cert_digest, digest_len ) ); + return memcmp(tmp_digest, peer_cert_digest, digest_len); } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ @@ -2372,125 +2303,117 @@ static int ssl_check_peer_crt_unchanged( mbedtls_ssl_context *ssl, * Once the certificate message is read, parse it into a cert chain and * perform basic checks, but leave actual verification to the caller */ -static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *chain ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *chain) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - int crt_cnt=0; + int crt_cnt = 0; #endif size_t i, n; uint8_t alert; - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || - ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || + ssl->in_hslen < mbedtls_ssl_hs_hdr_len(ssl) + 3 + 3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } - i = mbedtls_ssl_hs_hdr_len( ssl ); + i = mbedtls_ssl_hs_hdr_len(ssl); /* * Same message structure as in mbedtls_ssl_write_certificate() */ - n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2]; + n = (ssl->in_msg[i+1] << 8) | ssl->in_msg[i+2]; - if( ssl->in_msg[i] != 0 || - ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[i] != 0 || + ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ i += 3; /* Iterate through and parse the CRTs in the provided chain. */ - while( i < ssl->in_hslen ) - { + while (i < ssl->in_hslen) { /* Check that there's room for the next CRT's length fields. */ - if ( i + 3 > ssl->in_hslen ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (i + 3 > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ - if( ssl->in_msg[i] != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (ssl->in_msg[i] != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Read length of the next CRT in the chain. */ - n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) + n = ((unsigned int) ssl->in_msg[i + 1] << 8) | (unsigned int) ssl->in_msg[i + 2]; i += 3; - if( n < 128 || i + n > ssl->in_hslen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + if (n < 128 || i + n > ssl->in_hslen) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate message")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Check if we're handling the first CRT in the chain. */ #if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C) - if( crt_cnt++ == 0 && + if (crt_cnt++ == 0 && ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { /* During client-side renegotiation, check that the server's * end-CRTs hasn't changed compared to the initial handshake, * mitigating the triple handshake attack. On success, reuse * the original end-CRT instead of parsing it again. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Check that peer CRT hasn't changed during renegotiation" ) ); - if( ssl_check_peer_crt_unchanged( ssl, - &ssl->in_msg[i], - n ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Check that peer CRT hasn't changed during renegotiation")); + if (ssl_check_peer_crt_unchanged(ssl, + &ssl->in_msg[i], + n) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("new server cert during renegotiation")); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED); + return MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; } /* Now we can safely free the original chain. */ - ssl_clear_peer_cert( ssl->session ); + ssl_clear_peer_cert(ssl->session); } #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ /* Parse the next certificate in the chain. */ #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - ret = mbedtls_x509_crt_parse_der( chain, ssl->in_msg + i, n ); + ret = mbedtls_x509_crt_parse_der(chain, ssl->in_msg + i, n); #else /* If we don't need to store the CRT chain permanently, parse * it in-place from the input buffer instead of making a copy. */ - ret = mbedtls_x509_crt_parse_der_nocopy( chain, ssl->in_msg + i, n ); + ret = mbedtls_x509_crt_parse_der_nocopy(chain, ssl->in_msg + i, n); #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - switch( ret ) - { + switch (ret) { case 0: /*ok*/ case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND: /* Ignore certificate with an unknown algorithm: maybe a @@ -2507,56 +2430,55 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, default: alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - crt_parse_der_failed: - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert ); - MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret ); - return( ret ); +crt_parse_der_failed: + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert); + MBEDTLS_SSL_DEBUG_RET(1, " mbedtls_x509_crt_parse_der", ret); + return ret; } i += n; } - MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", chain ); - return( 0 ); + MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", chain); + return 0; } #if defined(MBEDTLS_SSL_SRV_C) -static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_srv_check_client_no_crt_notification(mbedtls_ssl_context *ssl) { - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - return( -1 ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + return -1; + } #if defined(MBEDTLS_SSL_PROTO_SSL3) /* * Check if the client sent an empty certificate */ - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) - { - if( ssl->in_msglen == 2 && + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { + if (ssl->in_msglen == 2 && ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT && ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING && - ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); - return( 0 ); + ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT) { + MBEDTLS_SSL_DEBUG_MSG(1, ("SSLv3 client has no certificate")); + return 0; } - return( -1 ); + return -1; } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && + if (ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len(ssl) && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && - memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); - return( 0 ); + memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), "\0\0\0", 3) == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("TLSv1 client has no certificate")); + return 0; } - return( -1 ); + return -1; #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ } @@ -2570,39 +2492,41 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) */ #define SSL_CERTIFICATE_EXPECTED 0 #define SSL_CERTIFICATE_SKIP 1 -static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, - int authmode ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_coordinate(mbedtls_ssl_context *ssl, + int authmode) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) - return( SSL_CERTIFICATE_SKIP ); + if (!mbedtls_ssl_ciphersuite_uses_srv_cert(ciphersuite_info)) { + return SSL_CERTIFICATE_SKIP; + } #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - return( SSL_CERTIFICATE_SKIP ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK) { + return SSL_CERTIFICATE_SKIP; + } - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - { + if (authmode == MBEDTLS_SSL_VERIFY_NONE) { ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY; - return( SSL_CERTIFICATE_SKIP ); + return SSL_CERTIFICATE_SKIP; } } #else ((void) authmode); #endif /* MBEDTLS_SSL_SRV_C */ - return( SSL_CERTIFICATE_EXPECTED ); + return SSL_CERTIFICATE_EXPECTED; } -static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, - int authmode, - mbedtls_x509_crt *chain, - void *rs_ctx ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, + int authmode, + mbedtls_x509_crt *chain, + void *rs_ctx) { int ret = 0; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -2612,18 +2536,16 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *); void *p_vrfy; - if( authmode == MBEDTLS_SSL_VERIFY_NONE ) - return( 0 ); + if (authmode == MBEDTLS_SSL_VERIFY_NONE) { + return 0; + } - if( ssl->f_vrfy != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use context-specific verification callback" ) ); + if (ssl->f_vrfy != NULL) { + MBEDTLS_SSL_DEBUG_MSG(3, ("Use context-specific verification callback")); f_vrfy = ssl->f_vrfy; p_vrfy = ssl->p_vrfy; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use configuration-specific verification callback" ) ); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("Use configuration-specific verification callback")); f_vrfy = ssl->conf->f_vrfy; p_vrfy = ssl->conf->p_vrfy; } @@ -2632,12 +2554,11 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * Main check: verify certificate */ #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( ssl->conf->f_ca_cb != NULL ) - { + if (ssl->conf->f_ca_cb != NULL) { ((void) rs_ctx); have_ca_chain = 1; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "use CA callback for X.509 CRT verification" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("use CA callback for X.509 CRT verification")); ret = mbedtls_x509_crt_verify_with_ca_cb( chain, ssl->conf->f_ca_cb, @@ -2645,29 +2566,27 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, ssl->conf->cert_profile, ssl->hostname, &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy ); - } - else + f_vrfy, p_vrfy); + } else #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ { mbedtls_x509_crt *ca_chain; mbedtls_x509_crl *ca_crl; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_ca_chain != NULL ) - { + if (ssl->handshake->sni_ca_chain != NULL) { ca_chain = ssl->handshake->sni_ca_chain; ca_crl = ssl->handshake->sni_ca_crl; - } - else + } else #endif { ca_chain = ssl->conf->ca_chain; ca_crl = ssl->conf->ca_crl; } - if( ca_chain != NULL ) + if (ca_chain != NULL) { have_ca_chain = 1; + } ret = mbedtls_x509_crt_verify_restartable( chain, @@ -2675,17 +2594,17 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, ssl->conf->cert_profile, ssl->hostname, &ssl->session_negotiate->verify_result, - f_vrfy, p_vrfy, rs_ctx ); + f_vrfy, p_vrfy, rs_ctx); } - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "x509_verify_cert", ret); } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); + if (ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { + return MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; + } #endif /* @@ -2696,27 +2615,29 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, { const mbedtls_pk_context *pk = &chain->pk; - /* If certificate uses an EC key, make sure the curve is OK */ - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) && - mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 ) - { + /* If certificate uses an EC key, make sure the curve is OK. + * This is a public key, so it can't be opaque, so can_do() is a good + * enough check to ensure pk_ec() is safe to use here. */ + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY) && + mbedtls_ssl_check_curve(ssl, mbedtls_pk_ec(*pk)->grp.id) != 0) { ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); - if( ret == 0 ) + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (EC key curve)")); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } } } #endif /* MBEDTLS_ECP_C */ - if( mbedtls_ssl_check_cert_usage( chain, - ciphersuite_info, - ! ssl->conf->endpoint, - &ssl->session_negotiate->verify_result ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); - if( ret == 0 ) + if (mbedtls_ssl_check_cert_usage(chain, + ciphersuite_info, + !ssl->conf->endpoint, + &ssl->session_negotiate->verify_result) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad certificate (usage extensions)")); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + } } /* mbedtls_x509_crt_verify_with_profile is supposed to report a @@ -2725,120 +2646,115 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * of error codes, including those from the user provided f_vrfy * functions, are treated as fatal and lead to a failure of * ssl_parse_certificate even if verification was optional. */ - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && - ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) - { + if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && + (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || + ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE)) { ret = 0; } - if( have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); + if (have_ca_chain == 0 && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("got no CA chain")); ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED; } - if( ret != 0 ) - { + if (ret != 0) { uint8_t alert; /* The certificate may have been rejected for several reasons. Pick one and send the corresponding alert. Which alert to send may be a subject of debate in some cases. */ - if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER ) + if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER) { alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY) { alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED) { alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED; - else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED ) + } else if (ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA; - else + } else { alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN; - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - alert ); + } + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + alert); } #if defined(MBEDTLS_DEBUG_C) - if( ssl->session_negotiate->verify_result != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %08x", - (unsigned int) ssl->session_negotiate->verify_result ) ); - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) ); + if (ssl->session_negotiate->verify_result != 0) { + MBEDTLS_SSL_DEBUG_MSG(3, ("! Certificate verification flags %08x", + (unsigned int) ssl->session_negotiate->verify_result)); + } else { + MBEDTLS_SSL_DEBUG_MSG(3, ("Certificate verification flags clear")); } #endif /* MBEDTLS_DEBUG_C */ - return( ret ); + return ret; } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) -static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_remember_peer_crt_digest(mbedtls_ssl_context *ssl, + unsigned char *start, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Remember digest of the peer's end-CRT. */ ssl->session_negotiate->peer_cert_digest = - mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); - if( ssl->session_negotiate->peer_cert_digest == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (ssl->session_negotiate->peer_cert_digest == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%d bytes) failed", + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN)); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } - ret = mbedtls_md( mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), - start, len, - ssl->session_negotiate->peer_cert_digest ); + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + start, len, + ssl->session_negotiate->peer_cert_digest); ssl->session_negotiate->peer_cert_digest_type = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; ssl->session_negotiate->peer_cert_digest_len = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; - return( ret ); + return ret; } -static int ssl_remember_peer_pubkey( mbedtls_ssl_context *ssl, - unsigned char *start, size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_remember_peer_pubkey(mbedtls_ssl_context *ssl, + unsigned char *start, size_t len) { unsigned char *end = start + len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Make a copy of the peer's raw public key. */ - mbedtls_pk_init( &ssl->handshake->peer_pubkey ); - ret = mbedtls_pk_parse_subpubkey( &start, end, - &ssl->handshake->peer_pubkey ); - if( ret != 0 ) - { + mbedtls_pk_init(&ssl->handshake->peer_pubkey); + ret = mbedtls_pk_parse_subpubkey(&start, end, + &ssl->handshake->peer_pubkey); + if (ret != 0) { /* We should have parsed the public key before. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - return( 0 ); + return 0; } #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl) { int ret = 0; int crt_expected; @@ -2852,40 +2768,37 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) void *rs_ctx = NULL; mbedtls_x509_crt *chain = NULL; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate")); - crt_expected = ssl_parse_certificate_coordinate( ssl, authmode ); - if( crt_expected == SSL_CERTIFICATE_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + crt_expected = ssl_parse_certificate_coordinate(ssl, authmode); + if (crt_expected == SSL_CERTIFICATE_SKIP) { + MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip parse certificate")); goto exit; } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled && - ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) - { + if (ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_verify) { chain = ssl->handshake->ecrs_peer_cert; ssl->handshake->ecrs_peer_cert = NULL; goto crt_verify; } #endif - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { /* mbedtls_ssl_read_record may have sent an alert already. We let it decide whether to alert. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto exit; } #if defined(MBEDTLS_SSL_SRV_C) - if( ssl_srv_check_client_no_crt_notification( ssl ) == 0 ) - { + if (ssl_srv_check_client_no_crt_notification(ssl) == 0) { ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - if( authmode != MBEDTLS_SSL_VERIFY_OPTIONAL ) + if (authmode != MBEDTLS_SSL_VERIFY_OPTIONAL) { ret = MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; + } goto exit; } @@ -2893,39 +2806,42 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) /* Clear existing peer CRT structure in case we tried to * reuse a session but it failed, and allocate a new one. */ - ssl_clear_peer_cert( ssl->session_negotiate ); + ssl_clear_peer_cert(ssl->session_negotiate); - chain = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( chain == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", - sizeof( mbedtls_x509_crt ) ) ); - mbedtls_ssl_send_alert_message( ssl, - MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + chain = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (chain == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", + sizeof(mbedtls_x509_crt))); + mbedtls_ssl_send_alert_message(ssl, + MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } - mbedtls_x509_crt_init( chain ); + mbedtls_x509_crt_init(chain); - ret = ssl_parse_certificate_chain( ssl, chain ); - if( ret != 0 ) + ret = ssl_parse_certificate_chain(ssl, chain); + if (ret != 0) { goto exit; + } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ssl->handshake->ecrs_enabled) + if (ssl->handshake->ecrs_enabled) { ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; + } crt_verify: - if( ssl->handshake->ecrs_enabled) + if (ssl->handshake->ecrs_enabled) { rs_ctx = &ssl->handshake->ecrs_ctx; + } #endif - ret = ssl_parse_certificate_verify( ssl, authmode, - chain, rs_ctx ); - if( ret != 0 ) + ret = ssl_parse_certificate_verify(ssl, authmode, + chain, rs_ctx); + if (ret != 0) { goto exit; + } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) { @@ -2945,17 +2861,19 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) /* Free the CRT structures before computing * digest and copying the peer's public key. */ - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); + mbedtls_x509_crt_free(chain); + mbedtls_free(chain); chain = NULL; - ret = ssl_remember_peer_crt_digest( ssl, crt_start, crt_len ); - if( ret != 0 ) + ret = ssl_remember_peer_crt_digest(ssl, crt_start, crt_len); + if (ret != 0) { goto exit; + } - ret = ssl_remember_peer_pubkey( ssl, pk_start, pk_len ); - if( ret != 0 ) + ret = ssl_remember_peer_pubkey(ssl, pk_start, pk_len); + if (ret != 0) { goto exit; + } } #else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Pass ownership to session structure. */ @@ -2963,108 +2881,107 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) chain = NULL; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate")); exit: - if( ret == 0 ) + if (ret == 0) { ssl->state++; + } #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { ssl->handshake->ecrs_peer_cert = chain; chain = NULL; } #endif - if( chain != NULL ) - { - mbedtls_x509_crt_free( chain ); - mbedtls_free( chain ); + if (chain != NULL) { + mbedtls_x509_crt_free(chain); + mbedtls_free(chain); } - return( ret ); + return ret; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) +void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, + const mbedtls_ssl_ciphersuite_t *ciphersuite_info) { ((void) ciphersuite_info); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) + if (ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) { ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; - else + } else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha384; - else + } else #endif #if defined(MBEDTLS_SHA256_C) - if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha256; - else + } else #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); return; } } -void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 ); + mbedtls_md5_starts_ret(&ssl->handshake->fin_md5); + mbedtls_sha1_starts_ret(&ssl->handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha256_psa ); - psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); + psa_hash_abort(&ssl->handshake->fin_sha256_psa); + psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); #else - mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); + mbedtls_sha256_starts_ret(&ssl->handshake->fin_sha256, 0); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &ssl->handshake->fin_sha384_psa ); - psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); + psa_hash_abort(&ssl->handshake->fin_sha384_psa); + psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); #else - mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 ); + mbedtls_sha512_starts_ret(&ssl->handshake->fin_sha512, 1); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } -static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_start(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); + mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len); + mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3072,35 +2989,35 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_md5sha1(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); + mbedtls_md5_update_ret(&ssl->handshake->fin_md5, buf, len); + mbedtls_sha1_update_ret(&ssl->handshake->fin_sha1, buf, len); } #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) -static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); #else - mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); + mbedtls_sha256_update_ret(&ssl->handshake->fin_sha256, buf, len); #endif } #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) -static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) +static void ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); + psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); #else - mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len ); + mbedtls_sha512_update_ret(&ssl->handshake->fin_sha512, buf, len); #endif } #endif @@ -3108,7 +3025,7 @@ static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_SSL3) static void ssl_calc_finished_ssl( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { const char *sender; mbedtls_md5_context md5; @@ -3119,16 +3036,17 @@ static void ssl_calc_finished_ssl( unsigned char sha1sum[20]; mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished ssl")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); /* * SSLv3: @@ -3140,60 +3058,60 @@ static void ssl_calc_finished_ssl( */ #if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished md5 state", (unsigned char *) + md5.state, sizeof(md5.state)); #endif #if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof(sha1.state)); #endif - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "CLNT" : "SRVR"; - memset( padbuf, 0x36, 48 ); + memset(padbuf, 0x36, 48); - mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_finish_ret( &md5, md5sum ); + mbedtls_md5_update_ret(&md5, (const unsigned char *) sender, 4); + mbedtls_md5_update_ret(&md5, session->master, 48); + mbedtls_md5_update_ret(&md5, padbuf, 48); + mbedtls_md5_finish_ret(&md5, md5sum); - mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf, 40 ); - mbedtls_sha1_finish_ret( &sha1, sha1sum ); + mbedtls_sha1_update_ret(&sha1, (const unsigned char *) sender, 4); + mbedtls_sha1_update_ret(&sha1, session->master, 48); + mbedtls_sha1_update_ret(&sha1, padbuf, 40); + mbedtls_sha1_finish_ret(&sha1, sha1sum); - memset( padbuf, 0x5C, 48 ); + memset(padbuf, 0x5C, 48); - mbedtls_md5_starts_ret( &md5 ); - mbedtls_md5_update_ret( &md5, session->master, 48 ); - mbedtls_md5_update_ret( &md5, padbuf, 48 ); - mbedtls_md5_update_ret( &md5, md5sum, 16 ); - mbedtls_md5_finish_ret( &md5, buf ); + mbedtls_md5_starts_ret(&md5); + mbedtls_md5_update_ret(&md5, session->master, 48); + mbedtls_md5_update_ret(&md5, padbuf, 48); + mbedtls_md5_update_ret(&md5, md5sum, 16); + mbedtls_md5_finish_ret(&md5, buf); - mbedtls_sha1_starts_ret( &sha1 ); - mbedtls_sha1_update_ret( &sha1, session->master, 48 ); - mbedtls_sha1_update_ret( &sha1, padbuf , 40 ); - mbedtls_sha1_update_ret( &sha1, sha1sum, 20 ); - mbedtls_sha1_finish_ret( &sha1, buf + 16 ); + mbedtls_sha1_starts_ret(&sha1); + mbedtls_sha1_update_ret(&sha1, session->master, 48); + mbedtls_sha1_update_ret(&sha1, padbuf, 40); + mbedtls_sha1_update_ret(&sha1, sha1sum, 20); + mbedtls_sha1_finish_ret(&sha1, buf + 16); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, 36); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - mbedtls_platform_zeroize( md5sum, sizeof( md5sum ) ); - mbedtls_platform_zeroize( sha1sum, sizeof( sha1sum ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); + mbedtls_platform_zeroize(md5sum, sizeof(md5sum)); + mbedtls_platform_zeroize(sha1sum, sizeof(sha1sum)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) static void ssl_calc_finished_tls( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3202,16 +3120,17 @@ static void ssl_calc_finished_tls( unsigned char padbuf[36]; mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls")); - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); + mbedtls_md5_init(&md5); + mbedtls_sha1_init(&sha1); - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); + mbedtls_md5_clone(&md5, &ssl->handshake->fin_md5); + mbedtls_sha1_clone(&sha1, &ssl->handshake->fin_sha1); /* * TLSv1: @@ -3220,40 +3139,40 @@ static void ssl_calc_finished_tls( */ #if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished md5 state", (unsigned char *) + md5.state, sizeof(md5.state)); #endif #if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof(sha1.state)); #endif - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; - mbedtls_md5_finish_ret( &md5, padbuf ); - mbedtls_sha1_finish_ret( &sha1, padbuf + 16 ); + mbedtls_md5_finish_ret(&md5, padbuf); + mbedtls_sha1_finish_ret(&sha1, padbuf + 16); - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 36, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 36, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); + mbedtls_md5_free(&md5); + mbedtls_sha1_free(&sha1); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) static void ssl_calc_finished_tls_sha256( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3267,39 +3186,38 @@ static void ssl_calc_finished_tls_sha256( #endif mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; #if defined(MBEDTLS_USE_PSA_CRYPTO) sha256_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha256")); - status = psa_hash_clone( &ssl->handshake->fin_sha256_psa, &sha256_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha256_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha256_psa, padbuf, sizeof(padbuf), &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 32 ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 32); #else - mbedtls_sha256_init( &sha256 ); + mbedtls_sha256_init(&sha256); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha256")); - mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 ); + mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); /* * TLSv1.2: @@ -3308,29 +3226,29 @@ static void ssl_calc_finished_tls_sha256( */ #if !defined(MBEDTLS_SHA256_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) - sha256.state, sizeof( sha256.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha2 state", (unsigned char *) + sha256.state, sizeof(sha256.state)); #endif - mbedtls_sha256_finish_ret( &sha256, padbuf ); - mbedtls_sha256_free( &sha256 ); + mbedtls_sha256_finish_ret(&sha256, padbuf); + mbedtls_sha256_free(&sha256); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 32, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 32, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) static void ssl_calc_finished_tls_sha384( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) + mbedtls_ssl_context *ssl, unsigned char *buf, int from) { int len = 12; const char *sender; @@ -3344,38 +3262,37 @@ static void ssl_calc_finished_tls_sha384( #endif mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) + if (!session) { session = ssl->session; + } - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) + sender = (from == MBEDTLS_SSL_IS_CLIENT) ? "client finished" : "server finished"; #if defined(MBEDTLS_USE_PSA_CRYPTO) sha384_psa = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc PSA finished tls sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha384")); - status = psa_hash_clone( &ssl->handshake->fin_sha384_psa, &sha384_psa ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash clone failed" ) ); + status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); return; } - status = psa_hash_finish( &sha384_psa, padbuf, sizeof( padbuf ), &hash_size ); - if( status != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "PSA hash finish failed" ) ); + status = psa_hash_finish(&sha384_psa, padbuf, sizeof(padbuf), &hash_size); + if (status != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); return; } - MBEDTLS_SSL_DEBUG_BUF( 3, "PSA calculated padbuf", padbuf, 48 ); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 48); #else - mbedtls_sha512_init( &sha512 ); + mbedtls_sha512_init(&sha512); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha384")); - mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 ); + mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha512); /* * TLSv1.2: @@ -3384,11 +3301,11 @@ static void ssl_calc_finished_tls_sha384( */ #if !defined(MBEDTLS_SHA512_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) - sha512.state, sizeof( sha512.state ) ); + MBEDTLS_SSL_DEBUG_BUF(4, "finished sha512 state", (unsigned char *) + sha512.state, sizeof(sha512.state)); #endif /* mbedtls_sha512_finish_ret's output parameter is declared as a - * 64-byte buffer, but sice we're using SHA-384, we know that the + * 64-byte buffer, but since we're using SHA-384, we know that the * output fits in 48 bytes. This is correct C, but GCC 11.1 warns * about it. */ @@ -3396,60 +3313,58 @@ static void ssl_calc_finished_tls_sha384( #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wstringop-overflow" #endif - mbedtls_sha512_finish_ret( &sha512, padbuf ); + mbedtls_sha512_finish_ret(&sha512, padbuf); #if defined(__GNUC__) && __GNUC__ >= 11 #pragma GCC diagnostic pop #endif - mbedtls_sha512_free( &sha512 ); + mbedtls_sha512_free(&sha512); #endif - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 48, buf, len ); + ssl->handshake->tls_prf(session->master, 48, sender, + padbuf, 48, buf, len); - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); + mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); } #endif /* MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl) { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup: final free")); /* * Free our handshake params */ - mbedtls_ssl_handshake_free( ssl ); - mbedtls_free( ssl->handshake ); + mbedtls_ssl_handshake_free(ssl); + mbedtls_free(ssl->handshake); ssl->handshake = NULL; /* - * Free the previous transform and swith in the current one + * Free the previous transform and switch in the current one */ - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); } ssl->transform = ssl->transform_negotiate; ssl->transform_negotiate = NULL; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup: final free")); } -void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl) { int resume = ssl->handshake->resume; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("=> handshake wrapup")); #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { + if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_DONE; ssl->renego_records_seen = 0; } @@ -3458,16 +3373,15 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* * Free the previous session and switch in the current one */ - if( ssl->session ) - { + if (ssl->session) { #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) /* RFC 7366 3.1: keep the EtM state */ ssl->session_negotiate->encrypt_then_mac = - ssl->session->encrypt_then_mac; + ssl->session->encrypt_then_mac; #endif - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); } ssl->session = ssl->session_negotiate; ssl->session_negotiate = NULL; @@ -3475,43 +3389,41 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) /* * Add cache entry */ - if( ssl->conf->f_set_cache != NULL && + if (ssl->conf->f_set_cache != NULL && ssl->session->id_len != 0 && - resume == 0 ) - { - if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) - MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + resume == 0) { + if (ssl->conf->f_set_cache(ssl->conf->p_cache, ssl->session) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("cache did not store session")); + } } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake->flight != NULL ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->handshake->flight != NULL) { /* Cancel handshake timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); /* Keep last flight around in case we need to resend it: * we need the handshake and transform structures for that */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) ); - } - else + MBEDTLS_SSL_DEBUG_MSG(3, ("skip freeing handshake and transform")); + } else #endif - mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl ); + mbedtls_ssl_handshake_wrapup_free_hs_transform(ssl); ssl->state++; - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("<= handshake wrapup")); } -int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) { int ret, hash_len; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write finished")); - mbedtls_ssl_update_out_pointers( ssl, ssl->transform_negotiate ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate); - ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); + ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); /* * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites @@ -3519,11 +3431,11 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) * ciphersuite does this (and this is unlikely to change as activity has * moved to TLS 1.3 now) so we can keep the hardcoded 12 here. */ - hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12; + hash_len = (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) ? 36 : 12; #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; - memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); + memcpy(ssl->own_verify_data, ssl->out_msg + 4, hash_len); #endif ssl->out_msglen = 4 + hash_len; @@ -3534,91 +3446,88 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) * In case of session resuming, invert the client and server * ChangeCipherSpec messages order. */ - if( ssl->handshake->resume != 0 ) - { + if (ssl->handshake->resume != 0) { #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; + } #endif - } - else + } else { ssl->state++; + } /* * Switch to our negotiated transform and session parameters for outbound * data. */ - MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("switching to new transform spec for outbound data")); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { unsigned char i; /* Remember current epoch settings for resending */ ssl->handshake->alt_transform_out = ssl->transform_out; - memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); + memcpy(ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8); /* Set sequence_number to zero */ - memset( ssl->cur_out_ctr + 2, 0, 6 ); + memset(ssl->cur_out_ctr + 2, 0, 6); /* Increment epoch */ - for( i = 2; i > 0; i-- ) - if( ++ssl->cur_out_ctr[i - 1] != 0 ) + for (i = 2; i > 0; i--) { + if (++ssl->cur_out_ctr[i - 1] != 0) { break; + } + } /* The loop goes to its end iff the counter is wrapping */ - if( i == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + if (i == 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("DTLS epoch would wrap")); + return MBEDTLS_ERR_SSL_COUNTER_WRAPPING; } - } - else + } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->cur_out_ctr, 0, 8 ); + memset(ssl->cur_out_ctr, 0, 8); ssl->transform_out = ssl->transform_negotiate; ssl->session_out = ssl->session_negotiate; #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_activate != NULL ) - { - if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_activate != NULL) { + if ((ret = mbedtls_ssl_hw_record_activate(ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_activate", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_send_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_send_flight_completed(ssl); + } #endif - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); - return( ret ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ret = mbedtls_ssl_flight_transmit(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_flight_transmit", ret); + return ret; } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write finished")); - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_PROTO_SSL3) @@ -3627,118 +3536,116 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) #define SSL_MAX_HASH_LEN 12 #endif -int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned int hash_len; unsigned char buf[SSL_MAX_HASH_LEN]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished")); /* There is currently no ciphersuite using another length with TLS 1.2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) - if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) + if (ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0) { hash_len = 36; - else + } else #endif - hash_len = 12; + hash_len = 12; - ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); + ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); - if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); goto exit; } - if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE); ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; goto exit; } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + if (ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || + ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + hash_len) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; goto exit; } - if( mbedtls_ct_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), - buf, hash_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); + if (mbedtls_ct_memcmp(ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl), + buf, hash_len) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad finished message")); + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR); ret = MBEDTLS_ERR_SSL_BAD_HS_FINISHED; goto exit; } #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->verify_data_len = hash_len; - memcpy( ssl->peer_verify_data, buf, hash_len ); + memcpy(ssl->peer_verify_data, buf, hash_len); #endif - if( ssl->handshake->resume != 0 ) - { + if (ssl->handshake->resume != 0) { #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC; + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP; + } #endif - } - else + } else { ssl->state++; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - mbedtls_ssl_recv_flight_completed( ssl ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + mbedtls_ssl_recv_flight_completed(ssl); + } #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse finished")); exit: - mbedtls_platform_zeroize( buf, hash_len ); - return( ret ); + mbedtls_platform_zeroize(buf, hash_len); + return ret; } -static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) +static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake) { - memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); + memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params)); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_init( &handshake->fin_md5 ); - mbedtls_sha1_init( &handshake->fin_sha1 ); - mbedtls_md5_starts_ret( &handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &handshake->fin_sha1 ); + mbedtls_md5_init(&handshake->fin_md5); + mbedtls_sha1_init(&handshake->fin_sha1); + mbedtls_md5_starts_ret(&handshake->fin_md5); + mbedtls_sha1_starts_ret(&handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha256_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 ); + psa_hash_setup(&handshake->fin_sha256_psa, PSA_ALG_SHA_256); #else - mbedtls_sha256_init( &handshake->fin_sha256 ); - mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); + mbedtls_sha256_init(&handshake->fin_sha256); + mbedtls_sha256_starts_ret(&handshake->fin_sha256, 0); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha384_psa = psa_hash_operation_init(); - psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); + psa_hash_setup(&handshake->fin_sha384_psa, PSA_ALG_SHA_384); #else - mbedtls_sha512_init( &handshake->fin_sha512 ); - mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 ); + mbedtls_sha512_init(&handshake->fin_sha512); + mbedtls_sha512_starts_ret(&handshake->fin_sha512, 1); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -3747,17 +3654,17 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) - mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs ); + mbedtls_ssl_sig_hash_set_init(&handshake->hash_algs); #endif #if defined(MBEDTLS_DHM_C) - mbedtls_dhm_init( &handshake->dhm_ctx ); + mbedtls_dhm_init(&handshake->dhm_ctx); #endif #if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_init( &handshake->ecdh_ctx ); + mbedtls_ecdh_init(&handshake->ecdh_ctx); #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_init( &handshake->ecjpake_ctx ); + mbedtls_ecjpake_init(&handshake->ecjpake_ctx); #if defined(MBEDTLS_SSL_CLI_C) handshake->ecjpake_cache = NULL; handshake->ecjpake_cache_len = 0; @@ -3765,7 +3672,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #endif #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); + mbedtls_x509_crt_restart_init(&handshake->ecrs_ctx); #endif #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -3774,108 +3681,109 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_init( &handshake->peer_pubkey ); + mbedtls_pk_init(&handshake->peer_pubkey); #endif } -void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) +void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform) { - memset( transform, 0, sizeof(mbedtls_ssl_transform) ); + memset(transform, 0, sizeof(mbedtls_ssl_transform)); - mbedtls_cipher_init( &transform->cipher_ctx_enc ); - mbedtls_cipher_init( &transform->cipher_ctx_dec ); + mbedtls_cipher_init(&transform->cipher_ctx_enc); + mbedtls_cipher_init(&transform->cipher_ctx_dec); #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - mbedtls_md_init( &transform->md_ctx_enc ); - mbedtls_md_init( &transform->md_ctx_dec ); + mbedtls_md_init(&transform->md_ctx_enc); + mbedtls_md_init(&transform->md_ctx_dec); #endif } -void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) +void mbedtls_ssl_session_init(mbedtls_ssl_session *session) { - memset( session, 0, sizeof(mbedtls_ssl_session) ); + memset(session, 0, sizeof(mbedtls_ssl_session)); } -static int ssl_handshake_init( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_handshake_init(mbedtls_ssl_context *ssl) { /* Clear old handshake information if present */ - if( ssl->transform_negotiate ) - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - if( ssl->session_negotiate ) - mbedtls_ssl_session_free( ssl->session_negotiate ); - if( ssl->handshake ) - mbedtls_ssl_handshake_free( ssl ); + if (ssl->transform_negotiate) { + mbedtls_ssl_transform_free(ssl->transform_negotiate); + } + if (ssl->session_negotiate) { + mbedtls_ssl_session_free(ssl->session_negotiate); + } + if (ssl->handshake) { + mbedtls_ssl_handshake_free(ssl); + } /* * Either the pointers are now NULL or cleared properly and can be freed. * Now allocate missing structures. */ - if( ssl->transform_negotiate == NULL ) - { - ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) ); + if (ssl->transform_negotiate == NULL) { + ssl->transform_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_transform)); } - if( ssl->session_negotiate == NULL ) - { - ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) ); + if (ssl->session_negotiate == NULL) { + ssl->session_negotiate = mbedtls_calloc(1, sizeof(mbedtls_ssl_session)); } - if( ssl->handshake == NULL ) - { - ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) ); + if (ssl->handshake == NULL) { + ssl->handshake = mbedtls_calloc(1, sizeof(mbedtls_ssl_handshake_params)); } #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* If the buffers are too small - reallocate */ - handle_buffer_resizing( ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, - MBEDTLS_SSL_OUT_BUFFER_LEN ); + handle_buffer_resizing(ssl, 0, MBEDTLS_SSL_IN_BUFFER_LEN, + MBEDTLS_SSL_OUT_BUFFER_LEN); #endif /* All pointers should exist and can be directly freed without issue */ - if( ssl->handshake == NULL || + if (ssl->handshake == NULL || ssl->transform_negotiate == NULL || - ssl->session_negotiate == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) ); + ssl->session_negotiate == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc() of ssl sub-contexts failed")); - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); + mbedtls_free(ssl->handshake); + mbedtls_free(ssl->transform_negotiate); + mbedtls_free(ssl->session_negotiate); ssl->handshake = NULL; ssl->transform_negotiate = NULL; ssl->session_negotiate = NULL; - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* Initialize structures */ - mbedtls_ssl_session_init( ssl->session_negotiate ); - mbedtls_ssl_transform_init( ssl->transform_negotiate ); - ssl_handshake_params_init( ssl->handshake ); + mbedtls_ssl_session_init(ssl->session_negotiate); + mbedtls_ssl_transform_init(ssl->transform_negotiate); + ssl_handshake_params_init(ssl->handshake); #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { ssl->handshake->alt_transform_out = ssl->transform_out; - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING; - else + } else { ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING; + } - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); } #endif - return( 0 ); + return 0; } #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) /* Dummy cookie callbacks for defaults */ -static int ssl_cookie_write_dummy( void *ctx, - unsigned char **p, unsigned char *end, - const unsigned char *cli_id, size_t cli_id_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_cookie_write_dummy(void *ctx, + unsigned char **p, unsigned char *end, + const unsigned char *cli_id, size_t cli_id_len) { ((void) ctx); ((void) p); @@ -3883,12 +3791,13 @@ static int ssl_cookie_write_dummy( void *ctx, ((void) cli_id); ((void) cli_id_len); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } -static int ssl_cookie_check_dummy( void *ctx, - const unsigned char *cookie, size_t cookie_len, - const unsigned char *cli_id, size_t cli_id_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_cookie_check_dummy(void *ctx, + const unsigned char *cookie, size_t cookie_len, + const unsigned char *cli_id, size_t cli_id_len) { ((void) ctx); ((void) cookie); @@ -3896,24 +3805,24 @@ static int ssl_cookie_check_dummy( void *ctx, ((void) cli_id); ((void) cli_id_len); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ /* * Initialize an SSL context */ -void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_init(mbedtls_ssl_context *ssl) { - memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); + memset(ssl, 0, sizeof(mbedtls_ssl_context)); } /* * Setup an SSL context */ -int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, - const mbedtls_ssl_config *conf ) +int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, + const mbedtls_ssl_config *conf) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; @@ -3931,10 +3840,9 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) ssl->in_buf_len = in_buf_len; #endif - ssl->in_buf = mbedtls_calloc( 1, in_buf_len ); - if( ssl->in_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len ) ); + ssl->in_buf = mbedtls_calloc(1, in_buf_len); + if (ssl->in_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", in_buf_len)); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto error; } @@ -3942,28 +3850,28 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) ssl->out_buf_len = out_buf_len; #endif - ssl->out_buf = mbedtls_calloc( 1, out_buf_len ); - if( ssl->out_buf == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len ) ); + ssl->out_buf = mbedtls_calloc(1, out_buf_len); + if (ssl->out_buf == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("alloc(%" MBEDTLS_PRINTF_SIZET " bytes) failed", out_buf_len)); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto error; } - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); #if defined(MBEDTLS_SSL_DTLS_SRTP) - memset( &ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info) ); + memset(&ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info)); #endif - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + if ((ret = ssl_handshake_init(ssl)) != 0) { goto error; + } - return( 0 ); + return 0; error: - mbedtls_free( ssl->in_buf ); - mbedtls_free( ssl->out_buf ); + mbedtls_free(ssl->in_buf); + mbedtls_free(ssl->out_buf); ssl->conf = NULL; @@ -3986,7 +3894,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, ssl->out_iv = NULL; ssl->out_msg = NULL; - return( ret ); + return ret; } /* @@ -3996,7 +3904,7 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, * If partial is non-zero, keep data in the input buffer and client ID. * (Use when a DTLS client reconnects from the same port.) */ -int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) +int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) @@ -4015,20 +3923,20 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->state = MBEDTLS_SSL_HELLO_REQUEST; /* Cancel any possibly running timer */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE; ssl->renego_records_seen = 0; ssl->verify_data_len = 0; - memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); - memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + memset(ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); + memset(ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN); #endif ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; ssl->in_offt = NULL; - mbedtls_ssl_reset_in_out_pointers( ssl ); + mbedtls_ssl_reset_in_out_pointers(ssl); ssl->in_msgtype = 0; ssl->in_msglen = 0; @@ -4037,7 +3945,7 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->in_epoch = 0; #endif #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - mbedtls_ssl_dtls_replay_reset( ssl ); + mbedtls_ssl_dtls_replay_reset(ssl); #endif ssl->in_hslen = 0; @@ -4049,11 +3957,12 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->out_msglen = 0; ssl->out_left = 0; #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) + if (ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED) { ssl->split_done = 0; + } #endif - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + memset(ssl->cur_out_ctr, 0, sizeof(ssl->cur_out_ctr)); ssl->transform_in = NULL; ssl->transform_out = NULL; @@ -4061,39 +3970,38 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->session_in = NULL; ssl->session_out = NULL; - memset( ssl->out_buf, 0, out_buf_len ); + memset(ssl->out_buf, 0, out_buf_len); + int clear_in_buf = 1; #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) - if( partial == 0 ) + if (partial != 0) { + clear_in_buf = 0; + } #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ - { + if (clear_in_buf) { ssl->in_left = 0; - memset( ssl->in_buf, 0, in_buf_len ); + memset(ssl->in_buf, 0, in_buf_len); } #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_reset != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) ); - if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED ); + if (mbedtls_ssl_hw_record_reset != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_reset()")); + if ((ret = mbedtls_ssl_hw_record_reset(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_hw_record_reset", ret); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } } #endif - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); ssl->transform = NULL; } - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + if (ssl->session) { + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); ssl->session = NULL; } @@ -4102,53 +4010,57 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) + int free_cli_id = 1; #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( partial == 0 ) + if (partial != 0) { + free_cli_id = 0; + } #endif - { - mbedtls_free( ssl->cli_id ); + if (free_cli_id) { + mbedtls_free(ssl->cli_id); ssl->cli_id = NULL; ssl->cli_id_len = 0; } #endif - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); + if ((ret = ssl_handshake_init(ssl)) != 0) { + return ret; + } - return( 0 ); + return 0; } /* * Reset an initialized and used SSL context for re-use while retaining * all application-set variables, function pointers and data. */ -int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl) { - return( mbedtls_ssl_session_reset_int( ssl, 0 ) ); + return mbedtls_ssl_session_reset_int(ssl, 0); } /* * SSL set accessors */ -void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint ) +void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint) { conf->endpoint = endpoint; } -void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport ) +void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport) { conf->transport = transport; } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) -void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) +void mbedtls_ssl_conf_dtls_anti_replay(mbedtls_ssl_config *conf, char mode) { conf->anti_replay = mode; } #endif #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) -void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) +void mbedtls_ssl_conf_dtls_badmac_limit(mbedtls_ssl_config *conf, unsigned limit) { conf->badmac_limit = limit; } @@ -4156,56 +4068,56 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, - unsigned allow_packing ) +void mbedtls_ssl_set_datagram_packing(mbedtls_ssl_context *ssl, + unsigned allow_packing) { ssl->disable_datagram_packing = !allow_packing; } -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, - uint32_t min, uint32_t max ) +void mbedtls_ssl_conf_handshake_timeout(mbedtls_ssl_config *conf, + uint32_t min, uint32_t max) { conf->hs_timeout_min = min; conf->hs_timeout_max = max; } #endif -void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode ) +void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode) { conf->authmode = authmode; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +void mbedtls_ssl_conf_verify(mbedtls_ssl_config *conf, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { conf->f_vrfy = f_vrfy; conf->p_vrfy = p_vrfy; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +void mbedtls_ssl_conf_rng(mbedtls_ssl_config *conf, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { conf->f_rng = f_rng; conf->p_rng = p_rng; } -void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf, - void (*f_dbg)(void *, int, const char *, int, const char *), - void *p_dbg ) +void mbedtls_ssl_conf_dbg(mbedtls_ssl_config *conf, + void (*f_dbg)(void *, int, const char *, int, const char *), + void *p_dbg) { conf->f_dbg = f_dbg; conf->p_dbg = p_dbg; } -void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, - void *p_bio, - mbedtls_ssl_send_t *f_send, - mbedtls_ssl_recv_t *f_recv, - mbedtls_ssl_recv_timeout_t *f_recv_timeout ) +void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, + void *p_bio, + mbedtls_ssl_send_t *f_send, + mbedtls_ssl_recv_t *f_recv, + mbedtls_ssl_recv_timeout_t *f_recv_timeout) { ssl->p_bio = p_bio; ssl->f_send = f_send; @@ -4214,35 +4126,35 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ) +void mbedtls_ssl_set_mtu(mbedtls_ssl_context *ssl, uint16_t mtu) { ssl->mtu = mtu; } #endif -void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) +void mbedtls_ssl_conf_read_timeout(mbedtls_ssl_config *conf, uint32_t timeout) { conf->read_timeout = timeout; } -void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, - void *p_timer, - mbedtls_ssl_set_timer_t *f_set_timer, - mbedtls_ssl_get_timer_t *f_get_timer ) +void mbedtls_ssl_set_timer_cb(mbedtls_ssl_context *ssl, + void *p_timer, + mbedtls_ssl_set_timer_t *f_set_timer, + mbedtls_ssl_get_timer_t *f_get_timer) { ssl->p_timer = p_timer; ssl->f_set_timer = f_set_timer; ssl->f_get_timer = f_get_timer; /* Make sure we start with no timer running */ - mbedtls_ssl_set_timer( ssl, 0 ); + mbedtls_ssl_set_timer(ssl, 0); } #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) +void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, + void *p_cache, + int (*f_get_cache)(void *, mbedtls_ssl_session *), + int (*f_set_cache)(void *, const mbedtls_ssl_session *)) { conf->p_cache = p_cache; conf->f_get_cache = f_get_cache; @@ -4251,30 +4163,30 @@ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session ) +int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ssl == NULL || + if (ssl == NULL || session == NULL || ssl->session_negotiate == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate, - session ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_ssl_session_copy(ssl->session_negotiate, + session)) != 0) { + return ret; + } ssl->handshake->resume = 1; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_CLI_C */ -void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ) +void mbedtls_ssl_conf_ciphersuites(mbedtls_ssl_config *conf, + const int *ciphersuites) { conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites; conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites; @@ -4282,67 +4194,69 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites; } -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ) +void mbedtls_ssl_conf_ciphersuites_for_version(mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor) { - if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) + if (major != MBEDTLS_SSL_MAJOR_VERSION_3) { return; + } - if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) + if (minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3) { return; + } conf->ciphersuite_list[minor] = ciphersuites; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, - const mbedtls_x509_crt_profile *profile ) +void mbedtls_ssl_conf_cert_profile(mbedtls_ssl_config *conf, + const mbedtls_x509_crt_profile *profile) { conf->cert_profile = profile; } /* Append a new keycert entry to a (possibly empty) list */ -static int ssl_append_key_cert( mbedtls_ssl_key_cert **head, - mbedtls_x509_crt *cert, - mbedtls_pk_context *key ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_append_key_cert(mbedtls_ssl_key_cert **head, + mbedtls_x509_crt *cert, + mbedtls_pk_context *key) { mbedtls_ssl_key_cert *new_cert; - new_cert = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) ); - if( new_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + new_cert = mbedtls_calloc(1, sizeof(mbedtls_ssl_key_cert)); + if (new_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } new_cert->cert = cert; new_cert->key = key; new_cert->next = NULL; /* Update head is the list was null, else add to the end */ - if( *head == NULL ) - { + if (*head == NULL) { *head = new_cert; - } - else - { + } else { mbedtls_ssl_key_cert *cur = *head; - while( cur->next != NULL ) + while (cur->next != NULL) { cur = cur->next; + } cur->next = new_cert; } - return( 0 ); + return 0; } -int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, +int mbedtls_ssl_conf_own_cert(mbedtls_ssl_config *conf, mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) + mbedtls_pk_context *pk_key) { - return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) ); + return ssl_append_key_cert(&conf->key_cert, own_cert, pk_key); } -void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, +void mbedtls_ssl_conf_ca_chain(mbedtls_ssl_config *conf, mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) + mbedtls_x509_crl *ca_crl) { conf->ca_chain = ca_chain; conf->ca_crl = ca_crl; @@ -4356,9 +4270,9 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb ) +void mbedtls_ssl_conf_ca_cb(mbedtls_ssl_config *conf, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb) { conf->f_ca_cb = f_ca_cb; conf->p_ca_cb = p_ca_cb; @@ -4372,33 +4286,33 @@ void mbedtls_ssl_conf_ca_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *own_cert, - mbedtls_pk_context *pk_key ) +int mbedtls_ssl_set_hs_own_cert(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *own_cert, + mbedtls_pk_context *pk_key) { - return( ssl_append_key_cert( &ssl->handshake->sni_key_cert, - own_cert, pk_key ) ); + return ssl_append_key_cert(&ssl->handshake->sni_key_cert, + own_cert, pk_key); } -void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *ca_chain, - mbedtls_x509_crl *ca_crl ) +void mbedtls_ssl_set_hs_ca_chain(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *ca_chain, + mbedtls_x509_crl *ca_crl) { ssl->handshake->sni_ca_chain = ca_chain; ssl->handshake->sni_ca_crl = ca_crl; } -void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl, - int authmode ) +void mbedtls_ssl_set_hs_authmode(mbedtls_ssl_context *ssl, + int authmode) { ssl->handshake->sni_authmode = authmode; } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { ssl->f_vrfy = f_vrfy; ssl->p_vrfy = p_vrfy; @@ -4409,59 +4323,58 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, /* * Set EC J-PAKE password for current handshake */ -int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, - const unsigned char *pw, - size_t pw_len ) +int mbedtls_ssl_set_hs_ecjpake_password(mbedtls_ssl_context *ssl, + const unsigned char *pw, + size_t pw_len) { mbedtls_ecjpake_role role; - if( ssl->handshake == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->handshake == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { role = MBEDTLS_ECJPAKE_SERVER; - else + } else { role = MBEDTLS_ECJPAKE_CLIENT; + } - return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx, - role, - MBEDTLS_MD_SHA256, - MBEDTLS_ECP_DP_SECP256R1, - pw, pw_len ) ); + return mbedtls_ecjpake_setup(&ssl->handshake->ecjpake_ctx, + role, + MBEDTLS_MD_SHA256, + MBEDTLS_ECP_DP_SECP256R1, + pw, pw_len); } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) -static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) +static void ssl_conf_remove_psk(mbedtls_ssl_config *conf) { /* Remove reference to existing PSK, if any. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) - { + if (!mbedtls_svc_key_id_is_null(conf->psk_opaque)) { /* The maintenance of the PSK key slot is the * user's responsibility. */ conf->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; } /* This and the following branch should never - * be taken simultaenously as we maintain the + * be taken simultaneously as we maintain the * invariant that raw and opaque PSKs are never * configured simultaneously. As a safeguard, * though, `else` is omitted here. */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); + if (conf->psk != NULL) { + mbedtls_platform_zeroize(conf->psk, conf->psk_len); - mbedtls_free( conf->psk ); + mbedtls_free(conf->psk); conf->psk = NULL; conf->psk_len = 0; } /* Remove reference to PSK identity, if any. */ - if( conf->psk_identity != NULL ) - { - mbedtls_free( conf->psk_identity ); + if (conf->psk_identity != NULL) { + mbedtls_free(conf->psk_identity); conf->psk_identity = NULL; conf->psk_identity_len = 0; } @@ -4471,136 +4384,145 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) * It checks that the provided identity is well-formed and attempts * to make a copy of it in the SSL config. * On failure, the PSK identity in the config remains unset. */ -static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf, - unsigned char const *psk_identity, - size_t psk_identity_len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_conf_set_psk_identity(mbedtls_ssl_config *conf, + unsigned char const *psk_identity, + size_t psk_identity_len) { /* Identity len will be encoded on two bytes */ - if( psk_identity == NULL || - ( psk_identity_len >> 16 ) != 0 || - psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk_identity == NULL || + (psk_identity_len >> 16) != 0 || + psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ); - if( conf->psk_identity == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + conf->psk_identity = mbedtls_calloc(1, psk_identity_len); + if (conf->psk_identity == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } conf->psk_identity_len = psk_identity_len; - memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len ); + memcpy(conf->psk_identity, psk_identity, conf->psk_identity_len); - return( 0 ); + return 0; } -int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, - const unsigned char *psk, size_t psk_len, - const unsigned char *psk_identity, size_t psk_identity_len ) +int mbedtls_ssl_conf_psk(mbedtls_ssl_config *conf, + const unsigned char *psk, size_t psk_len, + const unsigned char *psk_identity, size_t psk_identity_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Remove opaque/raw PSK + PSK Identity */ - ssl_conf_remove_psk( conf ); + ssl_conf_remove_psk(conf); /* Check and set raw PSK */ - if( psk == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( psk_len == 0 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (psk == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (psk_len == 0) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (psk_len > MBEDTLS_PSK_MAX_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + if ((conf->psk = mbedtls_calloc(1, psk_len)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } conf->psk_len = psk_len; - memcpy( conf->psk, psk, conf->psk_len ); + memcpy(conf->psk, psk, conf->psk_len); /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); + ret = ssl_conf_set_psk_identity(conf, psk_identity, psk_identity_len); + if (ret != 0) { + ssl_conf_remove_psk(conf); + } - return( ret ); + return ret; } -static void ssl_remove_psk( mbedtls_ssl_context *ssl ) +static void ssl_remove_psk(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) ) - { + if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) { ssl->handshake->psk_opaque = MBEDTLS_SVC_KEY_ID_INIT; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( ssl->handshake->psk != NULL ) - { - mbedtls_platform_zeroize( ssl->handshake->psk, - ssl->handshake->psk_len ); - mbedtls_free( ssl->handshake->psk ); + if (ssl->handshake->psk != NULL) { + mbedtls_platform_zeroize(ssl->handshake->psk, + ssl->handshake->psk_len); + mbedtls_free(ssl->handshake->psk); ssl->handshake->psk_len = 0; } } -int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl, - const unsigned char *psk, size_t psk_len ) +int mbedtls_ssl_set_hs_psk(mbedtls_ssl_context *ssl, + const unsigned char *psk, size_t psk_len) { - if( psk == NULL || ssl->handshake == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk == NULL || ssl->handshake == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( psk_len > MBEDTLS_PSK_MAX_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (psk_len > MBEDTLS_PSK_MAX_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_remove_psk( ssl ); + ssl_remove_psk(ssl); - if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if ((ssl->handshake->psk = mbedtls_calloc(1, psk_len)) == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } ssl->handshake->psk_len = psk_len; - memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len ); + memcpy(ssl->handshake->psk, psk, ssl->handshake->psk_len); - return( 0 ); + return 0; } #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, - psa_key_id_t psk, - const unsigned char *psk_identity, - size_t psk_identity_len ) +int mbedtls_ssl_conf_psk_opaque(mbedtls_ssl_config *conf, + psa_key_id_t psk, + const unsigned char *psk_identity, + size_t psk_identity_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Clear opaque/raw PSK + PSK Identity, if present. */ - ssl_conf_remove_psk( conf ); + ssl_conf_remove_psk(conf); /* Check and set opaque PSK */ - if( mbedtls_svc_key_id_is_null( psk ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_svc_key_id_is_null(psk)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } conf->psk_opaque = psk; /* Check and set PSK Identity */ - ret = ssl_conf_set_psk_identity( conf, psk_identity, - psk_identity_len ); - if( ret != 0 ) - ssl_conf_remove_psk( conf ); + ret = ssl_conf_set_psk_identity(conf, psk_identity, + psk_identity_len); + if (ret != 0) { + ssl_conf_remove_psk(conf); + } - return( ret ); + return ret; } -int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl, - psa_key_id_t psk ) +int mbedtls_ssl_set_hs_psk_opaque(mbedtls_ssl_context *ssl, + psa_key_id_t psk) { - if( ( mbedtls_svc_key_id_is_null( psk ) ) || - ( ssl->handshake == NULL ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((mbedtls_svc_key_id_is_null(psk)) || + (ssl->handshake == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_remove_psk( ssl ); + ssl_remove_psk(ssl); ssl->handshake->psk_opaque = psk; - return( 0 ); + return 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, - int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, - size_t), - void *p_psk ) +void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, + int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, + size_t), + void *p_psk) { conf->f_psk = f_psk; conf->p_psk = p_psk; @@ -4610,52 +4532,55 @@ void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf, #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) #if !defined(MBEDTLS_DEPRECATED_REMOVED) -int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G ) +int mbedtls_ssl_conf_dh_param(mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 || - ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + if ((ret = mbedtls_mpi_read_string(&conf->dhm_P, 16, dhm_P)) != 0 || + (ret = mbedtls_mpi_read_string(&conf->dhm_G, 16, dhm_G)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_DEPRECATED_REMOVED */ -int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf, - const unsigned char *dhm_P, size_t P_len, - const unsigned char *dhm_G, size_t G_len ) +int mbedtls_ssl_conf_dh_param_bin(mbedtls_ssl_config *conf, + const unsigned char *dhm_P, size_t P_len, + const unsigned char *dhm_G, size_t G_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 || - ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + + if ((ret = mbedtls_mpi_read_binary(&conf->dhm_P, dhm_P, P_len)) != 0 || + (ret = mbedtls_mpi_read_binary(&conf->dhm_G, dhm_G, G_len)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } -int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx ) +int mbedtls_ssl_conf_dh_param_ctx(mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 || - ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 ) - { - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); - return( ret ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + + if ((ret = mbedtls_mpi_copy(&conf->dhm_P, &dhm_ctx->P)) != 0 || + (ret = mbedtls_mpi_copy(&conf->dhm_G, &dhm_ctx->G)) != 0) { + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */ @@ -4663,8 +4588,8 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context /* * Set the minimum length for Diffie-Hellman parameters */ -void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, - unsigned int bitlen ) +void mbedtls_ssl_conf_dhm_min_bitlen(mbedtls_ssl_config *conf, + unsigned int bitlen) { conf->dhm_min_bitlen = bitlen; } @@ -4674,8 +4599,8 @@ void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf, /* * Set allowed/preferred hashes for handshake signatures */ -void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, - const int *hashes ) +void mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, + const int *hashes) { conf->sig_hashes = hashes; } @@ -4685,64 +4610,61 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf, /* * Set the allowed elliptic curves */ -void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, - const mbedtls_ecp_group_id *curve_list ) +void mbedtls_ssl_conf_curves(mbedtls_ssl_config *conf, + const mbedtls_ecp_group_id *curve_list) { conf->curve_list = curve_list; } #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) +int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname) { /* Initialize to suppress unnecessary compiler warning */ size_t hostname_len = 0; /* Check if new hostname is valid before * making any change to current one */ - if( hostname != NULL ) - { - hostname_len = strlen( hostname ); + if (hostname != NULL) { + hostname_len = strlen(hostname); - if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } } /* Now it's clear that we will overwrite the old hostname, * so we can free it safely */ - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); + if (ssl->hostname != NULL) { + mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); + mbedtls_free(ssl->hostname); } /* Passing NULL as hostname shall clear the old one */ - if( hostname == NULL ) - { + if (hostname == NULL) { ssl->hostname = NULL; - } - else - { - ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 ); - if( ssl->hostname == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + } else { + ssl->hostname = mbedtls_calloc(1, hostname_len + 1); + if (ssl->hostname == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( ssl->hostname, hostname, hostname_len ); + memcpy(ssl->hostname, hostname, hostname_len); ssl->hostname[hostname_len] = '\0'; } - return( 0 ); + return 0; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) -void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, - int (*f_sni)(void *, mbedtls_ssl_context *, - const unsigned char *, size_t), - void *p_sni ) +void mbedtls_ssl_conf_sni(mbedtls_ssl_config *conf, + int (*f_sni)(void *, mbedtls_ssl_context *, + const unsigned char *, size_t), + void *p_sni) { conf->f_sni = f_sni; conf->p_sni = p_sni; @@ -4750,7 +4672,7 @@ void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_ALPN) -int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos ) +int mbedtls_ssl_conf_alpn_protocols(mbedtls_ssl_config *conf, const char **protos) { size_t cur_len, tot_len; const char **p; @@ -4761,221 +4683,210 @@ int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **prot * We check lengths now rather than later. */ tot_len = 0; - for( p = protos; *p != NULL; p++ ) - { - cur_len = strlen( *p ); + for (p = protos; *p != NULL; p++) { + cur_len = strlen(*p); tot_len += cur_len; - if( ( cur_len == 0 ) || - ( cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN ) || - ( tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((cur_len == 0) || + (cur_len > MBEDTLS_SSL_MAX_ALPN_NAME_LEN) || + (tot_len > MBEDTLS_SSL_MAX_ALPN_LIST_LEN)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } } conf->alpn_list = protos; - return( 0 ); + return 0; } -const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_alpn_protocol(const mbedtls_ssl_context *ssl) { - return( ssl->alpn_chosen ); + return ssl->alpn_chosen; } #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_DTLS_SRTP) -void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf, - int support_mki_value ) +void mbedtls_ssl_conf_srtp_mki_value_supported(mbedtls_ssl_config *conf, + int support_mki_value) { conf->dtls_srtp_mki_support = support_mki_value; } -int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, - unsigned char *mki_value, - uint16_t mki_len ) +int mbedtls_ssl_dtls_srtp_set_mki_value(mbedtls_ssl_context *ssl, + unsigned char *mki_value, + uint16_t mki_len) { - if( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED ) - { - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED) { + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - memcpy( ssl->dtls_srtp_info.mki_value, mki_value, mki_len ); + memcpy(ssl->dtls_srtp_info.mki_value, mki_value, mki_len); ssl->dtls_srtp_info.mki_len = mki_len; - return( 0 ); + return 0; } -int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, - const mbedtls_ssl_srtp_profile *profiles ) +int mbedtls_ssl_conf_dtls_srtp_protection_profiles(mbedtls_ssl_config *conf, + const mbedtls_ssl_srtp_profile *profiles) { const mbedtls_ssl_srtp_profile *p; size_t list_size = 0; /* check the profiles list: all entry must be valid, * its size cannot be more than the total number of supported profiles, currently 4 */ - for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && - list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; - p++ ) - { - if( mbedtls_ssl_check_srtp_profile_value( *p ) != MBEDTLS_TLS_SRTP_UNSET ) - { + for (p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && + list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; + p++) { + if (mbedtls_ssl_check_srtp_profile_value(*p) != MBEDTLS_TLS_SRTP_UNSET) { list_size++; - } - else - { + } else { /* unsupported value, stop parsing and set the size to an error value */ list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH + 1; } } - if( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH ) - { - conf->dtls_srtp_profile_list = NULL; - conf->dtls_srtp_profile_list_len = 0; - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH) { + conf->dtls_srtp_profile_list = NULL; + conf->dtls_srtp_profile_list_len = 0; + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->dtls_srtp_profile_list = profiles; conf->dtls_srtp_profile_list_len = list_size; - return( 0 ); + return 0; } -void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, - mbedtls_dtls_srtp_info *dtls_srtp_info ) +void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl, + mbedtls_dtls_srtp_info *dtls_srtp_info) { dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile; /* do not copy the mki value if there is no chosen profile */ - if( dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) - { + if (dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET) { dtls_srtp_info->mki_len = 0; - } - else - { + } else { dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len; - memcpy( dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, - ssl->dtls_srtp_info.mki_len ); + memcpy(dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, + ssl->dtls_srtp_info.mki_len); } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ -void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor ) +void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor) { conf->max_major_ver = major; conf->max_minor_ver = minor; } -void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ) +void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor) { conf->min_major_ver = major; conf->min_minor_ver = minor; } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) +void mbedtls_ssl_conf_fallback(mbedtls_ssl_config *conf, char fallback) { conf->fallback = fallback; } #endif #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, - char cert_req_ca_list ) +void mbedtls_ssl_conf_cert_req_ca_list(mbedtls_ssl_config *conf, + char cert_req_ca_list) { conf->cert_req_ca_list = cert_req_ca_list; } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) -void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm ) +void mbedtls_ssl_conf_encrypt_then_mac(mbedtls_ssl_config *conf, char etm) { conf->encrypt_then_mac = etm; } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) -void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ) +void mbedtls_ssl_conf_extended_master_secret(mbedtls_ssl_config *conf, char ems) { conf->extended_ms = ems; } #endif #if defined(MBEDTLS_ARC4_C) -void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 ) +void mbedtls_ssl_conf_arc4_support(mbedtls_ssl_config *conf, char arc4) { conf->arc4_disabled = arc4; } #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code ) +int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_code) { - if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || - ssl_mfl_code_to_length( mfl_code ) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID || + ssl_mfl_code_to_length(mfl_code) > MBEDTLS_TLS_EXT_ADV_CONTENT_LEN) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } conf->mfl_code = mfl_code; - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) -void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) +void mbedtls_ssl_conf_truncated_hmac(mbedtls_ssl_config *conf, int truncate) { conf->trunc_hmac = truncate; } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) +void mbedtls_ssl_conf_cbc_record_splitting(mbedtls_ssl_config *conf, char split) { conf->cbc_record_splitting = split; } #endif -void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) +void mbedtls_ssl_conf_legacy_renegotiation(mbedtls_ssl_config *conf, int allow_legacy) { conf->allow_legacy_renegotiation = allow_legacy; } #if defined(MBEDTLS_SSL_RENEGOTIATION) -void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation ) +void mbedtls_ssl_conf_renegotiation(mbedtls_ssl_config *conf, int renegotiation) { conf->disable_renegotiation = renegotiation; } -void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records ) +void mbedtls_ssl_conf_renegotiation_enforced(mbedtls_ssl_config *conf, int max_records) { conf->renego_max_records = max_records; } -void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf, - const unsigned char period[8] ) +void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf, + const unsigned char period[8]) { - memcpy( conf->renego_period, period, 8 ); + memcpy(conf->renego_period, period, 8); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets ) +void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets) { conf->session_tickets = use_tickets; } #endif #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_ticket_write_t *f_ticket_write, - mbedtls_ssl_ticket_parse_t *f_ticket_parse, - void *p_ticket ) +void mbedtls_ssl_conf_session_tickets_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_ticket_write_t *f_ticket_write, + mbedtls_ssl_ticket_parse_t *f_ticket_parse, + void *p_ticket) { conf->f_ticket_write = f_ticket_write; conf->f_ticket_parse = f_ticket_parse; @@ -4985,17 +4896,17 @@ void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_t *f_export_keys, - void *p_export_keys ) +void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_t *f_export_keys, + void *p_export_keys) { conf->f_export_keys = f_export_keys; conf->p_export_keys = p_export_keys; } -void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf, - mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, - void *p_export_keys ) +void mbedtls_ssl_conf_export_keys_ext_cb(mbedtls_ssl_config *conf, + mbedtls_ssl_export_keys_ext_t *f_export_keys_ext, + void *p_export_keys) { conf->f_export_keys_ext = f_export_keys_ext; conf->p_export_keys = p_export_keys; @@ -5009,7 +4920,7 @@ void mbedtls_ssl_conf_async_private_cb( mbedtls_ssl_async_decrypt_t *f_async_decrypt, mbedtls_ssl_async_resume_t *f_async_resume, mbedtls_ssl_async_cancel_t *f_async_cancel, - void *async_config_data ) + void *async_config_data) { conf->f_async_sign_start = f_async_sign; conf->f_async_decrypt_start = f_async_decrypt; @@ -5018,178 +4929,176 @@ void mbedtls_ssl_conf_async_private_cb( conf->p_async_config_data = async_config_data; } -void *mbedtls_ssl_conf_get_async_config_data( const mbedtls_ssl_config *conf ) +void *mbedtls_ssl_conf_get_async_config_data(const mbedtls_ssl_config *conf) { - return( conf->p_async_config_data ); + return conf->p_async_config_data; } -void *mbedtls_ssl_get_async_operation_data( const mbedtls_ssl_context *ssl ) +void *mbedtls_ssl_get_async_operation_data(const mbedtls_ssl_context *ssl) { - if( ssl->handshake == NULL ) - return( NULL ); - else - return( ssl->handshake->user_async_ctx ); + if (ssl->handshake == NULL) { + return NULL; + } else { + return ssl->handshake->user_async_ctx; + } } -void mbedtls_ssl_set_async_operation_data( mbedtls_ssl_context *ssl, - void *ctx ) +void mbedtls_ssl_set_async_operation_data(mbedtls_ssl_context *ssl, + void *ctx) { - if( ssl->handshake != NULL ) + if (ssl->handshake != NULL) { ssl->handshake->user_async_ctx = ctx; + } } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ /* * SSL get accessors */ -uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) +uint32_t mbedtls_ssl_get_verify_result(const mbedtls_ssl_context *ssl) { - if( ssl->session != NULL ) - return( ssl->session->verify_result ); + if (ssl->session != NULL) { + return ssl->session->verify_result; + } - if( ssl->session_negotiate != NULL ) - return( ssl->session_negotiate->verify_result ); + if (ssl->session_negotiate != NULL) { + return ssl->session_negotiate->verify_result; + } - return( 0xFFFFFFFF ); + return 0xFFFFFFFF; } -const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_ciphersuite(const mbedtls_ssl_context *ssl) { - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); + if (ssl == NULL || ssl->session == NULL) { + return NULL; + } - return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); + return mbedtls_ssl_get_ciphersuite_name(ssl->session->ciphersuite); } -const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) +const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - switch( ssl->minor_ver ) - { + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + switch (ssl->minor_ver) { case MBEDTLS_SSL_MINOR_VERSION_2: - return( "DTLSv1.0" ); + return "DTLSv1.0"; case MBEDTLS_SSL_MINOR_VERSION_3: - return( "DTLSv1.2" ); + return "DTLSv1.2"; default: - return( "unknown (DTLS)" ); + return "unknown (DTLS)"; } } #endif - switch( ssl->minor_ver ) - { + switch (ssl->minor_ver) { case MBEDTLS_SSL_MINOR_VERSION_0: - return( "SSLv3.0" ); + return "SSLv3.0"; case MBEDTLS_SSL_MINOR_VERSION_1: - return( "TLSv1.0" ); + return "TLSv1.0"; case MBEDTLS_SSL_MINOR_VERSION_2: - return( "TLSv1.1" ); + return "TLSv1.1"; case MBEDTLS_SSL_MINOR_VERSION_3: - return( "TLSv1.2" ); + return "TLSv1.2"; default: - return( "unknown" ); + return "unknown"; } } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) -size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN; size_t read_mfl; /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE ) - { - return ssl_mfl_code_to_length( ssl->conf->mfl_code ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ssl->state >= MBEDTLS_SSL_SERVER_HELLO_DONE) { + return ssl_mfl_code_to_length(ssl->conf->mfl_code); } /* Check if a smaller max length was negotiated */ - if( ssl->session_out != NULL ) - { - read_mfl = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); - if( read_mfl < max_len ) - { + if (ssl->session_out != NULL) { + read_mfl = ssl_mfl_code_to_length(ssl->session_out->mfl_code); + if (read_mfl < max_len) { max_len = read_mfl; } } // During a handshake, use the value being negotiated - if( ssl->session_negotiate != NULL ) - { - read_mfl = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); - if( read_mfl < max_len ) - { + if (ssl->session_negotiate != NULL) { + read_mfl = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); + if (read_mfl < max_len) { max_len = read_mfl; } } - return( max_len ); + return max_len; } -size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len; /* * Assume mfl_code is correct since it was checked when set */ - max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code ); + max_len = ssl_mfl_code_to_length(ssl->conf->mfl_code); /* Check if a smaller max length was negotiated */ - if( ssl->session_out != NULL && - ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); + if (ssl->session_out != NULL && + ssl_mfl_code_to_length(ssl->session_out->mfl_code) < max_len) { + max_len = ssl_mfl_code_to_length(ssl->session_out->mfl_code); } /* During a handshake, use the value being negotiated */ - if( ssl->session_negotiate != NULL && - ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len ) - { - max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); + if (ssl->session_negotiate != NULL && + ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code) < max_len) { + max_len = ssl_mfl_code_to_length(ssl->session_negotiate->mfl_code); } - return( max_len ); + return max_len; } #if !defined(MBEDTLS_DEPRECATED_REMOVED) -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_max_frag_len(const mbedtls_ssl_context *ssl) { - return mbedtls_ssl_get_output_max_frag_len( ssl ); + return mbedtls_ssl_get_output_max_frag_len(ssl); } #endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ #if defined(MBEDTLS_SSL_PROTO_DTLS) -size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl ) +size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl) { /* Return unlimited mtu for client hello messages to avoid fragmentation. */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && - ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO || - ssl->state == MBEDTLS_SSL_SERVER_HELLO ) ) - return ( 0 ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + (ssl->state == MBEDTLS_SSL_CLIENT_HELLO || + ssl->state == MBEDTLS_SSL_SERVER_HELLO)) { + return 0; + } - if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) - return( ssl->mtu ); + if (ssl->handshake == NULL || ssl->handshake->mtu == 0) { + return ssl->mtu; + } - if( ssl->mtu == 0 ) - return( ssl->handshake->mtu ); + if (ssl->mtu == 0) { + return ssl->handshake->mtu; + } - return( ssl->mtu < ssl->handshake->mtu ? - ssl->mtu : ssl->handshake->mtu ); + return ssl->mtu < ssl->handshake->mtu ? + ssl->mtu : ssl->handshake->mtu; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ -int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) +int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; @@ -5199,30 +5108,31 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_output_max_frag_len( ssl ); + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if( max_len > mfl ) + if (max_len > mfl) { max_len = mfl; + } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( mbedtls_ssl_get_current_mtu( ssl ) != 0 ) - { - const size_t mtu = mbedtls_ssl_get_current_mtu( ssl ); - const int ret = mbedtls_ssl_get_record_expansion( ssl ); + if (mbedtls_ssl_get_current_mtu(ssl) != 0) { + const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); + const int ret = mbedtls_ssl_get_record_expansion(ssl); const size_t overhead = (size_t) ret; - if( ret < 0 ) - return( ret ); + if (ret < 0) { + return ret; + } - if( mtu <= overhead ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + if (mtu <= overhead) { + MBEDTLS_SSL_DEBUG_MSG(1, ("MTU too low for record expansion")); + return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - if( max_len > mtu - overhead ) + if (max_len > mtu - overhead) { max_len = mtu - overhead; + } } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -5231,45 +5141,46 @@ int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) ((void) ssl); #endif - return( (int) max_len ); + return (int) max_len; } #if defined(MBEDTLS_X509_CRT_PARSE_C) -const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) +const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl) { - if( ssl == NULL || ssl->session == NULL ) - return( NULL ); + if (ssl == NULL || ssl->session == NULL) { + return NULL; + } #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - return( ssl->session->peer_cert ); + return ssl->session->peer_cert; #else - return( NULL ); + return NULL; #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ } #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_CLI_C) -int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, - mbedtls_ssl_session *dst ) +int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, + mbedtls_ssl_session *dst) { - if( ssl == NULL || + if (ssl == NULL || dst == NULL || ssl->session == NULL || - ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - return( mbedtls_ssl_session_copy( dst, ssl->session ) ); + return mbedtls_ssl_session_copy(dst, ssl->session); } #endif /* MBEDTLS_SSL_CLI_C */ -const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ) +const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer(const mbedtls_ssl_context *ssl) { - if( ssl == NULL ) - return( NULL ); + if (ssl == NULL) { + return NULL; + } - return( ssl->session ); + return ssl->session; } /* @@ -5333,21 +5244,23 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co #define SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT 6 #define SSL_SERIALIZED_SESSION_CONFIG_BITFLAG \ - ( (uint16_t) ( \ - ( SSL_SERIALIZED_SESSION_CONFIG_TIME << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT ) | \ - ( SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT ) ) ) + ((uint16_t) ( \ + (SSL_SERIALIZED_SESSION_CONFIG_TIME << SSL_SERIALIZED_SESSION_CONFIG_TIME_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_CRT << SSL_SERIALIZED_SESSION_CONFIG_CRT_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET << \ + SSL_SERIALIZED_SESSION_CONFIG_CLIENT_TICKET_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_MFL << SSL_SERIALIZED_SESSION_CONFIG_MFL_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC << \ + SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \ + (SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT))) static unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), }; /* @@ -5384,11 +5297,12 @@ static unsigned char ssl_serialized_session_header[] = { * verify_result is put before peer_cert so that all mandatory fields come * together in one block. */ -static int ssl_session_save( const mbedtls_ssl_session *session, - unsigned char omit_header, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_session_save(const mbedtls_ssl_session *session, + unsigned char omit_header, + unsigned char *buf, + size_t buf_len, + size_t *olen) { unsigned char *p = buf; size_t used = 0; @@ -5402,19 +5316,17 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( !omit_header ) - { + if (!omit_header) { /* * Add version identifier */ - used += sizeof( ssl_serialized_session_header ); + used += sizeof(ssl_serialized_session_header); - if( used <= buf_len ) - { - memcpy( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ); - p += sizeof( ssl_serialized_session_header ); + if (used <= buf_len) { + memcpy(p, ssl_serialized_session_header, + sizeof(ssl_serialized_session_header)); + p += sizeof(ssl_serialized_session_header); } } @@ -5424,11 +5336,10 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) used += 8; - if( used <= buf_len ) - { + if (used <= buf_len) { start = (uint64_t) session->start; - MBEDTLS_PUT_UINT64_BE( start, p, 0 ); + MBEDTLS_PUT_UINT64_BE(start, p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -5437,27 +5348,26 @@ static int ssl_session_save( const mbedtls_ssl_session *session, * Basic mandatory fields */ used += 2 /* ciphersuite */ - + 1 /* compression */ - + 1 /* id_len */ - + sizeof( session->id ) - + sizeof( session->master ) - + 4; /* verify_result */ - - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT16_BE( session->ciphersuite, p, 0 ); + + 1 /* compression */ + + 1 /* id_len */ + + sizeof(session->id) + + sizeof(session->master) + + 4; /* verify_result */ + + if (used <= buf_len) { + MBEDTLS_PUT_UINT16_BE(session->ciphersuite, p, 0); p += 2; - *p++ = MBEDTLS_BYTE_0( session->compression ); + *p++ = MBEDTLS_BYTE_0(session->compression); - *p++ = MBEDTLS_BYTE_0( session->id_len ); - memcpy( p, session->id, 32 ); + *p++ = MBEDTLS_BYTE_0(session->id_len); + memcpy(p, session->id, 32); p += 32; - memcpy( p, session->master, 48 ); + memcpy(p, session->master, 48); p += 48; - MBEDTLS_PUT_UINT32_BE( session->verify_result, p, 0 ); + MBEDTLS_PUT_UINT32_BE(session->verify_result, p, 0); p += 4; } @@ -5466,43 +5376,37 @@ static int ssl_session_save( const mbedtls_ssl_session *session, */ #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( session->peer_cert == NULL ) + if (session->peer_cert == NULL) { cert_len = 0; - else + } else { cert_len = session->peer_cert->raw.len; + } used += 3 + cert_len; - if( used <= buf_len ) - { - *p++ = MBEDTLS_BYTE_2( cert_len ); - *p++ = MBEDTLS_BYTE_1( cert_len ); - *p++ = MBEDTLS_BYTE_0( cert_len ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_2(cert_len); + *p++ = MBEDTLS_BYTE_1(cert_len); + *p++ = MBEDTLS_BYTE_0(cert_len); - if( session->peer_cert != NULL ) - { - memcpy( p, session->peer_cert->raw.p, cert_len ); + if (session->peer_cert != NULL) { + memcpy(p, session->peer_cert->raw.p, cert_len); p += cert_len; } } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - if( session->peer_cert_digest != NULL ) - { + if (session->peer_cert_digest != NULL) { used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = (unsigned char) session->peer_cert_digest_type; *p++ = (unsigned char) session->peer_cert_digest_len; - memcpy( p, session->peer_cert_digest, - session->peer_cert_digest_len ); + memcpy(p, session->peer_cert_digest, + session->peer_cert_digest_len); p += session->peer_cert_digest_len; } - } - else - { + } else { used += 2; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = (unsigned char) MBEDTLS_MD_NONE; *p++ = 0; } @@ -5516,19 +5420,17 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) used += 3 + session->ticket_len + 4; /* len + ticket + lifetime */ - if( used <= buf_len ) - { - *p++ = MBEDTLS_BYTE_2( session->ticket_len ); - *p++ = MBEDTLS_BYTE_1( session->ticket_len ); - *p++ = MBEDTLS_BYTE_0( session->ticket_len ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_2(session->ticket_len); + *p++ = MBEDTLS_BYTE_1(session->ticket_len); + *p++ = MBEDTLS_BYTE_0(session->ticket_len); - if( session->ticket != NULL ) - { - memcpy( p, session->ticket, session->ticket_len ); + if (session->ticket != NULL) { + memcpy(p, session->ticket, session->ticket_len); p += session->ticket_len; } - MBEDTLS_PUT_UINT32_BE( session->ticket_lifetime, p, 0 ); + MBEDTLS_PUT_UINT32_BE(session->ticket_lifetime, p, 0); p += 4; } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5539,42 +5441,46 @@ static int ssl_session_save( const mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) used += 1; - if( used <= buf_len ) + if (used <= buf_len) { *p++ = session->mfl_code; + } #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) used += 1; - if( used <= buf_len ) - *p++ = (unsigned char)( ( session->trunc_hmac ) & 0xFF ); + if (used <= buf_len) { + *p++ = (unsigned char) ((session->trunc_hmac) & 0xFF); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) used += 1; - if( used <= buf_len ) - *p++ = MBEDTLS_BYTE_0( session->encrypt_then_mac ); + if (used <= buf_len) { + *p++ = MBEDTLS_BYTE_0(session->encrypt_then_mac); + } #endif /* Done */ *olen = used; - if( used > buf_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (used > buf_len) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } - return( 0 ); + return 0; } /* * Public wrapper for ssl_session_save() */ -int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +int mbedtls_ssl_session_save(const mbedtls_ssl_session *session, + unsigned char *buf, + size_t buf_len, + size_t *olen) { - return( ssl_session_save( session, 0, buf, buf_len, olen ) ); + return ssl_session_save(session, 0, buf, buf_len, olen); } /* @@ -5583,10 +5489,11 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * This internal version is wrapped by a public function that cleans up in * case of error, and has an extra option omit_header. */ -static int ssl_session_load( mbedtls_ssl_session *session, - unsigned char omit_header, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_session_load(mbedtls_ssl_session *session, + unsigned char omit_header, + const unsigned char *buf, + size_t len) { const unsigned char *p = buf; const unsigned char * const end = buf + len; @@ -5599,38 +5506,38 @@ static int ssl_session_load( mbedtls_ssl_session *session, #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( !omit_header ) - { + if (!omit_header) { /* * Check version identifier */ - if( (size_t)( end - p ) < sizeof( ssl_serialized_session_header ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl_serialized_session_header)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( memcmp( p, ssl_serialized_session_header, - sizeof( ssl_serialized_session_header ) ) != 0 ) - { - return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + if (memcmp(p, ssl_serialized_session_header, + sizeof(ssl_serialized_session_header)) != 0) { + return MBEDTLS_ERR_SSL_VERSION_MISMATCH; } - p += sizeof( ssl_serialized_session_header ); + p += sizeof(ssl_serialized_session_header); } /* * Time */ #if defined(MBEDTLS_HAVE_TIME) - if( 8 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - start = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + if (8 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + start = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; session->start = (time_t) start; @@ -5639,25 +5546,26 @@ static int ssl_session_load( mbedtls_ssl_session *session, /* * Basic mandatory fields */ - if( 2 + 1 + 1 + 32 + 48 + 4 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (2 + 1 + 1 + 32 + 48 + 4 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ciphersuite = ( p[0] << 8 ) | p[1]; + session->ciphersuite = (p[0] << 8) | p[1]; p += 2; session->compression = *p++; session->id_len = *p++; - memcpy( session->id, p, 32 ); + memcpy(session->id, p, 32); p += 32; - memcpy( session->master, p, 48 ); + memcpy(session->master, p, 48); p += 48; - session->verify_result = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + session->verify_result = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; /* Immediately clear invalid pointer values that have been read, in case @@ -5679,64 +5587,69 @@ static int ssl_session_load( mbedtls_ssl_session *session, #if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* Deserialize CRT from the end of the ticket. */ - if( 3 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (3 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + cert_len = (p[0] << 16) | (p[1] << 8) | p[2]; p += 3; - if( cert_len != 0 ) - { + if (cert_len != 0) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( cert_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (cert_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + session->peer_cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); - if( session->peer_cert == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + if (session->peer_cert == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - mbedtls_x509_crt_init( session->peer_cert ); + mbedtls_x509_crt_init(session->peer_cert); - if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, - p, cert_len ) ) != 0 ) - { - mbedtls_x509_crt_free( session->peer_cert ); - mbedtls_free( session->peer_cert ); + if ((ret = mbedtls_x509_crt_parse_der(session->peer_cert, + p, cert_len)) != 0) { + mbedtls_x509_crt_free(session->peer_cert); + mbedtls_free(session->peer_cert); session->peer_cert = NULL; - return( ret ); + return ret; } p += cert_len; } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Deserialize CRT digest from the end of the ticket. */ - if( 2 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (2 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->peer_cert_digest_type = (mbedtls_md_type_t) *p++; session->peer_cert_digest_len = (size_t) *p++; - if( session->peer_cert_digest_len != 0 ) - { + if (session->peer_cert_digest_len != 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( session->peer_cert_digest_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( session->peer_cert_digest_len != mbedtls_md_get_size( md_info ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + mbedtls_md_info_from_type(session->peer_cert_digest_type); + if (md_info == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + if (session->peer_cert_digest_len != mbedtls_md_get_size(md_info)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( session->peer_cert_digest_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (session->peer_cert_digest_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->peer_cert_digest = - mbedtls_calloc( 1, session->peer_cert_digest_len ); - if( session->peer_cert_digest == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + mbedtls_calloc(1, session->peer_cert_digest_len); + if (session->peer_cert_digest == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( session->peer_cert_digest, p, - session->peer_cert_digest_len ); + memcpy(session->peer_cert_digest, p, + session->peer_cert_digest_len); p += session->peer_cert_digest_len; } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ @@ -5746,32 +5659,35 @@ static int ssl_session_load( mbedtls_ssl_session *session, * Session ticket and associated data */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( 3 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (3 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; + session->ticket_len = (p[0] << 16) | (p[1] << 8) | p[2]; p += 3; - if( session->ticket_len != 0 ) - { - if( session->ticket_len > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (session->ticket_len != 0) { + if (session->ticket_len > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket = mbedtls_calloc( 1, session->ticket_len ); - if( session->ticket == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + session->ticket = mbedtls_calloc(1, session->ticket_len); + if (session->ticket == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } - memcpy( session->ticket, p, session->ticket_len ); + memcpy(session->ticket, p, session->ticket_len); p += session->ticket_len; } - if( 4 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (4 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session->ticket_lifetime = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + session->ticket_lifetime = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -5779,106 +5695,114 @@ static int ssl_session_load( mbedtls_ssl_session *session, * Misc extension-related info */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->mfl_code = *p++; #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->trunc_hmac = *p++; #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( 1 > (size_t)( end - p ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (1 > (size_t) (end - p)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } session->encrypt_then_mac = *p++; #endif /* Done, should have consumed entire buffer */ - if( p != end ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (p != end) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Deserialize session: public wrapper for error cleaning */ -int mbedtls_ssl_session_load( mbedtls_ssl_session *session, - const unsigned char *buf, - size_t len ) +int mbedtls_ssl_session_load(mbedtls_ssl_session *session, + const unsigned char *buf, + size_t len) { - int ret = ssl_session_load( session, 0, buf, len ); + int ret = ssl_session_load(session, 0, buf, len); - if( ret != 0 ) - mbedtls_ssl_session_free( session ); + if (ret != 0) { + mbedtls_ssl_session_free(session); + } - return( ret ); + return ret; } /* * Perform a single step of the SSL handshake */ -int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - ret = mbedtls_ssl_handshake_client_step( ssl ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { + ret = mbedtls_ssl_handshake_client_step(ssl); + } #endif #if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - ret = mbedtls_ssl_handshake_server_step( ssl ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + ret = mbedtls_ssl_handshake_server_step(ssl); + } #endif - return( ret ); + return ret; } /* * Perform the SSL handshake */ -int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl) { int ret = 0; /* Sanity checks */ - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use " - "mbedtls_ssl_set_timer_cb() for DTLS" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + (ssl->f_set_timer == NULL || ssl->f_get_timer == NULL)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("You must use " + "mbedtls_ssl_set_timer_cb() for DTLS")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> handshake")); /* Main handshake loop */ - while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake_step( ssl ); + while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake_step(ssl); - if( ret != 0 ) + if (ret != 0) { break; + } } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= handshake")); - return( ret ); + return ret; } #if defined(MBEDTLS_SSL_RENEGOTIATION) @@ -5886,25 +5810,25 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ) /* * Write HelloRequest to request renegotiation on server */ -static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_write_hello_request(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write hello request")); ssl->out_msglen = 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; - if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); - return( ret ); + if ((ret = mbedtls_ssl_write_handshake_msg(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_handshake_msg", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write hello request")); - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_SRV_C */ @@ -5917,67 +5841,69 @@ static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) * If the handshake doesn't complete due to waiting for I/O, it will continue * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively. */ -int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> renegotiate")); - if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); + if ((ret = ssl_handshake_init(ssl)) != 0) { + return ret; + } /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and * the ServerHello will have message_seq = 1" */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ) - { - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING) { + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { ssl->handshake->out_msg_seq = 1; - else + } else { ssl->handshake->in_msg_seq = 1; + } } #endif ssl->state = MBEDTLS_SSL_HELLO_REQUEST; ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS; - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= renegotiate")); - return( 0 ); + return 0; } /* * Renegotiate current connection on client, * or request renegotiation on server */ -int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - if( ssl == NULL || ssl->conf == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl == NULL || ssl->conf == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } #if defined(MBEDTLS_SSL_SRV_C) /* On server, just send the request */ - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING; /* Did we already try/start sending HelloRequest? */ - if( ssl->out_left != 0 ) - return( mbedtls_ssl_flush_output( ssl ) ); + if (ssl->out_left != 0) { + return mbedtls_ssl_flush_output(ssl); + } - return( ssl_write_hello_request( ssl ) ); + return ssl_write_hello_request(ssl); } #endif /* MBEDTLS_SSL_SRV_C */ @@ -5986,92 +5912,87 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ) * On client, either start the renegotiation process or, * if already in progress, continue the handshake */ - if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ) - { - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_start_renegotiation", ret ); - return( ret ); + if ((ret = mbedtls_ssl_start_renegotiation(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_start_renegotiation", ret); + return ret; } - } - else - { - if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret ); - return( ret ); + } else { + if ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret); + return ret; } } #endif /* MBEDTLS_SSL_CLI_C */ - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) +static void ssl_key_cert_free(mbedtls_ssl_key_cert *key_cert) { mbedtls_ssl_key_cert *cur = key_cert, *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; - if( handshake == NULL ) + if (handshake == NULL) { return; + } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0 ) - { - ssl->conf->f_async_cancel( ssl ); + if (ssl->conf->f_async_cancel != NULL && handshake->async_in_progress != 0) { + ssl->conf->f_async_cancel(ssl); handshake->async_in_progress = 0; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_free( &handshake->fin_md5 ); - mbedtls_sha1_free( &handshake->fin_sha1 ); + mbedtls_md5_free(&handshake->fin_md5); + mbedtls_sha1_free(&handshake->fin_sha1); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha256_psa ); + psa_hash_abort(&handshake->fin_sha256_psa); #else - mbedtls_sha256_free( &handshake->fin_sha256 ); + mbedtls_sha256_free(&handshake->fin_sha256); #endif #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort( &handshake->fin_sha384_psa ); + psa_hash_abort(&handshake->fin_sha384_psa); #else - mbedtls_sha512_free( &handshake->fin_sha512 ); + mbedtls_sha512_free(&handshake->fin_sha512); #endif #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_DHM_C) - mbedtls_dhm_free( &handshake->dhm_ctx ); + mbedtls_dhm_free(&handshake->dhm_ctx); #endif #if defined(MBEDTLS_ECDH_C) - mbedtls_ecdh_free( &handshake->ecdh_ctx ); + mbedtls_ecdh_free(&handshake->ecdh_ctx); #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecjpake_free( &handshake->ecjpake_ctx ); + mbedtls_ecjpake_free(&handshake->ecjpake_ctx); #if defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( handshake->ecjpake_cache ); + mbedtls_free(handshake->ecjpake_cache); handshake->ecjpake_cache = NULL; handshake->ecjpake_cache_len = 0; #endif @@ -6080,14 +6001,13 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) /* explicit void pointer cast for buggy MS compiler */ - mbedtls_free( (void *) handshake->curves ); + mbedtls_free((void *) handshake->curves); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( handshake->psk != NULL ) - { - mbedtls_platform_zeroize( handshake->psk, handshake->psk_len ); - mbedtls_free( handshake->psk ); + if (handshake->psk != NULL) { + mbedtls_platform_zeroize(handshake->psk, handshake->psk_len); + mbedtls_free(handshake->psk); } #endif @@ -6097,71 +6017,69 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) * Free only the linked list wrapper, not the keys themselves * since the belong to the SNI callback */ - if( handshake->sni_key_cert != NULL ) - { + if (handshake->sni_key_cert != NULL) { mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next; - while( cur != NULL ) - { + while (cur != NULL) { next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) - mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); - if( handshake->ecrs_peer_cert != NULL ) - { - mbedtls_x509_crt_free( handshake->ecrs_peer_cert ); - mbedtls_free( handshake->ecrs_peer_cert ); + mbedtls_x509_crt_restart_free(&handshake->ecrs_ctx); + if (handshake->ecrs_peer_cert != NULL) { + mbedtls_x509_crt_free(handshake->ecrs_peer_cert); + mbedtls_free(handshake->ecrs_peer_cert); } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_pk_free( &handshake->peer_pubkey ); + mbedtls_pk_free(&handshake->peer_pubkey); #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - mbedtls_free( handshake->verify_cookie ); - mbedtls_ssl_flight_free( handshake->flight ); - mbedtls_ssl_buffering_free( ssl ); + mbedtls_free(handshake->verify_cookie); + mbedtls_ssl_flight_free(handshake->flight); + mbedtls_ssl_buffering_free(ssl); #endif #if defined(MBEDTLS_ECDH_C) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( handshake->ecdh_psa_privkey ); + psa_destroy_key(handshake->ecdh_psa_privkey); #endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_platform_zeroize( handshake, - sizeof( mbedtls_ssl_handshake_params ) ); + mbedtls_platform_zeroize(handshake, + sizeof(mbedtls_ssl_handshake_params)); #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) /* If the buffers are too big - reallocate. Because of the way Mbed TLS * processes datagrams and the fact that a datagram is allowed to have * several records in it, it is possible that the I/O buffers are not * empty at this stage */ - handle_buffer_resizing( ssl, 1, mbedtls_ssl_get_input_buflen( ssl ), - mbedtls_ssl_get_output_buflen( ssl ) ); + handle_buffer_resizing(ssl, 1, mbedtls_ssl_get_input_buflen(ssl), + mbedtls_ssl_get_output_buflen(ssl)); #endif } -void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) +void mbedtls_ssl_session_free(mbedtls_ssl_session *session) { - if( session == NULL ) + if (session == NULL) { return; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_clear_peer_cert( session ); + ssl_clear_peer_cert(session); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - mbedtls_free( session->ticket ); + mbedtls_free(session->ticket); #endif - mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) ); + mbedtls_platform_zeroize(session, sizeof(mbedtls_ssl_session)); } #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) @@ -6196,22 +6114,25 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) #define SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT 3 #define SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG \ - ( (uint32_t) ( \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY << SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT ) | \ - ( SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT ) | \ - 0u ) ) + ((uint32_t) ( \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY << \ + SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT) | \ + (SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \ + 0u)) static unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, - MBEDTLS_BYTE_1( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_SESSION_CONFIG_BITFLAG ), - MBEDTLS_BYTE_2( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_BYTE_1( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), - MBEDTLS_BYTE_0( SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG ), + MBEDTLS_BYTE_1(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_SESSION_CONFIG_BITFLAG), + MBEDTLS_BYTE_2(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), + MBEDTLS_BYTE_1(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), + MBEDTLS_BYTE_0(SSL_SERIALIZED_CONTEXT_CONFIG_BITFLAG), }; /* @@ -6252,10 +6173,10 @@ static unsigned char ssl_serialized_context_header[] = { * 4. value was temporary (eg content of input buffer) * 5. value will be provided by the user again (eg I/O callbacks and context) */ -int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, - unsigned char *buf, - size_t buf_len, - size_t *olen ) +int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t buf_len, + size_t *olen) { unsigned char *p = buf; size_t used = 0; @@ -6271,94 +6192,84 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, * (only DTLS) but are currently used to simplify the implementation. */ /* The initial handshake must be over */ - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Initial handshake isn't over")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->handshake != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Handshake isn't completed" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->handshake != NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Handshake isn't completed")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Double-check that sub-structures are indeed ready */ - if( ssl->transform == NULL || ssl->session == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Serialised structures aren't ready" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->transform == NULL || ssl->session == NULL) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Serialised structures aren't ready")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* There must be no pending incoming or outgoing data */ - if( mbedtls_ssl_check_pending( ssl ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending incoming data" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_ssl_check_pending(ssl) != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending incoming data")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->out_left != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "There is pending outgoing data" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->out_left != 0) { + MBEDTLS_SSL_DEBUG_MSG(1, ("There is pending outgoing data")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - /* Protocol must be DLTS, not TLS */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only DTLS is supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + /* Protocol must be DTLS, not TLS */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only DTLS is supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Version must be 1.2 */ - if( ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only version 1.2 supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only version 1.2 supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* We must be using an AEAD ciphersuite */ - if( mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Only AEAD ciphersuites supported" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (mbedtls_ssl_transform_uses_aead(ssl->transform) != 1) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Only AEAD ciphersuites supported")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* Renegotiation must not be enabled */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Renegotiation must not be enabled" ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Renegotiation must not be enabled")); + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #endif /* * Version and format identifier */ - used += sizeof( ssl_serialized_context_header ); + used += sizeof(ssl_serialized_context_header); - if( used <= buf_len ) - { - memcpy( p, ssl_serialized_context_header, - sizeof( ssl_serialized_context_header ) ); - p += sizeof( ssl_serialized_context_header ); + if (used <= buf_len) { + memcpy(p, ssl_serialized_context_header, + sizeof(ssl_serialized_context_header)); + p += sizeof(ssl_serialized_context_header); } /* * Session (length + data) */ - ret = ssl_session_save( ssl->session, 1, NULL, 0, &session_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - return( ret ); + ret = ssl_session_save(ssl->session, 1, NULL, 0, &session_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + return ret; + } used += 4 + session_len; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT32_BE( session_len, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT32_BE(session_len, p, 0); p += 4; - ret = ssl_session_save( ssl->session, 1, - p, session_len, &session_len ); - if( ret != 0 ) - return( ret ); + ret = ssl_session_save(ssl->session, 1, + p, session_len, &session_len); + if (ret != 0) { + return ret; + } p += session_len; } @@ -6366,24 +6277,22 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, /* * Transform */ - used += sizeof( ssl->transform->randbytes ); - if( used <= buf_len ) - { - memcpy( p, ssl->transform->randbytes, - sizeof( ssl->transform->randbytes ) ); - p += sizeof( ssl->transform->randbytes ); + used += sizeof(ssl->transform->randbytes); + if (used <= buf_len) { + memcpy(p, ssl->transform->randbytes, + sizeof(ssl->transform->randbytes)); + p += sizeof(ssl->transform->randbytes); } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = ssl->transform->in_cid_len; - memcpy( p, ssl->transform->in_cid, ssl->transform->in_cid_len ); + memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); p += ssl->transform->in_cid_len; *p++ = ssl->transform->out_cid_len; - memcpy( p, ssl->transform->out_cid, ssl->transform->out_cid_len ); + memcpy(p, ssl->transform->out_cid, ssl->transform->out_cid_len); p += ssl->transform->out_cid_len; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -6393,45 +6302,40 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) used += 4; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT32_BE( ssl->badmac_seen, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT32_BE(ssl->badmac_seen, p, 0); p += 4; } #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT64_BE( ssl->in_window_top, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT64_BE(ssl->in_window_top, p, 0); p += 8; - MBEDTLS_PUT_UINT64_BE( ssl->in_window, p, 0 ); + MBEDTLS_PUT_UINT64_BE(ssl->in_window, p, 0); p += 8; } #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_PROTO_DTLS) used += 1; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = ssl->disable_datagram_packing; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ used += 8; - if( used <= buf_len ) - { - memcpy( p, ssl->cur_out_ctr, 8 ); + if (used <= buf_len) { + memcpy(p, ssl->cur_out_ctr, 8); p += 8; } #if defined(MBEDTLS_SSL_PROTO_DTLS) used += 2; - if( used <= buf_len ) - { - MBEDTLS_PUT_UINT16_BE( ssl->mtu, p, 0 ); + if (used <= buf_len) { + MBEDTLS_PUT_UINT16_BE(ssl->mtu, p, 0); p += 2; } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -6439,17 +6343,15 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_ALPN) { const uint8_t alpn_len = ssl->alpn_chosen - ? (uint8_t) strlen( ssl->alpn_chosen ) + ? (uint8_t) strlen(ssl->alpn_chosen) : 0; used += 1 + alpn_len; - if( used <= buf_len ) - { + if (used <= buf_len) { *p++ = alpn_len; - if( ssl->alpn_chosen != NULL ) - { - memcpy( p, ssl->alpn_chosen, alpn_len ); + if (ssl->alpn_chosen != NULL) { + memcpy(p, ssl->alpn_chosen, alpn_len); p += alpn_len; } } @@ -6461,50 +6363,72 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, */ *olen = used; - if( used > buf_len ) - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + if (used > buf_len) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } - MBEDTLS_SSL_DEBUG_BUF( 4, "saved context", buf, used ); + MBEDTLS_SSL_DEBUG_BUF(4, "saved context", buf, used); - return( mbedtls_ssl_session_reset_int( ssl, 0 ) ); + return mbedtls_ssl_session_reset_int(ssl, 0); } /* * Helper to get TLS 1.2 PRF from ciphersuite * (Duplicates bits of logic from ssl_set_handshake_prfs().) */ -typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ); -static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id ) +#if defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384)) +typedef int (*tls_prf_fn)(const unsigned char *secret, size_t slen, + const char *label, + const unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen); +static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id) { -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); + mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) - return( tls_prf_sha384 ); -#else - (void) ciphersuite_id; + if (ciphersuite_info == NULL) { + return NULL; + } + +#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { + return tls_prf_sha384; + } else +#endif +#if defined(MBEDTLS_SHA256_C) + { + if (ciphersuite_info->mac == MBEDTLS_MD_SHA256) { + return tls_prf_sha256; + } + } #endif - return( tls_prf_sha256 ); +#if !defined(MBEDTLS_SHA256_C) && \ + (!defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA512_NO_SHA384)) + (void) ciphersuite_info; +#endif + return NULL; } +#endif /* MBEDTLS_SHA256_C || + (MBEDTLS_SHA512_C && !MBEDTLS_SHA512_NO_SHA384) */ + /* * Deserialize context, see mbedtls_ssl_context_save() for format. * * This internal version is wrapped by a public function that cleans up in * case of error. */ -static int ssl_context_load( mbedtls_ssl_context *ssl, - const unsigned char *buf, - size_t len ) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_context_load(mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len) { const unsigned char *p = buf; const unsigned char * const end = buf + len; size_t session_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + tls_prf_fn prf_func = NULL; /* * The context should have been freshly setup or reset. @@ -6512,17 +6436,16 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * (Checking session is useful because it won't be NULL if we're * renegotiating, or if the user mistakenly loaded a session first.) */ - if( ssl->state != MBEDTLS_SSL_HELLO_REQUEST || - ssl->session != NULL ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (ssl->state != MBEDTLS_SSL_HELLO_REQUEST || + ssl->session != NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } /* * We can't check that the config matches the initial one, but we can at * least check it matches the requirements for serializing. */ - if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || ssl->conf->max_major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || ssl->conf->min_major_ver > MBEDTLS_SSL_MAJOR_VERSION_3 || ssl->conf->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 || @@ -6530,36 +6453,36 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || #endif - 0 ) - { - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + 0) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - MBEDTLS_SSL_DEBUG_BUF( 4, "context to load", buf, len ); + MBEDTLS_SSL_DEBUG_BUF(4, "context to load", buf, len); /* * Check version identifier */ - if( (size_t)( end - p ) < sizeof( ssl_serialized_context_header ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl_serialized_context_header)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - if( memcmp( p, ssl_serialized_context_header, - sizeof( ssl_serialized_context_header ) ) != 0 ) - { - return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + if (memcmp(p, ssl_serialized_context_header, + sizeof(ssl_serialized_context_header)) != 0) { + return MBEDTLS_ERR_SSL_VERSION_MISMATCH; } - p += sizeof( ssl_serialized_context_header ); + p += sizeof(ssl_serialized_context_header); /* * Session */ - if( (size_t)( end - p ) < 4 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 4) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - session_len = ( (size_t) p[0] << 24 ) | - ( (size_t) p[1] << 16 ) | - ( (size_t) p[2] << 8 ) | - ( (size_t) p[3] ); + session_len = ((size_t) p[0] << 24) | + ((size_t) p[1] << 16) | + ((size_t) p[2] << 8) | + ((size_t) p[3]); p += 4; /* This has been allocated by ssl_handshake_init(), called by @@ -6569,14 +6492,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ssl->session_out = ssl->session; ssl->session_negotiate = NULL; - if( (size_t)( end - p ) < session_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < session_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ret = ssl_session_load( ssl->session, 1, p, session_len ); - if( ret != 0 ) - { - mbedtls_ssl_session_free( ssl->session ); - return( ret ); + ret = ssl_session_load(ssl->session, 1, p, session_len); + if (ret != 0) { + mbedtls_ssl_session_free(ssl->session); + return ret; } p += session_len; @@ -6592,53 +6515,63 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ssl->transform_out = ssl->transform; ssl->transform_negotiate = NULL; + prf_func = ssl_tls12prf_from_cs(ssl->session->ciphersuite); + if (prf_func == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + /* Read random bytes and populate structure */ - if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < sizeof(ssl->transform->randbytes)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ret = ssl_populate_transform( ssl->transform, - ssl->session->ciphersuite, - ssl->session->master, + ret = ssl_populate_transform(ssl->transform, + ssl->session->ciphersuite, + ssl->session->master, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session->encrypt_then_mac, + ssl->session->encrypt_then_mac, #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session->trunc_hmac, + ssl->session->trunc_hmac, #endif #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - ssl->session->compression, + ssl->session->compression, #endif - ssl_tls12prf_from_cs( ssl->session->ciphersuite ), - p, /* currently pointing to randbytes */ - MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ - ssl->conf->endpoint, - ssl ); - if( ret != 0 ) - return( ret ); + prf_func, + p, /* currently pointing to randbytes */ + MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ + ssl->conf->endpoint, + ssl); + if (ret != 0) { + return ret; + } - p += sizeof( ssl->transform->randbytes ); + p += sizeof(ssl->transform->randbytes); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) /* Read connection IDs and store them */ - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->transform->in_cid_len = *p++; - if( (size_t)( end - p ) < ssl->transform->in_cid_len + 1u ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < ssl->transform->in_cid_len + 1u) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->transform->in_cid, p, ssl->transform->in_cid_len ); + memcpy(ssl->transform->in_cid, p, ssl->transform->in_cid_len); p += ssl->transform->in_cid_len; ssl->transform->out_cid_len = *p++; - if( (size_t)( end - p ) < ssl->transform->out_cid_len ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < ssl->transform->out_cid_len) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->transform->out_cid, p, ssl->transform->out_cid_len ); + memcpy(ssl->transform->out_cid, p, ssl->transform->out_cid_len); p += ssl->transform->out_cid_len; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -6646,59 +6579,64 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * Saved fields from top-level ssl_context structure */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( (size_t)( end - p ) < 4 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 4) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl->badmac_seen = ( (uint32_t) p[0] << 24 ) | - ( (uint32_t) p[1] << 16 ) | - ( (uint32_t) p[2] << 8 ) | - ( (uint32_t) p[3] ); + ssl->badmac_seen = ((uint32_t) p[0] << 24) | + ((uint32_t) p[1] << 16) | + ((uint32_t) p[2] << 8) | + ((uint32_t) p[3]); p += 4; #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( (size_t)( end - p ) < 16 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - ssl->in_window_top = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + if ((size_t) (end - p) < 16) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + ssl->in_window_top = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; - ssl->in_window = ( (uint64_t) p[0] << 56 ) | - ( (uint64_t) p[1] << 48 ) | - ( (uint64_t) p[2] << 40 ) | - ( (uint64_t) p[3] << 32 ) | - ( (uint64_t) p[4] << 24 ) | - ( (uint64_t) p[5] << 16 ) | - ( (uint64_t) p[6] << 8 ) | - ( (uint64_t) p[7] ); + ssl->in_window = ((uint64_t) p[0] << 56) | + ((uint64_t) p[1] << 48) | + ((uint64_t) p[2] << 40) | + ((uint64_t) p[3] << 32) | + ((uint64_t) p[4] << 24) | + ((uint64_t) p[5] << 16) | + ((uint64_t) p[6] << 8) | + ((uint64_t) p[7]); p += 8; #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } ssl->disable_datagram_packing = *p++; #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( (size_t)( end - p ) < 8 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 8) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - memcpy( ssl->cur_out_ctr, p, 8 ); + memcpy(ssl->cur_out_ctr, p, 8); p += 8; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( (size_t)( end - p ) < 2 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl->mtu = ( p[0] << 8 ) | p[1]; + ssl->mtu = (p[0] << 8) | p[1]; p += 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -6707,19 +6645,17 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, uint8_t alpn_len; const char **cur; - if( (size_t)( end - p ) < 1 ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if ((size_t) (end - p) < 1) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } alpn_len = *p++; - if( alpn_len != 0 && ssl->conf->alpn_list != NULL ) - { + if (alpn_len != 0 && ssl->conf->alpn_list != NULL) { /* alpn_chosen should point to an item in the configured list */ - for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ ) - { - if( strlen( *cur ) == alpn_len && - memcmp( p, cur, alpn_len ) == 0 ) - { + for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { + if (strlen(*cur) == alpn_len && + memcmp(p, cur, alpn_len) == 0) { ssl->alpn_chosen = *cur; break; } @@ -6727,8 +6663,9 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, } /* can only happen on conf mismatch */ - if( alpn_len != 0 && ssl->alpn_chosen == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (alpn_len != 0 && ssl->alpn_chosen == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } p += alpn_len; } @@ -6747,7 +6684,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, /* Adjust pointers for header fields of outgoing records to * the given transform, accounting for explicit IV and CID. */ - mbedtls_ssl_update_out_pointers( ssl, ssl->transform ); + mbedtls_ssl_update_out_pointers(ssl, ssl->transform); #if defined(MBEDTLS_SSL_PROTO_DTLS) ssl->in_epoch = 1; @@ -6757,137 +6694,131 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, * which we don't want - otherwise we'd end up freeing the wrong transform * by calling mbedtls_ssl_handshake_wrapup_free_hs_transform() * inappropriately. */ - if( ssl->handshake != NULL ) - { - mbedtls_ssl_handshake_free( ssl ); - mbedtls_free( ssl->handshake ); + if (ssl->handshake != NULL) { + mbedtls_ssl_handshake_free(ssl); + mbedtls_free(ssl->handshake); ssl->handshake = NULL; } /* * Done - should have consumed entire buffer */ - if( p != end ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (p != end) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } /* * Deserialize context: public wrapper for error cleaning */ -int mbedtls_ssl_context_load( mbedtls_ssl_context *context, - const unsigned char *buf, - size_t len ) +int mbedtls_ssl_context_load(mbedtls_ssl_context *context, + const unsigned char *buf, + size_t len) { - int ret = ssl_context_load( context, buf, len ); + int ret = ssl_context_load(context, buf, len); - if( ret != 0 ) - mbedtls_ssl_free( context ); + if (ret != 0) { + mbedtls_ssl_free(context); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * Free an SSL context */ -void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) +void mbedtls_ssl_free(mbedtls_ssl_context *ssl) { - if( ssl == NULL ) + if (ssl == NULL) { return; + } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> free")); - if( ssl->out_buf != NULL ) - { + if (ssl->out_buf != NULL) { #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t out_buf_len = ssl->out_buf_len; #else size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - mbedtls_platform_zeroize( ssl->out_buf, out_buf_len ); - mbedtls_free( ssl->out_buf ); + mbedtls_platform_zeroize(ssl->out_buf, out_buf_len); + mbedtls_free(ssl->out_buf); ssl->out_buf = NULL; } - if( ssl->in_buf != NULL ) - { + if (ssl->in_buf != NULL) { #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) size_t in_buf_len = ssl->in_buf_len; #else size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - mbedtls_platform_zeroize( ssl->in_buf, in_buf_len ); - mbedtls_free( ssl->in_buf ); + mbedtls_platform_zeroize(ssl->in_buf, in_buf_len); + mbedtls_free(ssl->in_buf); ssl->in_buf = NULL; } #if defined(MBEDTLS_ZLIB_SUPPORT) - if( ssl->compress_buf != NULL ) - { - mbedtls_platform_zeroize( ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN ); - mbedtls_free( ssl->compress_buf ); + if (ssl->compress_buf != NULL) { + mbedtls_platform_zeroize(ssl->compress_buf, MBEDTLS_SSL_COMPRESS_BUFFER_LEN); + mbedtls_free(ssl->compress_buf); } #endif - if( ssl->transform ) - { - mbedtls_ssl_transform_free( ssl->transform ); - mbedtls_free( ssl->transform ); + if (ssl->transform) { + mbedtls_ssl_transform_free(ssl->transform); + mbedtls_free(ssl->transform); } - if( ssl->handshake ) - { - mbedtls_ssl_handshake_free( ssl ); - mbedtls_ssl_transform_free( ssl->transform_negotiate ); - mbedtls_ssl_session_free( ssl->session_negotiate ); + if (ssl->handshake) { + mbedtls_ssl_handshake_free(ssl); + mbedtls_ssl_transform_free(ssl->transform_negotiate); + mbedtls_ssl_session_free(ssl->session_negotiate); - mbedtls_free( ssl->handshake ); - mbedtls_free( ssl->transform_negotiate ); - mbedtls_free( ssl->session_negotiate ); + mbedtls_free(ssl->handshake); + mbedtls_free(ssl->transform_negotiate); + mbedtls_free(ssl->session_negotiate); } - if( ssl->session ) - { - mbedtls_ssl_session_free( ssl->session ); - mbedtls_free( ssl->session ); + if (ssl->session) { + mbedtls_ssl_session_free(ssl->session); + mbedtls_free(ssl->session); } #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ssl->hostname != NULL ) - { - mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) ); - mbedtls_free( ssl->hostname ); + if (ssl->hostname != NULL) { + mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); + mbedtls_free(ssl->hostname); } #endif #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) - if( mbedtls_ssl_hw_record_finish != NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) ); - mbedtls_ssl_hw_record_finish( ssl ); + if (mbedtls_ssl_hw_record_finish != NULL) { + MBEDTLS_SSL_DEBUG_MSG(2, ("going for mbedtls_ssl_hw_record_finish()")); + mbedtls_ssl_hw_record_finish(ssl); } #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) - mbedtls_free( ssl->cli_id ); + mbedtls_free(ssl->cli_id); #endif - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) ); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= free")); /* Actually clear after last debug message */ - mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) ); + mbedtls_platform_zeroize(ssl, sizeof(mbedtls_ssl_context)); } /* - * Initialze mbedtls_ssl_config + * Initialize mbedtls_ssl_config */ -void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) +void mbedtls_ssl_config_init(mbedtls_ssl_config *conf) { - memset( conf, 0, sizeof( mbedtls_ssl_config ) ); + memset(conf, 0, sizeof(mbedtls_ssl_config)); } #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) @@ -6938,8 +6869,8 @@ static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = { /* * Load default in mbedtls_ssl_config */ -int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, - int endpoint, int transport, int preset ) +int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, + int endpoint, int transport, int preset) { #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -6947,15 +6878,14 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, /* Use the functions here so that they are covered in tests, * but otherwise access member directly for efficiency */ - mbedtls_ssl_conf_endpoint( conf, endpoint ); - mbedtls_ssl_conf_transport( conf, transport ); + mbedtls_ssl_conf_endpoint(conf, endpoint); + mbedtls_ssl_conf_transport(conf, transport); /* * Things that are common to all presets */ #if defined(MBEDTLS_SSL_CLI_C) - if( endpoint == MBEDTLS_SSL_IS_CLIENT ) - { + if (endpoint == MBEDTLS_SSL_IS_CLIENT) { conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED; #if defined(MBEDTLS_SSL_SESSION_TICKETS) conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED; @@ -6999,32 +6929,29 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_RENEGOTIATION) conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( conf->renego_period, 0x00, 2 ); - memset( conf->renego_period + 2, 0xFF, 6 ); + memset(conf->renego_period, 0x00, 2); + memset(conf->renego_period + 2, 0xFF, 6); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint == MBEDTLS_SSL_IS_SERVER ) - { - const unsigned char dhm_p[] = - MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; - const unsigned char dhm_g[] = - MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; - - if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf, - dhm_p, sizeof( dhm_p ), - dhm_g, sizeof( dhm_g ) ) ) != 0 ) - { - return( ret ); - } - } + if (endpoint == MBEDTLS_SSL_IS_SERVER) { + const unsigned char dhm_p[] = + MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; + const unsigned char dhm_g[] = + MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN; + + if ((ret = mbedtls_ssl_conf_dh_param_bin(conf, + dhm_p, sizeof(dhm_p), + dhm_g, sizeof(dhm_g))) != 0) { + return ret; + } + } #endif /* * Preset-specific defaults */ - switch( preset ) - { + switch (preset) { /* * NSA Suite B */ @@ -7035,10 +6962,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - ssl_preset_suiteb_ciphersuites; + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + ssl_preset_suiteb_ciphersuites; #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; @@ -7057,27 +6984,28 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, * Default */ default: - conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ? - MBEDTLS_SSL_MIN_MAJOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; - conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION > - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ? - MBEDTLS_SSL_MIN_MINOR_VERSION : - MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; + conf->min_major_ver = (MBEDTLS_SSL_MIN_MAJOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION) ? + MBEDTLS_SSL_MIN_MAJOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION; + conf->min_minor_ver = (MBEDTLS_SSL_MIN_MINOR_VERSION > + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION) ? + MBEDTLS_SSL_MIN_MINOR_VERSION : + MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; + } #endif conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = - conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = - mbedtls_ssl_list_ciphersuites(); + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = + conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = + mbedtls_ssl_list_ciphersuites(); #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_default; @@ -7096,89 +7024,88 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #endif } - return( 0 ); + return 0; } /* * Free mbedtls_ssl_config */ -void mbedtls_ssl_config_free( mbedtls_ssl_config *conf ) +void mbedtls_ssl_config_free(mbedtls_ssl_config *conf) { #if defined(MBEDTLS_DHM_C) - mbedtls_mpi_free( &conf->dhm_P ); - mbedtls_mpi_free( &conf->dhm_G ); + mbedtls_mpi_free(&conf->dhm_P); + mbedtls_mpi_free(&conf->dhm_G); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( conf->psk != NULL ) - { - mbedtls_platform_zeroize( conf->psk, conf->psk_len ); - mbedtls_free( conf->psk ); + if (conf->psk != NULL) { + mbedtls_platform_zeroize(conf->psk, conf->psk_len); + mbedtls_free(conf->psk); conf->psk = NULL; conf->psk_len = 0; } - if( conf->psk_identity != NULL ) - { - mbedtls_platform_zeroize( conf->psk_identity, conf->psk_identity_len ); - mbedtls_free( conf->psk_identity ); + if (conf->psk_identity != NULL) { + mbedtls_platform_zeroize(conf->psk_identity, conf->psk_identity_len); + mbedtls_free(conf->psk_identity); conf->psk_identity = NULL; conf->psk_identity_len = 0; } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) - ssl_key_cert_free( conf->key_cert ); + ssl_key_cert_free(conf->key_cert); #endif - mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) ); + mbedtls_platform_zeroize(conf, sizeof(mbedtls_ssl_config)); } #if defined(MBEDTLS_PK_C) && \ - ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) ) + (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)) /* * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX */ -unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk ) +unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) ) - return( MBEDTLS_SSL_SIG_RSA ); + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_RSA)) { + return MBEDTLS_SSL_SIG_RSA; + } #endif #if defined(MBEDTLS_ECDSA_C) - if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) ) - return( MBEDTLS_SSL_SIG_ECDSA ); + if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA)) { + return MBEDTLS_SSL_SIG_ECDSA; + } #endif - return( MBEDTLS_SSL_SIG_ANON ); + return MBEDTLS_SSL_SIG_ANON; } -unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type ) +unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type) { - switch( type ) { + switch (type) { case MBEDTLS_PK_RSA: - return( MBEDTLS_SSL_SIG_RSA ); + return MBEDTLS_SSL_SIG_RSA; case MBEDTLS_PK_ECDSA: case MBEDTLS_PK_ECKEY: - return( MBEDTLS_SSL_SIG_ECDSA ); + return MBEDTLS_SSL_SIG_ECDSA; default: - return( MBEDTLS_SSL_SIG_ANON ); + return MBEDTLS_SSL_SIG_ANON; } } -mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) +mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig) { - switch( sig ) - { + switch (sig) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_SSL_SIG_RSA: - return( MBEDTLS_PK_RSA ); + return MBEDTLS_PK_RSA; #endif #if defined(MBEDTLS_ECDSA_C) case MBEDTLS_SSL_SIG_ECDSA: - return( MBEDTLS_PK_ECDSA ); + return MBEDTLS_PK_ECDSA; #endif default: - return( MBEDTLS_PK_NONE ); + return MBEDTLS_PK_NONE; } } #endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ @@ -7187,35 +7114,35 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig ) defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* Find an entry in a signature-hash set matching a given hash algorithm. */ -mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg ) +mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg) { - switch( sig_alg ) - { + switch (sig_alg) { case MBEDTLS_PK_RSA: - return( set->rsa ); + return set->rsa; case MBEDTLS_PK_ECDSA: - return( set->ecdsa ); + return set->ecdsa; default: - return( MBEDTLS_MD_NONE ); + return MBEDTLS_MD_NONE; } } /* Add a signature-hash-pair to a signature-hash set */ -void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_pk_type_t sig_alg, - mbedtls_md_type_t md_alg ) +void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_pk_type_t sig_alg, + mbedtls_md_type_t md_alg) { - switch( sig_alg ) - { + switch (sig_alg) { case MBEDTLS_PK_RSA: - if( set->rsa == MBEDTLS_MD_NONE ) + if (set->rsa == MBEDTLS_MD_NONE) { set->rsa = md_alg; + } break; case MBEDTLS_PK_ECDSA: - if( set->ecdsa == MBEDTLS_MD_NONE ) + if (set->ecdsa == MBEDTLS_MD_NONE) { set->ecdsa = md_alg; + } break; default: @@ -7224,8 +7151,8 @@ void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set, } /* Allow exactly one hash algorithm for each signature. */ -void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, - mbedtls_md_type_t md_alg ) +void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set, + mbedtls_md_type_t md_alg) { set->rsa = md_alg; set->ecdsa = md_alg; @@ -7237,68 +7164,66 @@ void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set, /* * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX */ -mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) +mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash) { - switch( hash ) - { + switch (hash) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: - return( MBEDTLS_MD_MD5 ); + return MBEDTLS_MD_MD5; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_SSL_HASH_SHA1: - return( MBEDTLS_MD_SHA1 ); + return MBEDTLS_MD_SHA1; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_HASH_SHA224: - return( MBEDTLS_MD_SHA224 ); + return MBEDTLS_MD_SHA224; case MBEDTLS_SSL_HASH_SHA256: - return( MBEDTLS_MD_SHA256 ); + return MBEDTLS_MD_SHA256; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_SSL_HASH_SHA384: - return( MBEDTLS_MD_SHA384 ); + return MBEDTLS_MD_SHA384; #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_SSL_HASH_SHA512: - return( MBEDTLS_MD_SHA512 ); + return MBEDTLS_MD_SHA512; #endif default: - return( MBEDTLS_MD_NONE ); + return MBEDTLS_MD_NONE; } } /* * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX */ -unsigned char mbedtls_ssl_hash_from_md_alg( int md ) +unsigned char mbedtls_ssl_hash_from_md_alg(int md) { - switch( md ) - { + switch (md) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: - return( MBEDTLS_SSL_HASH_MD5 ); + return MBEDTLS_SSL_HASH_MD5; #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_MD_SHA1: - return( MBEDTLS_SSL_HASH_SHA1 ); + return MBEDTLS_SSL_HASH_SHA1; #endif #if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA224: - return( MBEDTLS_SSL_HASH_SHA224 ); + return MBEDTLS_SSL_HASH_SHA224; case MBEDTLS_MD_SHA256: - return( MBEDTLS_SSL_HASH_SHA256 ); + return MBEDTLS_SSL_HASH_SHA256; #endif #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) case MBEDTLS_MD_SHA384: - return( MBEDTLS_SSL_HASH_SHA384 ); + return MBEDTLS_SSL_HASH_SHA384; #endif #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: - return( MBEDTLS_SSL_HASH_SHA512 ); + return MBEDTLS_SSL_HASH_SHA512; #endif default: - return( MBEDTLS_SSL_HASH_NONE ); + return MBEDTLS_SSL_HASH_NONE; } } @@ -7307,18 +7232,34 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md ) * Check if a curve proposed by the peer is in our list. * Return 0 if we're willing to use it, -1 otherwise. */ -int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) +int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id) { const mbedtls_ecp_group_id *gid; - if( ssl->conf->curve_list == NULL ) - return( -1 ); + if (ssl->conf->curve_list == NULL) { + return -1; + } + + for (gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++) { + if (*gid == grp_id) { + return 0; + } + } - for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ ) - if( *gid == grp_id ) - return( 0 ); + return -1; +} - return( -1 ); +/* + * Same as mbedtls_ssl_check_curve() but takes a TLS ID for the curve. + */ +int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id) +{ + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_tls_id(tls_id); + if (curve_info == NULL) { + return -1; + } + return mbedtls_ssl_check_curve(ssl, curve_info->grp_id); } #endif /* MBEDTLS_ECP_C */ @@ -7327,27 +7268,30 @@ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_i * Check if a hash proposed by the peer is in our list. * Return 0 if we're willing to use it, -1 otherwise. */ -int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, - mbedtls_md_type_t md ) +int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl, + mbedtls_md_type_t md) { const int *cur; - if( ssl->conf->sig_hashes == NULL ) - return( -1 ); + if (ssl->conf->sig_hashes == NULL) { + return -1; + } - for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ ) - if( *cur == (int) md ) - return( 0 ); + for (cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++) { + if (*cur == (int) md) { + return 0; + } + } - return( -1 ); + return -1; } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_X509_CRT_PARSE_C) -int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, - int cert_endpoint, - uint32_t *flags ) +int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, + const mbedtls_ssl_ciphersuite_t *ciphersuite, + int cert_endpoint, + uint32_t *flags) { int ret = 0; #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) @@ -7366,11 +7310,9 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, #endif #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { /* Server part of the key exchange */ - switch( ciphersuite->key_exchange ) - { + switch (ciphersuite->key_exchange) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT; @@ -7395,15 +7337,12 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, case MBEDTLS_KEY_EXCHANGE_ECJPAKE: usage = 0; } - } - else - { + } else { /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */ usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; } - if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 ) - { + if (mbedtls_x509_crt_check_key_usage(cert, usage) != 0) { *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE; ret = -1; } @@ -7412,36 +7351,32 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, #endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) - { + if (cert_endpoint == MBEDTLS_SSL_IS_SERVER) { ext_oid = MBEDTLS_OID_SERVER_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH ); - } - else - { + ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH); + } else { ext_oid = MBEDTLS_OID_CLIENT_AUTH; - ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH ); + ext_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_CLIENT_AUTH); } - if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 ) - { + if (mbedtls_x509_crt_check_extended_key_usage(cert, ext_oid, ext_len) != 0) { *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE; ret = -1; } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - return( ret ); + return ret; } #endif /* MBEDTLS_X509_CRT_PARSE_C */ -int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) +int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) + if (ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3) { return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + } - switch( md ) - { + switch (md) { #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: @@ -7478,16 +7413,16 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ) +int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl, + unsigned char *output, + unsigned char *data, size_t data_len) { int ret = 0; mbedtls_md5_context mbedtls_md5; mbedtls_sha1_context mbedtls_sha1; - mbedtls_md5_init( &mbedtls_md5 ); - mbedtls_sha1_init( &mbedtls_sha1 ); + mbedtls_md5_init(&mbedtls_md5); + mbedtls_sha1_init(&mbedtls_sha1); /* * digitally-signed struct { @@ -7502,61 +7437,54 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, * SHA(ClientHello.random + ServerHello.random * + ServerParams); */ - if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret ); + if ((ret = mbedtls_md5_starts_ret(&mbedtls_md5)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_starts_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + if ((ret = mbedtls_md5_update_ret(&mbedtls_md5, + ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); + if ((ret = mbedtls_md5_update_ret(&mbedtls_md5, data, data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_update_ret", ret); goto exit; } - if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret ); + if ((ret = mbedtls_md5_finish_ret(&mbedtls_md5, output)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md5_finish_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret ); + if ((ret = mbedtls_sha1_starts_ret(&mbedtls_sha1)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_starts_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1, + ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data, - data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); + if ((ret = mbedtls_sha1_update_ret(&mbedtls_sha1, data, + data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_update_ret", ret); goto exit; } - if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1, - output + 16 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret ); + if ((ret = mbedtls_sha1_finish_ret(&mbedtls_sha1, + output + 16)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha1_finish_ret", ret); goto exit; } exit: - mbedtls_md5_free( &mbedtls_md5 ); - mbedtls_sha1_free( &mbedtls_sha1 ); + mbedtls_md5_free(&mbedtls_md5); + mbedtls_sha1_free(&mbedtls_sha1); - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + if (ret != 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + } - return( ret ); + return ret; } #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \ @@ -7566,81 +7494,75 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg) { psa_status_t status; psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( md_alg ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(md_alg); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform PSA-based computation of digest of ServerKeyExchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Perform PSA-based computation of digest of ServerKeyExchange")); - if( ( status = psa_hash_setup( &hash_operation, - hash_alg ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_setup", status ); + if ((status = psa_hash_setup(&hash_operation, + hash_alg)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_setup", status); goto exit; } - if( ( status = psa_hash_update( &hash_operation, ssl->handshake->randbytes, - 64 ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + if ((status = psa_hash_update(&hash_operation, ssl->handshake->randbytes, + 64)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status); goto exit; } - if( ( status = psa_hash_update( &hash_operation, - data, data_len ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_update", status ); + if ((status = psa_hash_update(&hash_operation, + data, data_len)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_update", status); goto exit; } - if( ( status = psa_hash_finish( &hash_operation, hash, PSA_HASH_MAX_SIZE, - hashlen ) ) != PSA_SUCCESS ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status ); - goto exit; + if ((status = psa_hash_finish(&hash_operation, hash, PSA_HASH_MAX_SIZE, + hashlen)) != PSA_SUCCESS) { + MBEDTLS_SSL_DEBUG_RET(1, "psa_hash_finish", status); + goto exit; } exit: - if( status != PSA_SUCCESS ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - switch( status ) - { + if (status != PSA_SUCCESS) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + switch (status) { case PSA_ERROR_NOT_SUPPORTED: - return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; case PSA_ERROR_BAD_STATE: /* Intentional fallthrough */ case PSA_ERROR_BUFFER_TOO_SMALL: - return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; case PSA_ERROR_INSUFFICIENT_MEMORY: - return( MBEDTLS_ERR_MD_ALLOC_FAILED ); + return MBEDTLS_ERR_MD_ALLOC_FAILED; default: - return( MBEDTLS_ERR_MD_HW_ACCEL_FAILED ); + return MBEDTLS_ERR_MD_HW_ACCEL_FAILED; } } - return( 0 ); + return 0; } #else -int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, - unsigned char *hash, size_t *hashlen, - unsigned char *data, size_t data_len, - mbedtls_md_type_t md_alg ) +int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, + unsigned char *hash, size_t *hashlen, + unsigned char *data, size_t data_len, + mbedtls_md_type_t md_alg) { int ret = 0; mbedtls_md_context_t ctx; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg ); - *hashlen = mbedtls_md_get_size( md_info ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg); + *hashlen = mbedtls_md_get_size(md_info); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "Perform mbedtls-based computation of digest of ServerKeyExchange" ) ); + MBEDTLS_SSL_DEBUG_MSG(3, ("Perform mbedtls-based computation of digest of ServerKeyExchange")); - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); /* * digitally-signed struct { @@ -7649,40 +7571,36 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, * ServerDHParams params; * }; */ - if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret ); + if ((ret = mbedtls_md_setup(&ctx, md_info, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_setup", ret); goto exit; } - if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret ); + if ((ret = mbedtls_md_starts(&ctx)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_starts", ret); goto exit; } - if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + if ((ret = mbedtls_md_update(&ctx, ssl->handshake->randbytes, 64)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret); goto exit; } - if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret ); + if ((ret = mbedtls_md_update(&ctx, data, data_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_update", ret); goto exit; } - if( ( ret = mbedtls_md_finish( &ctx, hash ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret ); + if ((ret = mbedtls_md_finish(&ctx, hash)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_finish", ret); goto exit; } exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + if (ret != 0) { + mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR); + } - return( ret ); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/third_party/mbedtls/repo/library/ssl_tls13_keys.c b/third_party/mbedtls/repo/library/ssl_tls13_keys.c index 3de6f03fb8a..ae7bf10b6f8 100644 --- a/third_party/mbedtls/repo/library/ssl_tls13_keys.c +++ b/third_party/mbedtls/repo/library/ssl_tls13_keys.c @@ -2,19 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 ( the "License" ); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -24,13 +12,17 @@ #include "mbedtls/hkdf.h" #include "mbedtls/ssl_internal.h" #include "ssl_tls13_keys.h" +#include "psa/crypto_sizes.h" #include #include -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ .name = string, +#define TLS1_3_EVOLVE_INPUT_SIZE (PSA_HASH_MAX_SIZE > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) ? \ + PSA_HASH_MAX_SIZE : PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE + struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels = { /* This seems to work in C, despite the string literal being one @@ -77,29 +69,29 @@ struct mbedtls_ssl_tls1_3_labels_struct const mbedtls_ssl_tls1_3_labels = static const char tls1_3_label_prefix[6] = "tls13 "; -#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( label_len, context_len ) \ - ( 2 /* expansion length */ \ - + 1 /* label length */ \ - + label_len \ - + 1 /* context length */ \ - + context_len ) +#define SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(label_len, context_len) \ + (2 /* expansion length */ \ + + 1 /* label length */ \ + + label_len \ + + 1 /* context length */ \ + + context_len) #define SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN \ SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( \ - sizeof(tls1_3_label_prefix) + \ - MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \ - MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN ) + sizeof(tls1_3_label_prefix) + \ + MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN, \ + MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN) static void ssl_tls1_3_hkdf_encode_label( - size_t desired_length, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *dst, size_t *dlen ) + size_t desired_length, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *dst, size_t *dlen) { size_t total_label_len = sizeof(tls1_3_label_prefix) + llen; size_t total_hkdf_lbl_len = - SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN( total_label_len, clen ); + SSL_TLS1_3_KEY_SCHEDULE_HKDF_LABEL_LEN(total_label_len, clen); unsigned char *p = dst; @@ -108,73 +100,72 @@ static void ssl_tls1_3_hkdf_encode_label( * TLS 1.3 HKDF key expansion to more than 255 Bytes. */ #if MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN > 255 #error "The implementation of ssl_tls1_3_hkdf_encode_label() is not fit for the \ - value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN" + value of MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN" #endif *p++ = 0; - *p++ = MBEDTLS_BYTE_0( desired_length ); + *p++ = MBEDTLS_BYTE_0(desired_length); /* Add label incl. prefix */ - *p++ = MBEDTLS_BYTE_0( total_label_len ); - memcpy( p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix) ); + *p++ = MBEDTLS_BYTE_0(total_label_len); + memcpy(p, tls1_3_label_prefix, sizeof(tls1_3_label_prefix)); p += sizeof(tls1_3_label_prefix); - memcpy( p, label, llen ); + memcpy(p, label, llen); p += llen; /* Add context value */ - *p++ = MBEDTLS_BYTE_0( clen ); - if( clen != 0 ) - memcpy( p, ctx, clen ); + *p++ = MBEDTLS_BYTE_0(clen); + if (clen != 0) { + memcpy(p, ctx, clen); + } /* Return total length to the caller. */ *dlen = total_hkdf_lbl_len; } int mbedtls_ssl_tls1_3_hkdf_expand_label( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *buf, size_t blen ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *buf, size_t blen) { const mbedtls_md_info_t *md; - unsigned char hkdf_label[ SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN ]; + unsigned char hkdf_label[SSL_TLS1_3_KEY_SCHEDULE_MAX_HKDF_LABEL_LEN]; size_t hkdf_label_len; - if( llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN ) - { + if (llen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN) { /* Should never happen since this is an internal * function, and we know statically which labels * are allowed. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN ) - { + if (clen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_CONTEXT_LEN) { /* Should not happen, as above. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - if( blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN ) - { + if (blen > MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_EXPANSION_LEN) { /* Should not happen, as above. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ssl_tls1_3_hkdf_encode_label( blen, - label, llen, - ctx, clen, - hkdf_label, - &hkdf_label_len ); + ssl_tls1_3_hkdf_encode_label(blen, + label, llen, + ctx, clen, + hkdf_label, + &hkdf_label_len); - return( mbedtls_hkdf_expand( md, - secret, slen, - hkdf_label, hkdf_label_len, - buf, blen ) ); + return mbedtls_hkdf_expand(md, + secret, slen, + hkdf_label, hkdf_label_len, + buf, blen); } /* @@ -194,156 +185,157 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label( * keys in a single function call. */ int mbedtls_ssl_tls1_3_make_traffic_keys( - mbedtls_md_type_t hash_alg, - const unsigned char *client_secret, - const unsigned char *server_secret, - size_t slen, size_t key_len, size_t iv_len, - mbedtls_ssl_key_set *keys ) + mbedtls_md_type_t hash_alg, + const unsigned char *client_secret, + const unsigned char *server_secret, + size_t slen, size_t key_len, size_t iv_len, + mbedtls_ssl_key_set *keys) { int ret = 0; - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - client_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ), - NULL, 0, - keys->client_write_key, key_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - server_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( key ), - NULL, 0, - keys->server_write_key, key_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - client_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ), - NULL, 0, - keys->client_write_iv, iv_len ); - if( ret != 0 ) - return( ret ); - - ret = mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - server_secret, slen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( iv ), - NULL, 0, - keys->server_write_iv, iv_len ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + client_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key), + NULL, 0, + keys->client_write_key, key_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + server_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(key), + NULL, 0, + keys->server_write_key, key_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + client_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv), + NULL, 0, + keys->client_write_iv, iv_len); + if (ret != 0) { + return ret; + } + + ret = mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + server_secret, slen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(iv), + NULL, 0, + keys->server_write_iv, iv_len); + if (ret != 0) { + return ret; + } keys->key_len = key_len; keys->iv_len = iv_len; - return( 0 ); + return 0; } int mbedtls_ssl_tls1_3_derive_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - int ctx_hashed, - unsigned char *dstbuf, size_t buflen ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + int ctx_hashed, + unsigned char *dstbuf, size_t buflen) { int ret; - unsigned char hashed_context[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char hashed_context[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md; - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - - if( ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED ) - { - ret = mbedtls_md( md, ctx, clen, hashed_context ); - if( ret != 0 ) - return( ret ); - clen = mbedtls_md_get_size( md ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - else - { - if( clen > sizeof(hashed_context) ) - { + + if (ctx_hashed == MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED) { + ret = mbedtls_md(md, ctx, clen, hashed_context); + if (ret != 0) { + return ret; + } + clen = mbedtls_md_get_size(md); + } else { + if (clen > sizeof(hashed_context)) { /* This should never happen since this function is internal * and the code sets `ctx_hashed` correctly. * Let's double-check nonetheless to not run at the risk * of getting a stack overflow. */ - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - memcpy( hashed_context, ctx, clen ); + memcpy(hashed_context, ctx, clen); } - return( mbedtls_ssl_tls1_3_hkdf_expand_label( hash_alg, - secret, slen, - label, llen, - hashed_context, clen, - dstbuf, buflen ) ); + return mbedtls_ssl_tls1_3_hkdf_expand_label(hash_alg, + secret, slen, + label, llen, + hashed_context, clen, + dstbuf, buflen); } int mbedtls_ssl_tls1_3_evolve_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret_old, - const unsigned char *input, size_t input_len, - unsigned char *secret_new ) + mbedtls_md_type_t hash_alg, + const unsigned char *secret_old, + const unsigned char *input, size_t input_len, + unsigned char *secret_new) { int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; size_t hlen, ilen; - unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 }; - unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 }; + unsigned char tmp_secret[PSA_MAC_MAX_SIZE] = { 0 }; + unsigned char tmp_input[TLS1_3_EVOLVE_INPUT_SIZE] = { 0 }; const mbedtls_md_info_t *md; - md = mbedtls_md_info_from_type( hash_alg ); - if( md == NULL ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + md = mbedtls_md_info_from_type(hash_alg); + if (md == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - hlen = mbedtls_md_get_size( md ); + hlen = mbedtls_md_get_size(md); /* For non-initial runs, call Derive-Secret( ., "derived", "") * on the old secret. */ - if( secret_old != NULL ) - { + if (secret_old != NULL) { ret = mbedtls_ssl_tls1_3_derive_secret( - hash_alg, - secret_old, hlen, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( derived ), - NULL, 0, /* context */ - MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, - tmp_secret, hlen ); - if( ret != 0 ) + hash_alg, + secret_old, hlen, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(derived), + NULL, 0, /* context */ + MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + tmp_secret, hlen); + if (ret != 0) { goto cleanup; + } } - if( input != NULL ) - { - memcpy( tmp_input, input, input_len ); + if (input != NULL) { + memcpy(tmp_input, input, input_len); ilen = input_len; - } - else - { + } else { ilen = hlen; } /* HKDF-Extract takes a salt and input key material. * The salt is the old secret, and the input key material * is the input secret (PSK / ECDHE). */ - ret = mbedtls_hkdf_extract( md, - tmp_secret, hlen, - tmp_input, ilen, - secret_new ); - if( ret != 0 ) + ret = mbedtls_hkdf_extract(md, + tmp_secret, hlen, + tmp_input, ilen, + secret_new); + if (ret != 0) { goto cleanup; + } ret = 0; - cleanup: +cleanup: - mbedtls_platform_zeroize( tmp_secret, sizeof(tmp_secret) ); - mbedtls_platform_zeroize( tmp_input, sizeof(tmp_input) ); - return( ret ); + mbedtls_platform_zeroize(tmp_secret, sizeof(tmp_secret)); + mbedtls_platform_zeroize(tmp_input, sizeof(tmp_input)); + return ret; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ diff --git a/third_party/mbedtls/repo/library/ssl_tls13_keys.h b/third_party/mbedtls/repo/library/ssl_tls13_keys.h index 7089049ce2c..ca7413261de 100644 --- a/third_party/mbedtls/repo/library/ssl_tls13_keys.h +++ b/third_party/mbedtls/repo/library/ssl_tls13_keys.h @@ -2,19 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 ( the "License" ); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H) #define MBEDTLS_SSL_TLS1_3_KEYS_H @@ -23,46 +11,44 @@ * the point of use. See e.g. the definition of mbedtls_ssl_tls1_3_labels_union * below. */ #define MBEDTLS_SSL_TLS1_3_LABEL_LIST \ - MBEDTLS_SSL_TLS1_3_LABEL( finished , "finished" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( resumption , "resumption" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( traffic_upd , "traffic upd" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( exporter , "exporter" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( key , "key" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( iv , "iv" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_hs_traffic, "c hs traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_ap_traffic, "c ap traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( c_e_traffic , "c e traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_hs_traffic, "s hs traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_ap_traffic, "s ap traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( s_e_traffic , "s e traffic" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( e_exp_master, "e exp master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( res_master , "res master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( exp_master , "exp master" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( ext_binder , "ext binder" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( res_binder , "res binder" ) \ - MBEDTLS_SSL_TLS1_3_LABEL( derived , "derived" ) + MBEDTLS_SSL_TLS1_3_LABEL(finished, "finished") \ + MBEDTLS_SSL_TLS1_3_LABEL(resumption, "resumption") \ + MBEDTLS_SSL_TLS1_3_LABEL(traffic_upd, "traffic upd") \ + MBEDTLS_SSL_TLS1_3_LABEL(exporter, "exporter") \ + MBEDTLS_SSL_TLS1_3_LABEL(key, "key") \ + MBEDTLS_SSL_TLS1_3_LABEL(iv, "iv") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_hs_traffic, "c hs traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_ap_traffic, "c ap traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(c_e_traffic, "c e traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_hs_traffic, "s hs traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_ap_traffic, "s ap traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(s_e_traffic, "s e traffic") \ + MBEDTLS_SSL_TLS1_3_LABEL(e_exp_master, "e exp master") \ + MBEDTLS_SSL_TLS1_3_LABEL(res_master, "res master") \ + MBEDTLS_SSL_TLS1_3_LABEL(exp_master, "exp master") \ + MBEDTLS_SSL_TLS1_3_LABEL(ext_binder, "ext binder") \ + MBEDTLS_SSL_TLS1_3_LABEL(res_binder, "res binder") \ + MBEDTLS_SSL_TLS1_3_LABEL(derived, "derived") -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - const unsigned char name [ sizeof(string) - 1 ]; +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + const unsigned char name [sizeof(string) - 1]; -union mbedtls_ssl_tls1_3_labels_union -{ +union mbedtls_ssl_tls1_3_labels_union { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; -struct mbedtls_ssl_tls1_3_labels_struct -{ +struct mbedtls_ssl_tls1_3_labels_struct { MBEDTLS_SSL_TLS1_3_LABEL_LIST }; #undef MBEDTLS_SSL_TLS1_3_LABEL extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; -#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( LABEL ) \ +#define MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(LABEL) \ mbedtls_ssl_tls1_3_labels.LABEL, \ sizeof(mbedtls_ssl_tls1_3_labels.LABEL) #define MBEDTLS_SSL_TLS1_3_KEY_SCHEDULE_MAX_LABEL_LEN \ - sizeof( union mbedtls_ssl_tls1_3_labels_union ) + sizeof(union mbedtls_ssl_tls1_3_labels_union) /* The maximum length of HKDF contexts used in the TLS 1.3 standard. * Since contexts are always hashes of message transcripts, this can @@ -107,11 +93,11 @@ extern const struct mbedtls_ssl_tls1_3_labels_struct mbedtls_ssl_tls1_3_labels; */ int mbedtls_ssl_tls1_3_hkdf_expand_label( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - unsigned char *buf, size_t blen ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + unsigned char *buf, size_t blen); /** * \brief This function is part of the TLS 1.3 key schedule. @@ -143,11 +129,11 @@ int mbedtls_ssl_tls1_3_hkdf_expand_label( */ int mbedtls_ssl_tls1_3_make_traffic_keys( - mbedtls_md_type_t hash_alg, - const unsigned char *client_secret, - const unsigned char *server_secret, - size_t slen, size_t key_len, size_t iv_len, - mbedtls_ssl_key_set *keys ); + mbedtls_md_type_t hash_alg, + const unsigned char *client_secret, + const unsigned char *server_secret, + size_t slen, size_t key_len, size_t iv_len, + mbedtls_ssl_key_set *keys); #define MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED 0 @@ -191,12 +177,12 @@ int mbedtls_ssl_tls1_3_make_traffic_keys( * \returns A negative error code on failure. */ int mbedtls_ssl_tls1_3_derive_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret, size_t slen, - const unsigned char *label, size_t llen, - const unsigned char *ctx, size_t clen, - int ctx_hashed, - unsigned char *dstbuf, size_t buflen ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret, size_t slen, + const unsigned char *label, size_t llen, + const unsigned char *ctx, size_t clen, + int ctx_hashed, + unsigned char *dstbuf, size_t buflen); /** * \brief Compute the next secret in the TLS 1.3 key schedule @@ -266,9 +252,9 @@ int mbedtls_ssl_tls1_3_derive_secret( */ int mbedtls_ssl_tls1_3_evolve_secret( - mbedtls_md_type_t hash_alg, - const unsigned char *secret_old, - const unsigned char *input, size_t input_len, - unsigned char *secret_new ); + mbedtls_md_type_t hash_alg, + const unsigned char *secret_old, + const unsigned char *input, size_t input_len, + unsigned char *secret_new); #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */ diff --git a/third_party/mbedtls/repo/library/threading.c b/third_party/mbedtls/repo/library/threading.c index 2de117f52a3..b03f0cc872e 100644 --- a/third_party/mbedtls/repo/library/threading.c +++ b/third_party/mbedtls/repo/library/threading.c @@ -2,19 +2,7 @@ * Threading abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -40,9 +28,9 @@ #endif /* !_WIN32 && (unix || __unix || __unix__ || * (__APPLE__ && __MACH__)) */ -#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ - _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) +#if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) || \ + (defined(_POSIX_THREAD_SAFE_FUNCTIONS) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L)) /* * This is a convenience shorthand macro to avoid checking the long * preprocessor conditions above. Ideally, we could expose this macro in @@ -51,21 +39,22 @@ * we keep it private by only defining it in this file */ -#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#if !(defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)) #define THREADING_USE_GMTIME #endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ -#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ - ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ _POSIX_THREAD_SAFE_FUNCTIONS >= 200112L ) ) */ #endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */ #if defined(MBEDTLS_THREADING_PTHREAD) -static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_init_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL ) + if (mutex == NULL) { return; + } /* A nonzero value of is_valid indicates a successfully initialized * mutex. This is a workaround for not being able to return an error @@ -73,76 +62,81 @@ static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) * if is_valid is nonzero. The Mbed TLS unit test code uses this field * to distinguish more states of the mutex; see * tests/src/threading_helpers for details. */ - mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0; + mutex->is_valid = pthread_mutex_init(&mutex->mutex, NULL) == 0; } -static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_free_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || !mutex->is_valid ) + if (mutex == NULL || !mutex->is_valid) { return; + } - (void) pthread_mutex_destroy( &mutex->mutex ); + (void) pthread_mutex_destroy(&mutex->mutex); mutex->is_valid = 0; } -static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || ! mutex->is_valid ) - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + if (mutex == NULL || !mutex->is_valid) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } - if( pthread_mutex_lock( &mutex->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (pthread_mutex_lock(&mutex->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } - return( 0 ); + return 0; } -static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_unlock_pthread(mbedtls_threading_mutex_t *mutex) { - if( mutex == NULL || ! mutex->is_valid ) - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + if (mutex == NULL || !mutex->is_valid) { + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; + } - if( pthread_mutex_unlock( &mutex->mutex ) != 0 ) - return( MBEDTLS_ERR_THREADING_MUTEX_ERROR ); + if (pthread_mutex_unlock(&mutex->mutex) != 0) { + return MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } - return( 0 ); + return 0; } -void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread; -void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread; -int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread; -int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread; +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_init_pthread; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_free_pthread; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_lock_pthread; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_unlock_pthread; /* - * With phtreads we can statically initialize mutexes + * With pthreads we can statically initialize mutexes */ #define MUTEX_INIT = { PTHREAD_MUTEX_INITIALIZER, 1 } #endif /* MBEDTLS_THREADING_PTHREAD */ #if defined(MBEDTLS_THREADING_ALT) -static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex ) +static int threading_mutex_fail(mbedtls_threading_mutex_t *mutex) { - ((void) mutex ); - return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA ); + ((void) mutex); + return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; } -static void threading_mutex_dummy( mbedtls_threading_mutex_t *mutex ) +static void threading_mutex_dummy(mbedtls_threading_mutex_t *mutex) { - ((void) mutex ); + ((void) mutex); return; } -void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; -void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy; -int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; -int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail; +void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *) = threading_mutex_dummy; +void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *) = threading_mutex_dummy; +int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *) = threading_mutex_fail; +int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *) = threading_mutex_fail; /* * Set functions pointers and initialize global mutexes */ -void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ), - void (*mutex_free)( mbedtls_threading_mutex_t * ), - int (*mutex_lock)( mbedtls_threading_mutex_t * ), - int (*mutex_unlock)( mbedtls_threading_mutex_t * ) ) +void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), + void (*mutex_free)(mbedtls_threading_mutex_t *), + int (*mutex_lock)(mbedtls_threading_mutex_t *), + int (*mutex_unlock)(mbedtls_threading_mutex_t *)) { mbedtls_mutex_init = mutex_init; mbedtls_mutex_free = mutex_free; @@ -150,23 +144,23 @@ void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * mbedtls_mutex_unlock = mutex_unlock; #if defined(MBEDTLS_FS_IO) - mbedtls_mutex_init( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_init(&mbedtls_threading_readdir_mutex); #endif #if defined(THREADING_USE_GMTIME) - mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex ); + mbedtls_mutex_init(&mbedtls_threading_gmtime_mutex); #endif } /* * Free global mutexes */ -void mbedtls_threading_free_alt( void ) +void mbedtls_threading_free_alt(void) { #if defined(MBEDTLS_FS_IO) - mbedtls_mutex_free( &mbedtls_threading_readdir_mutex ); + mbedtls_mutex_free(&mbedtls_threading_readdir_mutex); #endif #if defined(THREADING_USE_GMTIME) - mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex ); + mbedtls_mutex_free(&mbedtls_threading_gmtime_mutex); #endif } #endif /* MBEDTLS_THREADING_ALT */ diff --git a/third_party/mbedtls/repo/library/timing.c b/third_party/mbedtls/repo/library/timing.c index eb41461320b..f2f0a4386b7 100644 --- a/third_party/mbedtls/repo/library/timing.c +++ b/third_party/mbedtls/repo/library/timing.c @@ -2,29 +2,14 @@ * Portable interface to the CPU cycle counter * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +#include + #include "common.h" -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif #if defined(MBEDTLS_TIMING_C) @@ -38,17 +23,18 @@ #error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h" #endif +/* *INDENT-OFF* */ #ifndef asm #define asm __asm #endif +/* *INDENT-ON* */ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #include -struct _hr_time -{ +struct _hr_time { LARGE_INTEGER start; }; @@ -56,80 +42,77 @@ struct _hr_time #include #include -#include #include +/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the + * platform matches the ifdefs above, it will be used. */ #include - -struct _hr_time -{ +#include +struct _hr_time { struct timeval start; }; - #endif /* _WIN32 && !EFIX64 && !EFI32 */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) + (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tsc; __asm rdtsc - __asm mov [tsc], eax - return( tsc ); + __asm mov[tsc], eax + return tsc; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ /* some versions of mingw-64 have 32-bit longs even on x84_64 */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__i386__) || ( \ - ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) ) + defined(__GNUC__) && (defined(__i386__) || ( \ + (defined(__amd64__) || defined(__x86_64__)) && __SIZEOF_LONG__ == 4)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo ); + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __i386__ */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) ) + defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long lo, hi; - asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) ); - return( lo | ( hi << 32 ) ); + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo | (hi << 32); } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __amd64__ || __x86_64__ ) */ #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) ) + defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__)) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tbl, tbu0, tbu1; - do - { - asm volatile( "mftbu %0" : "=r" (tbu0) ); - asm volatile( "mftb %0" : "=r" (tbl ) ); - asm volatile( "mftbu %0" : "=r" (tbu1) ); - } - while( tbu0 != tbu1 ); + do { + asm volatile ("mftbu %0" : "=r" (tbu0)); + asm volatile ("mftb %0" : "=r" (tbl)); + asm volatile ("mftbu %0" : "=r" (tbu1)); + } while (tbu0 != tbu1); - return( tbl ); + return tbl; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && ( __powerpc__ || __ppc__ ) */ @@ -142,11 +125,11 @@ unsigned long mbedtls_timing_hardclock( void ) #else #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tick; - asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) ); - return( tick ); + asm volatile ("rdpr %%tick, %0;" : "=&r" (tick)); + return tick; } #endif /* __OpenBSD__ */ #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && @@ -157,12 +140,12 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long tick; - asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" ); - asm volatile( "mov %%g1, %0" : "=r" (tick) ); - return( tick ); + asm volatile (".byte 0x83, 0x41, 0x00, 0x00"); + asm volatile ("mov %%g1, %0" : "=r" (tick)); + return tick; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __sparc__ && !__sparc64__ */ @@ -172,11 +155,11 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long cc; - asm volatile( "rpcc %0" : "=r" (cc) ); - return( cc & 0xFFFFFFFF ); + asm volatile ("rpcc %0" : "=r" (cc)); + return cc & 0xFFFFFFFF; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __alpha__ */ @@ -186,11 +169,11 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { unsigned long itc; - asm volatile( "mov %0 = ar.itc" : "=r" (itc) ); - return( itc ); + asm volatile ("mov %0 = ar.itc" : "=r" (itc)); + return itc; } #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __ia64__ */ @@ -200,13 +183,13 @@ unsigned long mbedtls_timing_hardclock( void ) #define HAVE_HARDCLOCK -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { LARGE_INTEGER offset; - QueryPerformanceCounter( &offset ); + QueryPerformanceCounter(&offset); - return( (unsigned long)( offset.QuadPart ) ); + return (unsigned long) (offset.QuadPart); } #endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ @@ -217,19 +200,18 @@ unsigned long mbedtls_timing_hardclock( void ) static int hardclock_init = 0; static struct timeval tv_init; -unsigned long mbedtls_timing_hardclock( void ) +unsigned long mbedtls_timing_hardclock(void) { struct timeval tv_cur; - if( hardclock_init == 0 ) - { - gettimeofday( &tv_init, NULL ); + if (hardclock_init == 0) { + gettimeofday(&tv_init, NULL); hardclock_init = 1; } - gettimeofday( &tv_cur, NULL ); - return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000 - + ( tv_cur.tv_usec - tv_init.tv_usec ) ); + gettimeofday(&tv_cur, NULL); + return (tv_cur.tv_sec - tv_init.tv_sec) * 1000000U + + (tv_cur.tv_usec - tv_init.tv_usec); } #endif /* !HAVE_HARDCLOCK */ @@ -237,43 +219,42 @@ volatile int mbedtls_timing_alarmed = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) { - struct _hr_time *t = (struct _hr_time *) val; + struct _hr_time t; - if( reset ) - { - QueryPerformanceCounter( &t->start ); - return( 0 ); - } - else - { + if (reset) { + QueryPerformanceCounter(&t.start); + memcpy(val, &t, sizeof(struct _hr_time)); + return 0; + } else { unsigned long delta; LARGE_INTEGER now, hfreq; - QueryPerformanceCounter( &now ); - QueryPerformanceFrequency( &hfreq ); - delta = (unsigned long)( ( now.QuadPart - t->start.QuadPart ) * 1000ul - / hfreq.QuadPart ); - return( delta ); + /* We can't safely cast val because it may not be aligned, so use memcpy */ + memcpy(&t, val, sizeof(struct _hr_time)); + QueryPerformanceCounter(&now); + QueryPerformanceFrequency(&hfreq); + delta = (unsigned long) ((now.QuadPart - t.start.QuadPart) * 1000ul + / hfreq.QuadPart); + return delta; } } /* It's OK to use a global because alarm() is supposed to be global anyway */ static DWORD alarmMs; -static void TimerProc( void *TimerContext ) +static void TimerProc(void *TimerContext) { (void) TimerContext; - Sleep( alarmMs ); + Sleep(alarmMs); mbedtls_timing_alarmed = 1; /* _endthread will be called implicitly on return - * That ensures execution of thread funcition's epilogue */ + * That ensures execution of thread function's epilogue */ } -void mbedtls_set_alarm( int seconds ) +void mbedtls_set_alarm(int seconds) { - if( seconds == 0 ) - { + if (seconds == 0) { /* No need to create a thread for this simple case. * Also, this shorcut is more reliable at least on MinGW32 */ mbedtls_timing_alarmed = 1; @@ -282,44 +263,43 @@ void mbedtls_set_alarm( int seconds ) mbedtls_timing_alarmed = 0; alarmMs = seconds * 1000; - (void) _beginthread( TimerProc, 0, NULL ); + (void) _beginthread(TimerProc, 0, NULL); } #else /* _WIN32 && !EFIX64 && !EFI32 */ -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) { - struct _hr_time *t = (struct _hr_time *) val; + struct _hr_time t; - if( reset ) - { - gettimeofday( &t->start, NULL ); - return( 0 ); - } - else - { + if (reset) { + gettimeofday(&t.start, NULL); + memcpy(val, &t, sizeof(struct _hr_time)); + return 0; + } else { unsigned long delta; struct timeval now; - gettimeofday( &now, NULL ); - delta = ( now.tv_sec - t->start.tv_sec ) * 1000ul - + ( now.tv_usec - t->start.tv_usec ) / 1000; - return( delta ); + /* We can't safely cast val because it may not be aligned, so use memcpy */ + memcpy(&t, val, sizeof(struct _hr_time)); + gettimeofday(&now, NULL); + delta = (now.tv_sec - t.start.tv_sec) * 1000ul + + (now.tv_usec - t.start.tv_usec) / 1000; + return delta; } } -static void sighandler( int signum ) +static void sighandler(int signum) { mbedtls_timing_alarmed = 1; - signal( signum, sighandler ); + signal(signum, sighandler); } -void mbedtls_set_alarm( int seconds ) +void mbedtls_set_alarm(int seconds) { mbedtls_timing_alarmed = 0; - signal( SIGALRM, sighandler ); - alarm( seconds ); - if( seconds == 0 ) - { + signal(SIGALRM, sighandler); + alarm(seconds); + if (seconds == 0) { /* alarm(0) cancelled any previous pending alarm, but the handler won't fire, so raise the flag straight away. */ mbedtls_timing_alarmed = 1; @@ -331,57 +311,61 @@ void mbedtls_set_alarm( int seconds ) /* * Set delays to watch */ -void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms) { mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; ctx->int_ms = int_ms; ctx->fin_ms = fin_ms; - if( fin_ms != 0 ) - (void) mbedtls_timing_get_timer( &ctx->timer, 1 ); + if (fin_ms != 0) { + (void) mbedtls_timing_get_timer(&ctx->timer, 1); + } } /* * Get number of delays expired */ -int mbedtls_timing_get_delay( void *data ) +int mbedtls_timing_get_delay(void *data) { mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; unsigned long elapsed_ms; - if( ctx->fin_ms == 0 ) - return( -1 ); + if (ctx->fin_ms == 0) { + return -1; + } - elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 ); + elapsed_ms = mbedtls_timing_get_timer(&ctx->timer, 0); - if( elapsed_ms >= ctx->fin_ms ) - return( 2 ); + if (elapsed_ms >= ctx->fin_ms) { + return 2; + } - if( elapsed_ms >= ctx->int_ms ) - return( 1 ); + if (elapsed_ms >= ctx->int_ms) { + return 1; + } - return( 0 ); + return 0; } #endif /* !MBEDTLS_TIMING_ALT */ #if defined(MBEDTLS_SELF_TEST) - /* * Busy-waits for the given number of milliseconds. * Used for testing mbedtls_timing_hardclock. */ -static void busy_msleep( unsigned long msec ) +static void busy_msleep(unsigned long msec) { struct mbedtls_timing_hr_time hires; unsigned long i = 0; /* for busy-waiting */ volatile unsigned long j; /* to prevent optimisation */ - (void) mbedtls_timing_get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer(&hires, 1); - while( mbedtls_timing_get_timer( &hires, 0 ) < msec ) + while (mbedtls_timing_get_timer(&hires, 0) < msec) { i++; + } j = i; (void) j; @@ -389,19 +373,18 @@ static void busy_msleep( unsigned long msec ) #define FAIL do \ { \ - if( verbose != 0 ) \ + if (verbose != 0) \ { \ - mbedtls_printf( "failed at line %d\n", __LINE__ ); \ - mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ - cycles, ratio, millisecs, secs, hardfail, \ - (unsigned long) a, (unsigned long) b ); \ - mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \ - mbedtls_timing_get_timer( &hires, 0 ), \ - mbedtls_timing_get_timer( &ctx.timer, 0 ), \ - mbedtls_timing_get_delay( &ctx ) ); \ + mbedtls_printf("failed at line %d\n", __LINE__); \ + mbedtls_printf(" cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ + cycles, ratio, millisecs, secs, hardfail, \ + (unsigned long) a, (unsigned long) b); \ + mbedtls_printf(" elapsed(hires)=%lu status(ctx)=%d\n", \ + mbedtls_timing_get_timer(&hires, 0), \ + mbedtls_timing_get_delay(&ctx)); \ } \ - return( 1 ); \ - } while( 0 ) + return 1; \ + } while (0) /* * Checkup routine @@ -409,7 +392,7 @@ static void busy_msleep( unsigned long msec ) * Warning: this is work in progress, some tests may not be reliable enough * yet! False positives may happen. */ -int mbedtls_timing_self_test( int verbose ) +int mbedtls_timing_self_test(int verbose) { unsigned long cycles = 0, ratio = 0; unsigned long millisecs = 0, secs = 0; @@ -418,63 +401,75 @@ int mbedtls_timing_self_test( int verbose ) uint32_t a = 0, b = 0; mbedtls_timing_delay_context ctx; - if( verbose != 0 ) - mbedtls_printf( " TIMING tests note: will take some time!\n" ); + if (verbose != 0) { + mbedtls_printf(" TIMING tests note: will take some time!\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #1 (set_alarm / get_timer): "); + } { secs = 1; - (void) mbedtls_timing_get_timer( &hires, 1 ); + (void) mbedtls_timing_get_timer(&hires, 1); - mbedtls_set_alarm( (int) secs ); - while( !mbedtls_timing_alarmed ) + mbedtls_set_alarm((int) secs); + while (!mbedtls_timing_alarmed) { ; + } - millisecs = mbedtls_timing_get_timer( &hires, 0 ); + millisecs = mbedtls_timing_get_timer(&hires, 0); /* For some reason on Windows it looks like alarm has an extra delay * (maybe related to creating a new thread). Allow some room here. */ - if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 ) + if (millisecs < 800 * secs || millisecs > 1200 * secs + 300) { FAIL; + } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #2 (set/get_delay ): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #2 (set/get_delay ): "); + } { a = 800; b = 400; - mbedtls_timing_set_delay( &ctx, a, a + b ); /* T = 0 */ + mbedtls_timing_set_delay(&ctx, a, a + b); /* T = 0 */ - busy_msleep( a - a / 4 ); /* T = a - a/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 0 ) + busy_msleep(a - a / 4); /* T = a - a/4 */ + if (mbedtls_timing_get_delay(&ctx) != 0) { FAIL; + } - busy_msleep( a / 4 + b / 4 ); /* T = a + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 1 ) + busy_msleep(a / 4 + b / 4); /* T = a + b/4 */ + if (mbedtls_timing_get_delay(&ctx) != 1) { FAIL; + } - busy_msleep( b ); /* T = a + b + b/4 */ - if( mbedtls_timing_get_delay( &ctx ) != 2 ) + busy_msleep(b); /* T = a + b + b/4 */ + if (mbedtls_timing_get_delay(&ctx) != 2) { FAIL; + } } - mbedtls_timing_set_delay( &ctx, 0, 0 ); - busy_msleep( 200 ); - if( mbedtls_timing_get_delay( &ctx ) != -1 ) + mbedtls_timing_set_delay(&ctx, 0, 0); + busy_msleep(200); + if (mbedtls_timing_get_delay(&ctx) != -1) { FAIL; + } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } - if( verbose != 0 ) - mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " ); + if (verbose != 0) { + mbedtls_printf(" TIMING test #3 (hardclock / get_timer): "); + } /* * Allow one failure for possible counter wrapping. @@ -483,10 +478,10 @@ int mbedtls_timing_self_test( int verbose ) */ hard_test: - if( hardfail > 1 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed (ignored)\n" ); + if (hardfail > 1) { + if (verbose != 0) { + mbedtls_printf("failed (ignored)\n"); + } goto hard_test_done; } @@ -494,37 +489,36 @@ int mbedtls_timing_self_test( int verbose ) /* Get a reference ratio cycles/ms */ millisecs = 1; cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); + busy_msleep(millisecs); cycles = mbedtls_timing_hardclock() - cycles; ratio = cycles / millisecs; /* Check that the ratio is mostly constant */ - for( millisecs = 2; millisecs <= 4; millisecs++ ) - { + for (millisecs = 2; millisecs <= 4; millisecs++) { cycles = mbedtls_timing_hardclock(); - busy_msleep( millisecs ); + busy_msleep(millisecs); cycles = mbedtls_timing_hardclock() - cycles; /* Allow variation up to 20% */ - if( cycles / millisecs < ratio - ratio / 5 || - cycles / millisecs > ratio + ratio / 5 ) - { + if (cycles / millisecs < ratio - ratio / 5 || + cycles / millisecs > ratio + ratio / 5) { hardfail++; goto hard_test; } } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } hard_test_done: - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_SELF_TEST */ - #endif /* MBEDTLS_TIMING_C */ diff --git a/third_party/mbedtls/repo/library/version.c b/third_party/mbedtls/repo/library/version.c index 32a0d7d584f..04397332bbf 100644 --- a/third_party/mbedtls/repo/library/version.c +++ b/third_party/mbedtls/repo/library/version.c @@ -2,19 +2,7 @@ * Version information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -24,21 +12,21 @@ #include "mbedtls/version.h" #include -unsigned int mbedtls_version_get_number( void ) +unsigned int mbedtls_version_get_number(void) { - return( MBEDTLS_VERSION_NUMBER ); + return MBEDTLS_VERSION_NUMBER; } -void mbedtls_version_get_string( char *string ) +void mbedtls_version_get_string(char *string) { - memcpy( string, MBEDTLS_VERSION_STRING, - sizeof( MBEDTLS_VERSION_STRING ) ); + memcpy(string, MBEDTLS_VERSION_STRING, + sizeof(MBEDTLS_VERSION_STRING)); } -void mbedtls_version_get_string_full( char *string ) +void mbedtls_version_get_string_full(char *string) { - memcpy( string, MBEDTLS_VERSION_STRING_FULL, - sizeof( MBEDTLS_VERSION_STRING_FULL ) ); + memcpy(string, MBEDTLS_VERSION_STRING_FULL, + sizeof(MBEDTLS_VERSION_STRING_FULL)); } #endif /* MBEDTLS_VERSION_C */ diff --git a/third_party/mbedtls/repo/library/version_features.c b/third_party/mbedtls/repo/library/version_features.c index 40c95201bc2..779325744b1 100644 --- a/third_party/mbedtls/repo/library/version_features.c +++ b/third_party/mbedtls/repo/library/version_features.c @@ -2,19 +2,7 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -27,7 +15,7 @@ static const char * const features[] = { #if defined(MBEDTLS_VERSION_FEATURES) -#if defined(MBEDTLS_HAVE_ASM) + #if defined(MBEDTLS_HAVE_ASM) "MBEDTLS_HAVE_ASM", #endif /* MBEDTLS_HAVE_ASM */ #if defined(MBEDTLS_NO_UDBL_DIVISION) @@ -75,6 +63,12 @@ static const char * const features[] = { #if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ +#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) + "MBEDTLS_PLATFORM_GMTIME_R_ALT", +#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ +#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) + "MBEDTLS_PLATFORM_ZEROIZE_ALT", +#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ #if defined(MBEDTLS_DEPRECATED_WARNING) "MBEDTLS_DEPRECATED_WARNING", #endif /* MBEDTLS_DEPRECATED_WARNING */ @@ -312,6 +306,9 @@ static const char * const features[] = { #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) "MBEDTLS_REMOVE_3DES_CIPHERSUITES", #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) "MBEDTLS_ECP_DP_SECP192R1_ENABLED", #endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ @@ -576,6 +573,9 @@ static const char * const features[] = { #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) + "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", +#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", #endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ @@ -850,23 +850,25 @@ static const char * const features[] = { NULL }; -int mbedtls_version_check_feature( const char *feature ) +int mbedtls_version_check_feature(const char *feature) { const char * const *idx = features; - if( *idx == NULL ) - return( -2 ); + if (*idx == NULL) { + return -2; + } - if( feature == NULL ) - return( -1 ); + if (feature == NULL) { + return -1; + } - while( *idx != NULL ) - { - if( !strcmp( *idx, feature ) ) - return( 0 ); + while (*idx != NULL) { + if (!strcmp(*idx, feature)) { + return 0; + } idx++; } - return( -1 ); + return -1; } #endif /* MBEDTLS_VERSION_C */ diff --git a/third_party/mbedtls/repo/library/x509.c b/third_party/mbedtls/repo/library/x509.c index f21e9e69443..4233e53723b 100644 --- a/third_party/mbedtls/repo/library/x509.c +++ b/third_party/mbedtls/repo/library/x509.c @@ -2,19 +2,7 @@ * X.509 common functions for parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. @@ -43,16 +31,7 @@ #include "mbedtls/pem.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#endif #if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" @@ -62,42 +41,49 @@ #include #endif -#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); } +#define CHECK(code) \ + do { \ + if ((ret = (code)) != 0) { \ + return ret; \ + } \ + } while (0) + #define CHECK_RANGE(min, max, val) \ - do \ - { \ - if( ( val ) < ( min ) || ( val ) > ( max ) ) \ - { \ - return( ret ); \ + do { \ + if ((val) < (min) || (val) > (max)) { \ + return ret; \ } \ - } while( 0 ) + } while (0) /* * CertificateSerialNumber ::= INTEGER */ -int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial ) +int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && - **p != MBEDTLS_ASN1_INTEGER ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (**p != (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2) && + **p != MBEDTLS_ASN1_INTEGER) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } serial->tag = *(*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &serial->len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SERIAL, ret); + } serial->p = *p; *p += serial->len; - return( 0 ); + return 0; } /* Get an algorithm identifier without parameters (eg for signatures) @@ -106,29 +92,31 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } */ -int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg ) +int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg_null(p, end, alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - return( 0 ); + return 0; } /* * Parse an algorithm identifier with (optional) parameters */ -int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) +int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_alg(p, end, alg, params)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - return( 0 ); + return 0; } #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) @@ -141,7 +129,7 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, * * For HashAlgorithm, parameters MUST be NULL or absent. */ -static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) +static int x509_get_hash_alg(const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -150,42 +138,49 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md size_t len; /* Make sure we got a SEQUENCE and setup bounds */ - if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (alg->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } p = alg->p; end = p + alg->len; - if( p >= end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if (p >= end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } /* Parse md_oid */ md_oid.tag = *p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &md_oid.len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } md_oid.p = p; p += md_oid.len; /* Get md_alg from md_oid */ - if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_oid_get_md_alg(&md_oid, md_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } /* Make sure params is absent of NULL */ - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_NULL)) != 0 || len != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -198,11 +193,11 @@ static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md * * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other - * option. Enfore this at parsing time. + * option. Enforce this at parsing time. */ -int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len ) +int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p; @@ -216,121 +211,139 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, *salt_len = 20; /* Make sure params is a SEQUENCE and setup bounds */ - if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } p = (unsigned char *) params->p; end = p + params->len; - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * HashAlgorithm */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) == 0) { end2 = p + len; /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_alg_null(&p, end2, &alg_id)) != 0) { + return ret; + } - if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_oid_get_md_alg(&alg_id, md_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * MaskGenAlgorithm */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 1)) == 0) { end2 = p + len; /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end2, &alg_id, &alg_params)) != 0) { + return ret; + } /* Only MFG1 is recognised for now */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, - MBEDTLS_ERR_OID_NOT_FOUND ) ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_MGF1, &alg_id) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE, + MBEDTLS_ERR_OID_NOT_FOUND); + } /* Parse HashAlgorithm */ - if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) - return( ret ); + if ((ret = x509_get_hash_alg(&alg_params, mgf_md)) != 0) { + return ret; + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * salt_len */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 2)) == 0) { end2 = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end2, salt_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p == end ) - return( 0 ); + if (p == end) { + return 0; + } /* * trailer_field (if present, must be 1) */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) - { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 3)) == 0) { int trailer_field; end2 = p + len; - if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); + if ((ret = mbedtls_asn1_get_int(&p, end2, &trailer_field)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); + } - if( p != end2 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end2) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( trailer_field != 1 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); + if (trailer_field != 1) { + return MBEDTLS_ERR_X509_INVALID_ALG; + } + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, ret); } - else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) ); - if( p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_ALG, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ @@ -343,63 +356,68 @@ int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, * * AttributeValue ::= ANY DEFINED BY AttributeType */ -static int x509_get_attr_type_value( unsigned char **p, - const unsigned char *end, - mbedtls_x509_name *cur ) +static int x509_get_attr_type_value(unsigned char **p, + const unsigned char *end, + mbedtls_x509_name *cur) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; mbedtls_x509_buf *oid; mbedtls_x509_buf *val; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } end = *p + len; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } oid = &cur->oid; oid->tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &oid->len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } oid->p = *p; *p += oid->len; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } - if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && + if (**p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && - **p != MBEDTLS_ASN1_BIT_STRING ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + **p != MBEDTLS_ASN1_BIT_STRING) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } val = &cur->val; val->tag = *(*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &val->len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + } val->p = *p; *p += val->len; - if( *p != end ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } cur->next = NULL; - return( 0 ); + return 0; } /* @@ -424,41 +442,52 @@ static int x509_get_attr_type_value( unsigned char **p, * For the general case we still use a flat list, but we mark elements of the * same set so that they are "merged" together in the functions that consume * this list, eg mbedtls_x509_dn_gets(). + * + * On success, this function may allocate a linked list starting at cur->next + * that must later be free'd by the caller using mbedtls_free(). In error + * cases, this function frees all allocated memory internally and the caller + * has no freeing responsibilities. */ -int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur ) +int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t set_len; const unsigned char *end_set; + mbedtls_x509_name *head = cur; + mbedtls_x509_name *prev, *allocated; /* don't use recursion, we'd risk stack overflow if not optimized */ - while( 1 ) - { + while (1) { /* * parse SET */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &set_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)) != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_NAME, ret); + goto error; + } end_set = *p + set_len; - while( 1 ) - { - if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 ) - return( ret ); + while (1) { + if ((ret = x509_get_attr_type_value(p, end_set, cur)) != 0) { + goto error; + } - if( *p == end_set ) + if (*p == end_set) { break; + } /* Mark this item as being no the only one in a set */ cur->next_merged = 1; - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name)); - if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (cur->next == NULL) { + ret = MBEDTLS_ERR_X509_ALLOC_FAILED; + goto error; + } cur = cur->next; } @@ -466,46 +495,64 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, /* * continue until end of SEQUENCE is reached */ - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_x509_name)); - if( cur->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (cur->next == NULL) { + ret = MBEDTLS_ERR_X509_ALLOC_FAILED; + goto error; + } cur = cur->next; } + +error: + /* Skip the first element as we did not allocate it */ + allocated = head->next; + + while (allocated != NULL) { + prev = allocated; + allocated = allocated->next; + + mbedtls_platform_zeroize(prev, sizeof(*prev)); + mbedtls_free(prev); + } + + mbedtls_platform_zeroize(head, sizeof(*head)); + + return ret; } -static int x509_parse_int( unsigned char **p, size_t n, int *res ) +static int x509_parse_int(unsigned char **p, size_t n, int *res) { *res = 0; - for( ; n > 0; --n ) - { - if( ( **p < '0') || ( **p > '9' ) ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + for (; n > 0; --n) { + if ((**p < '0') || (**p > '9')) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } *res *= 10; - *res += ( *(*p)++ - '0' ); + *res += (*(*p)++ - '0'); } - return( 0 ); + return 0; } -static int x509_date_is_valid(const mbedtls_x509_time *t ) +static int x509_date_is_valid(const mbedtls_x509_time *t) { int ret = MBEDTLS_ERR_X509_INVALID_DATE; int month_len; - CHECK_RANGE( 0, 9999, t->year ); - CHECK_RANGE( 0, 23, t->hour ); - CHECK_RANGE( 0, 59, t->min ); - CHECK_RANGE( 0, 59, t->sec ); + CHECK_RANGE(0, 9999, t->year); + CHECK_RANGE(0, 23, t->hour); + CHECK_RANGE(0, 59, t->min); + CHECK_RANGE(0, 59, t->sec); - switch( t->mon ) - { + switch (t->mon) { case 1: case 3: case 5: case 7: case 8: case 10: case 12: month_len = 31; break; @@ -513,69 +560,69 @@ static int x509_date_is_valid(const mbedtls_x509_time *t ) month_len = 30; break; case 2: - if( ( !( t->year % 4 ) && t->year % 100 ) || - !( t->year % 400 ) ) + if ((!(t->year % 4) && t->year % 100) || + !(t->year % 400)) { month_len = 29; - else + } else { month_len = 28; + } break; default: - return( ret ); + return ret; } - CHECK_RANGE( 1, month_len, t->day ); + CHECK_RANGE(1, month_len, t->day); - return( 0 ); + return 0; } /* * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) * field. */ -static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, - mbedtls_x509_time *tm ) +static int x509_parse_time(unsigned char **p, size_t len, size_t yearlen, + mbedtls_x509_time *tm) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* * Minimum length is 10 or 12 depending on yearlen */ - if ( len < yearlen + 8 ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + if (len < yearlen + 8) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } len -= yearlen + 8; /* * Parse year, month, day, hour, minute */ - CHECK( x509_parse_int( p, yearlen, &tm->year ) ); - if ( 2 == yearlen ) - { - if ( tm->year < 50 ) + CHECK(x509_parse_int(p, yearlen, &tm->year)); + if (2 == yearlen) { + if (tm->year < 50) { tm->year += 100; + } tm->year += 1900; } - CHECK( x509_parse_int( p, 2, &tm->mon ) ); - CHECK( x509_parse_int( p, 2, &tm->day ) ); - CHECK( x509_parse_int( p, 2, &tm->hour ) ); - CHECK( x509_parse_int( p, 2, &tm->min ) ); + CHECK(x509_parse_int(p, 2, &tm->mon)); + CHECK(x509_parse_int(p, 2, &tm->day)); + CHECK(x509_parse_int(p, 2, &tm->hour)); + CHECK(x509_parse_int(p, 2, &tm->min)); /* * Parse seconds if present */ - if ( len >= 2 ) - { - CHECK( x509_parse_int( p, 2, &tm->sec ) ); + if (len >= 2) { + CHECK(x509_parse_int(p, 2, &tm->sec)); len -= 2; + } else { + return MBEDTLS_ERR_X509_INVALID_DATE; } - else - return ( MBEDTLS_ERR_X509_INVALID_DATE ); /* * Parse trailing 'Z' if present */ - if ( 1 == len && 'Z' == **p ) - { + if (1 == len && 'Z' == **p) { (*p)++; len--; } @@ -583,12 +630,13 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, /* * We should have parsed all characters at this point */ - if ( 0 != len ) - return ( MBEDTLS_ERR_X509_INVALID_DATE ); + if (0 != len) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } - CHECK( x509_date_is_valid( tm ) ); + CHECK(x509_date_is_valid(tm)); - return ( 0 ); + return 0; } /* @@ -596,50 +644,55 @@ static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, * utcTime UTCTime, * generalTime GeneralizedTime } */ -int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, - mbedtls_x509_time *tm ) +int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, + mbedtls_x509_time *tm) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len, year_len; unsigned char tag; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } tag = **p; - if( tag == MBEDTLS_ASN1_UTC_TIME ) + if (tag == MBEDTLS_ASN1_UTC_TIME) { year_len = 2; - else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) + } else if (tag == MBEDTLS_ASN1_GENERALIZED_TIME) { year_len = 4; - else - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + } else { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } (*p)++; - ret = mbedtls_asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len(p, end, &len); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret); + } - return x509_parse_time( p, len, year_len, tm ); + return x509_parse_time(p, len, year_len, tm); } -int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) +int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; int tag_type; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ); + if ((end - *p) < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } tag_type = **p; - if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring_null(p, end, &len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret); + } sig->tag = tag_type; sig->len = len; @@ -647,63 +700,64 @@ int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x *p += len; - return( 0 ); + return 0; } /* * Get signature algorithm from alg OID and optional parameters */ -int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts ) +int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *sig_opts != NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (*sig_opts != NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) ); + if ((ret = mbedtls_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret); + } #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { + if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) { mbedtls_pk_rsassa_pss_options *pss_opts; - pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); - if( pss_opts == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); - - ret = mbedtls_x509_get_rsassa_pss_params( sig_params, - md_alg, - &pss_opts->mgf1_hash_id, - &pss_opts->expected_salt_len ); - if( ret != 0 ) - { - mbedtls_free( pss_opts ); - return( ret ); + pss_opts = mbedtls_calloc(1, sizeof(mbedtls_pk_rsassa_pss_options)); + if (pss_opts == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } + + ret = mbedtls_x509_get_rsassa_pss_params(sig_params, + md_alg, + &pss_opts->mgf1_hash_id, + &pss_opts->expected_salt_len); + if (ret != 0) { + mbedtls_free(pss_opts); + return ret; } *sig_opts = (void *) pss_opts; - } - else + } else #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ { /* Make sure parameters are absent or NULL */ - if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || - sig_params->len != 0 ) - return( MBEDTLS_ERR_X509_INVALID_ALG ); + if ((sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0) || + sig_params->len != 0) { + return MBEDTLS_ERR_X509_INVALID_ALG; + } } - return( 0 ); + return 0; } /* * X.509 Extensions (No parsing of extensions, pointer should * be either manually updated or extensions should be parsed!) */ -int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag ) +int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -711,10 +765,11 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, /* Extension structure use EXPLICIT tagging. That is, the actual * `Extensions` structure is wrapped by a tag-length pair using * the respective context-specific tag. */ - ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &ext->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag; ext->p = *p; @@ -723,84 +778,93 @@ int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, /* * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( end != *p + len ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end != *p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * Store the name in printable form into buf; no more * than size characters will be written */ -int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) +int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, n; + size_t i, j, n; unsigned char c, merge = 0; const mbedtls_x509_name *name; const char *short_name = NULL; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; - memset( s, 0, sizeof( s ) ); + memset(s, 0, sizeof(s)); name = dn; p = buf; n = size; - while( name != NULL ) - { - if( !name->oid.p ) - { + while (name != NULL) { + if (!name->oid.p) { name = name->next; continue; } - if( name != dn ) - { - ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); + if (name != dn) { + ret = mbedtls_snprintf(p, n, merge ? " + " : ", "); MBEDTLS_X509_SAFE_SNPRINTF; } - ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); + ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); - if( ret == 0 ) - ret = mbedtls_snprintf( p, n, "%s=", short_name ); - else - ret = mbedtls_snprintf( p, n, "\?\?=" ); + if (ret == 0) { + ret = mbedtls_snprintf(p, n, "%s=", short_name); + } else { + ret = mbedtls_snprintf(p, n, "\?\?="); + } MBEDTLS_X509_SAFE_SNPRINTF; - for( i = 0; i < name->val.len; i++ ) - { - if( i >= sizeof( s ) - 1 ) - break; + for (i = 0, j = 0; i < name->val.len; i++, j++) { + if (j >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } c = name->val.p[i]; - if( c < 32 || c >= 127 ) - s[i] = '?'; - else s[i] = c; + // Special characters requiring escaping, RFC 1779 + if (c && strchr(",=+<>#;\"\\", c)) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + } + if (c < 32 || c >= 127) { + s[j] = '?'; + } else { + s[j] = c; + } } - s[i] = '\0'; - ret = mbedtls_snprintf( p, n, "%s", s ); + s[j] = '\0'; + ret = mbedtls_snprintf(p, n, "%s", s); MBEDTLS_X509_SAFE_SNPRINTF; merge = name->next_merged; name = name->next; } - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Store the serial in printable form into buf; no more * than size characters will be written */ -int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) +int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i, n, nr; @@ -809,62 +873,61 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se p = buf; n = size; - nr = ( serial->len <= 32 ) + nr = (serial->len <= 32) ? serial->len : 28; - for( i = 0; i < nr; i++ ) - { - if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) + for (i = 0; i < nr; i++) { + if (i == 0 && nr > 1 && serial->p[i] == 0x0) { continue; + } - ret = mbedtls_snprintf( p, n, "%02X%s", - serial->p[i], ( i < nr - 1 ) ? ":" : "" ); + ret = mbedtls_snprintf(p, n, "%02X%s", + serial->p[i], (i < nr - 1) ? ":" : ""); MBEDTLS_X509_SAFE_SNPRINTF; } - if( nr != serial->len ) - { - ret = mbedtls_snprintf( p, n, "...." ); + if (nr != serial->len) { + ret = mbedtls_snprintf(p, n, "...."); MBEDTLS_X509_SAFE_SNPRINTF; } - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Helper for writing signature algorithms */ -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ) +int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; char *p = buf; size_t n = size; const char *desc = NULL; - ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); - if( ret != 0 ) - ret = mbedtls_snprintf( p, n, "???" ); - else - ret = mbedtls_snprintf( p, n, "%s", desc ); + ret = mbedtls_oid_get_sig_alg_desc(sig_oid, &desc); + if (ret != 0) { + ret = mbedtls_snprintf(p, n, "???"); + } else { + ret = mbedtls_snprintf(p, n, "%s", desc); + } MBEDTLS_X509_SAFE_SNPRINTF; #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { + if (pk_alg == MBEDTLS_PK_RSASSA_PSS) { const mbedtls_pk_rsassa_pss_options *pss_opts; const mbedtls_md_info_t *md_info, *mgf_md_info; pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; - md_info = mbedtls_md_info_from_type( md_alg ); - mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); + md_info = mbedtls_md_info_from_type(md_alg); + mgf_md_info = mbedtls_md_info_from_type(pss_opts->mgf1_hash_id); - ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", - md_info ? mbedtls_md_get_name( md_info ) : "???", - mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", - (unsigned int) pss_opts->expected_salt_len ); + ret = mbedtls_snprintf(p, n, " (%s, MGF1-%s, 0x%02X)", + md_info ? mbedtls_md_get_name(md_info) : "???", + mgf_md_info ? mbedtls_md_get_name(mgf_md_info) : "???", + (unsigned int) pss_opts->expected_salt_len); MBEDTLS_X509_SAFE_SNPRINTF; } #else @@ -873,22 +936,22 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s ((void) sig_opts); #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - return( (int)( size - n ) ); + return (int) (size - n); } /* * Helper for writing "RSA key size", "EC key size", etc */ -int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) +int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name) { char *p = buf; size_t n = buf_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_snprintf( p, n, "%s key size", name ); + ret = mbedtls_snprintf(p, n, "%s key size", name); MBEDTLS_X509_SAFE_SNPRINTF; - return( 0 ); + return 0; } #if defined(MBEDTLS_HAVE_TIME_DATE) @@ -896,19 +959,18 @@ int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) * Set the time structure to the current time. * Return 0 on success, non-zero on failure. */ -static int x509_get_current_time( mbedtls_x509_time *now ) +static int x509_get_current_time(mbedtls_x509_time *now) { struct tm *lt, tm_buf; mbedtls_time_t tt; int ret = 0; - tt = mbedtls_time( NULL ); - lt = mbedtls_platform_gmtime_r( &tt, &tm_buf ); + tt = mbedtls_time(NULL); + lt = mbedtls_platform_gmtime_r(&tt, &tm_buf); - if( lt == NULL ) + if (lt == NULL) { ret = -1; - else - { + } else { now->year = lt->tm_year + 1900; now->mon = lt->tm_mon + 1; now->day = lt->tm_mday; @@ -917,82 +979,90 @@ static int x509_get_current_time( mbedtls_x509_time *now ) now->sec = lt->tm_sec; } - return( ret ); + return ret; } /* * Return 0 if before <= after, 1 otherwise */ -static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) +static int x509_check_time(const mbedtls_x509_time *before, const mbedtls_x509_time *after) { - if( before->year > after->year ) - return( 1 ); + if (before->year > after->year) { + return 1; + } - if( before->year == after->year && - before->mon > after->mon ) - return( 1 ); + if (before->year == after->year && + before->mon > after->mon) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && - before->day > after->day ) - return( 1 ); + before->day > after->day) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && - before->hour > after->hour ) - return( 1 ); + before->hour > after->hour) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && before->hour == after->hour && - before->min > after->min ) - return( 1 ); + before->min > after->min) { + return 1; + } - if( before->year == after->year && + if (before->year == after->year && before->mon == after->mon && before->day == after->day && before->hour == after->hour && before->min == after->min && - before->sec > after->sec ) - return( 1 ); + before->sec > after->sec) { + return 1; + } - return( 0 ); + return 0; } -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) { mbedtls_x509_time now; - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); + if (x509_get_current_time(&now) != 0) { + return 1; + } - return( x509_check_time( &now, to ) ); + return x509_check_time(&now, to); } -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) { mbedtls_x509_time now; - if( x509_get_current_time( &now ) != 0 ) - return( 1 ); + if (x509_get_current_time(&now) != 0) { + return 1; + } - return( x509_check_time( from, &now ) ); + return x509_check_time(from, &now); } #else /* MBEDTLS_HAVE_TIME_DATE */ -int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) { ((void) to); - return( 0 ); + return 0; } -int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) { ((void) from); - return( 0 ); + return 0; } #endif /* MBEDTLS_HAVE_TIME_DATE */ @@ -1004,7 +1074,7 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) /* * Checkup routine */ -int mbedtls_x509_self_test( int verbose ) +int mbedtls_x509_self_test(int verbose) { int ret = 0; #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) @@ -1012,54 +1082,57 @@ int mbedtls_x509_self_test( int verbose ) mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; - if( verbose != 0 ) - mbedtls_printf( " X.509 certificate load: " ); + if (verbose != 0) { + mbedtls_printf(" X.509 certificate load: "); + } - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, - mbedtls_test_ca_crt_len ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_ca_crt, + mbedtls_test_ca_crt_len); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n X.509 signature verify: "); + if (verbose != 0) { + mbedtls_printf("passed\n X.509 signature verify: "); + } - ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); - if( ret != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + ret = mbedtls_x509_crt_verify(&clicert, &cacert, NULL, NULL, &flags, NULL, NULL); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } goto cleanup; } - if( verbose != 0 ) - mbedtls_printf( "passed\n\n"); + if (verbose != 0) { + mbedtls_printf("passed\n\n"); + } cleanup: - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &clicert ); + mbedtls_x509_crt_free(&cacert); + mbedtls_x509_crt_free(&clicert); #else ((void) verbose); #endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA256_C */ - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/library/x509_create.c b/third_party/mbedtls/repo/library/x509_create.c index 056bbaa7863..4ffd3b6a803 100644 --- a/third_party/mbedtls/repo/library/x509_create.c +++ b/third_party/mbedtls/repo/library/x509_create.c @@ -2,19 +2,7 @@ * X.509 base functions for creating certificates / CSRs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -31,115 +19,115 @@ /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ typedef struct { - const char *name; /* String representation of AttributeType, e.g. - * "CN" or "emailAddress". */ - size_t name_len; /* Length of 'name', without trailing 0 byte. */ - const char *oid; /* String representation of OID of AttributeType, + const char *name; /* String representation of AttributeType, e.g. + * "CN" or "emailAddress". */ + size_t name_len; /* Length of 'name', without trailing 0 byte. */ + const char *oid; /* String representation of OID of AttributeType, * as per RFC 5280, Appendix A.1. */ - int default_tag; /* The default character encoding used for the + int default_tag; /* The default character encoding used for the * given attribute type, e.g. * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ } x509_attr_descriptor_t; -#define ADD_STRLEN( s ) s, sizeof( s ) - 1 +#define ADD_STRLEN(s) s, sizeof(s) - 1 /* X.509 DN attributes from RFC 5280, Appendix A.1. */ static const x509_attr_descriptor_t x509_attrs[] = { - { ADD_STRLEN( "CN" ), + { ADD_STRLEN("CN"), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "commonName" ), + { ADD_STRLEN("commonName"), MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "C" ), + { ADD_STRLEN("C"), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "countryName" ), + { ADD_STRLEN("countryName"), MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "O" ), + { ADD_STRLEN("O"), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationName" ), + { ADD_STRLEN("organizationName"), MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "L" ), + { ADD_STRLEN("L"), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "locality" ), + { ADD_STRLEN("locality"), MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "R" ), + { ADD_STRLEN("R"), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "OU" ), + { ADD_STRLEN("OU"), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "organizationalUnitName" ), + { ADD_STRLEN("organizationalUnitName"), MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "ST" ), + { ADD_STRLEN("ST"), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "stateOrProvinceName" ), + { ADD_STRLEN("stateOrProvinceName"), MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "emailAddress" ), + { ADD_STRLEN("emailAddress"), MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "serialNumber" ), + { ADD_STRLEN("serialNumber"), MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalAddress" ), + { ADD_STRLEN("postalAddress"), MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "postalCode" ), + { ADD_STRLEN("postalCode"), MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "dnQualifier" ), + { ADD_STRLEN("dnQualifier"), MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING }, - { ADD_STRLEN( "title" ), + { ADD_STRLEN("title"), MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "surName" ), + { ADD_STRLEN("surName"), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "SN" ), + { ADD_STRLEN("SN"), MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "givenName" ), + { ADD_STRLEN("givenName"), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "GN" ), + { ADD_STRLEN("GN"), MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "initials" ), + { ADD_STRLEN("initials"), MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "pseudonym" ), + { ADD_STRLEN("pseudonym"), MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "generationQualifier" ), + { ADD_STRLEN("generationQualifier"), MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING }, - { ADD_STRLEN( "domainComponent" ), + { ADD_STRLEN("domainComponent"), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, - { ADD_STRLEN( "DC" ), + { ADD_STRLEN("DC"), MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, { NULL, 0, NULL, MBEDTLS_ASN1_NULL } }; -static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len ) +static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, size_t name_len) { const x509_attr_descriptor_t *cur; - for( cur = x509_attrs; cur->name != NULL; cur++ ) - if( cur->name_len == name_len && - strncmp( cur->name, name, name_len ) == 0 ) + for (cur = x509_attrs; cur->name != NULL; cur++) { + if (cur->name_len == name_len && + strncmp(cur->name, name, name_len) == 0) { break; + } + } - if ( cur->name == NULL ) - return( NULL ); + if (cur->name == NULL) { + return NULL; + } - return( cur ); + return cur; } -int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) +int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { - int ret = 0; + int ret = MBEDTLS_ERR_X509_INVALID_NAME; const char *s = name, *c = s; - const char *end = s + strlen( s ); + const char *end = s + strlen(s); const char *oid = NULL; - const x509_attr_descriptor_t* attr_descr = NULL; + const x509_attr_descriptor_t *attr_descr = NULL; int in_tag = 1; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char *d = data; /* Clear existing chain if present */ - mbedtls_asn1_free_named_data_list( head ); - - while( c <= end ) - { - if( in_tag && *c == '=' ) - { - if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL ) - { + mbedtls_asn1_free_named_data_list(head); + + while (c <= end) { + if (in_tag && *c == '=') { + if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { ret = MBEDTLS_ERR_X509_UNKNOWN_OID; goto exit; } @@ -150,45 +138,42 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na d = data; } - if( !in_tag && *c == '\\' && c != end ) - { + if (!in_tag && *c == '\\' && c != end) { c++; /* Check for valid escaped characters */ - if( c == end || *c != ',' ) - { + if (c == end || *c != ',') { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } - } - else if( !in_tag && ( *c == ',' || c == end ) ) - { - mbedtls_asn1_named_data* cur = - mbedtls_asn1_store_named_data( head, oid, strlen( oid ), - (unsigned char *) data, - d - data ); - - if(cur == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + } else if (!in_tag && (*c == ',' || c == end)) { + mbedtls_asn1_named_data *cur = + mbedtls_asn1_store_named_data(head, oid, strlen(oid), + (unsigned char *) data, + d - data); + + if (cur == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } // set tagType cur->val.tag = attr_descr->default_tag; - while( c < end && *(c + 1) == ' ' ) + while (c < end && *(c + 1) == ' ') { c++; + } s = c + 1; in_tag = 1; + + /* Successfully parsed one name, update ret to success */ + ret = 0; } - if( !in_tag && s != c + 1 ) - { + if (!in_tag && s != c + 1) { *(d++) = *c; - if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE ) - { + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { ret = MBEDTLS_ERR_X509_INVALID_NAME; goto exit; } @@ -199,27 +184,30 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na exit: - return( ret ); + return ret; } /* The first byte of the value in the mbedtls_asn1_named_data structure is reserved * to store the critical boolean for us */ -int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, size_t val_len ) +int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, size_t val_len) { mbedtls_asn1_named_data *cur; - if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len, - NULL, val_len + 1 ) ) == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (val_len > (SIZE_MAX - 1)) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len, + NULL, val_len + 1)) == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } cur->val.p[0] = critical; - memcpy( cur->val.p + 1, val, val_len ); + memcpy(cur->val.p + 1, val, val_len); - return( 0 ); + return 0; } /* @@ -234,115 +222,130 @@ int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, * * AttributeValue ::= ANY DEFINED BY AttributeType */ -static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name) +static int x509_write_name(unsigned char **p, + unsigned char *start, + mbedtls_asn1_named_data *cur_name) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - const char *oid = (const char*)cur_name->oid.p; + const char *oid = (const char *) cur_name->oid.p; size_t oid_len = cur_name->oid.len; const unsigned char *name = cur_name->val.p; size_t name_len = cur_name->val.len; // Write correct string tag and value - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start, - cur_name->val.tag, - (const char *) name, - name_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tagged_string(p, start, + cur_name->val.tag, + (const char *) name, + name_len)); // Write OID // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, - oid_len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, + oid_len)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SET ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SET)); - return( (int) len ); + return (int) len; } -int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) +int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_asn1_named_data *cur = first; - while( cur != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) ); + while (cur != NULL) { + MBEDTLS_ASN1_CHK_ADD(len, x509_write_name(p, start, cur)); cur = cur->next; } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } -int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size ) +int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size, + mbedtls_pk_type_t pk_alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int write_null_par; size_t len = 0; - if( *p < start || (size_t)( *p - start ) < size ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p < start || (size_t) (*p - start) < size) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } len = size; (*p) -= len; - memcpy( *p, sig, len ); + memcpy(*p, sig, len); - if( *p - start < 1 ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (*p - start < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *--(*p) = 0; len += 1; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING)); // Write OID // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid, - oid_len, 0 ) ); + if (pk_alg == MBEDTLS_PK_ECDSA) { + /* + * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature + * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and + * https://www.rfc-editor.org/rfc/rfc5758#section-3. + */ + write_null_par = 0; + } else { + write_null_par = 1; + } + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len, + 0, write_null_par)); - return( (int) len ); + return (int) len; } -static int x509_write_extension( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *ext ) +static int x509_write_extension(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1, - ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->val.p + 1, + ext->val.len - 1)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->val.len - 1)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING)); - if( ext->val.p[0] != 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) ); + if (ext->val.p[0] != 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(p, start, 1)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p, - ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, ext->oid.p, + ext->oid.len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, ext->oid.len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } /* @@ -355,20 +358,19 @@ static int x509_write_extension( unsigned char **p, unsigned char *start, * -- by extnID * } */ -int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) +int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_asn1_named_data *cur_ext = first; - while( cur_ext != NULL ) - { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) ); + while (cur_ext != NULL) { + MBEDTLS_ASN1_CHK_ADD(len, x509_write_extension(p, start, cur_ext)); cur_ext = cur_ext->next; } - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_X509_CREATE_C */ diff --git a/third_party/mbedtls/repo/library/x509_crl.c b/third_party/mbedtls/repo/library/x509_crl.c index ac4fc75de38..f98c22d704e 100644 --- a/third_party/mbedtls/repo/library/x509_crl.c +++ b/third_party/mbedtls/repo/library/x509_crl.c @@ -1,20 +1,8 @@ /* - * X.509 Certidicate Revocation List (CRL) parsing + * X.509 Certificate Revocation List (CRL) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. @@ -42,21 +30,15 @@ #include "mbedtls/pem.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include @@ -65,24 +47,22 @@ /* * Version ::= INTEGER { v1(0), v2(1) } */ -static int x509_crl_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_crl_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); } - return( 0 ); + return 0; } /* @@ -92,26 +72,27 @@ static int x509_crl_get_version( unsigned char **p, * list of extensions is well-formed and abort on critical extensions (that * are unsupported as we don't support any extension so far) */ -static int x509_get_crl_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) +static int x509_get_crl_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } /* * crlExtensions [0] EXPLICIT Extensions OPTIONAL * -- if present, version MUST be v2 */ - if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_ext(p, end, ext, 0)) != 0) { + return ret; + } end = ext->p + ext->len; - while( *p < end ) - { + while (*p < end) { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, @@ -123,65 +104,69 @@ static int x509_get_crl_ext( unsigned char **p, size_t len; /* Get enclosing sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } end_ext_data = *p + len; /* Get OID (currently ignored) */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } *p += len; /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, - &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, + &is_critical)) != 0 && + (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Ignore data so far and just check its length */ *p += len; - if( *p != end_ext_data ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end_ext_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Abort on (unsupported) critical extensions */ - if( is_critical ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if (is_critical) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 CRL v2 entry extensions (no extensions parsed yet.) */ -static int x509_get_crl_entry_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *ext ) +static int x509_get_crl_entry_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *ext) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; /* OPTIONAL */ - if( end <= *p ) - return( 0 ); + if (end <= *p) { + return 0; + } ext->tag = **p; ext->p = *p; @@ -190,110 +175,112 @@ static int x509_get_crl_entry_ext( unsigned char **p, * Get CRL-entry extension sequence header * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_tag(p, end, &ext->len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { ext->p = NULL; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } end = *p + ext->len; - if( end != *p + ext->len ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end != *p + ext->len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + while (*p < end) { + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } *p += len; } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 CRL Entries */ -static int x509_get_entries( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crl_entry *entry ) +static int x509_get_entries(unsigned char **p, + const unsigned char *end, + mbedtls_x509_crl_entry *entry) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t entry_len; mbedtls_x509_crl_entry *cur_entry = entry; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); + if ((ret = mbedtls_asn1_get_tag(p, end, &entry_len, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return 0; + } - return( ret ); + return ret; } end = *p + entry_len; - while( *p < end ) - { + while (*p < end) { size_t len2; const unsigned char *end2; cur_entry->raw.tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len2, - MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len2, + MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED)) != 0) { + return ret; } cur_entry->raw.p = *p; cur_entry->raw.len = len2; end2 = *p + len2; - if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_serial(p, end2, &cur_entry->serial)) != 0) { + return ret; + } - if( ( ret = mbedtls_x509_get_time( p, end2, - &cur_entry->revocation_date ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end2, + &cur_entry->revocation_date)) != 0) { + return ret; + } - if( ( ret = x509_get_crl_entry_ext( p, end2, - &cur_entry->entry_ext ) ) != 0 ) - return( ret ); + if ((ret = x509_get_crl_entry_ext(p, end2, + &cur_entry->entry_ext)) != 0) { + return ret; + } - if( *p < end ) - { - cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) ); + if (*p < end) { + cur_entry->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl_entry)); - if( cur_entry->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (cur_entry->next == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } cur_entry = cur_entry->next; } } - return( 0 ); + return 0; } /* * Parse one CRLs in DER format and append it to the chained list */ -int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, - const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -304,44 +291,46 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, /* * Check for valid input */ - if( crl == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crl == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params1, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_params2, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf)); /* * Add new CRL on the end of the chain if needed. */ - while( crl->version != 0 && crl->next != NULL ) + while (crl->version != 0 && crl->next != NULL) { crl = crl->next; + } - if( crl->version != 0 && crl->next == NULL ) - { - crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ); + if (crl->version != 0 && crl->next == NULL) { + crl->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crl)); - if( crl->next == NULL ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (crl->next == NULL) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_ALLOC_FAILED; } - mbedtls_x509_crl_init( crl->next ); + mbedtls_x509_crl_init(crl->next); crl = crl->next; } /* * Copy raw DER-encoded CRL */ - if( buflen == 0 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if (buflen == 0) { + return MBEDTLS_ERR_X509_INVALID_FORMAT; + } - p = mbedtls_calloc( 1, buflen ); - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + p = mbedtls_calloc(1, buflen); + if (p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( p, buf, buflen ); + memcpy(p, buf, buflen); crl->raw.p = p; crl->raw.len = buflen; @@ -354,18 +343,16 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len != (size_t) (end - p)) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } /* @@ -373,11 +360,10 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, */ crl->tbs.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -389,27 +375,24 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * * signature AlgorithmIdentifier */ - if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = x509_crl_get_version(&p, end, &crl->version)) != 0 || + (ret = mbedtls_x509_get_alg(&p, end, &crl->sig_oid, &sig_params1)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( crl->version < 0 || crl->version > 1 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (crl->version < 0 || crl->version > 1) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } crl->version++; - if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1, - &crl->sig_md, &crl->sig_pk, - &crl->sig_opts ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1, + &crl->sig_md, &crl->sig_pk, + &crl->sig_opts)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG; } /* @@ -417,17 +400,15 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, */ crl->issuer_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &crl->issuer)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } crl->issuer_raw.len = p - crl->issuer_raw.p; @@ -436,21 +417,18 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * thisUpdate Time * nextUpdate Time OPTIONAL */ - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); - } - - if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 ) - { - if( ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) && - ret != ( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_OUT_OF_DATA ) ) ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_time(&p, end, &crl->this_update)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; + } + + if ((ret = mbedtls_x509_get_time(&p, end, &crl->next_update)) != 0) { + if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) && + ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_OUT_OF_DATA))) { + mbedtls_x509_crl_free(crl); + return ret; } } @@ -462,32 +440,28 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * -- if present, MUST be v2 * } OPTIONAL */ - if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = x509_get_entries(&p, end, &crl->entry)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } /* * crlExtensions EXPLICIT Extensions OPTIONAL * -- if present, MUST be v2 */ - if( crl->version == 2 ) - { - ret = x509_get_crl_ext( &p, end, &crl->crl_ext ); - - if( ret != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if (crl->version == 2) { + ret = x509_get_crl_ext(&p, end, &crl->crl_ext); + + if (ret != 0) { + mbedtls_x509_crl_free(crl); + return ret; } } - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } end = crl->raw.p + crl->raw.len; @@ -496,42 +470,38 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( crl->sig_oid.len != sig_oid2.len || - memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 || + if (crl->sig_oid.len != sig_oid2.len || + memcmp(crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len) != 0 || sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + (sig_params1.len != 0 && + memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERR_X509_SIG_MISMATCH; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 ) - { - mbedtls_x509_crl_free( crl ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &crl->sig)) != 0) { + mbedtls_x509_crl_free(crl); + return ret; } - if( p != end ) - { - mbedtls_x509_crl_free( crl ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crl_free(crl); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse one or more CRLs and add them to the chained list */ -int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -539,25 +509,25 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s mbedtls_pem_context pem; int is_pem = 0; - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (chain == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - do - { - mbedtls_pem_init( &pem ); + do { + mbedtls_pem_init(&pem); // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated // string - if( buflen == 0 || buf[buflen - 1] != '\0' ) + if (buflen == 0 || buf[buflen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; - else - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN X509 CRL-----", - "-----END X509 CRL-----", - buf, NULL, 0, &use_len ); - - if( ret == 0 ) - { + } else { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len); + } + + if (ret == 0) { /* * Was PEM encoded */ @@ -566,51 +536,49 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s buflen -= use_len; buf += use_len; - if( ( ret = mbedtls_x509_crl_parse_der( chain, - pem.buf, pem.buflen ) ) != 0 ) - { - mbedtls_pem_free( &pem ); - return( ret ); + if ((ret = mbedtls_x509_crl_parse_der(chain, + pem.buf, pem.buflen)) != 0) { + mbedtls_pem_free(&pem); + return ret; } - } - else if( is_pem ) - { - mbedtls_pem_free( &pem ); - return( ret ); + } else if (is_pem) { + mbedtls_pem_free(&pem); + return ret; } - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); } /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte. * And a valid CRL cannot be less than 1 byte anyway. */ - while( is_pem && buflen > 1 ); + while (is_pem && buflen > 1); - if( is_pem ) - return( 0 ); - else + if (is_pem) { + return 0; + } else #endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) ); + return mbedtls_x509_crl_parse_der(chain, buf, buflen); } #if defined(MBEDTLS_FS_IO) /* * Load one or more CRLs and add them to the chained list */ -int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) +int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_crl_parse( chain, buf, n ); + ret = mbedtls_x509_crl_parse(chain, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -622,8 +590,8 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path ) /* * Return an informational string about the CRL. */ -int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crl *crl ) +int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crl *crl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -633,79 +601,78 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = mbedtls_snprintf( p, n, "%sCRL version : %d", - prefix, crl->version ); + ret = mbedtls_snprintf(p, n, "%sCRL version : %d", + prefix, crl->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%sissuer name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crl->issuer ); + ret = mbedtls_x509_dn_gets(p, n, &crl->issuer); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sthis update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->this_update.year, crl->this_update.mon, - crl->this_update.day, crl->this_update.hour, - crl->this_update.min, crl->this_update.sec ); + ret = mbedtls_snprintf(p, n, "\n%sthis update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->this_update.year, crl->this_update.mon, + crl->this_update.day, crl->this_update.hour, + crl->this_update.min, crl->this_update.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%snext update : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crl->next_update.year, crl->next_update.mon, - crl->next_update.day, crl->next_update.hour, - crl->next_update.min, crl->next_update.sec ); + ret = mbedtls_snprintf(p, n, "\n%snext update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->next_update.year, crl->next_update.mon, + crl->next_update.day, crl->next_update.hour, + crl->next_update.min, crl->next_update.sec); MBEDTLS_X509_SAFE_SNPRINTF; entry = &crl->entry; - ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:", - prefix ); + ret = mbedtls_snprintf(p, n, "\n%sRevoked certificates:", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - while( entry != NULL && entry->raw.len != 0 ) - { - ret = mbedtls_snprintf( p, n, "\n%sserial number: ", - prefix ); + while (entry != NULL && entry->raw.len != 0) { + ret = mbedtls_snprintf(p, n, "\n%sserial number: ", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &entry->serial ); + ret = mbedtls_x509_serial_gets(p, n, &entry->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " revocation date: " \ - "%04d-%02d-%02d %02d:%02d:%02d", - entry->revocation_date.year, entry->revocation_date.mon, - entry->revocation_date.day, entry->revocation_date.hour, - entry->revocation_date.min, entry->revocation_date.sec ); + ret = mbedtls_snprintf(p, n, " revocation date: " \ + "%04d-%02d-%02d %02d:%02d:%02d", + entry->revocation_date.year, entry->revocation_date.mon, + entry->revocation_date.day, entry->revocation_date.hour, + entry->revocation_date.min, entry->revocation_date.sec); MBEDTLS_X509_SAFE_SNPRINTF; entry = entry->next; } - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, - crl->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, + crl->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Initialize a CRL chain */ -void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) +void mbedtls_x509_crl_init(mbedtls_x509_crl *crl) { - memset( crl, 0, sizeof(mbedtls_x509_crl) ); + memset(crl, 0, sizeof(mbedtls_x509_crl)); } /* * Unallocate all CRL data */ -void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) +void mbedtls_x509_crl_free(mbedtls_x509_crl *crl) { mbedtls_x509_crl *crl_cur = crl; mbedtls_x509_crl *crl_prv; @@ -714,55 +681,50 @@ void mbedtls_x509_crl_free( mbedtls_x509_crl *crl ) mbedtls_x509_crl_entry *entry_cur; mbedtls_x509_crl_entry *entry_prv; - if( crl == NULL ) + if (crl == NULL) { return; + } - do - { + do { #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( crl_cur->sig_opts ); + mbedtls_free(crl_cur->sig_opts); #endif name_cur = crl_cur->issuer.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } entry_cur = crl_cur->entry.next; - while( entry_cur != NULL ) - { + while (entry_cur != NULL) { entry_prv = entry_cur; entry_cur = entry_cur->next; - mbedtls_platform_zeroize( entry_prv, - sizeof( mbedtls_x509_crl_entry ) ); - mbedtls_free( entry_prv ); + mbedtls_platform_zeroize(entry_prv, + sizeof(mbedtls_x509_crl_entry)); + mbedtls_free(entry_prv); } - if( crl_cur->raw.p != NULL ) - { - mbedtls_platform_zeroize( crl_cur->raw.p, crl_cur->raw.len ); - mbedtls_free( crl_cur->raw.p ); + if (crl_cur->raw.p != NULL) { + mbedtls_platform_zeroize(crl_cur->raw.p, crl_cur->raw.len); + mbedtls_free(crl_cur->raw.p); } crl_cur = crl_cur->next; - } - while( crl_cur != NULL ); + } while (crl_cur != NULL); crl_cur = crl; - do - { + do { crl_prv = crl_cur; crl_cur = crl_cur->next; - mbedtls_platform_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) ); - if( crl_prv != crl ) - mbedtls_free( crl_prv ); - } - while( crl_cur != NULL ); + mbedtls_platform_zeroize(crl_prv, sizeof(mbedtls_x509_crl)); + if (crl_prv != crl) { + mbedtls_free(crl_prv); + } + } while (crl_cur != NULL); } #endif /* MBEDTLS_X509_CRL_PARSE_C */ diff --git a/third_party/mbedtls/repo/library/x509_crt.c b/third_party/mbedtls/repo/library/x509_crt.c index a6cccf81445..a3a4525b947 100644 --- a/third_party/mbedtls/repo/library/x509_crt.c +++ b/third_party/mbedtls/repo/library/x509_crt.c @@ -2,19 +2,7 @@ * X.509 certificate parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. @@ -49,25 +37,19 @@ #include "mbedtls/psa_util.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif #if defined(MBEDTLS_THREADING_C) #include "mbedtls/threading.h" #endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) #include @@ -75,6 +57,7 @@ #include #include #include +#include #endif /* !_WIN32 || EFIX64 || EFI32 */ #endif @@ -89,17 +72,17 @@ typedef struct { /* * Max size of verification chain: end-entity + intermediates + trusted root */ -#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) +#define X509_MAX_VERIFY_CHAIN_SIZE (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2) /* Default profile. Do not remove items unless there are serious security * concerns. */ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = { /* Only SHA-2 hashes */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ 0xFFFFFFF, /* Any curve */ 2048, @@ -111,19 +94,19 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = { /* Hashes from SHA-256 and above */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ #if defined(MBEDTLS_ECP_C) /* Curves at or above 128-bit security level */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP521R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256K1), #else 0, #endif @@ -136,15 +119,15 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next = const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = { /* Only SHA-256 and 384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384), /* Only ECDSA */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY), #if defined(MBEDTLS_ECP_C) /* Only NIST P-256 and P-384 */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1), #else 0, #endif @@ -155,133 +138,136 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = * Check md_alg against profile * Return 0 if md_alg is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_md_type_t md_alg ) +static int x509_profile_check_md_alg(const mbedtls_x509_crt_profile *profile, + mbedtls_md_type_t md_alg) { - if( md_alg == MBEDTLS_MD_NONE ) - return( -1 ); + if (md_alg == MBEDTLS_MD_NONE) { + return -1; + } - if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) - return( 0 ); + if ((profile->allowed_mds & MBEDTLS_X509_ID_FLAG(md_alg)) != 0) { + return 0; + } - return( -1 ); + return -1; } /* * Check pk_alg against profile * Return 0 if pk_alg is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, - mbedtls_pk_type_t pk_alg ) +static int x509_profile_check_pk_alg(const mbedtls_x509_crt_profile *profile, + mbedtls_pk_type_t pk_alg) { - if( pk_alg == MBEDTLS_PK_NONE ) - return( -1 ); + if (pk_alg == MBEDTLS_PK_NONE) { + return -1; + } - if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) - return( 0 ); + if ((profile->allowed_pks & MBEDTLS_X509_ID_FLAG(pk_alg)) != 0) { + return 0; + } - return( -1 ); + return -1; } /* * Check key against profile * Return 0 if pk is acceptable for this profile, -1 otherwise */ -static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, - const mbedtls_pk_context *pk ) +static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile, + const mbedtls_pk_context *pk) { - const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type( pk ); + const mbedtls_pk_type_t pk_alg = mbedtls_pk_get_type(pk); #if defined(MBEDTLS_RSA_C) - if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) - { - if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) - return( 0 ); + if (pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS) { + if (mbedtls_pk_get_bitlen(pk) >= profile->rsa_min_bitlen) { + return 0; + } - return( -1 ); + return -1; } #endif #if defined(MBEDTLS_ECP_C) - if( pk_alg == MBEDTLS_PK_ECDSA || + if (pk_alg == MBEDTLS_PK_ECDSA || pk_alg == MBEDTLS_PK_ECKEY || - pk_alg == MBEDTLS_PK_ECKEY_DH ) - { - const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; + pk_alg == MBEDTLS_PK_ECKEY_DH) { + const mbedtls_ecp_group_id gid = mbedtls_pk_ec(*pk)->grp.id; - if( gid == MBEDTLS_ECP_DP_NONE ) - return( -1 ); + if (gid == MBEDTLS_ECP_DP_NONE) { + return -1; + } - if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) - return( 0 ); + if ((profile->allowed_curves & MBEDTLS_X509_ID_FLAG(gid)) != 0) { + return 0; + } - return( -1 ); + return -1; } #endif - return( -1 ); + return -1; } /* * Like memcmp, but case-insensitive and always returns -1 if different */ -static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) +static int x509_memcasecmp(const void *s1, const void *s2, size_t len) { size_t i; unsigned char diff; const unsigned char *n1 = s1, *n2 = s2; - for( i = 0; i < len; i++ ) - { + for (i = 0; i < len; i++) { diff = n1[i] ^ n2[i]; - if( diff == 0 ) + if (diff == 0) { continue; + } - if( diff == 32 && - ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || - ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) - { + if (diff == 32 && + ((n1[i] >= 'a' && n1[i] <= 'z') || + (n1[i] >= 'A' && n1[i] <= 'Z'))) { continue; } - return( -1 ); + return -1; } - return( 0 ); + return 0; } /* * Return 0 if name matches wildcard, -1 otherwise */ -static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) +static int x509_check_wildcard(const char *cn, const mbedtls_x509_buf *name) { size_t i; - size_t cn_idx = 0, cn_len = strlen( cn ); + size_t cn_idx = 0, cn_len = strlen(cn); /* We can't have a match if there is no wildcard to match */ - if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) - return( -1 ); + if (name->len < 3 || name->p[0] != '*' || name->p[1] != '.') { + return -1; + } - for( i = 0; i < cn_len; ++i ) - { - if( cn[i] == '.' ) - { + for (i = 0; i < cn_len; ++i) { + if (cn[i] == '.') { cn_idx = i; break; } } - if( cn_idx == 0 ) - return( -1 ); + if (cn_idx == 0) { + return -1; + } - if( cn_len - cn_idx == name->len - 1 && - x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) - { - return( 0 ); + if (cn_len - cn_idx == name->len - 1 && + x509_memcasecmp(name->p + 1, cn + cn_idx, name->len - 1) == 0) { + return 0; } - return( -1 ); + return -1; } /* @@ -290,24 +276,22 @@ static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) * * Return 0 if equal, -1 otherwise. */ -static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) +static int x509_string_cmp(const mbedtls_x509_buf *a, const mbedtls_x509_buf *b) { - if( a->tag == b->tag && + if (a->tag == b->tag && a->len == b->len && - memcmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); + memcmp(a->p, b->p, b->len) == 0) { + return 0; } - if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + if ((a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING) && + (b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING) && a->len == b->len && - x509_memcasecmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); + x509_memcasecmp(a->p, b->p, b->len) == 0) { + return 0; } - return( -1 ); + return -1; } /* @@ -320,48 +304,48 @@ static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b * * Return 0 if equal, -1 otherwise. */ -static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) +static int x509_name_cmp(const mbedtls_x509_name *a, const mbedtls_x509_name *b) { /* Avoid recursion, it might not be optimised by the compiler */ - while( a != NULL || b != NULL ) - { - if( a == NULL || b == NULL ) - return( -1 ); + while (a != NULL || b != NULL) { + if (a == NULL || b == NULL) { + return -1; + } /* type */ - if( a->oid.tag != b->oid.tag || + if (a->oid.tag != b->oid.tag || a->oid.len != b->oid.len || - memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) - { - return( -1 ); + memcmp(a->oid.p, b->oid.p, b->oid.len) != 0) { + return -1; } /* value */ - if( x509_string_cmp( &a->val, &b->val ) != 0 ) - return( -1 ); + if (x509_string_cmp(&a->val, &b->val) != 0) { + return -1; + } /* structure of the list of sets */ - if( a->next_merged != b->next_merged ) - return( -1 ); + if (a->next_merged != b->next_merged) { + return -1; + } a = a->next; b = b->next; } /* a == NULL == b */ - return( 0 ); + return 0; } /* * Reset (init or clear) a verify_chain */ static void x509_crt_verify_chain_reset( - mbedtls_x509_crt_verify_chain *ver_chain ) + mbedtls_x509_crt_verify_chain *ver_chain) { size_t i; - for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) - { + for (i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++) { ver_chain->items[i].crt = NULL; ver_chain->items[i].flags = (uint32_t) -1; } @@ -376,35 +360,36 @@ static void x509_crt_verify_chain_reset( /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ -static int x509_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 0)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = *p + len; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -412,66 +397,72 @@ static int x509_get_version( unsigned char **p, * notBefore Time, * notAfter Time } */ -static int x509_get_dates( unsigned char **p, - const unsigned char *end, - mbedtls_x509_time *from, - mbedtls_x509_time *to ) +static int x509_get_dates(unsigned char **p, + const unsigned char *end, + mbedtls_x509_time *from, + mbedtls_x509_time *to) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret); + } end = *p + len; - if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end, from)) != 0) { + return ret; + } - if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_time(p, end, to)) != 0) { + return ret; + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * X.509 v2/v3 unique identifier (not parsed) */ -static int x509_get_uid( unsigned char **p, - const unsigned char *end, - mbedtls_x509_buf *uid, int n ) +static int x509_get_uid(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *uid, int n) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } uid->tag = **p; - if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - return( 0 ); + if ((ret = mbedtls_asn1_get_tag(p, end, &uid->len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + n)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return 0; + } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } uid->p = *p; *p += uid->len; - return( 0 ); + return 0; } -static int x509_get_basic_constraints( unsigned char **p, - const unsigned char *end, - int *ca_istrue, - int *max_pathlen ) +static int x509_get_basic_constraints(unsigned char **p, + const unsigned char *end, + int *ca_istrue, + int *max_pathlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -484,88 +475,99 @@ static int x509_get_basic_constraints( unsigned char **p, *ca_istrue = 0; /* DEFAULT FALSE */ *max_pathlen = 0; /* endless */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - ret = mbedtls_asn1_get_int( p, end, ca_istrue ); + if ((ret = mbedtls_asn1_get_bool(p, end, ca_istrue)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + ret = mbedtls_asn1_get_int(p, end, ca_istrue); + } - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *ca_istrue != 0 ) + if (*ca_istrue != 0) { *ca_istrue = 1; + } } - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_int(p, end, max_pathlen)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer * overflow, which is an undefined behavior. */ - if( *max_pathlen == INT_MAX ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (*max_pathlen == INT_MAX) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } (*max_pathlen)++; - return( 0 ); + return 0; } -static int x509_get_ns_cert_type( unsigned char **p, - const unsigned char *end, - unsigned char *ns_cert_type) +static int x509_get_ns_cert_type(unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( bs.len != 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (bs.len != 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } /* Get actual bitstring */ *ns_cert_type = *bs.p; - return( 0 ); + return 0; } -static int x509_get_key_usage( unsigned char **p, - const unsigned char *end, - unsigned int *key_usage) +static int x509_get_key_usage(unsigned char **p, + const unsigned char *end, + unsigned int *key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; mbedtls_x509_bitstring bs = { 0, 0, NULL }; - if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( bs.len < 1 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (bs.len < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } /* Get actual bitstring */ *key_usage = 0; - for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ ) - { + for (i = 0; i < bs.len && i < sizeof(unsigned int); i++) { *key_usage |= (unsigned int) bs.p[i] << (8*i); } - return( 0 ); + return 0; } /* @@ -573,21 +575,23 @@ static int x509_get_key_usage( unsigned char **p, * * KeyPurposeId ::= OBJECT IDENTIFIER */ -static int x509_get_ext_key_usage( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *ext_key_usage) +static int x509_get_ext_key_usage(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *ext_key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_sequence_of(p, end, ext_key_usage, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Sequence length must be >= 1 */ - if( ext_key_usage->buf.p == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH ) ); + if (ext_key_usage->buf.p == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } - return( 0 ); + return 0; } /* @@ -617,96 +621,97 @@ static int x509_get_ext_key_usage( unsigned char **p, * NOTE: we list all types, but only use dNSName and otherName * of type HwModuleName, as defined in RFC 4108, at this point. */ -static int x509_get_subject_alt_name( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name ) +static int x509_get_subject_alt_name(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len, tag_len; - mbedtls_asn1_buf *buf; - unsigned char tag; mbedtls_asn1_sequence *cur = subject_alt_name; /* Get main sequence tag */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { mbedtls_x509_subject_alternative_name dummy_san_buf; - memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) ); + mbedtls_x509_buf tmp_san_buf; + memset(&dummy_san_buf, 0, sizeof(dummy_san_buf)); - tag = **p; + tmp_san_buf.tag = **p; (*p)++; - if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); - if( ( tag & MBEDTLS_ASN1_TAG_CLASS_MASK ) != - MBEDTLS_ASN1_CONTEXT_SPECIFIC ) - { - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + if ((ret = mbedtls_asn1_get_len(p, end, &tag_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + tmp_san_buf.p = *p; + tmp_san_buf.len = tag_len; + + if ((tmp_san_buf.tag & MBEDTLS_ASN1_TAG_CLASS_MASK) != + MBEDTLS_ASN1_CONTEXT_SPECIFIC) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } /* * Check that the SAN is structured correctly. */ - ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf ); + ret = mbedtls_x509_parse_subject_alt_name(&tmp_san_buf, &dummy_san_buf); /* * In case the extension is malformed, return an error, * and clear the allocated sequences. */ - if( ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - { + if (ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { mbedtls_x509_sequence *seq_cur = subject_alt_name->next; mbedtls_x509_sequence *seq_prv; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } subject_alt_name->next = NULL; - return( ret ); + return ret; } /* Allocate and assign next pointer */ - if( cur->buf.p != NULL ) - { - if( cur->next != NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if (cur->buf.p != NULL) { + if (cur->next != NULL) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); + if (cur->next == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED); + } cur = cur->next; } - buf = &(cur->buf); - buf->tag = tag; - buf->p = *p; - buf->len = tag_len; - *p += buf->len; + cur->buf = tmp_san_buf; + *p += tmp_san_buf.len; } /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* @@ -758,9 +763,9 @@ static int x509_get_subject_alt_name( unsigned char **p, * NOTE: we only parse and use anyPolicy without qualifiers at this point * as defined in RFC 5280. */ -static int x509_get_certificate_policies( unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *certificate_policies ) +static int x509_get_certificate_policies(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *certificate_policies) { int ret, parse_ret = 0; size_t len; @@ -768,39 +773,43 @@ static int x509_get_certificate_policies( unsigned char **p, mbedtls_asn1_sequence *cur = certificate_policies; /* Get main sequence tag */ - ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Cannot be an empty sequence. */ - if( len == 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len == 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { mbedtls_x509_buf policy_oid; const unsigned char *policy_end; /* * Get the policy sequence */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_oid.tag = MBEDTLS_ASN1_OID; policy_oid.len = len; @@ -809,8 +818,7 @@ static int x509_get_certificate_policies( unsigned char **p, /* * Only AnyPolicy is currently supported when enforcing policy. */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_POLICY, &policy_oid ) != 0 ) - { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_POLICY, &policy_oid) != 0) { /* * Set the parsing return code but continue parsing, in case this * extension is critical and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION @@ -820,135 +828,144 @@ static int x509_get_certificate_policies( unsigned char **p, } /* Allocate and assign next pointer */ - if( cur->buf.p != NULL ) - { - if( cur->next != NULL ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if (cur->buf.p != NULL) { + if (cur->next != NULL) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } - cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) ); + cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - if( cur->next == NULL ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_ALLOC_FAILED ) ); + if (cur->next == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED); + } cur = cur->next; } - buf = &( cur->buf ); + buf = &(cur->buf); buf->tag = policy_oid.tag; buf->p = policy_oid.p; buf->len = policy_oid.len; *p += len; - /* - * If there is an optional qualifier, then *p < policy_end - * Check the Qualifier len to verify it doesn't exceed policy_end. - */ - if( *p < policy_end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + /* + * If there is an optional qualifier, then *p < policy_end + * Check the Qualifier len to verify it doesn't exceed policy_end. + */ + if (*p < policy_end) { + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Skip the optional policy qualifiers. */ *p += len; } - if( *p != policy_end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != policy_end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } } /* Set final sequence entry's next pointer to NULL */ cur->next = NULL; - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( parse_ret ); + return parse_ret; } /* * X.509 v3 extensions * */ -static int x509_get_crt_ext( unsigned char **p, - const unsigned char *end, - mbedtls_x509_crt *crt, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int x509_get_crt_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_crt *crt, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *end_ext_data, *start_ext_octet, *end_ext_octet; - if( *p == end ) - return( 0 ); + if (*p == end) { + return 0; + } - if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_x509_get_ext(p, end, &crt->v3_ext, 3)) != 0) { + return ret; + } end = crt->v3_ext.p + crt->v3_ext.len; - while( *p < end ) - { + while (*p < end) { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING } */ - mbedtls_x509_buf extn_oid = {0, 0, NULL}; + mbedtls_x509_buf extn_oid = { 0, 0, NULL }; int is_critical = 0; /* DEFAULT FALSE */ int ext_type = 0; - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } end_ext_data = *p + len; /* Get extension ID */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &extn_oid.len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } extn_oid.tag = MBEDTLS_ASN1_OID; extn_oid.p = *p; *p += extn_oid.len; /* Get optional critical */ - if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && - ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, &is_critical)) != 0 && + (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Data should be octet string type */ - if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } start_ext_octet = *p; end_ext_octet = *p + len; - if( end_ext_octet != end_ext_data ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (end_ext_octet != end_ext_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Detect supported extensions */ - ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type ); + ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type); - if( ret != 0 ) - { + if (ret != 0) { /* Give the callback (if any) a chance to handle the extension */ - if( cb != NULL ) - { - ret = cb( p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet ); - if( ret != 0 && is_critical ) - return( ret ); + if (cb != NULL) { + ret = cb(p_ctx, crt, &extn_oid, is_critical, *p, end_ext_octet); + if (ret != 0 && is_critical) { + return ret; + } *p = end_ext_octet; continue; } @@ -957,136 +974,143 @@ static int x509_get_crt_ext( unsigned char **p, *p = end_ext_octet; #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - { + if (is_critical) { /* Data is marked as critical: fail */ - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } #endif continue; } /* Forbid repeated extensions */ - if( ( crt->ext_types & ext_type ) != 0 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS ); + if ((crt->ext_types & ext_type) != 0) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } crt->ext_types |= ext_type; - switch( ext_type ) - { - case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: - /* Parse basic constraints */ - if( ( ret = x509_get_basic_constraints( p, end_ext_octet, - &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) - return( ret ); - break; + switch (ext_type) { + case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS: + /* Parse basic constraints */ + if ((ret = x509_get_basic_constraints(p, end_ext_octet, + &crt->ca_istrue, &crt->max_pathlen)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_KEY_USAGE: - /* Parse key usage */ - if( ( ret = x509_get_key_usage( p, end_ext_octet, - &crt->key_usage ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_KEY_USAGE: + /* Parse key usage */ + if ((ret = x509_get_key_usage(p, end_ext_octet, + &crt->key_usage)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: - /* Parse extended key usage */ - if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE: + /* Parse extended key usage */ + if ((ret = x509_get_ext_key_usage(p, end_ext_octet, + &crt->ext_key_usage)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: - /* Parse subject alt name */ - if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, - &crt->subject_alt_names ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: + /* Parse subject alt name */ + if ((ret = x509_get_subject_alt_name(p, end_ext_octet, + &crt->subject_alt_names)) != 0) { + return ret; + } + break; - case MBEDTLS_X509_EXT_NS_CERT_TYPE: - /* Parse netscape certificate type */ - if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, - &crt->ns_cert_type ) ) != 0 ) - return( ret ); - break; + case MBEDTLS_X509_EXT_NS_CERT_TYPE: + /* Parse netscape certificate type */ + if ((ret = x509_get_ns_cert_type(p, end_ext_octet, + &crt->ns_cert_type)) != 0) { + return ret; + } + break; - case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES: - /* Parse certificate policies type */ - if( ( ret = x509_get_certificate_policies( p, end_ext_octet, - &crt->certificate_policies ) ) != 0 ) - { - /* Give the callback (if any) a chance to handle the extension - * if it contains unsupported policies */ - if( ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL && - cb( p_ctx, crt, &extn_oid, is_critical, - start_ext_octet, end_ext_octet ) == 0 ) - break; + case MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES: + /* Parse certificate policies type */ + if ((ret = x509_get_certificate_policies(p, end_ext_octet, + &crt->certificate_policies)) != 0) { + /* Give the callback (if any) a chance to handle the extension + * if it contains unsupported policies */ + if (ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE && cb != NULL && + cb(p_ctx, crt, &extn_oid, is_critical, + start_ext_octet, end_ext_octet) == 0) { + break; + } #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - return( ret ); - else + if (is_critical) { + return ret; + } else #endif + /* + * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we + * cannot interpret or enforce the policy. However, it is up to + * the user to choose how to enforce the policies, + * unless the extension is critical. + */ + if (ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + return ret; + } + } + break; + + default: /* - * If MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE is returned, then we - * cannot interpret or enforce the policy. However, it is up to - * the user to choose how to enforce the policies, - * unless the extension is critical. + * If this is a non-critical extension, which the oid layer + * supports, but there isn't an x509 parser for it, + * skip the extension. */ - if( ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - return( ret ); - } - break; - - default: - /* - * If this is a non-critical extension, which the oid layer - * supports, but there isn't an x509 parser for it, - * skip the extension. - */ #if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( is_critical ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); - else + if (is_critical) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } else #endif *p = end_ext_octet; } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( 0 ); + return 0; } /* * Parse and fill a single X.509 certificate in DER format */ -static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end, *crt_end; mbedtls_x509_buf sig_params1, sig_params2, sig_oid2; - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params1, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_params2, 0, sizeof(mbedtls_x509_buf)); + memset(&sig_oid2, 0, sizeof(mbedtls_x509_buf)); /* * Check for valid input */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crt == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } /* Use the original buffer until we figure out actual length. */ - p = (unsigned char*) buf; + p = (unsigned char *) buf; len = buflen; end = p + len; @@ -1096,31 +1120,28 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } end = crt_end = p + len; crt->raw.len = crt_end - buf; - if( make_copy != 0 ) - { + if (make_copy != 0) { /* Create and populate a new buffer for the raw field. */ - crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len ); - if( crt->raw.p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + crt->raw.p = p = mbedtls_calloc(1, crt->raw.len); + if (crt->raw.p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( crt->raw.p, buf, crt->raw.len ); + memcpy(crt->raw.p, buf, crt->raw.len); crt->own_buffer = 1; p += crt->raw.len - len; end = crt_end = p + len; - } - else - { - crt->raw.p = (unsigned char*) buf; + } else { + crt->raw.p = (unsigned char *) buf; crt->own_buffer = 0; } @@ -1129,11 +1150,10 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->tbs.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -1146,29 +1166,26 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * * signature AlgorithmIdentifier */ - if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || - ( ret = mbedtls_x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = mbedtls_x509_get_alg( &p, end, &crt->sig_oid, - &sig_params1 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = x509_get_version(&p, end, &crt->version)) != 0 || + (ret = mbedtls_x509_get_serial(&p, end, &crt->serial)) != 0 || + (ret = mbedtls_x509_get_alg(&p, end, &crt->sig_oid, + &sig_params1)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( crt->version < 0 || crt->version > 2 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (crt->version < 0 || crt->version > 2) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } crt->version++; - if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1, - &crt->sig_md, &crt->sig_pk, - &crt->sig_opts ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1, + &crt->sig_md, &crt->sig_pk, + &crt->sig_opts)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } /* @@ -1176,17 +1193,15 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->issuer_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &crt->issuer)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->issuer_raw.len = p - crt->issuer_raw.p; @@ -1197,11 +1212,10 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * notAfter Time } * */ - if( ( ret = x509_get_dates( &p, end, &crt->valid_from, - &crt->valid_to ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = x509_get_dates(&p, end, &crt->valid_from, + &crt->valid_to)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } /* @@ -1209,17 +1223,15 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, */ crt->subject_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (len && (ret = mbedtls_x509_get_name(&p, p + len, &crt->subject)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->subject_raw.len = p - crt->subject_raw.p; @@ -1228,10 +1240,9 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * SubjectPublicKeyInfo */ crt->pk_raw.p = p; - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &crt->pk)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } crt->pk_raw.len = p - crt->pk_raw.p; @@ -1243,43 +1254,40 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * extensions [3] EXPLICIT Extensions OPTIONAL * -- If present, version shall be v3 */ - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (crt->version == 2 || crt->version == 3) { + ret = x509_get_uid(&p, end, &crt->issuer_id, 1); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } - if( crt->version == 2 || crt->version == 3 ) - { - ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (crt->version == 2 || crt->version == 3) { + ret = x509_get_uid(&p, end, &crt->subject_id, 2); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } + int extensions_allowed = 1; #if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - if( crt->version == 3 ) + if (crt->version != 3) { + extensions_allowed = 0; + } #endif - { - ret = x509_get_crt_ext( &p, end, crt, cb, p_ctx ); - if( ret != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if (extensions_allowed) { + ret = x509_get_crt_ext(&p, end, crt, cb, p_ctx); + if (ret != 0) { + mbedtls_x509_crt_free(crt); + return ret; } } - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } end = crt_end; @@ -1291,49 +1299,45 @@ static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &sig_oid2, &sig_params2)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( crt->sig_oid.len != sig_oid2.len || - memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 || + if (crt->sig_oid.len != sig_oid2.len || + memcmp(crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len) != 0 || sig_params1.tag != sig_params2.tag || sig_params1.len != sig_params2.len || - ( sig_params1.len != 0 && - memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERR_X509_SIG_MISMATCH ); + (sig_params1.len != 0 && + memcmp(sig_params1.p, sig_params2.p, sig_params1.len) != 0)) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERR_X509_SIG_MISMATCH; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 ) - { - mbedtls_x509_crt_free( crt ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &crt->sig)) != 0) { + mbedtls_x509_crt_free(crt); + return ret; } - if( p != end ) - { - mbedtls_x509_crt_free( crt ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_crt_free(crt); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse one X.509 certificate in DER format from a buffer and add them to a * chained list */ -static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +static int mbedtls_x509_crt_parse_der_internal(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *crt = chain, *prev = NULL; @@ -1341,11 +1345,11 @@ static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, /* * Check for valid input */ - if( crt == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (crt == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - while( crt->version != 0 && crt->next != NULL ) - { + while (crt->version != 0 && crt->next != NULL) { prev = crt; crt = crt->next; } @@ -1353,64 +1357,65 @@ static int mbedtls_x509_crt_parse_der_internal( mbedtls_x509_crt *chain, /* * Add new certificate on the end of the chain if needed. */ - if( crt->version != 0 && crt->next == NULL ) - { - crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); + if (crt->version != 0 && crt->next == NULL) { + crt->next = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); - if( crt->next == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (crt->next == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } prev = crt; - mbedtls_x509_crt_init( crt->next ); + mbedtls_x509_crt_init(crt->next); crt = crt->next; } - ret = x509_crt_parse_der_core( crt, buf, buflen, make_copy, cb, p_ctx ); - if( ret != 0 ) - { - if( prev ) + ret = x509_crt_parse_der_core(crt, buf, buflen, make_copy, cb, p_ctx); + if (ret != 0) { + if (prev) { prev->next = NULL; + } - if( crt != chain ) - mbedtls_free( crt ); + if (crt != chain) { + mbedtls_free(crt); + } - return( ret ); + return ret; } - return( 0 ); + return 0; } -int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 0, NULL, NULL ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 0, NULL, NULL); } -int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen, - int make_copy, - mbedtls_x509_crt_ext_cb_t cb, - void *p_ctx ) +int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen, + int make_copy, + mbedtls_x509_crt_ext_cb_t cb, + void *p_ctx) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, make_copy, cb, p_ctx ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, make_copy, cb, p_ctx); } -int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { - return( mbedtls_x509_crt_parse_der_internal( chain, buf, buflen, 1, NULL, NULL ) ); + return mbedtls_x509_crt_parse_der_internal(chain, buf, buflen, 1, NULL, NULL); } /* * Parse one or more PEM certificates from a buffer and add them to the chained * list */ -int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, - const unsigned char *buf, - size_t buflen ) +int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, + const unsigned char *buf, + size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int success = 0, first_error = 0, total_failed = 0; @@ -1420,59 +1425,53 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, /* * Check for valid input */ - if( chain == NULL || buf == NULL ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (chain == NULL || buf == NULL) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } /* * Determine buffer content. Buffer contains either one DER certificate or * one or more PEM certificates. */ #if defined(MBEDTLS_PEM_PARSE_C) - if( buflen != 0 && buf[buflen - 1] == '\0' && - strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) - { + if (buflen != 0 && buf[buflen - 1] == '\0' && + strstr((const char *) buf, "-----BEGIN CERTIFICATE-----") != NULL) { buf_format = MBEDTLS_X509_FORMAT_PEM; } - if( buf_format == MBEDTLS_X509_FORMAT_DER ) - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); + if (buf_format == MBEDTLS_X509_FORMAT_DER) { + return mbedtls_x509_crt_parse_der(chain, buf, buflen); + } #else - return mbedtls_x509_crt_parse_der( chain, buf, buflen ); + return mbedtls_x509_crt_parse_der(chain, buf, buflen); #endif #if defined(MBEDTLS_PEM_PARSE_C) - if( buf_format == MBEDTLS_X509_FORMAT_PEM ) - { + if (buf_format == MBEDTLS_X509_FORMAT_PEM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_pem_context pem; /* 1 rather than 0 since the terminating NULL byte is counted in */ - while( buflen > 1 ) - { + while (buflen > 1) { size_t use_len; - mbedtls_pem_init( &pem ); + mbedtls_pem_init(&pem); /* If we get there, we know the string is null-terminated */ - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE-----", - "-----END CERTIFICATE-----", - buf, NULL, 0, &use_len ); + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN CERTIFICATE-----", + "-----END CERTIFICATE-----", + buf, NULL, 0, &use_len); - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded */ buflen -= use_len; buf += use_len; - } - else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA ) - { - return( ret ); - } - else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - mbedtls_pem_free( &pem ); + } else if (ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA) { + return ret; + } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + mbedtls_pem_free(&pem); /* * PEM header and footer were found @@ -1480,29 +1479,31 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, buflen -= use_len; buf += use_len; - if( first_error == 0 ) + if (first_error == 0) { first_error = ret; + } total_failed++; continue; - } - else + } else { break; + } - ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen ); + ret = mbedtls_x509_crt_parse_der(chain, pem.buf, pem.buflen); - mbedtls_pem_free( &pem ); + mbedtls_pem_free(&pem); - if( ret != 0 ) - { + if (ret != 0) { /* * Quit parsing on a memory error */ - if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED ) - return( ret ); + if (ret == MBEDTLS_ERR_X509_ALLOC_FAILED) { + return ret; + } - if( first_error == 0 ) + if (first_error == 0) { first_error = ret; + } total_failed++; continue; @@ -1512,12 +1513,13 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, } } - if( success ) - return( total_failed ); - else if( first_error ) - return( first_error ); - else - return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT ); + if (success) { + return total_failed; + } else if (first_error) { + return first_error; + } else { + return MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT; + } #endif /* MBEDTLS_PEM_PARSE_C */ } @@ -1525,24 +1527,25 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, /* * Load one or more certificates and add them to the chained list */ -int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_crt_parse( chain, buf, n ); + ret = mbedtls_x509_crt_parse(chain, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } -int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path) { int ret = 0; #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) @@ -1550,121 +1553,134 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) WCHAR szDir[MAX_PATH]; char filename[MAX_PATH]; char *p; - size_t len = strlen( path ); + size_t len = strlen(path); WIN32_FIND_DATAW file_data; HANDLE hFind; - if( len > MAX_PATH - 3 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (len > MAX_PATH - 3) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - memset( szDir, 0, sizeof(szDir) ); - memset( filename, 0, MAX_PATH ); - memcpy( filename, path, len ); + memset(szDir, 0, sizeof(szDir)); + memset(filename, 0, MAX_PATH); + memcpy(filename, path, len); filename[len++] = '\\'; p = filename + len; filename[len++] = '*'; - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, - MAX_PATH - 3 ); - if( w_ret == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir, + MAX_PATH - 3); + if (w_ret == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - hFind = FindFirstFileW( szDir, &file_data ); - if( hFind == INVALID_HANDLE_VALUE ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + hFind = FindFirstFileW(szDir, &file_data); + if (hFind == INVALID_HANDLE_VALUE) { + return MBEDTLS_ERR_X509_FILE_IO_ERROR; + } len = MAX_PATH - len; - do - { - memset( p, 0, len ); + do { + memset(p, 0, len); - if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) + if (file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { continue; + } - w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, - lstrlenW( file_data.cFileName ), - p, (int) len - 1, - NULL, NULL ); - if( w_ret == 0 ) - { + w_ret = WideCharToMultiByte(CP_ACP, 0, file_data.cFileName, + -1, + p, (int) len, + NULL, NULL); + if (w_ret == 0) { ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; } - w_ret = mbedtls_x509_crt_parse_file( chain, filename ); - if( w_ret < 0 ) + w_ret = mbedtls_x509_crt_parse_file(chain, filename); + if (w_ret < 0) { ret++; - else + } else { ret += w_ret; - } - while( FindNextFileW( hFind, &file_data ) != 0 ); + } + } while (FindNextFileW(hFind, &file_data) != 0); - if( GetLastError() != ERROR_NO_MORE_FILES ) + if (GetLastError() != ERROR_NO_MORE_FILES) { ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + } cleanup: - FindClose( hFind ); + FindClose(hFind); #else /* _WIN32 */ int t_ret; int snp_ret; struct stat sb; struct dirent *entry; char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN]; - DIR *dir = opendir( path ); + DIR *dir = opendir(path); - if( dir == NULL ) - return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + if (dir == NULL) { + return MBEDTLS_ERR_X509_FILE_IO_ERROR; + } #if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 ) - { - closedir( dir ); - return( ret ); + if ((ret = mbedtls_mutex_lock(&mbedtls_threading_readdir_mutex)) != 0) { + closedir(dir); + return ret; } #endif /* MBEDTLS_THREADING_C */ - memset( &sb, 0, sizeof( sb ) ); + memset(&sb, 0, sizeof(sb)); - while( ( entry = readdir( dir ) ) != NULL ) - { - snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name, - "%s/%s", path, entry->d_name ); + while ((entry = readdir(dir)) != NULL) { + snp_ret = mbedtls_snprintf(entry_name, sizeof(entry_name), + "%s/%s", path, entry->d_name); - if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name ) - { + if (snp_ret < 0 || (size_t) snp_ret >= sizeof(entry_name)) { ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; goto cleanup; - } - else if( stat( entry_name, &sb ) == -1 ) - { - ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; - goto cleanup; + } else if (stat(entry_name, &sb) == -1) { + if (errno == ENOENT) { + /* Broken symbolic link - ignore this entry. + stat(2) will return this error for either (a) a dangling + symlink or (b) a missing file. + Given that we have just obtained the filename from readdir, + assume that it does exist and therefore treat this as a + dangling symlink. */ + continue; + } else { + /* Some other file error; report the error. */ + ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; + goto cleanup; + } } - if( !S_ISREG( sb.st_mode ) ) + if (!S_ISREG(sb.st_mode)) { continue; + } // Ignore parse errors // - t_ret = mbedtls_x509_crt_parse_file( chain, entry_name ); - if( t_ret < 0 ) + t_ret = mbedtls_x509_crt_parse_file(chain, entry_name); + if (t_ret < 0) { ret++; - else + } else { ret += t_ret; + } } cleanup: - closedir( dir ); + closedir(dir); #if defined(MBEDTLS_THREADING_C) - if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 ) + if (mbedtls_mutex_unlock(&mbedtls_threading_readdir_mutex) != 0) { ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } #endif /* MBEDTLS_THREADING_C */ #endif /* _WIN32 */ - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -1680,8 +1696,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) * NOTE: we currently only parse and use otherName of type HwModuleName, * as defined in RFC 4108. */ -static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, - mbedtls_x509_san_other_name *other_name ) +static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name, + mbedtls_x509_san_other_name *other_name) { int ret = 0; size_t len; @@ -1689,19 +1705,19 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, const unsigned char *end = p + subject_alt_name->len; mbedtls_x509_buf cur_oid; - if( ( subject_alt_name->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK ) ) != - ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ) ) - { + if ((subject_alt_name->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK)) != + (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME)) { /* * The given subject alternative name is not of type "othername". */ - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } cur_oid.tag = MBEDTLS_ASN1_OID; cur_oid.p = p; @@ -1710,92 +1726,87 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name, /* * Only HwModuleName is currently supported. */ - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid ) != 0 ) - { - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } + other_name->type_id = cur_oid; - if( p + len >= end ) - { - mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); - } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (end != p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if (end != p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; other_name->value.hardware_module_name.oid.p = p; other_name->value.hardware_module_name.oid.len = len; - if( p + len >= end ) - { - mbedtls_platform_zeroize( other_name, sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); - } p += len; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; other_name->value.hardware_module_name.val.p = p; other_name->value.hardware_module_name.val.len = len; p += len; - if( p != end ) - { - mbedtls_platform_zeroize( other_name, - sizeof( *other_name ) ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); - } - return( 0 ); + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; } -static int x509_info_subject_alt_name( char **buf, size_t *size, - const mbedtls_x509_sequence - *subject_alt_name, - const char *prefix ) +static int x509_info_subject_alt_name(char **buf, size_t *size, + const mbedtls_x509_sequence + *subject_alt_name, + const char *prefix) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t i; size_t n = *size; char *p = *buf; const mbedtls_x509_sequence *cur = subject_alt_name; mbedtls_x509_subject_alternative_name san; int parse_ret; - while( cur != NULL ) - { - memset( &san, 0, sizeof( san ) ); - parse_ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san ); - if( parse_ret != 0 ) - { - if( parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ) - { - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + while (cur != NULL) { + memset(&san, 0, sizeof(san)); + parse_ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); + if (parse_ret != 0) { + if (parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - } - else - { - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + } else { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; } cur = cur->next; continue; } - switch( san.type ) - { + switch (san.type) { /* * otherName */ @@ -1803,35 +1814,33 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, { mbedtls_x509_san_other_name *other_name = &san.san.other_name; - ret = mbedtls_snprintf( p, n, "\n%s otherName :", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s otherName :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, - &other_name->value.hardware_module_name.oid ) != 0 ) - { - ret = mbedtls_snprintf( p, n, "\n%s hardware module name :", prefix ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, + &other_name->type_id) == 0) { + ret = mbedtls_snprintf(p, n, "\n%s hardware module name :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%s hardware type : ", prefix ); + ret = + mbedtls_snprintf(p, n, "\n%s hardware type : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_oid_get_numeric_string( p, n, &other_name->value.hardware_module_name.oid ); + ret = mbedtls_oid_get_numeric_string(p, + n, + &other_name->value.hardware_module_name.oid); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%s hardware serial number : ", prefix ); + ret = + mbedtls_snprintf(p, n, "\n%s hardware serial number : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( other_name->value.hardware_module_name.val.len >= n ) - { - *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + for (i = 0; i < other_name->value.hardware_module_name.val.len; i++) { + ret = mbedtls_snprintf(p, + n, + "%02X", + other_name->value.hardware_module_name.val.p[i]); + MBEDTLS_X509_SAFE_SNPRINTF; } - - memcpy( p, other_name->value.hardware_module_name.val.p, - other_name->value.hardware_module_name.val.len ); - p += other_name->value.hardware_module_name.val.len; - - n -= other_name->value.hardware_module_name.val.len; - }/* MBEDTLS_OID_ON_HW_MODULE_NAME */ } break; @@ -1841,15 +1850,14 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, */ case MBEDTLS_X509_SAN_DNS_NAME: { - ret = mbedtls_snprintf( p, n, "\n%s dNSName : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s dNSName : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( san.san.unstructured_name.len >= n ) - { + if (san.san.unstructured_name.len >= n) { *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - memcpy( p, san.san.unstructured_name.p, san.san.unstructured_name.len ); + memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len); p += san.san.unstructured_name.len; n -= san.san.unstructured_name.len; } @@ -1859,7 +1867,7 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, * Type not supported, skip item. */ default: - ret = mbedtls_snprintf( p, n, "\n%s ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; break; } @@ -1872,32 +1880,32 @@ static int x509_info_subject_alt_name( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } -int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san ) +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch( san_buf->tag & - ( MBEDTLS_ASN1_TAG_CLASS_MASK | - MBEDTLS_ASN1_TAG_VALUE_MASK ) ) - { + switch (san_buf->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | + MBEDTLS_ASN1_TAG_VALUE_MASK)) { /* * otherName */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME ): + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME): { mbedtls_x509_san_other_name other_name; - ret = x509_get_other_name( san_buf, &other_name ); - if( ret != 0 ) - return( ret ); + ret = x509_get_other_name(san_buf, &other_name); + if (ret != 0) { + return ret; + } - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy( &san->san.other_name, - &other_name, sizeof( other_name ) ); + memcpy(&san->san.other_name, + &other_name, sizeof(other_name)); } break; @@ -1905,13 +1913,13 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, /* * dNSName */ - case( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME ): + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME): { - memset( san, 0, sizeof( mbedtls_x509_subject_alternative_name ) ); + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); san->type = MBEDTLS_X509_SAN_DNS_NAME; - memcpy( &san->san.unstructured_name, - san_buf, sizeof( *san_buf ) ); + memcpy(&san->san.unstructured_name, + san_buf, sizeof(*san_buf)); } break; @@ -1920,75 +1928,81 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf, * Type not supported */ default: - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } - return( 0 ); + return 0; } -#define PRINT_ITEM(i) \ - { \ - ret = mbedtls_snprintf( p, n, "%s" i, sep ); \ - MBEDTLS_X509_SAFE_SNPRINTF; \ - sep = ", "; \ - } - -#define CERT_TYPE(type,name) \ - if( ns_cert_type & (type) ) \ - PRINT_ITEM( name ); - -static int x509_info_cert_type( char **buf, size_t *size, - unsigned char ns_cert_type ) +#define PRINT_ITEM(i) \ + do { \ + ret = mbedtls_snprintf(p, n, "%s" i, sep); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + sep = ", "; \ + } while (0) + +#define CERT_TYPE(type, name) \ + do { \ + if (ns_cert_type & (type)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) + +static int x509_info_cert_type(char **buf, size_t *size, + unsigned char ns_cert_type) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n = *size; char *p = *buf; const char *sep = ""; - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA" ); - CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA" ); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA"); *size = n; *buf = p; - return( 0 ); + return 0; } -#define KEY_USAGE(code,name) \ - if( key_usage & (code) ) \ - PRINT_ITEM( name ); +#define KEY_USAGE(code, name) \ + do { \ + if (key_usage & (code)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) -static int x509_info_key_usage( char **buf, size_t *size, - unsigned int key_usage ) +static int x509_info_key_usage(char **buf, size_t *size, + unsigned int key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n = *size; char *p = *buf; const char *sep = ""; - KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature" ); - KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement" ); - KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign" ); - KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only" ); - KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only" ); + KEY_USAGE(MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature"); + KEY_USAGE(MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign"); + KEY_USAGE(MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign"); + KEY_USAGE(MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only"); + KEY_USAGE(MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only"); *size = n; *buf = p; - return( 0 ); + return 0; } -static int x509_info_ext_key_usage( char **buf, size_t *size, - const mbedtls_x509_sequence *extended_key_usage ) +static int x509_info_ext_key_usage(char **buf, size_t *size, + const mbedtls_x509_sequence *extended_key_usage) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *desc; @@ -1997,12 +2011,12 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, const mbedtls_x509_sequence *cur = extended_key_usage; const char *sep = ""; - while( cur != NULL ) - { - if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 ) + while (cur != NULL) { + if (mbedtls_oid_get_extended_key_usage(&cur->buf, &desc) != 0) { desc = "???"; + } - ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + ret = mbedtls_snprintf(p, n, "%s%s", sep, desc); MBEDTLS_X509_SAFE_SNPRINTF; sep = ", "; @@ -2013,11 +2027,11 @@ static int x509_info_ext_key_usage( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } -static int x509_info_cert_policies( char **buf, size_t *size, - const mbedtls_x509_sequence *certificate_policies ) +static int x509_info_cert_policies(char **buf, size_t *size, + const mbedtls_x509_sequence *certificate_policies) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *desc; @@ -2026,12 +2040,12 @@ static int x509_info_cert_policies( char **buf, size_t *size, const mbedtls_x509_sequence *cur = certificate_policies; const char *sep = ""; - while( cur != NULL ) - { - if( mbedtls_oid_get_certificate_policies( &cur->buf, &desc ) != 0 ) + while (cur != NULL) { + if (mbedtls_oid_get_certificate_policies(&cur->buf, &desc) != 0) { desc = "???"; + } - ret = mbedtls_snprintf( p, n, "%s%s", sep, desc ); + ret = mbedtls_snprintf(p, n, "%s%s", sep, desc); MBEDTLS_X509_SAFE_SNPRINTF; sep = ", "; @@ -2042,7 +2056,7 @@ static int x509_info_cert_policies( char **buf, size_t *size, *size = n; *buf = p; - return( 0 ); + return 0; } /* @@ -2050,8 +2064,8 @@ static int x509_info_cert_policies( char **buf, size_t *size, */ #define BEFORE_COLON 18 #define BC "18" -int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_crt *crt ) +int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_crt *crt) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -2061,136 +2075,132 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - if( NULL == crt ) - { - ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" ); + if (NULL == crt) { + ret = mbedtls_snprintf(p, n, "\nCertificate is uninitialised!\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } - ret = mbedtls_snprintf( p, n, "%scert. version : %d\n", - prefix, crt->version ); + ret = mbedtls_snprintf(p, n, "%scert. version : %d\n", + prefix, crt->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "%sserial number : ", - prefix ); + ret = mbedtls_snprintf(p, n, "%sserial number : ", + prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + ret = mbedtls_x509_serial_gets(p, n, &crt->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%sissuer name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->issuer ); + ret = mbedtls_x509_dn_gets(p, n, &crt->issuer); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssubject name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + ret = mbedtls_x509_dn_gets(p, n, &crt->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sissued on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_from.year, crt->valid_from.mon, - crt->valid_from.day, crt->valid_from.hour, - crt->valid_from.min, crt->valid_from.sec ); + ret = mbedtls_snprintf(p, n, "\n%sissued on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_from.year, crt->valid_from.mon, + crt->valid_from.day, crt->valid_from.hour, + crt->valid_from.min, crt->valid_from.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%sexpires on : " \ - "%04d-%02d-%02d %02d:%02d:%02d", prefix, - crt->valid_to.year, crt->valid_to.mon, - crt->valid_to.day, crt->valid_to.hour, - crt->valid_to.min, crt->valid_to.sec ); + ret = mbedtls_snprintf(p, n, "\n%sexpires on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_to.year, crt->valid_to.mon, + crt->valid_to.day, crt->valid_to.hour, + crt->valid_to.min, crt->valid_to.sec); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, - crt->sig_md, crt->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &crt->sig_oid, crt->sig_pk, + crt->sig_md, crt->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; /* Key size */ - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &crt->pk ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON, + mbedtls_pk_get_name(&crt->pk))) != 0) { + return ret; } - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &crt->pk ) ); + ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen(&crt->pk)); MBEDTLS_X509_SAFE_SNPRINTF; /* * Optional extensions */ - if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS ) - { - ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix, - crt->ca_istrue ? "true" : "false" ); + if (crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS) { + ret = mbedtls_snprintf(p, n, "\n%sbasic constraints : CA=%s", prefix, + crt->ca_istrue ? "true" : "false"); MBEDTLS_X509_SAFE_SNPRINTF; - if( crt->max_pathlen > 0 ) - { - ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 ); + if (crt->max_pathlen > 0) { + ret = mbedtls_snprintf(p, n, ", max_pathlen=%d", crt->max_pathlen - 1); MBEDTLS_X509_SAFE_SNPRINTF; } } - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - ret = mbedtls_snprintf( p, n, "\n%ssubject alt name :", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { + ret = mbedtls_snprintf(p, n, "\n%ssubject alt name :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_subject_alt_name( &p, &n, - &crt->subject_alt_names, - prefix ) ) != 0 ) - return( ret ); + if ((ret = x509_info_subject_alt_name(&p, &n, + &crt->subject_alt_names, + prefix)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE ) - { - ret = mbedtls_snprintf( p, n, "\n%scert. type : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE) { + ret = mbedtls_snprintf(p, n, "\n%scert. type : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 ) - return( ret ); + if ((ret = x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%skey usage : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) { + ret = mbedtls_snprintf(p, n, "\n%skey usage : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 ) - return( ret ); + if ((ret = x509_info_key_usage(&p, &n, crt->key_usage)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) - { - ret = mbedtls_snprintf( p, n, "\n%sext key usage : ", prefix ); + if (crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) { + ret = mbedtls_snprintf(p, n, "\n%sext key usage : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_ext_key_usage( &p, &n, - &crt->ext_key_usage ) ) != 0 ) - return( ret ); + if ((ret = x509_info_ext_key_usage(&p, &n, + &crt->ext_key_usage)) != 0) { + return ret; + } } - if( crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES ) - { - ret = mbedtls_snprintf( p, n, "\n%scertificate policies : ", prefix ); + if (crt->ext_types & MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES) { + ret = mbedtls_snprintf(p, n, "\n%scertificate policies : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = x509_info_cert_policies( &p, &n, - &crt->certificate_policies ) ) != 0 ) - return( ret ); + if ((ret = x509_info_cert_policies(&p, &n, + &crt->certificate_policies)) != 0) { + return ret; + } } - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } struct x509_crt_verify_string { @@ -2201,8 +2211,10 @@ struct x509_crt_verify_string { static const struct x509_crt_verify_string x509_crt_verify_strings[] = { { MBEDTLS_X509_BADCERT_EXPIRED, "The certificate validity has expired" }, { MBEDTLS_X509_BADCERT_REVOKED, "The certificate has been revoked (is on a CRL)" }, - { MBEDTLS_X509_BADCERT_CN_MISMATCH, "The certificate Common Name (CN) does not match with the expected CN" }, - { MBEDTLS_X509_BADCERT_NOT_TRUSTED, "The certificate is not correctly signed by the trusted CA" }, + { MBEDTLS_X509_BADCERT_CN_MISMATCH, + "The certificate Common Name (CN) does not match with the expected CN" }, + { MBEDTLS_X509_BADCERT_NOT_TRUSTED, + "The certificate is not correctly signed by the trusted CA" }, { MBEDTLS_X509_BADCRL_NOT_TRUSTED, "The CRL is not correctly signed by the trusted CA" }, { MBEDTLS_X509_BADCRL_EXPIRED, "The CRL is expired" }, { MBEDTLS_X509_BADCERT_MISSING, "Certificate was missing" }, @@ -2214,96 +2226,102 @@ static const struct x509_crt_verify_string x509_crt_verify_strings[] = { { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" }, { MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" }, { MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCERT_BAD_PK, + "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCERT_BAD_KEY, + "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." }, { MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." }, - { MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, - { MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, + { MBEDTLS_X509_BADCRL_BAD_PK, + "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." }, + { MBEDTLS_X509_BADCRL_BAD_KEY, + "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." }, { 0, NULL } }; -int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix, - uint32_t flags ) +int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, + uint32_t flags) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const struct x509_crt_verify_string *cur; char *p = buf; size_t n = size; - for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ ) - { - if( ( flags & cur->code ) == 0 ) + for (cur = x509_crt_verify_strings; cur->string != NULL; cur++) { + if ((flags & cur->code) == 0) { continue; + } - ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string ); + ret = mbedtls_snprintf(p, n, "%s%s\n", prefix, cur->string); MBEDTLS_X509_SAFE_SNPRINTF; flags ^= cur->code; } - if( flags != 0 ) - { - ret = mbedtls_snprintf( p, n, "%sUnknown reason " - "(this should not happen)\n", prefix ); + if (flags != 0) { + ret = mbedtls_snprintf(p, n, "%sUnknown reason " + "(this should not happen)\n", prefix); MBEDTLS_X509_SAFE_SNPRINTF; } - return( (int) ( size - n ) ); + return (int) (size - n); } #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) -int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, - unsigned int usage ) +int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt, + unsigned int usage) { unsigned int usage_must, usage_may; unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY - | MBEDTLS_X509_KU_DECIPHER_ONLY; + | MBEDTLS_X509_KU_DECIPHER_ONLY; - if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 ) - return( 0 ); + if ((crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) == 0) { + return 0; + } usage_must = usage & ~may_mask; - if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (((crt->key_usage & ~may_mask) & usage_must) != usage_must) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } usage_may = usage & may_mask; - if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (((crt->key_usage & may_mask) | usage_may) != usage_may) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - return( 0 ); + return 0; } #endif #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) -int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, - const char *usage_oid, - size_t usage_len ) +int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt, + const char *usage_oid, + size_t usage_len) { const mbedtls_x509_sequence *cur; /* Extension is not mandatory, absent means no restriction */ - if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) - return( 0 ); + if ((crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE) == 0) { + return 0; + } /* * Look for the requested usage (or wildcard ANY) in our list */ - for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next ) - { + for (cur = &crt->ext_key_usage; cur != NULL; cur = cur->next) { const mbedtls_x509_buf *cur_oid = &cur->buf; - if( cur_oid->len == usage_len && - memcmp( cur_oid->p, usage_oid, usage_len ) == 0 ) - { - return( 0 ); + if (cur_oid->len == usage_len && + memcmp(cur_oid->p, usage_oid, usage_len) == 0) { + return 0; } - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 ) - return( 0 ); + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid) == 0) { + return 0; + } } - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ @@ -2311,44 +2329,41 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt, /* * Return 1 if the certificate is revoked, or 0 otherwise. */ -int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl ) +int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl) { const mbedtls_x509_crl_entry *cur = &crl->entry; - while( cur != NULL && cur->serial.len != 0 ) - { - if( crt->serial.len == cur->serial.len && - memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) - { - return( 1 ); + while (cur != NULL && cur->serial.len != 0) { + if (crt->serial.len == cur->serial.len && + memcmp(crt->serial.p, cur->serial.p, crt->serial.len) == 0) { + return 1; } cur = cur->next; } - return( 0 ); + return 0; } /* * Check that the given certificate is not revoked according to the CRL. * Skip validation if no CRL for the given CA is present. */ -static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, - mbedtls_x509_crl *crl_list, - const mbedtls_x509_crt_profile *profile ) +static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, + mbedtls_x509_crl *crl_list, + const mbedtls_x509_crt_profile *profile) { int flags = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md_info; - if( ca == NULL ) - return( flags ); + if (ca == NULL) { + return flags; + } - while( crl_list != NULL ) - { - if( crl_list->version == 0 || - x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 ) - { + while (crl_list != NULL) { + if (crl_list->version == 0 || + x509_name_cmp(&crl_list->issuer, &ca->subject) != 0) { crl_list = crl_list->next; continue; } @@ -2357,9 +2372,8 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, * Check if the CA is configured to sign CRLs */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( mbedtls_x509_crt_check_key_usage( ca, - MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) - { + if (mbedtls_x509_crt_check_key_usage(ca, + MBEDTLS_X509_KU_CRL_SIGN) != 0) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } @@ -2368,27 +2382,28 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, /* * Check if CRL is correctly signed by the trusted CA */ - if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 ) + if (x509_profile_check_md_alg(profile, crl_list->sig_md) != 0) { flags |= MBEDTLS_X509_BADCRL_BAD_MD; + } - if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 ) + if (x509_profile_check_pk_alg(profile, crl_list->sig_pk) != 0) { flags |= MBEDTLS_X509_BADCRL_BAD_PK; + } - md_info = mbedtls_md_info_from_type( crl_list->sig_md ); - if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 ) - { + md_info = mbedtls_md_info_from_type(crl_list->sig_md); + if (mbedtls_md(md_info, crl_list->tbs.p, crl_list->tbs.len, hash) != 0) { /* Note: this can't happen except after an internal error */ flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } - if( x509_profile_check_key( profile, &ca->pk ) != 0 ) + if (x509_profile_check_key(profile, &ca->pk) != 0) { flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } - if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, - crl_list->sig_md, hash, mbedtls_md_get_size( md_info ), - crl_list->sig.p, crl_list->sig.len ) != 0 ) - { + if (mbedtls_pk_verify_ext(crl_list->sig_pk, crl_list->sig_opts, &ca->pk, + crl_list->sig_md, hash, mbedtls_md_get_size(md_info), + crl_list->sig.p, crl_list->sig.len) != 0) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; } @@ -2396,17 +2411,18 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, /* * Check for validity of CRL (Do not drop out) */ - if( mbedtls_x509_time_is_past( &crl_list->next_update ) ) + if (mbedtls_x509_time_is_past(&crl_list->next_update)) { flags |= MBEDTLS_X509_BADCRL_EXPIRED; + } - if( mbedtls_x509_time_is_future( &crl_list->this_update ) ) + if (mbedtls_x509_time_is_future(&crl_list->this_update)) { flags |= MBEDTLS_X509_BADCRL_FUTURE; + } /* * Check if certificate is revoked */ - if( mbedtls_x509_crt_is_revoked( crt, crl_list ) ) - { + if (mbedtls_x509_crt_is_revoked(crt, crl_list)) { flags |= MBEDTLS_X509_BADCERT_REVOKED; break; } @@ -2414,64 +2430,64 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, crl_list = crl_list->next; } - return( flags ); + return flags; } #endif /* MBEDTLS_X509_CRL_PARSE_C */ /* * Check the signature of a certificate by its parent */ -static int x509_crt_check_signature( const mbedtls_x509_crt *child, - mbedtls_x509_crt *parent, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +static int x509_crt_check_signature(const mbedtls_x509_crt *child, + mbedtls_x509_crt *parent, + mbedtls_x509_crt_restart_ctx *rs_ctx) { unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hash_len; #if !defined(MBEDTLS_USE_PSA_CRYPTO) const mbedtls_md_info_t *md_info; - md_info = mbedtls_md_info_from_type( child->sig_md ); - hash_len = mbedtls_md_get_size( md_info ); + md_info = mbedtls_md_info_from_type(child->sig_md); + hash_len = mbedtls_md_get_size(md_info); /* Note: hash errors can happen only after an internal error */ - if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 ) - return( -1 ); + if (mbedtls_md(md_info, child->tbs.p, child->tbs.len, hash) != 0) { + return -1; + } #else psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(child->sig_md); - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( -1 ); + if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) { + return -1; + } - if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len ) - != PSA_SUCCESS ) - { - return( -1 ); + if (psa_hash_update(&hash_operation, child->tbs.p, child->tbs.len) + != PSA_SUCCESS) { + return -1; } - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( -1 ); + if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len) + != PSA_SUCCESS) { + return -1; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Skip expensive computation on obvious mismatch */ - if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) - return( -1 ); + if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) { + return -1; + } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) - { - return( mbedtls_pk_verify_restartable( &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len, &rs_ctx->pk ) ); + if (rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA) { + return mbedtls_pk_verify_restartable(&parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len, &rs_ctx->pk); } #else (void) rs_ctx; #endif - return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, hash_len, - child->sig.p, child->sig.len ) ); + return mbedtls_pk_verify_ext(child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, hash_len, + child->sig.p, child->sig.len); } /* @@ -2480,35 +2496,37 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, * * top means parent is a locally-trusted certificate */ -static int x509_crt_check_parent( const mbedtls_x509_crt *child, - const mbedtls_x509_crt *parent, - int top ) +static int x509_crt_check_parent(const mbedtls_x509_crt *child, + const mbedtls_x509_crt *parent, + int top) { int need_ca_bit; /* Parent must be the issuer */ - if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 ) - return( -1 ); + if (x509_name_cmp(&child->issuer, &parent->subject) != 0) { + return -1; + } /* Parent must have the basicConstraints CA bit set as a general rule */ need_ca_bit = 1; /* Exception: v1/v2 certificates that are locally trusted. */ - if( top && parent->version < 3 ) + if (top && parent->version < 3) { need_ca_bit = 0; + } - if( need_ca_bit && ! parent->ca_istrue ) - return( -1 ); + if (need_ca_bit && !parent->ca_istrue) { + return -1; + } #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( need_ca_bit && - mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 ) - { - return( -1 ); + if (need_ca_bit && + mbedtls_x509_crt_check_key_usage(parent, MBEDTLS_X509_KU_KEY_CERT_SIGN) != 0) { + return -1; } #endif - return( 0 ); + return 0; } /* @@ -2555,14 +2573,14 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ static int x509_crt_find_parent_in( - mbedtls_x509_crt *child, - mbedtls_x509_crt *candidates, - mbedtls_x509_crt **r_parent, - int *r_signature_is_good, - int top, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *child, + mbedtls_x509_crt *candidates, + mbedtls_x509_crt **r_parent, + int *r_signature_is_good, + int top, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *parent, *fallback_parent; @@ -2570,8 +2588,7 @@ static int x509_crt_find_parent_in( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* did we have something in progress? */ - if( rs_ctx != NULL && rs_ctx->parent != NULL ) - { + if (rs_ctx != NULL && rs_ctx->parent != NULL) { /* restore saved state */ parent = rs_ctx->parent; fallback_parent = rs_ctx->fallback_parent; @@ -2590,16 +2607,15 @@ static int x509_crt_find_parent_in( fallback_parent = NULL; fallback_signature_is_good = 0; - for( parent = candidates; parent != NULL; parent = parent->next ) - { + for (parent = candidates; parent != NULL; parent = parent->next) { /* basic parenting skills (name, CA bit, key usage) */ - if( x509_crt_check_parent( child, parent, top ) != 0 ) + if (x509_crt_check_parent(child, parent, top) != 0) { continue; + } /* +1 because stored max_pathlen is 1 higher that the actual value */ - if( parent->max_pathlen > 0 && - (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt ) - { + if (parent->max_pathlen > 0 && + (size_t) parent->max_pathlen < 1 + path_cnt - self_cnt) { continue; } @@ -2607,32 +2623,30 @@ static int x509_crt_find_parent_in( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) check_signature: #endif - ret = x509_crt_check_signature( child, parent, rs_ctx ); + ret = x509_crt_check_signature(child, parent, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->parent = parent; rs_ctx->fallback_parent = fallback_parent; rs_ctx->fallback_signature_is_good = fallback_signature_is_good; - return( ret ); + return ret; } #else (void) ret; #endif signature_is_good = ret == 0; - if( top && ! signature_is_good ) + if (top && !signature_is_good) { continue; + } /* optional time check */ - if( mbedtls_x509_time_is_past( &parent->valid_to ) || - mbedtls_x509_time_is_future( &parent->valid_from ) ) - { - if( fallback_parent == NULL ) - { + if (mbedtls_x509_time_is_past(&parent->valid_to) || + mbedtls_x509_time_is_future(&parent->valid_from)) { + if (fallback_parent == NULL) { fallback_parent = parent; fallback_signature_is_good = signature_is_good; } @@ -2646,13 +2660,12 @@ static int x509_crt_find_parent_in( break; } - if( parent == NULL ) - { + if (parent == NULL) { *r_parent = fallback_parent; *r_signature_is_good = fallback_signature_is_good; } - return( 0 ); + return 0; } /* @@ -2678,14 +2691,14 @@ static int x509_crt_find_parent_in( * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ static int x509_crt_find_parent( - mbedtls_x509_crt *child, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crt **parent, - int *parent_is_trusted, - int *signature_is_good, - unsigned path_cnt, - unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *child, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crt **parent, + int *parent_is_trusted, + int *signature_is_good, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *search_list; @@ -2694,48 +2707,46 @@ static int x509_crt_find_parent( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* restore then clear saved state if we have some stored */ - if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 ) - { + if (rs_ctx != NULL && rs_ctx->parent_is_trusted != -1) { *parent_is_trusted = rs_ctx->parent_is_trusted; rs_ctx->parent_is_trusted = -1; } #endif - while( 1 ) { + while (1) { search_list = *parent_is_trusted ? trust_ca : child->next; - ret = x509_crt_find_parent_in( child, search_list, - parent, signature_is_good, - *parent_is_trusted, - path_cnt, self_cnt, rs_ctx ); + ret = x509_crt_find_parent_in(child, search_list, + parent, signature_is_good, + *parent_is_trusted, + path_cnt, self_cnt, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->parent_is_trusted = *parent_is_trusted; - return( ret ); + return ret; } #else (void) ret; #endif /* stop here if found or already in second iteration */ - if( *parent != NULL || *parent_is_trusted == 0 ) + if (*parent != NULL || *parent_is_trusted == 0) { break; + } /* prepare second iteration */ *parent_is_trusted = 0; } /* extra precaution against mistakes in the caller */ - if( *parent == NULL ) - { + if (*parent == NULL) { *parent_is_trusted = 0; *signature_is_good = 0; } - return( 0 ); + return 0; } /* @@ -2745,27 +2756,26 @@ static int x509_crt_find_parent( * check for self-issued as self-signatures are not checked) */ static int x509_crt_check_ee_locally_trusted( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca ) + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca) { mbedtls_x509_crt *cur; /* must be self-issued */ - if( x509_name_cmp( &crt->issuer, &crt->subject ) != 0 ) - return( -1 ); + if (x509_name_cmp(&crt->issuer, &crt->subject) != 0) { + return -1; + } /* look for an exact match with trusted cert */ - for( cur = trust_ca; cur != NULL; cur = cur->next ) - { - if( crt->raw.len == cur->raw.len && - memcmp( crt->raw.p, cur->raw.p, crt->raw.len ) == 0 ) - { - return( 0 ); + for (cur = trust_ca; cur != NULL; cur = cur->next) { + if (crt->raw.len == cur->raw.len && + memcmp(crt->raw.p, cur->raw.p, crt->raw.len) == 0) { + return 0; } } /* too bad */ - return( -1 ); + return -1; } /* @@ -2809,14 +2819,14 @@ static int x509_crt_check_ee_locally_trusted( * even if it was found to be invalid */ static int x509_crt_verify_chain( - mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - mbedtls_x509_crt_verify_chain *ver_chain, - mbedtls_x509_crt_restart_ctx *rs_ctx ) + mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + mbedtls_x509_crt_verify_chain *ver_chain, + mbedtls_x509_crt_restart_ctx *rs_ctx) { /* Don't initialize any of those variables here, so that the compiler can * catch potential issues with jumping ahead when restarting */ @@ -2833,8 +2843,7 @@ static int x509_crt_verify_chain( #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* resume if we had an operation in progress */ - if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent ) - { + if (rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent) { /* restore saved state */ *ver_chain = rs_ctx->ver_chain; /* struct copy */ self_cnt = rs_ctx->self_cnt; @@ -2853,7 +2862,7 @@ static int x509_crt_verify_chain( parent_is_trusted = 0; child_is_trusted = 0; - while( 1 ) { + while (1) { /* Add certificate to the verification chain */ cur = &ver_chain->items[ver_chain->len]; cur->crt = child; @@ -2862,28 +2871,32 @@ static int x509_crt_verify_chain( flags = &cur->flags; /* Check time-validity (all certificates) */ - if( mbedtls_x509_time_is_past( &child->valid_to ) ) + if (mbedtls_x509_time_is_past(&child->valid_to)) { *flags |= MBEDTLS_X509_BADCERT_EXPIRED; + } - if( mbedtls_x509_time_is_future( &child->valid_from ) ) + if (mbedtls_x509_time_is_future(&child->valid_from)) { *flags |= MBEDTLS_X509_BADCERT_FUTURE; + } /* Stop here for trusted roots (but not for trusted EE certs) */ - if( child_is_trusted ) - return( 0 ); + if (child_is_trusted) { + return 0; + } /* Check signature algorithm: MD & PK algs */ - if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 ) + if (x509_profile_check_md_alg(profile, child->sig_md) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_MD; + } - if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 ) + if (x509_profile_check_pk_alg(profile, child->sig_pk) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_PK; + } /* Special case: EE certs that are locally trusted */ - if( ver_chain->len == 1 && - x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) - { - return( 0 ); + if (ver_chain->len == 1 && + x509_crt_check_ee_locally_trusted(child, trust_ca) == 0) { + return 0; } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) @@ -2893,19 +2906,18 @@ static int x509_crt_verify_chain( /* Obtain list of potential trusted signers from CA callback, * or use statically provided list. */ #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( f_ca_cb != NULL ) - { - mbedtls_x509_crt_free( ver_chain->trust_ca_cb_result ); - mbedtls_free( ver_chain->trust_ca_cb_result ); + if (f_ca_cb != NULL) { + mbedtls_x509_crt_free(ver_chain->trust_ca_cb_result); + mbedtls_free(ver_chain->trust_ca_cb_result); ver_chain->trust_ca_cb_result = NULL; - ret = f_ca_cb( p_ca_cb, child, &ver_chain->trust_ca_cb_result ); - if( ret != 0 ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + ret = f_ca_cb(p_ca_cb, child, &ver_chain->trust_ca_cb_result); + if (ret != 0) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } cur_trust_ca = ver_chain->trust_ca_cb_result; - } - else + } else #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ { ((void) f_ca_cb); @@ -2914,60 +2926,58 @@ static int x509_crt_verify_chain( } /* Look for a parent in trusted CAs or up the chain */ - ret = x509_crt_find_parent( child, cur_trust_ca, &parent, - &parent_is_trusted, &signature_is_good, - ver_chain->len - 1, self_cnt, rs_ctx ); + ret = x509_crt_find_parent(child, cur_trust_ca, &parent, + &parent_is_trusted, &signature_is_good, + ver_chain->len - 1, self_cnt, rs_ctx); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) - { + if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { /* save state */ rs_ctx->in_progress = x509_crt_rs_find_parent; rs_ctx->self_cnt = self_cnt; rs_ctx->ver_chain = *ver_chain; /* struct copy */ - return( ret ); + return ret; } #else (void) ret; #endif /* No parent? We're done here */ - if( parent == NULL ) - { + if (parent == NULL) { *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; - return( 0 ); + return 0; } /* Count intermediate self-issued (not necessarily self-signed) certs. * These can occur with some strategies for key rollover, see [SIRO], * and should be excluded from max_pathlen checks. */ - if( ver_chain->len != 1 && - x509_name_cmp( &child->issuer, &child->subject ) == 0 ) - { + if (ver_chain->len != 1 && + x509_name_cmp(&child->issuer, &child->subject) == 0) { self_cnt++; } /* path_cnt is 0 for the first intermediate CA, * and if parent is trusted it's not an intermediate CA */ - if( ! parent_is_trusted && - ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) - { + if (!parent_is_trusted && + ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA) { /* return immediately to avoid overflow the chain array */ - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + return MBEDTLS_ERR_X509_FATAL_ERROR; } /* signature was checked while searching parent */ - if( ! signature_is_good ) + if (!signature_is_good) { *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; + } /* check size of signing key */ - if( x509_profile_check_key( profile, &parent->pk ) != 0 ) + if (x509_profile_check_key(profile, &parent->pk) != 0) { *flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } #if defined(MBEDTLS_X509_CRL_PARSE_C) /* Check trusted CA's CRL for the given crt */ - *flags |= x509_crt_verifycrl( child, parent, ca_crl, profile ); + *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile); #else (void) ca_crl; #endif @@ -2983,79 +2993,75 @@ static int x509_crt_verify_chain( /* * Check for CN match */ -static int x509_crt_check_cn( const mbedtls_x509_buf *name, - const char *cn, size_t cn_len ) +static int x509_crt_check_cn(const mbedtls_x509_buf *name, + const char *cn, size_t cn_len) { /* try exact match */ - if( name->len == cn_len && - x509_memcasecmp( cn, name->p, cn_len ) == 0 ) - { - return( 0 ); + if (name->len == cn_len && + x509_memcasecmp(cn, name->p, cn_len) == 0) { + return 0; } /* try wildcard match */ - if( x509_check_wildcard( cn, name ) == 0 ) - { - return( 0 ); + if (x509_check_wildcard(cn, name) == 0) { + return 0; } - return( -1 ); + return -1; } /* * Check for SAN match, see RFC 5280 Section 4.2.1.6 */ -static int x509_crt_check_san( const mbedtls_x509_buf *name, - const char *cn, size_t cn_len ) +static int x509_crt_check_san(const mbedtls_x509_buf *name, + const char *cn, size_t cn_len) { const unsigned char san_type = (unsigned char) name->tag & MBEDTLS_ASN1_TAG_VALUE_MASK; /* dNSName */ - if( san_type == MBEDTLS_X509_SAN_DNS_NAME ) - return( x509_crt_check_cn( name, cn, cn_len ) ); + if (san_type == MBEDTLS_X509_SAN_DNS_NAME) { + return x509_crt_check_cn(name, cn, cn_len); + } /* (We may handle other types here later.) */ /* Unrecognized type */ - return( -1 ); + return -1; } /* * Verify the requested CN - only call this if cn is not NULL! */ -static void x509_crt_verify_name( const mbedtls_x509_crt *crt, - const char *cn, - uint32_t *flags ) +static void x509_crt_verify_name(const mbedtls_x509_crt *crt, + const char *cn, + uint32_t *flags) { const mbedtls_x509_name *name; const mbedtls_x509_sequence *cur; - size_t cn_len = strlen( cn ); + size_t cn_len = strlen(cn); - if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { - for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) - { - if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 ) + if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { + for (cur = &crt->subject_alt_names; cur != NULL; cur = cur->next) { + if (x509_crt_check_san(&cur->buf, cn, cn_len) == 0) { break; + } } - if( cur == NULL ) + if (cur == NULL) { *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; - } - else - { - for( name = &crt->subject; name != NULL; name = name->next ) - { - if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 && - x509_crt_check_cn( &name->val, cn, cn_len ) == 0 ) - { + } + } else { + for (name = &crt->subject; name != NULL; name = name->next) { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0 && + x509_crt_check_cn(&name->val, cn, cn_len) == 0) { break; } } - if( name == NULL ) + if (name == NULL) { *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; + } } } @@ -3063,29 +3069,30 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt, * Merge the flags for all certs in the chain, after calling callback */ static int x509_crt_merge_flags_with_cb( - uint32_t *flags, - const mbedtls_x509_crt_verify_chain *ver_chain, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) + uint32_t *flags, + const mbedtls_x509_crt_verify_chain *ver_chain, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned i; uint32_t cur_flags; const mbedtls_x509_crt_verify_chain_item *cur; - for( i = ver_chain->len; i != 0; --i ) - { + for (i = ver_chain->len; i != 0; --i) { cur = &ver_chain->items[i-1]; cur_flags = cur->flags; - if( NULL != f_vrfy ) - if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 ) - return( ret ); + if (NULL != f_vrfy) { + if ((ret = f_vrfy(p_vrfy, cur->crt, (int) i-1, &cur_flags)) != 0) { + return ret; + } + } *flags |= cur_flags; } - return( 0 ); + return 0; } /* @@ -3105,16 +3112,19 @@ static int x509_crt_merge_flags_with_cb( * of trusted signers, and `ca_crl` will be use as the static list * of CRLs. */ -static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +static int x509_crt_verify_restartable_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, + mbedtls_x509_crt *, + int, + uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_pk_type_t pk_type; @@ -3123,105 +3133,110 @@ static int x509_crt_verify_restartable_ca_cb( mbedtls_x509_crt *crt, *flags = 0; ee_flags = 0; - x509_crt_verify_chain_reset( &ver_chain ); + x509_crt_verify_chain_reset(&ver_chain); - if( profile == NULL ) - { + if (profile == NULL) { ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto exit; } /* check name if requested */ - if( cn != NULL ) - x509_crt_verify_name( crt, cn, &ee_flags ); + if (cn != NULL) { + x509_crt_verify_name(crt, cn, &ee_flags); + } /* Check the type and size of the key */ - pk_type = mbedtls_pk_get_type( &crt->pk ); + pk_type = mbedtls_pk_get_type(&crt->pk); - if( x509_profile_check_pk_alg( profile, pk_type ) != 0 ) + if (x509_profile_check_pk_alg(profile, pk_type) != 0) { ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; + } - if( x509_profile_check_key( profile, &crt->pk ) != 0 ) + if (x509_profile_check_key(profile, &crt->pk) != 0) { ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + } /* Check the chain */ - ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, - f_ca_cb, p_ca_cb, profile, - &ver_chain, rs_ctx ); + ret = x509_crt_verify_chain(crt, trust_ca, ca_crl, + f_ca_cb, p_ca_cb, profile, + &ver_chain, rs_ctx); - if( ret != 0 ) + if (ret != 0) { goto exit; + } /* Merge end-entity flags */ ver_chain.items[0].flags |= ee_flags; /* Build final flags, calling callback on the way if any */ - ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy ); + ret = x509_crt_merge_flags_with_cb(flags, &ver_chain, f_vrfy, p_vrfy); exit: #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - mbedtls_x509_crt_free( ver_chain.trust_ca_cb_result ); - mbedtls_free( ver_chain.trust_ca_cb_result ); + mbedtls_x509_crt_free(ver_chain.trust_ca_cb_result); + mbedtls_free(ver_chain.trust_ca_cb_result); ver_chain.trust_ca_cb_result = NULL; #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) - mbedtls_x509_crt_restart_free( rs_ctx ); + if (rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { + mbedtls_x509_crt_restart_free(rs_ctx); + } #endif /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by * the SSL module for authmode optional, but non-zero return from the * callback means a fatal error so it shouldn't be ignored */ - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { ret = MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( ret != 0 ) - { + if (ret != 0) { *flags = (uint32_t) -1; - return( ret ); + return ret; } - if( *flags != 0 ) - return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ); + if (*flags != 0) { + return MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; + } - return( 0 ); + return 0; } /* * Verify the certificate validity (default profile, not restartable) */ -int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - &mbedtls_x509_crt_profile_default, - cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + &mbedtls_x509_crt_profile_default, + cn, flags, + f_vrfy, p_vrfy, NULL); } /* * Verify the certificate validity (user-chosen profile, not restartable) */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, NULL); } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) @@ -3229,49 +3244,49 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, * Verify the certificate validity (user-chosen profile, CA callback, * not restartable). */ -int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt, - mbedtls_x509_crt_ca_cb_t f_ca_cb, - void *p_ca_cb, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) +int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt, + mbedtls_x509_crt_ca_cb_t f_ca_cb, + void *p_ca_cb, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy) { - return( x509_crt_verify_restartable_ca_cb( crt, NULL, NULL, - f_ca_cb, p_ca_cb, - profile, cn, flags, - f_vrfy, p_vrfy, NULL ) ); + return x509_crt_verify_restartable_ca_cb(crt, NULL, NULL, + f_ca_cb, p_ca_cb, + profile, cn, flags, + f_vrfy, p_vrfy, NULL); } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, - mbedtls_x509_crt *trust_ca, - mbedtls_x509_crl *ca_crl, - const mbedtls_x509_crt_profile *profile, - const char *cn, uint32_t *flags, - int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy, - mbedtls_x509_crt_restart_ctx *rs_ctx ) +int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx) { - return( x509_crt_verify_restartable_ca_cb( crt, trust_ca, ca_crl, - NULL, NULL, - profile, cn, flags, - f_vrfy, p_vrfy, rs_ctx ) ); + return x509_crt_verify_restartable_ca_cb(crt, trust_ca, ca_crl, + NULL, NULL, + profile, cn, flags, + f_vrfy, p_vrfy, rs_ctx); } /* * Initialize a certificate chain */ -void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) +void mbedtls_x509_crt_init(mbedtls_x509_crt *crt) { - memset( crt, 0, sizeof(mbedtls_x509_crt) ); + memset(crt, 0, sizeof(mbedtls_x509_crt)); } /* * Unallocate all certificate data */ -void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) +void mbedtls_x509_crt_free(mbedtls_x509_crt *crt) { mbedtls_x509_crt *cert_cur = crt; mbedtls_x509_crt *cert_prv; @@ -3280,95 +3295,87 @@ void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) mbedtls_x509_sequence *seq_cur; mbedtls_x509_sequence *seq_prv; - if( crt == NULL ) + if (crt == NULL) { return; + } - do - { - mbedtls_pk_free( &cert_cur->pk ); + do { + mbedtls_pk_free(&cert_cur->pk); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( cert_cur->sig_opts ); + mbedtls_free(cert_cur->sig_opts); #endif name_cur = cert_cur->issuer.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } name_cur = cert_cur->subject.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } seq_cur = cert_cur->ext_key_usage.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } seq_cur = cert_cur->subject_alt_names.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } seq_cur = cert_cur->certificate_policies.next; - while( seq_cur != NULL ) - { + while (seq_cur != NULL) { seq_prv = seq_cur; seq_cur = seq_cur->next; - mbedtls_platform_zeroize( seq_prv, - sizeof( mbedtls_x509_sequence ) ); - mbedtls_free( seq_prv ); + mbedtls_platform_zeroize(seq_prv, + sizeof(mbedtls_x509_sequence)); + mbedtls_free(seq_prv); } - if( cert_cur->raw.p != NULL && cert_cur->own_buffer ) - { - mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len ); - mbedtls_free( cert_cur->raw.p ); + if (cert_cur->raw.p != NULL && cert_cur->own_buffer) { + mbedtls_platform_zeroize(cert_cur->raw.p, cert_cur->raw.len); + mbedtls_free(cert_cur->raw.p); } cert_cur = cert_cur->next; - } - while( cert_cur != NULL ); + } while (cert_cur != NULL); cert_cur = crt; - do - { + do { cert_prv = cert_cur; cert_cur = cert_cur->next; - mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) ); - if( cert_prv != crt ) - mbedtls_free( cert_prv ); - } - while( cert_cur != NULL ); + mbedtls_platform_zeroize(cert_prv, sizeof(mbedtls_x509_crt)); + if (cert_prv != crt) { + mbedtls_free(cert_prv); + } + } while (cert_cur != NULL); } #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* * Initialize a restart context */ -void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) +void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx) { - mbedtls_pk_restart_init( &ctx->pk ); + mbedtls_pk_restart_init(&ctx->pk); ctx->parent = NULL; ctx->fallback_parent = NULL; @@ -3378,19 +3385,20 @@ void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) ctx->in_progress = x509_crt_rs_none; ctx->self_cnt = 0; - x509_crt_verify_chain_reset( &ctx->ver_chain ); + x509_crt_verify_chain_reset(&ctx->ver_chain); } /* * Free the components of a restart context */ -void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ) +void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_pk_restart_free( &ctx->pk ); - mbedtls_x509_crt_restart_init( ctx ); + mbedtls_pk_restart_free(&ctx->pk); + mbedtls_x509_crt_restart_init(ctx); } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ diff --git a/third_party/mbedtls/repo/library/x509_csr.c b/third_party/mbedtls/repo/library/x509_csr.c index e259410d071..095364e5e84 100644 --- a/third_party/mbedtls/repo/library/x509_csr.c +++ b/third_party/mbedtls/repo/library/x509_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request (CSR) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. @@ -42,15 +30,7 @@ #include "mbedtls/pem.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_snprintf snprintf -#endif #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include @@ -59,56 +39,56 @@ /* * Version ::= INTEGER { v1(0) } */ -static int x509_csr_get_version( unsigned char **p, - const unsigned char *end, - int *ver ) +static int x509_csr_get_version(unsigned char **p, + const unsigned char *end, + int *ver) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 ) - { - if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) - { + if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) { + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { *ver = 0; - return( 0 ); + return 0; } - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) ); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret); } - return( 0 ); + return 0; } /* * Parse a CSR in DER format */ -int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen ) +int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *p, *end; mbedtls_x509_buf sig_params; - memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); + memset(&sig_params, 0, sizeof(mbedtls_x509_buf)); /* * Check for valid input */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (csr == NULL || buf == NULL || buflen == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - mbedtls_x509_csr_init( csr ); + mbedtls_x509_csr_init(csr); /* * first copy the raw DER data */ - p = mbedtls_calloc( 1, len = buflen ); + p = mbedtls_calloc(1, len = buflen); - if( p == NULL ) - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if (p == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } - memcpy( p, buf, buflen ); + memcpy(p, buf, buflen); csr->raw.p = p; csr->raw.len = len; @@ -121,18 +101,16 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * signature BIT STRING * } */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_INVALID_FORMAT; } - if( len != (size_t) ( end - p ) ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len != (size_t) (end - p)) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } /* @@ -140,11 +118,10 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, */ csr->cri.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } end = p + len; @@ -153,16 +130,14 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, /* * Version ::= INTEGER { v1(0) } */ - if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = x509_csr_get_version(&p, end, &csr->version)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( csr->version != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_VERSION ); + if (csr->version != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_UNKNOWN_VERSION; } csr->version++; @@ -172,17 +147,15 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, */ csr->subject_raw.p = p; - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_name(&p, p + len, &csr->subject)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } csr->subject_raw.len = p - csr->subject_raw.p; @@ -190,10 +163,9 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, /* * subjectPKInfo SubjectPublicKeyInfo */ - if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &csr->pk)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } /* @@ -206,11 +178,11 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * the requester's expectations - this cannot cause a violation of our * signature policies. */ - if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) ); + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != + 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } p += len; @@ -221,40 +193,36 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING */ - if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_alg(&p, end, &csr->sig_oid, &sig_params)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params, - &csr->sig_md, &csr->sig_pk, - &csr->sig_opts ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG ); + if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params, + &csr->sig_md, &csr->sig_pk, + &csr->sig_opts)) != 0) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG; } - if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 ) - { - mbedtls_x509_csr_free( csr ); - return( ret ); + if ((ret = mbedtls_x509_get_sig(&p, end, &csr->sig)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; } - if( p != end ) - { - mbedtls_x509_csr_free( csr ); - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (p != end) { + mbedtls_x509_csr_free(csr); + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - return( 0 ); + return 0; } /* * Parse a CSR, allowing for PEM or raw DER encoding */ -int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen ) +int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen) { #if defined(MBEDTLS_PEM_PARSE_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -265,61 +233,61 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz /* * Check for valid input */ - if( csr == NULL || buf == NULL || buflen == 0 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (csr == NULL || buf == NULL || buflen == 0) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } #if defined(MBEDTLS_PEM_PARSE_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( buf[buflen - 1] == '\0' ) - { - mbedtls_pem_init( &pem ); - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN CERTIFICATE REQUEST-----", - "-----END CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); - if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - { - ret = mbedtls_pem_read_buffer( &pem, - "-----BEGIN NEW CERTIFICATE REQUEST-----", - "-----END NEW CERTIFICATE REQUEST-----", - buf, NULL, 0, &use_len ); + if (buf[buflen - 1] == '\0') { + mbedtls_pem_init(&pem); + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN CERTIFICATE REQUEST-----", + "-----END CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len); + if (ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + ret = mbedtls_pem_read_buffer(&pem, + "-----BEGIN NEW CERTIFICATE REQUEST-----", + "-----END NEW CERTIFICATE REQUEST-----", + buf, NULL, 0, &use_len); } - if( ret == 0 ) - { + if (ret == 0) { /* * Was PEM encoded, parse the result */ - ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ); + ret = mbedtls_x509_csr_parse_der(csr, pem.buf, pem.buflen); } - mbedtls_pem_free( &pem ); - if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) - return( ret ); + mbedtls_pem_free(&pem); + if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { + return ret; + } } #endif /* MBEDTLS_PEM_PARSE_C */ - return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) ); + return mbedtls_x509_csr_parse_der(csr, buf, buflen); } #if defined(MBEDTLS_FS_IO) /* * Load a CSR into the structure */ -int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) +int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; unsigned char *buf; - if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) - return( ret ); + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } - ret = mbedtls_x509_csr_parse( csr, buf, n ); + ret = mbedtls_x509_csr_parse(csr, buf, n); - mbedtls_platform_zeroize( buf, n ); - mbedtls_free( buf ); + mbedtls_platform_zeroize(buf, n); + mbedtls_free(buf); - return( ret ); + return ret; } #endif /* MBEDTLS_FS_IO */ @@ -328,8 +296,8 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path ) /* * Return an informational string about the CSR. */ -int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, - const mbedtls_x509_csr *csr ) +int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix, + const mbedtls_x509_csr *csr) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; @@ -339,76 +307,74 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - ret = mbedtls_snprintf( p, n, "%sCSR version : %d", - prefix, csr->version ); + ret = mbedtls_snprintf(p, n, "%sCSR version : %d", + prefix, csr->version); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssubject name : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &csr->subject ); + ret = mbedtls_x509_dn_gets(p, n, &csr->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); + ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, - csr->sig_opts ); + ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, + csr->sig_opts); MBEDTLS_X509_SAFE_SNPRINTF; - if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON, - mbedtls_pk_get_name( &csr->pk ) ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON, + mbedtls_pk_get_name(&csr->pk))) != 0) { + return ret; } - ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, - (int) mbedtls_pk_get_bitlen( &csr->pk ) ); + ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str, + (int) mbedtls_pk_get_bitlen(&csr->pk)); MBEDTLS_X509_SAFE_SNPRINTF; - return( (int) ( size - n ) ); + return (int) (size - n); } /* * Initialize a CSR */ -void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) +void mbedtls_x509_csr_init(mbedtls_x509_csr *csr) { - memset( csr, 0, sizeof(mbedtls_x509_csr) ); + memset(csr, 0, sizeof(mbedtls_x509_csr)); } /* * Unallocate all CSR data */ -void mbedtls_x509_csr_free( mbedtls_x509_csr *csr ) +void mbedtls_x509_csr_free(mbedtls_x509_csr *csr) { mbedtls_x509_name *name_cur; mbedtls_x509_name *name_prv; - if( csr == NULL ) + if (csr == NULL) { return; + } - mbedtls_pk_free( &csr->pk ); + mbedtls_pk_free(&csr->pk); #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - mbedtls_free( csr->sig_opts ); + mbedtls_free(csr->sig_opts); #endif name_cur = csr->subject.next; - while( name_cur != NULL ) - { + while (name_cur != NULL) { name_prv = name_cur; name_cur = name_cur->next; - mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) ); - mbedtls_free( name_prv ); + mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name)); + mbedtls_free(name_prv); } - if( csr->raw.p != NULL ) - { - mbedtls_platform_zeroize( csr->raw.p, csr->raw.len ); - mbedtls_free( csr->raw.p ); + if (csr->raw.p != NULL) { + mbedtls_platform_zeroize(csr->raw.p, csr->raw.len); + mbedtls_free(csr->raw.p); } - mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) ); + mbedtls_platform_zeroize(csr, sizeof(mbedtls_x509_csr)); } #endif /* MBEDTLS_X509_CSR_PARSE_C */ diff --git a/third_party/mbedtls/repo/library/x509write_crt.c b/third_party/mbedtls/repo/library/x509write_crt.c index 184c90cd33d..1e16b53b3db 100644 --- a/third_party/mbedtls/repo/library/x509write_crt.c +++ b/third_party/mbedtls/repo/library/x509write_crt.c @@ -2,19 +2,7 @@ * X.509 certificate writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: @@ -40,258 +28,268 @@ #include "mbedtls/pem.h" #endif /* MBEDTLS_PEM_WRITE_C */ -void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) +void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx) { - memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); + memset(ctx, 0, sizeof(mbedtls_x509write_cert)); - mbedtls_mpi_init( &ctx->serial ); + mbedtls_mpi_init(&ctx->serial); ctx->version = MBEDTLS_X509_CRT_VERSION_3; } -void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx ) +void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx) { - mbedtls_mpi_free( &ctx->serial ); + mbedtls_mpi_free(&ctx->serial); - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->issuer ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list(&ctx->subject); + mbedtls_asn1_free_named_data_list(&ctx->issuer); + mbedtls_asn1_free_named_data_list(&ctx->extensions); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_cert)); } -void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, - int version ) +void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, + int version) { ctx->version = version; } -void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, - mbedtls_md_type_t md_alg ) +void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, + mbedtls_md_type_t md_alg) { ctx->md_alg = md_alg; } -void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, - mbedtls_pk_context *key ) +void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, + mbedtls_pk_context *key) { ctx->subject_key = key; } -void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, - mbedtls_pk_context *key ) +void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, + mbedtls_pk_context *key) { ctx->issuer_key = key; } -int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx, - const char *subject_name ) +int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx, + const char *subject_name) { - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names(&ctx->subject, subject_name); } -int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx, - const char *issuer_name ) +int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, + const char *issuer_name) { - return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name ); + return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name); } -int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, - const mbedtls_mpi *serial ) +int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, + const mbedtls_mpi *serial) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 ) - return( ret ); + if (mbedtls_mpi_size(serial) > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + if ((ret = mbedtls_mpi_copy(&ctx->serial, serial)) != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, - const char *not_before, - const char *not_after ) +int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, + const char *not_before, + const char *not_after) { - if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || - strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ) - { - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (strlen(not_before) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 || + strlen(not_after) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } - strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); - strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN ); + strncpy(ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN); + strncpy(ctx->not_after, not_after, MBEDTLS_X509_RFC5280_UTC_TIME_LEN); ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z'; - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx, - const char *oid, size_t oid_len, - int critical, - const unsigned char *val, size_t val_len ) +int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, + const char *oid, size_t oid_len, + int critical, + const unsigned char *val, size_t val_len) { - return( mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - critical, val, val_len ) ); + return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len, + critical, val, val_len); } -int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, - int is_ca, int max_pathlen ) +int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, + int is_ca, int max_pathlen) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[9]; unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); + memset(buf, 0, sizeof(buf)); - if( is_ca && max_pathlen > 127 ) - return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); + if (is_ca && max_pathlen > 127) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } - if( is_ca ) - { - if( max_pathlen >= 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, - max_pathlen ) ); + if (is_ca) { + if (max_pathlen >= 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, + max_pathlen)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_bool(&c, buf, 1)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( - mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, - MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ), - is_ca, buf + sizeof(buf) - len, len ) ); + return + mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_BASIC_CONSTRAINTS, + MBEDTLS_OID_SIZE(MBEDTLS_OID_BASIC_CONSTRAINTS), + is_ca, buf + sizeof(buf) - len, len); } #if defined(MBEDTLS_SHA1_C) -int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx ) +int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); + memset(buf, 0, sizeof(buf)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_pk_write_pubkey(&c, buf, ctx->subject_key)); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; + ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len, + buf + sizeof(buf) - 20); + if (ret != 0) { + return ret; + } + c = buf + sizeof(buf) - 20; len = 20; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_OCTET_STRING)); - return mbedtls_x509write_crt_set_extension( ctx, - MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ), - 0, buf + sizeof(buf) - len, len ); + return mbedtls_x509write_crt_set_extension(ctx, + MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER), + 0, buf + sizeof(buf) - len, len); } -int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx ) +int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */ - unsigned char *c = buf + sizeof( buf ); + unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); + memset(buf, 0, sizeof(buf)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_pk_write_pubkey(&c, buf, ctx->issuer_key)); - ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, - buf + sizeof( buf ) - 20 ); - if( ret != 0 ) - return( ret ); - c = buf + sizeof( buf ) - 20; + ret = mbedtls_sha1_ret(buf + sizeof(buf) - len, len, + buf + sizeof(buf) - 20); + if (ret != 0) { + return ret; + } + c = buf + sizeof(buf) - 20; len = 20; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, - MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ), - 0, buf + sizeof( buf ) - len, len ); + MBEDTLS_OID_SIZE(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER), + 0, buf + sizeof(buf) - len, len); } #endif /* MBEDTLS_SHA1_C */ -int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, - unsigned int key_usage ) +int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, + unsigned int key_usage) { - unsigned char buf[5] = {0}, ku[2] = {0}; + unsigned char buf[5] = { 0 }, ku[2] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | - MBEDTLS_X509_KU_NON_REPUDIATION | - MBEDTLS_X509_KU_KEY_ENCIPHERMENT | - MBEDTLS_X509_KU_DATA_ENCIPHERMENT | - MBEDTLS_X509_KU_KEY_AGREEMENT | - MBEDTLS_X509_KU_KEY_CERT_SIGN | - MBEDTLS_X509_KU_CRL_SIGN | - MBEDTLS_X509_KU_ENCIPHER_ONLY | - MBEDTLS_X509_KU_DECIPHER_ONLY; + MBEDTLS_X509_KU_NON_REPUDIATION | + MBEDTLS_X509_KU_KEY_ENCIPHERMENT | + MBEDTLS_X509_KU_DATA_ENCIPHERMENT | + MBEDTLS_X509_KU_KEY_AGREEMENT | + MBEDTLS_X509_KU_KEY_CERT_SIGN | + MBEDTLS_X509_KU_CRL_SIGN | + MBEDTLS_X509_KU_ENCIPHER_ONLY | + MBEDTLS_X509_KU_DECIPHER_ONLY; /* Check that nothing other than the allowed flags is set */ - if( ( key_usage & ~allowed_bits ) != 0 ) - return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + if ((key_usage & ~allowed_bits) != 0) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } c = buf + 5; - MBEDTLS_PUT_UINT16_LE( key_usage, ku, 0 ); - ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 ); + MBEDTLS_PUT_UINT16_LE(key_usage, ku, 0); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, ku, 9); - if( ret < 0 ) - return( ret ); - else if( ret < 3 || ret > 5 ) - return( MBEDTLS_ERR_X509_INVALID_FORMAT ); + if (ret < 0) { + return ret; + } else if (ret < 3 || ret > 5) { + return MBEDTLS_ERR_X509_INVALID_FORMAT; + } - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - 1, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE), + 1, c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, - unsigned char ns_cert_type ) +int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx, + unsigned char ns_cert_type) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - 0, c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_crt_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE), + 0, c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -static int x509_write_time( unsigned char **p, unsigned char *start, - const char *t, size_t size ) +static int x509_write_time(unsigned char **p, unsigned char *start, + const char *t, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; @@ -299,32 +297,29 @@ static int x509_write_time( unsigned char **p, unsigned char *start, /* * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter) */ - if( t[0] == '2' && t[1] == '0' && t[2] < '5' ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t + 2, - size - 2 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_UTC_TIME ) ); - } - else - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) t, - size ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_GENERALIZED_TIME ) ); + if (t[0] < '2' || (t[0] == '2' && t[1] == '0' && t[2] < '5')) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) t + 2, + size - 2)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_UTC_TIME)); + } else { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, + (const unsigned char *) t, + size)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_GENERALIZED_TIME)); } - return( (int) len ); + return (int) len; } -int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, - unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, + unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *sig_oid; @@ -335,6 +330,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; mbedtls_pk_type_t pk_alg; + int write_sig_null_par; /* * Prepare data to be signed at the end of the target buffer @@ -345,17 +341,17 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, /* There's no direct way of extracting a signature algorithm * (represented as an element of mbedtls_pk_type_t) from a PK instance. */ - if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) ) + if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) { pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) ) + } else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) { pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); + } else { + return MBEDTLS_ERR_X509_INVALID_ALG; + } - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len)) != 0) { + return ret; } /* @@ -363,38 +359,37 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, */ /* Only for v3 */ - if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 ) - { - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_x509_write_extensions( &c, - buf, ctx->extensions ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 3 ) ); + if (ctx->version == MBEDTLS_X509_CRT_VERSION_3) { + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_x509_write_extensions(&c, + buf, ctx->extensions)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 3)); } /* * SubjectPublicKeyInfo */ - MBEDTLS_ASN1_CHK_ADD( pub_len, - mbedtls_pk_write_pubkey_der( ctx->subject_key, - buf, c - buf ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, + mbedtls_pk_write_pubkey_der(ctx->subject_key, + buf, c - buf)); c -= pub_len; len += pub_len; /* * Subject ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_x509_write_names( &c, buf, - ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_x509_write_names(&c, buf, + ctx->subject)); /* * Validity ::= SEQUENCE { @@ -403,93 +398,102 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, */ sub_len = 0; - MBEDTLS_ASN1_CHK_ADD( sub_len, - x509_write_time( &c, buf, ctx->not_after, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + x509_write_time(&c, buf, ctx->not_after, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN)); - MBEDTLS_ASN1_CHK_ADD( sub_len, - x509_write_time( &c, buf, ctx->not_before, - MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + x509_write_time(&c, buf, ctx->not_before, + MBEDTLS_X509_RFC5280_UTC_TIME_LEN)); len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, sub_len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); /* * Issuer ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf, - ctx->issuer ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf, + ctx->issuer)); /* * Signature ::= AlgorithmIdentifier */ - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_algorithm_identifier( &c, buf, - sig_oid, strlen( sig_oid ), 0 ) ); + if (pk_alg == MBEDTLS_PK_ECDSA) { + /* + * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature + * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and + * https://www.rfc-editor.org/rfc/rfc5758#section-3. + */ + write_sig_null_par = 0; + } else { + write_sig_null_par = 1; + } + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier_ext(&c, buf, + sig_oid, strlen(sig_oid), + 0, write_sig_null_par)); /* * Serial ::= INTEGER */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, - &ctx->serial ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&c, buf, + &ctx->serial)); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ /* Can be omitted for v1 */ - if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 ) - { + if (ctx->version != MBEDTLS_X509_CRT_VERSION_1) { sub_len = 0; - MBEDTLS_ASN1_CHK_ADD( sub_len, - mbedtls_asn1_write_int( &c, buf, ctx->version ) ); + MBEDTLS_ASN1_CHK_ADD(sub_len, + mbedtls_asn1_write_int(&c, buf, ctx->version)); len += sub_len; - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_len( &c, buf, sub_len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_len(&c, buf, sub_len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); /* * Make signature */ /* Compute hash of CRT. */ - if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, - len, hash ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, + len, hash)) != 0) { + return ret; } - if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, - hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_sign(ctx->issuer_key, ctx->md_alg, + hash, 0, sig, &sig_len, + f_rng, p_rng)) != 0) { + return ret; } /* Move CRT to the front of the buffer to have space * for the signature. */ - memmove( buf, c, len ); + memmove(buf, c, len); c = buf + len; /* Add signature at the end of the buffer, * making sure that it doesn't underflow * into the CRT buffer. */ c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, c, - sig_oid, sig_oid_len, sig, sig_len ) ); + MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c, + sig_oid, sig_oid_len, + sig, sig_len, pk_alg)); /* * Memory layout after this step: @@ -500,43 +504,41 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, /* Move raw CRT to just before the signature. */ c = c2 - len; - memmove( c, buf, len ); + memmove(c, buf, len); len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); - return( (int) len ); + return (int) len; } #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" #define PEM_END_CRT "-----END CERTIFICATE-----\n" #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, - unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt, + unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen; - if( ( ret = mbedtls_x509write_crt_der( crt, buf, size, - f_rng, p_rng ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_x509write_crt_der(crt, buf, size, + f_rng, p_rng)) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, - buf + size - ret, ret, - buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, + buf + size - ret, ret, + buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/third_party/mbedtls/repo/library/x509write_csr.c b/third_party/mbedtls/repo/library/x509write_csr.c index afda9503412..3c3ab3a0789 100644 --- a/third_party/mbedtls/repo/library/x509write_csr.c +++ b/third_party/mbedtls/repo/library/x509write_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: @@ -44,100 +32,98 @@ #include "mbedtls/pem.h" #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#endif -void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) +void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx) { - memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); + memset(ctx, 0, sizeof(mbedtls_x509write_csr)); } -void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) +void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx) { - mbedtls_asn1_free_named_data_list( &ctx->subject ); - mbedtls_asn1_free_named_data_list( &ctx->extensions ); + mbedtls_asn1_free_named_data_list(&ctx->subject); + mbedtls_asn1_free_named_data_list(&ctx->extensions); - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_x509write_csr)); } -void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) +void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg) { ctx->md_alg = md_alg; } -void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) +void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key) { ctx->key = key; } -int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, - const char *subject_name ) +int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx, + const char *subject_name) { - return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); + return mbedtls_x509_string_to_names(&ctx->subject, subject_name); } -int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, - const char *oid, size_t oid_len, - const unsigned char *val, size_t val_len ) +int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len, + const unsigned char *val, size_t val_len) { - return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - 0, val, val_len ); + return mbedtls_x509_set_extension(&ctx->extensions, oid, oid_len, + 0, val, val_len); } -int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) +int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &key_usage, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_KEY_USAGE), + c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, - unsigned char ns_cert_type ) +int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx, + unsigned char ns_cert_type) { - unsigned char buf[4] = {0}; + unsigned char buf[4] = { 0 }; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; c = buf + 4; - ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); - if( ret < 3 || ret > 4 ) - return( ret ); + ret = mbedtls_asn1_write_named_bitstring(&c, buf, &ns_cert_type, 8); + if (ret < 3 || ret > 4) { + return ret; + } - ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, - MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - c, (size_t)ret ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_x509write_csr_set_extension(ctx, MBEDTLS_OID_NS_CERT_TYPE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_NS_CERT_TYPE), + c, (size_t) ret); + if (ret != 0) { + return ret; + } - return( 0 ); + return 0; } -static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, - unsigned char *buf, - size_t size, - unsigned char *sig, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, + unsigned char *buf, + size_t size, + unsigned char *sig, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const char *sig_oid; @@ -150,114 +136,114 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; size_t hash_len; - psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); + psa_algorithm_t hash_alg = mbedtls_psa_translate_md(ctx->md_alg); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Write the CSR backwards starting from the end of buf */ c = buf + size; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf, - ctx->extensions ) ); - - if( len ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ); - - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_oid( - &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, - MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_extensions(&c, buf, + ctx->extensions)); + + if (len) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)); + + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_oid( + &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, + MBEDTLS_OID_SIZE(MBEDTLS_OID_PKCS9_CSR_EXT_REQ))); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); } - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)); - MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, - buf, c - buf ) ); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key, + buf, c - buf)); c -= pub_len; len += pub_len; /* * Subject ::= Name */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf, - ctx->subject ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_x509_write_names(&c, buf, + ctx->subject)); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0)); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); /* * Sign the written CSR data into the sig buffer * Note: hash errors can happen only after an internal error */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_setup(&hash_operation, hash_alg) != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_update(&hash_operation, c, len) != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } - if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) - != PSA_SUCCESS ) - { - return( MBEDTLS_ERR_X509_FATAL_ERROR ); + if (psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_len) + != PSA_SUCCESS) { + return MBEDTLS_ERR_X509_FATAL_ERROR; } #else /* MBEDTLS_USE_PSA_CRYPTO */ - ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_md(mbedtls_md_info_from_type(ctx->md_alg), c, len, hash); + if (ret != 0) { + return ret; + } #endif - if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, - f_rng, p_rng ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pk_sign(ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, + f_rng, p_rng)) != 0) { + return ret; } - if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) ) + if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_RSA)) { pk_alg = MBEDTLS_PK_RSA; - else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) ) + } else if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_ECDSA)) { pk_alg = MBEDTLS_PK_ECDSA; - else - return( MBEDTLS_ERR_X509_INVALID_ALG ); + } else { + return MBEDTLS_ERR_X509_INVALID_ALG; + } - if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, - &sig_oid, &sig_oid_len ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_oid_get_oid_by_sig_alg(pk_alg, ctx->md_alg, + &sig_oid, &sig_oid_len)) != 0) { + return ret; } /* * Move the written CSR data to the start of buf to create space for * writing the signature into buf. */ - memmove( buf, c, len ); + memmove(buf, c, len); /* * Write sig and its OID into buf backwards from the end of buf. @@ -265,76 +251,73 @@ static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed. */ c2 = buf + size; - MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, - mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len, - sig, sig_len ) ); + MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, + mbedtls_x509_write_sig(&c2, buf + len, sig_oid, sig_oid_len, + sig, sig_len, pk_alg)); /* * Compact the space between the CSR data and signature by moving the * CSR data to the start of the signature. */ c2 -= len; - memmove( c2, buf, len ); + memmove(c2, buf, len); /* ASN encode the total size and tag the CSR data with it. */ len += sig_and_oid_len; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, - mbedtls_asn1_write_tag( - &c2, buf, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c2, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_tag( + &c2, buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); /* Zero the unused bytes at the start of buf */ - memset( buf, 0, c2 - buf); + memset(buf, 0, c2 - buf); - return( (int) len ); + return (int) len; } -int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, - size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, + size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; unsigned char *sig; - if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL ) - { - return( MBEDTLS_ERR_X509_ALLOC_FAILED ); + if ((sig = mbedtls_calloc(1, MBEDTLS_PK_SIGNATURE_MAX_SIZE)) == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; } - ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng ); + ret = x509write_csr_der_internal(ctx, buf, size, sig, f_rng, p_rng); - mbedtls_free( sig ); + mbedtls_free(sig); - return( ret ); + return ret; } #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" #if defined(MBEDTLS_PEM_WRITE_C) -int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen = 0; - if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size, - f_rng, p_rng ) ) < 0 ) - { - return( ret ); + if ((ret = mbedtls_x509write_csr_der(ctx, buf, size, + f_rng, p_rng)) < 0) { + return ret; } - if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, - buf + size - ret, - ret, buf, size, &olen ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CSR, PEM_END_CSR, + buf + size - ret, + ret, buf, size, &olen)) != 0) { + return ret; } - return( 0 ); + return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/third_party/mbedtls/repo/library/xtea.c b/third_party/mbedtls/repo/library/xtea.c index 77f6cb6f677..f4aca56c2fd 100644 --- a/third_party/mbedtls/repo/library/xtea.c +++ b/third_party/mbedtls/repo/library/xtea.c @@ -1,20 +1,8 @@ /* - * An 32-bit implementation of the XTEA algorithm + * A 32-bit implementation of the XTEA algorithm * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -26,127 +14,113 @@ #include -#if defined(MBEDTLS_SELF_TEST) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ -#endif /* MBEDTLS_SELF_TEST */ #if !defined(MBEDTLS_XTEA_ALT) -void mbedtls_xtea_init( mbedtls_xtea_context *ctx ) +void mbedtls_xtea_init(mbedtls_xtea_context *ctx) { - memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); + memset(ctx, 0, sizeof(mbedtls_xtea_context)); } -void mbedtls_xtea_free( mbedtls_xtea_context *ctx ) +void mbedtls_xtea_free(mbedtls_xtea_context *ctx) { - if( ctx == NULL ) + if (ctx == NULL) { return; + } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) ); + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_xtea_context)); } /* * XTEA key schedule */ -void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] ) +void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]) { int i; - memset( ctx, 0, sizeof(mbedtls_xtea_context) ); + memset(ctx, 0, sizeof(mbedtls_xtea_context)); - for( i = 0; i < 4; i++ ) - { - ctx->k[i] = MBEDTLS_GET_UINT32_BE( key, i << 2 ); + for (i = 0; i < 4; i++) { + ctx->k[i] = MBEDTLS_GET_UINT32_BE(key, i << 2); } } /* * XTEA encrypt function */ -int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode, - const unsigned char input[8], unsigned char output[8]) +int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx, int mode, + const unsigned char input[8], unsigned char output[8]) { uint32_t *k, v0, v1, i; k = ctx->k; - v0 = MBEDTLS_GET_UINT32_BE( input, 0 ); - v1 = MBEDTLS_GET_UINT32_BE( input, 4 ); + v0 = MBEDTLS_GET_UINT32_BE(input, 0); + v1 = MBEDTLS_GET_UINT32_BE(input, 4); - if( mode == MBEDTLS_XTEA_ENCRYPT ) - { + if (mode == MBEDTLS_XTEA_ENCRYPT) { uint32_t sum = 0, delta = 0x9E3779B9; - for( i = 0; i < 32; i++ ) - { + for (i = 0; i < 32; i++) { v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); sum += delta; v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); } - } - else /* MBEDTLS_XTEA_DECRYPT */ - { + } else { /* MBEDTLS_XTEA_DECRYPT */ uint32_t delta = 0x9E3779B9, sum = delta * 32; - for( i = 0; i < 32; i++ ) - { + for (i = 0; i < 32; i++) { v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); sum -= delta; v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); } } - MBEDTLS_PUT_UINT32_BE( v0, output, 0 ); - MBEDTLS_PUT_UINT32_BE( v1, output, 4 ); + MBEDTLS_PUT_UINT32_BE(v0, output, 0); + MBEDTLS_PUT_UINT32_BE(v1, output, 4); - return( 0 ); + return 0; } #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * XTEA-CBC buffer encryption/decryption */ -int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, - unsigned char iv[8], const unsigned char *input, - unsigned char *output) +int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx, int mode, size_t length, + unsigned char iv[8], const unsigned char *input, + unsigned char *output) { int i; unsigned char temp[8]; - if( length % 8 ) - return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH ); + if (length % 8) { + return MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH; + } - if( mode == MBEDTLS_XTEA_DECRYPT ) - { - while( length > 0 ) - { - memcpy( temp, input, 8 ); - mbedtls_xtea_crypt_ecb( ctx, mode, input, output ); + if (mode == MBEDTLS_XTEA_DECRYPT) { + while (length > 0) { + memcpy(temp, input, 8); + mbedtls_xtea_crypt_ecb(ctx, mode, input, output); - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( output[i] ^ iv[i] ); + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (output[i] ^ iv[i]); + } - memcpy( iv, temp, 8 ); + memcpy(iv, temp, 8); input += 8; output += 8; length -= 8; } - } - else - { - while( length > 0 ) - { - for( i = 0; i < 8; i++ ) - output[i] = (unsigned char)( input[i] ^ iv[i] ); + } else { + while (length > 0) { + for (i = 0; i < 8; i++) { + output[i] = (unsigned char) (input[i] ^ iv[i]); + } - mbedtls_xtea_crypt_ecb( ctx, mode, output, output ); - memcpy( iv, output, 8 ); + mbedtls_xtea_crypt_ecb(ctx, mode, output, output); + memcpy(iv, output, 8); input += 8; output += 8; @@ -154,7 +128,7 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, } } - return( 0 ); + return 0; } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* !MBEDTLS_XTEA_ALT */ @@ -167,18 +141,18 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length, static const unsigned char xtea_test_key[6][16] = { - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, - 0x0c, 0x0d, 0x0e, 0x0f }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }, - { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 } + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } }; static const unsigned char xtea_test_pt[6][8] = @@ -204,43 +178,45 @@ static const unsigned char xtea_test_ct[6][8] = /* * Checkup routine */ -int mbedtls_xtea_self_test( int verbose ) +int mbedtls_xtea_self_test(int verbose) { int i, ret = 0; unsigned char buf[8]; mbedtls_xtea_context ctx; - mbedtls_xtea_init( &ctx ); - for( i = 0; i < 6; i++ ) - { - if( verbose != 0 ) - mbedtls_printf( " XTEA test #%d: ", i + 1 ); + mbedtls_xtea_init(&ctx); + for (i = 0; i < 6; i++) { + if (verbose != 0) { + mbedtls_printf(" XTEA test #%d: ", i + 1); + } - memcpy( buf, xtea_test_pt[i], 8 ); + memcpy(buf, xtea_test_pt[i], 8); - mbedtls_xtea_setup( &ctx, xtea_test_key[i] ); - mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf ); + mbedtls_xtea_setup(&ctx, xtea_test_key[i]); + mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf); - if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) - { - if( verbose != 0 ) - mbedtls_printf( "failed\n" ); + if (memcmp(buf, xtea_test_ct[i], 8) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } ret = 1; goto exit; } - if( verbose != 0 ) - mbedtls_printf( "passed\n" ); + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if( verbose != 0 ) - mbedtls_printf( "\n" ); + if (verbose != 0) { + mbedtls_printf("\n"); + } exit: - mbedtls_xtea_free( &ctx ); + mbedtls_xtea_free(&ctx); - return( ret ); + return ret; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/third_party/mbedtls/repo/programs/.gitignore b/third_party/mbedtls/repo/programs/.gitignore index d4026071a56..59634b54e00 100644 --- a/third_party/mbedtls/repo/programs/.gitignore +++ b/third_party/mbedtls/repo/programs/.gitignore @@ -5,9 +5,6 @@ *.sln *.vcxproj -*.o -*.exe - aes/crypt_and_hash hash/generic_sum hash/hello diff --git a/third_party/mbedtls/repo/programs/aes/crypt_and_hash.c b/third_party/mbedtls/repo/programs/aes/crypt_and_hash.c index 18bdf6cd269..60bb75f620c 100644 --- a/third_party/mbedtls/repo/programs/aes/crypt_and_hash.c +++ b/third_party/mbedtls/repo/programs/aes/crypt_and_hash.c @@ -3,19 +3,7 @@ * security. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of fileno() even when compiling with -std=c99. Must be @@ -29,20 +17,10 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_FS_IO) + defined(MBEDTLS_FS_IO) #include "mbedtls/cipher.h" #include "mbedtls/md.h" #include "mbedtls/platform_util.h" @@ -73,15 +51,15 @@ #if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, i; unsigned n; @@ -102,142 +80,128 @@ int main( int argc, char *argv[] ) const mbedtls_md_info_t *md_info; mbedtls_cipher_context_t cipher_ctx; mbedtls_md_context_t md_ctx; + mbedtls_cipher_mode_t cipher_mode; + unsigned int cipher_block_size; + unsigned char md_size; #if defined(_WIN32_WCE) long filesize, offset; #elif defined(_WIN32) - LARGE_INTEGER li_size; + LARGE_INTEGER li_size; __int64 filesize, offset; #else - off_t filesize, offset; + off_t filesize, offset; #endif - mbedtls_cipher_init( &cipher_ctx ); - mbedtls_md_init( &md_ctx ); + mbedtls_cipher_init(&cipher_ctx); + mbedtls_md_init(&md_ctx); /* * Parse the command-line arguments. */ - if( argc != 7 ) - { + if (argc != 7) { const int *list; - mbedtls_printf( USAGE ); + mbedtls_printf(USAGE); - mbedtls_printf( "Available ciphers:\n" ); + mbedtls_printf("Available ciphers:\n"); list = mbedtls_cipher_list(); - while( *list ) - { - cipher_info = mbedtls_cipher_info_from_type( *list ); - mbedtls_printf( " %s\n", cipher_info->name ); + while (*list) { + cipher_info = mbedtls_cipher_info_from_type(*list); + mbedtls_printf(" %s\n", cipher_info->name); list++; } - mbedtls_printf( "\nAvailable message digests:\n" ); + mbedtls_printf("\nAvailable message digests:\n"); list = mbedtls_md_list(); - while( *list ) - { - md_info = mbedtls_md_info_from_type( *list ); - mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) ); + while (*list) { + md_info = mbedtls_md_info_from_type(*list); + mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info)); list++; } #if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf("\n Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif goto exit; } - mode = atoi( argv[1] ); + mode = atoi(argv[1]); - if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT ) - { - mbedtls_fprintf( stderr, "invalid operation mode\n" ); + if (mode != MODE_ENCRYPT && mode != MODE_DECRYPT) { + mbedtls_fprintf(stderr, "invalid operation mode\n"); goto exit; } - if( strcmp( argv[2], argv[3] ) == 0 ) - { - mbedtls_fprintf( stderr, "input and output filenames must differ\n" ); + if (strcmp(argv[2], argv[3]) == 0) { + mbedtls_fprintf(stderr, "input and output filenames must differ\n"); goto exit; } - if( ( fin = fopen( argv[2], "rb" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] ); + if ((fin = fopen(argv[2], "rb")) == NULL) { + mbedtls_fprintf(stderr, "fopen(%s,rb) failed\n", argv[2]); goto exit; } - if( ( fout = fopen( argv[3], "wb+" ) ) == NULL ) - { - mbedtls_fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] ); + if ((fout = fopen(argv[3], "wb+")) == NULL) { + mbedtls_fprintf(stderr, "fopen(%s,wb+) failed\n", argv[3]); goto exit; } /* * Read the Cipher and MD from the command line */ - cipher_info = mbedtls_cipher_info_from_string( argv[4] ); - if( cipher_info == NULL ) - { - mbedtls_fprintf( stderr, "Cipher '%s' not found\n", argv[4] ); + cipher_info = mbedtls_cipher_info_from_string(argv[4]); + if (cipher_info == NULL) { + mbedtls_fprintf(stderr, "Cipher '%s' not found\n", argv[4]); goto exit; } - if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info) ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setup failed\n" ); + if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setup failed\n"); goto exit; } - md_info = mbedtls_md_info_from_string( argv[5] ); - if( md_info == NULL ) - { - mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[5] ); + md_info = mbedtls_md_info_from_string(argv[5]); + if (md_info == NULL) { + mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[5]); goto exit; } - if( mbedtls_md_setup( &md_ctx, md_info, 1 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_setup failed\n" ); + if (mbedtls_md_setup(&md_ctx, md_info, 1) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_setup failed\n"); goto exit; } /* * Read the secret key from file or command line */ - if( ( fkey = fopen( argv[6], "rb" ) ) != NULL ) - { - keylen = fread( key, 1, sizeof( key ), fkey ); - fclose( fkey ); - } - else - { - if( memcmp( argv[6], "hex:", 4 ) == 0 ) - { + if ((fkey = fopen(argv[6], "rb")) != NULL) { + keylen = fread(key, 1, sizeof(key), fkey); + fclose(fkey); + } else { + if (memcmp(argv[6], "hex:", 4) == 0) { p = &argv[6][4]; keylen = 0; - while( sscanf( p, "%02X", (unsigned int*) &n ) > 0 && - keylen < (int) sizeof( key ) ) - { + while (sscanf(p, "%02X", (unsigned int *) &n) > 0 && + keylen < (int) sizeof(key)) { key[keylen++] = (unsigned char) n; p += 2; } - } - else - { - keylen = strlen( argv[6] ); + } else { + keylen = strlen(argv[6]); - if( keylen > (int) sizeof( key ) ) - keylen = (int) sizeof( key ); + if (keylen > (int) sizeof(key)) { + keylen = (int) sizeof(key); + } - memcpy( key, argv[6], keylen ); + memcpy(key, argv[6], keylen); } } #if defined(_WIN32_WCE) - filesize = fseek( fin, 0L, SEEK_END ); + filesize = fseek(fin, 0L, SEEK_END); #else #if defined(_WIN32) /* @@ -245,72 +209,67 @@ int main( int argc, char *argv[] ) */ li_size.QuadPart = 0; li_size.LowPart = - SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ), - li_size.LowPart, &li_size.HighPart, FILE_END ); + SetFilePointer((HANDLE) _get_osfhandle(_fileno(fin)), + li_size.LowPart, &li_size.HighPart, FILE_END); - if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR ) - { - mbedtls_fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" ); + if (li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR) { + mbedtls_fprintf(stderr, "SetFilePointer(0,FILE_END) failed\n"); goto exit; } filesize = li_size.QuadPart; #else - if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 ) - { - perror( "lseek" ); + if ((filesize = lseek(fileno(fin), 0, SEEK_END)) < 0) { + perror("lseek"); goto exit; } #endif #endif - if( fseek( fin, 0, SEEK_SET ) < 0 ) - { - mbedtls_fprintf( stderr, "fseek(0,SEEK_SET) failed\n" ); + if (fseek(fin, 0, SEEK_SET) < 0) { + mbedtls_fprintf(stderr, "fseek(0,SEEK_SET) failed\n"); goto exit; } - if( mode == MODE_ENCRYPT ) - { + md_size = mbedtls_md_get_size(md_info); + cipher_block_size = mbedtls_cipher_get_block_size(&cipher_ctx); + + if (mode == MODE_ENCRYPT) { /* * Generate the initialization vector as: * IV = MD( filesize || filename )[0..15] */ - for( i = 0; i < 8; i++ ) - buffer[i] = (unsigned char)( filesize >> ( i << 3 ) ); + for (i = 0; i < 8; i++) { + buffer[i] = (unsigned char) (filesize >> (i << 3)); + } p = argv[2]; - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, buffer, 8 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, buffer, 8) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, ( unsigned char * ) p, strlen( p ) ) - != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, (unsigned char *) p, strlen(p)) + != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); goto exit; } - memcpy( IV, digest, 16 ); + memcpy(IV, digest, 16); /* * Append the IV at the beginning of the output. */ - if( fwrite( IV, 1, 16, fout ) != 16 ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", 16 ); + if (fwrite(IV, 1, 16, fout) != 16) { + mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", 16); goto exit; } @@ -318,129 +277,109 @@ int main( int argc, char *argv[] ) * Hash the IV and the secret key together 8192 times * using the result to setup the AES context and HMAC. */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_starts() returned error\n" ); + memset(digest, 0, 32); + memcpy(digest, IV, 16); + + for (i = 0; i < 8192; i++) { + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, - "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, + "mbedtls_md_finish() returned error\n"); goto exit; } } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, - MBEDTLS_ENCRYPT ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n"); + if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen, + MBEDTLS_ENCRYPT) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); goto exit; } - if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n"); + if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); goto exit; } - if( mbedtls_cipher_reset( &cipher_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n"); + if (mbedtls_cipher_reset(&cipher_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); goto exit; } - if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); goto exit; } /* * Encrypt and write the ciphertext. */ - for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) ) - { - ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ? - mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset ); - - if( fread( buffer, 1, ilen, fin ) != ilen ) - { - mbedtls_fprintf( stderr, "fread(%ld bytes) failed\n", (long) ilen ); + for (offset = 0; offset < filesize; offset += cipher_block_size) { + ilen = ((unsigned int) filesize - offset > cipher_block_size) ? + cipher_block_size : (unsigned int) (filesize - offset); + + if (fread(buffer, 1, ilen, fin) != ilen) { + mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen); goto exit; } - if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n"); + if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } - if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); + if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } /* * Finally write the HMAC. */ - if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); goto exit; } - if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size( md_info ) ); + if (fwrite(digest, 1, md_size, fout) != md_size) { + mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", md_size); goto exit; } } - if( mode == MODE_DECRYPT ) - { + if (mode == MODE_DECRYPT) { /* * The encrypted file must be structured as follows: * @@ -450,132 +389,117 @@ int main( int argc, char *argv[] ) * N*16 .. (N+1)*16 - 1 Encrypted Block #N * (N+1)*16 .. (N+1)*16 + n Hash(ciphertext) */ - if( filesize < 16 + mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "File too short to be encrypted.\n" ); + if (filesize < 16 + md_size) { + mbedtls_fprintf(stderr, "File too short to be encrypted.\n"); goto exit; } - if( mbedtls_cipher_get_block_size( &cipher_ctx ) == 0 ) - { - mbedtls_fprintf( stderr, "Invalid cipher block size: 0. \n" ); + if (cipher_block_size == 0) { + mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n"); goto exit; } /* * Check the file size. */ - if( cipher_info->mode != MBEDTLS_MODE_GCM && - ( ( filesize - mbedtls_md_get_size( md_info ) ) % - mbedtls_cipher_get_block_size( &cipher_ctx ) ) != 0 ) - { - mbedtls_fprintf( stderr, "File content not a multiple of the block size (%u).\n", - mbedtls_cipher_get_block_size( &cipher_ctx )); + cipher_mode = cipher_info->mode; + if (cipher_mode != MBEDTLS_MODE_GCM && + cipher_mode != MBEDTLS_MODE_CTR && + cipher_mode != MBEDTLS_MODE_CFB && + cipher_mode != MBEDTLS_MODE_OFB && + ((filesize - md_size) % cipher_block_size) != 0) { + mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n", + cipher_block_size); goto exit; } /* * Subtract the IV + HMAC length. */ - filesize -= ( 16 + mbedtls_md_get_size( md_info ) ); + filesize -= (16 + md_size); /* * Read the IV and original filesize modulo 16. */ - if( fread( buffer, 1, 16, fin ) != 16 ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", 16 ); + if (fread(buffer, 1, 16, fin) != 16) { + mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", 16); goto exit; } - memcpy( IV, buffer, 16 ); + memcpy(IV, buffer, 16); /* * Hash the IV and the secret key together 8192 times * using the result to setup the AES context and HMAC. */ - memset( digest, 0, 32 ); - memcpy( digest, IV, 16 ); - - for( i = 0; i < 8192; i++ ) - { - if( mbedtls_md_starts( &md_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" ); + memset(digest, 0, 32); + memcpy(digest, IV, 16); + + for (i = 0; i < 8192; i++) { + if (mbedtls_md_starts(&md_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" ); + if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); goto exit; } - if( mbedtls_md_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" ); + if (mbedtls_md_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); goto exit; } } - if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_setkey() returned error\n" ); + if (mbedtls_cipher_setkey(&cipher_ctx, digest, cipher_info->key_bitlen, + MBEDTLS_DECRYPT) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); goto exit; } - if( mbedtls_cipher_set_iv( &cipher_ctx, IV, 16 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_set_iv() returned error\n" ); + if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); goto exit; } - if( mbedtls_cipher_reset( &cipher_ctx ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_reset() returned error\n" ); + if (mbedtls_cipher_reset(&cipher_ctx) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); goto exit; } - if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" ); + if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); goto exit; } /* * Decrypt and write the plaintext. */ - for( offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size( &cipher_ctx ) ) - { - ilen = ( (unsigned int) filesize - offset > mbedtls_cipher_get_block_size( &cipher_ctx ) ) ? - mbedtls_cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset ); - - if( fread( buffer, 1, ilen, fin ) != ilen ) - { - mbedtls_fprintf( stderr, "fread(%u bytes) failed\n", - mbedtls_cipher_get_block_size( &cipher_ctx ) ); + for (offset = 0; offset < filesize; offset += cipher_block_size) { + ilen = ((unsigned int) filesize - offset > cipher_block_size) ? + cipher_block_size : (unsigned int) (filesize - offset); + + if (fread(buffer, 1, ilen, fin) != ilen) { + mbedtls_fprintf(stderr, "fread(%u bytes) failed\n", + cipher_block_size); goto exit; } - if( mbedtls_md_hmac_update( &md_ctx, buffer, ilen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" ); + if (mbedtls_md_hmac_update(&md_ctx, buffer, ilen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); goto exit; } - if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, - &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_update() returned error\n" ); + if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, + &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } @@ -583,42 +507,38 @@ int main( int argc, char *argv[] ) /* * Verify the message authentication code. */ - if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" ); + if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { + mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); goto exit; } - if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) ) - { - mbedtls_fprintf( stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size( md_info ) ); + if (fread(buffer, 1, md_size, fin) != md_size) { + mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", md_size); goto exit; } /* Use constant-time buffer comparison */ diff = 0; - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) + for (i = 0; i < md_size; i++) { diff |= digest[i] ^ buffer[i]; + } - if( diff != 0 ) - { - mbedtls_fprintf( stderr, "HMAC check failed: wrong key, " - "or file corrupted.\n" ); + if (diff != 0) { + mbedtls_fprintf(stderr, "HMAC check failed: wrong key, " + "or file corrupted.\n"); goto exit; } /* * Write the final block of data */ - if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 ) - { - mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); + if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { + mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); goto exit; } - if( fwrite( output, 1, olen, fout ) != olen ) - { - mbedtls_fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen ); + if (fwrite(output, 1, olen, fout) != olen) { + mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); goto exit; } } @@ -626,26 +546,29 @@ int main( int argc, char *argv[] ) exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( fin ) - fclose( fin ); - if( fout ) - fclose( fout ); + if (fin) { + fclose(fin); + } + if (fout) { + fclose(fout); + } /* Zeroize all command line arguments to also cover the case when the user has missed or reordered some, in which case the key might not be in argv[6]. */ - for( i = 0; i < argc; i++ ) - mbedtls_platform_zeroize( argv[i], strlen( argv[i] ) ); + for (i = 0; i < argc; i++) { + mbedtls_platform_zeroize(argv[i], strlen(argv[i])); + } - mbedtls_platform_zeroize( IV, sizeof( IV ) ); - mbedtls_platform_zeroize( key, sizeof( key ) ); - mbedtls_platform_zeroize( buffer, sizeof( buffer ) ); - mbedtls_platform_zeroize( output, sizeof( output ) ); - mbedtls_platform_zeroize( digest, sizeof( digest ) ); + mbedtls_platform_zeroize(IV, sizeof(IV)); + mbedtls_platform_zeroize(key, sizeof(key)); + mbedtls_platform_zeroize(buffer, sizeof(buffer)); + mbedtls_platform_zeroize(output, sizeof(output)); + mbedtls_platform_zeroize(digest, sizeof(digest)); - mbedtls_cipher_free( &cipher_ctx ); - mbedtls_md_free( &md_ctx ); + mbedtls_cipher_free(&cipher_ctx); + mbedtls_md_free(&md_ctx); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/fuzz/Makefile b/third_party/mbedtls/repo/programs/fuzz/Makefile index 084fc241ec2..0eb2baf8865 100644 --- a/third_party/mbedtls/repo/programs/fuzz/Makefile +++ b/third_party/mbedtls/repo/programs/fuzz/Makefile @@ -1,7 +1,9 @@ MBEDTLS_TEST_PATH:=../../tests/src MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c)) -LOCAL_CFLAGS = -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64 +CFLAGS ?= -O2 +WARNING_CFLAGS ?= -Wall -Wextra +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -L../../library \ -lmbedtls$(SHARED_SUFFIX) \ diff --git a/third_party/mbedtls/repo/programs/fuzz/README.md b/third_party/mbedtls/repo/programs/fuzz/README.md index b6a433394f6..aaef03015dc 100644 --- a/third_party/mbedtls/repo/programs/fuzz/README.md +++ b/third_party/mbedtls/repo/programs/fuzz/README.md @@ -35,10 +35,10 @@ make Finally, you can run the targets like `./test/fuzz/fuzz_client`. -Corpus generation for network trafic targets +Corpus generation for network traffic targets ------ -These targets use network trafic as inputs : +These targets use network traffic as inputs : * client : simulates a client against (fuzzed) server traffic * server : simulates a server against (fuzzed) client traffic * dtls_client @@ -48,7 +48,7 @@ They also use the last bytes as configuration options. To generate corpus for these targets, you can do the following, not fully automated steps : * Build mbedtls programs ssl_server2 and ssl_client2 -* Run them one against the other with `reproducible` option turned on while capturing trafic into test.pcap +* Run them one against the other with `reproducible` option turned on while capturing traffic into test.pcap * Extract tcp payloads, for instance with tshark : `tshark -Tfields -e tcp.dstport -e tcp.payload -r test.pcap > test.txt` * Run a dummy python script to output either client or server corpus file like `python dummy.py test.txt > test.cor` * Finally, you can add the options by appending the last bytes to the file test.cor diff --git a/third_party/mbedtls/repo/programs/fuzz/common.c b/third_party/mbedtls/repo/programs/fuzz/common.c index e12ee3b8a0a..96a24f7575e 100644 --- a/third_party/mbedtls/repo/programs/fuzz/common.c +++ b/third_party/mbedtls/repo/programs/fuzz/common.c @@ -5,56 +5,58 @@ #include #include "mbedtls/ctr_drbg.h" -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) +#if defined(MBEDTLS_PLATFORM_TIME_ALT) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) { (void) time; return 0x5af2a056; } +#endif -void dummy_init() +void dummy_init(void) { #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); #endif } -int dummy_send( void *ctx, const unsigned char *buf, size_t len ) +int dummy_send(void *ctx, const unsigned char *buf, size_t len) { //silence warning about unused parameter (void) ctx; (void) buf; //pretends we wrote everything ok - if( len > INT_MAX ) { - return( -1 ); + if (len > INT_MAX) { + return -1; } - return( (int) len ); + return (int) len; } -int fuzz_recv( void *ctx, unsigned char *buf, size_t len ) +int fuzz_recv(void *ctx, unsigned char *buf, size_t len) { //reads from the buffer from fuzzer - fuzzBufferOffset_t * biomemfuzz = (fuzzBufferOffset_t *) ctx; + fuzzBufferOffset_t *biomemfuzz = (fuzzBufferOffset_t *) ctx; - if(biomemfuzz->Offset == biomemfuzz->Size) { + if (biomemfuzz->Offset == biomemfuzz->Size) { //EOF - return( 0 ); + return 0; } - if( len > INT_MAX ) { - return( -1 ); + if (len > INT_MAX) { + return -1; } - if( len + biomemfuzz->Offset > biomemfuzz->Size ) { + if (len + biomemfuzz->Offset > biomemfuzz->Size) { //do not overflow len = biomemfuzz->Size - biomemfuzz->Offset; } memcpy(buf, biomemfuzz->Data + biomemfuzz->Offset, len); biomemfuzz->Offset += len; - return( (int) len ); + return (int) len; } -int dummy_random( void *p_rng, unsigned char *output, size_t output_len ) +int dummy_random(void *p_rng, unsigned char *output, size_t output_len) { int ret; size_t i; @@ -66,14 +68,14 @@ int dummy_random( void *p_rng, unsigned char *output, size_t output_len ) (void) p_rng; ret = 0; #endif - for (i=0; i #include -typedef struct fuzzBufferOffset -{ +typedef struct fuzzBufferOffset { const uint8_t *Data; size_t Size; size_t Offset; } fuzzBufferOffset_t; -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); -void dummy_init(); +#if defined(MBEDTLS_HAVE_TIME) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); +#endif +void dummy_init(void); -int dummy_send( void *ctx, const unsigned char *buf, size_t len ); -int fuzz_recv( void *ctx, unsigned char *buf, size_t len ); -int dummy_random( void *p_rng, unsigned char *output, size_t output_len ); -int dummy_entropy( void *data, unsigned char *output, size_t len ); -int fuzz_recv_timeout( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ); +int dummy_send(void *ctx, const unsigned char *buf, size_t len); +int fuzz_recv(void *ctx, unsigned char *buf, size_t len); +int dummy_random(void *p_rng, unsigned char *output, size_t output_len); +int dummy_entropy(void *data, unsigned char *output, size_t len); +int fuzz_recv_timeout(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout); diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_client.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_client.c index 270ae8a4db8..2de51a6e9bb 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_client.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_client.c @@ -30,7 +30,8 @@ const char *pers = "fuzz_client"; #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) @@ -45,11 +46,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { uint16_t options; if (initialized == 0) { -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \ + defined(MBEDTLS_CERTS_C) + mbedtls_x509_crt_init(&cacert); + if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; + } #endif alpn_list[0] = "HTTP"; @@ -69,104 +72,128 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { //Avoid warnings if compile options imply no options (void) options; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if (options & 2) { - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); } #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) if (options & 4) { - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); } else #endif { - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); } #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); + mbedtls_ssl_conf_truncated_hmac(&conf, + (options & + 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); + mbedtls_ssl_conf_extended_master_secret(&conf, + (options & + 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); + mbedtls_ssl_conf_encrypt_then_mac(&conf, + (options & + 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); #endif #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); + mbedtls_ssl_conf_cbc_record_splitting(&conf, + (options & + 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED); #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED ); + mbedtls_ssl_conf_renegotiation(&conf, + (options & + 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_conf_session_tickets( &conf, (options & 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED ); + mbedtls_ssl_conf_session_tickets(&conf, + (options & + 0x100) ? MBEDTLS_SSL_SESSION_TICKETS_DISABLED : MBEDTLS_SSL_SESSION_TICKETS_ENABLED); #endif #if defined(MBEDTLS_SSL_ALPN) if (options & 0x200) { - mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ); + mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); } #endif //There may be other options to add : // mbedtls_ssl_conf_cert_profile, mbedtls_ssl_conf_sig_hashes srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) if ((options & 1) == 0) { - if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 ) + if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { goto exit; + } } #endif biomemfuzz.Data = Data; biomemfuzz.Size = Size-2; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsclient.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsclient.c index ff258bcc711..d414bb3b051 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsclient.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsclient.c @@ -25,7 +25,8 @@ const char *pers = "fuzz_dtlsclient"; -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_ENTROPY_C) && \ @@ -42,78 +43,92 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { fuzzBufferOffset_t biomemfuzz; if (initialized == 0) { -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - if (mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \ + defined(MBEDTLS_CERTS_C) + mbedtls_x509_crt_init(&cacert); + if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; + } #endif dummy_init(); initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ srand(1); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); #endif - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - if( mbedtls_ssl_set_hostname( &ssl, "localhost" ) != 0 ) + if (mbedtls_ssl_set_hostname(&ssl, "localhost") != 0) { goto exit; + } #endif biomemfuzz.Data = Data; biomemfuzz.Size = Size; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsserver.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsserver.c index 4cde1fe6c76..df4087a1558 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsserver.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_dtlsserver.c @@ -10,13 +10,14 @@ #include "mbedtls/timing.h" #include "mbedtls/ssl_cookie.h" - #if defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_TIMING_C) + defined(MBEDTLS_TIMING_C) && \ + (defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))) const char *pers = "fuzz_dtlsserver"; -const unsigned char client_ip[4] = {0x7F, 0, 0, 1}; +const unsigned char client_ip[4] = { 0x7F, 0, 0, 1 }; static int initialized = 0; #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) static mbedtls_x509_crt srvcert; @@ -25,12 +26,15 @@ static mbedtls_pk_context pkey; #endif #endif // MBEDTLS_SSL_PROTO_DTLS -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_TIMING_C) + defined(MBEDTLS_TIMING_C) && \ + (defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384))) int ret; size_t len; mbedtls_ssl_context ssl; @@ -43,102 +47,128 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { fuzzBufferOffset_t biomemfuzz; if (initialized == 0) { -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ) != 0) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \ + defined(MBEDTLS_CERTS_C) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len) != 0) { return 1; - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + } + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; - if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + } + if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0) != 0) { return 1; + } #endif dummy_init(); initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_ssl_cookie_init( &cookie_ctx ); - - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_ssl_cookie_init(&cookie_ctx); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { + goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 ) + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) { goto exit; + } #endif - if( mbedtls_ssl_cookie_setup( &cookie_ctx, dummy_random, &ctr_drbg ) != 0 ) + if (mbedtls_ssl_cookie_setup(&cookie_ctx, dummy_random, &ctr_drbg) != 0) { goto exit; + } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &cookie_ctx ); + mbedtls_ssl_conf_dtls_cookies(&conf, + mbedtls_ssl_cookie_write, + mbedtls_ssl_cookie_check, + &cookie_ctx); - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); biomemfuzz.Data = Data; biomemfuzz.Size = Size; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); - if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 ) + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); + if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) { goto exit; + } - ret = mbedtls_ssl_handshake( &ssl ); + ret = mbedtls_ssl_handshake(&ssl); if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { biomemfuzz.Offset = ssl.next_record_offset; - mbedtls_ssl_session_reset( &ssl ); - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout ); - if( mbedtls_ssl_set_client_transport_id( &ssl, client_ip, sizeof(client_ip) ) != 0 ) + mbedtls_ssl_session_reset(&ssl); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); + if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) { goto exit; + } - ret = mbedtls_ssl_handshake( &ssl ); + ret = mbedtls_ssl_handshake(&ssl); - if( ret == 0 ) - { + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } } exit: - mbedtls_ssl_cookie_free( &cookie_ctx ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_cookie_free(&cookie_ctx); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pk_free(&pkey); + mbedtls_x509_crt_free(&srvcert); +#endif + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_privkey.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_privkey.c index 6c968fd54cb..d1da5890ac5 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_privkey.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_privkey.c @@ -6,7 +6,8 @@ #define MAX_LEN 0x1000 -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_PK_PARSE_C int ret; mbedtls_pk_context pk; @@ -16,56 +17,65 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { Size = MAX_LEN; } - mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 ); + mbedtls_pk_init(&pk); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0); if (ret == 0) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; mbedtls_rsa_context *rsa; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - rsa = mbedtls_pk_rsa( pk ); - if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != 0 ) { + rsa = mbedtls_pk_rsa(pk); + if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != 0) { abort(); } - if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != 0 ) { + if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != 0) { abort(); } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); - } - else + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_group_id grp_id = ecp->grp.id; const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); /* If the curve is not supported, the key should not have been * accepted. */ - if( curve_info == NULL ) - abort( ); - } - else + if (curve_info == NULL) { + abort(); + } + } else #endif { /* The key is valid but is not of a supported type. * This should not happen. */ - abort( ); + abort(); } } - mbedtls_pk_free( &pk ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_pubkey.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_pubkey.c index 9e8035045e5..daca2b3d503 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_pubkey.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_pubkey.c @@ -2,70 +2,79 @@ #include #include "mbedtls/pk.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_PK_PARSE_C int ret; mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); - ret = mbedtls_pk_parse_public_key( &pk, Data, Size ); + mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ret = mbedtls_pk_parse_public_key(&pk, Data, Size); if (ret == 0) { #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; mbedtls_rsa_context *rsa; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - rsa = mbedtls_pk_rsa( pk ); - if ( mbedtls_rsa_export( rsa, &N, NULL, NULL, NULL, &E ) != 0 ) { + rsa = mbedtls_pk_rsa(pk); + if (mbedtls_rsa_export(rsa, &N, NULL, NULL, NULL, &E) != 0) { abort(); } - if ( mbedtls_rsa_export( rsa, &N, &P, &Q, &D, &E ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) { + if (mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { abort(); } - if ( mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) { + if (mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP) != MBEDTLS_ERR_RSA_BAD_INPUT_DATA) { abort(); } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - } - else + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY_DH ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_group_id grp_id = ecp->grp.id; const mbedtls_ecp_curve_info *curve_info = - mbedtls_ecp_curve_info_from_grp_id( grp_id ); + mbedtls_ecp_curve_info_from_grp_id(grp_id); /* If the curve is not supported, the key should not have been * accepted. */ - if( curve_info == NULL ) - abort( ); + if (curve_info == NULL) { + abort(); + } /* It's a public key, so the private value should not have * been changed from its initialization to 0. */ - if( mbedtls_mpi_cmp_int( &ecp->d, 0 ) != 0 ) - abort( ); - } - else + if (mbedtls_mpi_cmp_int(&ecp->d, 0) != 0) { + abort(); + } + } else #endif { /* The key is valid but is not of a supported type. * This should not happen. */ - abort( ); + abort(); } } - mbedtls_pk_free( &pk ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_pk_free(&pk); #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_server.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_server.c index 014f386efe4..06aeb5e6327 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_server.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_server.c @@ -30,7 +30,8 @@ const char psk_id[] = "Client_identity"; #endif // MBEDTLS_SSL_SRV_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #if defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) @@ -40,7 +41,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { mbedtls_ssl_config conf; mbedtls_ctr_drbg_context ctr_drbg; mbedtls_entropy_context entropy; -#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) mbedtls_ssl_ticket_context ticket_ctx; #endif unsigned char buf[4096]; @@ -54,18 +55,22 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { options = Data[Size - 1]; if (initialized == 0) { -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ) != 0) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \ + defined(MBEDTLS_CERTS_C) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len) != 0) { return 1; - if (mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ) != 0) + } + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len) != 0) { return 1; - if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ) != 0) + } + if (mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0) != 0) { return 1; + } #endif alpn_list[0] = "HTTP"; @@ -76,110 +81,135 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { initialized = 1; } - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_init( &ticket_ctx ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + mbedtls_ssl_ticket_init(&ticket_ctx); #endif - if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { + goto exit; + } - if( mbedtls_ssl_config_defaults( &conf, + + if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto exit; + } srand(1); - mbedtls_ssl_conf_rng( &conf, dummy_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, dummy_random, &ctr_drbg); #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) != 0 ) + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if (mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey) != 0) { goto exit; + } #endif - mbedtls_ssl_conf_cert_req_ca_list( &conf, (options & 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED ); + mbedtls_ssl_conf_cert_req_ca_list(&conf, + (options & + 0x1) ? MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED : MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED); #if defined(MBEDTLS_SSL_ALPN) if (options & 0x2) { - mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ); + mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list); } #endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( options & 0x4 ) - { - if( mbedtls_ssl_ticket_setup( &ticket_ctx, +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + if (options & 0x4) { + if (mbedtls_ssl_ticket_setup(&ticket_ctx, dummy_random, &ctr_drbg, MBEDTLS_CIPHER_AES_256_GCM, - 86400 ) != 0 ) + 86400) != 0) { goto exit; + } - mbedtls_ssl_conf_session_tickets_cb( &conf, + mbedtls_ssl_conf_session_tickets_cb(&conf, mbedtls_ssl_ticket_write, mbedtls_ssl_ticket_parse, - &ticket_ctx ); + &ticket_ctx); } #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); + mbedtls_ssl_conf_truncated_hmac(&conf, + (options & + 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED); #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); + mbedtls_ssl_conf_extended_master_secret(&conf, + (options & + 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED); + mbedtls_ssl_conf_encrypt_then_mac(&conf, + (options & + 0x20) ? MBEDTLS_SSL_ETM_ENABLED : MBEDTLS_SSL_ETM_DISABLED); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if (options & 0x40) { - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); } #endif #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED ); + mbedtls_ssl_conf_renegotiation(&conf, + (options & + 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED); #endif - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { goto exit; + } biomemfuzz.Data = Data; biomemfuzz.Size = Size-1; biomemfuzz.Offset = 0; - mbedtls_ssl_set_bio( &ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, NULL); - mbedtls_ssl_session_reset( &ssl ); - ret = mbedtls_ssl_handshake( &ssl ); - if( ret == 0 ) - { + mbedtls_ssl_session_reset(&ssl); + ret = mbedtls_ssl_handshake(&ssl); + if (ret == 0) { //keep reading data from server until the end - do - { - len = sizeof( buf ) - 1; - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ) { continue; - else if( ret <= 0 ) + } else if (ret <= 0) { //EOF or error break; - } - while( 1 ); + } + } while (1); } exit: -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_free( &ticket_ctx ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + mbedtls_ssl_ticket_free(&ticket_ctx); +#endif + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_ssl_config_free(&conf); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); +#endif + mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); #endif - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_free( &ssl ); - #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crl.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crl.c index 02f521cc8df..1140c3d7d34 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crl.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crl.c @@ -1,18 +1,29 @@ #include #include "mbedtls/x509_crl.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CRL_PARSE_C int ret; mbedtls_x509_crl crl; unsigned char buf[4096]; - mbedtls_x509_crl_init( &crl ); - ret = mbedtls_x509_crl_parse( &crl, Data, Size ); + mbedtls_x509_crl_init(&crl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ret = mbedtls_x509_crl_parse(&crl, Data, Size); if (ret == 0) { - ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); + ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl); } - mbedtls_x509_crl_free( &crl ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_x509_crl_free(&crl); #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crt.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crt.c index 8f593a14147..3593236148a 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crt.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509crt.c @@ -1,18 +1,29 @@ #include #include "mbedtls/x509_crt.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CRT_PARSE_C int ret; mbedtls_x509_crt crt; unsigned char buf[4096]; - mbedtls_x509_crt_init( &crt ); - ret = mbedtls_x509_crt_parse( &crt, Data, Size ); + mbedtls_x509_crt_init(&crt); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ret = mbedtls_x509_crt_parse(&crt, Data, Size); if (ret == 0) { - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", &crt ); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", &crt); } - mbedtls_x509_crt_free( &crt ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_x509_crt_free(&crt); #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509csr.c b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509csr.c index 3cf28a6fa75..0ca9b870b8b 100644 --- a/third_party/mbedtls/repo/programs/fuzz/fuzz_x509csr.c +++ b/third_party/mbedtls/repo/programs/fuzz/fuzz_x509csr.c @@ -1,18 +1,29 @@ #include #include "mbedtls/x509_csr.h" -int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) +{ #ifdef MBEDTLS_X509_CSR_PARSE_C int ret; mbedtls_x509_csr csr; unsigned char buf[4096]; - mbedtls_x509_csr_init( &csr ); - ret = mbedtls_x509_csr_parse( &csr, Data, Size ); + mbedtls_x509_csr_init(&csr); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + ret = mbedtls_x509_csr_parse(&csr, Data, Size); if (ret == 0) { - ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); + ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr); } - mbedtls_x509_csr_free( &csr ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_x509_csr_free(&csr); #else (void) Data; (void) Size; diff --git a/third_party/mbedtls/repo/programs/fuzz/onefile.c b/third_party/mbedtls/repo/programs/fuzz/onefile.c index c8451496386..0d202b18fa7 100644 --- a/third_party/mbedtls/repo/programs/fuzz/onefile.c +++ b/third_party/mbedtls/repo/programs/fuzz/onefile.c @@ -13,48 +13,61 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); -int main(int argc, char** argv) +int main(int argc, char **argv) { - FILE * fp; + FILE *fp; uint8_t *Data; size_t Size; + const char *argv0 = argv[0] == NULL ? "PROGRAM_NAME" : argv[0]; if (argc != 2) { + fprintf(stderr, "Usage: %s REPRODUCER_FILE\n", argv0); return 1; } //opens the file, get its size, and reads it into a buffer fp = fopen(argv[1], "rb"); if (fp == NULL) { + fprintf(stderr, "%s: Error in fopen\n", argv0); + perror(argv[1]); return 2; } if (fseek(fp, 0L, SEEK_END) != 0) { + fprintf(stderr, "%s: Error in fseek(SEEK_END)\n", argv0); + perror(argv[1]); fclose(fp); return 2; } Size = ftell(fp); if (Size == (size_t) -1) { + fprintf(stderr, "%s: Error in ftell\n", argv0); + perror(argv[1]); fclose(fp); return 2; } if (fseek(fp, 0L, SEEK_SET) != 0) { + fprintf(stderr, "%s: Error in fseek(0)\n", argv0); + perror(argv[1]); fclose(fp); return 2; } Data = malloc(Size); if (Data == NULL) { + fprintf(stderr, "%s: Could not allocate memory\n", argv0); + perror(argv[1]); fclose(fp); return 2; } if (fread(Data, Size, 1, fp) != 1) { + fprintf(stderr, "%s: Error in fread\n", argv0); + perror(argv[1]); free(Data); fclose(fp); return 2; } - //lauch fuzzer + //launch fuzzer LLVMFuzzerTestOneInput(Data, Size); free(Data); fclose(fp); return 0; } - diff --git a/third_party/mbedtls/repo/programs/hash/generic_sum.c b/third_party/mbedtls/repo/programs/hash/generic_sum.c index f73e5f83997..033366e5cd0 100644 --- a/third_party/mbedtls/repo/programs/hash/generic_sum.c +++ b/third_party/mbedtls/repo/programs/hash/generic_sum.c @@ -2,19 +2,7 @@ * generic message digest layer demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_MD_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/md.h" @@ -43,43 +21,47 @@ #endif #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -static int generic_wrapper( const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum ) +static int generic_wrapper(const mbedtls_md_info_t *md_info, char *filename, unsigned char *sum) { - int ret = mbedtls_md_file( md_info, filename, sum ); + int ret = mbedtls_md_file(md_info, filename, sum); - if( ret == 1 ) - mbedtls_fprintf( stderr, "failed to open: %s\n", filename ); + if (ret == 1) { + mbedtls_fprintf(stderr, "failed to open: %s\n", filename); + } - if( ret == 2 ) - mbedtls_fprintf( stderr, "failed to read: %s\n", filename ); + if (ret == 2) { + mbedtls_fprintf(stderr, "failed to read: %s\n", filename); + } - return( ret ); + return ret; } -static int generic_print( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_print(const mbedtls_md_info_t *md_info, char *filename) { int i; unsigned char sum[MBEDTLS_MD_MAX_SIZE]; - if( generic_wrapper( md_info, filename, sum ) != 0 ) - return( 1 ); + if (generic_wrapper(md_info, filename, sum) != 0) { + return 1; + } - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) - mbedtls_printf( "%02x", sum[i] ); + for (i = 0; i < mbedtls_md_get_size(md_info); i++) { + mbedtls_printf("%02x", sum[i]); + } - mbedtls_printf( " %s\n", filename ); - return( 0 ); + mbedtls_printf(" %s\n", filename); + return 0; } -static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) +static int generic_check(const mbedtls_md_info_t *md_info, char *filename) { int i; size_t n; @@ -95,146 +77,142 @@ static int generic_check( const mbedtls_md_info_t *md_info, char *filename ) char buf[MBEDTLS_MD_MAX_SIZE * 2 + 1]; #endif - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "failed to open: %s\n", filename ); - return( 1 ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("failed to open: %s\n", filename); + return 1; } nb_err1 = nb_err2 = 0; nb_tot1 = nb_tot2 = 0; - memset( line, 0, sizeof( line ) ); + memset(line, 0, sizeof(line)); - n = sizeof( line ); + n = sizeof(line); - while( fgets( line, (int) n - 1, f ) != NULL ) - { - n = strlen( line ); + while (fgets(line, (int) n - 1, f) != NULL) { + n = strlen(line); - if( n < (size_t) 2 * mbedtls_md_get_size( md_info ) + 4 ) - { - mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info )); + if (n < (size_t) 2 * mbedtls_md_get_size(md_info) + 4) { + mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info)); continue; } - if( line[2 * mbedtls_md_get_size( md_info )] != ' ' || line[2 * mbedtls_md_get_size( md_info ) + 1] != ' ' ) - { - mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name( md_info )); + if (line[2 * mbedtls_md_get_size(md_info)] != ' ' || + line[2 * mbedtls_md_get_size(md_info) + 1] != ' ') { + mbedtls_printf("No '%s' hash found on line.\n", mbedtls_md_get_name(md_info)); continue; } - if( line[n - 1] == '\n' ) { n--; line[n] = '\0'; } - if( line[n - 1] == '\r' ) { n--; line[n] = '\0'; } + if (line[n - 1] == '\n') { + n--; line[n] = '\0'; + } + if (line[n - 1] == '\r') { + n--; line[n] = '\0'; + } nb_tot1++; - if( generic_wrapper( md_info, line + 2 + 2 * mbedtls_md_get_size( md_info ), sum ) != 0 ) - { + if (generic_wrapper(md_info, line + 2 + 2 * mbedtls_md_get_size(md_info), sum) != 0) { nb_err1++; continue; } nb_tot2++; - for( i = 0; i < mbedtls_md_get_size( md_info ); i++ ) - sprintf( buf + i * 2, "%02x", sum[i] ); + for (i = 0; i < mbedtls_md_get_size(md_info); i++) { + sprintf(buf + i * 2, "%02x", sum[i]); + } /* Use constant-time buffer comparison */ diff = 0; - for( i = 0; i < 2 * mbedtls_md_get_size( md_info ); i++ ) + for (i = 0; i < 2 * mbedtls_md_get_size(md_info); i++) { diff |= line[i] ^ buf[i]; + } - if( diff != 0 ) - { + if (diff != 0) { nb_err2++; - mbedtls_fprintf( stderr, "wrong checksum: %s\n", line + 66 ); + mbedtls_fprintf(stderr, "wrong checksum: %s\n", line + 66); } - n = sizeof( line ); + n = sizeof(line); } - if( nb_err1 != 0 ) - { - mbedtls_printf( "WARNING: %d (out of %d) input files could " - "not be read\n", nb_err1, nb_tot1 ); + if (nb_err1 != 0) { + mbedtls_printf("WARNING: %d (out of %d) input files could " + "not be read\n", nb_err1, nb_tot1); } - if( nb_err2 != 0 ) - { - mbedtls_printf( "WARNING: %d (out of %d) computed checksums did " - "not match\n", nb_err2, nb_tot2 ); + if (nb_err2 != 0) { + mbedtls_printf("WARNING: %d (out of %d) computed checksums did " + "not match\n", nb_err2, nb_tot2); } - fclose( f ); + fclose(f); - return( nb_err1 != 0 || nb_err2 != 0 ); + return nb_err1 != 0 || nb_err2 != 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, i; int exit_code = MBEDTLS_EXIT_FAILURE; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; - mbedtls_md_init( &md_ctx ); + mbedtls_md_init(&md_ctx); - if( argc == 1 ) - { + if (argc < 2) { const int *list; - mbedtls_printf( "print mode: generic_sum ...\n" ); - mbedtls_printf( "check mode: generic_sum -c \n" ); + mbedtls_printf("print mode: generic_sum ...\n"); + mbedtls_printf("check mode: generic_sum -c \n"); - mbedtls_printf( "\nAvailable message digests:\n" ); + mbedtls_printf("\nAvailable message digests:\n"); list = mbedtls_md_list(); - while( *list ) - { - md_info = mbedtls_md_info_from_type( *list ); - mbedtls_printf( " %s\n", mbedtls_md_get_name( md_info ) ); + while (*list) { + md_info = mbedtls_md_info_from_type(*list); + mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info)); list++; } #if defined(_WIN32) - mbedtls_printf( "\n Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf("\n Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } /* * Read the MD from the command line */ - md_info = mbedtls_md_info_from_string( argv[1] ); - if( md_info == NULL ) - { - mbedtls_fprintf( stderr, "Message Digest '%s' not found\n", argv[1] ); - mbedtls_exit( exit_code ); + md_info = mbedtls_md_info_from_string(argv[1]); + if (md_info == NULL) { + mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[1]); + mbedtls_exit(exit_code); } - if( mbedtls_md_setup( &md_ctx, md_info, 0 ) ) - { - mbedtls_fprintf( stderr, "Failed to initialize context.\n" ); - mbedtls_exit( exit_code ); + if (mbedtls_md_setup(&md_ctx, md_info, 0)) { + mbedtls_fprintf(stderr, "Failed to initialize context.\n"); + mbedtls_exit(exit_code); } ret = 0; - if( argc == 4 && strcmp( "-c", argv[2] ) == 0 ) - { - ret |= generic_check( md_info, argv[3] ); + if (argc == 4 && strcmp("-c", argv[2]) == 0) { + ret |= generic_check(md_info, argv[3]); goto exit; } - for( i = 2; i < argc; i++ ) - ret |= generic_print( md_info, argv[i] ); + for (i = 2; i < argc; i++) { + ret |= generic_print(md_info, argv[i]); + } - if ( ret == 0 ) + if (ret == 0) { exit_code = MBEDTLS_EXIT_SUCCESS; + } exit: - mbedtls_md_free( &md_ctx ); + mbedtls_md_free(&md_ctx); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/hash/hello.c b/third_party/mbedtls/repo/programs/hash/hello.c index 70bea4206a0..1b286cab54e 100644 --- a/third_party/mbedtls/repo/programs/hash/hello.c +++ b/third_party/mbedtls/repo/programs/hash/hello.c @@ -2,19 +2,7 @@ * Classic "Hello, world" demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,51 +11,44 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if defined(MBEDTLS_MD5_C) #include "mbedtls/md5.h" #endif #if !defined(MBEDTLS_MD5_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD5_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int i, ret; unsigned char digest[16]; char str[] = "Hello, world!"; - mbedtls_printf( "\n MD5('%s') = ", str ); + mbedtls_printf("\n MD5('%s') = ", str); - if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 ) - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if ((ret = mbedtls_md5_ret((unsigned char *) str, 13, digest)) != 0) { + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } - for( i = 0; i < 16; i++ ) - mbedtls_printf( "%02x", digest[i] ); + for (i = 0; i < 16; i++) { + mbedtls_printf("%02x", digest[i]); + } - mbedtls_printf( "\n\n" ); + mbedtls_printf("\n\n"); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); } #endif /* MBEDTLS_MD5_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/dh_client.c b/third_party/mbedtls/repo/programs/pkey/dh_client.c index f6c622608e4..1bf3e516b98 100644 --- a/third_party/mbedtls/repo/programs/pkey/dh_client.c +++ b/third_party/mbedtls/repo/programs/pkey/dh_client.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (client side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ @@ -60,18 +38,18 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { FILE *f; @@ -91,111 +69,102 @@ int main( void ) mbedtls_dhm_context dhm; mbedtls_aes_context aes; - mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&server_fd); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256); + mbedtls_dhm_init(&dhm); + mbedtls_aes_init(&aes); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * 1. Setup the RNG */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator"); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } /* * 2. Read the server's public RSA key */ - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3; - fclose( f ); + fclose(f); /* * 3. Initiate the connection */ - mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, - SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf("\n . Connecting to tcp/%s/%s", SERVER_NAME, + SERVER_PORT); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } /* * 4a. First get the buffer length */ - mbedtls_printf( "\n . Receiving the server's DH parameters" ); - fflush( stdout ); + mbedtls_printf("\n . Receiving the server's DH parameters"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, 2)) != 2) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > sizeof( buf ) ) - { - mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); + n = buflen = (buf[0] << 8) | buf[1]; + if (buflen < 1 || buflen > sizeof(buf)) { + mbedtls_printf(" failed\n ! Got an invalid buffer length\n\n"); goto exit; } /* * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } p = buf, end = buf + buflen; - if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_read_params(&dhm, &p, end)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret); goto exit; } - if( dhm.len < 64 || dhm.len > 512 ) - { - mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); + if (dhm.len < 64 || dhm.len > 512) { + mbedtls_printf(" failed\n ! Invalid DHM modulus size\n\n"); goto exit; } @@ -203,65 +172,60 @@ int main( void ) * 5. Check that the server's RSA signature matches * the SHA-256 hash of (P,G,Ys) */ - mbedtls_printf( "\n . Verifying the server's RSA signature" ); - fflush( stdout ); + mbedtls_printf("\n . Verifying the server's RSA signature"); + fflush(stdout); p += 2; - if( ( n = (size_t) ( end - p ) ) != rsa.len ) - { - mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); + if ((n = (size_t) (end - p)) != rsa.len) { + mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n"); goto exit; } - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + if ((ret = mbedtls_sha1_ret(buf, (int) (p - 2 - buf), hash)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha1_ret returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_MD_SHA256, 0, hash, p)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret); goto exit; } /* * 6. Send our public value: Yc = G ^ Xc mod P */ - mbedtls_printf( "\n . Sending own public value to server" ); - fflush( stdout ); + mbedtls_printf("\n . Sending own public value to server"); + fflush(stdout); n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&server_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } /* * 7. Derive the shared secret: K = Ys ^ Xc mod P */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); + mbedtls_printf("\n . Shared secret: "); + fflush(stdout); - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret); goto exit; } - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); + for (n = 0; n < 16; n++) { + mbedtls_printf("%02x", buf[n]); + } /* * 8. Setup the AES-256 decryption key @@ -271,45 +235,46 @@ int main( void ) * the keying material for the encryption/decryption keys, * IVs and MACs. */ - mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); - fflush( stdout ); + mbedtls_printf("...\n . Receiving and decrypting the ciphertext"); + fflush(stdout); - ret = mbedtls_aes_setkey_dec( &aes, buf, 256 ); - if( ret != 0 ) + ret = mbedtls_aes_setkey_dec(&aes, buf, 256); + if (ret != 0) { goto exit; + } - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&server_fd, buf, 16)) != 16) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); - if( ret != 0 ) + ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, buf, buf); + if (ret != 0) { goto exit; + } buf[16] = '\0'; - mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); + mbedtls_printf("\n . Plaintext is \"%s\"\n\n", (char *) buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_aes_free(&aes); + mbedtls_rsa_free(&rsa); + mbedtls_dhm_free(&dhm); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/third_party/mbedtls/repo/programs/pkey/dh_genprime.c b/third_party/mbedtls/repo/programs/pkey/dh_genprime.c index a481e329166..a4f3f0a97e6 100644 --- a/third_party/mbedtls/repo/programs/pkey/dh_genprime.c +++ b/third_party/mbedtls/repo/programs/pkey/dh_genprime.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (prime generation) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,27 +11,17 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_GENPRIME) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_GENPRIME not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_GENPRIME not defined.\n"); + mbedtls_exit(0); } #else @@ -56,7 +34,7 @@ int main( void ) #define USAGE \ "\n usage: dh_genprime param=<>...\n" \ - "\n acceprable parameters:\n" \ + "\n acceptable parameters:\n" \ " bits=%%d default: 2048\n" #define DFL_BITS 2048 @@ -68,7 +46,7 @@ int main( void ) #define GENERATOR "4" -int main( int argc, char **argv ) +int main(int argc, char **argv) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -81,121 +59,112 @@ int main( int argc, char **argv ) int i; char *p, *q; - mbedtls_mpi_init( &G ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_mpi_init(&G); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "bits" ) == 0 ) - { - nbits = atoi( q ); - if( nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS ) + if (strcmp(p, "bits") == 0) { + nbits = atoi(q); + if (nbits < 0 || nbits > MBEDTLS_MPI_MAX_BITS) { goto usage; - } - else + } + } else { goto usage; + } } - if( ( ret = mbedtls_mpi_read_string( &G, 10, GENERATOR ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_string returned %d\n", ret ); + if ((ret = mbedtls_mpi_read_string(&G, 10, GENERATOR)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_string returned %d\n", ret); goto exit; } - mbedtls_printf( " ! Generating large primes may take minutes!\n" ); + mbedtls_printf(" ! Generating large primes may take minutes!\n"); - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating the modulus, please wait..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating the modulus, please wait..."); + fflush(stdout); /* * This can take a long time... */ - if( ( ret = mbedtls_mpi_gen_prime( &P, nbits, 1, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_gen_prime(&P, nbits, 1, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_gen_prime returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Verifying that Q = (P-1)/2 is prime..."); + fflush(stdout); - if( ( ret = mbedtls_mpi_sub_int( &Q, &P, 1 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_sub_int(&Q, &P, 1)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_sub_int returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_div_int(&Q, NULL, &Q, 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_div_int returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_mpi_is_prime_ext( &Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_is_prime_ext(&Q, 50, mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_is_prime returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the value in dh_prime.txt..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the value in dh_prime.txt..."); + fflush(stdout); - if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create dh_prime.txt\n\n" ); + if ((fout = fopen("dh_prime.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create dh_prime.txt\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_write_file( "P = ", &P, 16, fout ) != 0 ) || - ( ret = mbedtls_mpi_write_file( "G = ", &G, 16, fout ) != 0 ) ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); - fclose( fout ); + if (((ret = mbedtls_mpi_write_file("P = ", &P, 16, fout)) != 0) || + ((ret = mbedtls_mpi_write_file("G = ", &G, 16, fout)) != 0)) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); + fclose(fout); goto exit; } - mbedtls_printf( " ok\n\n" ); - fclose( fout ); + mbedtls_printf(" ok\n\n"); + fclose(fout); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_mpi_free(&G); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C && MBEDTLS_GENPRIME */ diff --git a/third_party/mbedtls/repo/programs/pkey/dh_server.c b/third_party/mbedtls/repo/programs/pkey/dh_server.c index 8f032a3b20f..6ad015a48a3 100644 --- a/third_party/mbedtls/repo/programs/pkey/dh_server.c +++ b/third_party/mbedtls/repo/programs/pkey/dh_server.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (server side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ @@ -60,18 +38,18 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { FILE *f; @@ -93,196 +71,181 @@ int main( void ) mbedtls_mpi N, P, Q, D, E; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256); + mbedtls_dhm_init(&dhm); + mbedtls_aes_init(&aes); + mbedtls_ctr_drbg_init(&ctr_drbg); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); /* * 1. Setup the RNG */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator"); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } /* * 2a. Read the server's private RSA key */ - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } /* * 2b. Get the DHM modulus and generator */ - mbedtls_printf( "\n . Reading DH parameters from dh_prime.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading DH parameters from dh_prime.txt"); + fflush(stdout); - if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open dh_prime.txt\n" \ - " ! Please run dh_genprime first\n\n" ); + if ((f = fopen("dh_prime.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open dh_prime.txt\n" \ + " ! Please run dh_genprime first\n\n"); goto exit; } - if( mbedtls_mpi_read_file( &dhm.P, 16, f ) != 0 || - mbedtls_mpi_read_file( &dhm.G, 16, f ) != 0 ) - { - mbedtls_printf( " failed\n ! Invalid DH parameter file\n\n" ); - fclose( f ); + if (mbedtls_mpi_read_file(&dhm.P, 16, f) != 0 || + mbedtls_mpi_read_file(&dhm.G, 16, f) != 0) { + mbedtls_printf(" failed\n ! Invalid DH parameter file\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); /* * 3. Wait for a client to connect */ - mbedtls_printf( "\n . Waiting for a remote connection" ); - fflush( stdout ); + mbedtls_printf("\n . Waiting for a remote connection"); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } /* * 4. Setup the DH parameters (P,G,Ys) */ - mbedtls_printf( "\n . Sending the server's DH parameters" ); - fflush( stdout ); + mbedtls_printf("\n . Sending the server's DH parameters"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - if( ( ret = mbedtls_dhm_make_params( &dhm, (int) mbedtls_mpi_size( &dhm.P ), buf, &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_make_params(&dhm, (int) mbedtls_mpi_size(&dhm.P), buf, &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_make_params returned %d\n\n", ret); goto exit; } /* * 5. Sign the parameters and send them */ - if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); + if ((ret = mbedtls_sha1_ret(buf, n, hash)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha1_ret returned %d\n\n", ret); goto exit; } - buf[n ] = (unsigned char)( rsa.len >> 8 ); - buf[n + 1] = (unsigned char)( rsa.len ); + buf[n] = (unsigned char) (rsa.len >> 8); + buf[n + 1] = (unsigned char) (rsa.len); - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 0, hash, buf + n + 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + 0, hash, buf + n + 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret); goto exit; } buflen = n + 2 + rsa.len; - buf2[0] = (unsigned char)( buflen >> 8 ); - buf2[1] = (unsigned char)( buflen ); + buf2[0] = (unsigned char) (buflen >> 8); + buf2[1] = (unsigned char) (buflen); - if( ( ret = mbedtls_net_send( &client_fd, buf2, 2 ) ) != 2 || - ( ret = mbedtls_net_send( &client_fd, buf, buflen ) ) != (int) buflen ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&client_fd, buf2, 2)) != 2 || + (ret = mbedtls_net_send(&client_fd, buf, buflen)) != (int) buflen) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } /* * 6. Get the client's public value: Yc = G ^ Xc mod P */ - mbedtls_printf( "\n . Receiving the client's public value" ); - fflush( stdout ); + mbedtls_printf("\n . Receiving the client's public value"); + fflush(stdout); - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); n = dhm.len; - if( ( ret = mbedtls_net_recv( &client_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if ((ret = mbedtls_net_recv(&client_fd, buf, n)) != (int) n) { + mbedtls_printf(" failed\n ! mbedtls_net_recv returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_dhm_read_public( &dhm, buf, dhm.len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_read_public(&dhm, buf, dhm.len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_read_public returned %d\n\n", ret); goto exit; } /* * 7. Derive the shared secret: K = Ys ^ Xc mod P */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); + mbedtls_printf("\n . Shared secret: "); + fflush(stdout); - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); + if ((ret = mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &n, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret); goto exit; } - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); + for (n = 0; n < 16; n++) { + mbedtls_printf("%02x", buf[n]); + } /* * 8. Setup the AES-256 encryption key @@ -292,47 +255,48 @@ int main( void ) * the keying material for the encryption/decryption keys * and MACs. */ - mbedtls_printf( "...\n . Encrypting and sending the ciphertext" ); - fflush( stdout ); + mbedtls_printf("...\n . Encrypting and sending the ciphertext"); + fflush(stdout); - ret = mbedtls_aes_setkey_enc( &aes, buf, 256 ); - if( ret != 0 ) + ret = mbedtls_aes_setkey_enc(&aes, buf, 256); + if (ret != 0) { goto exit; - memcpy( buf, PLAINTEXT, 16 ); - ret = mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_ENCRYPT, buf, buf ); - if( ret != 0 ) + } + memcpy(buf, PLAINTEXT, 16); + ret = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, buf, buf); + if (ret != 0) { goto exit; + } - if( ( ret = mbedtls_net_send( &client_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); + if ((ret = mbedtls_net_send(&client_fd, buf, 16)) != 16) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); goto exit; } - mbedtls_printf( "\n\n" ); + mbedtls_printf("\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_aes_free(&aes); + mbedtls_rsa_free(&rsa); + mbedtls_dhm_free(&dhm); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && diff --git a/third_party/mbedtls/repo/programs/pkey/ecdh_curve25519.c b/third_party/mbedtls/repo/programs/pkey/ecdh_curve25519.c index 67f136360c5..f79b1659654 100644 --- a/third_party/mbedtls/repo/programs/pkey/ecdh_curve25519.c +++ b/third_party/mbedtls/repo/programs/pkey/ecdh_curve25519.c @@ -2,19 +2,7 @@ * Example ECDHE with Curve25519 program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,27 +11,18 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) || \ + +#if !defined(MBEDTLS_ECDH_C) || \ !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_ECDH_C and/or MBEDTLS_ECDH_LEGACY_CONTEXT and/or " - "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " - "not defined\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_ECDH_C and/or " + "MBEDTLS_ECP_DP_CURVE25519_ENABLED and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " + "not defined\n"); + mbedtls_exit(0); } #else @@ -51,192 +30,169 @@ int main( void ) #include "mbedtls/ctr_drbg.h" #include "mbedtls/ecdh.h" +#include + -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_ecdh_context ctx_cli, ctx_srv; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; - unsigned char cli_to_srv[32], srv_to_cli[32]; + unsigned char cli_to_srv[36], srv_to_cli[33]; const char pers[] = "ecdh"; + + size_t srv_olen; + size_t cli_olen; + unsigned char secret_cli[32] = { 0 }; + unsigned char secret_srv[32] = { 0 }; + const unsigned char *p_cli_to_srv = cli_to_srv; + ((void) argc); ((void) argv); - mbedtls_ecdh_init( &ctx_cli ); - mbedtls_ecdh_init( &ctx_srv ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ecdh_init(&ctx_cli); + mbedtls_ecdh_init(&ctx_srv); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * Initialize random number generation */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - sizeof pers ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf(" . Seed the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, + (const unsigned char *) pers, + sizeof(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Client: initialize context and generate keypair */ - mbedtls_printf( " . Setting up client context..." ); - fflush( stdout ); - - ret = mbedtls_ecp_group_load( &ctx_cli.grp, MBEDTLS_ECP_DP_CURVE25519 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret ); - goto exit; - } + mbedtls_printf(" . Set up client context, generate EC key pair..."); + fflush(stdout); - ret = mbedtls_ecdh_gen_public( &ctx_cli.grp, &ctx_cli.d, &ctx_cli.Q, - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret ); + ret = mbedtls_ecdh_setup(&ctx_cli, MBEDTLS_ECP_DP_CURVE25519); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_setup returned %d\n", ret); goto exit; } - ret = mbedtls_mpi_write_binary( &ctx_cli.Q.X, cli_to_srv, 32 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret ); + ret = mbedtls_ecdh_make_params(&ctx_cli, &cli_olen, cli_to_srv, + sizeof(cli_to_srv), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_make_params returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Server: initialize context and generate keypair */ - mbedtls_printf( " . Setting up server context..." ); - fflush( stdout ); - - ret = mbedtls_ecp_group_load( &ctx_srv.grp, MBEDTLS_ECP_DP_CURVE25519 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_group_load returned %d\n", ret ); - goto exit; - } - - ret = mbedtls_ecdh_gen_public( &ctx_srv.grp, &ctx_srv.d, &ctx_srv.Q, - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_gen_public returned %d\n", ret ); + mbedtls_printf(" . Server: read params, generate public key..."); + fflush(stdout); + + ret = mbedtls_ecdh_read_params(&ctx_srv, &p_cli_to_srv, + p_cli_to_srv + sizeof(cli_to_srv)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_read_params returned %d\n", + ret); goto exit; } - ret = mbedtls_mpi_write_binary( &ctx_srv.Q.X, srv_to_cli, 32 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_binary returned %d\n", ret ); + ret = mbedtls_ecdh_make_public(&ctx_srv, &srv_olen, srv_to_cli, + sizeof(srv_to_cli), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_make_public returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* - * Server: read peer's key and generate shared secret + * Client: read public key */ - mbedtls_printf( " . Server reading client key and computing secret..." ); - fflush( stdout ); - - ret = mbedtls_mpi_lset( &ctx_srv.Qp.Z, 1 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret ); + mbedtls_printf(" . Client: read public key..."); + fflush(stdout); + + ret = mbedtls_ecdh_read_public(&ctx_cli, srv_to_cli, + sizeof(srv_to_cli)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_read_public returned %d\n", + ret); goto exit; } - ret = mbedtls_mpi_read_binary( &ctx_srv.Qp.X, cli_to_srv, 32 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret ); - goto exit; - } - - ret = mbedtls_ecdh_compute_shared( &ctx_srv.grp, &ctx_srv.z, - &ctx_srv.Qp, &ctx_srv.d, - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret ); - goto exit; - } - - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* - * Client: read peer's key and generate shared secret + * Calculate secrets */ - mbedtls_printf( " . Client reading server key and computing secret..." ); - fflush( stdout ); - - ret = mbedtls_mpi_lset( &ctx_cli.Qp.Z, 1 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_lset returned %d\n", ret ); - goto exit; - } - - ret = mbedtls_mpi_read_binary( &ctx_cli.Qp.X, srv_to_cli, 32 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_binary returned %d\n", ret ); + mbedtls_printf(" . Calculate secrets..."); + fflush(stdout); + + ret = mbedtls_ecdh_calc_secret(&ctx_cli, &cli_olen, secret_cli, + sizeof(secret_cli), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n", + ret); goto exit; } - ret = mbedtls_ecdh_compute_shared( &ctx_cli.grp, &ctx_cli.z, - &ctx_cli.Qp, &ctx_cli.d, - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret ); + ret = mbedtls_ecdh_calc_secret(&ctx_srv, &srv_olen, secret_srv, + sizeof(secret_srv), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdh_calc_secret returned %d\n", + ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * Verification: are the computed secrets equal? */ - mbedtls_printf( " . Checking if both computed secrets are equal..." ); - fflush( stdout ); + mbedtls_printf(" . Check if both calculated secrets are equal..."); + fflush(stdout); - ret = mbedtls_mpi_cmp_mpi( &ctx_cli.z, &ctx_srv.z ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdh_compute_shared returned %d\n", ret ); + ret = memcmp(secret_srv, secret_cli, srv_olen); + if (ret != 0 || (cli_olen != srv_olen)) { + mbedtls_printf(" failed\n ! Shared secrets not equal.\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_ecdh_free( &ctx_srv ); - mbedtls_ecdh_free( &ctx_cli ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ecdh_free(&ctx_srv); + mbedtls_ecdh_free(&ctx_cli); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ECDH_C && MBEDTLS_ECP_DP_CURVE25519_ENABLED && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/ecdsa.c b/third_party/mbedtls/repo/programs/pkey/ecdsa.c index 1bbf8268c43..24d79fca8e7 100644 --- a/third_party/mbedtls/repo/programs/pkey/ecdsa.c +++ b/third_party/mbedtls/repo/programs/pkey/ecdsa.c @@ -2,19 +2,7 @@ * Example ECDSA program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_ECDSA_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) @@ -60,46 +39,46 @@ #if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n"); + mbedtls_exit(0); } #else #if defined(VERBOSE) -static void dump_buf( const char *title, unsigned char *buf, size_t len ) +static void dump_buf(const char *title, unsigned char *buf, size_t len) { size_t i; - mbedtls_printf( "%s", title ); - for( i = 0; i < len; i++ ) + mbedtls_printf("%s", title); + for (i = 0; i < len; i++) { mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16], - "0123456789ABCDEF" [buf[i] % 16] ); - mbedtls_printf( "\n" ); + "0123456789ABCDEF" [buf[i] % 16]); + } + mbedtls_printf("\n"); } -static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key ) +static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key) { unsigned char buf[300]; size_t len; - if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 ) - { + if (mbedtls_ecp_point_write_binary(&key->grp, &key->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof(buf)) != 0) { mbedtls_printf("internal error\n"); return; } - dump_buf( title, buf, len ); + dump_buf(title, buf, len); } #else -#define dump_buf( a, b, c ) -#define dump_pubkey( a, b ) +#define dump_buf(a, b, c) +#define dump_pubkey(a, b) #endif -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -113,19 +92,18 @@ int main( int argc, char *argv[] ) const char *pers = "ecdsa"; ((void) argv); - mbedtls_ecdsa_init( &ctx_sign ); - mbedtls_ecdsa_init( &ctx_verify ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ecdsa_init(&ctx_sign); + mbedtls_ecdsa_init(&ctx_verify); + mbedtls_ctr_drbg_init(&ctr_drbg); - memset( sig, 0, sizeof( sig ) ); - memset( message, 0x25, sizeof( message ) ); + memset(sig, 0, sizeof(sig)); + memset(message, 0x25, sizeof(message)); - if( argc != 1 ) - { - mbedtls_printf( "usage: ecdsa\n" ); + if (argc != 1) { + mbedtls_printf("usage: ecdsa\n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; @@ -134,65 +112,61 @@ int main( int argc, char *argv[] ) /* * Generate a key pair for signing */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating key pair..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating key pair..."); + fflush(stdout); - if( ( ret = mbedtls_ecdsa_genkey( &ctx_sign, ECPARAMS, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret ); + if ((ret = mbedtls_ecdsa_genkey(&ctx_sign, ECPARAMS, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret); goto exit; } - mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits ); + mbedtls_printf(" ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits); - dump_pubkey( " + Public key: ", &ctx_sign ); + dump_pubkey(" + Public key: ", &ctx_sign); /* * Compute message hash */ - mbedtls_printf( " . Computing message hash..." ); - fflush( stdout ); + mbedtls_printf(" . Computing message hash..."); + fflush(stdout); - if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret ); + if ((ret = mbedtls_sha256_ret(message, sizeof(message), hash, 0)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_sha256_ret returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - dump_buf( " + Hash: ", hash, sizeof( hash ) ); + dump_buf(" + Hash: ", hash, sizeof(hash)); /* * Sign message hash */ - mbedtls_printf( " . Signing message hash..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret ); + mbedtls_printf(" . Signing message hash..."); + fflush(stdout); + + if ((ret = mbedtls_ecdsa_write_signature(&ctx_sign, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret); goto exit; } - mbedtls_printf( " ok (signature length = %u)\n", (unsigned int) sig_len ); + mbedtls_printf(" ok (signature length = %u)\n", (unsigned int) sig_len); - dump_buf( " + Signature: ", sig, sig_len ); + dump_buf(" + Signature: ", sig, sig_len); /* * Transfer public information to verifying context @@ -201,52 +175,49 @@ int main( int argc, char *argv[] ) * chose to use a new one in order to make it clear that the verifying * context only needs the public key (Q), and not the private key (d). */ - mbedtls_printf( " . Preparing verification context..." ); - fflush( stdout ); + mbedtls_printf(" . Preparing verification context..."); + fflush(stdout); - if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret ); + if ((ret = mbedtls_ecp_group_copy(&ctx_verify.grp, &ctx_sign.grp)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_group_copy returned %d\n", ret); goto exit; } - if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret ); + if ((ret = mbedtls_ecp_copy(&ctx_verify.Q, &ctx_sign.Q)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_copy returned %d\n", ret); goto exit; } /* * Verify signature */ - mbedtls_printf( " ok\n . Verifying signature..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ecdsa_read_signature( &ctx_verify, - hash, sizeof( hash ), - sig, sig_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret ); + mbedtls_printf(" ok\n . Verifying signature..."); + fflush(stdout); + + if ((ret = mbedtls_ecdsa_read_signature(&ctx_verify, + hash, sizeof(hash), + sig, sig_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_ecdsa_free( &ctx_verify ); - mbedtls_ecdsa_free( &ctx_sign ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ecdsa_free(&ctx_verify); + mbedtls_ecdsa_free(&ctx_sign); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && ECPARAMS */ diff --git a/third_party/mbedtls/repo/programs/pkey/gen_key.c b/third_party/mbedtls/repo/programs/pkey/gen_key.c index 63cc11ed5b9..8ad26276673 100644 --- a/third_party/mbedtls/repo/programs/pkey/gen_key.c +++ b/third_party/mbedtls/repo/programs/pkey/gen_key.c @@ -2,19 +2,7 @@ * Key generation application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) @@ -53,8 +32,8 @@ #define DEV_RANDOM_THRESHOLD 32 -int dev_random_entropy_poll( void *data, unsigned char *output, - size_t len, size_t *olen ) +int dev_random_entropy_poll(void *data, unsigned char *output, + size_t len, size_t *olen) { FILE *file; size_t ret, left = len; @@ -63,28 +42,27 @@ int dev_random_entropy_poll( void *data, unsigned char *output, *olen = 0; - file = fopen( "/dev/random", "rb" ); - if( file == NULL ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + file = fopen("/dev/random", "rb"); + if (file == NULL) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - while( left > 0 ) - { + while (left > 0) { /* /dev/random can return much less than requested. If so, try again */ - ret = fread( p, 1, left, file ); - if( ret == 0 && ferror( file ) ) - { - fclose( file ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + ret = fread(p, 1, left, file); + if (ret == 0 && ferror(file)) { + fclose(file); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } p += ret; left -= ret; - sleep( 1 ); + sleep(1); } - fclose( file ); + fclose(file); *olen = len; - return( 0 ); + return 0; } #endif /* !_WIN32 */ #endif @@ -125,13 +103,13 @@ int dev_random_entropy_poll( void *data, unsigned char *output, #if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_PEM_WRITE_C" - "not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_PEM_WRITE_C" + "not defined.\n"); + mbedtls_exit(0); } #else @@ -139,8 +117,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int type; /* the type of key to generate */ int rsa_keysize; /* length of key in bits */ int ec_curve; /* curve identifier for EC keys */ @@ -149,7 +126,7 @@ struct options int use_dev_random; /* use /dev/random as entropy source */ } opt; -static int write_private_key( mbedtls_pk_context *key, const char *output_file ) +static int write_private_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -158,37 +135,36 @@ static int write_private_key( mbedtls_pk_context *key, const char *output_file ) size_t len = 0; memset(output_buf, 0, 16000); - if( opt.format == FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.format == FORMAT_PEM) { + if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else - { - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + len = strlen((char *) output_buf); + } else { + if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "wb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "wb")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -208,24 +184,33 @@ int main( int argc, char *argv[] ) * Set to sane values */ - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - mbedtls_pk_init( &key ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_pk_init(&key); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(buf, 0, sizeof(buf)); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { +usage: + mbedtls_printf(USAGE); #if defined(MBEDTLS_ECP_C) - mbedtls_printf( " available ec_curve values:\n" ); + mbedtls_printf(" available ec_curve values:\n"); curve_info = mbedtls_ecp_curve_list(); - mbedtls_printf( " %s (default)\n", curve_info->name ); - while( ( ++curve_info )->name != NULL ) - mbedtls_printf( " %s\n", curve_info->name ); + mbedtls_printf(" %s (default)\n", curve_info->name); + while ((++curve_info)->name != NULL) { + mbedtls_printf(" %s\n", curve_info->name); + } #endif /* MBEDTLS_ECP_C */ goto exit; } @@ -237,214 +222,202 @@ int main( int argc, char *argv[] ) opt.format = DFL_FORMAT; opt.use_dev_random = DFL_USE_DEV_RANDOM; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "type" ) == 0 ) - { - if( strcmp( q, "rsa" ) == 0 ) + if (strcmp(p, "type") == 0) { + if (strcmp(q, "rsa") == 0) { opt.type = MBEDTLS_PK_RSA; - else if( strcmp( q, "ec" ) == 0 ) + } else if (strcmp(q, "ec") == 0) { opt.type = MBEDTLS_PK_ECKEY; - else + } else { goto usage; - } - else if( strcmp( p, "format" ) == 0 ) - { - if( strcmp( q, "pem" ) == 0 ) + } + } else if (strcmp(p, "format") == 0) { + if (strcmp(q, "pem") == 0) { opt.format = FORMAT_PEM; - else if( strcmp( q, "der" ) == 0 ) + } else if (strcmp(q, "der") == 0) { opt.format = FORMAT_DER; - else + } else { goto usage; - } - else if( strcmp( p, "rsa_keysize" ) == 0 ) - { - opt.rsa_keysize = atoi( q ); - if( opt.rsa_keysize < 1024 || - opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS ) + } + } else if (strcmp(p, "rsa_keysize") == 0) { + opt.rsa_keysize = atoi(q); + if (opt.rsa_keysize < 1024 || + opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS) { goto usage; + } } #if defined(MBEDTLS_ECP_C) - else if( strcmp( p, "ec_curve" ) == 0 ) - { - if( ( curve_info = mbedtls_ecp_curve_info_from_name( q ) ) == NULL ) + else if (strcmp(p, "ec_curve") == 0) { + if ((curve_info = mbedtls_ecp_curve_info_from_name(q)) == NULL) { goto usage; + } opt.ec_curve = curve_info->grp_id; } #endif - else if( strcmp( p, "filename" ) == 0 ) + else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "use_dev_random" ) == 0 ) - { - opt.use_dev_random = atoi( q ); - if( opt.use_dev_random < 0 || opt.use_dev_random > 1 ) + } else if (strcmp(p, "use_dev_random") == 0) { + opt.use_dev_random = atoi(q); + if (opt.use_dev_random < 0 || opt.use_dev_random > 1) { goto usage; - } - else + } + } else { goto usage; + } } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); #if !defined(_WIN32) && defined(MBEDTLS_FS_IO) - if( opt.use_dev_random ) - { - if( ( ret = mbedtls_entropy_add_source( &entropy, dev_random_entropy_poll, - NULL, DEV_RANDOM_THRESHOLD, - MBEDTLS_ENTROPY_SOURCE_STRONG ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", (unsigned int) -ret ); + if (opt.use_dev_random) { + if ((ret = mbedtls_entropy_add_source(&entropy, dev_random_entropy_poll, + NULL, DEV_RANDOM_THRESHOLD, + MBEDTLS_ENTROPY_SOURCE_STRONG)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_entropy_add_source returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf("\n Using /dev/random, so can take a long time! " ); - fflush( stdout ); + mbedtls_printf("\n Using /dev/random, so can take a long time! "); + fflush(stdout); } #endif /* !_WIN32 && MBEDTLS_FS_IO */ - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * 1.1. Generate the key */ - mbedtls_printf( "\n . Generating the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Generating the private key ..."); + fflush(stdout); - if( ( ret = mbedtls_pk_setup( &key, - mbedtls_pk_info_from_type( (mbedtls_pk_type_t) opt.type ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret ); + if ((ret = mbedtls_pk_setup(&key, + mbedtls_pk_info_from_type((mbedtls_pk_type_t) opt.type))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( opt.type == MBEDTLS_PK_RSA ) - { - ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg, - opt.rsa_keysize, 65537 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned -0x%04x", (unsigned int) -ret ); + if (opt.type == MBEDTLS_PK_RSA) { + ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(key), mbedtls_ctr_drbg_random, &ctr_drbg, + opt.rsa_keysize, 65537); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - } - else + } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - if( opt.type == MBEDTLS_PK_ECKEY ) - { - ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) opt.ec_curve, - mbedtls_pk_ec( key ), - mbedtls_ctr_drbg_random, &ctr_drbg ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ecp_gen_key returned -0x%04x", (unsigned int) -ret ); + if (opt.type == MBEDTLS_PK_ECKEY) { + ret = mbedtls_ecp_gen_key((mbedtls_ecp_group_id) opt.ec_curve, + mbedtls_pk_ec(key), + mbedtls_ctr_drbg_random, &ctr_drbg); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_gen_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - } - else + } else #endif /* MBEDTLS_ECP_C */ { - mbedtls_printf( " failed\n ! key type not supported\n" ); + mbedtls_printf(" failed\n ! key type not supported\n"); goto exit; } /* * 1.2 Print the key */ - mbedtls_printf( " ok\n . Key information:\n" ); + mbedtls_printf(" ok\n . Key information:\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &D, 16, NULL ); - mbedtls_mpi_write_file( "P: ", &P, 16, NULL ); - mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ); - mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ); - mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ); - mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + mbedtls_mpi_write_file("P: ", &P, 16, NULL); + mbedtls_mpi_write_file("Q: ", &Q, 16, NULL); + mbedtls_mpi_write_file("DP: ", &DP, 16, NULL); + mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL); + mbedtls_mpi_write_file("QP: ", &QP, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_printf( "curve: %s\n", - mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name ); - mbedtls_mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &ecp->d , 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_printf("curve: %s\n", + mbedtls_ecp_curve_info_from_grp_id(ecp->grp.id)->name); + mbedtls_mpi_write_file("X_Q: ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Y_Q: ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("D: ", &ecp->d, 16, NULL); + } else #endif - mbedtls_printf(" ! key type not supported\n"); + mbedtls_printf(" ! key type not supported\n"); /* * 1.3 Export key */ - mbedtls_printf( " . Writing key to file..." ); + mbedtls_printf(" . Writing key to file..."); - if( ( ret = write_private_key( &key, opt.filename ) ) != 0 ) - { - mbedtls_printf( " failed\n" ); + if ((ret = write_private_key(&key, opt.filename)) != 0) { + mbedtls_printf(" failed\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - mbedtls_pk_free( &key ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&key); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO && * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/key_app.c b/third_party/mbedtls/repo/programs/pkey/key_app.c index 7f39e5ce37e..ac1b59442e1 100644 --- a/third_party/mbedtls/repo/programs/pkey/key_app.c +++ b/third_party/mbedtls/repo/programs/pkey/key_app.c @@ -2,19 +2,7 @@ * Key reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && \ defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) @@ -64,11 +43,11 @@ #if !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -76,15 +55,14 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the key file */ const char *password; /* password for the private key */ const char *password_file; /* password_file for the private key */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -98,17 +76,25 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_pk_init( &pk ); - memset( buf, 0, sizeof(buf) ); + mbedtls_pk_init(&pk); + memset(buf, 0, sizeof(buf)); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto cleanup; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto cleanup; } @@ -117,198 +103,187 @@ int main( int argc, char *argv[] ) opt.password = DFL_PASSWORD; opt.password_file = DFL_PASSWORD_FILE; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "private") == 0) { opt.mode = MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.mode = MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "password" ) == 0 ) + } else if (strcmp(p, "password") == 0) { opt.password = q; - else if( strcmp( p, "password_file" ) == 0 ) + } else if (strcmp(p, "password_file") == 0) { opt.password_file = q; - else + } else { goto usage; + } } - if( opt.mode == MODE_PRIVATE ) - { - if( strlen( opt.password ) && strlen( opt.password_file ) ) - { - mbedtls_printf( "Error: cannot have both password and password_file\n" ); + if (opt.mode == MODE_PRIVATE) { + if (strlen(opt.password) && strlen(opt.password_file)) { + mbedtls_printf("Error: cannot have both password and password_file\n"); goto usage; } - if( strlen( opt.password_file ) ) - { + if (strlen(opt.password_file)) { FILE *f; - mbedtls_printf( "\n . Loading the password file ..." ); - if( ( f = fopen( opt.password_file, "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! fopen returned NULL\n" ); + mbedtls_printf("\n . Loading the password file ..."); + if ((f = fopen(opt.password_file, "rb")) == NULL) { + mbedtls_printf(" failed\n ! fopen returned NULL\n"); goto cleanup; } - if( fgets( buf, sizeof(buf), f ) == NULL ) - { - fclose( f ); - mbedtls_printf( "Error: fgets() failed to retrieve password\n" ); + if (fgets(buf, sizeof(buf), f) == NULL) { + fclose(f); + mbedtls_printf("Error: fgets() failed to retrieve password\n"); goto cleanup; } - fclose( f ); + fclose(f); - i = (int) strlen( buf ); - if( buf[i - 1] == '\n' ) buf[i - 1] = '\0'; - if( buf[i - 2] == '\r' ) buf[i - 2] = '\0'; + i = (int) strlen(buf); + if (buf[i - 1] == '\n') { + buf[i - 1] = '\0'; + } + if (buf[i - 2] == '\r') { + buf[i - 2] = '\0'; + } opt.password = buf; } /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile(&pk, opt.filename, opt.password); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto cleanup; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D: ", &D, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "P: ", &P, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D: ", &D, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("P: ", &P, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q: ", &Q, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DP: ", &DP, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("QP: ", &QP, 16, NULL)); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ) ); - } - else + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D : ", &ecp->d, 16, NULL)); + } else #endif { - mbedtls_printf("Do not know how to print key information for this type\n" ); + mbedtls_printf("Do not know how to print key information for this type\n"); goto cleanup; } - } - else if( opt.mode == MODE_PUBLIC ) - { + } else if (opt.mode == MODE_PUBLIC) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the public key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the public key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_public_keyfile( &pk, opt.filename ); + ret = mbedtls_pk_parse_public_keyfile(&pk, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto cleanup; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk ); + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); - if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL, - NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL, + NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto cleanup; } - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) ); - } - else + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("N: ", &N, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("E: ", &E, 16, NULL)); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) ); - } - else + if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL)); + } else #endif { - mbedtls_printf("Do not know how to print key information for this type\n" ); + mbedtls_printf("Do not know how to print key information for this type\n"); goto cleanup; } - } - else + } else { goto usage; + } exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif - mbedtls_pk_free( &pk ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/key_app_writer.c b/third_party/mbedtls/repo/programs/pkey/key_app_writer.c index 0d531ea5ad4..2f2b32c51e4 100644 --- a/third_party/mbedtls/repo/programs/pkey/key_app_writer.c +++ b/third_party/mbedtls/repo/programs/pkey/key_app_writer.c @@ -2,19 +2,7 @@ * Key writing application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/error.h" @@ -89,10 +68,11 @@ #if !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_PK_WRITE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf( + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -100,8 +80,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the key file */ int output_mode; /* the output mode to use */ @@ -109,7 +88,7 @@ struct options int output_format; /* the output format to use */ } opt; -static int write_public_key( mbedtls_pk_context *key, const char *output_file ) +static int write_public_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -120,38 +99,38 @@ static int write_public_key( mbedtls_pk_context *key, const char *output_file ) memset(output_buf, 0, 16000); #if defined(MBEDTLS_PEM_WRITE_C) - if( opt.output_format == OUTPUT_FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_pubkey_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.output_format == OUTPUT_FORMAT_PEM) { + if ((ret = mbedtls_pk_write_pubkey_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else + len = strlen((char *) output_buf); + } else #endif { - if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -static int write_private_key( mbedtls_pk_context *key, const char *output_file ) +static int write_private_key(mbedtls_pk_context *key, const char *output_file) { int ret; FILE *f; @@ -162,38 +141,38 @@ static int write_private_key( mbedtls_pk_context *key, const char *output_file ) memset(output_buf, 0, 16000); #if defined(MBEDTLS_PEM_WRITE_C) - if( opt.output_format == OUTPUT_FORMAT_PEM ) - { - if( ( ret = mbedtls_pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) - return( ret ); + if (opt.output_format == OUTPUT_FORMAT_PEM) { + if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) { + return ret; + } - len = strlen( (char *) output_buf ); - } - else + len = strlen((char *) output_buf); + } else #endif { - if( ( ret = mbedtls_pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) - return( ret ); + if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) { + return ret; + } len = ret; c = output_buf + sizeof(output_buf) - len; } - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( c, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(c, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -209,19 +188,27 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_pk_init( &key ); + mbedtls_pk_init(&key); #if defined(MBEDTLS_ERROR_C) - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); #endif - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); + + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -231,211 +218,194 @@ int main( int argc, char *argv[] ) opt.output_file = DFL_OUTPUT_FILENAME; opt.output_format = DFL_OUTPUT_FORMAT; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "private") == 0) { opt.mode = MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.mode = MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "output_mode" ) == 0 ) - { - if( strcmp( q, "private" ) == 0 ) + } + } else if (strcmp(p, "output_mode") == 0) { + if (strcmp(q, "private") == 0) { opt.output_mode = OUTPUT_MODE_PRIVATE; - else if( strcmp( q, "public" ) == 0 ) + } else if (strcmp(q, "public") == 0) { opt.output_mode = OUTPUT_MODE_PUBLIC; - else + } else { goto usage; - } - else if( strcmp( p, "output_format" ) == 0 ) - { + } + } else if (strcmp(p, "output_format") == 0) { #if defined(MBEDTLS_PEM_WRITE_C) - if( strcmp( q, "pem" ) == 0 ) + if (strcmp(q, "pem") == 0) { opt.output_format = OUTPUT_FORMAT_PEM; - else + } else #endif - if( strcmp( q, "der" ) == 0 ) + if (strcmp(q, "der") == 0) { opt.output_format = OUTPUT_FORMAT_DER; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else + } else { goto usage; + } } - if( opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE ) - { - mbedtls_printf( "\nCannot output a key without reading one.\n"); + if (opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE) { + mbedtls_printf("\nCannot output a key without reading one.\n"); goto exit; } - if( opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE ) - { - mbedtls_printf( "\nCannot output a private key from a public key.\n"); + if (opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE) { + mbedtls_printf("\nCannot output a private key from a public key.\n"); goto exit; } - if( opt.mode == MODE_PRIVATE ) - { + if (opt.mode == MODE_PRIVATE) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL ); + ret = mbedtls_pk_parse_keyfile(&key, opt.filename, NULL); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); - - if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); + + if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - mbedtls_mpi_write_file( "D: ", &D, 16, NULL ); - mbedtls_mpi_write_file( "P: ", &P, 16, NULL ); - mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ); - mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ); - mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ); - mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + mbedtls_mpi_write_file("P: ", &P, 16, NULL); + mbedtls_mpi_write_file("Q: ", &Q, 16, NULL); + mbedtls_mpi_write_file("DP: ", &DP, 16, NULL); + mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL); + mbedtls_mpi_write_file("QP: ", &QP, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); - mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL); + mbedtls_mpi_write_file("D : ", &ecp->d, 16, NULL); + } else #endif - mbedtls_printf("key type not supported yet\n"); + mbedtls_printf("key type not supported yet\n"); - } - else if( opt.mode == MODE_PUBLIC ) - { + } else if (opt.mode == MODE_PUBLIC) { /* * 1.1. Load the key */ - mbedtls_printf( "\n . Loading the public key ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the public key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_public_keyfile( &key, opt.filename ); + ret = mbedtls_pk_parse_public_keyfile(&key, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_key returned -0x%04x", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_key returned -0x%04x", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the key */ - mbedtls_printf( " . Key information ...\n" ); + mbedtls_printf(" . Key information ...\n"); #if defined(MBEDTLS_RSA_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA ) - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key ); - - if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL, - NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key); + + if ((ret = mbedtls_rsa_export(rsa, &N, NULL, NULL, + NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - mbedtls_mpi_write_file( "N: ", &N, 16, NULL ); - mbedtls_mpi_write_file( "E: ", &E, 16, NULL ); - } - else + mbedtls_mpi_write_file("N: ", &N, 16, NULL); + mbedtls_mpi_write_file("E: ", &E, 16, NULL); + } else #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY ) - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key ); - mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); - mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); - mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); - } - else + if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); + mbedtls_mpi_write_file("Q(X): ", &ecp->Q.X, 16, NULL); + mbedtls_mpi_write_file("Q(Y): ", &ecp->Q.Y, 16, NULL); + mbedtls_mpi_write_file("Q(Z): ", &ecp->Q.Z, 16, NULL); + } else #endif - mbedtls_printf("key type not supported yet\n"); - } - else + mbedtls_printf("key type not supported yet\n"); + } else { goto usage; + } - if( opt.output_mode == OUTPUT_MODE_PUBLIC ) - { - write_public_key( &key, opt.output_file ); + if (opt.output_mode == OUTPUT_MODE_PUBLIC) { + write_public_key(&key, opt.output_file); } - if( opt.output_mode == OUTPUT_MODE_PRIVATE ) - { - write_private_key( &key, opt.output_file ); + if (opt.output_mode == OUTPUT_MODE_PRIVATE) { + write_private_key(&key, opt.output_file); } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); - mbedtls_pk_free( &key ); + mbedtls_pk_free(&key); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/mpi_demo.c b/third_party/mbedtls/repo/programs/pkey/mpi_demo.c index 8245d01bc39..ffc4bca4dda 100644 --- a/third_party/mbedtls/repo/programs/pkey/mpi_demo.c +++ b/third_party/mbedtls/repo/programs/pkey/mpi_demo.c @@ -2,19 +2,7 @@ * Simple MPI demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/bignum.h" @@ -41,75 +20,74 @@ #endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_mpi E, P, Q, N, H, D, X, Y, Z; - mbedtls_mpi_init( &E ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &H ); mbedtls_mpi_init( &D ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &Z ); + mbedtls_mpi_init(&E); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&H); mbedtls_mpi_init(&D); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&Z); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P, 10, "2789" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &Q, 10, "3203" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 10, "257" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &N, &P, &Q ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P, 10, "2789")); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&Q, 10, "3203")); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 10, "257")); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&N, &P, &Q)); - mbedtls_printf( "\n Public key:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " N = ", &N, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " E = ", &E, 10, NULL ) ); + mbedtls_printf("\n Public key:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" N = ", &N, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" E = ", &E, 10, NULL)); - mbedtls_printf( "\n Private key:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " P = ", &P, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Q = ", &Q, 10, NULL ) ); + mbedtls_printf("\n Private key:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" P = ", &P, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Q = ", &Q, 10, NULL)); #if defined(MBEDTLS_GENPRIME) - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P, &P, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q, &Q, 1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &P, &Q ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &D, &E, &H ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&P, &P, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&Q, &Q, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&H, &P, &Q)); + MBEDTLS_MPI_CHK(mbedtls_mpi_inv_mod(&D, &E, &H)); - mbedtls_mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ", - &D, 10, NULL ); + mbedtls_mpi_write_file(" D = E^-1 mod (P-1)*(Q-1) = ", + &D, 10, NULL); #else mbedtls_printf("\nTest skipped (MBEDTLS_GENPRIME not defined).\n\n"); #endif - MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &X, 10, "55555" ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Y, &X, &E, &N, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &Z, &Y, &D, &N, NULL ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&X, 10, "55555")); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Y, &X, &E, &N, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&Z, &Y, &D, &N, NULL)); - mbedtls_printf( "\n RSA operation:\n\n" ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) ); - mbedtls_printf( "\n" ); + mbedtls_printf("\n RSA operation:\n\n"); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" X (plaintext) = ", &X, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Y (ciphertext) = X^E mod N = ", &Y, 10, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_file(" Z (decrypted) = Y^D mod N = ", &Z, 10, NULL)); + mbedtls_printf("\n"); exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: - mbedtls_mpi_free( &E ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &H ); mbedtls_mpi_free( &D ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &Z ); + mbedtls_mpi_free(&E); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&H); mbedtls_mpi_free(&D); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + mbedtls_mpi_free(&Z); - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_printf( "\nAn error occurred.\n" ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_printf("\nAn error occurred.\n"); } #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/pk_decrypt.c b/third_party/mbedtls/repo/programs/pkey/pk_decrypt.c index 810d6fb3ebf..7c57f3998cf 100644 --- a/third_party/mbedtls/repo/programs/pkey/pk_decrypt.c +++ b/third_party/mbedtls/repo/programs/pkey/pk_decrypt.c @@ -2,19 +2,7 @@ * Public key-based simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \ @@ -49,17 +28,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -74,103 +53,109 @@ int main( int argc, char *argv[] ) const char *pers = "mbedtls_pk_decrypt"; ((void) argv); - mbedtls_pk_init( &pk ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_pk_init(&pk); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); - memset(result, 0, sizeof( result ) ); + memset(result, 0, sizeof(result)); - if( argc != 2 ) - { - mbedtls_printf( "usage: mbedtls_pk_decrypt \n" ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc != 2) { + mbedtls_printf("usage: mbedtls_pk_decrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Extract the RSA encrypted value from the text file */ - if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt"); ret = 1; goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) - { + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; } - fclose( f ); + fclose(f); /* * Decrypt the encrypted RSA data and print the result. */ - mbedtls_printf( "\n . Decrypting the encrypted data" ); - fflush( stdout ); - - if( ( ret = mbedtls_pk_decrypt( &pk, buf, i, result, &olen, sizeof(result), - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", - (unsigned int) -ret ); + mbedtls_printf("\n . Decrypting the encrypted data"); + fflush(stdout); + + if ((ret = mbedtls_pk_decrypt(&pk, buf, i, result, &olen, sizeof(result), + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_decrypt returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK\n\n" ); + mbedtls_printf("\n . OK\n\n"); - mbedtls_printf( "The decrypted result is: '%s'\n\n", result ); + mbedtls_printf("The decrypted result is: '%s'\n\n", result); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_pk_free(&pk); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/pk_encrypt.c b/third_party/mbedtls/repo/programs/pkey/pk_encrypt.c index e629dc137de..f99f175468f 100644 --- a/third_party/mbedtls/repo/programs/pkey/pk_encrypt.c +++ b/third_party/mbedtls/repo/programs/pkey/pk_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_PK_PARSE_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \ @@ -50,17 +28,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -73,108 +51,113 @@ int main( int argc, char *argv[] ) unsigned char buf[512]; const char *pers = "mbedtls_pk_encrypt"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pk ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pk); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_encrypt \n" ); + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_encrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - if( strlen( argv[2] ) > 100 ) - { - mbedtls_printf( " Input data larger than 100 characters.\n\n" ); + if (strlen(argv[2]) > 100) { + mbedtls_printf(" Input data larger than 100 characters.\n\n"); goto exit; } - memcpy( input, argv[2], strlen( argv[2] ) ); + memcpy(input, argv[2], strlen(argv[2])); /* * Calculate the RSA encryption of the hash. */ - mbedtls_printf( "\n . Generating the encrypted value" ); - fflush( stdout ); - - if( ( ret = mbedtls_pk_encrypt( &pk, input, strlen( argv[2] ), - buf, &olen, sizeof(buf), - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", - (unsigned int) -ret ); + mbedtls_printf("\n . Generating the encrypted value"); + fflush(stdout); + + if ((ret = mbedtls_pk_encrypt(&pk, input, strlen(argv[2]), + buf, &olen, sizeof(buf), + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_encrypt returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Write the signature into result-enc.txt */ - if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", - "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", + "result-enc.txt"); ret = 1; goto exit; } - for( i = 0; i < olen; i++ ) - { - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < olen; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_entropy_free( &entropy ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + mbedtls_pk_free(&pk); + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof( buf ) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/pk_sign.c b/third_party/mbedtls/repo/programs/pkey/pk_sign.c index 451e3de9b29..d26ddfaaeb0 100644 --- a/third_party/mbedtls/repo/programs/pkey/pk_sign.c +++ b/third_party/mbedtls/repo/programs/pkey/pk_sign.c @@ -2,19 +2,7 @@ * Public key-based signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,29 +11,19 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_snprintf snprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -58,7 +36,7 @@ int main( void ) #include #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -72,38 +50,45 @@ int main( int argc, char *argv[] ) const char *pers = "mbedtls_pk_sign"; size_t olen = 0; - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_pk_init( &pk ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_sign \n" ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_sign \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not parse '%s'\n", argv[1] ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! Could not parse '%s'\n", argv[1]); goto exit; } @@ -111,67 +96,65 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file, * then calculate the signature of the hash. */ - mbedtls_printf( "\n . Generating the SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Generating the SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", filename ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", filename); goto exit; } - if( fwrite( buf, 1, olen, f ) != olen ) - { - mbedtls_printf( "failed\n ! fwrite failed\n\n" ); - fclose( f ); + if (fwrite(buf, 1, olen, f) != olen) { + mbedtls_printf("failed\n ! fwrite failed\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&pk); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/third_party/mbedtls/repo/programs/pkey/pk_verify.c b/third_party/mbedtls/repo/programs/pkey/pk_verify.c index ee72243196e..8b60440aba1 100644 --- a/third_party/mbedtls/repo/programs/pkey/pk_verify.c +++ b/third_party/mbedtls/repo/programs/pkey/pk_verify.c @@ -2,19 +2,7 @@ * Public key-based signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,27 +11,17 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_snprintf snprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " - "MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " + "MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -55,7 +33,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -66,86 +44,93 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; char filename[512]; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: mbedtls_pk_verify \n" ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc != 3) { + mbedtls_printf("usage: mbedtls_pk_verify \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", + (unsigned int) -ret); goto exit; } /* * Extract the signature from the file */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[2]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } - i = fread( buf, 1, sizeof(buf), f ); + i = fread(buf, 1, sizeof(buf), f); - fclose( f ); + fclose(f); /* * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Verifying the SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0, - buf, i ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0, + buf, i)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_verify returned -0x%04x\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { - mbedtls_strerror( ret, (char *) buf, sizeof(buf) ); - mbedtls_printf( " ! Last error was: %s\n", buf ); + if (exit_code != MBEDTLS_EXIT_SUCCESS) { + mbedtls_strerror(ret, (char *) buf, sizeof(buf)); + mbedtls_printf(" ! Last error was: %s\n", buf); } #endif #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_decrypt.c b/third_party/mbedtls/repo/programs/pkey/rsa_decrypt.c index 01bf3a621ae..f3a40a88a57 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_decrypt.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_decrypt.c @@ -2,19 +2,7 @@ * RSA simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_C) && \ @@ -48,17 +27,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_FS_IO and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -74,137 +53,129 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_decrypt"; ((void) argv); - memset(result, 0, sizeof( result ) ); + memset(result, 0, sizeof(result)); - if( argc != 1 ) - { - mbedtls_printf( "usage: rsa_decrypt\n" ); + if (argc != 1) { + mbedtls_printf("usage: rsa_decrypt\n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); - - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", - ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); + + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } /* * Extract the RSA encrypted value from the text file */ - if( ( f = fopen( "result-enc.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", "result-enc.txt"); goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; + } - fclose( f ); + fclose(f); - if( i != rsa.len ) - { - mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); + if (i != rsa.len) { + mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } /* * Decrypt the encrypted RSA data and print the result. */ - mbedtls_printf( "\n . Decrypting the encrypted data" ); - fflush( stdout ); - - ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i, - buf, result, 1024 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n", - ret ); + mbedtls_printf("\n . Decrypting the encrypted data"); + fflush(stdout); + + ret = mbedtls_rsa_pkcs1_decrypt(&rsa, mbedtls_ctr_drbg_random, + &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i, + buf, result, 1024); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_decrypt returned %d\n\n", + ret); goto exit; } - mbedtls_printf( "\n . OK\n\n" ); + mbedtls_printf("\n . OK\n\n"); - mbedtls_printf( "The decrypted result is: '%s'\n\n", result ); + mbedtls_printf("The decrypted result is: '%s'\n\n", result); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_rsa_free( &rsa ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_rsa_free(&rsa); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_encrypt.c b/third_party/mbedtls/repo/programs/pkey/rsa_encrypt.c index ba012017290..94068a18221 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_encrypt.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_RSA_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) && \ @@ -48,17 +26,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -72,117 +50,110 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_encrypt"; mbedtls_mpi N, E; - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_encrypt \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_encrypt \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", - ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", + ret); goto exit; } - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", - ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", + ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, NULL, NULL, NULL, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( strlen( argv[1] ) > 100 ) - { - mbedtls_printf( " Input data larger than 100 characters.\n\n" ); + if (strlen(argv[1]) > 100) { + mbedtls_printf(" Input data larger than 100 characters.\n\n"); goto exit; } - memcpy( input, argv[1], strlen( argv[1] ) ); + memcpy(input, argv[1], strlen(argv[1])); /* * Calculate the RSA encryption of the hash. */ - mbedtls_printf( "\n . Generating the RSA encrypted value" ); - fflush( stdout ); - - ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PUBLIC, - strlen( argv[1] ), input, buf ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", - ret ); + mbedtls_printf("\n . Generating the RSA encrypted value"); + fflush(stdout); + + ret = mbedtls_rsa_pkcs1_encrypt(&rsa, mbedtls_ctr_drbg_random, + &ctr_drbg, MBEDTLS_RSA_PUBLIC, + strlen(argv[1]), input, buf); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", + ret); goto exit; } /* * Write the signature into result-enc.txt */ - if( ( f = fopen( "result-enc.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", "result-enc.txt" ); + if ((f = fopen("result-enc.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", "result-enc.txt"); goto exit; } - for( i = 0; i < rsa.len; i++ ) - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < rsa.len; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); + } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", "result-enc.txt" ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", "result-enc.txt"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_rsa_free( &rsa ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_rsa_free(&rsa); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_genkey.c b/third_party/mbedtls/repo/programs/pkey/rsa_genkey.c index 26a8925044f..0f7f68c3917 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_genkey.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_genkey.c @@ -2,19 +2,7 @@ * Example RSA key generation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,16 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) && \ @@ -52,17 +31,17 @@ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_GENPRIME) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_GENPRIME and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else -int main( void ) +int main(void) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -74,103 +53,98 @@ int main( void ) FILE *fpriv = NULL; const char *pers = "rsa_genkey"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); + + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); - fflush( stdout ); + mbedtls_printf(" ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE); + fflush(stdout); - if( ( ret = mbedtls_rsa_gen_key( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE, - EXPONENT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret ); + if ((ret = mbedtls_rsa_gen_key(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE, + EXPONENT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the public key in rsa_pub.txt...." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the public key in rsa_pub.txt...."); + fflush(stdout); - if( ( ret = mbedtls_rsa_export ( &rsa, &N, &P, &Q, &D, &E ) ) != 0 || - ( ret = mbedtls_rsa_export_crt( &rsa, &DP, &DQ, &QP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" ); + if ((ret = mbedtls_rsa_export(&rsa, &N, &P, &Q, &D, &E)) != 0 || + (ret = mbedtls_rsa_export_crt(&rsa, &DP, &DQ, &QP)) != 0) { + mbedtls_printf(" failed\n ! could not export RSA parameters\n\n"); goto exit; } - if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" ); + if ((fpub = fopen("rsa_pub.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! could not open rsa_pub.txt for writing\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_write_file( "N = ", &N, 16, fpub ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "E = ", &E, 16, fpub ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpub)) != 0 || + (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpub)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n . Exporting the private key in rsa_priv.txt..." ); - fflush( stdout ); + mbedtls_printf(" ok\n . Exporting the private key in rsa_priv.txt..."); + fflush(stdout); - if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! could not open rsa_priv.txt for writing\n" ); + if ((fpriv = fopen("rsa_priv.txt", "wb+")) == NULL) { + mbedtls_printf(" failed\n ! could not open rsa_priv.txt for writing\n"); goto exit; } - if( ( ret = mbedtls_mpi_write_file( "N = " , &N , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "E = " , &E , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "D = " , &D , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "P = " , &P , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "Q = " , &Q , 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "DP = ", &DP, 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "DQ = ", &DQ, 16, fpriv ) ) != 0 || - ( ret = mbedtls_mpi_write_file( "QP = ", &QP, 16, fpriv ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret ); + if ((ret = mbedtls_mpi_write_file("N = ", &N, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("E = ", &E, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("D = ", &D, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("P = ", &P, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("Q = ", &Q, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("DP = ", &DP, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("DQ = ", &DQ, 16, fpriv)) != 0 || + (ret = mbedtls_mpi_write_file("QP = ", &QP, 16, fpriv)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_write_file returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n\n" ); + mbedtls_printf(" ok\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( fpub != NULL ) - fclose( fpub ); + if (fpub != NULL) { + fclose(fpub); + } - if( fpriv != NULL ) - fclose( fpriv ); + if (fpriv != NULL) { + fclose(fpriv); + } - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); - mbedtls_rsa_free( &rsa ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); + mbedtls_rsa_free(&rsa); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_GENPRIME && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_sign.c b/third_party/mbedtls/repo/programs/pkey/rsa_sign.c index c9522c8c264..1ede0305902 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_sign.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_sign.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,28 +11,17 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_MD_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -55,7 +32,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -67,67 +44,62 @@ int main( int argc, char *argv[] ) char filename[512]; mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP ); - mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); + mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_sign \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_sign \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading private key from rsa_priv.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from rsa_priv.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_priv.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_priv.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DP, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&DQ, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&QP, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_import returned %d\n\n", + ret); goto exit; } - if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n", - ret ); + if ((ret = mbedtls_rsa_complete(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_complete returned %d\n\n", + ret); goto exit; } - mbedtls_printf( "\n . Checking the private key" ); - fflush( stdout ); - if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", (unsigned int) -ret ); + mbedtls_printf("\n . Checking the private key"); + fflush(stdout); + if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", + (unsigned int) -ret); goto exit; } @@ -135,58 +107,57 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[1], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] ); + mbedtls_printf("\n . Generating the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[1], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, - 20, hash, buf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + 20, hash, buf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", + (unsigned int) -ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", argv[1]); goto exit; } - for( i = 0; i < rsa.len; i++ ) - mbedtls_fprintf( f, "%02X%s", buf[i], - ( i + 1 ) % 16 == 0 ? "\r\n" : " " ); + for (i = 0; i < rsa.len; i++) { + mbedtls_fprintf(f, "%02X%s", buf[i], + (i + 1) % 16 == 0 ? "\r\n" : " "); + } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_rsa_free( &rsa ); - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP ); - mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP ); + mbedtls_rsa_free(&rsa); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); + mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_sign_pss.c b/third_party/mbedtls/repo/programs/pkey/rsa_sign_pss.c index 9d5053a560a..236eef607be 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_sign_pss.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_sign_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,29 +11,19 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_snprintf snprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -59,7 +37,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -73,107 +51,111 @@ int main( int argc, char *argv[] ) const char *pers = "rsa_sign_pss"; size_t olen = 0; - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pk ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pk); + mbedtls_ctr_drbg_init(&ctr_drbg); - if( argc != 3 ) - { - mbedtls_printf( "usage: rsa_sign_pss \n" ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc != 3) { + mbedtls_printf("usage: rsa_sign_pss \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( "\n . Reading private key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading private key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] ); - mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pk, argv[1], "")) != 0) { + mbedtls_printf(" failed\n ! Could not read key from '%s'\n", argv[1]); + mbedtls_printf(" ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret); goto exit; } - if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) ) - { - mbedtls_printf( " failed\n ! Key is not an RSA key\n" ); + if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) { + mbedtls_printf(" failed\n ! Key is not an RSA key\n"); goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); /* * Compute the SHA-256 hash of the input file, * then calculate the RSA signature of the hash. */ - mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Generating the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_sign returned %d\n\n", ret ); + if ((ret = mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_sign returned %d\n\n", ret); goto exit; } /* * Write the signature into .sig */ - mbedtls_snprintf( filename, 512, "%s.sig", argv[2] ); + mbedtls_snprintf(filename, 512, "%s.sig", argv[2]); - if( ( f = fopen( filename, "wb+" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not create %s\n\n", filename ); + if ((f = fopen(filename, "wb+")) == NULL) { + mbedtls_printf(" failed\n ! Could not create %s\n\n", filename); goto exit; } - if( fwrite( buf, 1, olen, f ) != olen ) - { - mbedtls_printf( "failed\n ! fwrite failed\n\n" ); - fclose( f ); + if (fwrite(buf, 1, olen, f) != olen) { + mbedtls_printf("failed\n ! fwrite failed\n\n"); + fclose(f); goto exit; } - fclose( f ); + fclose(f); - mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename ); + mbedtls_printf("\n . Done (created \"%s\")\n\n", filename); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_pk_free(&pk); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_verify.c b/third_party/mbedtls/repo/programs/pkey/rsa_verify.c index fbc0779b2cd..d6a68bff08f 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_verify.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_verify.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,27 +11,17 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_MD_C and/or " + "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -54,7 +32,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -66,62 +44,58 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); - if( argc != 2 ) - { - mbedtls_printf( "usage: rsa_verify \n" ); + if (argc != 2) { + mbedtls_printf("usage: rsa_verify \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from rsa_pub.txt"); + fflush(stdout); - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); + if ((f = fopen("rsa_pub.txt", "rb")) == NULL) { + mbedtls_printf(" failed\n ! Could not open rsa_pub.txt\n" \ + " ! Please run rsa_genkey first\n\n"); goto exit; } - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); + if ((ret = mbedtls_mpi_read_file(&rsa.N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&rsa.E, 16, f)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); + fclose(f); goto exit; } - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; + rsa.len = (mbedtls_mpi_bitlen(&rsa.N) + 7) >> 3; - fclose( f ); + fclose(f); /* * Extract the RSA signature from the text file */ - mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] ); + mbedtls_snprintf(filename, sizeof(filename), "%s.sig", argv[1]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } i = 0; - while( fscanf( f, "%02X", (unsigned int*) &c ) > 0 && - i < (int) sizeof( buf ) ) + while (fscanf(f, "%02X", (unsigned int *) &c) > 0 && + i < (int) sizeof(buf)) { buf[i++] = (unsigned char) c; + } - fclose( f ); + fclose(f); - if( i != rsa.len ) - { - mbedtls_printf( "\n ! Invalid RSA signature format\n\n" ); + if (i != rsa.len) { + mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } @@ -129,38 +103,37 @@ int main( int argc, char *argv[] ) * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[1], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] ); + mbedtls_printf("\n . Verifying the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[1], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[1]); goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_MD_SHA256, 20, hash, buf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_rsa_free( &rsa ); + mbedtls_rsa_free(&rsa); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/pkey/rsa_verify_pss.c b/third_party/mbedtls/repo/programs/pkey/rsa_verify_pss.c index 81b0fd644e7..032eb67e192 100644 --- a/third_party/mbedtls/repo/programs/pkey/rsa_verify_pss.c +++ b/third_party/mbedtls/repo/programs/pkey/rsa_verify_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,29 +11,19 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_snprintf snprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -58,7 +36,7 @@ int main( void ) #include -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int ret = 1; @@ -69,87 +47,93 @@ int main( int argc, char *argv[] ) unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); - if( argc != 3 ) - { - mbedtls_printf( "usage: rsa_verify_pss \n" ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc != 3) { + mbedtls_printf("usage: rsa_verify_pss \n"); #if defined(_WIN32) - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #endif goto exit; } - mbedtls_printf( "\n . Reading public key from '%s'", argv[1] ); - fflush( stdout ); + mbedtls_printf("\n . Reading public key from '%s'", argv[1]); + fflush(stdout); - if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] ); - mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret ); + if ((ret = mbedtls_pk_parse_public_keyfile(&pk, argv[1])) != 0) { + mbedtls_printf(" failed\n ! Could not read key from '%s'\n", argv[1]); + mbedtls_printf(" ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret); goto exit; } - if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) ) - { - mbedtls_printf( " failed\n ! Key is not an RSA key\n" ); + if (!mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA)) { + mbedtls_printf(" failed\n ! Key is not an RSA key\n"); goto exit; } - mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 ); + mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); /* * Extract the RSA signature from the file */ - mbedtls_snprintf( filename, 512, "%s.sig", argv[2] ); + mbedtls_snprintf(filename, 512, "%s.sig", argv[2]); - if( ( f = fopen( filename, "rb" ) ) == NULL ) - { - mbedtls_printf( "\n ! Could not open %s\n\n", filename ); + if ((f = fopen(filename, "rb")) == NULL) { + mbedtls_printf("\n ! Could not open %s\n\n", filename); goto exit; } - i = fread( buf, 1, MBEDTLS_MPI_MAX_SIZE, f ); + i = fread(buf, 1, MBEDTLS_MPI_MAX_SIZE, f); - fclose( f ); + fclose(f); /* * Compute the SHA-256 hash of the input file and * verify the signature */ - mbedtls_printf( "\n . Verifying the RSA/SHA-256 signature" ); - fflush( stdout ); - - if( ( ret = mbedtls_md_file( - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ), - argv[2], hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] ); + mbedtls_printf("\n . Verifying the RSA/SHA-256 signature"); + fflush(stdout); + + if ((ret = mbedtls_md_file( + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + argv[2], hash)) != 0) { + mbedtls_printf(" failed\n ! Could not open or read %s\n\n", argv[2]); goto exit; } - if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0, - buf, i ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_verify returned %d\n\n", ret ); + if ((ret = mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, 0, + buf, i)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_verify returned %d\n\n", ret); goto exit; } - mbedtls_printf( "\n . OK (the signature is valid)\n\n" ); + mbedtls_printf("\n . OK (the signature is valid)\n\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/psa/crypto_examples.c b/third_party/mbedtls/repo/programs/psa/crypto_examples.c index 935d657af52..b755f09ef2e 100644 --- a/third_party/mbedtls/repo/programs/psa/crypto_examples.c +++ b/third_party/mbedtls/repo/programs/psa/crypto_examples.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "psa/crypto.h" @@ -20,146 +8,145 @@ #include #include -#define ASSERT( predicate ) \ +#define ASSERT(predicate) \ do \ { \ - if( ! ( predicate ) ) \ + if (!(predicate)) \ { \ - printf( "\tassertion failed at %s:%d - '%s'\r\n", \ - __FILE__, __LINE__, #predicate); \ + printf("\tassertion failed at %s:%d - '%s'\r\n", \ + __FILE__, __LINE__, #predicate); \ goto exit; \ } \ - } while ( 0 ) + } while (0) -#define ASSERT_STATUS( actual, expected ) \ +#define ASSERT_STATUS(actual, expected) \ do \ { \ - if( ( actual ) != ( expected ) ) \ + if ((actual) != (expected)) \ { \ - printf( "\tassertion failed at %s:%d - " \ - "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ - (psa_status_t) actual, (psa_status_t) expected ); \ + printf("\tassertion failed at %s:%d - " \ + "actual:%d expected:%d\r\n", __FILE__, __LINE__, \ + (psa_status_t) actual, (psa_status_t) expected); \ goto exit; \ } \ - } while ( 0 ) + } while (0) #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \ !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \ !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -int main( void ) +int main(void) { - printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " - "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " - "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " - "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" - " defined.\r\n" ); - return( 0 ); + printf("MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or " + "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR " + "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER" + " defined.\r\n"); + return 0; } #else -static psa_status_t cipher_operation( psa_cipher_operation_t *operation, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_operation(psa_cipher_operation_t *operation, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; size_t bytes_to_write = 0, bytes_written = 0, len = 0; *output_len = 0; - while( bytes_written != input_size ) - { - bytes_to_write = ( input_size - bytes_written > part_size ? - part_size : - input_size - bytes_written ); + while (bytes_written != input_size) { + bytes_to_write = (input_size - bytes_written > part_size ? + part_size : + input_size - bytes_written); - status = psa_cipher_update( operation, input + bytes_written, - bytes_to_write, output + *output_len, - output_size - *output_len, &len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_update(operation, input + bytes_written, + bytes_to_write, output + *output_len, + output_size - *output_len, &len); + ASSERT_STATUS(status, PSA_SUCCESS); bytes_written += bytes_to_write; *output_len += len; } - status = psa_cipher_finish( operation, output + *output_len, - output_size - *output_len, &len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_finish(operation, output + *output_len, + output_size - *output_len, &len); + ASSERT_STATUS(status, PSA_SUCCESS); *output_len += len; exit: - return( status ); + return status; } -static psa_status_t cipher_encrypt( psa_key_id_t key, - psa_algorithm_t alg, - uint8_t * iv, - size_t iv_size, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_encrypt(psa_key_id_t key, + psa_algorithm_t alg, + uint8_t *iv, + size_t iv_size, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; size_t iv_len = 0; - memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_encrypt_setup( &operation, key, alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + memset(&operation, 0, sizeof(operation)); + status = psa_cipher_encrypt_setup(&operation, key, alg); + ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_generate_iv(&operation, iv, iv_size, &iv_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_operation( &operation, input, input_size, part_size, - output, output_size, output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_operation(&operation, input, input_size, part_size, + output, output_size, output_len); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_cipher_abort( &operation ); - return( status ); + psa_cipher_abort(&operation); + return status; } -static psa_status_t cipher_decrypt( psa_key_id_t key, - psa_algorithm_t alg, - const uint8_t * iv, - size_t iv_size, - const uint8_t * input, - size_t input_size, - size_t part_size, - uint8_t * output, - size_t output_size, - size_t *output_len ) +static psa_status_t cipher_decrypt(psa_key_id_t key, + psa_algorithm_t alg, + const uint8_t *iv, + size_t iv_size, + const uint8_t *input, + size_t input_size, + size_t part_size, + uint8_t *output, + size_t output_size, + size_t *output_len) { psa_status_t status; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - memset( &operation, 0, sizeof( operation ) ); - status = psa_cipher_decrypt_setup( &operation, key, alg ); - ASSERT_STATUS( status, PSA_SUCCESS ); + memset(&operation, 0, sizeof(operation)); + status = psa_cipher_decrypt_setup(&operation, key, alg); + ASSERT_STATUS(status, PSA_SUCCESS); - status = psa_cipher_set_iv( &operation, iv, iv_size ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_cipher_set_iv(&operation, iv, iv_size); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_operation( &operation, input, input_size, part_size, - output, output_size, output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_operation(&operation, input, input_size, part_size, + output, output_size, output_len); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_cipher_abort( &operation ); - return( status ); + psa_cipher_abort(&operation); + return status; } static psa_status_t -cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) +cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, part_size = block_size, }; @@ -174,40 +161,40 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void ) uint8_t encrypt[block_size]; uint8_t decrypt[block_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) +static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, input_size = 100, part_size = 10, @@ -222,40 +209,40 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void ) uint8_t iv[block_size], input[input_size], encrypt[input_size + block_size], decrypt[input_size + block_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) +static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi(void) { enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH( PSA_KEY_TYPE_AES ), + block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), key_bits = 256, input_size = 100, part_size = 10, @@ -269,63 +256,66 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void ) uint8_t iv[block_size], input[input_size], encrypt[input_size], decrypt[input_size]; - status = psa_generate_random( input, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_random(input, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, key_bits ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key( &attributes, &key ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = psa_generate_key(&attributes, &key); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_encrypt( key, alg, iv, sizeof( iv ), - input, sizeof( input ), part_size, - encrypt, sizeof( encrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_encrypt(key, alg, iv, sizeof(iv), + input, sizeof(input), part_size, + encrypt, sizeof(encrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = cipher_decrypt( key, alg, iv, sizeof( iv ), - encrypt, output_len, part_size, - decrypt, sizeof( decrypt ), &output_len ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = cipher_decrypt(key, alg, iv, sizeof(iv), + encrypt, output_len, part_size, + decrypt, sizeof(decrypt), &output_len); + ASSERT_STATUS(status, PSA_SUCCESS); - status = memcmp( input, decrypt, sizeof( input ) ); - ASSERT_STATUS( status, PSA_SUCCESS ); + status = memcmp(input, decrypt, sizeof(input)); + ASSERT_STATUS(status, PSA_SUCCESS); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static void cipher_examples( void ) +static void cipher_examples(void) { psa_status_t status; - printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CBC no padding:\r\n"); + status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } - printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n"); + status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } - printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" ); - status = cipher_example_encrypt_decrypt_aes_ctr_multi( ); - if( status == PSA_SUCCESS ) - printf( "\tsuccess!\r\n" ); + printf("cipher encrypt/decrypt AES CTR multipart:\r\n"); + status = cipher_example_encrypt_decrypt_aes_ctr_multi(); + if (status == PSA_SUCCESS) { + printf("\tsuccess!\r\n"); + } } -int main( void ) +int main(void) { - ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); - cipher_examples( ); + ASSERT(psa_crypto_init() == PSA_SUCCESS); + cipher_examples(); exit: - mbedtls_psa_crypto_free( ); - return( 0 ); + mbedtls_psa_crypto_free(); + return 0; } #endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */ diff --git a/third_party/mbedtls/repo/programs/psa/key_ladder_demo.c b/third_party/mbedtls/repo/programs/psa/key_ladder_demo.c index 5d643492b2d..4fb671fad4e 100644 --- a/third_party/mbedtls/repo/programs/psa/key_ladder_demo.c +++ b/third_party/mbedtls/repo/programs/psa/key_ladder_demo.c @@ -32,19 +32,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and @@ -69,47 +57,47 @@ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) -int main( void ) +int main(void) { - printf( "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " - "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " - "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " - "defined.\n" ); - return( 0 ); + printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " + "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " + "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " + "defined.\n"); + return 0; } #else /* The real program starts here. */ /* Run a system function and bail out if it fails. */ -#define SYS_CHECK( expr ) \ +#define SYS_CHECK(expr) \ do \ { \ - if( ! ( expr ) ) \ + if (!(expr)) \ { \ - perror( #expr ); \ + perror( #expr); \ status = DEMO_ERROR; \ goto exit; \ } \ } \ - while( 0 ) + while (0) /* Run a PSA function and bail out if it fails. */ -#define PSA_CHECK( expr ) \ +#define PSA_CHECK(expr) \ do \ { \ - status = ( expr ); \ - if( status != PSA_SUCCESS ) \ + status = (expr); \ + if (status != PSA_SUCCESS) \ { \ - printf( "Error %d at line %d: %s\n", \ - (int) status, \ - __LINE__, \ - #expr ); \ + printf("Error %d at line %d: %s\n", \ + (int) status, \ + __LINE__, \ + #expr); \ goto exit; \ } \ } \ - while( 0 ) + while (0) /* To report operational errors in this program, use an error code that is * different from every PSA error code. */ @@ -119,19 +107,19 @@ int main( void ) #define MAX_LADDER_DEPTH 10 /* Salt to use when deriving an intermediate key. */ -#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" ) -#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) ) +#define DERIVE_KEY_SALT ((uint8_t *) "key_ladder_demo.derive") +#define DERIVE_KEY_SALT_LENGTH (strlen((const char *) DERIVE_KEY_SALT)) /* Salt to use when deriving a wrapping key. */ -#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" ) -#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) ) +#define WRAPPING_KEY_SALT ((uint8_t *) "key_ladder_demo.wrap") +#define WRAPPING_KEY_SALT_LENGTH (strlen((const char *) WRAPPING_KEY_SALT)) /* Size of the key derivation keys (applies both to the master key and * to intermediate keys). */ #define KEY_SIZE_BYTES 40 /* Algorithm for key derivation. */ -#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 ) +#define KDF_ALG PSA_ALG_HKDF(PSA_ALG_SHA_256) /* Type and size of the key used to wrap data. */ #define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES @@ -148,9 +136,8 @@ int main( void ) * integer sizes and endianness, because the data is meant to be read * back by the same program on the same machine. */ #define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte -#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) ) -typedef struct -{ +#define WRAPPED_DATA_MAGIC_LENGTH (sizeof(WRAPPED_DATA_MAGIC)) +typedef struct { char magic[WRAPPED_DATA_MAGIC_LENGTH]; size_t ad_size; /* Size of the additional data, which is this header. */ size_t payload_size; /* Size of the encrypted data. */ @@ -159,8 +146,7 @@ typedef struct } wrapped_data_header_t; /* The modes that this program can operate in (see usage). */ -enum program_mode -{ +enum program_mode { MODE_GENERATE, MODE_SAVE, MODE_UNWRAP, @@ -169,26 +155,27 @@ enum program_mode /* Save a key to a file. In the real world, you may want to export a derived * key sometimes, to share it with another party. */ -static psa_status_t save_key( psa_key_id_t key, - const char *output_file_name ) +static psa_status_t save_key(psa_key_id_t key, + const char *output_file_name) { psa_status_t status = PSA_SUCCESS; uint8_t key_data[KEY_SIZE_BYTES]; size_t key_size; FILE *key_file = NULL; - PSA_CHECK( psa_export_key( key, - key_data, sizeof( key_data ), - &key_size ) ); - SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size ); - SYS_CHECK( fclose( key_file ) == 0 ); + PSA_CHECK(psa_export_key(key, + key_data, sizeof(key_data), + &key_size)); + SYS_CHECK((key_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(key_data, 1, key_size, key_file) == key_size); + SYS_CHECK(fclose(key_file) == 0); key_file = NULL; exit: - if( key_file != NULL) - fclose( key_file ); - return( status ); + if (key_file != NULL) { + fclose(key_file); + } + return status; } /* Generate a master key for use in this demo. @@ -196,25 +183,25 @@ static psa_status_t save_key( psa_key_id_t key, * Normally a master key would be non-exportable. For the purpose of this * demo, we want to save it to a file, to avoid relying on the keystore * capability of the PSA crypto library. */ -static psa_status_t generate( const char *key_file_name ) +static psa_status_t generate(const char *key_file_name) { psa_status_t status = PSA_SUCCESS; psa_key_id_t key = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, KDF_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, KDF_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES)); - PSA_CHECK( psa_generate_key( &attributes, &key ) ); + PSA_CHECK(psa_generate_key(&attributes, &key)); - PSA_CHECK( save_key( key, key_file_name ) ); + PSA_CHECK(save_key(key, key_file_name)); exit: - (void) psa_destroy_key( key ); - return( status ); + (void) psa_destroy_key(key); + return status; } /* Load the master key from a file. @@ -222,10 +209,10 @@ static psa_status_t generate( const char *key_file_name ) * In the real world, this master key would be stored in an internal memory * and the storage would be managed by the keystore capability of the PSA * crypto library. */ -static psa_status_t import_key_from_file( psa_key_usage_t usage, - psa_algorithm_t alg, - const char *key_file_name, - psa_key_id_t *master_key ) +static psa_status_t import_key_from_file(psa_key_usage_t usage, + psa_algorithm_t alg, + const char *key_file_name, + psa_key_id_t *master_key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -234,36 +221,35 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, FILE *key_file = NULL; unsigned char extra_byte; - SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL ); - SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ), - key_file ) ) != 0 ); - if( fread( &extra_byte, 1, 1, key_file ) != 0 ) - { - printf( "Key file too large (max: %u).\n", - (unsigned) sizeof( key_data ) ); + SYS_CHECK((key_file = fopen(key_file_name, "rb")) != NULL); + SYS_CHECK((key_size = fread(key_data, 1, sizeof(key_data), + key_file)) != 0); + if (fread(&extra_byte, 1, 1, key_file) != 0) { + printf("Key file too large (max: %u).\n", + (unsigned) sizeof(key_data)); status = DEMO_ERROR; goto exit; } - SYS_CHECK( fclose( key_file ) == 0 ); + SYS_CHECK(fclose(key_file) == 0); key_file = NULL; - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_CHECK( psa_import_key( &attributes, key_data, key_size, master_key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + PSA_CHECK(psa_import_key(&attributes, key_data, key_size, master_key)); exit: - if( key_file != NULL ) - fclose( key_file ); - mbedtls_platform_zeroize( key_data, sizeof( key_data ) ); - if( status != PSA_SUCCESS ) - { + if (key_file != NULL) { + fclose(key_file); + } + mbedtls_platform_zeroize(key_data, sizeof(key_data)); + if (status != PSA_SUCCESS) { /* If the key creation hasn't happened yet or has failed, * *master_key is null. psa_destroy_key( 0 ) is * guaranteed to do nothing and return PSA_SUCCESS. */ - (void) psa_destroy_key( *master_key ); + (void) psa_destroy_key(*master_key); *master_key = 0; } - return( status ); + return status; } /* Derive the intermediate keys, using the list of labels provided on @@ -271,60 +257,58 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage, * This function destroys the master key. On successful output, *key * is the identifier of the final derived key. */ -static psa_status_t derive_key_ladder( const char *ladder[], - size_t ladder_depth, - psa_key_id_t *key ) +static psa_status_t derive_key_ladder(const char *ladder[], + size_t ladder_depth, + psa_key_id_t *key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; size_t i; - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, KDF_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ) ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, KDF_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(KEY_SIZE_BYTES)); /* For each label in turn, ... */ - for( i = 0; i < ladder_depth; i++ ) - { + for (i = 0; i < ladder_depth; i++) { /* Start deriving material from the master key (if i=0) or from * the current intermediate key (if i>0). */ - PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_SALT, - DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH ) ); - PSA_CHECK( psa_key_derivation_input_key( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - *key ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - (uint8_t*) ladder[i], strlen( ladder[i] ) ) ); + PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH)); + PSA_CHECK(psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + *key)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + (uint8_t *) ladder[i], strlen(ladder[i]))); /* When the parent key is not the master key, destroy it, * since it is no longer needed. */ - PSA_CHECK( psa_destroy_key( *key ) ); + PSA_CHECK(psa_destroy_key(*key)); *key = 0; /* Derive the next intermediate key from the parent key. */ - PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - key ) ); - PSA_CHECK( psa_key_derivation_abort( &operation ) ); + PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation, + key)); + PSA_CHECK(psa_key_derivation_abort(&operation)); } exit: - psa_key_derivation_abort( &operation ); - if( status != PSA_SUCCESS ) - { - psa_destroy_key( *key ); + psa_key_derivation_abort(&operation); + if (status != PSA_SUCCESS) { + psa_destroy_key(*key); *key = 0; } - return( status ); + return status; } /* Derive a wrapping key from the last intermediate key. */ -static psa_status_t derive_wrapping_key( psa_key_usage_t usage, - psa_key_id_t derived_key, - psa_key_id_t *wrapping_key ) +static psa_status_t derive_wrapping_key(psa_key_usage_t usage, + psa_key_id_t derived_key, + psa_key_id_t *wrapping_key) { psa_status_t status = PSA_SUCCESS; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -334,33 +318,33 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage, /* Set up a key derivation operation from the key derived from * the master key. */ - PSA_CHECK( psa_key_derivation_setup( &operation, KDF_ALG ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_SALT, - WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH ) ); - PSA_CHECK( psa_key_derivation_input_key( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - derived_key ) ); - PSA_CHECK( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_CHECK(psa_key_derivation_setup(&operation, KDF_ALG)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SALT, + WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH)); + PSA_CHECK(psa_key_derivation_input_key( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + derived_key)); + PSA_CHECK(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); /* Create the wrapping key. */ - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, WRAPPING_ALG ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( &attributes, WRAPPING_KEY_BITS ); - PSA_CHECK( psa_key_derivation_output_key( &attributes, &operation, - wrapping_key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, WRAPPING_ALG); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, WRAPPING_KEY_BITS); + PSA_CHECK(psa_key_derivation_output_key(&attributes, &operation, + wrapping_key)); exit: - psa_key_derivation_abort( &operation ); - return( status ); + psa_key_derivation_abort(&operation); + return status; } -static psa_status_t wrap_data( const char *input_file_name, - const char *output_file_name, - psa_key_id_t wrapping_key ) +static psa_status_t wrap_data(const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key) { psa_status_t status; FILE *input_file = NULL; @@ -375,74 +359,75 @@ static psa_status_t wrap_data( const char *input_file_name, wrapped_data_header_t header; /* Find the size of the data to wrap. */ - SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); - SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 ); - SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 ); + SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL); + SYS_CHECK(fseek(input_file, 0, SEEK_END) == 0); + SYS_CHECK((input_position = ftell(input_file)) != -1); #if LONG_MAX > SIZE_MAX - if( input_position > SIZE_MAX ) - { - printf( "Input file too large.\n" ); + if (input_position > SIZE_MAX) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } #endif input_size = input_position; - PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes ) ); - key_type = psa_get_key_type( &attributes ); + PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes)); + key_type = psa_get_key_type(&attributes); buffer_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, input_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, input_size); /* Check for integer overflow. */ - if( buffer_size < input_size ) - { - printf( "Input file too large.\n" ); + if (buffer_size < input_size) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } /* Load the data to wrap. */ - SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 ); - SYS_CHECK( ( buffer = calloc( 1, buffer_size ) ) != NULL ); - SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size ); - SYS_CHECK( fclose( input_file ) == 0 ); + SYS_CHECK(fseek(input_file, 0, SEEK_SET) == 0); + SYS_CHECK((buffer = calloc(1, buffer_size)) != NULL); + SYS_CHECK(fread(buffer, 1, input_size, input_file) == input_size); + SYS_CHECK(fclose(input_file) == 0); input_file = NULL; /* Construct a header. */ - memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH ); - header.ad_size = sizeof( header ); + memcpy(&header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH); + header.ad_size = sizeof(header); header.payload_size = input_size; /* Wrap the data. */ - PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) ); - PSA_CHECK( psa_aead_encrypt( wrapping_key, WRAPPING_ALG, - header.iv, WRAPPING_IV_SIZE, - (uint8_t *) &header, sizeof( header ), - buffer, input_size, - buffer, buffer_size, - &ciphertext_size ) ); + PSA_CHECK(psa_generate_random(header.iv, WRAPPING_IV_SIZE)); + PSA_CHECK(psa_aead_encrypt(wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof(header), + buffer, input_size, + buffer, buffer_size, + &ciphertext_size)); /* Write the output. */ - SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( &header, 1, sizeof( header ), - output_file ) == sizeof( header ) ); - SYS_CHECK( fwrite( buffer, 1, ciphertext_size, - output_file ) == ciphertext_size ); - SYS_CHECK( fclose( output_file ) == 0 ); + SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(&header, 1, sizeof(header), + output_file) == sizeof(header)); + SYS_CHECK(fwrite(buffer, 1, ciphertext_size, + output_file) == ciphertext_size); + SYS_CHECK(fclose(output_file) == 0); output_file = NULL; exit: - if( input_file != NULL ) - fclose( input_file ); - if( output_file != NULL ) - fclose( output_file ); - if( buffer != NULL ) - mbedtls_platform_zeroize( buffer, buffer_size ); - free( buffer ); - return( status ); + if (input_file != NULL) { + fclose(input_file); + } + if (output_file != NULL) { + fclose(output_file); + } + if (buffer != NULL) { + mbedtls_platform_zeroize(buffer, buffer_size); + } + free(buffer); + return status; } -static psa_status_t unwrap_data( const char *input_file_name, - const char *output_file_name, - psa_key_id_t wrapping_key ) +static psa_status_t unwrap_data(const char *input_file_name, + const char *output_file_name, + psa_key_id_t wrapping_key) { psa_status_t status; FILE *input_file = NULL; @@ -456,124 +441,122 @@ static psa_status_t unwrap_data( const char *input_file_name, unsigned char extra_byte; /* Load and validate the header. */ - SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL ); - SYS_CHECK( fread( &header, 1, sizeof( header ), - input_file ) == sizeof( header ) ); - if( memcmp( &header.magic, WRAPPED_DATA_MAGIC, - WRAPPED_DATA_MAGIC_LENGTH ) != 0 ) - { - printf( "The input does not start with a valid magic header.\n" ); + SYS_CHECK((input_file = fopen(input_file_name, "rb")) != NULL); + SYS_CHECK(fread(&header, 1, sizeof(header), + input_file) == sizeof(header)); + if (memcmp(&header.magic, WRAPPED_DATA_MAGIC, + WRAPPED_DATA_MAGIC_LENGTH) != 0) { + printf("The input does not start with a valid magic header.\n"); status = DEMO_ERROR; goto exit; } - if( header.ad_size != sizeof( header ) ) - { - printf( "The header size is not correct.\n" ); + if (header.ad_size != sizeof(header)) { + printf("The header size is not correct.\n"); status = DEMO_ERROR; goto exit; } - PSA_CHECK( psa_get_key_attributes( wrapping_key, &attributes) ); - key_type = psa_get_key_type( &attributes); + PSA_CHECK(psa_get_key_attributes(wrapping_key, &attributes)); + key_type = psa_get_key_type(&attributes); ciphertext_size = - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, WRAPPING_ALG, header.payload_size ); + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, WRAPPING_ALG, header.payload_size); /* Check for integer overflow. */ - if( ciphertext_size < header.payload_size ) - { - printf( "Input file too large.\n" ); + if (ciphertext_size < header.payload_size) { + printf("Input file too large.\n"); status = DEMO_ERROR; goto exit; } /* Load the payload data. */ - SYS_CHECK( ( buffer = calloc( 1, ciphertext_size ) ) != NULL ); - SYS_CHECK( fread( buffer, 1, ciphertext_size, - input_file ) == ciphertext_size ); - if( fread( &extra_byte, 1, 1, input_file ) != 0 ) - { - printf( "Extra garbage after ciphertext\n" ); + SYS_CHECK((buffer = calloc(1, ciphertext_size)) != NULL); + SYS_CHECK(fread(buffer, 1, ciphertext_size, + input_file) == ciphertext_size); + if (fread(&extra_byte, 1, 1, input_file) != 0) { + printf("Extra garbage after ciphertext\n"); status = DEMO_ERROR; goto exit; } - SYS_CHECK( fclose( input_file ) == 0 ); + SYS_CHECK(fclose(input_file) == 0); input_file = NULL; /* Unwrap the data. */ - PSA_CHECK( psa_aead_decrypt( wrapping_key, WRAPPING_ALG, - header.iv, WRAPPING_IV_SIZE, - (uint8_t *) &header, sizeof( header ), - buffer, ciphertext_size, - buffer, ciphertext_size, - &plaintext_size ) ); - if( plaintext_size != header.payload_size ) - { - printf( "Incorrect payload size in the header.\n" ); + PSA_CHECK(psa_aead_decrypt(wrapping_key, WRAPPING_ALG, + header.iv, WRAPPING_IV_SIZE, + (uint8_t *) &header, sizeof(header), + buffer, ciphertext_size, + buffer, ciphertext_size, + &plaintext_size)); + if (plaintext_size != header.payload_size) { + printf("Incorrect payload size in the header.\n"); status = DEMO_ERROR; goto exit; } /* Write the output. */ - SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL ); - SYS_CHECK( fwrite( buffer, 1, plaintext_size, - output_file ) == plaintext_size ); - SYS_CHECK( fclose( output_file ) == 0 ); + SYS_CHECK((output_file = fopen(output_file_name, "wb")) != NULL); + SYS_CHECK(fwrite(buffer, 1, plaintext_size, + output_file) == plaintext_size); + SYS_CHECK(fclose(output_file) == 0); output_file = NULL; exit: - if( input_file != NULL ) - fclose( input_file ); - if( output_file != NULL ) - fclose( output_file ); - if( buffer != NULL ) - mbedtls_platform_zeroize( buffer, ciphertext_size ); - free( buffer ); - return( status ); + if (input_file != NULL) { + fclose(input_file); + } + if (output_file != NULL) { + fclose(output_file); + } + if (buffer != NULL) { + mbedtls_platform_zeroize(buffer, ciphertext_size); + } + free(buffer); + return status; } -static psa_status_t run( enum program_mode mode, - const char *key_file_name, - const char *ladder[], size_t ladder_depth, - const char *input_file_name, - const char *output_file_name ) +static psa_status_t run(enum program_mode mode, + const char *key_file_name, + const char *ladder[], size_t ladder_depth, + const char *input_file_name, + const char *output_file_name) { psa_status_t status = PSA_SUCCESS; psa_key_id_t derivation_key = 0; psa_key_id_t wrapping_key = 0; /* Initialize the PSA crypto library. */ - PSA_CHECK( psa_crypto_init( ) ); + PSA_CHECK(psa_crypto_init()); /* Generate mode is unlike the others. Generate the master key and exit. */ - if( mode == MODE_GENERATE ) - return( generate( key_file_name ) ); + if (mode == MODE_GENERATE) { + return generate(key_file_name); + } /* Read the master key. */ - PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, - KDF_ALG, - key_file_name, - &derivation_key ) ); + PSA_CHECK(import_key_from_file(PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT, + KDF_ALG, + key_file_name, + &derivation_key)); /* Calculate the derived key for this session. */ - PSA_CHECK( derive_key_ladder( ladder, ladder_depth, - &derivation_key ) ); + PSA_CHECK(derive_key_ladder(ladder, ladder_depth, + &derivation_key)); - switch( mode ) - { + switch (mode) { case MODE_SAVE: - PSA_CHECK( save_key( derivation_key, output_file_name ) ); + PSA_CHECK(save_key(derivation_key, output_file_name)); break; case MODE_UNWRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT, - derivation_key, - &wrapping_key ) ); - PSA_CHECK( unwrap_data( input_file_name, output_file_name, - wrapping_key ) ); + PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_DECRYPT, + derivation_key, + &wrapping_key)); + PSA_CHECK(unwrap_data(input_file_name, output_file_name, + wrapping_key)); break; case MODE_WRAP: - PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT, - derivation_key, - &wrapping_key ) ); - PSA_CHECK( wrap_data( input_file_name, output_file_name, - wrapping_key ) ); + PSA_CHECK(derive_wrapping_key(PSA_KEY_USAGE_ENCRYPT, + derivation_key, + &wrapping_key)); + PSA_CHECK(wrap_data(input_file_name, output_file_name, + wrapping_key)); break; default: /* Unreachable but some compilers don't realize it. */ @@ -584,35 +567,35 @@ static psa_status_t run( enum program_mode mode, /* Destroy any remaining key. Deinitializing the crypto library would do * this anyway since they are volatile keys, but explicitly destroying * keys makes the code easier to reuse. */ - (void) psa_destroy_key( derivation_key ); - (void) psa_destroy_key( wrapping_key ); + (void) psa_destroy_key(derivation_key); + (void) psa_destroy_key(wrapping_key); /* Deinitialize the PSA crypto library. */ - mbedtls_psa_crypto_free( ); - return( status ); + mbedtls_psa_crypto_free(); + return status; } -static void usage( void ) +static void usage(void) { - printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" ); - printf( "Demonstrate the usage of a key derivation ladder.\n" ); - printf( "\n" ); - printf( "Modes:\n" ); - printf( " generate Generate the master key\n" ); - printf( " save Save the derived key\n" ); - printf( " unwrap Unwrap (decrypt) input with the derived key\n" ); - printf( " wrap Wrap (encrypt) input with the derived key\n" ); - printf( "\n" ); - printf( "Options:\n" ); - printf( " input=FILENAME Input file (required for wrap/unwrap)\n" ); - printf( " master=FILENAME File containing the master key (default: master.key)\n" ); - printf( " output=FILENAME Output file (required for save/wrap/unwrap)\n" ); - printf( " label=TEXT Label for the key derivation.\n" ); - printf( " This may be repeated multiple times.\n" ); - printf( " To get the same key, you must use the same master key\n" ); - printf( " and the same sequence of labels.\n" ); + printf("Usage: key_ladder_demo MODE [OPTION=VALUE]...\n"); + printf("Demonstrate the usage of a key derivation ladder.\n"); + printf("\n"); + printf("Modes:\n"); + printf(" generate Generate the master key\n"); + printf(" save Save the derived key\n"); + printf(" unwrap Unwrap (decrypt) input with the derived key\n"); + printf(" wrap Wrap (encrypt) input with the derived key\n"); + printf("\n"); + printf("Options:\n"); + printf(" input=FILENAME Input file (required for wrap/unwrap)\n"); + printf(" master=FILENAME File containing the master key (default: master.key)\n"); + printf(" output=FILENAME Output file (required for save/wrap/unwrap)\n"); + printf(" label=TEXT Label for the key derivation.\n"); + printf(" This may be repeated multiple times.\n"); + printf(" To get the same key, you must use the same master key\n"); + printf(" and the same sequence of labels.\n"); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { const char *key_file_name = "master.key"; const char *input_file_name = NULL; @@ -623,85 +606,77 @@ int main( int argc, char *argv[] ) enum program_mode mode; psa_status_t status; - if( argc <= 1 || - strcmp( argv[1], "help" ) == 0 || - strcmp( argv[1], "-help" ) == 0 || - strcmp( argv[1], "--help" ) == 0 ) - { - usage( ); - return( EXIT_SUCCESS ); + if (argc <= 1 || + strcmp(argv[1], "help") == 0 || + strcmp(argv[1], "-help") == 0 || + strcmp(argv[1], "--help") == 0) { + usage(); + return EXIT_SUCCESS; } - for( i = 2; i < argc; i++ ) - { - char *q = strchr( argv[i], '=' ); - if( q == NULL ) - { - printf( "Missing argument to option %s\n", argv[i] ); + for (i = 2; i < argc; i++) { + char *q = strchr(argv[i], '='); + if (q == NULL) { + printf("Missing argument to option %s\n", argv[i]); goto usage_failure; } *q = 0; ++q; - if( strcmp( argv[i], "input" ) == 0 ) + if (strcmp(argv[i], "input") == 0) { input_file_name = q; - else if( strcmp( argv[i], "label" ) == 0 ) - { - if( ladder_depth == MAX_LADDER_DEPTH ) - { - printf( "Maximum ladder depth %u exceeded.\n", - (unsigned) MAX_LADDER_DEPTH ); - return( EXIT_FAILURE ); + } else if (strcmp(argv[i], "label") == 0) { + if (ladder_depth == MAX_LADDER_DEPTH) { + printf("Maximum ladder depth %u exceeded.\n", + (unsigned) MAX_LADDER_DEPTH); + return EXIT_FAILURE; } ladder[ladder_depth] = q; ++ladder_depth; - } - else if( strcmp( argv[i], "master" ) == 0 ) + } else if (strcmp(argv[i], "master") == 0) { key_file_name = q; - else if( strcmp( argv[i], "output" ) == 0 ) + } else if (strcmp(argv[i], "output") == 0) { output_file_name = q; - else - { - printf( "Unknown option: %s\n", argv[i] ); + } else { + printf("Unknown option: %s\n", argv[i]); goto usage_failure; } } - if( strcmp( argv[1], "generate" ) == 0 ) + if (strcmp(argv[1], "generate") == 0) { mode = MODE_GENERATE; - else if( strcmp( argv[1], "save" ) == 0 ) + } else if (strcmp(argv[1], "save") == 0) { mode = MODE_SAVE; - else if( strcmp( argv[1], "unwrap" ) == 0 ) + } else if (strcmp(argv[1], "unwrap") == 0) { mode = MODE_UNWRAP; - else if( strcmp( argv[1], "wrap" ) == 0 ) + } else if (strcmp(argv[1], "wrap") == 0) { mode = MODE_WRAP; - else - { - printf( "Unknown action: %s\n", argv[1] ); + } else { + printf("Unknown action: %s\n", argv[1]); goto usage_failure; } - if( input_file_name == NULL && - ( mode == MODE_WRAP || mode == MODE_UNWRAP ) ) - { - printf( "Required argument missing: input\n" ); - return( DEMO_ERROR ); + if (input_file_name == NULL && + (mode == MODE_WRAP || mode == MODE_UNWRAP)) { + printf("Required argument missing: input\n"); + return DEMO_ERROR; } - if( output_file_name == NULL && - ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) ) - { - printf( "Required argument missing: output\n" ); - return( DEMO_ERROR ); + if (output_file_name == NULL && + (mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP)) { + printf("Required argument missing: output\n"); + return DEMO_ERROR; } - status = run( mode, key_file_name, - ladder, ladder_depth, - input_file_name, output_file_name ); - return( status == PSA_SUCCESS ? - EXIT_SUCCESS : - EXIT_FAILURE ); + status = run(mode, key_file_name, + ladder, ladder_depth, + input_file_name, output_file_name); + return status == PSA_SUCCESS ? + EXIT_SUCCESS : + EXIT_FAILURE; usage_failure: - usage( ); - return( EXIT_FAILURE ); + usage(); + return EXIT_FAILURE; } -#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ +#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && + MBEDTLS_AES_C && MBEDTLS_CCM_C && + MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/psa/key_ladder_demo.sh b/third_party/mbedtls/repo/programs/psa/key_ladder_demo.sh index 67de0853790..9d62228b4f4 100755 --- a/third_party/mbedtls/repo/programs/psa/key_ladder_demo.sh +++ b/third_party/mbedtls/repo/programs/psa/key_ladder_demo.sh @@ -1,25 +1,31 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e -u -program="${0%/*}"/key_ladder_demo +program_name="key_ladder_demo" +program="${0%/*}/$program_name" files_to_clean= +if [ ! -e "$program" ]; then + # Look for programs in the current directory and the directories above it + for dir in "." ".." "../.."; do + program="$dir/programs/psa/$program_name" + if [ -e "$program" ]; then + break + fi + done + if [ ! -e "$program" ]; then + echo "Could not find $program_name executable" + + echo "If building out-of-tree, this script must be run" \ + "from the project build directory." + exit 1 + fi +fi + run () { echo echo "# $1" diff --git a/third_party/mbedtls/repo/programs/psa/psa_constant_names.c b/third_party/mbedtls/repo/programs/psa/psa_constant_names.c index 14d449441ce..4e030ce9d0a 100644 --- a/third_party/mbedtls/repo/programs/psa/psa_constant_names.c +++ b/third_party/mbedtls/repo/programs/psa/psa_constant_names.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -26,29 +14,29 @@ /* This block is present to support Visual Studio builds prior to 2015 */ #if defined(_MSC_VER) && _MSC_VER < 1900 #include -int snprintf( char *s, size_t n, const char *fmt, ... ) +int snprintf(char *s, size_t n, const char *fmt, ...) { int ret; va_list argp; /* Avoid calling the invalid parameter handler by checking ourselves */ - if( s == NULL || n == 0 || fmt == NULL ) - return( -1 ); + if (s == NULL || n == 0 || fmt == NULL) { + return -1; + } - va_start( argp, fmt ); + va_start(argp, fmt); #if defined(_TRUNCATE) && !defined(__MINGW32__) - ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp ); + ret = _vsnprintf_s(s, n, _TRUNCATE, fmt, argp); #else - ret = _vsnprintf( s, n, fmt, argp ); - if( ret < 0 || (size_t) ret == n ) - { + ret = _vsnprintf(s, n, fmt, argp); + if (ret < 0 || (size_t) ret == n) { s[n-1] = '\0'; ret = -1; } #endif - va_end( argp ); + va_end(argp); - return( ret ); + return ret; } #endif @@ -75,7 +63,9 @@ static void append_integer(char **buffer, size_t buffer_size, unsigned long value) { size_t n = snprintf(*buffer, buffer_size - *required_size, format, value); - if (n < buffer_size - *required_size) *buffer += n; + if (n < buffer_size - *required_size) { + *buffer += n; + } *required_size += n; } @@ -294,8 +284,7 @@ int main(int argc, char *argv[]) { if (argc <= 1 || !strcmp(argv[1], "help") || - !strcmp(argv[1], "--help")) - { + !strcmp(argv[1], "--help")) { usage(argv[0]); return EXIT_FAILURE; } diff --git a/third_party/mbedtls/repo/programs/random/gen_entropy.c b/third_party/mbedtls/repo/programs/random/gen_entropy.c index 0f27aaa30d0..4df60e93aeb 100644 --- a/third_party/mbedtls/repo/programs/random/gen_entropy.c +++ b/third_party/mbedtls/repo/programs/random/gen_entropy.c @@ -2,19 +2,7 @@ * \brief Use and generate multiple entropies calls into a file * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/entropy.h" @@ -42,15 +20,15 @@ #endif #if !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int i, k, ret = 1; @@ -58,45 +36,44 @@ int main( int argc, char *argv[] ) mbedtls_entropy_context entropy; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); - for( i = 0, k = 768; i < k; i++ ) - { - ret = mbedtls_entropy_func( &entropy, buf, sizeof( buf ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_entropy_func returned -%04X\n", - (unsigned int) ret ); + for (i = 0, k = 768; i < k; i++) { + ret = mbedtls_entropy_func(&entropy, buf, sizeof(buf)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_entropy_func returned -%04X\n", + (unsigned int) ret); goto cleanup; } - fwrite( buf, 1, sizeof( buf ), f ); + fwrite(buf, 1, sizeof(buf), f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } exit_code = MBEDTLS_EXIT_SUCCESS; cleanup: - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); - fclose( f ); - mbedtls_entropy_free( &entropy ); + fclose(f); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_ENTROPY_C */ diff --git a/third_party/mbedtls/repo/programs/random/gen_random_ctr_drbg.c b/third_party/mbedtls/repo/programs/random/gen_random_ctr_drbg.c index 158a3121928..00f869186e7 100644 --- a/third_party/mbedtls/repo/programs/random/gen_random_ctr_drbg.c +++ b/third_party/mbedtls/repo/programs/random/gen_random_ctr_drbg.c @@ -2,19 +2,7 @@ * \brief Use and generate random data into a file via the CTR_DBRG based on AES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,20 +11,10 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_CTR_DRBG_C) && defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_FS_IO) + defined(MBEDTLS_FS_IO) #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -44,16 +22,16 @@ #endif #if !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_FS_IO) -int main( void ) + !defined(MBEDTLS_FS_IO) +int main(void) { mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; int i, k, ret = 1; @@ -62,63 +40,61 @@ int main( int argc, char *argv[] ) mbedtls_entropy_context entropy; unsigned char buf[1024]; - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ctr_drbg_init(&ctr_drbg); - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_entropy_init( &entropy ); - ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) "RANDOM_GEN", 10 ); - if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_seed: %d\n", ret ); + mbedtls_entropy_init(&entropy); + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, + mbedtls_entropy_func, + &entropy, + (const unsigned char *) "RANDOM_GEN", + 10); + if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_seed: %d\n", ret); goto cleanup; } - mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF ); + mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_OFF); #if defined(MBEDTLS_FS_IO) - ret = mbedtls_ctr_drbg_update_seed_file( &ctr_drbg, "seedfile" ); - - if( ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ) - { - mbedtls_printf( "Failed to open seedfile. Generating one.\n" ); - ret = mbedtls_ctr_drbg_write_seed_file( &ctr_drbg, "seedfile" ); - if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret ); + ret = mbedtls_ctr_drbg_update_seed_file(&ctr_drbg, "seedfile"); + + if (ret == MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) { + mbedtls_printf("Failed to open seedfile. Generating one.\n"); + ret = mbedtls_ctr_drbg_write_seed_file(&ctr_drbg, "seedfile"); + if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_write_seed_file: %d\n", ret); goto cleanup; } - } - else if( ret != 0 ) - { - mbedtls_printf( "failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret ); + } else if (ret != 0) { + mbedtls_printf("failed in mbedtls_ctr_drbg_update_seed_file: %d\n", ret); goto cleanup; } #endif - for( i = 0, k = 768; i < k; i++ ) - { - ret = mbedtls_ctr_drbg_random( &ctr_drbg, buf, sizeof( buf ) ); - if( ret != 0 ) - { + for (i = 0, k = 768; i < k; i++) { + ret = mbedtls_ctr_drbg_random(&ctr_drbg, buf, sizeof(buf)); + if (ret != 0) { mbedtls_printf("failed!\n"); goto cleanup; } - fwrite( buf, 1, sizeof( buf ), f ); + fwrite(buf, 1, sizeof(buf), f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } exit_code = MBEDTLS_EXIT_SUCCESS; @@ -126,10 +102,10 @@ int main( int argc, char *argv[] ) cleanup: mbedtls_printf("\n"); - fclose( f ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + fclose(f); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_CTR_DRBG_C && MBEDTLS_ENTROPY_C */ diff --git a/third_party/mbedtls/repo/programs/random/gen_random_havege.c b/third_party/mbedtls/repo/programs/random/gen_random_havege.c index e82e62769e8..5d93a49cbd2 100644 --- a/third_party/mbedtls/repo/programs/random/gen_random_havege.c +++ b/third_party/mbedtls/repo/programs/random/gen_random_havege.c @@ -2,19 +2,7 @@ * \brief Generate random data into a file * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/havege.h" @@ -43,15 +21,15 @@ #endif #if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { FILE *f; time_t t; @@ -60,48 +38,48 @@ int main( int argc, char *argv[] ) mbedtls_havege_state hs; unsigned char buf[1024]; - if( argc < 2 ) - { - mbedtls_fprintf( stderr, "usage: %s \n", argv[0] ); - mbedtls_exit( exit_code ); + if (argc < 2) { + mbedtls_fprintf(stderr, "usage: %s \n", argv[0]); + mbedtls_exit(exit_code); } - if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) - { - mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] ); - mbedtls_exit( exit_code ); + if ((f = fopen(argv[1], "wb+")) == NULL) { + mbedtls_printf("failed to open '%s' for writing.\n", argv[1]); + mbedtls_exit(exit_code); } - mbedtls_havege_init( &hs ); + mbedtls_havege_init(&hs); - t = time( NULL ); + t = time(NULL); - for( i = 0, k = 768; i < k; i++ ) - { - if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X", - ( unsigned int ) -ret ); + for (i = 0, k = 768; i < k; i++) { + if ((ret = mbedtls_havege_random(&hs, buf, sizeof(buf))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_havege_random returned -0x%04X", + (unsigned int) -ret); goto exit; } - fwrite( buf, sizeof( buf ), 1, f ); + fwrite(buf, sizeof(buf), 1, f); - mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \ - "%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k ); - fflush( stdout ); + mbedtls_printf("Generating %ldkb of data in file '%s'... %04.1f" \ + "%% done\r", + (long) (sizeof(buf) * k / 1024), + argv[1], + (100 * (float) (i + 1)) / k); + fflush(stdout); } - if( t == time( NULL ) ) + if (t == time(NULL)) { t--; + } mbedtls_printf(" \n "); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_havege_free( &hs ); - fclose( f ); - mbedtls_exit( exit_code ); + mbedtls_havege_free(&hs); + fclose(f); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_HAVEGE_C */ diff --git a/third_party/mbedtls/repo/programs/ssl/dtls_client.c b/third_party/mbedtls/repo/programs/ssl/dtls_client.c index 8c302a0a55f..05430f06e6f 100644 --- a/third_party/mbedtls/repo/programs/ssl/dtls_client.c +++ b/third_party/mbedtls/repo/programs/ssl/dtls_client.c @@ -2,19 +2,7 @@ * Simple DTLS client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,31 +11,21 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_CLI_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_NET_C and/or MBEDTLS_TIMING_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -82,17 +60,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret, len; mbedtls_net_context server_fd; @@ -112,217 +90,222 @@ int main( int argc, char *argv[] ) ((void) argv); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 0. Initialize the RNG and the session data */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_printf( " ok\n" ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); + goto exit; + } + + mbedtls_printf(" ok\n"); /* * 0. Load certificates */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1. Start the connection */ - mbedtls_printf( " . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); + mbedtls_printf(" . Connecting to udp/%s/%s...", SERVER_NAME, SERVER_PORT); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_ADDR, - SERVER_PORT, MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, SERVER_ADDR, + SERVER_PORT, MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup stuff */ - mbedtls_printf( " . Setting up the DTLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the DTLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } /* OPTIONAL is usually a bad choice for security, but makes interop easier * in this simplified example, in which the ca chain is hardcoded. * Production code should set a proper ca chain and use REQUIRED. */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS); + + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &server_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout); - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Handshake */ - mbedtls_printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the DTLS handshake..."); + fflush(stdout); - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_handshake(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we would have used MBEDTLS_SSL_VERIFY_REQUIRED so that the * handshake would not succeed if the peer's cert is bad. Even if we used * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); /* * 6. Write the echo request */ send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = sizeof( MESSAGE ) - 1; + len = sizeof(MESSAGE) - 1; - do ret = mbedtls_ssl_write( &ssl, (unsigned char *) MESSAGE, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_write(&ssl, (unsigned char *) MESSAGE, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n\n", len, MESSAGE ); + mbedtls_printf(" %d bytes written\n\n%s\n\n", len, MESSAGE); /* * 7. Read the echo response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_read(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n\n" ); - if( retry_left-- > 0 ) + mbedtls_printf(" timeout\n\n"); + if (retry_left-- > 0) { goto send_request; + } goto exit; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; + mbedtls_printf(" connection was closed gracefully\n"); goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes read\n\n%s\n\n", len, buf ); + mbedtls_printf(" %d bytes read\n\n%s\n\n", len, buf); /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); /* * 9. Final clean-ups and exit @@ -330,34 +313,36 @@ int main( int argc, char *argv[] ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); - - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&cacert); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_SSL_CLI_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_NET_C && - MBEDTLD_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_TIMING_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_RSA_C && MBEDTLS_CERTS_C && MBEDTLS_PEM_PARSE_C */ diff --git a/third_party/mbedtls/repo/programs/ssl/dtls_server.c b/third_party/mbedtls/repo/programs/ssl/dtls_server.c index 5f71ec95026..e3b90b1d6f9 100644 --- a/third_party/mbedtls/repo/programs/ssl/dtls_server.c +++ b/third_party/mbedtls/repo/programs/ssl/dtls_server.c @@ -2,19 +2,7 @@ * Simple DTLS server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,18 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* Uncomment out the following line to default to IPv4 and disable IPv6 */ //#define FORCE_IPV4 @@ -52,15 +29,15 @@ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { - printf( "MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " - "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " - "MBEDTLS_TIMING_C not defined.\n" ); - mbedtls_exit( 0 ); + printf("MBEDTLS_SSL_SRV_C and/or MBEDTLS_SSL_PROTO_DTLS and/or " + "MBEDTLS_SSL_COOKIE_C and/or MBEDTLS_NET_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C and/or " + "MBEDTLS_TIMING_C not defined.\n"); + mbedtls_exit(0); } #else @@ -91,17 +68,17 @@ int main( void ) #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret, len; mbedtls_net_context listen_fd, client_fd; @@ -122,274 +99,269 @@ int main( void ) mbedtls_ssl_cache_context cache; #endif - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_ssl_cookie_init( &cookie_ctx ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ssl_cookie_init(&cookie_ctx); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 1. Load the certificates and private RSA key */ - printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 2. Setup the "listening" UDP socket */ - printf( " . Bind on udp/*/4433 ..." ); - fflush( stdout ); + printf(" . Bind on udp/*/4433 ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, BIND_IP, "4433", MBEDTLS_NET_PROTO_UDP)) != 0) { + printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 3. Seed the RNG */ - printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - printf( " ok\n" ); + printf(" ok\n"); /* * 4. Setup stuff */ - printf( " . Setting up the DTLS data..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + printf(" . Setting up the DTLS data..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - mbedtls_ssl_conf_read_timeout( &conf, READ_TIMEOUT_MS ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + mbedtls_ssl_conf_read_timeout(&conf, READ_TIMEOUT_MS); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); + mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); - printf( " ok\n" ); + printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { - printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + client_ip, sizeof(client_ip), &cliip_len)) != 0) { + printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } /* For HelloVerifyRequest cookies */ - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - printf( " failed\n ! " - "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, + client_ip, cliip_len)) != 0) { + printf(" failed\n ! " + "mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, - mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout ); + mbedtls_ssl_set_bio(&ssl, &client_fd, + mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout); - printf( " ok\n" ); + printf(" ok\n"); /* * 5. Handshake */ - printf( " . Performing the DTLS handshake..." ); - fflush( stdout ); + printf(" . Performing the DTLS handshake..."); + fflush(stdout); - do ret = mbedtls_ssl_handshake( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_handshake(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - printf( " hello verification requested\n" ); + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { + printf(" hello verification requested\n"); ret = 0; goto reset; - } - else if( ret != 0 ) - { - printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + } else if (ret != 0) { + printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret); goto reset; } - printf( " ok\n" ); + printf(" ok\n"); /* * 6. Read the echo Request */ - printf( " < Read from client:" ); - fflush( stdout ); + printf(" < Read from client:"); + fflush(stdout); - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - do ret = mbedtls_ssl_read( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_read(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - printf( " timeout\n\n" ); + printf(" timeout\n\n"); goto reset; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - printf( " connection was closed gracefully\n" ); - ret = 0; + printf(" connection was closed gracefully\n"); goto close_notify; default: - printf( " mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret ); + printf(" mbedtls_ssl_read returned -0x%x\n\n", (unsigned int) -ret); goto reset; } } len = ret; - printf( " %d bytes read\n\n%s\n\n", len, buf ); + printf(" %d bytes read\n\n%s\n\n", len, buf); /* * 7. Write the 200 Response */ - printf( " > Write to client:" ); - fflush( stdout ); + printf(" > Write to client:"); + fflush(stdout); - do ret = mbedtls_ssl_write( &ssl, buf, len ); - while( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_write(&ssl, buf, len); + } while (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); - if( ret < 0 ) - { - printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } len = ret; - printf( " %d bytes written\n\n%s\n\n", len, buf ); + printf(" %d bytes written\n\n%s\n\n", len, buf); /* * 8. Done, cleanly close the connection */ close_notify: - printf( " . Closing the connection..." ); + printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - printf( " done\n" ); + printf(" done\n"); goto reset; @@ -399,38 +371,41 @@ int main( void ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - printf( "Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_cookie_free( &cookie_ctx ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_cookie_free(&cookie_ctx); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif /* Shell can not handle large exit numbers -> 1 for errors */ - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_COOKIE_C && MBEDTLS_NET_C && MBEDTLS_ENTROPY_C && diff --git a/third_party/mbedtls/repo/programs/ssl/mini_client.c b/third_party/mbedtls/repo/programs/ssl/mini_client.c index 0a9cc284dd3..8c7dcfa2dfa 100644 --- a/third_party/mbedtls/repo/programs/ssl/mini_client.c +++ b/third_party/mbedtls/repo/programs/ssl/mini_client.c @@ -3,19 +3,7 @@ * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -24,16 +12,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* * We're creating and connecting the socket "manually" rather than using the @@ -41,7 +20,7 @@ * dominate memory usage in small configurations. For the sake of simplicity, * only a Unix version is implemented. * - * Warning: we are breaking some of the abtractions from the NET layer here. + * Warning: we are breaking some of the abstractions from the NET layer here. * This is not a good example for general use. This programs has the specific * goal of minimizing use of the libc functions on full-blown OSes. */ @@ -53,12 +32,12 @@ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(UNIX) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " - "not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_CTR_DRBG_C and/or MBEDTLS_ENTROPY_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_SSL_CLI_C and/or UNIX " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -150,8 +129,7 @@ const unsigned char ca_cert[] = { }; #endif /* MBEDTLS_X509_CRT_PARSE_C */ -enum exit_codes -{ +enum exit_codes { exit_ok = 0, ctr_drbg_seed_failed, ssl_config_defaults_failed, @@ -165,7 +143,7 @@ enum exit_codes }; -int main( void ) +int main(void) { int ret = exit_ok; mbedtls_net_context server_fd; @@ -178,62 +156,65 @@ int main( void ) mbedtls_ctr_drbg_context ctr_drbg; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_ctr_drbg_init(&ctr_drbg); /* * 0. Initialize and setup stuff */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); #if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crt_init(&ca); #endif + mbedtls_entropy_init(&entropy); - mbedtls_entropy_init( &entropy ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, strlen( pers ) ) != 0 ) - { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, strlen(pers)) != 0) { ret = ctr_drbg_seed_failed; goto exit; } - if( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) != 0 ) - { + if (mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT) != 0) { ret = ssl_config_defaults_failed; goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - mbedtls_ssl_conf_psk( &conf, psk, sizeof( psk ), - (const unsigned char *) psk_id, sizeof( psk_id ) - 1 ); + mbedtls_ssl_conf_psk(&conf, psk, sizeof(psk), + (const unsigned char *) psk_id, sizeof(psk_id) - 1); #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_x509_crt_parse_der( &ca, ca_cert, sizeof( ca_cert ) ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(&ca, ca_cert, sizeof(ca_cert)) != 0) { ret = x509_crt_parse_failed; goto exit; } - mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL ); - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); + mbedtls_ssl_conf_ca_chain(&conf, &ca, NULL); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); #endif - if( mbedtls_ssl_setup( &ssl, &conf ) != 0 ) - { + if (mbedtls_ssl_setup(&ssl, &conf) != 0) { ret = ssl_setup_failed; goto exit; } #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 ) - { + if (mbedtls_ssl_set_hostname(&ssl, HOSTNAME) != 0) { ret = hostname_failed; goto exit; } @@ -242,7 +223,7 @@ int main( void ) /* * 1. Start the connection */ - memset( &addr, 0, sizeof( addr ) ); + memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; ret = 1; /* for endianness detection */ @@ -250,23 +231,20 @@ int main( void ) addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE; ret = 0; - if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 ) - { + if ((server_fd.fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { ret = socket_failed; goto exit; } - if( connect( server_fd.fd, - (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 ) - { + if (connect(server_fd.fd, + (const struct sockaddr *) &addr, sizeof(addr)) < 0) { ret = connect_failed; goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - if( mbedtls_ssl_handshake( &ssl ) != 0 ) - { + if (mbedtls_ssl_handshake(&ssl) != 0) { ret = ssl_handshake_failed; goto exit; } @@ -274,26 +252,27 @@ int main( void ) /* * 2. Write the GET request and close the connection */ - if( mbedtls_ssl_write( &ssl, (const unsigned char *) GET_REQUEST, - sizeof( GET_REQUEST ) - 1 ) <= 0 ) - { + if (mbedtls_ssl_write(&ssl, (const unsigned char *) GET_REQUEST, + sizeof(GET_REQUEST) - 1) <= 0) { ret = ssl_write_failed; goto exit; } - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit: - mbedtls_net_free( &server_fd ); - - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&server_fd); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); #if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_free(&ca); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_client1.c b/third_party/mbedtls/repo/programs/ssl/ssl_client1.c index 61a849c3ae7..401b259a943 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_client1.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_client1.c @@ -2,19 +2,7 @@ * SSL client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,33 +11,21 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CERTS_C) || !defined(MBEDTLS_PEM_PARSE_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -70,17 +46,17 @@ int main( void ) #define DEBUG_LEVEL 1 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret = 1, len; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -96,221 +72,221 @@ int main( void ) mbedtls_x509_crt cacert; #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 0. Initialize the RNG and the session data */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); goto exit; } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_printf( " ok\n" ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); + goto exit; + } + + mbedtls_printf(" ok\n"); /* * 0. Initialize certificates */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1. Start the connection */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT ); - fflush( stdout ); + mbedtls_printf(" . Connecting to tcp/%s/%s...", SERVER_NAME, SERVER_PORT); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, SERVER_NAME, + SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); - - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, SERVER_NAME)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); /* * 3. Write the GET request */ - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = sprintf( (char *) buf, GET_REQUEST ); + len = sprintf((char *) buf, GET_REQUEST); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes written\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes written\n\n%s", len, (char *) buf); /* * 7. Read the HTTP response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { break; + } - if( ret < 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret); break; } - if( ret == 0 ) - { - mbedtls_printf( "\n\nEOF\n\n" ); + if (ret == 0) { + mbedtls_printf("\n\nEOF\n\n"); break; } len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); - } - while( 1 ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); + } while (1); - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); - - mbedtls_x509_crt_free( &cacert ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&cacert); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_client2.c b/third_party/mbedtls/repo/programs/ssl/ssl_client2.c index 8e62dbe88f7..4b4a6522aac 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_client2.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_client2.c @@ -2,19 +2,7 @@ * SSL client with certificate authentication * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "ssl_test_lib.h" @@ -24,16 +12,16 @@ #endif #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -int main( void ) +int main(void) { - mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE ); - mbedtls_exit( 0 ); + mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE); + mbedtls_exit(0); } #elif !defined(MBEDTLS_SSL_CLI_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_CLI_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_CLI_C not defined.\n"); + mbedtls_exit(0); } #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */ @@ -116,17 +104,17 @@ int main( void ) #define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: " #define GET_REQUEST_END "\r\n\r\n" -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #define USAGE_CONTEXT_CRT_CB \ " context_crt_cb=%%d This determines whether the CRT verification callback is bound\n" \ " to the SSL configuration of the SSL context.\n" \ - " Possible values:\n"\ + " Possible values:\n" \ " - 0 (default): Use CRT callback bound to configuration\n" \ " - 1: Use CRT callback bound to SSL context\n" #else #define USAGE_CONTEXT_CRT_CB "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_FS_IO) #define USAGE_IO \ " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ @@ -137,17 +125,17 @@ int main( void ) " use \"none\" to skip loading any top-level CAs.\n" \ " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ " default: \"\" (pre-loaded)\n" \ - " key_file=%%s default: \"\" (pre-loaded)\n"\ - " key_pwd=%%s Password for key specified by key_file argument\n"\ + " key_file=%%s default: \"\" (pre-loaded)\n" \ + " key_pwd=%%s Password for key specified by key_file argument\n" \ " default: none\n" #else #define USAGE_IO \ " No file operations available (MBEDTLS_FS_IO not defined)\n" #endif /* MBEDTLS_FS_IO */ -#else /* MBEDTLS_X509_CRT_PARSE_C */ +#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #define USAGE_IO "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #define USAGE_KEY_OPAQUE \ " key_opaque=%%d Handle your private key as if it were opaque\n" \ " default: 0 (disabled)\n" @@ -219,7 +207,7 @@ int main( void ) #if defined(MBEDTLS_SSL_DTLS_SRTP) #define USAGE_SRTP \ " use_srtp=%%d default: 0 (disabled)\n" \ - " This cannot be used with eap_tls=1 or "\ + " This cannot be used with eap_tls=1 or " \ " nss_keylog=1\n" \ " srtp_force_profile=%%d default: 0 (all enabled)\n" \ " available profiles:\n" \ @@ -350,7 +338,7 @@ int main( void ) " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ " options: 1 (serialize)\n" \ " 2 (serialize with re-initialization)\n" \ - " context_file=%%s The file path to write a serialized connection\n"\ + " context_file=%%s The file path to write a serialized connection\n" \ " in the form of base64 code (serialize option\n" \ " must be set)\n" \ " default: \"\" (do nothing)\n" \ @@ -370,19 +358,21 @@ int main( void ) " request_page=%%s default: \".\"\n" \ " request_size=%%d default: about 34 (basic request)\n" \ " (minimum: 0, max: " MAX_REQUEST_SIZE_STR ")\n" \ - " If 0, in the first exchange only an empty\n" \ - " application data message is sent followed by\n" \ - " a second non-empty message before attempting\n" \ - " to read a response from the server\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " nbio=%%d default: 0 (blocking I/O)\n" \ - " options: 1 (non-blocking), 2 (added delays)\n" \ - " event=%%d default: 0 (loop)\n" \ - " options: 1 (level-triggered, implies nbio=1),\n" \ - " read_timeout=%%d default: 0 ms (no timeout)\n" \ - " max_resend=%%d default: 0 (no resend on timeout)\n" \ - " skip_close_notify=%%d default: 0 (send close_notify)\n" \ - "\n" \ + " If 0, in the first exchange only an empty\n" \ + " application data message is sent followed by\n" \ + " a second non-empty message before attempting\n" \ + " to read a response from the server\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " build_version=%%d default: none (disabled)\n" \ + " option: 1 (print build version only and stop)\n" \ + " nbio=%%d default: 0 (blocking I/O)\n" \ + " options: 1 (non-blocking), 2 (added delays)\n" \ + " event=%%d default: 0 (loop)\n" \ + " options: 1 (level-triggered, implies nbio=1),\n" \ + " read_timeout=%%d default: 0 ms (no timeout)\n" \ + " max_resend=%%d default: 0 (no resend on timeout)\n" \ + " skip_close_notify=%%d default: 0 (send close_notify)\n" \ + "\n" \ USAGE_DTLS \ USAGE_CID \ USAGE_SRTP \ @@ -430,7 +420,7 @@ int main( void ) " force_version=%%s default: \"\" (none)\n" \ " options: ssl3, tls1, tls1_1, tls12, dtls1, dtls12\n" \ "\n" \ - " force_ciphersuite= default: all enabled\n"\ + " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ " otherwise. The expansion of the macro\n" \ @@ -445,8 +435,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *server_name; /* hostname of the server (client only) */ const char *server_addr; /* address of the server (client only) */ const char *server_port; /* port on which the ssl service runs */ @@ -498,7 +487,7 @@ struct options int transport; /* TLS or DTLS? */ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ uint32_t hs_to_max; /* Max value of DTLS handshake timer */ - int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ + int dtls_mtu; /* UDP Maximum transport unit for DTLS */ int fallback; /* is this a fallback connection? */ int dgram_packing; /* allow/forbid datagram packing */ int extended_ms; /* negotiate extended master secret? */ @@ -527,51 +516,53 @@ struct options #include "ssl_test_common_source.c" -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) static unsigned char peer_crt_info[1024]; /* * Enabled if debug_level > 1 in code below */ -static int my_verify( void *data, mbedtls_x509_crt *crt, - int depth, uint32_t *flags ) +static int my_verify(void *data, mbedtls_x509_crt *crt, + int depth, uint32_t *flags) { char buf[1024]; ((void) data); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - if( depth == 0 ) - memcpy( peer_crt_info, buf, sizeof( buf ) ); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + if (depth == 0) { + memcpy(peer_crt_info, buf, sizeof(buf)); + } - if( opt.debug_level == 0 ) - return( 0 ); + if (opt.debug_level == 0) { + return 0; + } - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_printf( "%s", buf ); + mbedtls_printf("\nVerify requested for (Depth %d):\n", depth); + mbedtls_printf("%s", buf); - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); + if ((*flags) == 0) { + mbedtls_printf(" This certificate has no flags\n"); + } else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + mbedtls_printf("%s\n", buf); } - return( 0 ); + return 0; } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -int report_cid_usage( mbedtls_ssl_context *ssl, - const char *additional_description ) +int report_cid_usage(mbedtls_ssl_context *ssl, + const char *additional_description) { int ret; - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t peer_cid_len; int cid_negotiated; - if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); + if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; + } /* Check if the use of a CID has been negotiated, * but don't ask for the CID value and length. @@ -583,64 +574,56 @@ int report_cid_usage( mbedtls_ssl_context *ssl, * * An actual application, however, should use * just one call to mbedtls_ssl_get_peer_cid(). */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - NULL, NULL ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + NULL, NULL); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; } - if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) - { - if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) - { - mbedtls_printf( "(%s) Use of Connection ID was rejected by the server.\n", - additional_description ); + if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { + if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { + mbedtls_printf("(%s) Use of Connection ID was rejected by the server.\n", + additional_description); } - } - else - { - size_t idx=0; - mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n", - additional_description ); + } else { + size_t idx = 0; + mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n", + additional_description); /* Ask for just the length of the peer's CID. */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - NULL, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + NULL, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; } /* Ask for just length + value of the peer's CID. */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - peer_cid, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); - } - mbedtls_printf( "(%s) Peer CID (length %u Bytes): ", - additional_description, - (unsigned) peer_cid_len ); - while( idx < peer_cid_len ) - { - mbedtls_printf( "%02x ", peer_cid[ idx ] ); + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + peer_cid, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; + } + mbedtls_printf("(%s) Peer CID (length %u Bytes): ", + additional_description, + (unsigned) peer_cid_len); + while (idx < peer_cid_len) { + mbedtls_printf("%02x ", peer_cid[idx]); idx++; } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; int query_config_ret = 0; @@ -675,21 +658,20 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH]; - size_t mki_len=0; + size_t mki_len = 0; #endif const char *pers = "ssl_client2"; #if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) psa_key_id_t slot = 0; psa_algorithm_t alg = 0; psa_key_attributes_t key_attributes; +#endif psa_status_t status; #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; -#endif rng_context_t rng; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; @@ -699,15 +681,16 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_TIMING_C) mbedtls_timing_delay_context timer; #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) uint32_t flags; mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; mbedtls_pk_context pkey; + mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_key_id_t key_slot = 0; /* invalid key slot */ #endif -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ char *p, *q; const int *list; #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) @@ -717,12 +700,12 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) unsigned char eap_tls_keymaterial[16]; unsigned char eap_tls_iv[8]; - const char* eap_tls_label = "client EAP encryption"; + const char *eap_tls_label = "client EAP encryption"; eap_tls_keys eap_tls_keying; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /*! master keys and master salt for SRTP generated during handshake */ unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; - const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; + const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp"; dtls_srtp_keys dtls_srtp_keying; const mbedtls_ssl_srtp_profile default_profiles[] = { MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, @@ -735,63 +718,62 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_TEST_HOOKS) - test_hooks_init( ); + test_hooks_init(); #endif /* MBEDTLS_TEST_HOOKS */ /* * Make sure memory references are valid. */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &saved_session, 0, sizeof( mbedtls_ssl_session ) ); - rng_init( &rng ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(&saved_session, 0, sizeof(mbedtls_ssl_session)); + rng_init(&rng); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); + mbedtls_pk_init(&pkey); #endif #if defined(MBEDTLS_SSL_ALPN) - memset( (void * ) alpn_list, 0, sizeof( alpn_list ) ); + memset((void *) alpn_list, 0, sizeof(alpn_list)); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - if( argc == 0 ) - { - usage: - if( ret == 0 ) + if (argc < 2) { +usage: + if (ret == 0) { ret = 1; + } - mbedtls_printf( USAGE1 ); - mbedtls_printf( USAGE2 ); - mbedtls_printf( USAGE3 ); - mbedtls_printf( USAGE4 ); + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); list++; - if( !*list ) + if (!*list) { break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -829,7 +811,7 @@ int main( int argc, char *argv[] ) opt.psk_identity = DFL_PSK_IDENTITY; opt.ecjpake_pw = DFL_ECJPAKE_PW; opt.ec_max_ops = DFL_EC_MAX_OPS; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; opt.renegotiate = DFL_RENEGOTIATE; @@ -870,143 +852,136 @@ int main( int argc, char *argv[] ) opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE; opt.mki = DFL_SRTP_MKI; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_name" ) == 0 ) + if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_addr" ) == 0 ) + } else if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) + } else if (strcmp(p, "dtls") == 0) { + int t = atoi(q); + if (t == 0) { opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) + } else if (t == 1) { opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else + } else { goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "context_crt_cb" ) == 0 ) - { - opt.context_crt_cb = atoi( q ); - if( opt.context_crt_cb != 0 && opt.context_crt_cb != 1 ) + } + } else if (strcmp(p, "build_version") == 0) { + if (strcmp(q, "1") == 0) { + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, + MBEDTLS_VERSION_NUMBER); + goto exit; + } + } else if (strcmp(p, "context_crt_cb") == 0) { + opt.context_crt_cb = atoi(q); + if (opt.context_crt_cb != 0 && opt.context_crt_cb != 1) { goto usage; - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) + } + } else if (strcmp(p, "nbio") == 0) { + opt.nbio = atoi(q); + if (opt.nbio < 0 || opt.nbio > 2) { goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) + } + } else if (strcmp(p, "event") == 0) { + opt.event = atoi(q); + if (opt.event < 0 || opt.event > 2) { goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "max_resend" ) == 0 ) - { - opt.max_resend = atoi( q ); - if( opt.max_resend < 0 ) + } + } else if (strcmp(p, "read_timeout") == 0) { + opt.read_timeout = atoi(q); + } else if (strcmp(p, "max_resend") == 0) { + opt.max_resend = atoi(q); + if (opt.max_resend < 0) { goto usage; - } - else if( strcmp( p, "request_page" ) == 0 ) + } + } else if (strcmp(p, "request_page") == 0) { opt.request_page = q; - else if( strcmp( p, "request_size" ) == 0 ) - { - opt.request_size = atoi( q ); - if( opt.request_size < 0 || - opt.request_size > MAX_REQUEST_SIZE ) + } else if (strcmp(p, "request_size") == 0) { + opt.request_size = atoi(q); + if (opt.request_size < 0 || + opt.request_size > MAX_REQUEST_SIZE) { goto usage; - } - else if( strcmp( p, "ca_file" ) == 0 ) + } + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "key_pwd" ) == 0 ) + } else if (strcmp(p, "key_pwd") == 0) { opt.key_pwd = q; -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C) - else if( strcmp( p, "key_opaque" ) == 0 ) - opt.key_opaque = atoi( q ); + } +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if (strcmp(p, "key_opaque") == 0) { + opt.key_opaque = atoi(q); + } #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "cid" ) == 0 ) - { - opt.cid_enabled = atoi( q ); - if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + else if (strcmp(p, "cid") == 0) { + opt.cid_enabled = atoi(q); + if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { goto usage; - } - else if( strcmp( p, "cid_renego" ) == 0 ) - { - opt.cid_enabled_renego = atoi( q ); - if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 ) + } + } else if (strcmp(p, "cid_renego") == 0) { + opt.cid_enabled_renego = atoi(q); + if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { goto usage; - } - else if( strcmp( p, "cid_val" ) == 0 ) - { + } + } else if (strcmp(p, "cid_val") == 0) { opt.cid_val = q; - } - else if( strcmp( p, "cid_val_renego" ) == 0 ) - { + } else if (strcmp(p, "cid_val_renego") == 0) { opt.cid_val_renego = q; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "psk" ) == 0 ) + else if (strcmp(p, "psk") == 0) { opt.psk = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); + else if (strcmp(p, "psk_opaque") == 0) { + opt.psk_opaque = atoi(q); + } #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); + else if (strcmp(p, "ca_callback") == 0) { + opt.ca_callback = atoi(q); + } #endif - else if( strcmp( p, "psk_identity" ) == 0 ) + else if (strcmp(p, "psk_identity") == 0) { opt.psk_identity = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) + } else if (strcmp(p, "ecjpake_pw") == 0) { opt.ecjpake_pw = q; - else if( strcmp( p, "ec_max_ops" ) == 0 ) - opt.ec_max_ops = atoi( q ); - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); - - if( opt.force_ciphersuite[0] == 0 ) - { + } else if (strcmp(p, "ec_max_ops") == 0) { + opt.ec_max_ops = atoi(q); + } else if (strcmp(p, "force_ciphersuite") == 0) { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); + + if (opt.force_ciphersuite[0] == 0) { ret = 2; goto usage; } opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "renegotiation") == 0) { + opt.renegotiation = (atoi(q)) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } else if (strcmp(p, "allow_legacy") == 0) { + switch (atoi(q)) { case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; @@ -1018,66 +993,51 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + } else if (strcmp(p, "renegotiate") == 0) { + opt.renegotiate = atoi(q); + if (opt.renegotiate < 0 || opt.renegotiate > 1) { goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 1 ) + } + } else if (strcmp(p, "exchanges") == 0) { + opt.exchanges = atoi(q); + if (opt.exchanges < 1) { goto usage; - } - else if( strcmp( p, "reconnect" ) == 0 ) - { - opt.reconnect = atoi( q ); - if( opt.reconnect < 0 || opt.reconnect > 2 ) + } + } else if (strcmp(p, "reconnect") == 0) { + opt.reconnect = atoi(q); + if (opt.reconnect < 0 || opt.reconnect > 2) { goto usage; - } - else if( strcmp( p, "reco_delay" ) == 0 ) - { - opt.reco_delay = atoi( q ); - if( opt.reco_delay < 0 ) + } + } else if (strcmp(p, "reco_delay") == 0) { + opt.reco_delay = atoi(q); + if (opt.reco_delay < 0) { goto usage; - } - else if( strcmp( p, "reco_mode" ) == 0 ) - { - opt.reco_mode = atoi( q ); - if( opt.reco_mode < 0 ) + } + } else if (strcmp(p, "reco_mode") == 0) { + opt.reco_mode = atoi(q); + if (opt.reco_mode < 0) { goto usage; - } - else if( strcmp( p, "reconnect_hard" ) == 0 ) - { - opt.reconnect_hard = atoi( q ); - if( opt.reconnect_hard < 0 || opt.reconnect_hard > 1 ) + } + } else if (strcmp(p, "reconnect_hard") == 0) { + opt.reconnect_hard = atoi(q); + if (opt.reconnect_hard < 0 || opt.reconnect_hard > 1) { goto usage; - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 2 ) + } + } else if (strcmp(p, "tickets") == 0) { + opt.tickets = atoi(q); + if (opt.tickets < 0 || opt.tickets > 2) { goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { + } + } else if (strcmp(p, "alpn") == 0) { opt.alpn_string = q; - } - else if( strcmp( p, "fallback" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "fallback") == 0) { + switch (atoi(q)) { case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; default: goto usage; } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "extended_ms") == 0) { + switch (atoi(q)) { case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; @@ -1086,327 +1046,262 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "curves" ) == 0 ) + } else if (strcmp(p, "curves") == 0) { opt.curves = q; - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "etm") == 0) { + switch (atoi(q)) { case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } else if (strcmp(p, "min_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "max_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "arc4") == 0) { + switch (atoi(q)) { case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "allow_sha1") == 0) { + switch (atoi(q)) { case 0: opt.allow_sha1 = 0; break; case 1: opt.allow_sha1 = 1; break; default: goto usage; } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { + } else if (strcmp(p, "force_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { + } else if (strcmp(q, "tls1_1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls12" ) == 0 ) - { + } else if (strcmp(q, "tls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { + } else if (strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls12" ) == 0 ) - { + } else if (strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else + } else { goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( strcmp( q, "none" ) == 0 ) + } + } else if (strcmp(p, "auth_mode") == 0) { + if (strcmp(q, "none") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_NONE; - else if( strcmp( q, "optional" ) == 0 ) + } else if (strcmp(q, "optional") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if( strcmp( q, "required" ) == 0 ) + } else if (strcmp(q, "required") == 0) { opt.auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; - else + } else { goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) + } + } else if (strcmp(p, "max_frag_len") == 0) { + if (strcmp(q, "512") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) + } else if (strcmp(q, "1024") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) + } else if (strcmp(q, "2048") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) + } else if (strcmp(q, "4096") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else + } else { goto usage; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "trunc_hmac") == 0) { + switch (atoi(q)) { case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) + } else if (strcmp(p, "hs_timeout") == 0) { + if ((p = strchr(q, '-')) == NULL) { goto usage; + } *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + opt.hs_to_min = atoi(q); + opt.hs_to_max = atoi(p); + if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) + } + } else if (strcmp(p, "mtu") == 0) { + opt.dtls_mtu = atoi(q); + if (opt.dtls_mtu < 0) { goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { + } + } else if (strcmp(p, "dgram_packing") == 0) { + opt.dgram_packing = atoi(q); + if (opt.dgram_packing != 0 && + opt.dgram_packing != 1) { goto usage; } - } - else if( strcmp( p, "recsplit" ) == 0 ) - { - opt.recsplit = atoi( q ); - if( opt.recsplit < 0 || opt.recsplit > 1 ) + } else if (strcmp(p, "recsplit") == 0) { + opt.recsplit = atoi(q); + if (opt.recsplit < 0 || opt.recsplit > 1) { goto usage; - } - else if( strcmp( p, "dhmlen" ) == 0 ) - { - opt.dhmlen = atoi( q ); - if( opt.dhmlen < 0 ) + } + } else if (strcmp(p, "dhmlen") == 0) { + opt.dhmlen = atoi(q); + if (opt.dhmlen < 0) { goto usage; - } - else if( strcmp( p, "query_config" ) == 0 ) - { + } + } else if (strcmp(p, "query_config") == 0) { opt.query_config_mode = 1; - query_config_ret = query_config( q ); + query_config_ret = query_config(q); goto exit; - } - else if( strcmp( p, "serialize") == 0 ) - { - opt.serialize = atoi( q ); - if( opt.serialize < 0 || opt.serialize > 2) + } else if (strcmp(p, "serialize") == 0) { + opt.serialize = atoi(q); + if (opt.serialize < 0 || opt.serialize > 2) { goto usage; - } - else if( strcmp( p, "context_file") == 0 ) - { + } + } else if (strcmp(p, "context_file") == 0) { opt.context_file = q; - } - else if( strcmp( p, "eap_tls" ) == 0 ) - { - opt.eap_tls = atoi( q ); - if( opt.eap_tls < 0 || opt.eap_tls > 1 ) + } else if (strcmp(p, "eap_tls") == 0) { + opt.eap_tls = atoi(q); + if (opt.eap_tls < 0 || opt.eap_tls > 1) { goto usage; - } - else if( strcmp( p, "reproducible" ) == 0 ) - { + } + } else if (strcmp(p, "reproducible") == 0) { opt.reproducible = 1; - } - else if( strcmp( p, "nss_keylog" ) == 0 ) - { - opt.nss_keylog = atoi( q ); - if( opt.nss_keylog < 0 || opt.nss_keylog > 1 ) + } else if (strcmp(p, "nss_keylog") == 0) { + opt.nss_keylog = atoi(q); + if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { goto usage; - } - else if( strcmp( p, "nss_keylog_file" ) == 0 ) - { + } + } else if (strcmp(p, "nss_keylog_file") == 0) { opt.nss_keylog_file = q; - } - else if( strcmp( p, "skip_close_notify" ) == 0 ) - { - opt.skip_close_notify = atoi( q ); - if( opt.skip_close_notify < 0 || opt.skip_close_notify > 1 ) + } else if (strcmp(p, "skip_close_notify") == 0) { + opt.skip_close_notify = atoi(q); + if (opt.skip_close_notify < 0 || opt.skip_close_notify > 1) { goto usage; - } - else if( strcmp( p, "use_srtp" ) == 0 ) - { - opt.use_srtp = atoi ( q ); - } - else if( strcmp( p, "srtp_force_profile" ) == 0 ) - { - opt.force_srtp_profile = atoi( q ); - } - else if( strcmp( p, "mki" ) == 0 ) - { + } + } else if (strcmp(p, "use_srtp") == 0) { + opt.use_srtp = atoi(q); + } else if (strcmp(p, "srtp_force_profile") == 0) { + opt.force_srtp_profile = atoi(q); + } else if (strcmp(p, "mki") == 0) { opt.mki = q; - } - else + } else { goto usage; + } } - if( opt.nss_keylog != 0 && opt.eap_tls != 0 ) - { - mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" ); + if (opt.nss_keylog != 0 && opt.eap_tls != 0) { + mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); goto usage; } /* Event-driven IO is incompatible with the above custom * receive and send functions, as the polling builds on * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + if (opt.event == 1 && opt.nbio != 1) { + mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n"); opt.nbio = 1; } #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ - if( strlen( opt.psk ) ) - { - if( mbedtls_test_unhexify( psk, sizeof( psk ), - opt.psk, &psk_len ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid\n" ); + if (strlen(opt.psk)) { + if (mbedtls_test_unhexify(psk, sizeof(psk), + opt.psk, &psk_len) != 0) { + mbedtls_printf("pre-shared key not valid\n"); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( opt.psk == NULL ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + if (opt.psk_opaque != 0) { + if (opt.psk == NULL) { + mbedtls_printf("psk_opaque set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( opt.force_ciphersuite[0] > 0 ) - { + if (opt.force_ciphersuite[0] > 0) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]); - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } /* If the server selects a version that's not supported by * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { + if (opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver) { opt.max_version = ciphersuite_info->max_minor_ver; } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { + if (opt.min_version < ciphersuite_info->min_minor_ver) { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { - mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" ); + if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) { + mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; } @@ -1415,101 +1310,83 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - /* Ensure that the chosen ciphersuite is PSK-only; we must know - * the ciphersuite in advance to set the correct policy for the - * PSK key slot. This limitation might go away in the future. */ - if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) + if (opt.psk_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ #if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else #endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( mbedtls_test_unhexify( cid, sizeof( cid ), - opt.cid_val, &cid_len ) != 0 ) - { - mbedtls_printf( "CID not valid\n" ); + if (mbedtls_test_unhexify(cid, sizeof(cid), + opt.cid_val, &cid_len) != 0) { + mbedtls_printf("CID not valid\n"); goto exit; } /* Keep CID settings for renegotiation unless * specified otherwise. */ - if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO ) + if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { opt.cid_enabled_renego = opt.cid_enabled; - if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) + } + if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { opt.cid_val_renego = opt.cid_val; + } - if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), - opt.cid_val_renego, &cid_renego_len ) != 0 ) - { - mbedtls_printf( "CID not valid\n" ); + if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), + opt.cid_val_renego, &cid_renego_len) != 0) { + mbedtls_printf("CID not valid\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { + if (opt.curves != NULL) { p = (char *) opt.curves; i = 0; - if( strcmp( p, "none" ) == 0 ) - { + if (strcmp(p, "none") == 0) { curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { + } else if (strcmp(p, "default") != 0) { /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { + if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); + } else { + mbedtls_printf("unknown curve %s\n", q); + mbedtls_printf("supported curves: "); + for (curve_cur = mbedtls_ecp_curve_list(); curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); + curve_cur++) { + mbedtls_printf("%s ", curve_cur->name); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); goto exit; } } - mbedtls_printf("Number of curves: %d\n", i ); + mbedtls_printf("Number of curves: %d\n", i); - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); + if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { + mbedtls_printf("curves list too long, maximum %d", + CURVE_LIST_SIZE - 1); goto exit; } @@ -1519,905 +1396,859 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { + if (opt.alpn_string != NULL) { p = (char *) opt.alpn_string; i = 0; /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < ALPN_LIST_SIZE - 1 && *p != '\0') { alpn_list[i++] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } } #endif /* MBEDTLS_SSL_ALPN */ + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER); + /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - ret = rng_seed( &rng, opt.reproducible, pers ); - if( ret != 0 ) + ret = rng_seed(&rng, opt.reproducible, pers); + if (ret != 0) { goto exit; - mbedtls_printf( " ok\n" ); + } + mbedtls_printf(" ok\n"); -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); - if( strcmp( opt.ca_path, "none" ) == 0 || - strcmp( opt.ca_file, "none" ) == 0 ) - { + if (strcmp(opt.ca_path, "none") == 0 || + strcmp(opt.ca_file, "none") == 0) { ret = 0; - } - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_path)) { + ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path); + } else if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) { #if defined(MBEDTLS_PEM_PARSE_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) + for (i = 0; mbedtls_test_cas[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse(&cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i]); + if (ret != 0) { break; + } } - if( ret == 0 ) #endif /* MBEDTLS_PEM_PARSE_C */ - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( &cacert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - if( ret != 0 ) - break; + if (ret == 0) { + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der(&cacert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + if (ret != 0) { + break; + } + } } } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif /* MBEDTLS_CERTS_C */ - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the client cert. and key..."); + fflush(stdout); - if( strcmp( opt.crt_file, "none" ) == 0 ) + if (strcmp(opt.crt_file, "none") == 0) { ret = 0; - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else + if (strlen(opt.crt_file)) { + ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, - (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); + { ret = mbedtls_x509_crt_parse(&clicert, + (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( strcmp( opt.key_file, "none" ) == 0 ) + if (strcmp(opt.key_file, "none") == 0) { ret = 0; - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd ); - else + if (strlen(opt.key_file)) { + ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, opt.key_pwd); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + { ret = mbedtls_pk_parse_key(&pkey, + (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0); } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.key_opaque != 0 ) - { - if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, - PSA_ALG_SHA_256 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret ); + if (opt.key_opaque != 0) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ + mbedtls_printf(" ok (key type: %s)\n", mbedtls_pk_get_name(&pkey)); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* * 2. Start the connection */ - if( opt.server_addr == NULL) + if (opt.server_addr == NULL) { opt.server_addr = opt.server_name; + } - mbedtls_printf( " . Connecting to %s/%s/%s...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr, opt.server_port ); - fflush( stdout ); + mbedtls_printf(" . Connecting to %s/%s/%s...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr, opt.server_port); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_net_connect(&server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&server_fd); + } else { + ret = mbedtls_net_set_block(&server_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* The default algorithms profile disables SHA-1, but our tests still rely on it heavily. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + if (opt.allow_sha1 > 0) { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1); + mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test); + mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test); } - if( opt.context_crt_cb == 0 ) - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + if (opt.context_crt_cb == 0) { + mbedtls_ssl_conf_verify(&conf, my_verify, NULL); + } - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ + memset(peer_crt_info, 0, sizeof(peer_crt_info)); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 ) - { - if( opt.cid_enabled == 1 && + if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { + if (opt.cid_enabled == 1 && opt.cid_enabled_renego == 1 && - cid_len != cid_renego_len ) - { - mbedtls_printf( "CID length must not change during renegotiation\n" ); + cid_len != cid_renego_len) { + mbedtls_printf("CID length must not change during renegotiation\n"); goto usage; } - if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid( &conf, cid_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); - else - ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); + if (opt.cid_enabled == 1) { + ret = mbedtls_ssl_conf_cid(&conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } else { + ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + if (opt.auth_mode != DFL_AUTH_MODE) { + mbedtls_ssl_conf_authmode(&conf, opt.auth_mode); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, - opt.hs_to_max ); + if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { + mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, + opt.hs_to_max); + } - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); + if (opt.dgram_packing != DFL_DGRAM_PACKING) { + mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", + ret); goto exit; } #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) const mbedtls_ssl_srtp_profile forced_profile[] = - { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; - if( opt.use_srtp == 1 ) - { - if( opt.force_srtp_profile != 0 ) - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile ); - } - else - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles ); - } - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! " - "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", - ret ); + { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; + if (opt.use_srtp == 1) { + if (opt.force_srtp_profile != 0) { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile); + } else { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles); + } + + if (ret != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", + ret); goto exit; } - } - else if( opt.force_srtp_profile != 0 ) - { - mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" ); + } else if (opt.force_srtp_profile != 0) { + mbedtls_printf(" failed\n ! must enable use_srtp to force srtp profile\n\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); + if (opt.trunc_hmac != DFL_TRUNC_HMAC) { + mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac); + } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); + if (opt.extended_ms != DFL_EXTENDED_MS) { + mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); + if (opt.etm != DFL_ETM) { + mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm); + } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); + if (opt.eap_tls != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation, + &eap_tls_keying); + } else if (opt.nss_keylog != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, + nss_keylog_export, + NULL); } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, - nss_keylog_export, - NULL ); - } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation, + &dtls_srtp_keying); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( opt.recsplit != DFL_RECSPLIT ) - mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit + if (opt.recsplit != DFL_RECSPLIT) { + mbedtls_ssl_conf_cbc_record_splitting(&conf, opt.recsplit ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED - : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); + : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED); + } #endif #if defined(MBEDTLS_DHM_C) - if( opt.dhmlen != DFL_DHMLEN ) - mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); + if (opt.dhmlen != DFL_DHMLEN) { + mbedtls_ssl_conf_dhm_min_bitlen(&conf, opt.dhmlen); + } #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", - ret ); + if (opt.alpn_string != NULL) { + if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", + ret); goto exit; } + } #endif - if (opt.reproducible) - { + if (opt.reproducible) { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else - fprintf( stderr, "Warning: reproducible option used without constant time\n" ); + fprintf(stderr, "Warning: reproducible option used without constant time\n"); #endif #endif /* MBEDTLS_HAVE_TIME */ } - mbedtls_ssl_conf_rng( &conf, rng_get, &rng ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, rng_get, &rng); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout); #if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); + mbedtls_ssl_conf_session_tickets(&conf, opt.tickets); #endif - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } #if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); + if (opt.arc4 != DFL_ARC4) { + mbedtls_ssl_conf_arc4_support(&conf, opt.arc4); + } #endif - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); + if (opt.allow_legacy != DFL_ALLOW_LEGACY) { + mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy); + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); + mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if (strcmp(opt.ca_path, "none") != 0 && + strcmp(opt.ca_file, "none") != 0) { #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert ); - else + if (opt.ca_callback != 0) { + mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert); + } else #endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); } - if( strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 ) - { - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", - ret ); + if (strcmp(opt.crt_file, "none") != 0 && + strcmp(opt.key_file, "none") != 0) { + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", + ret); goto exit; } } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); + if (opt.curves != NULL && + strcmp(opt.curves, "default") != 0) { + mbedtls_ssl_conf_curves(&conf, curve_list); } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key( &key_attributes, psk, psk_len, &slot ); - if( status != PSA_SUCCESS ) - { + status = psa_import_key(&key_attributes, psk, psk_len, &slot); + if (status != PSA_SUCCESS) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, slot, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret); goto exit; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( psk_len > 0 ) - { - ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret ); + if (psk_len > 0) { + ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity)); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.min_version ); + if (opt.min_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.min_version); + } - if( opt.max_version != DFL_MAX_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.max_version ); + if (opt.max_version != DFL_MAX_VERSION) { + mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, + opt.max_version); + } #if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( opt.fallback != DFL_FALLBACK ) - mbedtls_ssl_conf_fallback( &conf, opt.fallback ); + if (opt.fallback != DFL_FALLBACK) { + mbedtls_ssl_conf_fallback(&conf, opt.fallback); + } #endif - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", - ret ); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", + ret); goto exit; } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", - ret ); + if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { + if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen(opt.ecjpake_pw))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", + ret); goto exit; } } #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( opt.context_crt_cb == 1 ) - mbedtls_ssl_set_verify( &ssl, my_verify, NULL ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if (opt.context_crt_cb == 1) { + mbedtls_ssl_set_verify(&ssl, my_verify, NULL); + } +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ io_ctx.ssl = &ssl; io_ctx.net = &server_fd; - mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb, - opt.nbio == 0 ? recv_timeout_cb : NULL ); + mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb, + opt.nbio == 0 ? recv_timeout_cb : NULL); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, - cid, cid_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, + cid, cid_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); + if (opt.dtls_mtu != DFL_DTLS_MTU) { + mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu); + } #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif #if defined(MBEDTLS_ECP_RESTARTABLE) - if( opt.ec_max_ops != DFL_EC_MAX_OPS ) - mbedtls_ecp_set_max_ops( opt.ec_max_ops ); + if (opt.ec_max_ops != DFL_EC_MAX_OPS) { + mbedtls_ecp_set_max_ops(opt.ec_max_ops); + } #endif #if defined(MBEDTLS_SSL_DTLS_SRTP) - if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 ) - { - if( mbedtls_test_unhexify( mki, sizeof( mki ), - opt.mki,&mki_len ) != 0 ) - { - mbedtls_printf( "mki value not valid hex\n" ); + if (opt.use_srtp != 0 && strlen(opt.mki) != 0) { + if (mbedtls_test_unhexify(mki, sizeof(mki), + opt.mki, &mki_len) != 0) { + mbedtls_printf("mki value not valid hex\n"); goto exit; } - mbedtls_ssl_conf_srtp_mki_value_supported( &conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED ); - if( ( ret = mbedtls_ssl_dtls_srtp_set_mki_value( &ssl, mki, - (uint16_t) strlen( opt.mki ) / 2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret ); + mbedtls_ssl_conf_srtp_mki_value_supported(&conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED); + if ((ret = mbedtls_ssl_dtls_srtp_set_mki_value(&ssl, mki, + (uint16_t) strlen(opt.mki) / 2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret); goto exit; } } #endif - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n", - (unsigned int) -ret ); - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n", + (unsigned int) -ret); + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { mbedtls_printf( " Unable to verify the server's certificate. " - "Either it is invalid,\n" + "Either it is invalid,\n" " or you didn't set ca_file or ca_path " - "to an appropriate value.\n" + "to an appropriate value.\n" " Alternatively, you may want to use " - "auth_mode=optional for testing purposes.\n" ); - mbedtls_printf( "\n" ); + "auth_mode=optional for testing purposes.\n"); + } + mbedtls_printf("\n"); goto exit; } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - ret = idle( &server_fd, &timer, ret ); + ret = idle(&server_fd, &timer, ret); #else - ret = idle( &server_fd, ret ); + ret = idle(&server_fd, ret); #endif - if( ret != 0 ) + if (ret != 0) { goto exit; + } } } - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), - mbedtls_ssl_get_ciphersuite( &ssl ) ); + mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version(&ssl), + mbedtls_ssl_get_ciphersuite(&ssl)); - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { + mbedtls_printf(" [ Record expansion is %d ]\n", ret); + } else { + mbedtls_printf(" [ Record expansion is unknown (compression) ]\n"); + } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); + mbedtls_printf(" [ Maximum input fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl)); + mbedtls_printf(" [ Maximum output fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl)); #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); + if (opt.alpn_string != NULL) { + const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl); + mbedtls_printf(" [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)"); } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { + if (opt.eap_tls != 0) { size_t j = 0; - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, - eap_tls_keying.master_secret, - sizeof( eap_tls_keying.master_secret ), - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_keymaterial, - sizeof( eap_tls_keymaterial ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, + eap_tls_keying.master_secret, + sizeof(eap_tls_keying.master_secret), + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_keymaterial, + sizeof(eap_tls_keymaterial))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " EAP-TLS key material is:" ); - for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ ) - { - if( j % 8 == 0 ) + mbedtls_printf(" EAP-TLS key material is:"); + for (j = 0; j < sizeof(eap_tls_keymaterial); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_keymaterial[j] ); + } + mbedtls_printf("%02x ", eap_tls_keymaterial[j]); } mbedtls_printf("\n"); - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0, - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_iv, - sizeof( eap_tls_iv ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); - goto exit; - } - - mbedtls_printf( " EAP-TLS IV is:" ); - for( j = 0; j < sizeof( eap_tls_iv ); j++ ) - { - if( j % 8 == 0 ) + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_iv, + sizeof(eap_tls_iv))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); + goto exit; + } + + mbedtls_printf(" EAP-TLS IV is:"); + for (j = 0; j < sizeof(eap_tls_iv); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_iv[j] ); + } + mbedtls_printf("%02x ", eap_tls_iv[j]); } mbedtls_printf("\n"); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { size_t j = 0; mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); - - if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile - == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_printf( " Unable to negotiate " - "the use of DTLS-SRTP\n" ); - } - else - { - if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type, - dtls_srtp_keying.master_secret, - sizeof( dtls_srtp_keying.master_secret ), - dtls_srtp_label, - dtls_srtp_keying.randbytes, - sizeof( dtls_srtp_keying.randbytes ), - dtls_srtp_key_material, - sizeof( dtls_srtp_key_material ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result); + + if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile + == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_printf(" Unable to negotiate " + "the use of DTLS-SRTP\n"); + } else { + if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, + dtls_srtp_keying.master_secret, + sizeof(dtls_srtp_keying.master_secret), + dtls_srtp_label, + dtls_srtp_keying.randbytes, + sizeof(dtls_srtp_keying.randbytes), + dtls_srtp_key_material, + sizeof(dtls_srtp_key_material))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " DTLS-SRTP key material is:" ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - if( j % 8 == 0 ) - mbedtls_printf( "\n " ); - mbedtls_printf( "%02x ", dtls_srtp_key_material[j] ); + mbedtls_printf(" DTLS-SRTP key material is:"); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + if (j % 8 == 0) { + mbedtls_printf("\n "); + } + mbedtls_printf("%02x ", dtls_srtp_key_material[j]); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); /* produce a less readable output used to perform automatic checks * - compare client and server output * - interop test with openssl which client produces this kind of output */ - mbedtls_printf( " Keying material: " ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); - } - mbedtls_printf( "\n" ); - - if ( dtls_srtp_negotiation_result.mki_len > 0 ) - { - mbedtls_printf( " DTLS-SRTP mki value: " ); - for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] ); - } + mbedtls_printf(" Keying material: "); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + mbedtls_printf("%02X", dtls_srtp_key_material[j]); } - else - { - mbedtls_printf( " DTLS-SRTP no mki value negotiated" ); + mbedtls_printf("\n"); + + if (dtls_srtp_negotiation_result.mki_len > 0) { + mbedtls_printf(" DTLS-SRTP mki value: "); + for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) { + mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]); + } + } else { + mbedtls_printf(" DTLS-SRTP no mki value negotiated"); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ - if( opt.reconnect != 0 ) - { - mbedtls_printf(" . Saving session for reuse..." ); - fflush( stdout ); + if (opt.reconnect != 0) { + mbedtls_printf(" . Saving session for reuse..."); + fflush(stdout); - if( opt.reco_mode == 1 ) - { + if (opt.reco_mode == 1) { /* free any previously saved data */ - if( session_data != NULL ) - { - mbedtls_platform_zeroize( session_data, session_data_len ); - mbedtls_free( session_data ); + if (session_data != NULL) { + mbedtls_platform_zeroize(session_data, session_data_len); + mbedtls_free(session_data); session_data = NULL; } /* get size of the buffer needed */ - mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - NULL, 0, &session_data_len ); - session_data = mbedtls_calloc( 1, session_data_len ); - if( session_data == NULL ) - { - mbedtls_printf( " failed\n ! alloc %u bytes for session data\n", - (unsigned) session_data_len ); + mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl), + NULL, 0, &session_data_len); + session_data = mbedtls_calloc(1, session_data_len); + if (session_data == NULL) { + mbedtls_printf(" failed\n ! alloc %u bytes for session data\n", + (unsigned) session_data_len); ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; goto exit; } /* actually save session data */ - if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ), - session_data, session_data_len, - &session_data_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_save(mbedtls_ssl_get_session_pointer(&ssl), + session_data, session_data_len, + &session_data_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n", + (unsigned int) -ret); goto exit; } - } - else - { - if( ( ret = mbedtls_ssl_get_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", - (unsigned int) -ret ); + } else { + if ((ret = mbedtls_ssl_get_session(&ssl, &saved_session)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_session returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.reco_mode == 1 ) - { - mbedtls_printf( " [ Saved %u bytes of session data]\n", - (unsigned) session_data_len ); + if (opt.reco_mode == 1) { + mbedtls_printf(" [ Saved %u bytes of session data]\n", + (unsigned) session_data_len); } } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), - " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), + " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_printf( "%s\n", peer_crt_info ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_printf("%s\n", peer_crt_info); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "initial handshake" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "initial handshake"); + if (ret != 0) { goto exit; + } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego, - cid_renego, - cid_renego_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, + cid_renego, + cid_renego_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate ) - { + if (opt.renegotiate) { /* * Perform renegotiation (this must be done when the server is waiting * for input from our side). */ - mbedtls_printf( " . Performing renegotiation..." ); - fflush( stdout ); - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + mbedtls_printf(" . Performing renegotiation..."); + fflush(stdout); + while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", - ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", + ret); goto exit; } #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "after renegotiation" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "after renegotiation"); + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* @@ -2425,120 +2256,111 @@ int main( int argc, char *argv[] ) */ retry_left = opt.max_resend; send_request: - mbedtls_printf( " > Write to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write to server:"); + fflush(stdout); - len = mbedtls_snprintf( (char *) buf, sizeof( buf ) - 1, GET_REQUEST, - opt.request_page ); - tail_len = (int) strlen( GET_REQUEST_END ); + len = mbedtls_snprintf((char *) buf, sizeof(buf) - 1, GET_REQUEST, + opt.request_page); + tail_len = (int) strlen(GET_REQUEST_END); /* Add padding to GET request to reach opt.request_size in length */ - if( opt.request_size != DFL_REQUEST_SIZE && - len + tail_len < opt.request_size ) - { - memset( buf + len, 'A', opt.request_size - len - tail_len ); + if (opt.request_size != DFL_REQUEST_SIZE && + len + tail_len < opt.request_size) { + memset(buf + len, 'A', opt.request_size - len - tail_len); len += opt.request_size - len - tail_len; } - strncpy( (char *) buf + len, GET_REQUEST_END, sizeof( buf ) - len - 1 ); + strncpy((char *) buf + len, GET_REQUEST_END, sizeof(buf) - len - 1); len += tail_len; /* Truncate if request size is smaller than the "natural" size */ - if( opt.request_size != DFL_REQUEST_SIZE && - len > opt.request_size ) - { + if (opt.request_size != DFL_REQUEST_SIZE && + len > opt.request_size) { len = opt.request_size; /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; + if (len >= 2) { + buf[len - 2] = '\r'; + } + if (len >= 1) { + buf[len - 1] = '\n'; + } } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { written = 0; frags = 0; - do - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, - len - written ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + do { + while ((ret = mbedtls_ssl_write(&ssl, buf + written, + len - written)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } frags++; written += ret; - } - while( written < len ); - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); + } while (written < len); + } else { /* Not stream, so datagram */ + while (1) { + ret = mbedtls_ssl_write(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", - ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", + ret); goto exit; } frags = 1; written = ret; - if( written < len ) - { - mbedtls_printf( " warning\n ! request didn't fit into single datagram and " - "was truncated to size %u", (unsigned) written ); + if (written < len) { + mbedtls_printf(" warning\n ! request didn't fit into single datagram and " + "was truncated to size %u", (unsigned) written); } } buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", - written, frags, (char *) buf ); + mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", + written, frags, (char *) buf); /* Send a non-empty request if request_size == 0 */ - if ( len == 0 ) - { + if (len == 0) { opt.request_size = DFL_REQUEST_SIZE; goto send_request; } @@ -2546,176 +2368,161 @@ int main( int argc, char *argv[] ) /* * 7. Read the HTTP response */ - mbedtls_printf( " < Read from server:" ); - fflush( stdout ); + mbedtls_printf(" < Read from server:"); + fflush(stdout); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ) - { + if (ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE) { /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } continue; } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; case 0: case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); ret = 0; goto reconnect; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", - (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", + (unsigned int) -ret); goto exit; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( ret > 0 && buf[len-1] == '\n' ) - { + if (ret > 0 && buf[len-1] == '\n') { ret = 0; break; } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); + } while (1); + } else { /* Not stream, so datagram */ + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); - while( 1 ) - { - ret = mbedtls_ssl_read( &ssl, buf, len ); + while (1) { + ret = mbedtls_ssl_read(&ssl, buf, len); #if defined(MBEDTLS_ECP_RESTARTABLE) - if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) + if (ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { continue; + } #endif - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_TIMEOUT: - mbedtls_printf( " timeout\n" ); - if( retry_left-- > 0 ) + mbedtls_printf(" timeout\n"); + if (retry_left-- > 0) { goto send_request; + } goto exit; case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); ret = 0; goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto exit; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); ret = 0; } /* * 7b. Simulate hard reset and reconnect from same port? */ - if( opt.reconnect_hard != 0 ) - { + if (opt.reconnect_hard != 0) { opt.reconnect_hard = 0; - mbedtls_printf( " . Restarting connection from same port..." ); - fflush( stdout ); + mbedtls_printf(" . Restarting connection from same port..."); + fflush(stdout); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + memset(peer_crt_info, 0, sizeof(peer_crt_info)); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &server_fd, &timer, ret ); + idle(&server_fd, &timer, ret); #else - idle( &server_fd, ret ); + idle(&server_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); goto send_request; } @@ -2724,160 +2531,149 @@ int main( int argc, char *argv[] ) * 7c. Simulate serialize/deserialize and go back to data exchange */ #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( opt.serialize != 0 ) - { + if (opt.serialize != 0) { size_t buf_len; - mbedtls_printf( " . Serializing live connection..." ); + mbedtls_printf(" . Serializing live connection..."); - ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Couldn't allocate buffer for " - "serialized context" ); + if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { + mbedtls_printf(" failed\n ! Couldn't allocate buffer for " + "serialized context"); goto exit; } context_buf_len = buf_len; - if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, - buf_len, &buf_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, + buf_len, &buf_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* Save serialized context to the 'opt.context_file' as a base64 code */ - if( 0 < strlen( opt.context_file ) ) - { + if (0 < strlen(opt.context_file)) { FILE *b64_file; uint8_t *b64_buf; size_t b64_len; - mbedtls_printf( " . Save serialized context to a file... " ); + mbedtls_printf(" . Save serialized context to a file... "); - mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len ); + mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); - if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Couldn't allocate buffer for " - "the base64 code\n" ); + if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { + mbedtls_printf("failed\n ! Couldn't allocate buffer for " + "the base64 code\n"); goto exit; } - if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len, - context_buf, buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_base64_encode returned " - "-0x%x\n", (unsigned int) -ret ); - mbedtls_free( b64_buf ); + if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, + context_buf, buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_base64_encode returned " + "-0x%x\n", (unsigned int) -ret); + mbedtls_free(b64_buf); goto exit; } - if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Cannot open '%s' for writing.\n", - opt.context_file ); - mbedtls_free( b64_buf ); + if ((b64_file = fopen(opt.context_file, "w")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for writing.\n", + opt.context_file); + mbedtls_free(b64_buf); goto exit; } - if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) ) - { - mbedtls_printf( "failed\n ! fwrite(%ld bytes) failed\n", - (long) b64_len ); - mbedtls_free( b64_buf ); - fclose( b64_file ); + if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { + mbedtls_printf("failed\n ! fwrite(%ld bytes) failed\n", + (long) b64_len); + mbedtls_free(b64_buf); + fclose(b64_file); goto exit; } - mbedtls_free( b64_buf ); - fclose( b64_file ); + mbedtls_free(b64_buf); + fclose(b64_file); - mbedtls_printf( "ok\n" ); + mbedtls_printf("ok\n"); } - if( opt.serialize == 1 ) - { + if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ - mbedtls_printf( " . Context has been reset... ok\n" ); + mbedtls_printf(" . Context has been reset... ok\n"); } - if( opt.serialize == 2 ) - { - mbedtls_printf( " . Freeing and reinitializing context..." ); + if (opt.serialize == 2) { + mbedtls_printf(" . Freeing and reinitializing context..."); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_free(&ssl); - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &server_fd, delayed_send, - delayed_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, - mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + if (opt.nbio == 2) { + mbedtls_ssl_set_bio(&ssl, &server_fd, delayed_send, + delayed_recv, NULL); + } else { + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, + mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL); + } #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif /* MBEDTLS_TIMING_C */ - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Deserializing connection..." ); + mbedtls_printf(" . Deserializing connection..."); - if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf, - buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, + buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_context_load returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_free( context_buf ); + mbedtls_free(context_buf); context_buf = NULL; context_buf_len = 0; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * 7d. Continue doing data exchanges? */ - if( --opt.exchanges > 0 ) + if (--opt.exchanges > 0) { goto send_request; + } /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); - fflush( stdout ); + mbedtls_printf(" . Closing the connection..."); + fflush(stdout); /* * Most of the time sending a close_notify before closing is the right @@ -2891,97 +2687,90 @@ int main( int argc, char *argv[] ) * failures in tests that use DTLS and resumption with ssl_server2 in * ssl-opt.sh, avoided by enabling skip_close_notify client-side. */ - if( opt.skip_close_notify == 0 ) - { + if (opt.skip_close_notify == 0) { /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; } - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); /* * 9. Reconnect? */ reconnect: - if( opt.reconnect != 0 ) - { + if (opt.reconnect != 0) { --opt.reconnect; - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); #if defined(MBEDTLS_TIMING_C) - if( opt.reco_delay > 0 ) - mbedtls_net_usleep( 1000000 * opt.reco_delay ); + if (opt.reco_delay > 0) { + mbedtls_net_usleep(1000000 * opt.reco_delay); + } #endif - mbedtls_printf( " . Reconnecting with saved session..." ); + mbedtls_printf(" . Reconnecting with saved session..."); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - memset( peer_crt_info, 0, sizeof( peer_crt_info ) ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + memset(peer_crt_info, 0, sizeof(peer_crt_info)); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_session_reset(&ssl)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.reco_mode == 1 ) - { - if( ( ret = mbedtls_ssl_session_load( &saved_session, - session_data, - session_data_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.reco_mode == 1) { + if ((ret = mbedtls_ssl_session_load(&saved_session, + session_data, + session_data_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_session_load returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_set_session(&ssl, &saved_session)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_session returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_net_connect( &server_fd, - opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_net_connect(&server_fd, + opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &server_fd ); - else - ret = mbedtls_net_set_block( &server_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&server_fd); + } else { + ret = mbedtls_net_set_block(&server_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && - ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", - (unsigned int) -ret ); + ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); goto send_request; } @@ -2991,66 +2780,66 @@ int main( int argc, char *argv[] ) */ exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf); } #endif - mbedtls_net_free( &server_fd ); + mbedtls_net_free(&server_fd); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ssl_session_free( &saved_session ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ssl_session_free(&saved_session); - if( session_data != NULL ) - mbedtls_platform_zeroize( session_data, session_data_len ); - mbedtls_free( session_data ); + if (session_data != NULL) { + mbedtls_platform_zeroize(session_data, session_data_len); + } + mbedtls_free(session_data); #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_platform_zeroize( context_buf, context_buf_len ); - mbedtls_free( context_buf ); + if (context_buf != NULL) { + mbedtls_platform_zeroize(context_buf, context_buf_len); + } + mbedtls_free(context_buf); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + mbedtls_x509_crt_free(&clicert); + mbedtls_x509_crt_free(&cacert); + mbedtls_pk_free(&pkey); #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_destroy_key( key_slot ); + psa_destroy_key(key_slot); #endif -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( slot ); - if( ( status != PSA_SUCCESS ) && - ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) slot, (int) status ); - if( ret == 0 ) + status = psa_destroy_key(slot); + if ((status != PSA_SUCCESS) && + (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to destroy key slot %u - error was %d", + (unsigned) slot, (int) status); + if (ret == 0) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - const char* message = mbedtls_test_helper_is_psa_leaking(); - if( message ) - { - if( ret == 0 ) + const char *message = mbedtls_test_helper_is_psa_leaking(); + if (message) { + if (ret == 0) { ret = 1; - mbedtls_printf( "PSA memory leak detected: %s\n", message); + } + mbedtls_printf("PSA memory leak detected: %s\n", message); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -3058,19 +2847,19 @@ int main( int argc, char *argv[] ) * resources are freed by rng_free(). */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #endif - rng_free( &rng ); + rng_free(&rng); #if defined(MBEDTLS_TEST_HOOKS) - if( test_hooks_failure_detected( ) ) - { - if( ret == 0 ) + if (test_hooks_failure_detected()) { + if (ret == 0) { ret = 1; - mbedtls_printf( "Test hooks detected errors.\n" ); + } + mbedtls_printf("Test hooks detected errors.\n"); } - test_hooks_free( ); + test_hooks_free(); #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) @@ -3081,20 +2870,21 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ #if defined(_WIN32) - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); } #endif // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - mbedtls_exit( ret ); - else - mbedtls_exit( query_config_ret ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_exit(ret); + } else { + mbedtls_exit(query_config_ret); + } } #endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_CLI_C */ diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_context_info.c b/third_party/mbedtls/repo/programs/ssl/ssl_context_info.c index 7018080d4ac..2a1fa41330b 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_context_info.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_context_info.c @@ -2,19 +2,7 @@ * MbedTLS SSL context deserializer from base64 code * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,17 +11,18 @@ #include MBEDTLS_CONFIG_FILE #endif #include "mbedtls/debug.h" +#include "mbedtls/platform.h" #include #include #if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_ERROR_C) || \ !defined(MBEDTLS_SSL_TLS_C) -int main( void ) +int main(void) { printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_ERROR_C and/or " "MBEDTLS_SSL_TLS_C not defined.\n"); - return( 0 ); + return 0; } #else @@ -44,7 +33,9 @@ int main( void ) #include #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include "mbedtls/ssl.h" #include "mbedtls/error.h" #include "mbedtls/base64.h" @@ -63,18 +54,18 @@ int main( void ) /* * Flags copied from the Mbed TLS library. */ -#define SESSION_CONFIG_TIME_BIT ( 1 << 0 ) -#define SESSION_CONFIG_CRT_BIT ( 1 << 1 ) -#define SESSION_CONFIG_CLIENT_TICKET_BIT ( 1 << 2 ) -#define SESSION_CONFIG_MFL_BIT ( 1 << 3 ) -#define SESSION_CONFIG_TRUNC_HMAC_BIT ( 1 << 4 ) -#define SESSION_CONFIG_ETM_BIT ( 1 << 5 ) -#define SESSION_CONFIG_TICKET_BIT ( 1 << 6 ) - -#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT ( 1 << 0 ) -#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT ( 1 << 1 ) -#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT ( 1 << 2 ) -#define CONTEXT_CONFIG_ALPN_BIT ( 1 << 3 ) +#define SESSION_CONFIG_TIME_BIT (1 << 0) +#define SESSION_CONFIG_CRT_BIT (1 << 1) +#define SESSION_CONFIG_CLIENT_TICKET_BIT (1 << 2) +#define SESSION_CONFIG_MFL_BIT (1 << 3) +#define SESSION_CONFIG_TRUNC_HMAC_BIT (1 << 4) +#define SESSION_CONFIG_ETM_BIT (1 << 5) +#define SESSION_CONFIG_TICKET_BIT (1 << 6) + +#define CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT (1 << 0) +#define CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT (1 << 1) +#define CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT (1 << 2) +#define CONTEXT_CONFIG_ALPN_BIT (1 << 3) #define TRANSFORM_RANDBYTE_LEN 64 @@ -89,28 +80,28 @@ int main( void ) #define MAX_CONTEXT_LEN 875 /* without session data */ #define MAX_SESSION_LEN 109 /* without certificate and ticket data */ -#define MAX_CERTIFICATE_LEN ( ( 1 << 24 ) - 1 ) -#define MAX_TICKET_LEN ( ( 1 << 24 ) - 1 ) +#define MAX_CERTIFICATE_LEN ((1 << 24) - 1) +#define MAX_TICKET_LEN ((1 << 24) - 1) -#define MIN_SERIALIZED_DATA ( MIN_CONTEXT_LEN + MIN_SESSION_LEN ) -#define MAX_SERIALIZED_DATA ( MAX_CONTEXT_LEN + MAX_SESSION_LEN + \ - MAX_CERTIFICATE_LEN + MAX_TICKET_LEN ) +#define MIN_SERIALIZED_DATA (MIN_CONTEXT_LEN + MIN_SESSION_LEN) +#define MAX_SERIALIZED_DATA (MAX_CONTEXT_LEN + MAX_SESSION_LEN + \ + MAX_CERTIFICATE_LEN + MAX_TICKET_LEN) -#define MIN_BASE64_LEN ( MIN_SERIALIZED_DATA * 4 / 3 ) -#define MAX_BASE64_LEN ( MAX_SERIALIZED_DATA * 4 / 3 + 3 ) +#define MIN_BASE64_LEN (MIN_SERIALIZED_DATA * 4 / 3) +#define MAX_BASE64_LEN (MAX_SERIALIZED_DATA * 4 / 3 + 3) /* * A macro that prevents from reading out of the ssl buffer range. */ -#define CHECK_SSL_END( LEN ) \ -do \ -{ \ - if( end - ssl < (int)( LEN ) ) \ - { \ - printf_err( "%s", buf_ln_err ); \ - return; \ - } \ -} while( 0 ) +#define CHECK_SSL_END(LEN) \ + do \ + { \ + if (end - ssl < (int) (LEN)) \ + { \ + printf_err("%s", buf_ln_err); \ + return; \ + } \ + } while (0) /* * Global values @@ -125,17 +116,17 @@ const char buf_ln_err[] = "Buffer does not have enough data to complete the pars /* * Basic printing functions */ -void print_version( ) +void print_version(void) { - printf( "%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR ); + printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR); } -void print_usage( ) +void print_usage(void) { print_version(); - printf( "\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n" - "in the text file. The program can deserialize many codes from one file, but they must be\n" - "separated, e.g. by a newline.\n\n" ); + printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n" + "in the text file. The program can deserialize many codes from one file, but they must be\n" + "separated, e.g. by a newline.\n\n"); printf( "Usage:\n" "\t-f path - Path to the file with base64 code\n" @@ -149,103 +140,83 @@ void print_usage( ) "\t--dtls-protocol=0 - Use this option if you know that the Mbed TLS library\n" "\t has been compiled without the MBEDTLS_SSL_PROTO_DTLS flag\n" "\n" - ); + ); } -void printf_dbg( const char *str, ... ) +void printf_dbg(const char *str, ...) { - if( debug ) - { + if (debug) { va_list args; - va_start( args, str ); - printf( "debug: " ); - vprintf( str, args ); - fflush( stdout ); - va_end( args ); + va_start(args, str); + printf("debug: "); + vprintf(str, args); + fflush(stdout); + va_end(args); } } -MBEDTLS_PRINTF_ATTRIBUTE( 1, 2 ) -void printf_err( const char *str, ... ) +MBEDTLS_PRINTF_ATTRIBUTE(1, 2) +void printf_err(const char *str, ...) { va_list args; - va_start( args, str ); - fflush( stdout ); - fprintf( stderr, "ERROR: " ); - vfprintf( stderr, str, args ); - fflush( stderr ); - va_end( args ); + va_start(args, str); + fflush(stdout); + fprintf(stderr, "ERROR: "); + vfprintf(stderr, str, args); + fflush(stderr); + va_end(args); } /* * Exit from the program in case of error */ -void error_exit() +void error_exit(void) { - if( NULL != b64_file ) - { - fclose( b64_file ); + if (NULL != b64_file) { + fclose(b64_file); } - exit( -1 ); + exit(-1); } /* * This function takes the input arguments of this program */ -void parse_arguments( int argc, char *argv[] ) +void parse_arguments(int argc, char *argv[]) { int i = 1; - if( argc < 2 ) - { + if (argc < 2) { print_usage(); error_exit(); } - while( i < argc ) - { - if( strcmp( argv[i], "-d" ) == 0 ) - { + while (i < argc) { + if (strcmp(argv[i], "-d") == 0) { debug = 1; - } - else if( strcmp( argv[i], "-h" ) == 0 ) - { + } else if (strcmp(argv[i], "-h") == 0) { print_usage(); - } - else if( strcmp( argv[i], "-v" ) == 0 ) - { + } else if (strcmp(argv[i], "-v") == 0) { print_version(); - } - else if( strcmp( argv[i], "-f" ) == 0 ) - { - if( ++i >= argc ) - { - printf_err( "File path is empty\n" ); + } else if (strcmp(argv[i], "-f") == 0) { + if (++i >= argc) { + printf_err("File path is empty\n"); error_exit(); } - if( NULL != b64_file ) - { - printf_err( "Cannot specify more than one file with -f\n" ); - error_exit( ); + if (NULL != b64_file) { + printf_err("Cannot specify more than one file with -f\n"); + error_exit(); } - if( ( b64_file = fopen( argv[i], "r" )) == NULL ) - { - printf_err( "Cannot find file \"%s\"\n", argv[i] ); + if ((b64_file = fopen(argv[i], "r")) == NULL) { + printf_err("Cannot find file \"%s\"\n", argv[i]); error_exit(); } - } - else if( strcmp( argv[i], "--keep-peer-cert=0" ) == 0 ) - { + } else if (strcmp(argv[i], "--keep-peer-cert=0") == 0) { conf_keep_peer_certificate = 0; - } - else if( strcmp( argv[i], "--dtls-protocol=0" ) == 0 ) - { + } else if (strcmp(argv[i], "--dtls-protocol=0") == 0) { conf_dtls_proto = 0; - } - else - { + } else { print_usage(); error_exit(); } @@ -257,22 +228,20 @@ void parse_arguments( int argc, char *argv[] ) /* * This function prints base64 code to the stdout */ -void print_b64( const uint8_t *b, size_t len ) +void print_b64(const uint8_t *b, size_t len) { size_t i = 0; const uint8_t *end = b + len; printf("\t"); - while( b < end ) - { - if( ++i > 75 ) - { - printf( "\n\t" ); + while (b < end) { + if (++i > 75) { + printf("\n\t"); i = 0; } - printf( "%c", *b++ ); + printf("%c", *b++); } - printf( "\n" ); - fflush( stdout ); + printf("\n"); + fflush(stdout); } /* @@ -283,25 +252,22 @@ void print_b64( const uint8_t *b, size_t len ) * /p in_line number of bytes in one line * /p prefix prefix for the new lines */ -void print_hex( const uint8_t *b, size_t len, - const size_t in_line, const char *prefix ) +void print_hex(const uint8_t *b, size_t len, + const size_t in_line, const char *prefix) { size_t i = 0; const uint8_t *end = b + len; - if( prefix == NULL ) - { + if (prefix == NULL) { prefix = ""; } - while( b < end ) - { - if( ++i > in_line ) - { - printf( "\n%s", prefix ); + while (b < end) { + if (++i > in_line) { + printf("\n%s", prefix); i = 1; } - printf( "%02X ", (uint8_t) *b++ ); + printf("%02X ", (uint8_t) *b++); } printf("\n"); fflush(stdout); @@ -310,48 +276,48 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ -void print_time( const time_t *time ) +void print_time(const uint64_t *time) { +#if defined(MBEDTLS_HAVE_TIME) char buf[20]; - struct tm *t = gmtime( time ); + struct tm *t = gmtime((time_t *) time); static const char format[] = "%Y-%m-%d %H:%M:%S"; - if( NULL != t ) - { - strftime( buf, sizeof( buf ), format, t ); - printf( "%s\n", buf ); - } - else - { - printf( "unknown\n" ); + if (NULL != t) { + strftime(buf, sizeof(buf), format, t); + printf("%s\n", buf); + } else { + printf("unknown\n"); } +#else + (void) time; + printf("not supported\n"); +#endif } /* * Print the input string if the bit is set in the value */ -void print_if_bit( const char *str, int bit, int val ) +void print_if_bit(const char *str, int bit, int val) { - if( bit & val ) - { - printf( "\t%s\n", str ); + if (bit & val) { + printf("\t%s\n", str); } } /* * Return pointer to hardcoded "enabled" or "disabled" depending on the input value */ -const char * get_enabled_str( int is_en ) +const char *get_enabled_str(int is_en) { - return ( is_en ) ? "enabled" : "disabled"; + return (is_en) ? "enabled" : "disabled"; } /* * Return pointer to hardcoded MFL string value depending on the MFL code at the input */ -const char * get_mfl_str( int mfl_code ) +const char *get_mfl_str(int mfl_code) { - switch( mfl_code ) - { + switch (mfl_code) { case MBEDTLS_SSL_MAX_FRAG_LEN_NONE: return "none"; case MBEDTLS_SSL_MAX_FRAG_LEN_512: @@ -382,125 +348,95 @@ const char * get_mfl_str( int mfl_code ) * \retval number of bytes written in to the b64 buffer or 0 in case no more * data was found */ -size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) +size_t read_next_b64_code(uint8_t **b64, size_t *max_len) { int valid_balance = 0; /* balance between valid and invalid characters */ size_t len = 0; char pad = 0; int c = 0; - while( EOF != c ) - { + while (EOF != c) { char c_valid = 0; - c = fgetc( b64_file ); + c = fgetc(b64_file); - if( pad > 0 ) - { - if( c == '=' && pad == 1 ) - { + if (pad > 0) { + if (c == '=' && pad == 1) { c_valid = 1; pad = 2; } - } - else if( ( c >= 'A' && c <= 'Z' ) || - ( c >= 'a' && c <= 'z' ) || - ( c >= '0' && c <= '9' ) || - c == '+' || c == '/' ) - { + } else if ((c >= 'A' && c <= 'Z') || + (c >= 'a' && c <= 'z') || + (c >= '0' && c <= '9') || + c == '+' || c == '/') { c_valid = 1; - } - else if( c == '=' ) - { + } else if (c == '=') { c_valid = 1; pad = 1; - } - else if( c == '-' ) - { + } else if (c == '-') { c = '+'; c_valid = 1; - } - else if( c == '_' ) - { + } else if (c == '_') { c = '/'; c_valid = 1; } - if( c_valid ) - { + if (c_valid) { /* A string of characters that could be a base64 code. */ valid_balance++; - if( len < *max_len ) - { - ( *b64 )[ len++ ] = c; - } - else if( *max_len < MAX_BASE64_LEN ) - { + if (len < *max_len) { + (*b64)[len++] = c; + } else if (*max_len < MAX_BASE64_LEN) { /* Current buffer is too small, but can be resized. */ void *ptr; - size_t new_size = ( MAX_BASE64_LEN - 4096 > *max_len ) ? + size_t new_size = (MAX_BASE64_LEN - 4096 > *max_len) ? *max_len + 4096 : MAX_BASE64_LEN; - ptr = realloc( *b64, new_size ); - if( NULL == ptr ) - { - printf_err( alloc_err ); + ptr = realloc(*b64, new_size); + if (NULL == ptr) { + printf_err(alloc_err); return 0; } *b64 = ptr; *max_len = new_size; - ( *b64 )[ len++ ] = c; - } - else - { + (*b64)[len++] = c; + } else { /* Too much data so it will be treated as invalid */ len++; } - } - else if( len > 0 ) - { + } else if (len > 0) { /* End of a string that could be a base64 code, but need to check * that the length of the characters is correct. */ valid_balance--; - if( len < MIN_CONTEXT_LEN ) - { - printf_dbg( "The code found is too small to be a SSL context.\n" ); + if (len < MIN_CONTEXT_LEN) { + printf_dbg("The code found is too small to be a SSL context.\n"); len = pad = 0; - } - else if( len > *max_len ) - { - printf_err( "The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n", - len - *max_len ); + } else if (len > *max_len) { + printf_err("The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n", + len - *max_len); len = pad = 0; - } - else if( len % 4 != 0 ) - { - printf_err( "The length of the base64 code found should be a multiple of 4.\n" ); + } else if (len % 4 != 0) { + printf_err("The length of the base64 code found should be a multiple of 4.\n"); len = pad = 0; - } - else - { + } else { /* Base64 code with valid character length. */ return len; } - } - else - { + } else { valid_balance--; } /* Detection of potentially wrong file format like: binary, zip, ISO, etc. */ - if( valid_balance < -100 ) - { - printf_err( "Too many bad symbols detected. File check aborted.\n" ); + if (valid_balance < -100) { + printf_err("Too many bad symbols detected. File check aborted.\n"); return 0; } } - printf_dbg( "End of file\n" ); + printf_dbg("End of file\n"); return 0; } @@ -510,53 +446,45 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) * * /p ssl pointer to serialized certificate * /p len number of bytes in the buffer -*/ -void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) + */ +void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len) { enum { STRLEN = 4096 }; mbedtls_x509_crt crt; int ret; char str[STRLEN]; - printf( "\nCertificate:\n" ); + printf("\nCertificate:\n"); - mbedtls_x509_crt_init( &crt ); - ret = mbedtls_x509_crt_parse_der( &crt, ssl, len ); - if( 0 != ret ) - { - mbedtls_strerror( ret, str, STRLEN ); - printf_err( "Invalid format of X.509 - %s\n", str ); - printf( "Cannot deserialize:\n\t" ); - print_hex( ssl, len, 25, "\t" ); - } - else - { + mbedtls_x509_crt_init(&crt); + ret = mbedtls_x509_crt_parse_der(&crt, ssl, len); + if (0 != ret) { + mbedtls_strerror(ret, str, STRLEN); + printf_err("Invalid format of X.509 - %s\n", str); + printf("Cannot deserialize:\n\t"); + print_hex(ssl, len, 25, "\t"); + } else { mbedtls_x509_crt *current = &crt; - while( current != NULL ) - { - ret = mbedtls_x509_crt_info( str, STRLEN, "\t", current ); - if( 0 > ret ) - { - mbedtls_strerror( ret, str, STRLEN ); - printf_err( "Cannot write to the output - %s\n", str ); - } - else - { - printf( "%s", str ); + while (current != NULL) { + ret = mbedtls_x509_crt_info(str, STRLEN, "\t", current); + if (0 > ret) { + mbedtls_strerror(ret, str, STRLEN); + printf_err("Cannot write to the output - %s\n", str); + } else { + printf("%s", str); } current = current->next; - if( current ) - { - printf( "\n" ); + if (current) { + printf("\n"); } } } - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); } /* @@ -584,227 +512,203 @@ void print_deserialized_ssl_cert( const uint8_t *ssl, uint32_t len ) * /p len number of bytes in the buffer * /p session_cfg_flag session configuration flags */ -void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, - int session_cfg_flag ) +void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len, + int session_cfg_flag) { - const struct mbedtls_ssl_ciphersuite_t * ciphersuite_info; + const struct mbedtls_ssl_ciphersuite_t *ciphersuite_info; int ciphersuite_id; uint32_t cert_len, ticket_len; uint32_t verify_result, ticket_lifetime; const uint8_t *end = ssl + len; - printf( "\nSession info:\n" ); + printf("\nSession info:\n"); - if( session_cfg_flag & SESSION_CONFIG_TIME_BIT ) - { + if (session_cfg_flag & SESSION_CONFIG_TIME_BIT) { uint64_t start; - CHECK_SSL_END( 8 ); - start = ( (uint64_t) ssl[0] << 56 ) | - ( (uint64_t) ssl[1] << 48 ) | - ( (uint64_t) ssl[2] << 40 ) | - ( (uint64_t) ssl[3] << 32 ) | - ( (uint64_t) ssl[4] << 24 ) | - ( (uint64_t) ssl[5] << 16 ) | - ( (uint64_t) ssl[6] << 8 ) | - ( (uint64_t) ssl[7] ); + CHECK_SSL_END(8); + start = ((uint64_t) ssl[0] << 56) | + ((uint64_t) ssl[1] << 48) | + ((uint64_t) ssl[2] << 40) | + ((uint64_t) ssl[3] << 32) | + ((uint64_t) ssl[4] << 24) | + ((uint64_t) ssl[5] << 16) | + ((uint64_t) ssl[6] << 8) | + ((uint64_t) ssl[7]); ssl += 8; - printf( "\tstart time : " ); - print_time( (time_t*) &start ); + printf("\tstart time : "); + print_time(&start); } - CHECK_SSL_END( 2 ); - ciphersuite_id = ( (int) ssl[0] << 8 ) | (int) ssl[1]; - printf_dbg( "Ciphersuite ID: %d\n", ciphersuite_id ); + CHECK_SSL_END(2); + ciphersuite_id = ((int) ssl[0] << 8) | (int) ssl[1]; + printf_dbg("Ciphersuite ID: %d\n", ciphersuite_id); ssl += 2; - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); - if( ciphersuite_info == NULL ) - { - printf_err( "Cannot find ciphersuite info\n" ); - } - else - { + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); + if (ciphersuite_info == NULL) { + printf_err("Cannot find ciphersuite info\n"); + } else { const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; - printf( "\tciphersuite : %s\n", ciphersuite_info->name ); - printf( "\tcipher flags : 0x%02X\n", ciphersuite_info->flags ); + printf("\tciphersuite : %s\n", ciphersuite_info->name); + printf("\tcipher flags : 0x%02X\n", ciphersuite_info->flags); - cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); - if( cipher_info == NULL ) - { - printf_err( "Cannot find cipher info\n" ); - } - else - { - printf( "\tcipher : %s\n", cipher_info->name ); + cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); + if (cipher_info == NULL) { + printf_err("Cannot find cipher info\n"); + } else { + printf("\tcipher : %s\n", cipher_info->name); } - md_info = mbedtls_md_info_from_type( ciphersuite_info->mac ); - if( md_info == NULL ) - { - printf_err( "Cannot find Message-Digest info\n" ); - } - else - { - printf( "\tMessage-Digest : %s\n", md_info->name ); + md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); + if (md_info == NULL) { + printf_err("Cannot find Message-Digest info\n"); + } else { + printf("\tMessage-Digest : %s\n", md_info->name); } } - CHECK_SSL_END( 1 ); - printf( "\tcompression : %s\n", get_enabled_str( *ssl++ ) ); + CHECK_SSL_END(1); + printf("\tcompression : %s\n", get_enabled_str(*ssl++)); /* Note - Here we can get session ID length from serialized data, but we * use hardcoded 32-bytes length. This approach was taken from * 'mbedtls_ssl_session_load()'. */ - CHECK_SSL_END( 1 + 32 ); - printf_dbg( "Session id length: %u\n", (uint32_t) *ssl++ ); - printf( "\tsession ID : "); - print_hex( ssl, 32, 16, "\t " ); + CHECK_SSL_END(1 + 32); + printf_dbg("Session id length: %u\n", (uint32_t) *ssl++); + printf("\tsession ID : "); + print_hex(ssl, 32, 16, "\t "); ssl += 32; - printf( "\tmaster secret : "); - CHECK_SSL_END( 48 ); - print_hex( ssl, 48, 16, "\t " ); + printf("\tmaster secret : "); + CHECK_SSL_END(48); + print_hex(ssl, 48, 16, "\t "); ssl += 48; - CHECK_SSL_END( 4 ); - verify_result = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + verify_result = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tverify result : 0x%08X\n", verify_result ); - - if( SESSION_CONFIG_CRT_BIT & session_cfg_flag ) - { - if( conf_keep_peer_certificate ) - { - CHECK_SSL_END( 3 ); - cert_len = ( (uint32_t) ssl[0] << 16 ) | - ( (uint32_t) ssl[1] << 8 ) | - ( (uint32_t) ssl[2] ); + printf("\tverify result : 0x%08X\n", verify_result); + + if (SESSION_CONFIG_CRT_BIT & session_cfg_flag) { + if (conf_keep_peer_certificate) { + CHECK_SSL_END(3); + cert_len = ((uint32_t) ssl[0] << 16) | + ((uint32_t) ssl[1] << 8) | + ((uint32_t) ssl[2]); ssl += 3; - printf_dbg( "Certificate length: %u\n", cert_len ); + printf_dbg("Certificate length: %u\n", cert_len); - if( cert_len > 0 ) - { - CHECK_SSL_END( cert_len ); - print_deserialized_ssl_cert( ssl, cert_len ); + if (cert_len > 0) { + CHECK_SSL_END(cert_len); + print_deserialized_ssl_cert(ssl, cert_len); ssl += cert_len; } - } - else - { - printf( "\tPeer digest : " ); + } else { + printf("\tPeer digest : "); - CHECK_SSL_END( 1 ); - switch( (mbedtls_md_type_t) *ssl++ ) - { + CHECK_SSL_END(1); + switch ((mbedtls_md_type_t) *ssl++) { case MBEDTLS_MD_NONE: - printf( "none\n" ); + printf("none\n"); break; case MBEDTLS_MD_MD2: - printf( "MD2\n" ); + printf("MD2\n"); break; case MBEDTLS_MD_MD4: - printf( "MD4\n" ); + printf("MD4\n"); break; case MBEDTLS_MD_MD5: - printf( "MD5\n" ); + printf("MD5\n"); break; case MBEDTLS_MD_SHA1: - printf( "SHA1\n" ); + printf("SHA1\n"); break; case MBEDTLS_MD_SHA224: - printf( "SHA224\n" ); + printf("SHA224\n"); break; case MBEDTLS_MD_SHA256: - printf( "SHA256\n" ); + printf("SHA256\n"); break; case MBEDTLS_MD_SHA384: - printf( "SHA384\n" ); + printf("SHA384\n"); break; case MBEDTLS_MD_SHA512: - printf( "SHA512\n" ); + printf("SHA512\n"); break; case MBEDTLS_MD_RIPEMD160: - printf( "RIPEMD160\n" ); + printf("RIPEMD160\n"); break; default: - printf( "undefined or erroneous\n" ); + printf("undefined or erroneous\n"); break; } - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cert_len = (uint32_t) *ssl++; - printf_dbg( "Message-Digest length: %u\n", cert_len ); + printf_dbg("Message-Digest length: %u\n", cert_len); - if( cert_len > 0 ) - { - printf( "\tPeer digest cert : " ); - CHECK_SSL_END( cert_len ); - print_hex( ssl, cert_len, 16, "\t " ); + if (cert_len > 0) { + printf("\tPeer digest cert : "); + CHECK_SSL_END(cert_len); + print_hex(ssl, cert_len, 16, "\t "); ssl += cert_len; } } } - if( SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag ) - { - printf( "\nTicket:\n" ); + if (SESSION_CONFIG_CLIENT_TICKET_BIT & session_cfg_flag) { + printf("\nTicket:\n"); - CHECK_SSL_END( 3 ); - ticket_len = ( (uint32_t) ssl[0] << 16 ) | - ( (uint32_t) ssl[1] << 8 ) | - ( (uint32_t) ssl[2] ); + CHECK_SSL_END(3); + ticket_len = ((uint32_t) ssl[0] << 16) | + ((uint32_t) ssl[1] << 8) | + ((uint32_t) ssl[2]); ssl += 3; - printf_dbg( "Ticket length: %u\n", ticket_len ); + printf_dbg("Ticket length: %u\n", ticket_len); - if( ticket_len > 0 ) - { - printf( "\t" ); - CHECK_SSL_END( ticket_len ); - print_hex( ssl, ticket_len, 22, "\t" ); + if (ticket_len > 0) { + printf("\t"); + CHECK_SSL_END(ticket_len); + print_hex(ssl, ticket_len, 22, "\t"); ssl += ticket_len; - printf( "\n" ); + printf("\n"); } - CHECK_SSL_END( 4 ); - ticket_lifetime = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + ticket_lifetime = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tlifetime : %u sec.\n", ticket_lifetime ); + printf("\tlifetime : %u sec.\n", ticket_lifetime); } - if( ssl < end ) - { - printf( "\nSession others:\n" ); + if (ssl < end) { + printf("\nSession others:\n"); } - if( SESSION_CONFIG_MFL_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tMFL : %s\n", get_mfl_str( *ssl++ ) ); + if (SESSION_CONFIG_MFL_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tMFL : %s\n", get_mfl_str(*ssl++)); } - if( SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tnegotiate truncated HMAC : %s\n", get_enabled_str( *ssl++ ) ); + if (SESSION_CONFIG_TRUNC_HMAC_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tnegotiate truncated HMAC : %s\n", get_enabled_str(*ssl++)); } - if( SESSION_CONFIG_ETM_BIT & session_cfg_flag ) - { - CHECK_SSL_END( 1 ); - printf( "\tEncrypt-then-MAC : %s\n", get_enabled_str( *ssl++ ) ); + if (SESSION_CONFIG_ETM_BIT & session_cfg_flag) { + CHECK_SSL_END(1); + printf("\tEncrypt-then-MAC : %s\n", get_enabled_str(*ssl++)); } - if( 0 != ( end - ssl ) ) - { - printf_err( "%i bytes left to analyze from session\n", (int32_t)( end - ssl ) ); + if (0 != (end - ssl)) { + printf_err("%i bytes left to analyze from session\n", (int32_t) (end - ssl)); } } @@ -841,189 +745,179 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, * /p ssl pointer to serialized session * /p len number of bytes in the buffer */ -void print_deserialized_ssl_context( const uint8_t *ssl, size_t len ) +void print_deserialized_ssl_context(const uint8_t *ssl, size_t len) { const uint8_t *end = ssl + len; uint32_t session_len; int session_cfg_flag; int context_cfg_flag; - printf( "\nMbed TLS version:\n" ); + printf("\nMbed TLS version:\n"); - CHECK_SSL_END( 3 + 2 + 3 ); + CHECK_SSL_END(3 + 2 + 3); - printf( "\tmajor %u\n", (uint32_t) *ssl++ ); - printf( "\tminor %u\n", (uint32_t) *ssl++ ); - printf( "\tpath %u\n", (uint32_t) *ssl++ ); + printf("\tmajor %u\n", (uint32_t) *ssl++); + printf("\tminor %u\n", (uint32_t) *ssl++); + printf("\tpath %u\n", (uint32_t) *ssl++); - printf( "\nEnabled session and context configuration:\n" ); + printf("\nEnabled session and context configuration:\n"); - session_cfg_flag = ( (int) ssl[0] << 8 ) | ( (int) ssl[1] ); + session_cfg_flag = ((int) ssl[0] << 8) | ((int) ssl[1]); ssl += 2; - context_cfg_flag = ( (int) ssl[0] << 16 ) | - ( (int) ssl[1] << 8 ) | - ( (int) ssl[2] ) ; + context_cfg_flag = ((int) ssl[0] << 16) | + ((int) ssl[1] << 8) | + ((int) ssl[2]); ssl += 3; - printf_dbg( "Session config flags 0x%04X\n", session_cfg_flag ); - printf_dbg( "Context config flags 0x%06X\n", context_cfg_flag ); - - print_if_bit( "MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag ); - - print_if_bit( "MBEDTLS_SSL_DTLS_CONNECTION_ID", CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag ); - - CHECK_SSL_END( 4 ); - session_len = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + printf_dbg("Session config flags 0x%04X\n", session_cfg_flag); + printf_dbg("Context config flags 0x%06X\n", context_cfg_flag); + + print_if_bit("MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag); + print_if_bit("MBEDTLS_SSL_SESSION_TICKETS and client", + SESSION_CONFIG_CLIENT_TICKET_BIT, + session_cfg_flag); + + print_if_bit("MBEDTLS_SSL_DTLS_CONNECTION_ID", + CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_DTLS_BADMAC_LIMIT", + CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_DTLS_ANTI_REPLAY", + CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, + context_cfg_flag); + print_if_bit("MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag); + + CHECK_SSL_END(4); + session_len = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf_dbg( "Session length %u\n", session_len ); + printf_dbg("Session length %u\n", session_len); - CHECK_SSL_END( session_len ); - print_deserialized_ssl_session( ssl, session_len, session_cfg_flag ); + CHECK_SSL_END(session_len); + print_deserialized_ssl_session(ssl, session_len, session_cfg_flag); ssl += session_len; - printf( "\nRandom bytes:\n\t"); + printf("\nRandom bytes:\n\t"); - CHECK_SSL_END( TRANSFORM_RANDBYTE_LEN ); - print_hex( ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t" ); + CHECK_SSL_END(TRANSFORM_RANDBYTE_LEN); + print_hex(ssl, TRANSFORM_RANDBYTE_LEN, 22, "\t"); ssl += TRANSFORM_RANDBYTE_LEN; - printf( "\nContext others:\n" ); + printf("\nContext others:\n"); - if( CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT & context_cfg_flag) { uint8_t cid_len; - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cid_len = *ssl++; - printf_dbg( "In CID length %u\n", (uint32_t) cid_len ); + printf_dbg("In CID length %u\n", (uint32_t) cid_len); - printf( "\tin CID : " ); - if( cid_len > 0 ) - { - CHECK_SSL_END( cid_len ); - print_hex( ssl, cid_len, 20, "\t" ); + printf("\tin CID : "); + if (cid_len > 0) { + CHECK_SSL_END(cid_len); + print_hex(ssl, cid_len, 20, "\t"); ssl += cid_len; - } - else - { - printf( "none\n" ); + } else { + printf("none\n"); } - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); cid_len = *ssl++; - printf_dbg( "Out CID length %u\n", (uint32_t) cid_len ); + printf_dbg("Out CID length %u\n", (uint32_t) cid_len); - printf( "\tout CID : " ); - if( cid_len > 0 ) - { - CHECK_SSL_END( cid_len ); - print_hex( ssl, cid_len, 20, "\t" ); + printf("\tout CID : "); + if (cid_len > 0) { + CHECK_SSL_END(cid_len); + print_hex(ssl, cid_len, 20, "\t"); ssl += cid_len; - } - else - { - printf( "none\n" ); + } else { + printf("none\n"); } } - if( CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT & context_cfg_flag) { uint32_t badmac_seen; - CHECK_SSL_END( 4 ); - badmac_seen = ( (uint32_t) ssl[0] << 24 ) | - ( (uint32_t) ssl[1] << 16 ) | - ( (uint32_t) ssl[2] << 8 ) | - ( (uint32_t) ssl[3] ); + CHECK_SSL_END(4); + badmac_seen = ((uint32_t) ssl[0] << 24) | + ((uint32_t) ssl[1] << 16) | + ((uint32_t) ssl[2] << 8) | + ((uint32_t) ssl[3]); ssl += 4; - printf( "\tbad MAC seen number : %u\n", badmac_seen ); + printf("\tbad MAC seen number : %u\n", badmac_seen); /* value 'in_window_top' from mbedtls_ssl_context */ - printf( "\tlast validated record sequence no. : " ); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\tlast validated record sequence no. : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; /* value 'in_window' from mbedtls_ssl_context */ - printf( "\tbitmask for replay detection : " ); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\tbitmask for replay detection : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; } - if( conf_dtls_proto ) - { - CHECK_SSL_END( 1 ); - printf( "\tDTLS datagram packing : %s\n", - get_enabled_str( ! ( *ssl++ ) ) ); + if (conf_dtls_proto) { + CHECK_SSL_END(1); + printf("\tDTLS datagram packing : %s\n", + get_enabled_str(!(*ssl++))); } /* value 'cur_out_ctr' from mbedtls_ssl_context */ - printf( "\toutgoing record sequence no. : "); - CHECK_SSL_END( 8 ); - print_hex( ssl, 8, 20, "" ); + printf("\toutgoing record sequence no. : "); + CHECK_SSL_END(8); + print_hex(ssl, 8, 20, ""); ssl += 8; - if( conf_dtls_proto ) - { + if (conf_dtls_proto) { uint16_t mtu; - CHECK_SSL_END( 2 ); - mtu = ( ssl[0] << 8 ) | ssl[1]; + CHECK_SSL_END(2); + mtu = (ssl[0] << 8) | ssl[1]; ssl += 2; - printf( "\tMTU : %u\n", mtu ); + printf("\tMTU : %u\n", mtu); } - if( CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag ) - { + if (CONTEXT_CONFIG_ALPN_BIT & context_cfg_flag) { uint8_t alpn_len; - CHECK_SSL_END( 1 ); + CHECK_SSL_END(1); alpn_len = *ssl++; - printf_dbg( "ALPN length %u\n", (uint32_t) alpn_len ); - - printf( "\tALPN negotiation : " ); - CHECK_SSL_END( alpn_len ); - if( alpn_len > 0 ) - { - if( strlen( (const char*) ssl ) == alpn_len ) - { - printf( "%s\n", ssl ); - } - else - { - printf( "\n" ); - printf_err( "\tALPN negotiation is incorrect\n" ); + printf_dbg("ALPN length %u\n", (uint32_t) alpn_len); + + printf("\tALPN negotiation : "); + CHECK_SSL_END(alpn_len); + if (alpn_len > 0) { + if (strlen((const char *) ssl) == alpn_len) { + printf("%s\n", ssl); + } else { + printf("\n"); + printf_err("\tALPN negotiation is incorrect\n"); } ssl += alpn_len; - } - else - { - printf( "not selected\n" ); + } else { + printf("not selected\n"); } } - if( 0 != ( end - ssl ) ) - { - printf_err( "%i bytes left to analyze from context\n", (int32_t)( end - ssl ) ); + if (0 != (end - ssl)) { + printf_err("%i bytes left to analyze from context\n", (int32_t) (end - ssl)); } - printf( "\n" ); + printf("\n"); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { enum { SSL_INIT_LEN = 4096 }; @@ -1034,39 +928,42 @@ int main( int argc, char *argv[] ) size_t ssl_max_len = SSL_INIT_LEN; size_t ssl_len = 0; - /* The 'b64_file' is opened when parsing arguments to check that the - * file name is correct */ - parse_arguments( argc, argv ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + /* The 'b64_file' is opened when parsing arguments to check that the + * file name is correct */ + parse_arguments(argc, argv); - if( NULL != b64_file ) - { - b64_buf = malloc( SSL_INIT_LEN ); - ssl_buf = malloc( SSL_INIT_LEN ); + if (NULL != b64_file) { + b64_buf = malloc(SSL_INIT_LEN); + ssl_buf = malloc(SSL_INIT_LEN); - if( NULL == b64_buf || NULL == ssl_buf ) - { - printf_err( alloc_err ); - fclose( b64_file ); + if (NULL == b64_buf || NULL == ssl_buf) { + printf_err(alloc_err); + fclose(b64_file); b64_file = NULL; } } - while( NULL != b64_file ) - { - size_t b64_len = read_next_b64_code( &b64_buf, &b64_max_len ); - if( b64_len > 0) - { + while (NULL != b64_file) { + size_t b64_len = read_next_b64_code(&b64_buf, &b64_max_len); + if (b64_len > 0) { int ret; size_t ssl_required_len = b64_len * 3 / 4 + 1; /* Allocate more memory if necessary. */ - if( ssl_required_len > ssl_max_len ) - { - void *ptr = realloc( ssl_buf, ssl_required_len ); - if( NULL == ptr ) - { - printf_err( alloc_err ); - fclose( b64_file ); + if (ssl_required_len > ssl_max_len) { + void *ptr = realloc(ssl_buf, ssl_required_len); + if (NULL == ptr) { + printf_err(alloc_err); + fclose(b64_file); b64_file = NULL; break; } @@ -1074,47 +971,44 @@ int main( int argc, char *argv[] ) ssl_max_len = ssl_required_len; } - printf( "\nDeserializing number %u:\n", ++b64_counter ); + printf("\nDeserializing number %u:\n", ++b64_counter); - printf( "\nBase64 code:\n" ); - print_b64( b64_buf, b64_len ); + printf("\nBase64 code:\n"); + print_b64(b64_buf, b64_len); - ret = mbedtls_base64_decode( ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len ); - if( ret != 0) - { - mbedtls_strerror( ret, (char*) b64_buf, b64_max_len ); - printf_err( "base64 code cannot be decoded - %s\n", b64_buf ); + ret = mbedtls_base64_decode(ssl_buf, ssl_max_len, &ssl_len, b64_buf, b64_len); + if (ret != 0) { + mbedtls_strerror(ret, (char *) b64_buf, b64_max_len); + printf_err("base64 code cannot be decoded - %s\n", b64_buf); continue; } - if( debug ) - { - printf( "\nDecoded data in hex:\n\t"); - print_hex( ssl_buf, ssl_len, 25, "\t" ); + if (debug) { + printf("\nDecoded data in hex:\n\t"); + print_hex(ssl_buf, ssl_len, 25, "\t"); } - print_deserialized_ssl_context( ssl_buf, ssl_len ); + print_deserialized_ssl_context(ssl_buf, ssl_len); - } - else - { - fclose( b64_file ); + } else { + fclose(b64_file); b64_file = NULL; } } - free( b64_buf ); - free( ssl_buf ); + free(b64_buf); + free(ssl_buf); - if( b64_counter > 0 ) - { - printf_dbg( "Finished. Found %u base64 codes\n", b64_counter ); - } - else - { - printf( "Finished. No valid base64 code found\n" ); + if (b64_counter > 0) { + printf_dbg("Finished. Found %u base64 codes\n", b64_counter); + } else { + printf("Finished. No valid base64 code found\n"); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return 0; } diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_fork_server.c b/third_party/mbedtls/repo/programs/ssl/ssl_fork_server.c index 3a07179a891..b0a550f6e85 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_fork_server.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_fork_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program using fork() for handling multiple clients * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,18 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ @@ -42,24 +19,24 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_TIMING_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_PEM_PARSE_C) -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { ((void) argc); ((void) argv); mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_TIMING_C and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #elif defined(_WIN32) -int main( void ) +int main(void) { mbedtls_printf("_WIN32 defined. This application requires fork() and signals " - "to work correctly.\n"); - mbedtls_exit( 0 ); + "to work correctly.\n"); + mbedtls_exit(0); } #else @@ -80,23 +57,23 @@ int main( void ) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret = 1, len, cnt = 0, pid; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -111,126 +88,126 @@ int main( void ) mbedtls_x509_crt srvcert; mbedtls_pk_context pkey; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_entropy_init( &entropy ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pkey); + mbedtls_x509_crt_init(&srvcert); + mbedtls_ctr_drbg_init(&ctr_drbg); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - signal( SIGCHLD, SIG_IGN ); + signal(SIGCHLD, SIG_IGN); /* * 0. Initial seeding of the RNG */ - mbedtls_printf( "\n . Initial seeding of the random generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret ); + mbedtls_printf("\n . Initial seeding of the random generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed! mbedtls_ctr_drbg_seed returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1b. Prepare SSL configuration */ - mbedtls_printf( " . Configuring SSL..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Configuring SSL..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - while( 1 ) - { + while (1) { /* * 3. Wait until a client connects */ - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); - mbedtls_printf( " . Waiting for a remote connection ...\n" ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ...\n"); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed! mbedtls_net_accept returned %d\n\n", ret); goto exit; } @@ -238,113 +215,104 @@ int main( void ) * 3.5. Forking server thread */ - mbedtls_printf( " . Forking to handle connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Forking to handle connection ..."); + fflush(stdout); pid = fork(); - if( pid < 0 ) - { - mbedtls_printf(" failed! fork returned %d\n\n", pid ); + if (pid < 0) { + mbedtls_printf(" failed! fork returned %d\n\n", pid); goto exit; } - if( pid != 0 ) - { - mbedtls_printf( " ok\n" ); - mbedtls_net_close( &client_fd ); + if (pid != 0) { + mbedtls_printf(" ok\n"); + mbedtls_net_close(&client_fd); - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "parent", - 6 ) ) != 0 ) - { - mbedtls_printf( " failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret ); + if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg, + (const unsigned char *) "parent", + 6)) != 0) { + mbedtls_printf(" failed! mbedtls_ctr_drbg_reseed returned %d\n\n", ret); goto exit; } continue; } - mbedtls_net_close( &listen_fd ); + mbedtls_net_close(&listen_fd); pid = getpid(); /* * 4. Setup stuff */ - mbedtls_printf( "pid %d: Setting up the SSL data.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Setting up the SSL data.\n", pid); + fflush(stdout); - if( ( ret = mbedtls_ctr_drbg_reseed( &ctr_drbg, - (const unsigned char *) "child", - 5 ) ) != 0 ) - { + if ((ret = mbedtls_ctr_drbg_reseed(&ctr_drbg, + (const unsigned char *) "child", + 5)) != 0) { mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", - pid, ret ); + "pid %d: SSL setup failed! mbedtls_ctr_drbg_reseed returned %d\n\n", + pid, ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { mbedtls_printf( - "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", - pid, ret ); + "pid %d: SSL setup failed! mbedtls_ssl_setup returned %d\n\n", + pid, ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( "pid %d: SSL setup ok\n", pid ); + mbedtls_printf("pid %d: SSL setup ok\n", pid); /* * 5. Handshake */ - mbedtls_printf( "pid %d: Performing the SSL/TLS handshake.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Performing the SSL/TLS handshake.\n", pid); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { mbedtls_printf( - "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", - pid, ret ); + "pid %d: SSL handshake failed! mbedtls_ssl_handshake returned %d\n\n", + pid, ret); goto exit; } } - mbedtls_printf( "pid %d: SSL handshake ok\n", pid ); + mbedtls_printf("pid %d: SSL handshake ok\n", pid); /* * 6. Read the HTTP Request */ - mbedtls_printf( "pid %d: Start reading from client.\n", pid ); - fflush( stdout ); + mbedtls_printf("pid %d: Start reading from client.\n", pid); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( "pid %d: connection was closed gracefully\n", pid ); + mbedtls_printf("pid %d: connection was closed gracefully\n", pid); break; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( "pid %d: connection was reset by peer\n", pid ); + mbedtls_printf("pid %d: connection was reset by peer\n", pid); break; default: - mbedtls_printf( "pid %d: mbedtls_ssl_read returned %d\n", pid, ret ); + mbedtls_printf("pid %d: mbedtls_ssl_read returned %d\n", pid, ret); break; } @@ -352,70 +320,68 @@ int main( void ) } len = ret; - mbedtls_printf( "pid %d: %d bytes read\n\n%s", pid, len, (char *) buf ); + mbedtls_printf("pid %d: %d bytes read\n\n%s", pid, len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( "pid %d: Start writing to client.\n", pid ); - fflush( stdout ); - - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); - - while( cnt++ < 100 ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { + mbedtls_printf("pid %d: Start writing to client.\n", pid); + fflush(stdout); + + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); + + while (cnt++ < 100) { + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { mbedtls_printf( - "pid %d: Write failed! peer closed the connection\n\n", pid ); + "pid %d: Write failed! peer closed the connection\n\n", pid); goto exit; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { mbedtls_printf( - "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", - pid, ret ); + "pid %d: Write failed! mbedtls_ssl_write returned %d\n\n", + pid, ret); goto exit; } } len = ret; - mbedtls_printf( "pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf ); + mbedtls_printf("pid %d: %d bytes written\n\n%s\n", pid, len, (char *) buf); - mbedtls_net_usleep( 1000000 ); + mbedtls_net_usleep(1000000); } - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); goto exit; } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_mail_client.c b/third_party/mbedtls/repo/programs/ssl/ssl_mail_client.c index fb965f6724c..31da2ed83a1 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_mail_client.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_mail_client.c @@ -2,19 +2,7 @@ * SSL client for SMTP servers * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of gethostname() even when compiling with -std=c99. Must @@ -29,33 +17,21 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -111,7 +87,8 @@ int main( void ) #define USAGE_AUTH \ " authentication=%%d default: 0 (disabled)\n" \ " user_name=%%s default: \"" DFL_USER_NAME "\"\n" \ - " user_pwd=%%s default: \"" DFL_USER_PWD "\"\n" + " user_pwd=%%s default: \"" \ + DFL_USER_PWD "\"\n" #else #define USAGE_AUTH \ " authentication options disabled. (Require MBEDTLS_BASE64_C)\n" @@ -131,9 +108,10 @@ int main( void ) "\n usage: ssl_mail_client param=<>...\n" \ "\n acceptable parameters:\n" \ " server_name=%%s default: " DFL_SERVER_NAME "\n" \ - " server_port=%%d default: " DFL_SERVER_PORT "\n" \ - " debug_level=%%d default: 0 (disabled)\n" \ - " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ + " server_port=%%d default: " \ + DFL_SERVER_PORT "\n" \ + " debug_level=%%d default: 0 (disabled)\n" \ + " mode=%%d default: 0 (SSL/TLS) (1 for STARTTLS)\n" \ USAGE_AUTH \ " mail_from=%%s default: \"\"\n" \ " mail_to=%%s default: \"\"\n" \ @@ -145,8 +123,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *server_name; /* hostname of the server (client only) */ const char *server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ @@ -162,17 +139,17 @@ struct options int force_ciphersuite[2]; /* protocol/ciphersuite to use, or all */ } opt; -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -static int do_handshake( mbedtls_ssl_context *ssl ) +static int do_handshake(mbedtls_ssl_context *ssl) { int ret; uint32_t flags; @@ -182,69 +159,64 @@ static int do_handshake( mbedtls_ssl_context *ssl ) /* * 4. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { + while ((ret = mbedtls_ssl_handshake(ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { #if defined(MBEDTLS_ERROR_C) - mbedtls_strerror( ret, (char *) buf, 1024 ); + mbedtls_strerror(ret, (char *) buf, 1024); #endif - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf ); - return( -1 ); + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d: %s\n\n", ret, buf); + return -1; } } - mbedtls_printf( " ok\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_ciphersuite( ssl ) ); + mbedtls_printf(" ok\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_ciphersuite(ssl)); /* * 5. Verify the server certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); /* In real life, we probably want to bail out when ret != 0 */ - if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( ssl ) ); - mbedtls_printf( "%s\n", buf ); + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + mbedtls_ssl_get_peer_cert(ssl)); + mbedtls_printf("%s\n", buf); - return( 0 ); + return 0; } -static int write_ssl_data( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret; mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); return -1; } } - return( 0 ); + return 0; } -static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) +static int write_ssl_and_get_response(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret; unsigned char data[128]; @@ -252,57 +224,52 @@ static int write_ssl_and_get_response( mbedtls_ssl_context *ssl, unsigned char * size_t i, idx = 0; mbedtls_printf("\n%s", buf); - while( len && ( ret = mbedtls_ssl_write( ssl, buf, len ) ) <= 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + while (len && (ret = mbedtls_ssl_write(ssl, buf, len)) <= 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); return -1; } } - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_ssl_read( ssl, data, len ); + do { + len = sizeof(data) - 1; + memset(data, 0, sizeof(data)); + ret = mbedtls_ssl_read(ssl, data, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY ) + if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { return -1; + } - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_read returned %d\n\n", ret ); + if (ret <= 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_read returned %d\n\n", ret); return -1; } mbedtls_printf("\n%s", data); len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; + for (i = 0; i < len; i++) { + if (data[i] != '\n') { + if (idx < 4) { + code[idx++] = data[i]; + } continue; } - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { + if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') { code[3] = '\0'; - return atoi( code ); + return atoi(code); } idx = 0; } - } - while( 1 ); + } while (1); } -static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char *buf, size_t len ) +static int write_and_get_response(mbedtls_net_context *sock_fd, unsigned char *buf, size_t len) { int ret; unsigned char data[128]; @@ -310,49 +277,43 @@ static int write_and_get_response( mbedtls_net_context *sock_fd, unsigned char * size_t i, idx = 0; mbedtls_printf("\n%s", buf); - if( len && ( ret = mbedtls_net_send( sock_fd, buf, len ) ) <= 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - return -1; + if (len && (ret = mbedtls_net_send(sock_fd, buf, len)) <= 0) { + mbedtls_printf(" failed\n ! mbedtls_net_send returned %d\n\n", ret); + return -1; } - do - { - len = sizeof( data ) - 1; - memset( data, 0, sizeof( data ) ); - ret = mbedtls_net_recv( sock_fd, data, len ); + do { + len = sizeof(data) - 1; + memset(data, 0, sizeof(data)); + ret = mbedtls_net_recv(sock_fd, data, len); - if( ret <= 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_net_recv returned %d\n\n", ret ); + if (ret <= 0) { + mbedtls_printf("failed\n ! mbedtls_net_recv returned %d\n\n", ret); return -1; } data[len] = '\0'; mbedtls_printf("\n%s", data); len = ret; - for( i = 0; i < len; i++ ) - { - if( data[i] != '\n' ) - { - if( idx < 4 ) - code[ idx++ ] = data[i]; + for (i = 0; i < len; i++) { + if (data[i] != '\n') { + if (idx < 4) { + code[idx++] = data[i]; + } continue; } - if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' ) - { + if (idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ') { code[3] = '\0'; - return atoi( code ); + return atoi(code); } idx = 0; } - } - while( 1 ); + } while (1); } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1, len; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -363,7 +324,7 @@ int main( int argc, char *argv[] ) * "%s\r\n". Hence, the size of buf should be at least the size of base * plus 2 bytes for the \r and \n characters. */ - unsigned char buf[sizeof( base ) + 2]; + unsigned char buf[sizeof(base) + 2]; #else unsigned char buf[1024]; #endif @@ -385,24 +346,32 @@ int main( int argc, char *argv[] ) /* * Make sure memory references are valid in case we exit early. */ - mbedtls_net_init( &server_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( &buf, 0, sizeof( buf ) ); - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &clicert ); - mbedtls_pk_init( &pkey ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + mbedtls_net_init(&server_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(&buf, 0, sizeof(buf)); + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&clicert); + mbedtls_pk_init(&pkey); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { +usage: + mbedtls_printf(USAGE); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -421,438 +390,415 @@ int main( int argc, char *argv[] ) opt.ca_file = DFL_CA_FILE; opt.crt_file = DFL_CRT_FILE; opt.key_file = DFL_KEY_FILE; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_name" ) == 0 ) + if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "authentication" ) == 0 ) - { - opt.authentication = atoi( q ); - if( opt.authentication < 0 || opt.authentication > 1 ) + } + } else if (strcmp(p, "authentication") == 0) { + opt.authentication = atoi(q); + if (opt.authentication < 0 || opt.authentication > 1) { goto usage; - } - else if( strcmp( p, "mode" ) == 0 ) - { - opt.mode = atoi( q ); - if( opt.mode < 0 || opt.mode > 1 ) + } + } else if (strcmp(p, "mode") == 0) { + opt.mode = atoi(q); + if (opt.mode < 0 || opt.mode > 1) { goto usage; - } - else if( strcmp( p, "user_name" ) == 0 ) + } + } else if (strcmp(p, "user_name") == 0) { opt.user_name = q; - else if( strcmp( p, "user_pwd" ) == 0 ) + } else if (strcmp(p, "user_pwd") == 0) { opt.user_pwd = q; - else if( strcmp( p, "mail_from" ) == 0 ) + } else if (strcmp(p, "mail_from") == 0) { opt.mail_from = q; - else if( strcmp( p, "mail_to" ) == 0 ) + } else if (strcmp(p, "mail_to") == 0) { opt.mail_to = q; - else if( strcmp( p, "ca_file" ) == 0 ) + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { + } else if (strcmp(p, "force_ciphersuite") == 0) { opt.force_ciphersuite[0] = -1; - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); - if( opt.force_ciphersuite[0] <= 0 ) + if (opt.force_ciphersuite[0] <= 0) { goto usage; + } opt.force_ciphersuite[1] = 0; - } - else + } else { goto usage; + } } /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); + ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); #else { mbedtls_printf("MBEDTLS_CERTS_C and/or MBEDTLS_PEM_PARSE_C not defined."); goto exit; } #endif - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key * * (can be skipped if client authentication is not required) */ - mbedtls_printf( " . Loading the client cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the client cert. and key..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) ) - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); - else + if (strlen(opt.crt_file)) { + ret = mbedtls_x509_crt_parse_file(&clicert, opt.crt_file); + } else #endif #if defined(MBEDTLS_CERTS_C) - ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, - mbedtls_test_cli_crt_len ); + ret = mbedtls_x509_crt_parse(&clicert, (const unsigned char *) mbedtls_test_cli_crt, + mbedtls_test_cli_crt_len); #else { mbedtls_printf("MBEDTLS_CERTS_C not defined."); goto exit; } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } #if defined(MBEDTLS_FS_IO) - if( strlen( opt.key_file ) ) - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); - else + if (strlen(opt.key_file)) { + ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, ""); + } else #endif #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_PEM_PARSE_C) - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key, - mbedtls_test_cli_key_len, NULL, 0 ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_cli_key, + mbedtls_test_cli_key_len, NULL, 0); #else { mbedtls_printf("MBEDTLS_CERTS_C or MBEDTLS_PEM_PARSE_C not defined."); goto exit; } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Start the connection */ - mbedtls_printf( " . Connecting to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); + mbedtls_printf(" . Connecting to tcp/%s/%s...", opt.server_name, + opt.server_port); + fflush(stdout); - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + if ((ret = mbedtls_net_connect(&server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } /* OPTIONAL is not optimal for security, * but makes interop easier in this simplified example */ - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL ); + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &clicert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.mode == MODE_SSL_TLS ) - { - if( do_handshake( &ssl ) != 0 ) + if (opt.mode == MODE_SSL_TLS) { + if (do_handshake(&ssl) != 0) { goto exit; + } - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); + mbedtls_printf(" > Get header from server:"); + fflush(stdout); - ret = write_ssl_and_get_response( &ssl, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + ret = write_ssl_and_get_response(&ssl, buf, 0); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write EHLO to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "EHLO %s\r\n", hostname); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - } - else - { - mbedtls_printf( " > Get header from server:" ); - fflush( stdout ); + } else { + mbedtls_printf(" > Get header from server:"); + fflush(stdout); - ret = write_and_get_response( &server_fd, buf, 0 ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + ret = write_and_get_response(&server_fd, buf, 0); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write EHLO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write EHLO to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "EHLO %s\r\n", hostname ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "EHLO %s\r\n", hostname); + ret = write_and_get_response(&server_fd, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write STARTTLS to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write STARTTLS to server:"); + fflush(stdout); - gethostname( hostname, 32 ); - len = sprintf( (char *) buf, "STARTTLS\r\n" ); - ret = write_and_get_response( &server_fd, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + gethostname(hostname, 32); + len = sprintf((char *) buf, "STARTTLS\r\n"); + ret = write_and_get_response(&server_fd, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - if( do_handshake( &ssl ) != 0 ) + if (do_handshake(&ssl) != 0) { goto exit; + } } #if defined(MBEDTLS_BASE64_C) - if( opt.authentication ) - { - mbedtls_printf( " > Write AUTH LOGIN to server:" ); - fflush( stdout ); - - len = sprintf( (char *) buf, "AUTH LOGIN\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + if (opt.authentication) { + mbedtls_printf(" > Write AUTH LOGIN to server:"); + fflush(stdout); + + len = sprintf((char *) buf, "AUTH LOGIN\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write username to server: %s", opt.user_name ); - fflush( stdout ); + mbedtls_printf(" > Write username to server: %s", opt.user_name); + fflush(stdout); - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_name, - strlen( opt.user_name ) ); + ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_name, + strlen(opt.user_name)); - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret); goto exit; } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "%s\r\n", base); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 300 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write password to server: %s", opt.user_pwd ); - fflush( stdout ); + mbedtls_printf(" > Write password to server: %s", opt.user_pwd); + fflush(stdout); - ret = mbedtls_base64_encode( base, sizeof( base ), &n, (const unsigned char *) opt.user_pwd, - strlen( opt.user_pwd ) ); + ret = mbedtls_base64_encode(base, sizeof(base), &n, (const unsigned char *) opt.user_pwd, + strlen(opt.user_pwd)); - if( ret != 0 ) { - mbedtls_printf( " failed\n ! mbedtls_base64_encode returned %d\n\n", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_base64_encode returned %d\n\n", ret); goto exit; } - len = sprintf( (char *) buf, "%s\r\n", base ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "%s\r\n", base); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); } #endif - mbedtls_printf( " > Write MAIL FROM to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write MAIL FROM to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "MAIL FROM:<%s>\r\n", opt.mail_from); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write RCPT TO to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write RCPT TO to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "RCPT TO:<%s>\r\n", opt.mail_to); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write DATA to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write DATA to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "DATA\r\n" ); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 300 || ret > 399 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "DATA\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 300 || ret > 399) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_printf( " > Write content to server:" ); - fflush( stdout ); + mbedtls_printf(" > Write content to server:"); + fflush(stdout); - len = sprintf( (char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" - "This is a simple test mail from the " - "mbed TLS mail client example.\r\n" - "\r\n" - "Enjoy!", opt.mail_from ); - ret = write_ssl_data( &ssl, buf, len ); + len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n" + "This is a simple test mail from the " + "Mbed TLS mail client example.\r\n" + "\r\n" + "Enjoy!", opt.mail_from); + ret = write_ssl_data(&ssl, buf, len); - len = sprintf( (char *) buf, "\r\n.\r\n"); - ret = write_ssl_and_get_response( &ssl, buf, len ); - if( ret < 200 || ret > 299 ) - { - mbedtls_printf( " failed\n ! server responded with %d\n\n", ret ); + len = sprintf((char *) buf, "\r\n.\r\n"); + ret = write_ssl_and_get_response(&ssl, buf, len); + if (ret < 200 || ret > 299) { + mbedtls_printf(" failed\n ! server responded with %d\n\n", ret); goto exit; } - mbedtls_printf(" ok\n" ); + mbedtls_printf(" ok\n"); - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &clicert ); - mbedtls_x509_crt_free( &cacert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&clicert); + mbedtls_x509_crt_free(&cacert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C ** diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_pthread_server.c b/third_party/mbedtls/repo/programs/ssl/ssl_pthread_server.c index c4c6ef1037b..f0a3658a3e6 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_pthread_server.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_pthread_server.c @@ -3,19 +3,7 @@ * clients. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -24,18 +12,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ @@ -44,15 +21,15 @@ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_THREADING_C) || !defined(MBEDTLS_THREADING_PTHREAD) || \ !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_THREADING_C and/or MBEDTLS_THREADING_PTHREAD " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -82,7 +59,7 @@ int main( void ) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 @@ -91,20 +68,20 @@ int main( void ) mbedtls_threading_mutex_t debug_mutex; -static void my_mutexed_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_mutexed_debug(void *ctx, int level, + const char *file, int line, + const char *str) { long int thread_id = (long int) pthread_self(); - mbedtls_mutex_lock( &debug_mutex ); + mbedtls_mutex_lock(&debug_mutex); ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: [ #%ld ] %s", - file, line, thread_id, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: [ #%ld ] %s", + file, line, thread_id, str); + fflush((FILE *) ctx); - mbedtls_mutex_unlock( &debug_mutex ); + mbedtls_mutex_unlock(&debug_mutex); } typedef struct { @@ -122,7 +99,7 @@ typedef struct { static thread_info_t base_info; static pthread_info_t threads[MAX_NUM_THREADS]; -static void *handle_ssl_connection( void *data ) +static void *handle_ssl_connection(void *data) { int ret, len; thread_info_t *thread_info = (thread_info_t *) data; @@ -132,190 +109,178 @@ static void *handle_ssl_connection( void *data ) mbedtls_ssl_context ssl; /* Make sure memory references are valid */ - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - mbedtls_printf( " [ #%ld ] Setting up SSL/TLS data\n", thread_id ); + mbedtls_printf(" [ #%ld ] Setting up SSL/TLS data\n", thread_id); /* * 4. Get the SSL context ready */ - if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, thread_info->config)) != 0) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } - mbedtls_ssl_set_bio( &ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 5. Handshake */ - mbedtls_printf( " [ #%ld ] Performing the SSL/TLS handshake\n", thread_id ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + mbedtls_printf(" [ #%ld ] Performing the SSL/TLS handshake\n", thread_id); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } } - mbedtls_printf( " [ #%ld ] ok\n", thread_id ); + mbedtls_printf(" [ #%ld ] ok\n", thread_id); /* * 6. Read the HTTP Request */ - mbedtls_printf( " [ #%ld ] < Read from client\n", thread_id ); + mbedtls_printf(" [ #%ld ] < Read from client\n", thread_id); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " [ #%ld ] connection was closed gracefully\n", - thread_id ); + mbedtls_printf(" [ #%ld ] connection was closed gracefully\n", + thread_id); goto thread_exit; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " [ #%ld ] connection was reset by peer\n", - thread_id ); + mbedtls_printf(" [ #%ld ] connection was reset by peer\n", + thread_id); goto thread_exit; default: - mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", - thread_id, ( unsigned int ) -ret ); + mbedtls_printf(" [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", + thread_id, (unsigned int) -ret); goto thread_exit; } } len = ret; - mbedtls_printf( " [ #%ld ] %d bytes read\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); + mbedtls_printf(" [ #%ld ] %d bytes read\n=====\n%s\n=====\n", + thread_id, len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( " [ #%ld ] > Write to client:\n", thread_id ); + mbedtls_printf(" [ #%ld ] > Write to client:\n", thread_id); - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " [ #%ld ] failed: peer closed the connection\n", - thread_id ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" [ #%ld ] failed: peer closed the connection\n", + thread_id); goto thread_exit; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", - thread_id, ( unsigned int ) ret ); + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", + thread_id, (unsigned int) ret); goto thread_exit; } } len = ret; - mbedtls_printf( " [ #%ld ] %d bytes written\n=====\n%s\n=====\n", - thread_id, len, (char *) buf ); - - mbedtls_printf( " [ #%ld ] . Closing the connection...", thread_id ); - - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", - thread_id, ( unsigned int ) ret ); + mbedtls_printf(" [ #%ld ] %d bytes written\n=====\n%s\n=====\n", + thread_id, len, (char *) buf); + + mbedtls_printf(" [ #%ld ] . Closing the connection...", thread_id); + + while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", + thread_id, (unsigned int) ret); goto thread_exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); ret = 0; thread_exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); + mbedtls_strerror(ret, error_buf, 100); mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n", - thread_id, ( unsigned int ) -ret, error_buf ); + thread_id, (unsigned int) -ret, error_buf); } #endif - mbedtls_net_free( client_fd ); - mbedtls_ssl_free( &ssl ); + mbedtls_net_free(client_fd); + mbedtls_ssl_free(&ssl); thread_info->thread_complete = 1; - return( NULL ); + return NULL; } -static int thread_create( mbedtls_net_context *client_fd ) +static int thread_create(mbedtls_net_context *client_fd) { int ret, i; /* * Find in-active or finished thread slot */ - for( i = 0; i < MAX_NUM_THREADS; i++ ) - { - if( threads[i].active == 0 ) + for (i = 0; i < MAX_NUM_THREADS; i++) { + if (threads[i].active == 0) { break; + } - if( threads[i].data.thread_complete == 1 ) - { - mbedtls_printf( " [ main ] Cleaning up thread %d\n", i ); - pthread_join(threads[i].thread, NULL ); - memset( &threads[i], 0, sizeof(pthread_info_t) ); + if (threads[i].data.thread_complete == 1) { + mbedtls_printf(" [ main ] Cleaning up thread %d\n", i); + pthread_join(threads[i].thread, NULL); + memset(&threads[i], 0, sizeof(pthread_info_t)); break; } } - if( i == MAX_NUM_THREADS ) - return( -1 ); + if (i == MAX_NUM_THREADS) { + return -1; + } /* * Fill thread-info for thread */ - memcpy( &threads[i].data, &base_info, sizeof(base_info) ); + memcpy(&threads[i].data, &base_info, sizeof(base_info)); threads[i].active = 1; - memcpy( &threads[i].data.client_fd, client_fd, sizeof( mbedtls_net_context ) ); + memcpy(&threads[i].data.client_fd, client_fd, sizeof(mbedtls_net_context)); - if( ( ret = pthread_create( &threads[i].thread, NULL, handle_ssl_connection, - &threads[i].data ) ) != 0 ) - { - return( ret ); + if ((ret = pthread_create(&threads[i].thread, NULL, handle_ssl_connection, + &threads[i].data)) != 0) { + return ret; } - return( 0 ); + return 0; } -int main( void ) +int main(void) { int ret; mbedtls_net_context listen_fd, client_fd; @@ -335,166 +300,166 @@ int main( void ) #endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_x509_crt_init( &cachain ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_x509_crt_init(&cachain); - mbedtls_ssl_config_init( &conf ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( threads, 0, sizeof(threads) ); - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(threads, 0, sizeof(threads)); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); - mbedtls_mutex_init( &debug_mutex ); + mbedtls_mutex_init(&debug_mutex); base_info.config = &conf; /* * We use only a single entropy source that is used in all the threads. */ - mbedtls_entropy_init( &entropy ); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &cachain, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&cachain, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - mbedtls_pk_init( &pkey ); - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + mbedtls_pk_init(&pkey); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1b. Seed the random number generator */ - mbedtls_printf( " . Seeding the random number generator..." ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", - ( unsigned int ) -ret ); + mbedtls_printf(" . Seeding the random number generator..."); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1c. Prepare SSL configuration */ - mbedtls_printf( " . Setting up the SSL data...." ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n", - ( unsigned int ) -ret ); + mbedtls_printf(" . Setting up the SSL data...."); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed: mbedtls_ssl_config_defaults returned -0x%04x\n", + (unsigned int) -ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_mutexed_debug, stdout); /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if * MBEDTLS_THREADING_C is set. */ #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, &cachain, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, &cachain, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", ( unsigned int ) -ret, - error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf(" [ main ] Last error was: -0x%04x - %s\n", (unsigned int) -ret, + error_buf); } #endif /* * 3. Wait until a client connects */ - mbedtls_printf( " [ main ] Waiting for a remote connection\n" ); + mbedtls_printf(" [ main ] Waiting for a remote connection\n"); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", - ( unsigned int ) ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" [ main ] failed: mbedtls_net_accept returned -0x%04x\n", + (unsigned int) ret); goto exit; } - mbedtls_printf( " [ main ] ok\n" ); - mbedtls_printf( " [ main ] Creating a new thread\n" ); + mbedtls_printf(" [ main ] ok\n"); + mbedtls_printf(" [ main ] Creating a new thread\n"); - if( ( ret = thread_create( &client_fd ) ) != 0 ) - { - mbedtls_printf( " [ main ] failed: thread_create returned %d\n", ret ); - mbedtls_net_free( &client_fd ); + if ((ret = thread_create(&client_fd)) != 0) { + mbedtls_printf(" [ main ] failed: thread_create returned %d\n", ret); + mbedtls_net_free(&client_fd); goto reset; } @@ -502,29 +467,29 @@ int main( void ) goto reset; exit: - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - mbedtls_ssl_config_free( &conf ); - - mbedtls_net_free( &listen_fd ); - - mbedtls_mutex_free( &debug_mutex ); - + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + mbedtls_ssl_config_free(&conf); + mbedtls_net_free(&listen_fd); + mbedtls_mutex_free(&debug_mutex); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_server.c b/third_party/mbedtls/repo/programs/ssl/ssl_server.c index 0124338226a..70074fac30f 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_server.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,19 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_SSL_TLS_C) || \ @@ -43,14 +19,14 @@ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_PEM_PARSE_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_CERTS_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " - "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); - mbedtls_exit( 0 ); + "and/or MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_SRV_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_X509_CRT_PARSE_C " + "and/or MBEDTLS_PEM_PARSE_C not defined.\n"); + mbedtls_exit(0); } #else @@ -76,23 +52,23 @@ int main( void ) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" #define DEBUG_LEVEL 0 -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -int main( void ) +int main(void) { int ret, len; mbedtls_net_context listen_fd, client_fd; @@ -109,205 +85,201 @@ int main( void ) mbedtls_ssl_cache_context cache; #endif - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &ctr_drbg ); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&ctr_drbg); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( DEBUG_LEVEL ); + mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif /* * 1. Load the certificates and private RSA key */ - mbedtls_printf( "\n . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the server cert. and key..."); + fflush(stdout); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use mbedtls_x509_crt_parse_file() to read the * server and CA certificates, as well as mbedtls_pk_parse_keyfile(). */ - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, - mbedtls_test_srv_crt_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, + mbedtls_test_srv_crt_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, - mbedtls_test_cas_pem_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret ); + ret = mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_cas_pem, + mbedtls_test_cas_pem_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned %d\n\n", ret); goto exit; } - ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, - mbedtls_test_srv_key_len, NULL, 0 ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret ); + ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *) mbedtls_test_srv_key, + mbedtls_test_srv_key_len, NULL, 0); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on https://localhost:4433/ ..." ); - fflush( stdout ); + mbedtls_printf(" . Bind on https://localhost:4433/ ..."); + fflush(stdout); - if( ( ret = mbedtls_net_bind( &listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + if ((ret = mbedtls_net_bind(&listen_fd, NULL, "4433", MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Seed the RNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 4. Setup stuff */ - mbedtls_printf( " . Setting up the SSL data...." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + mbedtls_printf(" . Setting up the SSL data...."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif - mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL ); - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Handshake */ - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); - - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret); goto reset; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 6. Read the HTTP Request */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); + mbedtls_printf(" < Read from client:"); + fflush(stdout); - do - { - len = sizeof( buf ) - 1; - memset( buf, 0, sizeof( buf ) ); - ret = mbedtls_ssl_read( &ssl, buf, len ); + do { + len = sizeof(buf) - 1; + memset(buf, 0, sizeof(buf)); + ret = mbedtls_ssl_read(&ssl, buf, len); - if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { continue; + } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); break; case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); break; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); break; } @@ -315,53 +287,48 @@ int main( void ) } len = ret; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); - if( ret > 0 ) + if (ret > 0) { break; - } - while( 1 ); + } + } while (1); /* * 7. Write the 200 Response */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); + mbedtls_printf(" > Write to client:"); + fflush(stdout); - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); - while( ( ret = mbedtls_ssl_write( &ssl, buf, len ) ) <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + while ((ret = mbedtls_ssl_write(&ssl, buf, len)) <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" failed\n ! peer closed the connection\n\n"); goto reset; } - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto exit; } } len = ret; - mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) buf ); + mbedtls_printf(" %d bytes written\n\n%s\n", len, (char *) buf); - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); - while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_close_notify(&ssl)) < 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_close_notify returned %d\n\n", ret); goto reset; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); ret = 0; goto reset; @@ -369,33 +336,34 @@ int main( void ) exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); - - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( ret ); + mbedtls_exit(ret); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_CERTS_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_SRV_C && MBEDTLS_NET_C && diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_server2.c b/third_party/mbedtls/repo/programs/ssl/ssl_server2.c index ee45312bab3..5925ffc45ee 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_server2.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_server2.c @@ -2,34 +2,22 @@ * SSL client with options * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "ssl_test_lib.h" #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -int main( void ) +int main(void) { - mbedtls_printf( MBEDTLS_SSL_TEST_IMPOSSIBLE ); - mbedtls_exit( 0 ); + mbedtls_printf(MBEDTLS_SSL_TEST_IMPOSSIBLE); + mbedtls_exit(0); } #elif !defined(MBEDTLS_SSL_SRV_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_SSL_SRV_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_SSL_SRV_C not defined.\n"); + mbedtls_exit(0); } #else /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */ @@ -82,14 +70,15 @@ int main( void ) #define DFL_CA_PATH "" #define DFL_CRT_FILE "" #define DFL_KEY_FILE "" +#define DFL_KEY_OPAQUE 0 #define DFL_KEY_PWD "" #define DFL_CRT_FILE2 "" #define DFL_KEY_FILE2 "" #define DFL_KEY_PWD2 "" #define DFL_ASYNC_OPERATIONS "-" -#define DFL_ASYNC_PRIVATE_DELAY1 ( -1 ) -#define DFL_ASYNC_PRIVATE_DELAY2 ( -1 ) -#define DFL_ASYNC_PRIVATE_ERROR ( 0 ) +#define DFL_ASYNC_PRIVATE_DELAY1 (-1) +#define DFL_ASYNC_PRIVATE_DELAY2 (-1) +#define DFL_ASYNC_PRIVATE_ERROR (0) #define DFL_PSK "" #define DFL_PSK_OPAQUE 0 #define DFL_PSK_LIST_OPAQUE 0 @@ -102,7 +91,7 @@ int main( void ) #define DFL_ALLOW_LEGACY -2 #define DFL_RENEGOTIATE 0 #define DFL_RENEGO_DELAY -2 -#define DFL_RENEGO_PERIOD ( (uint64_t)-1 ) +#define DFL_RENEGO_PERIOD ((uint64_t) -1) #define DFL_EXCHANGES 1 #define DFL_MIN_VERSION -1 #define DFL_MAX_VERSION -1 @@ -148,29 +137,26 @@ int main( void ) #define DFL_SRTP_SUPPORT_MKI 0 #define LONG_RESPONSE "

01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ - "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" + "02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "03-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "04-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "05-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "06-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \ + "07-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah

\r\n" /* Uncomment LONG_RESPONSE at the end of HTTP_RESPONSE to test sending longer * packets (for fragmentation purposes) */ #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

mbed TLS Test Server

\r\n" \ + "

Mbed TLS Test Server

\r\n" \ "

Successful connection using: %s

\r\n" // LONG_RESPONSE /* * Size of the basic I/O buffer. Able to hold our default response. - * - * You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh - * if you change this value to something outside the range <= 100 or > 500 */ #define DFL_IO_BUF_LEN 200 -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_FS_IO) #define USAGE_IO \ " ca_file=%%s The single file containing the top-level CA(s) you fully trust\n" \ @@ -182,14 +168,14 @@ int main( void ) " crt_file=%%s Your own cert and chain (in bottom to top order, top may be omitted)\n" \ " default: see note after key_file2\n" \ " key_file=%%s default: see note after key_file2\n" \ - " key_pwd=%%s Password for key specified by key_file argument\n"\ + " key_pwd=%%s Password for key specified by key_file argument\n" \ " default: none\n" \ " crt_file2=%%s Your second cert and chain (in bottom to top order, top may be omitted)\n" \ " default: see note after key_file2\n" \ " key_file2=%%s default: see note below\n" \ " note: if neither crt_file/key_file nor crt_file2/key_file2 are used,\n" \ " preloaded certificate(s) and key(s) are used if available\n" \ - " key_pwd2=%%s Password for key specified by key_file2 argument\n"\ + " key_pwd2=%%s Password for key specified by key_file2 argument\n" \ " default: none\n" \ " dhm_file=%%s File containing Diffie-Hellman parameters\n" \ " default: preloaded parameters\n" @@ -201,7 +187,14 @@ int main( void ) #endif /* MBEDTLS_FS_IO */ #else #define USAGE_IO "" -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +#define USAGE_KEY_OPAQUE \ + " key_opaque=%%d Handle your private keys as if they were opaque\n" \ + " default: 0 (disabled)\n" +#else +#define USAGE_KEY_OPAQUE "" +#endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) #define USAGE_SSL_ASYNC \ @@ -272,13 +265,13 @@ int main( void ) #else #define USAGE_CA_CALLBACK "" #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" \ " ticket_timeout=%%d default: 86400 (one day)\n" #else #define USAGE_TICKETS "" -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) #define USAGE_EAP_TLS \ @@ -310,10 +303,16 @@ int main( void ) #if defined(MBEDTLS_SSL_CACHE_C) #define USAGE_CACHE \ - " cache_max=%%d default: cache default (50)\n" \ + " cache_max=%%d default: cache default (50)\n" +#if defined(MBEDTLS_HAVE_TIME) +#define USAGE_CACHE_TIME \ " cache_timeout=%%d default: cache default (1d)\n" #else +#define USAGE_CACHE_TIME "" +#endif +#else #define USAGE_CACHE "" +#define USAGE_CACHE_TIME "" #endif /* MBEDTLS_SSL_CACHE_C */ #if defined(SNI_OPTION) @@ -324,8 +323,8 @@ int main( void ) #endif #define USAGE_SNI \ - " sni=%%s name1,cert1,key1,ca1"SNI_CRL",auth1[,...]\n" \ - " default: disabled\n" + " sni=%%s name1,cert1,key1,ca1"SNI_CRL ",auth1[,...]\n" \ + " default: disabled\n" #else #define USAGE_SNI "" #endif /* SNI_OPTION */ @@ -438,7 +437,7 @@ int main( void ) " serialize=%%d default: 0 (do not serialize/deserialize)\n" \ " options: 1 (serialize)\n" \ " 2 (serialize with re-initialization)\n" \ - " context_file=%%s The file path to write a serialized connection\n"\ + " context_file=%%s The file path to write a serialized connection\n" \ " in the form of base64 code (serialize option\n" \ " must be set)\n" \ " default: \"\" (do nothing)\n" \ @@ -455,11 +454,13 @@ int main( void ) " server_addr=%%s default: (all interfaces)\n" \ " server_port=%%d default: 4433\n" \ " debug_level=%%d default: 0 (disabled)\n" \ + " build_version=%%d default: none (disabled)\n" \ + " option: 1 (print build version only and stop)\n" \ " buffer_size=%%d default: 200 \n" \ " (minimum: 1, max: 16385)\n" \ " response_size=%%d default: about 152 (basic response)\n" \ " (minimum: 0, max: 16384)\n" \ - " increases buffer_size if bigger\n"\ + " increases buffer_size if bigger\n" \ " nbio=%%d default: 0 (blocking I/O)\n" \ " options: 1 (non-blocking), 2 (added delays)\n" \ " event=%%d default: 0 (loop)\n" \ @@ -478,6 +479,7 @@ int main( void ) " cert_req_ca_list=%%d default: 1 (send ca list)\n" \ " options: 1 (send ca list), 0 (don't send)\n" \ USAGE_IO \ + USAGE_KEY_OPAQUE \ "\n" \ USAGE_PSK \ USAGE_CA_CALLBACK \ @@ -494,6 +496,7 @@ int main( void ) USAGE_NSS_KEYLOG \ USAGE_NSS_KEYLOG_FILE \ USAGE_CACHE \ + USAGE_CACHE_TIME \ USAGE_MAX_FRAG_LEN \ USAGE_TRUNC_HMAC \ USAGE_ALPN \ @@ -525,24 +528,23 @@ int main( void ) #define ALPN_LIST_SIZE 10 #define CURVE_LIST_SIZE 20 -#define PUT_UINT64_BE(out_be,in_le,i) \ -{ \ - (out_be)[(i) + 0] = (unsigned char)( ( (in_le) >> 56 ) & 0xFF ); \ - (out_be)[(i) + 1] = (unsigned char)( ( (in_le) >> 48 ) & 0xFF ); \ - (out_be)[(i) + 2] = (unsigned char)( ( (in_le) >> 40 ) & 0xFF ); \ - (out_be)[(i) + 3] = (unsigned char)( ( (in_le) >> 32 ) & 0xFF ); \ - (out_be)[(i) + 4] = (unsigned char)( ( (in_le) >> 24 ) & 0xFF ); \ - (out_be)[(i) + 5] = (unsigned char)( ( (in_le) >> 16 ) & 0xFF ); \ - (out_be)[(i) + 6] = (unsigned char)( ( (in_le) >> 8 ) & 0xFF ); \ - (out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \ -} +#define PUT_UINT64_BE(out_be, in_le, i) \ + { \ + (out_be)[(i) + 0] = (unsigned char) (((in_le) >> 56) & 0xFF); \ + (out_be)[(i) + 1] = (unsigned char) (((in_le) >> 48) & 0xFF); \ + (out_be)[(i) + 2] = (unsigned char) (((in_le) >> 40) & 0xFF); \ + (out_be)[(i) + 3] = (unsigned char) (((in_le) >> 32) & 0xFF); \ + (out_be)[(i) + 4] = (unsigned char) (((in_le) >> 24) & 0xFF); \ + (out_be)[(i) + 5] = (unsigned char) (((in_le) >> 16) & 0xFF); \ + (out_be)[(i) + 6] = (unsigned char) (((in_le) >> 8) & 0xFF); \ + (out_be)[(i) + 7] = (unsigned char) (((in_le) >> 0) & 0xFF); \ + } /* * global options */ -struct options -{ +struct options { const char *server_addr; /* address on which the ssl service runs */ const char *server_port; /* port on which the ssl service runs */ int debug_level; /* level of debugging */ @@ -555,6 +557,7 @@ struct options const char *ca_path; /* the path with the CA certificate(s) reside */ const char *crt_file; /* the file with the server certificate */ const char *key_file; /* the file with the server key */ + int key_opaque; /* handle private key as if it were opaque */ const char *key_pwd; /* the password for the server key */ const char *crt_file2; /* the file with the 2nd server certificate */ const char *key_file2; /* the file with the 2nd server key */ @@ -593,7 +596,9 @@ struct options int tickets; /* enable / disable session tickets */ int ticket_timeout; /* session ticket lifetime */ int cache_max; /* max number of session cache entries */ - int cache_timeout; /* expiration delay of session cache entries */ +#if defined(MBEDTLS_HAVE_TIME) + int cache_timeout; /* expiration delay of session cache entries*/ +#endif char *sni; /* string describing sni information */ const char *curves; /* list of supported elliptic curves */ const char *alpn_string; /* ALPN supported protocols */ @@ -605,7 +610,7 @@ struct options int anti_replay; /* Use anti-replay for DTLS? -1 for default */ uint32_t hs_to_min; /* Initial value of DTLS handshake timer */ uint32_t hs_to_max; /* Max value of DTLS handshake timer */ - int dtls_mtu; /* UDP Maximum tranport unit for DTLS */ + int dtls_mtu; /* UDP Maximum transport unit for DTLS */ int dgram_packing; /* allow/forbid datagram packing */ int badmac_limit; /* Limit of records with bad MAC */ int eap_tls; /* derive EAP-TLS keying material? */ @@ -633,30 +638,33 @@ struct options /* * Return authmode from string, or -1 on error */ -static int get_auth_mode( const char *s ) +static int get_auth_mode(const char *s) { - if( strcmp( s, "none" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_NONE ); - if( strcmp( s, "optional" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_OPTIONAL ); - if( strcmp( s, "required" ) == 0 ) - return( MBEDTLS_SSL_VERIFY_REQUIRED ); - - return( -1 ); + if (strcmp(s, "none") == 0) { + return MBEDTLS_SSL_VERIFY_NONE; + } + if (strcmp(s, "optional") == 0) { + return MBEDTLS_SSL_VERIFY_OPTIONAL; + } + if (strcmp(s, "required") == 0) { + return MBEDTLS_SSL_VERIFY_REQUIRED; + } + + return -1; } /* * Used by sni_parse and psk_parse to handle coma-separated lists */ -#define GET_ITEM( dst ) \ +#define GET_ITEM(dst) \ do \ { \ (dst) = p; \ - while( *p != ',' ) \ - if( ++p > end ) \ - goto error; \ + while (*p != ',') \ + if (++p > end) \ + goto error; \ *p++ = '\0'; \ - } while( 0 ) + } while (0) #if defined(SNI_OPTION) typedef struct _sni_entry sni_entry; @@ -665,32 +673,31 @@ struct _sni_entry { const char *name; mbedtls_x509_crt *cert; mbedtls_pk_context *key; - mbedtls_x509_crt* ca; - mbedtls_x509_crl* crl; + mbedtls_x509_crt *ca; + mbedtls_x509_crl *crl; int authmode; sni_entry *next; }; -void sni_free( sni_entry *head ) +void sni_free(sni_entry *head) { sni_entry *cur = head, *next; - while( cur != NULL ) - { - mbedtls_x509_crt_free( cur->cert ); - mbedtls_free( cur->cert ); + while (cur != NULL) { + mbedtls_x509_crt_free(cur->cert); + mbedtls_free(cur->cert); - mbedtls_pk_free( cur->key ); - mbedtls_free( cur->key ); + mbedtls_pk_free(cur->key); + mbedtls_free(cur->key); - mbedtls_x509_crt_free( cur->ca ); - mbedtls_free( cur->ca ); + mbedtls_x509_crt_free(cur->ca); + mbedtls_free(cur->ca); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_free( cur->crl ); - mbedtls_free( cur->crl ); + mbedtls_x509_crl_free(cur->crl); + mbedtls_free(cur->crl); #endif next = cur->next; - mbedtls_free( cur ); + mbedtls_free(cur); cur = next; } } @@ -702,7 +709,7 @@ void sni_free( sni_entry *head ) * * Modifies the input string! This is not production quality! */ -sni_entry *sni_parse( char *sni_string ) +sni_entry *sni_parse(char *sni_string) { sni_entry *cur = NULL, *new = NULL; char *p = sni_string; @@ -712,108 +719,111 @@ sni_entry *sni_parse( char *sni_string ) char *crl_file; #endif - while( *end != '\0' ) + while (*end != '\0') { ++end; + } *end = ','; - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( sni_entry ) ) ) == NULL ) - { - sni_free( cur ); - return( NULL ); + while (p <= end) { + if ((new = mbedtls_calloc(1, sizeof(sni_entry))) == NULL) { + sni_free(cur); + return NULL; } - GET_ITEM( new->name ); - GET_ITEM( crt_file ); - GET_ITEM( key_file ); - GET_ITEM( ca_file ); + GET_ITEM(new->name); + GET_ITEM(crt_file); + GET_ITEM(key_file); + GET_ITEM(ca_file); #if defined(MBEDTLS_X509_CRL_PARSE_C) - GET_ITEM( crl_file ); + GET_ITEM(crl_file); #endif - GET_ITEM( auth_str ); + GET_ITEM(auth_str); - if( ( new->cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL || - ( new->key = mbedtls_calloc( 1, sizeof( mbedtls_pk_context ) ) ) == NULL ) + if ((new->cert = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL || + (new->key = mbedtls_calloc(1, sizeof(mbedtls_pk_context))) == NULL) { goto error; + } - mbedtls_x509_crt_init( new->cert ); - mbedtls_pk_init( new->key ); + mbedtls_x509_crt_init(new->cert); + mbedtls_pk_init(new->key); - if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 || - mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 ) + if (mbedtls_x509_crt_parse_file(new->cert, crt_file) != 0 || + mbedtls_pk_parse_keyfile(new->key, key_file, "") != 0) { goto error; + } - if( strcmp( ca_file, "-" ) != 0 ) - { - if( ( new->ca = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ) ) == NULL ) + if (strcmp(ca_file, "-") != 0) { + if ((new->ca = mbedtls_calloc(1, sizeof(mbedtls_x509_crt))) == NULL) { goto error; + } - mbedtls_x509_crt_init( new->ca ); + mbedtls_x509_crt_init(new->ca); - if( mbedtls_x509_crt_parse_file( new->ca, ca_file ) != 0 ) + if (mbedtls_x509_crt_parse_file(new->ca, ca_file) != 0) { goto error; + } } #if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strcmp( crl_file, "-" ) != 0 ) - { - if( ( new->crl = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) ) ) == NULL ) + if (strcmp(crl_file, "-") != 0) { + if ((new->crl = mbedtls_calloc(1, sizeof(mbedtls_x509_crl))) == NULL) { goto error; + } - mbedtls_x509_crl_init( new->crl ); + mbedtls_x509_crl_init(new->crl); - if( mbedtls_x509_crl_parse_file( new->crl, crl_file ) != 0 ) + if (mbedtls_x509_crl_parse_file(new->crl, crl_file) != 0) { goto error; + } } #endif - if( strcmp( auth_str, "-" ) != 0 ) - { - if( ( new->authmode = get_auth_mode( auth_str ) ) < 0 ) + if (strcmp(auth_str, "-") != 0) { + if ((new->authmode = get_auth_mode(auth_str)) < 0) { goto error; - } - else + } + } else { new->authmode = DFL_AUTH_MODE; + } new->next = cur; cur = new; } - return( cur ); + return cur; error: - sni_free( new ); - sni_free( cur ); - return( NULL ); + sni_free(new); + sni_free(cur); + return NULL; } /* * SNI callback. */ -int sni_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) +int sni_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) { const sni_entry *cur = (const sni_entry *) p_info; - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { - if( cur->ca != NULL ) - mbedtls_ssl_set_hs_ca_chain( ssl, cur->ca, cur->crl ); + while (cur != NULL) { + if (name_len == strlen(cur->name) && + memcmp(name, cur->name, name_len) == 0) { + if (cur->ca != NULL) { + mbedtls_ssl_set_hs_ca_chain(ssl, cur->ca, cur->crl); + } - if( cur->authmode != DFL_AUTH_MODE ) - mbedtls_ssl_set_hs_authmode( ssl, cur->authmode ); + if (cur->authmode != DFL_AUTH_MODE) { + mbedtls_ssl_set_hs_authmode(ssl, cur->authmode); + } - return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) ); + return mbedtls_ssl_set_hs_own_cert(ssl, cur->cert, cur->key); } cur = cur->next; } - return( -1 ); + return -1; } #endif /* SNI_OPTION */ @@ -822,8 +832,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, typedef struct _psk_entry psk_entry; -struct _psk_entry -{ +struct _psk_entry { const char *name; size_t key_len; unsigned char key[MBEDTLS_PSK_MAX_LEN]; @@ -836,30 +845,29 @@ struct _psk_entry /* * Free a list of psk_entry's */ -int psk_free( psk_entry *head ) +int psk_free(psk_entry *head) { psk_entry *next; - while( head != NULL ) - { + while (head != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status; psa_key_id_t const slot = head->slot; - if( slot != 0 ) - { - status = psa_destroy_key( slot ); - if( status != PSA_SUCCESS ) - return( status ); + if (slot != 0) { + status = psa_destroy_key(slot); + if (status != PSA_SUCCESS) { + return status; + } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ next = head->next; - mbedtls_free( head ); + mbedtls_free(head); head = next; } - return( 0 ); + return 0; } /* @@ -868,68 +876,68 @@ int psk_free( psk_entry *head ) * * Modifies the input string! This is not production quality! */ -psk_entry *psk_parse( char *psk_string ) +psk_entry *psk_parse(char *psk_string) { psk_entry *cur = NULL, *new = NULL; char *p = psk_string; char *end = p; char *key_hex; - while( *end != '\0' ) + while (*end != '\0') { ++end; + } *end = ','; - while( p <= end ) - { - if( ( new = mbedtls_calloc( 1, sizeof( psk_entry ) ) ) == NULL ) + while (p <= end) { + if ((new = mbedtls_calloc(1, sizeof(psk_entry))) == NULL) { goto error; + } - memset( new, 0, sizeof( psk_entry ) ); + memset(new, 0, sizeof(psk_entry)); - GET_ITEM( new->name ); - GET_ITEM( key_hex ); + GET_ITEM(new->name); + GET_ITEM(key_hex); - if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN, - key_hex, &new->key_len ) != 0 ) + if (mbedtls_test_unhexify(new->key, MBEDTLS_PSK_MAX_LEN, + key_hex, &new->key_len) != 0) { goto error; + } new->next = cur; cur = new; } - return( cur ); + return cur; error: - psk_free( new ); - psk_free( cur ); - return( 0 ); + psk_free(new); + psk_free(cur); + return 0; } /* * PSK callback */ -int psk_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) +int psk_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) { psk_entry *cur = (psk_entry *) p_info; - while( cur != NULL ) - { - if( name_len == strlen( cur->name ) && - memcmp( name, cur->name, name_len ) == 0 ) - { + while (cur != NULL) { + if (name_len == strlen(cur->name) && + memcmp(name, cur->name, name_len) == 0) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( cur->slot != 0 ) - return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) ); - else + if (cur->slot != 0) { + return mbedtls_ssl_set_hs_psk_opaque(ssl, cur->slot); + } else #endif - return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) ); + return mbedtls_ssl_set_hs_psk(ssl, cur->key, cur->key_len); } cur = cur->next; } - return( -1 ); + return -1; } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -938,12 +946,12 @@ static mbedtls_net_context listen_fd, client_fd; /* Interruption handler to ensure clean exit (for valgrind testing) */ #if !defined(_WIN32) static int received_sigterm = 0; -void term_handler( int sig ) +void term_handler(int sig) { ((void) sig); received_sigterm = 1; - mbedtls_net_free( &listen_fd ); /* causes mbedtls_net_accept() to abort */ - mbedtls_net_free( &client_fd ); /* causes net_read() to abort */ + mbedtls_net_free(&listen_fd); /* causes mbedtls_net_accept() to abort */ + mbedtls_net_free(&client_fd); /* causes net_read() to abort */ } #endif @@ -957,16 +965,15 @@ void term_handler( int sig ) * - A write, when the SSL output buffer contains some data that has not * been sent over the network yet. * - An asynchronous callback that has not completed yet. */ -static int mbedtls_status_is_ssl_in_progress( int ret ) +static int mbedtls_status_is_ssl_in_progress(int ret) { - return( ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE || - ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + return ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE || + ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) -typedef struct -{ +typedef struct { mbedtls_x509_crt *cert; /*!< Certificate corresponding to the key */ mbedtls_pk_context *pk; /*!< Private key */ unsigned delay; /*!< Number of resume steps to go through */ @@ -981,8 +988,7 @@ typedef enum { #define SSL_ASYNC_INJECT_ERROR_MAX SSL_ASYNC_INJECT_ERROR_RESUME } ssl_async_inject_error_t; -typedef struct -{ +typedef struct { ssl_async_key_slot_t slots[4]; /* key, key2, sni1, sni2 */ size_t slots_used; ssl_async_inject_error_t inject_error; @@ -990,40 +996,31 @@ typedef struct void *p_rng; } ssl_async_key_context_t; -int ssl_async_set_key( ssl_async_key_context_t *ctx, - mbedtls_x509_crt *cert, - mbedtls_pk_context *pk, - int pk_take_ownership, - unsigned delay ) +int ssl_async_set_key(ssl_async_key_context_t *ctx, + mbedtls_x509_crt *cert, + mbedtls_pk_context *pk, + int pk_take_ownership, + unsigned delay) { - if( ctx->slots_used >= sizeof( ctx->slots ) / sizeof( *ctx->slots ) ) - return( -1 ); + if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) { + return -1; + } ctx->slots[ctx->slots_used].cert = cert; ctx->slots[ctx->slots_used].pk = pk; ctx->slots[ctx->slots_used].delay = delay; ctx->slots[ctx->slots_used].pk_owned = pk_take_ownership; ++ctx->slots_used; - return( 0 ); + return 0; } #define SSL_ASYNC_INPUT_MAX_SIZE 512 -typedef enum -{ +typedef enum { ASYNC_OP_SIGN, ASYNC_OP_DECRYPT, } ssl_async_operation_type_t; -/* Note that the enum above and the array below need to be kept in sync! - * `ssl_async_operation_names[op]` is the name of op for each value `op` - * of type `ssl_async_operation_type_t`. */ -static const char *const ssl_async_operation_names[] = -{ - "sign", - "decrypt", -}; -typedef struct -{ +typedef struct { unsigned slot; ssl_async_operation_type_t operation_type; mbedtls_md_type_t md_alg; @@ -1032,241 +1029,250 @@ typedef struct unsigned remaining_delay; } ssl_async_operation_context_t; -static int ssl_async_start( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - ssl_async_operation_type_t op_type, - mbedtls_md_type_t md_alg, - const unsigned char *input, - size_t input_len ) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + +/* Note that ssl_async_operation_type_t and the array below need to be kept in sync! + * `ssl_async_operation_names[op]` is the name of op for each value `op` + * of type `ssl_async_operation_type_t`. */ +static const char *const ssl_async_operation_names[] = +{ + "sign", + "decrypt", +}; + +static int ssl_async_start(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + ssl_async_operation_type_t op_type, + mbedtls_md_type_t md_alg, + const unsigned char *input, + size_t input_len) { ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + mbedtls_ssl_conf_get_async_config_data(ssl->conf); unsigned slot; ssl_async_operation_context_t *ctx = NULL; const char *op_name = ssl_async_operation_names[op_type]; { char dn[100]; - if( mbedtls_x509_dn_gets( dn, sizeof( dn ), &cert->subject ) > 0 ) - mbedtls_printf( "Async %s callback: looking for DN=%s\n", - op_name, dn ); + if (mbedtls_x509_dn_gets(dn, sizeof(dn), &cert->subject) > 0) { + mbedtls_printf("Async %s callback: looking for DN=%s\n", + op_name, dn); + } } /* Look for a private key that matches the public key in cert. * Since this test code has the private key inside Mbed TLS, * we call mbedtls_pk_check_pair to match a private key with the * public key. */ - for( slot = 0; slot < config_data->slots_used; slot++ ) - { - if( mbedtls_pk_check_pair( &cert->pk, - config_data->slots[slot].pk ) == 0 ) + for (slot = 0; slot < config_data->slots_used; slot++) { + if (mbedtls_pk_check_pair(&cert->pk, + config_data->slots[slot].pk) == 0) { break; + } } - if( slot == config_data->slots_used ) - { - mbedtls_printf( "Async %s callback: no key matches this certificate.\n", - op_name ); - return( MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH ); + if (slot == config_data->slots_used) { + mbedtls_printf("Async %s callback: no key matches this certificate.\n", + op_name); + return MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH; } - mbedtls_printf( "Async %s callback: using key slot %u, delay=%u.\n", - op_name, slot, config_data->slots[slot].delay ); + mbedtls_printf("Async %s callback: using key slot %u, delay=%u.\n", + op_name, slot, config_data->slots[slot].delay); - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START ) - { - mbedtls_printf( "Async %s callback: injected error\n", op_name ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_START) { + mbedtls_printf("Async %s callback: injected error\n", op_name); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - if( input_len > SSL_ASYNC_INPUT_MAX_SIZE ) - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + if (input_len > SSL_ASYNC_INPUT_MAX_SIZE) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } - ctx = mbedtls_calloc( 1, sizeof( *ctx ) ); - if( ctx == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ctx = mbedtls_calloc(1, sizeof(*ctx)); + if (ctx == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } ctx->slot = slot; ctx->operation_type = op_type; ctx->md_alg = md_alg; - memcpy( ctx->input, input, input_len ); + memcpy(ctx->input, input, input_len); ctx->input_len = input_len; ctx->remaining_delay = config_data->slots[slot].delay; - mbedtls_ssl_set_async_operation_data( ssl, ctx ); + mbedtls_ssl_set_async_operation_data(ssl, ctx); - if( ctx->remaining_delay == 0 ) - return( 0 ); - else - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + if (ctx->remaining_delay == 0) { + return 0; + } else { + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; + } } -static int ssl_async_sign( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - mbedtls_md_type_t md_alg, - const unsigned char *hash, - size_t hash_len ) +static int ssl_async_sign(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + mbedtls_md_type_t md_alg, + const unsigned char *hash, + size_t hash_len) { - return( ssl_async_start( ssl, cert, - ASYNC_OP_SIGN, md_alg, - hash, hash_len ) ); + return ssl_async_start(ssl, cert, + ASYNC_OP_SIGN, md_alg, + hash, hash_len); } -static int ssl_async_decrypt( mbedtls_ssl_context *ssl, - mbedtls_x509_crt *cert, - const unsigned char *input, - size_t input_len ) +static int ssl_async_decrypt(mbedtls_ssl_context *ssl, + mbedtls_x509_crt *cert, + const unsigned char *input, + size_t input_len) { - return( ssl_async_start( ssl, cert, - ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, - input, input_len ) ); + return ssl_async_start(ssl, cert, + ASYNC_OP_DECRYPT, MBEDTLS_MD_NONE, + input, input_len); } -static int ssl_async_resume( mbedtls_ssl_context *ssl, - unsigned char *output, - size_t *output_len, - size_t output_size ) +static int ssl_async_resume(mbedtls_ssl_context *ssl, + unsigned char *output, + size_t *output_len, + size_t output_size) { - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl); ssl_async_key_context_t *config_data = - mbedtls_ssl_conf_get_async_config_data( ssl->conf ); + mbedtls_ssl_conf_get_async_config_data(ssl->conf); ssl_async_key_slot_t *key_slot = &config_data->slots[ctx->slot]; int ret; const char *op_name; - if( ctx->remaining_delay > 0 ) - { + if (ctx->remaining_delay > 0) { --ctx->remaining_delay; - mbedtls_printf( "Async resume (slot %u): call %u more times.\n", - ctx->slot, ctx->remaining_delay ); - return( MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ); + mbedtls_printf("Async resume (slot %u): call %u more times.\n", + ctx->slot, ctx->remaining_delay); + return MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS; } - switch( ctx->operation_type ) - { + switch (ctx->operation_type) { case ASYNC_OP_DECRYPT: - ret = mbedtls_pk_decrypt( key_slot->pk, - ctx->input, ctx->input_len, - output, output_len, output_size, - config_data->f_rng, config_data->p_rng ); + ret = mbedtls_pk_decrypt(key_slot->pk, + ctx->input, ctx->input_len, + output, output_len, output_size, + config_data->f_rng, config_data->p_rng); break; case ASYNC_OP_SIGN: - ret = mbedtls_pk_sign( key_slot->pk, - ctx->md_alg, - ctx->input, ctx->input_len, - output, output_len, - config_data->f_rng, config_data->p_rng ); + ret = mbedtls_pk_sign(key_slot->pk, + ctx->md_alg, + ctx->input, ctx->input_len, + output, output_len, + config_data->f_rng, config_data->p_rng); break; default: - mbedtls_printf( "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", - ctx->slot, (long) ctx->operation_type ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + mbedtls_printf( + "Async resume (slot %u): unknown operation type %ld. This shouldn't happen.\n", + ctx->slot, + (long) ctx->operation_type); + mbedtls_free(ctx); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; break; } op_name = ssl_async_operation_names[ctx->operation_type]; - if( config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME ) - { - mbedtls_printf( "Async resume callback: %s done but injected error\n", - op_name ); - mbedtls_free( ctx ); - return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE ); + if (config_data->inject_error == SSL_ASYNC_INJECT_ERROR_RESUME) { + mbedtls_printf("Async resume callback: %s done but injected error\n", + op_name); + mbedtls_free(ctx); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - mbedtls_printf( "Async resume (slot %u): %s done, status=%d.\n", - ctx->slot, op_name, ret ); - mbedtls_free( ctx ); - return( ret ); + mbedtls_printf("Async resume (slot %u): %s done, status=%d.\n", + ctx->slot, op_name, ret); + mbedtls_free(ctx); + return ret; } -static void ssl_async_cancel( mbedtls_ssl_context *ssl ) +static void ssl_async_cancel(mbedtls_ssl_context *ssl) { - ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data( ssl ); - mbedtls_printf( "Async cancel callback.\n" ); - mbedtls_free( ctx ); + ssl_async_operation_context_t *ctx = mbedtls_ssl_get_async_operation_data(ssl); + mbedtls_printf("Async cancel callback.\n"); + mbedtls_free(ctx); } +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -static psa_status_t psa_setup_psk_key_slot( psa_key_id_t *slot, - psa_algorithm_t alg, - unsigned char *psk, - size_t psk_len ) +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) +static psa_status_t psa_setup_psk_key_slot(psa_key_id_t *slot, + psa_algorithm_t alg, + unsigned char *psk, + size_t psk_len) { psa_status_t status; psa_key_attributes_t key_attributes; key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags( &key_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &key_attributes, alg ); - psa_set_key_type( &key_attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key( &key_attributes, psk, psk_len, slot ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "IMPORT\n" ); - return( status ); + status = psa_import_key(&key_attributes, psk, psk_len, slot); + if (status != PSA_SUCCESS) { + fprintf(stderr, "IMPORT\n"); + return status; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) -int report_cid_usage( mbedtls_ssl_context *ssl, - const char *additional_description ) +int report_cid_usage(mbedtls_ssl_context *ssl, + const char *additional_description) { int ret; - unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX]; size_t peer_cid_len; int cid_negotiated; - if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - return( 0 ); - - /* Check if the use of a CID has been negotiated */ - ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated, - peer_cid, &peer_cid_len ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", - (unsigned int) -ret ); - return( ret ); + if (opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + return 0; } - if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) - { - if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) - { - mbedtls_printf( "(%s) Use of Connection ID was not offered by client.\n", - additional_description ); - } - } - else - { - size_t idx=0; - mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n", - additional_description ); - mbedtls_printf( "(%s) Peer CID (length %u Bytes): ", - additional_description, - (unsigned) peer_cid_len ); - while( idx < peer_cid_len ) - { - mbedtls_printf( "%02x ", peer_cid[ idx ] ); + /* Check if the use of a CID has been negotiated */ + ret = mbedtls_ssl_get_peer_cid(ssl, &cid_negotiated, + peer_cid, &peer_cid_len); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + (unsigned int) -ret); + return ret; + } + + if (cid_negotiated == MBEDTLS_SSL_CID_DISABLED) { + if (opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED) { + mbedtls_printf("(%s) Use of Connection ID was not offered by client.\n", + additional_description); + } + } else { + size_t idx = 0; + mbedtls_printf("(%s) Use of Connection ID has been negotiated.\n", + additional_description); + mbedtls_printf("(%s) Peer CID (length %u Bytes): ", + additional_description, + (unsigned) peer_cid_len); + while (idx < peer_cid_len) { + mbedtls_printf("%02x ", peer_cid[idx]); idx++; } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 0, len, written, frags, exchanges_left; int query_config_ret = 0; int version_suites[4][2]; io_ctx_t io_ctx; - unsigned char* buf = 0; + unsigned char *buf = 0; #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t alg = 0; @@ -1282,10 +1288,6 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_COOKIE_C) mbedtls_ssl_cookie_ctx cookie_ctx; #endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; -#endif rng_context_t rng; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; @@ -1295,25 +1297,30 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_RENEGOTIATION) unsigned char renego_period[8] = { 0 }; #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) uint32_t flags; mbedtls_x509_crt cacert; mbedtls_x509_crt srvcert; mbedtls_pk_context pkey; mbedtls_x509_crt srvcert2; mbedtls_pk_context pkey2; + mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_id_t key_slot = 0; /* invalid key slot */ + psa_key_id_t key_slot2 = 0; /* invalid key slot */ +#endif int key_cert_init = 0, key_cert_init2 = 0; +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) ssl_async_key_context_t ssl_async_keys; #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) mbedtls_dhm_context dhm; #endif #if defined(MBEDTLS_SSL_CACHE_C) mbedtls_ssl_cache_context cache; #endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) mbedtls_ssl_ticket_context ticket_ctx; #endif #if defined(SNI_OPTION) @@ -1321,7 +1328,7 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_ECP_C) mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info * curve_cur; + const mbedtls_ecp_curve_info *curve_cur; #endif #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; @@ -1349,107 +1356,106 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) unsigned char eap_tls_keymaterial[16]; unsigned char eap_tls_iv[8]; - const char* eap_tls_label = "client EAP encryption"; + const char *eap_tls_label = "client EAP encryption"; eap_tls_keys eap_tls_keying; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /*! master keys and master salt for SRTP generated during handshake */ - unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; - const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp"; - dtls_srtp_keys dtls_srtp_keying; - const mbedtls_ssl_srtp_profile default_profiles[] = { - MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, - MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, - MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, - MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32, - MBEDTLS_TLS_SRTP_UNSET - }; + unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH]; + const char *dtls_srtp_label = "EXTRACTOR-dtls_srtp"; + dtls_srtp_keys dtls_srtp_keying; + const mbedtls_ssl_srtp_profile default_profiles[] = { + MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, + MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, + MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, + MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32, + MBEDTLS_TLS_SRTP_UNSET + }; #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #if defined(MBEDTLS_MEMORY_DEBUG) size_t current_heap_memory, peak_heap_memory, heap_blocks; #endif /* MBEDTLS_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ #if defined(MBEDTLS_TEST_HOOKS) - test_hooks_init( ); + test_hooks_init(); #endif /* MBEDTLS_TEST_HOOKS */ /* * Make sure memory references are valid in case we exit early. */ - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &listen_fd ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - rng_init( &rng ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_init( &cacert ); - mbedtls_x509_crt_init( &srvcert ); - mbedtls_pk_init( &pkey ); - mbedtls_x509_crt_init( &srvcert2 ); - mbedtls_pk_init( &pkey2 ); -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - memset( &ssl_async_keys, 0, sizeof( ssl_async_keys ) ); + mbedtls_net_init(&client_fd); + mbedtls_net_init(&listen_fd); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + rng_init(&rng); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + mbedtls_x509_crt_init(&cacert); + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); + mbedtls_x509_crt_init(&srvcert2); + mbedtls_pk_init(&pkey2); #endif +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + memset(&ssl_async_keys, 0, sizeof(ssl_async_keys)); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_init( &dhm ); + mbedtls_dhm_init(&dhm); #endif #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init( &cache ); + mbedtls_ssl_cache_init(&cache); #endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_init( &ticket_ctx ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + mbedtls_ssl_ticket_init(&ticket_ctx); #endif #if defined(MBEDTLS_SSL_ALPN) - memset( (void *) alpn_list, 0, sizeof( alpn_list ) ); + memset((void *) alpn_list, 0, sizeof(alpn_list)); #endif #if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_init( &cookie_ctx ); + mbedtls_ssl_cookie_init(&cookie_ctx); #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) status = psa_crypto_init(); - if( status != PSA_SUCCESS ) - { - mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n", - (int) status ); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #if !defined(_WIN32) /* Abort cleanly on SIGTERM and SIGINT */ - signal( SIGTERM, term_handler ); - signal( SIGINT, term_handler ); + signal(SIGTERM, term_handler); + signal(SIGINT, term_handler); #endif - if( argc == 0 ) - { - usage: - if( ret == 0 ) + if (argc < 2) { +usage: + if (ret == 0) { ret = 1; + } - mbedtls_printf( USAGE1 ); - mbedtls_printf( USAGE2 ); - mbedtls_printf( USAGE3 ); - mbedtls_printf( USAGE4 ); + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); list = mbedtls_ssl_list_ciphersuites(); - while( *list ) - { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name( *list ) ); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); list++; - if( !*list ) + if (!*list) { break; - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name( *list ) ); + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); list++; } mbedtls_printf("\n"); @@ -1472,6 +1478,7 @@ int main( int argc, char *argv[] ) opt.ca_path = DFL_CA_PATH; opt.crt_file = DFL_CRT_FILE; opt.key_file = DFL_KEY_FILE; + opt.key_opaque = DFL_KEY_OPAQUE; opt.key_pwd = DFL_KEY_PWD; opt.crt_file2 = DFL_CRT_FILE2; opt.key_file2 = DFL_KEY_FILE2; @@ -1491,7 +1498,7 @@ int main( int argc, char *argv[] ) opt.psk_identity = DFL_PSK_IDENTITY; opt.psk_list = DFL_PSK_LIST; opt.ecjpake_pw = DFL_ECJPAKE_PW; - opt.force_ciphersuite[0]= DFL_FORCE_CIPHER; + opt.force_ciphersuite[0] = DFL_FORCE_CIPHER; opt.version_suites = DFL_VERSION_SUITES; opt.renegotiation = DFL_RENEGOTIATION; opt.allow_legacy = DFL_ALLOW_LEGACY; @@ -1510,7 +1517,9 @@ int main( int argc, char *argv[] ) opt.tickets = DFL_TICKETS; opt.ticket_timeout = DFL_TICKET_TIMEOUT; opt.cache_max = DFL_CACHE_MAX; +#if defined(MBEDTLS_HAVE_TIME) opt.cache_timeout = DFL_CACHE_TIMEOUT; +#endif opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; @@ -1536,92 +1545,99 @@ int main( int argc, char *argv[] ) opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE; opt.support_mki = DFL_SRTP_SUPPORT_MKI; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "server_port" ) == 0 ) + if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "server_addr" ) == 0 ) + } else if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "dtls" ) == 0 ) - { - int t = atoi( q ); - if( t == 0 ) + } else if (strcmp(p, "dtls") == 0) { + int t = atoi(q); + if (t == 0) { opt.transport = MBEDTLS_SSL_TRANSPORT_STREAM; - else if( t == 1 ) + } else if (t == 1) { opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - else + } else { goto usage; - } - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "nbio" ) == 0 ) - { - opt.nbio = atoi( q ); - if( opt.nbio < 0 || opt.nbio > 2 ) + } + } else if (strcmp(p, "build_version") == 0) { + if (strcmp(q, "1") == 0) { + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, + MBEDTLS_VERSION_NUMBER); + goto exit; + } + } else if (strcmp(p, "nbio") == 0) { + opt.nbio = atoi(q); + if (opt.nbio < 0 || opt.nbio > 2) { goto usage; - } - else if( strcmp( p, "event" ) == 0 ) - { - opt.event = atoi( q ); - if( opt.event < 0 || opt.event > 2 ) + } + } else if (strcmp(p, "event") == 0) { + opt.event = atoi(q); + if (opt.event < 0 || opt.event > 2) { goto usage; - } - else if( strcmp( p, "read_timeout" ) == 0 ) - opt.read_timeout = atoi( q ); - else if( strcmp( p, "buffer_size" ) == 0 ) - { - opt.buffer_size = atoi( q ); - if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 ) + } + } else if (strcmp(p, "read_timeout") == 0) { + opt.read_timeout = atoi(q); + } else if (strcmp(p, "buffer_size") == 0) { + opt.buffer_size = atoi(q); + if (opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1) { goto usage; - } - else if( strcmp( p, "response_size" ) == 0 ) - { - opt.response_size = atoi( q ); - if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) + } + } else if (strcmp(p, "response_size") == 0) { + opt.response_size = atoi(q); + if (opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN) { goto usage; - if( opt.buffer_size < opt.response_size ) + } + if (opt.buffer_size < opt.response_size) { opt.buffer_size = opt.response_size; - } - else if( strcmp( p, "ca_file" ) == 0 ) + } + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "crt_file" ) == 0 ) + } else if (strcmp(p, "crt_file") == 0) { opt.crt_file = q; - else if( strcmp( p, "key_file" ) == 0 ) + } else if (strcmp(p, "key_file") == 0) { opt.key_file = q; - else if( strcmp( p, "key_pwd" ) == 0 ) + } else if (strcmp(p, "key_pwd") == 0) { opt.key_pwd = q; - else if( strcmp( p, "crt_file2" ) == 0 ) + } +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + else if (strcmp(p, "key_opaque") == 0) { + opt.key_opaque = atoi(q); + } +#endif + else if (strcmp(p, "crt_file2") == 0) { opt.crt_file2 = q; - else if( strcmp( p, "key_file2" ) == 0 ) + } else if (strcmp(p, "key_file2") == 0) { opt.key_file2 = q; - else if( strcmp( p, "key_pwd2" ) == 0 ) + } else if (strcmp(p, "key_pwd2") == 0) { opt.key_pwd2 = q; - else if( strcmp( p, "dhm_file" ) == 0 ) + } else if (strcmp(p, "dhm_file") == 0) { opt.dhm_file = q; + } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - else if( strcmp( p, "async_operations" ) == 0 ) + else if (strcmp(p, "async_operations") == 0) { opt.async_operations = q; - else if( strcmp( p, "async_private_delay1" ) == 0 ) - opt.async_private_delay1 = atoi( q ); - else if( strcmp( p, "async_private_delay2" ) == 0 ) - opt.async_private_delay2 = atoi( q ); - else if( strcmp( p, "async_private_error" ) == 0 ) - { - int n = atoi( q ); - if( n < -SSL_ASYNC_INJECT_ERROR_MAX || - n > SSL_ASYNC_INJECT_ERROR_MAX ) - { + } else if (strcmp(p, "async_private_delay1") == 0) { + opt.async_private_delay1 = atoi(q); + } else if (strcmp(p, "async_private_delay2") == 0) { + opt.async_private_delay2 = atoi(q); + } else if (strcmp(p, "async_private_error") == 0) { + int n = atoi(q); + if (n < -SSL_ASYNC_INJECT_ERROR_MAX || + n > SSL_ASYNC_INJECT_ERROR_MAX) { ret = 2; goto usage; } @@ -1629,70 +1645,61 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "cid" ) == 0 ) - { - opt.cid_enabled = atoi( q ); - if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + else if (strcmp(p, "cid") == 0) { + opt.cid_enabled = atoi(q); + if (opt.cid_enabled != 0 && opt.cid_enabled != 1) { goto usage; - } - else if( strcmp( p, "cid_renego" ) == 0 ) - { - opt.cid_enabled_renego = atoi( q ); - if( opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1 ) + } + } else if (strcmp(p, "cid_renego") == 0) { + opt.cid_enabled_renego = atoi(q); + if (opt.cid_enabled_renego != 0 && opt.cid_enabled_renego != 1) { goto usage; - } - else if( strcmp( p, "cid_val" ) == 0 ) - { + } + } else if (strcmp(p, "cid_val") == 0) { opt.cid_val = q; - } - else if( strcmp( p, "cid_val_renego" ) == 0 ) - { + } else if (strcmp(p, "cid_val_renego") == 0) { opt.cid_val_renego = q; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "psk" ) == 0 ) + else if (strcmp(p, "psk") == 0) { opt.psk = q; + } #if defined(MBEDTLS_USE_PSA_CRYPTO) - else if( strcmp( p, "psk_opaque" ) == 0 ) - opt.psk_opaque = atoi( q ); - else if( strcmp( p, "psk_list_opaque" ) == 0 ) - opt.psk_list_opaque = atoi( q ); + else if (strcmp(p, "psk_opaque") == 0) { + opt.psk_opaque = atoi(q); + } else if (strcmp(p, "psk_list_opaque") == 0) { + opt.psk_list_opaque = atoi(q); + } #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - else if( strcmp( p, "ca_callback" ) == 0) - opt.ca_callback = atoi( q ); + else if (strcmp(p, "ca_callback") == 0) { + opt.ca_callback = atoi(q); + } #endif - else if( strcmp( p, "psk_identity" ) == 0 ) + else if (strcmp(p, "psk_identity") == 0) { opt.psk_identity = q; - else if( strcmp( p, "psk_list" ) == 0 ) + } else if (strcmp(p, "psk_list") == 0) { opt.psk_list = q; - else if( strcmp( p, "ecjpake_pw" ) == 0 ) + } else if (strcmp(p, "ecjpake_pw") == 0) { opt.ecjpake_pw = q; - else if( strcmp( p, "force_ciphersuite" ) == 0 ) - { - opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( q ); + } else if (strcmp(p, "force_ciphersuite") == 0) { + opt.force_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(q); - if( opt.force_ciphersuite[0] == 0 ) - { + if (opt.force_ciphersuite[0] == 0) { ret = 2; goto usage; } opt.force_ciphersuite[1] = 0; - } - else if( strcmp( p, "curves" ) == 0 ) + } else if (strcmp(p, "curves") == 0) { opt.curves = q; - else if( strcmp( p, "version_suites" ) == 0 ) + } else if (strcmp(p, "version_suites") == 0) { opt.version_suites = q; - else if( strcmp( p, "renegotiation" ) == 0 ) - { - opt.renegotiation = (atoi( q )) ? - MBEDTLS_SSL_RENEGOTIATION_ENABLED : - MBEDTLS_SSL_RENEGOTIATION_DISABLED; - } - else if( strcmp( p, "allow_legacy" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "renegotiation") == 0) { + opt.renegotiation = (atoi(q)) ? + MBEDTLS_SSL_RENEGOTIATION_ENABLED : + MBEDTLS_SSL_RENEGOTIATION_DISABLED; + } else if (strcmp(p, "allow_legacy") == 0) { + switch (atoi(q)) { case -1: opt.allow_legacy = MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE; break; @@ -1704,160 +1711,124 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "renegotiate" ) == 0 ) - { - opt.renegotiate = atoi( q ); - if( opt.renegotiate < 0 || opt.renegotiate > 1 ) + } else if (strcmp(p, "renegotiate") == 0) { + opt.renegotiate = atoi(q); + if (opt.renegotiate < 0 || opt.renegotiate > 1) { goto usage; - } - else if( strcmp( p, "renego_delay" ) == 0 ) - { - opt.renego_delay = atoi( q ); - } - else if( strcmp( p, "renego_period" ) == 0 ) - { + } + } else if (strcmp(p, "renego_delay") == 0) { + opt.renego_delay = atoi(q); + } else if (strcmp(p, "renego_period") == 0) { #if defined(_MSC_VER) - opt.renego_period = _strtoui64( q, NULL, 10 ); + opt.renego_period = _strtoui64(q, NULL, 10); #else - if( sscanf( q, "%" SCNu64, &opt.renego_period ) != 1 ) + if (sscanf(q, "%" SCNu64, &opt.renego_period) != 1) { goto usage; + } #endif /* _MSC_VER */ - if( opt.renego_period < 2 ) + if (opt.renego_period < 2) { goto usage; - } - else if( strcmp( p, "exchanges" ) == 0 ) - { - opt.exchanges = atoi( q ); - if( opt.exchanges < 0 ) + } + } else if (strcmp(p, "exchanges") == 0) { + opt.exchanges = atoi(q); + if (opt.exchanges < 0) { goto usage; - } - else if( strcmp( p, "min_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "min_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "max_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) + } + } else if (strcmp(p, "max_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - else if( strcmp( q, "tls1" ) == 0 ) + } else if (strcmp(q, "tls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) + } else if (strcmp(q, "tls1_1") == 0 || + strcmp(q, "dtls1") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls12" ) == 0 || - strcmp( q, "dtls12" ) == 0 ) + } else if (strcmp(q, "tls12") == 0 || + strcmp(q, "dtls12") == 0) { opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - else + } else { goto usage; - } - else if( strcmp( p, "arc4" ) == 0 ) - { - switch( atoi( q ) ) - { + } + } else if (strcmp(p, "arc4") == 0) { + switch (atoi(q)) { case 0: opt.arc4 = MBEDTLS_SSL_ARC4_DISABLED; break; case 1: opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "allow_sha1" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "allow_sha1") == 0) { + switch (atoi(q)) { case 0: opt.allow_sha1 = 0; break; case 1: opt.allow_sha1 = 1; break; default: goto usage; } - } - else if( strcmp( p, "force_version" ) == 0 ) - { - if( strcmp( q, "ssl3" ) == 0 ) - { + } else if (strcmp(p, "force_version") == 0) { + if (strcmp(q, "ssl3") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_0; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_0; - } - else if( strcmp( q, "tls1" ) == 0 ) - { + } else if (strcmp(q, "tls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { + } else if (strcmp(q, "tls1_1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls12" ) == 0 ) - { + } else if (strcmp(q, "tls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; - } - else if( strcmp( q, "dtls1" ) == 0 ) - { + } else if (strcmp(q, "dtls1") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else if( strcmp( q, "dtls12" ) == 0 ) - { + } else if (strcmp(q, "dtls12") == 0) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } - else + } else { goto usage; - } - else if( strcmp( p, "auth_mode" ) == 0 ) - { - if( ( opt.auth_mode = get_auth_mode( q ) ) < 0 ) + } + } else if (strcmp(p, "auth_mode") == 0) { + if ((opt.auth_mode = get_auth_mode(q)) < 0) { goto usage; - } - else if( strcmp( p, "cert_req_ca_list" ) == 0 ) - { - opt.cert_req_ca_list = atoi( q ); - if( opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1 ) + } + } else if (strcmp(p, "cert_req_ca_list") == 0) { + opt.cert_req_ca_list = atoi(q); + if (opt.cert_req_ca_list < 0 || opt.cert_req_ca_list > 1) { goto usage; - } - else if( strcmp( p, "max_frag_len" ) == 0 ) - { - if( strcmp( q, "512" ) == 0 ) + } + } else if (strcmp(p, "max_frag_len") == 0) { + if (strcmp(q, "512") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_512; - else if( strcmp( q, "1024" ) == 0 ) + } else if (strcmp(q, "1024") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_1024; - else if( strcmp( q, "2048" ) == 0 ) + } else if (strcmp(q, "2048") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_2048; - else if( strcmp( q, "4096" ) == 0 ) + } else if (strcmp(q, "4096") == 0) { opt.mfl_code = MBEDTLS_SSL_MAX_FRAG_LEN_4096; - else + } else { goto usage; - } - else if( strcmp( p, "alpn" ) == 0 ) - { + } + } else if (strcmp(p, "alpn") == 0) { opt.alpn_string = q; - } - else if( strcmp( p, "trunc_hmac" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "trunc_hmac") == 0) { + switch (atoi(q)) { case 0: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_DISABLED; break; case 1: opt.trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "extended_ms" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "extended_ms") == 0) { + switch (atoi(q)) { case 0: opt.extended_ms = MBEDTLS_SSL_EXTENDED_MS_DISABLED; break; @@ -1866,243 +1837,215 @@ int main( int argc, char *argv[] ) break; default: goto usage; } - } - else if( strcmp( p, "etm" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "etm") == 0) { + switch (atoi(q)) { case 0: opt.etm = MBEDTLS_SSL_ETM_DISABLED; break; case 1: opt.etm = MBEDTLS_SSL_ETM_ENABLED; break; default: goto usage; } - } - else if( strcmp( p, "tickets" ) == 0 ) - { - opt.tickets = atoi( q ); - if( opt.tickets < 0 || opt.tickets > 1 ) + } else if (strcmp(p, "tickets") == 0) { + opt.tickets = atoi(q); + if (opt.tickets < 0 || opt.tickets > 1) { goto usage; - } - else if( strcmp( p, "ticket_timeout" ) == 0 ) - { - opt.ticket_timeout = atoi( q ); - if( opt.ticket_timeout < 0 ) + } + } else if (strcmp(p, "ticket_timeout") == 0) { + opt.ticket_timeout = atoi(q); + if (opt.ticket_timeout < 0) { goto usage; - } - else if( strcmp( p, "cache_max" ) == 0 ) - { - opt.cache_max = atoi( q ); - if( opt.cache_max < 0 ) + } + } else if (strcmp(p, "cache_max") == 0) { + opt.cache_max = atoi(q); + if (opt.cache_max < 0) { goto usage; + } } - else if( strcmp( p, "cache_timeout" ) == 0 ) - { - opt.cache_timeout = atoi( q ); - if( opt.cache_timeout < 0 ) +#if defined(MBEDTLS_HAVE_TIME) + else if (strcmp(p, "cache_timeout") == 0) { + opt.cache_timeout = atoi(q); + if (opt.cache_timeout < 0) { goto usage; + } } - else if( strcmp( p, "cookies" ) == 0 ) - { - opt.cookies = atoi( q ); - if( opt.cookies < -1 || opt.cookies > 1) +#endif + else if (strcmp(p, "cookies") == 0) { + opt.cookies = atoi(q); + if (opt.cookies < -1 || opt.cookies > 1) { goto usage; - } - else if( strcmp( p, "anti_replay" ) == 0 ) - { - opt.anti_replay = atoi( q ); - if( opt.anti_replay < 0 || opt.anti_replay > 1) + } + } else if (strcmp(p, "anti_replay") == 0) { + opt.anti_replay = atoi(q); + if (opt.anti_replay < 0 || opt.anti_replay > 1) { goto usage; - } - else if( strcmp( p, "badmac_limit" ) == 0 ) - { - opt.badmac_limit = atoi( q ); - if( opt.badmac_limit < 0 ) + } + } else if (strcmp(p, "badmac_limit") == 0) { + opt.badmac_limit = atoi(q); + if (opt.badmac_limit < 0) { goto usage; - } - else if( strcmp( p, "hs_timeout" ) == 0 ) - { - if( ( p = strchr( q, '-' ) ) == NULL ) + } + } else if (strcmp(p, "hs_timeout") == 0) { + if ((p = strchr(q, '-')) == NULL) { goto usage; + } *p++ = '\0'; - opt.hs_to_min = atoi( q ); - opt.hs_to_max = atoi( p ); - if( opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min ) + opt.hs_to_min = atoi(q); + opt.hs_to_max = atoi(p); + if (opt.hs_to_min == 0 || opt.hs_to_max < opt.hs_to_min) { goto usage; - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.dtls_mtu = atoi( q ); - if( opt.dtls_mtu < 0 ) + } + } else if (strcmp(p, "mtu") == 0) { + opt.dtls_mtu = atoi(q); + if (opt.dtls_mtu < 0) { goto usage; - } - else if( strcmp( p, "dgram_packing" ) == 0 ) - { - opt.dgram_packing = atoi( q ); - if( opt.dgram_packing != 0 && - opt.dgram_packing != 1 ) - { + } + } else if (strcmp(p, "dgram_packing") == 0) { + opt.dgram_packing = atoi(q); + if (opt.dgram_packing != 0 && + opt.dgram_packing != 1) { goto usage; } - } - else if( strcmp( p, "sni" ) == 0 ) - { + } else if (strcmp(p, "sni") == 0) { opt.sni = q; - } - else if( strcmp( p, "query_config" ) == 0 ) - { + } else if (strcmp(p, "query_config") == 0) { opt.query_config_mode = 1; - query_config_ret = query_config( q ); + query_config_ret = query_config(q); goto exit; - } - else if( strcmp( p, "serialize") == 0 ) - { - opt.serialize = atoi( q ); - if( opt.serialize < 0 || opt.serialize > 2) + } else if (strcmp(p, "serialize") == 0) { + opt.serialize = atoi(q); + if (opt.serialize < 0 || opt.serialize > 2) { goto usage; - } - else if( strcmp( p, "context_file") == 0 ) - { + } + } else if (strcmp(p, "context_file") == 0) { opt.context_file = q; - } - else if( strcmp( p, "eap_tls" ) == 0 ) - { - opt.eap_tls = atoi( q ); - if( opt.eap_tls < 0 || opt.eap_tls > 1 ) + } else if (strcmp(p, "eap_tls") == 0) { + opt.eap_tls = atoi(q); + if (opt.eap_tls < 0 || opt.eap_tls > 1) { goto usage; - } - else if( strcmp( p, "reproducible" ) == 0 ) - { + } + } else if (strcmp(p, "reproducible") == 0) { opt.reproducible = 1; - } - else if( strcmp( p, "nss_keylog" ) == 0 ) - { - opt.nss_keylog = atoi( q ); - if( opt.nss_keylog < 0 || opt.nss_keylog > 1 ) + } else if (strcmp(p, "nss_keylog") == 0) { + opt.nss_keylog = atoi(q); + if (opt.nss_keylog < 0 || opt.nss_keylog > 1) { goto usage; - } - else if( strcmp( p, "nss_keylog_file" ) == 0 ) - { + } + } else if (strcmp(p, "nss_keylog_file") == 0) { opt.nss_keylog_file = q; - } - else if( strcmp( p, "use_srtp" ) == 0 ) - { - opt.use_srtp = atoi ( q ); - } - else if( strcmp( p, "srtp_force_profile" ) == 0 ) - { - opt.force_srtp_profile = atoi( q ); - } - else if( strcmp( p, "support_mki" ) == 0 ) - { - opt.support_mki = atoi( q ); - } - else + } else if (strcmp(p, "use_srtp") == 0) { + opt.use_srtp = atoi(q); + } else if (strcmp(p, "srtp_force_profile") == 0) { + opt.force_srtp_profile = atoi(q); + } else if (strcmp(p, "support_mki") == 0) { + opt.support_mki = atoi(q); + } else { goto usage; + } } - if( opt.nss_keylog != 0 && opt.eap_tls != 0 ) - { - mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" ); + if (opt.nss_keylog != 0 && opt.eap_tls != 0) { + mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); goto usage; } /* Event-driven IO is incompatible with the above custom * receive and send functions, as the polling builds on * refers to the underlying net_context. */ - if( opt.event == 1 && opt.nbio != 1 ) - { - mbedtls_printf( "Warning: event-driven IO mandates nbio=1 - overwrite\n" ); + if (opt.event == 1 && opt.nbio != 1) { + mbedtls_printf("Warning: event-driven IO mandates nbio=1 - overwrite\n"); opt.nbio = 1; } #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif - buf = mbedtls_calloc( 1, opt.buffer_size + 1 ); - if( buf == NULL ) - { - mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size ); + + /* buf will alternatively contain the input read from the client and the + * response that's about to be sent, plus a null byte in each case. */ + size_t buf_content_size = opt.buffer_size; + /* The default response contains the ciphersuite name. Leave enough + * room for that plus some margin. */ + if (buf_content_size < strlen(HTTP_RESPONSE) + 80) { + buf_content_size = strlen(HTTP_RESPONSE) + 80; + } + if (opt.response_size != DFL_RESPONSE_SIZE && + buf_content_size < (size_t) opt.response_size) { + buf_content_size = opt.response_size; + } + buf = mbedtls_calloc(1, buf_content_size + 1); + if (buf == NULL) { + mbedtls_printf("Could not allocate %lu bytes\n", + (unsigned long) buf_content_size + 1); ret = 3; goto exit; } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { - if( strlen( opt.psk ) == 0 ) - { - mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" ); + if (opt.psk_opaque != 0) { + if (strlen(opt.psk) == 0) { + mbedtls_printf("psk_opaque set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } - if( opt.psk_list_opaque != 0 ) - { - if( opt.psk_list == NULL ) - { - mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" ); + if (opt.psk_list_opaque != 0) { + if (opt.psk_list == NULL) { + mbedtls_printf("psk_slot set but no psk to be imported specified.\n"); ret = 2; goto usage; } - if( opt.force_ciphersuite[0] <= 0 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); + if (opt.force_ciphersuite[0] <= 0) { + mbedtls_printf( + "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n"); ret = 2; goto usage; } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( opt.force_ciphersuite[0] > 0 ) - { + if (opt.force_ciphersuite[0] > 0) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info; ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); + mbedtls_ssl_ciphersuite_from_id(opt.force_ciphersuite[0]); - if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.max_version != -1 && + ciphersuite_info->min_minor_ver > opt.max_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } - if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) - { - mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); + if (opt.min_version != -1 && + ciphersuite_info->max_minor_ver < opt.min_version) { + mbedtls_printf("forced ciphersuite not allowed with this protocol version\n"); ret = 2; goto usage; } /* If we select a version that's not supported by * this suite, then there will be no common ciphersuite... */ - if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) - { + if (opt.max_version == -1 || + opt.max_version > ciphersuite_info->max_minor_ver) { opt.max_version = ciphersuite_info->max_minor_ver; } - if( opt.min_version < ciphersuite_info->min_minor_ver ) - { + if (opt.min_version < ciphersuite_info->min_minor_ver) { opt.min_version = ciphersuite_info->min_minor_ver; /* DTLS starts with TLS 1.1 */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + } } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) - { - if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) - { + if (ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128) { + if (opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED) { mbedtls_printf("forced RC4 ciphersuite with RC4 disabled\n"); ret = 2; goto usage; @@ -2112,65 +2055,52 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 ) - { - /* Ensure that the chosen ciphersuite is PSK-only; we must know - * the ciphersuite in advance to set the correct policy for the - * PSK key slot. This limitation might go away in the future. */ - if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); - ret = 2; - goto usage; - } - +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) + if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ #if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); - else + } else #endif /* MBEDTLS_SHA512_C */ - alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); + alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ } - if( opt.version_suites != NULL ) - { + if (opt.version_suites != NULL) { const char *name[4] = { 0 }; /* Parse 4-element coma-separated list */ - for( i = 0, p = (char *) opt.version_suites; + for (i = 0, p = (char *) opt.version_suites; i < 4 && *p != '\0'; - i++ ) - { + i++) { name[i] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } - if( i != 4 ) - { - mbedtls_printf( "too few values for version_suites\n" ); + if (i != 4) { + mbedtls_printf("too few values for version_suites\n"); ret = 1; goto exit; } - memset( version_suites, 0, sizeof( version_suites ) ); + memset(version_suites, 0, sizeof(version_suites)); /* Get the suites identifiers from their name */ - for( i = 0; i < 4; i++ ) - { - version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id( name[i] ); + for (i = 0; i < 4; i++) { + version_suites[i][0] = mbedtls_ssl_get_ciphersuite_id(name[i]); - if( version_suites[i][0] == 0 ) - { - mbedtls_printf( "unknown ciphersuite: '%s'\n", name[i] ); + if (version_suites[i][0] == 0) { + mbedtls_printf("unknown ciphersuite: '%s'\n", name[i]); ret = 2; goto usage; } @@ -2178,24 +2108,24 @@ int main( int argc, char *argv[] ) } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( mbedtls_test_unhexify( cid, sizeof( cid ), - opt.cid_val, &cid_len ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + if (mbedtls_test_unhexify(cid, sizeof(cid), + opt.cid_val, &cid_len) != 0) { + mbedtls_printf("CID not valid hex\n"); goto exit; } /* Keep CID settings for renegotiation unless * specified otherwise. */ - if( opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO ) + if (opt.cid_enabled_renego == DFL_CID_ENABLED_RENEGO) { opt.cid_enabled_renego = opt.cid_enabled; - if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO ) + } + if (opt.cid_val_renego == DFL_CID_VALUE_RENEGO) { opt.cid_val_renego = opt.cid_val; + } - if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ), - opt.cid_val_renego, &cid_renego_len ) != 0 ) - { - mbedtls_printf( "CID not valid hex\n" ); + if (mbedtls_test_unhexify(cid_renego, sizeof(cid_renego), + opt.cid_val_renego, &cid_renego_len) != 0) { + mbedtls_printf("CID not valid hex\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -2204,71 +2134,60 @@ int main( int argc, char *argv[] ) /* * Unhexify the pre-shared key and parse the list if any given */ - if( mbedtls_test_unhexify( psk, sizeof( psk ), - opt.psk, &psk_len ) != 0 ) - { - mbedtls_printf( "pre-shared key not valid hex\n" ); + if (mbedtls_test_unhexify(psk, sizeof(psk), + opt.psk, &psk_len) != 0) { + mbedtls_printf("pre-shared key not valid hex\n"); goto exit; } - if( opt.psk_list != NULL ) - { - if( ( psk_info = psk_parse( opt.psk_list ) ) == NULL ) - { - mbedtls_printf( "psk_list invalid" ); + if (opt.psk_list != NULL) { + if ((psk_info = psk_parse(opt.psk_list)) == NULL) { + mbedtls_printf("psk_list invalid"); goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL ) - { + if (opt.curves != NULL) { p = (char *) opt.curves; i = 0; - if( strcmp( p, "none" ) == 0 ) - { + if (strcmp(p, "none") == 0) { curve_list[0] = MBEDTLS_ECP_DP_NONE; - } - else if( strcmp( p, "default" ) != 0 ) - { + } else if (strcmp(p, "default") != 0) { /* Leave room for a final NULL in curve list */ - while( i < CURVE_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; /* Terminate the current string */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } - if( ( curve_cur = mbedtls_ecp_curve_info_from_name( q ) ) != NULL ) - { + if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { curve_list[i++] = curve_cur->grp_id; - } - else - { - mbedtls_printf( "unknown curve %s\n", q ); - mbedtls_printf( "supported curves: " ); - for( curve_cur = mbedtls_ecp_curve_list(); + } else { + mbedtls_printf("unknown curve %s\n", q); + mbedtls_printf("supported curves: "); + for (curve_cur = mbedtls_ecp_curve_list(); curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++ ) - { - mbedtls_printf( "%s ", curve_cur->name ); + curve_cur++) { + mbedtls_printf("%s ", curve_cur->name); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); goto exit; } } - mbedtls_printf("Number of curves: %d\n", i ); + mbedtls_printf("Number of curves: %d\n", i); - if( i == CURVE_LIST_SIZE - 1 && *p != '\0' ) - { - mbedtls_printf( "curves list too long, maximum %d", - CURVE_LIST_SIZE - 1 ); + if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { + mbedtls_printf("curves list too long, maximum %d", + CURVE_LIST_SIZE - 1); goto exit; } @@ -2278,197 +2197,186 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { + if (opt.alpn_string != NULL) { p = (char *) opt.alpn_string; i = 0; /* Leave room for a final NULL in alpn_list */ - while( i < ALPN_LIST_SIZE - 1 && *p != '\0' ) - { + while (i < ALPN_LIST_SIZE - 1 && *p != '\0') { alpn_list[i++] = p; /* Terminate the current string and move on to next one */ - while( *p != ',' && *p != '\0' ) + while (*p != ',' && *p != '\0') { p++; - if( *p == ',' ) + } + if (*p == ',') { *p++ = '\0'; + } } } #endif /* MBEDTLS_SSL_ALPN */ + mbedtls_printf("build version: %s (build %d)\n", + MBEDTLS_VERSION_STRING_FULL, MBEDTLS_VERSION_NUMBER); + /* * 0. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); - ret = rng_seed( &rng, opt.reproducible, pers ); - if( ret != 0 ) + ret = rng_seed(&rng, opt.reproducible, pers); + if (ret != 0) { goto exit; - mbedtls_printf( " ok\n" ); + } + mbedtls_printf(" ok\n"); -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); - if( strcmp( opt.ca_path, "none" ) == 0 || - strcmp( opt.ca_file, "none" ) == 0 ) - { + if (strcmp(opt.ca_path, "none") == 0 || + strcmp(opt.ca_file, "none") == 0) { ret = 0; - } - else + } else #if defined(MBEDTLS_FS_IO) - if( strlen( opt.ca_path ) ) - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); - else if( strlen( opt.ca_file ) ) - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); - else + if (strlen(opt.ca_path)) { + ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path); + } else if (strlen(opt.ca_file)) { + ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file); + } else #endif #if defined(MBEDTLS_CERTS_C) { #if defined(MBEDTLS_PEM_PARSE_C) - for( i = 0; mbedtls_test_cas[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse( &cacert, - (const unsigned char *) mbedtls_test_cas[i], - mbedtls_test_cas_len[i] ); - if( ret != 0 ) + for (i = 0; mbedtls_test_cas[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse(&cacert, + (const unsigned char *) mbedtls_test_cas[i], + mbedtls_test_cas_len[i]); + if (ret != 0) { break; + } } - if( ret == 0 ) #endif /* MBEDTLS_PEM_PARSE_C */ - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( &cacert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - if( ret != 0 ) - break; + if (ret == 0) { + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der(&cacert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + if (ret != 0) { + break; + } + } } } #else { ret = 1; - mbedtls_printf( "MBEDTLS_CERTS_C not defined." ); + mbedtls_printf("MBEDTLS_CERTS_C not defined."); } #endif /* MBEDTLS_CERTS_C */ - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", (unsigned int) -ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); /* * 1.2. Load own certificate and private key */ - mbedtls_printf( " . Loading the server cert. and key..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the server cert. and key..."); + fflush(stdout); #if defined(MBEDTLS_FS_IO) - if( strlen( opt.crt_file ) && strcmp( opt.crt_file, "none" ) != 0 ) - { + if (strlen(opt.crt_file) && strcmp(opt.crt_file, "none") != 0) { key_cert_init++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert, opt.crt_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse_file(&srvcert, opt.crt_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( strlen( opt.key_file ) && strcmp( opt.key_file, "none" ) != 0 ) - { + if (strlen(opt.key_file) && strcmp(opt.key_file, "none") != 0) { key_cert_init++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, - opt.key_pwd ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pkey, opt.key_file, + opt.key_pwd)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( key_cert_init == 1 ) - { - mbedtls_printf( " failed\n ! crt_file without key_file or vice-versa\n\n" ); + if (key_cert_init == 1) { + mbedtls_printf(" failed\n ! crt_file without key_file or vice-versa\n\n"); goto exit; } - if( strlen( opt.crt_file2 ) && strcmp( opt.crt_file2, "none" ) != 0 ) - { + if (strlen(opt.crt_file2) && strcmp(opt.crt_file2, "none") != 0) { key_cert_init2++; - if( ( ret = mbedtls_x509_crt_parse_file( &srvcert2, opt.crt_file2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse_file(&srvcert2, opt.crt_file2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file(2) returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( strlen( opt.key_file2 ) && strcmp( opt.key_file2, "none" ) != 0 ) - { + if (strlen(opt.key_file2) && strcmp(opt.key_file2, "none") != 0) { key_cert_init2++; - if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2, - opt.key_pwd2 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_keyfile(&pkey2, opt.key_file2, + opt.key_pwd2)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } - if( key_cert_init2 == 1 ) - { - mbedtls_printf( " failed\n ! crt_file2 without key_file2 or vice-versa\n\n" ); + if (key_cert_init2 == 1) { + mbedtls_printf(" failed\n ! crt_file2 without key_file2 or vice-versa\n\n"); goto exit; } #endif - if( key_cert_init == 0 && - strcmp( opt.crt_file, "none" ) != 0 && - strcmp( opt.key_file, "none" ) != 0 && + if (key_cert_init == 0 && + strcmp(opt.crt_file, "none") != 0 && + strcmp(opt.key_file, "none") != 0 && key_cert_init2 == 0 && - strcmp( opt.crt_file2, "none" ) != 0 && - strcmp( opt.key_file2, "none" ) != 0 ) - { + strcmp(opt.crt_file2, "none") != 0 && + strcmp(opt.key_file2, "none") != 0) { #if !defined(MBEDTLS_CERTS_C) - mbedtls_printf( "Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n" ); + mbedtls_printf("Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n"); goto exit; -#else +#else /* MBEDTLS_CERTS_C */ #if defined(MBEDTLS_RSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert, - (const unsigned char *) mbedtls_test_srv_crt_rsa, - mbedtls_test_srv_crt_rsa_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse(&srvcert, + (const unsigned char *) mbedtls_test_srv_crt_rsa, + mbedtls_test_srv_crt_rsa_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_pk_parse_key( &pkey, - (const unsigned char *) mbedtls_test_srv_key_rsa, - mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_key(&pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa, + mbedtls_test_srv_key_rsa_len, NULL, 0)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } key_cert_init = 2; #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECDSA_C) - if( ( ret = mbedtls_x509_crt_parse( &srvcert2, - (const unsigned char *) mbedtls_test_srv_crt_ec, - mbedtls_test_srv_crt_ec_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! x509_crt_parse2 returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_x509_crt_parse(&srvcert2, + (const unsigned char *) mbedtls_test_srv_crt_ec, + mbedtls_test_srv_crt_ec_len)) != 0) { + mbedtls_printf(" failed\n ! x509_crt_parse2 returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - if( ( ret = mbedtls_pk_parse_key( &pkey2, - (const unsigned char *) mbedtls_test_srv_key_ec, - mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 ) - { - mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_pk_parse_key(&pkey2, + (const unsigned char *) mbedtls_test_srv_key_ec, + mbedtls_test_srv_key_ec_len, NULL, 0)) != 0) { + mbedtls_printf(" failed\n ! pk_parse_key2 returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } key_cert_init2 = 2; @@ -2476,446 +2384,445 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_CERTS_C */ } - mbedtls_printf( " ok\n" ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (opt.key_opaque != 0) { + if (mbedtls_pk_get_type(&pkey) == MBEDTLS_PK_ECKEY) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey, &key_slot, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", + (unsigned int) -ret); + goto exit; + } + } + + if (mbedtls_pk_get_type(&pkey2) == MBEDTLS_PK_ECKEY) { + if ((ret = mbedtls_pk_wrap_as_opaque(&pkey2, &key_slot2, + PSA_ALG_ANY_HASH)) != 0) { + mbedtls_printf(" failed\n ! " + "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", + (unsigned int) -ret); + goto exit; + } + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_printf(" ok (key types: %s - %s)\n", + mbedtls_pk_get_name(&pkey), + mbedtls_pk_get_name(&pkey2)); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - { - mbedtls_printf( " . Loading DHM parameters..." ); - fflush( stdout ); + if (opt.dhm_file != NULL) { + mbedtls_printf(" . Loading DHM parameters..."); + fflush(stdout); - if( ( ret = mbedtls_dhm_parse_dhmfile( &dhm, opt.dhm_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_dhm_parse_dhmfile(&dhm, opt.dhm_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_dhm_parse_dhmfile returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif #if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_printf( " . Setting up SNI information..." ); - fflush( stdout ); + if (opt.sni != NULL) { + mbedtls_printf(" . Setting up SNI information..."); + fflush(stdout); - if( ( sni_info = sni_parse( opt.sni ) ) == NULL ) - { - mbedtls_printf( " failed\n" ); + if ((sni_info = sni_parse(opt.sni)) == NULL) { + mbedtls_printf(" failed\n"); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* SNI_OPTION */ /* * 2. Setup the listening TCP socket */ - mbedtls_printf( " . Bind on %s://%s:%s/ ...", - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", - opt.server_addr ? opt.server_addr : "*", - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.server_addr, opt.server_port, - opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? - MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Bind on %s://%s:%s/ ...", + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? "tcp" : "udp", + opt.server_addr ? opt.server_addr : "*", + opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_bind(&listen_fd, opt.server_addr, opt.server_port, + opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ? + MBEDTLS_NET_PROTO_TCP : MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Setup stuff */ - mbedtls_printf( " . Setting up the SSL/TLS structure..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_SERVER, - opt.transport, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Setting up the SSL/TLS structure..."); + fflush(stdout); + + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_SERVER, + opt.transport, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* The default algorithms profile disables SHA-1, but our tests still rely on it heavily. Hence we allow it here. A real-world server should use the default profile unless there is a good reason not to. */ - if( opt.allow_sha1 > 0 ) - { - crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ); - mbedtls_ssl_conf_cert_profile( &conf, &crt_profile_for_test ); - mbedtls_ssl_conf_sig_hashes( &conf, ssl_sig_hashes_for_test ); + if (opt.allow_sha1 > 0) { + crt_profile_for_test.allowed_mds |= MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1); + mbedtls_ssl_conf_cert_profile(&conf, &crt_profile_for_test); + mbedtls_ssl_conf_sig_hashes(&conf, ssl_sig_hashes_for_test); } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ - if( opt.auth_mode != DFL_AUTH_MODE ) - mbedtls_ssl_conf_authmode( &conf, opt.auth_mode ); + if (opt.auth_mode != DFL_AUTH_MODE) { + mbedtls_ssl_conf_authmode(&conf, opt.auth_mode); + } - if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST ) - mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list ); + if (opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST) { + mbedtls_ssl_conf_cert_req_ca_list(&conf, opt.cert_req_ca_list); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX ) - mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max ); + if (opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX) { + mbedtls_ssl_conf_handshake_timeout(&conf, opt.hs_to_min, opt.hs_to_max); + } - if( opt.dgram_packing != DFL_DGRAM_PACKING ) - mbedtls_ssl_set_datagram_packing( &ssl, opt.dgram_packing ); + if (opt.dgram_packing != DFL_DGRAM_PACKING) { + mbedtls_ssl_set_datagram_packing(&ssl, opt.dgram_packing); + } #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_max_frag_len(&conf, opt.mfl_code)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret); goto exit; } #endif #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 ) - { - if( opt.cid_enabled == 1 && + if (opt.cid_enabled == 1 || opt.cid_enabled_renego == 1) { + if (opt.cid_enabled == 1 && opt.cid_enabled_renego == 1 && - cid_len != cid_renego_len ) - { - mbedtls_printf( "CID length must not change during renegotiation\n" ); + cid_len != cid_renego_len) { + mbedtls_printf("CID length must not change during renegotiation\n"); goto usage; } - if( opt.cid_enabled == 1 ) - ret = mbedtls_ssl_conf_cid( &conf, cid_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); - else - ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len, - MBEDTLS_SSL_UNEXPECTED_CID_IGNORE ); + if (opt.cid_enabled == 1) { + ret = mbedtls_ssl_conf_cid(&conf, cid_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } else { + ret = mbedtls_ssl_conf_cid(&conf, cid_renego_len, + MBEDTLS_SSL_UNEXPECTED_CID_IGNORE); + } - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", - (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_cid_len returned -%#04x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_DTLS_SRTP) - const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; - if( opt.use_srtp == 1 ) - { - if( opt.force_srtp_profile != 0 ) - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile ); - } - else - { - ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, default_profiles ); - } - - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", ret ); + const mbedtls_ssl_srtp_profile forced_profile[] = + { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET }; + if (opt.use_srtp == 1) { + if (opt.force_srtp_profile != 0) { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, forced_profile); + } else { + ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles(&conf, default_profiles); + } + + if (ret != 0) { + mbedtls_printf( + " failed\n ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", + ret); goto exit; } - mbedtls_ssl_conf_srtp_mki_value_supported( &conf, - opt.support_mki ? - MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED : - MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED ); + mbedtls_ssl_conf_srtp_mki_value_supported(&conf, + opt.support_mki ? + MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED : + MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED); - } - else if( opt.force_srtp_profile != 0 ) - { - mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" ); + } else if (opt.force_srtp_profile != 0) { + mbedtls_printf(" failed\n ! must enable use_srtp to force srtp profile\n\n"); goto exit; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( opt.trunc_hmac != DFL_TRUNC_HMAC ) - mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac ); + if (opt.trunc_hmac != DFL_TRUNC_HMAC) { + mbedtls_ssl_conf_truncated_hmac(&conf, opt.trunc_hmac); + } #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( opt.extended_ms != DFL_EXTENDED_MS ) - mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms ); + if (opt.extended_ms != DFL_EXTENDED_MS) { + mbedtls_ssl_conf_extended_master_secret(&conf, opt.extended_ms); + } #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( opt.etm != DFL_ETM ) - mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm ); + if (opt.etm != DFL_ETM) { + mbedtls_ssl_conf_encrypt_then_mac(&conf, opt.etm); + } #endif #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation, - &eap_tls_keying ); - } - else if( opt.nss_keylog != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, - nss_keylog_export, - NULL ); + if (opt.eap_tls != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, eap_tls_key_derivation, + &eap_tls_keying); + } else if (opt.nss_keylog != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, + nss_keylog_export, + NULL); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { - mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation, - &dtls_srtp_keying ); +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { + mbedtls_ssl_conf_export_keys_ext_cb(&conf, dtls_srtp_key_derivation, + &dtls_srtp_keying); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret ); + if (opt.alpn_string != NULL) { + if ((ret = mbedtls_ssl_conf_alpn_protocols(&conf, alpn_list)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret); goto exit; } + } #endif - if (opt.reproducible) - { + if (opt.reproducible) { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_PLATFORM_TIME_ALT) - mbedtls_platform_set_time( dummy_constant_time ); + mbedtls_platform_set_time(dummy_constant_time); #else - fprintf( stderr, "Warning: reproducible option used without constant time\n" ); + fprintf(stderr, "Warning: reproducible option used without constant time\n"); #endif #endif /* MBEDTLS_HAVE_TIME */ } - mbedtls_ssl_conf_rng( &conf, rng_get, &rng ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, rng_get, &rng); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); #if defined(MBEDTLS_SSL_CACHE_C) - if( opt.cache_max != -1 ) - mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); + if (opt.cache_max != -1) { + mbedtls_ssl_cache_set_max_entries(&cache, opt.cache_max); + } - if( opt.cache_timeout != -1 ) - mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); +#if defined(MBEDTLS_HAVE_TIME) + if (opt.cache_timeout != -1) { + mbedtls_ssl_cache_set_timeout(&cache, opt.cache_timeout); + } +#endif - mbedtls_ssl_conf_session_cache( &conf, &cache, + mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set ); + mbedtls_ssl_cache_set); #endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED ) - { - if( ( ret = mbedtls_ssl_ticket_setup( &ticket_ctx, - rng_get, &rng, - MBEDTLS_CIPHER_AES_256_GCM, - opt.ticket_timeout ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + if (opt.tickets == MBEDTLS_SSL_SESSION_TICKETS_ENABLED) { + if ((ret = mbedtls_ssl_ticket_setup(&ticket_ctx, + rng_get, &rng, + MBEDTLS_CIPHER_AES_256_GCM, + opt.ticket_timeout)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_ticket_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_session_tickets_cb( &conf, - mbedtls_ssl_ticket_write, - mbedtls_ssl_ticket_parse, - &ticket_ctx ); + mbedtls_ssl_conf_session_tickets_cb(&conf, + mbedtls_ssl_ticket_write, + mbedtls_ssl_ticket_parse, + &ticket_ctx); } #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { #if defined(MBEDTLS_SSL_COOKIE_C) - if( opt.cookies > 0 ) - { - if( ( ret = mbedtls_ssl_cookie_setup( &cookie_ctx, - rng_get, &rng ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret ); + if (opt.cookies > 0) { + if ((ret = mbedtls_ssl_cookie_setup(&cookie_ctx, + rng_get, &rng)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_cookie_setup returned %d\n\n", ret); goto exit; } - mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, - &cookie_ctx ); - } - else + mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, + &cookie_ctx); + } else #endif /* MBEDTLS_SSL_COOKIE_C */ #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.cookies == 0 ) - { - mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL ); - } - else + if (opt.cookies == 0) { + mbedtls_ssl_conf_dtls_cookies(&conf, NULL, NULL, NULL); + } else #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ { ; /* Nothing to do */ } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( opt.anti_replay != DFL_ANTI_REPLAY ) - mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay ); + if (opt.anti_replay != DFL_ANTI_REPLAY) { + mbedtls_ssl_conf_dtls_anti_replay(&conf, opt.anti_replay); + } #endif #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( opt.badmac_limit != DFL_BADMAC_LIMIT ) - mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit ); + if (opt.badmac_limit != DFL_BADMAC_LIMIT) { + mbedtls_ssl_conf_dtls_badmac_limit(&conf, opt.badmac_limit); + } #endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) - mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); + if (opt.force_ciphersuite[0] != DFL_FORCE_CIPHER) { + mbedtls_ssl_conf_ciphersuites(&conf, opt.force_ciphersuite); + } #if defined(MBEDTLS_ARC4_C) - if( opt.arc4 != DFL_ARC4 ) - mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); + if (opt.arc4 != DFL_ARC4) { + mbedtls_ssl_conf_arc4_support(&conf, opt.arc4); + } #endif - if( opt.version_suites != NULL ) - { - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_0 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_1 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_2 ); - mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3], - MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3 ); - } - - if( opt.allow_legacy != DFL_ALLOW_LEGACY ) - mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy ); + if (opt.version_suites != NULL) { + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[0], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_0); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[1], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_1); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[2], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_2); + mbedtls_ssl_conf_ciphersuites_for_version(&conf, version_suites[3], + MBEDTLS_SSL_MAJOR_VERSION_3, + MBEDTLS_SSL_MINOR_VERSION_3); + } + + if (opt.allow_legacy != DFL_ALLOW_LEGACY) { + mbedtls_ssl_conf_legacy_renegotiation(&conf, opt.allow_legacy); + } #if defined(MBEDTLS_SSL_RENEGOTIATION) - mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation ); + mbedtls_ssl_conf_renegotiation(&conf, opt.renegotiation); - if( opt.renego_delay != DFL_RENEGO_DELAY ) - mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay ); + if (opt.renego_delay != DFL_RENEGO_DELAY) { + mbedtls_ssl_conf_renegotiation_enforced(&conf, opt.renego_delay); + } - if( opt.renego_period != DFL_RENEGO_PERIOD ) - { - PUT_UINT64_BE( renego_period, opt.renego_period, 0 ); - mbedtls_ssl_conf_renegotiation_period( &conf, renego_period ); + if (opt.renego_period != DFL_RENEGO_PERIOD) { + PUT_UINT64_BE(renego_period, opt.renego_period, 0); + mbedtls_ssl_conf_renegotiation_period(&conf, renego_period); } #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( opt.ca_path, "none" ) != 0 && - strcmp( opt.ca_file, "none" ) != 0 ) - { +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if (strcmp(opt.ca_path, "none") != 0 && + strcmp(opt.ca_file, "none") != 0) { #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( opt.ca_callback != 0 ) - mbedtls_ssl_conf_ca_cb( &conf, ca_callback, &cacert); - else + if (opt.ca_callback != 0) { + mbedtls_ssl_conf_ca_cb(&conf, ca_callback, &cacert); + } else #endif - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); } - if( key_cert_init ) - { + if (key_cert_init) { mbedtls_pk_context *pk = &pkey; #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay1 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert, pk, 0, - opt.async_private_delay1 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + if (opt.async_private_delay1 >= 0) { + ret = ssl_async_set_key(&ssl_async_keys, &srvcert, pk, 0, + opt.async_private_delay1); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } pk = NULL; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, pk)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } } - if( key_cert_init2 ) - { + if (key_cert_init2) { mbedtls_pk_context *pk = &pkey2; #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { - ret = ssl_async_set_key( &ssl_async_keys, &srvcert2, pk, 0, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + if (opt.async_private_delay2 >= 0) { + ret = ssl_async_set_key(&ssl_async_keys, &srvcert2, pk, 0, + opt.async_private_delay2); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } pk = NULL; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, pk ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert2, pk)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret); goto exit; } } #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_operations[0] != '-' ) - { + if (opt.async_operations[0] != '-') { mbedtls_ssl_async_sign_t *sign = NULL; mbedtls_ssl_async_decrypt_t *decrypt = NULL; const char *r; - for( r = opt.async_operations; *r; r++ ) - { - switch( *r ) - { - case 'd': - decrypt = ssl_async_decrypt; - break; - case 's': - sign = ssl_async_sign; - break; + for (r = opt.async_operations; *r; r++) { + switch (*r) { + case 'd': + decrypt = ssl_async_decrypt; + break; + case 's': + sign = ssl_async_sign; + break; } } - ssl_async_keys.inject_error = ( opt.async_private_error < 0 ? - - opt.async_private_error : - opt.async_private_error ); + ssl_async_keys.inject_error = (opt.async_private_error < 0 ? + -opt.async_private_error : + opt.async_private_error); ssl_async_keys.f_rng = rng_get; ssl_async_keys.p_rng = &rng; - mbedtls_ssl_conf_async_private_cb( &conf, - sign, - decrypt, - ssl_async_resume, - ssl_async_cancel, - &ssl_async_keys ); + mbedtls_ssl_conf_async_private_cb(&conf, + sign, + decrypt, + ssl_async_resume, + ssl_async_cancel, + &ssl_async_keys); } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(SNI_OPTION) - if( opt.sni != NULL ) - { - mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info ); + if (opt.sni != NULL) { + mbedtls_ssl_conf_sni(&conf, sni_callback, sni_info); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_delay2 >= 0 ) - { + if (opt.async_private_delay2 >= 0) { sni_entry *cur; - for( cur = sni_info; cur != NULL; cur = cur->next ) - { - ret = ssl_async_set_key( &ssl_async_keys, - cur->cert, cur->key, 1, - opt.async_private_delay2 ); - if( ret < 0 ) - { - mbedtls_printf( " Test error: ssl_async_set_key failed (%d)\n", - ret ); + for (cur = sni_info; cur != NULL; cur = cur->next) { + ret = ssl_async_set_key(&ssl_async_keys, + cur->cert, cur->key, 1, + opt.async_private_delay2); + if (ret < 0) { + mbedtls_printf(" Test error: ssl_async_set_key failed (%d)\n", + ret); goto exit; } cur->key = NULL; @@ -2926,66 +2833,55 @@ int main( int argc, char *argv[] ) #endif #if defined(MBEDTLS_ECP_C) - if( opt.curves != NULL && - strcmp( opt.curves, "default" ) != 0 ) - { - mbedtls_ssl_conf_curves( &conf, curve_list ); + if (opt.curves != NULL && + strcmp(opt.curves, "default") != 0) { + mbedtls_ssl_conf_curves(&conf, curve_list); } #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 ) - { + if (strlen(opt.psk) != 0 && strlen(opt.psk_identity) != 0) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* The algorithm has already been determined earlier. */ - status = psa_setup_psk_key_slot( &psk_slot, alg, psk, psk_len ); - if( status != PSA_SUCCESS ) - { - fprintf( stderr, "SETUP FAIL\n" ); + status = psa_setup_psk_key_slot(&psk_slot, alg, psk, psk_len); + if (status != PSA_SUCCESS) { + fprintf(stderr, "SETUP FAIL\n"); ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } - if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", - ret ); + if ((ret = mbedtls_ssl_conf_psk_opaque(&conf, psk_slot, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_conf_psk_opaque returned %d\n\n", + ret); goto exit; } - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( psk_len > 0 ) - { - ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len, - (const unsigned char *) opt.psk_identity, - strlen( opt.psk_identity ) ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", (unsigned int) -ret ); + if (psk_len > 0) { + ret = mbedtls_ssl_conf_psk(&conf, psk, psk_len, + (const unsigned char *) opt.psk_identity, + strlen(opt.psk_identity)); + if (ret != 0) { + mbedtls_printf(" failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } } } - if( opt.psk_list != NULL ) - { + if (opt.psk_list != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_list_opaque != 0 ) - { + if (opt.psk_list_opaque != 0) { psk_entry *cur_psk; - for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next ) - { - - status = psa_setup_psk_key_slot( &cur_psk->slot, alg, - cur_psk->key, - cur_psk->key_len ); - if( status != PSA_SUCCESS ) - { + for (cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next) { + + status = psa_setup_psk_key_slot(&cur_psk->slot, alg, + cur_psk->key, + cur_psk->key_len); + if (status != PSA_SUCCESS) { ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; goto exit; } @@ -2993,7 +2889,7 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info ); + mbedtls_ssl_conf_psk_cb(&conf, psk_callback, psk_info); } #endif @@ -3002,387 +2898,359 @@ int main( int argc, char *argv[] ) * Use different group than default DHM group */ #if defined(MBEDTLS_FS_IO) - if( opt.dhm_file != NULL ) - ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm ); + if (opt.dhm_file != NULL) { + ret = mbedtls_ssl_conf_dh_param_ctx(&conf, &dhm); + } #endif - if( ret != 0 ) - { - mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", (unsigned int) -ret ); + if (ret != 0) { + mbedtls_printf(" failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", + (unsigned int) -ret); goto exit; } #endif - if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); + if (opt.min_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version); + } - if( opt.max_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); + if (opt.max_version != DFL_MIN_VERSION) { + mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version); + } - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", (unsigned int) -ret); goto exit; } io_ctx.ssl = &ssl; io_ctx.net = &client_fd; - mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb, - opt.nbio == 0 ? recv_timeout_cb : NULL ); + mbedtls_ssl_set_bio(&ssl, &io_ctx, send_cb, recv_cb, + opt.nbio == 0 ? recv_timeout_cb : NULL); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, - cid, cid_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled, + cid, cid_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if( opt.dtls_mtu != DFL_DTLS_MTU ) - mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); + if (opt.dtls_mtu != DFL_DTLS_MTU) { + mbedtls_ssl_set_mtu(&ssl, opt.dtls_mtu); + } #endif #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); reset: #if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (not in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_INVALID_CONTEXT ) + if (received_sigterm) { + mbedtls_printf(" interrupted by SIGTERM (not in net_accept())\n"); + if (ret == MBEDTLS_ERR_NET_INVALID_CONTEXT) { ret = 0; + } goto exit; } #endif - if( ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) - { - mbedtls_printf( " ! Client initiated reconnection from same port\n" ); + if (ret == MBEDTLS_ERR_SSL_CLIENT_RECONNECT) { + mbedtls_printf(" ! Client initiated reconnection from same port\n"); goto handshake; } #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: %d - %s\n\n", ret, error_buf); } #endif - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_ssl_session_reset( &ssl ); + mbedtls_ssl_session_reset(&ssl); /* * 3. Wait until a client connects */ - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - client_ip, sizeof( client_ip ), &cliip_len ) ) != 0 ) - { + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + client_ip, sizeof(client_ip), &cliip_len)) != 0) { #if !defined(_WIN32) - if( received_sigterm ) - { - mbedtls_printf( " interrupted by SIGTERM (in net_accept())\n" ); - if( ret == MBEDTLS_ERR_NET_ACCEPT_FAILED ) + if (received_sigterm) { + mbedtls_printf(" interrupted by SIGTERM (in net_accept())\n"); + if (ret == MBEDTLS_ERR_NET_ACCEPT_FAILED) { ret = 0; + } goto exit; } #endif - mbedtls_printf( " failed\n ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" failed\n ! mbedtls_net_accept returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - if( opt.nbio > 0 ) - ret = mbedtls_net_set_nonblock( &client_fd ); - else - ret = mbedtls_net_set_block( &client_fd ); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret ); + if (opt.nbio > 0) { + ret = mbedtls_net_set_nonblock(&client_fd); + } else { + ret = mbedtls_net_set_block(&client_fd); + } + if (ret != 0) { + mbedtls_printf(" failed\n ! net_set_(non)block() returned -0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout ); + mbedtls_ssl_conf_read_timeout(&conf, opt.read_timeout); #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_client_transport_id( &ssl, - client_ip, cliip_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", - (unsigned int) -ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_client_transport_id(&ssl, + client_ip, cliip_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_client_transport_id() returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( opt.ecjpake_pw != DFL_ECJPAKE_PW ) - { - if( ( ret = mbedtls_ssl_set_hs_ecjpake_password( &ssl, - (const unsigned char *) opt.ecjpake_pw, - strlen( opt.ecjpake_pw ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret ); + if (opt.ecjpake_pw != DFL_ECJPAKE_PW) { + if ((ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, + (const unsigned char *) opt.ecjpake_pw, + strlen(opt.ecjpake_pw))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hs_ecjpake_password returned %d\n\n", ret); goto exit; } } #endif - mbedtls_printf( " ok\n" ); - /* * 4. Handshake */ handshake: - mbedtls_printf( " . Performing the SSL/TLS handshake..." ); - fflush( stdout ); + mbedtls_printf(" . Performing the SSL/TLS handshake..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && - ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL ) - { - mbedtls_printf( " cancelling on injected error\n" ); + if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && + ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL) { + mbedtls_printf(" cancelling on injected error\n"); break; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + if (!mbedtls_status_is_ssl_in_progress(ret)) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - ret = idle( &client_fd, &timer, ret ); + ret = idle(&client_fd, &timer, ret); #else - ret = idle( &client_fd, ret ); + ret = idle(&client_fd, ret); #endif - if( ret != 0 ) + if (ret != 0) { goto reset; + } } } - if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED ) - { - mbedtls_printf( " hello verification requested\n" ); + if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { + mbedtls_printf(" hello verification requested\n"); ret = 0; goto reset; - } - else if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret ); + } else if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", + (unsigned int) -ret); -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ) - { +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { char vrfy_buf[512]; - flags = mbedtls_ssl_get_verify_result( &ssl ); + flags = mbedtls_ssl_get_verify_result(&ssl); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); } #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( opt.async_private_error < 0 ) + if (opt.async_private_error < 0) { /* Injected error only the first time round, to test reset */ ssl_async_keys.inject_error = SSL_ASYNC_INJECT_ERROR_NONE; + } #endif goto reset; - } - else /* ret == 0 */ - { - mbedtls_printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", - mbedtls_ssl_get_version( &ssl ), mbedtls_ssl_get_ciphersuite( &ssl ) ); + } else { /* ret == 0 */ + mbedtls_printf(" ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", + mbedtls_ssl_get_version(&ssl), mbedtls_ssl_get_ciphersuite(&ssl)); } - if( ( ret = mbedtls_ssl_get_record_expansion( &ssl ) ) >= 0 ) - mbedtls_printf( " [ Record expansion is %d ]\n", ret ); - else - mbedtls_printf( " [ Record expansion is unknown (compression) ]\n" ); + if ((ret = mbedtls_ssl_get_record_expansion(&ssl)) >= 0) { + mbedtls_printf(" [ Record expansion is %d ]\n", ret); + } else { + mbedtls_printf(" [ Record expansion is unknown (compression) ]\n"); + } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - mbedtls_printf( " [ Maximum input fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_input_max_frag_len( &ssl ) ); - mbedtls_printf( " [ Maximum output fragment length is %u ]\n", - (unsigned int) mbedtls_ssl_get_output_max_frag_len( &ssl ) ); + mbedtls_printf(" [ Maximum input fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_input_max_frag_len(&ssl)); + mbedtls_printf(" [ Maximum output fragment length is %u ]\n", + (unsigned int) mbedtls_ssl_get_output_max_frag_len(&ssl)); #endif #if defined(MBEDTLS_SSL_ALPN) - if( opt.alpn_string != NULL ) - { - const char *alp = mbedtls_ssl_get_alpn_protocol( &ssl ); - mbedtls_printf( " [ Application Layer Protocol is %s ]\n", - alp ? alp : "(none)" ); + if (opt.alpn_string != NULL) { + const char *alp = mbedtls_ssl_get_alpn_protocol(&ssl); + mbedtls_printf(" [ Application Layer Protocol is %s ]\n", + alp ? alp : "(none)"); } #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) /* * 5. Verify the client certificate */ - mbedtls_printf( " . Verifying peer X.509 certificate..." ); + mbedtls_printf(" . Verifying peer X.509 certificate..."); - if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 ) - { + if ((flags = mbedtls_ssl_get_verify_result(&ssl)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); - if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL ) - { + if (mbedtls_ssl_get_peer_cert(&ssl) != NULL) { char crt_buf[512]; - mbedtls_printf( " . Peer certificate information ...\n" ); - mbedtls_x509_crt_info( crt_buf, sizeof( crt_buf ), " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - mbedtls_printf( "%s\n", crt_buf ); + mbedtls_printf(" . Peer certificate information ...\n"); + mbedtls_x509_crt_info(crt_buf, sizeof(crt_buf), " ", + mbedtls_ssl_get_peer_cert(&ssl)); + mbedtls_printf("%s\n", crt_buf); } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( opt.eap_tls != 0 ) - { + if (opt.eap_tls != 0) { size_t j = 0; - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, - eap_tls_keying.master_secret, - sizeof( eap_tls_keying.master_secret ), - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_keymaterial, - sizeof( eap_tls_keymaterial ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, + eap_tls_keying.master_secret, + sizeof(eap_tls_keying.master_secret), + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_keymaterial, + sizeof(eap_tls_keymaterial))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto reset; } - mbedtls_printf( " EAP-TLS key material is:" ); - for( j = 0; j < sizeof( eap_tls_keymaterial ); j++ ) - { - if( j % 8 == 0 ) + mbedtls_printf(" EAP-TLS key material is:"); + for (j = 0; j < sizeof(eap_tls_keymaterial); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_keymaterial[j] ); + } + mbedtls_printf("%02x ", eap_tls_keymaterial[j]); } mbedtls_printf("\n"); - if( ( ret = mbedtls_ssl_tls_prf( eap_tls_keying.tls_prf_type, NULL, 0, - eap_tls_label, - eap_tls_keying.randbytes, - sizeof( eap_tls_keying.randbytes ), - eap_tls_iv, - sizeof( eap_tls_iv ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); - goto reset; - } - - mbedtls_printf( " EAP-TLS IV is:" ); - for( j = 0; j < sizeof( eap_tls_iv ); j++ ) - { - if( j % 8 == 0 ) + if ((ret = mbedtls_ssl_tls_prf(eap_tls_keying.tls_prf_type, NULL, 0, + eap_tls_label, + eap_tls_keying.randbytes, + sizeof(eap_tls_keying.randbytes), + eap_tls_iv, + sizeof(eap_tls_iv))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); + goto reset; + } + + mbedtls_printf(" EAP-TLS IV is:"); + for (j = 0; j < sizeof(eap_tls_iv); j++) { + if (j % 8 == 0) { mbedtls_printf("\n "); - mbedtls_printf("%02x ", eap_tls_iv[j] ); + } + mbedtls_printf("%02x ", eap_tls_iv[j]); } mbedtls_printf("\n"); } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) - else if( opt.use_srtp != 0 ) - { +#if defined(MBEDTLS_SSL_DTLS_SRTP) + else if (opt.use_srtp != 0) { size_t j = 0; mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); - - if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile - == MBEDTLS_TLS_SRTP_UNSET ) - { - mbedtls_printf( " Unable to negotiate " - "the use of DTLS-SRTP\n" ); - } - else - { - if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type, - dtls_srtp_keying.master_secret, - sizeof( dtls_srtp_keying.master_secret ), - dtls_srtp_label, - dtls_srtp_keying.randbytes, - sizeof( dtls_srtp_keying.randbytes ), - dtls_srtp_key_material, - sizeof( dtls_srtp_key_material ) ) ) - != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", - (unsigned int) -ret ); + mbedtls_ssl_get_dtls_srtp_negotiation_result(&ssl, &dtls_srtp_negotiation_result); + + if (dtls_srtp_negotiation_result.chosen_dtls_srtp_profile + == MBEDTLS_TLS_SRTP_UNSET) { + mbedtls_printf(" Unable to negotiate " + "the use of DTLS-SRTP\n"); + } else { + if ((ret = mbedtls_ssl_tls_prf(dtls_srtp_keying.tls_prf_type, + dtls_srtp_keying.master_secret, + sizeof(dtls_srtp_keying.master_secret), + dtls_srtp_label, + dtls_srtp_keying.randbytes, + sizeof(dtls_srtp_keying.randbytes), + dtls_srtp_key_material, + sizeof(dtls_srtp_key_material))) + != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } - mbedtls_printf( " DTLS-SRTP key material is:" ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - if( j % 8 == 0 ) - mbedtls_printf( "\n " ); - mbedtls_printf( "%02x ", dtls_srtp_key_material[j] ); + mbedtls_printf(" DTLS-SRTP key material is:"); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + if (j % 8 == 0) { + mbedtls_printf("\n "); + } + mbedtls_printf("%02x ", dtls_srtp_key_material[j]); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); /* produce a less readable output used to perform automatic checks * - compare client and server output * - interop test with openssl which client produces this kind of output */ - mbedtls_printf( " Keying material: " ); - for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_key_material[j] ); - } - mbedtls_printf( "\n" ); - - if ( dtls_srtp_negotiation_result.mki_len > 0 ) - { - mbedtls_printf( " DTLS-SRTP mki value: " ); - for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ ) - { - mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] ); - } + mbedtls_printf(" Keying material: "); + for (j = 0; j < sizeof(dtls_srtp_key_material); j++) { + mbedtls_printf("%02X", dtls_srtp_key_material[j]); } - else - { - mbedtls_printf( " DTLS-SRTP no mki value negotiated" ); + mbedtls_printf("\n"); + + if (dtls_srtp_negotiation_result.mki_len > 0) { + mbedtls_printf(" DTLS-SRTP mki value: "); + for (j = 0; j < dtls_srtp_negotiation_result.mki_len; j++) { + mbedtls_printf("%02X", dtls_srtp_negotiation_result.mki_value[j]); + } + } else { + mbedtls_printf(" DTLS-SRTP no mki value negotiated"); } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); } } @@ -3390,154 +3258,140 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "initial handshake" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "initial handshake"); + if (ret != 0) { goto exit; + } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled_renego, - cid_renego, cid_renego_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", - ret ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + if ((ret = mbedtls_ssl_set_cid(&ssl, opt.cid_enabled_renego, + cid_renego, cid_renego_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret); goto exit; } } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( ¤t_heap_memory, &heap_blocks ); - mbedtls_memory_buffer_alloc_max_get( &peak_heap_memory, &heap_blocks ); - mbedtls_printf( "Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n", - (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory ); + mbedtls_memory_buffer_alloc_cur_get(¤t_heap_memory, &heap_blocks); + mbedtls_memory_buffer_alloc_max_get(&peak_heap_memory, &heap_blocks); + mbedtls_printf("Heap memory usage after handshake: %lu bytes. Peak memory usage was %lu\n", + (unsigned long) current_heap_memory, (unsigned long) peak_heap_memory); #endif /* MBEDTLS_MEMORY_DEBUG */ - if( opt.exchanges == 0 ) + if (opt.exchanges == 0) { goto close_notify; + } exchanges_left = opt.exchanges; data_exchange: /* * 6. Read the HTTP Request */ - mbedtls_printf( " < Read from client:" ); - fflush( stdout ); + mbedtls_printf(" < Read from client:"); + fflush(stdout); /* * TLS and DTLS need different reading styles (stream vs datagram) */ - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - do - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + do { int terminated = 0; - len = opt.buffer_size - 1; - memset( buf, 0, opt.buffer_size ); - ret = mbedtls_ssl_read( &ssl, buf, len ); - - if( mbedtls_status_is_ssl_in_progress( ret ) ) - { - if( opt.event == 1 /* level triggered IO */ ) - { + len = opt.buffer_size; + memset(buf, 0, opt.buffer_size); + ret = mbedtls_ssl_read(&ssl, buf, len); + + if (mbedtls_status_is_ssl_in_progress(ret)) { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } continue; } - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); + mbedtls_printf(" connection was closed gracefully\n"); goto close_notify; case 0: case MBEDTLS_ERR_NET_CONN_RESET: - mbedtls_printf( " connection was reset by peer\n" ); + mbedtls_printf(" connection was reset by peer\n"); ret = MBEDTLS_ERR_NET_CONN_RESET; goto reset; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto reset; } } - if( mbedtls_ssl_get_bytes_avail( &ssl ) == 0 ) - { + if (mbedtls_ssl_get_bytes_avail(&ssl) == 0) { len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s\n", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s\n", len, (char *) buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( buf[len - 1] == '\n' ) + if (buf[len - 1] == '\n') { terminated = 1; - } - else - { + } + } else { int extra_len, ori_len; unsigned char *larger_buf; ori_len = ret; - extra_len = (int) mbedtls_ssl_get_bytes_avail( &ssl ); + extra_len = (int) mbedtls_ssl_get_bytes_avail(&ssl); - larger_buf = mbedtls_calloc( 1, ori_len + extra_len + 1 ); - if( larger_buf == NULL ) - { - mbedtls_printf( " ! memory allocation failed\n" ); + larger_buf = mbedtls_calloc(1, ori_len + extra_len + 1); + if (larger_buf == NULL) { + mbedtls_printf(" ! memory allocation failed\n"); ret = 1; goto reset; } - memset( larger_buf, 0, ori_len + extra_len ); - memcpy( larger_buf, buf, ori_len ); + memset(larger_buf, 0, ori_len + extra_len); + memcpy(larger_buf, buf, ori_len); /* This read should never fail and get the whole cached data */ - ret = mbedtls_ssl_read( &ssl, larger_buf + ori_len, extra_len ); - if( ret != extra_len || - mbedtls_ssl_get_bytes_avail( &ssl ) != 0 ) - { - mbedtls_printf( " ! mbedtls_ssl_read failed on cached data\n" ); + ret = mbedtls_ssl_read(&ssl, larger_buf + ori_len, extra_len); + if (ret != extra_len || + mbedtls_ssl_get_bytes_avail(&ssl) != 0) { + mbedtls_printf(" ! mbedtls_ssl_read failed on cached data\n"); ret = 1; goto reset; } larger_buf[ori_len + extra_len] = '\0'; - mbedtls_printf( " %d bytes read (%d + %d)\n\n%s\n", - ori_len + extra_len, ori_len, extra_len, - (char *) larger_buf ); + mbedtls_printf(" %d bytes read (%d + %d)\n\n%s\n", + ori_len + extra_len, ori_len, extra_len, + (char *) larger_buf); /* End of message should be detected according to the syntax of the * application protocol (eg HTTP), just use a dummy test here. */ - if( larger_buf[ori_len + extra_len - 1] == '\n' ) + if (larger_buf[ori_len + extra_len - 1] == '\n') { terminated = 1; + } - mbedtls_free( larger_buf ); + mbedtls_free(larger_buf); } - if( terminated ) - { + if (terminated) { ret = 0; break; } - } - while( 1 ); - } - else /* Not stream, so datagram */ - { - len = opt.buffer_size - 1; - memset( buf, 0, opt.buffer_size ); + } while (1); + } else { /* Not stream, so datagram */ + len = opt.buffer_size; + memset(buf, 0, opt.buffer_size); - do - { + do { /* Without the call to `mbedtls_ssl_check_pending`, it might * happen that the client sends application data in the same * datagram as the Finished message concluding the handshake. @@ -3550,43 +3404,38 @@ int main( int argc, char *argv[] ) */ /* For event-driven IO, wait for socket to become available */ - if( mbedtls_ssl_check_pending( &ssl ) == 0 && - opt.event == 1 /* level triggered IO */ ) - { + if (mbedtls_ssl_check_pending(&ssl) == 0 && + opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ ); + idle(&client_fd, &timer, MBEDTLS_ERR_SSL_WANT_READ); #else - idle( &client_fd, MBEDTLS_ERR_SSL_WANT_READ ); + idle(&client_fd, MBEDTLS_ERR_SSL_WANT_READ); #endif } - ret = mbedtls_ssl_read( &ssl, buf, len ); + ret = mbedtls_ssl_read(&ssl, buf, len); /* Note that even if `mbedtls_ssl_check_pending` returns true, * it can happen that the subsequent call to `mbedtls_ssl_read` * returns `MBEDTLS_ERR_SSL_WANT_READ`, because the pending messages * might be discarded (e.g. because they are retransmissions). */ - } - while( mbedtls_status_is_ssl_in_progress( ret ) ); + } while (mbedtls_status_is_ssl_in_progress(ret)); - if( ret <= 0 ) - { - switch( ret ) - { + if (ret <= 0) { + switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: - mbedtls_printf( " connection was closed gracefully\n" ); - ret = 0; + mbedtls_printf(" connection was closed gracefully\n"); goto close_notify; default: - mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret ); + mbedtls_printf(" mbedtls_ssl_read returned -0x%x\n", (unsigned int) -ret); goto reset; } } len = ret; buf[len] = '\0'; - mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); + mbedtls_printf(" %d bytes read\n\n%s", len, (char *) buf); ret = 0; } @@ -3595,122 +3444,113 @@ int main( int argc, char *argv[] ) * (only on the first exchange, to be able to test retransmission) */ #if defined(MBEDTLS_SSL_RENEGOTIATION) - if( opt.renegotiate && exchanges_left == opt.exchanges ) - { - mbedtls_printf( " . Requestion renegotiation..." ); - fflush( stdout ); + if (opt.renegotiate && exchanges_left == opt.exchanges) { + mbedtls_printf(" . Requestion renegotiation..."); + fflush(stdout); - while( ( ret = mbedtls_ssl_renegotiate( &ssl ) ) != 0 ) - { - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_renegotiate(&ssl)) != 0) { + if (!mbedtls_status_is_ssl_in_progress(ret)) { + mbedtls_printf(" failed\n ! mbedtls_ssl_renegotiate returned %d\n\n", ret); goto reset; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_RENEGOTIATION */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - ret = report_cid_usage( &ssl, "after renegotiation" ); - if( ret != 0 ) + ret = report_cid_usage(&ssl, "after renegotiation"); + if (ret != 0) { goto exit; + } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ /* * 7. Write the 200 Response */ - mbedtls_printf( " > Write to client:" ); - fflush( stdout ); + mbedtls_printf(" > Write to client:"); + fflush(stdout); - len = sprintf( (char *) buf, HTTP_RESPONSE, - mbedtls_ssl_get_ciphersuite( &ssl ) ); + /* If the format of the response changes, make sure there is enough + * room in buf (buf_content_size calculation above). */ + len = sprintf((char *) buf, HTTP_RESPONSE, + mbedtls_ssl_get_ciphersuite(&ssl)); /* Add padding to the response to reach opt.response_size in length */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len < opt.response_size ) - { - memset( buf + len, 'B', opt.response_size - len ); + if (opt.response_size != DFL_RESPONSE_SIZE && + len < opt.response_size) { + memset(buf + len, 'B', opt.response_size - len); len += opt.response_size - len; } /* Truncate if response size is smaller than the "natural" size */ - if( opt.response_size != DFL_RESPONSE_SIZE && - len > opt.response_size ) - { + if (opt.response_size != DFL_RESPONSE_SIZE && + len > opt.response_size) { len = opt.response_size; /* Still end with \r\n unless that's really not possible */ - if( len >= 2 ) buf[len - 2] = '\r'; - if( len >= 1 ) buf[len - 1] = '\n'; + if (len >= 2) { + buf[len - 2] = '\r'; + } + if (len >= 1) { + buf[len - 1] = '\n'; + } } - if( opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - for( written = 0, frags = 0; written < len; written += ret, frags++ ) - { - while( ( ret = mbedtls_ssl_write( &ssl, buf + written, len - written ) ) - <= 0 ) - { - if( ret == MBEDTLS_ERR_NET_CONN_RESET ) - { - mbedtls_printf( " failed\n ! peer closed the connection\n\n" ); + if (opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM) { + for (written = 0, frags = 0; written < len; written += ret, frags++) { + while ((ret = mbedtls_ssl_write(&ssl, buf + written, len - written)) + <= 0) { + if (ret == MBEDTLS_ERR_NET_CONN_RESET) { + mbedtls_printf(" failed\n ! peer closed the connection\n\n"); goto reset; } - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (!mbedtls_status_is_ssl_in_progress(ret)) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto reset; } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } } - } - else /* Not stream, so datagram */ - { - while( 1 ) - { - ret = mbedtls_ssl_write( &ssl, buf, len ); + } else { /* Not stream, so datagram */ + while (1) { + ret = mbedtls_ssl_write(&ssl, buf, len); - if( ! mbedtls_status_is_ssl_in_progress( ret ) ) + if (!mbedtls_status_is_ssl_in_progress(ret)) { break; + } /* For event-driven IO, wait for socket to become available */ - if( opt.event == 1 /* level triggered IO */ ) - { + if (opt.event == 1 /* level triggered IO */) { #if defined(MBEDTLS_TIMING_C) - idle( &client_fd, &timer, ret ); + idle(&client_fd, &timer, ret); #else - idle( &client_fd, ret ); + idle(&client_fd, ret); #endif } } - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_write returned %d\n\n", ret ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_write returned %d\n\n", ret); goto reset; } @@ -3719,96 +3559,87 @@ int main( int argc, char *argv[] ) } buf[written] = '\0'; - mbedtls_printf( " %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf ); + mbedtls_printf(" %d bytes written in %d fragments\n\n%s\n", written, frags, (char *) buf); ret = 0; /* * 7b. Simulate serialize/deserialize and go back to data exchange */ #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( opt.serialize != 0 ) - { + if (opt.serialize != 0) { size_t buf_len; - mbedtls_printf( " . Serializing live connection..." ); + mbedtls_printf(" . Serializing live connection..."); - ret = mbedtls_ssl_context_save( &ssl, NULL, 0, &buf_len ); - if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + ret = mbedtls_ssl_context_save(&ssl, NULL, 0, &buf_len); + if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - if( ( context_buf = mbedtls_calloc( 1, buf_len ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Couldn't allocate buffer for " - "serialized context" ); + if ((context_buf = mbedtls_calloc(1, buf_len)) == NULL) { + mbedtls_printf(" failed\n ! Couldn't allocate buffer for " + "serialized context"); goto exit; } context_buf_len = buf_len; - if( ( ret = mbedtls_ssl_context_save( &ssl, context_buf, - buf_len, &buf_len ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_context_save returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_save(&ssl, context_buf, + buf_len, &buf_len)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_context_save returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* Save serialized context to the 'opt.context_file' as a base64 code */ - if( 0 < strlen( opt.context_file ) ) - { + if (0 < strlen(opt.context_file)) { FILE *b64_file; uint8_t *b64_buf; size_t b64_len; - mbedtls_printf( " . Save serialized context to a file... " ); + mbedtls_printf(" . Save serialized context to a file... "); - mbedtls_base64_encode( NULL, 0, &b64_len, context_buf, buf_len ); + mbedtls_base64_encode(NULL, 0, &b64_len, context_buf, buf_len); - if( ( b64_buf = mbedtls_calloc( 1, b64_len ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Couldn't allocate buffer for " - "the base64 code\n" ); + if ((b64_buf = mbedtls_calloc(1, b64_len)) == NULL) { + mbedtls_printf("failed\n ! Couldn't allocate buffer for " + "the base64 code\n"); goto exit; } - if( ( ret = mbedtls_base64_encode( b64_buf, b64_len, &b64_len, - context_buf, buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_base64_encode returned " - "-0x%x\n", (unsigned int) -ret ); - mbedtls_free( b64_buf ); + if ((ret = mbedtls_base64_encode(b64_buf, b64_len, &b64_len, + context_buf, buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_base64_encode returned " + "-0x%x\n", (unsigned int) -ret); + mbedtls_free(b64_buf); goto exit; } - if( ( b64_file = fopen( opt.context_file, "w" ) ) == NULL ) - { - mbedtls_printf( "failed\n ! Cannot open '%s' for writing.\n", - opt.context_file ); - mbedtls_free( b64_buf ); + if ((b64_file = fopen(opt.context_file, "w")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for writing.\n", + opt.context_file); + mbedtls_free(b64_buf); goto exit; } - if( b64_len != fwrite( b64_buf, 1, b64_len, b64_file ) ) - { - mbedtls_printf( "failed\n ! fwrite(%ld bytes) failed\n", - (long) b64_len ); - mbedtls_free( b64_buf ); - fclose( b64_file ); + if (b64_len != fwrite(b64_buf, 1, b64_len, b64_file)) { + mbedtls_printf("failed\n ! fwrite(%ld bytes) failed\n", + (long) b64_len); + mbedtls_free(b64_buf); + fclose(b64_file); goto exit; } - mbedtls_free( b64_buf ); - fclose( b64_file ); + mbedtls_free(b64_buf); + fclose(b64_file); - mbedtls_printf( "ok\n" ); + mbedtls_printf("ok\n"); } /* @@ -3818,10 +3649,9 @@ int main( int argc, char *argv[] ) * case you can just reset() it, and then it's ready to receive * serialized data from another connection (or the same here). */ - if( opt.serialize == 1 ) - { + if (opt.serialize == 1) { /* nothing to do here, done by context_save() already */ - mbedtls_printf( " . Context has been reset... ok\n" ); + mbedtls_printf(" . Context has been reset... ok\n"); } /* @@ -3832,18 +3662,16 @@ int main( int argc, char *argv[] ) * teardown/startup code needed - for example, preparing the * ssl_config again (see section 3 "setup stuff" in this file). */ - if( opt.serialize == 2 ) - { - mbedtls_printf( " . Freeing and reinitializing context..." ); + if (opt.serialize == 2) { + mbedtls_printf(" . Freeing and reinitializing context..."); - mbedtls_ssl_free( &ssl ); + mbedtls_ssl_free(&ssl); - mbedtls_ssl_init( &ssl ); + mbedtls_ssl_init(&ssl); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } @@ -3853,60 +3681,62 @@ int main( int argc, char *argv[] ) * if you want to share your set up code between the case of * establishing a new connection and this case. */ - if( opt.nbio == 2 ) - mbedtls_ssl_set_bio( &ssl, &client_fd, delayed_send, - delayed_recv, NULL ); - else - mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, - mbedtls_net_recv, - opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); + if (opt.nbio == 2) { + mbedtls_ssl_set_bio(&ssl, &client_fd, delayed_send, + delayed_recv, NULL); + } else { + mbedtls_ssl_set_bio(&ssl, &client_fd, mbedtls_net_send, + mbedtls_net_recv, + opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL); + } #if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &ssl, &timer, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); + mbedtls_ssl_set_timer_cb(&ssl, &timer, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); #endif /* MBEDTLS_TIMING_C */ - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Deserializing connection..." ); + mbedtls_printf(" . Deserializing connection..."); - if( ( ret = mbedtls_ssl_context_load( &ssl, context_buf, - buf_len ) ) != 0 ) - { - mbedtls_printf( "failed\n ! mbedtls_ssl_context_load returned " - "-0x%x\n\n", (unsigned int) -ret ); + if ((ret = mbedtls_ssl_context_load(&ssl, context_buf, + buf_len)) != 0) { + mbedtls_printf("failed\n ! mbedtls_ssl_context_load returned " + "-0x%x\n\n", (unsigned int) -ret); goto exit; } - mbedtls_free( context_buf ); + mbedtls_free(context_buf); context_buf = NULL; context_buf_len = 0; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ /* * 7c. Continue doing data exchanges? */ - if( --exchanges_left > 0 ) + if (--exchanges_left > 0) { goto data_exchange; + } /* * 8. Done, cleanly close the connection */ close_notify: - mbedtls_printf( " . Closing the connection..." ); + mbedtls_printf(" . Closing the connection..."); /* No error checking, the connection might be closed already */ - do ret = mbedtls_ssl_close_notify( &ssl ); - while( ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + do { + ret = mbedtls_ssl_close_notify(&ssl); + } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); ret = 0; - mbedtls_printf( " done\n" ); + mbedtls_printf(" done\n"); goto reset; @@ -3915,71 +3745,73 @@ int main( int argc, char *argv[] ) */ exit: #ifdef MBEDTLS_ERROR_C - if( ret != 0 ) - { + if (ret != 0) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%X - %s\n\n", (unsigned int) -ret, error_buf); } #endif - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " . Cleaning up..." ); - fflush( stdout ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" . Cleaning up..."); + fflush(stdout); } - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&listen_fd); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free( &cache ); + mbedtls_ssl_cache_free(&cache); #endif -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - mbedtls_ssl_ticket_free( &ticket_ctx ); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + mbedtls_ssl_ticket_free(&ticket_ctx); #endif #if defined(MBEDTLS_SSL_COOKIE_C) - mbedtls_ssl_cookie_free( &cookie_ctx ); + mbedtls_ssl_cookie_free(&cookie_ctx); #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_platform_zeroize( context_buf, context_buf_len ); - mbedtls_free( context_buf ); + if (context_buf != NULL) { + mbedtls_platform_zeroize(context_buf, context_buf_len); + } + mbedtls_free(context_buf); #endif #if defined(SNI_OPTION) - sni_free( sni_info ); + sni_free(sni_info); #endif #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - ret = psk_free( psk_info ); - if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret ); + ret = psk_free(psk_info); + if ((ret != 0) && (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to list of opaque PSKs - error was %d\n", ret); + } #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) - mbedtls_x509_crt_free( &cacert ); - mbedtls_x509_crt_free( &srvcert ); - mbedtls_pk_free( &pkey ); - mbedtls_x509_crt_free( &srvcert2 ); - mbedtls_pk_free( &pkey2 ); +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) + mbedtls_x509_crt_free(&cacert); + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); + mbedtls_x509_crt_free(&srvcert2); + mbedtls_pk_free(&pkey2); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key(key_slot); + psa_destroy_key(key_slot2); +#endif #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO) - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); #endif #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ ) - { - if( ssl_async_keys.slots[i].pk_owned ) - { - mbedtls_pk_free( ssl_async_keys.slots[i].pk ); - mbedtls_free( ssl_async_keys.slots[i].pk ); + for (i = 0; (size_t) i < ssl_async_keys.slots_used; i++) { + if (ssl_async_keys.slots[i].pk_owned) { + mbedtls_pk_free(ssl_async_keys.slots[i].pk); + mbedtls_free(ssl_async_keys.slots[i].pk); ssl_async_keys.slots[i].pk = NULL; } } @@ -3987,30 +3819,28 @@ int main( int argc, char *argv[] ) #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \ defined(MBEDTLS_USE_PSA_CRYPTO) - if( opt.psk_opaque != 0 ) - { + if (opt.psk_opaque != 0) { /* This is ok even if the slot hasn't been * initialized (we might have jumed here * immediately because of bad cmd line params, * for example). */ - status = psa_destroy_key( psk_slot ); - if( ( status != PSA_SUCCESS ) && - ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) ) - { - mbedtls_printf( "Failed to destroy key slot %u - error was %d", - (unsigned) psk_slot, (int) status ); + status = psa_destroy_key(psk_slot); + if ((status != PSA_SUCCESS) && + (opt.query_config_mode == DFL_QUERY_CONFIG_MODE)) { + mbedtls_printf("Failed to destroy key slot %u - error was %d", + (unsigned) psk_slot, (int) status); } } #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED && MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - const char* message = mbedtls_test_helper_is_psa_leaking(); - if( message ) - { - if( ret == 0 ) + const char *message = mbedtls_test_helper_is_psa_leaking(); + if (message) { + if (ret == 0) { ret = 1; - mbedtls_printf( "PSA memory leak detected: %s\n", message); + } + mbedtls_printf("PSA memory leak detected: %s\n", message); } #endif @@ -4018,27 +3848,26 @@ int main( int argc, char *argv[] ) * resources are freed by rng_free(). */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #endif - rng_free( &rng ); + rng_free(&rng); - mbedtls_free( buf ); + mbedtls_free(buf); #if defined(MBEDTLS_TEST_HOOKS) /* Let test hooks detect errors such as resource leaks. * Don't do it in query_config mode, because some test code prints * information to stdout and this gets mixed with the regular output. */ - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - if( test_hooks_failure_detected( ) ) - { - if( ret == 0 ) + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + if (test_hooks_failure_detected()) { + if (ret == 0) { ret = 1; - mbedtls_printf( "Test hooks detected errors.\n" ); + } + mbedtls_printf("Test hooks detected errors.\n"); } } - test_hooks_free( ); + test_hooks_free(); #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) @@ -4048,23 +3877,24 @@ int main( int argc, char *argv[] ) mbedtls_memory_buffer_alloc_free(); #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - { - mbedtls_printf( " done.\n" ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_printf(" done.\n"); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif } // Shell can not handle large exit numbers -> 1 for errors - if( ret < 0 ) + if (ret < 0) { ret = 1; + } - if( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) - mbedtls_exit( ret ); - else - mbedtls_exit( query_config_ret ); + if (opt.query_config_mode == DFL_QUERY_CONFIG_MODE) { + mbedtls_exit(ret); + } else { + mbedtls_exit(query_config_ret); + } } #endif /* !MBEDTLS_SSL_TEST_IMPOSSIBLE && MBEDTLS_SSL_SRV_C */ diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_test_common_source.c b/third_party/mbedtls/repo/programs/ssl/ssl_test_common_source.c index f5d868046c4..8784cf27d6e 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_test_common_source.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_test_common_source.c @@ -9,60 +9,47 @@ * This file is meant to be #include'd and cannot be compiled separately. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -int eap_tls_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +int eap_tls_key_derivation(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - eap_tls_keys *keys = (eap_tls_keys *)p_expkey; + eap_tls_keys *keys = (eap_tls_keys *) p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); - memcpy( keys->randbytes, client_random, 32 ); - memcpy( keys->randbytes + 32, server_random, 32 ); + ((void) kb); + memcpy(keys->master_secret, ms, sizeof(keys->master_secret)); + memcpy(keys->randbytes, client_random, 32); + memcpy(keys->randbytes + 32, server_random, 32); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf("exported maclen is %u\n", (unsigned)maclen); - mbedtls_printf("exported keylen is %u\n", (unsigned)keylen); - mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen); + if (opt.debug_level > 2) { + mbedtls_printf("exported maclen is %u\n", (unsigned) maclen); + mbedtls_printf("exported keylen is %u\n", (unsigned) keylen); + mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen); } - return( 0 ); + return 0; } -int nss_keylog_export( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +int nss_keylog_export(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - char nss_keylog_line[ 200 ]; + char nss_keylog_line[200]; size_t const client_random_len = 32; size_t const master_secret_len = 48; size_t len = 0; @@ -77,138 +64,134 @@ int nss_keylog_export( void *p_expkey, ((void) server_random); ((void) tls_prf_type); - len += sprintf( nss_keylog_line + len, - "%s", "CLIENT_RANDOM " ); + len += sprintf(nss_keylog_line + len, + "%s", "CLIENT_RANDOM "); - for( j = 0; j < client_random_len; j++ ) - { - len += sprintf( nss_keylog_line + len, - "%02x", client_random[j] ); + for (j = 0; j < client_random_len; j++) { + len += sprintf(nss_keylog_line + len, + "%02x", client_random[j]); } - len += sprintf( nss_keylog_line + len, " " ); + len += sprintf(nss_keylog_line + len, " "); - for( j = 0; j < master_secret_len; j++ ) - { - len += sprintf( nss_keylog_line + len, - "%02x", ms[j] ); + for (j = 0; j < master_secret_len; j++) { + len += sprintf(nss_keylog_line + len, + "%02x", ms[j]); } - len += sprintf( nss_keylog_line + len, "\n" ); - nss_keylog_line[ len ] = '\0'; + len += sprintf(nss_keylog_line + len, "\n"); + nss_keylog_line[len] = '\0'; - mbedtls_printf( "\n" ); - mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" ); - mbedtls_printf( "%s", nss_keylog_line ); - mbedtls_printf( "---------------------------------------------\n" ); + mbedtls_printf("\n"); + mbedtls_printf("---------------- NSS KEYLOG -----------------\n"); + mbedtls_printf("%s", nss_keylog_line); + mbedtls_printf("---------------------------------------------\n"); - if( opt.nss_keylog_file != NULL ) - { + if (opt.nss_keylog_file != NULL) { FILE *f; - if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL ) - { + if ((f = fopen(opt.nss_keylog_file, "a")) == NULL) { ret = -1; goto exit; } - if( fwrite( nss_keylog_line, 1, len, f ) != len ) - { + if (fwrite(nss_keylog_line, 1, len, f) != len) { ret = -1; - fclose( f ); + fclose(f); goto exit; } - fclose( f ); + fclose(f); } exit: - mbedtls_platform_zeroize( nss_keylog_line, - sizeof( nss_keylog_line ) ); - return( ret ); + mbedtls_platform_zeroize(nss_keylog_line, + sizeof(nss_keylog_line)); + return ret; } -#if defined( MBEDTLS_SSL_DTLS_SRTP ) -int dtls_srtp_key_derivation( void *p_expkey, - const unsigned char *ms, - const unsigned char *kb, - size_t maclen, - size_t keylen, - size_t ivlen, - const unsigned char client_random[32], - const unsigned char server_random[32], - mbedtls_tls_prf_types tls_prf_type ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) +int dtls_srtp_key_derivation(void *p_expkey, + const unsigned char *ms, + const unsigned char *kb, + size_t maclen, + size_t keylen, + size_t ivlen, + const unsigned char client_random[32], + const unsigned char server_random[32], + mbedtls_tls_prf_types tls_prf_type) { - dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey; + dtls_srtp_keys *keys = (dtls_srtp_keys *) p_expkey; - ( ( void ) kb ); - memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) ); - memcpy( keys->randbytes, client_random, 32 ); - memcpy( keys->randbytes + 32, server_random, 32 ); + ((void) kb); + memcpy(keys->master_secret, ms, sizeof(keys->master_secret)); + memcpy(keys->randbytes, client_random, 32); + memcpy(keys->randbytes + 32, server_random, 32); keys->tls_prf_type = tls_prf_type; - if( opt.debug_level > 2 ) - { - mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen ); - mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen ); - mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen ); + if (opt.debug_level > 2) { + mbedtls_printf("exported maclen is %u\n", (unsigned) maclen); + mbedtls_printf("exported keylen is %u\n", (unsigned) keylen); + mbedtls_printf("exported ivlen is %u\n", (unsigned) ivlen); } - return( 0 ); + return 0; } #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) -int ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char const *buf, size_t len ) +int ssl_check_record(mbedtls_ssl_context const *ssl, + unsigned char const *buf, size_t len) { int my_ret = 0, ret_cr1, ret_cr2; unsigned char *tmp_buf; /* Record checking may modify the input buffer, * so make a copy. */ - tmp_buf = mbedtls_calloc( 1, len ); - if( tmp_buf == NULL ) - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - memcpy( tmp_buf, buf, len ); - - ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ) - { + tmp_buf = mbedtls_calloc(1, len); + if (tmp_buf == NULL) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + memcpy(tmp_buf, buf, len); + + ret_cr1 = mbedtls_ssl_check_record(ssl, tmp_buf, len); + if (ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) { /* Test-only: Make sure that mbedtls_ssl_check_record() * doesn't alter state. */ - memcpy( tmp_buf, buf, len ); /* Restore buffer */ - ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len ); - if( ret_cr2 != ret_cr1 ) - { - mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" ); + memcpy(tmp_buf, buf, len); /* Restore buffer */ + ret_cr2 = mbedtls_ssl_check_record(ssl, tmp_buf, len); + if (ret_cr2 != ret_cr1) { + mbedtls_printf("mbedtls_ssl_check_record() returned inconsistent results.\n"); my_ret = -1; goto cleanup; } - switch( ret_cr1 ) - { + switch (ret_cr1) { case 0: break; case MBEDTLS_ERR_SSL_INVALID_RECORD: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected invalid record.\n"); + } break; case MBEDTLS_ERR_SSL_INVALID_MAC: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected unauthentic record.\n"); + } break; case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD: - if( opt.debug_level > 1 ) - mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" ); + if (opt.debug_level > 1) { + mbedtls_printf("mbedtls_ssl_check_record() detected unexpected record.\n"); + } break; default: - mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 ); + mbedtls_printf("mbedtls_ssl_check_record() failed fatally with -%#04x.\n", + (unsigned int) -ret_cr1); my_ret = -1; goto cleanup; } @@ -217,74 +200,78 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, } cleanup: - mbedtls_free( tmp_buf ); + mbedtls_free(tmp_buf); - return( my_ret ); + return my_ret; } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ -int recv_cb( void *ctx, unsigned char *buf, size_t len ) +int recv_cb(void *ctx, unsigned char *buf, size_t len) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; size_t recv_len; int ret; - if( opt.nbio == 2 ) - ret = delayed_recv( io_ctx->net, buf, len ); - else - ret = mbedtls_net_recv( io_ctx->net, buf, len ); - if( ret < 0 ) - return( ret ); + if (opt.nbio == 2) { + ret = delayed_recv(io_ctx->net, buf, len); + } else { + ret = mbedtls_net_recv(io_ctx->net, buf, len); + } + if (ret < 0) { + return ret; + } recv_len = (size_t) ret; - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) - return( -1 ); + if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) { + return -1; + } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ } - return( (int) recv_len ); + return (int) recv_len; } -int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len, - uint32_t timeout ) +int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len, + uint32_t timeout) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; int ret; size_t recv_len; - ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout ); - if( ret < 0 ) - return( ret ); + ret = mbedtls_net_recv_timeout(io_ctx->net, buf, len, timeout); + if (ret < 0) { + return ret; + } recv_len = (size_t) ret; - if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { + if (opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ #if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) - return( -1 ); + if (ssl_check_record(io_ctx->ssl, buf, recv_len) != 0) { + return -1; + } #endif /* MBEDTLS_SSL_RECORD_CHECKING */ } - return( (int) recv_len ); + return (int) recv_len; } -int send_cb( void *ctx, unsigned char const *buf, size_t len ) +int send_cb(void *ctx, unsigned char const *buf, size_t len) { - io_ctx_t *io_ctx = (io_ctx_t*) ctx; + io_ctx_t *io_ctx = (io_ctx_t *) ctx; - if( opt.nbio == 2 ) - return( delayed_send( io_ctx->net, buf, len ) ); + if (opt.nbio == 2) { + return delayed_send(io_ctx->net, buf, len); + } - return( mbedtls_net_send( io_ctx->net, buf, len ) ); + return mbedtls_net_send(io_ctx->net, buf, len); } #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.c b/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.c index 1bb9d6162fa..839b4455c3a 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.c +++ b/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.c @@ -5,19 +5,7 @@ * that cannot be compiled separately in "ssl_test_common_source.c". * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "ssl_test_lib.h" @@ -28,97 +16,99 @@ #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) -void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { const char *p, *basename; /* Extract basename from file */ - for( p = basename = file; *p != '\0'; p++ ) - if( *p == '/' || *p == '\\' ) + for (p = basename = file; *p != '\0'; p++) { + if (*p == '/' || *p == '\\') { basename = p + 1; + } + } - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: |%d| %s", - basename, line, level, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: |%d| %s", + basename, line, level, str); + fflush((FILE *) ctx); } -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) +#if defined(MBEDTLS_HAVE_TIME) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) { (void) time; return 0x5af2a056; } +#endif #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) -static int dummy_entropy( void *data, unsigned char *output, size_t len ) +static int dummy_entropy(void *data, unsigned char *output, size_t len) { size_t i; int ret; (void) data; - ret = mbedtls_entropy_func( data, output, len ); - for( i = 0; i < len; i++ ) - { + ret = mbedtls_entropy_func(data, output, len); + for (i = 0; i < len; i++) { //replace result with pseudo random output[i] = (unsigned char) rand(); } - return( ret ); + return ret; } #endif -void rng_init( rng_context_t *rng ) +void rng_init(rng_context_t *rng) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) rng; - psa_crypto_init( ); + psa_crypto_init(); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init( &rng->drbg ); + mbedtls_ctr_drbg_init(&rng->drbg); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init( &rng->drbg ); + mbedtls_hmac_drbg_init(&rng->drbg); #else #error "No DRBG available" #endif - mbedtls_entropy_init( &rng->entropy ); + mbedtls_entropy_init(&rng->entropy); #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ } -int rng_seed( rng_context_t *rng, int reproducible, const char *pers ) +int rng_seed(rng_context_t *rng, int reproducible, const char *pers) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( reproducible ) - { - mbedtls_fprintf( stderr, - "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n" ); - return( -1 ); + if (reproducible) { + mbedtls_fprintf(stderr, + "MBEDTLS_USE_PSA_CRYPTO does not support reproducible mode.\n"); + return -1; } #endif #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) /* The PSA crypto RNG does its own seeding. */ (void) rng; (void) pers; - if( reproducible ) - { - mbedtls_fprintf( stderr, - "The PSA RNG does not support reproducible mode.\n" ); - return( -1 ); + if (reproducible) { + mbedtls_fprintf(stderr, + "The PSA RNG does not support reproducible mode.\n"); + return -1; } - return( 0 ); + return 0; #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ - int ( *f_entropy )( void *, unsigned char *, size_t ) = - ( reproducible ? dummy_entropy : mbedtls_entropy_func ); + int (*f_entropy)(void *, unsigned char *, size_t) = + (reproducible ? dummy_entropy : mbedtls_entropy_func); - if ( reproducible ) - srand( 1 ); + if (reproducible) { + srand(1); + } #if defined(MBEDTLS_CTR_DRBG_C) - int ret = mbedtls_ctr_drbg_seed( &rng->drbg, - f_entropy, &rng->entropy, - (const unsigned char *) pers, - strlen( pers ) ); + int ret = mbedtls_ctr_drbg_seed(&rng->drbg, + f_entropy, &rng->entropy, + (const unsigned char *) pers, + strlen(pers)); #elif defined(MBEDTLS_HMAC_DRBG_C) #if defined(MBEDTLS_SHA256_C) const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256; @@ -127,61 +117,60 @@ int rng_seed( rng_context_t *rng, int reproducible, const char *pers ) #else #error "No message digest available for HMAC_DRBG" #endif - int ret = mbedtls_hmac_drbg_seed( &rng->drbg, - mbedtls_md_info_from_type( md_type ), - f_entropy, &rng->entropy, - (const unsigned char *) pers, - strlen( pers ) ); + int ret = mbedtls_hmac_drbg_seed(&rng->drbg, + mbedtls_md_info_from_type(md_type), + f_entropy, &rng->entropy, + (const unsigned char *) pers, + strlen(pers)); #else /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */ #error "No DRBG available" #endif /* !defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_HMAC_DRBG_C) */ - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", - (unsigned int) -ret ); - return( ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%x\n", + (unsigned int) -ret); + return ret; } #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ - return( 0 ); + return 0; } -void rng_free( rng_context_t *rng ) +void rng_free(rng_context_t *rng) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) rng; /* Deinitialize the PSA crypto subsystem. This deactivates all PSA APIs. * This is ok because none of our applications try to do any crypto after * deinitializing the RNG. */ - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ #if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free( &rng->drbg ); + mbedtls_ctr_drbg_free(&rng->drbg); #elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free( &rng->drbg ); + mbedtls_hmac_drbg_free(&rng->drbg); #else #error "No DRBG available" #endif - mbedtls_entropy_free( &rng->entropy ); + mbedtls_entropy_free(&rng->entropy); #endif /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ } -int rng_get( void *p_rng, unsigned char *output, size_t output_len ) +int rng_get(void *p_rng, unsigned char *output, size_t output_len) { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) (void) p_rng; - return( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, output_len ) ); + return mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, output_len); #else /* !MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ rng_context_t *rng = p_rng; #if defined(MBEDTLS_CTR_DRBG_C) - return( mbedtls_ctr_drbg_random( &rng->drbg, output, output_len ) ); + return mbedtls_ctr_drbg_random(&rng->drbg, output, output_len); #elif defined(MBEDTLS_HMAC_DRBG_C) - return( mbedtls_hmac_drbg_random( &rng->drbg, output, output_len ) ); + return mbedtls_hmac_drbg_random(&rng->drbg, output, output_len); #else #error "No DRBG available" #endif @@ -190,8 +179,8 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len ) } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ) +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates) { int ret = 0; mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; @@ -207,25 +196,21 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, * and parent `Subject` field or matching key identifiers. */ ((void) child); - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { + first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (first == NULL) { ret = -1; goto exit; } - mbedtls_x509_crt_init( first ); + mbedtls_x509_crt_init(first); - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } - while( ca->next != NULL ) - { + while (ca->next != NULL) { ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } @@ -233,122 +218,123 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, exit: - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); + if (ret != 0) { + mbedtls_x509_crt_free(first); + mbedtls_free(first); first = NULL; } *candidates = first; - return( ret ); + return ret; } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int delayed_recv( void *ctx, unsigned char *buf, size_t len ) +int delayed_recv(void *ctx, unsigned char *buf, size_t len) { static int first_try = 1; int ret; - if( first_try ) - { + if (first_try) { first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_READ ); + return MBEDTLS_ERR_SSL_WANT_READ; } - ret = mbedtls_net_recv( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_READ ) + ret = mbedtls_net_recv(ctx, buf, len); + if (ret != MBEDTLS_ERR_SSL_WANT_READ) { first_try = 1; /* Next call will be a new operation */ - return( ret ); + } + return ret; } -int delayed_send( void *ctx, const unsigned char *buf, size_t len ) +int delayed_send(void *ctx, const unsigned char *buf, size_t len) { static int first_try = 1; int ret; - if( first_try ) - { + if (first_try) { first_try = 0; - return( MBEDTLS_ERR_SSL_WANT_WRITE ); + return MBEDTLS_ERR_SSL_WANT_WRITE; } - ret = mbedtls_net_send( ctx, buf, len ); - if( ret != MBEDTLS_ERR_SSL_WANT_WRITE ) + ret = mbedtls_net_send(ctx, buf, len); + if (ret != MBEDTLS_ERR_SSL_WANT_WRITE) { first_try = 1; /* Next call will be a new operation */ - return( ret ); + } + return ret; } #if !defined(MBEDTLS_TIMING_C) -int idle( mbedtls_net_context *fd, - int idle_reason ) +int idle(mbedtls_net_context *fd, + int idle_reason) #else -int idle( mbedtls_net_context *fd, - mbedtls_timing_delay_context *timer, - int idle_reason ) +int idle(mbedtls_net_context *fd, + mbedtls_timing_delay_context *timer, + int idle_reason) #endif { int ret; int poll_type = 0; - if( idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE ) + if (idle_reason == MBEDTLS_ERR_SSL_WANT_WRITE) { poll_type = MBEDTLS_NET_POLL_WRITE; - else if( idle_reason == MBEDTLS_ERR_SSL_WANT_READ ) + } else if (idle_reason == MBEDTLS_ERR_SSL_WANT_READ) { poll_type = MBEDTLS_NET_POLL_READ; + } #if !defined(MBEDTLS_TIMING_C) - else - return( 0 ); + else { + return 0; + } #endif - while( 1 ) - { + while (1) { /* Check if timer has expired */ #if defined(MBEDTLS_TIMING_C) - if( timer != NULL && - mbedtls_timing_get_delay( timer ) == 2 ) - { + if (timer != NULL && + mbedtls_timing_get_delay(timer) == 2) { break; } #endif /* MBEDTLS_TIMING_C */ /* Check if underlying transport became available */ - if( poll_type != 0 ) - { - ret = mbedtls_net_poll( fd, poll_type, 0 ); - if( ret < 0 ) - return( ret ); - if( ret == poll_type ) + if (poll_type != 0) { + ret = mbedtls_net_poll(fd, poll_type, 0); + if (ret < 0) { + return ret; + } + if (ret == poll_type) { break; + } } } - return( 0 ); + return 0; } #if defined(MBEDTLS_TEST_HOOKS) -void test_hooks_init( void ) +void test_hooks_init(void) { - mbedtls_test_info_reset( ); + mbedtls_test_info_reset(); #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_init( ); + mbedtls_test_mutex_usage_init(); #endif } -int test_hooks_failure_detected( void ) +int test_hooks_failure_detected(void) { #if defined(MBEDTLS_TEST_MUTEX_USAGE) /* Errors are reported via mbedtls_test_info. */ - mbedtls_test_mutex_usage_check( ); + mbedtls_test_mutex_usage_check(); #endif - if( mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS ) - return( 1 ); - return( 0 ); + if (mbedtls_test_info.result != MBEDTLS_TEST_RESULT_SUCCESS) { + return 1; + } + return 0; } -void test_hooks_free( void ) +void test_hooks_free(void) { } diff --git a/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.h b/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.h index 98751a0f03e..abce760d454 100644 --- a/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.h +++ b/third_party/mbedtls/repo/programs/ssl/ssl_test_lib.h @@ -2,56 +2,31 @@ * Common code for SSL test programs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H #define MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H +#include "mbedtls/version.h" + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_printf printf -#define mbedtls_fprintf fprintf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #undef HAVE_RNG #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ - ( defined(MBEDTLS_USE_PSA_CRYPTO) || \ - defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) ) + (defined(MBEDTLS_USE_PSA_CRYPTO) || \ + defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG)) #define HAVE_RNG #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) #define HAVE_RNG #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ - ( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) + (defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C)) #define HAVE_RNG #endif @@ -101,14 +76,13 @@ #if defined(MBEDTLS_SSL_EXPORT_KEYS) -typedef struct eap_tls_keys -{ +typedef struct eap_tls_keys { unsigned char master_secret[48]; unsigned char randbytes[64]; mbedtls_tls_prf_types tls_prf_type; } eap_tls_keys; -#if defined( MBEDTLS_SSL_DTLS_SRTP ) +#if defined(MBEDTLS_SSL_DTLS_SRTP) /* Supported SRTP mode needs a maximum of : * - 16 bytes for key (AES-128) @@ -117,8 +91,7 @@ typedef struct eap_tls_keys */ #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60 -typedef struct dtls_srtp_keys -{ +typedef struct dtls_srtp_keys { unsigned char master_secret[48]; unsigned char randbytes[64]; mbedtls_tls_prf_types tls_prf_type; @@ -128,17 +101,18 @@ typedef struct dtls_srtp_keys #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -typedef struct -{ +typedef struct { mbedtls_ssl_context *ssl; mbedtls_net_context *net; } io_ctx_t; -void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ); +void my_debug(void *ctx, int level, + const char *file, int line, + const char *str); -mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +#if defined(MBEDTLS_HAVE_TIME) +mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use @@ -167,8 +141,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); /** A context for random number generation (RNG). */ -typedef struct -{ +typedef struct { #if defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) unsigned char dummy; #else /* MBEDTLS_TEST_USE_PSA_CRYPTO_RNG */ @@ -188,7 +161,7 @@ typedef struct * This function only initializes the memory used by the RNG context. * Before using the RNG, it must be seeded with rng_seed(). */ -void rng_init( rng_context_t *rng ); +void rng_init(rng_context_t *rng); /* Seed the random number generator. * @@ -204,14 +177,14 @@ void rng_init( rng_context_t *rng ); * * return 0 on success, a negative value on error. */ -int rng_seed( rng_context_t *rng, int reproducible, const char *pers ); +int rng_seed(rng_context_t *rng, int reproducible, const char *pers); /** Deinitialize the RNG. Free any embedded resource. * * \param rng The RNG context to deinitialize. It must have been * initialized with rng_init(). */ -void rng_free( rng_context_t *rng ); +void rng_free(rng_context_t *rng); /** Generate random data. * @@ -226,7 +199,7 @@ void rng_free( rng_context_t *rng ); * \return \c 0 on success. * \return An Mbed TLS error code on error. */ -int rng_get( void *p_rng, unsigned char *output, size_t output_len ); +int rng_get(void *p_rng, unsigned char *output, size_t output_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /* The test implementation of the PSA external RNG is insecure. When @@ -237,31 +210,31 @@ int rng_get( void *p_rng, unsigned char *output, size_t output_len ); #endif #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ); +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates); #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ /* * Test recv/send functions that make sure each try returns - * WANT_READ/WANT_WRITE at least once before sucesseding + * WANT_READ/WANT_WRITE at least once before succeeding */ -int delayed_recv( void *ctx, unsigned char *buf, size_t len ); -int delayed_send( void *ctx, const unsigned char *buf, size_t len ); +int delayed_recv(void *ctx, unsigned char *buf, size_t len); +int delayed_send(void *ctx, const unsigned char *buf, size_t len); /* * Wait for an event from the underlying transport or the timer * (Used in event-driven IO mode). */ -int idle( mbedtls_net_context *fd, +int idle(mbedtls_net_context *fd, #if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context *timer, + mbedtls_timing_delay_context *timer, #endif - int idle_reason ); + int idle_reason); #if defined(MBEDTLS_TEST_HOOKS) /** Initialize whatever test hooks are enabled by the compile-time * configuration and make sense for the TLS test programs. */ -void test_hooks_init( void ); +void test_hooks_init(void); /** Check if any test hooks detected a problem. * @@ -279,14 +252,14 @@ void test_hooks_init( void ); * \return Nonzero if a problem was detected. * \c 0 if no problem was detected. */ -int test_hooks_failure_detected( void ); +int test_hooks_failure_detected(void); /** Free any resources allocated for the sake of test hooks. * * Call this at the end of the program so that resource leak analyzers * don't complain. */ -void test_hooks_free( void ); +void test_hooks_free(void); #endif /* !MBEDTLS_TEST_HOOKS */ diff --git a/third_party/mbedtls/repo/programs/test/benchmark.c b/third_party/mbedtls/repo/programs/test/benchmark.c index 88c9e65c53f..a15aa218ad8 100644 --- a/third_party/mbedtls/repo/programs/test/benchmark.c +++ b/third_party/mbedtls/repo/programs/test/benchmark.c @@ -2,19 +2,7 @@ * Benchmark demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -24,19 +12,12 @@ #endif #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#include -#include -#define mbedtls_exit exit -#define mbedtls_printf printf -#define mbedtls_free free -#endif #if !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_TIMING_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else @@ -85,7 +66,7 @@ int main( void ) * block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block, * so use that as our baseline. */ -#define MEM_BLOCK_OVERHEAD ( 2 * sizeof( size_t ) ) +#define MEM_BLOCK_OVERHEAD (2 * sizeof(size_t)) /* * Size to use for the alloc buffer if MEMORY_BUFFER_ALLOC_C is defined. @@ -106,45 +87,45 @@ int main( void ) #if defined(MBEDTLS_ERROR_C) #define PRINT_ERROR \ - mbedtls_strerror( ret, ( char * )tmp, sizeof( tmp ) ); \ - mbedtls_printf( "FAILED: %s\n", tmp ); + mbedtls_strerror(ret, (char *) tmp, sizeof(tmp)); \ + mbedtls_printf("FAILED: %s\n", tmp); #else #define PRINT_ERROR \ - mbedtls_printf( "FAILED: -0x%04x\n", (unsigned int) -ret ); + mbedtls_printf("FAILED: -0x%04x\n", (unsigned int) -ret); #endif -#define TIME_AND_TSC( TITLE, CODE ) \ -do { \ - unsigned long ii, jj, tsc; \ - int ret = 0; \ +#define TIME_AND_TSC(TITLE, CODE) \ + do { \ + unsigned long ii, jj, tsc; \ + int ret = 0; \ \ - mbedtls_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ + mbedtls_printf(HEADER_FORMAT, TITLE); \ + fflush(stdout); \ \ - mbedtls_set_alarm( 1 ); \ - for( ii = 1; ret == 0 && ! mbedtls_timing_alarmed; ii++ ) \ - { \ - ret = CODE; \ - } \ + mbedtls_set_alarm(1); \ + for (ii = 1; ret == 0 && !mbedtls_timing_alarmed; ii++) \ + { \ + ret = CODE; \ + } \ \ - tsc = mbedtls_timing_hardclock(); \ - for( jj = 0; ret == 0 && jj < 1024; jj++ ) \ - { \ - ret = CODE; \ - } \ + tsc = mbedtls_timing_hardclock(); \ + for (jj = 0; ret == 0 && jj < 1024; jj++) \ + { \ + ret = CODE; \ + } \ \ - if( ret != 0 ) \ - { \ - PRINT_ERROR; \ - } \ - else \ - { \ - mbedtls_printf( "%9lu KiB/s, %9lu cycles/byte\n", \ - ii * BUFSIZE / 1024, \ - ( mbedtls_timing_hardclock() - tsc ) \ - / ( jj * BUFSIZE ) ); \ - } \ -} while( 0 ) + if (ret != 0) \ + { \ + PRINT_ERROR; \ + } \ + else \ + { \ + mbedtls_printf("%9lu KiB/s, %9lu cycles/byte\n", \ + ii * BUFSIZE / 1024, \ + (mbedtls_timing_hardclock() - tsc) \ + / (jj * BUFSIZE)); \ + } \ + } while (0) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && defined(MBEDTLS_MEMORY_DEBUG) @@ -152,97 +133,99 @@ do { \ * Updated manually as the output of the following command: * * sed -n 's/.*[T]IME_PUBLIC.*"\(.*\)",/\1/p' programs/test/benchmark.c | - * awk '{print length+2}' | sort -rn | head -n1 + * awk '{print length+3}' | sort -rn | head -n1 * - * This computes the maximum length of a title +2 (because we appends "/s"). - * (If the value is too small, the only consequence is poor alignement.) */ -#define TITLE_SPACE 16 + * This computes the maximum length of a title +3, because we appends "/s" and + * want at least one space. (If the value is too small, the only consequence + * is poor alignment.) */ +#define TITLE_SPACE 17 #define MEMORY_MEASURE_INIT \ size_t max_used, max_blocks, max_bytes; \ size_t prv_used, prv_blocks; \ - mbedtls_memory_buffer_alloc_cur_get( &prv_used, &prv_blocks ); \ - mbedtls_memory_buffer_alloc_max_reset( ); + mbedtls_memory_buffer_alloc_cur_get(&prv_used, &prv_blocks); \ + mbedtls_memory_buffer_alloc_max_reset(); -#define MEMORY_MEASURE_PRINT( title_len ) \ - mbedtls_memory_buffer_alloc_max_get( &max_used, &max_blocks ); \ +#define MEMORY_MEASURE_PRINT(title_len) \ + mbedtls_memory_buffer_alloc_max_get(&max_used, &max_blocks); \ ii = TITLE_SPACE > (title_len) ? TITLE_SPACE - (title_len) : 1; \ - while( ii-- ) mbedtls_printf( " " ); \ + while (ii--) mbedtls_printf(" "); \ max_used -= prv_used; \ max_blocks -= prv_blocks; \ max_bytes = max_used + MEM_BLOCK_OVERHEAD * max_blocks; \ - mbedtls_printf( "%6u heap bytes", (unsigned) max_bytes ); + mbedtls_printf("%6u heap bytes", (unsigned) max_bytes); #else #define MEMORY_MEASURE_INIT -#define MEMORY_MEASURE_PRINT( title_len ) +#define MEMORY_MEASURE_PRINT(title_len) #endif -#define TIME_PUBLIC( TITLE, TYPE, CODE ) \ -do { \ - unsigned long ii; \ - int ret; \ - MEMORY_MEASURE_INIT; \ +#define TIME_PUBLIC(TITLE, TYPE, CODE) \ + do { \ + unsigned long ii; \ + int ret; \ + MEMORY_MEASURE_INIT; \ \ - mbedtls_printf( HEADER_FORMAT, TITLE ); \ - fflush( stdout ); \ - mbedtls_set_alarm( 3 ); \ + mbedtls_printf(HEADER_FORMAT, TITLE); \ + fflush(stdout); \ + mbedtls_set_alarm(3); \ \ - ret = 0; \ - for( ii = 1; ! mbedtls_timing_alarmed && ! ret ; ii++ ) \ - { \ - CODE; \ - } \ + ret = 0; \ + for (ii = 1; !mbedtls_timing_alarmed && !ret; ii++) \ + { \ + CODE; \ + } \ \ - if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) \ - { \ - mbedtls_printf( "Feature Not Supported. Skipping.\n" ); \ - ret = 0; \ - } \ - else if( ret != 0 ) \ - { \ - PRINT_ERROR; \ - } \ - else \ - { \ - mbedtls_printf( "%6lu " TYPE "/s", ii / 3 ); \ - MEMORY_MEASURE_PRINT( sizeof( TYPE ) + 1 ); \ - mbedtls_printf( "\n" ); \ - } \ -} while( 0 ) - -static int myrand( void *rng_state, unsigned char *output, size_t len ) + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) \ + { \ + mbedtls_printf("Feature Not Supported. Skipping.\n"); \ + ret = 0; \ + } \ + else if (ret != 0) \ + { \ + PRINT_ERROR; \ + } \ + else \ + { \ + mbedtls_printf("%6lu " TYPE "/s", ii / 3); \ + MEMORY_MEASURE_PRINT(sizeof(TYPE) + 1); \ + mbedtls_printf("\n"); \ + } \ + } while (0) + +static int myrand(void *rng_state, unsigned char *output, size_t len) { size_t use_len; int rnd; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - while( len > 0 ) - { + while (len > 0) { use_len = len; - if( use_len > sizeof(int) ) + if (use_len > sizeof(int)) { use_len = sizeof(int); + } rnd = rand(); - memcpy( output, &rnd, use_len ); + memcpy(output, &rnd, use_len); output += use_len; len -= use_len; } - return( 0 ); + return 0; } -#define CHECK_AND_CONTINUE( R ) \ +#define CHECK_AND_CONTINUE(R) \ { \ - int CHECK_AND_CONTINUE_ret = ( R ); \ - if( CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) { \ - mbedtls_printf( "Feature not supported. Skipping.\n" ); \ + int CHECK_AND_CONTINUE_ret = (R); \ + if (CHECK_AND_CONTINUE_ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) { \ + mbedtls_printf("Feature not supported. Skipping.\n"); \ continue; \ } \ - else if( CHECK_AND_CONTINUE_ret != 0 ) { \ - mbedtls_exit( 1 ); \ + else if (CHECK_AND_CONTINUE_ret != 0) { \ + mbedtls_exit(1); \ } \ } @@ -250,34 +233,33 @@ static int myrand( void *rng_state, unsigned char *output, size_t len ) * Clear some memory that was used to prepare the context */ #if defined(MBEDTLS_ECP_C) -void ecp_clear_precomputed( mbedtls_ecp_group *grp ) +void ecp_clear_precomputed(mbedtls_ecp_group *grp) { - if( grp->T != NULL ) - { + if (grp->T != NULL) { size_t i; - for( i = 0; i < grp->T_size; i++ ) - mbedtls_ecp_point_free( &grp->T[i] ); - mbedtls_free( grp->T ); + for (i = 0; i < grp->T_size; i++) { + mbedtls_ecp_point_free(&grp->T[i]); + } + mbedtls_free(grp->T); } grp->T = NULL; grp->T_size = 0; } #else -#define ecp_clear_precomputed( g ) +#define ecp_clear_precomputed(g) #endif #if defined(MBEDTLS_ECP_C) -static int set_ecp_curve( const char *string, mbedtls_ecp_curve_info *curve ) +static int set_ecp_curve(const char *string, mbedtls_ecp_curve_info *curve) { const mbedtls_ecp_curve_info *found = - mbedtls_ecp_curve_info_from_name( string ); - if( found != NULL ) - { + mbedtls_ecp_curve_info_from_name(string); + if (found != NULL) { *curve = *found; - return( 1 ); + return 1; + } else { + return 0; } - else - return( 0 ); } #endif @@ -295,7 +277,7 @@ typedef struct { } todo_list; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int i; unsigned char tmp[200]; @@ -309,513 +291,498 @@ int main( int argc, char *argv[] ) { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, { MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, }; - const mbedtls_ecp_curve_info *curve_list = mbedtls_ecp_curve_list( ); + const mbedtls_ecp_curve_info *curve_list = mbedtls_ecp_curve_list(); #endif #if defined(MBEDTLS_ECP_C) (void) curve_list; /* Unused in some configurations where no benchmark uses ECC */ #endif - if( argc <= 1 ) - { - memset( &todo, 1, sizeof( todo ) ); - } - else - { - memset( &todo, 0, sizeof( todo ) ); + if (argc <= 1) { + memset(&todo, 1, sizeof(todo)); + } else { + memset(&todo, 0, sizeof(todo)); - for( i = 1; i < argc; i++ ) - { - if( strcmp( argv[i], "md4" ) == 0 ) + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "md4") == 0) { todo.md4 = 1; - else if( strcmp( argv[i], "md5" ) == 0 ) + } else if (strcmp(argv[i], "md5") == 0) { todo.md5 = 1; - else if( strcmp( argv[i], "ripemd160" ) == 0 ) + } else if (strcmp(argv[i], "ripemd160") == 0) { todo.ripemd160 = 1; - else if( strcmp( argv[i], "sha1" ) == 0 ) + } else if (strcmp(argv[i], "sha1") == 0) { todo.sha1 = 1; - else if( strcmp( argv[i], "sha256" ) == 0 ) + } else if (strcmp(argv[i], "sha256") == 0) { todo.sha256 = 1; - else if( strcmp( argv[i], "sha512" ) == 0 ) + } else if (strcmp(argv[i], "sha512") == 0) { todo.sha512 = 1; - else if( strcmp( argv[i], "arc4" ) == 0 ) + } else if (strcmp(argv[i], "arc4") == 0) { todo.arc4 = 1; - else if( strcmp( argv[i], "des3" ) == 0 ) + } else if (strcmp(argv[i], "des3") == 0) { todo.des3 = 1; - else if( strcmp( argv[i], "des" ) == 0 ) + } else if (strcmp(argv[i], "des") == 0) { todo.des = 1; - else if( strcmp( argv[i], "aes_cbc" ) == 0 ) + } else if (strcmp(argv[i], "aes_cbc") == 0) { todo.aes_cbc = 1; - else if( strcmp( argv[i], "aes_xts" ) == 0 ) + } else if (strcmp(argv[i], "aes_xts") == 0) { todo.aes_xts = 1; - else if( strcmp( argv[i], "aes_gcm" ) == 0 ) + } else if (strcmp(argv[i], "aes_gcm") == 0) { todo.aes_gcm = 1; - else if( strcmp( argv[i], "aes_ccm" ) == 0 ) + } else if (strcmp(argv[i], "aes_ccm") == 0) { todo.aes_ccm = 1; - else if( strcmp( argv[i], "chachapoly" ) == 0 ) + } else if (strcmp(argv[i], "chachapoly") == 0) { todo.chachapoly = 1; - else if( strcmp( argv[i], "aes_cmac" ) == 0 ) + } else if (strcmp(argv[i], "aes_cmac") == 0) { todo.aes_cmac = 1; - else if( strcmp( argv[i], "des3_cmac" ) == 0 ) + } else if (strcmp(argv[i], "des3_cmac") == 0) { todo.des3_cmac = 1; - else if( strcmp( argv[i], "aria" ) == 0 ) + } else if (strcmp(argv[i], "aria") == 0) { todo.aria = 1; - else if( strcmp( argv[i], "camellia" ) == 0 ) + } else if (strcmp(argv[i], "camellia") == 0) { todo.camellia = 1; - else if( strcmp( argv[i], "blowfish" ) == 0 ) + } else if (strcmp(argv[i], "blowfish") == 0) { todo.blowfish = 1; - else if( strcmp( argv[i], "chacha20" ) == 0 ) + } else if (strcmp(argv[i], "chacha20") == 0) { todo.chacha20 = 1; - else if( strcmp( argv[i], "poly1305" ) == 0 ) + } else if (strcmp(argv[i], "poly1305") == 0) { todo.poly1305 = 1; - else if( strcmp( argv[i], "havege" ) == 0 ) + } else if (strcmp(argv[i], "havege") == 0) { todo.havege = 1; - else if( strcmp( argv[i], "ctr_drbg" ) == 0 ) + } else if (strcmp(argv[i], "ctr_drbg") == 0) { todo.ctr_drbg = 1; - else if( strcmp( argv[i], "hmac_drbg" ) == 0 ) + } else if (strcmp(argv[i], "hmac_drbg") == 0) { todo.hmac_drbg = 1; - else if( strcmp( argv[i], "rsa" ) == 0 ) + } else if (strcmp(argv[i], "rsa") == 0) { todo.rsa = 1; - else if( strcmp( argv[i], "dhm" ) == 0 ) + } else if (strcmp(argv[i], "dhm") == 0) { todo.dhm = 1; - else if( strcmp( argv[i], "ecdsa" ) == 0 ) + } else if (strcmp(argv[i], "ecdsa") == 0) { todo.ecdsa = 1; - else if( strcmp( argv[i], "ecdh" ) == 0 ) + } else if (strcmp(argv[i], "ecdh") == 0) { todo.ecdh = 1; + } #if defined(MBEDTLS_ECP_C) - else if( set_ecp_curve( argv[i], single_curve ) ) + else if (set_ecp_curve(argv[i], single_curve)) { curve_list = single_curve; + } #endif - else - { - mbedtls_printf( "Unrecognized option: %s\n", argv[i] ); - mbedtls_printf( "Available options: " OPTIONS ); + else { + mbedtls_printf("Unrecognized option: %s\n", argv[i]); + mbedtls_printf("Available options: " OPTIONS); } } } - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif - memset( buf, 0xAA, sizeof( buf ) ); - memset( tmp, 0xBB, sizeof( tmp ) ); + memset(buf, 0xAA, sizeof(buf)); + memset(tmp, 0xBB, sizeof(tmp)); #if defined(MBEDTLS_MD4_C) - if( todo.md4 ) - TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) ); + if (todo.md4) { + TIME_AND_TSC("MD4", mbedtls_md4_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_MD5_C) - if( todo.md5 ) - TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) ); + if (todo.md5) { + TIME_AND_TSC("MD5", mbedtls_md5_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_RIPEMD160_C) - if( todo.ripemd160 ) - TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) ); + if (todo.ripemd160) { + TIME_AND_TSC("RIPEMD160", mbedtls_ripemd160_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_SHA1_C) - if( todo.sha1 ) - TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) ); + if (todo.sha1) { + TIME_AND_TSC("SHA-1", mbedtls_sha1_ret(buf, BUFSIZE, tmp)); + } #endif #if defined(MBEDTLS_SHA256_C) - if( todo.sha256 ) - TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) ); + if (todo.sha256) { + TIME_AND_TSC("SHA-256", mbedtls_sha256_ret(buf, BUFSIZE, tmp, 0)); + } #endif #if defined(MBEDTLS_SHA512_C) - if( todo.sha512 ) - TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) ); + if (todo.sha512) { + TIME_AND_TSC("SHA-512", mbedtls_sha512_ret(buf, BUFSIZE, tmp, 0)); + } #endif #if defined(MBEDTLS_ARC4_C) - if( todo.arc4 ) - { + if (todo.arc4) { mbedtls_arc4_context arc4; - mbedtls_arc4_init( &arc4 ); - mbedtls_arc4_setup( &arc4, tmp, 32 ); - TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) ); - mbedtls_arc4_free( &arc4 ); + mbedtls_arc4_init(&arc4); + mbedtls_arc4_setup(&arc4, tmp, 32); + TIME_AND_TSC("ARC4", mbedtls_arc4_crypt(&arc4, BUFSIZE, buf, buf)); + mbedtls_arc4_free(&arc4); } #endif #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.des3 ) - { + if (todo.des3) { mbedtls_des3_context des3; - mbedtls_des3_init( &des3 ); - if( mbedtls_des3_set3key_enc( &des3, tmp ) != 0 ) - mbedtls_exit( 1 ); - TIME_AND_TSC( "3DES", - mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); - mbedtls_des3_free( &des3 ); + mbedtls_des3_init(&des3); + if (mbedtls_des3_set3key_enc(&des3, tmp) != 0) { + mbedtls_exit(1); + } + TIME_AND_TSC("3DES", + mbedtls_des3_crypt_cbc(&des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf)); + mbedtls_des3_free(&des3); } - if( todo.des ) - { + if (todo.des) { mbedtls_des_context des; - mbedtls_des_init( &des ); - if( mbedtls_des_setkey_enc( &des, tmp ) != 0 ) - mbedtls_exit( 1 ); - TIME_AND_TSC( "DES", - mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); - mbedtls_des_free( &des ); + mbedtls_des_init(&des); + if (mbedtls_des_setkey_enc(&des, tmp) != 0) { + mbedtls_exit(1); + } + TIME_AND_TSC("DES", + mbedtls_des_crypt_cbc(&des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf)); + mbedtls_des_free(&des); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CMAC_C) - if( todo.des3_cmac ) - { + if (todo.des3_cmac) { unsigned char output[8]; const mbedtls_cipher_info_t *cipher_info; - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_DES_EDE3_ECB ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_DES_EDE3_ECB); - TIME_AND_TSC( "3DES-CMAC", - mbedtls_cipher_cmac( cipher_info, tmp, 192, buf, - BUFSIZE, output ) ); + TIME_AND_TSC("3DES-CMAC", + mbedtls_cipher_cmac(cipher_info, tmp, 192, buf, + BUFSIZE, output)); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.aes_cbc ) - { + if (todo.aes_cbc) { int keysize; mbedtls_aes_context aes; - mbedtls_aes_init( &aes ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); + mbedtls_aes_init(&aes); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CBC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - CHECK_AND_CONTINUE( mbedtls_aes_setkey_enc( &aes, tmp, keysize ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize)); - TIME_AND_TSC( title, - mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf)); } - mbedtls_aes_free( &aes ); + mbedtls_aes_free(&aes); } #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) - if( todo.aes_xts ) - { + if (todo.aes_xts) { int keysize; mbedtls_aes_xts_context ctx; - mbedtls_aes_xts_init( &ctx ); - for( keysize = 128; keysize <= 256; keysize += 128 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-XTS-%d", keysize ); + mbedtls_aes_xts_init(&ctx); + for (keysize = 128; keysize <= 256; keysize += 128) { + mbedtls_snprintf(title, sizeof(title), "AES-XTS-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - CHECK_AND_CONTINUE( mbedtls_aes_xts_setkey_enc( &ctx, tmp, keysize * 2 ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_xts_setkey_enc(&ctx, tmp, keysize * 2)); - TIME_AND_TSC( title, - mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, - tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, BUFSIZE, + tmp, buf, buf)); - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } } #endif #if defined(MBEDTLS_GCM_C) - if( todo.aes_gcm ) - { + if (todo.aes_gcm) { int keysize; mbedtls_gcm_context gcm; - mbedtls_gcm_init( &gcm ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); + mbedtls_gcm_init(&gcm); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-GCM-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp, - 12, NULL, 0, buf, buf, 16, tmp ) ); + TIME_AND_TSC(title, + mbedtls_gcm_crypt_and_tag(&gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp, + 12, NULL, 0, buf, buf, 16, tmp)); - mbedtls_gcm_free( &gcm ); + mbedtls_gcm_free(&gcm); } } #endif #if defined(MBEDTLS_CCM_C) - if( todo.aes_ccm ) - { + if (todo.aes_ccm) { int keysize; mbedtls_ccm_context ccm; - mbedtls_ccm_init( &ccm ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); + mbedtls_ccm_init(&ccm); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CCM-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_ccm_setkey(&ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp, - 12, NULL, 0, buf, buf, tmp, 16 ) ); + TIME_AND_TSC(title, + mbedtls_ccm_encrypt_and_tag(&ccm, BUFSIZE, tmp, + 12, NULL, 0, buf, buf, tmp, 16)); - mbedtls_ccm_free( &ccm ); + mbedtls_ccm_free(&ccm); } } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if( todo.chachapoly ) - { + if (todo.chachapoly) { mbedtls_chachapoly_context chachapoly; - mbedtls_chachapoly_init( &chachapoly ); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + mbedtls_chachapoly_init(&chachapoly); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - mbedtls_snprintf( title, sizeof( title ), "ChaCha20-Poly1305" ); + mbedtls_snprintf(title, sizeof(title), "ChaCha20-Poly1305"); - mbedtls_chachapoly_setkey( &chachapoly, tmp ); + mbedtls_chachapoly_setkey(&chachapoly, tmp); - TIME_AND_TSC( title, - mbedtls_chachapoly_encrypt_and_tag( &chachapoly, - BUFSIZE, tmp, NULL, 0, buf, buf, tmp ) ); + TIME_AND_TSC(title, + mbedtls_chachapoly_encrypt_and_tag(&chachapoly, + BUFSIZE, tmp, NULL, 0, buf, buf, tmp)); - mbedtls_chachapoly_free( &chachapoly ); + mbedtls_chachapoly_free(&chachapoly); } #endif #if defined(MBEDTLS_CMAC_C) - if( todo.aes_cmac ) - { + if (todo.aes_cmac) { unsigned char output[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_type_t cipher_type; int keysize; - for( keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB; + for (keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB; keysize <= 256; - keysize += 64, cipher_type++ ) - { - mbedtls_snprintf( title, sizeof( title ), "AES-CMAC-%d", keysize ); + keysize += 64, cipher_type++) { + mbedtls_snprintf(title, sizeof(title), "AES-CMAC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); + cipher_info = mbedtls_cipher_info_from_type(cipher_type); - TIME_AND_TSC( title, - mbedtls_cipher_cmac( cipher_info, tmp, keysize, - buf, BUFSIZE, output ) ); + TIME_AND_TSC(title, + mbedtls_cipher_cmac(cipher_info, tmp, keysize, + buf, BUFSIZE, output)); } - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - TIME_AND_TSC( "AES-CMAC-PRF-128", - mbedtls_aes_cmac_prf_128( tmp, 16, buf, BUFSIZE, - output ) ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + TIME_AND_TSC("AES-CMAC-PRF-128", + mbedtls_aes_cmac_prf_128(tmp, 16, buf, BUFSIZE, + output)); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_ARIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.aria ) - { + if (todo.aria) { int keysize; mbedtls_aria_context aria; - mbedtls_aria_init( &aria ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "ARIA-CBC-%d", keysize ); - - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_aria_setkey_enc( &aria, tmp, keysize ); - - TIME_AND_TSC( title, - mbedtls_aria_crypt_cbc( &aria, MBEDTLS_ARIA_ENCRYPT, - BUFSIZE, tmp, buf, buf ) ); + mbedtls_aria_init(&aria); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "ARIA-CBC-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_aria_setkey_enc(&aria, tmp, keysize); + + TIME_AND_TSC(title, + mbedtls_aria_crypt_cbc(&aria, MBEDTLS_ARIA_ENCRYPT, + BUFSIZE, tmp, buf, buf)); } - mbedtls_aria_free( &aria ); + mbedtls_aria_free(&aria); } #endif #if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.camellia ) - { + if (todo.camellia) { int keysize; mbedtls_camellia_context camellia; - mbedtls_camellia_init( &camellia ); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); - - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_camellia_setkey_enc( &camellia, tmp, keysize ); - - TIME_AND_TSC( title, - mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT, - BUFSIZE, tmp, buf, buf ) ); + mbedtls_camellia_init(&camellia); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "CAMELLIA-CBC-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_camellia_setkey_enc(&camellia, tmp, keysize); + + TIME_AND_TSC(title, + mbedtls_camellia_crypt_cbc(&camellia, MBEDTLS_CAMELLIA_ENCRYPT, + BUFSIZE, tmp, buf, buf)); } - mbedtls_camellia_free( &camellia ); + mbedtls_camellia_free(&camellia); } #endif #if defined(MBEDTLS_CHACHA20_C) - if ( todo.chacha20 ) - { - TIME_AND_TSC( "ChaCha20", mbedtls_chacha20_crypt( buf, buf, 0U, BUFSIZE, buf, buf ) ); + if (todo.chacha20) { + TIME_AND_TSC("ChaCha20", mbedtls_chacha20_crypt(buf, buf, 0U, BUFSIZE, buf, buf)); } #endif #if defined(MBEDTLS_POLY1305_C) - if ( todo.poly1305 ) - { - TIME_AND_TSC( "Poly1305", mbedtls_poly1305_mac( buf, buf, BUFSIZE, buf ) ); + if (todo.poly1305) { + TIME_AND_TSC("Poly1305", mbedtls_poly1305_mac(buf, buf, BUFSIZE, buf)); } #endif #if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC) - if( todo.blowfish ) - { + if (todo.blowfish) { int keysize; mbedtls_blowfish_context blowfish; - mbedtls_blowfish_init( &blowfish ); + mbedtls_blowfish_init(&blowfish); - for( keysize = 128; keysize <= 256; keysize += 64 ) - { - mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "BLOWFISH-CBC-%d", keysize); - memset( buf, 0, sizeof( buf ) ); - memset( tmp, 0, sizeof( tmp ) ); - mbedtls_blowfish_setkey( &blowfish, tmp, keysize ); + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + mbedtls_blowfish_setkey(&blowfish, tmp, keysize); - TIME_AND_TSC( title, - mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, - tmp, buf, buf ) ); + TIME_AND_TSC(title, + mbedtls_blowfish_crypt_cbc(&blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, + tmp, buf, buf)); } - mbedtls_blowfish_free( &blowfish ); + mbedtls_blowfish_free(&blowfish); } #endif #if defined(MBEDTLS_HAVEGE_C) - if( todo.havege ) - { + if (todo.havege) { mbedtls_havege_state hs; - mbedtls_havege_init( &hs ); - TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) ); - mbedtls_havege_free( &hs ); + mbedtls_havege_init(&hs); + TIME_AND_TSC("HAVEGE", mbedtls_havege_random(&hs, buf, BUFSIZE)); + mbedtls_havege_free(&hs); } #endif #if defined(MBEDTLS_CTR_DRBG_C) - if( todo.ctr_drbg ) - { + if (todo.ctr_drbg) { mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ctr_drbg_init( &ctr_drbg ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) + mbedtls_ctr_drbg_init(&ctr_drbg); + if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "CTR_DRBG (NOPR)", - mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + } + TIME_AND_TSC("CTR_DRBG (NOPR)", + mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE)); + mbedtls_ctr_drbg_free(&ctr_drbg); - mbedtls_ctr_drbg_init( &ctr_drbg ); - if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) + mbedtls_ctr_drbg_init(&ctr_drbg); + if (mbedtls_ctr_drbg_seed(&ctr_drbg, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON ); - TIME_AND_TSC( "CTR_DRBG (PR)", - mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) ); - mbedtls_ctr_drbg_free( &ctr_drbg ); + } + mbedtls_ctr_drbg_set_prediction_resistance(&ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON); + TIME_AND_TSC("CTR_DRBG (PR)", + mbedtls_ctr_drbg_random(&ctr_drbg, buf, BUFSIZE)); + mbedtls_ctr_drbg_free(&ctr_drbg); } #endif -#if defined(MBEDTLS_HMAC_DRBG_C) - if( todo.hmac_drbg ) - { +#if defined(MBEDTLS_HMAC_DRBG_C) && \ + (defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C)) + if (todo.hmac_drbg) { mbedtls_hmac_drbg_context hmac_drbg; const mbedtls_md_info_t *md_info; - mbedtls_hmac_drbg_init( &hmac_drbg ); + mbedtls_hmac_drbg_init(&hmac_drbg); #if defined(MBEDTLS_SHA1_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1)) == NULL) { mbedtls_exit(1); + } - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + TIME_AND_TSC("HMAC_DRBG SHA-1 (NOPR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg, - MBEDTLS_HMAC_DRBG_PR_ON ); - TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg, + MBEDTLS_HMAC_DRBG_PR_ON); + TIME_AND_TSC("HMAC_DRBG SHA-1 (PR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); #endif #if defined(MBEDTLS_SHA256_C) - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL ) + if ((md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)) == NULL) { mbedtls_exit(1); + } - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + TIME_AND_TSC("HMAC_DRBG SHA-256 (NOPR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); - if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 ) + if (mbedtls_hmac_drbg_seed(&hmac_drbg, md_info, myrand, NULL, NULL, 0) != 0) { mbedtls_exit(1); - mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg, - MBEDTLS_HMAC_DRBG_PR_ON ); - TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)", - mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) ); + } + mbedtls_hmac_drbg_set_prediction_resistance(&hmac_drbg, + MBEDTLS_HMAC_DRBG_PR_ON); + TIME_AND_TSC("HMAC_DRBG SHA-256 (PR)", + mbedtls_hmac_drbg_random(&hmac_drbg, buf, BUFSIZE)); #endif - mbedtls_hmac_drbg_free( &hmac_drbg ); + mbedtls_hmac_drbg_free(&hmac_drbg); } -#endif +#endif /* MBEDTLS_HMAC_DRBG_C && ( MBEDTLS_SHA1_C || MBEDTLS_SHA256_C ) */ #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( todo.rsa ) - { + if (todo.rsa) { int keysize; mbedtls_rsa_context rsa; - for( keysize = 2048; keysize <= 4096; keysize *= 2 ) - { - mbedtls_snprintf( title, sizeof( title ), "RSA-%d", keysize ); + for (keysize = 2048; keysize <= 4096; keysize *= 2) { + mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_gen_key( &rsa, myrand, NULL, keysize, 65537 ); + mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_gen_key(&rsa, myrand, NULL, keysize, 65537); - TIME_PUBLIC( title, " public", - buf[0] = 0; - ret = mbedtls_rsa_public( &rsa, buf, buf ) ); + TIME_PUBLIC(title, " public", + buf[0] = 0; + ret = mbedtls_rsa_public(&rsa, buf, buf)); - TIME_PUBLIC( title, "private", - buf[0] = 0; - ret = mbedtls_rsa_private( &rsa, myrand, NULL, buf, buf ) ); + TIME_PUBLIC(title, "private", + buf[0] = 0; + ret = mbedtls_rsa_private(&rsa, myrand, NULL, buf, buf)); - mbedtls_rsa_free( &rsa ); + mbedtls_rsa_free(&rsa); } } #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C) - if( todo.dhm ) - { + if (todo.dhm) { int dhm_sizes[] = { 2048, 3072 }; static const unsigned char dhm_P_2048[] = MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN; @@ -827,109 +794,110 @@ int main( int argc, char *argv[] ) MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN; const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 }; - const size_t dhm_P_size[] = { sizeof( dhm_P_2048 ), - sizeof( dhm_P_3072 ) }; + const size_t dhm_P_size[] = { sizeof(dhm_P_2048), + sizeof(dhm_P_3072) }; const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 }; - const size_t dhm_G_size[] = { sizeof( dhm_G_2048 ), - sizeof( dhm_G_3072 ) }; + const size_t dhm_G_size[] = { sizeof(dhm_G_2048), + sizeof(dhm_G_3072) }; mbedtls_dhm_context dhm; size_t olen; - for( i = 0; (size_t) i < sizeof( dhm_sizes ) / sizeof( dhm_sizes[0] ); i++ ) - { - mbedtls_dhm_init( &dhm ); - - if( mbedtls_mpi_read_binary( &dhm.P, dhm_P[i], - dhm_P_size[i] ) != 0 || - mbedtls_mpi_read_binary( &dhm.G, dhm_G[i], - dhm_G_size[i] ) != 0 ) - { - mbedtls_exit( 1 ); + for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) { + mbedtls_dhm_init(&dhm); + + if (mbedtls_mpi_read_binary(&dhm.P, dhm_P[i], + dhm_P_size[i]) != 0 || + mbedtls_mpi_read_binary(&dhm.G, dhm_G[i], + dhm_G_size[i]) != 0) { + mbedtls_exit(1); } - dhm.len = mbedtls_mpi_size( &dhm.P ); - mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL ); - if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 ) - mbedtls_exit( 1 ); + dhm.len = mbedtls_mpi_size(&dhm.P); + mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len, myrand, NULL); + if (mbedtls_mpi_copy(&dhm.GY, &dhm.GX) != 0) { + mbedtls_exit(1); + } - mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] ); - TIME_PUBLIC( title, "handshake", - ret |= mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, - myrand, NULL ); - ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "DHE-%d", dhm_sizes[i]); + TIME_PUBLIC(title, "handshake", + ret |= mbedtls_dhm_make_public(&dhm, (int) dhm.len, buf, dhm.len, + myrand, NULL); + ret |= + mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL)); - mbedtls_snprintf( title, sizeof( title ), "DH-%d", dhm_sizes[i] ); - TIME_PUBLIC( title, "handshake", - ret |= mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &olen, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "DH-%d", dhm_sizes[i]); + TIME_PUBLIC(title, "handshake", + ret |= + mbedtls_dhm_calc_secret(&dhm, buf, sizeof(buf), &olen, myrand, NULL)); - mbedtls_dhm_free( &dhm ); + mbedtls_dhm_free(&dhm); } } #endif #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C) - if( todo.ecdsa ) - { + if (todo.ecdsa) { mbedtls_ecdsa_context ecdsa; const mbedtls_ecp_curve_info *curve_info; size_t sig_len; - memset( buf, 0x2A, sizeof( buf ) ); + memset(buf, 0x2A, sizeof(buf)); - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ) - mbedtls_exit( 1 ); - ecp_clear_precomputed( &ecdsa.grp ); + if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0) { + mbedtls_exit(1); + } + ecp_clear_precomputed(&ecdsa.grp); - mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s", - curve_info->name ); - TIME_PUBLIC( title, "sign", - ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) ); + mbedtls_snprintf(title, sizeof(title), "ECDSA-%s", + curve_info->name); + TIME_PUBLIC(title, "sign", + ret = + mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, + curve_info->bit_size, + tmp, &sig_len, myrand, NULL)); - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdsa_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdsa_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdsa_init( &ecdsa ); + mbedtls_ecdsa_init(&ecdsa); - if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 || - mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, - tmp, &sig_len, myrand, NULL ) != 0 ) - { - mbedtls_exit( 1 ); + if (mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL) != 0 || + mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, + tmp, &sig_len, myrand, NULL) != 0) { + mbedtls_exit(1); } - ecp_clear_precomputed( &ecdsa.grp ); + ecp_clear_precomputed(&ecdsa.grp); - mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s", - curve_info->name ); - TIME_PUBLIC( title, "verify", - ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size, - tmp, sig_len ) ); + mbedtls_snprintf(title, sizeof(title), "ECDSA-%s", + curve_info->name); + TIME_PUBLIC(title, "verify", + ret = mbedtls_ecdsa_read_signature(&ecdsa, buf, curve_info->bit_size, + tmp, sig_len)); - mbedtls_ecdsa_free( &ecdsa ); + mbedtls_ecdsa_free(&ecdsa); } } #endif #if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - if( todo.ecdh ) - { + if (todo.ecdh) { mbedtls_ecdh_context ecdh; mbedtls_mpi z; const mbedtls_ecp_curve_info montgomery_curve_list[] = { @@ -946,170 +914,176 @@ int main( int argc, char *argv[] ) const mbedtls_ecp_curve_info *selected_montgomery_curve_list = montgomery_curve_list; - if( curve_list == (const mbedtls_ecp_curve_info*) &single_curve ) - { + if (curve_list == (const mbedtls_ecp_curve_info *) &single_curve) { mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); - if( mbedtls_ecp_group_load( &grp, curve_list->grp_id ) != 0 ) - mbedtls_exit( 1 ); - if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) + mbedtls_ecp_group_init(&grp); + if (mbedtls_ecp_group_load(&grp, curve_list->grp_id) != 0) { + mbedtls_exit(1); + } + if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { selected_montgomery_curve_list = single_curve; - else /* empty list */ + } else { /* empty list */ selected_montgomery_curve_list = single_curve + 1; - mbedtls_ecp_group_free( &grp ); + } + mbedtls_ecp_group_free(&grp); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); - ecp_clear_precomputed( &ecdh.grp ); - - mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), - myrand, NULL ) ) ); - mbedtls_ecdh_free( &ecdh ); + mbedtls_ecdh_init(&ecdh); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q)); + ecp_clear_precomputed(&ecdh.grp); + + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL))); + mbedtls_ecdh_free(&ecdh); } /* Montgomery curves need to be handled separately */ - for ( curve_info = selected_montgomery_curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - mbedtls_ecdh_init( &ecdh ); - mbedtls_mpi_init( &z ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) ); - - mbedtls_snprintf( title, sizeof(title), "ECDHE-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ) ); - - mbedtls_ecdh_free( &ecdh ); - mbedtls_mpi_free( &z ); + for (curve_info = selected_montgomery_curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + mbedtls_ecdh_init(&ecdh); + mbedtls_mpi_init(&z); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL)); + + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp, + &ecdh.d, + myrand, NULL))); + + mbedtls_ecdh_free(&ecdh); + mbedtls_mpi_free(&z); } - for( curve_info = curve_list; + for (curve_info = curve_list; curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf), - myrand, NULL ) ); - ecp_clear_precomputed( &ecdh.grp ); - - mbedtls_snprintf( title, sizeof( title ), "ECDH-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh, &olen, buf, sizeof( buf ), - myrand, NULL ) ) ); - mbedtls_ecdh_free( &ecdh ); + mbedtls_ecdh_init(&ecdh); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL)); + ecp_clear_precomputed(&ecdh.grp); + + mbedtls_snprintf(title, sizeof(title), "ECDH-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf), + myrand, NULL))); + mbedtls_ecdh_free(&ecdh); } /* Montgomery curves need to be handled separately */ - for ( curve_info = selected_montgomery_curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++) - { - mbedtls_ecdh_init( &ecdh ); - mbedtls_mpi_init( &z ); - - CHECK_AND_CONTINUE( mbedtls_ecp_group_load( &ecdh.grp, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, - myrand, NULL ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) ); - - mbedtls_snprintf( title, sizeof(title), "ECDH-%s", - curve_info->name ); - TIME_PUBLIC( title, "handshake", - CHECK_AND_CONTINUE( mbedtls_ecdh_compute_shared( &ecdh.grp, &z, &ecdh.Qp, &ecdh.d, - myrand, NULL ) ) ); - - mbedtls_ecdh_free( &ecdh ); - mbedtls_mpi_free( &z ); + for (curve_info = selected_montgomery_curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + mbedtls_ecdh_init(&ecdh); + mbedtls_mpi_init(&z); + + CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, + myrand, NULL)); + CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL)); + + mbedtls_snprintf(title, sizeof(title), "ECDH-%s", + curve_info->name); + TIME_PUBLIC(title, "handshake", + CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp, + &ecdh.d, + myrand, NULL))); + + mbedtls_ecdh_free(&ecdh); + mbedtls_mpi_free(&z); } } #endif #if defined(MBEDTLS_ECDH_C) - if( todo.ecdh ) - { + if (todo.ecdh) { mbedtls_ecdh_context ecdh_srv, ecdh_cli; unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE]; const mbedtls_ecp_curve_info *curve_info; size_t olen; - for( curve_info = curve_list; - curve_info->grp_id != MBEDTLS_ECP_DP_NONE; - curve_info++ ) - { - if( ! mbedtls_ecdh_can_do( curve_info->grp_id ) ) + for (curve_info = curve_list; + curve_info->grp_id != MBEDTLS_ECP_DP_NONE; + curve_info++) { + if (!mbedtls_ecdh_can_do(curve_info->grp_id)) { continue; + } - mbedtls_ecdh_init( &ecdh_srv ); - mbedtls_ecdh_init( &ecdh_cli ); + mbedtls_ecdh_init(&ecdh_srv); + mbedtls_ecdh_init(&ecdh_cli); - mbedtls_snprintf( title, sizeof( title ), "ECDHE-%s", curve_info->name ); - TIME_PUBLIC( title, "full handshake", - const unsigned char * p_srv = buf_srv; + mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", curve_info->name); + TIME_PUBLIC(title, + "full handshake", + const unsigned char *p_srv = buf_srv; - CHECK_AND_CONTINUE( mbedtls_ecdh_setup( &ecdh_srv, curve_info->grp_id ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_params( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &olen, buf_srv, + sizeof(buf_srv), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_read_params( &ecdh_cli, &p_srv, p_srv + olen ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_make_public( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv, + p_srv + olen)); + CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &olen, buf_cli, + sizeof(buf_cli), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_read_public( &ecdh_srv, buf_cli, olen ) ); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_srv, &olen, buf_srv, sizeof( buf_srv ), myrand, NULL ) ); + CHECK_AND_CONTINUE(mbedtls_ecdh_read_public(&ecdh_srv, buf_cli, olen)); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_srv, &olen, buf_srv, + sizeof(buf_srv), myrand, NULL)); - CHECK_AND_CONTINUE( mbedtls_ecdh_calc_secret( &ecdh_cli, &olen, buf_cli, sizeof( buf_cli ), myrand, NULL ) ); - mbedtls_ecdh_free( &ecdh_cli ); + CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &olen, buf_cli, + sizeof(buf_cli), myrand, NULL)); + mbedtls_ecdh_free(&ecdh_cli); - mbedtls_ecdh_free( &ecdh_srv ); - ); + mbedtls_ecdh_free(&ecdh_srv); + ); } } #endif - mbedtls_printf( "\n" ); + mbedtls_printf("\n"); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( 0 ); + mbedtls_exit(0); } #endif /* MBEDTLS_TIMING_C */ diff --git a/third_party/mbedtls/repo/programs/test/cmake_subproject/cmake_subproject.c b/third_party/mbedtls/repo/programs/test/cmake_subproject/cmake_subproject.c index 6d81830d557..cf8085bd0aa 100644 --- a/third_party/mbedtls/repo/programs/test/cmake_subproject/cmake_subproject.c +++ b/third_party/mbedtls/repo/programs/test/cmake_subproject/cmake_subproject.c @@ -3,19 +3,7 @@ * work correctly. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -24,17 +12,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #include "mbedtls/version.h" @@ -46,9 +24,9 @@ int main() /* This version string is 18 bytes long, as advised by version.h. */ char version[18]; - mbedtls_version_get_string_full( version ); + mbedtls_version_get_string_full(version); - mbedtls_printf( "Built against %s\n", version ); + mbedtls_printf("Built against %s\n", version); - return( 0 ); + return 0; } diff --git a/third_party/mbedtls/repo/programs/test/dlopen.c b/third_party/mbedtls/repo/programs/test/dlopen.c index 2ee531645a7..42a0e92524d 100644 --- a/third_party/mbedtls/repo/programs/test/dlopen.c +++ b/third_party/mbedtls/repo/programs/test/dlopen.c @@ -2,19 +2,7 @@ * Test dynamic loading of libmbed* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -24,15 +12,6 @@ #endif #include "mbedtls/platform.h" -#if !defined(MBEDTLS_PLATFORM_C) -#include -#include -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if defined(MBEDTLS_X509_CRT_PARSE_C) #include "mbedtls/x509_crt.h" @@ -50,67 +29,68 @@ #include -#define CHECK_DLERROR( function, argument ) \ +#define CHECK_DLERROR(function, argument) \ do \ { \ - char *CHECK_DLERROR_error = dlerror ( ); \ - if( CHECK_DLERROR_error != NULL ) \ + char *CHECK_DLERROR_error = dlerror(); \ + if (CHECK_DLERROR_error != NULL) \ { \ - fprintf( stderr, "Dynamic loading error for %s(%s): %s\n", \ - function, argument, CHECK_DLERROR_error ); \ - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); \ + fprintf(stderr, "Dynamic loading error for %s(%s): %s\n", \ + function, argument, CHECK_DLERROR_error); \ + mbedtls_exit(MBEDTLS_EXIT_FAILURE); \ } \ } \ - while( 0 ) + while (0) -int main( void ) +int main(void) { #if defined(MBEDTLS_MD_C) || defined(MBEDTLS_SSL_TLS_C) unsigned n; #endif #if defined(MBEDTLS_SSL_TLS_C) - void *tls_so = dlopen( TLS_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", TLS_SO_FILENAME ); - const int *( *ssl_list_ciphersuites )( void ) = - dlsym( tls_so, "mbedtls_ssl_list_ciphersuites" ); - CHECK_DLERROR( "dlsym", "mbedtls_ssl_list_ciphersuites" ); - const int *ciphersuites = ssl_list_ciphersuites( ); - for( n = 0; ciphersuites[n] != 0; n++ ) - /* nothing to do, we're just counting */; - mbedtls_printf( "dlopen(%s): %u ciphersuites\n", - TLS_SO_FILENAME, n ); - dlclose( tls_so ); - CHECK_DLERROR( "dlclose", TLS_SO_FILENAME ); + void *tls_so = dlopen(TLS_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", TLS_SO_FILENAME); + const int *(*ssl_list_ciphersuites)(void) = + dlsym(tls_so, "mbedtls_ssl_list_ciphersuites"); + CHECK_DLERROR("dlsym", "mbedtls_ssl_list_ciphersuites"); + const int *ciphersuites = ssl_list_ciphersuites(); + for (n = 0; ciphersuites[n] != 0; n++) {/* nothing to do, we're just counting */ + ; + } + mbedtls_printf("dlopen(%s): %u ciphersuites\n", + TLS_SO_FILENAME, n); + dlclose(tls_so); + CHECK_DLERROR("dlclose", TLS_SO_FILENAME); #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_CRT_PARSE_C) - void *x509_so = dlopen( X509_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", X509_SO_FILENAME ); + void *x509_so = dlopen(X509_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", X509_SO_FILENAME); const mbedtls_x509_crt_profile *profile = - dlsym( x509_so, "mbedtls_x509_crt_profile_default" ); - CHECK_DLERROR( "dlsym", "mbedtls_x509_crt_profile_default" ); - mbedtls_printf( "dlopen(%s): Allowed md mask: %08x\n", - X509_SO_FILENAME, (unsigned) profile->allowed_mds ); - dlclose( x509_so ); - CHECK_DLERROR( "dlclose", X509_SO_FILENAME ); + dlsym(x509_so, "mbedtls_x509_crt_profile_default"); + CHECK_DLERROR("dlsym", "mbedtls_x509_crt_profile_default"); + mbedtls_printf("dlopen(%s): Allowed md mask: %08x\n", + X509_SO_FILENAME, (unsigned) profile->allowed_mds); + dlclose(x509_so); + CHECK_DLERROR("dlclose", X509_SO_FILENAME); #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_MD_C) - void *crypto_so = dlopen( CRYPTO_SO_FILENAME, RTLD_NOW ); - CHECK_DLERROR( "dlopen", CRYPTO_SO_FILENAME ); - const int *( *md_list )( void ) = - dlsym( crypto_so, "mbedtls_md_list" ); - CHECK_DLERROR( "dlsym", "mbedtls_md_list" ); - const int *mds = md_list( ); - for( n = 0; mds[n] != 0; n++ ) - /* nothing to do, we're just counting */; - mbedtls_printf( "dlopen(%s): %u hashes\n", - CRYPTO_SO_FILENAME, n ); - dlclose( crypto_so ); - CHECK_DLERROR( "dlclose", CRYPTO_SO_FILENAME ); + void *crypto_so = dlopen(CRYPTO_SO_FILENAME, RTLD_NOW); + CHECK_DLERROR("dlopen", CRYPTO_SO_FILENAME); + const int *(*md_list)(void) = + dlsym(crypto_so, "mbedtls_md_list"); + CHECK_DLERROR("dlsym", "mbedtls_md_list"); + const int *mds = md_list(); + for (n = 0; mds[n] != 0; n++) {/* nothing to do, we're just counting */ + ; + } + mbedtls_printf("dlopen(%s): %u hashes\n", + CRYPTO_SO_FILENAME, n); + dlclose(crypto_so); + CHECK_DLERROR("dlclose", CRYPTO_SO_FILENAME); #endif /* MBEDTLS_MD_C */ - return( 0 ); + return 0; } - diff --git a/third_party/mbedtls/repo/programs/test/dlopen_demo.sh b/third_party/mbedtls/repo/programs/test/dlopen_demo.sh index 2dde3ebedab..7b8868801d5 100755 --- a/third_party/mbedtls/repo/programs/test/dlopen_demo.sh +++ b/third_party/mbedtls/repo/programs/test/dlopen_demo.sh @@ -4,24 +4,33 @@ # This is only expected to work when Mbed TLS is built as a shared library. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e -u +program_name="dlopen" program_dir="${0%/*}" -program="$program_dir/dlopen" +program="$program_dir/$program_name" + +if [ ! -e "$program" ]; then + # Look for programs in the current directory and the directories above it + for dir in "." ".." "../.."; do + program_dir="$dir/programs/test" + program="$program_dir/$program_name" + if [ -e "$program" ]; then + break + fi + done + if [ ! -e "$program" ]; then + echo "Could not find $program_name program" + + echo "Make sure that Mbed TLS is built as a shared library." \ + "If building out-of-tree, this script must be run" \ + "from the project build directory." + exit 1 + fi +fi + top_dir="$program_dir/../.." library_dir="$top_dir/library" diff --git a/third_party/mbedtls/repo/programs/test/generate_cpp_dummy_build.sh b/third_party/mbedtls/repo/programs/test/generate_cpp_dummy_build.sh index 90a181d994d..2255986d24d 100755 --- a/third_party/mbedtls/repo/programs/test/generate_cpp_dummy_build.sh +++ b/third_party/mbedtls/repo/programs/test/generate_cpp_dummy_build.sh @@ -14,19 +14,7 @@ EOF fi # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e @@ -41,19 +29,8 @@ print_cpp () { * can be included and built with a C++ compiler. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "mbedtls/config.h" diff --git a/third_party/mbedtls/repo/programs/test/query_compile_time_config.c b/third_party/mbedtls/repo/programs/test/query_compile_time_config.c index 0e356c8225f..cb3714658f1 100644 --- a/third_party/mbedtls/repo/programs/test/query_compile_time_config.c +++ b/third_party/mbedtls/repo/programs/test/query_compile_time_config.c @@ -2,19 +2,7 @@ * Query the Mbed TLS compile time configuration * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,32 +11,30 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #define USAGE \ - "usage: %s \n\n" \ + "usage: %s [ | -l ]\n\n" \ "This program takes one command line argument which corresponds to\n" \ "the string representation of a Mbed TLS compile time configuration.\n" \ "The value 0 will be returned if this configuration is defined in the\n" \ "Mbed TLS build and the macro expansion of that configuration will be\n" \ - "printed (if any). Otherwise, 1 will be returned.\n" - + "printed (if any). Otherwise, 1 will be returned.\n" \ + "-l\tPrint all available configuration.\n" +#include #include "query_config.h" -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { - if ( argc != 2 ) - { - mbedtls_printf( USAGE, argv[0] ); - return( MBEDTLS_EXIT_FAILURE ); + if (argc < 2 || strcmp(argv[1], "-h") == 0) { + mbedtls_printf(USAGE, argv[0]); + return MBEDTLS_EXIT_FAILURE; + } + + if (strcmp(argv[1], "-l") == 0) { + list_config(); + return 0; } - return( query_config( argv[1] ) ); + return query_config(argv[1]); } diff --git a/third_party/mbedtls/repo/programs/test/query_config.c b/third_party/mbedtls/repo/programs/test/query_config.c index 5dfe383239f..859d824f84d 100644 --- a/third_party/mbedtls/repo/programs/test/query_config.c +++ b/third_party/mbedtls/repo/programs/test/query_config.c @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -25,12 +13,7 @@ #include "query_config.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ /* * Include all the headers with public APIs in case they define a macro to its @@ -81,7 +64,9 @@ #include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif #include "mbedtls/platform_util.h" #include "mbedtls/poly1305.h" #include "mbedtls/ripemd160.h" @@ -113,7 +98,12 @@ */ #define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) #define MACRO_NAME_TO_STR(macro) \ - mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) + mbedtls_printf("%s", strlen( #macro "") > 0 ? #macro "\n" : "") + +#define STRINGIFY(macro) #macro +#define OUTPUT_MACRO_NAME_VALUE(macro) mbedtls_printf( #macro "%s\n", \ + (STRINGIFY(macro) "")[0] != 0 ? "=" STRINGIFY( \ + macro) : "") #if defined(_MSC_VER) /* @@ -128,9 +118,9 @@ #pragma warning(disable:4003) #endif /* _MSC_VER */ -int query_config( const char *config ) +int query_config(const char *config) { -#if defined(MBEDTLS_HAVE_ASM) + #if defined(MBEDTLS_HAVE_ASM) if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 ) { MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM ); @@ -258,6 +248,22 @@ int query_config( const char *config ) } #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ +#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) + if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ + +#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) + if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT ); + return( 0 ); + } +#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ + #if defined(MBEDTLS_DEPRECATED_WARNING) if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 ) { @@ -890,6 +896,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); + return( 0 ); + } +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ + #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) { @@ -1594,6 +1608,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) + if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE ); + return( 0 ); + } +#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ + #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 ) { @@ -2314,6 +2336,38 @@ int query_config( const char *config ) } #endif /* MBEDTLS_XTEA_C */ +#if defined(MBEDTLS_CONFIG_FILE) + if( strcmp( "MBEDTLS_CONFIG_FILE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_CONFIG_FILE ); + return( 0 ); + } +#endif /* MBEDTLS_CONFIG_FILE */ + +#if defined(MBEDTLS_USER_CONFIG_FILE) + if( strcmp( "MBEDTLS_USER_CONFIG_FILE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_USER_CONFIG_FILE ); + return( 0 ); + } +#endif /* MBEDTLS_USER_CONFIG_FILE */ + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) + if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG_FILE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG_FILE ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG_FILE */ + +#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) + if( strcmp( "MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE ); + return( 0 ); + } +#endif /* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE */ + #if defined(MBEDTLS_MPI_WINDOW_SIZE) if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 ) { @@ -2810,42 +2864,1386 @@ int query_config( const char *config ) } #endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ -#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) - if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE ); - return( 0 ); - } -#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ + /* If the symbol is not found, return an error */ + return 1; +} -#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) - if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ +void list_config(void) +{ + #if defined(MBEDTLS_HAVE_ASM) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_ASM); +#endif /* MBEDTLS_HAVE_ASM */ + +#if defined(MBEDTLS_NO_UDBL_DIVISION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_UDBL_DIVISION); +#endif /* MBEDTLS_NO_UDBL_DIVISION */ + +#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_64BIT_MULTIPLICATION); +#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ + +#if defined(MBEDTLS_HAVE_SSE2) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_SSE2); +#endif /* MBEDTLS_HAVE_SSE2 */ + +#if defined(MBEDTLS_HAVE_TIME) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_TIME); +#endif /* MBEDTLS_HAVE_TIME */ + +#if defined(MBEDTLS_HAVE_TIME_DATE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVE_TIME_DATE); +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +#if defined(MBEDTLS_PLATFORM_MEMORY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_MEMORY); +#endif /* MBEDTLS_PLATFORM_MEMORY */ + +#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS); +#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ + +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_EXIT_ALT); +#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ + +#if defined(MBEDTLS_PLATFORM_TIME_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_ALT); +#endif /* MBEDTLS_PLATFORM_TIME_ALT */ + +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FPRINTF_ALT); +#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_PRINTF_ALT); +#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SNPRINTF_ALT); +#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_VSNPRINTF_ALT); +#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_ALT); +#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ + +#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT); +#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ #if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) - if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT ); - return( 0 ); - } + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_GMTIME_R_ALT); #endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ +#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_ZEROIZE_ALT); +#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ - /* If the symbol is not found, return an error */ - return( 1 ); -} +#if defined(MBEDTLS_DEPRECATED_WARNING) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEPRECATED_WARNING); +#endif /* MBEDTLS_DEPRECATED_WARNING */ + +#if defined(MBEDTLS_DEPRECATED_REMOVED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEPRECATED_REMOVED); +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#if defined(MBEDTLS_CHECK_PARAMS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_PARAMS); +#endif /* MBEDTLS_CHECK_PARAMS */ + +#if defined(MBEDTLS_CHECK_PARAMS_ASSERT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_PARAMS_ASSERT); +#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */ + +#if defined(MBEDTLS_TIMING_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TIMING_ALT); +#endif /* MBEDTLS_TIMING_ALT */ + +#if defined(MBEDTLS_AES_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ALT); +#endif /* MBEDTLS_AES_ALT */ + +#if defined(MBEDTLS_ARC4_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARC4_ALT); +#endif /* MBEDTLS_ARC4_ALT */ + +#if defined(MBEDTLS_ARIA_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARIA_ALT); +#endif /* MBEDTLS_ARIA_ALT */ + +#if defined(MBEDTLS_BLOWFISH_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BLOWFISH_ALT); +#endif /* MBEDTLS_BLOWFISH_ALT */ + +#if defined(MBEDTLS_CAMELLIA_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_ALT); +#endif /* MBEDTLS_CAMELLIA_ALT */ + +#if defined(MBEDTLS_CCM_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CCM_ALT); +#endif /* MBEDTLS_CCM_ALT */ + +#if defined(MBEDTLS_CHACHA20_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHA20_ALT); +#endif /* MBEDTLS_CHACHA20_ALT */ + +#if defined(MBEDTLS_CHACHAPOLY_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHAPOLY_ALT); +#endif /* MBEDTLS_CHACHAPOLY_ALT */ + +#if defined(MBEDTLS_CMAC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CMAC_ALT); +#endif /* MBEDTLS_CMAC_ALT */ + +#if defined(MBEDTLS_DES_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_ALT); +#endif /* MBEDTLS_DES_ALT */ + +#if defined(MBEDTLS_DHM_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DHM_ALT); +#endif /* MBEDTLS_DHM_ALT */ + +#if defined(MBEDTLS_ECJPAKE_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECJPAKE_ALT); +#endif /* MBEDTLS_ECJPAKE_ALT */ + +#if defined(MBEDTLS_GCM_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GCM_ALT); +#endif /* MBEDTLS_GCM_ALT */ + +#if defined(MBEDTLS_NIST_KW_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NIST_KW_ALT); +#endif /* MBEDTLS_NIST_KW_ALT */ + +#if defined(MBEDTLS_MD2_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_ALT); +#endif /* MBEDTLS_MD2_ALT */ + +#if defined(MBEDTLS_MD4_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_ALT); +#endif /* MBEDTLS_MD4_ALT */ + +#if defined(MBEDTLS_MD5_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_ALT); +#endif /* MBEDTLS_MD5_ALT */ + +#if defined(MBEDTLS_POLY1305_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_POLY1305_ALT); +#endif /* MBEDTLS_POLY1305_ALT */ + +#if defined(MBEDTLS_RIPEMD160_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_ALT); +#endif /* MBEDTLS_RIPEMD160_ALT */ + +#if defined(MBEDTLS_RSA_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_ALT); +#endif /* MBEDTLS_RSA_ALT */ + +#if defined(MBEDTLS_SHA1_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_ALT); +#endif /* MBEDTLS_SHA1_ALT */ + +#if defined(MBEDTLS_SHA256_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_ALT); +#endif /* MBEDTLS_SHA256_ALT */ + +#if defined(MBEDTLS_SHA512_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_ALT); +#endif /* MBEDTLS_SHA512_ALT */ + +#if defined(MBEDTLS_XTEA_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_XTEA_ALT); +#endif /* MBEDTLS_XTEA_ALT */ + +#if defined(MBEDTLS_ECP_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_ALT); +#endif /* MBEDTLS_ECP_ALT */ + +#if defined(MBEDTLS_MD2_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_PROCESS_ALT); +#endif /* MBEDTLS_MD2_PROCESS_ALT */ + +#if defined(MBEDTLS_MD4_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_PROCESS_ALT); +#endif /* MBEDTLS_MD4_PROCESS_ALT */ + +#if defined(MBEDTLS_MD5_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_PROCESS_ALT); +#endif /* MBEDTLS_MD5_PROCESS_ALT */ + +#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_PROCESS_ALT); +#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA1_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_PROCESS_ALT); +#endif /* MBEDTLS_SHA1_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA256_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_PROCESS_ALT); +#endif /* MBEDTLS_SHA256_PROCESS_ALT */ + +#if defined(MBEDTLS_SHA512_PROCESS_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_PROCESS_ALT); +#endif /* MBEDTLS_SHA512_PROCESS_ALT */ + +#if defined(MBEDTLS_DES_SETKEY_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_SETKEY_ALT); +#endif /* MBEDTLS_DES_SETKEY_ALT */ + +#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_CRYPT_ECB_ALT); +#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ + +#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES3_CRYPT_ECB_ALT); +#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ + +#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_SETKEY_ENC_ALT); +#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ +#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_SETKEY_DEC_ALT); +#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ + +#if defined(MBEDTLS_AES_ENCRYPT_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ENCRYPT_ALT); +#endif /* MBEDTLS_AES_ENCRYPT_ALT */ + +#if defined(MBEDTLS_AES_DECRYPT_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_DECRYPT_ALT); +#endif /* MBEDTLS_AES_DECRYPT_ALT */ + +#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_GEN_PUBLIC_ALT); +#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ + +#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_COMPUTE_SHARED_ALT); +#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ + +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_VERIFY_ALT); +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +#if defined(MBEDTLS_ECDSA_SIGN_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_SIGN_ALT); +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ + +#if defined(MBEDTLS_ECDSA_GENKEY_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_GENKEY_ALT); +#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ + +#if defined(MBEDTLS_ECP_INTERNAL_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_INTERNAL_ALT); +#endif /* MBEDTLS_ECP_INTERNAL_ALT */ + +#if defined(MBEDTLS_ECP_NO_FALLBACK) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NO_FALLBACK); +#endif /* MBEDTLS_ECP_NO_FALLBACK */ + +#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RANDOMIZE_JAC_ALT); +#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_ADD_MIXED_ALT); +#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ + +#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DOUBLE_JAC_ALT); +#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT); +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_JAC_ALT); +#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ + +#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT); +#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ + +#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT); +#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ + +#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NORMALIZE_MXZ_ALT); +#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ + +#if defined(MBEDTLS_TEST_NULL_ENTROPY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_NULL_ENTROPY); +#endif /* MBEDTLS_TEST_NULL_ENTROPY */ + +#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_HARDWARE_ALT); +#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ + +#if defined(MBEDTLS_AES_ROM_TABLES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_ROM_TABLES); +#endif /* MBEDTLS_AES_ROM_TABLES */ + +#if defined(MBEDTLS_AES_FEWER_TABLES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_FEWER_TABLES); +#endif /* MBEDTLS_AES_FEWER_TABLES */ + +#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_SMALL_MEMORY); +#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ + +#if defined(MBEDTLS_CHECK_RETURN_WARNING) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_RETURN_WARNING); +#endif /* MBEDTLS_CHECK_RETURN_WARNING */ + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CBC); +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CFB); +#endif /* MBEDTLS_CIPHER_MODE_CFB */ + +#if defined(MBEDTLS_CIPHER_MODE_CTR) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_CTR); +#endif /* MBEDTLS_CIPHER_MODE_CTR */ + +#if defined(MBEDTLS_CIPHER_MODE_OFB) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_OFB); +#endif /* MBEDTLS_CIPHER_MODE_OFB */ + +#if defined(MBEDTLS_CIPHER_MODE_XTS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_MODE_XTS); +#endif /* MBEDTLS_CIPHER_MODE_XTS */ + +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_NULL_CIPHER); +#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_PKCS7); +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ + +#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS); +#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ + +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN); +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ + +#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_PADDING_ZEROS); +#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ + +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY); +#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ + +#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENABLE_WEAK_CIPHERSUITES); +#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ + +#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_REMOVE_ARC4_CIPHERSUITES); +#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ + +#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_REMOVE_3DES_CIPHERSUITES); +#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ + +#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED); +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP192R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP224R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP256R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP384R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP521R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP192K1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP224K1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_SECP256K1_ENABLED); +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP256R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP384R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_BP512R1_ENABLED); +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_CURVE25519_ENABLED); +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_DP_CURVE448_ENABLED); +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +#if defined(MBEDTLS_ECP_NIST_OPTIM) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NIST_OPTIM); +#endif /* MBEDTLS_ECP_NIST_OPTIM */ + +#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_NO_INTERNAL_RNG); +#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ + +#if defined(MBEDTLS_ECP_RESTARTABLE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_RESTARTABLE); +#endif /* MBEDTLS_ECP_RESTARTABLE */ + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_LEGACY_CONTEXT); +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_DETERMINISTIC); +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED); +#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_PARSE_EC_EXTENDED); +#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ + +#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ERROR_STRERROR_DUMMY); +#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ + +#if defined(MBEDTLS_GENPRIME) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GENPRIME); +#endif /* MBEDTLS_GENPRIME */ + +#if defined(MBEDTLS_FS_IO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_FS_IO); +#endif /* MBEDTLS_FS_IO */ + +#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES); +#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ + +#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NO_PLATFORM_ENTROPY); +#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ + +#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_FORCE_SHA256); +#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ + +#if defined(MBEDTLS_ENTROPY_NV_SEED) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_NV_SEED); +#endif /* MBEDTLS_ENTROPY_NV_SEED */ + +#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER); +#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ + +#if defined(MBEDTLS_MEMORY_DEBUG) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_DEBUG); +#endif /* MBEDTLS_MEMORY_DEBUG */ + +#if defined(MBEDTLS_MEMORY_BACKTRACE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_BACKTRACE); +#endif /* MBEDTLS_MEMORY_BACKTRACE */ + +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_RSA_ALT_SUPPORT); +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ + +#if defined(MBEDTLS_PKCS1_V15) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS1_V15); +#endif /* MBEDTLS_PKCS1_V15 */ + +#if defined(MBEDTLS_PKCS1_V21) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS1_V21); +#endif /* MBEDTLS_PKCS1_V21 */ + +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS); +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CLIENT); +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ + +#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_DRIVERS); +#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ + +#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG); +#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_SPM); +#endif /* MBEDTLS_PSA_CRYPTO_SPM */ + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_INJECT_ENTROPY); +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + +#if defined(MBEDTLS_RSA_NO_CRT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_NO_CRT); +#endif /* MBEDTLS_RSA_NO_CRT */ + +#if defined(MBEDTLS_SELF_TEST) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SELF_TEST); +#endif /* MBEDTLS_SELF_TEST */ + +#if defined(MBEDTLS_SHA256_SMALLER) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_SMALLER); +#endif /* MBEDTLS_SHA256_SMALLER */ + +#if defined(MBEDTLS_SHA512_SMALLER) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_SMALLER); +#endif /* MBEDTLS_SHA512_SMALLER */ + +#if defined(MBEDTLS_SHA512_NO_SHA384) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_NO_SHA384); +#endif /* MBEDTLS_SHA512_NO_SHA384 */ + +#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ALL_ALERT_MESSAGES); +#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ + +#if defined(MBEDTLS_SSL_RECORD_CHECKING) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_RECORD_CHECKING); +#endif /* MBEDTLS_SSL_RECORD_CHECKING */ + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_CONNECTION_ID); +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ASYNC_PRIVATE); +#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ + +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CONTEXT_SERIALIZATION); +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ + +#if defined(MBEDTLS_SSL_DEBUG_ALL) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DEBUG_ALL); +#endif /* MBEDTLS_SSL_DEBUG_ALL */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ENCRYPT_THEN_MAC); +#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ + +#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_EXTENDED_MASTER_SECRET); +#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ + +#if defined(MBEDTLS_SSL_FALLBACK_SCSV) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_FALLBACK_SCSV); +#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE); +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_HW_RECORD_ACCEL); +#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ + +#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CBC_RECORD_SPLITTING); +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_RENEGOTIATION); +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO); +#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ + +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE); +#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_PROTO_SSL3) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_SSL3); +#endif /* MBEDTLS_SSL_PROTO_SSL3 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1); +#endif /* MBEDTLS_SSL_PROTO_TLS1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_1); +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_2); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_PROTO_DTLS); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if defined(MBEDTLS_SSL_ALPN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_ALPN); +#endif /* MBEDTLS_SSL_ALPN */ + +#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_ANTI_REPLAY); +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ + +#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_HELLO_VERIFY); +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ + +#if defined(MBEDTLS_SSL_DTLS_SRTP) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_SRTP); +#endif /* MBEDTLS_SSL_DTLS_SRTP */ + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE); +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ + +#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_BADMAC_LIMIT); +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SESSION_TICKETS); +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + +#if defined(MBEDTLS_SSL_EXPORT_KEYS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_EXPORT_KEYS); +#endif /* MBEDTLS_SSL_EXPORT_KEYS */ + +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SERVER_NAME_INDICATION); +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TRUNCATED_HMAC); +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT); +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT */ + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH); +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ + +#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE); +#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ + +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN); +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ + +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND); +#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ + +#if defined(MBEDTLS_TEST_HOOKS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TEST_HOOKS); +#endif /* MBEDTLS_TEST_HOOKS */ + +#if defined(MBEDTLS_THREADING_ALT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_ALT); +#endif /* MBEDTLS_THREADING_ALT */ + +#if defined(MBEDTLS_THREADING_PTHREAD) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_PTHREAD); +#endif /* MBEDTLS_THREADING_PTHREAD */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_USE_PSA_CRYPTO); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CONFIG); +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ + +#if defined(MBEDTLS_VERSION_FEATURES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_VERSION_FEATURES); +#endif /* MBEDTLS_VERSION_FEATURES */ + +#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3); +#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ + +#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION); +#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ + +#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK); +#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + +#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CHECK_KEY_USAGE); +#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ + +#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE); +#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ + +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_RSASSA_PSS_SUPPORT); +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + +#if defined(MBEDTLS_ZLIB_SUPPORT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ZLIB_SUPPORT); +#endif /* MBEDTLS_ZLIB_SUPPORT */ + +#if defined(MBEDTLS_AESNI_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AESNI_C); +#endif /* MBEDTLS_AESNI_C */ + +#if defined(MBEDTLS_AES_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_AES_C); +#endif /* MBEDTLS_AES_C */ + +#if defined(MBEDTLS_ARC4_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARC4_C); +#endif /* MBEDTLS_ARC4_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ASN1_PARSE_C); +#endif /* MBEDTLS_ASN1_PARSE_C */ + +#if defined(MBEDTLS_ASN1_WRITE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ASN1_WRITE_C); +#endif /* MBEDTLS_ASN1_WRITE_C */ + +#if defined(MBEDTLS_BASE64_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BASE64_C); +#endif /* MBEDTLS_BASE64_C */ + +#if defined(MBEDTLS_BIGNUM_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BIGNUM_C); +#endif /* MBEDTLS_BIGNUM_C */ + +#if defined(MBEDTLS_BLOWFISH_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_BLOWFISH_C); +#endif /* MBEDTLS_BLOWFISH_C */ + +#if defined(MBEDTLS_CAMELLIA_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CAMELLIA_C); +#endif /* MBEDTLS_CAMELLIA_C */ + +#if defined(MBEDTLS_ARIA_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ARIA_C); +#endif /* MBEDTLS_ARIA_C */ + +#if defined(MBEDTLS_CCM_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CCM_C); +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_CERTS_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CERTS_C); +#endif /* MBEDTLS_CERTS_C */ + +#if defined(MBEDTLS_CHACHA20_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHA20_C); +#endif /* MBEDTLS_CHACHA20_C */ + +#if defined(MBEDTLS_CHACHAPOLY_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHACHAPOLY_C); +#endif /* MBEDTLS_CHACHAPOLY_C */ + +#if defined(MBEDTLS_CIPHER_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CIPHER_C); +#endif /* MBEDTLS_CIPHER_C */ + +#if defined(MBEDTLS_CMAC_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CMAC_C); +#endif /* MBEDTLS_CMAC_C */ + +#if defined(MBEDTLS_CTR_DRBG_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_C); +#endif /* MBEDTLS_CTR_DRBG_C */ + +#if defined(MBEDTLS_DEBUG_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DEBUG_C); +#endif /* MBEDTLS_DEBUG_C */ + +#if defined(MBEDTLS_DES_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DES_C); +#endif /* MBEDTLS_DES_C */ + +#if defined(MBEDTLS_DHM_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_DHM_C); +#endif /* MBEDTLS_DHM_C */ + +#if defined(MBEDTLS_ECDH_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDH_C); +#endif /* MBEDTLS_ECDH_C */ + +#if defined(MBEDTLS_ECDSA_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECDSA_C); +#endif /* MBEDTLS_ECDSA_C */ + +#if defined(MBEDTLS_ECJPAKE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECJPAKE_C); +#endif /* MBEDTLS_ECJPAKE_C */ + +#if defined(MBEDTLS_ECP_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_C); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_ENTROPY_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_C); +#endif /* MBEDTLS_ENTROPY_C */ + +#if defined(MBEDTLS_ERROR_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ERROR_C); +#endif /* MBEDTLS_ERROR_C */ + +#if defined(MBEDTLS_GCM_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_GCM_C); +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_HAVEGE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HAVEGE_C); +#endif /* MBEDTLS_HAVEGE_C */ + +#if defined(MBEDTLS_HKDF_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HKDF_C); +#endif /* MBEDTLS_HKDF_C */ + +#if defined(MBEDTLS_HMAC_DRBG_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_C); +#endif /* MBEDTLS_HMAC_DRBG_C */ + +#if defined(MBEDTLS_NIST_KW_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NIST_KW_C); +#endif /* MBEDTLS_NIST_KW_C */ + +#if defined(MBEDTLS_MD_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD_C); +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_MD2_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD2_C); +#endif /* MBEDTLS_MD2_C */ + +#if defined(MBEDTLS_MD4_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD4_C); +#endif /* MBEDTLS_MD4_C */ + +#if defined(MBEDTLS_MD5_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MD5_C); +#endif /* MBEDTLS_MD5_C */ + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_BUFFER_ALLOC_C); +#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ + +#if defined(MBEDTLS_NET_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_NET_C); +#endif /* MBEDTLS_NET_C */ + +#if defined(MBEDTLS_OID_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_OID_C); +#endif /* MBEDTLS_OID_C */ + +#if defined(MBEDTLS_PADLOCK_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PADLOCK_C); +#endif /* MBEDTLS_PADLOCK_C */ + +#if defined(MBEDTLS_PEM_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PEM_PARSE_C); +#endif /* MBEDTLS_PEM_PARSE_C */ + +#if defined(MBEDTLS_PEM_WRITE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PEM_WRITE_C); +#endif /* MBEDTLS_PEM_WRITE_C */ + +#if defined(MBEDTLS_PK_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_C); +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_PK_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_PARSE_C); +#endif /* MBEDTLS_PK_PARSE_C */ + +#if defined(MBEDTLS_PK_WRITE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PK_WRITE_C); +#endif /* MBEDTLS_PK_WRITE_C */ + +#if defined(MBEDTLS_PKCS5_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS5_C); +#endif /* MBEDTLS_PKCS5_C */ + +#if defined(MBEDTLS_PKCS11_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS11_C); +#endif /* MBEDTLS_PKCS11_C */ + +#if defined(MBEDTLS_PKCS12_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PKCS12_C); +#endif /* MBEDTLS_PKCS12_C */ + +#if defined(MBEDTLS_PLATFORM_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_C); +#endif /* MBEDTLS_PLATFORM_C */ + +#if defined(MBEDTLS_POLY1305_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_POLY1305_C); +#endif /* MBEDTLS_POLY1305_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_C); +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_SE_C); +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_STORAGE_C); +#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ + +#if defined(MBEDTLS_PSA_ITS_FILE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_ITS_FILE_C); +#endif /* MBEDTLS_PSA_ITS_FILE_C */ + +#if defined(MBEDTLS_RIPEMD160_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RIPEMD160_C); +#endif /* MBEDTLS_RIPEMD160_C */ + +#if defined(MBEDTLS_RSA_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_RSA_C); +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SHA1_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA1_C); +#endif /* MBEDTLS_SHA1_C */ + +#if defined(MBEDTLS_SHA256_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA256_C); +#endif /* MBEDTLS_SHA256_C */ + +#if defined(MBEDTLS_SHA512_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SHA512_C); +#endif /* MBEDTLS_SHA512_C */ + +#if defined(MBEDTLS_SSL_CACHE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_C); +#endif /* MBEDTLS_SSL_CACHE_C */ + +#if defined(MBEDTLS_SSL_COOKIE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_COOKIE_C); +#endif /* MBEDTLS_SSL_COOKIE_C */ + +#if defined(MBEDTLS_SSL_TICKET_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TICKET_C); +#endif /* MBEDTLS_SSL_TICKET_C */ + +#if defined(MBEDTLS_SSL_CLI_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CLI_C); +#endif /* MBEDTLS_SSL_CLI_C */ + +#if defined(MBEDTLS_SSL_SRV_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_SRV_C); +#endif /* MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_TLS_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TLS_C); +#endif /* MBEDTLS_SSL_TLS_C */ + +#if defined(MBEDTLS_THREADING_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_THREADING_C); +#endif /* MBEDTLS_THREADING_C */ + +#if defined(MBEDTLS_TIMING_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TIMING_C); +#endif /* MBEDTLS_TIMING_C */ + +#if defined(MBEDTLS_VERSION_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_VERSION_C); +#endif /* MBEDTLS_VERSION_C */ + +#if defined(MBEDTLS_X509_USE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_USE_C); +#endif /* MBEDTLS_X509_USE_C */ + +#if defined(MBEDTLS_X509_CRT_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRT_PARSE_C); +#endif /* MBEDTLS_X509_CRT_PARSE_C */ + +#if defined(MBEDTLS_X509_CRL_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRL_PARSE_C); +#endif /* MBEDTLS_X509_CRL_PARSE_C */ + +#if defined(MBEDTLS_X509_CSR_PARSE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CSR_PARSE_C); +#endif /* MBEDTLS_X509_CSR_PARSE_C */ + +#if defined(MBEDTLS_X509_CREATE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CREATE_C); +#endif /* MBEDTLS_X509_CREATE_C */ + +#if defined(MBEDTLS_X509_CRT_WRITE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CRT_WRITE_C); +#endif /* MBEDTLS_X509_CRT_WRITE_C */ + +#if defined(MBEDTLS_X509_CSR_WRITE_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_CSR_WRITE_C); +#endif /* MBEDTLS_X509_CSR_WRITE_C */ + +#if defined(MBEDTLS_XTEA_C) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_XTEA_C); +#endif /* MBEDTLS_XTEA_C */ + +#if defined(MBEDTLS_CONFIG_FILE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CONFIG_FILE); +#endif /* MBEDTLS_CONFIG_FILE */ + +#if defined(MBEDTLS_USER_CONFIG_FILE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_USER_CONFIG_FILE); +#endif /* MBEDTLS_USER_CONFIG_FILE */ + +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_CONFIG_FILE); +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG_FILE */ + +#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE); +#endif /* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE */ + +#if defined(MBEDTLS_MPI_WINDOW_SIZE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MPI_WINDOW_SIZE); +#endif /* MBEDTLS_MPI_WINDOW_SIZE */ + +#if defined(MBEDTLS_MPI_MAX_SIZE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MPI_MAX_SIZE); +#endif /* MBEDTLS_MPI_MAX_SIZE */ + +#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_ENTROPY_LEN); +#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */ + +#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_RESEED_INTERVAL); +#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_INPUT); +#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_REQUEST); +#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */ + +#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT); +#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */ + +#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL); +#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_INPUT); +#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_REQUEST); +#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */ + +#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT); +#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */ + +#if defined(MBEDTLS_ECP_MAX_BITS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_MAX_BITS); +#endif /* MBEDTLS_ECP_MAX_BITS */ + +#if defined(MBEDTLS_ECP_WINDOW_SIZE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_WINDOW_SIZE); +#endif /* MBEDTLS_ECP_WINDOW_SIZE */ + +#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ECP_FIXED_POINT_OPTIM); +#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ + +#if defined(MBEDTLS_ENTROPY_MAX_SOURCES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MAX_SOURCES); +#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */ + +#if defined(MBEDTLS_ENTROPY_MAX_GATHER) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MAX_GATHER); +#endif /* MBEDTLS_ENTROPY_MAX_GATHER */ + +#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_ENTROPY_MIN_HARDWARE); +#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */ + +#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_MEMORY_ALIGN_MULTIPLE); +#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */ + +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_MEM_HDR); +#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */ + +#if defined(MBEDTLS_PLATFORM_STD_CALLOC) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_CALLOC); +#endif /* MBEDTLS_PLATFORM_STD_CALLOC */ + +#if defined(MBEDTLS_PLATFORM_STD_FREE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_FREE); +#endif /* MBEDTLS_PLATFORM_STD_FREE */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT); +#endif /* MBEDTLS_PLATFORM_STD_EXIT */ + +#if defined(MBEDTLS_PLATFORM_STD_TIME) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_TIME); +#endif /* MBEDTLS_PLATFORM_STD_TIME */ + +#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_FPRINTF); +#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_PRINTF) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_PRINTF); +#endif /* MBEDTLS_PLATFORM_STD_PRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_SNPRINTF); +#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS); +#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */ + +#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_EXIT_FAILURE); +#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_READ); +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE); +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_STD_NV_SEED_FILE); +#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */ + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_CALLOC_MACRO); +#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */ + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FREE_MACRO); +#endif /* MBEDTLS_PLATFORM_FREE_MACRO */ + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_EXIT_MACRO); +#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ + +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_MACRO); +#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ + +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_TIME_TYPE_MACRO); +#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_FPRINTF_MACRO); +#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_PRINTF_MACRO); +#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_SNPRINTF_MACRO); +#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_VSNPRINTF_MACRO); +#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO); +#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */ + +#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO); +#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ + +#if defined(MBEDTLS_CHECK_RETURN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_CHECK_RETURN); +#endif /* MBEDTLS_CHECK_RETURN */ + +#if defined(MBEDTLS_IGNORE_RETURN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_IGNORE_RETURN); +#endif /* MBEDTLS_IGNORE_RETURN */ + +#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE); +#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */ + +#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSA_KEY_SLOT_COUNT); +#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */ + +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT); +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ + +#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES); +#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ + +#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_MAX_CONTENT_LEN); +#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_IN_CONTENT_LEN); +#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_IN_LEN_MAX); +#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */ + +#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_OUT_LEN_MAX); +#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ + +#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_CID_PADDING_GRANULARITY); +#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */ + +#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY); +#endif /* MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY */ + +#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_OUT_CONTENT_LEN); +#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ + +#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DTLS_MAX_BUFFERING); +#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ + +#if defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME); +#endif /* MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME */ + +#if defined(MBEDTLS_PSK_MAX_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_PSK_MAX_LEN); +#endif /* MBEDTLS_PSK_MAX_LEN */ + +#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_SSL_COOKIE_TIMEOUT); +#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ + +#if defined(MBEDTLS_TLS_EXT_CID) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_TLS_EXT_CID); +#endif /* MBEDTLS_TLS_EXT_CID */ + +#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_MAX_INTERMEDIATE_CA); +#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ + +#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) + OUTPUT_MACRO_NAME_VALUE(MBEDTLS_X509_MAX_FILE_PATH_LEN); +#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ + + +} #if defined(_MSC_VER) #pragma warning(pop) #endif /* _MSC_VER */ diff --git a/third_party/mbedtls/repo/programs/test/query_config.h b/third_party/mbedtls/repo/programs/test/query_config.h index 23009c46aa4..f7b192c5cff 100644 --- a/third_party/mbedtls/repo/programs/test/query_config.h +++ b/third_party/mbedtls/repo/programs/test/query_config.h @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H @@ -37,6 +25,14 @@ * which is automatically generated by * `scripts/generate_query_config.pl`. */ -int query_config( const char *config ); +int query_config(const char *config); + +/** List all enabled configuration symbols + * + * \note This function is defined in `programs/test/query_config.c` + * which is automatically generated by + * `scripts/generate_query_config.pl`. + */ +void list_config(void); #endif /* MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H */ diff --git a/third_party/mbedtls/repo/programs/test/selftest.c b/third_party/mbedtls/repo/programs/test/selftest.c index 41d704073bc..2b78a8c9fdd 100644 --- a/third_party/mbedtls/repo/programs/test/selftest.c +++ b/third_party/mbedtls/repo/programs/test/selftest.c @@ -2,19 +2,7 @@ * Self-test demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -59,19 +47,7 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_printf printf -#define mbedtls_snprintf snprintf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" @@ -82,110 +58,153 @@ /* Sanity check for malloc. This is not expected to fail, and is rather * intended to display potentially useful information about the platform, * in particular the behavior of malloc(0). */ -static int calloc_self_test( int verbose ) +static int calloc_self_test(int verbose) { int failures = 0; - void *empty1 = mbedtls_calloc( 0, 1 ); - void *empty2 = mbedtls_calloc( 0, 1 ); - void *buffer1 = mbedtls_calloc( 1, 1 ); - void *buffer2 = mbedtls_calloc( 1, 1 ); - uintptr_t old_buffer1; - - if( empty1 == NULL && empty2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (NULL)\n" ); - } - else if( empty1 == NULL || empty2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): failed (mix of NULL and non-NULL)\n" ); + void *empty1 = mbedtls_calloc(0, 1); + void *empty2 = mbedtls_calloc(0, 1); + void *buffer1 = mbedtls_calloc(1, 1); + void *buffer2 = mbedtls_calloc(1, 1); + unsigned int buffer_3_size = 256; + unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */ + unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1); + unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1); + + if (empty1 == NULL && empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(0,1): passed (NULL)\n"); + } + } else if (empty1 == NULL || empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(0,1): failed (mix of NULL and non-NULL)\n"); + } ++failures; + } else if (empty1 == empty2) { + if (verbose) { + mbedtls_printf(" CALLOC(0,1): passed (same non-null)\n"); + } + } else { + if (verbose) { + mbedtls_printf(" CALLOC(0,1): passed (distinct non-null)\n"); + } } - else if( empty1 == empty2 ) - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (same non-null)\n" ); - } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(0): passed (distinct non-null)\n" ); - } - if( buffer1 == NULL || buffer2 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1): failed (NULL)\n" ); + mbedtls_free(empty1); + mbedtls_free(empty2); + + empty1 = mbedtls_calloc(1, 0); + empty2 = mbedtls_calloc(1, 0); + if (empty1 == NULL && empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (NULL)\n"); + } + } else if (empty1 == NULL || empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): failed (mix of NULL and non-NULL)\n"); + } ++failures; + } else if (empty1 == empty2) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (same non-null)\n"); + } + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (distinct non-null)\n"); + } } - else if( buffer1 == buffer2 ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1): failed (same buffer twice)\n" ); + + if (buffer1 == NULL || buffer2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1): failed (NULL)\n"); + } ++failures; - } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(1): passed\n" ); + } else if (buffer1 == buffer2) { + if (verbose) { + mbedtls_printf(" CALLOC(1): failed (same buffer twice)\n"); + } + ++failures; + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1): passed\n"); + } } - old_buffer1 = (uintptr_t) buffer1; - mbedtls_free( buffer1 ); - buffer1 = mbedtls_calloc( 1, 1 ); - if( buffer1 == NULL ) - { - if( verbose ) - mbedtls_printf( " CALLOC(1 again): failed (NULL)\n" ); + mbedtls_free(buffer1); + buffer1 = mbedtls_calloc(1, 1); + if (buffer1 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1 again): failed (NULL)\n"); + } ++failures; + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1 again): passed\n"); + } + } + + for (unsigned int i = 0; i < buffer_3_size; i++) { + if (buffer3[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_3_size); + } + break; + } } - else - { - if( verbose ) - mbedtls_printf( " CALLOC(1 again): passed (%s address)\n", - (uintptr_t) old_buffer1 == (uintptr_t) buffer1 ? - "same" : "different" ); + + for (unsigned int i = 0; i < buffer_4_size; i++) { + if (buffer4[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_4_size); + } + break; + } } - if( verbose ) - mbedtls_printf( "\n" ); - mbedtls_free( empty1 ); - mbedtls_free( empty2 ); - mbedtls_free( buffer1 ); - mbedtls_free( buffer2 ); - return( failures ); + if (verbose) { + mbedtls_printf("\n"); + } + mbedtls_free(empty1); + mbedtls_free(empty2); + mbedtls_free(buffer1); + mbedtls_free(buffer2); + mbedtls_free(buffer3); + mbedtls_free(buffer4); + return failures; } #endif /* MBEDTLS_SELF_TEST */ -static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) +static int test_snprintf(size_t n, const char *ref_buf, int ref_ret) { int ret; char buf[10] = "xxxxxxxxx"; const char ref[10] = "xxxxxxxxx"; - ret = mbedtls_snprintf( buf, n, "%s", "123" ); - if( ret < 0 || (size_t) ret >= n ) + ret = mbedtls_snprintf(buf, n, "%s", "123"); + if (ret < 0 || (size_t) ret >= n) { ret = -1; + } - if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 || + if (strncmp(ref_buf, buf, sizeof(buf)) != 0 || ref_ret != ret || - memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 ) - { - return( 1 ); + memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) { + return 1; } - return( 0 ); + return 0; } -static int run_test_snprintf( void ) +static int run_test_snprintf(void) { - return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 || - test_snprintf( 1, "", -1 ) != 0 || - test_snprintf( 2, "1", -1 ) != 0 || - test_snprintf( 3, "12", -1 ) != 0 || - test_snprintf( 4, "123", 3 ) != 0 || - test_snprintf( 5, "123", 3 ) != 0 ); + return test_snprintf(0, "xxxxxxxxx", -1) != 0 || + test_snprintf(1, "", -1) != 0 || + test_snprintf(2, "1", -1) != 0 || + test_snprintf(3, "12", -1) != 0 || + test_snprintf(4, "123", 3) != 0 || + test_snprintf(5, "123", 3) != 0; } /* @@ -195,7 +214,7 @@ static int run_test_snprintf( void ) */ #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_ENTROPY_C) #if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY) -static void create_entropy_seed_file( void ) +static void create_entropy_seed_file(void) { int result; size_t output_len = 0; @@ -203,164 +222,165 @@ static void create_entropy_seed_file( void ) /* Attempt to read the entropy seed file. If this fails - attempt to write * to the file to ensure one is present. */ - result = mbedtls_platform_std_nv_seed_read( seed_value, - MBEDTLS_ENTROPY_BLOCK_SIZE ); - if( 0 == result ) + result = mbedtls_platform_std_nv_seed_read(seed_value, + MBEDTLS_ENTROPY_BLOCK_SIZE); + if (0 == result) { return; + } - result = mbedtls_platform_entropy_poll( NULL, - seed_value, - MBEDTLS_ENTROPY_BLOCK_SIZE, - &output_len ); - if( 0 != result ) + result = mbedtls_platform_entropy_poll(NULL, + seed_value, + MBEDTLS_ENTROPY_BLOCK_SIZE, + &output_len); + if (0 != result) { return; + } - if( MBEDTLS_ENTROPY_BLOCK_SIZE != output_len ) + if (MBEDTLS_ENTROPY_BLOCK_SIZE != output_len) { return; + } - mbedtls_platform_std_nv_seed_write( seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE ); + mbedtls_platform_std_nv_seed_write(seed_value, MBEDTLS_ENTROPY_BLOCK_SIZE); } #endif -int mbedtls_entropy_self_test_wrapper( int verbose ) +int mbedtls_entropy_self_test_wrapper(int verbose) { #if defined(MBEDTLS_ENTROPY_NV_SEED) && !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - create_entropy_seed_file( ); + create_entropy_seed_file(); #endif - return( mbedtls_entropy_self_test( verbose ) ); + return mbedtls_entropy_self_test(verbose); } #endif #if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -int mbedtls_memory_buffer_alloc_free_and_self_test( int verbose ) +int mbedtls_memory_buffer_alloc_free_and_self_test(int verbose) { - if( verbose != 0 ) - { + if (verbose != 0) { #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_status( ); + mbedtls_memory_buffer_alloc_status(); #endif } - mbedtls_memory_buffer_alloc_free( ); - return( mbedtls_memory_buffer_alloc_self_test( verbose ) ); + mbedtls_memory_buffer_alloc_free(); + return mbedtls_memory_buffer_alloc_self_test(verbose); } #endif -typedef struct -{ +typedef struct { const char *name; - int ( *function )( int ); + int (*function)(int); } selftest_t; const selftest_t selftests[] = { - {"calloc", calloc_self_test}, + { "calloc", calloc_self_test }, #if defined(MBEDTLS_MD2_C) - {"md2", mbedtls_md2_self_test}, + { "md2", mbedtls_md2_self_test }, #endif #if defined(MBEDTLS_MD4_C) - {"md4", mbedtls_md4_self_test}, + { "md4", mbedtls_md4_self_test }, #endif #if defined(MBEDTLS_MD5_C) - {"md5", mbedtls_md5_self_test}, + { "md5", mbedtls_md5_self_test }, #endif #if defined(MBEDTLS_RIPEMD160_C) - {"ripemd160", mbedtls_ripemd160_self_test}, + { "ripemd160", mbedtls_ripemd160_self_test }, #endif #if defined(MBEDTLS_SHA1_C) - {"sha1", mbedtls_sha1_self_test}, + { "sha1", mbedtls_sha1_self_test }, #endif #if defined(MBEDTLS_SHA256_C) - {"sha256", mbedtls_sha256_self_test}, + { "sha256", mbedtls_sha256_self_test }, #endif #if defined(MBEDTLS_SHA512_C) - {"sha512", mbedtls_sha512_self_test}, + { "sha512", mbedtls_sha512_self_test }, #endif #if defined(MBEDTLS_ARC4_C) - {"arc4", mbedtls_arc4_self_test}, + { "arc4", mbedtls_arc4_self_test }, #endif #if defined(MBEDTLS_DES_C) - {"des", mbedtls_des_self_test}, + { "des", mbedtls_des_self_test }, #endif #if defined(MBEDTLS_AES_C) - {"aes", mbedtls_aes_self_test}, + { "aes", mbedtls_aes_self_test }, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) - {"gcm", mbedtls_gcm_self_test}, + { "gcm", mbedtls_gcm_self_test }, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) - {"ccm", mbedtls_ccm_self_test}, + { "ccm", mbedtls_ccm_self_test }, #endif #if defined(MBEDTLS_NIST_KW_C) && defined(MBEDTLS_AES_C) - {"nist_kw", mbedtls_nist_kw_self_test}, + { "nist_kw", mbedtls_nist_kw_self_test }, #endif #if defined(MBEDTLS_CMAC_C) - {"cmac", mbedtls_cmac_self_test}, + { "cmac", mbedtls_cmac_self_test }, #endif #if defined(MBEDTLS_CHACHA20_C) - {"chacha20", mbedtls_chacha20_self_test}, + { "chacha20", mbedtls_chacha20_self_test }, #endif #if defined(MBEDTLS_POLY1305_C) - {"poly1305", mbedtls_poly1305_self_test}, + { "poly1305", mbedtls_poly1305_self_test }, #endif #if defined(MBEDTLS_CHACHAPOLY_C) - {"chacha20-poly1305", mbedtls_chachapoly_self_test}, + { "chacha20-poly1305", mbedtls_chachapoly_self_test }, #endif #if defined(MBEDTLS_BASE64_C) - {"base64", mbedtls_base64_self_test}, + { "base64", mbedtls_base64_self_test }, #endif #if defined(MBEDTLS_BIGNUM_C) - {"mpi", mbedtls_mpi_self_test}, + { "mpi", mbedtls_mpi_self_test }, #endif #if defined(MBEDTLS_RSA_C) - {"rsa", mbedtls_rsa_self_test}, + { "rsa", mbedtls_rsa_self_test }, #endif #if defined(MBEDTLS_X509_USE_C) - {"x509", mbedtls_x509_self_test}, + { "x509", mbedtls_x509_self_test }, #endif #if defined(MBEDTLS_XTEA_C) - {"xtea", mbedtls_xtea_self_test}, + { "xtea", mbedtls_xtea_self_test }, #endif #if defined(MBEDTLS_CAMELLIA_C) - {"camellia", mbedtls_camellia_self_test}, + { "camellia", mbedtls_camellia_self_test }, #endif #if defined(MBEDTLS_ARIA_C) - {"aria", mbedtls_aria_self_test}, + { "aria", mbedtls_aria_self_test }, #endif #if defined(MBEDTLS_CTR_DRBG_C) - {"ctr_drbg", mbedtls_ctr_drbg_self_test}, + { "ctr_drbg", mbedtls_ctr_drbg_self_test }, #endif #if defined(MBEDTLS_HMAC_DRBG_C) - {"hmac_drbg", mbedtls_hmac_drbg_self_test}, + { "hmac_drbg", mbedtls_hmac_drbg_self_test }, #endif #if defined(MBEDTLS_ECP_C) - {"ecp", mbedtls_ecp_self_test}, + { "ecp", mbedtls_ecp_self_test }, #endif #if defined(MBEDTLS_ECJPAKE_C) - {"ecjpake", mbedtls_ecjpake_self_test}, + { "ecjpake", mbedtls_ecjpake_self_test }, #endif #if defined(MBEDTLS_DHM_C) - {"dhm", mbedtls_dhm_self_test}, + { "dhm", mbedtls_dhm_self_test }, #endif #if defined(MBEDTLS_ENTROPY_C) - {"entropy", mbedtls_entropy_self_test_wrapper}, + { "entropy", mbedtls_entropy_self_test_wrapper }, #endif #if defined(MBEDTLS_PKCS5_C) - {"pkcs5", mbedtls_pkcs5_self_test}, + { "pkcs5", mbedtls_pkcs5_self_test }, #endif /* Slower test after the faster ones */ #if defined(MBEDTLS_TIMING_C) - {"timing", mbedtls_timing_self_test}, + { "timing", mbedtls_timing_self_test }, #endif /* Heap test comes last */ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - {"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test}, + { "memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test }, #endif - {NULL, NULL} + { NULL, NULL } }; #endif /* MBEDTLS_SELF_TEST */ -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { #if defined(MBEDTLS_SELF_TEST) const selftest_t *test; @@ -373,99 +393,90 @@ int main( int argc, char *argv[] ) unsigned char buf[1000000]; #endif void *pointer; +#if defined(_WIN32) + int ci = 0; /* ci = 1 => running in CI, so don't wait for a key press */ +#endif /* * The C standard doesn't guarantee that all-bits-0 is the representation * of a NULL pointer. We do however use that in our code for initializing * structures, which should work on every modern platform. Let's be sure. */ - memset( &pointer, 0, sizeof( void * ) ); - if( pointer != NULL ) - { - mbedtls_printf( "all-bits-zero is not a NULL pointer\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + memset(&pointer, 0, sizeof(void *)); + if (pointer != NULL) { + mbedtls_printf("all-bits-zero is not a NULL pointer\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } /* * Make sure we have a snprintf that correctly zero-terminates */ - if( run_test_snprintf() != 0 ) - { - mbedtls_printf( "the snprintf implementation is broken\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if (run_test_snprintf() != 0) { + mbedtls_printf("the snprintf implementation is broken\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } - for( argp = argv + ( argc >= 1 ? 1 : argc ); *argp != NULL; ++argp ) - { - if( strcmp( *argp, "--quiet" ) == 0 || - strcmp( *argp, "-q" ) == 0 ) - { + for (argp = argv + (argc >= 1 ? 1 : argc); *argp != NULL; ++argp) { + if (strcmp(*argp, "--quiet") == 0 || + strcmp(*argp, "-q") == 0) { v = 0; - } - else if( strcmp( *argp, "--exclude" ) == 0 || - strcmp( *argp, "-x" ) == 0 ) - { + } else if (strcmp(*argp, "--exclude") == 0 || + strcmp(*argp, "-x") == 0) { exclude_mode = 1; - } - else +#if defined(_WIN32) + } else if (strcmp(*argp, "--ci") == 0) { + ci = 1; +#endif + } else { break; + } } - if( v != 0 ) - mbedtls_printf( "\n" ); + if (v != 0) { + mbedtls_printf("\n"); + } #if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - mbedtls_memory_buffer_alloc_init( buf, sizeof(buf) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); #endif - if( *argp != NULL && exclude_mode == 0 ) - { + if (*argp != NULL && exclude_mode == 0) { /* Run the specified tests */ - for( ; *argp != NULL; argp++ ) - { - for( test = selftests; test->name != NULL; test++ ) - { - if( !strcmp( *argp, test->name ) ) - { - if( test->function( v ) != 0 ) - { + for (; *argp != NULL; argp++) { + for (test = selftests; test->name != NULL; test++) { + if (!strcmp(*argp, test->name)) { + if (test->function(v) != 0) { suites_failed++; } suites_tested++; break; } } - if( test->name == NULL ) - { - mbedtls_printf( " Test suite %s not available -> failed\n\n", *argp ); + if (test->name == NULL) { + mbedtls_printf(" Test suite %s not available -> failed\n\n", *argp); suites_failed++; } } - } - else - { + } else { /* Run all the tests except excluded ones */ - for( test = selftests; test->name != NULL; test++ ) - { - if( exclude_mode ) - { + for (test = selftests; test->name != NULL; test++) { + if (exclude_mode) { char **excluded; - for( excluded = argp; *excluded != NULL; ++excluded ) - { - if( !strcmp( *excluded, test->name ) ) + for (excluded = argp; *excluded != NULL; ++excluded) { + if (!strcmp(*excluded, test->name)) { break; + } } - if( *excluded ) - { - if( v ) - mbedtls_printf( " Skip: %s\n", test->name ); + if (*excluded) { + if (v) { + mbedtls_printf(" Skip: %s\n", test->name); + } continue; } } - if( test->function( v ) != 0 ) - { + if (test->function(v) != 0) { suites_failed++; } suites_tested++; @@ -474,29 +485,28 @@ int main( int argc, char *argv[] ) #else (void) exclude_mode; - mbedtls_printf( " MBEDTLS_SELF_TEST not defined.\n" ); + mbedtls_printf(" MBEDTLS_SELF_TEST not defined.\n"); #endif - if( v != 0 ) - { - mbedtls_printf( " Executed %d test suites\n\n", suites_tested ); + if (v != 0) { + mbedtls_printf(" Executed %d test suites\n\n", suites_tested); - if( suites_failed > 0) - { - mbedtls_printf( " [ %d tests FAIL ]\n\n", suites_failed ); - } - else - { - mbedtls_printf( " [ All tests PASS ]\n\n" ); + if (suites_failed > 0) { + mbedtls_printf(" [ %d tests FAIL ]\n\n", suites_failed); + } else { + mbedtls_printf(" [ All tests PASS ]\n\n"); } #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + if (!ci) { + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); + } #endif } - if( suites_failed > 0) - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + if (suites_failed > 0) { + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } - mbedtls_exit( MBEDTLS_EXIT_SUCCESS ); + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); } diff --git a/third_party/mbedtls/repo/programs/test/udp_proxy.c b/third_party/mbedtls/repo/programs/test/udp_proxy.c index 11fe9bf425d..e5b82171989 100644 --- a/third_party/mbedtls/repo/programs/test/udp_proxy.c +++ b/third_party/mbedtls/repo/programs/test/udp_proxy.c @@ -1,20 +1,8 @@ /* - * UDP proxy: emulate an unreliable UDP connexion for DTLS testing + * UDP proxy: emulate an unreliable UDP connection for DTLS testing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -34,9 +22,11 @@ #else #include #include +#if defined(MBEDTLS_HAVE_TIME) #include #define mbedtls_time time #define mbedtls_time_t time_t +#endif #define mbedtls_printf printf #define mbedtls_calloc calloc #define mbedtls_free free @@ -46,10 +36,10 @@ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_NET_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_NET_C not defined.\n" ); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_NET_C not defined.\n"); + mbedtls_exit(0); } #else @@ -73,7 +63,9 @@ int main( void ) #endif #endif /* _MSC_VER */ #else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include #include #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ @@ -107,20 +99,20 @@ int main( void ) " delay=%%d default: 0 (no delayed packets)\n" \ " delay about 1:N packets randomly\n" \ " delay_ccs=0/1 default: 0 (don't delay ChangeCipherSpec)\n" \ - " delay_cli=%%s Handshake message from client that should be\n"\ + " delay_cli=%%s Handshake message from client that should be\n" \ " delayed. Possible values are 'ClientHello',\n" \ " 'Certificate', 'CertificateVerify', and\n" \ " 'ClientKeyExchange'.\n" \ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ + " May be used multiple times, even for the same\n" \ + " message, in which case the respective message\n" \ " gets delayed multiple times.\n" \ - " delay_srv=%%s Handshake message from server that should be\n"\ - " delayed. Possible values are 'HelloRequest',\n"\ - " 'ServerHello', 'ServerHelloDone', 'Certificate'\n"\ - " 'ServerKeyExchange', 'NewSessionTicket',\n"\ - " 'HelloVerifyRequest' and ''CertificateRequest'.\n"\ - " May be used multiple times, even for the same\n"\ - " message, in which case the respective message\n"\ + " delay_srv=%%s Handshake message from server that should be\n" \ + " delayed. Possible values are 'HelloRequest',\n" \ + " 'ServerHello', 'ServerHelloDone', 'Certificate'\n" \ + " 'ServerKeyExchange', 'NewSessionTicket',\n" \ + " 'HelloVerifyRequest' and ''CertificateRequest'.\n" \ + " May be used multiple times, even for the same\n" \ + " message, in which case the respective message\n" \ " gets delayed multiple times.\n" \ " drop=%%d default: 0 (no dropped packets)\n" \ " drop about 1:N packets randomly\n" \ @@ -144,8 +136,7 @@ int main( void ) #define MAX_DELAYED_HS 10 -static struct options -{ +static struct options { const char *server_addr; /* address to forward packets to */ const char *server_port; /* port to forward packets to */ const char *listen_addr; /* address for accepting client connections */ @@ -154,10 +145,10 @@ static struct options int duplicate; /* duplicate 1 in N packets (none if 0) */ int delay; /* delay 1 packet in N (none if 0) */ int delay_ccs; /* delay ChangeCipherSpec */ - char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from + char *delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from * client that should be delayed. */ uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */ - char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from + char *delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from * server that should be delayed. */ uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */ int drop; /* drop 1 packet in N (none if 0) */ @@ -172,18 +163,19 @@ static struct options unsigned int seed; /* seed for "random" events */ } opt; -static void exit_usage( const char *name, const char *value ) +static void exit_usage(const char *name, const char *value) { - if( value == NULL ) - mbedtls_printf( " unknown option or missing value: %s\n", name ); - else - mbedtls_printf( " option %s: illegal value: %s\n", name, value ); + if (value == NULL) { + mbedtls_printf(" unknown option or missing value: %s\n", name); + } else { + mbedtls_printf(" option %s: illegal value: %s\n", name, value); + } - mbedtls_printf( USAGE ); - mbedtls_exit( 1 ); + mbedtls_printf(USAGE); + mbedtls_exit(1); } -static void get_options( int argc, char *argv[] ) +static void get_options(int argc, char *argv[]) { int i; char *p, *q; @@ -197,200 +189,184 @@ static void get_options( int argc, char *argv[] ) opt.delay_cli_cnt = 0; opt.delay_srv_cnt = 0; - memset( opt.delay_cli, 0, sizeof( opt.delay_cli ) ); - memset( opt.delay_srv, 0, sizeof( opt.delay_srv ) ); + memset(opt.delay_cli, 0, sizeof(opt.delay_cli)); + memset(opt.delay_srv, 0, sizeof(opt.delay_srv)); - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) - exit_usage( p, NULL ); + if ((q = strchr(p, '=')) == NULL) { + exit_usage(p, NULL); + } *q++ = '\0'; - if( strcmp( p, "server_addr" ) == 0 ) + if (strcmp(p, "server_addr") == 0) { opt.server_addr = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "listen_addr" ) == 0 ) + } else if (strcmp(p, "listen_addr") == 0) { opt.listen_addr = q; - else if( strcmp( p, "listen_port" ) == 0 ) + } else if (strcmp(p, "listen_port") == 0) { opt.listen_port = q; - else if( strcmp( p, "duplicate" ) == 0 ) - { - opt.duplicate = atoi( q ); - if( opt.duplicate < 0 || opt.duplicate > 20 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay" ) == 0 ) - { - opt.delay = atoi( q ); - if( opt.delay < 0 || opt.delay > 20 || opt.delay == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_ccs" ) == 0 ) - { - opt.delay_ccs = atoi( q ); - if( opt.delay_ccs < 0 || opt.delay_ccs > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "delay_cli" ) == 0 || - strcmp( p, "delay_srv" ) == 0 ) - { + } else if (strcmp(p, "duplicate") == 0) { + opt.duplicate = atoi(q); + if (opt.duplicate < 0 || opt.duplicate > 20) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay") == 0) { + opt.delay = atoi(q); + if (opt.delay < 0 || opt.delay > 20 || opt.delay == 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay_ccs") == 0) { + opt.delay_ccs = atoi(q); + if (opt.delay_ccs < 0 || opt.delay_ccs > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "delay_cli") == 0 || + strcmp(p, "delay_srv") == 0) { uint8_t *delay_cnt; char **delay_list; size_t len; char *buf; - if( strcmp( p, "delay_cli" ) == 0 ) - { + if (strcmp(p, "delay_cli") == 0) { delay_cnt = &opt.delay_cli_cnt; delay_list = opt.delay_cli; - } - else - { + } else { delay_cnt = &opt.delay_srv_cnt; delay_list = opt.delay_srv; } - if( *delay_cnt == MAX_DELAYED_HS ) - { - mbedtls_printf( " too many uses of %s: only %d allowed\n", - p, MAX_DELAYED_HS ); - exit_usage( p, NULL ); + if (*delay_cnt == MAX_DELAYED_HS) { + mbedtls_printf(" too many uses of %s: only %d allowed\n", + p, MAX_DELAYED_HS); + exit_usage(p, NULL); } - len = strlen( q ); - buf = mbedtls_calloc( 1, len + 1 ); - if( buf == NULL ) - { - mbedtls_printf( " Allocation failure\n" ); - exit( 1 ); + len = strlen(q); + buf = mbedtls_calloc(1, len + 1); + if (buf == NULL) { + mbedtls_printf(" Allocation failure\n"); + exit(1); } - memcpy( buf, q, len + 1 ); + memcpy(buf, q, len + 1); - delay_list[ (*delay_cnt)++ ] = buf; - } - else if( strcmp( p, "drop" ) == 0 ) - { - opt.drop = atoi( q ); - if( opt.drop < 0 || opt.drop > 20 || opt.drop == 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "pack" ) == 0 ) - { + delay_list[(*delay_cnt)++] = buf; + } else if (strcmp(p, "drop") == 0) { + opt.drop = atoi(q); + if (opt.drop < 0 || opt.drop > 20 || opt.drop == 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "pack") == 0) { #if defined(MBEDTLS_TIMING_C) - opt.pack = (unsigned) atoi( q ); + opt.pack = (unsigned) atoi(q); #else - mbedtls_printf( " option pack only defined if MBEDTLS_TIMING_C is enabled\n" ); - exit( 1 ); + mbedtls_printf(" option pack only defined if MBEDTLS_TIMING_C is enabled\n"); + exit(1); #endif - } - else if( strcmp( p, "mtu" ) == 0 ) - { - opt.mtu = atoi( q ); - if( opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE ) - exit_usage( p, q ); - } - else if( strcmp( p, "bad_ad" ) == 0 ) - { - opt.bad_ad = atoi( q ); - if( opt.bad_ad < 0 || opt.bad_ad > 1 ) - exit_usage( p, q ); + } else if (strcmp(p, "mtu") == 0) { + opt.mtu = atoi(q); + if (opt.mtu < 0 || opt.mtu > MAX_MSG_SIZE) { + exit_usage(p, q); + } + } else if (strcmp(p, "bad_ad") == 0) { + opt.bad_ad = atoi(q); + if (opt.bad_ad < 0 || opt.bad_ad > 1) { + exit_usage(p, q); + } } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - else if( strcmp( p, "bad_cid" ) == 0 ) - { - opt.bad_cid = (unsigned) atoi( q ); + else if (strcmp(p, "bad_cid") == 0) { + opt.bad_cid = (unsigned) atoi(q); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - else if( strcmp( p, "protect_hvr" ) == 0 ) - { - opt.protect_hvr = atoi( q ); - if( opt.protect_hvr < 0 || opt.protect_hvr > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "protect_len" ) == 0 ) - { - opt.protect_len = atoi( q ); - if( opt.protect_len < 0 ) - exit_usage( p, q ); - } - else if( strcmp( p, "inject_clihlo" ) == 0 ) - { - opt.inject_clihlo = atoi( q ); - if( opt.inject_clihlo < 0 || opt.inject_clihlo > 1 ) - exit_usage( p, q ); - } - else if( strcmp( p, "seed" ) == 0 ) - { - opt.seed = atoi( q ); - if( opt.seed == 0 ) - exit_usage( p, q ); + else if (strcmp(p, "protect_hvr") == 0) { + opt.protect_hvr = atoi(q); + if (opt.protect_hvr < 0 || opt.protect_hvr > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "protect_len") == 0) { + opt.protect_len = atoi(q); + if (opt.protect_len < 0) { + exit_usage(p, q); + } + } else if (strcmp(p, "inject_clihlo") == 0) { + opt.inject_clihlo = atoi(q); + if (opt.inject_clihlo < 0 || opt.inject_clihlo > 1) { + exit_usage(p, q); + } + } else if (strcmp(p, "seed") == 0) { + opt.seed = atoi(q); + if (opt.seed == 0) { + exit_usage(p, q); + } + } else { + exit_usage(p, NULL); } - else - exit_usage( p, NULL ); } } -static const char *msg_type( unsigned char *msg, size_t len ) +static const char *msg_type(unsigned char *msg, size_t len) { - if( len < 1 ) return( "Invalid" ); - switch( msg[0] ) - { - case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return( "ChangeCipherSpec" ); - case MBEDTLS_SSL_MSG_ALERT: return( "Alert" ); - case MBEDTLS_SSL_MSG_APPLICATION_DATA: return( "ApplicationData" ); - case MBEDTLS_SSL_MSG_CID: return( "CID" ); + if (len < 1) { + return "Invalid"; + } + switch (msg[0]) { + case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: return "ChangeCipherSpec"; + case MBEDTLS_SSL_MSG_ALERT: return "Alert"; + case MBEDTLS_SSL_MSG_APPLICATION_DATA: return "ApplicationData"; + case MBEDTLS_SSL_MSG_CID: return "CID"; case MBEDTLS_SSL_MSG_HANDSHAKE: break; /* See below */ - default: return( "Unknown" ); + default: return "Unknown"; } - if( len < 13 + 12 ) return( "Invalid handshake" ); + if (len < 13 + 12) { + return "Invalid handshake"; + } /* * Our handshake message are less than 2^16 bytes long, so they should * have 0 as the first byte of length, frag_offset and frag_length. * Otherwise, assume they are encrypted. */ - if( msg[14] || msg[19] || msg[22] ) return( "Encrypted handshake" ); - - switch( msg[13] ) - { - case MBEDTLS_SSL_HS_HELLO_REQUEST: return( "HelloRequest" ); - case MBEDTLS_SSL_HS_CLIENT_HELLO: return( "ClientHello" ); - case MBEDTLS_SSL_HS_SERVER_HELLO: return( "ServerHello" ); - case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return( "HelloVerifyRequest" ); - case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return( "NewSessionTicket" ); - case MBEDTLS_SSL_HS_CERTIFICATE: return( "Certificate" ); - case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return( "ServerKeyExchange" ); - case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return( "CertificateRequest" ); - case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return( "ServerHelloDone" ); - case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return( "CertificateVerify" ); - case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return( "ClientKeyExchange" ); - case MBEDTLS_SSL_HS_FINISHED: return( "Finished" ); - default: return( "Unknown handshake" ); + if (msg[14] || msg[19] || msg[22]) { + return "Encrypted handshake"; + } + + switch (msg[13]) { + case MBEDTLS_SSL_HS_HELLO_REQUEST: return "HelloRequest"; + case MBEDTLS_SSL_HS_CLIENT_HELLO: return "ClientHello"; + case MBEDTLS_SSL_HS_SERVER_HELLO: return "ServerHello"; + case MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST: return "HelloVerifyRequest"; + case MBEDTLS_SSL_HS_NEW_SESSION_TICKET: return "NewSessionTicket"; + case MBEDTLS_SSL_HS_CERTIFICATE: return "Certificate"; + case MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE: return "ServerKeyExchange"; + case MBEDTLS_SSL_HS_CERTIFICATE_REQUEST: return "CertificateRequest"; + case MBEDTLS_SSL_HS_SERVER_HELLO_DONE: return "ServerHelloDone"; + case MBEDTLS_SSL_HS_CERTIFICATE_VERIFY: return "CertificateVerify"; + case MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE: return "ClientKeyExchange"; + case MBEDTLS_SSL_HS_FINISHED: return "Finished"; + default: return "Unknown handshake"; } } #if defined(MBEDTLS_TIMING_C) /* Return elapsed time in milliseconds since the first call */ -static unsigned ellapsed_time( void ) +static unsigned elapsed_time(void) { static int initialized = 0; static struct mbedtls_timing_hr_time hires; - if( initialized == 0 ) - { - (void) mbedtls_timing_get_timer( &hires, 1 ); + if (initialized == 0) { + (void) mbedtls_timing_get_timer(&hires, 1); initialized = 1; - return( 0 ); + return 0; } - return( mbedtls_timing_get_timer( &hires, 0 ) ); + return mbedtls_timing_get_timer(&hires, 0); } -typedef struct -{ +typedef struct { mbedtls_net_context *ctx; const char *description; @@ -405,102 +381,102 @@ typedef struct static ctx_buffer outbuf[2]; -static int ctx_buffer_flush( ctx_buffer *buf ) +static int ctx_buffer_flush(ctx_buffer *buf) { int ret; - mbedtls_printf( " %05u flush %s: %u bytes, %u datagrams, last %u ms\n", - ellapsed_time(), buf->description, - (unsigned) buf->len, buf->num_datagrams, - ellapsed_time() - buf->packet_lifetime ); + mbedtls_printf(" %05u flush %s: %u bytes, %u datagrams, last %u ms\n", + elapsed_time(), buf->description, + (unsigned) buf->len, buf->num_datagrams, + elapsed_time() - buf->packet_lifetime); - ret = mbedtls_net_send( buf->ctx, buf->data, buf->len ); + ret = mbedtls_net_send(buf->ctx, buf->data, buf->len); buf->len = 0; buf->num_datagrams = 0; - return( ret ); + return ret; } -static unsigned ctx_buffer_time_remaining( ctx_buffer *buf ) +static unsigned ctx_buffer_time_remaining(ctx_buffer *buf) { - unsigned const cur_time = ellapsed_time(); + unsigned const cur_time = elapsed_time(); - if( buf->num_datagrams == 0 ) - return( (unsigned) -1 ); + if (buf->num_datagrams == 0) { + return (unsigned) -1; + } - if( cur_time - buf->packet_lifetime >= opt.pack ) - return( 0 ); + if (cur_time - buf->packet_lifetime >= opt.pack) { + return 0; + } - return( opt.pack - ( cur_time - buf->packet_lifetime ) ); + return opt.pack - (cur_time - buf->packet_lifetime); } -static int ctx_buffer_append( ctx_buffer *buf, - const unsigned char * data, - size_t len ) +static int ctx_buffer_append(ctx_buffer *buf, + const unsigned char *data, + size_t len) { int ret; - if( len > (size_t) INT_MAX ) - return( -1 ); + if (len > (size_t) INT_MAX) { + return -1; + } - if( len > sizeof( buf->data ) ) - { - mbedtls_printf( " ! buffer size %u too large (max %u)\n", - (unsigned) len, (unsigned) sizeof( buf->data ) ); - return( -1 ); + if (len > sizeof(buf->data)) { + mbedtls_printf(" ! buffer size %u too large (max %u)\n", + (unsigned) len, (unsigned) sizeof(buf->data)); + return -1; } - if( sizeof( buf->data ) - buf->len < len ) - { - if( ( ret = ctx_buffer_flush( buf ) ) <= 0 ) - { - mbedtls_printf( "ctx_buffer_flush failed with -%#04x", (unsigned int) -ret ); - return( ret ); + if (sizeof(buf->data) - buf->len < len) { + if ((ret = ctx_buffer_flush(buf)) <= 0) { + mbedtls_printf("ctx_buffer_flush failed with -%#04x", (unsigned int) -ret); + return ret; } } - memcpy( buf->data + buf->len, data, len ); + memcpy(buf->data + buf->len, data, len); buf->len += len; - if( ++buf->num_datagrams == 1 ) - buf->packet_lifetime = ellapsed_time(); + if (++buf->num_datagrams == 1) { + buf->packet_lifetime = elapsed_time(); + } - return( (int) len ); + return (int) len; } #endif /* MBEDTLS_TIMING_C */ -static int dispatch_data( mbedtls_net_context *ctx, - const unsigned char * data, - size_t len ) +static int dispatch_data(mbedtls_net_context *ctx, + const unsigned char *data, + size_t len) { int ret; #if defined(MBEDTLS_TIMING_C) ctx_buffer *buf = NULL; - if( opt.pack > 0 ) - { - if( outbuf[0].ctx == ctx ) + if (opt.pack > 0) { + if (outbuf[0].ctx == ctx) { buf = &outbuf[0]; - else if( outbuf[1].ctx == ctx ) + } else if (outbuf[1].ctx == ctx) { buf = &outbuf[1]; + } - if( buf == NULL ) - return( -1 ); + if (buf == NULL) { + return -1; + } - return( ctx_buffer_append( buf, data, len ) ); + return ctx_buffer_append(buf, data, len); } #endif /* MBEDTLS_TIMING_C */ - ret = mbedtls_net_send( ctx, data, len ); - if( ret < 0 ) - { - mbedtls_printf( "net_send returned -%#04x\n", (unsigned int) -ret ); + ret = mbedtls_net_send(ctx, data, len); + if (ret < 0) { + mbedtls_printf("net_send returned -%#04x\n", (unsigned int) -ret); } - return( ret ); + return ret; } -typedef struct -{ +typedef struct { mbedtls_net_context *dst; const char *way; const char *type; @@ -509,25 +485,27 @@ typedef struct } packet; /* Print packet. Outgoing packets come with a reason (forward, dupl, etc.) */ -void print_packet( const packet *p, const char *why ) +void print_packet(const packet *p, const char *why) { #if defined(MBEDTLS_TIMING_C) - if( why == NULL ) - mbedtls_printf( " %05u dispatch %s %s (%u bytes)\n", - ellapsed_time(), p->way, p->type, p->len ); - else - mbedtls_printf( " %05u dispatch %s %s (%u bytes): %s\n", - ellapsed_time(), p->way, p->type, p->len, why ); + if (why == NULL) { + mbedtls_printf(" %05u dispatch %s %s (%u bytes)\n", + elapsed_time(), p->way, p->type, p->len); + } else { + mbedtls_printf(" %05u dispatch %s %s (%u bytes): %s\n", + elapsed_time(), p->way, p->type, p->len, why); + } #else - if( why == NULL ) - mbedtls_printf( " dispatch %s %s (%u bytes)\n", - p->way, p->type, p->len ); - else - mbedtls_printf( " dispatch %s %s (%u bytes): %s\n", - p->way, p->type, p->len, why ); + if (why == NULL) { + mbedtls_printf(" dispatch %s %s (%u bytes)\n", + p->way, p->type, p->len); + } else { + mbedtls_printf(" dispatch %s %s (%u bytes): %s\n", + p->way, p->type, p->len, why); + } #endif - fflush( stdout ); + fflush(stdout); } /* @@ -551,135 +529,123 @@ typedef enum { static inject_clihlo_state_t inject_clihlo_state; static packet initial_clihlo; -int send_packet( const packet *p, const char *why ) +int send_packet(const packet *p, const char *why) { int ret; mbedtls_net_context *dst = p->dst; /* save initial ClientHello? */ - if( opt.inject_clihlo != 0 && + if (opt.inject_clihlo != 0 && inject_clihlo_state == ICH_INIT && - strcmp( p->type, "ClientHello" ) == 0 ) - { - memcpy( &initial_clihlo, p, sizeof( packet ) ); + strcmp(p->type, "ClientHello") == 0) { + memcpy(&initial_clihlo, p, sizeof(packet)); inject_clihlo_state = ICH_CACHED; } /* insert corrupted CID record? */ - if( opt.bad_cid != 0 && - strcmp( p->type, "CID" ) == 0 && - ( rand() % opt.bad_cid ) == 0 ) - { + if (opt.bad_cid != 0 && + strcmp(p->type, "CID") == 0 && + (rand() % opt.bad_cid) == 0) { unsigned char buf[MAX_MSG_SIZE]; - memcpy( buf, p->buf, p->len ); + memcpy(buf, p->buf, p->len); /* The CID resides at offset 11 in the DTLS record header. */ buf[11] ^= 1; - print_packet( p, "modified CID" ); + print_packet(p, "modified CID"); - if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if ((ret = dispatch_data(dst, buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } /* insert corrupted ApplicationData record? */ - if( opt.bad_ad && - strcmp( p->type, "ApplicationData" ) == 0 ) - { + if (opt.bad_ad && + strcmp(p->type, "ApplicationData") == 0) { unsigned char buf[MAX_MSG_SIZE]; - memcpy( buf, p->buf, p->len ); + memcpy(buf, p->buf, p->len); - if( p->len <= 13 ) - { - mbedtls_printf( " ! can't corrupt empty AD record" ); - } - else - { + if (p->len <= 13) { + mbedtls_printf(" ! can't corrupt empty AD record"); + } else { ++buf[13]; - print_packet( p, "corrupted" ); + print_packet(p, "corrupted"); } - if( ( ret = dispatch_data( dst, buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if ((ret = dispatch_data(dst, buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } - print_packet( p, why ); - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + print_packet(p, why); + if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } /* Don't duplicate Application Data, only handshake covered */ - if( opt.duplicate != 0 && - strcmp( p->type, "ApplicationData" ) != 0 && - rand() % opt.duplicate == 0 ) - { - print_packet( p, "duplicated" ); - - if( ( ret = dispatch_data( dst, p->buf, p->len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + if (opt.duplicate != 0 && + strcmp(p->type, "ApplicationData") != 0 && + rand() % opt.duplicate == 0) { + print_packet(p, "duplicated"); + + if ((ret = dispatch_data(dst, p->buf, p->len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } } /* Inject ClientHello after first ApplicationData */ - if( opt.inject_clihlo != 0 && + if (opt.inject_clihlo != 0 && inject_clihlo_state == ICH_CACHED && - strcmp( p->type, "ApplicationData" ) == 0 ) - { - print_packet( &initial_clihlo, "injected" ); - - if( ( ret = dispatch_data( dst, initial_clihlo.buf, - initial_clihlo.len ) ) <= 0 ) - { - mbedtls_printf( " ! dispatch returned %d\n", ret ); - return( ret ); + strcmp(p->type, "ApplicationData") == 0) { + print_packet(&initial_clihlo, "injected"); + + if ((ret = dispatch_data(dst, initial_clihlo.buf, + initial_clihlo.len)) <= 0) { + mbedtls_printf(" ! dispatch returned %d\n", ret); + return ret; } inject_clihlo_state = ICH_INJECTED; } - return( 0 ); + return 0; } #define MAX_DELAYED_MSG 5 static size_t prev_len; static packet prev[MAX_DELAYED_MSG]; -void clear_pending( void ) +void clear_pending(void) { - memset( &prev, 0, sizeof( prev ) ); + memset(&prev, 0, sizeof(prev)); prev_len = 0; } -void delay_packet( packet *delay ) +void delay_packet(packet *delay) { - if( prev_len == MAX_DELAYED_MSG ) + if (prev_len == MAX_DELAYED_MSG) { return; + } - memcpy( &prev[prev_len++], delay, sizeof( packet ) ); + memcpy(&prev[prev_len++], delay, sizeof(packet)); } -int send_delayed() +int send_delayed(void) { uint8_t offset; int ret; - for( offset = 0; offset < prev_len; offset++ ) - { - ret = send_packet( &prev[offset], "delayed" ); - if( ret != 0 ) - return( ret ); + for (offset = 0; offset < prev_len; offset++) { + ret = send_packet(&prev[offset], "delayed"); + if (ret != 0) { + return ret; + } } clear_pending(); - return( 0 ); + return 0; } /* @@ -699,108 +665,100 @@ int send_delayed() static unsigned char held[2048] = { 0 }; #define HOLD_MAX 2 -int handle_message( const char *way, - mbedtls_net_context *dst, - mbedtls_net_context *src ) +int handle_message(const char *way, + mbedtls_net_context *dst, + mbedtls_net_context *src) { int ret; packet cur; size_t id; uint8_t delay_idx; - char ** delay_list; + char **delay_list; uint8_t delay_list_len; /* receive packet */ - if( ( ret = mbedtls_net_recv( src, cur.buf, sizeof( cur.buf ) ) ) <= 0 ) - { - mbedtls_printf( " ! mbedtls_net_recv returned %d\n", ret ); - return( ret ); + if ((ret = mbedtls_net_recv(src, cur.buf, sizeof(cur.buf))) <= 0) { + mbedtls_printf(" ! mbedtls_net_recv returned %d\n", ret); + return ret; } cur.len = ret; - cur.type = msg_type( cur.buf, cur.len ); + cur.type = msg_type(cur.buf, cur.len); cur.way = way; cur.dst = dst; - print_packet( &cur, NULL ); + print_packet(&cur, NULL); - id = cur.len % sizeof( held ); + id = cur.len % sizeof(held); - if( strcmp( way, "S <- C" ) == 0 ) - { + if (strcmp(way, "S <- C") == 0) { delay_list = opt.delay_cli; delay_list_len = opt.delay_cli_cnt; - } - else - { + } else { delay_list = opt.delay_srv; delay_list_len = opt.delay_srv_cnt; } /* Check if message type is in the list of messages * that should be delayed */ - for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ ) - { - if( delay_list[ delay_idx ] == NULL ) + for (delay_idx = 0; delay_idx < delay_list_len; delay_idx++) { + if (delay_list[delay_idx] == NULL) { continue; + } - if( strcmp( delay_list[ delay_idx ], cur.type ) == 0 ) - { + if (strcmp(delay_list[delay_idx], cur.type) == 0) { /* Delay message */ - delay_packet( &cur ); + delay_packet(&cur); /* Remove entry from list */ - mbedtls_free( delay_list[delay_idx] ); + mbedtls_free(delay_list[delay_idx]); delay_list[delay_idx] = NULL; - return( 0 ); + return 0; } } /* do we want to drop, delay, or forward it? */ - if( ( opt.mtu != 0 && - cur.len > (unsigned) opt.mtu ) || - ( opt.drop != 0 && - strcmp( cur.type, "CID" ) != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - held[id] < HOLD_MAX && - rand() % opt.drop == 0 ) ) - { + if ((opt.mtu != 0 && + cur.len > (unsigned) opt.mtu) || + (opt.drop != 0 && + strcmp(cur.type, "CID") != 0 && + strcmp(cur.type, "ApplicationData") != 0 && + !(opt.protect_hvr && + strcmp(cur.type, "HelloVerifyRequest") == 0) && + cur.len != (size_t) opt.protect_len && + held[id] < HOLD_MAX && + rand() % opt.drop == 0)) { ++held[id]; - } - else if( ( opt.delay_ccs == 1 && - strcmp( cur.type, "ChangeCipherSpec" ) == 0 ) || - ( opt.delay != 0 && - strcmp( cur.type, "CID" ) != 0 && - strcmp( cur.type, "ApplicationData" ) != 0 && - ! ( opt.protect_hvr && - strcmp( cur.type, "HelloVerifyRequest" ) == 0 ) && - cur.len != (size_t) opt.protect_len && - held[id] < HOLD_MAX && - rand() % opt.delay == 0 ) ) - { + } else if ((opt.delay_ccs == 1 && + strcmp(cur.type, "ChangeCipherSpec") == 0) || + (opt.delay != 0 && + strcmp(cur.type, "CID") != 0 && + strcmp(cur.type, "ApplicationData") != 0 && + !(opt.protect_hvr && + strcmp(cur.type, "HelloVerifyRequest") == 0) && + cur.len != (size_t) opt.protect_len && + held[id] < HOLD_MAX && + rand() % opt.delay == 0)) { ++held[id]; - delay_packet( &cur ); - } - else - { + delay_packet(&cur); + } else { /* forward and possibly duplicate */ - if( ( ret = send_packet( &cur, "forwarded" ) ) != 0 ) - return( ret ); + if ((ret = send_packet(&cur, "forwarded")) != 0) { + return ret; + } /* send previously delayed messages if any */ ret = send_delayed(); - if( ret != 0 ) - return( ret ); + if (ret != 0) { + return ret; + } } - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -808,7 +766,7 @@ int main( int argc, char *argv[] ) mbedtls_net_context listen_fd, client_fd, server_fd; -#if defined( MBEDTLS_TIMING_C ) +#if defined(MBEDTLS_TIMING_C) struct timeval tm; #endif @@ -817,11 +775,11 @@ int main( int argc, char *argv[] ) int nb_fds; fd_set read_fds; - mbedtls_net_init( &listen_fd ); - mbedtls_net_init( &client_fd ); - mbedtls_net_init( &server_fd ); + mbedtls_net_init(&listen_fd); + mbedtls_net_init(&client_fd); + mbedtls_net_init(&server_fd); - get_options( argc, argv ); + get_options(argc, argv); /* * Decisions to drop/delay/duplicate packets are pseudo-random: dropping @@ -831,80 +789,81 @@ int main( int argc, char *argv[] ) * In order to be able to reproduce problems reliably, the seed may be * specified explicitly. */ - if( opt.seed == 0 ) - { - opt.seed = (unsigned int) time( NULL ); - mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); + if (opt.seed == 0) { +#if defined(MBEDTLS_HAVE_TIME) + opt.seed = (unsigned int) mbedtls_time(NULL); +#else + opt.seed = 1; +#endif /* MBEDTLS_HAVE_TIME */ + mbedtls_printf(" . Pseudo-random seed: %u\n", opt.seed); } - srand( opt.seed ); + srand(opt.seed); /* * 0. "Connect" to the server */ - mbedtls_printf( " . Connect to server on UDP/%s/%s ...", - opt.server_addr, opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_addr, opt.server_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf(" . Connect to server on UDP/%s/%s ...", + opt.server_addr, opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, opt.server_addr, opt.server_port, + MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1. Setup the "listening" UDP socket */ - mbedtls_printf( " . Bind on UDP/%s/%s ...", - opt.listen_addr, opt.listen_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_bind( &listen_fd, opt.listen_addr, opt.listen_port, - MBEDTLS_NET_PROTO_UDP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_bind returned %d\n\n", ret ); + mbedtls_printf(" . Bind on UDP/%s/%s ...", + opt.listen_addr, opt.listen_port); + fflush(stdout); + + if ((ret = mbedtls_net_bind(&listen_fd, opt.listen_addr, opt.listen_port, + MBEDTLS_NET_PROTO_UDP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_bind returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 2. Wait until a client connects */ accept: - mbedtls_net_free( &client_fd ); + mbedtls_net_free(&client_fd); - mbedtls_printf( " . Waiting for a remote connection ..." ); - fflush( stdout ); + mbedtls_printf(" . Waiting for a remote connection ..."); + fflush(stdout); - if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, - NULL, 0, NULL ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_accept returned %d\n\n", ret ); + if ((ret = mbedtls_net_accept(&listen_fd, &client_fd, + NULL, 0, NULL)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_accept returned %d\n\n", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 3. Forward packets forever (kill the process to terminate it) */ clear_pending(); - memset( held, 0, sizeof( held ) ); + memset(held, 0, sizeof(held)); nb_fds = client_fd.fd; - if( nb_fds < server_fd.fd ) + if (nb_fds < server_fd.fd) { nb_fds = server_fd.fd; - if( nb_fds < listen_fd.fd ) + } + if (nb_fds < listen_fd.fd) { nb_fds = listen_fd.fd; + } ++nb_fds; #if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { + if (opt.pack > 0) { outbuf[0].ctx = &server_fd; outbuf[0].description = "S <- C"; outbuf[0].num_datagrams = 0; @@ -917,70 +876,66 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_TIMING_C */ - while( 1 ) - { + while (1) { #if defined(MBEDTLS_TIMING_C) - if( opt.pack > 0 ) - { + if (opt.pack > 0) { unsigned max_wait_server, max_wait_client, max_wait; - max_wait_server = ctx_buffer_time_remaining( &outbuf[0] ); - max_wait_client = ctx_buffer_time_remaining( &outbuf[1] ); + max_wait_server = ctx_buffer_time_remaining(&outbuf[0]); + max_wait_client = ctx_buffer_time_remaining(&outbuf[1]); max_wait = (unsigned) -1; - if( max_wait_server == 0 ) - ctx_buffer_flush( &outbuf[0] ); - else + if (max_wait_server == 0) { + ctx_buffer_flush(&outbuf[0]); + } else { max_wait = max_wait_server; + } - if( max_wait_client == 0 ) - ctx_buffer_flush( &outbuf[1] ); - else - { - if( max_wait_client < max_wait ) + if (max_wait_client == 0) { + ctx_buffer_flush(&outbuf[1]); + } else { + if (max_wait_client < max_wait) { max_wait = max_wait_client; + } } - if( max_wait != (unsigned) -1 ) - { + if (max_wait != (unsigned) -1) { tm.tv_sec = max_wait / 1000; - tm.tv_usec = ( max_wait % 1000 ) * 1000; + tm.tv_usec = (max_wait % 1000) * 1000; tm_ptr = &tm; - } - else - { + } else { tm_ptr = NULL; } } #endif /* MBEDTLS_TIMING_C */ - FD_ZERO( &read_fds ); - FD_SET( server_fd.fd, &read_fds ); - FD_SET( client_fd.fd, &read_fds ); - FD_SET( listen_fd.fd, &read_fds ); + FD_ZERO(&read_fds); + FD_SET(server_fd.fd, &read_fds); + FD_SET(client_fd.fd, &read_fds); + FD_SET(listen_fd.fd, &read_fds); - if( ( ret = select( nb_fds, &read_fds, NULL, NULL, tm_ptr ) ) < 0 ) - { - perror( "select" ); + if ((ret = select(nb_fds, &read_fds, NULL, NULL, tm_ptr)) < 0) { + perror("select"); goto exit; } - if( FD_ISSET( listen_fd.fd, &read_fds ) ) + if (FD_ISSET(listen_fd.fd, &read_fds)) { goto accept; + } - if( FD_ISSET( client_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S <- C", - &server_fd, &client_fd ) ) != 0 ) + if (FD_ISSET(client_fd.fd, &read_fds)) { + if ((ret = handle_message("S <- C", + &server_fd, &client_fd)) != 0) { goto accept; + } } - if( FD_ISSET( server_fd.fd, &read_fds ) ) - { - if( ( ret = handle_message( "S -> C", - &client_fd, &server_fd ) ) != 0 ) + if (FD_ISSET(server_fd.fd, &read_fds)) { + if ((ret = handle_message("S -> C", + &client_fd, &server_fd)) != 0) { goto accept; + } } } @@ -990,31 +945,29 @@ int main( int argc, char *argv[] ) exit: #ifdef MBEDTLS_ERROR_C - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { char error_buf[100]; - mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( "Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf ); - fflush( stdout ); + mbedtls_strerror(ret, error_buf, 100); + mbedtls_printf("Last error was: -0x%04X - %s\n\n", (unsigned int) -ret, error_buf); + fflush(stdout); } #endif - for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ ) - { - mbedtls_free( opt.delay_cli[delay_idx] ); - mbedtls_free( opt.delay_srv[delay_idx] ); + for (delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++) { + mbedtls_free(opt.delay_cli[delay_idx]); + mbedtls_free(opt.delay_srv[delay_idx]); } - mbedtls_net_free( &client_fd ); - mbedtls_net_free( &server_fd ); - mbedtls_net_free( &listen_fd ); + mbedtls_net_free(&client_fd); + mbedtls_net_free(&server_fd); + mbedtls_net_free(&listen_fd); #if defined(_WIN32) - mbedtls_printf( " Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_NET_C */ diff --git a/third_party/mbedtls/repo/programs/test/udp_proxy_wrapper.sh b/third_party/mbedtls/repo/programs/test/udp_proxy_wrapper.sh index 27de013903c..aa6a6d10f69 100755 --- a/third_party/mbedtls/repo/programs/test/udp_proxy_wrapper.sh +++ b/third_party/mbedtls/repo/programs/test/udp_proxy_wrapper.sh @@ -3,19 +3,7 @@ # Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -u diff --git a/third_party/mbedtls/repo/programs/test/zeroize.c b/third_party/mbedtls/repo/programs/test/zeroize.c index 5e6b58e155f..cefc6565582 100644 --- a/third_party/mbedtls/repo/programs/test/zeroize.c +++ b/third_party/mbedtls/repo/programs/test/zeroize.c @@ -10,19 +10,7 @@ * call to mbedtls_platform_zeroize() was not eliminated. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -33,30 +21,22 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #include "mbedtls/platform_util.h" #define BUFFER_LEN 1024 -void usage( void ) +void usage(void) { - mbedtls_printf( "Zeroize is a simple program to assist with testing\n" ); - mbedtls_printf( "the mbedtls_platform_zeroize() function by using the\n" ); - mbedtls_printf( "debugger. This program takes a file as input and\n" ); - mbedtls_printf( "prints the first %d characters. Usage:\n\n", BUFFER_LEN ); - mbedtls_printf( " zeroize \n" ); + mbedtls_printf("Zeroize is a simple program to assist with testing\n"); + mbedtls_printf("the mbedtls_platform_zeroize() function by using the\n"); + mbedtls_printf("debugger. This program takes a file as input and\n"); + mbedtls_printf("prints the first %d characters. Usage:\n\n", BUFFER_LEN); + mbedtls_printf(" zeroize \n"); } -int main( int argc, char** argv ) +int main(int argc, char **argv) { int exit_code = MBEDTLS_EXIT_FAILURE; FILE *fp; @@ -65,34 +45,32 @@ int main( int argc, char** argv ) char *end = p + BUFFER_LEN; int c; - if( argc != 2 ) - { - mbedtls_printf( "This program takes exactly 1 agument\n" ); + if (argc != 2) { + mbedtls_printf("This program takes exactly 1 argument\n"); usage(); - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } - fp = fopen( argv[1], "r" ); - if( fp == NULL ) - { - mbedtls_printf( "Could not open file '%s'\n", argv[1] ); - mbedtls_exit( exit_code ); + fp = fopen(argv[1], "r"); + if (fp == NULL) { + mbedtls_printf("Could not open file '%s'\n", argv[1]); + mbedtls_exit(exit_code); } - while( ( c = fgetc( fp ) ) != EOF && p < end - 1 ) - *p++ = (char)c; + while ((c = fgetc(fp)) != EOF && p < end - 1) { + *p++ = (char) c; + } *p = '\0'; - if( p - buf != 0 ) - { - mbedtls_printf( "%s\n", buf ); + if (p - buf != 0) { + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; + } else { + mbedtls_printf("The file is empty!\n"); } - else - mbedtls_printf( "The file is empty!\n" ); - fclose( fp ); - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + fclose(fp); + mbedtls_platform_zeroize(buf, sizeof(buf)); - mbedtls_exit( exit_code ); // GDB_BREAK_HERE -- don't remove this comment! + mbedtls_exit(exit_code); // GDB_BREAK_HERE -- don't remove this comment! } diff --git a/third_party/mbedtls/repo/programs/util/pem2der.c b/third_party/mbedtls/repo/programs/util/pem2der.c index a2fd0fcb615..8b708838049 100644 --- a/third_party/mbedtls/repo/programs/util/pem2der.c +++ b/third_party/mbedtls/repo/programs/util/pem2der.c @@ -2,19 +2,7 @@ * Convert PEM to DER * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,18 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_free free -#define mbedtls_calloc calloc -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if defined(MBEDTLS_BASE64_C) && defined(MBEDTLS_FS_IO) #include "mbedtls/error.h" @@ -56,10 +33,10 @@ "\n" #if !defined(MBEDTLS_BASE64_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BASE64_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else @@ -67,120 +44,127 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the input file */ const char *output_file; /* where to store the output */ } opt; -int convert_pem_to_der( const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ) +int convert_pem_to_der(const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen) { int ret; const unsigned char *s1, *s2, *end = input + ilen; size_t len = 0; - s1 = (unsigned char *) strstr( (const char *) input, "-----BEGIN" ); - if( s1 == NULL ) - return( -1 ); + s1 = (unsigned char *) strstr((const char *) input, "-----BEGIN"); + if (s1 == NULL) { + return -1; + } - s2 = (unsigned char *) strstr( (const char *) input, "-----END" ); - if( s2 == NULL ) - return( -1 ); + s2 = (unsigned char *) strstr((const char *) input, "-----END"); + if (s2 == NULL) { + return -1; + } s1 += 10; - while( s1 < end && *s1 != '-' ) + while (s1 < end && *s1 != '-') { + s1++; + } + while (s1 < end && *s1 == '-') { s1++; - while( s1 < end && *s1 == '-' ) + } + if (*s1 == '\r') { s1++; - if( *s1 == '\r' ) s1++; - if( *s1 == '\n' ) s1++; + } + if (*s1 == '\n') { + s1++; + } - if( s2 <= s1 || s2 > end ) - return( -1 ); + if (s2 <= s1 || s2 > end) { + return -1; + } - ret = mbedtls_base64_decode( NULL, 0, &len, (const unsigned char *) s1, s2 - s1 ); - if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER ) - return( ret ); + ret = mbedtls_base64_decode(NULL, 0, &len, (const unsigned char *) s1, s2 - s1); + if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) { + return ret; + } - if( len > *olen ) - return( -1 ); + if (len > *olen) { + return -1; + } - if( ( ret = mbedtls_base64_decode( output, len, &len, (const unsigned char *) s1, - s2 - s1 ) ) != 0 ) - { - return( ret ); + if ((ret = mbedtls_base64_decode(output, len, &len, (const unsigned char *) s1, + s2 - s1)) != 0) { + return ret; } *olen = len; - return( 0 ); + return 0; } /* * Load all data from a file into a given buffer. */ -static int load_file( const char *path, unsigned char **buf, size_t *n ) +static int load_file(const char *path, unsigned char **buf, size_t *n) { FILE *f; long size; - if( ( f = fopen( path, "rb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(path, "rb")) == NULL) { + return -1; + } - fseek( f, 0, SEEK_END ); - if( ( size = ftell( f ) ) == -1 ) - { - fclose( f ); - return( -1 ); + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return -1; } - fseek( f, 0, SEEK_SET ); + fseek(f, 0, SEEK_SET); *n = (size_t) size; - if( *n + 1 == 0 || - ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL ) - { - fclose( f ); - return( -1 ); + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return -1; } - if( fread( *buf, 1, *n, f ) != *n ) - { - fclose( f ); - free( *buf ); + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); + free(*buf); *buf = NULL; - return( -1 ); + return -1; } - fclose( f ); + fclose(f); (*buf)[*n] = '\0'; - return( 0 ); + return 0; } /* * Write buffer to a file */ -static int write_file( const char *path, unsigned char *buf, size_t n ) +static int write_file(const char *path, unsigned char *buf, size_t n) { FILE *f; - if( ( f = fopen( path, "wb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(path, "wb")) == NULL) { + return -1; + } - if( fwrite( buf, 1, n, f ) != n ) - { - fclose( f ); - return( -1 ); + if (fwrite(buf, 1, n, f) != n) { + fclose(f); + return -1; } - fclose( f ); - return( 0 ); + fclose(f); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -194,100 +178,97 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - memset( buf, 0, sizeof(buf) ); - memset( der_buffer, 0, sizeof(der_buffer) ); + memset(buf, 0, sizeof(buf)); + memset(der_buffer, 0, sizeof(der_buffer)); - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; opt.output_file = DFL_OUTPUT_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else + } else { goto usage; + } } /* * 1.1. Load the PEM file */ - mbedtls_printf( "\n . Loading the PEM file ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the PEM file ..."); + fflush(stdout); - ret = load_file( opt.filename, &pem_buffer, &pem_size ); + ret = load_file(opt.filename, &pem_buffer, &pem_size); - if( ret != 0 ) - { + if (ret != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! load_file returned %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! load_file returned %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2. Convert from PEM to DER */ - mbedtls_printf( " . Converting from PEM to DER ..." ); - fflush( stdout ); + mbedtls_printf(" . Converting from PEM to DER ..."); + fflush(stdout); - if( ( ret = convert_pem_to_der( pem_buffer, pem_size, der_buffer, &der_size ) ) != 0 ) - { + if ((ret = convert_pem_to_der(pem_buffer, pem_size, der_buffer, &der_size)) != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! convert_pem_to_der %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.3. Write the DER file */ - mbedtls_printf( " . Writing the DER file ..." ); - fflush( stdout ); + mbedtls_printf(" . Writing the DER file ..."); + fflush(stdout); - ret = write_file( opt.output_file, der_buffer, der_size ); + ret = write_file(opt.output_file, der_buffer, der_size); - if( ret != 0 ) - { + if (ret != 0) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, 1024 ); + mbedtls_strerror(ret, buf, 1024); #endif - mbedtls_printf( " failed\n ! write_file returned %d - %s\n\n", ret, buf ); + mbedtls_printf(" failed\n ! write_file returned %d - %s\n\n", ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - free( pem_buffer ); + free(pem_buffer); #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BASE64_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/util/strerror.c b/third_party/mbedtls/repo/programs/util/strerror.c index 6b7e4483704..84967ded12b 100644 --- a/third_party/mbedtls/repo/programs/util/strerror.c +++ b/third_party/mbedtls/repo/programs/util/strerror.c @@ -2,19 +2,7 @@ * Translate error code to error string * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,14 +11,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#endif #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) #include "mbedtls/error.h" @@ -45,48 +26,45 @@ "\n where can be a decimal or hexadecimal (starts with 0x or -0x)\n" #if !defined(MBEDTLS_ERROR_C) && !defined(MBEDTLS_ERROR_STRERROR_DUMMY) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_ERROR_C and/or MBEDTLS_ERROR_STRERROR_DUMMY not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_exit(0); } #else -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { long int val; char *end = argv[1]; - if( argc != 2 ) - { - mbedtls_printf( USAGE ); - mbedtls_exit( 0 ); + if (argc != 2) { + mbedtls_printf(USAGE); + mbedtls_exit(0); } - val = strtol( argv[1], &end, 10 ); - if( *end != '\0' ) - { - val = strtol( argv[1], &end, 16 ); - if( *end != '\0' ) - { - mbedtls_printf( USAGE ); - return( 0 ); + val = strtol(argv[1], &end, 10); + if (*end != '\0') { + val = strtol(argv[1], &end, 16); + if (*end != '\0') { + mbedtls_printf(USAGE); + return 0; } } - if( val > 0 ) + if (val > 0) { val = -val; + } - if( val != 0 ) - { + if (val != 0) { char error_buf[200]; - mbedtls_strerror( val, error_buf, 200 ); - mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf ); + mbedtls_strerror(val, error_buf, 200); + mbedtls_printf("Last error was: -0x%04x - %s\n\n", (unsigned int) -val, error_buf); } #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( val ); + mbedtls_exit(val); } #endif /* MBEDTLS_ERROR_C */ diff --git a/third_party/mbedtls/repo/programs/wince_main.c b/third_party/mbedtls/repo/programs/wince_main.c index 851012c13dc..e817b9f5f5c 100644 --- a/third_party/mbedtls/repo/programs/wince_main.c +++ b/third_party/mbedtls/repo/programs/wince_main.c @@ -2,42 +2,30 @@ * Windows CE console application entry point * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(_WIN32_WCE) #include -extern int main( int, const char ** ); +extern int main(int, const char **); -int _tmain( int argc, _TCHAR* targv[] ) +int _tmain(int argc, _TCHAR *targv[]) { char **argv; int i; - argv = ( char ** ) calloc( argc, sizeof( char * ) ); + argv = (char **) calloc(argc, sizeof(char *)); - for ( i = 0; i < argc; i++ ) { + for (i = 0; i < argc; i++) { size_t len; - len = _tcslen( targv[i] ) + 1; - argv[i] = ( char * ) calloc( len, sizeof( char ) ); - wcstombs( argv[i], targv[i], len ); + len = _tcslen(targv[i]) + 1; + argv[i] = (char *) calloc(len, sizeof(char)); + wcstombs(argv[i], targv[i], len); } - return main( argc, argv ); + return main(argc, argv); } #endif /* defined(_WIN32_WCE) */ diff --git a/third_party/mbedtls/repo/programs/x509/cert_app.c b/third_party/mbedtls/repo/programs/x509/cert_app.c index 89b25a83285..9f11acd35e1 100644 --- a/third_party/mbedtls/repo/programs/x509/cert_app.c +++ b/third_party/mbedtls/repo/programs/x509/cert_app.c @@ -2,19 +2,7 @@ * Certificate reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,33 +11,21 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \ !defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " - "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or " + "MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " + "MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C not defined.\n"); + mbedtls_exit(0); } #else @@ -102,8 +78,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { int mode; /* the mode to run the application in */ const char *filename; /* filename of the certificate file */ const char *ca_file; /* the file with the CA certificate(s) */ @@ -115,37 +90,36 @@ struct options int permissive; /* permissive parsing */ } opt; -static void my_debug( void *ctx, int level, - const char *file, int line, - const char *str ) +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { ((void) level); - mbedtls_fprintf( (FILE *) ctx, "%s:%04d: %s", file, line, str ); - fflush( (FILE *) ctx ); + mbedtls_fprintf((FILE *) ctx, "%s:%04d: %s", file, line, str); + fflush((FILE *) ctx); } -static int my_verify( void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags ) +static int my_verify(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags) { char buf[1024]; ((void) data); - mbedtls_printf( "\nVerify requested for (Depth %d):\n", depth ); - mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt ); - mbedtls_printf( "%s", buf ); + mbedtls_printf("\nVerify requested for (Depth %d):\n", depth); + mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt); + mbedtls_printf("%s", buf); - if ( ( *flags ) == 0 ) - mbedtls_printf( " This certificate has no flags\n" ); - else - { - mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags ); - mbedtls_printf( "%s\n", buf ); + if ((*flags) == 0) { + mbedtls_printf(" This certificate has no flags\n"); + } else { + mbedtls_x509_crt_verify_info(buf, sizeof(buf), " ! ", *flags); + mbedtls_printf("%s\n", buf); } - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -166,23 +140,32 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_net_init( &server_fd ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &cacert ); + mbedtls_net_init(&server_fd); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&cacert); + mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_init( &cacrl ); + mbedtls_x509_crl_init(&cacrl); #else /* Zeroize structure as CRL parsing is not supported and we have to pass it to the verify function */ - memset( &cacrl, 0, sizeof(mbedtls_x509_crl) ); + memset(&cacrl, 0, sizeof(mbedtls_x509_crl)); #endif - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -196,91 +179,85 @@ int main( int argc, char *argv[] ) opt.debug_level = DFL_DEBUG_LEVEL; opt.permissive = DFL_PERMISSIVE; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - for( j = 0; p + j < q; j++ ) - { - if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) + for (j = 0; p + j < q; j++) { + if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') { argv[i][j] |= 0x20; + } } - if( strcmp( p, "mode" ) == 0 ) - { - if( strcmp( q, "file" ) == 0 ) + if (strcmp(p, "mode") == 0) { + if (strcmp(q, "file") == 0) { opt.mode = MODE_FILE; - else if( strcmp( q, "ssl" ) == 0 ) + } else if (strcmp(q, "ssl") == 0) { opt.mode = MODE_SSL; - else + } else { goto usage; - } - else if( strcmp( p, "filename" ) == 0 ) + } + } else if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "ca_file" ) == 0 ) + } else if (strcmp(p, "ca_file") == 0) { opt.ca_file = q; - else if( strcmp( p, "crl_file" ) == 0 ) + } else if (strcmp(p, "crl_file") == 0) { opt.crl_file = q; - else if( strcmp( p, "ca_path" ) == 0 ) + } else if (strcmp(p, "ca_path") == 0) { opt.ca_path = q; - else if( strcmp( p, "server_name" ) == 0 ) + } else if (strcmp(p, "server_name") == 0) { opt.server_name = q; - else if( strcmp( p, "server_port" ) == 0 ) + } else if (strcmp(p, "server_port") == 0) { opt.server_port = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "permissive" ) == 0 ) - { - opt.permissive = atoi( q ); - if( opt.permissive < 0 || opt.permissive > 1 ) + } + } else if (strcmp(p, "permissive") == 0) { + opt.permissive = atoi(q); + if (opt.permissive < 0 || opt.permissive > 1) { goto usage; - } - else + } + } else { goto usage; + } } /* * 1.1. Load the trusted CA */ - mbedtls_printf( " . Loading the CA root certificate ..." ); - fflush( stdout ); - - if( strlen( opt.ca_path ) ) - { - if( ( ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", (unsigned int) -ret ); + mbedtls_printf(" . Loading the CA root certificate ..."); + fflush(stdout); + + if (strlen(opt.ca_path)) { + if ((ret = mbedtls_x509_crt_parse_path(&cacert, opt.ca_path)) < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_path returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } verify = 1; - } - else if( strlen( opt.ca_file ) ) - { - if( ( ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ) ) < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", (unsigned int) -ret ); + } else if (strlen(opt.ca_file)) { + if ((ret = mbedtls_x509_crt_parse_file(&cacert, opt.ca_file)) < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } verify = 1; } - mbedtls_printf( " ok (%d skipped)\n", ret ); + mbedtls_printf(" ok (%d skipped)\n", ret); #if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strlen( opt.crl_file ) ) - { - if( ( ret = mbedtls_x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", (unsigned int) -ret ); + if (strlen(opt.crl_file)) { + if ((ret = mbedtls_x509_crl_parse_file(&cacrl, opt.crl_file)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_parse returned -0x%x\n\n", + (unsigned int) -ret); goto exit; } @@ -288,52 +265,49 @@ int main( int argc, char *argv[] ) } #endif - if( opt.mode == MODE_FILE ) - { + if (opt.mode == MODE_FILE) { mbedtls_x509_crt crt; mbedtls_x509_crt *cur = &crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); /* * 1.1. Load the certificate(s) */ - mbedtls_printf( "\n . Loading the certificate(s) ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the certificate(s) ..."); + fflush(stdout); - ret = mbedtls_x509_crt_parse_file( &crt, opt.filename ); + ret = mbedtls_x509_crt_parse_file(&crt, opt.filename); - if( ret < 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + if (ret < 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file returned %d\n\n", ret); + mbedtls_x509_crt_free(&crt); goto exit; } - if( opt.permissive == 0 && ret > 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + if (opt.permissive == 0 && ret > 0) { + mbedtls_printf( + " failed\n ! mbedtls_x509_crt_parse failed to parse %d certificates\n\n", + ret); + mbedtls_x509_crt_free(&crt); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the certificate(s) */ - while( cur != NULL ) - { - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - cur ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); - mbedtls_x509_crt_free( &crt ); + while (cur != NULL) { + mbedtls_printf(" . Peer certificate information ...\n"); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + cur); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret); + mbedtls_x509_crt_free(&crt); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); cur = cur->next; } @@ -341,161 +315,150 @@ int main( int argc, char *argv[] ) /* * 1.3 Verify the certificate */ - if( verify ) - { - mbedtls_printf( " . Verifying X.509 certificate..." ); + if (verify) { + mbedtls_printf(" . Verifying X.509 certificate..."); - if( ( ret = mbedtls_x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags, - my_verify, NULL ) ) != 0 ) - { + if ((ret = mbedtls_x509_crt_verify(&crt, &cacert, &cacrl, NULL, &flags, + my_verify, NULL)) != 0) { char vrfy_buf[512]; - mbedtls_printf( " failed\n" ); + mbedtls_printf(" failed\n"); - mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags ); + mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), " ! ", flags); - mbedtls_printf( "%s\n", vrfy_buf ); + mbedtls_printf("%s\n", vrfy_buf); + } else { + mbedtls_printf(" ok\n"); } - else - mbedtls_printf( " ok\n" ); } - mbedtls_x509_crt_free( &crt ); - } - else if( opt.mode == MODE_SSL ) - { + mbedtls_x509_crt_free(&crt); + } else if (opt.mode == MODE_SSL) { /* * 1. Initialize the RNG and the session data */ - mbedtls_printf( "\n . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); + mbedtls_printf("\n . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto ssl_exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); #if defined(MBEDTLS_DEBUG_C) - mbedtls_debug_set_threshold( opt.debug_level ); + mbedtls_debug_set_threshold(opt.debug_level); #endif /* * 2. Start the connection */ - mbedtls_printf( " . SSL connection to tcp/%s/%s...", opt.server_name, - opt.server_port ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, opt.server_name, - opt.server_port, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); + mbedtls_printf(" . SSL connection to tcp/%s/%s...", opt.server_name, + opt.server_port); + fflush(stdout); + + if ((ret = mbedtls_net_connect(&server_fd, opt.server_name, + opt.server_port, MBEDTLS_NET_PROTO_TCP)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_net_connect returned %d\n\n", ret); goto ssl_exit; } /* * 3. Setup stuff */ - if( ( ret = mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret); goto exit; } - if( verify ) - { - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED ); - mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); - mbedtls_ssl_conf_verify( &conf, my_verify, NULL ); + if (verify) { + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_REQUIRED); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_verify(&conf, my_verify, NULL); + } else { + mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_NONE); } - else - mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE ); - mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); - mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_setup returned %d\n\n", ret); goto ssl_exit; } - if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret ); + if ((ret = mbedtls_ssl_set_hostname(&ssl, opt.server_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret); goto ssl_exit; } - mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL ); + mbedtls_ssl_set_bio(&ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL); /* * 4. Handshake */ - while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 ) - { - if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret ); + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + mbedtls_printf(" failed\n ! mbedtls_ssl_handshake returned %d\n\n", ret); goto ssl_exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 5. Print the certificate */ #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_printf( " . Peer certificate information ... skipped\n" ); + mbedtls_printf(" . Peer certificate information ... skipped\n"); #else - mbedtls_printf( " . Peer certificate information ...\n" ); - ret = mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ", - mbedtls_ssl_get_peer_cert( &ssl ) ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret ); + mbedtls_printf(" . Peer certificate information ...\n"); + ret = mbedtls_x509_crt_info((char *) buf, sizeof(buf) - 1, " ", + mbedtls_ssl_get_peer_cert(&ssl)); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crt_info returned %d\n\n", ret); goto ssl_exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - mbedtls_ssl_close_notify( &ssl ); + mbedtls_ssl_close_notify(&ssl); ssl_exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); - } - else + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + } else { goto usage; + } exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_net_free( &server_fd ); - mbedtls_x509_crt_free( &cacert ); + mbedtls_net_free(&server_fd); + mbedtls_x509_crt_free(&cacert); #if defined(MBEDTLS_X509_CRL_PARSE_C) - mbedtls_x509_crl_free( &cacrl ); + mbedtls_x509_crl_free(&cacrl); #endif - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_CLI_C && MBEDTLS_NET_C && MBEDTLS_RSA_C && diff --git a/third_party/mbedtls/repo/programs/x509/cert_req.c b/third_party/mbedtls/repo/programs/x509/cert_req.c index e8241a320e1..942711f2ffc 100644 --- a/third_party/mbedtls/repo/programs/x509/cert_req.c +++ b/third_party/mbedtls/repo/programs/x509/cert_req.c @@ -2,19 +2,7 @@ * Certificate request generation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,28 +11,19 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " - "not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " + "not defined.\n"); + mbedtls_exit(0); } #else @@ -108,8 +87,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the key file */ const char *password; /* password for the key file */ int debug_level; /* level of debugging */ @@ -122,36 +100,37 @@ struct options mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ } opt; -int write_certificate_request( mbedtls_x509write_csr *req, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; FILE *f; unsigned char output_buf[4096]; size_t len = 0; - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_csr_pem( req, output_buf, 4096, f_rng, p_rng ) ) < 0 ) - return( ret ); + memset(output_buf, 0, 4096); + if ((ret = mbedtls_x509write_csr_pem(req, output_buf, 4096, f_rng, p_rng)) < 0) { + return ret; + } - len = strlen( (char *) output_buf ); + len = strlen((char *) output_buf); - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(output_buf, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -167,15 +146,24 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509write_csr_init( &req ); - mbedtls_pk_init( &key ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - memset( buf, 0, sizeof( buf ) ); - - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + mbedtls_x509write_csr_init(&req); + mbedtls_pk_init(&key); + mbedtls_ctr_drbg_init(&ctr_drbg); + memset(buf, 0, sizeof(buf)); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -190,214 +178,200 @@ int main( int argc, char *argv[] ) opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; opt.md_alg = DFL_MD_ALG; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else if( strcmp( p, "password" ) == 0 ) + } else if (strcmp(p, "password") == 0) { opt.password = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else if( strcmp( p, "debug_level" ) == 0 ) - { - opt.debug_level = atoi( q ); - if( opt.debug_level < 0 || opt.debug_level > 65535 ) + } else if (strcmp(p, "debug_level") == 0) { + opt.debug_level = atoi(q); + if (opt.debug_level < 0 || opt.debug_level > 65535) { goto usage; - } - else if( strcmp( p, "subject_name" ) == 0 ) - { + } + } else if (strcmp(p, "subject_name") == 0) { opt.subject_name = q; - } - else if( strcmp( p, "md" ) == 0 ) - { + } else if (strcmp(p, "md") == 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_string( q ); - if( md_info == NULL ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + mbedtls_md_info_from_string(q); + if (md_info == NULL) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - opt.md_alg = mbedtls_md_get_type( md_info ); - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + opt.md_alg = mbedtls_md_get_type(md_info); + } else if (strcmp(p, "key_usage") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "digital_signature" ) == 0 ) + if (strcmp(q, "digital_signature") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) + } else if (strcmp(q, "non_repudiation") == 0) { opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) + } else if (strcmp(q, "key_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) + } else if (strcmp(q, "data_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) + } else if (strcmp(q, "key_agreement") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) + } else if (strcmp(q, "key_cert_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) + } else if (strcmp(q, "crl_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else + } else { goto usage; + } q = r; } - } - else if( strcmp( p, "force_key_usage" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "force_key_usage") == 0) { + switch (atoi(q)) { case 0: opt.force_key_usage = 0; break; case 1: opt.force_key_usage = 1; break; default: goto usage; } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "ns_cert_type") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "ssl_client" ) == 0 ) + if (strcmp(q, "ssl_client") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) + } else if (strcmp(q, "ssl_server") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) + } else if (strcmp(q, "email") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) + } else if (strcmp(q, "object_signing") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) + } else if (strcmp(q, "ssl_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) + } else if (strcmp(q, "email_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) + } else if (strcmp(q, "object_signing_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else + } else { goto usage; + } q = r; } - } - else if( strcmp( p, "force_ns_cert_type" ) == 0 ) - { - switch( atoi( q ) ) - { + } else if (strcmp(p, "force_ns_cert_type") == 0) { + switch (atoi(q)) { case 0: opt.force_ns_cert_type = 0; break; case 1: opt.force_ns_cert_type = 1; break; default: goto usage; } - } - else + } else { goto usage; + } } - mbedtls_x509write_csr_set_md_alg( &req, opt.md_alg ); + mbedtls_x509write_csr_set_md_alg(&req, opt.md_alg); - if( opt.key_usage || opt.force_key_usage == 1 ) - mbedtls_x509write_csr_set_key_usage( &req, opt.key_usage ); + if (opt.key_usage || opt.force_key_usage == 1) { + mbedtls_x509write_csr_set_key_usage(&req, opt.key_usage); + } - if( opt.ns_cert_type || opt.force_ns_cert_type == 1 ) - mbedtls_x509write_csr_set_ns_cert_type( &req, opt.ns_cert_type ); + if (opt.ns_cert_type || opt.force_ns_cert_type == 1) { + mbedtls_x509write_csr_set_ns_cert_type(&req, opt.ns_cert_type); + } /* * 0. Seed the PRNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d", ret ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.0. Check the subject name for validity */ - mbedtls_printf( " . Checking subject name..." ); - fflush( stdout ); + mbedtls_printf(" . Checking subject name..."); + fflush(stdout); - if( ( ret = mbedtls_x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret ); + if ((ret = mbedtls_x509write_csr_set_subject_name(&req, opt.subject_name)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509write_csr_set_subject_name returned %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.1. Load the key */ - mbedtls_printf( " . Loading the private key ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the private key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password ); + ret = mbedtls_pk_parse_keyfile(&key, opt.filename, opt.password); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned %d", ret ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile returned %d", ret); goto exit; } - mbedtls_x509write_csr_set_key( &req, &key ); + mbedtls_x509write_csr_set_key(&req, &key); - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2. Writing the request */ - mbedtls_printf( " . Writing the certificate request ..." ); - fflush( stdout ); + mbedtls_printf(" . Writing the certificate request ..."); + fflush(stdout); - if( ( ret = write_certificate_request( &req, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! write_certifcate_request %d", ret ); + if ((ret = write_certificate_request(&req, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_printf(" failed\n ! write_certificate_request %d", ret); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - if( exit_code != MBEDTLS_EXIT_SUCCESS ) - { + if (exit_code != MBEDTLS_EXIT_SUCCESS) { #ifdef MBEDTLS_ERROR_C - mbedtls_strerror( ret, buf, sizeof( buf ) ); - mbedtls_printf( " - %s\n", buf ); + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf(" - %s\n", buf); #else mbedtls_printf("\n"); #endif } - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_X509_CSR_WRITE_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && MBEDTLS_PEM_WRITE_C */ diff --git a/third_party/mbedtls/repo/programs/x509/cert_write.c b/third_party/mbedtls/repo/programs/x509/cert_write.c index 18174d80498..3f04c6d5d34 100644 --- a/third_party/mbedtls/repo/programs/x509/cert_write.c +++ b/third_party/mbedtls/repo/programs/x509/cert_write.c @@ -2,19 +2,7 @@ * Certificate generation and signing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,29 +11,20 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_X509_CRT_WRITE_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_PEM_WRITE_C) -int main( void ) +int main(void) { - mbedtls_printf( "MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_ERROR_C not defined.\n"); - mbedtls_exit( 0 ); + mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_ERROR_C not defined.\n"); + mbedtls_exit(0); } #else @@ -113,8 +92,8 @@ int main( void ) " issuer_pwd=%%s default: (empty)\n" \ " output_file=%%s default: cert.crt\n" \ " serial=%%s default: 1\n" \ - " not_before=%%s default: 20010101000000\n"\ - " not_after=%%s default: 20301231235959\n"\ + " not_before=%%s default: 20010101000000\n" \ + " not_after=%%s default: 20301231235959\n" \ " is_ca=%%d default: 0 (disabled)\n" \ " max_pathlen=%%d default: -1 (none)\n" \ " md=%%s default: SHA256\n" \ @@ -122,16 +101,16 @@ int main( void ) " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \ " SHA224, SHA256, SHA384, SHA512\n" \ " version=%%d default: 3\n" \ - " Possible values: 1, 2, 3\n"\ + " Possible values: 1, 2, 3\n" \ " subject_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " authority_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " basic_constraints=%%d default: 1\n" \ " Possible values: 0, 1\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " key_usage=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " digital_signature\n" \ @@ -141,7 +120,7 @@ int main( void ) " key_agreement\n" \ " key_cert_sign\n" \ " crl_sign\n" \ - " (Considered for v3 only)\n"\ + " (Considered for v3 only)\n" \ " ns_cert_type=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " ssl_client\n" \ @@ -157,8 +136,7 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *issuer_crt; /* filename of the issuer certificate */ const char *request_file; /* filename of the certificate request */ const char *subject_key; /* filename of the subject key file */ @@ -183,44 +161,45 @@ struct options unsigned char ns_cert_type; /* NS cert type */ } opt; -int write_certificate( mbedtls_x509write_cert *crt, const char *output_file, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int write_certificate(mbedtls_x509write_cert *crt, const char *output_file, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) { int ret; FILE *f; unsigned char output_buf[4096]; size_t len = 0; - memset( output_buf, 0, 4096 ); - if( ( ret = mbedtls_x509write_crt_pem( crt, output_buf, 4096, - f_rng, p_rng ) ) < 0 ) - return( ret ); + memset(output_buf, 0, 4096); + if ((ret = mbedtls_x509write_crt_pem(crt, output_buf, 4096, + f_rng, p_rng)) < 0) { + return ret; + } - len = strlen( (char *) output_buf ); + len = strlen((char *) output_buf); - if( ( f = fopen( output_file, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(output_file, "w")) == NULL) { + return -1; + } - if( fwrite( output_buf, 1, len, f ) != len ) - { - fclose( f ); - return( -1 ); + if (fwrite(output_buf, 1, len, f) != len) { + fclose(f); + return -1; } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_x509_crt issuer_crt; mbedtls_pk_context loaded_issuer_key, loaded_subject_key; mbedtls_pk_context *issuer_key = &loaded_issuer_key, - *subject_key = &loaded_subject_key; + *subject_key = &loaded_subject_key; char buf[1024]; char issuer_name[256]; int i; @@ -238,22 +217,30 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509write_crt_init( &crt ); - mbedtls_pk_init( &loaded_issuer_key ); - mbedtls_pk_init( &loaded_subject_key ); - mbedtls_mpi_init( &serial ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); + mbedtls_x509write_crt_init(&crt); + mbedtls_pk_init(&loaded_issuer_key); + mbedtls_pk_init(&loaded_subject_key); + mbedtls_mpi_init(&serial); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); #endif - mbedtls_x509_crt_init( &issuer_crt ); - memset( buf, 0, 1024 ); + mbedtls_x509_crt_init(&issuer_crt); + memset(buf, 0, 1024); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } @@ -280,188 +267,149 @@ int main( int argc, char *argv[] ) opt.authority_identifier = DFL_AUTH_IDENT; opt.basic_constraints = DFL_CONSTRAINTS; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "request_file" ) == 0 ) + if (strcmp(p, "request_file") == 0) { opt.request_file = q; - else if( strcmp( p, "subject_key" ) == 0 ) + } else if (strcmp(p, "subject_key") == 0) { opt.subject_key = q; - else if( strcmp( p, "issuer_key" ) == 0 ) + } else if (strcmp(p, "issuer_key") == 0) { opt.issuer_key = q; - else if( strcmp( p, "subject_pwd" ) == 0 ) + } else if (strcmp(p, "subject_pwd") == 0) { opt.subject_pwd = q; - else if( strcmp( p, "issuer_pwd" ) == 0 ) + } else if (strcmp(p, "issuer_pwd") == 0) { opt.issuer_pwd = q; - else if( strcmp( p, "issuer_crt" ) == 0 ) + } else if (strcmp(p, "issuer_crt") == 0) { opt.issuer_crt = q; - else if( strcmp( p, "output_file" ) == 0 ) + } else if (strcmp(p, "output_file") == 0) { opt.output_file = q; - else if( strcmp( p, "subject_name" ) == 0 ) - { + } else if (strcmp(p, "subject_name") == 0) { opt.subject_name = q; - } - else if( strcmp( p, "issuer_name" ) == 0 ) - { + } else if (strcmp(p, "issuer_name") == 0) { opt.issuer_name = q; - } - else if( strcmp( p, "not_before" ) == 0 ) - { + } else if (strcmp(p, "not_before") == 0) { opt.not_before = q; - } - else if( strcmp( p, "not_after" ) == 0 ) - { + } else if (strcmp(p, "not_after") == 0) { opt.not_after = q; - } - else if( strcmp( p, "serial" ) == 0 ) - { + } else if (strcmp(p, "serial") == 0) { opt.serial = q; - } - else if( strcmp( p, "authority_identifier" ) == 0 ) - { - opt.authority_identifier = atoi( q ); - if( opt.authority_identifier != 0 && - opt.authority_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "authority_identifier") == 0) { + opt.authority_identifier = atoi(q); + if (opt.authority_identifier != 0 && + opt.authority_identifier != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "subject_identifier" ) == 0 ) - { - opt.subject_identifier = atoi( q ); - if( opt.subject_identifier != 0 && - opt.subject_identifier != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "subject_identifier") == 0) { + opt.subject_identifier = atoi(q); + if (opt.subject_identifier != 0 && + opt.subject_identifier != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "basic_constraints" ) == 0 ) - { - opt.basic_constraints = atoi( q ); - if( opt.basic_constraints != 0 && - opt.basic_constraints != 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "basic_constraints") == 0) { + opt.basic_constraints = atoi(q); + if (opt.basic_constraints != 0 && + opt.basic_constraints != 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "md" ) == 0 ) - { + } else if (strcmp(p, "md") == 0) { const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_string( q ); - if( md_info == NULL ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + mbedtls_md_info_from_string(q); + if (md_info == NULL) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - opt.md = mbedtls_md_get_type( md_info ); - } - else if( strcmp( p, "version" ) == 0 ) - { - opt.version = atoi( q ); - if( opt.version < 1 || opt.version > 3 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + opt.md = mbedtls_md_get_type(md_info); + } else if (strcmp(p, "version") == 0) { + opt.version = atoi(q); + if (opt.version < 1 || opt.version > 3) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } opt.version--; - } - else if( strcmp( p, "selfsign" ) == 0 ) - { - opt.selfsign = atoi( q ); - if( opt.selfsign < 0 || opt.selfsign > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "selfsign") == 0) { + opt.selfsign = atoi(q); + if (opt.selfsign < 0 || opt.selfsign > 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "is_ca" ) == 0 ) - { - opt.is_ca = atoi( q ); - if( opt.is_ca < 0 || opt.is_ca > 1 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "is_ca") == 0) { + opt.is_ca = atoi(q); + if (opt.is_ca < 0 || opt.is_ca > 1) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "max_pathlen" ) == 0 ) - { - opt.max_pathlen = atoi( q ); - if( opt.max_pathlen < -1 || opt.max_pathlen > 127 ) - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else if (strcmp(p, "max_pathlen") == 0) { + opt.max_pathlen = atoi(q); + if (opt.max_pathlen < -1 || opt.max_pathlen > 127) { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } - } - else if( strcmp( p, "key_usage" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "key_usage") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "digital_signature" ) == 0 ) + if (strcmp(q, "digital_signature") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DIGITAL_SIGNATURE; - else if( strcmp( q, "non_repudiation" ) == 0 ) + } else if (strcmp(q, "non_repudiation") == 0) { opt.key_usage |= MBEDTLS_X509_KU_NON_REPUDIATION; - else if( strcmp( q, "key_encipherment" ) == 0 ) + } else if (strcmp(q, "key_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_ENCIPHERMENT; - else if( strcmp( q, "data_encipherment" ) == 0 ) + } else if (strcmp(q, "data_encipherment") == 0) { opt.key_usage |= MBEDTLS_X509_KU_DATA_ENCIPHERMENT; - else if( strcmp( q, "key_agreement" ) == 0 ) + } else if (strcmp(q, "key_agreement") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_AGREEMENT; - else if( strcmp( q, "key_cert_sign" ) == 0 ) + } else if (strcmp(q, "key_cert_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_KEY_CERT_SIGN; - else if( strcmp( q, "crl_sign" ) == 0 ) + } else if (strcmp(q, "crl_sign") == 0) { opt.key_usage |= MBEDTLS_X509_KU_CRL_SIGN; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } q = r; } - } - else if( strcmp( p, "ns_cert_type" ) == 0 ) - { - while( q != NULL ) - { - if( ( r = strchr( q, ',' ) ) != NULL ) + } else if (strcmp(p, "ns_cert_type") == 0) { + while (q != NULL) { + if ((r = strchr(q, ',')) != NULL) { *r++ = '\0'; + } - if( strcmp( q, "ssl_client" ) == 0 ) + if (strcmp(q, "ssl_client") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT; - else if( strcmp( q, "ssl_server" ) == 0 ) + } else if (strcmp(q, "ssl_server") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER; - else if( strcmp( q, "email" ) == 0 ) + } else if (strcmp(q, "email") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL; - else if( strcmp( q, "object_signing" ) == 0 ) + } else if (strcmp(q, "object_signing") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING; - else if( strcmp( q, "ssl_ca" ) == 0 ) + } else if (strcmp(q, "ssl_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_SSL_CA; - else if( strcmp( q, "email_ca" ) == 0 ) + } else if (strcmp(q, "email_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA; - else if( strcmp( q, "object_signing_ca" ) == 0 ) + } else if (strcmp(q, "object_signing_ca") == 0) { opt.ns_cert_type |= MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA; - else - { - mbedtls_printf( "Invalid argument for option %s\n", p ); + } else { + mbedtls_printf("Invalid argument for option %s\n", p); goto usage; } q = r; } - } - else + } else { goto usage; + } } mbedtls_printf("\n"); @@ -469,339 +417,313 @@ int main( int argc, char *argv[] ) /* * 0. Seed the PRNG */ - mbedtls_printf( " . Seeding the random number generator..." ); - fflush( stdout ); - - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", - ret, buf ); + mbedtls_printf(" . Seeding the random number generator..."); + fflush(stdout); + + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d - %s\n", + ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); // Parse serial to MPI // - mbedtls_printf( " . Reading serial number..." ); - fflush( stdout ); - - if( ( ret = mbedtls_mpi_read_string( &serial, 10, opt.serial ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_mpi_read_string " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Reading serial number..."); + fflush(stdout); + + if ((ret = mbedtls_mpi_read_string(&serial, 10, opt.serial)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_mpi_read_string " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); // Parse issuer certificate if present // - if( !opt.selfsign && strlen( opt.issuer_crt ) ) - { + if (!opt.selfsign && strlen(opt.issuer_crt)) { /* * 1.0.a. Load the certificates */ - mbedtls_printf( " . Loading the issuer certificate ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_crt_parse_file " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Loading the issuer certificate ..."); + fflush(stdout); + + if ((ret = mbedtls_x509_crt_parse_file(&issuer_crt, opt.issuer_crt)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_crt_parse_file " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509_dn_gets( issuer_name, sizeof(issuer_name), - &issuer_crt.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509_dn_gets(issuer_name, sizeof(issuer_name), + &issuer_crt.subject); + if (ret < 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } opt.issuer_name = issuer_name; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #if defined(MBEDTLS_X509_CSR_PARSE_C) // Parse certificate request if present // - if( !opt.selfsign && strlen( opt.request_file ) ) - { + if (!opt.selfsign && strlen(opt.request_file)) { /* * 1.0.b. Load the CSR */ - mbedtls_printf( " . Loading the certificate request ..." ); - fflush( stdout ); - - if( ( ret = mbedtls_x509_csr_parse_file( &csr, opt.request_file ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" . Loading the certificate request ..."); + fflush(stdout); + + if ((ret = mbedtls_x509_csr_parse_file(&csr, opt.request_file)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_csr_parse_file " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509_dn_gets( subject_name, sizeof(subject_name), - &csr.subject ); - if( ret < 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509_dn_gets " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509_dn_gets(subject_name, sizeof(subject_name), + &csr.subject); + if (ret < 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509_dn_gets " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } opt.subject_name = subject_name; subject_key = &csr.pk; - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_X509_CSR_PARSE_C */ /* * 1.1. Load the keys */ - if( !opt.selfsign && !strlen( opt.request_file ) ) - { - mbedtls_printf( " . Loading the subject key ..." ); - fflush( stdout ); - - ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key, - opt.subject_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (!opt.selfsign && !strlen(opt.request_file)) { + mbedtls_printf(" . Loading the subject key ..."); + fflush(stdout); + + ret = mbedtls_pk_parse_keyfile(&loaded_subject_key, opt.subject_key, + opt.subject_pwd); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - mbedtls_printf( " . Loading the issuer key ..." ); - fflush( stdout ); + mbedtls_printf(" . Loading the issuer key ..."); + fflush(stdout); - ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key, - opt.issuer_pwd ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile " - "returned -x%02x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_pk_parse_keyfile(&loaded_issuer_key, opt.issuer_key, + opt.issuer_pwd); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_pk_parse_keyfile " + "returned -x%02x - %s\n\n", (unsigned int) -ret, buf); goto exit; } // Check if key and issuer certificate match // - if( strlen( opt.issuer_crt ) ) - { - if( mbedtls_pk_check_pair( &issuer_crt.pk, issuer_key ) != 0 ) - { - mbedtls_printf( " failed\n ! issuer_key does not match " - "issuer certificate\n\n" ); + if (strlen(opt.issuer_crt)) { + if (mbedtls_pk_check_pair(&issuer_crt.pk, issuer_key) != 0) { + mbedtls_printf(" failed\n ! issuer_key does not match " + "issuer certificate\n\n"); goto exit; } } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); - if( opt.selfsign ) - { + if (opt.selfsign) { opt.subject_name = opt.issuer_name; subject_key = issuer_key; } - mbedtls_x509write_crt_set_subject_key( &crt, subject_key ); - mbedtls_x509write_crt_set_issuer_key( &crt, issuer_key ); + mbedtls_x509write_crt_set_subject_key(&crt, subject_key); + mbedtls_x509write_crt_set_issuer_key(&crt, issuer_key); /* * 1.0. Check the names for validity */ - if( ( ret = mbedtls_x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject_name " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if ((ret = mbedtls_x509write_crt_set_subject_name(&crt, opt.subject_name)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_subject_name " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - if( ( ret = mbedtls_x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_issuer_name " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if ((ret = mbedtls_x509write_crt_set_issuer_name(&crt, opt.issuer_name)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_issuer_name " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " . Setting certificate values ..." ); - fflush( stdout ); + mbedtls_printf(" . Setting certificate values ..."); + fflush(stdout); - mbedtls_x509write_crt_set_version( &crt, opt.version ); - mbedtls_x509write_crt_set_md_alg( &crt, opt.md ); + mbedtls_x509write_crt_set_version(&crt, opt.version); + mbedtls_x509write_crt_set_md_alg(&crt, opt.md); - ret = mbedtls_x509write_crt_set_serial( &crt, &serial ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_serial " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509write_crt_set_serial(&crt, &serial); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_serial " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - ret = mbedtls_x509write_crt_set_validity( &crt, opt.not_before, opt.not_after ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_validity " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + ret = mbedtls_x509write_crt_set_validity(&crt, opt.not_before, opt.not_after); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_validity " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); - - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.basic_constraints != 0 ) - { - mbedtls_printf( " . Adding the Basic Constraints extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_basic_constraints( &crt, opt.is_ca, - opt.max_pathlen ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! x509write_crt_set_basic_contraints " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + mbedtls_printf(" ok\n"); + + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.basic_constraints != 0) { + mbedtls_printf(" . Adding the Basic Constraints extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_basic_constraints(&crt, opt.is_ca, + opt.max_pathlen); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! x509write_crt_set_basic_constraints " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #if defined(MBEDTLS_SHA1_C) - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.subject_identifier != 0 ) - { - mbedtls_printf( " . Adding the Subject Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_subject_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_subject" - "_key_identifier returned -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.subject_identifier != 0) { + mbedtls_printf(" . Adding the Subject Key Identifier ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_subject_key_identifier(&crt); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_subject" + "_key_identifier returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.authority_identifier != 0 ) - { - mbedtls_printf( " . Adding the Authority Key Identifier ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_authority_key_identifier( &crt ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_authority_" - "key_identifier returned -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.authority_identifier != 0) { + mbedtls_printf(" . Adding the Authority Key Identifier ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_authority_key_identifier(&crt); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_authority_" + "key_identifier returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } #endif /* MBEDTLS_SHA1_C */ - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.key_usage != 0 ) - { - mbedtls_printf( " . Adding the Key Usage extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_key_usage( &crt, opt.key_usage ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_key_usage " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.key_usage != 0) { + mbedtls_printf(" . Adding the Key Usage extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_key_usage(&crt, opt.key_usage); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_key_usage " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } - if( opt.version == MBEDTLS_X509_CRT_VERSION_3 && - opt.ns_cert_type != 0 ) - { - mbedtls_printf( " . Adding the NS Cert Type extension ..." ); - fflush( stdout ); - - ret = mbedtls_x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type ); - if( ret != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! mbedtls_x509write_crt_set_ns_cert_type " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf ); + if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && + opt.ns_cert_type != 0) { + mbedtls_printf(" . Adding the NS Cert Type extension ..."); + fflush(stdout); + + ret = mbedtls_x509write_crt_set_ns_cert_type(&crt, opt.ns_cert_type); + if (ret != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_ns_cert_type " + "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); } /* * 1.2. Writing the certificate */ - mbedtls_printf( " . Writing the certificate..." ); - fflush( stdout ); - - if( ( ret = write_certificate( &crt, opt.output_file, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_strerror( ret, buf, 1024 ); - mbedtls_printf( " failed\n ! write_certificate -0x%04x - %s\n\n", - (unsigned int) -ret, buf ); + mbedtls_printf(" . Writing the certificate..."); + fflush(stdout); + + if ((ret = write_certificate(&crt, opt.output_file, + mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { + mbedtls_strerror(ret, buf, 1024); + mbedtls_printf(" failed\n ! write_certificate -0x%04x - %s\n\n", + (unsigned int) -ret, buf); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); exit_code = MBEDTLS_EXIT_SUCCESS; exit: #if defined(MBEDTLS_X509_CSR_PARSE_C) - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); #endif /* MBEDTLS_X509_CSR_PARSE_C */ - mbedtls_x509_crt_free( &issuer_crt ); - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &loaded_subject_key ); - mbedtls_pk_free( &loaded_issuer_key ); - mbedtls_mpi_free( &serial ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_x509_crt_free(&issuer_crt); + mbedtls_x509write_crt_free(&crt); + mbedtls_pk_free(&loaded_subject_key); + mbedtls_pk_free(&loaded_issuer_key); + mbedtls_mpi_free(&serial); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_X509_CRT_WRITE_C && MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && diff --git a/third_party/mbedtls/repo/programs/x509/crl_app.c b/third_party/mbedtls/repo/programs/x509/crl_app.c index ffb539fdb45..d92f2a55845 100644 --- a/third_party/mbedtls/repo/programs/x509/crl_app.c +++ b/third_party/mbedtls/repo/programs/x509/crl_app.c @@ -2,19 +2,7 @@ * CRL reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,24 +11,15 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -63,12 +42,11 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the certificate file */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -80,72 +58,82 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509_crl_init( &crl ); + mbedtls_x509_crl_init(&crl); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else + } else { goto usage; + } } /* * 1.1. Load the CRL */ - mbedtls_printf( "\n . Loading the CRL ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the CRL ..."); + fflush(stdout); - ret = mbedtls_x509_crl_parse_file( &crl, opt.filename ); + ret = mbedtls_x509_crl_parse_file(&crl, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_parse_file returned %d\n\n", ret); + mbedtls_x509_crl_free(&crl); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the CRL */ - mbedtls_printf( " . CRL information ...\n" ); - ret = mbedtls_x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret ); - mbedtls_x509_crl_free( &crl ); + mbedtls_printf(" . CRL information ...\n"); + ret = mbedtls_x509_crl_info((char *) buf, sizeof(buf) - 1, " ", &crl); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_crl_info returned %d\n\n", ret); + mbedtls_x509_crl_free(&crl); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CRL_PARSE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/programs/x509/load_roots.c b/third_party/mbedtls/repo/programs/x509/load_roots.c index 6a40949ec2d..2588b1bdc3d 100644 --- a/third_party/mbedtls/repo/programs/x509/load_roots.c +++ b/third_party/mbedtls/repo/programs/x509/load_roots.c @@ -3,45 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is provided under the Apache License 2.0, or the - * GNU General Public License v2.0 or later. - * - * ********** - * Apache License 2.0: - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ********** - * - * ********** - * GNU General Public License v2.0 or later: - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * ********** */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -50,27 +11,15 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_time time -#define mbedtls_time_t time_t -#define mbedtls_fprintf fprintf -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_TIMING_C) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_TIMING_C not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_TIMING_C not defined.\n"); + mbedtls_exit(0); } #else @@ -96,55 +45,60 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char **filenames; /* NULL-terminated list of file names */ unsigned iterations; /* Number of iterations to time */ int prime_cache; /* Prime the disk read cache? */ } opt; -int read_certificates( const char *const *filenames ) +int read_certificates(const char *const *filenames) { mbedtls_x509_crt cas; int ret = 0; const char *const *cur; - mbedtls_x509_crt_init( &cas ); + mbedtls_x509_crt_init(&cas); - for( cur = filenames; *cur != NULL; cur++ ) - { - ret = mbedtls_x509_crt_parse_file( &cas, *cur ); - if( ret != 0 ) - { + for (cur = filenames; *cur != NULL; cur++) { + ret = mbedtls_x509_crt_parse_file(&cas, *cur); + if (ret != 0) { #if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) char error_message[200]; - mbedtls_strerror( ret, error_message, sizeof( error_message ) ); - printf( "\n%s: -0x%04x (%s)\n", - *cur, (unsigned) -ret, error_message ); + mbedtls_strerror(ret, error_message, sizeof(error_message)); + printf("\n%s: -0x%04x (%s)\n", + *cur, (unsigned) -ret, error_message); #else - printf( "\n%s: -0x%04x\n", - *cur, (unsigned) -ret ); + printf("\n%s: -0x%04x\n", + *cur, (unsigned) -ret); #endif goto exit; } } exit: - mbedtls_x509_crt_free( &cas ); - return( ret == 0 ); + mbedtls_x509_crt_free(&cas); + return ret == 0; } -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int exit_code = MBEDTLS_EXIT_FAILURE; unsigned i, j; struct mbedtls_timing_hr_time timer; unsigned long ms; - if( argc <= 1 ) - { - mbedtls_printf( USAGE ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc <= 1) { + mbedtls_printf(USAGE); goto exit; } @@ -152,66 +106,64 @@ int main( int argc, char *argv[] ) opt.iterations = DFL_ITERATIONS; opt.prime_cache = DFL_PRIME_CACHE; - for( i = 1; i < (unsigned) argc; i++ ) - { + for (i = 1; i < (unsigned) argc; i++) { char *p = argv[i]; char *q = NULL; - if( strcmp( p, "--" ) == 0 ) + if (strcmp(p, "--") == 0) { break; - if( ( q = strchr( p, '=' ) ) == NULL ) + } + if ((q = strchr(p, '=')) == NULL) { break; + } *q++ = '\0'; - for( j = 0; p + j < q; j++ ) - { - if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) + for (j = 0; p + j < q; j++) { + if (argv[i][j] >= 'A' && argv[i][j] <= 'Z') { argv[i][j] |= 0x20; + } } - if( strcmp( p, "iterations" ) == 0 ) - { - opt.iterations = atoi( q ); - } - else if( strcmp( p, "prime" ) == 0 ) - { - opt.iterations = atoi( q ) != 0; - } - else - { - mbedtls_printf( "Unknown option: %s\n", p ); - mbedtls_printf( USAGE ); + if (strcmp(p, "iterations") == 0) { + opt.iterations = atoi(q); + } else if (strcmp(p, "prime") == 0) { + opt.iterations = atoi(q) != 0; + } else { + mbedtls_printf("Unknown option: %s\n", p); + mbedtls_printf(USAGE); goto exit; } } - opt.filenames = (const char**) argv + i; - if( *opt.filenames == 0 ) - { - mbedtls_printf( "Missing list of certificate files to parse\n" ); + opt.filenames = (const char **) argv + i; + if (*opt.filenames == 0) { + mbedtls_printf("Missing list of certificate files to parse\n"); goto exit; } - mbedtls_printf( "Parsing %u certificates", argc - i ); - if( opt.prime_cache ) - { - if( ! read_certificates( opt.filenames ) ) + mbedtls_printf("Parsing %u certificates", argc - i); + if (opt.prime_cache) { + if (!read_certificates(opt.filenames)) { goto exit; - mbedtls_printf( " " ); + } + mbedtls_printf(" "); } - (void) mbedtls_timing_get_timer( &timer, 1 ); - for( i = 1; i <= opt.iterations; i++ ) - { - if( ! read_certificates( opt.filenames ) ) + (void) mbedtls_timing_get_timer(&timer, 1); + for (i = 1; i <= opt.iterations; i++) { + if (!read_certificates(opt.filenames)) { goto exit; - mbedtls_printf( "." ); + } + mbedtls_printf("."); } - ms = mbedtls_timing_get_timer( &timer, 0 ); - mbedtls_printf( "\n%u iterations -> %lu ms\n", opt.iterations, ms ); + ms = mbedtls_timing_get_timer(&timer, 0); + mbedtls_printf("\n%u iterations -> %lu ms\n", opt.iterations, ms); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_exit( exit_code ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_exit(exit_code); } #endif /* necessary configuration */ diff --git a/third_party/mbedtls/repo/programs/x509/req_app.c b/third_party/mbedtls/repo/programs/x509/req_app.c index 0256a763690..c17ef7554fe 100644 --- a/third_party/mbedtls/repo/programs/x509/req_app.c +++ b/third_party/mbedtls/repo/programs/x509/req_app.c @@ -2,19 +2,7 @@ * Certificate request reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -23,24 +11,15 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) -int main( void ) +int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit( 0 ); + "MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO not defined.\n"); + mbedtls_exit(0); } #else @@ -63,12 +42,11 @@ int main( void ) /* * global options */ -struct options -{ +struct options { const char *filename; /* filename of the certificate request */ } opt; -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; @@ -80,72 +58,82 @@ int main( int argc, char *argv[] ) /* * Set to sane values */ - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if( argc == 0 ) - { - usage: - mbedtls_printf( USAGE ); + if (argc < 2) { +usage: + mbedtls_printf(USAGE); goto exit; } opt.filename = DFL_FILENAME; - for( i = 1; i < argc; i++ ) - { + for (i = 1; i < argc; i++) { p = argv[i]; - if( ( q = strchr( p, '=' ) ) == NULL ) + if ((q = strchr(p, '=')) == NULL) { goto usage; + } *q++ = '\0'; - if( strcmp( p, "filename" ) == 0 ) + if (strcmp(p, "filename") == 0) { opt.filename = q; - else + } else { goto usage; + } } /* * 1.1. Load the CSR */ - mbedtls_printf( "\n . Loading the CSR ..." ); - fflush( stdout ); + mbedtls_printf("\n . Loading the CSR ..."); + fflush(stdout); - ret = mbedtls_x509_csr_parse_file( &csr, opt.filename ); + ret = mbedtls_x509_csr_parse_file(&csr, opt.filename); - if( ret != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509_csr_parse_file returned %d\n\n", ret); + mbedtls_x509_csr_free(&csr); goto exit; } - mbedtls_printf( " ok\n" ); + mbedtls_printf(" ok\n"); /* * 1.2 Print the CSR */ - mbedtls_printf( " . CSR information ...\n" ); - ret = mbedtls_x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr ); - if( ret == -1 ) - { - mbedtls_printf( " failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret ); - mbedtls_x509_csr_free( &csr ); + mbedtls_printf(" . CSR information ...\n"); + ret = mbedtls_x509_csr_info((char *) buf, sizeof(buf) - 1, " ", &csr); + if (ret == -1) { + mbedtls_printf(" failed\n ! mbedtls_x509_csr_info returned %d\n\n", ret); + mbedtls_x509_csr_free(&csr); goto exit; } - mbedtls_printf( "%s\n", buf ); + mbedtls_printf("%s\n", buf); exit_code = MBEDTLS_EXIT_SUCCESS; exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); + mbedtls_printf(" + Press Enter to exit this program.\n"); + fflush(stdout); getchar(); #endif - mbedtls_exit( exit_code ); + mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_X509_CSR_PARSE_C && MBEDTLS_FS_IO */ diff --git a/third_party/mbedtls/repo/scripts/abi_check.py b/third_party/mbedtls/repo/scripts/abi_check.py index 3cfd95a0681..8a604c4e24b 100755 --- a/third_party/mbedtls/repo/scripts/abi_check.py +++ b/third_party/mbedtls/repo/scripts/abi_check.py @@ -1,32 +1,94 @@ #!/usr/bin/env python3 -""" -Purpose - -This script is a small wrapper around the abi-compliance-checker and -abi-dumper tools, applying them to compare the ABI and API of the library -files from two different Git revisions within an Mbed TLS repository. -The results of the comparison are either formatted as HTML and stored at -a configurable location, or are given as a brief list of problems. -Returns 0 on success, 1 on ABI/API non-compliance, and 2 if there is an error -while running the script. Note: must be run from Mbed TLS root. +"""This script compares the interfaces of two versions of Mbed TLS, looking +for backward incompatibilities between two different Git revisions within +an Mbed TLS repository. It must be run from the root of a Git working tree. + +### How the script works ### + +For the source (API) and runtime (ABI) interface compatibility, this script +is a small wrapper around the abi-compliance-checker and abi-dumper tools, +applying them to compare the header and library files. + +For the storage format, this script compares the automatically generated +storage tests and the manual read tests, and complains if there is a +reduction in coverage. A change in test data will be signaled as a +coverage reduction since the old test data is no longer present. A change in +how test data is presented will be signaled as well; this would be a false +positive. + +The results of the API/ABI comparison are either formatted as HTML and stored +at a configurable location, or are given as a brief list of problems. +Returns 0 on success, 1 on non-compliance, and 2 if there is an error +while running the script. + +### How to interpret non-compliance ### + +This script has relatively common false positives. In many scenarios, it only +reports a pass if there is a strict textual match between the old version and +the new version, and it reports problems where there is a sufficient semantic +match but not a textual match. This section lists some common false positives. +This is not an exhaustive list: in the end what matters is whether we are +breaking a backward compatibility goal. + +**API**: the goal is that if an application works with the old version of the +library, it can be recompiled against the new version and will still work. +This is normally validated by comparing the declarations in `include/*/*.h`. +A failure is a declaration that has disappeared or that now has a different +type. + + * It's ok to change or remove macros and functions that are documented as + for internal use only or as experimental. + * It's ok to rename function or macro parameters as long as the semantics + has not changed. + * It's ok to change or remove structure fields that are documented as + private. + * It's ok to add fields to a structure that already had private fields + or was documented as extensible. + +**ABI**: the goal is that if an application was built against the old version +of the library, the same binary will work when linked against the new version. +This is normally validated by comparing the symbols exported by `libmbed*.so`. +A failure is a symbol that is no longer exported by the same library or that +now has a different type. + + * All ABI changes are acceptable if the library version is bumped + (see `scripts/bump_version.sh`). + * ABI changes that concern functions which are declared only inside the + library directory, and not in `include/*/*.h`, are acceptable only if + the function was only ever used inside the same library (libmbedcrypto, + libmbedx509, libmbedtls). As a counter example, if the old version + of libmbedtls calls mbedtls_foo() from libmbedcrypto, and the new version + of libmbedcrypto no longer has a compatible mbedtls_foo(), this does + require a version bump for libmbedcrypto. + +**Storage format**: the goal is to check that persistent keys stored by the +old version can be read by the new version. This is normally validated by +comparing the `*read*` test cases in `test_suite*storage_format*.data`. +A failure is a storage read test case that is no longer present with the same +function name and parameter list. + + * It's ok if the same test data is present, but its presentation has changed, + for example if a test function is renamed or has different parameters. + * It's ok if redundant tests are removed. + +**Generated test coverage**: the goal is to check that automatically +generated tests have as much coverage as before. This is normally validated +by comparing the test cases that are automatically generated by a script. +A failure is a generated test case that is no longer present with the same +function name and parameter list. + + * It's ok if the same test data is present, but its presentation has changed, + for example if a test function is renamed or has different parameters. + * It's ok if redundant tests are removed. + """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +import glob import os +import re import sys import traceback import shutil @@ -39,6 +101,8 @@ import xml.etree.ElementTree as ET +from mbedtls_dev import build_tree + class AbiChecker: """API and ABI checker.""" @@ -51,6 +115,9 @@ def __init__(self, old_version, new_version, configuration): configuration.report_dir: directory for output files configuration.keep_all_reports: if false, delete old reports configuration.brief: if true, output shorter report to stdout + configuration.check_abi: if true, compare ABIs + configuration.check_api: if true, compare APIs + configuration.check_storage: if true, compare storage format tests configuration.skip_file: path to file containing symbols and types to skip """ self.repo_path = "." @@ -64,15 +131,15 @@ def __init__(self, old_version, new_version, configuration): self.old_version = old_version self.new_version = new_version self.skip_file = configuration.skip_file + self.check_abi = configuration.check_abi + self.check_api = configuration.check_api + if self.check_abi != self.check_api: + raise Exception('Checking API without ABI or vice versa is not supported') + self.check_storage_tests = configuration.check_storage self.brief = configuration.brief self.git_command = "git" self.make_command = "make" - @staticmethod - def check_repo_path(): - if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): - raise Exception("Must be run from Mbed TLS root") - def _setup_logger(self): self.log = logging.getLogger() if self.verbose: @@ -208,6 +275,93 @@ def _get_abi_dumps_from_shared_libraries(self, version): self.log.debug(abi_dump_output.decode("utf-8")) version.abi_dumps[mbed_module] = output_path + @staticmethod + def _normalize_storage_test_case_data(line): + """Eliminate cosmetic or irrelevant details in storage format test cases.""" + line = re.sub(r'\s+', r'', line) + return line + + def _read_storage_tests(self, + directory, + filename, + is_generated, + storage_tests): + """Record storage tests from the given file. + + Populate the storage_tests dictionary with test cases read from + filename under directory. + """ + at_paragraph_start = True + description = None + full_path = os.path.join(directory, filename) + with open(full_path) as fd: + for line_number, line in enumerate(fd, 1): + line = line.strip() + if not line: + at_paragraph_start = True + continue + if line.startswith('#'): + continue + if at_paragraph_start: + description = line.strip() + at_paragraph_start = False + continue + if line.startswith('depends_on:'): + continue + # We've reached a test case data line + test_case_data = self._normalize_storage_test_case_data(line) + if not is_generated: + # In manual test data, only look at read tests. + function_name = test_case_data.split(':', 1)[0] + if 'read' not in function_name.split('_'): + continue + metadata = SimpleNamespace( + filename=filename, + line_number=line_number, + description=description + ) + storage_tests[test_case_data] = metadata + + @staticmethod + def _list_generated_test_data_files(git_worktree_path): + """List the generated test data files.""" + output = subprocess.check_output( + ['tests/scripts/generate_psa_tests.py', '--list'], + cwd=git_worktree_path, + ).decode('ascii') + return [line for line in output.split('\n') if line] + + def _get_storage_format_tests(self, version, git_worktree_path): + """Record the storage format tests for the specified git version. + + The storage format tests are the test suite data files whose name + contains "storage_format". + + The version must be checked out at git_worktree_path. + + This function creates or updates the generated data files. + """ + # Existing test data files. This may be missing some automatically + # generated files if they haven't been generated yet. + storage_data_files = set(glob.glob( + 'tests/suites/test_suite_*storage_format*.data' + )) + # Discover and (re)generate automatically generated data files. + to_be_generated = set() + for filename in self._list_generated_test_data_files(git_worktree_path): + if 'storage_format' in filename: + storage_data_files.add(filename) + to_be_generated.add(filename) + subprocess.check_call( + ['tests/scripts/generate_psa_tests.py'] + sorted(to_be_generated), + cwd=git_worktree_path, + ) + for test_file in sorted(storage_data_files): + self._read_storage_tests(git_worktree_path, + test_file, + test_file in to_be_generated, + version.storage_tests) + def _cleanup_worktree(self, git_worktree_path): """Remove the specified git worktree.""" shutil.rmtree(git_worktree_path) @@ -219,11 +373,14 @@ def _cleanup_worktree(self, git_worktree_path): self.log.debug(worktree_output.decode("utf-8")) def _get_abi_dump_for_ref(self, version): - """Generate the ABI dumps for the specified git revision.""" + """Generate the interface information for the specified git revision.""" git_worktree_path = self._get_clean_worktree_for_git_revision(version) self._update_git_submodules(git_worktree_path, version) - self._build_shared_libraries(git_worktree_path, version) - self._get_abi_dumps_from_shared_libraries(version) + if self.check_abi: + self._build_shared_libraries(git_worktree_path, version) + self._get_abi_dumps_from_shared_libraries(version) + if self.check_storage_tests: + self._get_storage_format_tests(version, git_worktree_path) self._cleanup_worktree(git_worktree_path) def _remove_children_with_tag(self, parent, tag): @@ -301,6 +458,37 @@ def _is_library_compatible(self, mbed_module, compatibility_report): os.remove(output_path) return True + @staticmethod + def _is_storage_format_compatible(old_tests, new_tests, + compatibility_report): + """Check whether all tests present in old_tests are also in new_tests. + + Append a message regarding compatibility to compatibility_report. + """ + missing = frozenset(old_tests.keys()).difference(new_tests.keys()) + for test_data in sorted(missing): + metadata = old_tests[test_data] + compatibility_report.append( + 'Test case from {} line {} "{}" has disappeared: {}'.format( + metadata.filename, metadata.line_number, + metadata.description, test_data + ) + ) + compatibility_report.append( + 'FAIL: {}/{} storage format test cases have changed or disappeared.'.format( + len(missing), len(old_tests) + ) if missing else + 'PASS: All {} storage format test cases are preserved.'.format( + len(old_tests) + ) + ) + compatibility_report.append( + 'Info: number of storage format tests cases: {} -> {}.'.format( + len(old_tests), len(new_tests) + ) + ) + return not missing + def get_abi_compatibility_report(self): """Generate a report of the differences between the reference ABI and the new ABI. ABI dumps from self.old_version and self.new_version @@ -310,12 +498,22 @@ def get_abi_compatibility_report(self): self._pretty_revision(self.new_version) )] compliance_return_code = 0 - shared_modules = list(set(self.old_version.modules.keys()) & - set(self.new_version.modules.keys())) - for mbed_module in shared_modules: - if not self._is_library_compatible(mbed_module, - compatibility_report): + + if self.check_abi: + shared_modules = list(set(self.old_version.modules.keys()) & + set(self.new_version.modules.keys())) + for mbed_module in shared_modules: + if not self._is_library_compatible(mbed_module, + compatibility_report): + compliance_return_code = 1 + + if self.check_storage_tests: + if not self._is_storage_format_compatible( + self.old_version.storage_tests, + self.new_version.storage_tests, + compatibility_report): compliance_return_code = 1 + for version in [self.old_version, self.new_version]: for mbed_module, mbed_module_dump in version.abi_dumps.items(): os.remove(mbed_module_dump) @@ -327,8 +525,9 @@ def get_abi_compatibility_report(self): def check_for_abi_changes(self): """Generate a report of ABI differences between self.old_rev and self.new_rev.""" - self.check_repo_path() - self.check_abi_tools_are_installed() + build_tree.check_repo_path() + if self.check_api or self.check_abi: + self.check_abi_tools_are_installed() self._get_abi_dump_for_ref(self.old_version) self._get_abi_dump_for_ref(self.new_version) return self.get_abi_compatibility_report() @@ -337,17 +536,7 @@ def check_for_abi_changes(self): def run_main(): try: parser = argparse.ArgumentParser( - description=( - """This script is a small wrapper around the - abi-compliance-checker and abi-dumper tools, applying them - to compare the ABI and API of the library files from two - different Git revisions within an Mbed TLS repository. - The results of the comparison are either formatted as HTML and - stored at a configurable location, or are given as a brief list - of problems. Returns 0 on success, 1 on ABI/API non-compliance, - and 2 if there is an error while running the script. - Note: must be run from Mbed TLS root.""" - ) + description=__doc__ ) parser.add_argument( "-v", "--verbose", action="store_true", @@ -397,6 +586,24 @@ def run_main(): "(typically \"-s identifiers\" after running " "\"tests/scripts/list-identifiers.sh --internal\")") ) + parser.add_argument( + "--check-abi", + action='store_true', default=True, + help="Perform ABI comparison (default: yes)" + ) + parser.add_argument("--no-check-abi", action='store_false', dest='check_abi') + parser.add_argument( + "--check-api", + action='store_true', default=True, + help="Perform API comparison (default: yes)" + ) + parser.add_argument("--no-check-api", action='store_false', dest='check_api') + parser.add_argument( + "--check-storage", + action='store_true', default=True, + help="Perform storage tests comparison (default: yes)" + ) + parser.add_argument("--no-check-storage", action='store_false', dest='check_storage') parser.add_argument( "-b", "--brief", action="store_true", help="output only the list of issues to stdout, instead of a full report", @@ -413,6 +620,7 @@ def run_main(): crypto_repository=abi_args.old_crypto_repo, crypto_revision=abi_args.old_crypto_rev, abi_dumps={}, + storage_tests={}, modules={} ) new_version = SimpleNamespace( @@ -423,6 +631,7 @@ def run_main(): crypto_repository=abi_args.new_crypto_repo, crypto_revision=abi_args.new_crypto_rev, abi_dumps={}, + storage_tests={}, modules={} ) configuration = SimpleNamespace( @@ -430,6 +639,9 @@ def run_main(): report_dir=abi_args.report_dir, keep_all_reports=abi_args.keep_all_reports, brief=abi_args.brief, + check_abi=abi_args.check_abi, + check_api=abi_args.check_api, + check_storage=abi_args.check_storage, skip_file=abi_args.skip_file ) abi_check = AbiChecker(old_version, new_version, configuration) diff --git a/third_party/mbedtls/repo/scripts/apidoc_full.sh b/third_party/mbedtls/repo/scripts/apidoc_full.sh index 03bbb64200c..8180b0e5f43 100755 --- a/third_party/mbedtls/repo/scripts/apidoc_full.sh +++ b/third_party/mbedtls/repo/scripts/apidoc_full.sh @@ -8,19 +8,7 @@ # when multiple targets are invoked in the same parallel build. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/third_party/mbedtls/repo/scripts/assemble_changelog.py b/third_party/mbedtls/repo/scripts/assemble_changelog.py index 56d6c37e191..25f9ea8f8e3 100755 --- a/third_party/mbedtls/repo/scripts/assemble_changelog.py +++ b/third_party/mbedtls/repo/scripts/assemble_changelog.py @@ -19,19 +19,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import OrderedDict, namedtuple @@ -63,15 +51,15 @@ def __init__(self, filename, line): # The category names we use in the changelog. # If you edit this, update ChangeLog.d/README.md. STANDARD_CATEGORIES = ( - b'API changes', - b'Default behavior changes', - b'Requirement changes', - b'New deprecations', - b'Removals', - b'Features', - b'Security', - b'Bugfix', - b'Changes', + 'API changes', + 'Default behavior changes', + 'Requirement changes', + 'New deprecations', + 'Removals', + 'Features', + 'Security', + 'Bugfix', + 'Changes', ) # The maximum line length for an entry @@ -122,13 +110,13 @@ def format_category(cls, title, body): class TextChangelogFormat(ChangelogFormat): """The traditional Mbed TLS changelog format.""" - _unreleased_version_text = b'= mbed TLS x.x.x branch released xxxx-xx-xx' + _unreleased_version_text = '= Mbed TLS x.x.x branch released xxxx-xx-xx' @classmethod def is_released_version(cls, title): # Look for an incomplete release date - return not re.search(br'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title) + return not re.search(r'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title) - _top_version_re = re.compile(br'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)', + _top_version_re = re.compile(r'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)', re.DOTALL) @classmethod def extract_top_version(cls, changelog_file_content): @@ -140,17 +128,17 @@ def extract_top_version(cls, changelog_file_content): top_version_body = m.group(2) if cls.is_released_version(top_version_title): top_version_end = top_version_start - top_version_title = cls._unreleased_version_text + b'\n\n' - top_version_body = b'' + top_version_title = cls._unreleased_version_text + '\n\n' + top_version_body = '' return (changelog_file_content[:top_version_start], top_version_title, top_version_body, changelog_file_content[top_version_end:]) @classmethod def version_title_text(cls, version_title): - return re.sub(br'\n.*', version_title, re.DOTALL) + return re.sub(r'\n.*', version_title, re.DOTALL) - _category_title_re = re.compile(br'(^\w.*)\n+', re.MULTILINE) + _category_title_re = re.compile(r'(^\w.*)\n+', re.MULTILINE) @classmethod def split_categories(cls, version_body): """A category title is a line with the title in column 0.""" @@ -163,10 +151,10 @@ def split_categories(cls, version_body): title_starts = [m.start(1) for m in title_matches] body_starts = [m.end(0) for m in title_matches] body_ends = title_starts[1:] + [len(version_body)] - bodies = [version_body[body_start:body_end].rstrip(b'\n') + b'\n' + bodies = [version_body[body_start:body_end].rstrip('\n') + '\n' for (body_start, body_end) in zip(body_starts, body_ends)] - title_lines = [version_body[:pos].count(b'\n') for pos in title_starts] - body_lines = [version_body[:pos].count(b'\n') for pos in body_starts] + title_lines = [version_body[:pos].count('\n') for pos in title_starts] + body_lines = [version_body[:pos].count('\n') for pos in body_starts] return [CategoryContent(title_match.group(1), title_line, body, body_line) for title_match, title_line, body, body_line @@ -176,9 +164,9 @@ def split_categories(cls, version_body): def format_category(cls, title, body): # `split_categories` ensures that each body ends with a newline. # Make sure that there is additionally a blank line between categories. - if not body.endswith(b'\n\n'): - body += b'\n' - return title + b'\n' + body + if not body.endswith('\n\n'): + body += '\n' + return title + '\n' + body class ChangeLog: """An Mbed TLS changelog. @@ -199,10 +187,10 @@ class ChangeLog: # Only accept dotted version numbers (e.g. "3.1", not "3"). # Refuse ".x" in a version number where x is a letter: this indicates # a version that is not yet released. Something like "3.1a" is accepted. - _version_number_re = re.compile(br'[0-9]+\.[0-9A-Za-z.]+') - _incomplete_version_number_re = re.compile(br'.*\.[A-Za-z]') - _only_url_re = re.compile(br'^\s*\w+://\S+\s*$') - _has_url_re = re.compile(br'.*://.*') + _version_number_re = re.compile(r'[0-9]+\.[0-9A-Za-z.]+') + _incomplete_version_number_re = re.compile(r'.*\.[A-Za-z]') + _only_url_re = re.compile(r'^\s*\w+://\S+\s*$') + _has_url_re = re.compile(r'.*://.*') def add_categories_from_text(self, filename, line_offset, text, allow_unknown_category): @@ -218,7 +206,7 @@ def add_categories_from_text(self, filename, line_offset, raise InputFormatError(filename, line_offset + category.title_line, 'Unknown category: "{}"', - category.name.decode('utf8')) + category.name) body_split = category.body.splitlines() @@ -250,8 +238,8 @@ def __init__(self, input_stream, changelog_format): # Split the top version section into categories. self.categories = OrderedDict() for category in STANDARD_CATEGORIES: - self.categories[category] = b'' - offset = (self.header + self.top_version_title).count(b'\n') + 1 + self.categories[category] = '' + offset = (self.header + self.top_version_title).count('\n') + 1 self.add_categories_from_text(input_stream.name, offset, top_version_body, True) @@ -264,7 +252,7 @@ def add_file(self, input_stream): def write(self, filename): """Write the changelog to the specified file. """ - with open(filename, 'wb') as out: + with open(filename, 'w', encoding='utf-8') as out: out.write(self.header) out.write(self.top_version_title) for title, body in self.categories.items(): @@ -303,7 +291,7 @@ def creation_hash(filename): hashes = subprocess.check_output(['git', 'log', '--format=%H', '--follow', '--', filename]) - m = re.search(b'(.+)$', hashes) + m = re.search('(.+)$', hashes.decode('ascii')) if not m: # The git output is empty. This means that the file was # never checked in. @@ -320,8 +308,8 @@ def list_merges(some_hash, target, *options): """ text = subprocess.check_output(['git', 'rev-list', '--merges', *options, - b'..'.join([some_hash, target])]) - return text.rstrip(b'\n').split(b'\n') + '..'.join([some_hash, target])]) + return text.decode('ascii').rstrip('\n').split('\n') @classmethod def merge_hash(cls, some_hash): @@ -329,7 +317,7 @@ def merge_hash(cls, some_hash): Return None if the given commit was never merged. """ - target = b'HEAD' + target = 'HEAD' # List the merges from some_hash to the target in two ways. # The ancestry list is the ones that are both descendants of # some_hash and ancestors of the target. @@ -407,14 +395,17 @@ def check_output(generated_output_file, main_input_file, merged_files): is also present in an output file. This is not perfect but good enough for now. """ - generated_output = set(open(generated_output_file, 'rb')) - for line in open(main_input_file, 'rb'): - if line not in generated_output: - raise LostContent('original file', line) - for merged_file in merged_files: - for line in open(merged_file, 'rb'): - if line not in generated_output: - raise LostContent(merged_file, line) + with open(generated_output_file, 'r', encoding='utf-8') as out_fd: + generated_output = set(out_fd) + with open(main_input_file, 'r', encoding='utf-8') as in_fd: + for line in in_fd: + if line not in generated_output: + raise LostContent('original file', line) + for merged_file in merged_files: + with open(merged_file, 'r', encoding='utf-8') as in_fd: + for line in in_fd: + if line not in generated_output: + raise LostContent(merged_file, line) def finish_output(changelog, output_file, input_file, merged_files): """Write the changelog to the output file. @@ -455,14 +446,14 @@ def merge_entries(options): Write the new changelog to options.output. Remove the merged entries if options.keep_entries is false. """ - with open(options.input, 'rb') as input_file: + with open(options.input, 'r', encoding='utf-8') as input_file: changelog = ChangeLog(input_file, TextChangelogFormat) files_to_merge = list_files_to_merge(options) if not files_to_merge: sys.stderr.write('There are no pending changelog entries.\n') return for filename in files_to_merge: - with open(filename, 'rb') as input_file: + with open(filename, 'r', encoding='utf-8') as input_file: changelog.add_file(input_file) finish_output(changelog, options.output, options.input, files_to_merge) if not options.keep_entries: diff --git a/third_party/mbedtls/repo/scripts/bump_version.sh b/third_party/mbedtls/repo/scripts/bump_version.sh index df629e9243e..926e497b4eb 100755 --- a/third_party/mbedtls/repo/scripts/bump_version.sh +++ b/third_party/mbedtls/repo/scripts/bump_version.sh @@ -1,19 +1,7 @@ #!/bin/bash # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -125,7 +113,7 @@ cat include/mbedtls/version.h | \ sed -e "s/_VERSION_PATCH .\{1,\}/_VERSION_PATCH $PATCH/" | \ sed -e "s/_VERSION_NUMBER .\{1,\}/_VERSION_NUMBER $VERSION_NR/" | \ sed -e "s/_VERSION_STRING .\{1,\}/_VERSION_STRING \"$VERSION\"/" | \ - sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL \"mbed TLS $VERSION\"/" \ + sed -e "s/_VERSION_STRING_FULL .\{1,\}/_VERSION_STRING_FULL \"Mbed TLS $VERSION\"/" \ > tmp mv tmp include/mbedtls/version.h @@ -136,7 +124,7 @@ mv tmp tests/suites/test_suite_version.data [ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h" for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h; do - sed -e "s/mbed TLS v[0-9\.]\{1,\}/mbed TLS v$VERSION/g" < $i > tmp + sed -e "s/\\([Mm]bed TLS v\\)[0-9][0-9.]*/\\1$VERSION/g" < $i > tmp mv tmp $i done diff --git a/third_party/mbedtls/repo/scripts/ci.requirements.txt b/third_party/mbedtls/repo/scripts/ci.requirements.txt index 18b40ec173f..9b96a8d23fb 100644 --- a/third_party/mbedtls/repo/scripts/ci.requirements.txt +++ b/third_party/mbedtls/repo/scripts/ci.requirements.txt @@ -1,10 +1,14 @@ # Python package requirements for Mbed TLS testing. +# Any package used by a script in this repository must be listed here +# or in one of the included files. Normally there should be a minimum +# version constraint; the CI will test with the minimum version. + # Use a known version of Pylint, because new versions tend to add warnings # that could start rejecting our code. # 2.4.4 is the version in Ubuntu 20.04. It supports Python >=3.5. pylint == 2.4.4 # Use the earliest version of mypy that works with our code base. -# See https://github.com/ARMmbed/mbedtls/pull/3953 . +# See https://github.com/Mbed-TLS/mbedtls/pull/3953 . mypy >= 0.780 diff --git a/third_party/mbedtls/repo/scripts/code_style.py b/third_party/mbedtls/repo/scripts/code_style.py new file mode 100755 index 00000000000..9d36e299b10 --- /dev/null +++ b/third_party/mbedtls/repo/scripts/code_style.py @@ -0,0 +1,222 @@ +#!/usr/bin/env python3 +"""Check or fix the code style by running Uncrustify. + +This script must be run from the root of a Git work tree containing Mbed TLS. +""" +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +import argparse +import os +import re +import subprocess +import sys +from typing import FrozenSet, List, Optional + +UNCRUSTIFY_SUPPORTED_VERSION = "0.75.1" +CONFIG_FILE = ".uncrustify.cfg" +UNCRUSTIFY_EXE = "uncrustify" +UNCRUSTIFY_ARGS = ["-c", CONFIG_FILE] +CHECK_GENERATED_FILES = "tests/scripts/check-generated-files.sh" + +def print_err(*args): + print("Error: ", *args, file=sys.stderr) + +# Print the file names that will be skipped and the help message +def print_skip(files_to_skip): + print() + print(*files_to_skip, sep=", SKIP\n", end=", SKIP\n") + print("Warning: The listed files will be skipped because\n" + "they are not known to git.") + print() + +# Match FILENAME(s) in "check SCRIPT (FILENAME...)" +CHECK_CALL_RE = re.compile(r"\n\s*check\s+[^\s#$&*?;|]+([^\n#$&*?;|]+)", + re.ASCII) +def list_generated_files() -> FrozenSet[str]: + """Return the names of generated files. + + We don't reformat generated files, since the result might be different + from the output of the generator. Ideally the result of the generator + would conform to the code style, but this would be difficult, especially + with respect to the placement of line breaks in long logical lines. + """ + # Parse check-generated-files.sh to get an up-to-date list of + # generated files. Read the file rather than calling it so that + # this script only depends on Git, Python and uncrustify, and not other + # tools such as sh or grep which might not be available on Windows. + # This introduces a limitation: check-generated-files.sh must have + # the expected format and must list the files explicitly, not through + # wildcards or command substitution. + content = open(CHECK_GENERATED_FILES, encoding="utf-8").read() + checks = re.findall(CHECK_CALL_RE, content) + return frozenset(word for s in checks for word in s.split()) + +def get_src_files(since: Optional[str]) -> List[str]: + """ + Use git to get a list of the source files. + + The optional argument since is a commit, indicating to only list files + that have changed since that commit. Without this argument, list all + files known to git. + + Only C files are included, and certain files (generated, or 3rdparty) + are excluded. + """ + file_patterns = ["*.[hc]", + "tests/suites/*.function", + "scripts/data_files/*.fmt"] + output = subprocess.check_output(["git", "ls-files"] + file_patterns, + universal_newlines=True) + src_files = output.split() + if since: + # get all files changed in commits since the starting point + cmd = ["git", "log", since + "..HEAD", "--name-only", "--pretty=", "--"] + src_files + output = subprocess.check_output(cmd, universal_newlines=True) + committed_changed_files = output.split() + # and also get all files with uncommitted changes + cmd = ["git", "diff", "--name-only", "--"] + src_files + output = subprocess.check_output(cmd, universal_newlines=True) + uncommitted_changed_files = output.split() + src_files = list(set(committed_changed_files + uncommitted_changed_files)) + + generated_files = list_generated_files() + # Don't correct style for third-party files (and, for simplicity, + # companion files in the same subtree), or for automatically + # generated files (we're correcting the templates instead). + src_files = [filename for filename in src_files + if not (filename.startswith("3rdparty/") or + filename in generated_files)] + return src_files + +def get_uncrustify_version() -> str: + """ + Get the version string from Uncrustify + """ + result = subprocess.run([UNCRUSTIFY_EXE, "--version"], + stdout=subprocess.PIPE, stderr=subprocess.PIPE, + check=False) + if result.returncode != 0: + print_err("Could not get Uncrustify version:", str(result.stderr, "utf-8")) + return "" + else: + return str(result.stdout, "utf-8") + +def check_style_is_correct(src_file_list: List[str]) -> bool: + """ + Check the code style and output a diff for each file whose style is + incorrect. + """ + style_correct = True + for src_file in src_file_list: + uncrustify_cmd = [UNCRUSTIFY_EXE] + UNCRUSTIFY_ARGS + [src_file] + result = subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE, + stderr=subprocess.PIPE, check=False) + if result.returncode != 0: + print_err("Uncrustify returned " + str(result.returncode) + + " correcting file " + src_file) + return False + + # Uncrustify makes changes to the code and places the result in a new + # file with the extension ".uncrustify". To get the changes (if any) + # simply diff the 2 files. + diff_cmd = ["diff", "-u", src_file, src_file + ".uncrustify"] + cp = subprocess.run(diff_cmd, check=False) + + if cp.returncode == 1: + print(src_file + " changed - code style is incorrect.") + style_correct = False + elif cp.returncode != 0: + raise subprocess.CalledProcessError(cp.returncode, cp.args, + cp.stdout, cp.stderr) + + # Tidy up artifact + os.remove(src_file + ".uncrustify") + + return style_correct + +def fix_style_single_pass(src_file_list: List[str]) -> bool: + """ + Run Uncrustify once over the source files. + """ + code_change_args = UNCRUSTIFY_ARGS + ["--no-backup"] + for src_file in src_file_list: + uncrustify_cmd = [UNCRUSTIFY_EXE] + code_change_args + [src_file] + result = subprocess.run(uncrustify_cmd, check=False) + if result.returncode != 0: + print_err("Uncrustify with file returned: " + + str(result.returncode) + " correcting file " + + src_file) + return False + return True + +def fix_style(src_file_list: List[str]) -> int: + """ + Fix the code style. This takes 2 passes of Uncrustify. + """ + if not fix_style_single_pass(src_file_list): + return 1 + if not fix_style_single_pass(src_file_list): + return 1 + + # Guard against future changes that cause the codebase to require + # more passes. + if not check_style_is_correct(src_file_list): + print_err("Code style still incorrect after second run of Uncrustify.") + return 1 + else: + return 0 + +def main() -> int: + """ + Main with command line arguments. + """ + uncrustify_version = get_uncrustify_version().strip() + if UNCRUSTIFY_SUPPORTED_VERSION not in uncrustify_version: + print("Warning: Using unsupported Uncrustify version '" + + uncrustify_version + "'") + print("Note: The only supported version is " + + UNCRUSTIFY_SUPPORTED_VERSION) + + parser = argparse.ArgumentParser() + parser.add_argument('-f', '--fix', action='store_true', + help=('modify source files to fix the code style ' + '(default: print diff, do not modify files)')) + parser.add_argument('-s', '--since', metavar='COMMIT', const='mbedtls-2.28', nargs='?', + help=('only check files modified since the specified commit' + ' (e.g. --since=HEAD~3 or --since=mbedtls-2.28). If no' + ' commit is specified, default to mbedtls-2.28.')) + # --subset is almost useless: it only matters if there are no files + # ('code_style.py' without arguments checks all files known to Git, + # 'code_style.py --subset' does nothing). In particular, + # 'code_style.py --fix --subset ...' is intended as a stable ("porcelain") + # way to restyle a possibly empty set of files. + parser.add_argument('--subset', action='store_true', + help='only check the specified files (default with non-option arguments)') + parser.add_argument('operands', nargs='*', metavar='FILE', + help='files to check (files MUST be known to git, if none: check all)') + + args = parser.parse_args() + + covered = frozenset(get_src_files(args.since)) + # We only check files that are known to git + if args.subset or args.operands: + src_files = [f for f in args.operands if f in covered] + skip_src_files = [f for f in args.operands if f not in covered] + if skip_src_files: + print_skip(skip_src_files) + else: + src_files = list(covered) + + if args.fix: + # Fix mode + return fix_style(src_files) + else: + # Check mode + if check_style_is_correct(src_files): + print("Checked {} files, style ok.".format(len(src_files))) + return 0 + else: + return 1 + +if __name__ == '__main__': + sys.exit(main()) diff --git a/third_party/mbedtls/repo/scripts/config.pl b/third_party/mbedtls/repo/scripts/config.pl index 5dd89d225dd..ca02b904609 100755 --- a/third_party/mbedtls/repo/scripts/config.pl +++ b/third_party/mbedtls/repo/scripts/config.pl @@ -2,19 +2,8 @@ # Backward compatibility redirection ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. my $py = $0; $py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script"; diff --git a/third_party/mbedtls/repo/scripts/config.py b/third_party/mbedtls/repo/scripts/config.py index 01f570e1778..46589317aa9 100755 --- a/third_party/mbedtls/repo/scripts/config.py +++ b/third_party/mbedtls/repo/scripts/config.py @@ -2,25 +2,17 @@ """Mbed TLS configuration file manipulation library and tool -Basic usage, to read the Mbed TLS or Mbed Crypto configuration: +Basic usage, to read the Mbed TLS configuration: config = ConfigFile() if 'MBEDTLS_RSA_C' in config: print('RSA is enabled') """ +# Note that the version of this script in the mbedtls-2.28 branch must remain +# compatible with Python 3.4. + ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 -## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import os import re @@ -152,8 +144,16 @@ def is_full_section(section): return section.endswith('support') or section.endswith('modules') def realfull_adapter(_name, active, section): - """Activate all symbols found in the system and feature sections.""" - if not is_full_section(section): + """Activate all symbols found in the global and boolean feature sections. + + This is intended for building the documentation, including the + documentation of settings that are activated by defining an optional + preprocessor macro. + + Do not activate definitions in the section containing symbols that are + supposed to be defined and documented in their own module. + """ + if section == 'Module configuration options': return active return True @@ -189,7 +189,7 @@ def realfull_adapter(_name, active, section): 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG', # behavior change + build dependency 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) - 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) + 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature 'MBEDTLS_REMOVE_ARC4_CIPHERSUITES', # removes a feature 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS @@ -214,7 +214,11 @@ def is_seamless_alt(name): Exclude alternative implementations of library functions since they require an implementation of the relevant functions and an xxx_alt.h header. """ - if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT': + if name in ( + 'MBEDTLS_PLATFORM_GMTIME_R_ALT', + 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', + 'MBEDTLS_PLATFORM_ZEROIZE_ALT', + ): # Similar to non-platform xxx_ALT, requires platform_alt.h return False return name.startswith('MBEDTLS_PLATFORM_') @@ -272,6 +276,24 @@ def baremetal_adapter(name, active, section): return True return include_in_full(name) and keep_in_baremetal(name) +# This set contains options that are mostly for debugging or test purposes, +# and therefore should be excluded when doing code size measurements. +# Options that are their own module (such as MBEDTLS_CERTS_C and +# MBEDTLS_ERROR_C) are not listed and therefore will be included when doing +# code size measurements. +EXCLUDE_FOR_SIZE = frozenset([ + 'MBEDTLS_CHECK_PARAMS', # increases the size of many modules + 'MBEDTLS_CHECK_PARAMS_ASSERT', # no effect without MBEDTLS_CHECK_PARAMS + 'MBEDTLS_DEBUG_C', # large code size increase in TLS + 'MBEDTLS_SELF_TEST', # increases the size of many modules + 'MBEDTLS_TEST_HOOKS', # only useful with the hosted test framework, increases code size +]) + +def baremetal_size_adapter(name, active, section): + if name in EXCLUDE_FOR_SIZE: + return False + return baremetal_adapter(name, active, section) + def include_in_crypto(name): """Rules for symbols in a crypto configuration.""" if name.startswith('MBEDTLS_X509_') or \ @@ -402,7 +424,7 @@ def _format_template(self, name, indent, middle): value = setting.value if value is None: value = '' - # Normally the whitespace to separte the symbol name from the + # Normally the whitespace to separate the symbol name from the # value is part of middle, and there's no whitespace for a symbol # with no value. But if a symbol has been changed from having a # value to not having one, the whitespace is wrong, so fix it. @@ -439,7 +461,7 @@ def write(self, filename=None): def main(): """Command line config.h manipulation tool.""" parser = argparse.ArgumentParser(description=""" - Mbed TLS and Mbed Crypto configuration file manipulation tool. + Mbed TLS configuration file manipulation tool. """) parser.add_argument('--file', '-f', help="""File to read (and modify if requested). @@ -483,6 +505,9 @@ def add_adapter(name, function, description): add_adapter('baremetal', baremetal_adapter, """Like full, but exclude features that require platform features such as file input-output.""") + add_adapter('baremetal_size', baremetal_size_adapter, + """Like baremetal, but exclude debugging features. + Useful for code size measurements.""") add_adapter('full', full_adapter, """Uncomment most features. Exclude alternative implementations and platform support diff --git a/third_party/mbedtls/repo/scripts/data_files/error.fmt b/third_party/mbedtls/repo/scripts/data_files/error.fmt index 3be94bd2c47..781e72a919e 100644 --- a/third_party/mbedtls/repo/scripts/data_files/error.fmt +++ b/third_party/mbedtls/repo/scripts/data_files/error.fmt @@ -2,19 +2,7 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -25,145 +13,147 @@ #if defined(MBEDTLS_ERROR_C) -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif #include #include HEADER_INCLUDED -const char * mbedtls_high_level_strerr( int error_code ) +const char *mbedtls_high_level_strerr(int error_code) { int high_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the high-level part from the error code. */ high_level_error_code = error_code & 0xFF80; - switch( high_level_error_code ) - { - /* Begin Auto-Generated Code. */ -HIGH_LEVEL_CODE_CHECKS + switch (high_level_error_code) { + /* Begin Auto-Generated Code. */ + HIGH_LEVEL_CODE_CHECKS /* End Auto-Generated Code. */ default: break; } - return( NULL ); + return NULL; } -const char * mbedtls_low_level_strerr( int error_code ) +const char *mbedtls_low_level_strerr(int error_code) { int low_level_error_code; - if( error_code < 0 ) + if (error_code < 0) { error_code = -error_code; + } /* Extract the low-level part from the error code. */ low_level_error_code = error_code & ~0xFF80; - switch( low_level_error_code ) - { - /* Begin Auto-Generated Code. */ -LOW_LEVEL_CODE_CHECKS + switch (low_level_error_code) { + /* Begin Auto-Generated Code. */ + LOW_LEVEL_CODE_CHECKS /* End Auto-Generated Code. */ default: break; } - return( NULL ); + return NULL; } -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { size_t len; int use_ret; - const char * high_level_error_description = NULL; - const char * low_level_error_description = NULL; + const char *high_level_error_description = NULL; + const char *low_level_error_description = NULL; - if( buflen == 0 ) + if (buflen == 0) { return; + } - memset( buf, 0x00, buflen ); + memset(buf, 0x00, buflen); - if( ret < 0 ) + if (ret < 0) { ret = -ret; + } - if( ret & 0xFF80 ) - { + if (ret & 0xFF80) { use_ret = ret & 0xFF80; // Translate high level error code. - high_level_error_description = mbedtls_high_level_strerr( ret ); + high_level_error_description = mbedtls_high_level_strerr(ret); - if( high_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); + if (high_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", high_level_error_description); + } #if defined(MBEDTLS_SSL_TLS_C) // Early return in case of a fatal error - do not try to translate low // level code. - if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) + if (use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) { return; + } #endif /* MBEDTLS_SSL_TLS_C */ } use_ret = ret & ~0xFF80; - if( use_ret == 0 ) + if (use_ret == 0) { return; + } // If high level code is present, make a concatenation between both // error strings. // - len = strlen( buf ); + len = strlen(buf); - if( len > 0 ) - { - if( buflen - len < 5 ) + if (len > 0) { + if (buflen - len < 5) { return; + } - mbedtls_snprintf( buf + len, buflen - len, " : " ); + mbedtls_snprintf(buf + len, buflen - len, " : "); buf += len + 3; buflen -= len + 3; } // Translate low level error code. - low_level_error_description = mbedtls_low_level_strerr( ret ); + low_level_error_description = mbedtls_low_level_strerr(ret); - if( low_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); + if (low_level_error_description == NULL) { + mbedtls_snprintf(buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret); + } else { + mbedtls_snprintf(buf, buflen, "%s", low_level_error_description); + } } #else /* MBEDTLS_ERROR_C */ /* - * Provide an non-function in case MBEDTLS_ERROR_C is not defined + * Provide a dummy implementation when MBEDTLS_ERROR_C is not defined */ -void mbedtls_strerror( int ret, char *buf, size_t buflen ) +void mbedtls_strerror(int ret, char *buf, size_t buflen) { ((void) ret); - if( buflen > 0 ) + if (buflen > 0) { buf[0] = '\0'; + } } #endif /* MBEDTLS_ERROR_C */ #if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); +void (*mbedtls_test_hook_error_add)(int, int, const char *, int); #endif #endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/third_party/mbedtls/repo/scripts/data_files/query_config.fmt b/third_party/mbedtls/repo/scripts/data_files/query_config.fmt index be541cb4842..82db635ddfb 100644 --- a/third_party/mbedtls/repo/scripts/data_files/query_config.fmt +++ b/third_party/mbedtls/repo/scripts/data_files/query_config.fmt @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -25,12 +13,7 @@ #include "query_config.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ /* * Include all the headers with public APIs in case they define a macro to its @@ -81,7 +64,9 @@ #include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif #include "mbedtls/platform_util.h" #include "mbedtls/poly1305.h" #include "mbedtls/ripemd160.h" @@ -113,7 +98,12 @@ */ #define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) #define MACRO_NAME_TO_STR(macro) \ - mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) + mbedtls_printf("%s", strlen( #macro "") > 0 ? #macro "\n" : "") + +#define STRINGIFY(macro) #macro +#define OUTPUT_MACRO_NAME_VALUE(macro) mbedtls_printf( #macro "%s\n", \ + (STRINGIFY(macro) "")[0] != 0 ? "=" STRINGIFY( \ + macro) : "") #if defined(_MSC_VER) /* @@ -128,12 +118,16 @@ #pragma warning(disable:4003) #endif /* _MSC_VER */ -int query_config( const char *config ) +int query_config(const char *config) { -CHECK_CONFIG /* If the symbol is not found, return an error */ - return( 1 ); + CHECK_CONFIG /* If the symbol is not found, return an error */ + return 1; } +void list_config(void) +{ + LIST_CONFIG +} #if defined(_MSC_VER) #pragma warning(pop) #endif /* _MSC_VER */ diff --git a/third_party/mbedtls/repo/scripts/data_files/version_features.fmt b/third_party/mbedtls/repo/scripts/data_files/version_features.fmt index d4bf774462a..517e81610c4 100644 --- a/third_party/mbedtls/repo/scripts/data_files/version_features.fmt +++ b/third_party/mbedtls/repo/scripts/data_files/version_features.fmt @@ -2,19 +2,7 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" @@ -27,28 +15,30 @@ static const char * const features[] = { #if defined(MBEDTLS_VERSION_FEATURES) -FEATURE_DEFINES + FEATURE_DEFINES #endif /* MBEDTLS_VERSION_FEATURES */ NULL }; -int mbedtls_version_check_feature( const char *feature ) +int mbedtls_version_check_feature(const char *feature) { const char * const *idx = features; - if( *idx == NULL ) - return( -2 ); + if (*idx == NULL) { + return -2; + } - if( feature == NULL ) - return( -1 ); + if (feature == NULL) { + return -1; + } - while( *idx != NULL ) - { - if( !strcmp( *idx, feature ) ) - return( 0 ); + while (*idx != NULL) { + if (!strcmp(*idx, feature)) { + return 0; + } idx++; } - return( -1 ); + return -1; } #endif /* MBEDTLS_VERSION_C */ diff --git a/third_party/mbedtls/repo/scripts/ecc-heap.sh b/third_party/mbedtls/repo/scripts/ecc-heap.sh index 8d1beee5fbb..6caaea65e71 100755 --- a/third_party/mbedtls/repo/scripts/ecc-heap.sh +++ b/third_party/mbedtls/repo/scripts/ecc-heap.sh @@ -8,19 +8,7 @@ # scripts/ecc-heap.sh | tee ecc-heap.log # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu @@ -54,32 +42,45 @@ cat << EOF >$CONFIG_H #define MBEDTLS_BIGNUM_C #define MBEDTLS_ECP_C +#define MBEDTLS_ECP_NO_INTERNAL_RNG #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C #define MBEDTLS_ECDSA_C +#define MBEDTLS_SHA256_C // ECDSA benchmark needs it +#define MBEDTLS_SHA224_C // SHA256 requires this for now #define MBEDTLS_ECDH_C -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +// NIST curves >= 256 bits #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_ECP_DP_SECP521R1_ENABLED +// SECP "koblitz-like" curve >= 256 bits +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +// Brainpool curves (no specialised "mod p" routine) +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +// Montgomery curves #define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_ECP_DP_CURVE448_ENABLED #include "check_config.h" -//#define MBEDTLS_ECP_WINDOW_SIZE 6 +#define MBEDTLS_HAVE_ASM // just make things a bit faster +#define MBEDTLS_ECP_NIST_OPTIM // faster and less allocations + +//#define MBEDTLS_ECP_WINDOW_SIZE 4 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 EOF for F in 0 1; do - for W in 2 3 4 5 6; do + for W in 2 3 4; do scripts/config.py set MBEDTLS_ECP_WINDOW_SIZE $W scripts/config.py set MBEDTLS_ECP_FIXED_POINT_OPTIM $F make benchmark >/dev/null 2>&1 echo "fixed point optim = $F, max window size = $W" echo "--------------------------------------------" - programs/test/benchmark + programs/test/benchmark ecdh ecdsa done done diff --git a/third_party/mbedtls/repo/scripts/footprint.sh b/third_party/mbedtls/repo/scripts/footprint.sh index 4d7be7a27cf..323c45656a2 100755 --- a/third_party/mbedtls/repo/scripts/footprint.sh +++ b/third_party/mbedtls/repo/scripts/footprint.sh @@ -1,23 +1,11 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # -# This script determines ROM size (or code size) for the standard mbed TLS +# This script determines ROM size (or code size) for the standard Mbed TLS # configurations, when built for a Cortex M3/M4 target. # # Configurations included: @@ -108,7 +96,7 @@ else fi log "" -log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION" +log "Mbed TLS $MBEDTLS_VERSION$GIT_VERSION" log "$( arm-none-eabi-gcc --version | head -n1 )" log "CFLAGS=$ARMGCC_FLAGS" diff --git a/third_party/mbedtls/repo/scripts/generate_errors.pl b/third_party/mbedtls/repo/scripts/generate_errors.pl index 65383fa3cca..bb5cb9f57bc 100755 --- a/third_party/mbedtls/repo/scripts/generate_errors.pl +++ b/third_party/mbedtls/repo/scripts/generate_errors.pl @@ -6,19 +6,7 @@ # or generate_errors.pl include_dir data_dir error_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; @@ -60,11 +48,11 @@ my $error_format = ; close(FORMAT_FILE); -my @files = <$include_dir/*.h>; +my @files = glob qq("$include_dir/*.h"); my @necessary_include_files; my @matches; foreach my $file (@files) { - open(FILE, "$file"); + open(FILE, '<:crlf', $file) or die("$0: $file: $!"); my $content = ; close FILE; my $found = 0; diff --git a/third_party/mbedtls/repo/scripts/generate_features.pl b/third_party/mbedtls/repo/scripts/generate_features.pl index 74a95279be9..78bf3ac531a 100755 --- a/third_party/mbedtls/repo/scripts/generate_features.pl +++ b/third_party/mbedtls/repo/scripts/generate_features.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; @@ -39,8 +27,8 @@ my $feature_format_file = $data_dir.'/version_features.fmt'; -my @sections = ( "System support", "mbed TLS modules", - "mbed TLS feature support" ); +my @sections = ( "System support", "Mbed TLS modules", + "Mbed TLS feature support" ); my $line_separator = $/; undef $/; diff --git a/third_party/mbedtls/repo/scripts/generate_psa_constants.py b/third_party/mbedtls/repo/scripts/generate_psa_constants.py index 71afd02c890..515a04d80f9 100755 --- a/third_party/mbedtls/repo/scripts/generate_psa_constants.py +++ b/third_party/mbedtls/repo/scripts/generate_psa_constants.py @@ -12,19 +12,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import sys diff --git a/third_party/mbedtls/repo/scripts/generate_query_config.pl b/third_party/mbedtls/repo/scripts/generate_query_config.pl index 3cef101e3a4..76049b96359 100755 --- a/third_party/mbedtls/repo/scripts/generate_query_config.pl +++ b/third_party/mbedtls/repo/scripts/generate_query_config.pl @@ -17,19 +17,7 @@ # Usage: ./scripts/generate_query_config.pl without arguments # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; @@ -53,6 +41,7 @@ # This variable will contain the string to replace in the CHECK_CONFIG of the # format file my $config_check = ""; +my $list_config = ""; while (my $line = ) { if ($line =~ /^(\/\/)?\s*#\s*define\s+(MBEDTLS_\w+).*/) { @@ -72,6 +61,11 @@ $config_check .= " }\n"; $config_check .= "#endif /* $name */\n"; $config_check .= "\n"; + + $list_config .= "#if defined($name)\n"; + $list_config .= " OUTPUT_MACRO_NAME_VALUE($name);\n"; + $list_config .= "#endif /* $name */\n"; + $list_config .= "\n"; } } @@ -83,6 +77,7 @@ # Replace the body of the query_config() function with the code we just wrote $query_config_format =~ s/CHECK_CONFIG/$config_check/g; +$query_config_format =~ s/LIST_CONFIG/$list_config/g; # Rewrite the query_config.c file open(QUERY_CONFIG_FILE, ">$query_config_file") or die "Opening destination file '$query_config_file': $!"; diff --git a/third_party/mbedtls/repo/scripts/generate_visualc_files.pl b/third_party/mbedtls/repo/scripts/generate_visualc_files.pl index d11041c318e..ab2c93d195f 100755 --- a/third_party/mbedtls/repo/scripts/generate_visualc_files.pl +++ b/third_party/mbedtls/repo/scripts/generate_visualc_files.pl @@ -7,19 +7,7 @@ # Takes no argument. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/third_party/mbedtls/repo/scripts/lcov.sh b/third_party/mbedtls/repo/scripts/lcov.sh new file mode 100755 index 00000000000..7d23636b79e --- /dev/null +++ b/third_party/mbedtls/repo/scripts/lcov.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +help () { + cat <&1; exit 120;; + esac +done +shift $((OPTIND - 1)) + +"$main" "$@" diff --git a/third_party/mbedtls/repo/scripts/maintainer.requirements.txt b/third_party/mbedtls/repo/scripts/maintainer.requirements.txt index b149921a242..87341405e79 100644 --- a/third_party/mbedtls/repo/scripts/maintainer.requirements.txt +++ b/third_party/mbedtls/repo/scripts/maintainer.requirements.txt @@ -1,4 +1,5 @@ -# Python packages that are only useful to Mbed TLS maintainers. +# Python packages that are not used by any script in this repository, +# but are likely to be useful to Mbed TLS maintainers. -r ci.requirements.txt diff --git a/third_party/mbedtls/repo/scripts/massif_max.pl b/third_party/mbedtls/repo/scripts/massif_max.pl index eaf56aee701..52ca606b525 100755 --- a/third_party/mbedtls/repo/scripts/massif_max.pl +++ b/third_party/mbedtls/repo/scripts/massif_max.pl @@ -3,19 +3,7 @@ # Parse a massif.out.xxx file and output peak total memory usage # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/__init__.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/__init__.py new file mode 100644 index 00000000000..15b0d60dd3c --- /dev/null +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/__init__.py @@ -0,0 +1,3 @@ +# This file needs to exist to make mbedtls_dev a package. +# Among other things, this allows modules in this directory to make +# relative imports. diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/asymmetric_key_data.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/asymmetric_key_data.py index 6fd6223f3a4..ef3e3a05e8f 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/asymmetric_key_data.py @@ -4,19 +4,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import re diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/build_tree.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/build_tree.py new file mode 100644 index 00000000000..97551dd2bfd --- /dev/null +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/build_tree.py @@ -0,0 +1,56 @@ +"""Mbed TLS build tree information and manipulation. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# + +import os +import inspect + + +def looks_like_mbedtls_root(path: str) -> bool: + """Whether the given directory looks like the root of the Mbed TLS source tree.""" + return all(os.path.isdir(os.path.join(path, subdir)) + for subdir in ['include', 'library', 'programs', 'tests']) + +def check_repo_path(): + """ + Check that the current working directory is the project root, and throw + an exception if not. + """ + if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): + raise Exception("This script must be run from Mbed TLS root") + +def chdir_to_root() -> None: + """Detect the root of the Mbed TLS source tree and change to it. + + The current directory must be up to two levels deep inside an Mbed TLS + source tree. + """ + for d in [os.path.curdir, + os.path.pardir, + os.path.join(os.path.pardir, os.path.pardir)]: + if looks_like_mbedtls_root(d): + os.chdir(d) + return + raise Exception('Mbed TLS source tree not found') + + +def guess_mbedtls_root(): + """Guess mbedTLS source code directory. + + Return the first possible mbedTLS root directory + """ + dirs = set({}) + for frame in inspect.stack(): + path = os.path.dirname(frame.filename) + for d in ['.', os.path.pardir] \ + + [os.path.join(*([os.path.pardir]*i)) for i in range(2, 10)]: + d = os.path.abspath(os.path.join(path, d)) + if d in dirs: + continue + dirs.add(d) + if looks_like_mbedtls_root(d): + return d + raise Exception('Mbed TLS source tree not found') diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/c_build_helper.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/c_build_helper.py index 5c587a16bb6..154a94b3519 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/c_build_helper.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/c_build_helper.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import platform @@ -89,6 +78,37 @@ def generate_c_file(c_file, } ''') +def compile_c_file(c_filename, exe_filename, include_dirs): + """Compile a C source file with the host compiler. + + * ``c_filename``: the name of the source file to compile. + * ``exe_filename``: the name for the executable to be created. + * ``include_dirs``: a list of paths to include directories to be passed + with the -I switch. + """ + # Respect $HOSTCC if it is set + cc = os.getenv('HOSTCC', None) + if cc is None: + cc = os.getenv('CC', 'cc') + cmd = [cc] + + proc = subprocess.Popen(cmd, + stdout=subprocess.DEVNULL, + stderr=subprocess.PIPE, + universal_newlines=True) + cc_is_msvc = 'Microsoft (R) C/C++' in proc.communicate()[1] + + cmd += ['-I' + dir for dir in include_dirs] + if cc_is_msvc: + # MSVC has deprecated using -o to specify the output file, + # and produces an object file in the working directory by default. + obj_filename = exe_filename[:-4] + '.obj' + cmd += ['-Fe' + exe_filename, '-Fo' + obj_filename] + else: + cmd += ['-o' + exe_filename] + + subprocess.check_call(cmd + [c_filename]) + def get_c_expression_values( cast_to, printf_format, expressions, @@ -123,10 +143,8 @@ def get_c_expression_values( expressions) ) c_file.close() - cc = os.getenv('CC', 'cc') - subprocess.check_call([cc] + - ['-I' + dir for dir in include_path] + - ['-o', exe_name, c_name]) + + compile_c_file(c_name, exe_name, include_path) if keep_c: sys.stderr.write('List of {} tests kept at {}\n' .format(caller, c_name)) diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/crypto_knowledge.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/crypto_knowledge.py index 7214adb4f44..82cce199ab0 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/crypto_knowledge.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/crypto_knowledge.py @@ -4,29 +4,71 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +import enum import re -from typing import Dict, Iterable, Optional, Pattern, Tuple +from typing import FrozenSet, Iterable, List, Optional, Tuple, Dict + +from .asymmetric_key_data import ASYMMETRIC_KEY_DATA + + +def short_expression(original: str, level: int = 0) -> str: + """Abbreviate the expression, keeping it human-readable. + + If `level` is 0, just remove parts that are implicit from context, + such as a leading ``PSA_KEY_TYPE_``. + For larger values of `level`, also abbreviate some names in an + unambiguous, but ad hoc way. + """ + short = original + short = re.sub(r'\bPSA_(?:ALG|ECC_FAMILY|KEY_[A-Z]+)_', r'', short) + short = re.sub(r' +', r'', short) + if level >= 1: + short = re.sub(r'PUBLIC_KEY\b', r'PUB', short) + short = re.sub(r'KEY_PAIR\b', r'PAIR', short) + short = re.sub(r'\bBRAINPOOL_P', r'BP', short) + short = re.sub(r'\bMONTGOMERY\b', r'MGM', short) + short = re.sub(r'AEAD_WITH_SHORTENED_TAG\b', r'AEAD_SHORT', short) + short = re.sub(r'\bDETERMINISTIC_', r'DET_', short) + short = re.sub(r'\bKEY_AGREEMENT\b', r'KA', short) + short = re.sub(r'_PSK_TO_MS\b', r'_PSK2MS', short) + return short + + +BLOCK_CIPHERS = frozenset(['AES', 'ARIA', 'CAMELLIA', 'DES']) +BLOCK_MAC_MODES = frozenset(['CBC_MAC', 'CMAC']) +BLOCK_CIPHER_MODES = frozenset([ + 'CTR', 'CFB', 'OFB', 'XTS', 'CCM_STAR_NO_TAG', + 'ECB_NO_PADDING', 'CBC_NO_PADDING', 'CBC_PKCS7', +]) +BLOCK_AEAD_MODES = frozenset(['CCM', 'GCM']) + +class EllipticCurveCategory(enum.Enum): + """Categorization of elliptic curve families. + + The category of a curve determines what algorithms are defined over it. + """ + + SHORT_WEIERSTRASS = 0 + MONTGOMERY = 1 + TWISTED_EDWARDS = 2 + + @staticmethod + def from_family(family: str) -> 'EllipticCurveCategory': + if family == 'PSA_ECC_FAMILY_MONTGOMERY': + return EllipticCurveCategory.MONTGOMERY + if family == 'PSA_ECC_FAMILY_TWISTED_EDWARDS': + return EllipticCurveCategory.TWISTED_EDWARDS + # Default to SW, which most curves belong to. + return EllipticCurveCategory.SHORT_WEIERSTRASS -from mbedtls_dev.asymmetric_key_data import ASYMMETRIC_KEY_DATA class KeyType: """Knowledge about a PSA key type.""" - def __init__(self, name: str, params: Optional[Iterable[str]] = None): + def __init__(self, name: str, params: Optional[Iterable[str]] = None) -> None: """Analyze a key type. The key type must be specified in PSA syntax. In its simplest form, @@ -62,6 +104,11 @@ def __init__(self, name: str, params: Optional[Iterable[str]] = None): if self.params is not None: self.expression += '(' + ', '.join(self.params) + ')' + m = re.match(r'PSA_KEY_TYPE_(\w+)', self.name) + assert m + self.head = re.sub(r'_(?:PUBLIC_KEY|KEY_PAIR)\Z', r'', m.group(1)) + """The key type macro name, with common prefixes and suffixes stripped.""" + self.private_type = re.sub(r'_PUBLIC_KEY\Z', r'_KEY_PAIR', self.name) """The key type macro name for the corresponding key pair type. @@ -69,6 +116,17 @@ def __init__(self, name: str, params: Optional[Iterable[str]] = None): `self.name`. """ + def short_expression(self, level: int = 0) -> str: + """Abbreviate the expression, keeping it human-readable. + + See `crypto_knowledge.short_expression`. + """ + return short_expression(self.expression, level=level) + + def is_public(self) -> bool: + """Whether the key type is for public keys.""" + return self.name.endswith('_PUBLIC_KEY') + ECC_KEY_SIZES = { 'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256), 'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521), @@ -79,7 +137,7 @@ def __init__(self, name: str, params: Optional[Iterable[str]] = None): 'PSA_ECC_FAMILY_BRAINPOOL_P_R1': (160, 192, 224, 256, 320, 384, 512), 'PSA_ECC_FAMILY_MONTGOMERY': (255, 448), 'PSA_ECC_FAMILY_TWISTED_EDWARDS': (255, 448), - } + } # type: Dict[str, Tuple[int, ...]] KEY_TYPE_SIZES = { 'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive 'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible @@ -91,7 +149,7 @@ def __init__(self, name: str, params: Optional[Iterable[str]] = None): 'PSA_KEY_TYPE_HMAC': (128, 160, 224, 256, 384, 512), # standard size for each supported hash 'PSA_KEY_TYPE_RAW_DATA': (8, 40, 128), # sample 'PSA_KEY_TYPE_RSA_KEY_PAIR': (1024, 1536), # small sample - } + } # type: Dict[str, Tuple[int, ...]] def sizes_to_test(self) -> Tuple[int, ...]: """Return a tuple of key sizes to test. @@ -137,17 +195,340 @@ def key_material(self, bits: int) -> bytes: return b''.join([self.DATA_BLOCK] * (length // len(self.DATA_BLOCK)) + [self.DATA_BLOCK[:length % len(self.DATA_BLOCK)]]) - KEY_TYPE_FOR_SIGNATURE = { - 'PSA_KEY_USAGE_SIGN_HASH': re.compile('.*KEY_PAIR'), - 'PSA_KEY_USAGE_VERIFY_HASH': re.compile('.*KEY.*') - } #type: Dict[str, Pattern] - """Use a regexp to determine key types for which signature is possible - when using the actual usage flag. - """ - def is_valid_for_signature(self, usage: str) -> bool: - """Determine if the key type is compatible with the specified - signitute type. + def can_do(self, alg: 'Algorithm') -> bool: + """Whether this key type can be used for operations with the given algorithm. + + This function does not currently handle key derivation or PAKE. + """ + #pylint: disable=too-many-branches,too-many-return-statements + if not alg.is_valid_for_operation(): + return False + if self.head == 'HMAC' and alg.head == 'HMAC': + return True + if self.head == 'DES': + # 64-bit block ciphers only allow a reduced set of modes. + return alg.head in [ + 'CBC_NO_PADDING', 'CBC_PKCS7', + 'ECB_NO_PADDING', + ] + if self.head in BLOCK_CIPHERS and \ + alg.head in frozenset.union(BLOCK_MAC_MODES, + BLOCK_CIPHER_MODES, + BLOCK_AEAD_MODES): + if alg.head in ['CMAC', 'OFB'] and \ + self.head in ['ARIA', 'CAMELLIA']: + return False # not implemented in Mbed TLS + return True + if self.head == 'CHACHA20' and alg.head == 'CHACHA20_POLY1305': + return True + if self.head in {'ARC4', 'CHACHA20'} and \ + alg.head == 'STREAM_CIPHER': + return True + if self.head == 'RSA' and alg.head.startswith('RSA_'): + return True + if alg.category == AlgorithmCategory.KEY_AGREEMENT and \ + self.is_public(): + # The PSA API does not use public key objects in key agreement + # operations: it imports the public key as a formatted byte string. + # So a public key object with a key agreement algorithm is not + # a valid combination. + return False + if self.head == 'ECC': + assert self.params is not None + eccc = EllipticCurveCategory.from_family(self.params[0]) + if alg.head == 'ECDH' and \ + eccc in {EllipticCurveCategory.SHORT_WEIERSTRASS, + EllipticCurveCategory.MONTGOMERY}: + return True + if alg.head == 'ECDSA' and \ + eccc == EllipticCurveCategory.SHORT_WEIERSTRASS: + return True + if alg.head in {'PURE_EDDSA', 'EDDSA_PREHASH'} and \ + eccc == EllipticCurveCategory.TWISTED_EDWARDS: + return True + return False + + +class AlgorithmCategory(enum.Enum): + """PSA algorithm categories.""" + # The numbers are aligned with the category bits in numerical values of + # algorithms. + HASH = 2 + MAC = 3 + CIPHER = 4 + AEAD = 5 + SIGN = 6 + ASYMMETRIC_ENCRYPTION = 7 + KEY_DERIVATION = 8 + KEY_AGREEMENT = 9 + PAKE = 10 + + def requires_key(self) -> bool: + """Whether operations in this category are set up with a key.""" + return self not in {self.HASH, self.KEY_DERIVATION} + + def is_asymmetric(self) -> bool: + """Whether operations in this category involve asymmetric keys.""" + return self in { + self.SIGN, + self.ASYMMETRIC_ENCRYPTION, + self.KEY_AGREEMENT + } + + +class AlgorithmNotRecognized(Exception): + def __init__(self, expr: str) -> None: + super().__init__('Algorithm not recognized: ' + expr) + self.expr = expr + + +class Algorithm: + """Knowledge about a PSA algorithm.""" + + @staticmethod + def determine_base(expr: str) -> str: + """Return an expression for the "base" of the algorithm. + + This strips off variants of algorithms such as MAC truncation. + + This function does not attempt to detect invalid inputs. + """ + m = re.match(r'PSA_ALG_(?:' + r'(?:TRUNCATED|AT_LEAST_THIS_LENGTH)_MAC|' + r'AEAD_WITH_(?:SHORTENED|AT_LEAST_THIS_LENGTH)_TAG' + r')\((.*),[^,]+\)\Z', expr) + if m: + expr = m.group(1) + return expr + + @staticmethod + def determine_head(expr: str) -> str: + """Return the head of an algorithm expression. + + The head is the first (outermost) constructor, without its PSA_ALG_ + prefix, and with some normalization of similar algorithms. + """ + m = re.match(r'PSA_ALG_(?:DETERMINISTIC_)?(\w+)', expr) + if not m: + raise AlgorithmNotRecognized(expr) + head = m.group(1) + if head == 'KEY_AGREEMENT': + m = re.match(r'PSA_ALG_KEY_AGREEMENT\s*\(\s*PSA_ALG_(\w+)', expr) + if not m: + raise AlgorithmNotRecognized(expr) + head = m.group(1) + head = re.sub(r'_ANY\Z', r'', head) + if re.match(r'ED[0-9]+PH\Z', head): + head = 'EDDSA_PREHASH' + return head + + CATEGORY_FROM_HEAD = { + 'SHA': AlgorithmCategory.HASH, + 'SHAKE256_512': AlgorithmCategory.HASH, + 'MD': AlgorithmCategory.HASH, + 'RIPEMD': AlgorithmCategory.HASH, + 'ANY_HASH': AlgorithmCategory.HASH, + 'HMAC': AlgorithmCategory.MAC, + 'STREAM_CIPHER': AlgorithmCategory.CIPHER, + 'CHACHA20_POLY1305': AlgorithmCategory.AEAD, + 'DSA': AlgorithmCategory.SIGN, + 'ECDSA': AlgorithmCategory.SIGN, + 'EDDSA': AlgorithmCategory.SIGN, + 'PURE_EDDSA': AlgorithmCategory.SIGN, + 'RSA_PSS': AlgorithmCategory.SIGN, + 'RSA_PKCS1V15_SIGN': AlgorithmCategory.SIGN, + 'RSA_PKCS1V15_CRYPT': AlgorithmCategory.ASYMMETRIC_ENCRYPTION, + 'RSA_OAEP': AlgorithmCategory.ASYMMETRIC_ENCRYPTION, + 'HKDF': AlgorithmCategory.KEY_DERIVATION, + 'TLS12_PRF': AlgorithmCategory.KEY_DERIVATION, + 'TLS12_PSK_TO_MS': AlgorithmCategory.KEY_DERIVATION, + 'PBKDF': AlgorithmCategory.KEY_DERIVATION, + 'ECDH': AlgorithmCategory.KEY_AGREEMENT, + 'FFDH': AlgorithmCategory.KEY_AGREEMENT, + # KEY_AGREEMENT(...) is a key derivation with a key agreement component + 'KEY_AGREEMENT': AlgorithmCategory.KEY_DERIVATION, + 'JPAKE': AlgorithmCategory.PAKE, + } + for x in BLOCK_MAC_MODES: + CATEGORY_FROM_HEAD[x] = AlgorithmCategory.MAC + for x in BLOCK_CIPHER_MODES: + CATEGORY_FROM_HEAD[x] = AlgorithmCategory.CIPHER + for x in BLOCK_AEAD_MODES: + CATEGORY_FROM_HEAD[x] = AlgorithmCategory.AEAD + + def determine_category(self, expr: str, head: str) -> AlgorithmCategory: + """Return the category of the given algorithm expression. + + This function does not attempt to detect invalid inputs. + """ + prefix = head + while prefix: + if prefix in self.CATEGORY_FROM_HEAD: + return self.CATEGORY_FROM_HEAD[prefix] + if re.match(r'.*[0-9]\Z', prefix): + prefix = re.sub(r'_*[0-9]+\Z', r'', prefix) + else: + prefix = re.sub(r'_*[^_]*\Z', r'', prefix) + raise AlgorithmNotRecognized(expr) + + @staticmethod + def determine_wildcard(expr) -> bool: + """Whether the given algorithm expression is a wildcard. + + This function does not attempt to detect invalid inputs. + """ + if re.search(r'\bPSA_ALG_ANY_HASH\b', expr): + return True + if re.search(r'_AT_LEAST_', expr): + return True + return False + + def __init__(self, expr: str) -> None: + """Analyze an algorithm value. + + The algorithm must be expressed as a C expression containing only + calls to PSA algorithm constructor macros and numeric literals. + + This class is only programmed to handle valid expressions. Invalid + expressions may result in exceptions or in nonsensical results. + """ + self.expression = re.sub(r'\s+', r'', expr) + self.base_expression = self.determine_base(self.expression) + self.head = self.determine_head(self.base_expression) + self.category = self.determine_category(self.base_expression, self.head) + self.is_wildcard = self.determine_wildcard(self.expression) + + def is_key_agreement_with_derivation(self) -> bool: + """Whether this is a combined key agreement and key derivation algorithm.""" + if self.category != AlgorithmCategory.KEY_AGREEMENT: + return False + m = re.match(r'PSA_ALG_KEY_AGREEMENT\(\w+,\s*(.*)\)\Z', self.expression) + if not m: + return False + kdf_alg = m.group(1) + # Assume kdf_alg is either a valid KDF or 0. + return not re.match(r'(?:0[Xx])?0+\s*\Z', kdf_alg) + + + def short_expression(self, level: int = 0) -> str: + """Abbreviate the expression, keeping it human-readable. + + See `crypto_knowledge.short_expression`. + """ + return short_expression(self.expression, level=level) + + HASH_LENGTH = { + 'PSA_ALG_MD5': 16, + 'PSA_ALG_SHA_1': 20, + } + HASH_LENGTH_BITS_RE = re.compile(r'([0-9]+)\Z') + @classmethod + def hash_length(cls, alg: str) -> int: + """The length of the given hash algorithm, in bytes.""" + if alg in cls.HASH_LENGTH: + return cls.HASH_LENGTH[alg] + m = cls.HASH_LENGTH_BITS_RE.search(alg) + if m: + return int(m.group(1)) // 8 + raise ValueError('Unknown hash length for ' + alg) + + PERMITTED_TAG_LENGTHS = { + 'PSA_ALG_CCM': frozenset([4, 6, 8, 10, 12, 14, 16]), + 'PSA_ALG_CHACHA20_POLY1305': frozenset([16]), + 'PSA_ALG_GCM': frozenset([4, 8, 12, 13, 14, 15, 16]), + } + MAC_LENGTH = { + 'PSA_ALG_CBC_MAC': 16, # actually the block cipher length + 'PSA_ALG_CMAC': 16, # actually the block cipher length + } + HMAC_RE = re.compile(r'PSA_ALG_HMAC\((.*)\)\Z') + @classmethod + def permitted_truncations(cls, base: str) -> FrozenSet[int]: + """Permitted output lengths for the given MAC or AEAD base algorithm. + + For a MAC algorithm, this is the set of truncation lengths that + Mbed TLS supports. + For an AEAD algorithm, this is the set of truncation lengths that + are permitted by the algorithm specification. + """ + if base in cls.PERMITTED_TAG_LENGTHS: + return cls.PERMITTED_TAG_LENGTHS[base] + max_length = cls.MAC_LENGTH.get(base, None) + if max_length is None: + m = cls.HMAC_RE.match(base) + if m: + max_length = cls.hash_length(m.group(1)) + if max_length is None: + raise ValueError('Unknown permitted lengths for ' + base) + return frozenset(range(4, max_length + 1)) + + TRUNCATED_ALG_RE = re.compile( + r'(?PPSA_ALG_(?:AEAD_WITH_SHORTENED_TAG|TRUNCATED_MAC))' + r'\((?P.*),' + r'(?P0[Xx][0-9A-Fa-f]+|[1-9][0-9]*|0[0-7]*)[LUlu]*\)\Z') + def is_invalid_truncation(self) -> bool: + """False for a MAC or AEAD algorithm truncated to an invalid length. + + True for a MAC or AEAD algorithm truncated to a valid length or to + a length that cannot be determined. True for anything other than + a truncated MAC or AEAD. + """ + m = self.TRUNCATED_ALG_RE.match(self.expression) + if m: + base = m.group('base') + to_length = int(m.group('length'), 0) + permitted_lengths = self.permitted_truncations(base) + if to_length not in permitted_lengths: + return True + return False + + def is_valid_for_operation(self) -> bool: + """Whether this algorithm construction is valid for an operation. + + This function assumes that the algorithm is constructed in a + "grammatically" correct way, and only rejects semantically invalid + combinations. + """ + if self.is_wildcard: + return False + if self.is_invalid_truncation(): + return False + return True + + def can_do(self, category: AlgorithmCategory) -> bool: + """Whether this algorithm can perform operations in the given category. + """ + if category == self.category: + return True + if category == AlgorithmCategory.KEY_DERIVATION and \ + self.is_key_agreement_with_derivation(): + return True + return False + + def usage_flags(self, public: bool = False) -> List[str]: + """The list of usage flags describing operations that can perform this algorithm. + If public is true, only return public-key operations, not private-key operations. """ - # This is just temporaly solution for the implicit usage flags. - return re.match(self.KEY_TYPE_FOR_SIGNATURE[usage], self.name) is not None + if self.category == AlgorithmCategory.HASH: + flags = [] + elif self.category == AlgorithmCategory.MAC: + flags = ['SIGN_HASH', 'SIGN_MESSAGE', + 'VERIFY_HASH', 'VERIFY_MESSAGE'] + elif self.category == AlgorithmCategory.CIPHER or \ + self.category == AlgorithmCategory.AEAD: + flags = ['DECRYPT', 'ENCRYPT'] + elif self.category == AlgorithmCategory.SIGN: + flags = ['VERIFY_HASH', 'VERIFY_MESSAGE'] + if not public: + flags += ['SIGN_HASH', 'SIGN_MESSAGE'] + elif self.category == AlgorithmCategory.ASYMMETRIC_ENCRYPTION: + flags = ['ENCRYPT'] + if not public: + flags += ['DECRYPT'] + elif self.category == AlgorithmCategory.KEY_DERIVATION or \ + self.category == AlgorithmCategory.KEY_AGREEMENT: + flags = ['DERIVE'] + else: + raise AlgorithmNotRecognized(self.expression) + return ['PSA_KEY_USAGE_' + flag for flag in flags] diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/macro_collector.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/macro_collector.py index 3440ba74b6a..fbec007660a 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/macro_collector.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/macro_collector.py @@ -2,23 +2,12 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import itertools import re -from typing import Dict, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union +from typing import Dict, IO, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union class ReadFileLineException(Exception): @@ -50,12 +39,13 @@ class read_file_lines: """ def __init__(self, filename: str, binary: bool = False) -> None: self.filename = filename + self.file = None #type: Optional[IO[str]] self.line_number = 'entry' #type: Union[int, str] self.generator = None #type: Optional[Iterable[Tuple[int, str]]] self.binary = binary def __enter__(self) -> 'read_file_lines': - self.generator = enumerate(open(self.filename, - 'rb' if self.binary else 'r')) + self.file = open(self.filename, 'rb' if self.binary else 'r') + self.generator = enumerate(self.file) return self def __iter__(self) -> Iterator[str]: assert self.generator is not None @@ -64,6 +54,8 @@ def __iter__(self) -> Iterator[str]: yield content self.line_number = 'exit' def __exit__(self, exc_type, exc_value, exc_traceback) -> None: + if self.file is not None: + self.file.close() if exc_type is not None: raise ReadFileLineException(self.filename, self.line_number) \ from exc_value @@ -182,7 +174,7 @@ def distribute_arguments(self, name: str) -> Iterator[str]: for value in argument_lists[i][1:]: arguments[i] = value yield self._format_arguments(name, arguments) - arguments[i] = argument_lists[0][0] + arguments[i] = argument_lists[i][0] except BaseException as e: raise Exception('distribute_arguments({})'.format(name)) from e @@ -395,10 +387,26 @@ def __init__(self) -> None: 'other_algorithm': [], 'lifetime': [self.lifetimes], } #type: Dict[str, List[Set[str]]] - self.arguments_for['mac_length'] += ['1', '63'] - self.arguments_for['min_mac_length'] += ['1', '63'] - self.arguments_for['tag_length'] += ['1', '63'] - self.arguments_for['min_tag_length'] += ['1', '63'] + mac_lengths = [str(n) for n in [ + 1, # minimum expressible + 4, # minimum allowed by policy + 13, # an odd size in a plausible range + 14, # an even non-power-of-two size in a plausible range + 16, # same as full size for at least one algorithm + 63, # maximum expressible + ]] + self.arguments_for['mac_length'] += mac_lengths + self.arguments_for['min_mac_length'] += mac_lengths + aead_lengths = [str(n) for n in [ + 1, # minimum expressible + 4, # minimum allowed by policy + 13, # an odd size in a plausible range + 14, # an even non-power-of-two size in a plausible range + 16, # same as full size for at least one algorithm + 63, # maximum expressible + ]] + self.arguments_for['tag_length'] += aead_lengths + self.arguments_for['min_tag_length'] += aead_lengths def add_numerical_values(self) -> None: """Add numerical values that are not supported to the known identifiers.""" diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/psa_storage.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/psa_storage.py index 45f0380e7b8..4adbb07ab29 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/psa_storage.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/psa_storage.py @@ -1,27 +1,21 @@ """Knowledge about the PSA key store as implemented in Mbed TLS. + +Note that if you need to make a change that affects how keys are +stored, this may indicate that the key store is changing in a +backward-incompatible way! Think carefully about backward compatibility +before changing how test data is constructed or validated. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import re import struct from typing import Dict, List, Optional, Set, Union import unittest -from mbedtls_dev import c_build_helper +from . import c_build_helper class Expr: @@ -146,6 +140,11 @@ def bytes(self) -> bytes: This is the content of the PSA storage file. When PSA storage is implemented over stdio files, this does not include any wrapping made by the PSA-storage-over-stdio-file implementation. + + Note that if you need to make a change in this function, + this may indicate that the key store is changing in a + backward-incompatible way! Think carefully about backward + compatibility before making any change here. """ header = self.MAGIC + self.pack('L', self.version) if self.version == 0: diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/test_case.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/test_case.py index 6a46e4209b2..6ed5e849de7 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/test_case.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/test_case.py @@ -1,27 +1,16 @@ -"""Library for generating Mbed TLS test data. +"""Library for constructing an Mbed TLS test case. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import os import sys from typing import Iterable, List, Optional -from mbedtls_dev import typing_util +from . import typing_util def hex_string(data: bytes) -> str: return '"' + binascii.hexlify(data).decode('ascii') + '"' @@ -92,9 +81,11 @@ def write_data_file(filename: str, """ if caller is None: caller = os.path.basename(sys.argv[0]) - with open(filename, 'w') as out: + tempfile = filename + '.new' + with open(tempfile, 'w') as out: out.write('# Automatically generated by {}. Do not edit!\n' .format(caller)) for tc in test_cases: tc.write(out) out.write('\n# End of automatically generated file.\n') + os.replace(tempfile, filename) diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/test_data_generation.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/test_data_generation.py new file mode 100644 index 00000000000..32361ee9b01 --- /dev/null +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/test_data_generation.py @@ -0,0 +1,197 @@ +"""Common code for test data generation. + +This module defines classes that are of general use to automatically +generate .data files for unit tests, as well as a main function. + +These are used both by generate_psa_tests.py and generate_bignum_tests.py. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# + +import argparse +import os +import posixpath +import re + +from abc import ABCMeta, abstractmethod +from typing import Callable, Dict, Iterable, Iterator, List, Type, TypeVar + +from . import build_tree +from . import test_case + +T = TypeVar('T') #pylint: disable=invalid-name + + +class BaseTarget(metaclass=ABCMeta): + """Base target for test case generation. + + Child classes of this class represent an output file, and can be referred + to as file targets. These indicate where test cases will be written to for + all subclasses of the file target, which is set by `target_basename`. + + Attributes: + count: Counter for test cases from this class. + case_description: Short description of the test case. This may be + automatically generated using the class, or manually set. + dependencies: A list of dependencies required for the test case. + show_test_count: Toggle for inclusion of `count` in the test description. + target_basename: Basename of file to write generated tests to. This + should be specified in a child class of BaseTarget. + test_function: Test function which the class generates cases for. + test_name: A common name or description of the test function. This can + be `test_function`, a clearer equivalent, or a short summary of the + test function's purpose. + """ + count = 0 + case_description = "" + dependencies = [] # type: List[str] + show_test_count = True + target_basename = "" + test_function = "" + test_name = "" + + def __new__(cls, *args, **kwargs): + # pylint: disable=unused-argument + cls.count += 1 + return super().__new__(cls) + + @abstractmethod + def arguments(self) -> List[str]: + """Get the list of arguments for the test case. + + Override this method to provide the list of arguments required for + the `test_function`. + + Returns: + List of arguments required for the test function. + """ + raise NotImplementedError + + def description(self) -> str: + """Create a test case description. + + Creates a description of the test case, including a name for the test + function, an optional case count, and a description of the specific + test case. This should inform a reader what is being tested, and + provide context for the test case. + + Returns: + Description for the test case. + """ + if self.show_test_count: + return "{} #{} {}".format( + self.test_name, self.count, self.case_description + ).strip() + else: + return "{} {}".format(self.test_name, self.case_description).strip() + + + def create_test_case(self) -> test_case.TestCase: + """Generate TestCase from the instance.""" + tc = test_case.TestCase() + tc.set_description(self.description()) + tc.set_function(self.test_function) + tc.set_arguments(self.arguments()) + tc.set_dependencies(self.dependencies) + + return tc + + @classmethod + @abstractmethod + def generate_function_tests(cls) -> Iterator[test_case.TestCase]: + """Generate test cases for the class test function. + + This will be called in classes where `test_function` is set. + Implementations should yield TestCase objects, by creating instances + of the class with appropriate input data, and then calling + `create_test_case()` on each. + """ + raise NotImplementedError + + @classmethod + def generate_tests(cls) -> Iterator[test_case.TestCase]: + """Generate test cases for the class and its subclasses. + + In classes with `test_function` set, `generate_function_tests()` is + called to generate test cases first. + + In all classes, this method will iterate over its subclasses, and + yield from `generate_tests()` in each. Calling this method on a class X + will yield test cases from all classes derived from X. + """ + if cls.test_function: + yield from cls.generate_function_tests() + for subclass in sorted(cls.__subclasses__(), key=lambda c: c.__name__): + yield from subclass.generate_tests() + + +class TestGenerator: + """Generate test cases and write to data files.""" + def __init__(self, _options) -> None: + self.test_suite_directory = 'tests/suites' + # Update `targets` with an entry for each child class of BaseTarget. + # Each entry represents a file generated by the BaseTarget framework, + # and enables generating the .data files using the CLI. + self.targets.update({ + subclass.target_basename: subclass.generate_tests + for subclass in BaseTarget.__subclasses__() + }) + + def filename_for(self, basename: str) -> str: + """The location of the data file with the specified base name.""" + return posixpath.join(self.test_suite_directory, basename + '.data') + + def write_test_data_file(self, basename: str, + test_cases: Iterable[test_case.TestCase]) -> None: + """Write the test cases to a .data file. + + The output file is ``basename + '.data'`` in the test suite directory. + """ + filename = self.filename_for(basename) + test_case.write_data_file(filename, test_cases) + + # Note that targets whose names contain 'test_format' have their content + # validated by `abi_check.py`. + targets = {} # type: Dict[str, Callable[..., Iterable[test_case.TestCase]]] + + def generate_target(self, name: str, *target_args) -> None: + """Generate cases and write to data file for a target. + + For target callables which require arguments, override this function + and pass these arguments using super() (see PSATestGenerator). + """ + test_cases = self.targets[name](*target_args) + self.write_test_data_file(name, test_cases) + +def main(args, description: str, generator_class: Type[TestGenerator] = TestGenerator): + """Command line entry point.""" + parser = argparse.ArgumentParser(description=description) + parser.add_argument('--list', action='store_true', + help='List available targets and exit') + parser.add_argument('targets', nargs='*', metavar='TARGET', + help='Target file to generate (default: all; "-": none)') + + # Change to the mbedtls root, to keep things simple. + # Note that if any command line options refer to paths, they need to + # be adjusted first. + build_tree.chdir_to_root() + + options = parser.parse_args(args) + generator = generator_class(options) + if options.list: + for name in sorted(generator.targets): + print(generator.filename_for(name)) + return + if options.targets: + # Allow "-" as a special case so you can run + # ``generate_xxx_tests.py - $targets`` and it works uniformly whether + # ``$targets`` is empty or not. + options.targets = [os.path.basename(re.sub(r'\.data\Z', r'', target)) + for target in options.targets + if target != '-'] + else: + options.targets = sorted(generator.targets) + for target in options.targets: + generator.generate_target(target) diff --git a/third_party/mbedtls/repo/scripts/mbedtls_dev/typing_util.py b/third_party/mbedtls/repo/scripts/mbedtls_dev/typing_util.py index 4c344492ce7..2ec448d004a 100644 --- a/third_party/mbedtls/repo/scripts/mbedtls_dev/typing_util.py +++ b/third_party/mbedtls/repo/scripts/mbedtls_dev/typing_util.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Any diff --git a/third_party/mbedtls/repo/scripts/memory.sh b/third_party/mbedtls/repo/scripts/memory.sh index 9c3882dee40..e8543e9dcd6 100755 --- a/third_party/mbedtls/repo/scripts/memory.sh +++ b/third_party/mbedtls/repo/scripts/memory.sh @@ -7,19 +7,7 @@ # since for memory we want debug information. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/third_party/mbedtls/repo/scripts/min_requirements.py b/third_party/mbedtls/repo/scripts/min_requirements.py index eecab1c1e1c..dda3a59e7d3 100755 --- a/third_party/mbedtls/repo/scripts/min_requirements.py +++ b/third_party/mbedtls/repo/scripts/min_requirements.py @@ -3,19 +3,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os @@ -56,18 +44,19 @@ def add_file(self, filename: str) -> None: * Comments (``#`` at the beginning of the line or after whitespace). * ``-r FILENAME`` to include another file. """ - for line in open(filename): - line = line.strip() - line = re.sub(r'(\A|\s+)#.*', r'', line) - if not line: - continue - m = re.match(r'-r\s+', line) - if m: - nested_file = os.path.join(os.path.dirname(filename), - line[m.end(0):]) - self.add_file(nested_file) - continue - self.requirements.append(self.adjust_requirement(line)) + with open(filename) as fd: + for line in fd: + line = line.strip() + line = re.sub(r'(\A|\s+)#.*', r'', line) + if not line: + continue + m = re.match(r'-r\s+', line) + if m: + nested_file = os.path.join(os.path.dirname(filename), + line[m.end(0):]) + self.add_file(nested_file) + continue + self.requirements.append(self.adjust_requirement(line)) def write(self, out: typing_util.Writable) -> None: """List the gathered requirements.""" diff --git a/third_party/mbedtls/repo/scripts/output_env.sh b/third_party/mbedtls/repo/scripts/output_env.sh index 1d9e0faebea..d3eac22bbd6 100755 --- a/third_party/mbedtls/repo/scripts/output_env.sh +++ b/third_party/mbedtls/repo/scripts/output_env.sh @@ -3,19 +3,7 @@ # output_env.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -105,9 +93,37 @@ echo print_version "gcc" "--version" "" "head -n 1" echo +if [ -n "${GCC_EARLIEST+set}" ]; then + print_version "${GCC_EARLIEST}" "--version" "" "head -n 1" +else + echo " GCC_EARLIEST : Not configured." +fi +echo + +if [ -n "${GCC_LATEST+set}" ]; then + print_version "${GCC_LATEST}" "--version" "" "head -n 1" +else + echo " GCC_LATEST : Not configured." +fi +echo + print_version "clang" "--version" "" "head -n 2" echo +if [ -n "${CLANG_EARLIEST+set}" ]; then + print_version "${CLANG_EARLIEST}" "--version" "" "head -n 2" +else + echo " CLANG_EARLIEST : Not configured." +fi +echo + +if [ -n "${CLANG_LATEST+set}" ]; then + print_version "${CLANG_LATEST}" "--version" "" "head -n 2" +else + echo " CLANG_LATEST : Not configured." +fi +echo + print_version "ldd" "--version" "" "head -n 1" echo diff --git a/third_party/mbedtls/repo/scripts/rename.pl b/third_party/mbedtls/repo/scripts/rename.pl index 9ea5f09c9aa..c92cb91403c 100755 --- a/third_party/mbedtls/repo/scripts/rename.pl +++ b/third_party/mbedtls/repo/scripts/rename.pl @@ -1,24 +1,12 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # -# This script migrates application source code from the mbed TLS 1.3 API to the -# mbed TLS 2.0 API. +# This script migrates application source code from the Mbed TLS 1.3 API to the +# Mbed TLS 2.0 API. # # The script processes the given source code and renames identifiers - functions # types, enums etc, as @@ -88,7 +76,7 @@ if( dir($filename)->parent eq $lib_include_dir || dir($filename)->parent eq $lib_source_dir ) { - die "Script cannot be executed on the mbed TLS library itself."; + die "Script cannot be executed on the Mbed TLS library itself."; } if( -d $filename ) { print STDERR "skip (directory)\n"; next } diff --git a/third_party/mbedtls/repo/scripts/tmp_ignore_makefiles.sh b/third_party/mbedtls/repo/scripts/tmp_ignore_makefiles.sh index 558970f547a..455f892a214 100755 --- a/third_party/mbedtls/repo/scripts/tmp_ignore_makefiles.sh +++ b/third_party/mbedtls/repo/scripts/tmp_ignore_makefiles.sh @@ -4,19 +4,7 @@ # git development # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later IGNORE="" diff --git a/third_party/mbedtls/repo/tests/.gitignore b/third_party/mbedtls/repo/tests/.gitignore index 8f7315d4f23..4678d8d4e0e 100644 --- a/third_party/mbedtls/repo/tests/.gitignore +++ b/third_party/mbedtls/repo/tests/.gitignore @@ -10,8 +10,6 @@ data_files/entropy_seed include/test/instrument_record_status.h -src/*.o -src/drivers/*.o src/libmbed* libtestdriver1/* diff --git a/third_party/mbedtls/repo/tests/CMakeLists.txt b/third_party/mbedtls/repo/tests/CMakeLists.txt index f86127245d2..10de8c7022e 100644 --- a/third_party/mbedtls/repo/tests/CMakeLists.txt +++ b/third_party/mbedtls/repo/tests/CMakeLists.txt @@ -26,6 +26,10 @@ endif() # on non-POSIX platforms. add_definitions("-D_POSIX_C_SOURCE=200809L") +# If SKIP_TEST_SUITES is not defined with -D, get it from the environment. +if((NOT DEFINED SKIP_TEST_SUITES) AND (DEFINED ENV{SKIP_TEST_SUITES})) + set(SKIP_TEST_SUITES $ENV{SKIP_TEST_SUITES}) +endif() # Test suites caught by SKIP_TEST_SUITES are built but not executed. # "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar" # but not "test_suite_foobar". @@ -46,7 +50,9 @@ function(add_test_suite suite_name) DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py ${mbedtls_target} ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data ) - add_executable(test_suite_${data_name} test_suite_${data_name}.c $) + add_executable(test_suite_${data_name} test_suite_${data_name}.c + $ + $) target_link_libraries(test_suite_${data_name} ${libs}) # Include test-specific header files from ./include and private header # files (used by some invasive tests) from ../library. Public header @@ -77,101 +83,15 @@ if(MSVC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-") endif(MSVC) -add_test_suite(aes aes.cbc) -add_test_suite(aes aes.cfb) -add_test_suite(aes aes.ecb) -add_test_suite(aes aes.ofb) -add_test_suite(aes aes.rest) -add_test_suite(aes aes.xts) -add_test_suite(arc4) -add_test_suite(aria) -add_test_suite(asn1parse) -add_test_suite(asn1write) -add_test_suite(base64) -add_test_suite(blowfish) -add_test_suite(camellia) -add_test_suite(ccm) -add_test_suite(chacha20) -add_test_suite(chachapoly) -add_test_suite(cipher cipher.aes) -add_test_suite(cipher cipher.arc4) -add_test_suite(cipher cipher.blowfish) -add_test_suite(cipher cipher.camellia) -add_test_suite(cipher cipher.ccm) -add_test_suite(cipher cipher.chacha20) -add_test_suite(cipher cipher.chachapoly) -add_test_suite(cipher cipher.des) -add_test_suite(cipher cipher.gcm) -add_test_suite(cipher cipher.misc) -add_test_suite(cipher cipher.nist_kw) -add_test_suite(cipher cipher.null) -add_test_suite(cipher cipher.padding) -add_test_suite(cmac) -add_test_suite(ctr_drbg) -add_test_suite(debug) -add_test_suite(des) -add_test_suite(dhm) -add_test_suite(ecdh) -add_test_suite(ecdsa) -add_test_suite(ecjpake) -add_test_suite(ecp) -add_test_suite(entropy) -add_test_suite(error) -add_test_suite(gcm gcm.aes128_de) -add_test_suite(gcm gcm.aes128_en) -add_test_suite(gcm gcm.aes192_de) -add_test_suite(gcm gcm.aes192_en) -add_test_suite(gcm gcm.aes256_de) -add_test_suite(gcm gcm.aes256_en) -add_test_suite(gcm gcm.camellia) -add_test_suite(gcm gcm.misc) -add_test_suite(hkdf) -add_test_suite(hmac_drbg hmac_drbg.misc) -add_test_suite(hmac_drbg hmac_drbg.no_reseed) -add_test_suite(hmac_drbg hmac_drbg.nopr) -add_test_suite(hmac_drbg hmac_drbg.pr) -add_test_suite(md) -add_test_suite(mdx) -add_test_suite(memory_buffer_alloc) -add_test_suite(mpi) -add_test_suite(mps) -add_test_suite(net) -add_test_suite(nist_kw) -add_test_suite(oid) -add_test_suite(pem) -add_test_suite(pk) -add_test_suite(pkcs1_v15) -add_test_suite(pkcs1_v21) -add_test_suite(pkcs5) -add_test_suite(pkcs12) -add_test_suite(pkparse) -add_test_suite(pkwrite) -add_test_suite(poly1305) -add_test_suite(psa_crypto) -add_test_suite(psa_crypto_attributes) -add_test_suite(psa_crypto_entropy) -add_test_suite(psa_crypto_hash) -add_test_suite(psa_crypto_init) -add_test_suite(psa_crypto_metadata) -add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.generated) -add_test_suite(psa_crypto_not_supported psa_crypto_not_supported.misc) -add_test_suite(psa_crypto_persistent_key) -add_test_suite(psa_crypto_se_driver_hal) -add_test_suite(psa_crypto_se_driver_hal_mocks) -add_test_suite(psa_crypto_slot_management) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.misc) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.current) -add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.v0) -add_test_suite(psa_its) -add_test_suite(random) -add_test_suite(rsa) -add_test_suite(shax) -add_test_suite(ssl) -add_test_suite(timing) -add_test_suite(version) -add_test_suite(x509parse) -add_test_suite(x509write) -add_test_suite(xtea) +file(GLOB test_suites RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" suites/*.data) +list(SORT test_suites) +foreach(test_suite ${test_suites}) + get_filename_component(data_name ${test_suite} NAME) + string(REGEX REPLACE "\\.data\$" "" data_name "${data_name}") + string(REPLACE "test_suite_" "" data_name "${data_name}") + string(REGEX MATCH "[^.]*" function_name "${data_name}") + add_test_suite(${function_name} ${data_name}) +endforeach(test_suite) # Make scripts and data files needed for testing available in an # out-of-source build. @@ -179,6 +99,7 @@ if (NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/seedfile") link_to_source(seedfile) endif() + link_to_source(Descriptions.txt) link_to_source(compat.sh) link_to_source(context-info.sh) link_to_source(data_files) diff --git a/third_party/mbedtls/repo/tests/Makefile b/third_party/mbedtls/repo/tests/Makefile index 6e232c974ea..27dcacb1678 100644 --- a/third_party/mbedtls/repo/tests/Makefile +++ b/third_party/mbedtls/repo/tests/Makefile @@ -86,7 +86,7 @@ all: $(BINARIES) $(MBEDLIBS): $(MAKE) -C ../library -MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c)) +MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c)) mbedtls_test: $(MBEDTLS_TEST_OBJS) @@ -107,7 +107,12 @@ src/drivers/%.o : src/drivers/%.c echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< +src/test_helpers/%.o : src/test_helpers/%.c + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< + C_FILES := $(addsuffix .c,$(APPS)) +c: $(C_FILES) # Wildcard target for test code generation: # A .c file is generated for each .data file in the suites/ directory. Each .c @@ -142,7 +147,7 @@ $(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS) clean: ifndef WINDOWS rm -rf $(BINARIES) *.c *.datax - rm -f src/*.o src/drivers/*.o src/libmbed* + rm -f src/*.o src/drivers/*.o src/test_helpers/*.o src/libmbed* rm -f include/test/instrument_record_status.h rm -rf libtestdriver1 else @@ -151,6 +156,7 @@ else if exist *.datax del /Q /F *.datax if exist src/*.o del /Q /F src/*.o if exist src/drivers/*.o del /Q /F src/drivers/*.o + if exist src/test_helpers/*.o del /Q /F src/test_helpers/*.o if exist src/libmbed* del /Q /F src/libmed* if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h endif diff --git a/third_party/mbedtls/repo/tests/compat-in-docker.sh b/third_party/mbedtls/repo/tests/compat-in-docker.sh index aef0a072898..7d485134ff2 100755 --- a/third_party/mbedtls/repo/tests/compat-in-docker.sh +++ b/third_party/mbedtls/repo/tests/compat-in-docker.sh @@ -6,9 +6,13 @@ # ------- # This runs compat.sh in a Docker container. # +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. +# # Notes for users # --------------- -# If OPENSSL_CMD, GNUTLS_CLI, or GNUTLS_SERV are specified the path must +# If OPENSSL, GNUTLS_CLI, or GNUTLS_SERV are specified the path must # correspond to an executable inside the Docker container. The special # values "next" (OpenSSL only) and "legacy" are also allowed as shorthand # for the installations inside the container. @@ -18,25 +22,13 @@ # - compat.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh -case "${OPENSSL_CMD:-default}" in - "legacy") export OPENSSL_CMD="/usr/local/openssl-1.0.1j/bin/openssl";; - "next") export OPENSSL_CMD="/usr/local/openssl-1.1.1a/bin/openssl";; +case "${OPENSSL:-default}" in + "legacy") export OPENSSL="/usr/local/openssl-1.0.1j/bin/openssl";; + "next") export OPENSSL="/usr/local/openssl-1.1.1a/bin/openssl";; *) ;; esac @@ -57,7 +49,7 @@ run_in_docker \ -e M_SRV \ -e GNUTLS_CLI \ -e GNUTLS_SERV \ - -e OPENSSL_CMD \ + -e OPENSSL \ -e OSSL_NO_DTLS \ tests/compat.sh \ $@ diff --git a/third_party/mbedtls/repo/tests/compat.sh b/third_party/mbedtls/repo/tests/compat.sh index 444c80cb302..a07ed580458 100755 --- a/third_party/mbedtls/repo/tests/compat.sh +++ b/third_party/mbedtls/repo/tests/compat.sh @@ -3,19 +3,7 @@ # compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -30,6 +18,11 @@ set -u # where it may output seemingly unlimited length error logs. ulimit -f 20971520 +ORIGINAL_PWD=$PWD +if ! cd "$(dirname "$0")"; then + exit 125 +fi + # initialise counters TESTS=0 FAILED=0 @@ -39,10 +32,21 @@ SRVMEM=0 # default commands, can be overridden by the environment : ${M_SRV:=../programs/ssl/ssl_server2} : ${M_CLI:=../programs/ssl/ssl_client2} -: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system +: ${OPENSSL:=openssl} : ${GNUTLS_CLI:=gnutls-cli} : ${GNUTLS_SERV:=gnutls-serv} +# The OPENSSL variable used to be OPENSSL_CMD for historical reasons. +# To help the migration, error out if the old variable is set, +# but only if it has a different value than the new one. +if [ "${OPENSSL_CMD+set}" = set ]; then + # the variable is set, we can now check its value + if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then + echo "Please use OPENSSL instead of OPENSSL_CMD." >&2 + exit 125 + fi +fi + # do we have a recent enough GnuTLS? if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then G_VER="$( $GNUTLS_CLI --version | head -n1 )" @@ -66,18 +70,31 @@ else PEER_GNUTLS="" fi +guess_config_name() { + if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then + echo "default" + else + echo "unknown" + fi +} +: ${MBEDTLS_TEST_OUTCOME_FILE=} +: ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} +: ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} + # default values for options -MODES="tls1 tls1_1 tls12 dtls1 dtls12" +# /!\ keep this synchronised with: +# - basic-build-test.sh +# - all.sh (multiple components) +MODES="tls1 tls1_1 tls12 dtls1 dtls12" # ssl3 not in default config VERIFIES="NO YES" TYPES="ECDSA RSA PSK" FILTER="" # exclude: -# - NULL: excluded from our default config +# - NULL: excluded from our default config + requires OpenSSL legacy # - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions -# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL) +# - 3DES: not in default config # - ARIA: not in default config.h + requires OpenSSL >= 1.1.1 # - ChachaPoly: requires OpenSSL >= 1.1.0 -# - 3DES: not in default config EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305' VERBOSE="" MEMCHECK=0 @@ -99,6 +116,38 @@ print_usage() { printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" printf " -M|--memcheck\tCheck memory leaks and errors.\n" printf " -v|--verbose\tSet verbose output.\n" + printf " --list-test-case\tList all potential test cases (No Execution)\n" + printf " --outcome-file\tFile where test outcomes are written\n" + printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" +} + +# print_test_case +print_test_case() { + for i in $3; do + uniform_title $1 $2 $i + echo $TITLE + done +} + +# list_test_case lists all potential test cases in compat.sh without execution +list_test_case() { + for MODE in $MODES; do + for TYPE in $TYPES; do + for VERIFY in $VERIFIES; do + VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') + reset_ciphersuites + add_common_ciphersuites + add_openssl_ciphersuites + add_gnutls_ciphersuites + add_mbedtls_ciphersuites + print_test_case m O "$O_CIPHERS" + print_test_case O m "$O_CIPHERS" + print_test_case m G "$G_CIPHERS" + print_test_case G m "$G_CIPHERS" + print_test_case m m "$M_CIPHERS" + done + done + done } get_options() { @@ -128,6 +177,15 @@ get_options() { -M|--memcheck) MEMCHECK=1 ;; + # Please check scripts/check_test_cases.py correspondingly + # if you have to modify option, --list-test-case + --list-test-case) + list_test_case + exit $? + ;; + --outcome-file) + shift; MBEDTLS_TEST_OUTCOME_FILE=$1 + ;; -h|--help) print_usage exit 0 @@ -202,22 +260,11 @@ filter() echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//' } -# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for -# PSK ciphersuites with DTLS, which is incorrect, so disable them for now -check_openssl_server_bug() -{ - if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \ - echo "$1" | grep "^TLS-PSK" >/dev/null; - then - SKIP_NEXT="YES" - fi -} - filter_ciphersuites() { if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; then - # Ciphersuite for mbed TLS + # Ciphersuite for Mbed TLS M_CIPHERS=$( filter "$M_CIPHERS" ) # Ciphersuite for OpenSSL @@ -227,18 +274,9 @@ filter_ciphersuites() G_CIPHERS=$( filter "$G_CIPHERS" ) fi - # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check what OpenSSL - # supports from the s_server help. (The s_client help isn't - # accurate as of 1.0.2g: it supports DTLS 1.2 but doesn't list it. - # But the s_server help seems to be accurate.) - if ! $OPENSSL_CMD s_server -help 2>&1 | grep -q "^ *-$MODE "; then - M_CIPHERS="" - O_CIPHERS="" - fi - - # For GnuTLS client -> mbed TLS server, + # For GnuTLS client -> Mbed TLS server, # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails - if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then + if is_dtls "$MODE" && [ "X$VERIFY" = "XYES" ]; then G_CIPHERS="" fi } @@ -455,7 +493,7 @@ add_common_ciphersuites() # # NOTE: for some reason RSA-PSK doesn't work with OpenSSL, # so RSA-PSK ciphersuites need to go in other sections, see -# https://github.com/ARMmbed/mbedtls/issues/1419 +# https://github.com/Mbed-TLS/mbedtls/issues/1419 # # ChachaPoly suites are here rather than in "common", as they were added in # GnuTLS in 3.5.0 and the CI only has 3.4.x so far. @@ -868,27 +906,44 @@ add_mbedtls_ciphersuites() esac } +# o_check_ciphersuite CIPHER_SUITE_NAME +o_check_ciphersuite() +{ + if [ "${O_SUPPORT_ECDH}" = "NO" ]; then + case "$1" in + *ECDH-*) SKIP_NEXT="YES" + esac + fi +} + setup_arguments() { + O_MODE="" G_MODE="" case "$MODE" in "ssl3") + O_MODE="ssl3" G_PRIO_MODE="+VERS-SSL3.0" ;; "tls1") + O_MODE="tls1" G_PRIO_MODE="+VERS-TLS1.0" ;; "tls1_1") + O_MODE="tls1_1" G_PRIO_MODE="+VERS-TLS1.1" ;; "tls12") + O_MODE="tls1_2" G_PRIO_MODE="+VERS-TLS1.2" ;; "dtls1") + O_MODE="dtls1" G_PRIO_MODE="+VERS-DTLS1.0" G_MODE="-u" ;; "dtls12") + O_MODE="dtls1_2" G_PRIO_MODE="+VERS-DTLS1.2" G_MODE="-u" ;; @@ -905,7 +960,7 @@ setup_arguments() fi M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1" - O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE" + O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$O_MODE" G_SERVER_ARGS="-p $PORT --http $G_MODE" G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" @@ -916,7 +971,7 @@ setup_arguments() # Mbed TLS wants >=1024, so force that for older versions. Don't force # it for newer versions, which reject a 1024-bit prime. Indifferently # force it or not for intermediate versions. - case $($OPENSSL_CMD version) in + case $($OPENSSL version) in "OpenSSL 1.0"*) O_SERVER_ARGS="$O_SERVER_ARGS -dhparam data_files/dhparams.pem" ;; @@ -930,9 +985,27 @@ setup_arguments() fi M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE" - O_CLIENT_ARGS="-connect localhost:$PORT -$MODE" + O_CLIENT_ARGS="-connect localhost:$PORT -$O_MODE" G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE" - G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL" + + # Newer versions of OpenSSL have a syntax to enable all "ciphers", even + # low-security ones. This covers not just cipher suites but also protocol + # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on + # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in + # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find + # a way to discover it from -help, so check the openssl version. + case $($OPENSSL version) in + "OpenSSL 0"*|"OpenSSL 1.0"*) :;; + *) + O_CLIENT_ARGS="$O_CLIENT_ARGS -cipher ALL@SECLEVEL=0" + O_SERVER_ARGS="$O_SERVER_ARGS -cipher ALL@SECLEVEL=0" + ;; + esac + + case $($OPENSSL ciphers ALL) in + *ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";; + *) O_SUPPORT_ECDH="NO";; + esac if [ "X$VERIFY" = "XYES" ]; then @@ -1045,7 +1118,7 @@ fi start_server() { case $1 in [Oo]pen*) - SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS" + SERVER_CMD="$OPENSSL s_server $O_SERVER_ARGS" ;; [Gg]nu*) SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO" @@ -1067,15 +1140,17 @@ start_server() { echo "$SERVER_CMD" > $SRV_OUT # for servers without -www or equivalent while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 & - PROCESS_ID=$! + SRV_PID=$! - wait_server_start "$PORT" "$PROCESS_ID" + wait_server_start "$PORT" "$SRV_PID" } # terminate the running server stop_server() { - kill $PROCESS_ID 2>/dev/null - wait $PROCESS_ID 2>/dev/null + # For Ubuntu 22.04, `Terminated` message is outputed by wait command. + # To remove it from stdout, redirect stdout/stderr to SRV_OUT + kill $SRV_PID >/dev/null 2>&1 + wait $SRV_PID >> $SRV_OUT 2>&1 if [ "$MEMCHECK" -gt 0 ]; then if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then @@ -1091,7 +1166,7 @@ stop_server() { # kill the running server (used when killed by signal) cleanup() { rm -f $SRV_OUT $CLI_OUT - kill $PROCESS_ID >/dev/null 2>&1 + kill $SRV_PID >/dev/null 2>&1 kill $WATCHDOG_PID >/dev/null 2>&1 exit 1 } @@ -1104,30 +1179,70 @@ wait_client_done() { ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) & WATCHDOG_PID=$! - wait $CLI_PID + # For Ubuntu 22.04, `Terminated` message is outputed by wait command. + # To remove it from stdout, redirect stdout/stderr to CLI_OUT + wait $CLI_PID >> $CLI_OUT 2>&1 EXIT=$? - kill $WATCHDOG_PID - wait $WATCHDOG_PID + kill $WATCHDOG_PID >/dev/null 2>&1 + wait $WATCHDOG_PID >> $CLI_OUT 2>&1 echo "EXIT: $EXIT" >> $CLI_OUT } +# record_outcome [] +record_outcome() { + echo "$1" + if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then + # The test outcome file has the format (in single line): + # platform;configuration; + # test suite name;test case description; + # PASS/FAIL/SKIP;[failure cause] + printf '%s;%s;%s;%s;%s;%s\n' \ + "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \ + "compat" "$TITLE" \ + "$1" "${2-}" \ + >> "$MBEDTLS_TEST_OUTCOME_FILE" + fi +} + +# display additional information if test case fails +report_fail() { + FAIL_PROMPT="outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" + record_outcome "FAIL" "$FAIL_PROMPT" + cp $SRV_OUT c-srv-${TESTS}.log + cp $CLI_OUT c-cli-${TESTS}.log + echo " ! $FAIL_PROMPT" + + if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then + echo " ! server output:" + cat c-srv-${TESTS}.log + echo " ! ===================================================" + echo " ! client output:" + cat c-cli-${TESTS}.log + fi +} + +# uniform_title +# $TITLE is considered as test case description for both --list-test-case and +# MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of +# each test case description. +uniform_title() { + TITLE="$1->$2 $MODE,$VERIF $3" +} + # run_client run_client() { # announce what we're going to do TESTS=$(( $TESTS + 1 )) - VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') - TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`" - TITLE="$TITLE $MODE,$VERIF $2" - printf "%s " "$TITLE" - LEN=$(( 72 - `echo "$TITLE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done; printf ' ' + uniform_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2 + DOTS72="........................................................................" + printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72" # should we skip? if [ "X$SKIP_NEXT" = "XYES" ]; then SKIP_NEXT="NO" - echo "SKIP" + record_outcome "SKIP" SKIPPED=$(( $SKIPPED + 1 )) return fi @@ -1135,7 +1250,7 @@ run_client() { # run the command and interpret result case $1 in [Oo]pen*) - CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2" + CLIENT_CMD="$OPENSSL s_client $O_CLIENT_ARGS -cipher $2" log "$CLIENT_CMD" echo "$CLIENT_CMD" > $CLI_OUT printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & @@ -1144,7 +1259,7 @@ run_client() { if [ $EXIT -eq 0 ]; then RESULT=0 else - # If the cipher isn't supported... + # If it is NULL cipher ... if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then RESULT=1 else @@ -1221,26 +1336,14 @@ run_client() { # report and count result case $RESULT in "0") - echo PASS + record_outcome "PASS" ;; "1") - echo SKIP + record_outcome "SKIP" SKIPPED=$(( $SKIPPED + 1 )) ;; "2") - echo FAIL - cp $SRV_OUT c-srv-${TESTS}.log - cp $CLI_OUT c-cli-${TESTS}.log - echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" - - if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then - echo " ! server output:" - cat c-srv-${TESTS}.log - echo " ! ===================================================" - echo " ! client output:" - cat c-cli-${TESTS}.log - fi - + report_fail FAILED=$(( $FAILED + 1 )) ;; esac @@ -1252,13 +1355,16 @@ run_client() { # MAIN # -if cd $( dirname $0 ); then :; else - echo "cd $( dirname $0 ) failed" >&2 - exit 1 -fi - get_options "$@" +# Make the outcome file path relative to the original directory, not +# to .../tests +case "$MBEDTLS_TEST_OUTCOME_FILE" in + [!/]*) + MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" + ;; +esac + # sanity checks, avoid an avalanche of errors if [ ! -x "$M_SRV" ]; then echo "Command '$M_SRV' is not an executable file" >&2 @@ -1270,8 +1376,8 @@ if [ ! -x "$M_CLI" ]; then fi if echo "$PEERS" | grep -i openssl > /dev/null; then - if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else - echo "Command '$OPENSSL_CMD' not found" >&2 + if which "$OPENSSL" >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL' not found" >&2 exit 1 fi fi @@ -1314,9 +1420,20 @@ SKIP_NEXT="NO" trap cleanup INT TERM HUP -for VERIFY in $VERIFIES; do - for MODE in $MODES; do - for TYPE in $TYPES; do +for MODE in $MODES; do + for TYPE in $TYPES; do + + # PSK cipher suites do not allow client certificate verification. + # This means PSK test cases with VERIFY=YES should be replaced by + # VERIFY=NO or be ignored. SUB_VERIFIES variable is used to constrain + # verification option for PSK test cases. + SUB_VERIFIES=$VERIFIES + if [ "$TYPE" = "PSK" ]; then + SUB_VERIFIES="NO" + fi + + for VERIFY in $SUB_VERIFIES; do + VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') for PEER in $PEERS; do setup_arguments @@ -1329,6 +1446,15 @@ for VERIFY in $VERIFIES; do continue; fi + # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check if OpenSSL + # supports $O_MODE from the s_server help. (The s_client + # help isn't accurate as of 1.0.2g: it supports DTLS 1.2 + # but doesn't list it. But the s_server help seems to be + # accurate.) + if ! $OPENSSL s_server -help 2>&1 | grep -q "^ *-$O_MODE "; then + continue; + fi + reset_ciphersuites add_common_ciphersuites add_openssl_ciphersuites @@ -1337,7 +1463,7 @@ for VERIFY in $VERIFIES; do if [ "X" != "X$M_CIPHERS" ]; then start_server "OpenSSL" for i in $M_CIPHERS; do - check_openssl_server_bug $i + o_check_ciphersuite "$i" run_client mbedTLS $i done stop_server @@ -1346,6 +1472,7 @@ for VERIFY in $VERIFIES; do if [ "X" != "X$O_CIPHERS" ]; then start_server "mbedTLS" for i in $O_CIPHERS; do + o_check_ciphersuite "$i" run_client OpenSSL $i done stop_server @@ -1411,8 +1538,7 @@ done echo "------------------------------------------------------------------------" -if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; -then +if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; then printf "FAILED" else printf "PASSED" @@ -1428,4 +1554,9 @@ PASSED=$(( $TESTS - $FAILED )) echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))" FAILED=$(( $FAILED + $SRVMEM )) +if [ $FAILED -gt 255 ]; then + # Clamp at 255 as caller gets exit code & 0xFF + # (so 256 would be 0, or success, etc) + FAILED=255 +fi exit $FAILED diff --git a/third_party/mbedtls/repo/tests/configs/config-wrapper-malloc-0-null.h b/third_party/mbedtls/repo/tests/configs/config-wrapper-malloc-0-null.h deleted file mode 100644 index 69a9578c640..00000000000 --- a/third_party/mbedtls/repo/tests/configs/config-wrapper-malloc-0-null.h +++ /dev/null @@ -1,37 +0,0 @@ -/* config.h wrapper that forces calloc(0) to return NULL. - * Used for testing. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef MBEDTLS_CONFIG_H -/* Don't #define MBEDTLS_CONFIG_H, let config.h do it. */ - -#include "mbedtls/config.h" - -#include -static inline void *custom_calloc( size_t nmemb, size_t size ) -{ - if( nmemb == 0 || size == 0 ) - return( NULL ); - return( calloc( nmemb, size ) ); -} - -#define MBEDTLS_PLATFORM_MEMORY -#define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/third_party/mbedtls/repo/tests/configs/user-config-for-test.h b/third_party/mbedtls/repo/tests/configs/user-config-for-test.h index 6e7c154bae9..b0c2988ca03 100644 --- a/third_party/mbedtls/repo/tests/configs/user-config-for-test.h +++ b/third_party/mbedtls/repo/tests/configs/user-config-for-test.h @@ -7,27 +7,35 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(PSA_CRYPTO_DRIVER_TEST_ALL) +/* PSA_CRYPTO_DRIVER_TEST_ALL activates test drivers while keeping the + * built-in implementations active. Normally setting MBEDTLS_PSA_ACCEL_xxx + * would disable MBEDTLS_PSA_BUILTIN_xxx unless fallback is activated, but + * here we arrange to have both active so that psa_crypto_*.c includes + * the built-in implementations and the driver code can call the built-in + * implementations. + * + * The point of this test mode is to verify that the + * driver entry points are called when they should be in a lightweight + * way, without requiring an actual driver. This is different from builds + * with libtestdriver1, where we make a copy of the library source code + * and use that as an external driver. + */ /* Enable the use of the test driver in the library, and build the generic * part of the test driver. */ #define PSA_CRYPTO_DRIVER_TEST +/* With MBEDTLS_PSA_CRYPTO_CONFIG, if we set up the acceleration, the + * built-in implementations won't be enabled. */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#error \ + "PSA_CRYPTO_DRIVER_TEST_ALL sets up a nonstandard configuration that is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG" +#endif + /* Use the accelerator driver for all cryptographic mechanisms for which * the test driver implemented. */ #define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES @@ -57,3 +65,23 @@ #define MBEDTLS_PSA_ACCEL_ALG_HMAC #endif /* PSA_CRYPTO_DRIVER_TEST_ALL */ + + + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform + * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO + * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions + * is to read and write from the entropy seed file, which is located + * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. + * (These could have been provided as library functions, but for historical + * reasons, they weren't, and so each integrator has to provide a copy + * of these functions.) + * + * Provide implementations of these functions for testing. */ +#include +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); +#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_test_inject_entropy_seed_read +#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_test_inject_entropy_seed_write +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ diff --git a/third_party/mbedtls/repo/tests/configs/user-config-malloc-0-null.h b/third_party/mbedtls/repo/tests/configs/user-config-malloc-0-null.h new file mode 100644 index 00000000000..d74a8516ea0 --- /dev/null +++ b/third_party/mbedtls/repo/tests/configs/user-config-malloc-0-null.h @@ -0,0 +1,22 @@ +/* config.h modifier that forces calloc(0) to return NULL. + * Used for testing. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#ifndef MBEDTLS_PLATFORM_STD_CALLOC +static inline void *custom_calloc(size_t nmemb, size_t size) +{ + if (nmemb == 0 || size == 0) { + return NULL; + } + return calloc(nmemb, size); +} + +#define MBEDTLS_PLATFORM_MEMORY +#define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc +#endif diff --git a/third_party/mbedtls/repo/tests/configs/user-config-zeroize-memset.h b/third_party/mbedtls/repo/tests/configs/user-config-zeroize-memset.h new file mode 100644 index 00000000000..52d4b0833e2 --- /dev/null +++ b/third_party/mbedtls/repo/tests/configs/user-config-zeroize-memset.h @@ -0,0 +1,17 @@ +/* mbedtls_config.h modifier that defines mbedtls_platform_zeroize() to be + * memset(), so that the compile can check arguments for us. + * Used for testing. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +/* Define _ALT so we don't get the built-in implementation. The test code will + * also need to define MBEDTLS_TEST_DEFINES_ZEROIZE so we don't get the + * declaration. */ +#define MBEDTLS_PLATFORM_ZEROIZE_ALT + +#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len) diff --git a/third_party/mbedtls/repo/tests/context-info.sh b/third_party/mbedtls/repo/tests/context-info.sh index 3465298458f..b87069295e9 100755 --- a/third_party/mbedtls/repo/tests/context-info.sh +++ b/third_party/mbedtls/repo/tests/context-info.sh @@ -3,19 +3,7 @@ # context-info.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # This program is intended for testing the ssl_context_info program # diff --git a/third_party/mbedtls/repo/tests/data_files/Makefile b/third_party/mbedtls/repo/tests/data_files/Makefile index f3cba5acb86..f67db07120d 100644 --- a/third_party/mbedtls/repo/tests/data_files/Makefile +++ b/third_party/mbedtls/repo/tests/data_files/Makefile @@ -1,7 +1,7 @@ ## This file contains a record of how some of the test data was ## generated. The final build products are committed to the repository ## as well to make sure that the test data is identical. You do not -## need to use this makefile unless you're extending mbed TLS's tests. +## need to use this makefile unless you're extending Mbed TLS's tests. ## Many data files were generated prior to the existence of this ## makefile, so the method of their generation was not recorded. @@ -41,6 +41,10 @@ test_ca_key_file_rsa = test-ca.key test_ca_pwd_rsa = PolarSSLTest test_ca_config_file = test-ca.opensslconf +$(test_ca_key_file_rsa): + $(OPENSSL) genrsa -aes-128-cbc -passout pass:$(test_ca_pwd_rsa) -out $@ 2048 +all_final += $(test_ca_key_file_rsa) + test-ca.req.sha256: $(test_ca_key_file_rsa) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256 all_intermediate += test-ca.req.sha256 @@ -57,6 +61,14 @@ test-ca.key.der: $(test_ca_key_file_rsa) $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)" all_final += test-ca.key.der +# This is only used for generating cert_example_multi_nocn.crt +test-ca_nocn.crt: $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \ + subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa) subject_name="C=NL" \ + issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \ + not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ +all_intermediate += test-ca_nocn.crt + test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ all_final += test-ca-sha1.crt @@ -93,6 +105,16 @@ cert_example_multi.csr: rsa_pkcs1_1024_clear.pem cert_example_multi.crt: cert_example_multi.csr $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@ +cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem + $(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL' +all_intermediate += cert_example_multi_nocn.csr + +cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt + $(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \ + -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \ + -set_serial 0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@ +all_final += cert_example_multi_nocn.crt + $(test_ca_key_file_rsa_alt):test-ca.opensslconf $(OPENSSL) genrsa -out $@ 2048 test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) @@ -112,19 +134,61 @@ test_ca_crt_file_ec = test-ca2.crt test_ca_key_file_ec = test-ca2.key test-ca2.req.sha256: $(test_ca_key_file_ec) - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256 + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) \ + subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256 all_intermediate += test-ca2.req.sha256 test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 - $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@ -all_final += test-ca.crt + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 selfsign=1 \ + request_file=test-ca2.req.sha256 \ + issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" \ + issuer_key=$(test_ca_key_file_ec) \ + not_before=20190210144400 not_after=20290210144400 \ + md=SHA256 version=3 output_file=$@ +all_final += test-ca2.crt + +test-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test-ca2.req.sha256 + $(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \ + -signkey $(test_ca_key_file_ec) -days 3653 -out $@ + +all_final += test-ca2.ku-crl.crt \ + test-ca2.ku-crt.crt \ + test-ca2.ku-crt_crl.crt \ + test-ca2.ku-ds.crt + +test-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \ + issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) \ + not_before=20290210144400 not_after=20390210144400 md=SHA256 version=3 output_file=$@ +all_intermediate += test-ca2-future.crt + +test_ca_ec_cat := # files that concatenate different crt +test-ca2_cat-future-invalid.crt: test-ca2-future.crt server6.crt +test_ca_ec_cat += test-ca2_cat-future-invalid.crt +test-ca2_cat-future-present.crt: test-ca2-future.crt test-ca2.crt +test_ca_ec_cat += test-ca2_cat-future-present.crt +test-ca2_cat-present-future.crt: test-ca2.crt test-ca2-future.crt +test_ca_ec_cat += test-ca2_cat-present-future.crt +test-ca2_cat-present-past.crt: test-ca2.crt test-ca2-expired.crt +test_ca_ec_cat += test-ca2_cat-present-past.crt +test-ca2_cat-past-invalid.crt: test-ca2-expired.crt server6.crt +test_ca_ec_cat += test-ca2_cat-past-invalid.crt +test-ca2_cat-past-present.crt: test-ca2-expired.crt test-ca2.crt +test_ca_ec_cat += test-ca2_cat-past-present.crt +$(test_ca_ec_cat): + cat $^ > $@ +all_final += $(test_ca_ec_cat) test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 - $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ + $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ + -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" \ + -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ all_final += test-ca-any_policy.crt test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 - $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ + $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ + -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 \ + -in test-ca.req_ec.sha256 -out $@ all_final += test-ca-any_policy_ec.crt test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 @@ -175,10 +239,37 @@ all_final += $(test_ca_crt_cat21) test-int-ca.csr: test-int-ca.key $(test_ca_config_file) $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@ -all_intermediate += test-int-ca.csr + +test-int-ca2.csr: test-int-ca2.key $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca2.key \ + -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate EC CA" -out $@ + +test-int-ca3.csr: test-int-ca3.key $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca3.key \ + -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -out $@ + +all_intermediate += test-int-ca.csr test-int-ca2.csr test-int-ca3.csr + +test-int-ca.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca \ + -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ + +test-int-ca2.crt: $(test_ca_key_file_rsa) $(test_ca_crt) $(test_ca_config_file) test-int-ca2.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt) \ + -CAkey $(test_ca_key_file_rsa) -set_serial 15 -days 3653 -sha256 -in test-int-ca2.csr \ + -passin "pass:$(test_ca_pwd_rsa)" -out $@ + +# Note: This requests openssl version >= 3.x.xx +test-int-ca3.crt: test-int-ca2.crt test-int-ca2.key $(test_ca_config_file) test-int-ca3.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions no_subj_auth_id \ + -CA test-int-ca2.crt -CAkey test-int-ca2.key -set_serial 77 -days 3653 \ + -sha256 -in test-int-ca3.csr -out $@ + test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ -all_final += test-int-ca-exp.crt + +all_final += test-int-ca-exp.crt test-int-ca.crt test-int-ca2.crt test-int-ca3.crt enco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem $(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ @@ -217,23 +308,74 @@ cli-rsa.key.der: $(cli_crt_key_file_rsa) all_final += cli-rsa.key.der test_ca_int_rsa1 = test-int-ca.crt +test_ca_int_ec = test-int-ca2.crt +test_ca_int_key_file_ec = test-int-ca2.key + +# server7* server7.csr: server7.key $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ all_intermediate += server7.csr + +server7.crt: server7.csr $(test_ca_int_rsa1) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key \ + -set_serial 16 -days 3653 -sha256 -in server7.csr > $@ +all_final += server7.crt + server7-expired.crt: server7.csr $(test_ca_int_rsa1) $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ all_final += server7-expired.crt + server7-future.crt: server7.csr $(test_ca_int_rsa1) $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ all_final += server7-future.crt + server7-badsign.crt: server7.crt $(test_ca_int_rsa1) { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@ all_final += server7-badsign.crt + +server7_int-ca.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) > $@ +all_final += server7_int-ca.crt + +server7_pem_space.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) | sed '4s/\(.\)$$/ \1/' > $@ +all_final += server7_pem_space.crt + +server7_all_space.crt: server7.crt $(test_ca_int_rsa1) + { cat server7.crt | sed '4s/\(.\)$$/ \1/'; cat test-int-ca.crt | sed '4s/\(.\)$$/ \1/'; } > $@ +all_final += server7_all_space.crt + +server7_trailing_space.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) | sed 's/\(.\)$$/\1 /' > $@ +all_final += server7_trailing_space.crt + +server7_int-ca_ca2.crt: server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) + cat server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) > $@ +all_final += server7_int-ca_ca2.crt + server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt cat server7.crt test-int-ca-exp.crt > $@ all_final += server7_int-ca-exp.crt +server7_spurious_int-ca.crt: server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) > $@ +all_final += server7_spurious_int-ca.crt + +# server8* + +server8.crt: server8.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL, O=PolarSSL, CN=localhost" serial=17 \ + issuer_crt=$(test_ca_int_ec) issuer_key=$(test_ca_int_key_file_ec) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 output_file=$@ +all_final += server8.crt + +server8_int-ca2.crt: server8.crt $(test_ca_int_ec) + cat $^ > $@ +all_final += server8_int-ca2.crt + cli2.req.sha256: cli2.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256 @@ -270,14 +412,31 @@ all_final += server5-ss-expired.crt # try to forge a copy of test-int-ca3 with different key server5-ss-forgeca.crt: server5.key - $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@ + $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" \ + -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca \ + -days 3650 -sha256 -key $< -out $@ all_final += server5-ss-forgeca.crt +server5-selfsigned.crt: server5.key + openssl req -x509 -key server5.key \ + -sha256 -days 3650 -nodes \ + -addext basicConstraints=critical,CA:FALSE \ + -addext keyUsage=critical,digitalSignature \ + -addext subjectKeyIdentifier=hash \ + -addext authorityKeyIdentifier=none \ + -set_serial 0x53a2cb4b124ead837da894b2 \ + -subj "/CN=selfsigned/OU=testing/O=PolarSSL/C=NL" \ + -out $@ +all_final += server5-selfsigned.crt + server5-othername.crt: server5.key $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@ +server5-nonprintable_othername.crt: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -out $@ + server5-unsupported_othername.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupoported_othername_san -days 3650 -sha256 -key $< -out $@ + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -out $@ server5-fan.crt: server5.key $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@ @@ -286,18 +445,114 @@ server5-tricky-ip-san.crt: server5.key $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@ all_final += server5-tricky-ip-san.crt +server5-der0.crt: server5.crt.der + cp $< $@ +server5-der1a.crt: server5.crt.der + cp $< $@ + echo '00' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der1b.crt: server5.crt.der + cp $< $@ + echo 'c1' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der2.crt: server5.crt.der + cp $< $@ + echo 'b90a' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der4.crt: server5.crt.der + cp $< $@ + echo 'a710945f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der8.crt: server5.crt.der + cp $< $@ + echo 'a4a7ff27267aaa0f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der9.crt: server5.crt.der + cp $< $@ + echo 'cff8303376ffa47a29' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +all_final += server5-der0.crt server5-der1b.crt server5-der4.crt \ + server5-der9.crt server5-der1a.crt server5-der2.crt \ + server5-der8.crt + +test-int-ca3-badsign.crt: test-int-ca3.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += test-int-ca3-badsign.crt + +# server9* + +server9.csr: server9.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +server9.crt: server9-sha1.crt + cp $< $@ +all_final += server9.crt +all_intermediate += server9.csr server9-sha1.crt + +server9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial $(SERVER9_CRT_SERIAL) -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ + -sigopt rsa_mgf1_md:$(@:server9-%.crt=%) -$(@:server9-%.crt=%) \ + -in $< -out $@ +server9-sha1.crt: SERVER9_CRT_SERIAL=22 +server9-sha224.crt: SERVER9_CRT_SERIAL=23 +server9-sha256.crt: SERVER9_CRT_SERIAL=24 +server9-sha384.crt: SERVER9_CRT_SERIAL=25 +server9-sha512.crt: SERVER9_CRT_SERIAL=26 +all_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt + +server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial 72 -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \ + -in $< -out $@ +all_final += server9-defaults.crt + +server9-badsign.crt: server9.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server9-badsign.crt + +server9-with-ca.crt: server9.crt $(test_ca_crt) + cat $^ > $@ +all_final += server9-with-ca.crt + +# FIXME: This file needs special sequence. It should be update manually +server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + false + +server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial 24 -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ + -sigopt rsa_mgf1_md:sha224 -sha256 \ + -in $< -out $@ +all_final += server9-bad-mgfhash.crt + +# server10* + +server10.crt: server10.key test-int-ca3.crt test-int-ca3.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="CN=localhost" serial=75 \ + issuer_crt=test-int-ca3.crt issuer_key=test-int-ca3.key \ + subject_identifier=0 authority_identifier=0 \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 output_file=$@ +all_final += server10.crt server10-badsign.crt: server10.crt { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ all_final += server10-badsign.crt server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt cat server10-badsign.crt test-int-ca3.crt > $@ all_final += server10-bs_int3.pem -test-int-ca3-badsign.crt: test-int-ca3.crt - { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ -all_final += test-int-ca3-badsign.crt server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt cat server10.crt test-int-ca3-badsign.crt > $@ all_final += server10_int3-bs.pem +server10_int3_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) + cat $^ > $@ +all_final += server10_int3_int-ca2.crt +server10_int3_int-ca2_ca.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) $(test_ca_crt) + cat $^ > $@ +all_final += server10_int3_int-ca2_ca.crt +server10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_rsa1) $(test_ca_int_ec) + cat $^ > $@ +all_final += server10_int3_spurious_int-ca2.crt rsa_pkcs1_2048_public.pem: server8.key $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ @@ -315,6 +570,19 @@ rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ all_final += rsa_pkcs8_2048_public.der +# Generate crl_cat_*.pem +# - crt_cat_*.pem: (1+2) concatenations in various orders: +# ec = crl-ec-sha256.pem, ecfut = crl-future.pem +# rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem + +crl_cat_ec-rsa.pem:crl-ec-sha256.pem crl.pem + cat $^ > $@ + +crl_cat_rsa-ec.pem:crl.pem crl-ec-sha256.pem + cat $^ > $@ + +all_final += crl_cat_ec-rsa.pem crl_cat_rsa-ec.pem + ################################################################ #### Generate various RSA keys ################################################################ @@ -885,6 +1153,61 @@ ec_prv.pk8param.pem: ec_prv.pk8param.der $(OPENSSL) pkey -in $< -inform DER -out $@ all_final += ec_prv.pk8param.pem +ec_pub.pem: ec_prv.sec1.der + $(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@ +all_final += ec_pub.pem + +################################################################ +#### Convert PEM keys to DER format +################################################################ +server1.pubkey.der: server1.pubkey + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += server1.pubkey.der + +rsa4096_pub.der: rsa4096_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += rsa4096_pub.der + +ec_pub.der: ec_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_pub.der + +ec_521_pub.der: ec_521_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_521_pub.der + +ec_bp512_pub.der: ec_bp512_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_bp512_pub.der + +server1.key.der: server1.key + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += server1.key.der + +rsa4096_prv.der: rsa4096_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += rsa4096_prv.der + +ec_prv.sec1.der: ec_prv.sec1.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_prv.sec1.der + +ec_256_long_prv.der: ec_256_long_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_256_long_prv.der + +ec_521_prv.der: ec_521_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_521_prv.der + +ec_521_short_prv.der: ec_521_short_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_521_short_prv.der + +ec_bp512_prv.der: ec_bp512_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_bp512_prv.der + ################################################################ ### Generate CSRs for X.509 write test suite ################################################################ @@ -909,6 +1232,11 @@ server1.req.sha256: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256 all_final += server1.req.sha256 +server1.req.sha256.ext: server1.key + # Generating this with OpenSSL as a comparison point to test we're getting the same result + openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth" +all_final += server1.req.sha256.ext + server1.req.sha384: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384 all_final += server1.req.sha384 @@ -937,6 +1265,10 @@ server1.req.cert_type_empty: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 all_final += server1.req.cert_type_empty +server1.req.commas.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256 +all_final += server1.req.commas.sha256 + # server2* server2_pwd_ec = PolarSSLTest @@ -963,11 +1295,79 @@ all_final += server2.key.enc # server5* +server5.csr: server5.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +all_intermediate += server5.csr +server5.crt: server5-sha256.crt + cp $< $@ +all_intermediate += server5-sha256.crt +server5-sha%.crt: server5.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) server5.crt.openssl.v3_ext + $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -extfile server5.crt.openssl.v3_ext -set_serial 9 -days 3650 \ + -sha$(@:server5-sha%.crt=%) -in $< -out $@ +all_final += server5.crt server5-sha1.crt server5-sha224.crt server5-sha384.crt server5-sha512.crt + +server5-badsign.crt: server5.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server5-badsign.crt + # The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.' server5.req.ku.sha1: server5.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 + $(OPENSSL) req -key $< -out $@ -new -nodes -subj "/C=NL/O=PolarSSL/CN=PolarSSL Server 1" -sha1 -addext keyUsage=digitalSignature,nonRepudiation all_final += server5.req.ku.sha1 +server5.ku-ds.crt: SERVER5_CRT_SERIAL=45 +server5.ku-ds.crt: SERVER5_KEY_USAGE=digital_signature +server5.ku-ka.crt: SERVER5_CRT_SERIAL=46 +server5.ku-ka.crt: SERVER5_KEY_USAGE=key_agreement +server5.ku-ke.crt: SERVER5_CRT_SERIAL=47 +server5.ku-ke.crt: SERVER5_KEY_USAGE=key_encipherment +server5.eku-cs.crt: SERVER5_CRT_SERIAL=58 +server5.eku-cs.crt: SERVER5_EXT_KEY_USAGE=codeSigning +server5.eku-cs_any.crt: SERVER5_CRT_SERIAL=59 +server5.eku-cs_any.crt: SERVER5_EXT_KEY_USAGE=codeSigning,any +server5.eku-cli.crt: SERVER5_CRT_SERIAL=60 +server5.eku-cli.crt: SERVER5_EXT_KEY_USAGE=clientAuth +server5.eku-srv_cli.crt: SERVER5_CRT_SERIAL=61 +server5.eku-srv_cli.crt: SERVER5_EXT_KEY_USAGE=serverAuth,clientAuth +server5.eku-srv.crt: SERVER5_CRT_SERIAL=62 +server5.eku-srv.crt: SERVER5_EXT_KEY_USAGE=serverAuth +server5.ku-%.crt: SERVER5_EXT_OPTS=key_usage=$(SERVER5_KEY_USAGE) +# The commands for server5.eku-*.crt is invalid because `ext_key_usage` was not supported by +# `cert_write` in 2.28. This would be fixed by #8083. +server5.eku-%.crt: SERVER5_EXT_OPTS=ext_key_usage=$(SERVER5_EXT_KEY_USAGE) +server5.%.crt: server5.key + $(MBEDTLS_CERT_WRITE) \ + subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=$(SERVER5_CRT_SERIAL) \ + issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) $(SERVER5_EXT_OPTS) \ + not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ +all_final += server5.ku-ka.crt server5.ku-ke.crt server5.ku-ds.crt +all_final += server5.eku-cs.crt server5.eku-cs_any.crt server5.eku-cli.crt server5.eku-srv_cli.crt server5.eku-srv.crt + +# server6* + +server6.csr: server6.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +all_intermediate += server6.csr +server6.crt: server6.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) + $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -extfile server5.crt.openssl.v3_ext -set_serial 10 -days 3650 -sha256 -in $< -out $@ +all_final += server6.crt + +server6-ss-child.csr : server6.key + $(OPENSSL) req -new -subj "/CN=selfsigned-child/OU=testing/O=PolarSSL/C=NL" \ + -key $< -out $@ +all_intermediate += server6-ss-child.csr +server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext + $(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \ + -extfile server6-ss-child.crt.openssl.v3_ext \ + -set_serial 0x53a2cb5822399474a7ec79ec \ + -days 3650 -sha256 -in $< -out $@ +all_final += server6-ss-child.crt + + ################################################################ ### Generate certificates for CRT write check tests ################################################################ @@ -987,14 +1387,20 @@ test_ca_server1_config_file = test-ca.server1.opensslconf # server1* server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) version=1 \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA1 version=3 output_file=$@ server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ server1.crt.der: server1.crt $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ server1.der: server1.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += server1.crt server1.noauthid.crt server1.crt.der +server1.commas.crt: server1.key server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server1.crt server1.noauthid.crt server1.crt.der server1.commas.crt server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ @@ -1026,6 +1432,16 @@ server1.ca.der: server1.ca.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der +server1-nospace.crt: server1.key test-ca.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial=31\ + subject_name="C=NL,O=PolarSSL,CN=polarssl.example" \ + issuer_crt=test-ca.crt issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 authority_identifier=1 \ + output_file=$@ +all_final += server1-nospace.crt + server1_ca.crt: server1.crt $(test_ca_crt) cat server1.crt $(test_ca_crt) > $@ all_final += server1_ca.crt @@ -1084,8 +1500,13 @@ server1.v1.der.openssl: server1.v1.crt.openssl crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@ -crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.server1.future-crl.db test-ca.server1.future-crl.opensslconf - $(FAKETIME) '2028-12-31' $(OPENSSL) ca -gencrl -config test-ca.server1.future-crl.opensslconf -crldays 365 -passin "pass:$(test_ca_pwd_rsa)" -out $@ +crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \ + $(test_ca_config_file) \ + test-ca.server1.future-crl.db \ + test-ca.server1.future-crl.opensslconf + $(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \ + -config test-ca.server1.future-crl.opensslconf -crldays 365 \ + -passin "pass:$(test_ca_pwd_rsa)" -out $@ server1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl @@ -1103,6 +1524,43 @@ server2-sha256.crt: server2.req.sha256 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ all_final += server2-sha256.crt +server2.ku-ka.crt: SERVER2_CRT_SERIAL=42 +server2.ku-ka.crt: SERVER2_KEY_USAGE=key_agreement +server2.ku-ke.crt: SERVER2_CRT_SERIAL=43 +server2.ku-ke.crt: SERVER2_KEY_USAGE=key_encipherment +server2.ku-ds.crt: SERVER2_CRT_SERIAL=44 +server2.ku-ds.crt: SERVER2_KEY_USAGE=digital_signature +server2.ku-ds_ke.crt: SERVER2_CRT_SERIAL=48 +server2.ku-ds_ke.crt: SERVER2_KEY_USAGE=digital_signature,key_encipherment +server2.ku-%.crt: server2.req.sha256 + $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=$(SERVER2_CRT_SERIAL) \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + key_usage="$(SERVER2_KEY_USAGE)" \ + not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server2.ku-ka.crt server2.ku-ke.crt server2.ku-ds.crt server2.ku-ds_ke.crt + +server2-badsign.crt: server2.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server2-badsign.crt + +# server3* + +server3.crt: server3.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA1 version=3 output_file=$@ +all_final += server3.crt + +# server4* + +server4.crt: server4.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=8 \ + issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) \ + not_before=20190210144400 not_after=20290210144400 \ + md=SHA256 version=3 output_file=$@ +all_final += server4.crt + # MD2, MD4, MD5 test certificates cert_md_test_key = $(cli_crt_key_file_rsa) @@ -1131,6 +1589,41 @@ cert_md5.crt: cert_md5.csr $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@ all_final += cert_md5.crt +# - test-ca-v1.crt: v1 "CA", signs +# server1-v1.crt: v1 "intermediate CA", signs +# server2-v1*.crt: EE cert (without of with chain in same file) + +test-ca-v1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=25883963888465069501131757029 \ + request_file=test-ca.req.sha256 \ + selfsign=1 issuer_name="CN=PolarSSL Test CA v1,OU=testing,O=PolarSSL,C=NL" \ + issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144400 not_after=20290210144400 md=SHA256 version=1 \ + output_file=$@ +all_final += test-ca-v1.crt + +server1-v1.crt: server1.key test-ca-v1.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial=25883964939897181595909491649 \ + subject_name="CN=server1/int-ca-v1,OU=testing,O=PolarSSL,C=NL" \ + issuer_crt=test-ca-v1.crt issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=1 \ + output_file=$@ +all_final += server1-v1.crt + +server2-v1.crt: server2.key server1-v1.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial=25883965274140956871506900844 \ + subject_name="CN=server2,OU=testing,O=PolarSSL,C=NL" \ + issuer_crt=server1-v1.crt issuer_key=server1.key \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=1 \ + output_file=$@ +all_final += server2-v1.crt + +server2-v1-chain.crt: server2-v1.crt server1-v1.crt + cat $^ > $@ + ################################################################ #### Diffie-Hellman parameters ################################################################ @@ -1175,3 +1668,5 @@ clean: neat: clean rm -f $(all_final) .PHONY: clean neat + +.SECONDARY: $(all_intermediate) diff --git a/third_party/mbedtls/repo/tests/data_files/Readme-x509.txt b/third_party/mbedtls/repo/tests/data_files/Readme-x509.txt index d07241a2c6b..82f93d23067 100644 --- a/third_party/mbedtls/repo/tests/data_files/Readme-x509.txt +++ b/third_party/mbedtls/repo/tests/data_files/Readme-x509.txt @@ -76,6 +76,10 @@ List of certificates: -badsign.crt: S5 with corrupted signature -expired.crt: S5 with "not after" date in the past -future.crt: S5 with "not before" date in the future + -non-compliant.crt: S5, RFC non-compliant + (with forbidden EC algorithm identifier NULL parameter) + generated by (before fix): + cert_write subject_key=server5.key subject_name="CN=Test EC RFC non-compliant" issuer_crt=test-ca2.crt issuer_key=test-ca2.key -selfsigned.crt: Self-signed cert with S5 key -ss-expired.crt: Self-signed cert with S5 key, expired -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key @@ -89,8 +93,8 @@ List of certificates: _int-ca.crt: S7 + I1 _int-ca_ca2.crt: S7 + I1 + 2 _all_space.crt: S7 + I1 both with misplaced spaces (invalid PEM) - _pem_space.crt: S7 with misplace space (invalid PEM) + I1 - _trailing_space.crt: S7 + I1 both with trainling space (valid PEM) + _pem_space.crt: S7 with misplaced space (invalid PEM) + I1 + _trailing_space.crt: S7 + I1 both with trailing space (valid PEM) _spurious_int-ca.crt: S7 + I2(spurious) + I1 - server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2) - server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS diff --git a/third_party/mbedtls/repo/tests/data_files/base64/def_b64_too_big_1.txt b/third_party/mbedtls/repo/tests/data_files/base64/def_b64_too_big_1.txt index 0fe8a18f7f3..47be05c014c 100644 --- a/third_party/mbedtls/repo/tests/data_files/base64/def_b64_too_big_1.txt +++ b/third_party/mbedtls/repo/tests/data_files/base64/def_b64_too_big_1.txt @@ -1,2 +1,2 @@ -// Context with added '1234' at the begining to simulate too much data in the base64 code +// Context with added '1234' at the beginning to simulate too much data in the base64 code 1234AhUAAH8AAA4AAAQ8AAAAAF6HQx3MqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG2QbHbUj8eGpdx5KVIebiwk0jvRj9/3m6BOSzpA7qBXeEunhqr3D11NE7ciGjeHMAAAAAAAM7MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJhPqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6UHoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq91C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sva1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbopMZqLmbBm/7WPLcAAJTfQC2Ek91INP5ihHNzImPOAHJCk+YTO/pQuEnNWwXbdmKAi+IRp671iAwtpkjSxCBXVzKX925F1A66caCOQptlw+9zFukDQgblM2JyAJLG0j6B4RtBTDWJ8ZTMUPHUoLJoEpm8APZgRi//DMRyCKP9pbBLGlDzgUvl0w11LzBAlJHkWau5NoqQBlG7w4HFrKweovskAAFRgAAAAF6HQx248L77RH0Z973tSYNQ8zBsz861CZG5/T09TJz3XodDHe/iJ+cgXb5An3zTdnTBtw3EWAb68T+gCE33GN8AAAAAAAAAAAAAAAEAAAAAAAAAAwAAAQAAAAAAAgAAAA== diff --git a/third_party/mbedtls/repo/tests/data_files/cert_example_multi_nocn.crt b/third_party/mbedtls/repo/tests/data_files/cert_example_multi_nocn.crt index 1634846e1b2..08bf63c9d21 100644 --- a/third_party/mbedtls/repo/tests/data_files/cert_example_multi_nocn.crt +++ b/third_party/mbedtls/repo/tests/data_files/cert_example_multi_nocn.crt @@ -1,13 +1,16 @@ -----BEGIN CERTIFICATE----- -MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV -BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE -BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt -WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz -UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ -81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD +MIICfjCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV +BAYTAk5MMB4XDTIzMDUxODAyMDUwMVoXDTMzMDUxODAyMDUwMVowDTELMAkGA1UE +BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMc4ksXD9HAQCGv4EzXs +8wEciiUPlYI2HqoelhJVGqz4e3UzC3BXM5zZlfFNTEQ3yL7EoD/kZDzT88kCQz3D +fFuOeaoJhK6CEzcKv4VpvSo1Ymyx/uSs4EKyQXx75J0nFJssB2uOQz0/bHY6Rpoc +cA0lnbwIx0D82AI3Yv996/wtAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 -dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB -ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB -bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm -EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 +dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4IB +AQAuomKlMLwSkP3zvGuA9awDdITM/uCzfd77yi60zMNtFHDMu2YZ2npQSl0czab6 +/8fX9goaU8V3cx4KXSLMx7i9AsP1r559Uo3c/4oTZd3xBsElMAn/TXiuujZ2RwdL +RcMOJerlThOE0dtNdniJj7lPaan70CELP/CUn8KgeWgztQJj4ghfUwnLn6RnpLfl +YyM/Xq2YbwnQWHXSe3CPTy5RCWalt3SgZf6IDcD6CNq1Q2l14iR78OWnlxGTFmjP +ez3OzxNT2BZz0AiP0WvTbUtvfuxw9G3fHHe5ClsAopIA3tD246jHOAlqAnOEBC/x +IABbWjY/briP9U4R6x+mg2ck -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha1.pem b/third_party/mbedtls/repo/tests/data_files/crl-ec-sha1.pem index 8358640a0d3..f82d94674d4 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha1.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-ec-sha1.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ -b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz -MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +MIIBbjCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQ +b2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMjMwNTE3MDcx +NDM5WhcNMzMwNTE3MDcxNDM5WjAUMBICAQoXDTIzMDUxNzA3MTQzOVqgcjBwMG4G A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg -Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW -svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm -56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +TDERMA8GA1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gAMGUCMQCRAtXd7kXgijlMXHXr6m0B +IzDbpAAwDwCJtgOzarF5hZKGDZeDp6vptGZK0y40NsoCMACxRrXIV+6KUBipFarI +36yXDoBNol2xzst6p9fOg+prl6p7vO1sRYrIGg1WJGA5wQ== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha256.pem b/third_party/mbedtls/repo/tests/data_files/crl-ec-sha256.pem index adfd5f8937c..b9fad50fc8a 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha256.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-ec-sha256.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1-badsign.pem index 7e2a59677a2..d236910d902 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1-badsign.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1-badsign.pem @@ -1,14 +1,14 @@ -----BEGIN X509 CRL----- MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY +ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y +MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5 +WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM +MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi +8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz +ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf +Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk +M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27 +IXSTrZJj4WeQMk289pIccMHj5DUSo4u0 -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1.pem index 59ca4f703e6..c129c0c813d 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha1.pem @@ -1,14 +1,14 @@ -----BEGIN X509 CRL----- MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y +MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5 +WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM +MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi +8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz +ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf +Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk +M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27 +IXSTrZJj4WeQMk289pIccMHj5DUSo4uO -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha224.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha224.pem index a51d5d91138..1108b3ddbaf 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha224.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha224.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI -i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v -TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e -Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 -NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB -f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D -a6JSqCIMRCQY2JOUn0A= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4jA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla +MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgQFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA +4gOCAQEANsElK5qMavcgBXsqgysCIIwEPj+dXdBOwXW17HWh2jcSwAssFNRxhiIc +PoUjj2fNlbOWXLPoxXBitgkJ31UAYCteGSv3j5P3WEuriVwCG889JEoMWn9U4+f9 +f5jSVNfynyiAOiwpA0TrOhZOAs9SEj742S1pzhsb9yaOXeQXNnDv8HYe3uX9/D9w +ynot+/EwCYEuvK8XQ6qnV6588NHEAd9x+OcV9pxWrmUE8Muz1KffBwD5+SOW+Taj +4fKQPcKJoRXOKyLXpOz7yMl/6fCf6h3Qj/H4YI/2gsWI0iduKoXDsuQkMEdPTZvk +7P88YK3/4MReaZS3sDyhhUrojELPXw== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha256.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha256.pem index f16a49118eb..26f7935ccc5 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha256.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha256.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 -oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC -FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo -IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X -ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB -r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb -XLdJyyak33CLBKu+nJc= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3jA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla +MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA +3gOCAQEAHLzvRF0RVQL48ZGVFnTk1nsOHXVHS0UVMItsILurXJ4XrOgN1I7iTzu2 +wYNtgr+T15jwsPdgU+Gg3127vb2Djm0IUX0dCfYpSFRUv8BjaK962ZPjM0rkWhC6 +JUTWSLMAMy4ScqcoC7e4vuN2h4kPOzlvDBIhzWKA03+taAtuIOWjXZu2/Cyeggxs +oXARKI8BEv4b94xwiFJMoMuzcYAkuDIH4MRYANVgOS/zncCRS9D5ZerfoBt70LKX +nzJtT4a0XoxbUJeU8MZ0fR5aAHUQulAPA9CMmBsHkSx7pzAAhCwx/vXbnWPyhA6G +XG6gCKcDR5PZQvQNgi29SLlhRTT5TA== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha384.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha384.pem index 50f7e4cd249..45431f0133f 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha384.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha384.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco -SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR -a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 -EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs -y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k -q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u -KUH/xf1jEnNzbYNGiZw= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzjA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa +MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIA +zgOCAQEAnZvMo3nmKXPV+q4m1CdMA7jUtdanJBHDAv2+LZLq4T1QpyN+nmLEB1yX +ARN8/5Px47zm7XyZw6HI1Il34MjblAKIPBVXoswj4YLRceijwiG1bxkh1Kz3lcV0 +GCNPNo7tMPii9iATWlVzWBCzx2rLmt/ys0DtNRCMISOYGW1HkyuO28dwA6nUJwSS +Ddjr3iilavnBdpzddH9AiN5Fm0sfrFBANx79Qyp0/r8hqrv7rT33maeRKj3S4e9G +zpO6uHPAh9Obo93DxpKpXoMwxDiHv+bwHPO4J1YOiryy/KZmHhzUMPfvP09pGg9f +zGO/bOyiHGH0Lf4F9JVMxpfitdbtwg== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha512.pem b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha512.pem index 0f1d6510bcd..71f2b7cd50c 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha512.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl-rsa-pss-sha512.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F -ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq -1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 -t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU -p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 -sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 -enMfMvwScA5AImzu9xA= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvjA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa +MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIA +vgOCAQEAtMPpQMet9BfMRLg0AW9QfL3QkktV7xk++BqYFOYynBiqxjQH4AKu3wU8 +eiGd3+2xNpQd2/sG7UUNo1Vnl9gCHRiT4bje6+CdvvqaZKSgpmsiztbgBAYORriF +flKOKOOQTxaikqJ4t7vp727JmstADuyizTgOBE0k3V1glas8B0G122YheeHF02S4 ++33Nss4hbfbTilR0RccOaqiXzF9bkFsTlD5KgyUFZbFtdy+1zHZLnRUAJA1HmDeP +r5p2mJxKwXmZzLnw/FPa8fUH665TKYk08AuIpN+VHdPwiBoYHJ2YZJWgM+1qHq1y +tlyoAOC6beqsh9OfxcQZaEiWbUI9yQ== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl.pem b/third_party/mbedtls/repo/tests/data_files/crl.pem index df7417e8eed..5a1bdd35abe 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl.pem @@ -1,11 +1,11 @@ -----BEGIN X509 CRL----- MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI -UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTE5MDIwNjE2MzQ0 -NloXDTI5MDIwNjE2MzQ0NlowKDASAgEBFw0xMTAyMTIxMjQ0MDdaMBICAQMXDTEx -MDIxMjEyNDQwN1owDQYJKoZIhvcNAQEFBQADggEBAGHkRHGDz2HsoiXzfJDBpkfg -I+yK34O9zoHMyGcDZbF9fj4NVyyNA6XCgY3IgQYe3boA1edO6+8ImjqiZjYK+GWt -4ne7YhapRFAoFbKQY5hgy8mlpSRlNfmRVVCDDKannMac4tQff1LCFHN8msk/uG1b -WHWAsL6dzLVojhbUFY6mZTb6nqjm5YgqcsNsz37n4dyrCDftB99FQdE/aAec2RXP -Jgy9DnY5jMotPqHLZtMyfVNEoivDb7YJA5Vv6NSyiYVTjyWyTHNRsFEXRtHqjpqs -oZdBgLZAAQsUvuVpMbDKQ4FrZjOaOW/xLtKPlh/HNA5p7hNtwIiCAIvp7uQti0w= +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl_cat_ec-rsa.pem b/third_party/mbedtls/repo/tests/data_files/crl_cat_ec-rsa.pem index 3cda8ff03e3..cafa1d4112c 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl_cat_ec-rsa.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl_cat_ec-rsa.pem @@ -1,21 +1,21 @@ -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- -----BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl_cat_rsa-ec.pem b/third_party/mbedtls/repo/tests/data_files/crl_cat_rsa-ec.pem index ded369d897c..92ecccc6dfa 100644 --- a/third_party/mbedtls/repo/tests/data_files/crl_cat_rsa-ec.pem +++ b/third_party/mbedtls/repo/tests/data_files/crl_cat_rsa-ec.pem @@ -1,21 +1,21 @@ -----BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/dh.optlen.der b/third_party/mbedtls/repo/tests/data_files/dh.optlen.der new file mode 100644 index 0000000000000000000000000000000000000000..3c3bf1780ea3b148899d2d22dc85b45b5f3c2165 GIT binary patch literal 530 zcmV+t0`2`Uf&vZ#f&l>lvl43R^l?+i)_*`SFtU=hy;^LZt{fA3^FW9E;-hL;jc~=q zV67|Ll1xfXzTyfNalUZ_&WGOmc94lSfIYs-V8cEViNT;c!p6kplm+FGFQ8d!9J;8L z%s?$t6YWZ0A6uxk;q5)CQKZCmuj>q^V7E4mILPP;^McuG;htdJm`-8KLbc!5BQh$_ zGJl>yJlbRc!CYG|q53pHU4xh}xUM{F1$Kw`K+0NA+!Ox#|HaBttyz+zLeV)8q)y UL}n6< zY3l=yorYjho0y2!8ZF3zn=*BYvuY9j=`W&)8@uQ=vvy3`p-6F z!eG5DgiCK$0M6*-ik@ZAoUPcOBVFzV^SGu)zHwh4XVtVc;Qu3`{0HxMKp8$j?*DH) Z&HZ*-sTEK&QcvXa1@%NuDJ)DcYQg3~Zj1l` literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/ec_521_pub.der b/third_party/mbedtls/repo/tests/data_files/ec_521_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..5b685deb363dbec17f18edd329ab3530b06e4eab GIT binary patch literal 158 zcmV;P0Ac?yftxT81_vsJNX|V10R{ytfdl{}1A&GB1OOf3Le)=c>jRGDx38T%pm#R? zoc9^)HBD)Up6BzyHv131p9uJC<@yqi!Jtvo=Eg(lTH25L&o*PiV7)AaOK(;H&gkTd zo@LOSt=OL%Ho{6KL(P)D!-VH39D0lnx9=1*FJ2M}8aSD4+)h1uKCB03)G+i35R#00aS4Fm=@^ z@HoChAgk&{fI0{FrRX!Adw^YrBvpEcXbXoaGaz#RqR=uDkP^2J%m((<(OtER5PpU_ zvpck>#i;$80DOba&MO(YcxUXY@=ZO`bVZ-UD=j)wNIEGvWrYW_uF@oflhX>b=Qhmc Zeeg2t_`*5u%%U!RgI-71dlJtF*Xs3$XAb}X literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/ec_bp512_prv.der b/third_party/mbedtls/repo/tests/data_files/ec_bp512_prv.der new file mode 100644 index 0000000000000000000000000000000000000000..2d9a3de27cc92bc24850ca3cb68d4a6fc1e6b8f0 GIT binary patch literal 221 zcmV<303!b|f!YEA0R%udESGrppK@%xqx7O^@oP~)<;{M6#(bl&}3Nob`_zV}fMQFw;?{5a}4s#23#*9vh~!(BYO$If?a z+a(>=OU`j4L?rHTN$${c@Y}@KnU>*o)mP$Ub~@>BmB4}LK7F#|irhU+ngoZj?dW#g XAIf3L0_maHaw~=sl8+doNJUv1?c8d~ literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/ec_bp512_pub.der b/third_party/mbedtls/repo/tests/data_files/ec_bp512_pub.der new file mode 100644 index 0000000000000000000000000000000000000000..6a8c4c79f841eaaa0cf4732a0110a78e5e36370f GIT binary patch literal 158 zcmV;P0Ac?yftxTC1_vsJNX|V10R{;xBm)Bi2mt{N1A&471UR?slC~UNY=68cr0jK_ zNc_~|<8NI9y2s9UYuhCq)=SQDBSa+b za7pgaa`4;4*O`{#b=6nmV|F^}aFxJ;=RSS1uXE*J>OB delta 53 zcmV-50LuSMOOP8dym@`Iu73#ZJxOa%v=OuRAf;HP0pKDn2+!c$itLLTd-6-^DN)Q@ Lp}xB$bdZ|hmr)u- diff --git a/third_party/mbedtls/repo/tests/data_files/mpi_10 b/third_party/mbedtls/repo/tests/data_files/mpi_10 deleted file mode 100644 index ab5e0d35ffe..00000000000 --- a/third_party/mbedtls/repo/tests/data_files/mpi_10 +++ /dev/null @@ -1 +0,0 @@ -label_1234567890=643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153 diff --git a/third_party/mbedtls/repo/tests/data_files/mpi_16 b/third_party/mbedtls/repo/tests/data_files/mpi_16 new file mode 100644 index 00000000000..04335d98073 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/mpi_16 @@ -0,0 +1 @@ +label_1234567890=1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09 diff --git a/third_party/mbedtls/repo/tests/data_files/bitstring-in-dn.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/bitstring-in-dn.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/bitstring-in-dn.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/bitstring-in-dn.pem diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi.crt new file mode 100644 index 00000000000..0e3295dc717 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICojCCAYqgAwIBAgIBETANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwNzEwMTEyNzUyWhcNMjkwNzEwMTEyNzUyWjA6MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEAxziSxcP0cBAIa/gTNezzARyKJQ+VgjYeqh6W +ElUarPh7dTMLcFcznNmV8U1MRDfIvsSgP+RkPNPzyQJDPcN8W455qgmEroITNwq/ +hWm9KjVibLH+5KzgQrJBfHvknScUmywHa45DPT9sdjpGmhxwDSWdvAjHQPzYAjdi +/33r/C0CAwEAAaM2MDQwMgYDVR0RBCswKYILZXhhbXBsZS5jb22CC2V4YW1wbGUu +bmV0gg0qLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQCJbFizurHz804x +6NbsvsPPgLcESq0OcGOEXOCOe8seZqomhSYTXtHBzrFtRp2/gmtORq2oapoDDiq+ +I+xRLJYsUBut2NdkZmEIRSW4n4sXJwqb0fXTTkd7EAXBvGNWbERab5Sbf84oqd4t +yjjz2u+Hvx8hZCHJG2V9qg3zaw5zJT1AfAsMbjXqi8CfU7U+Fcor+O3GeuUVgpJC +QCXb2Qjj3ZmrCvGZA9x59XtnEN6m2O4pWkmqR/Z7MlQrZzQ80vcQMk9+qoKIr2EJ +RcJhAtE+dLV19IlccwsDlGx5kT5N5zSYLK9nARV1/AjK48bUxGH353A1Y2MCfy0E +dXDReJa1 +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi_nocn.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi_nocn.crt new file mode 100644 index 00000000000..1634846e1b2 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_example_multi_nocn.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV +BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE +BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt +WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz +UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ +81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD +AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 +dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB +ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB +bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm +EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md2.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md2.crt new file mode 100644 index 00000000000..94b89afce3b --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md2.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQIFAAOC +AQEAXLWqy34iaZ2YV+5eE1QMV/9m9nQI2X/yumRH1MT1R3oYde/YDV7+HSOM6qLs +qSgH1DSyXv1YnJww2OyTtAVhPalICLjVjUQCyeUCiFpAIO6Xz1VE6v4GMFLqhlV1 +Nox9dDtR5Go2zwPaH64Ze9GxuDZfW+VnPRNgYOrqqCBnuhnp2uPRfOewus2AAo50 +dx1XTooCEqElQlB9EIPWbvPdJZjRjruCUtDbz+oxG4J4Ml4KCYm+/MyXNPqxV9+H +5A9oQltuHMWasMWSfXeimQI5PPpdjndmJOhfT4RGmvTw/uNC/Xuy1kPxXQKoocz6 +93U8RQvyJxdIPtQuARNMRZ7G+Q== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md4.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md4.crt new file mode 100644 index 00000000000..7d0f7cb1b48 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md4.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC +AQEArXIW7Dy1hBXMKY8/TAfACqkFZzbGDJdD5ohQknENk6FzUHVw9SVibhi5J+nh +/mhUhoczFg78T8ZopDcsPHKQTuy0LNcLWhZDD4S4CJCibmsf+8BWmPcSp1tsS9Zj +etO5qNuUarL74W+rRa3qQcCXcglYTubv/PcCV+LGVqZ4XDlO5EBFJJREAREzG+iK +Epm2y0mi1WTwjy7m7rxYHs5i5ybDHDDwU55H5wh50Vs4/vDx2kZab2K9gx6V2ggY +CCYmRWKQHdI4XZBkpYFbbREZxMY4Y5c2PUMlr8GUq6s6eu9/GvmnIx/+EySSfxgv +9GpN+gnyx03hjYNGO7iX8nPnXA== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md5.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md5.crt new file mode 100644 index 00000000000..e514fd631c5 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_md5.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC +AQEAF4QcMshVtVbYgvvU7f2lWakubbAISM/k+FW/f7u63m0MSSoSFeYflBOC1Wf4 +imgDEnWcWTH5V7sxsLNogxfpfTuFUaKfHeQmRhAK4UgqbDEs4dZvgo3wZ/w92G0/ +QNntJefnqaFiITXZTn6J8hxeoEq4QbucbWgeY6fTAwXtIv40BvMOSakkuIFAyIvV +90VY1j4vnx0/xv5lIBAxah1HdtXhqtDu/sUfdCtWX5SCcVUwwM3gZ4Q1ZdWQmlvF +737ZG7XaINxsDaI04sJxc7qvuRYhLdCwUPnZL5TGEQJ8jNa/39eEbnkvs7hbTU98 +6qG8UAYsSI7aMe1j7DZpkoPL9w== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha1.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha1.crt new file mode 100644 index 00000000000..1e23585c556 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBBzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGzAZBgNVBAMMElBvbGFyU1NMIENlcnQgU0hBMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAFAHuWfjOp+GaM5dP3NBaUayXmjbrsY5fo/ysfOVV9xipzbPWvE2Bu679iU1 +Eg+5hME9VlMmQejGzG09ReXE+30gyhtO3vWA8U21YrsL3ybvS6EREHGKk238bIBh +yDP/b0VuoNsS3xRn9WyH3TRu5re0vK68OSkLIWPd01fgvcfl6YyUY+WuuSrpYcDv +nrgKvFZws/EE4RNldtRC1Blwy497AtmWBQWs65zj5JkNdNnm4JJqXZAArNh2GSZo +83C/1ZSFrNo9GONsCJ0GVGEt7IK7FPqXYW7rXi30BRse33ziU7RPWGDT13bh9Rdz +RqsoZ5h5VjtHOnMUUD99gIWinBE= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha224.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha224.crt new file mode 100644 index 00000000000..c8a209d0c33 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjI0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ4F +AAOCAQEATdo7p7dok8gcxS0dYGluXMOsAEALyHAgvAJSZUt0x8RxemJfpquv4XG/ +rppQmtA5aPf59Fo0z5GcS0zzYFLTQIcLHKnuuG0W6yjhx3e+5J1hjLbv///vvKGN +jq55z+CANkragMk6XQ/t+iXkh/Fq00FS+zbf1JLaMXOLst5dfv3uPQaJHwzX/EaE +VdognXxWudNQgIvemindk9TTQon27zBS/z6nwcBCIXMDfesAjcHuBCfxl6pofK6E +28qs4up/JayptG2CX98LGsEyAgegwTMSYGLJoWcHhrUcbF0fNOcXPgQKGTcZO4Tg +yPYGbkG9FjgaASc2gTrYVPRZ6mY19g== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha256.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha256.crt new file mode 100644 index 00000000000..e56d428530c --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF +AAOCAQEAuo8kRDdQj3+rgqbz7bS3ZfBVCqgbQfruRZncP0s3IQJ6g7k6BNfCTO+N +tIgnCDhnhjK9DS4l1LTkQJKfcd6sfuwBxjHKWGZUqTqHWFm/O5MJwfMpxI305xXE +evDzh8LK1W3moX5OcT4bx3QsY9I4nqXQkOzjGidxhOXYA2v+X5OhRt3IJ2dzmQQu +BVXnDbzuchUfP5aeCwW6l7VX+RJOE2zlqO5yt0ejT02E44qtC5sBf24V9ko5LORw +1J7Zk34QwsKrSPSGxOuoWNwH3fJpgZQImKgJIQCsksJ+A45CK6iz0km8oTiI3Hoo +2LpE6UNx2M8jiZWVzH1L4tkg4fcCoQ== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha384.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha384.crt new file mode 100644 index 00000000000..f8ec10b66d9 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCjANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMzg0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQwF +AAOCAQEAeyHm+emo4/QHqEVKj/MYPOsPrrcr5MupNE7WmoUA7SilVUlceIy8ApWR +MUdwnh7UPkCa6K1yvayknEbHzD2Lv9BLEf5A1/a+F/LmFXiV0kXIFue13u+z7laV +N/s/jphPVgjPwZiC1ZtOoD7WvSkIInB53j4Q3VCH6EpZxZuDO/u8CGBQ0g+9Eqhn +W3+4GFnxUPYeN17u/opt16mEPx6WFbRl9hs5wUvND/FCDEJ/9uVNiVYlPYyHKzzq +e3WXCHLYUKGESQX+85IrnmlwbAb33bM+sAM6naFafXTZEimeEpX3iYrHzhoU7aR7 +piojwAE+Yb3Ac+Hu1fY4CRO4ZHL6Zg== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha512.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha512.crt new file mode 100644 index 00000000000..b2254fa729b --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBNTEyMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ0F +AAOCAQEABnuq7gMU6EWqcmEcj2/wiqOFUBeH9ro0tni9JZzaDAKkBMwoeJ3RP/59 +wY92UZC/SoWPm0yLK25KTwxJhd645a5ZeRk+yi1SG+oXNgZFS03F1Orat0bM5u94 +RtzLRInGzTxhlVS8HPRya2+nEaPT9YNO25vORczPDjtrI82UnysaWiKx1OCPhdP3 +ZySAkX/zE1U8Te0+948C0vmg2aTWCSk5zutryFgHH5UojmmWAkBHpX3tIm8JMRG9 +tvp6fbIDan0LmSsVK8rq5OPSwAKMso6GF4Iuxou/jP2gI+NutenX26wrffSjlPiW +KksLNj8oL6vIUap28Oh+Gwph02biSQ== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/cert_v1_with_ext.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/cert_v1_with_ext.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/cert_v1_with_ext.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/cert_v1_with_ext.crt diff --git a/third_party/mbedtls/repo/tests/data_files/cli-rsa-sha256-badalg.crt.der b/third_party/mbedtls/repo/tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/cli-rsa-sha256-badalg.crt.der rename to third_party/mbedtls/repo/tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha1.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha1.pem new file mode 100644 index 00000000000..8358640a0d3 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha1.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ +b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz +MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW +svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm +56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha224.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha224.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-ec-sha224.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha224.pem diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha256.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha256.pem new file mode 100644 index 00000000000..adfd5f8937c --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha256.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha384.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha384.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-ec-sha384.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha384.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl-ec-sha512.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha512.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-ec-sha512.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-ec-sha512.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl-idp.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-idp.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-idp.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-idp.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl-idpnc.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-idpnc.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-idpnc.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-idpnc.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl-malformed-trailing-spaces.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-malformed-trailing-spaces.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl-malformed-trailing-spaces.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl-malformed-trailing-spaces.pem diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha1.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha1.pem new file mode 100644 index 00000000000..59ca4f703e6 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha1.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha224.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha224.pem new file mode 100644 index 00000000000..a51d5d91138 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha224.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI +i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v +TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e +Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 +NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB +f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D +a6JSqCIMRCQY2JOUn0A= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha256.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha256.pem new file mode 100644 index 00000000000..f16a49118eb --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha256.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 +oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC +FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo +IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X +ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB +r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb +XLdJyyak33CLBKu+nJc= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha384.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha384.pem new file mode 100644 index 00000000000..50f7e4cd249 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha384.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco +SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR +a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 +EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs +y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k +q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u +KUH/xf1jEnNzbYNGiZw= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha512.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha512.pem new file mode 100644 index 00000000000..0f1d6510bcd --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl-rsa-pss-sha512.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F +ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq +1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 +t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU +p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 +sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 +enMfMvwScA5AImzu9xA= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl_expired.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_expired.pem new file mode 100644 index 00000000000..cf60ae4d788 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_expired.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx +OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir +jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct +wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ +SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS +IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k +OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl_md2.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_md2.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_md2.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_md2.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl_md4.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_md4.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_md4.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_md4.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl_md5.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_md5.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_md5.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_md5.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl_sha1.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha1.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_sha1.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha1.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl_sha224.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha224.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_sha224.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha224.pem diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha256.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha256.pem new file mode 100644 index 00000000000..c3ca25699f8 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha256.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQELBQADggEBAG4mBBgwfNynCYYL2CEnqore +mgKpC32tB6WiUBu9figcvdN3nSX/1wrB8rpiE8R04C8oSFglwhotJCnlWsy42tjb +0pk0Wuizln0PFMc/OypqRNNhwx31SHH42W4KzONiqvq3n/WkH3M1YniR1ZnMlyvi +lJioQn6ZAoc6O6mMP1J9duKYYhiMAOV992PD1/iqXw+jYN31RwdIS8/mGzIs4ake +EdviwhM3E4/sVbNOWCOnZFYV4m+yNAEe29HL1VKw6UXixBczct+brqXNVD3U6T0F +5ovR6BTefZO17eT52Duke5RZGDUyQOGywxOYKI5W+FcOYdp+U5Idk399tAz2Mdw= +-----END X509 CRL----- diff --git a/third_party/mbedtls/repo/tests/data_files/crl_sha384.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha384.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_sha384.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha384.pem diff --git a/third_party/mbedtls/repo/tests/data_files/crl_sha512.pem b/third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha512.pem similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/crl_sha512.pem rename to third_party/mbedtls/repo/tests/data_files/parse_input/crl_sha512.pem diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/keyUsage.decipherOnly.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/keyUsage.decipherOnly.crt new file mode 100644 index 00000000000..7c379787a42 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/keyUsage.decipherOnly.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICFzCCAYCgAwIBAgIJAJsTzkylb95SMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNV +BAYTAkdCMRIwEAYDVQQHDAlDYW1icmlkZ2UxHDAaBgNVBAoME0RlZmF1bHQgQ29t +cGFueSBMdGQwHhcNMTUwNTEyMTAzNjU1WhcNMTgwNTExMTAzNjU1WjA/MQswCQYD +VQQGEwJHQjESMBAGA1UEBwwJQ2FtYnJpZGdlMRwwGgYDVQQKDBNEZWZhdWx0IENv +bXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9nxYOSbha/Ap4 +6rACrOMH7zfDD+0ZEHhbO0bgGRjc5ElvOaNuD321y9TnyAx+JrqPp/lFrAgNiVo1 +HPurPHfcJ+tNBUgBHboWGNENNaf9ovwFPawsBzEZraGnDaqVPEFcIsUQPVqO1lrQ +CHLUjtqo1hMZDqe/Web0Mw9cZrqOaQIDAQABoxswGTAJBgNVHRMEAjAAMAwGA1Ud +DwQFAwMH4IAwDQYJKoZIhvcNAQEFBQADgYEAJ0NS2wUbgRelK0qKxrR2Ts6jVYEH +bmykx3GHjFyKpscDIn2vNyyB7ygfFglZPcw+2mn3xuVIwOV/mWxFvKHk+j2WrTQL +tDqSC5BhFoR01veFu07JdEYvz+I+NCL5z0IGWXkUrk235Wl4w4WMZDnXTqncMNEk +fLtpo9y79XD00QY= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/multiple_san.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/multiple_san.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/multiple_san.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/multiple_san.crt diff --git a/third_party/mbedtls/repo/tests/data_files/non-ascii-string-in-issuer.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/non-ascii-string-in-issuer.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/non-ascii-string-in-issuer.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/non-ascii-string-in-issuer.crt diff --git a/third_party/mbedtls/repo/tests/data_files/server1-ms.req.sha256 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1-ms.req.sha256 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server1-ms.req.sha256 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server1-ms.req.sha256 diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.cert_type.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.cert_type.crt new file mode 100644 index 00000000000..34fe4f6a406 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.cert_type.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDUjCCAjqgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC +BkAwDQYJKoZIhvcNAQEFBQADggEBAElJPaCG6aFHoymoCrzckPfjENxgXW2czh5t +TsMPshkzX5p2AU89GBGdy0gQwoPuMtcznsDe4adM6Na8f30YDffATsgDECMIWtV1 +XVYKQIwFmZzEt4B+5sUmyMOLtTuuZBThOLPwOw8e4RnILKOYPHnQNRf6Eap4lFDx +lp2pAaiXMDWH88gmWoU5XrGTppllYV0IorzJ4xV9Sg3ittNwNO40ehVQDAseFwZH +iyh9iHz4BqtWjElmQ3hL8N/Cbqp3iN15h2pUgIj8JIt9rCsIZrsG3K42iSlPzEn2 +DCzWQSj9cQNCRVJnwgJAWnC1Hx0YYFQMgQquVxnK15THTGQAeB8= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt new file mode 100644 index 00000000000..258da5e1733 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC +AQEAf2k5OiORp60gBNqioC2mIqSXA0CU/qzllt8IvlcMv1V0PAP9f4IEm5mdkERr +UXjnB1Tr3edrsvXLgZ9vEosbFpNMsKfsmBkpjgWG2ui8pdn8cJiws4k4h5fuueSw +Ps1FLK5Tfpi+GJyPqk4ha9Ojp2p9opuA0aIfLuxI+0UzXH4wgrEW/Yydowv959gf +gGSl766CRdUvJbXOeVryFjFTRfLFFNfTvrftZk1dl8tas1nim8xfWet+BZVvq2zY +C7LeCI9nrfuAxfMJTrWFp17y72+hCDk7NEaB2ZLVuAM/ri7LWrr2V2hLFdIAhfC2 +nUaulRRpGt/ZTISw6uSIumNoNA== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server1.crt.der b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt.der similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server1.crt.der rename to third_party/mbedtls/repo/tests/data_files/parse_input/server1.crt.der diff --git a/third_party/mbedtls/repo/tests/data_files/server1.ext_ku.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.ext_ku.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server1.ext_ku.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server1.ext_ku.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.key_usage.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.key_usage.crt new file mode 100644 index 00000000000..9d70b0018f6 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.key_usage.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw +DQYJKoZIhvcNAQEFBQADggEBAHM8eESmE8CQvuCw2/w1JSWKaU9cJIvrtpJXavRC +yMEv6SQL0hxrNZBhFPM8vAiq6zBdic2HwuiZ9N/iEXuCf92SOcK4b/2/Flos0JI5 +quu4eGkwoNrOvfZUcO7SB8JHUvmJtTP+avF3QeRfHo9bHRtnyOs9GXqq+CMZiNgO +Bw+/tAOml3tV1Uf+yjp6XroWLRNMbvY1Sor4UW6FFMpOii/vlJ4450OlpcJdRU70 +LpHfxjmPNvc9YOPWve75/+CNF9lMi29UoEUYslxMPylZ/L0vYxi+xuvQBTaLiZeP +CJ59Mc63LEmJNSAwnnV8s2KXL/Okm32lf6sy0fjsrvAdoCc= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.commas.sha256 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.commas.sha256 new file mode 100644 index 00000000000..0287a31109d --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.commas.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICiTCCAXECAQAwRDELMAkGA1UEBhMCTkwxGTAXBgNVBAoMEFBvbGFyU1NMLCBD +b21tYXMxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhFkNvuiBZS +0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185fAkER4Kw +Vzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFTxjB+FTms ++Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc/kFeF6ba +bFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7OvViJ4lNZ +nm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABoAAwDQYJKoZI +hvcNAQELBQADggEBAI7ZtRJYX6cMuwVhwXOizPV+WD17wby+273V4R8e9/6QA4nY +RrSciAse+nWZz9Y6toBzLWr0K/9SCzwBX4OzMvLqu4A1G/wApODCDnbGaUPNUxRt +6qbg8y7faBWvDGjk4+OpQ0suR/pdbM/L7pImqWRNwYdSPbJumNqIdB/Ewtso0TlA +QVZ992RPe1LovXpDCfPP2p123L7/UHezNCtu5QmzLsDfQmN/rLhCJ2NZzTsnIdnP +jp6XYU4kRV2BPDL65k38k8CSVWb6fw9XwPNUiyO3q1Zs6jpGJRYMLj9qTEoRN1np +RME09CN2siMcgkv8UqDeDJ4Oa9qyXS6VXsDmSNI= +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md4 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md4 new file mode 100644 index 00000000000..15585499c82 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md4 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA +A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY +tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz +hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K +HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm +DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp +qGZf2UmuJdLeIMzSNX2rZ+SVDX9o +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md5 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md5 new file mode 100644 index 00000000000..57714ede375 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.md5 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBAUA +A4IBAQCEiv3QM4xyKhYTsoOjyzQdXMhsXK3Kpw+Rh874Hf6pXHxUaYy7xLUZUx6K +x5Bvem1HMHAdmOqYTzsE9ZblAMZNRwv/CKGS3pvMkx/VZwXQhFGlHLFG//fPrgl3 +j4dt20QsWP8LnL4LweYSYI1wt1rjgYRHeF6bG/VIck6BIYQhKOGlzIwWUmfAGym6 +q4SYrd+ObZullSarGGSfNKjIUEpYtfQBz31f5tRsyzSps7oG4uc7Xba4qnl2o9FN +lWOMEER79QGwr7+T41FTHFztFddfJ06CCjoRCfEn0Tcsg11tSMS0851oLkMm8RyY +aozIzO82R3Em7aPhZBiBDy3wZC2l +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha1 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha1 new file mode 100644 index 00000000000..578ec7f79a8 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha1 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBQUA +A4IBAQCiYQMOv2ALPUeg8wHKn9L5SdDbNxOzuMwhYsCYTw2TJMQO7NLUq6icEzxY +pUIIFt60JUQjZHxQSY3y9cSivwKXQA7pPfaPaFC/aMA2GxG23t2eaIWNQX8MfcWf +XAa8bl/vmC1MTov+mP2DGoXRiKYORrEInyDS2RaTathvHckcAv25nCIx7wYO9tC9 +LUwyoE9bhiQ7fo3KFlz4dK1HukyCM/FoPbJuL7NgdzmKVPyYCLh5Ah+TTD6+sltz +dFc4fj28w1v3jsBXz+tLrgFQidzuUI2poxt5UwU9TKY0dAJaTCtfIRcXW3h6DGG7 +EDR6rim6sbIQkGzYvGqs4TNoJOR+ +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha224 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha224 new file mode 100644 index 00000000000..a4f2af4c1de --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha224 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDgUA +A4IBAQArYR2mLKU5lsHyAyGHr4PlmC/cfePmCRyC/mj1riGTjDlNC2X3J1VZDqKb +U/uUxLudP7sbuttRksIAREATT74Pa40bMWiPUlBfA/M2mFTmKb/91uXeIISW8DL3 +xM/5BCDrhnZ/cjP23gKDgJRk+IGBNhYZDGz50TIBbDJ2e4GDkFjzANngUW64UcCQ +7hZOYtnYLBnoRvPwtal5jZqHwsgaPPePXu+SQ8mfuAJwJ78MOCAaKw0IP1h1OnPG +iubdl34lSIaYWwbHTdjaqUSQG3SSs4oxEvluYymrpZ6XGKXtphJXEPdTRiLu9d9l +A5NYVgvqHFQPmuXS92zrGzB788pV +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha256 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha256 new file mode 100644 index 00000000000..6d21dc5d949 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4IBAQCVlSU7qeKri7E3u8JCZbCyjsGJTH9iHYyeDZ/nDLig7iKGYvyNmyzJ76Qu ++EntSmL2OtL95Yqooc6h1AQHzoCs+SO2wPoTUs3Ypi9r7vNNVO3ZnnxVtGgqCRVA +W+z9W4p2mHXQhgW1HkuLa5JD1SvJViyZbx9z3ie1BQ9NVKfv++ArPIv70zBtA7O3 +PZNG1JYN30Esz7RsCDRHbz6Npvu9ggUQL/U3mvQQ+Yo+xhwu1yFV+dRH7PebBeQv +vjcD2fXDabeofK3zztIpUIyUULX0GGClM9jslgJ/ZHUlArWKpLZph0AgF1Dzts// +M6c/sRw7gtjXmV0zq2tf2fL4+e2b +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha384 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha384 new file mode 100644 index 00000000000..b857af7f157 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha384 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDAUA +A4IBAQBy35zHYLiYaScq1niQkzQ/BScUbdiWd2V90isBsB5Q3NjVoJl/yCaMrla3 +2XfrutpFpdqwenl5jM0o6+enKCmfur+z2/ije69Dju2aBd6A62cx1AEvFiMq7lyF +4DYJ32+2ty6KA8EhzE3NFs7zKXxmD5ybp+oXNEvXoeU3W8a+Ld5c1K/n+Ipa0TUy +cFBs6dCsbYO9wI6npwWqC5Hc9r/0zziMFO+4N5VORdYUFqObq4vCYOMXETpl8ryu +lGZorNUoJ7vV55T31CDqEtb0EE+nO+nT4agfDobncYjvc3WpQuLtUB4UwR5gpZl6 +ZI+j4uwikOgGO9gcx4IjaRP3q63F +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha512 b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha512 new file mode 100644 index 00000000000..85d52460db0 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server1.req.sha512 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDQUA +A4IBAQBb8jNpt0nkNVWstVoOCepQSF5R1R9hF0yEr7mk3HB9oO/nK07R1Oamgjw+ +CHQReTSjIKUX53o7ZwNZB5E+jBDsGz/2Yyj/vxNHJFk2exELtW30he8K2omVHE1F +XESbftCssWLNpTSDq6ME12+llkEDtgCtkv69oRUkuuF5ESUSZRGIZN4Vledm8SM1 +uGFtaG/PXbBbtUaNwNISDeIWDKRtbuca5web+QEi1djiUH21ZWIGEpOy7mtkYmRs +Qt1D32FoaqFNhafiaxNIXO11yd4lgpaDDlmrOSBsELcTIF9916o3DwMeVXy0GONW +BrwaO8q8rg+C+xvMY7858Kk8kwjb +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/server1_pathlen_int_max-1.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1_pathlen_int_max-1.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server1_pathlen_int_max-1.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server1_pathlen_int_max-1.crt diff --git a/third_party/mbedtls/repo/tests/data_files/server1_pathlen_int_max.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server1_pathlen_int_max.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server1_pathlen_int_max.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server1_pathlen_int_max.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt new file mode 100644 index 00000000000..074519676ba --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4 +cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A +O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc +KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE +iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp +HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap +Awgk0+4m0T25cNs= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2.crt.der b/third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt.der similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server2.crt.der rename to third_party/mbedtls/repo/tests/data_files/parse_input/server2.crt.der diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server3.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server3.crt new file mode 100644 index 00000000000..ed0d696b4a8 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server3.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG +CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 +fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ +OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ +pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ +b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W +4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm +DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx +CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS +qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb +kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu +CAQ1sXmQ +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server4.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server4.crt new file mode 100644 index 00000000000..96b1aa77298 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server4.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL +vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA +Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl +NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 +bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 +d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME +ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA +wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ +O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z +3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5-fan.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-fan.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5-fan.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5-fan.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-non-compliant.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-non-compliant.crt new file mode 100644 index 00000000000..abea17ddc79 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-non-compliant.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBwjCCAUagAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCQxIjAgBgNVBAMMGVRlc3Qg +RUMgUkZDIG5vbi1jb21wbGlhbnQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 +zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI +wmt3DVXNiioO+gHItO3/o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRQYaWP1AfZ +14IBDOVlf4xjRqcTvjAfBgNVHSMEGDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAM +BggqhkjOPQQDAgUAA2gAMGUCMAJ3J/DooFSaBG2OhzyWai32q6INDZfoS2bToSKf +gy6hbJiIX/G9eFts5+BJQ3QpjgIxALRmIgdR91BDdqpeF5JCmhgjbfbgMQ7mrMeS +ZGfNyFyjS75QnIA6nKryQmgPXo+sCQ== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-nonprintable_othername.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-nonprintable_othername.crt new file mode 100644 index 00000000000..9470bbe9ccc --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-nonprintable_othername.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBwTCCAWagAwIBAgIBTTAKBggqhkjOPQQDAjBPMQswCQYDVQQGEwJVSzERMA8G +A1UECgwITWJlZCBUTFMxLTArBgNVBAMMJE1iZWQgVExTIG5vbi1wcmludGFibGUg +b3RoZXJuYW1lIFNBTjAeFw0yMjA5MDYxNTU2NDdaFw0zMjA5MDMxNTU2NDdaME8x +CzAJBgNVBAYTAlVLMREwDwYDVQQKDAhNYmVkIFRMUzEtMCsGA1UEAwwkTWJlZCBU +TFMgbm9uLXByaW50YWJsZSBvdGhlcm5hbWUgU0FOMFkwEwYHKoZIzj0CAQYIKoZI +zj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/ +6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6MzMDEwLwYDVR0RBCgwJqAkBggrBgEF +BQcIBKAYMBYGBysGAQQBEQMECzEyM4CBAIGAMzIxMAoGCCqGSM49BAMCA0kAMEYC +IQDATir07PTj5gtf+HAyI+nd27AH9+bdaWdOI2t2bAwUWgIhAO7kvdcsa++yfJdT +3vnWdvcHRIAdXA0kh+mcBMaXk9B0 +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5-othername.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-othername.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5-othername.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5-othername.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha1.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha1.crt new file mode 100644 index 00000000000..73e2d1745ac --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha1.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAaSgAwIBAgIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x +MzA5MjQxNjIxMjdaFw0yMzA5MjIxNjIxMjdaMDQxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI +KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY +IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G +A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/ +K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFy +U1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH +KoZIzj0EAQNoADBlAjEAyjvzRWtxbXvkoYTYSQY9gFBpP7/wTZ2q6FbRiAuZULFt +lc0PMPDfVZChgA6iDH+BAjBdkOb73f2pOwZpMRqrOgqSynbt2uWY87mC5lRlNEoR +WXEv1AzIeBCv+81DN1Iuu4w= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha224.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha224.crt new file mode 100644 index 00000000000..47b11688c64 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha224.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICIDCCAaWgAwIBAgIBEzAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMBA2kAMGYCMQCj0EyFUzDRmfokWzLVEWN0epR4/sZytfIeozp6BqWH +qaTBdAR2vthIKC7dKuUkg34CMQD6YtB2O9Vso79gbzSen2qh7gK7VvGE+31EVPbR +Ce/oNG/3OfhRSdn3FOvBBg2UErM= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha384.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha384.crt new file mode 100644 index 00000000000..5d6a79b2fe0 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha384.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFDAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMDA2gAMGUCMQCnsd/6VB2kLIqMRsWdkJvRaQROyAg78CQExFEY3CMv +9t0kWRXPc4nCMH69RjQVvC4CMB4lk9A7hnX2zQy3bbUhOCOvXcsQdEe8AMgJBviz +5Nob2wThRqsm1wjCF60fyzXWuA== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha512.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha512.crt new file mode 100644 index 00000000000..16112ac54f4 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-sha512.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMEA2gAMGUCMFPL2OI8arcbRlKAbRb/YfGibo4Mwts8KX3fOuRCbXEn +pDWeb82kBqfXwzPJwamFOwIxAPGzyhWrxn0qEynWV5nzFK02PYBnYFgClISyyudH +HJGHtbEVRc5JA8ALnggaLVpuvg== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5-unsupported_othername.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5-unsupported_othername.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5-unsupported_othername.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5-unsupported_othername.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server5.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.crt new file mode 100644 index 00000000000..4597428280a --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S +C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V +fGa5kHvHARBPc8YAIVIqDvHH1Q== +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.sha1 b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha1 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5.req.sha1 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha1 diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.sha224 b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha224 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5.req.sha224 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha224 diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.sha256 b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha256 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5.req.sha256 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha256 diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.sha384 b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha384 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5.req.sha384 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha384 diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.sha512 b/third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha512 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server5.req.sha512 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server5.req.sha512 diff --git a/third_party/mbedtls/repo/tests/data_files/server7_all_space.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server7_all_space.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server7_all_space.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server7_all_space.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server7_int-ca.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server7_int-ca.crt new file mode 100644 index 00000000000..d3ddc46a8b6 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server7_int-ca.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7_pem_space.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server7_pem_space.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server7_pem_space.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server7_pem_space.crt diff --git a/third_party/mbedtls/repo/tests/data_files/server7_trailing_space.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server7_trailing_space.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server7_trailing_space.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/server7_trailing_space.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha224.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha224.crt new file mode 100644 index 00000000000..1b05f313a47 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo +PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm +g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm +uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR +B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe +l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha256.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha256.crt new file mode 100644 index 00000000000..7d0aa39567a --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg +3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 +yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H +V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE +0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu +zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha384.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha384.crt new file mode 100644 index 00000000000..aaa63e6ed29 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp +B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI +aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX +TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug +qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg +s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha512.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha512.crt new file mode 100644 index 00000000000..a211b921dc7 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server9-sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR +6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu +6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk +tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU +6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ +5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/server9.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.crt new file mode 100644 index 00000000000..a6f9fbc76c4 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9.req.sha1 b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha1 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server9.req.sha1 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha1 diff --git a/third_party/mbedtls/repo/tests/data_files/server9.req.sha224 b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha224 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server9.req.sha224 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha224 diff --git a/third_party/mbedtls/repo/tests/data_files/server9.req.sha256 b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha256 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server9.req.sha256 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha256 diff --git a/third_party/mbedtls/repo/tests/data_files/server9.req.sha384 b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha384 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server9.req.sha384 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha384 diff --git a/third_party/mbedtls/repo/tests/data_files/server9.req.sha512 b/third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha512 similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/server9.req.sha512 rename to third_party/mbedtls/repo/tests/data_files/parse_input/server9.req.sha512 diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-any_policy.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-any_policy.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_ec.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_ec.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_ec.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_ec.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_with_qualifier.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_with_qualifier.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_with_qualifier_ec.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-any_policy_with_qualifier_ec.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-multi_policy.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-multi_policy.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-multi_policy.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-multi_policy.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-multi_policy_ec.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-multi_policy_ec.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-multi_policy_ec.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-multi_policy_ec.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-unsupported_policy.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-unsupported_policy.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-unsupported_policy.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-unsupported_policy.crt diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-unsupported_policy_ec.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca-unsupported_policy_ec.crt rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt diff --git a/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt new file mode 100644 index 00000000000..31790b5bb47 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL +hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm +8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD +zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ +0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ +mtxyUALj2pQxRitopORFQdn7AOY5 +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.crt.der b/third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt.der similarity index 100% rename from third_party/mbedtls/repo/tests/data_files/test-ca.crt.der rename to third_party/mbedtls/repo/tests/data_files/parse_input/test-ca.crt.der diff --git a/third_party/mbedtls/repo/tests/data_files/print_c.pl b/third_party/mbedtls/repo/tests/data_files/print_c.pl index ce8ed6f8e67..5f4b3d0c6a9 100755 --- a/third_party/mbedtls/repo/tests/data_files/print_c.pl +++ b/third_party/mbedtls/repo/tests/data_files/print_c.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; diff --git a/third_party/mbedtls/repo/tests/data_files/rsa4096_prv.der b/third_party/mbedtls/repo/tests/data_files/rsa4096_prv.der new file mode 100644 index 0000000000000000000000000000000000000000..86ea81849a6a1fa6caa2062a1570c137a4b4768e GIT binary patch literal 2349 zcmV+|3DWj3f(a=C0RRGm0s#QzU8bl@9iG#`5-9o|@R*#ai!f>C==UG7p;&lU4%ADZ zIx~4>ll{@k_X@D5H_}c4+CgnPa|1+NA;2A29Pc#HEg;L%el50GmKBdM^alGjtR@HV zrX1?`@$WBlU6&f39}@p-dk3yDn-i8VghcuO2U$3y0cmnjP~`YKiCUBj+Kn58P7?BE z{<%qaY4cX(D37rjGSuB~;jaHDX8Uk&yQDRgayjpq(2etp{(&o;UGkv(xPYCQ81ERN z+2h29NeHTbq*F%~1qk(Vp5a_%T4(boshzU;sN%Rc&lZGA%W?>jt|)VBJ=)l2u9&^_3BzK>u@^@nBNd~+l3Jvu=20Cx za#DFOg-H)kdxxKnS3eeeYh}^Ow3`qQf>u?9d1bj=fYRNyqiPnq0%zsKMRKm zwzQ621Ed_Tj~CZ&(OFiNu-^+KH(%8;*M4?Ln^(gG)gOg+sVVuzSHUj;u~*n^yfb+j zLwhA?XP_Xr>O`jk0|5X50)henVDmj-uUjbPzT!5~P|Bwd!y+tjnO=w^#df(Tg=vsU zc9ieyc7D0QN=dC5C^WOI_-%Fx zX|T5pR!)RC;B_bZ6jH{#pReUYB*|eH#g+Xbuj!jGNF98MjM;hkz+V_T_Nk}Aqy2Nc z6;)bUZyh03D}yS+xa|2!ZFN1pKPXq5%;Yk)B=k#s^^cxgQeI1#JWEM-AUL(eULy>_ zh@k0v3UPB&(04vCq+f=HbOdQ$q(BD&Q}w!E)>WPk!69sjIR2#8DZn}p5*KJVU_aM~ z=+M?nrHXID^+}!PGb>|gEK0FnsqUXcjFfeE1Eym^@9p4NhBa7HJ@RdvI(6}7A`gt^ z8(OYYtQHnY_H|(q0)hbn0RCMC9*a7Ymo@Kho0lH*l^MO5>wc|WXKX`~Wl8e;>K7X& z>rso>F7$z1(yL+=uW16ED)Ug%Y%)TY zMouzs=zlRfyk4WmHny@w+;OoXAUnM8slDI5E=529nfRsw*^z}wJ|{Zm9ehr-RIzU% zw1_FNv?Q6DAY3u~#V7tpdXQnowF3l)IzBH1ItbiB*~wzQv?!cgqVlxDzh<8d8Y{G` z6X}=c^LA+L2BdFi>sXsnJz5a7eQHyg@O~1O676RA57TBSI3$(?qMqZ2+d5C`QdUOP zK91}0|2V|>Ow5>pt1!z%E--ZCI2G%V36)96d3OpldW>;&SZCi^#q}<01)G08&`(Er zrq8uHGJs+0|0tAkWbXok0RaHTvy&MNYB=!RaQ^LE<|w%c%D$qzQ4l&Lf!MWmX0W6fc+KiicJAsj!o5`eb#+XK0sxa@$< z662yQ;g74lFbDONhMp#m zrR)NfHwT>~8{PZzqh4quCow?QM6vryr@Dl3Si+^^px!KW#-F!^>@RvB^>KdVe{xz< zBa+aA<=)oxt#WdN2_f3`Ua0fnEZRKJX7qHHEsfQ^$VHm)DCvbaefuqll{=%~Rf$0$ zLqbnFE^T1|qM_Ysb+J(bf&l>lxWL%BvnOrmkbdJe1Z5RH!$+j4)EpqKUq*}~FO(M< zhv8WMzZj}wq-H$IF9^jhv%Bc)6QVa!4ju993K9Q7_oDR#$d}Wjw9Wzx7|kRyjaMYy?=!R=LLdS3n zp1(TMl;mM=cNWT3r8r(G)^<=QPP=CT#ickF&%)En2xd zA&%iW63d5?ASNGVwSPIy0)hbm86dQ&+g7tna4Se)Xt?fZ`;p^U zVw``QWX?VS)%Vq8t9xqZLN!D{8;II8ha5@9LC<}}v@3za^iZdl{0!ejKz=ffqeyJ| z1+1*#&yX0?$@S3iX8C>GV~-Epx)J<<->+;Hv>*gh=i@Dqq`64l2vGIFl!A}4&B8WR zM&Og7%k62d#}cXITh&3~pc{7A`Q2n}ZHz5sQ5II8EMd=e?2e95kx+3y0@?jAf&wBi4F(A+hDe6@4FLfG1potr0uKN%f&vNxf&u{m z9q^c(sEaUZ=IHkyv7uOaRu0rlpE@&nWRv~T%J&Mer#I400op-rI&%X=Tp_?6SRC&( z&@CX#(ta(rSe6x!F!TodHmoKG@1`8;_wny9b6uAjo*xqbYkLQ-F`E;XFN8$-{|8w( zqXB7hP*CLfJBeD93fheugiaFjW&XKIcWLuh0CuaL_Z@Z*5lyW)m zn9z;$i~fNtoL%yu{J4Ofm>BOEq1ofahDivjexy@J6$J?Oah~B^WLjtQC#jvX_^9Hz zS}oefjg$NIzBtzV6S42AiC5oCwBPlr@R*$KQK-xI5YHBbO3QKxk*+9nYdzZ7X0DjM z^a;aa#<3SiAtM!|zmi&{rsh!{J91KaFNH}DPG(9#AFlY>syXu8$YjZqZp*m9XCnBR5~wG1q=}NSjx~ o1l1pfcBv`(#aF>E0I^rtY`imh8AE#|XlI}xx9UWv0s{d60lxzR)Bpeg literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/server1-nospace.crt b/third_party/mbedtls/repo/tests/data_files/server1-nospace.crt index 932c236a5df..4c3cb90191f 100644 --- a/third_party/mbedtls/repo/tests/data_files/server1-nospace.crt +++ b/third_party/mbedtls/repo/tests/data_files/server1-nospace.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDhDCCAmygAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwMzI2MDkyMzEyWhcNMjQwMzIzMDkyMzEyWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G +MIIDPjCCAiagAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4 6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3 Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj -gZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw -YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBD -QYIBADANBgkqhkiG9w0BAQsFAAOCAQEAXs4vQqlIlxrMbE6IwAHLcGJuz17Ru/en -H9bUnnSh1pxa+NHMKZHBG3GT0iaxsVtXf56/tXH4+HL7ntJjrczGN1PbhMGPyt94 -556ZgDxkHT9k7KjPAIs9BrjFHvl9NyIZzcbwkiC0qGvdzjSfe3AiSYuhXI/9/Hog -uUwReH+T2U/ICEHQ5O8aV5nvpgqL3EeEmyx3bu+YXtZMWQUYzX+ya4TnKVPdqwbf -ebr6v1hLXrUFl6rZ3wEJ6MqUW3SGZRkCVNZUOD6Ky3+EiLwYFhuKGdFqSS0JAAD7 -ZO3yPu5hu3BhAQYavK4Yyfi9IQmubBqxopPwyzjG1HPw2lj+oapH0w== +TTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKmMB8G +A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IB +AQC8fX3ZiHu6GoYBB5Vo1l6CXXDhHB6r43Pp+BHoOCouiiy4useiPLu5S84gmNoC +v8ZR+b9lAaysCMHAbth9vgtW+aXckBY6xKo8CsmGXcqZqujD6qrDif5q6UpXa4Oe +fr6ITkecY4Z9oN/aN5el5zzUd5zkoyQDI5Bn1gMdvV7AwM7Haq+5gTFwM7HJnphz +GZ8GLxWU1dWeAfsGm58ey6J28OjIkmfP3yL/kBKMhiQZydbH9Y8Yal7YwhayXxES +i7YwhNmPcGAgDBm5Sno7BvHiIqsNX1sssC3aZUaZvldJGY+4Y9fFZHenBwTREj/S +CnEgazC2RJ3kYg3mP/QhE0US -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server1-v1.crt b/third_party/mbedtls/repo/tests/data_files/server1-v1.crt index 47f1fff1cdc..8ca90078b85 100644 --- a/third_party/mbedtls/repo/tests/data_files/server1-v1.crt +++ b/third_party/mbedtls/repo/tests/data_files/server1-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 -MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV -BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J -v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB -Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl -XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk -65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP -cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA -ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw -WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ -WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 -G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz -IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP -krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== +MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw +MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH +dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF +kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185 +fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT +xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc +/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O +vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G +CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb +TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN +lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT +Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW +aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ +egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server1.commas.crt b/third_party/mbedtls/repo/tests/data_files/server1.commas.crt new file mode 100644 index 00000000000..5acd2555d4d --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/server1.commas.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRzCCAi+gAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjBEMQswCQYDVQQGEwJOTDEZMBcG +A1UECgwQUG9sYXJTU0wsIENvbW1hczEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVy +IDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/Tbu +gmUuFWFeib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5 +RYDQg2rVQUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdz +Ew9A+G2BJV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/ +CRm+rWUsZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDK +iQsE2y6mT3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tS +glSxAgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9 +qL1DWQKmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3 +DQEBBQUAA4IBAQA1Ecg+VVJRmgFF9cnlztnXj4y9QKj8MCf2uZA3nTNe1Deh9l17 +ZNNWdPkXzVzf0IeR3LQRKT+daTzxuOOCSV9OxOcN0dIODBwa97BtNQfuWw2eWC9I +3UOVXbx8Ga+bXnD8ouatpyEG0FfhLO5YgEP0K9TyyN/nFa9kkB2Kvpy8yWm3w9WG +WgsOr2fpIExfC2ZFaiu3NVGTpT9fLv8RTatSC1XLA5Sr8NNHia3zCvEJEAlTuFHs +wm8apIAHlb44bbgW+7UwBIH9r2A21gQFy3v4cTLtlbnaUBbHUJvarK4ru70J+gew +OO3NZ1ocvnV+qGIcc7LgyNA8pZW5Jbewb/gN +-----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server1.key.der b/third_party/mbedtls/repo/tests/data_files/server1.key.der new file mode 100644 index 0000000000000000000000000000000000000000..88288d1697fbcf89551a638b72954ef481475801 GIT binary patch literal 1190 zcmV;X1X=qqf&`)h0RRGm0RaH10v|mlG)TG2Gt2AiFF6vrW%hw2^qevWh`Xtm7CoDL0%W8+H6~C%mTU;EEXi3O5DxR z_fltb@hzYu{eJW@$}Mopi3q zDch@X65LwKYZt3hf>f~r0|5X50)hbm7K!!fkwUH*rvI=}Hx;C?w4pnmTQ@19y<*om z#^GG*d-J5&TCy2B1}MozE3xpwuZt5WiQgQR=O=i-Q!w?g*%i`4)!>1Sg#aGa`jgSl z6GdI?3Kc_zV(8<@)(*ks$?N~0D>k{!=`$?HpA8qMu6fK8Q_Xcin%T6r*X})nuWvF3 zWo+`Sn3Q}K!-gM0?^Bp2lz`39lo7dLCpzQvWZDU@gr6j;hcs+hVUDRCoovz5 zlPrMS{2vNIW~l>d5t*E#cVP#g4B#!WEF6%Z`Lrj6c-OldRI;}SFUja+wzHJuF~HFp znrJ0eWwzZ%e?b|=fS5T_2LN#q0)c@5*V~wS*lp&iuymib+JL&vK3u@)uLN^tm6WEt{i@HEj~U3-2D1ejGc?6+3A`BbCc$w`{cJH!W*HcTXUZBN;*rq|5vpC8*0^ z0oFJlZoE+KKJb7LGJjj5tih~uAhY^!bD1$svWJ@uu(f1*y@#u?5|x2kTL@&4vcT9J zVQ$ub_^8eYC-g>f9djep6nj`Gr6EJaJ4*tAfK&%ozPf|L3Jcm1*51bkrx!&3Cl~C4FCWD literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/server1.pubkey.der b/third_party/mbedtls/repo/tests/data_files/server1.pubkey.der new file mode 100644 index 0000000000000000000000000000000000000000..1a432a45eb80115053fa38932333f03b63c3a8b1 GIT binary patch literal 294 zcmV+>0ondAf&n5h4F(A+hDe6@4FLfG1potr0S^E$f&mHwf&l>lsRAE8Kx)-hQ;YpJ z?t*156=7b9zqsf{klXHv7E;skLr_PS5?N%2YyB(WM)`BT-OrNYkz4I%pl^vOc}0NG zgKE`5Lw8>}dy?|_ z{y|m0s{d60o!+fT>t<8 literal 0 HcmV?d00001 diff --git a/third_party/mbedtls/repo/tests/data_files/server1.req.sha256.ext b/third_party/mbedtls/repo/tests/data_files/server1.req.sha256.ext new file mode 100644 index 00000000000..3f26f09ef0a --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/server1.req.sha256.ext @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX +MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu +Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk +oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH +hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP +XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ +qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa +xLPnLCL82KFL1Co= +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10-badsign.crt b/third_party/mbedtls/repo/tests/data_files/server10-badsign.crt index eca171f3511..d4ac4b1708d 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10-badsign.crt +++ b/third_party/mbedtls/repo/tests/data_files/server10-badsign.crt @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS0= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10-bs_int3.pem b/third_party/mbedtls/repo/tests/data_files/server10-bs_int3.pem index b84cee7c324..d824c43f356 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10-bs_int3.pem +++ b/third_party/mbedtls/repo/tests/data_files/server10-bs_int3.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS0= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10.crt b/third_party/mbedtls/repo/tests/data_files/server10.crt index 96a4040ceff..52b5ea0cec9 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10.crt +++ b/third_party/mbedtls/repo/tests/data_files/server10.crt @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10_int3-bs.pem b/third_party/mbedtls/repo/tests/data_files/server10_int3-bs.pem index a9e06150bda..9a82b1730dc 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10_int3-bs.pem +++ b/third_party/mbedtls/repo/tests/data_files/server10_int3-bs.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWf0= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg10== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2.crt b/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2.crt index 0df2c653bb5..b5852927c2b 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2.crt +++ b/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2.crt @@ -1,40 +1,40 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2_ca.crt b/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2_ca.crt index c25482b8b54..3601a200232 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2_ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/server10_int3_int-ca2_ca.crt @@ -1,120 +1,60 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 -----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny 50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server10_int3_spurious_int-ca2.crt b/third_party/mbedtls/repo/tests/data_files/server10_int3_spurious_int-ca2.crt index c9d6715f442..87cc476b188 100644 --- a/third_party/mbedtls/repo/tests/data_files/server10_int3_spurious_int-ca2.crt +++ b/third_party/mbedtls/repo/tests/data_files/server10_int3_spurious_int-ca2.crt @@ -1,30 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -38,27 +38,27 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2-v1-chain.crt b/third_party/mbedtls/repo/tests/data_files/server2-v1-chain.crt index 84bb6b2b936..8ac003b301a 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2-v1-chain.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2-v1-chain.crt @@ -1,38 +1,38 @@ -----BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0 +NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G +A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r +lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2 +2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ +Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i +GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb +y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3 +CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa +zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ +8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z +UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6 +VA+fctBdN0CW4jo+qkOif0l/F8Az -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 -MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV -BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J -v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB -Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl -XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk -65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP -cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA -ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw -WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ -WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 -G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz -IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP -krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== +MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw +MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH +dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF +kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185 +fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT +xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc +/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O +vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G +CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb +TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN +lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT +Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW +aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ +egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2-v1.crt b/third_party/mbedtls/repo/tests/data_files/server2-v1.crt index 7ef7968f599..990cd4b5237 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2-v1.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0 +NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G +A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r +lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2 +2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ +Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i +GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb +y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3 +CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa +zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ +8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z +UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6 +VA+fctBdN0CW4jo+qkOif0l/F8Az -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2.ku-ds.crt b/third_party/mbedtls/repo/tests/data_files/server2.ku-ds.crt index 3bd07d0fbee..d1e1251d983 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2.ku-ds.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2.ku-ds.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn -Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV -0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5 -ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y -QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT -ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3 +DQEBBQUAA4IBAQCcDy5VWW133eL1TesUkejziAz9QNBHvWkKNs0jF6+fRgWgFP5Y +EE87rQX0Z1XiyTDB4LdKfivRi3TMD7EX8o6q9C3H/ilu5anrgha8WziMrtv/s9IF +QjpyHdnXGoXmA9uDqQLtucR5yep3ux4mlwS8GG3IUkpkdysNOrVvSARm0ZagQ9tn +YZyEjGd8wP3jKYNJAB2OdnvX9OqBmEyvSmMucSidkMkdLrUcjmOtz+AkqoRGewwc +eClstlp8NEuP37q2KLYtbQMpio1Kzsr3PCey1UImKNjauypS2Dpzl1RnmBw+c5En +SdLMa+ns3odRhF0IvENDhz/mKZJvwtoz/NBz -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2.ku-ds_ke.crt b/third_party/mbedtls/repo/tests/data_files/server2.ku-ds_ke.crt index ebee7e1c31e..eb23245d813 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2.ku-ds_ke.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2.ku-ds_ke.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe -ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w -bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5 -ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS -uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw -sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3 +DQEBBQUAA4IBAQB6u7D3tAsB75aZEcUfv2XyeLX4P99mzx2yOBSsPaIDTRyv0XoT +vbgUA7viX/F7I8b2kc6ihRXSu/98c7Vr/uSm0LfV3VMgoAXBCWNg/5c/N3c0YnZ2 +imuv0yeXw5cJI3iYQJmllawdrGgOslfPuO7kqrFt3uGaylITpVLQ7w7iDpPbAFM8 +kPpO6CMyCFi6miQYoZchTTP9X3dpbpNdB2FlSVT55J6TIvH5x4t7XCFJuvYYJxrf +8I3UFR3OnBR625zUHXJ6uV8yHG5ze+4K2n9CHcyX7zuZ+bB0e8wIS6Xf99M+1ApF +ESvXwHI0Fu8s/PJ+leD28CRJQMuAOJIYBMnS -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2.ku-ka.crt b/third_party/mbedtls/repo/tests/data_files/server2.ku-ka.crt index 90f7c4a9938..ce97e8272d3 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2.ku-ka.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2.ku-ka.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI -OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ -q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn -n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW -cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e -qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgMIMA0GCSqGSIb3 +DQEBBQUAA4IBAQAxJDMtlqpFHKw5ymqzgfnm0aY51PZOXpsPfoed7Vz2PzSB2eJ0 +JQc+QuLhippy8hnPmPZg/HQ/gedbxFKPiIiYEh86GvnBFozQ+c8sE0h6tJgVOJJi +ADUNeVJoq03WIroTMqAB0uW0rHB+OFm7uRwIDFr2gWVrKZKg/KsDrxtng2wPOgbU +xvPRtNyaOZjV0GjuBhWxpPTxXw27e5Mq3MS5B9piZgPXmam5lZdOe0LNrbQShfmP +4mk4drjdQaUrL3JLpLt8S4oihZU+dOHkYdZVHSAuuGikZK7qPfEdP/yrZTCgtY54 +vXxv47xT9L+pWtiTosBmsy/ewvWprVJIxLh3 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server2.ku-ke.crt b/third_party/mbedtls/repo/tests/data_files/server2.ku-ke.crt index 8daa0c13d13..21e6cf0400b 100644 --- a/third_party/mbedtls/repo/tests/data_files/server2.ku-ke.crt +++ b/third_party/mbedtls/repo/tests/data_files/server2.ku-ke.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO -ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m -kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q -hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ -+73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz -zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgUgMA0GCSqGSIb3 +DQEBBQUAA4IBAQCeNpH2eSUXpq0CPlE6P1/bJW2f0vKFWMnZ6B3eFCdMCcKJ6LYV +BA1Dn5G5HEW4mBMJfyMwD5sklyEzQDCgIDjws+BRUflMr71AerfesHIGdW4jAw10 +aWwFMeszzZ54ZahX2GHPcwWfTccSf9tpSaRMlNBEIz8lfb2iEZ2HR9eAmAqYgtR1 +RbYcsNfC0oBYOCTRmvXi+wpGcUWn+VbIv6rHrQYnWXiPAuPJUqIpM0x9q0kT6NCi +LfdhaVV2DPnvBYGRcXX78JK5/MQt/sv4JSefRpvxpVQCmbo0amz7hUMHGCflAbro +FpyBlfcpj0lSRoaU9x0mCYzqwDYd+4NJZUGT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server3.crt b/third_party/mbedtls/repo/tests/data_files/server3.crt index ed0d696b4a8..46987c3ef24 100644 --- a/third_party/mbedtls/repo/tests/data_files/server3.crt +++ b/third_party/mbedtls/repo/tests/data_files/server3.crt @@ -1,17 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG +MIICXDCCAUSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 -fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ -OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ -pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ -b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W -4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm -DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx -CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS -qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb -kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu -CAQ1sXmQ +fQcsej6EFasvlTdJ/6NNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU5BdrNrIGiTrZ +XkO24GR9h6t93jcwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJ +KoZIhvcNAQEFBQADggEBAKSCuGCXcpDrVwRVgHVlUsxACRDUH2QirsLFAUk1CGsR +SniBgWi+5KGK8fd3Tf+GkVeIZocaf7tnKm0YJg8W5QPDnwrMD2L1SjYFgc7r1G4f +579FOo0qRKdJabTV0e022XFyN77JJHAm8RkjZEnzUuW7k8/RohY8NBzh+KACyHOi +96DhGsBp9LG6QIKB1rxiNx4wq3WUygaMgImoaDRqgAFxJjwRBEhcsWtU2AmoOKdO +hzQp+EzEjn04+ScJpMzMF4FY+kLaz9PlvEO61aQuZsC2fUmk+M6q8xcBNEdoFNvv +0cOl5Liuewb32srAZWCMpbHFxaT9Nd3TxJwFxFCJpvc= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server4.crt b/third_party/mbedtls/repo/tests/data_files/server4.crt index 96b1aa77298..2b4134d66cc 100644 --- a/third_party/mbedtls/repo/tests/data_files/server4.crt +++ b/third_party/mbedtls/repo/tests/data_files/server4.crt @@ -1,18 +1,17 @@ -----BEGIN CERTIFICATE----- -MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL -vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA -Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl -NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 -bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 -d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME -ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA -wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ -O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z -3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc +MIICnTCCAiGgAwIBAgIBCDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9eMvlV9hzsP+2u6oSlhxly+VSGe4I0Mly1g +Mku+BhiPm7EPEscFe+cQcuA7kr6Wmzjan6v913igTri21Gh5llS+v7t4GdbfmfQS +k8AiT0bC76+DsZ/GaJ+AhHyFmc5CS3Y6O++kKE8LG9RqKW0HjnQjOH6YQr+FgWv7 +smU2fFHVdCVtvIMzsRy3UfBhy5LcwGUGqrTjwn7QoSRBcgJKMp4cWBr14MKr4nJ+ +p7lu3QrfSGXU3TXrgHtqiHTwSiaZ75pK4CzP4ywnebsA7YNRh2sPGWuTLVCu9FZZ +9fR3x2NMz64dOjUO+JEzqj34/0N+gV3nf9nQqbTexUtBa9SuEQIDAQABo00wSzAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTAfBgNVHSME +GDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDB +ek00E3uHPwnUDBVAPRJThsj2mQr/MSCTwRMNXnNlki9Lux0qGd6uvhp5v31I7V0C +MDiCHwEm55sU4gWrAxYVKVVV9qMTG2Moy4YnJDDlxwpyXPta5Ac2FV+0AbInBXSM +Bg== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5-badsign.crt b/third_party/mbedtls/repo/tests/data_files/server5-badsign.crt index 0c650723304..b641f701967 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5-badsign.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5-badsign.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S -C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V -fGa5kHvHARBPc8YAIVIqDvHH1A== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ +qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN +06jC+BLgOH1KQV9ArqEh3AhOhE0= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5-der0.crt b/third_party/mbedtls/repo/tests/data_files/server5-der0.crt index 08d8dd311b525fd51171a1019ad3194dad91580a..1e0a00894d5bfae4e3fb4be83c5dedc703b6b739 100644 GIT binary patch delta 246 zcmZ3?vV?`jpovLgB8!0+4@W?LPGV7Tu#cgPffO5aC<`->Fj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3sPx zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh L74LBPwRivk`~6jv delta 245 zcmZ3&vY3U%povL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3sPy zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)cFj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3sPz zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh M74LBPwRkW908{u?mjD0& delta 246 zcmZ3=vV?`jpovL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3sPx zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)cFj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3sPz zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh M74LBPwRju^093hFSO5S3 delta 246 zcmZ3=vV?`jpovL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3sPx zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)cFj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3w-G zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh N74LBPwRr600syUMR$Tx9 delta 247 zcmZ3+vXq6zpovL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3sPz zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)c0syp!Q;`4w diff --git a/third_party/mbedtls/repo/tests/data_files/server5-der4.crt b/third_party/mbedtls/repo/tests/data_files/server5-der4.crt index 4af05cce1ed05ea02e9fac3fed3a0904b44799b0..4ceed41c496a286d6d7ae2c225d0f6376618d770 100644 GIT binary patch delta 250 zcmZ3^vVw)hpovLgB8!0+4@W?LPGV7Tu#cgPffO5aC<`->Fj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3w-H zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh P74LBPwRkKSm=X^FU_w_) delta 249 zcmZ3%vYds*povL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3w-I zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)cFj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3pd$ zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh T74LBPwRkL9{$E|KY85{K&c)05NUiic84ia9bw#G3pd% zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)cFj%O#I7cBQwYWsV)mg#W z(Lhd|*T~qw)X?0(+|a<-EJ~c$7{oP!at%x-%87{}nI>c)05NUiic84ia9bw#G3pd& zG8m*W88SS0HSfIbuW!HVo=g3ib#JQ0uG8g{H_x8j|2DOLolHr<%H=YfRknO*hW2e-xV(_ebKSfIrXH2NNX=&R$+|=!eh)i&`(oc!zZh U74LBPwRoKWVPIVLe@T@l053UOl>h($ delta 254 zcmZ3>vWA7lpovL-B8!2SFh@XsPGV7Tu#cgPffO5aC=0W&Fj%O#I7cBQwYWsV)mg#W z(Lhd|*U;F&(#XWn)YQnpBubpu2*fplat%x-%87{}nI>c)05NUiic84ia9bw#G3pd$ zFc_pV88Xb$iMhV)_M)dLydQS@-MyZ8P1x}G>f(momoFC!hpe5%9lQF%p6~1QpDk3> zG@ZK2&XUPM(X4*%vDjnWtJOcL%36Os|It)ceQQE;%2p^SkP8*?ZNGmkJ>sJJ*sAtbf9M8VZr!P(J3PMp`s z*uc!t)WF!-#Lyy2oYxq{HG*;tOeV^Si6EIKWFP=BZQ_bc$l`EYCigKKrWi0D%}F#q zempYM(_`9|pPNJYzC@pz^)YUJ_r&DNx5D~ClQ$gV>N)dy=`=m_&pGq{<{9 delta 234 zcmZ3?vY2IpiI*@(Kz>eQQE;%2p^SkP8*?ZNv#>B&sJJ*sAtbf9M8VZr!P(J3PMp`! z*uc`r#L(2#$iO5@oYx4%HG*;tOeV^Si6EIKWFP=BZQ_bc$l`EYCigKKrWi8J(uujg z?DnFkDZC$c`rW;rcum;w`0C<@-Ip&H3x}+o#2vf(!k+Kz^q(zM)HI#C%FdF>K+&vz z?y=Zo+^f|;smfY^Jpa*DRpj~8kJGnCK8_QuN!vN0`Z%M2fAKK}#UL%dkH@b904?B9 A@Bjb+ diff --git a/third_party/mbedtls/repo/tests/data_files/server5.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/server5.crt.openssl.v3_ext new file mode 100644 index 00000000000..594e90ad09f --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/server5.crt.openssl.v3_ext @@ -0,0 +1,3 @@ +basicConstraints = CA:false +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/third_party/mbedtls/repo/tests/data_files/server5.eku-cli.crt b/third_party/mbedtls/repo/tests/data_files/server5.eku-cli.crt index 8aa2e44a038..8d04559839d 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.eku-cli.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.eku-cli.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA -MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q -owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc -//iSmKtbl8Y= +MIIB6zCCAW6gAwIBAgIBPDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDAYIKoZIzj0E +AwIFAANpADBmAjEAoC1Xxg8Xt3tvM2ZER4jCRv7iSYPWGgNtcYNJj3G0lb0PYi1l +Nd0cqdGxydhm7RJLAjEApAE8koD1ccIPnSFTagT7shOSz1/lOU4wwAWswcwolzt3 +xrvFlMoTeJx3sS3Zqdr8 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.eku-cs.crt b/third_party/mbedtls/repo/tests/data_files/server5.eku-cs.crt index db97b403e9a..c00bc3bec23 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.eku-cs.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.eku-cs.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA -MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy -gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6 -JQV1kqqbRw== +MIIB6jCCAW6gAwIBAgIBOjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwDAYIKoZIzj0E +AwIFAANoADBlAjBlMU7Fh18cel20P3rY7esvtPLDHQQKWSCO91XHHkZi1zRPq2px +nwVHayXnOS3CPRsCMQCQDYTyVMS8oEIrm0XPI6HrbCMUq2bhPwaYpelU/asOzYI3 +gOjGCDFHtyedJHVK0rs= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.eku-cs_any.crt b/third_party/mbedtls/repo/tests/data_files/server5.eku-cs_any.crt index 8fa8632dd02..912d929b191 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.eku-cs_any.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.eku-cs_any.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49 -BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT -Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1 -bUD/WrUSLlwikZAeng== +MIIB8DCCAXSgAwIBAgIBOzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NrMGkwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwHAYDVR0lAQH/BBIwEAYIKwYBBQUHAwMGBFUdJQAwDAYI +KoZIzj0EAwIFAANoADBlAjEA89+l8gNC0H75Tzdz/75W6EjGSzZ3m50S4cK5jD6+ +ZZLpRcbIqPqMT2MNkCm7ImNpAjAlTkFLVCGnTNX/q7QWOrx8aPXXAeZtY5NFxd66 +EJJb+YHTQ80hZhLWX8/QaAJjniU= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.eku-srv.crt b/third_party/mbedtls/repo/tests/data_files/server5.eku-srv.crt index 64312f6c49a..b173afcdaa6 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.eku-srv.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.eku-srv.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA -MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu -qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de -2x5sX/0OSx4= +MIIB6jCCAW6gAwIBAgIBPjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYIKoZIzj0E +AwIFAANoADBlAjEAh+l47FmXR/nUxD8bfnS3sT+QTgc8pXUEqh/gXUs2xINVSoL+ +ZewgcNb2UanzCNheAjAnUY4b0M9YHp/eJjls5RzGX6JXtcWwn9JvO1HqMQnHthcy +hPEQ3lW7XG0DIQS1drk= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.eku-srv_cli.crt b/third_party/mbedtls/repo/tests/data_files/server5.eku-srv_cli.crt index 9f58fedd20c..be2531ee22a 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.eku-srv_cli.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.eku-srv_cli.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq -hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A -fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN -SmsT1m9VPQMIyUo/3RtYjg== +MIIB8zCCAXigAwIBAgIBPTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NvMG0wCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MAwGCCqGSM49BAMCBQADZwAwZAIwHu/xjSqHK91yEM+KgEFGU8Xc3o9rEVrCBFeW +ChIa3slZZdG4OuIm06Tsabf0pBLHAjBYKjoUwWEuDOOQKbbJZG8gKDzMAgEpe/RW +wAjY7i6CzZ1NKfFQ9fQdwA+yjq2fnlg= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.ku-ds.crt b/third_party/mbedtls/repo/tests/data_files/server5.ku-ds.crt index 58dd0714b59..dafff9b3d76 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.ku-ds.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.ku-ds.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG -Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL -eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4 +MIIB4zCCAWagAwIBAgIBLTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgeAMAwGCCqGSM49BAMCBQADaQAw +ZgIxALHO0QR+4vz+fj4WwBQMa55oJDlp1J0PpqoJYKTf6DRx5rNuZxSbNu2wJQWz +MJ9ekQIxAMPo/Rhu4e9KRkEf9rYU9Ynd7t9/PCsXw4JZuxZfToURDsrAI/Pnqc0H +4+FA/EuPJA== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.ku-ka.crt b/third_party/mbedtls/repo/tests/data_files/server5.ku-ka.crt index 2447326c2e1..74a4235244d 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.ku-ka.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.ku-ka.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO -BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ -OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA== +MIIB4jCCAWagAwIBAgIBLjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgMIMAwGCCqGSM49BAMCBQADaAAw +ZQIwCVbbPiS8MJUOz8JBmgLHojKDaJOd4lSfSak0GSl02UjT8OiNyRzA+FlFWO94 +YMjyAjEA14/ubZ1ZW3/0hkiFHzhTD2SXbTfYbhDZSq2PR+9sBlUrrx1GhzWw/cOD +3jZd4DQO -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.ku-ke.crt b/third_party/mbedtls/repo/tests/data_files/server5.ku-ke.crt index 41ae5ada31c..6b4e74e240a 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.ku-ke.crt +++ b/third_party/mbedtls/repo/tests/data_files/server5.ku-ke.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT -52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d -9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg== +MIIB4TCCAWagAwIBAgIBLzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgUgMAwGCCqGSM49BAMCBQADZwAw +ZAIwezTY0tigIg6u1dFl90LHYcZ+lJK4BO5Y6U9pn952NFo24NsL8qnG4nxwsL3M +VvV7AjBQ+oZyKSyNp8XRAHYC6lERH7/Gh7HrVWyTRo9iPPL6tE4x/jE7jL9ifgl+ +F6982sk= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server5.req.ku.sha1 b/third_party/mbedtls/repo/tests/data_files/server5.req.ku.sha1 index 3281c94608a..c73a0e27d89 100644 --- a/third_party/mbedtls/repo/tests/data_files/server5.req.ku.sha1 +++ b/third_party/mbedtls/repo/tests/data_files/server5.req.ku.sha1 @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE REQUEST----- -MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY +MIIBFDCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD -AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg -2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB +AgbAMAkGByqGSM49BAEDSAAwRQIhAJyChfsSpNIhLjeDB3eBWVjb685y0IJHoNp/ +Ho463k83AiAB9+M9k8nLjKVkEYaVfmE/fPKQVkeuywIO0RMmZ40gAQ== -----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt b/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt index 3c6fd4d1b0f..fc28f34c2df 100644 --- a/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt +++ b/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV -BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy -U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz -NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0 -aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB -BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3 -iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA -MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT -MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA -MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx -vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g== +MIIB7jCCAZSgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV +BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy +U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwNjA2NDJaFw0zMzA1MDYwNjA2NDJa +ME0xGTAXBgNVBAMMEHNlbGZzaWduZWQtY2hpbGQxEDAOBgNVBAsMB3Rlc3Rpbmcx +ETAPBgNVBAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJH0M3 +jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjYDBeMAwGA1UdEwEB/wQCMAAwDgYD +VR0PAQH/BAQDAgeAMB0GA1UdDgQWBBR+ZY8+MwMU5eG+YLLghX+M52ArezAfBgNV +HSMEGDAWgBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAl +Y2yXg5sZunmo+McUBzvSao1wRxw+9XBSM+Dph5gfhgIhAPlI+lSvD4mzlBzn01Mg +0tMpKHbY34iadcMWBUgibMiA -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt.openssl.v3_ext new file mode 100644 index 00000000000..dd9cdaa739b --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/server6-ss-child.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = critical,CA:false +keyUsage=critical,digitalSignature +subjectKeyIdentifier=hash + diff --git a/third_party/mbedtls/repo/tests/data_files/server6.crt b/third_party/mbedtls/repo/tests/data_files/server6.crt index 6df6716861e..51e43931945 100644 --- a/third_party/mbedtls/repo/tests/data_files/server6.crt +++ b/third_party/mbedtls/repo/tests/data_files/server6.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7-badsign.crt b/third_party/mbedtls/repo/tests/data_files/server7-badsign.crt index 954b53a5b5f..e0d18b0a89f 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7-badsign.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7-badsign.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK0 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO0 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7-expired.crt b/third_party/mbedtls/repo/tests/data_files/server7-expired.crt index a25ce4b07f5..9c423c9618c 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7-expired.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7-expired.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTA3MDYwNTA4MTQwM1oXDTE3MDYwNTA4MTQwM1owNDELMAkG +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDUxNjA3MTAzN1oXDTIzMDUxNzA3MTAzN1owNDELMAkG A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHcG1ysT8yImc0x3Z2O0SOtSYYjCPS1Gc89j -fWdBSoS5YhPHLgEjHQgDA6XdDNL0eUo3afhucEvSexhqLUABLu89cmi7ST+TsTEb -/lu8qZUgpa1bcMOk1+whl0JllfcDEq2y0aclkO0/6M6JftNNJ3egq2qVBDEszTtY -zcYZIr1o04TNp0fAtmPUH6zjpBkNB0DQyKFhgYPJNwTapj6ZDVi1zBK3wwFfZfgK -s3QvwhWNNbHL4B0sPec/6TiF5dY3SeUM4L8oAGdT7/ELE6E74rFyS/EpjJdVzXDs -FfQvUDPb6PJuWZbr4mNg/FANeGPa3VENcPz+4fj+Azi1vV3wD4OKT7W0zIkRZ+Wq -1hLFuwa/JCSHsn1GWFyWd3+qHIoFJUSU3HNxWho+MZqta0Jx/PGvMdOxnJ2az1QX -TaRwrilvN3KwvjGJ+cvGa7V9x8y9seRHZwfXXOx1ZZ0uEYquZ0jxKpBp/SdhRbA5 -zLmq088npt7tgi+LcrXydorgltBaGZA7P+/OJA2JkbIBBwdSjyfG6T07y4pgQ90h -CeRqzu4jFcZE7mjpTdEyxAQRJa2dhHkhFB7Muq7ZTi3jlml5LZnlbUdPlR5iTgOU -yueZsAAEb//A6EU008WmG/K+EY230JxEUzGNf2l1j1H94HcP9OwjY4bn2PJdVzcb -B8PmaiMB +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAHX0pu54c8rk2F76lxnMKuS+C3Kiwab0KxII +ZkpAgpk5sj2KxiGrNLDhK0ZGjVlVuUjauySVuBUfrr8GfjQ1xE7RUrxwBrEU5fVs +FHKscBF58AaIXIPf5xIuCdc2C487Leuu+LIbGsg9EvKq/pg7avIB9hSjvwn5W3m3 +3o8eL/ahD4t5rh8r7hKptY+7dqeraBrmCnitxsRQToMV+jy2RCGD3vYUDxyJc3x+ +m3o7nWGreyLCqPCRgeEh9RKbbhygcoBtdjojZABZmlGa9BO72hK5lhy2a1QiIOiL +OoBgDFf8gVo81MX02RtSQISZLq/hJ8smtil8oaKgJ+VyGjfCR1uZY7RpaEfP4U+R +tX8gqt/4TJ4mIJOv4xL12XsV65rZuB7+yhZ6rqWRlZx9Aa4/GqxIbALrQPs17uRX +41TPIdz3Pjq3w3x3bdGxbyF0TvJRaeobB60KHlrm6DWltY7k2Ucju9oTko6bJLgp +rCRC1JkTXzWS3jZDqULTVPxDsZjVRqwEl46PPe0gSloB+h/ulq8rNIG1snWTGdNQ +Bovbko9lFHA8md8f7ZULQ6pB8SV/LH2qufSsWb5LY9ZfHUprwH2oBQ+A9eYkk5ZR +LJC879ZC8w8LMQfBGT22fLnOJ2qS6GyguB+y17beF8RMgFpiFTzoD1nPQAd9cyGY +b2ta+9o9 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7-future.crt b/third_party/mbedtls/repo/tests/data_files/server7-future.crt index eeb596fc299..b725eb7348a 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7-future.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7-future.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTI3MDYwNjA4MTQwM1oXDTM3MDYwNjA4MTQwM1owNDELMAkG +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTMzMDUxNzA3MTAzN1oXDTQzMDUxODA3MTAzN1owNDELMAkG A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHF4y9PmCUF1yOlBIUCUAAFMZmXJwOGsMNKI -u0+At0sbs+W8J06PVyYt4UxL4TyIxHM6SOvKndFdCQxG7NQY0KU+HBdLVUM1iZy0 -Kopg7yHvEAZ0YWPptgCd10C/wmTz0b0R3cxhSb8FZjlBjNB7dJKhRQsh0za+GMx/ -LXunH/t0oP5an4yO3zTog+4+7bDGGEY7SymQJ9Z8t2gdZpn/r60j9IGhL5XI2BS/ -+cU96DMF3cMmFk24vAfduYicKc8KowhUpGCsIP0bl+TY8Vq6kepBA2lnj7/YOkDs -/f+wIS/Id/hdw9KxRUPX+cQLUt0/C7JktDVudZ5zLt1y0A971R+23ARtJGUBJGSp -5tkVX8+hK8sT6AVOkcvA51IOBsVxmuoWk/WcjBDdOjyIK2JFdbcJYvR8cpRbL+j8 -HdQEu+LorvGp28m3Q5mBTKZLKgyUeQWrbYDqeub1OvYYkuvZPZWFEDP2VYcS7AXN -IoUSTcMyhLNuncQl/z0Jbkto59+il6cQ2HIqkubLBk2X8uwMw2tloROlmklweHqR -ta6aRlLxBMgccJpK7cU5H8TMb6aR9GJGyzQJ2vET3jPBq/uEwbvK8HRVJ7Ld68k6 -ZMCwXGdTeYuDWt0ngAhf+i+GNexJRSLvzRGt18DOrpmj2X3naarNSTfRArm4EINW -WKW7hd8h +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAFgzS8NNGRayelUleAee5udbk9+fkkxvYA/p +QEaD+UvuSmgJ7iEU0gx6cJ2RcEbg/NqgrMBni8ayiGptOZRTq4j8bPcrZZCrcsvO +jFk/yXwWIv1hRofQ8wBynPOgbtPJ5J7zYkE0sqXbAPOWeNdya+R0CuSex5DW9kj/ ++tiXGXdGiLKu/FOC9tedfsu67a+ZEK0Q3rbFqsWpHdQcKIEN4A18xPBXNtx/DJuq +0+fcjtIsigpRvLbLSFuvSI5vWP1MFyuMDTLYVKN1PceRg2yxpKecKbsDpeSRX3R9 +Fs444mDSJs75i8fkdXS4GLXfJjJOft3HbRtEEznF5sITppjr40PszMvOj2njWPPn +o3ECca7HbhuhtqIGfM5+2mCwPgmm7fEmYILVYgTihFfPKUhGUKN+4Qp75gOzMKds +7t8NRFTKPEpFmicc1wKfEsp22UWC6azyTu6iVByWlt+fojFbdHjvxDY8iIqBFU6/ +44uLMTxu9r9gMSZK9sX7vGIgeER3RnArP0ZSxAvoxG3lu+QQXwItxnTKQnA3CDra +MkmwSM5kMewO/Ub1bgkdQ3j/DD0uSwreEdg0fvxaAJIH2N/lOFUWPrzbg8TJR1Sb +ohctT+uAKoPQrxsZuSdrz9QHOdgkPR6gp9bdnXkZSa9jGX7Pd5Ur5LDEXljol1ZL +T97oaKB7 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7.crt b/third_party/mbedtls/repo/tests/data_files/server7.crt index ed087ef6132..c5c2cb8c58b 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7_int-ca-exp.crt b/third_party/mbedtls/repo/tests/data_files/server7_int-ca-exp.crt index fc0051772e1..a3a8f69dd16 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7_int-ca-exp.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7_int-ca-exp.crt @@ -1,30 +1,30 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX -Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep -773Ap7Gxpk168id1EFhvW22YabKs +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR +07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf +z0BtLCVhFwQlrzCqgXC98SGfT6sZ -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7_int-ca.crt b/third_party/mbedtls/repo/tests/data_files/server7_int-ca.crt index d3ddc46a8b6..cb108a46f2f 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7_int-ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7_int-ca.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7_int-ca_ca2.crt b/third_party/mbedtls/repo/tests/data_files/server7_int-ca_ca2.crt index c289c0aadf6..097447fd0aa 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7_int-ca_ca2.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7_int-ca_ca2.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,24 +39,22 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server7_spurious_int-ca.crt b/third_party/mbedtls/repo/tests/data_files/server7_spurious_int-ca.crt index 632c4fd13c0..fdc11462311 100644 --- a/third_party/mbedtls/repo/tests/data_files/server7_spurious_int-ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/server7_spurious_int-ca.crt @@ -1,49 +1,49 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBABN3b1ltNlBQ9PhwJhxBWENlMNdy1vyKBGH3EdZ7w4uHJJOm +w8JS5p/B5+9fDIIOThDr80hLq4QOQVJhxAT1/Zsb2OzsTxc1BaCNbBv2Y+FyFcpL +I8EjMF+gnSgbs46kGKce1EJNrZrkvpCngtNj7qqg9qnPXd1en0z349xHJPmYuWEb +9sHdVlwnebPm1n9u1NzpktAChb28UFnBYTWraZCtMBMozuMhz6mo66XOEyH06Ypa +QPOlBmbgW/e+fuXow41QUqP2tvVL6MsmSZFWk8hr45rNRzeTok1M5bW91sZ78We5 +95m3T6IE+qpj2/RILncwy7vWBlFzbuiIA3eSJa8= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -57,9 +57,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server8.crt b/third_party/mbedtls/repo/tests/data_files/server8.crt index b435b2deb52..515b17b3c10 100644 --- a/third_party/mbedtls/repo/tests/data_files/server8.crt +++ b/third_party/mbedtls/repo/tests/data_files/server8.crt @@ -1,18 +1,17 @@ -----BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l +ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw +CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4 +zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89 ++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j +LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw +2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW +KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw +7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E +AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS +dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS +MxG1isOdUiQTajM1TQ== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server8_int-ca2.crt b/third_party/mbedtls/repo/tests/data_files/server8_int-ca2.crt index 7a8da717d40..e99727d3695 100644 --- a/third_party/mbedtls/repo/tests/data_files/server8_int-ca2.crt +++ b/third_party/mbedtls/repo/tests/data_files/server8_int-ca2.crt @@ -1,36 +1,35 @@ -----BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l +ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw +CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4 +zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89 ++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j +LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw +2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW +KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw +7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E +AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS +dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS +MxG1isOdUiQTajM1TQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-bad-mgfhash.crt b/third_party/mbedtls/repo/tests/data_files/server9-bad-mgfhash.crt index 34ef69e0319..ad299423b0f 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-bad-mgfhash.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-bad-mgfhash.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3 -Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg -WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV -H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW -KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9 -uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28= +MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwODM5NDhaFw0zMzA1MTcwODM5NDhaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj +BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB +ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA3gOCAQEAaQlf1GPhvPHp +hFgTdIB5x5zACVb4a4ONuySVckfMpWk2nlkRSu3Kgv4j8l/jfNpfr+we4lG72xEn +FV3em8dEzxvXd5jXCfR/hWJKYVoWh0055qWw7FpG20vRFKttU8UFclL7KvMs4InZ +vDpbPs5EwBQXTg/manL9TD9t/zqWAUJj1yHWiIISYzfWmsaoTi8jNxSR1+lkmPPP +ZWQwyUJrh82Mw3VwNGxXOfpGIwmjXPia8MafjjH/RtHNx7ukCk+6q1ZlH57NolZJ +dlQTJv21+vxyYr6GZdHXzdJwWMnFSof6VGwayNzetSnVhJb0SQqTBt8Vu5xQtXGa +QcCjGyCAIg== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-bad-saltlen.crt b/third_party/mbedtls/repo/tests/data_files/server9-bad-saltlen.crt index f4da8832ff2..45bf20e2746 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-bad-saltlen.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-bad-saltlen.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam -hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl -XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD -yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r -YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6 -JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is= +MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MjIwNzMwMDZaFw0zMzA1MTkwNzMwMDZaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAlQo9OnchZbLQ +PTXs9NgXDoQb4JvUG/Fsq09/e8ivWaHkE7mKeNRrP8qMdAw914Bs1NQf9F75CWJe +5YtmLcE5gSbVj3qa6zVuQWEcrseKz6wpAFLsHKbF6kKfUgcI56xmD2DhhIHny+5B +9ObM0RQpCmAYXjU2CvknXeBzpX2cGOLD/Nexk1oBF6PI0rDUBqg3cexsJ5XfJwYg +tkjkZ321s9N09BsioauH6d9x9/Ysz7Qp7Bqpb1E7dV4bDuT5vwPWwPIUAav897Vt +s0uMZHoVasj57UwqDv8tm0db6f2VOL7r5GBMjbp6newW8Me47uXSBXKy8tFJMolj +yKuEQkKKyA== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-badsign.crt b/third_party/mbedtls/repo/tests/data_files/server9-badsign.crt index 9e565419eed..8656b1a47af 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-badsign.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-badsign.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCFG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/0 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-defaults.crt b/third_party/mbedtls/repo/tests/data_files/server9-defaults.crt index 4ce5c873262..8613f5237fd 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-defaults.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-defaults.crt @@ -1,19 +1,18 @@ -----BEGIN CERTIFICATE----- -MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B +MIIC+TCCAeGgAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7 E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC -AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf -p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU -ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy -/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm -f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd -jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a -69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS -BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B -09JqWv4DoLNnwg== +AwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEwYwYDVR0j +BFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBDQYIBAzAJ +BgNVHRMEAjAAMA0GCSqGSIb3DQEBCjAAA4IBAQASsc5y7sDP4prOLGAl2EB5d+Gg +w/Vk9+g3KXpeIUCL6gmECNLENmmBe6zZR8/Ax6R1hUe/Cbflepxsx627Eg29NCZK +Bo/AQoz658kwEzr4jhF8M6y9sdsf5/OauoRxDLcMEywIkgmuFvZIpyEwXix6arsK +mNWnW0FwSr2NaXozD7OquGwTEAvAbtei+5JAeVvvGi1u32D2JPVHk3zv05LXtx8b +8bEmzZLthFk3GbSkGHC3K5rjNgTMwY0BhNBW6qFyY5mL0bHVDbZQxD9RRwDifGty +fTo7odJDAHU1xucWF6dOU5nAqiFKlc3eITdBKt+d10yBSr7qXciHkHpAzCvh -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-sha224.crt b/third_party/mbedtls/repo/tests/data_files/server9-sha224.crt index 1b05f313a47..ed648c8c0e6 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-sha224.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-sha224.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo -PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm -g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm -uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR -B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe -l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCBAUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDiMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4gOCAQEAjG73ZOe2pQn6 +jqiTHALGM0IG8BBCamo3gzbCjZPz3ZnTpZii1pQSFPGEBaKCgrtKrjvoP21ZDUnq +3HjTUzGtGbHk3h+UJcVYgFuONidguUDaALGtXIPWUlqBBeJL+Y+01zJRnMpC2hV7 +JUOM3es02te8RM6srCdW1fP9x+Lx4G2Kjj7kEzKafEbwFesS4LbBXsWkID8xDPHO +DLKvg66tPeksDBT4n7f7H51eNlyIwwMDKTc+N9Ri5OeW1HOqtbyo/yJlHvQqnCld +E8gW+AVoeZmN6n/4yemnCEkFRqgbRSIGVoPmOY9d/FfGLmClcaZFPcH+w1JDhF71 +3egYnUY/9g== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-sha256.crt b/third_party/mbedtls/repo/tests/data_files/server9-sha256.crt index 7d0aa39567a..ef37b3f6a91 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-sha256.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-sha256.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg -3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 -yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H -V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE -0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu -zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAXcWlfbIjRJX3 +eCkj03eKLvhawFndN6mWMOTVvr20Vdhhn57wngSKYgtsbOZhpT+pIXTTpxhku7uS +Pg6NDU0W13xbrcIsYxkZRcN6AYcnV0NxnhdfkmxwDjLyohgm8IdgvHb04r73OP0j +KmnZfJJpnxkVGD8NFGj2hBCR7ynbVBAfJegl0Lruxc4AlrniG6MW9xfkmE3EfOQg +dwZv3UuhxzEhLmR933BCijwfhBVfyzarGjDtZjQYNwWKhRl+OXM+L14Ofq7htSxz +kSM5KJfCAzLFNd6N2YU84IhqwTS4CZ/bE1HchEYPtXm97bj8Vldrfv2up/4Rc0kF +a8P+xLLmug== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-sha384.crt b/third_party/mbedtls/repo/tests/data_files/server9-sha384.crt index aaa63e6ed29..2ea0108d43d 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-sha384.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-sha384.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp -B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI -aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX -TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug -qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg -s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAgUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAgUAogQCAgDOMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzgOCAQEAmTU2HqAA7gbB +tJlDAve8nGbdCim4YjRXWceHGCpoFIWrs6onlHCvnZ2Wr8iPk+wnd7ShIpp8vGb/ +476y8pfaA2n8vYWhQKDCTTUXJN4tUc7i8Uz4RGdK48vHVvZCtCT/8MmPPouOIZcU +/Kkenw2jv5R/CpiirVUsjNx6BYcdu1zzEU+uoBLom6sZ6LGRlIB0prFWcxrVjfzx +2C8ZxMW8NWj6EQipQJ2U+CCycA2HkbCmt3FnEXmN5OWThvnKdshoPkMn2HwhAOzn +cjZQhQT3WSufvZ9bYe7HZ5e1e7k6aMXBvW89ECxc12mZfSjlYmlvfHZuO8D2sP2i +RidkcXFMxQ== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-sha512.crt b/third_party/mbedtls/repo/tests/data_files/server9-sha512.crt index a211b921dc7..4abdf681330 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-sha512.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-sha512.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR -6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu -6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk -tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU -6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ -5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAwUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAwUAogQCAgC+MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvgOCAQEAVut9oL/0V/vo +f9VKxAZfyy0zFy+LOHzV1H5qQaPKJnXIAUp/sDtvOjugqHKjamg6dCIVy292Yxcx +rW8WcMR1Bj9MQ5Qrv++TZ0a1e0qet1GYxj4MQkU30XlJq/Jh7ede9Vh/yBxKTQq7 +oaJ6fOTFWcz1JZDrZrKffBOqIp5jQWPARilUDN6FiRNYV3/14aWVGnNbqGfoY8CC +WvpC0iAvrQxjdQQf6nIYrzcGNzvrpRbhpzBPUyUIrM1o+nyiNAJPlyncjFwmfw9g +80FP1XnRIIKmlTTG7ivkjHKzE6WXZSQPjArg0jxQAX1uLKJGFhu+ueKyoPOHQXS0 +O1z3OQn3+w== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9-with-ca.crt b/third_party/mbedtls/repo/tests/data_files/server9-with-ca.crt index 0478cff85d5..51c0ada8496 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9-with-ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9-with-ca.crt @@ -1,99 +1,39 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/7 -----END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 -----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny 50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/server9.crt b/third_party/mbedtls/repo/tests/data_files/server9.crt index a6f9fbc76c4..26567aee919 100644 --- a/third_party/mbedtls/repo/tests/data_files/server9.crt +++ b/third_party/mbedtls/repo/tests/data_files/server9.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/7 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca-v1.crt b/third_party/mbedtls/repo/tests/data_files/test-ca-v1.crt index e5a3b1cde47..2f10f6d8606 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca-v1.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0 -MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G -A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW -oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j -MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8 -Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59 -JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp -/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID -AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+ -9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr -J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU -x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m -lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK -uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy +MIIDHzCCAgcCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDAwWhcNMjkwMjEw +MTQ0NDAwWjBQMRwwGgYDVQQDDBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQL +DAd0ZXN0aW5nMREwDwYDVQQKDAhQb2xhclNTTDELMAkGA1UEBhMCTkwwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAEw +DQYJKoZIhvcNAQELBQADggEBAAtVAWmbymwKDj9v8m7SVLHF0mw4i3gBFVPJqYRQ +y9CnUD68kUr4qK7wyQIv/gDRYuqZVNnBq4Jwzm+tPEBHpYAF5H/7Mynpb4h+uZ3a +6kaWURXKzx53ZuFHLu1FuRov+SZU3ZtXClTYFKeyDb+fcth/8thR9V59v7ZE7zlb +8zbyL+dqfyxvmxZCUzHbNKVrliiUUFXfW53T+B7Ysxner5mnqM1aPxckhXVHEJ47 +TBoIhpBoJ/HmHCiWz8BeoowSpG7u+QOezIKk8l5Pd2f8MeqwyaqIeAy0lh2nP7pB +UtWET/0bsdiPn8SR9B3hWpKUDRvnHDDZuZiKtrdDEqsD04M= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.crt b/third_party/mbedtls/repo/tests/data_files/test-ca.crt index 31790b5bb47..ef7e4c72943 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca.crt @@ -1,5 +1,5 @@ -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -9,12 +9,12 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.key b/third_party/mbedtls/repo/tests/data_files/test-ca.key index 1614e22bcd8..de8be1ddfbc 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca.key +++ b/third_party/mbedtls/repo/tests/data_files/test-ca.key @@ -1,30 +1,30 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B +DEK-Info: AES-128-CBC,781840E6B804AE83D2AF71127C4CE314 -9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA -7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq -Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo -PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb -GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9 -gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq -QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w -PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x -vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU -WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X -JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR -KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe -Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J -9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2 -iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/ -tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT -P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL -1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb -nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5 -X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq -rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz -L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l -I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR -wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde -P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2 +etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79 +NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO +bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB +skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV +sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45 +U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G +L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl +UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC +itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM +sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB +/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m +1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV +UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21 +7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG +ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm +cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W +R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts +EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP +90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD +gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR +xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ +0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp +fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX +9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H +PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU -----END RSA PRIVATE KEY----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.opensslconf b/third_party/mbedtls/repo/tests/data_files/test-ca.opensslconf index 64347de8301..f03f5fd3994 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca.opensslconf +++ b/third_party/mbedtls/repo/tests/data_files/test-ca.opensslconf @@ -12,10 +12,18 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = CA:true +[no_subj_auth_id] +subjectKeyIdentifier=none +authorityKeyIdentifier=none +basicConstraints = CA:true + [othername_san] subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name -[unsupoported_othername_san] +[nonprintable_othername_san] +subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name + +[unsupported_othername_san] subjectAltName=otherName:1.2.3.4;UTF8:some other identifier [dns_alt_names] @@ -30,10 +38,19 @@ DNS.3=*.example.org [multiple_san] subjectAltName=@alt_names +[ext_multi_nocn] +basicConstraints = CA:false +keyUsage = digitalSignature, nonRepudiation, keyEncipherment +subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144 + [hw_module_name] hwtype = OID:1.3.6.1.4.1.17.3 hwserial = OCT:123456 +[nonprintable_hw_module_name] +hwtype = OID:1.3.6.1.4.1.17.3 +hwserial = FORMAT:HEX, OCT:3132338081008180333231 + [v3_any_policy_ca] basicConstraints = CA:true certificatePolicies = 2.5.29.32.0 diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.req.sha256 b/third_party/mbedtls/repo/tests/data_files/test-ca.req.sha256 new file mode 100644 index 00000000000..11143387916 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca.req.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgDCCAWgCAQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUWoM0h8ZnU7OrLfBhYCJSl7JvFi98a +Hpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6jMFKp8udAcBTLRKJyC8LlQPk+5aYO +s/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8Ko/vJ2DDxp/LuuxgfbfmhDK+T/tY +JiIDW9S01fv145YucMDkLr38Lu7iQVXANC59JHJpy0exFECDfWf0hvYxq/F5pLK1 +LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp/KzbLijRfgJLI6AV8jhlZAnqDG6O +Gxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QIDAQABoAAwDQYJKoZIhvcNAQELBQAD +ggEBAKI+q840+CyPj6DJDJr9mP/aE8U+VyxbarQuZHxbiyS2HDuNQNFvP2TmCDRx +juERTU8yDOj3F2p7JhFF4QkCP2TP4JFYjLlOE7ISxYegGdJNNO6W00btMHG1s0aW +uPcPIIy9HxGiOFFmjYz7Jo8mcFl+bl4ET7zPoj21R4dOl7E3oYLtEZqTuiWnfW2H ++whurU13PYyog3jvJex99VIL8ZRliUSKgdmQ7A4GMvE6kf6Uk+441ynZ7RQr4jF9 +xsVIrR7cyt/SsVEYF+2SfJi0dO9pf6yV3PdwtpU2URTyZoitlneqEINXKi7Qx6E+ ++f5fAI8FbCJtgKEKf2TfqiH6sCI= +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca.req_ec.sha256 b/third_party/mbedtls/repo/tests/data_files/test-ca.req_ec.sha256 new file mode 100644 index 00000000000..6d46b2ad846 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca.req_ec.sha256 @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa +BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO +LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg +Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E +8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l +pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y= +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt index 4fb40838cac..303a2c00b9f 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAP6mZLzh0IPSMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIzMzhaFw0yNDA0MDYxMTIzMzhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAQIwCgYIKoZIzj0EAwIDZwAwZAIwZOCKY0EHXYzI4cQsFnfOrxm1 -ufvNeZ4ZcSZWrkTBazW2OBCuCP9SLznec3SFOUvvAjAKe/qycfxkHivjieCEG1Kt -m2D4QKSJELUhTHr4zdkeqbzgui0y3iouaoyWsKvetNg= +MIIB2DCCAV6gAwIBAgIUN3DAVq0Kn9k3FPUPZGW2d3rZn28wCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIBAjAKBggqhkjOPQQDAgNoADBlAjAxoq/Q4PEA +8SDd3cQaVIwx8oJVEzfJo1BB2w1LnjvUXZrQydjNXMU4Jgorm/2/uLgCMQCyI6cZ +EAIgKPYlT6/zJHBj45qejs527OfI4Xn+kQ7OvHQtHaCAzQw4h7Jfx+gXaUo= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext new file mode 100644 index 00000000000..4bc5d3c24b1 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = cRLSign + diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt index edacc64c9b4..5cad7b2fc10 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzTCCAVOgAwIBAgIJAODh6PAeD9/vMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIzNTRaFw0yNDA0MDYxMTIzNTRaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAgQwCgYIKoZIzj0EAwIDaAAwZQIwGGlbynd1jU3WkUx6Irhk9Lob -z2B+1eIO6+eu3En8B3rh8Ipfxo0e0hpfaRFYP1MUAjEAjxxBchRWJAzZ6/47Wg/7 -UoasRINgP5B/uJhTnftS1bqyuWHastb4LW5/YLOvPbMQ +MIIB2DCCAV6gAwIBAgIUYDcYIJ6EBbKafKeXLgPLE+RsJZowCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxMjEwMzEwNVoXDTMzMDUxMjEwMzEwNVow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwICBDAKBggqhkjOPQQDAgNoADBlAjBwsfyYiZB6 +PpDgIbYRbZ4VT9GGFNE3L4C1IH8RNwzvywLvQfVp3ocRAkzEoRpmKAsCMQDOGm48 +d7zKl7IzmBuOWXYlukWDDWwpNI67z7g0JawfypKIxcPTZFiQXVtDdTdkrGY= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext new file mode 100644 index 00000000000..997c8930bf5 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = keyCertSign + diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt index ac74e402a00..4c69582f3ed 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAPejOupCJS65MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIyMjVaFw0yNDA0MDYxMTIyMjVaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAQYwCgYIKoZIzj0EAwIDZwAwZAIwMKLVXB4YBQ0Ha4dEvFPcJtau -TS5Vd4UqG3xQ10YcJogweuqaGHSFgdnEUfoX+4p5AjApMnYXFfUjSmlyfJmTaswO -gaR5sUnnw33NA9j1ercem3asCYz6a8T0zo8/rR33XVU= +MIIB2TCCAV6gAwIBAgIUd5f42F4ahjkx9AIN035pcF4WFikwCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNpADBmAjEA6IUvQwSw +vEkHjU9YNsPcUsJf0UTHUW1T8mNbgk+zCl6fzeU73oCXH6zoi5q6vLgjAjEAv63C +xknmJJ4H3Zlc+O5GlcX9VQNZDn1xV7hf2yW1Gf7wLTnSWTf5bXATaIQ6QLO1 -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext new file mode 100644 index 00000000000..0fd73a25ab8 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = keyCertSign, cRLSign + diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt index c28e17b22aa..2907aa73433 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAPOkPR3wsvm5MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTI0MTNaFw0yNDA0MDYxMTI0MTNaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIwGRCmU/rWNjW13g8ITuq3pMXb -jgwTFJHVlbMDiFJwUrRvytPV9doJOfzJ8nAQ0cZ1AjAbJ8QAV2e+DmYZpWc/p6Ug -nQdac59ev+lH+ju6wET3jNDjUthUPrdgqa54+UWQ5r4= +MIIB2TCCAV6gAwIBAgIUb5xsO6FEmAz+XpGFHpW7ODFvup0wCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA44HVvGYv +meA3SpaNJmubLKjsQlGNnEUUo1IO0NBP5yWG0dRFkX8NQ0bzH/1n6FJcAjEAm9wj +xdmEPUr6PY54c0IQJNeeF76L1/+EszXrSDQ7TLv1YC4d4uMNmqwR9EGuUX+/ -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext new file mode 100644 index 00000000000..08e49d47513 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = digitalSignature + diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2.req.sha256 b/third_party/mbedtls/repo/tests/data_files/test-ca2.req.sha256 new file mode 100644 index 00000000000..6d46b2ad846 --- /dev/null +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2.req.sha256 @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa +BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO +LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg +Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E +8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l +pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y= +-----END CERTIFICATE REQUEST----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-invalid.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-invalid.crt index b1cfbf05476..833e497faab 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-invalid.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-invalid.crt @@ -1,27 +1,27 @@ -----BEGIN CERTIFICATE----- +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-present.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-present.crt index 776e725cb64..649cca05a6b 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-present.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-future-present.crt @@ -1,28 +1,26 @@ -----BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-invalid.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-invalid.crt index febad74081a..a0b0a2f868c 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-invalid.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-invalid.crt @@ -13,15 +13,15 @@ l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-present.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-present.crt index bc1ba9a2efc..24e05c64227 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-present.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-past-present.crt @@ -12,17 +12,15 @@ tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-future.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-future.crt index d62ed09cd41..6539479e63e 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-future.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-future.crt @@ -1,28 +1,26 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-past.crt b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-past.crt index a321d5dd782..08aeeea1204 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-past.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca2_cat-present-past.crt @@ -1,17 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca_cat12.crt b/third_party/mbedtls/repo/tests/data_files/test-ca_cat12.crt index 89281446375..c54bcc178ab 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca_cat12.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca_cat12.crt @@ -1,5 +1,5 @@ -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -9,27 +9,25 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-ca_cat21.crt b/third_party/mbedtls/repo/tests/data_files/test-ca_cat21.crt index 7234863c719..b090dc6ecaa 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-ca_cat21.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-ca_cat21.crt @@ -1,20 +1,18 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -24,12 +22,12 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-int-ca-exp.crt b/third_party/mbedtls/repo/tests/data_files/test-int-ca-exp.crt index c549654b0f0..835c7dbbfcb 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-int-ca-exp.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-int-ca-exp.crt @@ -1,7 +1,7 @@ -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR @@ -16,9 +16,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX -Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep -773Ap7Gxpk168id1EFhvW22YabKs +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR +07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf +z0BtLCVhFwQlrzCqgXC98SGfT6sZ -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-int-ca.crt b/third_party/mbedtls/repo/tests/data_files/test-int-ca.crt index cbe99e0a625..8b2846d3b4d 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-int-ca.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-int-ca.crt @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -16,9 +16,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-int-ca2.crt b/third_party/mbedtls/repo/tests/data_files/test-int-ca2.crt index 9ce44c2310e..80f39b9cf73 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-int-ca2.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-int-ca2.crt @@ -1,18 +1,18 @@ -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-int-ca3-badsign.crt b/third_party/mbedtls/repo/tests/data_files/test-int-ca3-badsign.crt index 2087056e8e0..8c363152b16 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-int-ca3-badsign.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-int-ca3-badsign.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWf0= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg10== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/data_files/test-int-ca3.crt b/third_party/mbedtls/repo/tests/data_files/test-int-ca3.crt index 7e724b241df..3aa64b137dd 100644 --- a/third_party/mbedtls/repo/tests/data_files/test-int-ca3.crt +++ b/third_party/mbedtls/repo/tests/data_files/test-int-ca3.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- diff --git a/third_party/mbedtls/repo/tests/docker/bionic/Dockerfile b/third_party/mbedtls/repo/tests/docker/bionic/Dockerfile index 3132be9ca05..869c9558ca5 100644 --- a/third_party/mbedtls/repo/tests/docker/bionic/Dockerfile +++ b/third_party/mbedtls/repo/tests/docker/bionic/Dockerfile @@ -4,21 +4,13 @@ # ------- # Defines a Docker container suitable to build and run all tests (all.sh), # except for those that use a proprietary toolchain. +# +# WARNING: this Dockerfile is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ARG MAKEFLAGS_PARALLEL="" ARG MY_REGISTRY= diff --git a/third_party/mbedtls/repo/tests/git-scripts/README.md b/third_party/mbedtls/repo/tests/git-scripts/README.md index 29d7501b33f..23db168c37e 100644 --- a/third_party/mbedtls/repo/tests/git-scripts/README.md +++ b/third_party/mbedtls/repo/tests/git-scripts/README.md @@ -1,16 +1,16 @@ README for git hooks script =========================== git has a way to run scripts, which are invoked by specific git commands. -The git hooks are located in `/.git/hooks`, and as such are not under version control +The git hooks are located in `/.git/hooks`, and as such are not under version control for more information, see the [git documentation](https://git-scm.com/docs/githooks). -The mbed TLS git hooks are located in `/tests/git-scripts` directory, and one must create a soft link from `/.git/hooks` to `/tesst/git-scripts`, in order to make the hook scripts successfully work. +The Mbed TLS git hooks are located in `/tests/git-scripts` directory, and one must create a soft link from `/.git/hooks` to `/tests/git-scripts`, in order to make the hook scripts successfully work. Example: -Execute the following command to create a link on linux from the mbed TLS `.git/hooks` directory: +Execute the following command to create a link on Linux from the Mbed TLS `.git/hooks` directory: `ln -s ../../tests/git-scripts/pre-push.sh pre-push` -**Note: Currently the mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!** +**Note: Currently the Mbed TLS git hooks work only on a GNU platform. If using a non-GNU platform, don't enable these hooks!** These scripts can also be used independently. diff --git a/third_party/mbedtls/repo/tests/git-scripts/pre-commit.sh b/third_party/mbedtls/repo/tests/git-scripts/pre-commit.sh index fb28dad91f4..04f4fa720b5 100755 --- a/third_party/mbedtls/repo/tests/git-scripts/pre-commit.sh +++ b/third_party/mbedtls/repo/tests/git-scripts/pre-commit.sh @@ -3,19 +3,7 @@ # pre-commit.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Purpose # diff --git a/third_party/mbedtls/repo/tests/git-scripts/pre-push.sh b/third_party/mbedtls/repo/tests/git-scripts/pre-push.sh index ce43467b41a..9192678a5c1 100755 --- a/third_party/mbedtls/repo/tests/git-scripts/pre-push.sh +++ b/third_party/mbedtls/repo/tests/git-scripts/pre-push.sh @@ -2,19 +2,7 @@ # pre-push.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/third_party/mbedtls/repo/tests/include/baremetal-override/time.h b/third_party/mbedtls/repo/tests/include/baremetal-override/time.h new file mode 100644 index 00000000000..0a44275e765 --- /dev/null +++ b/third_party/mbedtls/repo/tests/include/baremetal-override/time.h @@ -0,0 +1,6 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/third_party/mbedtls/repo/tests/include/spe/crypto_spe.h b/third_party/mbedtls/repo/tests/include/spe/crypto_spe.h index f80fd86bdc2..fdf3a2db5a3 100644 --- a/third_party/mbedtls/repo/tests/include/spe/crypto_spe.h +++ b/third_party/mbedtls/repo/tests/include/spe/crypto_spe.h @@ -1,20 +1,19 @@ /* - * Copyright (c) 2019-2021, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ /** * \file crypto_spe.h * - * \brief When Mbed Crypto is built with the MBEDTLS_PSA_CRYPTO_SPM option - * enabled, this header is included by all .c files in Mbed Crypto that + * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option + * enabled, this header is included by all .c files in Mbed TLS that * use PSA Crypto function names. This avoids duplication of symbols - * between TF-M and Mbed Crypto. + * between TF-M and Mbed TLS. * * \note This file should be included before including any PSA Crypto headers - * from Mbed Crypto. + * from Mbed TLS. */ #ifndef CRYPTO_SPE_H @@ -23,110 +22,110 @@ #define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x #define psa_crypto_init \ - PSA_FUNCTION_NAME(psa_crypto_init) + PSA_FUNCTION_NAME(psa_crypto_init) #define psa_key_derivation_get_capacity \ - PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) + PSA_FUNCTION_NAME(psa_key_derivation_get_capacity) #define psa_key_derivation_set_capacity \ - PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) + PSA_FUNCTION_NAME(psa_key_derivation_set_capacity) #define psa_key_derivation_input_bytes \ - PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) + PSA_FUNCTION_NAME(psa_key_derivation_input_bytes) #define psa_key_derivation_output_bytes \ - PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) + PSA_FUNCTION_NAME(psa_key_derivation_output_bytes) #define psa_key_derivation_input_key \ - PSA_FUNCTION_NAME(psa_key_derivation_input_key) + PSA_FUNCTION_NAME(psa_key_derivation_input_key) #define psa_key_derivation_output_key \ - PSA_FUNCTION_NAME(psa_key_derivation_output_key) + PSA_FUNCTION_NAME(psa_key_derivation_output_key) #define psa_key_derivation_setup \ - PSA_FUNCTION_NAME(psa_key_derivation_setup) + PSA_FUNCTION_NAME(psa_key_derivation_setup) #define psa_key_derivation_abort \ - PSA_FUNCTION_NAME(psa_key_derivation_abort) + PSA_FUNCTION_NAME(psa_key_derivation_abort) #define psa_key_derivation_key_agreement \ - PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) + PSA_FUNCTION_NAME(psa_key_derivation_key_agreement) #define psa_raw_key_agreement \ - PSA_FUNCTION_NAME(psa_raw_key_agreement) + PSA_FUNCTION_NAME(psa_raw_key_agreement) #define psa_generate_random \ - PSA_FUNCTION_NAME(psa_generate_random) + PSA_FUNCTION_NAME(psa_generate_random) #define psa_aead_encrypt \ - PSA_FUNCTION_NAME(psa_aead_encrypt) + PSA_FUNCTION_NAME(psa_aead_encrypt) #define psa_aead_decrypt \ - PSA_FUNCTION_NAME(psa_aead_decrypt) + PSA_FUNCTION_NAME(psa_aead_decrypt) #define psa_open_key \ - PSA_FUNCTION_NAME(psa_open_key) + PSA_FUNCTION_NAME(psa_open_key) #define psa_close_key \ - PSA_FUNCTION_NAME(psa_close_key) + PSA_FUNCTION_NAME(psa_close_key) #define psa_import_key \ - PSA_FUNCTION_NAME(psa_import_key) + PSA_FUNCTION_NAME(psa_import_key) #define psa_destroy_key \ - PSA_FUNCTION_NAME(psa_destroy_key) + PSA_FUNCTION_NAME(psa_destroy_key) #define psa_get_key_attributes \ - PSA_FUNCTION_NAME(psa_get_key_attributes) + PSA_FUNCTION_NAME(psa_get_key_attributes) #define psa_reset_key_attributes \ - PSA_FUNCTION_NAME(psa_reset_key_attributes) + PSA_FUNCTION_NAME(psa_reset_key_attributes) #define psa_export_key \ - PSA_FUNCTION_NAME(psa_export_key) + PSA_FUNCTION_NAME(psa_export_key) #define psa_export_public_key \ - PSA_FUNCTION_NAME(psa_export_public_key) + PSA_FUNCTION_NAME(psa_export_public_key) #define psa_purge_key \ - PSA_FUNCTION_NAME(psa_purge_key) + PSA_FUNCTION_NAME(psa_purge_key) #define psa_copy_key \ - PSA_FUNCTION_NAME(psa_copy_key) + PSA_FUNCTION_NAME(psa_copy_key) #define psa_cipher_operation_init \ - PSA_FUNCTION_NAME(psa_cipher_operation_init) + PSA_FUNCTION_NAME(psa_cipher_operation_init) #define psa_cipher_generate_iv \ - PSA_FUNCTION_NAME(psa_cipher_generate_iv) + PSA_FUNCTION_NAME(psa_cipher_generate_iv) #define psa_cipher_set_iv \ - PSA_FUNCTION_NAME(psa_cipher_set_iv) + PSA_FUNCTION_NAME(psa_cipher_set_iv) #define psa_cipher_encrypt_setup \ - PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) + PSA_FUNCTION_NAME(psa_cipher_encrypt_setup) #define psa_cipher_decrypt_setup \ - PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) + PSA_FUNCTION_NAME(psa_cipher_decrypt_setup) #define psa_cipher_update \ - PSA_FUNCTION_NAME(psa_cipher_update) + PSA_FUNCTION_NAME(psa_cipher_update) #define psa_cipher_finish \ - PSA_FUNCTION_NAME(psa_cipher_finish) + PSA_FUNCTION_NAME(psa_cipher_finish) #define psa_cipher_abort \ - PSA_FUNCTION_NAME(psa_cipher_abort) + PSA_FUNCTION_NAME(psa_cipher_abort) #define psa_hash_operation_init \ - PSA_FUNCTION_NAME(psa_hash_operation_init) + PSA_FUNCTION_NAME(psa_hash_operation_init) #define psa_hash_setup \ - PSA_FUNCTION_NAME(psa_hash_setup) + PSA_FUNCTION_NAME(psa_hash_setup) #define psa_hash_update \ - PSA_FUNCTION_NAME(psa_hash_update) + PSA_FUNCTION_NAME(psa_hash_update) #define psa_hash_finish \ - PSA_FUNCTION_NAME(psa_hash_finish) + PSA_FUNCTION_NAME(psa_hash_finish) #define psa_hash_verify \ - PSA_FUNCTION_NAME(psa_hash_verify) + PSA_FUNCTION_NAME(psa_hash_verify) #define psa_hash_abort \ - PSA_FUNCTION_NAME(psa_hash_abort) + PSA_FUNCTION_NAME(psa_hash_abort) #define psa_hash_clone \ - PSA_FUNCTION_NAME(psa_hash_clone) + PSA_FUNCTION_NAME(psa_hash_clone) #define psa_hash_compute \ - PSA_FUNCTION_NAME(psa_hash_compute) + PSA_FUNCTION_NAME(psa_hash_compute) #define psa_hash_compare \ - PSA_FUNCTION_NAME(psa_hash_compare) + PSA_FUNCTION_NAME(psa_hash_compare) #define psa_mac_operation_init \ - PSA_FUNCTION_NAME(psa_mac_operation_init) + PSA_FUNCTION_NAME(psa_mac_operation_init) #define psa_mac_sign_setup \ - PSA_FUNCTION_NAME(psa_mac_sign_setup) + PSA_FUNCTION_NAME(psa_mac_sign_setup) #define psa_mac_verify_setup \ - PSA_FUNCTION_NAME(psa_mac_verify_setup) + PSA_FUNCTION_NAME(psa_mac_verify_setup) #define psa_mac_update \ - PSA_FUNCTION_NAME(psa_mac_update) + PSA_FUNCTION_NAME(psa_mac_update) #define psa_mac_sign_finish \ - PSA_FUNCTION_NAME(psa_mac_sign_finish) + PSA_FUNCTION_NAME(psa_mac_sign_finish) #define psa_mac_verify_finish \ - PSA_FUNCTION_NAME(psa_mac_verify_finish) + PSA_FUNCTION_NAME(psa_mac_verify_finish) #define psa_mac_abort \ - PSA_FUNCTION_NAME(psa_mac_abort) + PSA_FUNCTION_NAME(psa_mac_abort) #define psa_sign_hash \ - PSA_FUNCTION_NAME(psa_sign_hash) + PSA_FUNCTION_NAME(psa_sign_hash) #define psa_verify_hash \ - PSA_FUNCTION_NAME(psa_verify_hash) + PSA_FUNCTION_NAME(psa_verify_hash) #define psa_asymmetric_encrypt \ - PSA_FUNCTION_NAME(psa_asymmetric_encrypt) + PSA_FUNCTION_NAME(psa_asymmetric_encrypt) #define psa_asymmetric_decrypt \ - PSA_FUNCTION_NAME(psa_asymmetric_decrypt) + PSA_FUNCTION_NAME(psa_asymmetric_decrypt) #define psa_generate_key \ - PSA_FUNCTION_NAME(psa_generate_key) + PSA_FUNCTION_NAME(psa_generate_key) #endif /* CRYPTO_SPE_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/arguments.h b/third_party/mbedtls/repo/tests/include/test/arguments.h new file mode 100644 index 00000000000..c672104ce39 --- /dev/null +++ b/third_party/mbedtls/repo/tests/include/test/arguments.h @@ -0,0 +1,31 @@ +/** + * \file arguments.h + * + * \brief Manipulation of test arguments. + * + * Much of the code is in host_test.function, to be migrated here later. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TEST_ARGUMENTS_H +#define TEST_ARGUMENTS_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include +#include + +typedef union { + size_t len; + intmax_t sint; +} mbedtls_test_argument_t; + +#endif /* TEST_ARGUMENTS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/asn1_helpers.h b/third_party/mbedtls/repo/tests/include/test/asn1_helpers.h index 91ae2602666..2eb91712820 100644 --- a/third_party/mbedtls/repo/tests/include/test/asn1_helpers.h +++ b/third_party/mbedtls/repo/tests/include/test/asn1_helpers.h @@ -2,19 +2,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ASN1_HELPERS_H @@ -43,8 +31,8 @@ * * \return \c 0 if the test failed, otherwise 1. */ -int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end, - size_t min_bits, size_t max_bits, - int must_be_odd ); +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd); #endif /* ASN1_HELPERS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/constant_flow.h b/third_party/mbedtls/repo/tests/include/test/constant_flow.h index af64011669e..85fd1a5b7be 100644 --- a/third_party/mbedtls/repo/tests/include/test/constant_flow.h +++ b/third_party/mbedtls/repo/tests/include/test/constant_flow.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_CONSTANT_FLOW_H @@ -50,6 +38,12 @@ * This file contains two implementations: one based on MemorySanitizer, the * other on valgrind's memcheck. If none of them is enabled, dummy macros that * do nothing are defined for convenience. + * + * \note #TEST_CF_SECRET must be called directly from within a .function file, + * not indirectly via a macro defined under tests/include or a function + * under tests/src. This is because we only run Valgrind for constant + * flow on test suites that have greppable annotations inside them (see + * `skip_suites_without_constant_flow` in `tests/scripts/all.sh`). */ #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/aead.h b/third_party/mbedtls/repo/tests/include/test/drivers/aead.h index 2207cb36fe2..4c01214dc7c 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/aead.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/aead.h @@ -2,19 +2,7 @@ * Test driver for AEAD driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H @@ -41,10 +29,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_AEAD_INIT { 0, 0, 0 } static inline mbedtls_test_driver_aead_hooks_t - mbedtls_test_driver_aead_hooks_init( void ) +mbedtls_test_driver_aead_hooks_init(void) { const mbedtls_test_driver_aead_hooks_t v = MBEDTLS_TEST_DRIVER_AEAD_INIT; - return( v ); + return v; } extern mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks; @@ -56,7 +44,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ); + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); psa_status_t mbedtls_test_transparent_aead_decrypt( const psa_key_attributes_t *attributes, @@ -65,7 +53,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ); + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/cipher.h b/third_party/mbedtls/repo/tests/include/test/drivers/cipher.h index c1aa616b52f..3a2a01b4f38 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/cipher.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/cipher.h @@ -2,19 +2,7 @@ * Test driver for cipher functions */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H @@ -45,10 +33,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } static inline mbedtls_test_driver_cipher_hooks_t - mbedtls_test_driver_cipher_hooks_init( void ) +mbedtls_test_driver_cipher_hooks_init(void) { const mbedtls_test_driver_cipher_hooks_t v = MBEDTLS_TEST_DRIVER_CIPHER_INIT; - return( v ); + return v; } extern mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks; @@ -81,7 +69,7 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_cipher_abort( - mbedtls_transparent_test_driver_cipher_operation_t *operation ); + mbedtls_transparent_test_driver_cipher_operation_t *operation); psa_status_t mbedtls_test_transparent_cipher_set_iv( mbedtls_transparent_test_driver_cipher_operation_t *operation, diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/config_test_driver.h b/third_party/mbedtls/repo/tests/include/test/drivers/config_test_driver.h index 97be72d2fbe..13c1754cbef 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/config_test_driver.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/config_test_driver.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_H @@ -39,6 +27,7 @@ #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define MBEDTLS_CTR_DRBG_C #define MBEDTLS_ENTROPY_C +#define MBEDTLS_POLY1305_C /* * Configuration options that may need to be additionally enabled for the diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/crypto_config_test_driver_extension.h b/third_party/mbedtls/repo/tests/include/test/drivers/crypto_config_test_driver_extension.h index f5be7b38504..a285bc743b6 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -158,6 +158,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) +#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 +#else +#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1 +#endif +#endif + #if defined(PSA_WANT_KEY_TYPE_AES) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES @@ -166,6 +174,14 @@ #endif #endif +#if defined(PSA_WANT_KEY_TYPE_ARIA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1 +#endif +#endif + #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA @@ -182,6 +198,14 @@ #endif #endif +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif +#endif + #if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR @@ -190,9 +214,24 @@ #endif #endif +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_CHACHA20) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 +#endif +#endif + #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1 #define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 #define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 #define MBEDTLS_PSA_ACCEL_ALG_ECDH 1 @@ -224,8 +263,5 @@ #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/hash.h b/third_party/mbedtls/repo/tests/include/test/drivers/hash.h index 865cd743306..36e889b5301 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/hash.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/hash.h @@ -2,19 +2,7 @@ * Test driver for hash driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H @@ -41,10 +29,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_HASH_INIT { 0, 0, 0 } static inline mbedtls_test_driver_hash_hooks_t - mbedtls_test_driver_hash_hooks_init( void ) +mbedtls_test_driver_hash_hooks_init(void) { const mbedtls_test_driver_hash_hooks_t v = MBEDTLS_TEST_DRIVER_HASH_INIT; - return( v ); + return v; } extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; @@ -52,29 +40,29 @@ extern mbedtls_test_driver_hash_hooks_t mbedtls_test_driver_hash_hooks; psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, size_t *hash_length ); + uint8_t *hash, size_t hash_size, size_t *hash_length); psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ); + mbedtls_transparent_test_driver_hash_operation_t *target_operation); psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ); + size_t *hash_length); psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ); + mbedtls_transparent_test_driver_hash_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/key_management.h b/third_party/mbedtls/repo/tests/include/test/drivers/key_management.h index bb08bf6b894..003a35d6414 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/key_management.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/key_management.h @@ -2,19 +2,7 @@ * Test driver for generating and verifying keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H @@ -42,47 +30,53 @@ typedef struct { /* Count the amount of times one of the key management driver functions * is called. */ unsigned long hits; + /* Location of the last key management driver called to import a key. */ + psa_key_location_t location; } mbedtls_test_driver_key_management_hooks_t; -#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0 } +/* The location is initialized to the invalid value 0x800000. Invalid in the + * sense that no PSA specification will assign a meaning to this location + * (stated first in version 1.0.1 of the specification) and that it is not + * used as a location of an opaque test drivers. */ +#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0x800000 } static inline mbedtls_test_driver_key_management_hooks_t - mbedtls_test_driver_key_management_hooks_init( void ) +mbedtls_test_driver_key_management_hooks_init(void) { const mbedtls_test_driver_key_management_hooks_t v = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; - return( v ); + return v; } extern mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks; -psa_status_t mbedtls_test_transparent_init( void ); -void mbedtls_test_transparent_free( void ); -psa_status_t mbedtls_test_opaque_init( void ); -void mbedtls_test_opaque_free( void ); +psa_status_t mbedtls_test_transparent_init(void); +void mbedtls_test_transparent_free(void); +psa_status_t mbedtls_test_opaque_init(void); +void mbedtls_test_opaque_free(void); psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); + uint8_t *key, size_t key_size, size_t *key_length); psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ); + uint8_t *key, size_t key_size, size_t *key_length); psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ); + uint8_t *data, size_t data_size, size_t *data_length); psa_status_t mbedtls_test_transparent_import_key( const psa_key_attributes_t *attributes, @@ -96,7 +90,7 @@ psa_status_t mbedtls_test_transparent_import_key( psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/mac.h b/third_party/mbedtls/repo/tests/include/test/drivers/mac.h index 7733dd341c9..71008a03a06 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/mac.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/mac.h @@ -2,19 +2,7 @@ * Test driver for MAC driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H @@ -41,10 +29,10 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_MAC_INIT { 0, 0, 0 } static inline mbedtls_test_driver_mac_hooks_t - mbedtls_test_driver_mac_hooks_init( void ) +mbedtls_test_driver_mac_hooks_init(void) { const mbedtls_test_driver_mac_hooks_t v = MBEDTLS_TEST_DRIVER_MAC_INIT; - return( v ); + return v; } extern mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks; @@ -58,40 +46,40 @@ psa_status_t mbedtls_test_transparent_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_transparent_mac_sign_setup( mbedtls_transparent_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_mac_verify_setup( mbedtls_transparent_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_transparent_mac_update( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_transparent_mac_sign_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_transparent_mac_verify_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t mbedtls_test_transparent_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ); + mbedtls_transparent_test_driver_mac_operation_t *operation); psa_status_t mbedtls_test_opaque_mac_compute( const psa_key_attributes_t *attributes, @@ -102,40 +90,40 @@ psa_status_t mbedtls_test_opaque_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_opaque_mac_sign_setup( mbedtls_opaque_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_opaque_mac_verify_setup( mbedtls_opaque_test_driver_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ); + psa_algorithm_t alg); psa_status_t mbedtls_test_opaque_mac_update( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ); + size_t input_length); psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ); + size_t *mac_length); psa_status_t mbedtls_test_opaque_mac_verify_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ); + size_t mac_length); psa_status_t mbedtls_test_opaque_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ); + mbedtls_opaque_test_driver_mac_operation_t *operation); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_MAC_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/signature.h b/third_party/mbedtls/repo/tests/include/test/drivers/signature.h index 5e64edc3c80..788761f9681 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/signature.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/signature.h @@ -2,19 +2,7 @@ * Test driver for signature functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H @@ -42,11 +30,11 @@ typedef struct { #define MBEDTLS_TEST_DRIVER_SIGNATURE_INIT { NULL, 0, PSA_SUCCESS, 0 } static inline mbedtls_test_driver_signature_hooks_t - mbedtls_test_driver_signature_hooks_init( void ) +mbedtls_test_driver_signature_hooks_init(void) { const mbedtls_test_driver_signature_hooks_t v = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; - return( v ); + return v; } extern mbedtls_test_driver_signature_hooks_t @@ -63,7 +51,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t mbedtls_test_opaque_signature_sign_message( const psa_key_attributes_t *attributes, @@ -74,7 +62,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ); + size_t *signature_length); psa_status_t mbedtls_test_transparent_signature_verify_message( const psa_key_attributes_t *attributes, @@ -84,7 +72,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t mbedtls_test_opaque_signature_verify_message( const psa_key_attributes_t *attributes, @@ -94,35 +82,35 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ); + size_t signature_length); psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t mbedtls_test_opaque_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ); + uint8_t *signature, size_t signature_size, size_t *signature_length); psa_status_t mbedtls_test_transparent_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ); + const uint8_t *signature, size_t signature_length); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/size.h b/third_party/mbedtls/repo/tests/include/test/drivers/size.h index b2665bdda53..d572e63000d 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/size.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/size.h @@ -2,19 +2,7 @@ * Test driver for context size functions */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIZE_H @@ -31,7 +19,7 @@ size_t mbedtls_test_size_function( const psa_key_type_t key_type, - const size_t key_bits ); + const size_t key_bits); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVERS_SIZE_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/drivers/test_driver.h b/third_party/mbedtls/repo/tests/include/test/drivers/test_driver.h index 5b60932d3a4..64d1f949064 100644 --- a/third_party/mbedtls/repo/tests/include/test/drivers/test_driver.h +++ b/third_party/mbedtls/repo/tests/include/test/drivers/test_driver.h @@ -2,19 +2,7 @@ * Umbrella include for all of the test driver functionality */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVER_H diff --git a/third_party/mbedtls/repo/tests/include/test/fake_external_rng_for_test.h b/third_party/mbedtls/repo/tests/include/test/fake_external_rng_for_test.h index faeef22e86b..859b60bfdf3 100644 --- a/third_party/mbedtls/repo/tests/include/test/fake_external_rng_for_test.h +++ b/third_party/mbedtls/repo/tests/include/test/fake_external_rng_for_test.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H @@ -44,13 +32,13 @@ * of the PSA subsystem. You may disable it temporarily to simulate a * depleted entropy source. */ -void mbedtls_test_enable_insecure_external_rng( void ); +void mbedtls_test_enable_insecure_external_rng(void); /** Disable the insecure implementation of mbedtls_psa_external_get_random(). * * See mbedtls_test_enable_insecure_external_rng(). */ -void mbedtls_test_disable_insecure_external_rng( void ); +void mbedtls_test_disable_insecure_external_rng(void); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #endif /* FAKE_EXTERNAL_RNG_FOR_TEST_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/helpers.h b/third_party/mbedtls/repo/tests/include/test/helpers.h index 5d101902ba5..fde8cc5c2ae 100644 --- a/third_party/mbedtls/repo/tests/include/test/helpers.h +++ b/third_party/mbedtls/repo/tests/include/test/helpers.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_HELPERS_H @@ -36,20 +24,7 @@ #define MBEDTLS_TEST_MUTEX_USAGE #endif -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_fprintf fprintf -#define mbedtls_snprintf snprintf -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_exit exit -#define mbedtls_time time -#define mbedtls_time_t time_t -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #include #include @@ -58,15 +33,19 @@ #include "mbedtls/bignum.h" #endif -typedef enum -{ +/** The type of test case arguments that contain binary data. */ +typedef struct data_tag { + uint8_t *x; + uint32_t len; +} data_t; + +typedef enum { MBEDTLS_TEST_RESULT_SUCCESS = 0, MBEDTLS_TEST_RESULT_FAILED, MBEDTLS_TEST_RESULT_SKIPPED } mbedtls_test_result_t; -typedef struct -{ +typedef struct { mbedtls_test_result_t result; const char *test; const char *filename; @@ -81,8 +60,8 @@ typedef struct mbedtls_test_info_t; extern mbedtls_test_info_t mbedtls_test_info; -int mbedtls_test_platform_setup( void ); -void mbedtls_test_platform_teardown( void ); +int mbedtls_test_platform_setup(void); +void mbedtls_test_platform_teardown(void); /** * \brief Record the current test case as a failure. @@ -100,7 +79,7 @@ void mbedtls_test_platform_teardown( void ); * \param line_no Line number where the failure originated. * \param filename Filename where the failure originated. */ -void mbedtls_test_fail( const char *test, int line_no, const char* filename ); +void mbedtls_test_fail(const char *test, int line_no, const char *filename); /** * \brief Record the current test case as skipped. @@ -113,7 +92,7 @@ void mbedtls_test_fail( const char *test, int line_no, const char* filename ); * \param line_no Line number where the test case was skipped. * \param filename Filename where the test case was skipped. */ -void mbedtls_test_skip( const char *test, int line_no, const char* filename ); +void mbedtls_test_skip(const char *test, int line_no, const char *filename); /** * \brief Set the test step number for failure reports. @@ -125,12 +104,12 @@ void mbedtls_test_skip( const char *test, int line_no, const char* filename ); * * \param step The step number to report. */ -void mbedtls_test_set_step( unsigned long step ); +void mbedtls_test_set_step(unsigned long step); /** * \brief Reset mbedtls_test_info to a ready/starting state. */ -void mbedtls_test_info_reset( void ); +void mbedtls_test_info_reset(void); /** * \brief Record the current test case as a failure if two integers @@ -150,8 +129,50 @@ void mbedtls_test_info_reset( void ); * * \return \c 1 if the values are equal, otherwise \c 0. */ -int mbedtls_test_equal( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ); +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); + +/** + * \brief Record the current test case as a failure based + * on comparing two unsigned integers. + * + * This function is usually called via the macro + * #TEST_LE_U. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. This normally has the form + * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1 + * and EXPR2 has the value \p value2. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + * \param value1 The first value to compare. + * \param value2 The second value to compare. + * + * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. + */ +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2); + +/** + * \brief Record the current test case as a failure based + * on comparing two signed integers. + * + * This function is usually called via the macro + * #TEST_LE_S. + * + * \param test Description of the failure or assertion that failed. This + * MUST be a string literal. This normally has the form + * "EXPR1 <= EXPR2" where EXPR1 has the value \p value1 + * and EXPR2 has the value \p value2. + * \param line_no Line number where the failure originated. + * \param filename Filename where the failure originated. + * \param value1 The first value to compare. + * \param value2 The second value to compare. + * + * \return \c 1 if \p value1 <= \p value2, otherwise \c 0. + */ +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2); /** * \brief This function decodes the hexadecimal representation of @@ -171,12 +192,12 @@ int mbedtls_test_equal( const char *test, int line_no, const char* filename, * \return \c -1 if the output buffer is too small or the input string * is not a valid hexadecimal representation. */ -int mbedtls_test_unhexify( unsigned char *obuf, size_t obufmax, - const char *ibuf, size_t *len ); +int mbedtls_test_unhexify(unsigned char *obuf, size_t obufmax, + const char *ibuf, size_t *len); -void mbedtls_test_hexify( unsigned char *obuf, - const unsigned char *ibuf, - int len ); +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len); /** * Allocate and zeroize a buffer. @@ -185,7 +206,7 @@ void mbedtls_test_hexify( unsigned char *obuf, * * For convenience, dies if allocation fails. */ -unsigned char *mbedtls_test_zero_alloc( size_t len ); +unsigned char *mbedtls_test_zero_alloc(size_t len); /** * Allocate and fill a buffer from hex data. @@ -197,15 +218,14 @@ unsigned char *mbedtls_test_zero_alloc( size_t len ); * * For convenience, dies if allocation fails. */ -unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen ); +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen); -int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, - uint32_t a_len, uint32_t b_len ); +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len); #if defined(MBEDTLS_CHECK_PARAMS) -typedef struct -{ +typedef struct { const char *failure_condition; const char *file; int line; @@ -221,7 +241,7 @@ mbedtls_test_param_failed_location_record_t; * mbedtls_param_failed() that cancels it. */ void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ); + mbedtls_test_param_failed_location_record_t *location_record); /** * \brief State that a call to mbedtls_param_failed() is expected. @@ -230,7 +250,7 @@ void mbedtls_test_param_failed_get_location_record( * mbedtls_test_param_failed_check_expected_call() or * mbedtls_param_failed that cancel it. */ -void mbedtls_test_param_failed_expect_call( void ); +void mbedtls_test_param_failed_expect_call(void); /** * \brief Check whether mbedtls_param_failed() has been called as expected. @@ -243,7 +263,7 @@ void mbedtls_test_param_failed_expect_call( void ); * mbedtls_param_failed() has been called. * \c -1 Otherwise. */ -int mbedtls_test_param_failed_check_expected_call( void ); +int mbedtls_test_param_failed_check_expected_call(void); /** * \brief Get the address of the object of type jmp_buf holding the execution @@ -272,7 +292,7 @@ int mbedtls_test_param_failed_check_expected_call( void ); * \return Address of the object of type jmp_buf holding the execution state * information used by mbedtls_param_failed() to do a long jump. */ -void* mbedtls_test_param_failed_get_state_buf( void ); +void *mbedtls_test_param_failed_get_state_buf(void); /** * \brief Reset the execution state used by mbedtls_param_failed() to do a @@ -288,7 +308,7 @@ void* mbedtls_test_param_failed_get_state_buf( void ); * mbedtls_param_failed() will not trigger a long jump with * undefined behavior but rather a long jump that will rather fault. */ -void mbedtls_test_param_failed_reset_state( void ); +void mbedtls_test_param_failed_reset_state(void); #endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) @@ -298,11 +318,11 @@ void mbedtls_test_param_failed_reset_state( void ); #if defined(MBEDTLS_TEST_MUTEX_USAGE) /** Permanently activate the mutex usage verification framework. See * threading_helpers.c for information. */ -void mbedtls_test_mutex_usage_init( void ); +void mbedtls_test_mutex_usage_init(void); /** Call this function after executing a test case to check for mutex usage * errors. */ -void mbedtls_test_mutex_usage_check( void ); +void mbedtls_test_mutex_usage_check(void); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ #if defined(MBEDTLS_TEST_HOOKS) @@ -317,29 +337,41 @@ void mbedtls_test_mutex_usage_check( void ); * * \note If the check fails, fail the test currently being run. */ -void mbedtls_test_err_add_check( int high, int low, - const char *file, int line); +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line); #endif #if defined(MBEDTLS_BIGNUM_C) -/** Read an MPI from a string. - * - * Like mbedtls_mpi_read_string(), but size the resulting bignum based - * on the number of digits in the string. In particular, construct a - * bignum with 0 limbs for an empty string, and a bignum with leading 0 - * limbs if the string has sufficiently many leading 0 digits. - * - * This is important so that the "0 (null)" and "0 (1 limb)" and - * "leading zeros" test cases do what they claim. +/** Read an MPI from a hexadecimal string. + * + * Like mbedtls_mpi_read_string(), but with tighter guarantees around + * edge cases. + * + * - This function guarantees that if \p s begins with '-' then the sign + * bit of the result will be negative, even if the value is 0. + * When this function encounters such a "negative 0", it + * increments #mbedtls_test_case_uses_negative_0. + * - The size of the result is exactly the minimum number of limbs needed + * to fit the digits in the input. In particular, this function constructs + * a bignum with 0 limbs for an empty string, and a bignum with leading 0 + * limbs if the string has sufficiently many leading 0 digits. + * This is important so that the "0 (null)" and "0 (1 limb)" and + * "leading zeros" test cases do what they claim. * * \param[out] X The MPI object to populate. It must be initialized. - * \param radix The radix (2 to 16). - * \param[in] s The null-terminated string to read from. + * \param[in] s The null-terminated hexadecimal string to read from. * * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise. */ -/* Since the library has exactly the desired behavior, this is trivial. */ -int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ); +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s); + +/** Nonzero if the current test case had an input parsed with + * mbedtls_test_read_mpi() that is a negative 0 (`"-"`, `"-0"`, `"-00"`, etc., + * constructing a result with the sign bit set to -1 and the value being + * all-limbs-0, which is not a valid representation in #mbedtls_mpi but is + * tested for robustness). + */ +extern unsigned mbedtls_test_case_uses_negative_0; #endif /* MBEDTLS_BIGNUM_C */ #endif /* TEST_HELPERS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/macros.h b/third_party/mbedtls/repo/tests/include/test/macros.h index 7b4c2f6c98b..c50459d288c 100644 --- a/third_party/mbedtls/repo/tests/include/test/macros.h +++ b/third_party/mbedtls/repo/tests/include/test/macros.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_MACROS_H @@ -32,20 +20,7 @@ #include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_fprintf fprintf -#define mbedtls_snprintf snprintf -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_exit exit -#define mbedtls_time time -#define mbedtls_time_t time_t -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" @@ -75,14 +50,24 @@ * * \param TEST The test expression to be tested. */ -#define TEST_ASSERT( TEST ) \ +#define TEST_ASSERT(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - goto exit; \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + goto exit; \ + } \ + } while (0) + +/** This macro asserts fails the test with given output message. + * + * \param MESSAGE The message to be outputed on assertion + */ +#define TEST_FAIL(MESSAGE) \ + do { \ + mbedtls_test_fail(MESSAGE, __LINE__, __FILE__); \ + goto exit; \ + } while (0) /** Evaluate two integer expressions and fail the test case if they have * different values. @@ -93,63 +78,89 @@ * \param expr1 An integral-typed expression to evaluate. * \param expr2 Another integral-typed expression to evaluate. */ -#define TEST_EQUAL( expr1, expr2 ) \ +#define TEST_EQUAL(expr1, expr2) \ do { \ - if( ! mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ - expr1, expr2 ) ) \ - goto exit; \ - } while( 0 ) + if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) + +/** Evaluate two unsigned integer expressions and fail the test case + * if they are not in increasing order (left <= right). + * + * \param expr1 An integral-typed expression to evaluate. + * \param expr2 Another integral-typed expression to evaluate. + */ +#define TEST_LE_U(expr1, expr2) \ + do { \ + if (!mbedtls_test_le_u( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) + +/** Evaluate two signed integer expressions and fail the test case + * if they are not in increasing order (left <= right). + * + * \param expr1 An integral-typed expression to evaluate. + * \param expr2 Another integral-typed expression to evaluate. + */ +#define TEST_LE_S(expr1, expr2) \ + do { \ + if (!mbedtls_test_le_s( #expr1 " <= " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) /** Allocate memory dynamically and fail the test case if this fails. * The allocated memory will be filled with zeros. * * You must set \p pointer to \c NULL before calling this macro and - * put `mbedtls_free( pointer )` in the test's cleanup code. + * put `mbedtls_free(pointer)` in the test's cleanup code. * - * If \p length is zero, the resulting \p pointer will be \c NULL. + * If \p item_count is zero, the resulting \p pointer will be \c NULL. * This is usually what we want in tests since API functions are * supposed to accept null pointers when a buffer size is zero. * * This macro expands to an instruction, not an expression. * It may jump to the \c exit label. * - * \param pointer An lvalue where the address of the allocated buffer - * will be stored. - * This expression may be evaluated multiple times. - * \param length Number of elements to allocate. - * This expression may be evaluated multiple times. + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param item_count Number of elements to allocate. + * This expression may be evaluated multiple times. * */ -#define ASSERT_ALLOC( pointer, length ) \ - do \ - { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ - { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSERT( ( pointer ) != NULL ); \ - } \ - } \ - while( 0 ) +#define TEST_CALLOC(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (item_count)); \ + TEST_ASSERT((pointer) != NULL); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count) /** Allocate memory dynamically. If the allocation fails, skip the test case. * - * This macro behaves like #ASSERT_ALLOC, except that if the allocation + * This macro behaves like #TEST_CALLOC, except that if the allocation * fails, it marks the test as skipped rather than failed. */ -#define ASSERT_ALLOC_WEAK( pointer, length ) \ - do \ - { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ - { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSUME( ( pointer ) != NULL ); \ - } \ - } \ - while( 0 ) +#define TEST_CALLOC_OR_SKIP(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (item_count)); \ + TEST_ASSUME((pointer) != NULL); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC_WEAK(pointer, item_count) TEST_CALLOC_OR_SKIP(pointer, item_count) /** Compare two buffers and fail the test case if they differ. * @@ -163,14 +174,16 @@ * \param size2 Size of the second buffer in bytes. * This expression may be evaluated multiple times. */ -#define ASSERT_COMPARE( p1, size1, p2, size2 ) \ - do \ - { \ - TEST_ASSERT( ( size1 ) == ( size2 ) ); \ - if( ( size1 ) != 0 ) \ - TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 ); \ - } \ - while( 0 ) +#define TEST_MEMORY_COMPARE(p1, size1, p2, size2) \ + do { \ + TEST_EQUAL((size1), (size2)); \ + if ((size1) != 0) { \ + TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_COMPARE(p1, size1, p2, size2) TEST_MEMORY_COMPARE(p1, size1, p2, size2) /** * \brief This macro tests the expression passed to it and skips the @@ -178,14 +191,14 @@ * * \param TEST The test expression to be tested. */ -#define TEST_ASSUME( TEST ) \ +#define TEST_ASSUME(TEST) \ do { \ - if( ! (TEST) ) \ + if (!(TEST)) \ { \ - mbedtls_test_skip( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_skip( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - } while( 0 ) + } while (0) #if defined(MBEDTLS_CHECK_PARAMS) && !defined(MBEDTLS_PARAM_FAILED_ALT) /** @@ -208,17 +221,17 @@ * * \param TEST The test expression to be tested. */ -#define TEST_INVALID_PARAM_RET( PARAM_ERR_VALUE, TEST ) \ +#define TEST_INVALID_PARAM_RET(PARAM_ERR_VALUE, TEST) \ do { \ - mbedtls_test_param_failed_expect_call( ); \ - if( ( ( TEST ) != ( PARAM_ERR_VALUE ) ) || \ - ( mbedtls_test_param_failed_check_expected_call( ) != 0 ) ) \ + mbedtls_test_param_failed_expect_call(); \ + if (((TEST) != (PARAM_ERR_VALUE)) || \ + (mbedtls_test_param_failed_check_expected_call() != 0)) \ { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - mbedtls_test_param_failed_check_expected_call( ); \ - } while( 0 ) + mbedtls_test_param_failed_check_expected_call(); \ + } while (0) /** * \brief This macro tests the statement passed to it as a test step or @@ -240,18 +253,18 @@ * * \param TEST The test expression to be tested. */ -#define TEST_INVALID_PARAM( TEST ) \ +#define TEST_INVALID_PARAM(TEST) \ do { \ - memcpy( jmp_tmp, mbedtls_test_param_failed_get_state_buf( ), \ - sizeof( jmp_tmp ) ); \ - if( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) \ + memcpy(jmp_tmp, mbedtls_test_param_failed_get_state_buf(), \ + sizeof(jmp_tmp)); \ + if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) \ { \ TEST; \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ goto exit; \ } \ - mbedtls_test_param_failed_reset_state( ); \ - } while( 0 ) + mbedtls_test_param_failed_reset_state(); \ + } while (0) #endif /* MBEDTLS_CHECK_PARAMS && !MBEDTLS_PARAM_FAILED_ALT */ /** @@ -285,15 +298,15 @@ * * \param TEST The test expression to be tested. */ -#define TEST_VALID_PARAM( TEST ) \ - TEST_ASSERT( ( TEST, 1 ) ); +#define TEST_VALID_PARAM(TEST) \ + TEST_ASSERT((TEST, 1)); -#define TEST_HELPER_ASSERT(a) if( !( a ) ) \ -{ \ - mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ - __FILE__, __LINE__, #a ); \ - mbedtls_exit( 1 ); \ -} +#define TEST_HELPER_ASSERT(a) if (!(a)) \ + { \ + mbedtls_fprintf(stderr, "Assertion Failed at %s:%d - %s\n", \ + __FILE__, __LINE__, #a); \ + mbedtls_exit(1); \ + } /** \def ARRAY_LENGTH * Return the number of elements of a static or stack array. @@ -304,34 +317,34 @@ */ /* A correct implementation of ARRAY_LENGTH, but which silently gives * a nonsensical result if called with a pointer rather than an array. */ -#define ARRAY_LENGTH_UNSAFE( array ) \ - ( sizeof( array ) / sizeof( *( array ) ) ) +#define ARRAY_LENGTH_UNSAFE(array) \ + (sizeof(array) / sizeof(*(array))) #if defined(__GNUC__) /* Test if arg and &(arg)[0] have the same type. This is true if arg is * an array but not if it's a pointer. */ -#define IS_ARRAY_NOT_POINTER( arg ) \ - ( ! __builtin_types_compatible_p( __typeof__( arg ), \ - __typeof__( &( arg )[0] ) ) ) +#define IS_ARRAY_NOT_POINTER(arg) \ + (!__builtin_types_compatible_p(__typeof__(arg), \ + __typeof__(&(arg)[0]))) /* A compile-time constant with the value 0. If `const_expr` is not a * compile-time constant with a nonzero value, cause a compile-time error. */ -#define STATIC_ASSERT_EXPR( const_expr ) \ - ( 0 && sizeof( struct { unsigned int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) ) +#define STATIC_ASSERT_EXPR(const_expr) \ + (0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); })) /* Return the scalar value `value` (possibly promoted). This is a compile-time * constant if `value` is. `condition` must be a compile-time constant. * If `condition` is false, arrange to cause a compile-time error. */ -#define STATIC_ASSERT_THEN_RETURN( condition, value ) \ - ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) ) +#define STATIC_ASSERT_THEN_RETURN(condition, value) \ + (STATIC_ASSERT_EXPR(condition) ? 0 : (value)) -#define ARRAY_LENGTH( array ) \ - ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ - ARRAY_LENGTH_UNSAFE( array ) ) ) +#define ARRAY_LENGTH(array) \ + (STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array), \ + ARRAY_LENGTH_UNSAFE(array))) #else /* If we aren't sure the compiler supports our non-standard tricks, * fall back to the unsafe implementation. */ -#define ARRAY_LENGTH( array ) ARRAY_LENGTH_UNSAFE( array ) +#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array) #endif /** Return the smaller of two values. @@ -341,7 +354,7 @@ * * \return The smaller of \p x and \p y. */ -#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) ) +#define MIN(x, y) ((x) < (y) ? (x) : (y)) /** Return the larger of two values. * @@ -350,29 +363,29 @@ * * \return The larger of \p x and \p y. */ -#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) ) +#define MAX(x, y) ((x) > (y) ? (x) : (y)) /* * 32-bit integer manipulation macros (big endian) */ #ifndef GET_UINT32_BE -#define GET_UINT32_BE(n,b,i) \ -{ \ - (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ - | ( (uint32_t) (b)[(i) + 1] << 16 ) \ - | ( (uint32_t) (b)[(i) + 2] << 8 ) \ - | ( (uint32_t) (b)[(i) + 3] ); \ -} +#define GET_UINT32_BE(n, b, i) \ + { \ + (n) = ((uint32_t) (b)[(i)] << 24) \ + | ((uint32_t) (b)[(i) + 1] << 16) \ + | ((uint32_t) (b)[(i) + 2] << 8) \ + | ((uint32_t) (b)[(i) + 3]); \ + } #endif #ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n,b,i) \ -{ \ - (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ - (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ - (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ - (b)[(i) + 3] = (unsigned char) ( (n) ); \ -} +#define PUT_UINT32_BE(n, b, i) \ + { \ + (b)[(i)] = (unsigned char) ((n) >> 24); \ + (b)[(i) + 1] = (unsigned char) ((n) >> 16); \ + (b)[(i) + 2] = (unsigned char) ((n) >> 8); \ + (b)[(i) + 3] = (unsigned char) ((n)); \ + } #endif #endif /* TEST_MACROS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/psa_crypto_helpers.h b/third_party/mbedtls/repo/tests/include/test/psa_crypto_helpers.h index f5622e2d2d1..8d0f7e69d3d 100644 --- a/third_party/mbedtls/repo/tests/include/test/psa_crypto_helpers.h +++ b/third_party/mbedtls/repo/tests/include/test/psa_crypto_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HELPERS_H @@ -36,11 +24,11 @@ #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */ -int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id ); +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id); /** Destroy persistent keys recorded with #TEST_USES_KEY_ID. */ -void mbedtls_test_psa_purge_key_storage( void ); +void mbedtls_test_psa_purge_key_storage(void); /** Purge the in-memory cache of persistent keys recorded with * #TEST_USES_KEY_ID. @@ -48,7 +36,7 @@ void mbedtls_test_psa_purge_key_storage( void ); * Call this function before calling PSA_DONE() if it's ok for * persistent keys to still exist at this point. */ -void mbedtls_test_psa_purge_key_cache( void ); +void mbedtls_test_psa_purge_key_cache(void); /** \def TEST_USES_KEY_ID * @@ -75,18 +63,18 @@ void mbedtls_test_psa_purge_key_cache( void ); * * \param key_id The PSA key identifier to record. */ -#define TEST_USES_KEY_ID( key_id ) \ - TEST_ASSERT( mbedtls_test_uses_key_id( key_id ) ) +#define TEST_USES_KEY_ID(key_id) \ + TEST_ASSERT(mbedtls_test_uses_key_id(key_id)) #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define TEST_USES_KEY_ID( key_id ) ( (void) ( key_id ) ) -#define mbedtls_test_psa_purge_key_storage( ) ( (void) 0 ) -#define mbedtls_test_psa_purge_key_cache( ) ( (void) 0 ) +#define TEST_USES_KEY_ID(key_id) ((void) (key_id)) +#define mbedtls_test_psa_purge_key_storage() ((void) 0) +#define mbedtls_test_psa_purge_key_cache() ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define PSA_INIT( ) PSA_ASSERT( psa_crypto_init( ) ) +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) /** Check for things that have not been cleaned up properly in the * PSA subsystem. @@ -95,7 +83,7 @@ void mbedtls_test_psa_purge_key_cache( void ); * \return A string literal explaining what has not been cleaned up * if applicable. */ -const char *mbedtls_test_helper_is_psa_leaking( void ); +const char *mbedtls_test_helper_is_psa_leaking(void); /** Check that no PSA Crypto key slots are in use. * @@ -104,13 +92,13 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )` * but with a more informative message. */ -#define ASSERT_PSA_PRISTINE( ) \ +#define ASSERT_PSA_PRISTINE() \ do \ { \ - if( test_fail_if_psa_leaking( __LINE__, __FILE__ ) ) \ - goto exit; \ + if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \ + goto exit; \ } \ - while( 0 ) + while (0) /** Shut down the PSA Crypto subsystem and destroy persistent keys. * Expect a clean shutdown, with no slots in use. @@ -122,14 +110,14 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before * creating them. */ -#define PSA_DONE( ) \ +#define PSA_DONE() \ do \ { \ - test_fail_if_psa_leaking( __LINE__, __FILE__ ); \ - mbedtls_test_psa_purge_key_storage( ); \ - mbedtls_psa_crypto_free( ); \ + mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ + mbedtls_test_psa_purge_key_storage(); \ + mbedtls_psa_crypto_free(); \ } \ - while( 0 ) + while (0) /** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. * Expect a clean shutdown, with no slots in use. @@ -137,22 +125,22 @@ const char *mbedtls_test_helper_is_psa_leaking( void ); * If some key slots are still in use, record the test case as failed and * jump to the `exit` label. */ -#define PSA_SESSION_DONE( ) \ +#define PSA_SESSION_DONE() \ do \ { \ - mbedtls_test_psa_purge_key_cache( ); \ - ASSERT_PSA_PRISTINE( ); \ - mbedtls_psa_crypto_free( ); \ + mbedtls_test_psa_purge_key_cache(); \ + ASSERT_PSA_PRISTINE(); \ + mbedtls_psa_crypto_free(); \ } \ - while( 0 ) + while (0) #if defined(RECORD_PSA_STATUS_COVERAGE_LOG) -psa_status_t mbedtls_test_record_status( psa_status_t status, - const char *func, - const char *file, int line, - const char *expr ); +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr); /** Return value logging wrapper macro. * @@ -178,8 +166,8 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * a value of type #psa_status_t. * \return The value of \p expr. */ -#define RECORD_STATUS( string, expr ) \ - mbedtls_test_record_status( ( expr ), string, __FILE__, __LINE__, #expr ) +#define RECORD_STATUS(string, expr) \ + mbedtls_test_record_status((expr), string, __FILE__, __LINE__, #expr) #include "instrument_record_status.h" @@ -189,9 +177,52 @@ psa_status_t mbedtls_test_record_status( psa_status_t status, * * Do a key policy permission extension on key usage policies always involves * permissions of other usage policies - * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSGAE). + * (like PSA_KEY_USAGE_SIGN_HASH involves PSA_KEY_USAGE_SIGN_MESSAGE). + */ +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags); + +/** Check that no PSA Crypto key slots are in use. + * + * If any slots are in use, mark the current test as failed. + * + * \return 0 if the key store is empty, 1 otherwise. + */ +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); + + + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform + * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO + * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions + * is to read and write from the entropy seed file, which is located + * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. + * (These could have been provided as library functions, but for historical + * reasons, they weren't, and so each integrator has to provide a copy + * of these functions.) + * + * Provide implementations of these functions for testing. */ +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); + + +/** Make sure that the injected entropy is present. + * + * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init() + * will fail if the PSA entropy seed is not present. + * This function must be called at least once in a test suite or other + * program before any call to psa_crypto_init(). + * It does not need to be called in each test case. + * + * The test framework calls this function before running any test case. + * + * The few tests that might remove the entropy file must call this function + * in their cleanup. */ -psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ); +int mbedtls_test_inject_entropy_restore(void); +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + + /** Skip a test case if the given key is a 192 bits AES key and the AES * implementation is at least partially provided by an accelerator or @@ -220,18 +251,18 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags #define MBEDTLS_TEST_HAVE_ALT_AES 0 #endif -#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_bits ) \ +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_bits) \ do \ { \ - if( ( MBEDTLS_TEST_HAVE_ALT_AES ) && \ - ( ( key_type ) == PSA_KEY_TYPE_AES ) && \ - ( key_bits == 192 ) ) \ + if ((MBEDTLS_TEST_HAVE_ALT_AES) && \ + ((key_type) == PSA_KEY_TYPE_AES) && \ + (key_bits == 192)) \ { \ - mbedtls_test_skip( "AES-192 not supported", __LINE__, __FILE__ ); \ + mbedtls_test_skip("AES-192 not supported", __LINE__, __FILE__); \ goto exit; \ } \ } \ - while( 0 ) + while (0) /** Skip a test case if a GCM operation with a nonce length different from * 12 bytes fails and was performed by an accelerator or alternative @@ -262,20 +293,20 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags #define MBEDTLS_TEST_HAVE_ALT_GCM 0 #endif -#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, \ - nonce_length ) \ +#define MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, \ + nonce_length) \ do \ { \ - if( ( MBEDTLS_TEST_HAVE_ALT_GCM ) && \ - ( PSA_ALG_AEAD_WITH_SHORTENED_TAG( ( alg ) , 0 ) == \ - PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ) ) && \ - ( ( nonce_length ) != 12 ) ) \ + if ((MBEDTLS_TEST_HAVE_ALT_GCM) && \ + (PSA_ALG_AEAD_WITH_SHORTENED_TAG((alg), 0) == \ + PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)) && \ + ((nonce_length) != 12)) \ { \ - mbedtls_test_skip( "GCM with non-12-byte IV is not supported", __LINE__, __FILE__ ); \ + mbedtls_test_skip("GCM with non-12-byte IV is not supported", __LINE__, __FILE__); \ goto exit; \ } \ } \ - while( 0 ) + while (0) #endif /* MBEDTLS_PSA_CRYPTO_C */ @@ -292,14 +323,14 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags * #MBEDTLS_USE_PSA_CRYPTO is disabled. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -#define USE_PSA_INIT( ) PSA_INIT( ) -#define USE_PSA_DONE( ) PSA_DONE( ) +#define USE_PSA_INIT() PSA_INIT() +#define USE_PSA_DONE() PSA_DONE() #else /* MBEDTLS_USE_PSA_CRYPTO */ /* Define empty macros so that we can use them in the preamble and teardown * of every test function that uses PSA conditionally based on * MBEDTLS_USE_PSA_CRYPTO. */ -#define USE_PSA_INIT( ) ( (void) 0 ) -#define USE_PSA_DONE( ) ( (void) 0 ) +#define USE_PSA_INIT() ((void) 0) +#define USE_PSA_DONE() ((void) 0) #endif /* !MBEDTLS_USE_PSA_CRYPTO */ #endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/psa_exercise_key.h b/third_party/mbedtls/repo/tests/include/test/psa_exercise_key.h index e67f515aab3..cad2be94fcc 100644 --- a/third_party/mbedtls/repo/tests/include/test/psa_exercise_key.h +++ b/third_party/mbedtls/repo/tests/include/test/psa_exercise_key.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_EXERCISE_KEY_H @@ -81,7 +69,7 @@ #elif defined(MBEDTLS_SHA512_C) #define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_512 #else -#undef KNOWN_MBEDLTS_SUPPORTED_HASH_ALG +#undef KNOWN_MBEDTLS_SUPPORTED_HASH_ALG #endif /** \def KNOWN_SUPPORTED_BLOCK_CIPHER @@ -109,7 +97,7 @@ * This is used in some smoke tests. */ #if defined(KNOWN_SUPPORTED_HASH_ALG) && defined(PSA_WANT_ALG_HMAC) -#define KNOWN_SUPPORTED_MAC_ALG ( PSA_ALG_HMAC( KNOWN_SUPPORTED_HASH_ALG ) ) +#define KNOWN_SUPPORTED_MAC_ALG (PSA_ALG_HMAC(KNOWN_SUPPORTED_HASH_ALG)) #define KNOWN_SUPPORTED_MAC_KEY_TYPE PSA_KEY_TYPE_HMAC #elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CMAC_C) #define KNOWN_SUPPORTED_MAC_ALG PSA_ALG_CMAC @@ -168,12 +156,12 @@ * \return \c 1 on success, \c 0 on failure. */ int mbedtls_test_psa_setup_key_derivation_wrap( - psa_key_derivation_operation_t* operation, + psa_key_derivation_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg, - const unsigned char* input1, size_t input1_length, - const unsigned char* input2, size_t input2_length, - size_t capacity ); + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity); /** Perform a key agreement using the given key pair against its public key * using psa_raw_key_agreement(). @@ -189,7 +177,7 @@ int mbedtls_test_psa_setup_key_derivation_wrap( */ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_algorithm_t alg, - mbedtls_svc_key_id_t key ); + mbedtls_svc_key_id_t key); /** Perform a key agreement using the given key pair against its public key * using psa_key_derivation_raw_key(). @@ -208,7 +196,7 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( */ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t key ); + mbedtls_svc_key_id_t key); /** Perform sanity checks on the given key representation. * @@ -230,7 +218,7 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self( */ int mbedtls_test_psa_exported_key_sanity_check( psa_key_type_t type, size_t bits, - const uint8_t *exported, size_t exported_length ); + const uint8_t *exported, size_t exported_length); /** Do smoke tests on a key. * @@ -259,11 +247,11 @@ int mbedtls_test_psa_exported_key_sanity_check( * \retval 0 The key failed the smoke tests. * \retval 1 The key passed the smoke tests. */ -int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ); +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg); -psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, - psa_algorithm_t alg ); +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg); #endif /* PSA_EXERCISE_KEY_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/psa_helpers.h b/third_party/mbedtls/repo/tests/include/test/psa_helpers.h index f438a71fb6c..b61718939e7 100644 --- a/third_party/mbedtls/repo/tests/include/test/psa_helpers.h +++ b/third_party/mbedtls/repo/tests/include/test/psa_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_HELPERS_H @@ -31,6 +19,6 @@ * to a \c psa_xxx function that returns a value of type * #psa_status_t. */ -#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS ) +#define PSA_ASSERT(expr) TEST_EQUAL((expr), PSA_SUCCESS) #endif /* PSA_HELPERS_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/random.h b/third_party/mbedtls/repo/tests/include/test/random.h index 64282807809..1fd3ac8e59f 100644 --- a/third_party/mbedtls/repo/tests/include/test/random.h +++ b/third_party/mbedtls/repo/tests/include/test/random.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_RANDOM_H @@ -34,12 +22,11 @@ #include #include -typedef struct -{ +typedef struct { unsigned char *buf; /* Pointer to a buffer of length bytes. */ size_t length; /* If fallback_f_rng is NULL, fail after delivering length bytes. */ - int ( *fallback_f_rng )( void*, unsigned char *, size_t ); + int (*fallback_f_rng)(void *, unsigned char *, size_t); void *fallback_p_rng; } mbedtls_test_rnd_buf_info; @@ -50,8 +37,7 @@ typedef struct * Do not forget endianness! * State( v0, v1 ) should be set to zero. */ -typedef struct -{ +typedef struct { uint32_t key[16]; uint32_t v0, v1; } mbedtls_test_rnd_pseudo_info; @@ -65,18 +51,18 @@ typedef struct * * rng_state shall be NULL. */ -int mbedtls_test_rnd_std_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function only returns zeros. * * \p rng_state shall be \c NULL. */ -int mbedtls_test_rnd_zero_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function returns random data based on a buffer it receives. @@ -90,9 +76,9 @@ int mbedtls_test_rnd_zero_rand( void *rng_state, * #mbedtls_test_rnd_buf_info structure if there is one, and * will return #MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise. */ -int mbedtls_test_rnd_buffer_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len); /** * This function returns random based on a pseudo random function. @@ -102,8 +88,8 @@ int mbedtls_test_rnd_buffer_rand( void *rng_state, * * \p rng_state shall be a pointer to a #mbedtls_test_rnd_pseudo_info structure. */ -int mbedtls_test_rnd_pseudo_rand( void *rng_state, - unsigned char *output, - size_t len ); +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len); #endif /* TEST_RANDOM_H */ diff --git a/third_party/mbedtls/repo/tests/include/test/ssl_helpers.h b/third_party/mbedtls/repo/tests/include/test/ssl_helpers.h new file mode 100644 index 00000000000..8328a7b18ff --- /dev/null +++ b/third_party/mbedtls/repo/tests/include/test/ssl_helpers.h @@ -0,0 +1,526 @@ +/** \file ssl_helpers.h + * + * \brief This file contains helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef SSL_HELPERS_H +#define SSL_HELPERS_H + +#include + +#include +#include +#include +#include + +#if defined(MBEDTLS_SSL_TLS_C) +#include +#include +#include +#include +#include +#include +#include + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +#endif + +enum { +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + tls1_3_label_ ## name, + MBEDTLS_SSL_TLS1_3_LABEL_LIST +#undef MBEDTLS_SSL_TLS1_3_LABEL +}; + +typedef struct mbedtls_test_ssl_log_pattern { + const char *pattern; + size_t counter; +} mbedtls_test_ssl_log_pattern; + +/* Invalid minor version used when not specifying a min/max version or expecting a test to fail */ +#define TEST_SSL_MINOR_VERSION_NONE -1 + +typedef struct mbedtls_test_handshake_test_options { + const char *cipher; + int client_min_version; + int client_max_version; + int server_min_version; + int server_max_version; + int expected_negotiated_version; + int pk_alg; + data_t *psk_str; + int dtls; + int srv_auth_mode; + int serialize; + int mfl; + int cli_msg_len; + int srv_msg_len; + int expected_cli_fragments; + int expected_srv_fragments; + int renegotiate; + int legacy_renegotiation; + void *srv_log_obj; + void *cli_log_obj; + void (*srv_log_fun)(void *, int, const char *, int, const char *); + void (*cli_log_fun)(void *, int, const char *, int, const char *); + int resize_buffers; +} mbedtls_test_handshake_test_options; + +/* + * Buffer structure for custom I/O callbacks. + */ +typedef struct mbedtls_test_ssl_buffer { + size_t start; + size_t content_length; + size_t capacity; + unsigned char *buffer; +} mbedtls_test_ssl_buffer; + +/* + * Context for a message metadata queue (fifo) that is on top of the ring buffer. + */ +typedef struct mbedtls_test_ssl_message_queue { + size_t *messages; + int pos; + int num; + int capacity; +} mbedtls_test_ssl_message_queue; + +/* + * Context for the I/O callbacks simulating network connection. + */ + +#define MBEDTLS_MOCK_SOCKET_CONNECTED 1 + +typedef struct mbedtls_test_mock_socket { + int status; + mbedtls_test_ssl_buffer *input; + mbedtls_test_ssl_buffer *output; + struct mbedtls_test_mock_socket *peer; +} mbedtls_test_mock_socket; + +/* Errors used in the message socket mocks */ + +#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 +#define MBEDTLS_TEST_ERROR_SEND_FAILED -66 +#define MBEDTLS_TEST_ERROR_RECV_FAILED -77 + +/* + * Structure used as an addon, or a wrapper, around the mocked sockets. + * Contains an input queue, to which the other socket pushes metadata, + * and an output queue, to which this one pushes metadata. This context is + * considered as an owner of the input queue only, which is initialized and + * freed in the respective setup and free calls. + */ +typedef struct mbedtls_test_message_socket_context { + mbedtls_test_ssl_message_queue *queue_input; + mbedtls_test_ssl_message_queue *queue_output; + mbedtls_test_mock_socket *socket; +} mbedtls_test_message_socket_context; + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) + +/* + * Structure with endpoint's certificates for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint_certificate { + mbedtls_x509_crt *ca_cert; + mbedtls_x509_crt *cert; + mbedtls_pk_context *pkey; +} mbedtls_test_ssl_endpoint_certificate; + +/* + * Endpoint structure for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint { + const char *name; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_entropy_context entropy; + mbedtls_test_mock_socket socket; + mbedtls_test_ssl_endpoint_certificate cert; +} mbedtls_test_ssl_endpoint; + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ + +/* + * This function can be passed to mbedtls to receive output logs from it. In + * this case, it will count the instances of a mbedtls_test_ssl_log_pattern + * in the received logged messages. + */ +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str); + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts); + +/* + * Initialises \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_free()` on \p buf. + */ +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf); + +/* + * Sets up \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` + * on \p buf. + */ +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity); + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf); + +/* + * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p input_len, if the data fits. + * \retval 0 <= value < \p input_len, if the data does not fit. + * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not + * zero and \p input is NULL. + */ +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len); + +/* + * Gets \p output_len bytes from the ring buffer \p buf into the + * \p output buffer. The output buffer can be NULL, in this case a part of the + * ring buffer will be dropped, if the requested length is available. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p output_len, if the data is available. + * \retval 0 <= value < \p output_len, if the data is not available. + * \retval -1, if \buf is NULL or it hasn't been set up. + */ +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len); + +/* + * Errors used in the message transport mock tests + */ + #define MBEDTLS_TEST_ERROR_ARG_NULL -11 + #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 + +/* + * Setup and free functions for the message metadata queue. + * + * \p capacity describes the number of message metadata chunks that can be held + * within the queue. + * + * \retval 0, if a metadata queue of a given length can be allocated. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. + */ +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity); + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue); + +/* + * Push message length information onto the message metadata queue. + * This will become the last element to leave it (fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. + * \retval \p len, if the push was successful. + */ +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len); + +/* + * Pop information about the next message length from the queue. This will be + * the oldest inserted message length(fifo). \p msg_len can be null, in which + * case the data will be popped from the queue but not copied anywhere. + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval message length, if the pop was successful, up to the given + \p buf_len. + */ +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len); + +/* + * Setup and teardown functions for mock sockets. + */ +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket); + +/* + * Closes the socket \p socket. + * + * \p socket must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * This function frees all allocated resources and both sockets are aware of the + * new connection state. + * + * That is, this function does not simulate half-open TCP connections and the + * phenomenon that when closing a UDP connection the peer is not aware of the + * connection having been closed. + */ +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket); + +/* + * Establishes a connection between \p peer1 and \p peer2. + * + * \p peer1 and \p peer2 must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * The capacities of the internal buffers are set to \p bufsize. Setting this to + * the correct value allows for simulation of MTU, sanity testing the mock + * implementation and mocking TCP connections with lower memory cost. + */ +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize); + +/* + * Callbacks for simulating blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len); + +/* + * Callbacks for simulating non-blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len); + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx); + +/* + * Setup a given message socket context including initialization of + * input/output queues to a chosen capacity of messages. Also set the + * corresponding mock socket. + * + * \retval 0, if everything succeeds. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message + * queue failed. + */ +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx); + +/* + * Close a given message socket context, along with the socket itself. Free the + * memory allocated by the input queue. + */ +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx); + +/* + * Send one message through a given message socket context. + * + * \retval \p len, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if + * mbedtls_test_mock_tcp_send_b failed. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. + * + * This function will also return any error from + * mbedtls_test_ssl_message_queue_push_info. + */ +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len); + +/* + * Receive one message from a given message socket context and return message + * length or an error. + * + * \retval message length, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if + * mbedtls_test_mock_tcp_recv_b failed. + * + * This function will also return any error other than + * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info. + */ +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len); + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) + +/* + * Initializes \p ep_cert structure and assigns it to endpoint + * represented by \p ep. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg); + +/* + * Initializes \p ep structure. It is important to call + * `mbedtls_test_ssl_endpoint_free()` after calling this function + * even if it fails. + * + * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or + * MBEDTLS_SSL_IS_CLIENT. + * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and + * MBEDTLS_PK_ECDSA are supported. + * \p dtls_context - in case of DTLS - this is the context handling metadata. + * \p input_queue - used only in case of DTLS. + * \p output_queue - used only in case of DTLS. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, int pk_alg, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue, + const mbedtls_ecp_group_id *curves); + +/* + * Deinitializes endpoint represented by \p ep. + */ +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context); + +/* + * This function moves ssl handshake from \p ssl to prescribed \p state. + * /p second_ssl is used as second endpoint and their sockets have to be + * connected before calling this function. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state); + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ + +/* + * Helper function setting up inverse record transformations + * using given cipher, hash, EtM mode, authentication tag length, + * and version. + */ + +#define CHK(x) \ + do \ + { \ + if (!(x)) \ + { \ + ret = -1; \ + goto cleanup; \ + } \ + } while (0) + +#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX +#else +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX +#endif + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + size_t cid0_len, + size_t cid1_len); + +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +/** + * \param[in,out] record The record to prepare. + * It must contain the data to MAC at offset + * `record->data_offset`, of length + * `record->data_length`. + * On success, write the MAC immediately + * after the data and increment + * `record->data_length` accordingly. + * \param[in,out] transform_out The out transform, typically prepared by + * mbedtls_test_ssl_build_transforms(). + * Its HMAC context may be used. Other than that + * it is treated as an input parameter. + * + * \return 0 on success, an `MBEDTLS_ERR_xxx` error code + * or -1 on error. + */ +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out); +#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ + +/* + * Populate a session structure for serialization tests. + * Choose dummy values, mostly non-0 to distinguish from the init default. + */ +int mbedtls_test_ssl_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file); + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the + * message was sent in the correct number of fragments. + * + * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both + * of them must be initialized and connected + * beforehand. + * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. + * /p expected_fragments_1 and /p expected_fragments_2 determine in how many + * fragments the message should be sent. + * expected_fragments is 0: can be used for DTLS testing while the message + * size is larger than MFL. In that case the message + * cannot be fragmented and sent to the second + * endpoint. + * This value can be used for negative tests. + * expected_fragments is 1: can be used for TLS/DTLS testing while the + * message size is below MFL + * expected_fragments > 1: can be used for TLS testing while the message + * size is larger than MFL + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2); + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ +#endif /* MBEDTLS_SSL_TLS_C */ + +#endif /* SSL_HELPERS_H */ diff --git a/third_party/mbedtls/repo/tests/make-in-docker.sh b/third_party/mbedtls/repo/tests/make-in-docker.sh index 77dc8ab4382..e57d09d342f 100755 --- a/third_party/mbedtls/repo/tests/make-in-docker.sh +++ b/third_party/mbedtls/repo/tests/make-in-docker.sh @@ -8,21 +8,13 @@ # # See also: # - scripts/docker_env.sh for general Docker prerequisites and other information. +# +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/third_party/mbedtls/repo/tests/scripts/all-in-docker.sh b/third_party/mbedtls/repo/tests/scripts/all-in-docker.sh index 8c9ff476de6..b2a31c265e1 100755 --- a/third_party/mbedtls/repo/tests/scripts/all-in-docker.sh +++ b/third_party/mbedtls/repo/tests/scripts/all-in-docker.sh @@ -6,6 +6,10 @@ # ------- # This runs all.sh (except for armcc) in a Docker container. # +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. +# # Notes for users # --------------- # See docker_env.sh for prerequisites and other information. @@ -13,19 +17,7 @@ # See also all.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/third_party/mbedtls/repo/tests/scripts/all.sh b/third_party/mbedtls/repo/tests/scripts/all.sh index c07ef34f5de..a2e518ec32c 100755 --- a/third_party/mbedtls/repo/tests/scripts/all.sh +++ b/third_party/mbedtls/repo/tests/scripts/all.sh @@ -3,19 +3,7 @@ # all.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later @@ -120,9 +108,12 @@ # Treat uninitialised variables as errors. set -e -o pipefail -u +# Enable ksh/bash extended file matching patterns +shopt -s extglob + pre_check_environment () { if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi } @@ -172,6 +163,10 @@ pre_initialize_variables () { : ${ARMC6_BIN_DIR:=/usr/bin} : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-} + : ${CLANG_LATEST:="clang-latest"} + : ${CLANG_EARLIEST:="clang-earliest"} + : ${GCC_LATEST:="gcc-latest"} + : ${GCC_EARLIEST:="gcc-earliest"} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then @@ -182,13 +177,16 @@ pre_initialize_variables () { export CTEST_OUTPUT_ON_FAILURE=1 # CFLAGS and LDFLAGS for Asan builds that don't use CMake - ASAN_CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all' + # default to -O2, use -Ox _after_ this if you want another level + ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + + # Platform tests have an allocation that returns null + export ASAN_OPTIONS="allocator_may_return_null=1" + export MSAN_OPTIONS="allocator_may_return_null=1" # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". - # Parse the script with sed. This way we get the functions in the order - # they are defined. - ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0") + ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//') # Exclude components that are not supported on this platform. SUPPORTED_COMPONENTS= @@ -259,7 +257,7 @@ General options: --no-force Refuse to overwrite modified files (default). --no-keep-going Stop at the first error (default). --no-memory No additional memory tests (default). - --no-quiet Print full ouput from components. + --no-quiet Print full output from components. --out-of-source-dir= Directory used for CMake out-of-source build tests. --outcome-file= File where test outcomes are written (not done if empty; default: \$MBEDTLS_TEST_OUTCOME_FILE). @@ -270,6 +268,10 @@ General options: Tool path options: --armc5-bin-dir= ARM Compiler 5 bin directory. --armc6-bin-dir= ARM Compiler 6 bin directory. + --clang-earliest= Earliest version of clang available + --clang-latest= Latest version of clang available + --gcc-earliest= Earliest version of GCC available + --gcc-latest= Latest version of GCC available --gnutls-cli= GnuTLS client executable to use for most tests. --gnutls-serv= GnuTLS server executable to use for most tests. --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. @@ -294,7 +296,7 @@ cleanup() -iname CTestTestfile.cmake -o \ -iname CMakeCache.txt \) -exec rm {} \+ # Recover files overwritten by in-tree CMake builds - rm -f include/Makefile include/mbedtls/Makefile programs/*/Makefile + rm -f include/Makefile include/mbedtls/Makefile programs/!(fuzz)/Makefile # Remove any artifacts from the component_test_cmake_as_subdirectory test. rm -rf programs/test/cmake_subproject/build @@ -303,7 +305,9 @@ cleanup() # Restore files that may have been clobbered by the job for x in $files_to_back_up; do - cp -p "$x$backup_suffix" "$x" + if [[ -e "$x$backup_suffix" ]]; then + cp -p "$x$backup_suffix" "$x" + fi done } @@ -370,7 +374,7 @@ armc6_build_test() msg "build: ARM Compiler 6 ($FLAGS)" ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ - WARNING_CFLAGS='-xc -std=c99' make lib + WARNING_CFLAGS='-Werror -xc -std=c99' make lib msg "size: ARM Compiler 6 ($FLAGS)" "$ARMC6_FROMELF" -z library/*.o @@ -411,9 +415,13 @@ pre_parse_command_line () { --armcc) no_armcc=;; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; + --clang-earliest) shift; CLANG_EARLIEST="$1";; + --clang-latest) shift; CLANG_LATEST="$1";; --error-test) error_test=$((error_test + 1));; --except) all_except=1;; --force|-f) FORCE=1;; + --gcc-earliest) shift; GCC_EARLIEST="$1";; + --gcc-latest) shift; GCC_LATEST="$1";; --gnutls-cli) shift; GNUTLS_CLI="$1";; --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; @@ -707,7 +715,7 @@ pre_check_tools () { *" test_"*) # To avoid setting OpenSSL and GnuTLS for each call to compat.sh # and ssl-opt.sh, we just export the variables they require. - export OPENSSL_CMD="$OPENSSL" + export OPENSSL="$OPENSSL" export GNUTLS_CLI="$GNUTLS_CLI" export GNUTLS_SERV="$GNUTLS_SERV" # Avoid passing --seed flag in every call to ssl-opt.sh @@ -827,7 +835,7 @@ component_check_test_cases () { else opt='' fi - tests/scripts/check_test_cases.py $opt + tests/scripts/check_test_cases.py -q $opt unset opt } @@ -846,7 +854,6 @@ component_test_default_out_of_box () { msg "build: make, default config (out-of-box)" # ~1min make # Disable fancy stuff - SAVE_MBEDTLS_TEST_OUTCOME_FILE="$MBEDTLS_TEST_OUTCOME_FILE" unset MBEDTLS_TEST_OUTCOME_FILE msg "test: main suites make, default config (out-of-box)" # ~10s @@ -854,9 +861,6 @@ component_test_default_out_of_box () { msg "selftest: make, default config (out-of-box)" # ~10s programs/test/selftest - - export MBEDTLS_TEST_OUTCOME_FILE="$SAVE_MBEDTLS_TEST_OUTCOME_FILE" - unset SAVE_MBEDTLS_TEST_OUTCOME_FILE } component_test_default_cmake_gcc_asan () { @@ -1016,7 +1020,7 @@ component_test_sslv3 () { msg "build: SSLv3 - compat.sh (ASan build)" # ~ 6 min tests/compat.sh -m 'tls1 tls1_1 tls12 dtls1 dtls12' - env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' + env OPENSSL="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3' msg "build: SSLv3 - ssl-opt.sh (ASan build)" # ~ 6 min tests/ssl-opt.sh @@ -1038,6 +1042,18 @@ component_test_no_renegotiation () { tests/ssl-opt.sh } +component_test_no_certs () { + msg "build: full minus MBEDTLS_CERTS_C" + scripts/config.py full + scripts/config.py unset MBEDTLS_CERTS_C + # Quick build+test (we're checking for stray uses of the test certs, + # not expecting their absence to lead to subtle problems). + make + + msg "test: full minus MBEDTLS_CERTS_C - main suites" + make test +} + component_test_no_pem_no_fs () { msg "build: Default + !MBEDTLS_PEM_PARSE_C + !MBEDTLS_FS_IO (ASan build)" scripts/config.py unset MBEDTLS_PEM_PARSE_C @@ -1230,6 +1246,21 @@ component_test_psa_external_rng_use_psa_crypto () { tests/ssl-opt.sh -f 'Default\|opaque' } +component_test_psa_inject_entropy () { + msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY" + scripts/config.py full + scripts/config.py set MBEDTLS_PSA_INJECT_ENTROPY + scripts/config.py set MBEDTLS_ENTROPY_NV_SEED + scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT + scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ + scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE + make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" + make test +} + component_test_ecp_no_internal_rng () { msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules" scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG @@ -1267,6 +1298,163 @@ component_test_ecp_restartable_no_internal_rng () { # no SSL tests as they all depend on having a DRBG } +component_test_tls1_2_default_stream_cipher_only () { + msg "build: default with only stream cipher" + + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only stream cipher" + make test + + # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite. +} + +component_test_tls1_2_default_stream_cipher_only_use_psa () { + msg "build: default with only stream cipher use psa" + + scripts/config.py set MBEDTLS_USE_PSA_CRYPTO + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Disable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Enable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py set MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only stream cipher use psa" + make test + + # Not running ssl-opt.sh because most tests require a non-NULL ciphersuite. +} + +component_test_tls1_2_default_cbc_legacy_cipher_only () { + msg "build: default with only CBC-legacy cipher" + + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py set MBEDTLS_CIPHER_MODE_CBC + # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only CBC-legacy cipher" + make test + + msg "test: default with only CBC-legacy cipher - ssl-opt.sh (subset)" + tests/ssl-opt.sh -f "TLS 1.2" +} + +component_test_tls1_2_deafult_cbc_legacy_cipher_only_use_psa () { + msg "build: default with only CBC-legacy cipher use psa" + + scripts/config.py set MBEDTLS_USE_PSA_CRYPTO + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py set MBEDTLS_CIPHER_MODE_CBC + # Disable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py unset MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only CBC-legacy cipher use psa" + make test + + msg "test: default with only CBC-legacy cipher use psa - ssl-opt.sh (subset)" + tests/ssl-opt.sh -f "TLS 1.2" +} + +component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only () { + msg "build: default with only CBC-legacy and CBC-EtM ciphers" + + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py set MBEDTLS_CIPHER_MODE_CBC + # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only CBC-legacy and CBC-EtM ciphers" + make test + + msg "test: default with only CBC-legacy and CBC-EtM ciphers - ssl-opt.sh (subset)" + tests/ssl-opt.sh -f "TLS 1.2" +} + +component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_use_psa () { + msg "build: default with only CBC-legacy and CBC-EtM ciphers use psa" + + scripts/config.py set MBEDTLS_USE_PSA_CRYPTO + # Disable AEAD (controlled by the presence of one of GCM_C, CCM_C, CHACHAPOLY_C) + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Enable CBC-legacy (controlled by MBEDTLS_CIPHER_MODE_CBC plus at least one block cipher (AES, ARIA, Camellia, DES)) + scripts/config.py set MBEDTLS_CIPHER_MODE_CBC + # Enable CBC-EtM (controlled by the same as CBC-legacy plus MBEDTLS_SSL_ENCRYPT_THEN_MAC) + scripts/config.py set MBEDTLS_SSL_ENCRYPT_THEN_MAC + # Disable stream (currently that's just the NULL pseudo-cipher (controlled by MBEDTLS_CIPHER_NULL_CIPHER)) + scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER + # Modules that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + make + + msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa" + make test + + msg "test: default with only CBC-legacy and CBC-EtM ciphers use psa - ssl-opt.sh (subset)" + tests/ssl-opt.sh -f "TLS 1.2" +} + component_test_new_ecdh_context () { msg "build: new ECDH context (ASan build)" # ~ 6 min scripts/config.py unset MBEDTLS_ECDH_LEGACY_CONTEXT @@ -1375,12 +1563,15 @@ component_test_psa_collect_statuses () { component_test_full_cmake_clang () { msg "build: cmake, full config, clang" # ~ 50s scripts/config.py full - CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On . + CC=clang CXX=clang cmake -D CMAKE_BUILD_TYPE:String=Release -D ENABLE_TESTING=On -D TEST_CPP=1 . make msg "test: main suites (full config, clang)" # ~ 5s make test + msg "test: cpp_dummy_build (full config, clang)" # ~ 1s + programs/test/cpp_dummy_build + msg "test: psa_constant_names (full config, clang)" # ~ 1s tests/scripts/test_psa_constant_names.py @@ -1388,10 +1579,21 @@ component_test_full_cmake_clang () { tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min - env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' + env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' msg "test: compat.sh ARIA + ChachaPoly" - env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' + env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' +} + +skip_suites_without_constant_flow () { + # Skip the test suites that don't have any constant-flow annotations. + # This will need to be adjusted if we ever start declaring things as + # secret from macros or functions inside tests/include or tests/src. + SKIP_TEST_SUITES=$( + git -C tests/suites grep -L TEST_CF_ 'test_suite_*.function' | + sed 's/test_suite_//; s/\.function$//' | + tr '\n' ,) + export SKIP_TEST_SUITES } component_test_memsan_constant_flow () { @@ -1425,12 +1627,13 @@ component_test_valgrind_constant_flow () { msg "build: cmake release GCC, full config with constant flow testing" scripts/config.py full scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND + skip_suites_without_constant_flow cmake -D CMAKE_BUILD_TYPE:String=Release . make # this only shows a summary of the results (how many of each type) # details are left in Testing//DynamicAnalysis.xml - msg "test: main suites (valgrind + constant flow)" + msg "test: some suites (valgrind + constant flow)" make memcheck } @@ -1508,58 +1711,140 @@ component_build_crypto_full () { are_empty_libraries library/libmbedx509.* library/libmbedtls.* } +component_test_crypto_for_psa_service () { + msg "build: make, config for PSA crypto service" + scripts/config.py crypto + scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + # Disable things that are not needed for just cryptography, to + # reach a configuration that would be typical for a PSA cryptography + # service providing all implemented PSA algorithms. + # System stuff + scripts/config.py unset MBEDTLS_ERROR_C + scripts/config.py unset MBEDTLS_TIMING_C + scripts/config.py unset MBEDTLS_VERSION_FEATURES + # Crypto stuff with no PSA interface + scripts/config.py unset MBEDTLS_BASE64_C + scripts/config.py unset MBEDTLS_BLOWFISH_C + # Keep MBEDTLS_CIPHER_C because psa_crypto_cipher, CCM and GCM need it. + # Keep MBEDTLS_MD_C because RSA and ECDSA need it, also HMAC_DRBG which + # is needed for deterministic ECDSA. + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_HKDF_C # PSA's HKDF is independent + scripts/config.py unset MBEDTLS_NIST_KW_C + scripts/config.py unset MBEDTLS_PEM_PARSE_C + scripts/config.py unset MBEDTLS_PEM_WRITE_C + scripts/config.py unset MBEDTLS_PKCS12_C + scripts/config.py unset MBEDTLS_PKCS5_C + # We keep MBEDTLS_PK_{,PARSE,WRITE}_C because PSA with RSA needs it. + scripts/config.py unset MBEDTLS_XTEA_C + make CFLAGS='-O1 -Werror' all test + are_empty_libraries library/libmbedx509.* library/libmbedtls.* +} + component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - make CFLAGS='-O1 -Werror' + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" are_empty_libraries library/libmbedx509.* library/libmbedtls.* } +support_build_crypto_baremetal () { + support_build_baremetal "$@" +} -component_test_depends_curves () { - msg "test/build: curves.pl (gcc)" # ~ 4 min - tests/scripts/curves.pl +component_build_baremetal () { + msg "build: make, baremetal config" + scripts/config.py baremetal + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" +} +support_build_baremetal () { + # Older Glibc versions include time.h from other headers such as stdlib.h, + # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this + # problem, Ubuntu 18.04 is ok. + ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h } -component_test_depends_curves_psa () { - msg "test/build: curves.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - tests/scripts/curves.pl +# depends.py family of tests +component_test_depends_py_cipher_id () { + msg "test/build: depends.py cipher_id (gcc)" + tests/scripts/depends.py cipher_id --unset-use-psa } -component_test_depends_hashes () { - msg "test/build: depends-hashes.pl (gcc)" # ~ 2 min - tests/scripts/depends-hashes.pl +component_test_depends_py_cipher_chaining () { + msg "test/build: depends.py cipher_chaining (gcc)" + tests/scripts/depends.py cipher_chaining --unset-use-psa } -component_test_depends_hashes_psa () { - msg "test/build: depends-hashes.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - tests/scripts/depends-hashes.pl +component_test_depends_py_cipher_padding () { + msg "test/build: depends.py cipher_padding (gcc)" + tests/scripts/depends.py cipher_padding --unset-use-psa } -component_test_depends_pkalgs () { - msg "test/build: depends-pkalgs.pl (gcc)" # ~ 2 min - tests/scripts/depends-pkalgs.pl +component_test_depends_py_curves () { + msg "test/build: depends.py curves (gcc)" + tests/scripts/depends.py curves --unset-use-psa } -component_test_depends_pkalgs_psa () { - msg "test/build: depends-pkalgs.pl with MBEDTLS_USE_PSA_CRYPTO defined (gcc)" - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - tests/scripts/depends-pkalgs.pl +component_test_depends_py_hashes () { + msg "test/build: depends.py hashes (gcc)" + tests/scripts/depends.py hashes --unset-use-psa } -component_build_key_exchanges () { - msg "test/build: key-exchanges (gcc)" # ~ 1 min - tests/scripts/key-exchanges.pl +component_test_depends_py_kex () { + msg "test/build: depends.py kex (gcc)" + tests/scripts/depends.py kex --unset-use-psa } -component_test_make_cxx () { - msg "build: Unix make, full, gcc + g++" +component_test_depends_py_pkalgs () { + msg "test/build: depends.py pkalgs (gcc)" + tests/scripts/depends.py pkalgs --unset-use-psa +} + +# PSA equivalents of the depends.py tests +component_test_depends_py_cipher_id_psa () { + msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py cipher_id +} + +component_test_depends_py_cipher_chaining_psa () { + msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py cipher_chaining +} + +component_test_depends_py_cipher_padding_psa () { + msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py cipher_padding +} + +component_test_depends_py_curves_psa () { + msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py curves +} + +component_test_depends_py_hashes_psa () { + msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py hashes +} + +component_test_depends_py_kex_psa () { + msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py kex +} + +component_test_depends_py_pkalgs_psa () { + msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" + tests/scripts/depends.py pkalgs +} + +component_build_no_pk_rsa_alt_support () { + msg "build: !MBEDTLS_PK_RSA_ALT_SUPPORT" # ~30s + scripts/config.py full - make TEST_CPP=1 lib programs + scripts/config.py unset MBEDTLS_PK_RSA_ALT_SUPPORT + scripts/config.py set MBEDTLS_RSA_C + scripts/config.py set MBEDTLS_X509_CRT_WRITE_C - msg "test: cpp_dummy_build" - programs/test/cpp_dummy_build + # Only compile - this is primarily to test for compile issues + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' } component_test_no_use_psa_crypto_full_cmake_asan() { @@ -1585,10 +1870,10 @@ component_test_no_use_psa_crypto_full_cmake_asan() { tests/compat.sh msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" - env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' + env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR' msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" - env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' + env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } component_test_psa_crypto_config_accel_ecdsa () { @@ -1598,6 +1883,10 @@ component_test_psa_crypto_config_accel_ecdsa () { # partial support for cipher operations in the driver test library. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + # Disable obsolete hashes (alternatively we could enable support for them + # in the driver test library). + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2 + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4 # SHA384 needed for some ECDSA signature tests. scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C @@ -1619,10 +1908,7 @@ component_test_psa_crypto_config_accel_ecdsa () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - - if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdsa_ library/ecdsa.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" make test @@ -1705,11 +1991,8 @@ component_test_psa_crypto_config_accel_rsa_signature () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - - if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o - if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" make test @@ -1745,11 +2028,8 @@ component_test_psa_crypto_config_accel_hash () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - - if_build_succeeded not grep mbedtls_sha512_init library/sha512.o - if_build_succeeded not grep mbedtls_sha1_init library/sha1.o + not grep mbedtls_sha512_init library/sha512.o + not grep mbedtls_sha1_init library/sha1.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test @@ -1758,6 +2038,10 @@ component_test_psa_crypto_config_accel_hash () { component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + # This test case focuses on cipher+AEAD. We don't yet support all + # combinations of configurations, so deactivate block-cipher-based MACs. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" @@ -1772,7 +2056,6 @@ component_test_psa_crypto_config_accel_cipher () { # PSA configuration options. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 @@ -1785,17 +2068,48 @@ component_test_psa_crypto_config_accel_cipher () { loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" - unset loc_accel_flags - unset loc_accel_list - - if_build_succeeded not grep mbedtls_des* library/des.o + not grep mbedtls_des* library/des.o msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test } +component_test_psa_crypto_config_accel_aead () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + + loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + + scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Features that depend on AEAD + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + scripts/config.py unset MBEDTLS_SSL_TICKET_C + + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + + # There's a risk of something getting re-enabled via config_psa.h + # make sure it did not happen. + not grep mbedtls_ccm library/ccm.o + not grep mbedtls_gcm library/gcm.o + not grep mbedtls_chachapoly library/chachapoly.o + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" + make test +} + component_test_psa_crypto_config_no_driver() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG @@ -1807,42 +2121,33 @@ component_test_psa_crypto_config_no_driver() { make test } -component_test_psa_crypto_config_chachapoly_disabled() { - # full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305 - msg "build: full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305" +component_test_aead_chachapoly_disabled() { + msg "build: full minus CHACHAPOLY" scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_GCM - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CHACHA20_POLY1305 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" - msg "test: full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305" + msg "test: full minus CHACHAPOLY" make test } -# This should be renamed to test and updated once the accelerator ECDSA code is in place and ready to test. -component_build_psa_accel_alg_ecdsa() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDSA - # without MBEDTLS_ECDSA_C - # PSA_WANT_ALG_ECDSA and PSA_WANT_ALG_DETERMINISTIC_ECDSA are already - # set in include/psa/crypto_config.h - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDSA without MBEDTLS_ECDSA_C" +component_test_aead_only_ccm() { + msg "build: full minus CHACHAPOLY and GCM" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_ECDSA_C - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED - # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDSA -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM + make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full minus CHACHAPOLY and GCM" + make test } # This should be renamed to test and updated once the accelerator ECDH code is in place and ready to test. component_build_psa_accel_alg_ecdh() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDH - # without MBEDTLS_ECDH_C - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1859,8 +2164,7 @@ component_build_psa_accel_alg_ecdh() { # This should be renamed to test and updated once the accelerator ECC key pair code is in place and ready to test. component_build_psa_accel_key_type_ecc_key_pair() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_KEY_PAIR - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1873,8 +2177,7 @@ component_build_psa_accel_key_type_ecc_key_pair() { # This should be renamed to test and updated once the accelerator ECC public key code is in place and ready to test. component_build_psa_accel_key_type_ecc_public_key() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1887,8 +2190,7 @@ component_build_psa_accel_key_type_ecc_public_key() { # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. component_build_psa_accel_alg_hmac() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HMAC - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HMAC" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HMAC" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1899,9 +2201,7 @@ component_build_psa_accel_alg_hmac() { # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. component_build_psa_accel_alg_hkdf() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HKDF - # without MBEDTLS_HKDF_C - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1915,8 +2215,7 @@ component_build_psa_accel_alg_hkdf() { # This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test. component_build_psa_accel_alg_md2() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD2 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD2 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD2 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1935,8 +2234,7 @@ component_build_psa_accel_alg_md2() { # This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test. component_build_psa_accel_alg_md4() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD4 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD4 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD4 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1955,8 +2253,7 @@ component_build_psa_accel_alg_md4() { # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. component_build_psa_accel_alg_md5() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD5 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD5 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1975,8 +2272,7 @@ component_build_psa_accel_alg_md5() { # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. component_build_psa_accel_alg_ripemd160() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RIPEMD160 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RIPEMD160 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RIPEMD160 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -1995,8 +2291,7 @@ component_build_psa_accel_alg_ripemd160() { # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. component_build_psa_accel_alg_sha1() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_1 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_1 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_1 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2015,8 +2310,7 @@ component_build_psa_accel_alg_sha1() { # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. component_build_psa_accel_alg_sha224() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_224 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_224 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_224 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2034,8 +2328,7 @@ component_build_psa_accel_alg_sha224() { # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. component_build_psa_accel_alg_sha256() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_256 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_256 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_256 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2054,8 +2347,7 @@ component_build_psa_accel_alg_sha256() { # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. component_build_psa_accel_alg_sha384() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_384 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_384 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_384 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2073,8 +2365,7 @@ component_build_psa_accel_alg_sha384() { # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. component_build_psa_accel_alg_sha512() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_512 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_512 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_512 - other hashes" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2093,8 +2384,7 @@ component_build_psa_accel_alg_sha512() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2109,8 +2399,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pkcs1v15_sign() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_SIGN and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2125,8 +2414,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_oaep() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_OAEP and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2141,8 +2429,7 @@ component_build_psa_accel_alg_rsa_oaep() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pss() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PSS and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2157,8 +2444,7 @@ component_build_psa_accel_alg_rsa_pss() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_key_type_rsa_key_pair() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR and PSA_WANT_ALG_RSA_PSS - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2171,8 +2457,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_key_type_rsa_public_key() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY and PSA_WANT_ALG_RSA_PSS - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS @@ -2202,6 +2487,7 @@ component_test_check_params_without_platform () { scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED scripts/config.py unset MBEDTLS_PLATFORM_C make CC=gcc CFLAGS='-Werror -O1' all test @@ -2215,6 +2501,43 @@ component_test_check_params_silent () { make CC=gcc CFLAGS='-Werror -O1' all test } +component_build_aes_variations() { # ~45s + msg "build: aes.o for all combinations of relevant config options" + + for a in set unset; do + for b in set unset; do + for c in set unset; do + for d in set unset; do + for e in set unset; do + for f in set unset; do + for g in set unset; do + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + + ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + ./scripts/config.py $g MBEDTLS_PADLOCK_C + + rm -f library/aes.o + make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + done + done + done + done + done + done + done +} + component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file @@ -2227,6 +2550,7 @@ component_test_no_platform () { scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT + scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT @@ -2458,6 +2782,19 @@ component_test_no_date_time () { make test } +component_test_alt_timing() { + msg "build: alternate timing implementation" + scripts/config.py set MBEDTLS_TIMING_ALT + make lib TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing" + + msg "test: MBEDTLS_TIMING_ALT - test suites" + make test TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing" + + msg "selftest - MBEDTLS-TIMING_ALT" + make programs TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../../tests/src/external_timing -I../tests/src/external_timing" + programs/test/selftest +} + component_test_platform_calloc_macro () { msg "build: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" scripts/config.py set MBEDTLS_PLATFORM_MEMORY @@ -2473,7 +2810,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -2567,18 +2904,16 @@ component_test_se_default () { } component_test_psa_crypto_drivers () { - msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks" + msg "build: full + test drivers dispatching to builtins" scripts/config.py full scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL" loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" loc_cflags="${loc_cflags} -I../tests/include -O2" make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" - unset loc_cflags - msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS" + msg "test: full + test drivers dispatching to builtins" make test } @@ -2600,6 +2935,7 @@ component_test_cmake_shared () { test_build_opt () { info=$1 cc=$2; shift 2 + $cc --version for opt in "$@"; do msg "build/test: $cc $opt, $info" # ~ 30s make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" @@ -2612,25 +2948,85 @@ test_build_opt () { done } -component_test_clang_opt () { +# For FreeBSD we invoke the function by name so this condition is added +# to disable the existing test_clang_opt function for linux. +if [[ $(uname) != "Linux" ]]; then + component_test_clang_opt () { + scripts/config.py full + test_build_opt 'full config' clang -O0 -Os -O2 + } +fi + +component_test_clang_latest_opt () { + scripts/config.py full + test_build_opt 'full config' "$CLANG_LATEST" -O0 -Os -O2 +} +support_test_clang_latest_opt () { + type "$CLANG_LATEST" >/dev/null 2>/dev/null +} + +component_test_clang_earliest_opt () { + scripts/config.py full + test_build_opt 'full config' "$CLANG_EARLIEST" -O0 +} +support_test_clang_earliest_opt () { + type "$CLANG_EARLIEST" >/dev/null 2>/dev/null +} + +component_test_gcc_latest_opt () { scripts/config.py full - test_build_opt 'full config' clang -O0 -Os -O2 + test_build_opt 'full config' "$GCC_LATEST" -O0 -Os -O2 +} +support_test_gcc_latest_opt () { + type "$GCC_LATEST" >/dev/null 2>/dev/null } -component_test_gcc_opt () { +component_test_gcc_earliest_opt () { scripts/config.py full - test_build_opt 'full config' gcc -O0 -Os -O2 + test_build_opt 'full config' "$GCC_EARLIEST" -O0 +} +support_test_gcc_earliest_opt () { + type "$GCC_EARLIEST" >/dev/null 2>/dev/null } component_build_mbedtls_config_file () { msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s - # Use the full config so as to catch a maximum of places where - # the check of MBEDTLS_CONFIG_FILE might be missing. - scripts/config.py full - sed 's!"check_config.h"!"mbedtls/check_config.h"!' <"$CONFIG_H" >full_config.h + scripts/config.py -w full_config.h full echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" - rm -f full_config.h + # Make sure this feature is enabled. We'll disable it in the next phase. + programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + make clean + + msg "build: make with MBEDTLS_CONFIG_FILE + MBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h +} + +component_build_psa_config_file () { + msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + cp "$CRYPTO_CONFIG_H" psa_test_config.h + echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H" + make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'" + # Make sure this feature is enabled. We'll disable it in the next phase. + programs/test/query_compile_time_config MBEDTLS_CMAC_C + make clean + + msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s + # In the user config, disable one feature, which will reflect on the + # mbedtls configuration so we can query it with query_compile_time_config. + echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h + scripts/config.py unset MBEDTLS_CMAC_C + make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'" + not programs/test/query_compile_time_config MBEDTLS_CMAC_C + + rm -f psa_test_config.h psa_user_config.h } component_test_m32_o0 () { @@ -2645,7 +3041,7 @@ component_test_m32_o0 () { } support_test_m32_o0 () { case $(uname -m) in - *64*) true;; + amd64|x86_64) true;; *) false;; esac } @@ -2769,25 +3165,25 @@ component_test_no_strings () { } component_build_arm_none_eabi_gcc () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" # ~ 10s scripts/config.py baremetal make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -O1' lib - msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1" + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } component_build_arm_linux_gnueabi_gcc_arm5vte () { - msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s + msg "build: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s scripts/config.py baremetal # Build for a target platform that's close to what Debian uses # for its "armel" distribution (https://wiki.debian.org/ArmEabiPort). - # See https://github.com/ARMmbed/mbedtls/pull/2169 and comments. + # See https://github.com/Mbed-TLS/mbedtls/pull/2169 and comments. # Build everything including programs, see for example - # https://github.com/ARMmbed/mbedtls/pull/3449#issuecomment-675313720 + # https://github.com/Mbed-TLS/mbedtls/pull/3449#issuecomment-675313720 make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' - msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1" + msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o } support_build_arm_linux_gnueabi_gcc_arm5vte () { @@ -2795,23 +3191,23 @@ support_build_arm_linux_gnueabi_gcc_arm5vte () { } component_build_arm_none_eabi_gcc_arm5vte () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte" # ~ 10s + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=arm5vte, baremetal+debug" # ~ 10s scripts/config.py baremetal # This is an imperfect substitute for # component_build_arm_linux_gnueabi_gcc_arm5vte # in case the gcc-arm-linux-gnueabi toolchain is not available make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib - msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1" + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } component_build_arm_none_eabi_gcc_m0plus () { - msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus" # ~ 10s - scripts/config.py baremetal + msg "build: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus, baremetal_size" # ~ 10s + scripts/config.py baremetal_size make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib - msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os" + msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os, baremetal_size" ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o } @@ -2833,6 +3229,25 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { not grep __aeabi_lmul library/*.o } +component_build_arm_clang_thumb () { + # ~ 30s + + scripts/config.py baremetal + + msg "build: clang thumb 2, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -march=armv7-m -mthumb' lib + + # Some Thumb 1 asm is sensitive to optimisation level, so test both -O0 and -Os + msg "build: clang thumb 1 -O0, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -O0 --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib + + msg "build: clang thumb 1 -Os, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib +} + component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal @@ -2843,6 +3258,8 @@ component_build_armcc () { make clean + # Compile mostly with -O1 since some Arm inline assembly is disabled for -O0. + # ARM Compiler 6 - Target ARMv7-A armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" @@ -2857,6 +3274,18 @@ component_build_armcc () { # ARM Compiler 6 - Target ARMv8-A - AArch64 armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" + + # ARM Compiler 6 - Target Cortex-M0 - no optimisation + armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0" + + # ARM Compiler 6 - Target Cortex-M0 + armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0" +} + +support_build_armcc () { + armc5_cc="$ARMC5_BIN_DIR/armcc" + armc6_cc="$ARMC6_BIN_DIR/armclang" + (check_tools "$armc5_cc" "$armc6_cc" > /dev/null 2>&1) } component_build_ssl_hw_record_accel() { @@ -2888,8 +3317,8 @@ component_build_mingw () { make WINDOWS_BUILD=1 clean } support_build_mingw() { - case $(i686-w64-mingw32-gcc -dumpversion) in - [0-5]*) false;; + case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in + [0-5]*|"") false;; *) true;; esac } @@ -2916,30 +3345,43 @@ component_test_memsan () { component_test_valgrind () { msg "build: Release (clang)" + # default config, in particular without MBEDTLS_USE_PSA_CRYPTO CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . make - msg "test: main suites valgrind (Release)" + msg "test: main suites, Valgrind (default config)" make memcheck # Optional parts (slow; currently broken on OS X because programs don't # seem to receive signals under valgrind on OS X). + # These optional parts don't run on the CI. if [ "$MEMORY" -gt 0 ]; then - msg "test: ssl-opt.sh --memcheck (Release)" + msg "test: ssl-opt.sh --memcheck (default config)" tests/ssl-opt.sh --memcheck fi if [ "$MEMORY" -gt 1 ]; then - msg "test: compat.sh --memcheck (Release)" + msg "test: compat.sh --memcheck (default config)" tests/compat.sh --memcheck fi if [ "$MEMORY" -gt 0 ]; then - msg "test: context-info.sh --memcheck (Release)" + msg "test: context-info.sh --memcheck (default config)" tests/context-info.sh --memcheck fi } +component_test_valgrind_psa () { + msg "build: Release, full (clang)" + # full config, in particular with MBEDTLS_USE_PSA_CRYPTO + scripts/config.py full + CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . + make + + msg "test: main suites, Valgrind (full config)" + make memcheck +} + support_test_cmake_out_of_source () { distrib_id="" distrib_ver="" @@ -2985,28 +3427,100 @@ component_test_cmake_out_of_source () { # "No such file or directory", which would indicate that some required # file is missing (ssl-opt.sh tolerates the absence of some files so # may exit with status 0 but emit errors). - ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err + ./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' >ssl-opt.out 2>ssl-opt.err + grep PASS ssl-opt.out cat ssl-opt.err >&2 # If ssl-opt.err is non-empty, record an error and keep going. [ ! -s ssl-opt.err ] - rm ssl-opt.err + rm ssl-opt.out ssl-opt.err cd "$MBEDTLS_ROOT_DIR" rm -rf "$OUT_OF_SOURCE_DIR" } component_test_cmake_as_subdirectory () { msg "build: cmake 'as-subdirectory' build" - MBEDTLS_ROOT_DIR="$PWD" - cd programs/test/cmake_subproject cmake . make ./cmake_subproject +} +support_test_cmake_as_subdirectory () { + support_test_cmake_out_of_source +} + +component_build_cmake_custom_config_file () { + # Make a copy of config file to use for the in-tree test + cp "$CONFIG_H" include/mbedtls_config_in_tree_copy.h + + MBEDTLS_ROOT_DIR="$PWD" + mkdir "$OUT_OF_SOURCE_DIR" + cd "$OUT_OF_SOURCE_DIR" + + # Build once to get the generated files (which need an intact config file) + cmake "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h "$MBEDTLS_ROOT_DIR" + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h cd "$MBEDTLS_ROOT_DIR" - unset MBEDTLS_ROOT_DIR + rm -rf "$OUT_OF_SOURCE_DIR" + + # Now repeat the test for an in-tree build: + + # Restore config for the in-tree test + mv include/mbedtls_config_in_tree_copy.h "$CONFIG_H" + + # Build once to get the generated files (which need an intact config) + cmake . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h . + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h +} +support_build_cmake_custom_config_file () { + support_test_cmake_out_of_source +} + + +component_build_zeroize_checks () { + msg "build: check for obviously wrong calls to mbedtls_platform_zeroize()" + + scripts/config.py full + + # Only compile - we're looking for sizeof-pointer-memaccess warnings + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" } + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an @@ -3033,8 +3547,6 @@ component_test_zeroize () { make clean done done - - unset gdb_disable_aslr } component_test_psa_compliance () { @@ -3058,6 +3570,18 @@ support_test_psa_compliance () { [ "$ver_major" -eq 3 ] && [ "$ver_minor" -ge 10 ] } +component_check_code_style () { + msg "Check C code style" + ./scripts/code_style.py +} + +support_check_code_style() { + case $(uncrustify --version) in + *0.75.1*) true;; + *) false;; + esac +} + component_check_python_files () { msg "Lint: Python scripts" tests/scripts/check-python-files.sh diff --git a/third_party/mbedtls/repo/tests/scripts/analyze_outcomes.py b/third_party/mbedtls/repo/tests/scripts/analyze_outcomes.py index 73f16bdb25b..d50a04e612a 100755 --- a/third_party/mbedtls/repo/tests/scripts/analyze_outcomes.py +++ b/third_party/mbedtls/repo/tests/scripts/analyze_outcomes.py @@ -7,9 +7,9 @@ """ import argparse -import re import sys import traceback +import re import check_test_cases @@ -51,40 +51,28 @@ def hits(self): """ return len(self.successes) + len(self.failures) -class TestDescriptions(check_test_cases.TestDescriptionExplorer): - """Collect the available test cases.""" - - def __init__(self): - super().__init__() - self.descriptions = set() - - def process_test_case(self, _per_file_state, - file_name, _line_number, description): - """Record an available test case.""" - base_name = re.sub(r'\.[^.]*$', '', re.sub(r'.*/', '', file_name)) - key = ';'.join([base_name, description.decode('utf-8')]) - self.descriptions.add(key) - -def collect_available_test_cases(): - """Collect the available test cases.""" - explorer = TestDescriptions() - explorer.walk_all() - return sorted(explorer.descriptions) - -def analyze_coverage(results, outcomes): +def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" - available = collect_available_test_cases() + available = check_test_cases.collect_available_test_cases() for key in available: hits = outcomes[key].hits() if key in outcomes else 0 - if hits == 0: - # Make this a warning, not an error, as long as we haven't - # fixed this branch to have full coverage of test cases. - results.warning('Test case not executed: {}', key) - -def analyze_outcomes(outcomes): + if hits == 0 and key not in allow_list: + if full_coverage: + results.error('Test case not executed: {}', key) + else: + results.warning('Test case not executed: {}', key) + elif hits != 0 and key in allow_list: + # Test Case should be removed from the allow list. + if full_coverage: + results.error('Allow listed test case was executed: {}', key) + else: + results.warning('Allow listed test case was executed: {}', key) + +def analyze_outcomes(outcomes, args): """Run all analyses on the given outcome collection.""" results = Results() - analyze_coverage(results, outcomes) + analyze_coverage(results, outcomes, args['allow_list'], + args['full_coverage']) return results def read_outcome_file(outcome_file): @@ -108,20 +96,76 @@ def read_outcome_file(outcome_file): outcomes[key].failures.append(setup) return outcomes -def analyze_outcome_file(outcome_file): - """Analyze the given outcome file.""" +def do_analyze_coverage(outcome_file, args): + """Perform coverage analysis.""" outcomes = read_outcome_file(outcome_file) - return analyze_outcomes(outcomes) + Results.log("\n*** Analyze coverage ***\n") + results = analyze_outcomes(outcomes, args) + return results.error_count == 0 + +# List of tasks with a function that can handle this task and additional arguments if required +TASKS = { + 'analyze_coverage': { + 'test_function': do_analyze_coverage, + 'args': { + 'allow_list': [ + # Algorithm not supported yet + 'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA', + # Algorithm not supported yet + 'test_suite_psa_crypto_metadata;Cipher: XTS', + ], + 'full_coverage': False, + } + }, +} def main(): try: parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('outcomes', metavar='OUTCOMES.CSV', help='Outcome file to analyze') + parser.add_argument('task', default='all', nargs='?', + help='Analysis to be done. By default, run all tasks. ' + 'With one or more TASK, run only those. ' + 'TASK can be the name of a single task or ' + 'comma/space-separated list of tasks. ') + parser.add_argument('--list', action='store_true', + help='List all available tasks and exit.') + parser.add_argument('--require-full-coverage', action='store_true', + dest='full_coverage', help="Require all available " + "test cases to be executed and issue an error " + "otherwise. This flag is ignored if 'task' is " + "neither 'all' nor 'analyze_coverage'") options = parser.parse_args() - results = analyze_outcome_file(options.outcomes) - if results.error_count > 0: + + if options.list: + for task in TASKS: + Results.log(task) + sys.exit(0) + + result = True + + if options.task == 'all': + tasks = TASKS.keys() + else: + tasks = re.split(r'[, ]+', options.task) + + for task in tasks: + if task not in TASKS: + Results.log('Error: invalid task: {}'.format(task)) + sys.exit(1) + + TASKS['analyze_coverage']['args']['full_coverage'] = \ + options.full_coverage + + for task in TASKS: + if task in tasks: + if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']): + result = False + + if result is False: sys.exit(1) + Results.log("SUCCESS :-)") except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. traceback.print_exc() diff --git a/third_party/mbedtls/repo/tests/scripts/basic-build-test.sh b/third_party/mbedtls/repo/tests/scripts/basic-build-test.sh index 8756634abac..e4fe1643251 100755 --- a/third_party/mbedtls/repo/tests/scripts/basic-build-test.sh +++ b/third_party/mbedtls/repo/tests/scripts/basic-build-test.sh @@ -1,21 +1,9 @@ #!/bin/sh -# basic-build-tests.sh +# basic-build-test.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -36,14 +24,14 @@ # # This script has been written to be generic and should work on any shell. # -# Usage: basic-build-tests.sh +# Usage: basic-build-test.sh # # Abort on errors (and uninitiliased variables) set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi @@ -69,7 +57,7 @@ fi # To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh # we just export the variables they require -export OPENSSL_CMD="$OPENSSL" +export OPENSSL="$OPENSSL" export GNUTLS_CLI="$GNUTLS_CLI" export GNUTLS_SERV="$GNUTLS_SERV" @@ -121,21 +109,21 @@ echo echo '################ compat.sh ################' { echo '#### compat.sh: Default versions' - sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' + sh compat.sh -m 'tls1 tls1_1 tls12 dtls1 dtls12' echo echo '#### compat.sh: legacy (SSLv3)' - OPENSSL_CMD="$OPENSSL_LEGACY" sh compat.sh -m 'ssl3' + OPENSSL="$OPENSSL_LEGACY" sh compat.sh -m 'ssl3' echo echo '#### compat.sh: legacy (null, DES, RC4)' - OPENSSL_CMD="$OPENSSL_LEGACY" \ + OPENSSL="$OPENSSL_LEGACY" \ GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR' echo echo '#### compat.sh: next (ARIA, ChaCha)' - OPENSSL_CMD="$OPENSSL_NEXT" sh compat.sh -e '^$' -f 'ARIA\|CHACHA' + OPENSSL="$OPENSSL_NEXT" sh compat.sh -e '^$' -f 'ARIA\|CHACHA' echo } | tee compat-test-$TEST_OUTPUT echo '^^^^^^^^^^^^^^^^ compat.sh ^^^^^^^^^^^^^^^^' @@ -247,35 +235,16 @@ rm -f "tests/basic-build-test-$$.ok" echo - # Step 4e - Coverage - echo "Coverage" - - LINES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* lines)/\1/p') - LINES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ lines......: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) lines)/\1/p') - FUNCS_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* functions)$/\1/p') - FUNCS_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ functions..: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) functions)$/\1/p') - BRANCHES_TESTED=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% (\([0-9]*\) of [0-9]* branches)$/\1/p') - BRANCHES_TOTAL=$(tail -n4 cov-$TEST_OUTPUT|sed -n -e 's/ branches...: [0-9]*.[0-9]% ([0-9]* of \([0-9]*\) branches)$/\1/p') - - LINES_PERCENT=$((1000*$LINES_TESTED/$LINES_TOTAL)) - LINES_PERCENT="$(($LINES_PERCENT/10)).$(($LINES_PERCENT-($LINES_PERCENT/10)*10))" - - FUNCS_PERCENT=$((1000*$FUNCS_TESTED/$FUNCS_TOTAL)) - FUNCS_PERCENT="$(($FUNCS_PERCENT/10)).$(($FUNCS_PERCENT-($FUNCS_PERCENT/10)*10))" - - BRANCHES_PERCENT=$((1000*$BRANCHES_TESTED/$BRANCHES_TOTAL)) - BRANCHES_PERCENT="$(($BRANCHES_PERCENT/10)).$(($BRANCHES_PERCENT-($BRANCHES_PERCENT/10)*10))" + # Step 4e - Coverage report + echo "Coverage statistics:" + sed -n '1,/^Overall coverage/d; /%/p' cov-$TEST_OUTPUT + echo rm unit-test-$TEST_OUTPUT rm sys-test-$TEST_OUTPUT rm compat-test-$TEST_OUTPUT rm cov-$TEST_OUTPUT - echo "Lines Tested : $LINES_TESTED of $LINES_TOTAL $LINES_PERCENT%" - echo "Functions Tested : $FUNCS_TESTED of $FUNCS_TOTAL $FUNCS_PERCENT%" - echo "Branches Tested : $BRANCHES_TESTED of $BRANCHES_TOTAL $BRANCHES_PERCENT%" - echo - # Mark the report generation as having succeeded. This must be the # last thing in the report generation. touch "basic-build-test-$$.ok" diff --git a/third_party/mbedtls/repo/tests/scripts/basic-in-docker.sh b/third_party/mbedtls/repo/tests/scripts/basic-in-docker.sh index 50bcb05b3ac..3aca3a134d1 100755 --- a/third_party/mbedtls/repo/tests/scripts/basic-in-docker.sh +++ b/third_party/mbedtls/repo/tests/scripts/basic-in-docker.sh @@ -9,24 +9,16 @@ # in the default configuration, partial test runs in the reference # configurations, and some dependency tests. # +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. +# # Notes for users # --------------- # See docker_env.sh for prerequisites and other information. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh @@ -40,6 +32,6 @@ for compiler in clang gcc; do run_in_docker -e OSSL_NO_DTLS=1 tests/compat.sh run_in_docker tests/ssl-opt.sh -e '\(DTLS\|SCSV\).*openssl' run_in_docker tests/scripts/test-ref-configs.pl - run_in_docker tests/scripts/curves.pl - run_in_docker tests/scripts/key-exchanges.pl + run_in_docker tests/scripts/depends.py curves + run_in_docker tests/scripts/depends.py kex done diff --git a/third_party/mbedtls/repo/tests/scripts/check-doxy-blocks.pl b/third_party/mbedtls/repo/tests/scripts/check-doxy-blocks.pl index 3ed7069c57e..3199c2ab4e0 100755 --- a/third_party/mbedtls/repo/tests/scripts/check-doxy-blocks.pl +++ b/third_party/mbedtls/repo/tests/scripts/check-doxy-blocks.pl @@ -9,19 +9,7 @@ # items that are documented, but not marked as such by mistake. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; @@ -68,7 +56,7 @@ sub check_dir { # Check that the script is being run from the project's root directory. for my $dir (@directories) { if (! -d $dir) { - die "This script must be run from the mbed TLS root directory"; + die "This script must be run from the Mbed TLS root directory"; } else { check_dir($dir) } diff --git a/third_party/mbedtls/repo/tests/scripts/check-generated-files.sh b/third_party/mbedtls/repo/tests/scripts/check-generated-files.sh index 5e35be8f9ec..28719bd7a83 100755 --- a/third_party/mbedtls/repo/tests/scripts/check-generated-files.sh +++ b/third_party/mbedtls/repo/tests/scripts/check-generated-files.sh @@ -1,19 +1,7 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -34,7 +22,7 @@ EOF fi if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi @@ -65,24 +53,25 @@ check() fi for FILE in "$@"; do - cp "$FILE" "$FILE.bak" + cp -p "$FILE" "$FILE.bak" done "$SCRIPT" # Compare the script output to the old files and remove backups for FILE in "$@"; do - if ! diff "$FILE" "$FILE.bak" >/dev/null 2>&1; then + if diff "$FILE" "$FILE.bak" >/dev/null 2>&1; then + # Move the original file back so that $FILE's timestamp doesn't + # change (avoids spurious rebuilds with make). + mv "$FILE.bak" "$FILE" + else echo "'$FILE' was either modified or deleted by '$SCRIPT'" if [ -z "$UPDATE" ]; then exit 1 + else + rm "$FILE.bak" fi fi - if [ -z "$UPDATE" ]; then - mv "$FILE.bak" "$FILE" - else - rm "$FILE.bak" - fi done if [ -n "$directory" ]; then @@ -101,9 +90,15 @@ check() fi } +# Note: if the format of calls to the "check" function changes, update +# scripts/code_style.py accordingly. For generated C source files (*.h or *.c), +# the format must be "check SCRIPT FILENAME...". For other source files, +# any shell syntax is permitted (including e.g. command substitution). + check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c check scripts/generate_visualc_files.pl visualc/VS2010 check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c +check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list) check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list) diff --git a/third_party/mbedtls/repo/tests/scripts/check-python-files.sh b/third_party/mbedtls/repo/tests/scripts/check-python-files.sh index 449803a5430..51e80792b0c 100755 --- a/third_party/mbedtls/repo/tests/scripts/check-python-files.sh +++ b/third_party/mbedtls/repo/tests/scripts/check-python-files.sh @@ -1,23 +1,11 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Purpose: check Python files for potential programming errors or maintenance # hurdles. Run pylint to detect some potential mistakes and enforce PEP8 -# coding standards. If available, run mypy to perform static type checking. +# coding standards. Run mypy to perform static type checking. # We'll keep going on errors and report the status at the end. ret=0 @@ -67,17 +55,14 @@ elif [ "$1" = "--can-mypy" ]; then fi echo 'Running pylint ...' -$PYTHON -m pylint -j 2 scripts/mbedtls_dev/*.py scripts/*.py tests/scripts/*.py || { +$PYTHON -m pylint scripts/mbedtls_dev/*.py scripts/*.py tests/scripts/*.py || { echo >&2 "pylint reported errors" ret=1 } -# Check types if mypy is available -if can_mypy; then - echo - echo 'Running mypy ...' - $PYTHON -m mypy scripts/*.py tests/scripts/*.py || - ret=1 -fi +echo +echo 'Running mypy ...' +$PYTHON -m mypy scripts/*.py tests/scripts/*.py || + ret=1 exit $ret diff --git a/third_party/mbedtls/repo/tests/scripts/check_files.py b/third_party/mbedtls/repo/tests/scripts/check_files.py index 8857e002137..e3593662b38 100755 --- a/third_party/mbedtls/repo/tests/scripts/check_files.py +++ b/third_party/mbedtls/repo/tests/scripts/check_files.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script checks the current state of the source code for minor issues, @@ -34,6 +22,9 @@ except ImportError: pass +import scripts_path # pylint: disable=unused-import +from mbedtls_dev import build_tree + class FileIssueTracker: """Base class for file-wide issue tracking. @@ -119,6 +110,7 @@ def output_file_issues(self, logger): r'tests/data_files/.*\.req\.[^/]+\Z', r'tests/data_files/.*malformed[^/]+\Z', r'tests/data_files/format_pkcs12\.fmt\Z', + r'tests/data_files/.*\.bin\Z', ] BINARY_FILE_PATH_RE = re.compile('|'.join(BINARY_FILE_PATH_RE_LIST)) @@ -132,7 +124,7 @@ class LineIssueTracker(FileIssueTracker): # Exclude binary files. path_exemptions = BINARY_FILE_PATH_RE - def issue_with_line(self, line, filepath): + def issue_with_line(self, line, filepath, line_number): """Check the specified line for the issue that this class is for. Subclasses must implement this method. @@ -140,7 +132,7 @@ def issue_with_line(self, line, filepath): raise NotImplementedError def check_file_line(self, filepath, line, line_number): - if self.issue_with_line(line, filepath): + if self.issue_with_line(line, filepath, line_number): self.record_issue(filepath, line_number) def check_file_for_issue(self, filepath): @@ -187,7 +179,7 @@ class ShebangIssueTracker(FileIssueTracker): # Allow either /bin/sh, /bin/bash, or /usr/bin/env. # Allow at most one argument (this is a Linux limitation). # For sh and bash, the argument if present must be options. - # For env, the argument must be the base name of the interpeter. + # For env, the argument must be the base name of the interpreter. _shebang_re = re.compile(rb'^#! ?(?:/bin/(bash|sh)(?: -[^\n ]*)?' rb'|/usr/bin/env ([^\n /]+))$') _extensions = { @@ -259,6 +251,46 @@ def check_file_for_issue(self, filepath): self.files_with_issues[filepath] = None +class UnicodeIssueTracker(LineIssueTracker): + """Track lines with invalid characters or invalid text encoding.""" + + heading = "Invalid UTF-8 or forbidden character:" + + # Only allow valid UTF-8, and only other explicitly allowed characters. + # We deliberately exclude all characters that aren't a simple non-blank, + # non-zero-width glyph, apart from a very small set (tab, ordinary space, + # line breaks, "basic" no-break space and soft hyphen). In particular, + # non-ASCII control characters, combinig characters, and Unicode state + # changes (e.g. right-to-left text) are forbidden. + # Note that we do allow some characters with a risk of visual confusion, + # for example '-' (U+002D HYPHEN-MINUS) vs '­' (U+00AD SOFT HYPHEN) vs + # '‐' (U+2010 HYPHEN), or 'A' (U+0041 LATIN CAPITAL LETTER A) vs + # 'Α' (U+0391 GREEK CAPITAL LETTER ALPHA). + GOOD_CHARACTERS = ''.join([ + '\t\n\r -~', # ASCII (tabs and line endings are checked separately) + '\u00A0-\u00FF', # Latin-1 Supplement (for NO-BREAK SPACE and punctuation) + '\u2010-\u2027\u2030-\u205E', # General Punctuation (printable) + '\u2070\u2071\u2074-\u208E\u2090-\u209C', # Superscripts and Subscripts + '\u2190-\u21FF', # Arrows + '\u2200-\u22FF', # Mathematical Symbols + '\u2500-\u257F' # Box Drawings characters used in markdown trees + ]) + # Allow any of the characters and ranges above, and anything classified + # as a word constituent. + GOOD_CHARACTERS_RE = re.compile(r'[\w{}]+\Z'.format(GOOD_CHARACTERS)) + + def issue_with_line(self, line, _filepath, line_number): + try: + text = line.decode('utf-8') + except UnicodeDecodeError: + return True + if line_number == 1 and text.startswith('\uFEFF'): + # Strip BOM (U+FEFF ZERO WIDTH NO-BREAK SPACE) at the beginning. + # Which files are allowed to have a BOM is handled in + # Utf8BomIssueTracker. + text = text[1:] + return not self.GOOD_CHARACTERS_RE.match(text) + class UnixLineEndingIssueTracker(LineIssueTracker): """Track files with non-Unix line endings (i.e. files with CR).""" @@ -269,7 +301,7 @@ def should_check_file(self, filepath): return False return not is_windows_file(filepath) - def issue_with_line(self, line, _filepath): + def issue_with_line(self, line, _filepath, _line_number): return b"\r" in line @@ -283,7 +315,7 @@ def should_check_file(self, filepath): return False return is_windows_file(filepath) - def issue_with_line(self, line, _filepath): + def issue_with_line(self, line, _filepath, _line_number): return not line.endswith(b"\r\n") or b"\r" in line[:-2] @@ -293,7 +325,7 @@ class TrailingWhitespaceIssueTracker(LineIssueTracker): heading = "Trailing whitespace:" suffix_exemptions = frozenset([".dsp", ".md"]) - def issue_with_line(self, line, _filepath): + def issue_with_line(self, line, _filepath, _line_number): return line.rstrip(b"\r\n") != line.rstrip() @@ -309,7 +341,7 @@ class TabIssueTracker(LineIssueTracker): "/generate_visualc_files.pl", ]) - def issue_with_line(self, line, _filepath): + def issue_with_line(self, line, _filepath, _line_number): return b"\t" in line @@ -319,7 +351,7 @@ class MergeArtifactIssueTracker(LineIssueTracker): heading = "Merge artifact:" - def issue_with_line(self, line, _filepath): + def issue_with_line(self, line, _filepath, _line_number): # Detect leftover git conflict markers. if line.startswith(b'<<<<<<< ') or line.startswith(b'>>>>>>> '): return True @@ -338,7 +370,7 @@ def __init__(self, log_file): """Instantiate the sanity checker. Check files under the current directory. Write a report of issues to log_file.""" - self.check_repo_path() + build_tree.check_repo_path() self.logger = None self.setup_logger(log_file) self.issues_to_check = [ @@ -346,6 +378,7 @@ def __init__(self, log_file): ShebangIssueTracker(), EndOfFileNewlineIssueTracker(), Utf8BomIssueTracker(), + UnicodeIssueTracker(), UnixLineEndingIssueTracker(), WindowsLineEndingIssueTracker(), TrailingWhitespaceIssueTracker(), @@ -353,11 +386,6 @@ def __init__(self, log_file): MergeArtifactIssueTracker(), ] - @staticmethod - def check_repo_path(): - if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): - raise Exception("Must be run from Mbed TLS root") - def setup_logger(self, log_file, level=logging.INFO): self.logger = logging.getLogger() self.logger.setLevel(level) diff --git a/third_party/mbedtls/repo/tests/scripts/check_names.py b/third_party/mbedtls/repo/tests/scripts/check_names.py index b0638d703eb..c2f2d0ea463 100755 --- a/third_party/mbedtls/repo/tests/scripts/check_names.py +++ b/third_party/mbedtls/repo/tests/scripts/check_names.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script confirms that the naming of all symbols and identifiers in Mbed TLS @@ -36,7 +24,7 @@ declared in the header files. This uses the nm command. - All macros, constants, and identifiers (function names, struct names, etc) follow the required regex pattern. -- Typo checking: All words that begin with MBED exist as macros or constants. +- Typo checking: All words that begin with MBED|PSA exist as macros or constants. The script returns 0 on success, 1 on test failure, and 2 if there is a script error. It must be run from Mbed TLS root. @@ -56,6 +44,10 @@ import subprocess import logging +import scripts_path # pylint: disable=unused-import +from mbedtls_dev import build_tree + + # Naming patterns to check against. These are defined outside the NameCheck # class for ease of modification. MACRO_PATTERN = r"^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$" @@ -186,11 +178,12 @@ def verbose_output(self): class Typo(Problem): # pylint: disable=too-few-public-methods """ - A problem that occurs when a word using MBED doesn't appear to be defined as - constants nor enum values. Created with NameCheck.check_for_typos() + A problem that occurs when a word using MBED or PSA doesn't + appear to be defined as constants nor enum values. Created with + NameCheck.check_for_typos() Fields: - * match: the Match object of the MBED name in question. + * match: the Match object of the MBED|PSA name in question. """ def __init__(self, match): self.match = match @@ -218,7 +211,7 @@ class CodeParser(): """ def __init__(self, log): self.log = log - self.check_repo_path() + build_tree.check_repo_path() # Memo for storing "glob expression": set(filepaths) self.files = {} @@ -227,15 +220,6 @@ def __init__(self, log): # Note that "*" can match directory separators in exclude lists. self.excluded_files = ["*/bn_mul", "*/compat-1.3.h"] - @staticmethod - def check_repo_path(): - """ - Check that the current working directory is the project root, and throw - an exception if not. - """ - if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): - raise Exception("This script must be run from Mbed TLS root") - def comprehensive_parse(self): """ Comprehensive ("default") function to call each parsing function and @@ -257,20 +241,25 @@ def comprehensive_parse(self): "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" ]) + private_macros = self.parse_macros([ + "library/*.c", + ]) enum_consts = self.parse_enum_consts([ "include/mbedtls/*.h", + "include/psa/*.h", "library/*.h", + "library/*.c", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" ]) - identifiers = self.parse_identifiers([ + identifiers, excluded_identifiers = self.parse_identifiers([ "include/mbedtls/*.h", "include/psa/*.h", "library/*.h", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" ]) - mbed_words = self.parse_mbed_words([ + mbed_psa_words = self.parse_mbed_psa_words([ "include/mbedtls/*.h", "include/psa/*.h", "library/*.h", @@ -298,10 +287,12 @@ def comprehensive_parse(self): self.log.debug(" {:4} Exported Symbols".format(len(symbols))) return { "macros": actual_macros, + "private_macros": private_macros, "enum_consts": enum_consts, "identifiers": identifiers, + "excluded_identifiers": excluded_identifiers, "symbols": symbols, - "mbed_words": mbed_words + "mbed_psa_words": mbed_psa_words } def is_file_excluded(self, path, exclude_wildcards): @@ -313,12 +304,42 @@ def is_file_excluded(self, path, exclude_wildcards): return True return False - def get_files(self, include_wildcards, exclude_wildcards): + def get_all_files(self, include_wildcards, exclude_wildcards): + """ + Get all files that match any of the included UNIX-style wildcards + and filter them into included and excluded lists. + While the check_names script is designed only for use on UNIX/macOS + (due to nm), this function alone will work fine on Windows even with + forward slashes in the wildcard. + + Args: + * include_wildcards: a List of shell-style wildcards to match filepaths. + * exclude_wildcards: a List of shell-style wildcards to exclude. + + Returns: + * inc_files: A List of relative filepaths for included files. + * exc_files: A List of relative filepaths for excluded files. + """ + accumulator = set() + all_wildcards = include_wildcards + (exclude_wildcards or []) + for wildcard in all_wildcards: + accumulator = accumulator.union(glob.iglob(wildcard)) + + inc_files = [] + exc_files = [] + for path in accumulator: + if self.is_file_excluded(path, exclude_wildcards): + exc_files.append(path) + else: + inc_files.append(path) + return (inc_files, exc_files) + + def get_included_files(self, include_wildcards, exclude_wildcards): """ - Get all files that match any of the UNIX-style wildcards. While the - check_names script is designed only for use on UNIX/macOS (due to nm), - this function alone would work fine on Windows even with forward slashes - in the wildcard. + Get all files that match any of the included UNIX-style wildcards. + While the check_names script is designed only for use on UNIX/macOS + (due to nm), this function alone will work fine on Windows even with + forward slashes in the wildcard. Args: * include_wildcards: a List of shell-style wildcards to match filepaths. @@ -349,7 +370,7 @@ def parse_macros(self, include, exclude=None): "asm", "inline", "EMIT", "_CRT_SECURE_NO_DEPRECATE", "MULADDC_" ) - files = self.get_files(include, exclude) + files = self.get_included_files(include, exclude) self.log.debug("Looking for macros in {} files".format(len(files))) macros = [] @@ -369,25 +390,28 @@ def parse_macros(self, include, exclude=None): return macros - def parse_mbed_words(self, include, exclude=None): + def parse_mbed_psa_words(self, include, exclude=None): """ - Parse all words in the file that begin with MBED, in and out of macros, - comments, anything. + Parse all words in the file that begin with MBED|PSA, in and out of + macros, comments, anything. Args: * include: A List of glob expressions to look for files through. * exclude: A List of glob expressions for excluding files. - Returns a List of Match objects for words beginning with MBED. + Returns a List of Match objects for words beginning with MBED|PSA. """ # Typos of TLS are common, hence the broader check below than MBEDTLS. - mbed_regex = re.compile(r"\bMBED.+?_[A-Z0-9_]*") + mbed_regex = re.compile(r"\b(MBED.+?|PSA)_[A-Z0-9_]*") exclusions = re.compile(r"// *no-check-names|#error") - files = self.get_files(include, exclude) - self.log.debug("Looking for MBED words in {} files".format(len(files))) + files = self.get_included_files(include, exclude) + self.log.debug( + "Looking for MBED|PSA words in {} files" + .format(len(files)) + ) - mbed_words = [] + mbed_psa_words = [] for filename in files: with open(filename, "r", encoding="utf-8") as fp: for line_no, line in enumerate(fp): @@ -395,14 +419,14 @@ def parse_mbed_words(self, include, exclude=None): continue for name in mbed_regex.finditer(line): - mbed_words.append(Match( + mbed_psa_words.append(Match( filename, line, line_no, name.span(0), name.group(0))) - return mbed_words + return mbed_psa_words def parse_enum_consts(self, include, exclude=None): """ @@ -414,7 +438,7 @@ def parse_enum_consts(self, include, exclude=None): Returns a List of Match objects for the findings. """ - files = self.get_files(include, exclude) + files = self.get_included_files(include, exclude) self.log.debug("Looking for enum consts in {} files".format(len(files))) # Emulate a finite state machine to parse enum declarations. @@ -430,8 +454,11 @@ def parse_enum_consts(self, include, exclude=None): # Match typedefs and brackets only when they are at the # beginning of the line -- if they are indented, they might # be sub-structures within structs, etc. + optional_c_identifier = r"([_a-zA-Z][_a-zA-Z0-9]*)?" if (state == states.OUTSIDE_KEYWORD and - re.search(r"^(typedef +)?enum +{", line)): + re.search(r"^(typedef +)?enum " + \ + optional_c_identifier + \ + r" *{", line)): state = states.IN_BRACES elif (state == states.OUTSIDE_KEYWORD and re.search(r"^(typedef +)?enum", line)): @@ -594,23 +621,34 @@ def parse_identifiers(self, include, exclude=None): """ Parse all lines of a header where a function/enum/struct/union/typedef identifier is declared, based on some regex and heuristics. Highly - dependent on formatting style. + dependent on formatting style. Identifiers in excluded files are still + parsed Args: * include: A List of glob expressions to look for files through. * exclude: A List of glob expressions for excluding files. - Returns a List of Match objects with identifiers. + Returns: a Tuple of two Lists of Match objects with identifiers. + * included_identifiers: A List of Match objects with identifiers from + included files. + * excluded_identifiers: A List of Match objects with identifiers from + excluded files. """ - files = self.get_files(include, exclude) - self.log.debug("Looking for identifiers in {} files".format(len(files))) + included_files, excluded_files = \ + self.get_all_files(include, exclude) - identifiers = [] - for header_file in files: - self.parse_identifiers_in_file(header_file, identifiers) + self.log.debug("Looking for included identifiers in {} files".format \ + (len(included_files))) + + included_identifiers = [] + excluded_identifiers = [] + for header_file in included_files: + self.parse_identifiers_in_file(header_file, included_identifiers) + for header_file in excluded_files: + self.parse_identifiers_in_file(header_file, excluded_identifiers) - return identifiers + return (included_identifiers, excluded_identifiers) def parse_symbols(self): """ @@ -625,7 +663,7 @@ def parse_symbols(self): self.log.info("Compiling...") symbols = [] - # Back up the config and atomically compile with the full configratuion. + # Back up the config and atomically compile with the full configuration. shutil.copy( "include/mbedtls/config.h", "include/mbedtls/config.h.bak" @@ -771,10 +809,12 @@ def check_symbols_declared_in_header(self): Returns the number of problems that need fixing. """ problems = [] + all_identifiers = self.parse_result["identifiers"] + \ + self.parse_result["excluded_identifiers"] for symbol in self.parse_result["symbols"]: found_symbol_declared = False - for identifier_match in self.parse_result["identifiers"]: + for identifier_match in all_identifiers: if symbol == identifier_match.name: found_symbol_declared = True break @@ -813,7 +853,7 @@ def check_match_pattern(self, group_to_check, check_pattern): def check_for_typos(self): """ - Perform a check that all words in the soure code beginning with MBED are + Perform a check that all words in the source code beginning with MBED are either defined as macros, or as enum constants. Assumes parse_names_in_source() was called before this. @@ -825,11 +865,15 @@ def check_for_typos(self): all_caps_names = { match.name for match - in self.parse_result["macros"] + self.parse_result["enum_consts"]} + in self.parse_result["macros"] + + self.parse_result["private_macros"] + + self.parse_result["enum_consts"] + } typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|" - r"MBEDTLS_TEST_LIBTESTDRIVER*") + r"MBEDTLS_TEST_LIBTESTDRIVER*|" + r"PSA_CRYPTO_DRIVER_TEST") - for name_match in self.parse_result["mbed_words"]: + for name_match in self.parse_result["mbed_psa_words"]: found = name_match.name in all_caps_names # Since MBEDTLS_PSA_ACCEL_XXX defines are defined by the @@ -884,7 +928,7 @@ def main(): parser.add_argument( "-q", "--quiet", action="store_true", - help="hide unnecessary text, explanations, and highlighs" + help="hide unnecessary text, explanations, and highlights" ) args = parser.parse_args() diff --git a/third_party/mbedtls/repo/tests/scripts/check_test_cases.py b/third_party/mbedtls/repo/tests/scripts/check_test_cases.py index fe11f20c0fa..995976fe102 100755 --- a/third_party/mbedtls/repo/tests/scripts/check_test_cases.py +++ b/third_party/mbedtls/repo/tests/scripts/check_test_cases.py @@ -7,24 +7,13 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import glob import os import re +import subprocess import sys class Results: @@ -111,6 +100,19 @@ def walk_ssl_opt_sh(self, file_name): self.process_test_case(descriptions, file_name, line_number, description) + def walk_compat_sh(self, file_name): + """Iterate over the test cases compat.sh with a similar format.""" + descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none + compat_cmd = ['sh', file_name, '--list-test-case'] + compat_output = subprocess.check_output(compat_cmd) + # Assume compat.sh is responsible for printing identical format of + # test case description between --list-test-case and its OUTCOME.CSV + description = compat_output.strip().split(b'\n') + # idx indicates the number of test case since there is no line number + # in `compat.sh` for each test case. + for idx, descrip in enumerate(description): + self.process_test_case(descriptions, file_name, idx, descrip) + @staticmethod def collect_test_directories(): """Get the relative path for the TLS and Crypto test directories.""" @@ -133,6 +135,29 @@ def walk_all(self): ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh') if os.path.exists(ssl_opt_sh): self.walk_ssl_opt_sh(ssl_opt_sh) + compat_sh = os.path.join(directory, 'compat.sh') + if os.path.exists(compat_sh): + self.walk_compat_sh(compat_sh) + +class TestDescriptions(TestDescriptionExplorer): + """Collect the available test cases.""" + + def __init__(self): + super().__init__() + self.descriptions = set() + + def process_test_case(self, _per_file_state, + file_name, _line_number, description): + """Record an available test case.""" + base_name = re.sub(r'\.[^.]*$', '', re.sub(r'.*/', '', file_name)) + key = ';'.join([base_name, description.decode('utf-8')]) + self.descriptions.add(key) + +def collect_available_test_cases(): + """Collect the available test cases.""" + explorer = TestDescriptions() + explorer.walk_all() + return sorted(explorer.descriptions) class DescriptionChecker(TestDescriptionExplorer): """Check all test case descriptions. @@ -173,6 +198,9 @@ def process_test_case(self, per_file_state, def main(): parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--list-all', + action='store_true', + help='List all test cases, without doing checks') parser.add_argument('--quiet', '-q', action='store_true', help='Hide warnings') @@ -180,6 +208,10 @@ def main(): action='store_false', dest='quiet', help='Show warnings (default: on; undoes --quiet)') options = parser.parse_args() + if options.list_all: + descriptions = collect_available_test_cases() + sys.stdout.write('\n'.join(descriptions + [''])) + return results = Results(options) checker = DescriptionChecker(results) checker.walk_all() diff --git a/third_party/mbedtls/repo/tests/scripts/curves.pl b/third_party/mbedtls/repo/tests/scripts/curves.pl deleted file mode 100755 index 188bd29acc3..00000000000 --- a/third_party/mbedtls/repo/tests/scripts/curves.pl +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/env perl - -# curves.pl -# -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Purpose -# -# The purpose of this test script is to validate that the library works -# with any combination of elliptic curves. To this effect, build the library -# and run the test suite with each tested combination of elliptic curves. -# -# Testing all 2^n combinations would be too much, so we only test 2*n: -# -# 1. Test with a single curve, for each curve. This validates that the -# library works with any curve, and in particular that curve-specific -# code is guarded by the proper preprocessor conditionals. -# 2. Test with all curves except one, for each curve. This validates that -# the test cases have correct dependencies. Testing with a single curve -# doesn't validate this for tests that require more than one curve. - -# Usage: tests/scripts/curves.pl -# -# This script should be executed from the root of the project directory. -# -# Only curves that are enabled in config.h will be tested. -# -# For best effect, run either with cmake disabled, or cmake enabled in a mode -# that includes -Werror. - -use warnings; -use strict; - --d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; - -my $sed_cmd = 's/^#define \(MBEDTLS_ECP_DP.*_ENABLED\)/\1/p'; -my $config_h = 'include/mbedtls/config.h'; -my @curves = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); - -# Determine which curves support ECDSA by checking the dependencies of -# ECDSA in check_config.h. -my %curve_supports_ecdsa = (); -{ - local $/ = ""; - local *CHECK_CONFIG; - open(CHECK_CONFIG, '<', 'include/mbedtls/check_config.h') - or die "open include/mbedtls/check_config.h: $!"; - while (my $stanza = ) { - if ($stanza =~ /\A#if defined\(MBEDTLS_ECDSA_C\)/) { - for my $curve ($stanza =~ /(?<=\()MBEDTLS_ECP_DP_\w+_ENABLED(?=\))/g) { - $curve_supports_ecdsa{$curve} = 1; - } - last; - } - } - close(CHECK_CONFIG); -} - -system( "cp $config_h $config_h.bak" ) and die; -sub abort { - system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; - # use an exit code between 1 and 124 for git bisect (die returns 255) - warn $_[0]; - exit 1; -} - -# Disable all the curves. We'll then re-enable them one by one. -for my $curve (@curves) { - system( "scripts/config.pl unset $curve" ) - and abort "Failed to disable $curve\n"; -} -# Depends on a specific curve. Also, ignore error if it wasn't enabled. -system( "scripts/config.pl unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); - -# Test with only $curve enabled, for each $curve. -for my $curve (@curves) { - system( "make clean" ) and die; - - print "\n******************************************\n"; - print "* Testing with only curve: $curve\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = "$curve"; - - system( "scripts/config.pl set $curve" ) - and abort "Failed to enable $curve\n"; - - my $ecdsa = $curve_supports_ecdsa{$curve} ? "set" : "unset"; - for my $dep (qw(MBEDTLS_ECDSA_C - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)) { - system( "scripts/config.pl $ecdsa $dep" ) - and abort "Failed to $ecdsa $dep\n"; - } - - system( "CFLAGS='-Werror -Wall -Wextra' make" ) - and abort "Failed to build: only $curve\n"; - system( "make test" ) - and abort "Failed test suite: only $curve\n"; - - system( "scripts/config.pl unset $curve" ) - and abort "Failed to disable $curve\n"; -} - -system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - -# Test with $curve disabled but the others enabled, for each $curve. -for my $curve (@curves) { - system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - system( "make clean" ) and die; - - # depends on a specific curve. Also, ignore error if it wasn't enabled - system( "scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED" ); - - print "\n******************************************\n"; - print "* Testing without curve: $curve\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$curve"; - - system( "scripts/config.py unset $curve" ) - and abort "Failed to disable $curve\n"; - - system( "CFLAGS='-Werror -Wall -Wextra' make" ) - and abort "Failed to build: all but $curve\n"; - system( "make test" ) - and abort "Failed test suite: all but $curve\n"; - -} - -system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; -system( "make clean" ) and die; -exit 0; diff --git a/third_party/mbedtls/repo/tests/scripts/depends-hashes.pl b/third_party/mbedtls/repo/tests/scripts/depends-hashes.pl deleted file mode 100755 index f5de7d9cd29..00000000000 --- a/third_party/mbedtls/repo/tests/scripts/depends-hashes.pl +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env perl - -# depends-hashes.pl -# -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Purpose -# -# To test the code dependencies on individual hashes in each test suite. This -# is a verification step to ensure we don't ship test suites that do not work -# for some build options. -# -# The process is: -# for each possible hash -# build the library and test suites with the hash disabled -# execute the test suites -# -# And any test suite with the wrong dependencies will fail. -# -# Usage: tests/scripts/depends-hashes.pl -# -# This script should be executed from the root of the project directory. -# -# For best effect, run either with cmake disabled, or cmake enabled in a mode -# that includes -Werror. - -use warnings; -use strict; - --d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; - -my $config_h = 'include/mbedtls/config.h'; - -# as many SSL options depend on specific hashes, -# and SSL is not in the test suites anyways, -# disable it to avoid dependcies issues -my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p'; -my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` ); - -# for md we want to catch MD5_C but not MD_C, hence the extra dot -my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p'; -my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p'; -my @hash_modules = split( /\s+/, - `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` ); - -# there are also negative options for truncated variants, disabled by default -my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p'; -my @hash_negatives = split( /\s+/, - `sed -n -e '$sha_trunc_sed_cmd' $config_h` ); - -# list hash options with corresponding actions -my @hashes = ((map { "unset $_" } @hash_modules), - (map { "set $_" } @hash_negatives)); - -system( "cp $config_h $config_h.bak" ) and die; -sub abort { - system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; - # use an exit code between 1 and 124 for git bisect (die returns 255) - warn $_[0]; - exit 1; -} - -for my $hash (@hashes) { - system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - system( "make clean" ) and die; - - print "\n******************************************\n"; - print "* Testing hash option: $hash\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash"; - - system( "scripts/config.py $hash" ) - and abort "Failed to $hash\n"; - - for my $opt (@ssl) { - system( "scripts/config.py unset $opt" ) - and abort "Failed to disable $opt\n"; - } - - system( "CFLAGS='-Werror -Wall -Wextra' make lib" ) - and abort "Failed to build lib: $hash\n"; - system( "cd tests && make" ) and abort "Failed to build tests: $hash\n"; - system( "make test" ) and abort "Failed test suite: $hash\n"; -} - -system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; -system( "make clean" ) and die; -exit 0; diff --git a/third_party/mbedtls/repo/tests/scripts/depends-pkalgs.pl b/third_party/mbedtls/repo/tests/scripts/depends-pkalgs.pl deleted file mode 100755 index 2ad4a7cccbf..00000000000 --- a/third_party/mbedtls/repo/tests/scripts/depends-pkalgs.pl +++ /dev/null @@ -1,107 +0,0 @@ -#!/usr/bin/env perl - -# depends-pkalgs.pl -# -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Purpose -# -# To test the code dependencies on individual PK algs (those that can be used -# from the PK layer, so currently signature and encryption but not key -# exchange) in each test suite. This is a verification step to ensure we don't -# ship test suites that do not work for some build options. -# -# The process is: -# for each possible PK alg -# build the library and test suites with that alg disabled -# execute the test suites -# -# And any test suite with the wrong dependencies will fail. -# -# Usage: tests/scripts/depends-pkalgs.pl -# -# This script should be executed from the root of the project directory. -# -# For best effect, run either with cmake disabled, or cmake enabled in a mode -# that includes -Werror. - -use warnings; -use strict; - --d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; - -my $config_h = 'include/mbedtls/config.h'; - -# Some algorithms can't be disabled on their own as others depend on them, so -# we list those reverse-dependencies here to keep check_config.h happy. -my %algs = ( - 'MBEDTLS_ECDSA_C' => ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'], - 'MBEDTLS_ECP_C' => ['MBEDTLS_ECDSA_C', - 'MBEDTLS_ECDH_C', - 'MBEDTLS_ECJPAKE_C', - 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'], - 'MBEDTLS_X509_RSASSA_PSS_SUPPORT' => [], - 'MBEDTLS_PKCS1_V21' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], - 'MBEDTLS_PKCS1_V15' => ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], - 'MBEDTLS_RSA_C' => ['MBEDTLS_X509_RSASSA_PSS_SUPPORT', - 'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', - 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], -); - -system( "cp $config_h $config_h.bak" ) and die; -sub abort { - system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; - # use an exit code between 1 and 124 for git bisect (die returns 255) - warn $_[0]; - exit 1; -} - -while( my ($alg, $extras) = each %algs ) { - system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - system( "make clean" ) and die; - - print "\n******************************************\n"; - print "* Testing without alg: $alg\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$alg"; - - system( "scripts/config.py unset $alg" ) - and abort "Failed to disable $alg\n"; - for my $opt (@$extras) { - system( "scripts/config.py unset $opt" ) - and abort "Failed to disable $opt\n"; - } - - system( "CFLAGS='-Werror -Wall -Wextra' make lib" ) - and abort "Failed to build lib: $alg\n"; - system( "cd tests && make" ) and abort "Failed to build tests: $alg\n"; - system( "make test" ) and abort "Failed test suite: $alg\n"; -} - -system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; -system( "make clean" ) and die; -exit 0; diff --git a/third_party/mbedtls/repo/tests/scripts/depends.py b/third_party/mbedtls/repo/tests/scripts/depends.py new file mode 100755 index 00000000000..6c2e6d6e3b9 --- /dev/null +++ b/third_party/mbedtls/repo/tests/scripts/depends.py @@ -0,0 +1,560 @@ +#!/usr/bin/env python3 + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +""" +Test Mbed TLS with a subset of algorithms. + +This script can be divided into several steps: + +First, include/mbedtls/config.h or a different config file passed +in the arguments is parsed to extract any configuration options (using config.py). + +Then, test domains (groups of jobs, tests) are built based on predefined data +collected in the DomainData class. Here, each domain has five major traits: +- domain name, can be used to run only specific tests via command-line; +- configuration building method, described in detail below; +- list of symbols passed to the configuration building method; +- commands to be run on each job (only build, build and test, or any other custom); +- optional list of symbols to be excluded from testing. + +The configuration building method can be one of the three following: + +- ComplementaryDomain - build a job for each passed symbol by disabling a single + symbol and its reverse dependencies (defined in REVERSE_DEPENDENCIES); + +- ExclusiveDomain - build a job where, for each passed symbol, only this particular + one is defined and other symbols from the list are unset. For each job look for + any non-standard symbols to set/unset in EXCLUSIVE_GROUPS. These are usually not + direct dependencies, but rather non-trivial results of other configs missing. Then + look for any unset symbols and handle their reverse dependencies. + +- DualDomain - combination of the two above - both complementary and exclusive domain + job generation code will be run. Currently only used for hashes. + +Lastly, the collected jobs are executed and (optionally) tested, with +error reporting and coloring as configured in options. Each test starts with +a full config without a couple of slowing down or unnecessary options +(see set_reference_config), then the specific job config is derived. +""" +import argparse +import os +import re +import shutil +import subprocess +import sys +import traceback +from typing import Union + +# Add the Mbed TLS Python library directory to the module search path +import scripts_path # pylint: disable=unused-import +import config + +class Colors: # pylint: disable=too-few-public-methods + """Minimalistic support for colored output. +Each field of an object of this class is either None if colored output +is not possible or not desired, or a pair of strings (start, stop) such +that outputting start switches the text color to the desired color and +stop switches the text color back to the default.""" + red = None + green = None + cyan = None + bold_red = None + bold_green = None + def __init__(self, options=None): + """Initialize color profile according to passed options.""" + if not options or options.color in ['no', 'never']: + want_color = False + elif options.color in ['yes', 'always']: + want_color = True + else: + want_color = sys.stderr.isatty() + if want_color: + # Assume ANSI compatible terminal + normal = '\033[0m' + self.red = ('\033[31m', normal) + self.green = ('\033[32m', normal) + self.cyan = ('\033[36m', normal) + self.bold_red = ('\033[1;31m', normal) + self.bold_green = ('\033[1;32m', normal) +NO_COLORS = Colors(None) + +def log_line(text, prefix='depends.py:', suffix='', color=None): + """Print a status message.""" + if color is not None: + prefix = color[0] + prefix + suffix = suffix + color[1] + sys.stderr.write(prefix + ' ' + text + suffix + '\n') + sys.stderr.flush() + +def log_command(cmd): + """Print a trace of the specified command. +cmd is a list of strings: a command name and its arguments.""" + log_line(' '.join(cmd), prefix='+') + +def backup_config(options): + """Back up the library configuration file (config.h). +If the backup file already exists, it is presumed to be the desired backup, +so don't make another backup.""" + if os.path.exists(options.config_backup): + options.own_backup = False + else: + options.own_backup = True + shutil.copy(options.config, options.config_backup) + +def restore_config(options): + """Restore the library configuration file (config.h). +Remove the backup file if it was saved earlier.""" + if options.own_backup: + shutil.move(options.config_backup, options.config) + else: + shutil.copy(options.config_backup, options.config) + +def option_exists(conf, option): + return option in conf.settings + +def set_config_option_value(conf, option, colors, value: Union[bool, str]): + """Set/unset a configuration option, optionally specifying a value. +value can be either True/False (set/unset config option), or a string, +which will make a symbol defined with a certain value.""" + if not option_exists(conf, option): + log_line('Symbol {} was not found in {}'.format(option, conf.filename), color=colors.red) + return False + + if value is False: + log_command(['config.py', 'unset', option]) + conf.unset(option) + elif value is True: + log_command(['config.py', 'set', option]) + conf.set(option) + else: + log_command(['config.py', 'set', option, value]) + conf.set(option, value) + return True + +def set_reference_config(conf, options, colors): + """Change the library configuration file (config.h) to the reference state. +The reference state is the one from which the tested configurations are +derived.""" + # Turn off options that are not relevant to the tests and slow them down. + log_command(['config.py', 'full']) + conf.adapt(config.full_adapter) + set_config_option_value(conf, 'MBEDTLS_TEST_HOOKS', colors, False) + if options.unset_use_psa: + set_config_option_value(conf, 'MBEDTLS_USE_PSA_CRYPTO', colors, False) + +class Job: + """A job builds the library in a specific configuration and runs some tests.""" + def __init__(self, name, config_settings, commands): + """Build a job object. +The job uses the configuration described by config_settings. This is a +dictionary where the keys are preprocessor symbols and the values are +booleans or strings. A boolean indicates whether or not to #define the +symbol. With a string, the symbol is #define'd to that value. +After setting the configuration, the job runs the programs specified by +commands. This is a list of lists of strings; each list of string is a +command name and its arguments and is passed to subprocess.call with +shell=False.""" + self.name = name + self.config_settings = config_settings + self.commands = commands + + def announce(self, colors, what): + '''Announce the start or completion of a job. +If what is None, announce the start of the job. +If what is True, announce that the job has passed. +If what is False, announce that the job has failed.''' + if what is True: + log_line(self.name + ' PASSED', color=colors.green) + elif what is False: + log_line(self.name + ' FAILED', color=colors.red) + else: + log_line('starting ' + self.name, color=colors.cyan) + + def configure(self, conf, options, colors): + '''Set library configuration options as required for the job.''' + set_reference_config(conf, options, colors) + for key, value in sorted(self.config_settings.items()): + ret = set_config_option_value(conf, key, colors, value) + if ret is False: + return False + return True + + def test(self, options): + '''Run the job's build and test commands. +Return True if all the commands succeed and False otherwise. +If options.keep_going is false, stop as soon as one command fails. Otherwise +run all the commands, except that if the first command fails, none of the +other commands are run (typically, the first command is a build command +and subsequent commands are tests that cannot run if the build failed).''' + built = False + success = True + for command in self.commands: + log_command(command) + ret = subprocess.call(command) + if ret != 0: + if command[0] not in ['make', options.make_command]: + log_line('*** [{}] Error {}'.format(' '.join(command), ret)) + if not options.keep_going or not built: + return False + success = False + built = True + return success + +# SSL/TLS versions up to 1.1 and corresponding options. These require +# both MD5 and SHA-1. +SSL_PRE_1_2_DEPENDENCIES = ['MBEDTLS_SSL_CBC_RECORD_SPLITTING', + 'MBEDTLS_SSL_PROTO_SSL3', + 'MBEDTLS_SSL_PROTO_TLS1', + 'MBEDTLS_SSL_PROTO_TLS1_1'] + +# If the configuration option A requires B, make sure that +# B in REVERSE_DEPENDENCIES[A]. +# All the information here should be contained in check_config.h. This +# file includes a copy because it changes rarely and it would be a pain +# to extract automatically. +REVERSE_DEPENDENCIES = { + 'MBEDTLS_AES_C': ['MBEDTLS_CTR_DRBG_C', + 'MBEDTLS_NIST_KW_C'], + 'MBEDTLS_CHACHA20_C': ['MBEDTLS_CHACHAPOLY_C'], + 'MBEDTLS_ECDSA_C': ['MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED'], + 'MBEDTLS_ECP_C': ['MBEDTLS_ECDSA_C', + 'MBEDTLS_ECDH_C', + 'MBEDTLS_ECJPAKE_C', + 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'], + 'MBEDTLS_ECP_DP_SECP256R1_ENABLED': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'], + 'MBEDTLS_MD5_C': SSL_PRE_1_2_DEPENDENCIES, + 'MBEDTLS_PKCS1_V21': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT'], + 'MBEDTLS_PKCS1_V15': ['MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED'], + 'MBEDTLS_RSA_C': ['MBEDTLS_X509_RSASSA_PSS_SUPPORT', + 'MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_RSA_ENABLED', + 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'], + 'MBEDTLS_SHA1_C': SSL_PRE_1_2_DEPENDENCIES, + 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', + 'MBEDTLS_ENTROPY_FORCE_SHA256'], + 'MBEDTLS_X509_RSASSA_PSS_SUPPORT': [] +} + +# If an option is tested in an exclusive test, alter the following defines. +# These are not necessarily dependencies, but just minimal required changes +# if a given define is the only one enabled from an exclusive group. +EXCLUSIVE_GROUPS = { + 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL'], + 'MBEDTLS_SHA512_NO_SHA384': ['+MBEDTLS_SHA512_C', + '-MBEDTLS_SSL_PROTO_TLS1_2', + '-MBEDTLS_SSL_PROTO_DTLS', + '-MBEDTLS_SSL_TLS_C', + '-MBEDTLS_SSL_CLI_C', + '-MBEDTLS_SSL_SRV_C', + '-MBEDTLS_SSL_DTLS_HELLO_VERIFY', + '-MBEDTLS_SSL_DTLS_ANTI_REPLAY', + '-MBEDTLS_SSL_DTLS_CONNECTION_ID', + '-MBEDTLS_SSL_DTLS_BADMAC_LIMIT', + '-MBEDTLS_SSL_ENCRYPT_THEN_MAC', + '-MBEDTLS_SSL_EXTENDED_MASTER_SECRET', + '-MBEDTLS_SSL_DTLS_SRTP', + '-MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE'], + 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C', + '-MBEDTLS_ECDSA_DETERMINISTIC', + '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', + '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', + '-MBEDTLS_ECJPAKE_C', + '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'], + 'MBEDTLS_ECP_DP_CURVE25519_ENABLED': ['-MBEDTLS_ECDSA_C', + '-MBEDTLS_ECDSA_DETERMINISTIC', + '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', + '-MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', + '-MBEDTLS_ECJPAKE_C', + '-MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED'], + 'MBEDTLS_ARIA_C': ['-MBEDTLS_CMAC_C'], + 'MBEDTLS_ARC4_C': ['-MBEDTLS_CMAC_C', + '-MBEDTLS_CCM_C', + '-MBEDTLS_SSL_TICKET_C', + '-MBEDTLS_SSL_CONTEXT_SERIALIZATION', + '-MBEDTLS_GCM_C'], + 'MBEDTLS_BLOWFISH_C': ['-MBEDTLS_CMAC_C', + '-MBEDTLS_CCM_C', + '-MBEDTLS_SSL_TICKET_C', + '-MBEDTLS_SSL_CONTEXT_SERIALIZATION', + '-MBEDTLS_GCM_C'], + 'MBEDTLS_CAMELLIA_C': ['-MBEDTLS_CMAC_C'], + 'MBEDTLS_CHACHA20_C': ['-MBEDTLS_CMAC_C', '-MBEDTLS_CCM_C', '-MBEDTLS_GCM_C'], + 'MBEDTLS_DES_C': ['-MBEDTLS_CCM_C', + '-MBEDTLS_GCM_C', + '-MBEDTLS_SSL_TICKET_C', + '-MBEDTLS_SSL_CONTEXT_SERIALIZATION'], +} +def handle_exclusive_groups(config_settings, symbol): + """For every symbol tested in an exclusive group check if there are other +defines to be altered. """ + for dep in EXCLUSIVE_GROUPS.get(symbol, []): + unset = dep.startswith('-') + dep = dep[1:] + config_settings[dep] = not unset + +def turn_off_dependencies(config_settings): + """For every option turned off config_settings, also turn off what depends on it. +An option O is turned off if config_settings[O] is False.""" + for key, value in sorted(config_settings.items()): + if value is not False: + continue + for dep in REVERSE_DEPENDENCIES.get(key, []): + config_settings[dep] = False + +class BaseDomain: # pylint: disable=too-few-public-methods, unused-argument + """A base class for all domains.""" + def __init__(self, symbols, commands, exclude): + """Initialize the jobs container""" + self.jobs = [] + +class ExclusiveDomain(BaseDomain): # pylint: disable=too-few-public-methods + """A domain consisting of a set of conceptually-equivalent settings. +Establish a list of configuration symbols. For each symbol, run a test job +with this symbol set and the others unset.""" + def __init__(self, symbols, commands, exclude=None): + """Build a domain for the specified list of configuration symbols. +The domain contains a set of jobs that enable one of the elements +of symbols and disable the others. +Each job runs the specified commands. +If exclude is a regular expression, skip generated jobs whose description +would match this regular expression.""" + super().__init__(symbols, commands, exclude) + base_config_settings = {} + for symbol in symbols: + base_config_settings[symbol] = False + for symbol in symbols: + description = symbol + if exclude and re.match(exclude, description): + continue + config_settings = base_config_settings.copy() + config_settings[symbol] = True + handle_exclusive_groups(config_settings, symbol) + turn_off_dependencies(config_settings) + job = Job(description, config_settings, commands) + self.jobs.append(job) + +class ComplementaryDomain(BaseDomain): # pylint: disable=too-few-public-methods + """A domain consisting of a set of loosely-related settings. +Establish a list of configuration symbols. For each symbol, run a test job +with this symbol unset. +If exclude is a regular expression, skip generated jobs whose description +would match this regular expression.""" + def __init__(self, symbols, commands, exclude=None): + """Build a domain for the specified list of configuration symbols. +Each job in the domain disables one of the specified symbols. +Each job runs the specified commands.""" + super().__init__(symbols, commands, exclude) + for symbol in symbols: + description = '!' + symbol + if exclude and re.match(exclude, description): + continue + config_settings = {symbol: False} + turn_off_dependencies(config_settings) + job = Job(description, config_settings, commands) + self.jobs.append(job) + +class DualDomain(ExclusiveDomain, ComplementaryDomain): # pylint: disable=too-few-public-methods + """A domain that contains both the ExclusiveDomain and BaseDomain tests. +Both parent class __init__ calls are performed in any order and +each call adds respective jobs. The job array initialization is done once in +BaseDomain, before the parent __init__ calls.""" + +class CipherInfo: # pylint: disable=too-few-public-methods + """Collect data about cipher.h.""" + def __init__(self): + self.base_symbols = set() + with open('include/mbedtls/cipher.h', encoding="utf-8") as fh: + for line in fh: + m = re.match(r' *MBEDTLS_CIPHER_ID_(\w+),', line) + if m and m.group(1) not in ['NONE', 'NULL', '3DES']: + self.base_symbols.add('MBEDTLS_' + m.group(1) + '_C') + +class DomainData: + """A container for domains and jobs, used to structurize testing.""" + def config_symbols_matching(self, regexp): + """List the config.h settings matching regexp.""" + return [symbol for symbol in self.all_config_symbols + if re.match(regexp, symbol)] + + def __init__(self, options, conf): + """Gather data about the library and establish a list of domains to test.""" + build_command = [options.make_command, 'CFLAGS=-Werror'] + build_and_test = [build_command, [options.make_command, 'test']] + self.all_config_symbols = set(conf.settings.keys()) + # Find hash modules by name. + hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z') + hash_symbols.append("MBEDTLS_SHA512_NO_SHA384") + # Find elliptic curve enabling macros by name. + curve_symbols = self.config_symbols_matching(r'MBEDTLS_ECP_DP_\w+_ENABLED\Z') + # Find key exchange enabling macros by name. + key_exchange_symbols = self.config_symbols_matching(r'MBEDTLS_KEY_EXCHANGE_\w+_ENABLED\Z') + # Find cipher IDs (block permutations and stream ciphers --- chaining + # and padding modes are exercised separately) information by parsing + # cipher.h, as the information is not readily available in config.h. + cipher_info = CipherInfo() + # Find block cipher chaining and padding mode enabling macros by name. + cipher_chaining_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_MODE_\w+\Z') + cipher_padding_symbols = self.config_symbols_matching(r'MBEDTLS_CIPHER_PADDING_\w+\Z') + self.domains = { + # Cipher IDs, chaining modes and padding modes. Run the test suites. + 'cipher_id': ExclusiveDomain(cipher_info.base_symbols, + build_and_test), + 'cipher_chaining': ExclusiveDomain(cipher_chaining_symbols, + build_and_test), + 'cipher_padding': ExclusiveDomain(cipher_padding_symbols, + build_and_test), + # Elliptic curves. Run the test suites. + 'curves': ExclusiveDomain(curve_symbols, build_and_test), + # Hash algorithms. Exclude exclusive domain of MD, RIPEMD, SHA1 (obsolete) + 'hashes': DualDomain(hash_symbols, build_and_test, + exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)'\ + '|!MBEDTLS_*_NO_SHA'), + # Key exchange types. + 'kex': ExclusiveDomain(key_exchange_symbols, build_and_test), + 'pkalgs': ComplementaryDomain(['MBEDTLS_ECDSA_C', + 'MBEDTLS_ECP_C', + 'MBEDTLS_PKCS1_V21', + 'MBEDTLS_PKCS1_V15', + 'MBEDTLS_RSA_C', + 'MBEDTLS_X509_RSASSA_PSS_SUPPORT'], + build_and_test), + } + self.jobs = {} + for domain in self.domains.values(): + for job in domain.jobs: + self.jobs[job.name] = job + + def get_jobs(self, name): + """Return the list of jobs identified by the given name. +A name can either be the name of a domain or the name of one specific job.""" + if name in self.domains: + return sorted(self.domains[name].jobs, key=lambda job: job.name) + else: + return [self.jobs[name]] + +def run(options, job, conf, colors=NO_COLORS): + """Run the specified job (a Job instance).""" + subprocess.check_call([options.make_command, 'clean']) + job.announce(colors, None) + if not job.configure(conf, options, colors): + job.announce(colors, False) + return False + conf.write() + success = job.test(options) + job.announce(colors, success) + return success + +def run_tests(options, domain_data, conf): + """Run the desired jobs. +domain_data should be a DomainData instance that describes the available +domains and jobs. +Run the jobs listed in options.tasks.""" + if not hasattr(options, 'config_backup'): + options.config_backup = options.config + '.bak' + colors = Colors(options) + jobs = [] + failures = [] + successes = [] + for name in options.tasks: + jobs += domain_data.get_jobs(name) + backup_config(options) + try: + for job in jobs: + success = run(options, job, conf, colors=colors) + if not success: + if options.keep_going: + failures.append(job.name) + else: + return False + else: + successes.append(job.name) + restore_config(options) + except: + # Restore the configuration, except in stop-on-error mode if there + # was an error, where we leave the failing configuration up for + # developer convenience. + if options.keep_going: + restore_config(options) + raise + if successes: + log_line('{} passed'.format(' '.join(successes)), color=colors.bold_green) + if failures: + log_line('{} FAILED'.format(' '.join(failures)), color=colors.bold_red) + return False + else: + return True + +def main(): + try: + parser = argparse.ArgumentParser( + formatter_class=argparse.RawDescriptionHelpFormatter, + description= + "Test Mbed TLS with a subset of algorithms.\n\n" + "Example usage:\n" + r"./tests/scripts/depends.py \!MBEDTLS_SHA1_C MBEDTLS_SHA256_C""\n" + "./tests/scripts/depends.py MBEDTLS_AES_C hashes\n" + "./tests/scripts/depends.py cipher_id cipher_chaining\n") + parser.add_argument('--color', metavar='WHEN', + help='Colorize the output (always/auto/never)', + choices=['always', 'auto', 'never'], default='auto') + parser.add_argument('-c', '--config', metavar='FILE', + help='Configuration file to modify', + default='include/mbedtls/config.h') + parser.add_argument('-C', '--directory', metavar='DIR', + help='Change to this directory before anything else', + default='.') + parser.add_argument('-k', '--keep-going', + help='Try all configurations even if some fail (default)', + action='store_true', dest='keep_going', default=True) + parser.add_argument('-e', '--no-keep-going', + help='Stop as soon as a configuration fails', + action='store_false', dest='keep_going') + parser.add_argument('--list-jobs', + help='List supported jobs and exit', + action='append_const', dest='list', const='jobs') + parser.add_argument('--list-domains', + help='List supported domains and exit', + action='append_const', dest='list', const='domains') + parser.add_argument('--make-command', metavar='CMD', + help='Command to run instead of make (e.g. gmake)', + action='store', default='make') + parser.add_argument('--unset-use-psa', + help='Unset MBEDTLS_USE_PSA_CRYPTO before any test', + action='store_true', dest='unset_use_psa') + parser.add_argument('tasks', metavar='TASKS', nargs='*', + help='The domain(s) or job(s) to test (default: all).', + default=True) + options = parser.parse_args() + os.chdir(options.directory) + conf = config.ConfigFile(options.config) + domain_data = DomainData(options, conf) + + if options.tasks is True: + options.tasks = sorted(domain_data.domains.keys()) + if options.list: + for arg in options.list: + for domain_name in sorted(getattr(domain_data, arg).keys()): + print(domain_name) + sys.exit(0) + else: + sys.exit(0 if run_tests(options, domain_data, conf) else 1) + except Exception: # pylint: disable=broad-except + traceback.print_exc() + sys.exit(3) + +if __name__ == '__main__': + main() diff --git a/third_party/mbedtls/repo/tests/scripts/docker_env.sh b/third_party/mbedtls/repo/tests/scripts/docker_env.sh index be96c7270b7..cfc98dfcab1 100755 --- a/third_party/mbedtls/repo/tests/scripts/docker_env.sh +++ b/third_party/mbedtls/repo/tests/scripts/docker_env.sh @@ -9,6 +9,10 @@ # thus making it easier to get set up as well as isolating test dependencies # (which include legacy/insecure configurations of openssl and gnutls). # +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. +# # Notes for users # --------------- # This script expects a Linux x86_64 system with a recent version of Docker @@ -23,19 +27,7 @@ # the Docker image. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # default values, can be overridden by the environment diff --git a/third_party/mbedtls/repo/tests/scripts/doxygen.sh b/third_party/mbedtls/repo/tests/scripts/doxygen.sh index 2c523ba7817..b6a1d45949d 100755 --- a/third_party/mbedtls/repo/tests/scripts/doxygen.sh +++ b/third_party/mbedtls/repo/tests/scripts/doxygen.sh @@ -3,25 +3,13 @@ # Make sure the doxygen documentation builds without warnings # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -# Abort on errors (and uninitiliased variables) +# Abort on errors (and uninitialised variables) set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi @@ -35,7 +23,7 @@ cat doc.out doc.err | \ grep -v "warning: ignoring unsupported tag" \ > doc.filtered -if egrep "(warning|error):" doc.filtered; then +if grep -E "(warning|error):" doc.filtered; then echo "FAIL" >&2 exit 1; fi diff --git a/third_party/mbedtls/repo/tests/scripts/gen_ctr_drbg.pl b/third_party/mbedtls/repo/tests/scripts/gen_ctr_drbg.pl index 2345b9e361e..ec5e5d89158 100755 --- a/third_party/mbedtls/repo/tests/scripts/gen_ctr_drbg.pl +++ b/third_party/mbedtls/repo/tests/scripts/gen_ctr_drbg.pl @@ -5,19 +5,7 @@ # and concats nonce and personalization for initialization. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/gen_gcm_decrypt.pl b/third_party/mbedtls/repo/tests/scripts/gen_gcm_decrypt.pl index 354e351a4d3..30d45c307df 100755 --- a/third_party/mbedtls/repo/tests/scripts/gen_gcm_decrypt.pl +++ b/third_party/mbedtls/repo/tests/scripts/gen_gcm_decrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/gen_gcm_encrypt.pl b/third_party/mbedtls/repo/tests/scripts/gen_gcm_encrypt.pl index 101456fedf9..b4f08494c0e 100755 --- a/third_party/mbedtls/repo/tests/scripts/gen_gcm_encrypt.pl +++ b/third_party/mbedtls/repo/tests/scripts/gen_gcm_encrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/third_party/mbedtls/repo/tests/scripts/gen_pkcs1_v21_sign_verify.pl index 609e5586a79..fe2d3f5d371 100755 --- a/third_party/mbedtls/repo/tests/scripts/gen_pkcs1_v21_sign_verify.pl +++ b/third_party/mbedtls/repo/tests/scripts/gen_pkcs1_v21_sign_verify.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/generate-afl-tests.sh b/third_party/mbedtls/repo/tests/scripts/generate-afl-tests.sh index 7c9f432ae4b..d4ef0f3af12 100755 --- a/third_party/mbedtls/repo/tests/scripts/generate-afl-tests.sh +++ b/third_party/mbedtls/repo/tests/scripts/generate-afl-tests.sh @@ -6,22 +6,10 @@ # # Usage: generate-afl-tests.sh # - should be the path to one of the test suite files -# such as 'test_suite_mpi.data' +# such as 'test_suite_rsa.data' # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Abort on errors set -e @@ -41,7 +29,7 @@ THIS_DIR=$(basename $PWD) if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ]; then :; else - echo " [!] Must be run from mbed TLS tests directory" >&2 + echo " [!] Must be run from Mbed TLS tests directory" >&2 exit 1 fi diff --git a/third_party/mbedtls/repo/tests/scripts/generate_bignum_tests.py b/third_party/mbedtls/repo/tests/scripts/generate_bignum_tests.py new file mode 100755 index 00000000000..6dfb46b2fd2 --- /dev/null +++ b/third_party/mbedtls/repo/tests/scripts/generate_bignum_tests.py @@ -0,0 +1,246 @@ +#!/usr/bin/env python3 +"""Generate test data for bignum functions. + +With no arguments, generate all test data. With non-option arguments, +generate only the specified files. + +Class structure: + +Child classes of test_data_generation.BaseTarget (file targets) represent an output +file. These indicate where test cases will be written to, for all subclasses of +this target. Multiple file targets should not reuse a `target_basename`. + +Each subclass derived from a file target can either be: + - A concrete class, representing a test function, which generates test cases. + - An abstract class containing shared methods and attributes, not associated + with a test function. An example is BignumOperation, which provides + common features used for bignum binary operations. + +Both concrete and abstract subclasses can be derived from, to implement +additional test cases (see BignumCmp and BignumCmpAbs for examples of deriving +from abstract and concrete classes). + + +Adding test case generation for a function: + +A subclass representing the test function should be added, deriving from a +file target such as BignumTarget. This test class must set/implement the +following: + - test_function: the function name from the associated .function file. + - test_name: a descriptive name or brief summary to refer to the test + function. + - arguments(): a method to generate the list of arguments required for the + test_function. + - generate_function_test(): a method to generate TestCases for the function. + This should create instances of the class with required input data, and + call `.create_test_case()` to yield the TestCase. + +Additional details and other attributes/methods are given in the documentation +of BaseTarget in test_data_generation.py. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +import sys + +from abc import ABCMeta, abstractmethod +from typing import Iterator, List, Tuple, TypeVar + +import scripts_path # pylint: disable=unused-import +from mbedtls_dev import test_case +from mbedtls_dev import test_data_generation + +T = TypeVar('T') #pylint: disable=invalid-name + +def hex_to_int(val: str) -> int: + """Implement the syntax accepted by mbedtls_test_read_mpi(). + + This is a superset of what is accepted by mbedtls_test_read_mpi_core(). + """ + if val in ['', '-']: + return 0 + return int(val, 16) + +def quote_str(val) -> str: + return "\"{}\"".format(val) + +def combination_pairs(values: List[T]) -> List[Tuple[T, T]]: + """Return all pair combinations from input values.""" + return [(x, y) for x in values for y in values] + +class BignumTarget(test_data_generation.BaseTarget, metaclass=ABCMeta): + #pylint: disable=abstract-method + """Target for bignum (legacy) test case generation.""" + target_basename = 'test_suite_bignum.generated' + + +class BignumOperation(BignumTarget, metaclass=ABCMeta): + """Common features for bignum binary operations. + + This adds functionality common in binary operation tests. This includes + generation of case descriptions, using descriptions of values and symbols + to represent the operation or result. + + Attributes: + symbol: Symbol used for the operation in case description. + input_values: List of values to use as test case inputs. These are + combined to produce pairs of values. + input_cases: List of tuples containing pairs of test case inputs. This + can be used to implement specific pairs of inputs. + """ + symbol = "" + input_values = [ + "", "0", "-", "-0", + "7b", "-7b", + "0000000000000000123", "-0000000000000000123", + "1230000000000000000", "-1230000000000000000" + ] # type: List[str] + input_cases = [] # type: List[Tuple[str, str]] + + def __init__(self, val_a: str, val_b: str) -> None: + self.arg_a = val_a + self.arg_b = val_b + self.int_a = hex_to_int(val_a) + self.int_b = hex_to_int(val_b) + + def arguments(self) -> List[str]: + return [quote_str(self.arg_a), quote_str(self.arg_b), self.result()] + + def description_suffix(self) -> str: + #pylint: disable=no-self-use # derived classes need self + """Text to add at the end of the test case description.""" + return "" + + def description(self) -> str: + """Generate a description for the test case. + + If not set, case_description uses the form A `symbol` B, where symbol + is used to represent the operation. Descriptions of each value are + generated to provide some context to the test case. + """ + if not self.case_description: + self.case_description = "{} {} {}".format( + self.value_description(self.arg_a), + self.symbol, + self.value_description(self.arg_b) + ) + description_suffix = self.description_suffix() + if description_suffix: + self.case_description += " " + description_suffix + return super().description() + + @abstractmethod + def result(self) -> str: + """Get the result of the operation. + + This could be calculated during initialization and stored as `_result` + and then returned, or calculated when the method is called. + """ + raise NotImplementedError + + @staticmethod + def value_description(val) -> str: + """Generate a description of the argument val. + + This produces a simple description of the value, which is used in test + case naming to add context. + """ + if val == "": + return "0 (null)" + if val == "-": + return "negative 0 (null)" + if val == "0": + return "0 (1 limb)" + + if val[0] == "-": + tmp = "negative" + val = val[1:] + else: + tmp = "positive" + if val[0] == "0": + tmp += " with leading zero limb" + elif len(val) > 10: + tmp = "large " + tmp + return tmp + + @classmethod + def get_value_pairs(cls) -> Iterator[Tuple[str, str]]: + """Generator to yield pairs of inputs. + + Combinations are first generated from all input values, and then + specific cases provided. + """ + yield from combination_pairs(cls.input_values) + yield from cls.input_cases + + @classmethod + def generate_function_tests(cls) -> Iterator[test_case.TestCase]: + for a_value, b_value in cls.get_value_pairs(): + cur_op = cls(a_value, b_value) + yield cur_op.create_test_case() + + +class BignumCmp(BignumOperation): + """Test cases for bignum value comparison.""" + count = 0 + test_function = "mpi_cmp_mpi" + test_name = "MPI compare" + input_cases = [ + ("-2", "-3"), + ("-2", "-2"), + ("2b4", "2b5"), + ("2b5", "2b6") + ] + + def __init__(self, val_a, val_b) -> None: + super().__init__(val_a, val_b) + self._result = int(self.int_a > self.int_b) - int(self.int_a < self.int_b) + self.symbol = ["<", "==", ">"][self._result + 1] + + def result(self) -> str: + return str(self._result) + + +class BignumCmpAbs(BignumCmp): + """Test cases for absolute bignum value comparison.""" + count = 0 + test_function = "mpi_cmp_abs" + test_name = "MPI compare (abs)" + + def __init__(self, val_a, val_b) -> None: + super().__init__(val_a.strip("-"), val_b.strip("-")) + + +class BignumAdd(BignumOperation): + """Test cases for bignum value addition.""" + count = 0 + symbol = "+" + test_function = "mpi_add_mpi" + test_name = "MPI add" + input_cases = combination_pairs( + [ + "1c67967269c6", "9cde3", + "-1c67967269c6", "-9cde3", + ] + ) + + def __init__(self, val_a: str, val_b: str) -> None: + super().__init__(val_a, val_b) + self._result = self.int_a + self.int_b + + def description_suffix(self) -> str: + if (self.int_a >= 0 and self.int_b >= 0): + return "" # obviously positive result or 0 + if (self.int_a <= 0 and self.int_b <= 0): + return "" # obviously negative result or 0 + # The sign of the result is not obvious, so indicate it + return ", result{}0".format('>' if self._result > 0 else + '<' if self._result < 0 else '=') + + def result(self) -> str: + return quote_str("{:x}".format(self._result)) + +if __name__ == '__main__': + # Use the section of the docstring relevant to the CLI as description + test_data_generation.main(sys.argv[1:], "\n".join(__doc__.splitlines()[:4])) diff --git a/third_party/mbedtls/repo/tests/scripts/generate_psa_tests.py b/third_party/mbedtls/repo/tests/scripts/generate_psa_tests.py index af25feb639a..955a5f35f92 100755 --- a/third_party/mbedtls/repo/tests/scripts/generate_psa_tests.py +++ b/third_party/mbedtls/repo/tests/scripts/generate_psa_tests.py @@ -6,33 +6,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import argparse -import os +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +import enum import re import sys -from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional, TypeVar +from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional import scripts_path # pylint: disable=unused-import from mbedtls_dev import crypto_knowledge from mbedtls_dev import macro_collector from mbedtls_dev import psa_storage from mbedtls_dev import test_case - -T = TypeVar('T') #pylint: disable=invalid-name +from mbedtls_dev import test_data_generation def psa_want_symbol(name: str) -> str: @@ -82,7 +68,7 @@ def automatic_dependencies(*expressions: str) -> List[str]: # A temporary hack: at the time of writing, not all dependency symbols # are implemented yet. Skip test cases for which the dependency symbols are # not available. Once all dependency symbols are available, this hack must -# be removed so that a bug in the dependency symbols proprely leads to a test +# be removed so that a bug in the dependency symbols properly leads to a test # failure. def read_implemented_dependencies(filename: str) -> FrozenSet[str]: return frozenset(symbol @@ -142,7 +128,7 @@ def test_case_for_key_type_not_supported( """ hack_dependencies_not_implemented(dependencies) tc = test_case.TestCase() - short_key_type = re.sub(r'PSA_(KEY_TYPE|ECC_FAMILY)_', r'', key_type) + short_key_type = crypto_knowledge.short_expression(key_type) adverb = 'not' if dependencies else 'never' if param_descr: adverb = param_descr + ' ' + adverb @@ -153,8 +139,8 @@ def test_case_for_key_type_not_supported( tc.set_arguments([key_type] + list(args)) return tc -class NotSupported: - """Generate test cases for when something is not supported.""" +class KeyTypeNotSupported: + """Generate test cases for when a key type is not supported.""" def __init__(self, info: Information) -> None: self.constructors = info.constructors @@ -203,7 +189,7 @@ def test_cases_for_key_type_not_supported( continue # For public key we expect that key generation fails with # INVALID_ARGUMENT. It is handled by KeyGenerate class. - if not kt.name.endswith('_PUBLIC_KEY'): + if not kt.is_public(): yield test_case_for_key_type_not_supported( 'generate', kt.expression, bits, finish_family_dependencies(generate_dependencies, bits), @@ -240,7 +226,7 @@ def test_case_for_key_generation( """ hack_dependencies_not_implemented(dependencies) tc = test_case.TestCase() - short_key_type = re.sub(r'PSA_(KEY_TYPE|ECC_FAMILY)_', r'', key_type) + short_key_type = crypto_knowledge.short_expression(key_type) tc.set_description('PSA {} {}-bit' .format(short_key_type, bits)) tc.set_dependencies(dependencies) @@ -303,6 +289,145 @@ def test_cases_for_key_generation(self) -> Iterator[test_case.TestCase]: kt = crypto_knowledge.KeyType(constr, [curve_family]) yield from self.test_cases_for_key_type_key_generation(kt) +class OpFail: + """Generate test cases for operations that must fail.""" + #pylint: disable=too-few-public-methods + + class Reason(enum.Enum): + NOT_SUPPORTED = 0 + INVALID = 1 + INCOMPATIBLE = 2 + PUBLIC = 3 + + def __init__(self, info: Information) -> None: + self.constructors = info.constructors + key_type_expressions = self.constructors.generate_expressions( + sorted(self.constructors.key_types) + ) + self.key_types = [crypto_knowledge.KeyType(kt_expr) + for kt_expr in key_type_expressions] + + def make_test_case( + self, + alg: crypto_knowledge.Algorithm, + category: crypto_knowledge.AlgorithmCategory, + reason: 'Reason', + kt: Optional[crypto_knowledge.KeyType] = None, + not_deps: FrozenSet[str] = frozenset(), + ) -> test_case.TestCase: + """Construct a failure test case for a one-key or keyless operation.""" + #pylint: disable=too-many-arguments,too-many-locals + tc = test_case.TestCase() + pretty_alg = alg.short_expression() + if reason == self.Reason.NOT_SUPPORTED: + short_deps = [re.sub(r'PSA_WANT_ALG_', r'', dep) + for dep in not_deps] + pretty_reason = '!' + '&'.join(sorted(short_deps)) + else: + pretty_reason = reason.name.lower() + if kt: + key_type = kt.expression + pretty_type = kt.short_expression() + else: + key_type = '' + pretty_type = '' + tc.set_description('PSA {} {}: {}{}' + .format(category.name.lower(), + pretty_alg, + pretty_reason, + ' with ' + pretty_type if pretty_type else '')) + dependencies = automatic_dependencies(alg.base_expression, key_type) + for i, dep in enumerate(dependencies): + if dep in not_deps: + dependencies[i] = '!' + dep + tc.set_dependencies(dependencies) + tc.set_function(category.name.lower() + '_fail') + arguments = [] # type: List[str] + if kt: + key_material = kt.key_material(kt.sizes_to_test()[0]) + arguments += [key_type, test_case.hex_string(key_material)] + arguments.append(alg.expression) + if category.is_asymmetric(): + arguments.append('1' if reason == self.Reason.PUBLIC else '0') + error = ('NOT_SUPPORTED' if reason == self.Reason.NOT_SUPPORTED else + 'INVALID_ARGUMENT') + arguments.append('PSA_ERROR_' + error) + tc.set_arguments(arguments) + return tc + + def no_key_test_cases( + self, + alg: crypto_knowledge.Algorithm, + category: crypto_knowledge.AlgorithmCategory, + ) -> Iterator[test_case.TestCase]: + """Generate failure test cases for keyless operations with the specified algorithm.""" + if alg.can_do(category): + # Compatible operation, unsupported algorithm + for dep in automatic_dependencies(alg.base_expression): + yield self.make_test_case(alg, category, + self.Reason.NOT_SUPPORTED, + not_deps=frozenset([dep])) + else: + # Incompatible operation, supported algorithm + yield self.make_test_case(alg, category, self.Reason.INVALID) + + def one_key_test_cases( + self, + alg: crypto_knowledge.Algorithm, + category: crypto_knowledge.AlgorithmCategory, + ) -> Iterator[test_case.TestCase]: + """Generate failure test cases for one-key operations with the specified algorithm.""" + for kt in self.key_types: + key_is_compatible = kt.can_do(alg) + if key_is_compatible and alg.can_do(category): + # Compatible key and operation, unsupported algorithm + for dep in automatic_dependencies(alg.base_expression): + yield self.make_test_case(alg, category, + self.Reason.NOT_SUPPORTED, + kt=kt, not_deps=frozenset([dep])) + # Public key for a private-key operation + if category.is_asymmetric() and kt.is_public(): + yield self.make_test_case(alg, category, + self.Reason.PUBLIC, + kt=kt) + elif key_is_compatible: + # Compatible key, incompatible operation, supported algorithm + yield self.make_test_case(alg, category, + self.Reason.INVALID, + kt=kt) + elif alg.can_do(category): + # Incompatible key, compatible operation, supported algorithm + yield self.make_test_case(alg, category, + self.Reason.INCOMPATIBLE, + kt=kt) + else: + # Incompatible key and operation. Don't test cases where + # multiple things are wrong, to keep the number of test + # cases reasonable. + pass + + def test_cases_for_algorithm( + self, + alg: crypto_knowledge.Algorithm, + ) -> Iterator[test_case.TestCase]: + """Generate operation failure test cases for the specified algorithm.""" + for category in crypto_knowledge.AlgorithmCategory: + if category == crypto_knowledge.AlgorithmCategory.PAKE: + # PAKE operations are not implemented yet + pass + elif category.requires_key(): + yield from self.one_key_test_cases(alg, category) + else: + yield from self.no_key_test_cases(alg, category) + + def all_test_cases(self) -> Iterator[test_case.TestCase]: + """Generate all test cases for operations that must fail.""" + algorithms = sorted(self.constructors.algorithms) + for expr in self.constructors.generate_expressions(algorithms): + alg = crypto_knowledge.Algorithm(expr) + yield from self.test_cases_for_algorithm(alg) + + class StorageKey(psa_storage.Key): """Representation of a key for storage format testing.""" @@ -314,22 +439,25 @@ class StorageKey(psa_storage.Key): def __init__( self, - usage: str, + usage: Iterable[str], without_implicit_usage: Optional[bool] = False, **kwargs ) -> None: """Prepare to generate a key. * `usage` : The usage flags used for the key. - * `without_implicit_usage`: Flag to defide to apply the usage extension + * `without_implicit_usage`: Flag to define to apply the usage extension """ - super().__init__(usage=usage, **kwargs) - + usage_flags = set(usage) if not without_implicit_usage: - for flag, implicit in self.IMPLICIT_USAGE_FLAGS.items(): - if self.usage.value() & psa_storage.Expr(flag).value() and \ - self.usage.value() & psa_storage.Expr(implicit).value() == 0: - self.usage = psa_storage.Expr(self.usage.string + ' | ' + implicit) + for flag in sorted(usage_flags): + if flag in self.IMPLICIT_USAGE_FLAGS: + usage_flags.add(self.IMPLICIT_USAGE_FLAGS[flag]) + if usage_flags: + usage_expression = ' | '.join(sorted(usage_flags)) + else: + usage_expression = '0' + super().__init__(usage=usage_expression, **kwargs) class StorageTestData(StorageKey): """Representation of test case data for storage format testing.""" @@ -337,7 +465,7 @@ class StorageTestData(StorageKey): def __init__( self, description: str, - expected_usage: Optional[str] = None, + expected_usage: Optional[List[str]] = None, **kwargs ) -> None: """Prepare to generate test data @@ -349,7 +477,12 @@ def __init__( """ super().__init__(**kwargs) self.description = description #type: str - self.expected_usage = expected_usage if expected_usage else self.usage.string #type: str + if expected_usage is None: + self.expected_usage = self.usage #type: psa_storage.Expr + elif expected_usage: + self.expected_usage = psa_storage.Expr(' | '.join(expected_usage)) + else: + self.expected_usage = psa_storage.Expr(0) class StorageFormat: """Storage format stability test cases.""" @@ -368,6 +501,50 @@ def __init__(self, info: Information, version: int, forward: bool) -> None: self.version = version #type: int self.forward = forward #type: bool + RSA_OAEP_RE = re.compile(r'PSA_ALG_RSA_OAEP\((.*)\)\Z') + BRAINPOOL_RE = re.compile(r'PSA_KEY_TYPE_\w+\(PSA_ECC_FAMILY_BRAINPOOL_\w+\)\Z') + @classmethod + def exercise_key_with_algorithm( + cls, + key_type: psa_storage.Expr, bits: int, + alg: psa_storage.Expr + ) -> bool: + """Whether to exercise the given key with the given algorithm. + + Normally only the type and algorithm matter for compatibility, and + this is handled in crypto_knowledge.KeyType.can_do(). This function + exists to detect exceptional cases. Exceptional cases detected here + are not tested in OpFail and should therefore have manually written + test cases. + """ + # Some test keys have the RAW_DATA type and attributes that don't + # necessarily make sense. We do this to validate numerical + # encodings of the attributes. + # Raw data keys have no useful exercise anyway so there is no + # loss of test coverage. + if key_type.string == 'PSA_KEY_TYPE_RAW_DATA': + return False + # Mbed TLS only supports 128-bit keys for RC4. + if key_type.string == 'PSA_KEY_TYPE_ARC4' and bits != 128: + return False + # OAEP requires room for two hashes plus wrapping + m = cls.RSA_OAEP_RE.match(alg.string) + if m: + hash_alg = m.group(1) + hash_length = crypto_knowledge.Algorithm.hash_length(hash_alg) + key_length = (bits + 7) // 8 + # Leave enough room for at least one byte of plaintext + return key_length > 2 * hash_length + 2 + # There's nothing wrong with ECC keys on Brainpool curves, + # but operations with them are very slow. So we only exercise them + # with a single algorithm, not with all possible hashes. We do + # exercise other curves with all algorithms so test coverage is + # perfectly adequate like this. + m = cls.BRAINPOOL_RE.match(key_type.string) + if m and alg.string != 'PSA_ALG_ECDSA_ANY': + return False + return True + def make_test_case(self, key: StorageTestData) -> test_case.TestCase: """Construct a storage format test case for the given key. @@ -379,10 +556,10 @@ def make_test_case(self, key: StorageTestData) -> test_case.TestCase: """ verb = 'save' if self.forward else 'read' tc = test_case.TestCase() - tc.set_description('PSA storage {}: {}'.format(verb, key.description)) + tc.set_description(verb + ' ' + key.description) dependencies = automatic_dependencies( key.lifetime.string, key.type.string, - key.expected_usage, key.alg.string, key.alg2.string, + key.alg.string, key.alg2.string, ) dependencies = finish_family_dependencies(dependencies, key.bits) tc.set_dependencies(dependencies) @@ -391,19 +568,15 @@ def make_test_case(self, key: StorageTestData) -> test_case.TestCase: extra_arguments = [] else: flags = [] - # Some test keys have the RAW_DATA type and attributes that don't - # necessarily make sense. We do this to validate numerical - # encodings of the attributes. - # Raw data keys have no useful exercise anyway so there is no - # loss of test coverage. - if key.type.string != 'PSA_KEY_TYPE_RAW_DATA': + if self.exercise_key_with_algorithm(key.type, key.bits, key.alg): flags.append('TEST_FLAG_EXERCISE') if 'READ_ONLY' in key.lifetime.string: flags.append('TEST_FLAG_READ_ONLY') extra_arguments = [' | '.join(flags) if flags else '0'] tc.set_arguments([key.lifetime.string, key.type.string, str(key.bits), - key.expected_usage, key.alg.string, key.alg2.string, + key.expected_usage.string, + key.alg.string, key.alg2.string, '"' + key.material.hex() + '"', '"' + key.hex() + '"', *extra_arguments]) @@ -417,12 +590,12 @@ def key_for_lifetime( short = lifetime short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION', r'', short) - short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short) + short = crypto_knowledge.short_expression(short) description = 'lifetime: ' + short key = StorageTestData(version=self.version, id=1, lifetime=lifetime, type='PSA_KEY_TYPE_RAW_DATA', bits=8, - usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0, + usage=['PSA_KEY_USAGE_EXPORT'], alg=0, alg2=0, material=b'L', description=description) return key @@ -441,99 +614,112 @@ def all_keys_for_lifetimes(self) -> Iterator[StorageTestData]: continue yield self.key_for_lifetime(lifetime) - def keys_for_usage_flags( + def key_for_usage_flags( self, usage_flags: List[str], short: Optional[str] = None, - test_implicit_usage: Optional[bool] = False - ) -> Iterator[StorageTestData]: + test_implicit_usage: Optional[bool] = True + ) -> StorageTestData: """Construct a test key for the given key usage.""" - usage = ' | '.join(usage_flags) if usage_flags else '0' - if short is None: - short = re.sub(r'\bPSA_KEY_USAGE_', r'', usage) - extra_desc = ' with implication' if test_implicit_usage else '' - description = 'usage' + extra_desc + ': ' + short + extra_desc = ' without implication' if test_implicit_usage else '' + description = 'usage' + extra_desc + ': ' key1 = StorageTestData(version=self.version, id=1, lifetime=0x00000001, type='PSA_KEY_TYPE_RAW_DATA', bits=8, - expected_usage=usage, - usage=usage, alg=0, alg2=0, + expected_usage=usage_flags, + without_implicit_usage=not test_implicit_usage, + usage=usage_flags, alg=0, alg2=0, material=b'K', description=description) - yield key1 - - if test_implicit_usage: - description = 'usage without implication' + ': ' + short - key2 = StorageTestData(version=self.version, - id=1, lifetime=0x00000001, - type='PSA_KEY_TYPE_RAW_DATA', bits=8, - without_implicit_usage=True, - usage=usage, alg=0, alg2=0, - material=b'K', - description=description) - yield key2 + if short is None: + usage_expr = key1.expected_usage.string + key1.description += crypto_knowledge.short_expression(usage_expr) + else: + key1.description += short + return key1 def generate_keys_for_usage_flags(self, **kwargs) -> Iterator[StorageTestData]: """Generate test keys covering usage flags.""" known_flags = sorted(self.constructors.key_usage_flags) - yield from self.keys_for_usage_flags(['0'], **kwargs) + yield self.key_for_usage_flags(['0'], **kwargs) for usage_flag in known_flags: - yield from self.keys_for_usage_flags([usage_flag], **kwargs) + yield self.key_for_usage_flags([usage_flag], **kwargs) for flag1, flag2 in zip(known_flags, known_flags[1:] + [known_flags[0]]): - yield from self.keys_for_usage_flags([flag1, flag2], **kwargs) + yield self.key_for_usage_flags([flag1, flag2], **kwargs) def generate_key_for_all_usage_flags(self) -> Iterator[StorageTestData]: known_flags = sorted(self.constructors.key_usage_flags) - yield from self.keys_for_usage_flags(known_flags, short='all known') + yield self.key_for_usage_flags(known_flags, short='all known') def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: yield from self.generate_keys_for_usage_flags() yield from self.generate_key_for_all_usage_flags() + def key_for_type_and_alg( + self, + kt: crypto_knowledge.KeyType, + bits: int, + alg: Optional[crypto_knowledge.Algorithm] = None, + ) -> StorageTestData: + """Construct a test key of the given type. + + If alg is not None, this key allows it. + """ + usage_flags = ['PSA_KEY_USAGE_EXPORT'] + alg1 = 0 #type: psa_storage.Exprable + alg2 = 0 + if alg is not None: + alg1 = alg.expression + usage_flags += alg.usage_flags(public=kt.is_public()) + key_material = kt.key_material(bits) + description = 'type: {} {}-bit'.format(kt.short_expression(1), bits) + if alg is not None: + description += ', ' + alg.short_expression(1) + key = StorageTestData(version=self.version, + id=1, lifetime=0x00000001, + type=kt.expression, bits=bits, + usage=usage_flags, alg=alg1, alg2=alg2, + material=key_material, + description=description) + return key + def keys_for_type( self, key_type: str, - params: Optional[Iterable[str]] = None + all_algorithms: List[crypto_knowledge.Algorithm], ) -> Iterator[StorageTestData]: - """Generate test keys for the given key type. - - For key types that depend on a parameter (e.g. elliptic curve family), - `param` is the parameter to pass to the constructor. Only a single - parameter is supported. - """ - kt = crypto_knowledge.KeyType(key_type, params) + """Generate test keys for the given key type.""" + kt = crypto_knowledge.KeyType(key_type) for bits in kt.sizes_to_test(): - usage_flags = 'PSA_KEY_USAGE_EXPORT' - alg = 0 - alg2 = 0 - key_material = kt.key_material(bits) - short_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', - r'', - kt.expression) - description = 'type: {} {}-bit'.format(short_expression, bits) - key = StorageTestData(version=self.version, - id=1, lifetime=0x00000001, - type=kt.expression, bits=bits, - usage=usage_flags, alg=alg, alg2=alg2, - material=key_material, - description=description) - yield key + # Test a non-exercisable key, as well as exercisable keys for + # each compatible algorithm. + # To do: test reading a key from storage with an incompatible + # or unsupported algorithm. + yield self.key_for_type_and_alg(kt, bits) + compatible_algorithms = [alg for alg in all_algorithms + if kt.can_do(alg)] + for alg in compatible_algorithms: + yield self.key_for_type_and_alg(kt, bits, alg) def all_keys_for_types(self) -> Iterator[StorageTestData]: """Generate test keys covering key types and their representations.""" key_types = sorted(self.constructors.key_types) + all_algorithms = [crypto_knowledge.Algorithm(alg) + for alg in self.constructors.generate_expressions( + sorted(self.constructors.algorithms) + )] for key_type in self.constructors.generate_expressions(key_types): - yield from self.keys_for_type(key_type) + yield from self.keys_for_type(key_type, all_algorithms) def keys_for_algorithm(self, alg: str) -> Iterator[StorageTestData]: - """Generate test keys for the specified algorithm.""" - # For now, we don't have information on the compatibility of key - # types and algorithms. So we just test the encoding of algorithms, - # and not that operations can be performed with them. - descr = re.sub(r'PSA_ALG_', r'', alg) - descr = re.sub(r',', r', ', re.sub(r' +', r'', descr)) - usage = 'PSA_KEY_USAGE_EXPORT' + """Generate test keys for the encoding of the specified algorithm.""" + # These test cases only validate the encoding of algorithms, not + # whether the key read from storage is suitable for an operation. + # `keys_for_types` generate read tests with an algorithm and a + # compatible key. + descr = crypto_knowledge.short_expression(alg, 1) + usage = ['PSA_KEY_USAGE_EXPORT'] key1 = StorageTestData(version=self.version, id=1, lifetime=0x00000001, type='PSA_KEY_TYPE_RAW_DATA', bits=8, @@ -591,8 +777,8 @@ def __init__(self, info: Information) -> None: def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: """Generate test keys covering usage flags.""" - yield from self.generate_keys_for_usage_flags(test_implicit_usage=True) - yield from self.generate_key_for_all_usage_flags() + yield from super().all_keys_for_usage_flags() + yield from self.generate_keys_for_usage_flags(test_implicit_usage=False) def keys_for_implicit_usage( self, @@ -606,17 +792,14 @@ def keys_for_implicit_usage( """ bits = key_type.sizes_to_test()[0] implicit_usage = StorageKey.IMPLICIT_USAGE_FLAGS[implyer_usage] - usage_flags = 'PSA_KEY_USAGE_EXPORT' - material_usage_flags = usage_flags + ' | ' + implyer_usage - expected_usage_flags = material_usage_flags + ' | ' + implicit_usage + usage_flags = ['PSA_KEY_USAGE_EXPORT'] + material_usage_flags = usage_flags + [implyer_usage] + expected_usage_flags = material_usage_flags + [implicit_usage] alg2 = 0 key_material = key_type.key_material(bits) - usage_expression = re.sub(r'PSA_KEY_USAGE_', r'', implyer_usage) - alg_expression = re.sub(r'PSA_ALG_', r'', alg) - alg_expression = re.sub(r',', r', ', re.sub(r' +', r'', alg_expression)) - key_type_expression = re.sub(r'\bPSA_(?:KEY_TYPE|ECC_FAMILY)_', - r'', - key_type.expression) + usage_expression = crypto_knowledge.short_expression(implyer_usage, 1) + alg_expression = crypto_knowledge.short_expression(alg, 1) + key_type_expression = key_type.short_expression(1) description = 'implied by {}: {} {} {}-bit'.format( usage_expression, alg_expression, key_type_expression, bits) key = StorageTestData(version=self.version, @@ -633,7 +816,7 @@ def keys_for_implicit_usage( def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: # pylint: disable=too-many-locals """Match possible key types for sign algorithms.""" - # To create a valid combinaton both the algorithms and key types + # To create a valid combination both the algorithms and key types # must be filtered. Pair them with keywords created from its names. incompatible_alg_keyword = frozenset(['RAW', 'ANY', 'PURE']) incompatible_key_type_keywords = frozenset(['MONTGOMERY']) @@ -657,7 +840,7 @@ def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: if re.match(pattern, keyword): alg_keywords.remove(keyword) alg_keywords.add(replace) - # Filter out incompatible algortihms + # Filter out incompatible algorithms if not alg_keywords.isdisjoint(incompatible_alg_keyword): continue @@ -665,7 +848,7 @@ def gather_key_types_for_sign_alg(self) -> Dict[str, List[str]]: # Generate keywords from the of the key type key_type_keywords = set(key_type.translate(translation_table).split(sep='_')[3:]) - # Remove ambigious keywords + # Remove ambiguous keywords for keyword1, keyword2 in exclusive_keywords.items(): if keyword1 in key_type_keywords: key_type_keywords.remove(keyword2) @@ -682,7 +865,7 @@ def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]: """Generate test keys for usage flag extensions.""" # Generate a key type and algorithm pair for each extendable usage # flag to generate a valid key for exercising. The key is generated - # without usage extension to check the extension compatiblity. + # without usage extension to check the extension compatibility. alg_with_keys = self.gather_key_types_for_sign_alg() for usage in sorted(StorageKey.IMPLICIT_USAGE_FLAGS, key=str): @@ -690,78 +873,38 @@ def all_keys_for_implicit_usage(self) -> Iterator[StorageTestData]: for key_type in sorted(alg_with_keys[alg]): # The key types must be filtered to fit the specific usage flag. kt = crypto_knowledge.KeyType(key_type) - if kt.is_valid_for_signature(usage): - yield self.keys_for_implicit_usage(usage, alg, kt) + if kt.is_public() and '_SIGN_' in usage: + # Can't sign with a public key + continue + yield self.keys_for_implicit_usage(usage, alg, kt) def generate_all_keys(self) -> Iterator[StorageTestData]: yield from super().generate_all_keys() yield from self.all_keys_for_implicit_usage() -class TestGenerator: - """Generate test data.""" - - def __init__(self, options) -> None: - self.test_suite_directory = self.get_option(options, 'directory', - 'tests/suites') - self.info = Information() - - @staticmethod - def get_option(options, name: str, default: T) -> T: - value = getattr(options, name, None) - return default if value is None else value - - def filename_for(self, basename: str) -> str: - """The location of the data file with the specified base name.""" - return os.path.join(self.test_suite_directory, basename + '.data') - - def write_test_data_file(self, basename: str, - test_cases: Iterable[test_case.TestCase]) -> None: - """Write the test cases to a .data file. - - The output file is ``basename + '.data'`` in the test suite directory. - """ - filename = self.filename_for(basename) - test_case.write_data_file(filename, test_cases) - - TARGETS = { +class PSATestGenerator(test_data_generation.TestGenerator): + """Test generator subclass including PSA targets and info.""" + # Note that targets whose names contain 'test_format' have their content + # validated by `abi_check.py`. + targets = { 'test_suite_psa_crypto_generate_key.generated': lambda info: KeyGenerate(info).test_cases_for_key_generation(), 'test_suite_psa_crypto_not_supported.generated': - lambda info: NotSupported(info).test_cases_for_not_supported(), + lambda info: KeyTypeNotSupported(info).test_cases_for_not_supported(), + 'test_suite_psa_crypto_op_fail.generated': + lambda info: OpFail(info).all_test_cases(), 'test_suite_psa_crypto_storage_format.current': lambda info: StorageFormatForward(info, 0).all_test_cases(), 'test_suite_psa_crypto_storage_format.v0': lambda info: StorageFormatV0(info).all_test_cases(), } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]] - def generate_target(self, name: str) -> None: - test_cases = self.TARGETS[name](self.info) - self.write_test_data_file(name, test_cases) - -def main(args): - """Command line entry point.""" - parser = argparse.ArgumentParser(description=__doc__) - parser.add_argument('--list', action='store_true', - help='List available targets and exit') - parser.add_argument('targets', nargs='*', metavar='TARGET', - help='Target file to generate (default: all; "-": none)') - options = parser.parse_args(args) - generator = TestGenerator(options) - if options.list: - for name in sorted(generator.TARGETS): - print(generator.filename_for(name)) - return - if options.targets: - # Allow "-" as a special case so you can run - # ``generate_psa_tests.py - $targets`` and it works uniformly whether - # ``$targets`` is empty or not. - options.targets = [os.path.basename(re.sub(r'\.data\Z', r'', target)) - for target in options.targets - if target != '-'] - else: - options.targets = sorted(generator.TARGETS) - for target in options.targets: - generator.generate_target(target) + def __init__(self, options): + super().__init__(options) + self.info = Information() + + def generate_target(self, name: str, *target_args) -> None: + super().generate_target(name, self.info) if __name__ == '__main__': - main(sys.argv[1:]) + test_data_generation.main(sys.argv[1:], __doc__, PSATestGenerator) diff --git a/third_party/mbedtls/repo/tests/scripts/generate_test_code.py b/third_party/mbedtls/repo/tests/scripts/generate_test_code.py index f5750aacfa2..6db121c2979 100755 --- a/third_party/mbedtls/repo/tests/scripts/generate_test_code.py +++ b/third_party/mbedtls/repo/tests/scripts/generate_test_code.py @@ -2,19 +2,7 @@ # Test suites code generator. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script is a key part of Mbed TLS test suites framework. For @@ -126,33 +114,39 @@ This script replaces following fields in the template and generates the test source file: -$test_common_helpers <-- All common code from helpers.function - is substituted here. -$functions_code <-- Test functions are substituted here - from the input test_suit_xyz.function - file. C preprocessor checks are generated - for the build dependencies specified - in the input file. This script also - generates wrappers for the test - functions with code to expand the - string parameters read from the data - file. -$expression_code <-- This script enumerates the - expressions in the .data file and - generates code to handle enumerated - expression Ids and return the values. -$dep_check_code <-- This script enumerates all - build dependencies and generate - code to handle enumerated build - dependency Id and return status: if - the dependency is defined or not. -$dispatch_code <-- This script enumerates the functions - specified in the input test data file - and generates the initializer for the - function table in the template - file. -$platform_code <-- Platform specific setup and test - dispatch code. +__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS + All common code from helpers.function + is substituted here. +__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE + Test functions are substituted here + from the input test_suit_xyz.function + file. C preprocessor checks are generated + for the build dependencies specified + in the input file. This script also + generates wrappers for the test + functions with code to expand the + string parameters read from the data + file. +__MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE + This script enumerates the + expressions in the .data file and + generates code to handle enumerated + expression Ids and return the values. +__MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE + This script enumerates all + build dependencies and generate + code to handle enumerated build + dependency Id and return status: if + the dependency is defined or not. +__MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE + This script enumerates the functions + specified in the input test data file + and generates the initializer for the + function table in the template + file. +__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE + Platform specific setup and test + dispatch code. """ @@ -165,6 +159,28 @@ import argparse +# Types recognized as signed integer arguments in test functions. +SIGNED_INTEGER_TYPES = frozenset([ + 'char', + 'short', + 'short int', + 'int', + 'int8_t', + 'int16_t', + 'int32_t', + 'int64_t', + 'intmax_t', + 'long', + 'long int', + 'long long int', + 'mbedtls_mpi_sint', + 'psa_status_t', +]) +# Types recognized as string arguments in test functions. +STRING_TYPES = frozenset(['char*', 'const char*', 'char const*']) +# Types recognized as hex data arguments in test functions. +DATA_TYPES = frozenset(['data_t*', 'const data_t*', 'data_t const*']) + BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/' END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/' @@ -186,9 +202,6 @@ CONDITION_OPERATOR_REGEX, CONDITION_VALUE_REGEX) TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P\w+)\s*\(' -INT_CHECK_REGEX = r'int\s+.*' -CHAR_CHECK_REGEX = r'char\s*\*\s*.*' -DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*' FUNCTION_ARG_LIST_END_REGEX = r'.*\)' EXIT_LABEL_REGEX = r'^exit:' @@ -214,25 +227,17 @@ def __init__(self, file_name): :param file_name: File path to open. """ - super(FileWrapper, self).__init__(file_name, 'r') + super().__init__(file_name, 'r') self._line_no = 0 - def next(self): + def __next__(self): """ - Python 2 iterator method. This method overrides base class's - next method and extends the next method to count the line - numbers as each line is read. - - It works for both Python 2 and Python 3 by checking iterator - method name in the base iterator object. + This method overrides base class's __next__ method and extends it + method to count the line numbers as each line is read. :return: Line read from file. """ - parent = super(FileWrapper, self) - if hasattr(parent, '__next__'): - line = parent.__next__() # Python 3 - else: - line = parent.next() # Python 2 # pylint: disable=no-member + line = super().__next__() if line is not None: self._line_no += 1 # Convert byte array to string with correct encoding and @@ -240,9 +245,6 @@ def next(self): return line.decode(sys.getdefaultencoding()).rstrip() + '\n' return None - # Python 3 iterator method - __next__ = next - def get_line_no(self): """ Gives current line number. @@ -308,7 +310,7 @@ def gen_function_wrapper(name, local_vars, args_dispatch): :param name: Test function name :param local_vars: Local variables declaration code :param args_dispatch: List of dispatch arguments. - Ex: ['(char *)params[0]', '*((int *)params[1])'] + Ex: ['(char *) params[0]', '*((int *) params[1])'] :return: Test function wrapper. """ # Then create the wrapper @@ -449,6 +451,49 @@ def parse_function_dependencies(line): return dependencies +ARGUMENT_DECLARATION_REGEX = re.compile(r'(.+?) ?(?:\bconst\b)? ?(\w+)\Z', re.S) +def parse_function_argument(arg, arg_idx, args, local_vars, args_dispatch): + """ + Parses one test function's argument declaration. + + :param arg: argument declaration. + :param arg_idx: current wrapper argument index. + :param args: accumulator of arguments' internal types. + :param local_vars: accumulator of internal variable declarations. + :param args_dispatch: accumulator of argument usage expressions. + :return: the number of new wrapper arguments, + or None if the argument declaration is invalid. + """ + # Normalize whitespace + arg = arg.strip() + arg = re.sub(r'\s*\*\s*', r'*', arg) + arg = re.sub(r'\s+', r' ', arg) + # Extract name and type + m = ARGUMENT_DECLARATION_REGEX.search(arg) + if not m: + # E.g. "int x[42]" + return None + typ, _ = m.groups() + if typ in SIGNED_INTEGER_TYPES: + args.append('int') + args_dispatch.append('((mbedtls_test_argument_t *) params[%d])->sint' % arg_idx) + return 1 + if typ in STRING_TYPES: + args.append('char*') + args_dispatch.append('(char *) params[%d]' % arg_idx) + return 1 + if typ in DATA_TYPES: + args.append('hex') + # create a structure + pointer_initializer = '(uint8_t *) params[%d]' % arg_idx + len_initializer = '((mbedtls_test_argument_t *) params[%d])->len' % (arg_idx+1) + local_vars.append(' data_t data%d = {%s, %s};\n' % + (arg_idx, pointer_initializer, len_initializer)) + args_dispatch.append('&data%d' % arg_idx) + return 2 + return None + +ARGUMENT_LIST_REGEX = re.compile(r'\((.*?)\)', re.S) def parse_function_arguments(line): """ Parses test function signature for validation and generates @@ -460,42 +505,27 @@ def parse_function_arguments(line): :return: argument list, local variables for wrapper function and argument dispatch code. """ - args = [] - local_vars = '' - args_dispatch = [] - arg_idx = 0 - # Remove characters before arguments - line = line[line.find('(') + 1:] # Process arguments, ex: arg1, arg2 ) # This script assumes that the argument list is terminated by ')' # i.e. the test functions will not have a function pointer # argument. - for arg in line[:line.find(')')].split(','): - arg = arg.strip() - if arg == '': - continue - if re.search(INT_CHECK_REGEX, arg.strip()): - args.append('int') - args_dispatch.append('*( (int *) params[%d] )' % arg_idx) - elif re.search(CHAR_CHECK_REGEX, arg.strip()): - args.append('char*') - args_dispatch.append('(char *) params[%d]' % arg_idx) - elif re.search(DATA_T_CHECK_REGEX, arg.strip()): - args.append('hex') - # create a structure - pointer_initializer = '(uint8_t *) params[%d]' % arg_idx - len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1) - local_vars += """ data_t data%d = {%s, %s}; -""" % (arg_idx, pointer_initializer, len_initializer) - - args_dispatch.append('&data%d' % arg_idx) - arg_idx += 1 - else: + m = ARGUMENT_LIST_REGEX.search(line) + arg_list = m.group(1).strip() + if arg_list in ['', 'void']: + return [], '', [] + args = [] + local_vars = [] + args_dispatch = [] + arg_idx = 0 + for arg in arg_list.split(','): + indexes = parse_function_argument(arg, arg_idx, + args, local_vars, args_dispatch) + if indexes is None: raise ValueError("Test function arguments can only be 'int', " "'char *' or 'data_t'\n%s" % line) - arg_idx += 1 + arg_idx += indexes - return args, local_vars, args_dispatch + return args, ''.join(local_vars), args_dispatch def generate_function_code(name, code, local_vars, args_dispatch, @@ -524,6 +554,50 @@ def generate_function_code(name, code, local_vars, args_dispatch, gen_dependencies(dependencies) return preprocessor_check_start + code + preprocessor_check_end +COMMENT_START_REGEX = re.compile(r'/[*/]') + +def skip_comments(line, stream): + """Remove comments in line. + + If the line contains an unfinished comment, read more lines from stream + until the line that contains the comment. + + :return: The original line with inner comments replaced by spaces. + Trailing comments and whitespace may be removed completely. + """ + pos = 0 + while True: + opening = COMMENT_START_REGEX.search(line, pos) + if not opening: + break + if line[opening.start(0) + 1] == '/': # //... + continuation = line + # Count the number of line breaks, to keep line numbers aligned + # in the output. + line_count = 1 + while continuation.endswith('\\\n'): + # This errors out if the file ends with an unfinished line + # comment. That's acceptable to not complicate the code further. + continuation = next(stream) + line_count += 1 + return line[:opening.start(0)].rstrip() + '\n' * line_count + # Parsing /*...*/, looking for the end + closing = line.find('*/', opening.end(0)) + while closing == -1: + # This errors out if the file ends with an unfinished block + # comment. That's acceptable to not complicate the code further. + line += next(stream) + closing = line.find('*/', opening.end(0)) + pos = closing + 2 + # Replace inner comment by spaces. There needs to be at least one space + # for things like 'int/*ihatespaces*/foo'. Go further and preserve the + # width of the comment and line breaks, this way positions in error + # messages remain correct. + line = (line[:opening.start(0)] + + re.sub(r'.', r' ', line[opening.start(0):pos]) + + line[pos:]) + # Strip whitespace at the end of lines (it's irrelevant to error messages). + return re.sub(r' +(\n|\Z)', r'\1', line) def parse_function_code(funcs_f, dependencies, suite_dependencies): """ @@ -543,6 +617,7 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies): # across multiple lines. Here we try to find the start of # arguments list, then remove '\n's and apply the regex to # detect function start. + line = skip_comments(line, funcs_f) up_to_arg_list_start = code + line[:line.find('(') + 1] match = re.match(TEST_FUNCTION_VALIDATION_REGEX, up_to_arg_list_start.replace('\n', ' '), re.I) @@ -551,7 +626,7 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies): name = match.group('func_name') if not re.match(FUNCTION_ARG_LIST_END_REGEX, line): for lin in funcs_f: - line += lin + line += skip_comments(lin, funcs_f) if re.search(FUNCTION_ARG_LIST_END_REGEX, line): break args, local_vars, args_dispatch = parse_function_arguments( @@ -567,6 +642,11 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies): code = code.replace(name, 'test_' + name, 1) name = 'test_' + name + # If a test function has no arguments then add 'void' argument to + # avoid "-Wstrict-prototypes" warnings from clang + if len(args) == 0: + code = code.replace('()', '(void)', 1) + for line in funcs_f: if re.search(END_CASE_REGEX, line): break @@ -665,7 +745,7 @@ def parse_test_data(data_f): execution. :param data_f: file object of the data file. - :return: Generator that yields test name, function name, + :return: Generator that yields line number, test name, function name, dependency list and function argument list. """ __state_read_name = 0 @@ -708,7 +788,7 @@ def parse_test_data(data_f): parts = escaped_split(line, ':') test_function = parts[0] args = parts[1:] - yield name, test_function, dependencies, args + yield data_f.line_no, name, test_function, dependencies, args dependencies = [] state = __state_read_name if state == __state_read_args: @@ -806,6 +886,14 @@ def write_dependencies(out_data_f, test_dependencies, unique_dependencies): return dep_check_code +INT_VAL_REGEX = re.compile(r'-?(\d+|0x[0-9a-f]+)$', re.I) +def val_is_int(val: str) -> bool: + """Whether val is suitable as an 'int' parameter in the .datax file.""" + if not INT_VAL_REGEX.match(val): + return False + # Limit the range to what is guaranteed to get through strtol() + return abs(int(val, 0)) <= 0x7fffffff + def write_parameters(out_data_f, test_args, func_args, unique_expressions): """ Writes test parameters to the intermediate data file, replacing @@ -824,9 +912,9 @@ def write_parameters(out_data_f, test_args, func_args, unique_expressions): typ = func_args[i] val = test_args[i] - # check if val is a non literal int val (i.e. an expression) - if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$', - val, re.I): + # Pass small integer constants literally. This reduces the size of + # the C code. Register anything else as an expression. + if typ == 'int' and not val_is_int(val): typ = 'exp' if val not in unique_expressions: unique_expressions.append(val) @@ -869,6 +957,24 @@ def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code): return dep_check_code, expression_code +def get_function_info(func_info, function_name, line_no): + """Look up information about a test function by name. + + Raise an informative expression if function_name is not found. + + :param func_info: dictionary mapping function names to their information. + :param function_name: the function name as written in the .function and + .data files. + :param line_no: line number for error messages. + :return Function information (id, args). + """ + test_function_name = 'test_' + function_name + if test_function_name not in func_info: + raise GeneratorInputError("%d: Function %s not found!" % + (line_no, test_function_name)) + return func_info[test_function_name] + + def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): """ This function reads test case name, dependencies and test vectors @@ -891,7 +997,7 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): unique_expressions = [] dep_check_code = '' expression_code = '' - for test_name, function_name, test_dependencies, test_args in \ + for line_no, test_name, function_name, test_dependencies, test_args in \ parse_test_data(data_f): out_data_f.write(test_name + '\n') @@ -900,18 +1006,15 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): unique_dependencies) # Write test function name - test_function_name = 'test_' + function_name - if test_function_name not in func_info: - raise GeneratorInputError("Function %s not found!" % - test_function_name) - func_id, func_args = func_info[test_function_name] + func_id, func_args = \ + get_function_info(func_info, function_name, line_no) out_data_f.write(str(func_id)) # Write parameters if len(test_args) != len(func_args): - raise GeneratorInputError("Invalid number of arguments in test " + raise GeneratorInputError("%d: Invalid number of arguments in test " "%s. See function %s signature." % - (test_name, function_name)) + (line_no, test_name, function_name)) expression_code += write_parameters(out_data_f, test_args, func_args, unique_expressions) @@ -974,11 +1077,27 @@ def write_test_source_file(template_file, c_file, snippets): :param snippets: Generated and code snippets :return: """ + + # Create a placeholder pattern with the correct named capture groups + # to override the default provided with Template. + # Match nothing (no way of escaping placeholders). + escaped = "(?P(?!))" + # Match the "__MBEDTLS_TEST_TEMPLATE__PLACEHOLDER_NAME" pattern. + named = "__MBEDTLS_TEST_TEMPLATE__(?P[A-Z][_A-Z0-9]*)" + # Match nothing (no braced placeholder syntax). + braced = "(?P(?!))" + # If not already matched, a "__MBEDTLS_TEST_TEMPLATE__" prefix is invalid. + invalid = "(?P__MBEDTLS_TEST_TEMPLATE__)" + placeholder_pattern = re.compile("|".join([escaped, named, braced, invalid])) + with open(template_file, 'r') as template_f, open(c_file, 'w') as c_f: for line_no, line in enumerate(template_f.readlines(), 1): # Update line number. +1 as #line directive sets next line number snippets['line_no'] = line_no + 1 - code = string.Template(line).substitute(**snippets) + template = string.Template(line) + template.pattern = placeholder_pattern + snippets = {k.upper():v for (k, v) in snippets.items()} + code = template.substitute(**snippets) c_f.write(code) diff --git a/third_party/mbedtls/repo/tests/scripts/key-exchanges.pl b/third_party/mbedtls/repo/tests/scripts/key-exchanges.pl deleted file mode 100755 index 20f3aa63588..00000000000 --- a/third_party/mbedtls/repo/tests/scripts/key-exchanges.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/env perl - -# key-exchanges.pl -# -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Purpose -# -# To test the code dependencies on individual key exchanges in the SSL module. -# is a verification step to ensure we don't ship SSL code that do not work -# for some build options. -# -# The process is: -# for each possible key exchange -# build the library with all but that key exchange disabled -# -# Usage: tests/scripts/key-exchanges.pl -# -# This script should be executed from the root of the project directory. -# -# For best effect, run either with cmake disabled, or cmake enabled in a mode -# that includes -Werror. - -use warnings; -use strict; - --d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; - -my $sed_cmd = 's/^#define \(MBEDTLS_KEY_EXCHANGE_.*_ENABLED\)/\1/p'; -my $config_h = 'include/mbedtls/config.h'; -my @kexes = split( /\s+/, `sed -n -e '$sed_cmd' $config_h` ); - -system( "cp $config_h $config_h.bak" ) and die; -sub abort { - system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; - # use an exit code between 1 and 124 for git bisect (die returns 255) - warn $_[0]; - exit 1; -} - -for my $kex (@kexes) { - system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; - system( "make clean" ) and die; - - print "\n******************************************\n"; - print "* Testing with key exchange: $kex\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = $kex; - - # full config with all key exchanges disabled except one - system( "scripts/config.py full" ) and abort "Failed config full\n"; - for my $k (@kexes) { - next if $k eq $kex; - system( "scripts/config.py unset $k" ) - and abort "Failed to disable $k\n"; - } - - system( "make lib CFLAGS='-Os -Werror'" ) and abort "Failed to build lib: $kex\n"; -} - -system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; -system( "make clean" ) and die; -exit 0; diff --git a/third_party/mbedtls/repo/tests/scripts/list-identifiers.sh b/third_party/mbedtls/repo/tests/scripts/list-identifiers.sh index 9b930802f55..4ccac236e21 100755 --- a/third_party/mbedtls/repo/tests/scripts/list-identifiers.sh +++ b/third_party/mbedtls/repo/tests/scripts/list-identifiers.sh @@ -10,19 +10,7 @@ # Usage: list-identifiers.sh [ -i | --internal ] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/third_party/mbedtls/repo/tests/scripts/list_internal_identifiers.py b/third_party/mbedtls/repo/tests/scripts/list_internal_identifiers.py index 779a16ffbc8..b648ce24f25 100755 --- a/third_party/mbedtls/repo/tests/scripts/list_internal_identifiers.py +++ b/third_party/mbedtls/repo/tests/scripts/list_internal_identifiers.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script generates a file called identifiers that contains all Mbed TLS @@ -46,7 +34,7 @@ def main(): result = name_check.parse_identifiers([ "include/mbedtls/*_internal.h", "library/*.h" - ]) + ])[0] result.sort(key=lambda x: x.name) identifiers = ["{}\n".format(match.name) for match in result] diff --git a/third_party/mbedtls/repo/tests/scripts/psa_collect_statuses.py b/third_party/mbedtls/repo/tests/scripts/psa_collect_statuses.py index b086793c40e..11bbebcc1f0 100755 --- a/third_party/mbedtls/repo/tests/scripts/psa_collect_statuses.py +++ b/third_party/mbedtls/repo/tests/scripts/psa_collect_statuses.py @@ -1,31 +1,19 @@ #!/usr/bin/env python3 """Describe the test coverage of PSA functions in terms of return statuses. -1. Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG +1. Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG 2. Run psa_collect_statuses.py The output is a series of line of the form "psa_foo PSA_ERROR_XXX". Each function/status combination appears only once. -This script must be run from the top of an Mbed Crypto source tree. +This script must be run from the top of an Mbed TLS source tree. The build command is "make -DRECORD_PSA_STATUS_COVERAGE_LOG", which is only supported with make (as opposed to CMake or other build methods). """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os @@ -46,7 +34,7 @@ def __init__(self): def collect_log(self, log_file_name): """Read logs from RECORD_PSA_STATUS_COVERAGE_LOG. - Read logs produced by running Mbed Crypto test suites built with + Read logs produced by running Mbed TLS test suites built with -DRECORD_PSA_STATUS_COVERAGE_LOG. """ with open(log_file_name) as log: @@ -82,7 +70,7 @@ def report(self): def collect_status_logs(options): """Build and run unit tests and report observed function return statuses. - Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the + Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the test suites and display information about observed return statuses. """ rebuilt = False diff --git a/third_party/mbedtls/repo/tests/scripts/recursion.pl b/third_party/mbedtls/repo/tests/scripts/recursion.pl index e4b2d9444d0..3cdeff7f432 100755 --- a/third_party/mbedtls/repo/tests/scripts/recursion.pl +++ b/third_party/mbedtls/repo/tests/scripts/recursion.pl @@ -4,24 +4,12 @@ # (Multiple recursion where a() calls b() which calls a() not covered.) # # When the recursion depth might depend on data controlled by the attacker in -# an unbounded way, those functions should use interation instead. +# an unbounded way, those functions should use iteration instead. # # Typical usage: scripts/recursion.pl library/*.c # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/run-test-suites.pl b/third_party/mbedtls/repo/tests/scripts/run-test-suites.pl index 15fa8bcf7a4..e0ee3f515ce 100755 --- a/third_party/mbedtls/repo/tests/scripts/run-test-suites.pl +++ b/third_party/mbedtls/repo/tests/scripts/run-test-suites.pl @@ -3,19 +3,7 @@ # run-test-suites.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later =head1 SYNOPSIS @@ -50,11 +38,13 @@ =head1 SYNOPSIS 'verbose|v:1' => \$verbose, ) or die; -# All test suites = executable files, excluding source files, debug -# and profiling information, etc. We can't just grep {! /\./} because -# some of our test cases' base names contain a dot. -my @suites = grep { -x $_ || /\.exe$/ } glob 'test_suite_*'; -@suites = grep { !/\.c$/ && !/\.data$/ && -f } @suites; +# All test suites = executable files with a .datax file. +my @suites = (); +for my $data_file (glob 'test_suite_*.datax') { + (my $base = $data_file) =~ s/\.datax$//; + push @suites, $base if -x $base; + push @suites, "$base.exe" if -e "$base.exe"; +} die "$0: no test suite found\n" unless @suites; # "foo" as a skip pattern skips "test_suite_foo" and "test_suite_foo.bar" @@ -74,7 +64,7 @@ =head1 SYNOPSIS my $prefix = $^O eq "MSWin32" ? '' : './'; -my ($failed_suites, $total_tests_run, $failed, $suite_cases_passed, +my (@failed_suites, $total_tests_run, $failed, $suite_cases_passed, $suite_cases_failed, $suite_cases_skipped, $total_cases_passed, $total_cases_failed, $total_cases_skipped ); my $suites_skipped = 0; @@ -112,7 +102,7 @@ sub pad_print_center { pad_print_center( 72, '-', "End $suite" ); } } else { - $failed_suites++; + push @failed_suites, $suite; print "FAIL\n"; if( $verbose ) { pad_print_center( 72, '-', "Begin $suite" ); @@ -139,12 +129,17 @@ sub pad_print_center { } print "-" x 72, "\n"; -print $failed_suites ? "FAILED" : "PASSED"; +print @failed_suites ? "FAILED" : "PASSED"; printf( " (%d suites, %d tests run%s)\n", scalar(@suites) - $suites_skipped, $total_tests_run, $suites_skipped ? ", $suites_skipped suites skipped" : "" ); +if( $verbose && @failed_suites ) { + # the output can be very long, so provide a summary of which suites failed + print " failed suites : @failed_suites\n"; +} + if( $verbose > 1 ) { print " test cases passed :", $total_cases_passed, "\n"; print " failed :", $total_cases_failed, "\n"; @@ -159,5 +154,5 @@ sub pad_print_center { } } -exit( $failed_suites ? 1 : 0 ); +exit( @failed_suites ? 1 : 0 ); diff --git a/third_party/mbedtls/repo/tests/scripts/scripts_path.py b/third_party/mbedtls/repo/tests/scripts/scripts_path.py index 10bf6f85248..5d83f29f92f 100644 --- a/third_party/mbedtls/repo/tests/scripts/scripts_path.py +++ b/third_party/mbedtls/repo/tests/scripts/scripts_path.py @@ -6,19 +6,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import sys diff --git a/third_party/mbedtls/repo/tests/scripts/set_psa_test_dependencies.py b/third_party/mbedtls/repo/tests/scripts/set_psa_test_dependencies.py index 61923d8559b..df7cea839e2 100755 --- a/third_party/mbedtls/repo/tests/scripts/set_psa_test_dependencies.py +++ b/third_party/mbedtls/repo/tests/scripts/set_psa_test_dependencies.py @@ -4,19 +4,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import re diff --git a/third_party/mbedtls/repo/tests/scripts/tcp_client.pl b/third_party/mbedtls/repo/tests/scripts/tcp_client.pl index 17f824e00e3..9aff22db05c 100755 --- a/third_party/mbedtls/repo/tests/scripts/tcp_client.pl +++ b/third_party/mbedtls/repo/tests/scripts/tcp_client.pl @@ -6,19 +6,7 @@ # RESPONSE: regexp that must match the server's response # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/third_party/mbedtls/repo/tests/scripts/test-ref-configs.pl b/third_party/mbedtls/repo/tests/scripts/test-ref-configs.pl index d34bbdef531..efe716e6a7c 100755 --- a/third_party/mbedtls/repo/tests/scripts/test-ref-configs.pl +++ b/third_party/mbedtls/repo/tests/scripts/test-ref-configs.pl @@ -3,19 +3,7 @@ # test-ref-configs.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -30,35 +18,49 @@ my %configs = ( 'config-ccm-psk-tls1_2.h' => { 'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', + 'test_again_with_use_psa' => 1 + }, + 'config-ccm-psk-dtls1_2.h' => { + 'compat' => '-m dtls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', + 'opt' => ' ', + 'opt_needs_debug' => 1, + 'test_again_with_use_psa' => 1 }, 'config-mini-tls1_1.h' => { - 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #' + 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #', + ## Skip ssl-opt testing for now because ssl-opt.sh is missing a lot + ## of requires_xxx so it would try to run tests that don't apply. + # 'opt' => ' ', + # 'opt_needs_debug' => 1, + 'test_again_with_use_psa' => 1 }, 'config-no-entropy.h' => { }, 'config-suite-b.h' => { 'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS", + 'test_again_with_use_psa' => 1, + 'opt' => ' ', + 'opt_needs_debug' => 1, }, 'config-symmetric-only.h' => { + 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice }, 'config-thread.h' => { 'opt' => '-f ECJPAKE.*nolog', + 'test_again_with_use_psa' => 1, }, ); # If no config-name is provided, use all known configs. # Otherwise, use the provided names only. +my @configs_to_test = sort keys %configs; if ($#ARGV >= 0) { - my %configs_ori = ( %configs ); - %configs = (); - - foreach my $conf_name (@ARGV) { - if( ! exists $configs_ori{$conf_name} ) { + foreach my $conf_name ( @ARGV ) { + if( ! exists $configs{$conf_name} ) { die "Unknown configuration: $conf_name\n"; - } else { - $configs{$conf_name} = $configs_ori{$conf_name}; } } + @configs_to_test = @ARGV; } -d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n"; @@ -82,44 +84,81 @@ sub abort { close SEEDFILE or die; } -while( my ($conf, $data) = each %configs ) { +sub perform_test { + my $conf_file = $_[0]; + my $data = $_[1]; + my $test_with_psa = $_[2]; + + my $conf_name = $conf_file; + if ( $test_with_psa ) + { + $conf_name .= "+PSA"; + } + system( "cp $config_h.bak $config_h" ) and die; system( "make clean" ) and die; print "\n******************************************\n"; - print "* Testing configuration: $conf\n"; + print "* Testing configuration: $conf_name\n"; print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf; - system( "cp configs/$conf $config_h" ) - and abort "Failed to activate $conf\n"; + $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name; - system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n"; - system( "make test" ) and abort "Failed test suite: $conf\n"; + system( "cp configs/$conf_file $config_h" ) + and abort "Failed to activate $conf_file\n"; + + if ( $test_with_psa ) + { + system( "scripts/config.py set MBEDTLS_PSA_CRYPTO_C" ); + system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" ); + } + + system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n"; + system( "make test" ) and abort "Failed test suite: $conf_name\n"; my $compat = $data->{'compat'}; if( $compat ) { - print "\nrunning compat.sh $compat\n"; + print "\nrunning compat.sh $compat ($conf_name)\n"; system( "tests/compat.sh $compat" ) - and abort "Failed compat.sh: $conf\n"; + and abort "Failed compat.sh: $conf_name\n"; } else { - print "\nskipping compat.sh\n"; + print "\nskipping compat.sh ($conf_name)\n"; } my $opt = $data->{'opt'}; if( $opt ) { - print "\nrunning ssl-opt.sh $opt\n"; + if( $data->{'opt_needs_debug'} ) + { + print "\nrebuilding with debug traces for ssl-opt ($conf_name)\n"; + $conf_name .= '+DEBUG'; + $ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name; + system( "make clean" ); + system( "scripts/config.py set MBEDTLS_DEBUG_C" ); + system( "scripts/config.py set MBEDTLS_ERROR_C" ); + system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n"; + } + + print "\nrunning ssl-opt.sh $opt ($conf_name)\n"; system( "tests/ssl-opt.sh $opt" ) - and abort "Failed ssl-opt.sh: $conf\n"; + and abort "Failed ssl-opt.sh: $conf_name\n"; } else { - print "\nskipping ssl-opt.sh\n"; + print "\nskipping ssl-opt.sh ($conf_name)\n"; + } +} + +foreach my $conf ( @configs_to_test ) { + my $test_with_psa = $configs{$conf}{'test_again_with_use_psa'}; + if ( $test_with_psa ) + { + perform_test( $conf, $configs{$conf}, $test_with_psa ); } + perform_test( $conf, $configs{$conf}, 0 ); } system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n"; diff --git a/third_party/mbedtls/repo/tests/scripts/test_config_script.py b/third_party/mbedtls/repo/tests/scripts/test_config_script.py index 8ca41032c44..c835b1cf76c 100755 --- a/third_party/mbedtls/repo/tests/scripts/test_config_script.py +++ b/third_party/mbedtls/repo/tests/scripts/test_config_script.py @@ -14,19 +14,8 @@ """ ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import argparse import glob diff --git a/third_party/mbedtls/repo/tests/scripts/test_generate_test_code.py b/third_party/mbedtls/repo/tests/scripts/test_generate_test_code.py index 9bf66f1cc6e..abc46a7291e 100755 --- a/third_party/mbedtls/repo/tests/scripts/test_generate_test_code.py +++ b/third_party/mbedtls/repo/tests/scripts/test_generate_test_code.py @@ -2,19 +2,7 @@ # Unit test for generate_test_code.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Unit tests for generate_test_code.py @@ -485,9 +473,10 @@ def test_int_and_char_params(self): args, local, arg_dispatch = parse_function_arguments(line) self.assertEqual(args, ['char*', 'int', 'int']) self.assertEqual(local, '') - self.assertEqual(arg_dispatch, ['(char *) params[0]', - '*( (int *) params[1] )', - '*( (int *) params[2] )']) + self.assertEqual(arg_dispatch, + ['(char *) params[0]', + '((mbedtls_test_argument_t *) params[1])->sint', + '((mbedtls_test_argument_t *) params[2])->sint']) def test_hex_params(self): """ @@ -499,22 +488,22 @@ def test_hex_params(self): self.assertEqual(args, ['char*', 'hex', 'int']) self.assertEqual(local, ' data_t data1 = {(uint8_t *) params[1], ' - '*( (uint32_t *) params[2] )};\n') + '((mbedtls_test_argument_t *) params[2])->len};\n') self.assertEqual(arg_dispatch, ['(char *) params[0]', '&data1', - '*( (int *) params[3] )']) + '((mbedtls_test_argument_t *) params[3])->sint']) def test_unsupported_arg(self): """ - Test unsupported arguments (not among int, char * and data_t) + Test unsupported argument type :return: """ - line = 'void entropy_threshold( char * a, data_t * h, char result )' + line = 'void entropy_threshold( char * a, data_t * h, unknown_t result )' self.assertRaises(ValueError, parse_function_arguments, line) - def test_no_params(self): + def test_empty_params(self): """ - Test no parameters. + Test no parameters (nothing between parentheses). :return: """ line = 'void entropy_threshold()' @@ -523,6 +512,39 @@ def test_no_params(self): self.assertEqual(local, '') self.assertEqual(arg_dispatch, []) + def test_blank_params(self): + """ + Test no parameters (space between parentheses). + :return: + """ + line = 'void entropy_threshold( )' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + + def test_void_params(self): + """ + Test no parameters (void keyword). + :return: + """ + line = 'void entropy_threshold(void)' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + + def test_void_space_params(self): + """ + Test no parameters (void with spaces). + :return: + """ + line = 'void entropy_threshold( void )' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + class ParseFunctionCode(TestCase): """ @@ -613,7 +635,7 @@ def test_return(self, parse_function_arguments_mock, self.assertEqual(arg, []) expected = '''#line 1 "test_suite_ut.function" -void test_func() +void test_func(void) { ba ba black sheep have you any wool @@ -656,7 +678,7 @@ def test_with_exit_label(self, parse_function_arguments_mock, expected = '''#line 1 "test_suite_ut.function" -void test_func() +void test_func(void) { ba ba black sheep have you any wool @@ -682,12 +704,12 @@ def test_non_void_function(self): @patch("generate_test_code.gen_dependencies") @patch("generate_test_code.gen_function_wrapper") @patch("generate_test_code.parse_function_arguments") - def test_functio_name_on_newline(self, parse_function_arguments_mock, - gen_function_wrapper_mock, - gen_dependencies_mock, - gen_dispatch_mock): + def test_function_name_on_newline(self, parse_function_arguments_mock, + gen_function_wrapper_mock, + gen_dependencies_mock, + gen_dispatch_mock): """ - Test when exit label is present. + Test with line break before the function name. :return: """ parse_function_arguments_mock.return_value = ([], '', []) @@ -716,7 +738,195 @@ def test_functio_name_on_newline(self, parse_function_arguments_mock, void -test_func() +test_func(void) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +''' + self.assertEqual(code, expected) + + @patch("generate_test_code.gen_dispatch") + @patch("generate_test_code.gen_dependencies") + @patch("generate_test_code.gen_function_wrapper") + @patch("generate_test_code.parse_function_arguments") + def test_case_starting_with_comment(self, parse_function_arguments_mock, + gen_function_wrapper_mock, + gen_dependencies_mock, + gen_dispatch_mock): + """ + Test with comments before the function signature + :return: + """ + parse_function_arguments_mock.return_value = ([], '', []) + gen_function_wrapper_mock.return_value = '' + gen_dependencies_mock.side_effect = gen_dependencies + gen_dispatch_mock.side_effect = gen_dispatch + data = '''/* comment */ +/* more + * comment */ +// this is\\ +still \\ +a comment +void func() +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +/* END_CASE */ +''' + stream = StringIOWrapper('test_suite_ut.function', data) + _, _, code, _ = parse_function_code(stream, [], []) + + expected = '''#line 1 "test_suite_ut.function" + + + + + + +void test_func(void) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +''' + self.assertEqual(code, expected) + + @patch("generate_test_code.gen_dispatch") + @patch("generate_test_code.gen_dependencies") + @patch("generate_test_code.gen_function_wrapper") + @patch("generate_test_code.parse_function_arguments") + def test_comment_in_prototype(self, parse_function_arguments_mock, + gen_function_wrapper_mock, + gen_dependencies_mock, + gen_dispatch_mock): + """ + Test with comments in the function prototype + :return: + """ + parse_function_arguments_mock.return_value = ([], '', []) + gen_function_wrapper_mock.return_value = '' + gen_dependencies_mock.side_effect = gen_dependencies + gen_dispatch_mock.side_effect = gen_dispatch + data = ''' +void func( int x, // (line \\ + comment) + int y /* lone closing parenthesis) */ ) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +/* END_CASE */ +''' + stream = StringIOWrapper('test_suite_ut.function', data) + _, _, code, _ = parse_function_code(stream, [], []) + + expected = '''#line 1 "test_suite_ut.function" + +void test_func( int x, + + int y ) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +''' + self.assertEqual(code, expected) + + @patch("generate_test_code.gen_dispatch") + @patch("generate_test_code.gen_dependencies") + @patch("generate_test_code.gen_function_wrapper") + @patch("generate_test_code.parse_function_arguments") + def test_line_comment_in_block_comment(self, parse_function_arguments_mock, + gen_function_wrapper_mock, + gen_dependencies_mock, + gen_dispatch_mock): + """ + Test with line comment in block comment. + :return: + """ + parse_function_arguments_mock.return_value = ([], '', []) + gen_function_wrapper_mock.return_value = '' + gen_dependencies_mock.side_effect = gen_dependencies + gen_dispatch_mock.side_effect = gen_dispatch + data = ''' +void func( int x /* // */ ) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +/* END_CASE */ +''' + stream = StringIOWrapper('test_suite_ut.function', data) + _, _, code, _ = parse_function_code(stream, [], []) + + expected = '''#line 1 "test_suite_ut.function" + +void test_func( int x ) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +''' + self.assertEqual(code, expected) + + @patch("generate_test_code.gen_dispatch") + @patch("generate_test_code.gen_dependencies") + @patch("generate_test_code.gen_function_wrapper") + @patch("generate_test_code.parse_function_arguments") + def test_block_comment_in_line_comment(self, parse_function_arguments_mock, + gen_function_wrapper_mock, + gen_dependencies_mock, + gen_dispatch_mock): + """ + Test with block comment in line comment. + :return: + """ + parse_function_arguments_mock.return_value = ([], '', []) + gen_function_wrapper_mock.return_value = '' + gen_dependencies_mock.side_effect = gen_dependencies + gen_dispatch_mock.side_effect = gen_dispatch + data = ''' +// /* +void func( int x ) +{ + ba ba black sheep + have you any wool +exit: + yes sir yes sir + 3 bags full +} +/* END_CASE */ +''' + stream = StringIOWrapper('test_suite_ut.function', data) + _, _, code, _ = parse_function_code(stream, [], []) + + expected = '''#line 1 "test_suite_ut.function" + + +void test_func( int x ) { ba ba black sheep have you any wool @@ -917,7 +1127,7 @@ def test_parsing(self): #if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_FS_IO) #line 13 "test_suite_ut.function" -void test_func1() +void test_func1(void) { exit: ; @@ -934,7 +1144,7 @@ def test_parsing(self): #if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_FS_IO) #line 19 "test_suite_ut.function" -void test_func2() +void test_func2(void) { exit: ; @@ -1076,29 +1286,33 @@ def test_parser(self): # List of (name, function_name, dependencies, args) tests = list(parse_test_data(stream)) test1, test2, test3, test4 = tests - self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1') - self.assertEqual(test1[1], 'dhm_do_dhm') - self.assertEqual(test1[2], []) - self.assertEqual(test1[3], ['10', '"23"', '10', '"5"']) - - self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2') - self.assertEqual(test2[1], 'dhm_do_dhm') - self.assertEqual(test2[2], []) - self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"', + self.assertEqual(test1[0], 3) + self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1') + self.assertEqual(test1[2], 'dhm_do_dhm') + self.assertEqual(test1[3], []) + self.assertEqual(test1[4], ['10', '"23"', '10', '"5"']) + + self.assertEqual(test2[0], 6) + self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2') + self.assertEqual(test2[2], 'dhm_do_dhm') + self.assertEqual(test2[3], []) + self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"', '10', '"9345098304850938450983409622"']) - self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3') - self.assertEqual(test3[1], 'dhm_do_dhm') - self.assertEqual(test3[2], []) - self.assertEqual(test3[3], ['10', + self.assertEqual(test3[0], 9) + self.assertEqual(test3[1], 'Diffie-Hellman full exchange #3') + self.assertEqual(test3[2], 'dhm_do_dhm') + self.assertEqual(test3[3], []) + self.assertEqual(test3[4], ['10', '"9345098382739712938719287391879381271"', '10', '"9345098792137312973297123912791271"']) - self.assertEqual(test4[0], 'Diffie-Hellman selftest') - self.assertEqual(test4[1], 'dhm_selftest') - self.assertEqual(test4[2], []) + self.assertEqual(test4[0], 12) + self.assertEqual(test4[1], 'Diffie-Hellman selftest') + self.assertEqual(test4[2], 'dhm_selftest') self.assertEqual(test4[3], []) + self.assertEqual(test4[4], []) def test_with_dependencies(self): """ @@ -1118,15 +1332,17 @@ def test_with_dependencies(self): # List of (name, function_name, dependencies, args) tests = list(parse_test_data(stream)) test1, test2 = tests - self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1') - self.assertEqual(test1[1], 'dhm_do_dhm') - self.assertEqual(test1[2], ['YAHOO']) - self.assertEqual(test1[3], ['10', '"23"', '10', '"5"']) - - self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2') - self.assertEqual(test2[1], 'dhm_do_dhm') - self.assertEqual(test2[2], []) - self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"', + self.assertEqual(test1[0], 4) + self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1') + self.assertEqual(test1[2], 'dhm_do_dhm') + self.assertEqual(test1[3], ['YAHOO']) + self.assertEqual(test1[4], ['10', '"23"', '10', '"5"']) + + self.assertEqual(test2[0], 7) + self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2') + self.assertEqual(test2[2], 'dhm_do_dhm') + self.assertEqual(test2[3], []) + self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"', '10', '"9345098304850938450983409622"']) def test_no_args(self): @@ -1147,7 +1363,7 @@ def test_no_args(self): stream = StringIOWrapper('test_suite_ut.function', data) err = None try: - for _, _, _, _ in parse_test_data(stream): + for _, _, _, _, _ in parse_test_data(stream): pass except GeneratorInputError as err: self.assertEqual(type(err), GeneratorInputError) @@ -1165,7 +1381,7 @@ def test_incomplete_data(self): stream = StringIOWrapper('test_suite_ut.function', data) err = None try: - for _, _, _, _ in parse_test_data(stream): + for _, _, _, _, _ in parse_test_data(stream): pass except GeneratorInputError as err: self.assertEqual(type(err), GeneratorInputError) diff --git a/third_party/mbedtls/repo/tests/scripts/test_psa_compliance.py b/third_party/mbedtls/repo/tests/scripts/test_psa_compliance.py index 3b5205ef68f..032d6cea818 100755 --- a/third_party/mbedtls/repo/tests/scripts/test_psa_compliance.py +++ b/third_party/mbedtls/repo/tests/scripts/test_psa_compliance.py @@ -1,26 +1,14 @@ #!/usr/bin/env python3 -"""Run the PSA Cryto API compliance test suite. +"""Run the PSA Crypto API compliance test suite. Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF, -then complie and run the test suite. The clone is stored at /psa-arch-tests. +then compile and run the test suite. The clone is stored at /psa-arch-tests. Known defects in either the test suite or mbedtls - identified by their test number - are ignored, while unexpected failures AND successes are reported as errors, to help keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import re @@ -50,7 +38,7 @@ # # Web URL: https://github.com/bensze01/psa-arch-tests/tree/fixes-for-mbedtls-2 PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git' -PSA_ARCH_TESTS_REF = 'fixes-for-mbedtls-2' +PSA_ARCH_TESTS_REF = 'fix-5735-2.28' #pylint: disable=too-many-branches,too-many-statements def main(): diff --git a/third_party/mbedtls/repo/tests/scripts/test_psa_constant_names.py b/third_party/mbedtls/repo/tests/scripts/test_psa_constant_names.py index 07c8ab2e979..6883e279faa 100755 --- a/third_party/mbedtls/repo/tests/scripts/test_psa_constant_names.py +++ b/third_party/mbedtls/repo/tests/scripts/test_psa_constant_names.py @@ -8,19 +8,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import namedtuple @@ -77,6 +65,22 @@ def normalize(expr: str) -> str: """ return re.sub(NORMALIZE_STRIP_RE, '', expr) +ALG_TRUNCATED_TO_SELF_RE = \ + re.compile(r'PSA_ALG_AEAD_WITH_SHORTENED_TAG\(' + r'PSA_ALG_(?:CCM|CHACHA20_POLY1305|GCM)' + r', *16\)\Z') + +def is_simplifiable(expr: str) -> bool: + """Determine whether an expression is simplifiable. + + Simplifiable expressions can't be output in their input form, since + the output will be the simple form. Therefore they must be excluded + from testing. + """ + if ALG_TRUNCATED_TO_SELF_RE.match(expr): + return True + return False + def collect_values(inputs: InputsForTest, type_word: str, include_path: Optional[str] = None, @@ -87,7 +91,9 @@ def collect_values(inputs: InputsForTest, value is a string representation of its integer value. """ names = inputs.get_names(type_word) - expressions = sorted(inputs.generate_expressions(names)) + expressions = sorted(expr + for expr in inputs.generate_expressions(names) + if not is_simplifiable(expr)) values = run_c(type_word, expressions, include_path=include_path, keep_c=keep_c) return expressions, values diff --git a/third_party/mbedtls/repo/tests/scripts/test_zeroize.gdb b/third_party/mbedtls/repo/tests/scripts/test_zeroize.gdb index 66c63040869..57f771f56ad 100644 --- a/third_party/mbedtls/repo/tests/scripts/test_zeroize.gdb +++ b/third_party/mbedtls/repo/tests/scripts/test_zeroize.gdb @@ -1,19 +1,7 @@ # test_zeroize.gdb # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/third_party/mbedtls/repo/tests/scripts/travis-log-failure.sh b/third_party/mbedtls/repo/tests/scripts/travis-log-failure.sh index 249b3f807b6..3daecf30df3 100755 --- a/third_party/mbedtls/repo/tests/scripts/travis-log-failure.sh +++ b/third_party/mbedtls/repo/tests/scripts/travis-log-failure.sh @@ -3,19 +3,7 @@ # travis-log-failure.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/third_party/mbedtls/repo/tests/src/asn1_helpers.c b/third_party/mbedtls/repo/tests/src/asn1_helpers.c index 79aa166ce6a..c8df1995e31 100644 --- a/third_party/mbedtls/repo/tests/src/asn1_helpers.c +++ b/third_party/mbedtls/repo/tests/src/asn1_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -27,48 +15,48 @@ #include -int mbedtls_test_asn1_skip_integer( unsigned char **p, const unsigned char *end, - size_t min_bits, size_t max_bits, - int must_be_odd ) +int mbedtls_test_asn1_skip_integer(unsigned char **p, const unsigned char *end, + size_t min_bits, size_t max_bits, + int must_be_odd) { size_t len; size_t actual_bits; unsigned char msb; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_INTEGER ), - 0 ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_INTEGER), + 0); /* Check if the retrieved length doesn't extend the actual buffer's size. * It is assumed here, that end >= p, which validates casting to size_t. */ - TEST_ASSERT( len <= (size_t)( end - *p) ); + TEST_ASSERT(len <= (size_t) (end - *p)); /* Tolerate a slight departure from DER encoding: * - 0 may be represented by an empty string or a 1-byte string. * - The sign bit may be used as a value bit. */ - if( ( len == 1 && ( *p )[0] == 0 ) || - ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) ) - { - ++( *p ); + if ((len == 1 && (*p)[0] == 0) || + (len > 1 && (*p)[0] == 0 && ((*p)[1] & 0x80) != 0)) { + ++(*p); --len; } - if( min_bits == 0 && len == 0 ) - return( 1 ); - msb = ( *p )[0]; - TEST_ASSERT( msb != 0 ); - actual_bits = 8 * ( len - 1 ); - while( msb != 0 ) - { + if (min_bits == 0 && len == 0) { + return 1; + } + msb = (*p)[0]; + TEST_ASSERT(msb != 0); + actual_bits = 8 * (len - 1); + while (msb != 0) { msb >>= 1; ++actual_bits; } - TEST_ASSERT( actual_bits >= min_bits ); - TEST_ASSERT( actual_bits <= max_bits ); - if( must_be_odd ) - TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 ); + TEST_ASSERT(actual_bits >= min_bits); + TEST_ASSERT(actual_bits <= max_bits); + if (must_be_odd) { + TEST_ASSERT(((*p)[len-1] & 1) != 0); + } *p += len; - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/hash.c b/third_party/mbedtls/repo/tests/src/drivers/hash.c index 0d59bee405d..e03e7f06bb3 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/hash.c +++ b/third_party/mbedtls/repo/tests/src/drivers/hash.c @@ -2,19 +2,7 @@ * Test driver for hash entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -38,28 +26,25 @@ mbedtls_test_driver_hash_hooks_t psa_status_t mbedtls_test_transparent_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, - uint8_t *hash, size_t hash_size, size_t *hash_length ) + uint8_t *hash, size_t hash_size, size_t *hash_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); + hash, hash_size, hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = mbedtls_psa_hash_compute( alg, input, input_length, - hash, hash_size, hash_length ); + hash, hash_size, hash_length); #else (void) alg; (void) input; @@ -71,29 +56,26 @@ psa_status_t mbedtls_test_transparent_hash_compute( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_setup( mbedtls_transparent_test_driver_hash_operation_t *operation, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_setup( operation, alg ); + libtestdriver1_mbedtls_psa_hash_setup(operation, alg); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_setup( operation, alg ); + mbedtls_psa_hash_setup(operation, alg); #else (void) operation; (void) alg; @@ -101,30 +83,27 @@ psa_status_t mbedtls_test_transparent_hash_setup( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_clone( const mbedtls_transparent_test_driver_hash_operation_t *source_operation, - mbedtls_transparent_test_driver_hash_operation_t *target_operation ) + mbedtls_transparent_test_driver_hash_operation_t *target_operation) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_clone( source_operation, - target_operation ); + libtestdriver1_mbedtls_psa_hash_clone(source_operation, + target_operation); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_clone( source_operation, target_operation ); + mbedtls_psa_hash_clone(source_operation, target_operation); #else (void) source_operation; (void) target_operation; @@ -132,31 +111,28 @@ psa_status_t mbedtls_test_transparent_hash_clone( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_update( mbedtls_transparent_test_driver_hash_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_update( - operation, input, input_length ); + operation, input, input_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_update( operation, input, input_length ); + mbedtls_psa_hash_update(operation, input, input_length); #else (void) operation; (void) input; @@ -165,32 +141,29 @@ psa_status_t mbedtls_test_transparent_hash_update( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_finish( mbedtls_transparent_test_driver_hash_operation_t *operation, uint8_t *hash, size_t hash_size, - size_t *hash_length ) + size_t *hash_length) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = libtestdriver1_mbedtls_psa_hash_finish( - operation, hash, hash_size, hash_length ); + operation, hash, hash_size, hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length ); + mbedtls_psa_hash_finish(operation, hash, hash_size, hash_length); #else (void) operation; (void) hash; @@ -200,34 +173,31 @@ psa_status_t mbedtls_test_transparent_hash_finish( #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } psa_status_t mbedtls_test_transparent_hash_abort( - mbedtls_transparent_test_driver_hash_operation_t *operation ) + mbedtls_transparent_test_driver_hash_operation_t *operation) { mbedtls_test_driver_hash_hooks.hits++; - if( mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_test_driver_hash_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_hash_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_hash_hooks.driver_status = + mbedtls_test_driver_hash_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - libtestdriver1_mbedtls_psa_hash_abort( operation ); + libtestdriver1_mbedtls_psa_hash_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) mbedtls_test_driver_hash_hooks.driver_status = - mbedtls_psa_hash_abort( operation ); + mbedtls_psa_hash_abort(operation); #else (void) operation; mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_hash_hooks.driver_status ); + return mbedtls_test_driver_hash_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/platform_builtin_keys.c b/third_party/mbedtls/repo/tests/src/drivers/platform_builtin_keys.c index 759fa78309d..bf399be7c42 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/platform_builtin_keys.c +++ b/third_party/mbedtls/repo/tests/src/drivers/platform_builtin_keys.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -27,8 +15,7 @@ #include #endif -typedef struct -{ +typedef struct { psa_key_id_t builtin_key_id; psa_key_lifetime_t lifetime; psa_drv_slot_number_t slot_number; @@ -40,52 +27,50 @@ static const mbedtls_psa_builtin_key_description_t builtin_keys[] = { * ECDSA can be exercised on key ID MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1. */ { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX - 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, { MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( - PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION ), - PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT}, + PSA_KEY_PERSISTENCE_READ_ONLY, PSA_CRYPTO_TEST_DRIVER_LOCATION), + PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT }, #else - {0, 0, 0} + { 0, 0, 0 } #endif }; psa_status_t mbedtls_psa_platform_get_builtin_key( mbedtls_svc_key_id_t key_id, psa_key_lifetime_t *lifetime, - psa_drv_slot_number_t *slot_number ) + psa_drv_slot_number_t *slot_number) { - psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ); + psa_key_id_t app_key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id); const mbedtls_psa_builtin_key_description_t *builtin_key; - for( size_t i = 0; - i < ( sizeof( builtin_keys ) / sizeof( builtin_keys[0] ) ); i++ ) - { + for (size_t i = 0; + i < (sizeof(builtin_keys) / sizeof(builtin_keys[0])); i++) { builtin_key = &builtin_keys[i]; - if( builtin_key->builtin_key_id == app_key_id ) - { + if (builtin_key->builtin_key_id == app_key_id) { *lifetime = builtin_key->lifetime; *slot_number = builtin_key->slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } } - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_aead.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_aead.c index 25396c92f5e..7135fb62b26 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_aead.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_aead.c @@ -2,19 +2,7 @@ * Test driver for AEAD entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -28,6 +16,10 @@ #include "test/drivers/aead.h" +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_aead.h" +#endif + mbedtls_test_driver_aead_hooks_t mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT; @@ -38,17 +30,26 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length ) + uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length) { mbedtls_test_driver_aead_hooks.hits++; - if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_aead_hooks.driver_status = - mbedtls_test_driver_aead_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + plaintext, plaintext_length, + ciphertext, ciphertext_size, ciphertext_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_encrypt( attributes, key_buffer, key_buffer_size, @@ -56,10 +57,25 @@ psa_status_t mbedtls_test_transparent_aead_encrypt( nonce, nonce_length, additional_data, additional_data_length, plaintext, plaintext_length, - ciphertext, ciphertext_size, ciphertext_length ); + ciphertext, ciphertext_size, ciphertext_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) plaintext; + (void) plaintext_length; + (void) ciphertext; + (void) ciphertext_size; + (void) ciphertext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } - - return( mbedtls_test_driver_aead_hooks.driver_status ); + return mbedtls_test_driver_aead_hooks.driver_status; } psa_status_t mbedtls_test_transparent_aead_decrypt( @@ -69,17 +85,26 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( const uint8_t *nonce, size_t nonce_length, const uint8_t *additional_data, size_t additional_data_length, const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length ) + uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length) { mbedtls_test_driver_aead_hooks.hits++; - if( mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_aead_hooks.driver_status = - mbedtls_test_driver_aead_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_aead_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_aead_hooks.driver_status = + mbedtls_test_driver_aead_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD) + mbedtls_test_driver_aead_hooks.driver_status = + libtestdriver1_mbedtls_psa_aead_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, + nonce, nonce_length, + additional_data, additional_data_length, + ciphertext, ciphertext_length, + plaintext, plaintext_size, plaintext_length); +#elif defined(MBEDTLS_PSA_BUILTIN_AEAD) mbedtls_test_driver_aead_hooks.driver_status = mbedtls_psa_aead_decrypt( attributes, key_buffer, key_buffer_size, @@ -87,10 +112,25 @@ psa_status_t mbedtls_test_transparent_aead_decrypt( nonce, nonce_length, additional_data, additional_data_length, ciphertext, ciphertext_length, - plaintext, plaintext_size, plaintext_length ); + plaintext, plaintext_size, plaintext_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) nonce; + (void) nonce_length; + (void) additional_data; + (void) additional_data_length; + (void) ciphertext; + (void) ciphertext_length; + (void) plaintext; + (void) plaintext_size; + (void) plaintext_length; + mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif } - - return( mbedtls_test_driver_aead_hooks.driver_status ); + return mbedtls_test_driver_aead_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_cipher.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_cipher.c index 30a8119aab2..ead5490621f 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_cipher.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_cipher.c @@ -3,19 +3,7 @@ * Currently only supports multi-part operations using AES-CTR. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -54,41 +42,42 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_encrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - alg, iv, iv_length, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt( - attributes, key_buffer, key_buffer_size, - alg, iv, iv_length, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_encrypt( + attributes, key_buffer, key_buffer_size, + alg, iv, iv_length, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_decrypt( @@ -100,41 +89,42 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt( size_t input_length, uint8_t *output, size_t output_size, - size_t *output_length ) + size_t *output_length) { - mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_decrypt( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt( - attributes, key_buffer, key_buffer_size, - alg, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_decrypt( + attributes, key_buffer, key_buffer_size, + alg, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( @@ -149,23 +139,24 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt_setup( * useful for the test suite, since it gives a chance of catching memory * corruption errors should the core not have allocated (enough) memory for * our context struct. */ - memset( operation, 0, sizeof( *operation ) ); + memset(operation, 0, sizeof(*operation)); - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup( - operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_length, alg ) ); + return libtestdriver1_mbedtls_psa_cipher_encrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_encrypt_setup( - operation, attributes, key, key_length, alg ) ); + return mbedtls_psa_cipher_encrypt_setup( + operation, attributes, key, key_length, alg); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( @@ -176,21 +167,22 @@ psa_status_t mbedtls_test_transparent_cipher_decrypt_setup( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup( - operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_length, alg ) ); + return libtestdriver1_mbedtls_psa_cipher_decrypt_setup( + operation, + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_length, alg); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_decrypt_setup( - operation, attributes, key, key_length, alg ) ); + return mbedtls_psa_cipher_decrypt_setup( + operation, attributes, key, key_length, alg); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_abort( @@ -198,23 +190,24 @@ psa_status_t mbedtls_test_transparent_cipher_abort( { mbedtls_test_driver_cipher_hooks.hits++; - if( operation->alg == 0 ) - return( PSA_SUCCESS ); + if (operation->alg == 0) { + return PSA_SUCCESS; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - libtestdriver1_mbedtls_psa_cipher_abort( operation ); + libtestdriver1_mbedtls_psa_cipher_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - mbedtls_psa_cipher_abort( operation ); + mbedtls_psa_cipher_abort(operation); #endif /* Wiping the entire struct here, instead of member-by-member. This is * useful for the test suite, since it gives a chance of catching memory * corruption errors should the core not have allocated (enough) memory for * our context struct. */ - memset( operation, 0, sizeof( *operation ) ); + memset(operation, 0, sizeof(*operation)); - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } psa_status_t mbedtls_test_transparent_cipher_set_iv( @@ -224,18 +217,19 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_set_iv( - operation, iv, iv_length ) ); + return libtestdriver1_mbedtls_psa_cipher_set_iv( + operation, iv, iv_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) ); + return mbedtls_psa_cipher_set_iv(operation, iv, iv_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_update( @@ -248,34 +242,35 @@ psa_status_t mbedtls_test_transparent_cipher_update( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_update( - operation, input, input_length, - output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_update( - operation, input, input_length, - output, output_size, output_length ) ); + return mbedtls_psa_cipher_update( + operation, input, input_length, + output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_cipher_finish( @@ -286,32 +281,33 @@ psa_status_t mbedtls_test_transparent_cipher_finish( { mbedtls_test_driver_cipher_hooks.hits++; - if( mbedtls_test_driver_cipher_hooks.forced_output != NULL ) - { - if( output_size < mbedtls_test_driver_cipher_hooks.forced_output_length ) + if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( output, - mbedtls_test_driver_cipher_hooks.forced_output, - mbedtls_test_driver_cipher_hooks.forced_output_length ); + memcpy(output, + mbedtls_test_driver_cipher_hooks.forced_output, + mbedtls_test_driver_cipher_hooks.forced_output_length); *output_length = mbedtls_test_driver_cipher_hooks.forced_output_length; - return( mbedtls_test_driver_cipher_hooks.forced_status ); + return mbedtls_test_driver_cipher_hooks.forced_status; } - if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_cipher_hooks.forced_status ); + if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) - return( libtestdriver1_mbedtls_psa_cipher_finish( - operation, output, output_size, output_length ) ); + return libtestdriver1_mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); #elif defined(MBEDTLS_PSA_BUILTIN_CIPHER) - return( mbedtls_psa_cipher_finish( - operation, output, output_size, output_length ) ); + return mbedtls_psa_cipher_finish( + operation, output, output_size, output_length); #endif - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /* @@ -336,7 +332,7 @@ psa_status_t mbedtls_test_opaque_cipher_encrypt( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_decrypt( @@ -355,7 +351,7 @@ psa_status_t mbedtls_test_opaque_cipher_decrypt( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( @@ -369,7 +365,7 @@ psa_status_t mbedtls_test_opaque_cipher_encrypt_setup( (void) key; (void) key_length; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( @@ -383,14 +379,14 @@ psa_status_t mbedtls_test_opaque_cipher_decrypt_setup( (void) key; (void) key_length; (void) alg; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_abort( - mbedtls_opaque_test_driver_cipher_operation_t *operation ) + mbedtls_opaque_test_driver_cipher_operation_t *operation) { (void) operation; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_set_iv( @@ -401,7 +397,7 @@ psa_status_t mbedtls_test_opaque_cipher_set_iv( (void) operation; (void) iv; (void) iv_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_update( @@ -418,7 +414,7 @@ psa_status_t mbedtls_test_opaque_cipher_update( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_cipher_finish( @@ -431,6 +427,6 @@ psa_status_t mbedtls_test_opaque_cipher_finish( (void) output; (void) output_size; (void) output_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_key_management.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_key_management.c index 029fcdd9aa8..4d06d23b839 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_key_management.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_key_management.c @@ -3,19 +3,7 @@ * Currently only supports generating and verifying ECC keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -33,6 +21,8 @@ #include "mbedtls/error.h" #include "test/drivers/key_management.h" +#include "test/drivers/test_driver.h" + #include "test/random.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) @@ -46,116 +36,115 @@ mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks = MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT; const uint8_t mbedtls_test_driver_aes_key[16] = - { 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, - 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; +{ 0x36, 0x77, 0x39, 0x7A, 0x24, 0x43, 0x26, 0x46, + 0x29, 0x4A, 0x40, 0x4E, 0x63, 0x52, 0x66, 0x55 }; const uint8_t mbedtls_test_driver_ecdsa_key[32] = - { 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, - 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, - 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, - 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; +{ 0xdc, 0x7d, 0x9d, 0x26, 0xd6, 0x7a, 0x4f, 0x63, + 0x2c, 0x34, 0xc2, 0xdc, 0x0b, 0x69, 0x86, 0x18, + 0x38, 0x82, 0xc2, 0x06, 0xdf, 0x04, 0xcd, 0xb7, + 0xd6, 0x9a, 0xab, 0xe2, 0x8b, 0xe4, 0xf8, 0x1a }; const uint8_t mbedtls_test_driver_ecdsa_pubkey[65] = - { 0x04, - 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, - 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, - 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, - 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, - 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, - 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, - 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, - 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; - -psa_status_t mbedtls_test_transparent_init( void ) +{ 0x04, + 0x85, 0xf6, 0x4d, 0x89, 0xf0, 0x0b, 0xe6, 0x6c, + 0x88, 0xdd, 0x93, 0x7e, 0xfd, 0x6d, 0x7c, 0x44, + 0x56, 0x48, 0xdc, 0xb7, 0x01, 0x15, 0x0b, 0x8a, + 0x95, 0x09, 0x29, 0x58, 0x50, 0xf4, 0x1c, 0x19, + 0x31, 0xe5, 0x71, 0xfb, 0x8f, 0x8c, 0x78, 0x31, + 0x7a, 0x20, 0xb3, 0x80, 0xe8, 0x66, 0x58, 0x4b, + 0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79, + 0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c }; + +psa_status_t mbedtls_test_transparent_init(void) { -psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) - status = libtestdriver1_psa_crypto_init( ); - if( status != PSA_SUCCESS ) - return( status ); + status = libtestdriver1_psa_crypto_init(); + if (status != PSA_SUCCESS) { + return status; + } #endif - (void)status; - return( PSA_SUCCESS ); + (void) status; + return PSA_SUCCESS; } -void mbedtls_test_transparent_free( void ) +void mbedtls_test_transparent_free(void) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) - libtestdriver1_mbedtls_psa_crypto_free( ); + libtestdriver1_mbedtls_psa_crypto_free(); #endif return; } -psa_status_t mbedtls_test_opaque_init( void ) +psa_status_t mbedtls_test_opaque_init(void) { - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -void mbedtls_test_opaque_free( void ) +void mbedtls_test_opaque_free(void) { return; } psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) + uint8_t *key, size_t key_size, size_t *key_length) { ++mbedtls_test_driver_key_management_hooks.hits; - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_key_management_hooks.forced_output_length > - key_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( key, mbedtls_test_driver_key_management_hooks.forced_output, - mbedtls_test_driver_key_management_hooks.forced_output_length ); + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + key_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(key, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); *key_length = mbedtls_test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) ) - && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { + if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes)) + && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - return( libtestdriver1_mbedtls_psa_ecp_generate_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_size, key_length ) ); + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) + return libtestdriver1_mbedtls_psa_ecp_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) - return( mbedtls_psa_ecp_generate_key( - attributes, key, key_size, key_length ) ); + return mbedtls_psa_ecp_generate_key( + attributes, key, key_size, key_length); #endif - } - else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { + } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - return( libtestdriver1_mbedtls_psa_rsa_generate_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key, key_size, key_length ) ); + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + return libtestdriver1_mbedtls_psa_rsa_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - return( mbedtls_psa_rsa_generate_key( - attributes, key, key_size, key_length ) ); + return mbedtls_psa_rsa_generate_key( + attributes, key, key_size, key_length); #endif } - (void)attributes; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_generate_key( const psa_key_attributes_t *attributes, - uint8_t *key, size_t key_size, size_t *key_length ) + uint8_t *key, size_t key_size, size_t *key_length) { (void) attributes; (void) key; (void) key_size; (void) key_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_import_key( @@ -167,230 +156,237 @@ psa_status_t mbedtls_test_transparent_import_key( size_t *key_buffer_length, size_t *bits) { - ++mbedtls_test_driver_key_management_hooks.hits; + psa_key_type_t type = psa_get_key_type(attributes); - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + ++mbedtls_test_driver_key_management_hooks.hits; + mbedtls_test_driver_key_management_hooks.location = PSA_KEY_LOCATION_LOCAL_STORAGE; - psa_key_type_t type = psa_get_key_type( attributes ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( PSA_KEY_TYPE_IS_ECC( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_ecp_import_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #endif - } - else if( PSA_KEY_TYPE_IS_RSA( type ) ) - { + } else if (PSA_KEY_TYPE_IS_RSA(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_rsa_import_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_import_key( - attributes, - data, data_length, - key_buffer, key_buffer_size, - key_buffer_length, bits ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #endif } - (void)data; - (void)data_length; - (void)key_buffer; - (void)key_buffer_size; - (void)key_buffer_length; - (void)bits; - (void)type; + (void) data; + (void) data_length; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + (void) bits; + (void) type; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_export_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) - { + /* Assume this is a builtin key based on the key material length. */ + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); + + if (key_length != sizeof(psa_drv_slot_number_t)) { /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } - /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - - switch( slot_number ) - { + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: /* This is the ECDSA slot. Verify the key's attributes before * returning the private key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_ecdsa_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_ecdsa_key, - sizeof( mbedtls_test_driver_ecdsa_key ) ); - *data_length = sizeof( mbedtls_test_driver_ecdsa_key ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_key, + sizeof(mbedtls_test_driver_ecdsa_key)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_key); + return PSA_SUCCESS; case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: /* This is the AES slot. Verify the key's attributes before * returning the key. */ - if( psa_get_key_type( attributes ) != PSA_KEY_TYPE_AES ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 128 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != PSA_ALG_CTR ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( ( psa_get_key_usage_flags( attributes ) & - PSA_KEY_USAGE_EXPORT ) == 0 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_aes_key ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_aes_key, - sizeof( mbedtls_test_driver_aes_key ) ); - *data_length = sizeof( mbedtls_test_driver_aes_key ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != PSA_KEY_TYPE_AES) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 128) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != PSA_ALG_CTR) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if ((psa_get_key_usage_flags(attributes) & + PSA_KEY_USAGE_EXPORT) == 0) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_aes_key)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_aes_key, + sizeof(mbedtls_test_driver_aes_key)); + *data_length = sizeof(mbedtls_test_driver_aes_key); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } psa_status_t mbedtls_test_transparent_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { ++mbedtls_test_driver_key_management_hooks.hits; - if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_key_management_hooks.forced_status ); + if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_key_management_hooks.forced_status; + } - if( mbedtls_test_driver_key_management_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_key_management_hooks.forced_output_length > - data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( data, mbedtls_test_driver_key_management_hooks.forced_output, - mbedtls_test_driver_key_management_hooks.forced_output_length ); + if (mbedtls_test_driver_key_management_hooks.forced_output != NULL) { + if (mbedtls_test_driver_key_management_hooks.forced_output_length > + data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, mbedtls_test_driver_key_management_hooks.forced_output, + mbedtls_test_driver_key_management_hooks.forced_output_length); *data_length = mbedtls_test_driver_key_management_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - psa_key_type_t key_type = psa_get_key_type( attributes ); + psa_key_type_t key_type = psa_get_key_type(attributes); - if( PSA_KEY_TYPE_IS_ECC( key_type ) ) - { + if (PSA_KEY_TYPE_IS_ECC(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_ecp_export_public_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ecp_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return( mbedtls_psa_ecp_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #endif - } - else if( PSA_KEY_TYPE_IS_RSA( key_type ) ) - { + } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) ) - return( libtestdriver1_mbedtls_psa_rsa_export_public_key( - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_rsa_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return( mbedtls_psa_rsa_export_public_key( - attributes, - key_buffer, key_buffer_size, - data, data_size, data_length ) ); + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #endif } - (void)key_buffer; - (void)key_buffer_size; - (void)key_type; + (void) key_buffer; + (void) key_buffer_size; + (void) key_type; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_opaque_export_public_key( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, - uint8_t *data, size_t data_size, size_t *data_length ) + uint8_t *data, size_t data_size, size_t *data_length) { - if( key_length != sizeof( psa_drv_slot_number_t ) ) - { + if (key_length != sizeof(psa_drv_slot_number_t)) { /* Test driver does not support generic opaque key handling yet. */ - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } /* Assume this is a builtin key based on the key material length. */ - psa_drv_slot_number_t slot_number = *( ( psa_drv_slot_number_t* ) key ); - switch( slot_number ) - { + psa_drv_slot_number_t slot_number = *((psa_drv_slot_number_t *) key); + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: /* This is the ECDSA slot. Verify the key's attributes before * returning the public key. */ - if( psa_get_key_type( attributes ) != - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_bits( attributes ) != 256 ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - if( psa_get_key_algorithm( attributes ) != - PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ) - return( PSA_ERROR_CORRUPTION_DETECTED ); - - if( data_size < sizeof( mbedtls_test_driver_ecdsa_pubkey ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - memcpy( data, mbedtls_test_driver_ecdsa_pubkey, - sizeof( mbedtls_test_driver_ecdsa_pubkey ) ); - *data_length = sizeof( mbedtls_test_driver_ecdsa_pubkey ); - return( PSA_SUCCESS ); + if (psa_get_key_type(attributes) != + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_bits(attributes) != 256) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + if (psa_get_key_algorithm(attributes) != + PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + return PSA_ERROR_CORRUPTION_DETECTED; + } + + if (data_size < sizeof(mbedtls_test_driver_ecdsa_pubkey)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(data, mbedtls_test_driver_ecdsa_pubkey, + sizeof(mbedtls_test_driver_ecdsa_pubkey)); + *data_length = sizeof(mbedtls_test_driver_ecdsa_pubkey); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } @@ -407,49 +403,50 @@ psa_status_t mbedtls_test_opaque_export_public_key( psa_status_t mbedtls_test_opaque_get_builtin_key( psa_drv_slot_number_t slot_number, psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) { - switch( slot_number ) - { + switch (slot_number) { case PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT: - psa_set_key_type( attributes, PSA_KEY_TYPE_AES ); - psa_set_key_bits( attributes, 128 ); + psa_set_key_type(attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(attributes, 128); psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( attributes, PSA_ALG_CTR ); + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(attributes, PSA_ALG_CTR); - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - *( (psa_drv_slot_number_t*) key_buffer ) = + *((psa_drv_slot_number_t *) key_buffer) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_AES_KEY_SLOT; - *key_buffer_length = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; case PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT: psa_set_key_type( attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_bits( attributes, 256 ); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(attributes, 256); psa_set_key_usage_flags( attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_EXPORT ); + PSA_KEY_USAGE_EXPORT); psa_set_key_algorithm( - attributes, PSA_ALG_ECDSA( PSA_ALG_ANY_HASH ) ); + attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); - if( key_buffer_size < sizeof( psa_drv_slot_number_t ) ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (key_buffer_size < sizeof(psa_drv_slot_number_t)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - *( (psa_drv_slot_number_t*) key_buffer ) = + *((psa_drv_slot_number_t *) key_buffer) = PSA_CRYPTO_TEST_DRIVER_BUILTIN_ECDSA_KEY_SLOT; - *key_buffer_length = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); + *key_buffer_length = sizeof(psa_drv_slot_number_t); + return PSA_SUCCESS; default: - return( PSA_ERROR_DOES_NOT_EXIST ); + return PSA_ERROR_DOES_NOT_EXIST; } } diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_mac.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_mac.c index 06b6eb77ab7..8e3185dd646 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_mac.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_mac.c @@ -2,19 +2,7 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -44,31 +32,28 @@ psa_status_t mbedtls_test_transparent_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_compute( - (const libtestdriver1_psa_key_attributes_t *)attributes, + (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_compute( attributes, key_buffer, key_buffer_size, alg, input, input_length, - mac, mac_size, mac_length ); + mac, mac_size, mac_length); #else (void) attributes; (void) key_buffer; @@ -83,7 +68,7 @@ psa_status_t mbedtls_test_transparent_mac_compute( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_sign_setup( @@ -91,28 +76,25 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_setup( operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, alg ); + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, attributes, key_buffer, key_buffer_size, alg); #else (void) operation; (void) attributes; @@ -123,7 +105,7 @@ psa_status_t mbedtls_test_transparent_mac_sign_setup( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_verify_setup( @@ -131,28 +113,25 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_setup( operation, - (const libtestdriver1_psa_key_attributes_t *)attributes, - key_buffer, key_buffer_size, alg ); + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, alg); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_setup( - operation, attributes, key_buffer, key_buffer_size, alg ); + operation, attributes, key_buffer, key_buffer_size, alg); #else (void) operation; (void) attributes; @@ -163,32 +142,29 @@ psa_status_t mbedtls_test_transparent_mac_verify_setup( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_update( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_update( - operation, input, input_length ); + operation, input, input_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_update( - operation, input, input_length ); + operation, input, input_length); #else (void) operation; (void) input; @@ -197,33 +173,30 @@ psa_status_t mbedtls_test_transparent_mac_update( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_sign_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_sign_finish( - operation, mac, mac_size, mac_length ); + operation, mac, mac_size, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_sign_finish( - operation, mac, mac_size, mac_length ); + operation, mac, mac_size, mac_length); #else (void) operation; (void) mac; @@ -233,32 +206,29 @@ psa_status_t mbedtls_test_transparent_mac_sign_finish( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_verify_finish( mbedtls_transparent_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = libtestdriver1_mbedtls_psa_mac_verify_finish( - operation, mac, mac_length ); + operation, mac, mac_length); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = mbedtls_psa_mac_verify_finish( - operation, mac, mac_length ); + operation, mac, mac_length); #else (void) operation; (void) mac; @@ -267,35 +237,32 @@ psa_status_t mbedtls_test_transparent_mac_verify_finish( #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_transparent_mac_abort( - mbedtls_transparent_test_driver_mac_operation_t *operation ) + mbedtls_transparent_test_driver_mac_operation_t *operation) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = - libtestdriver1_mbedtls_psa_mac_abort( operation ); + libtestdriver1_mbedtls_psa_mac_abort(operation); #elif defined(MBEDTLS_PSA_BUILTIN_MAC) mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_psa_mac_abort( operation ); + mbedtls_psa_mac_abort(operation); #else (void) operation; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; #endif } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_compute( @@ -307,17 +274,14 @@ psa_status_t mbedtls_test_opaque_mac_compute( size_t input_length, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) attributes; (void) key_buffer; (void) key_buffer_size; @@ -330,7 +294,7 @@ psa_status_t mbedtls_test_opaque_mac_compute( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_sign_setup( @@ -338,17 +302,14 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) attributes; (void) key_buffer; @@ -357,7 +318,7 @@ psa_status_t mbedtls_test_opaque_mac_sign_setup( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_verify_setup( @@ -365,17 +326,14 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg ) + psa_algorithm_t alg) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) attributes; (void) key_buffer; @@ -384,47 +342,41 @@ psa_status_t mbedtls_test_opaque_mac_verify_setup( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_update( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *input, - size_t input_length ) + size_t input_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) input; (void) input_length; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, uint8_t *mac, size_t mac_size, - size_t *mac_length ) + size_t *mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) mac; (void) mac_size; @@ -432,49 +384,43 @@ psa_status_t mbedtls_test_opaque_mac_sign_finish( mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_verify_finish( mbedtls_opaque_test_driver_mac_operation_t *operation, const uint8_t *mac, - size_t mac_length ) + size_t mac_length) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; (void) mac; (void) mac_length; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } psa_status_t mbedtls_test_opaque_mac_abort( - mbedtls_opaque_test_driver_mac_operation_t *operation ) + mbedtls_opaque_test_driver_mac_operation_t *operation) { mbedtls_test_driver_mac_hooks.hits++; - if( mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS ) - { - mbedtls_test_driver_mac_hooks.driver_status = - mbedtls_test_driver_mac_hooks.forced_status; - } - else - { + if (mbedtls_test_driver_mac_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_mac_hooks.driver_status = + mbedtls_test_driver_mac_hooks.forced_status; + } else { (void) operation; mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; } - return( mbedtls_test_driver_mac_hooks.driver_status ); + return mbedtls_test_driver_mac_hooks.driver_status; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_signature.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_signature.c index 3de43a8adec..f56356466e0 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_signature.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_signature.c @@ -4,19 +4,7 @@ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -64,72 +52,63 @@ psa_status_t sign_hash( size_t hash_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { - if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) - return( libtestdriver1_mbedtls_psa_rsa_sign_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) - return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_sign_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_sign_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_sign_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); #endif - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_size; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t verify_hash( @@ -140,71 +119,62 @@ psa_status_t verify_hash( const uint8_t *hash, size_t hash_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { - if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) - { - if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) || - PSA_ALG_IS_RSA_PSS( alg) ) - { + if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) { + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || + PSA_ALG_IS_RSA_PSS(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ) - return( libtestdriver1_mbedtls_psa_rsa_verify_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)) + return libtestdriver1_mbedtls_psa_rsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - return( mbedtls_psa_rsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + return mbedtls_psa_rsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif + } else { + return PSA_ERROR_INVALID_ARGUMENT; } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); - } - } - else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) ) - { - if( PSA_ALG_IS_ECDSA( alg ) ) - { + } else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + if (PSA_ALG_IS_ECDSA(alg)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ) - return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash( - (const libtestdriver1_psa_key_attributes_t *) attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) + return libtestdriver1_mbedtls_psa_ecdsa_verify_hash( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - return( mbedtls_psa_ecdsa_verify_hash( - attributes, - key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + return mbedtls_psa_ecdsa_verify_hash( + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); #endif - } - else - { - return( PSA_ERROR_INVALID_ARGUMENT ); + } else { + return PSA_ERROR_INVALID_ARGUMENT; } } - (void)attributes; - (void)key_buffer; - (void)key_buffer_size; - (void)alg; - (void)hash; - (void)hash_length; - (void)signature; - (void)signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_sign_message( @@ -216,7 +186,7 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t hash_length; @@ -224,41 +194,43 @@ psa_status_t mbedtls_test_transparent_signature_sign_message( ++mbedtls_test_driver_signature_sign_hooks.hits; - if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } - if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } - memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, - mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) status = mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #else (void) input; (void) input_length; status = PSA_ERROR_NOT_SUPPORTED; #endif - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } - return( sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } psa_status_t mbedtls_test_opaque_signature_sign_message( @@ -270,7 +242,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( size_t input_length, uint8_t *signature, size_t signature_size, - size_t *signature_length ) + size_t *signature_length) { (void) attributes; (void) key; @@ -282,7 +254,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_message( (void) signature_size; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_verify_message( @@ -293,7 +265,7 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t hash_length; @@ -301,29 +273,31 @@ psa_status_t mbedtls_test_transparent_signature_verify_message( ++mbedtls_test_driver_signature_verify_hooks.hits; - if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH) status = libtestdriver1_mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #elif defined(MBEDTLS_PSA_BUILTIN_HASH) status = mbedtls_psa_hash_compute( - PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, - hash, sizeof( hash ), &hash_length ); + PSA_ALG_SIGN_GET_HASH(alg), input, input_length, + hash, sizeof(hash), &hash_length); #else (void) input; (void) input_length; status = PSA_ERROR_NOT_SUPPORTED; #endif - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { return status; + } - return( verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ) ); + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } psa_status_t mbedtls_test_opaque_signature_verify_message( @@ -334,7 +308,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( const uint8_t *input, size_t input_length, const uint8_t *signature, - size_t signature_length ) + size_t signature_length) { (void) attributes; (void) key; @@ -345,7 +319,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_message( (void) signature; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_sign_hash( @@ -353,26 +327,27 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { ++mbedtls_test_driver_signature_sign_hooks.hits; - if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + if (mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_sign_hooks.forced_status; + } - if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, - mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + if (mbedtls_test_driver_signature_sign_hooks.forced_output != NULL) { + if (mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length); *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } - return( sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_size, signature_length ) ); + return sign_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length); } psa_status_t mbedtls_test_opaque_signature_sign_hash( @@ -380,7 +355,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_hash( const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + uint8_t *signature, size_t signature_size, size_t *signature_length) { (void) attributes; (void) key; @@ -392,7 +367,7 @@ psa_status_t mbedtls_test_opaque_signature_sign_hash( (void) signature_size; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_test_transparent_signature_verify_hash( @@ -400,16 +375,17 @@ psa_status_t mbedtls_test_transparent_signature_verify_hash( const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { ++mbedtls_test_driver_signature_verify_hooks.hits; - if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + if (mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS) { + return mbedtls_test_driver_signature_verify_hooks.forced_status; + } - return verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, - signature, signature_length ); + return verify_hash(attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length); } psa_status_t mbedtls_test_opaque_signature_verify_hash( @@ -417,7 +393,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( const uint8_t *key, size_t key_length, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) + const uint8_t *signature, size_t signature_length) { (void) attributes; (void) key; @@ -427,7 +403,7 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( (void) hash_length; (void) signature; (void) signature_length; - return( PSA_ERROR_NOT_SUPPORTED ); + return PSA_ERROR_NOT_SUPPORTED; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/drivers/test_driver_size.c b/third_party/mbedtls/repo/tests/src/drivers/test_driver_size.c index d8bcaee3816..1cdc9d7d563 100644 --- a/third_party/mbedtls/repo/tests/src/drivers/test_driver_size.c +++ b/third_party/mbedtls/repo/tests/src/drivers/test_driver_size.c @@ -3,19 +3,7 @@ * Only used by opaque drivers. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if !defined(MBEDTLS_CONFIG_FILE) @@ -37,7 +25,7 @@ typedef struct { * This macro returns the base size for the key context. It is the size of the * driver specific information stored in each key context. */ -#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof( test_driver_key_context_t ) +#define TEST_DRIVER_KEY_CONTEXT_BASE_SIZE sizeof(test_driver_key_context_t) /* * Number of bytes included in every key context for a key pair. @@ -70,32 +58,27 @@ typedef struct { size_t mbedtls_test_size_function( const psa_key_type_t key_type, - const size_t key_bits ) + const size_t key_bits) { size_t key_buffer_size = 0; - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) ) - { + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type)) { int public_key_overhead = - ( ( TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1 ) - ? PSA_EXPORT_KEY_OUTPUT_SIZE( key_type, key_bits ) : 0 ); + ((TEST_DRIVER_KEY_CONTEXT_STORE_PUBLIC_KEY == 1) + ? PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) : 0); key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE + public_key_overhead; - } - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( key_type ) ) - { + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + TEST_DRIVER_KEY_CONTEXT_PUBLIC_KEY_SIZE; - } - else if ( !PSA_KEY_TYPE_IS_KEY_PAIR( key_type ) && - !PSA_KEY_TYPE_IS_PUBLIC_KEY ( key_type ) ) - { + } else if (!PSA_KEY_TYPE_IS_KEY_PAIR(key_type) && + !PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { key_buffer_size = TEST_DRIVER_KEY_CONTEXT_BASE_SIZE + - ( TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * - ( ( key_bits + 7 ) / 8 ) ); + (TEST_DRIVER_KEY_CONTEXT_SYMMETRIC_FACTOR * + ((key_bits + 7) / 8)); } - return( key_buffer_size ); + return key_buffer_size; } #endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ diff --git a/third_party/mbedtls/repo/tests/src/external_timing/external_timing_for_test.c b/third_party/mbedtls/repo/tests/src/external_timing/external_timing_for_test.c new file mode 100644 index 00000000000..4293dc81962 --- /dev/null +++ b/third_party/mbedtls/repo/tests/src/external_timing/external_timing_for_test.c @@ -0,0 +1,339 @@ +/** \file external_timing_for_test.c + * + * \brief Helper functions to test an alternate timing implementation. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include +#if defined(MBEDTLS_TIMING_ALT) + +#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ + !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ + !defined(__HAIKU__) && !defined(__midipix__) +#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h" +#endif + +/* *INDENT-OFF* */ +#ifndef asm +#define asm __asm +#endif +/* *INDENT-ON* */ + +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + +#include +#include + +struct _hr_time { + LARGE_INTEGER start; +}; + +#else + +#include +#include +#include +/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the + * platform matches the ifdefs above, it will be used. */ +#include +#include +struct _hr_time { + struct timeval start; +}; +#endif /* _WIN32 && !EFIX64 && !EFI32 */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long tsc; + __asm rdtsc + __asm mov[tsc], eax + return tsc; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */ + +/* some versions of mingw-64 have 32-bit longs even on x84_64 */ +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && (defined(__i386__) || ( \ + (defined(__amd64__) || defined(__x86_64__)) && __SIZEOF_LONG__ == 4)) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long lo, hi; + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __i386__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__)) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long lo, hi; + asm volatile ("rdtsc" : "=a" (lo), "=d" (hi)); + return lo | (hi << 32); +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && ( __amd64__ || __x86_64__ ) */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__)) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long tbl, tbu0, tbu1; + + do { + asm volatile ("mftbu %0" : "=r" (tbu0)); + asm volatile ("mftb %0" : "=r" (tbl)); + asm volatile ("mftbu %0" : "=r" (tbu1)); + } while (tbu0 != tbu1); + + return tbl; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && ( __powerpc__ || __ppc__ ) */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc64__) + +#if defined(__OpenBSD__) +#warning OpenBSD does not allow access to tick register using software version instead +#else +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long tick; + asm volatile ("rdpr %%tick, %0;" : "=&r" (tick)); + return tick; +} +#endif /* __OpenBSD__ */ +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __sparc64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long tick; + asm volatile (".byte 0x83, 0x41, 0x00, 0x00"); + asm volatile ("mov %%g1, %0" : "=r" (tick)); + return tick; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __sparc__ && !__sparc64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__alpha__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long cc; + asm volatile ("rpcc %0" : "=r" (cc)); + return cc & 0xFFFFFFFF; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __alpha__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(__ia64__) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + unsigned long itc; + asm volatile ("mov %0 = ar.itc" : "=r" (itc)); + return itc; +} +#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && + __GNUC__ && __ia64__ */ + +#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \ + !defined(EFIX64) && !defined(EFI32) + +#define HAVE_HARDCLOCK + +unsigned long mbedtls_timing_hardclock(void) +{ + LARGE_INTEGER offset; + + QueryPerformanceCounter(&offset); + + return (unsigned long) (offset.QuadPart); +} +#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ + +#if !defined(HAVE_HARDCLOCK) + +#define HAVE_HARDCLOCK + +static int hardclock_init = 0; +static struct timeval tv_init; + +unsigned long mbedtls_timing_hardclock(void) +{ + struct timeval tv_cur; + + if (hardclock_init == 0) { + gettimeofday(&tv_init, NULL); + hardclock_init = 1; + } + + gettimeofday(&tv_cur, NULL); + return (tv_cur.tv_sec - tv_init.tv_sec) * 1000000U + + (tv_cur.tv_usec - tv_init.tv_usec); +} +#endif /* !HAVE_HARDCLOCK */ + +volatile int mbedtls_timing_alarmed = 0; + +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) +{ + struct _hr_time *t = (struct _hr_time *) val; + + if (reset) { + QueryPerformanceCounter(&t->start); + return 0; + } else { + unsigned long delta; + LARGE_INTEGER now, hfreq; + QueryPerformanceCounter(&now); + QueryPerformanceFrequency(&hfreq); + delta = (unsigned long) ((now.QuadPart - t->start.QuadPart) * 1000ul + / hfreq.QuadPart); + return delta; + } +} + +/* It's OK to use a global because alarm() is supposed to be global anyway */ +static DWORD alarmMs; + +static void TimerProc(void *TimerContext) +{ + (void) TimerContext; + Sleep(alarmMs); + mbedtls_timing_alarmed = 1; + /* _endthread will be called implicitly on return + * That ensures execution of thread function's epilogue */ +} + +void mbedtls_set_alarm(int seconds) +{ + if (seconds == 0) { + /* No need to create a thread for this simple case. + * Also, this shorcut is more reliable at least on MinGW32 */ + mbedtls_timing_alarmed = 1; + return; + } + + mbedtls_timing_alarmed = 0; + alarmMs = seconds * 1000; + (void) _beginthread(TimerProc, 0, NULL); +} + +#else /* _WIN32 && !EFIX64 && !EFI32 */ + +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset) +{ + struct _hr_time *t = (struct _hr_time *) val; + + if (reset) { + gettimeofday(&t->start, NULL); + return 0; + } else { + unsigned long delta; + struct timeval now; + gettimeofday(&now, NULL); + delta = (now.tv_sec - t->start.tv_sec) * 1000ul + + (now.tv_usec - t->start.tv_usec) / 1000; + return delta; + } +} + +static void sighandler(int signum) +{ + mbedtls_timing_alarmed = 1; + signal(signum, sighandler); +} + +void mbedtls_set_alarm(int seconds) +{ + mbedtls_timing_alarmed = 0; + signal(SIGALRM, sighandler); + alarm(seconds); + if (seconds == 0) { + /* alarm(0) cancelled any previous pending alarm, but the + handler won't fire, so raise the flag straight away. */ + mbedtls_timing_alarmed = 1; + } +} + +#endif /* _WIN32 && !EFIX64 && !EFI32 */ + +/* + * Set delays to watch + */ +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms) +{ + mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; + + ctx->int_ms = int_ms; + ctx->fin_ms = fin_ms; + + if (fin_ms != 0) { + (void) mbedtls_timing_get_timer(&ctx->timer, 1); + } +} + +/* + * Get number of delays expired + */ +int mbedtls_timing_get_delay(void *data) +{ + mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data; + unsigned long elapsed_ms; + + if (ctx->fin_ms == 0) { + return -1; + } + + elapsed_ms = mbedtls_timing_get_timer(&ctx->timer, 0); + + if (elapsed_ms >= ctx->fin_ms) { + return 2; + } + + if (elapsed_ms >= ctx->int_ms) { + return 1; + } + + return 0; +} + +#endif /* MBEDTLS_TIMING_ALT */ diff --git a/third_party/mbedtls/repo/tests/src/external_timing/timing_alt.h b/third_party/mbedtls/repo/tests/src/external_timing/timing_alt.h new file mode 100644 index 00000000000..09e4966b247 --- /dev/null +++ b/third_party/mbedtls/repo/tests/src/external_timing/timing_alt.h @@ -0,0 +1,118 @@ +/* + * Copy of the internal MbedTLS timing implementation, to be used in tests. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef EXTERNAL_TIMING_FOR_TEST_H +#define EXTERNAL_TIMING_FOR_TEST_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#include + +/** + * \brief timer structure + */ +struct mbedtls_timing_hr_time { + unsigned char opaque[32]; +}; + +/** + * \brief Context for mbedtls_timing_set/get_delay() + */ +typedef struct mbedtls_timing_delay_context { + struct mbedtls_timing_hr_time timer; + uint32_t int_ms; + uint32_t fin_ms; +} mbedtls_timing_delay_context; + +#else /* MBEDTLS_TIMING_ALT */ +#include "timing_alt.h" +#endif /* MBEDTLS_TIMING_ALT */ + +extern volatile int mbedtls_timing_alarmed; + +/** + * \brief Return the CPU cycle counter value + * + * \warning This is only a best effort! Do not rely on this! + * In particular, it is known to be unreliable on virtual + * machines. + * + * \note This value starts at an unspecified origin and + * may wrap around. + */ +unsigned long mbedtls_timing_hardclock(void); + +/** + * \brief Return the elapsed time in milliseconds + * + * \param val points to a timer structure + * \param reset If 0, query the elapsed time. Otherwise (re)start the timer. + * + * \return Elapsed time since the previous reset in ms. When + * restarting, this is always 0. + * + * \note To initialize a timer, call this function with reset=1. + * + * Determining the elapsed time and resetting the timer is not + * atomic on all platforms, so after the sequence + * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 = + * get_timer(0) }` the value time1+time2 is only approximately + * the delay since the first reset. + */ +unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset); + +/** + * \brief Setup an alarm clock + * + * \param seconds delay before the "mbedtls_timing_alarmed" flag is set + * (must be >=0) + * + * \warning Only one alarm at a time is supported. In a threaded + * context, this means one for the whole process, not one per + * thread. + */ +void mbedtls_set_alarm(int seconds); + +/** + * \brief Set a pair of delays to watch + * (See \c mbedtls_timing_get_delay().) + * + * \param data Pointer to timing data. + * Must point to a valid \c mbedtls_timing_delay_context struct. + * \param int_ms First (intermediate) delay in milliseconds. + * The effect if int_ms > fin_ms is unspecified. + * \param fin_ms Second (final) delay in milliseconds. + * Pass 0 to cancel the current delay. + * + * \note To set a single delay, either use \c mbedtls_timing_set_timer + * directly or use this function with int_ms == fin_ms. + */ +void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms); + +/** + * \brief Get the status of delays + * (Memory helper: number of delays passed.) + * + * \param data Pointer to timing data + * Must point to a valid \c mbedtls_timing_delay_context struct. + * + * \return -1 if cancelled (fin_ms = 0), + * 0 if none of the delays are passed, + * 1 if only the intermediate delay is passed, + * 2 if the final delay is passed. + */ +int mbedtls_timing_get_delay(void *data); + +#ifdef __cplusplus +} + +#endif /* EXTERNAL_TIMING_FOR_TEST_H */ diff --git a/third_party/mbedtls/repo/tests/src/fake_external_rng_for_test.c b/third_party/mbedtls/repo/tests/src/fake_external_rng_for_test.c index 9c2195bf0c1..c0bfde51aa0 100644 --- a/third_party/mbedtls/repo/tests/src/fake_external_rng_for_test.c +++ b/third_party/mbedtls/repo/tests/src/fake_external_rng_for_test.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -28,29 +16,30 @@ static int test_insecure_external_rng_enabled = 0; -void mbedtls_test_enable_insecure_external_rng( void ) +void mbedtls_test_enable_insecure_external_rng(void) { test_insecure_external_rng_enabled = 1; } -void mbedtls_test_disable_insecure_external_rng( void ) +void mbedtls_test_disable_insecure_external_rng(void) { test_insecure_external_rng_enabled = 0; } psa_status_t mbedtls_psa_external_get_random( mbedtls_psa_external_random_context_t *context, - uint8_t *output, size_t output_size, size_t *output_length ) + uint8_t *output, size_t output_size, size_t *output_length) { (void) context; - if( !test_insecure_external_rng_enabled ) - return( PSA_ERROR_INSUFFICIENT_ENTROPY ); + if (!test_insecure_external_rng_enabled) { + return PSA_ERROR_INSUFFICIENT_ENTROPY; + } /* This implementation is for test purposes only! * Use the libc non-cryptographic random generator. */ - mbedtls_test_rnd_std_rand( NULL, output, output_size ); + mbedtls_test_rnd_std_rand(NULL, output, output_size); *output_length = output_size; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ diff --git a/third_party/mbedtls/repo/tests/src/helpers.c b/third_party/mbedtls/repo/tests/src/helpers.c index c53e4fc8169..2df3ce5b907 100644 --- a/third_party/mbedtls/repo/tests/src/helpers.c +++ b/third_party/mbedtls/repo/tests/src/helpers.c @@ -1,20 +1,9 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +#include #include #include #include @@ -23,12 +12,16 @@ #include #endif +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include +#include +#endif + /*----------------------------------------------------------------------------*/ /* Static global variables */ #if defined(MBEDTLS_CHECK_PARAMS) -typedef struct -{ +typedef struct { uint8_t expected_call; uint8_t expected_call_happened; @@ -49,40 +42,53 @@ mbedtls_test_info_t mbedtls_test_info; /*----------------------------------------------------------------------------*/ /* Helper Functions */ -int mbedtls_test_platform_setup( void ) +int mbedtls_test_platform_setup(void) { int ret = 0; + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + /* Make sure that injected entropy is present. Otherwise + * psa_crypto_init() will fail. This is not necessary for test suites + * that don't use PSA, but it's harmless (except for leaving a file + * behind). */ + ret = mbedtls_test_inject_entropy_restore(); + if (ret != 0) { + return ret; + } +#endif + #if defined(MBEDTLS_PLATFORM_C) - ret = mbedtls_platform_setup( &platform_ctx ); + ret = mbedtls_platform_setup(&platform_ctx); #endif /* MBEDTLS_PLATFORM_C */ - return( ret ); + + return ret; } -void mbedtls_test_platform_teardown( void ) +void mbedtls_test_platform_teardown(void) { #if defined(MBEDTLS_PLATFORM_C) - mbedtls_platform_teardown( &platform_ctx ); + mbedtls_platform_teardown(&platform_ctx); #endif /* MBEDTLS_PLATFORM_C */ } static int ascii2uc(const char c, unsigned char *uc) { - if( ( c >= '0' ) && ( c <= '9' ) ) + if ((c >= '0') && (c <= '9')) { *uc = c - '0'; - else if( ( c >= 'a' ) && ( c <= 'f' ) ) + } else if ((c >= 'a') && (c <= 'f')) { *uc = c - 'a' + 10; - else if( ( c >= 'A' ) && ( c <= 'F' ) ) + } else if ((c >= 'A') && (c <= 'F')) { *uc = c - 'A' + 10; - else - return( -1 ); + } else { + return -1; + } - return( 0 ); + return 0; } -void mbedtls_test_fail( const char *test, int line_no, const char* filename ) +void mbedtls_test_fail(const char *test, int line_no, const char *filename) { - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ return; @@ -93,7 +99,7 @@ void mbedtls_test_fail( const char *test, int line_no, const char* filename ) mbedtls_test_info.filename = filename; } -void mbedtls_test_skip( const char *test, int line_no, const char* filename ) +void mbedtls_test_skip(const char *test, int line_no, const char *filename) { mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SKIPPED; mbedtls_test_info.test = test; @@ -101,145 +107,214 @@ void mbedtls_test_skip( const char *test, int line_no, const char* filename ) mbedtls_test_info.filename = filename; } -void mbedtls_test_set_step( unsigned long step ) +void mbedtls_test_set_step(unsigned long step) { mbedtls_test_info.step = step; } -void mbedtls_test_info_reset( void ) +#if defined(MBEDTLS_BIGNUM_C) +unsigned mbedtls_test_case_uses_negative_0 = 0; +#endif + +void mbedtls_test_info_reset(void) { mbedtls_test_info.result = MBEDTLS_TEST_RESULT_SUCCESS; - mbedtls_test_info.step = (unsigned long)( -1 ); + mbedtls_test_info.step = (unsigned long) (-1); mbedtls_test_info.test = 0; mbedtls_test_info.line_no = 0; mbedtls_test_info.filename = 0; - memset( mbedtls_test_info.line1, 0, sizeof( mbedtls_test_info.line1 ) ); - memset( mbedtls_test_info.line2, 0, sizeof( mbedtls_test_info.line2 ) ); + memset(mbedtls_test_info.line1, 0, sizeof(mbedtls_test_info.line1)); + memset(mbedtls_test_info.line2, 0, sizeof(mbedtls_test_info.line2)); +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_test_case_uses_negative_0 = 0; +#endif +} + +int mbedtls_test_equal(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) +{ + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 == value2) { + return 1; + } + + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { + /* We've already recorded the test as having failed. Don't + * overwrite any previous information about the failure. */ + return 0; + } + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %lld", + value1, (long long) value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %lld", + value2, (long long) value2); + return 0; +} + +int mbedtls_test_le_u(const char *test, int line_no, const char *filename, + unsigned long long value1, unsigned long long value2) +{ + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 <= value2) { + return 1; + } + + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { + /* We've already recorded the test as having failed. Don't + * overwrite any previous information about the failure. */ + return 0; + } + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %llu", + value1, value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %llu", + value2, value2); + return 0; } -int mbedtls_test_equal( const char *test, int line_no, const char* filename, - unsigned long long value1, unsigned long long value2 ) +int mbedtls_test_le_s(const char *test, int line_no, const char *filename, + long long value1, long long value2) { - if( value1 == value2 ) - return( 1 ); - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ) - { + TEST_CF_PUBLIC(&value1, sizeof(value1)); + TEST_CF_PUBLIC(&value2, sizeof(value2)); + + if (value1 <= value2) { + return 1; + } + + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED) { /* We've already recorded the test as having failed. Don't * overwrite any previous information about the failure. */ - return( 0 ); + return 0; } - mbedtls_test_fail( test, line_no, filename ); - (void) mbedtls_snprintf( mbedtls_test_info.line1, - sizeof( mbedtls_test_info.line1 ), - "lhs = 0x%016llx = %lld", - value1, (long long) value1 ); - (void) mbedtls_snprintf( mbedtls_test_info.line2, - sizeof( mbedtls_test_info.line2 ), - "rhs = 0x%016llx = %lld", - value2, (long long) value2 ); - return( 0 ); + mbedtls_test_fail(test, line_no, filename); + (void) mbedtls_snprintf(mbedtls_test_info.line1, + sizeof(mbedtls_test_info.line1), + "lhs = 0x%016llx = %lld", + (unsigned long long) value1, value1); + (void) mbedtls_snprintf(mbedtls_test_info.line2, + sizeof(mbedtls_test_info.line2), + "rhs = 0x%016llx = %lld", + (unsigned long long) value2, value2); + return 0; } -int mbedtls_test_unhexify( unsigned char *obuf, - size_t obufmax, - const char *ibuf, - size_t *len ) +int mbedtls_test_unhexify(unsigned char *obuf, + size_t obufmax, + const char *ibuf, + size_t *len) { unsigned char uc, uc2; - *len = strlen( ibuf ); + *len = strlen(ibuf); /* Must be even number of bytes. */ - if ( ( *len ) & 1 ) - return( -1 ); + if ((*len) & 1) { + return -1; + } *len /= 2; - if ( (*len) > obufmax ) - return( -1 ); + if ((*len) > obufmax) { + return -1; + } - while( *ibuf != 0 ) - { - if ( ascii2uc( *(ibuf++), &uc ) != 0 ) - return( -1 ); + while (*ibuf != 0) { + if (ascii2uc(*(ibuf++), &uc) != 0) { + return -1; + } - if ( ascii2uc( *(ibuf++), &uc2 ) != 0 ) - return( -1 ); + if (ascii2uc(*(ibuf++), &uc2) != 0) { + return -1; + } - *(obuf++) = ( uc << 4 ) | uc2; + *(obuf++) = (uc << 4) | uc2; } - return( 0 ); + return 0; } -void mbedtls_test_hexify( unsigned char *obuf, - const unsigned char *ibuf, - int len ) +void mbedtls_test_hexify(unsigned char *obuf, + const unsigned char *ibuf, + int len) { unsigned char l, h; - while( len != 0 ) - { + while (len != 0) { h = *ibuf / 16; l = *ibuf % 16; - if( h < 10 ) + if (h < 10) { *obuf++ = '0' + h; - else + } else { *obuf++ = 'a' + h - 10; + } - if( l < 10 ) + if (l < 10) { *obuf++ = '0' + l; - else + } else { *obuf++ = 'a' + l - 10; + } ++ibuf; len--; } } -unsigned char *mbedtls_test_zero_alloc( size_t len ) +unsigned char *mbedtls_test_zero_alloc(size_t len) { void *p; - size_t actual_len = ( len != 0 ) ? len : 1; + size_t actual_len = (len != 0) ? len : 1; - p = mbedtls_calloc( 1, actual_len ); - TEST_HELPER_ASSERT( p != NULL ); + p = mbedtls_calloc(1, actual_len); + TEST_HELPER_ASSERT(p != NULL); - memset( p, 0x00, actual_len ); + memset(p, 0x00, actual_len); - return( p ); + return p; } -unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen ) +unsigned char *mbedtls_test_unhexify_alloc(const char *ibuf, size_t *olen) { unsigned char *obuf; size_t len; - *olen = strlen( ibuf ) / 2; + *olen = strlen(ibuf) / 2; - if( *olen == 0 ) - return( mbedtls_test_zero_alloc( *olen ) ); + if (*olen == 0) { + return mbedtls_test_zero_alloc(*olen); + } - obuf = mbedtls_calloc( 1, *olen ); - TEST_HELPER_ASSERT( obuf != NULL ); - TEST_HELPER_ASSERT( mbedtls_test_unhexify( obuf, *olen, ibuf, &len ) == 0 ); + obuf = mbedtls_calloc(1, *olen); + TEST_HELPER_ASSERT(obuf != NULL); + TEST_HELPER_ASSERT(mbedtls_test_unhexify(obuf, *olen, ibuf, &len) == 0); - return( obuf ); + return obuf; } -int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, - uint32_t a_len, uint32_t b_len ) +int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, + uint32_t a_len, uint32_t b_len) { int ret = 0; uint32_t i = 0; - if( a_len != b_len ) - return( -1 ); + if (a_len != b_len) { + return -1; + } - for( i = 0; i < a_len; i++ ) - { - if( a[i] != b[i] ) - { + for (i = 0; i < a_len; i++) { + if (a[i] != b[i]) { ret = -1; break; } @@ -249,40 +324,41 @@ int mbedtls_test_hexcmp( uint8_t * a, uint8_t * b, #if defined(MBEDTLS_CHECK_PARAMS) void mbedtls_test_param_failed_get_location_record( - mbedtls_test_param_failed_location_record_t *location_record ) + mbedtls_test_param_failed_location_record_t *location_record) { *location_record = param_failed_ctx.location_record; } -void mbedtls_test_param_failed_expect_call( void ) +void mbedtls_test_param_failed_expect_call(void) { param_failed_ctx.expected_call_happened = 0; param_failed_ctx.expected_call = 1; } -int mbedtls_test_param_failed_check_expected_call( void ) +int mbedtls_test_param_failed_check_expected_call(void) { param_failed_ctx.expected_call = 0; - if( param_failed_ctx.expected_call_happened != 0 ) - return( 0 ); + if (param_failed_ctx.expected_call_happened != 0) { + return 0; + } - return( -1 ); + return -1; } -void* mbedtls_test_param_failed_get_state_buf( void ) +void *mbedtls_test_param_failed_get_state_buf(void) { return ¶m_failed_ctx.state; } -void mbedtls_test_param_failed_reset_state( void ) +void mbedtls_test_param_failed_reset_state(void) { - memset( param_failed_ctx.state, 0, sizeof( param_failed_ctx.state ) ); + memset(param_failed_ctx.state, 0, sizeof(param_failed_ctx.state)); } -void mbedtls_param_failed( const char *failure_condition, - const char *file, - int line ) +void mbedtls_param_failed(const char *failure_condition, + const char *file, + int line) { /* Record the location of the failure */ param_failed_ctx.location_record.failure_condition = failure_condition; @@ -290,27 +366,24 @@ void mbedtls_param_failed( const char *failure_condition, param_failed_ctx.location_record.line = line; /* If we are testing the callback function... */ - if( param_failed_ctx.expected_call != 0 ) - { + if (param_failed_ctx.expected_call != 0) { param_failed_ctx.expected_call = 0; param_failed_ctx.expected_call_happened = 1; - } - else - { + } else { /* ...else try a long jump. If the execution state has not been set-up * or reset then the long jump buffer is all zero's and the call will * with high probability fault, emphasizing there is something to look * at. */ - longjmp( param_failed_ctx.state, 1 ); + longjmp(param_failed_ctx.state, 1); } } #endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_TEST_HOOKS) -void mbedtls_test_err_add_check( int high, int low, - const char *file, int line ) +void mbedtls_test_err_add_check(int high, int low, + const char *file, int line) { /* Error codes are always negative (a value of zero is a success) however * their positive opposites can be easier to understand. The following @@ -324,57 +397,64 @@ void mbedtls_test_err_add_check( int high, int low, * and module-dependent error code (bits 7..11)). * l = low level error code. */ - if ( high > -0x1000 && high != 0 ) - /* high < 0001000000000000 - * No high level module ID bits are set. - */ - { - mbedtls_test_fail( "'high' is not a high-level error code", - line, file ); - } - else if ( high < -0x7F80 ) - /* high > 0111111110000000 - * Error code is greater than the largest allowed high level module ID. - */ - { - mbedtls_test_fail( "'high' error code is greater than 15 bits", - line, file ); - } - else if ( ( high & 0x7F ) != 0 ) - /* high & 0000000001111111 - * Error code contains low level error code bits. - */ - { - mbedtls_test_fail( "'high' contains a low-level error code", - line, file ); - } - else if ( low < -0x007F ) - /* low > 0000000001111111 - * Error code contains high or module level error code bits. - */ - { - mbedtls_test_fail( "'low' error code is greater than 7 bits", - line, file ); - } - else if ( low > 0 ) - { - mbedtls_test_fail( "'low' error code is greater than zero", - line, file ); + if (high > -0x1000 && high != 0) { + /* high < 0001000000000000 + * No high level module ID bits are set. + */ + mbedtls_test_fail("'high' is not a high-level error code", + line, file); + } else if (high < -0x7F80) { + /* high > 0111111110000000 + * Error code is greater than the largest allowed high level module ID. + */ + mbedtls_test_fail("'high' error code is greater than 15 bits", + line, file); + } else if ((high & 0x7F) != 0) { + /* high & 0000000001111111 + * Error code contains low level error code bits. + */ + mbedtls_test_fail("'high' contains a low-level error code", + line, file); + } else if (low < -0x007F) { + /* low > 0000000001111111 + * Error code contains high or module level error code bits. + */ + mbedtls_test_fail("'low' error code is greater than 7 bits", + line, file); + } else if (low > 0) { + mbedtls_test_fail("'low' error code is greater than zero", + line, file); } } #endif /* MBEDTLS_TEST_HOOKS */ #if defined(MBEDTLS_BIGNUM_C) -int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s ) +int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s) { + int negative = 0; + /* Always set the sign bit to -1 if the input has a minus sign, even for 0. + * This creates an invalid representation, which mbedtls_mpi_read_string() + * avoids but we want to be able to create that in test data. */ + if (s[0] == '-') { + ++s; + negative = 1; + } /* mbedtls_mpi_read_string() currently retains leading zeros. * It always allocates at least one limb for the value 0. */ - if( s[0] == 0 ) - { - mbedtls_mpi_free( X ); - return( 0 ); + if (s[0] == 0) { + mbedtls_mpi_free(X); + return 0; + } + int ret = mbedtls_mpi_read_string(X, 16, s); + if (ret != 0) { + return ret; + } + if (negative) { + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + ++mbedtls_test_case_uses_negative_0; + } + X->s = -1; } - else - return( mbedtls_mpi_read_string( X, radix, s ) ); + return 0; } #endif diff --git a/third_party/mbedtls/repo/tests/src/psa_crypto_helpers.c b/third_party/mbedtls/repo/tests/src/psa_crypto_helpers.c index 299b6d125da..4bbbb3acc2a 100644 --- a/third_party/mbedtls/repo/tests/src/psa_crypto_helpers.c +++ b/third_party/mbedtls/repo/tests/src/psa_crypto_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -36,96 +24,162 @@ static mbedtls_svc_key_id_t key_ids_used_in_test[9]; static size_t num_key_ids_used; -int mbedtls_test_uses_key_id( mbedtls_svc_key_id_t key_id ) +int mbedtls_test_uses_key_id(mbedtls_svc_key_id_t key_id) { size_t i; - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key_id ) > - PSA_MAX_PERSISTENT_KEY_IDENTIFIER ) - { + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key_id) > + PSA_MAX_PERSISTENT_KEY_IDENTIFIER) { /* Don't touch key id values that designate non-key files. */ - return( 1 ); + return 1; } - for( i = 0; i < num_key_ids_used ; i++ ) - { - if( mbedtls_svc_key_id_equal( key_id, key_ids_used_in_test[i] ) ) - return( 1 ); + for (i = 0; i < num_key_ids_used; i++) { + if (mbedtls_svc_key_id_equal(key_id, key_ids_used_in_test[i])) { + return 1; + } + } + if (num_key_ids_used == ARRAY_LENGTH(key_ids_used_in_test)) { + return 0; } - if( num_key_ids_used == ARRAY_LENGTH( key_ids_used_in_test ) ) - return( 0 ); key_ids_used_in_test[num_key_ids_used] = key_id; ++num_key_ids_used; - return( 1 ); + return 1; } -void mbedtls_test_psa_purge_key_storage( void ) +void mbedtls_test_psa_purge_key_storage(void) { size_t i; - for( i = 0; i < num_key_ids_used; i++ ) - psa_destroy_persistent_key( key_ids_used_in_test[i] ); + for (i = 0; i < num_key_ids_used; i++) { + psa_destroy_persistent_key(key_ids_used_in_test[i]); + } num_key_ids_used = 0; } -void mbedtls_test_psa_purge_key_cache( void ) +void mbedtls_test_psa_purge_key_cache(void) { size_t i; - for( i = 0; i < num_key_ids_used; i++ ) - psa_purge_key( key_ids_used_in_test[i] ); + for (i = 0; i < num_key_ids_used; i++) { + psa_purge_key(key_ids_used_in_test[i]); + } } #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -const char *mbedtls_test_helper_is_psa_leaking( void ) +const char *mbedtls_test_helper_is_psa_leaking(void) { mbedtls_psa_stats_t stats; - mbedtls_psa_get_stats( &stats ); + mbedtls_psa_get_stats(&stats); - if( stats.volatile_slots != 0 ) - return( "A volatile slot has not been closed properly." ); - if( stats.persistent_slots != 0 ) - return( "A persistent slot has not been closed properly." ); - if( stats.external_slots != 0 ) - return( "An external slot has not been closed properly." ); - if( stats.half_filled_slots != 0 ) - return( "A half-filled slot has not been cleared properly." ); - if( stats.locked_slots != 0 ) - return( "Some slots are still marked as locked." ); + if (stats.volatile_slots != 0) { + return "A volatile slot has not been closed properly."; + } + if (stats.persistent_slots != 0) { + return "A persistent slot has not been closed properly."; + } + if (stats.external_slots != 0) { + return "An external slot has not been closed properly."; + } + if (stats.half_filled_slots != 0) { + return "A half-filled slot has not been cleared properly."; + } + if (stats.locked_slots != 0) { + return "Some slots are still marked as locked."; + } - return( NULL ); + return NULL; } #if defined(RECORD_PSA_STATUS_COVERAGE_LOG) /** Name of the file where return statuses are logged by #RECORD_STATUS. */ #define STATUS_LOG_FILE_NAME "statuses.log" -psa_status_t mbedtls_test_record_status( psa_status_t status, - const char *func, - const char *file, int line, - const char *expr ) +psa_status_t mbedtls_test_record_status(psa_status_t status, + const char *func, + const char *file, int line, + const char *expr) { /* We open the log file on first use. * We never close the log file, so the record_status feature is not * compatible with resource leak detectors such as Asan. */ static FILE *log; - if( log == NULL ) - log = fopen( STATUS_LOG_FILE_NAME, "a" ); - fprintf( log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr ); - return( status ); + if (log == NULL) { + log = fopen(STATUS_LOG_FILE_NAME, "a"); + } + fprintf(log, "%d:%s:%s:%d:%s\n", (int) status, func, file, line, expr); + return status; } #endif /* defined(RECORD_PSA_STATUS_COVERAGE_LOG) */ -psa_key_usage_t mbedtls_test_update_key_usage_flags( psa_key_usage_t usage_flags ) +psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) { psa_key_usage_t updated_usage = usage_flags; - if( usage_flags & PSA_KEY_USAGE_SIGN_HASH ) + if (usage_flags & PSA_KEY_USAGE_SIGN_HASH) { updated_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } - if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH ) + if (usage_flags & PSA_KEY_USAGE_VERIFY_HASH) { updated_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } - return( updated_usage ); + return updated_usage; +} + +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename) +{ + const char *msg = mbedtls_test_helper_is_psa_leaking(); + if (msg == NULL) { + return 0; + } else { + mbedtls_test_fail(msg, line_no, filename); + return 1; + } } +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + +#include +#include + +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len) +{ + size_t actual_len = 0; + psa_status_t status = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + 0, len, buf, &actual_len); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + if (actual_len != len) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + return 0; +} + +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len) +{ + psa_status_t status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + len, buf, 0); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + return 0; +} + +int mbedtls_test_inject_entropy_restore(void) +{ + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; + for (size_t i = 0; i < sizeof(buf); i++) { + buf[i] = (unsigned char) i; + } + psa_status_t status = mbedtls_psa_inject_entropy(buf, sizeof(buf)); + /* It's ok if the file was just created, or if it already exists. */ + if (status != PSA_SUCCESS && status != PSA_ERROR_NOT_PERMITTED) { + return status; + } + return PSA_SUCCESS; +} + +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/third_party/mbedtls/repo/tests/src/psa_exercise_key.c b/third_party/mbedtls/repo/tests/src/psa_exercise_key.c index c1e76c85ef6..71053240cdc 100644 --- a/third_party/mbedtls/repo/tests/src/psa_exercise_key.c +++ b/third_party/mbedtls/repo/tests/src/psa_exercise_key.c @@ -4,19 +4,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -33,14 +21,14 @@ #include #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -static int lifetime_is_dynamic_secure_element( psa_key_lifetime_t lifetime ) +static int lifetime_is_dynamic_secure_element(psa_key_lifetime_t lifetime) { - return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) != - PSA_KEY_LOCATION_LOCAL_STORAGE ); + return PSA_KEY_LIFETIME_GET_LOCATION(lifetime) != + PSA_KEY_LOCATION_LOCAL_STORAGE; } #endif -static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) +static int check_key_attributes_sanity(mbedtls_svc_key_id_t key) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -49,58 +37,54 @@ static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) psa_key_type_t type; size_t bits; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - lifetime = psa_get_key_lifetime( &attributes ); - id = psa_get_key_id( &attributes ); - type = psa_get_key_type( &attributes ); - bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + lifetime = psa_get_key_lifetime(&attributes); + id = psa_get_key_id(&attributes); + type = psa_get_key_type(&attributes); + bits = psa_get_key_bits(&attributes); /* Persistence */ - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { TEST_ASSERT( - ( PSA_KEY_ID_VOLATILE_MIN <= - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) && - ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= - PSA_KEY_ID_VOLATILE_MAX ) ); - } - else - { + (PSA_KEY_ID_VOLATILE_MIN <= + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= + PSA_KEY_ID_VOLATILE_MAX)); + } else { TEST_ASSERT( - ( PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) ) && - ( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( id ) <= PSA_KEY_ID_USER_MAX ) ); + (PSA_KEY_ID_USER_MIN <= MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id)) && + (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(id) <= PSA_KEY_ID_USER_MAX)); } #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* randomly-generated 64-bit constant, should never appear in test data */ psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; - psa_status_t status = psa_get_key_slot_number( &attributes, &slot_number ); - if( lifetime_is_dynamic_secure_element( lifetime ) ) - { - /* Mbed Crypto currently always exposes the slot number to + psa_status_t status = psa_get_key_slot_number(&attributes, &slot_number); + if (lifetime_is_dynamic_secure_element(lifetime)) { + /* Mbed TLS currently always exposes the slot number to * applications. This is not mandated by the PSA specification * and may change in future versions. */ - TEST_EQUAL( status, 0 ); - TEST_ASSERT( slot_number != 0xec94d4a5058a1a21 ); - } - else - { - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(status, 0); + TEST_ASSERT(slot_number != 0xec94d4a5058a1a21); + } else { + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); } #endif /* Type and size */ - TEST_ASSERT( type != 0 ); - TEST_ASSERT( bits != 0 ); - TEST_ASSERT( bits <= PSA_MAX_KEY_BITS ); - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - TEST_ASSERT( bits % 8 == 0 ); + TEST_ASSERT(type != 0); + TEST_ASSERT(bits != 0); + TEST_ASSERT(bits <= PSA_MAX_KEY_BITS); + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_ASSERT(bits % 8 == 0); + } /* MAX macros concerning specific key types */ - if( PSA_KEY_TYPE_IS_ECC( type ) ) - TEST_ASSERT( bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS ); - else if( PSA_KEY_TYPE_IS_RSA( type ) ) - TEST_ASSERT( bits <= PSA_VENDOR_RSA_MAX_KEY_BITS ); - TEST_ASSERT( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE ); + if (PSA_KEY_TYPE_IS_ECC(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS); + } else if (PSA_KEY_TYPE_IS_RSA(type)) { + TEST_ASSERT(bits <= PSA_VENDOR_RSA_MAX_KEY_BITS); + } + TEST_ASSERT(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type) <= PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE); ok = 1; @@ -109,400 +93,389 @@ static int check_key_attributes_sanity( mbedtls_svc_key_id_t key ) * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } -static int exercise_mac_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_mac_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; const unsigned char input[] = "foo"; - unsigned char mac[PSA_MAC_MAX_SIZE] = {0}; - size_t mac_length = sizeof( mac ); + unsigned char mac[PSA_MAC_MAX_SIZE] = { 0 }; + size_t mac_length = sizeof(mac); /* Convert wildcard algorithm to exercisable algorithm */ - if( alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG ) - { - alg = PSA_ALG_TRUNCATED_MAC( alg, PSA_MAC_TRUNCATED_LENGTH( alg ) ); + if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_TRUNCATED_MAC(alg, PSA_MAC_TRUNCATED_LENGTH(alg)); } - if( usage & PSA_KEY_USAGE_SIGN_HASH ) - { - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - mac, sizeof( mac ), - &mac_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + mac, sizeof(mac), + &mac_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_HASH ) - { + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_HASH ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input, sizeof( input ) ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input, sizeof(input))); + TEST_EQUAL(psa_mac_verify_finish(&operation, mac, mac_length), + verify_status); } - return( 1 ); + return 1; exit: - psa_mac_abort( &operation ); - return( 0 ); + psa_mac_abort(&operation); + return 0; } -static int exercise_cipher_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_cipher_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - unsigned char iv[16] = {0}; - size_t iv_length = sizeof( iv ); + unsigned char iv[PSA_CIPHER_IV_MAX_SIZE] = { 0 }; + size_t iv_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; const unsigned char plaintext[16] = "Hello, world..."; unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); - unsigned char decrypted[sizeof( ciphertext )]; + size_t ciphertext_length = sizeof(ciphertext); + unsigned char decrypted[sizeof(ciphertext)]; size_t part_length; - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_generate_iv( &operation, - iv, sizeof( iv ), - &iv_length ) ); - PSA_ASSERT( psa_cipher_update( &operation, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - ciphertext + ciphertext_length, - sizeof( ciphertext ) - ciphertext_length, - &part_length ) ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg); + + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_generate_iv(&operation, + iv, sizeof(iv), + &iv_length)); + } + PSA_ASSERT(psa_cipher_update(&operation, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length)); + PSA_ASSERT(psa_cipher_finish(&operation, + ciphertext + ciphertext_length, + sizeof(ciphertext) - ciphertext_length, + &part_length)); ciphertext_length += part_length; } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t status; int maybe_invalid_padding = 0; - if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) ) - { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - /* This should be PSA_CIPHER_GET_IV_SIZE but the API doesn't - * have this macro yet. */ - iv_length = PSA_BLOCK_CIPHER_BLOCK_LENGTH( - psa_get_key_type( &attributes ) ); - maybe_invalid_padding = ! PSA_ALG_IS_STREAM_CIPHER( alg ); - psa_reset_key_attributes( &attributes ); + if (!(usage & PSA_KEY_USAGE_ENCRYPT)) { + maybe_invalid_padding = !PSA_ALG_IS_STREAM_CIPHER(alg); + } + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + if (iv_length != 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, iv_length)); } - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, iv_length ) ); - PSA_ASSERT( psa_cipher_update( &operation, - ciphertext, ciphertext_length, - decrypted, sizeof( decrypted ), - &part_length ) ); - status = psa_cipher_finish( &operation, - decrypted + part_length, - sizeof( decrypted ) - part_length, - &part_length ); + PSA_ASSERT(psa_cipher_update(&operation, + ciphertext, ciphertext_length, + decrypted, sizeof(decrypted), + &part_length)); + status = psa_cipher_finish(&operation, + decrypted + part_length, + sizeof(decrypted) - part_length, + &part_length); /* For a stream cipher, all inputs are valid. For a block cipher, - * if the input is some aribtrary data rather than an actual - ciphertext, a padding error is likely. */ - if( maybe_invalid_padding ) - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INVALID_PADDING ); - else - PSA_ASSERT( status ); + * if the input is some arbitrary data rather than an actual + ciphertext, a padding error is likely. */ + if (maybe_invalid_padding) { + TEST_ASSERT(status == PSA_SUCCESS || + status == PSA_ERROR_INVALID_PADDING); + } else { + PSA_ASSERT(status); + } } - return( 1 ); + return 1; exit: - psa_cipher_abort( &operation ); - return( 0 ); + psa_cipher_abort(&operation); + psa_reset_key_attributes(&attributes); + return 0; } -static int exercise_aead_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_aead_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { - unsigned char nonce[16] = {0}; - size_t nonce_length = sizeof( nonce ); + unsigned char nonce[PSA_AEAD_NONCE_MAX_SIZE] = { 0 }; + size_t nonce_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t key_type; unsigned char plaintext[16] = "Hello, world..."; unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); - size_t plaintext_length = sizeof( ciphertext ); + size_t ciphertext_length = sizeof(ciphertext); + size_t plaintext_length = sizeof(ciphertext); /* Convert wildcard algorithm to exercisable algorithm */ - if( alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG ) - { - alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, PSA_ALG_AEAD_GET_TAG_LENGTH( alg ) ); - } - - /* Default IV length for AES-GCM is 12 bytes */ - if( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ) ) - { - nonce_length = 12; + if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { + alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, PSA_ALG_AEAD_GET_TAG_LENGTH(alg)); } - /* IV length for CCM needs to be between 7 and 13 bytes */ - if( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) == - PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ) ) - { - nonce_length = 12; - } + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_type = psa_get_key_type(&attributes); + nonce_length = PSA_AEAD_NONCE_LENGTH(key_type, alg); - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_aead_encrypt( key, alg, - nonce, nonce_length, - NULL, 0, - plaintext, sizeof( plaintext ), - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_aead_encrypt(key, alg, + nonce, nonce_length, + NULL, 0, + plaintext, sizeof(plaintext), + ciphertext, sizeof(ciphertext), + &ciphertext_length)); } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_ENCRYPT ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_aead_decrypt( key, alg, - nonce, nonce_length, - NULL, 0, - ciphertext, ciphertext_length, - plaintext, sizeof( plaintext ), - &plaintext_length ), - verify_status ); + (usage & PSA_KEY_USAGE_ENCRYPT ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_aead_decrypt(key, alg, + nonce, nonce_length, + NULL, 0, + ciphertext, ciphertext_length, + plaintext, sizeof(plaintext), + &plaintext_length), + verify_status); } - return( 1 ); + return 1; exit: - return( 0 ); + psa_reset_key_attributes(&attributes); + return 0; } -static int exercise_signature_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int can_sign_or_verify_message(psa_key_usage_t usage, + psa_algorithm_t alg) { - if( usage & ( PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ) ) - { - unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + /* Sign-the-unspecified-hash algorithms can only be used with + * {sign,verify}_hash, not with {sign,verify}_message. */ + if (alg == PSA_ALG_ECDSA_ANY || alg == PSA_ALG_RSA_PKCS1V15_SIGN_RAW) { + return 0; + } + return usage & (PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE); +} + +static int exercise_signature_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) +{ + if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH)) { + unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; size_t payload_length = 16; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; - size_t signature_length = sizeof( signature ); - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t signature_length = sizeof(signature); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); /* If the policy allows signing with any hash, just pick one. */ - if( PSA_ALG_IS_SIGN_HASH( alg ) && hash_alg == PSA_ALG_ANY_HASH ) - { + if (PSA_ALG_IS_SIGN_HASH(alg) && hash_alg == PSA_ALG_ANY_HASH) { #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG) hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG; alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else - TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); + TEST_FAIL("No hash algorithm for hash-and-sign testing"); #endif } /* Some algorithms require the payload to have the size of * the hash encoded in the algorithm. Use this input size * even for algorithms that allow other input sizes. */ - if( hash_alg != 0 ) - payload_length = PSA_HASH_LENGTH( hash_alg ); + if (hash_alg != 0) { + payload_length = PSA_HASH_LENGTH(hash_alg); + } - if( usage & PSA_KEY_USAGE_SIGN_HASH ) - { - PSA_ASSERT( psa_sign_hash( key, alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_HASH) { + PSA_ASSERT(psa_sign_hash(key, alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_HASH ) - { + if (usage & PSA_KEY_USAGE_VERIFY_HASH) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_HASH ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_hash( key, alg, - payload, payload_length, - signature, signature_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_verify_hash(key, alg, + payload, payload_length, + signature, signature_length), + verify_status); } } - if( usage & ( PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ) ) - { + if (can_sign_or_verify_message(usage, alg)) { unsigned char message[256] = "Hello, world..."; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t message_length = 16; - size_t signature_length = sizeof( signature ); + size_t signature_length = sizeof(signature); - if( usage & PSA_KEY_USAGE_SIGN_MESSAGE ) - { - PSA_ASSERT( psa_sign_message( key, alg, - message, message_length, - signature, sizeof( signature ), - &signature_length ) ); + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + PSA_ASSERT(psa_sign_message(key, alg, + message, message_length, + signature, sizeof(signature), + &signature_length)); } - if( usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) - { + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_MESSAGE ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_message( key, alg, - message, message_length, - signature, signature_length ), - verify_status ); + (usage & PSA_KEY_USAGE_SIGN_MESSAGE ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE); + TEST_EQUAL(psa_verify_message(key, alg, + message, message_length, + signature, signature_length), + verify_status); } } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -static int exercise_asymmetric_encryption_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_asymmetric_encryption_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { unsigned char plaintext[256] = "Hello, world..."; unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)"; - size_t ciphertext_length = sizeof( ciphertext ); + size_t ciphertext_length = sizeof(ciphertext); size_t plaintext_length = 16; - if( usage & PSA_KEY_USAGE_ENCRYPT ) - { - PSA_ASSERT( psa_asymmetric_encrypt( key, alg, - plaintext, plaintext_length, - NULL, 0, - ciphertext, sizeof( ciphertext ), - &ciphertext_length ) ); + if (usage & PSA_KEY_USAGE_ENCRYPT) { + PSA_ASSERT(psa_asymmetric_encrypt(key, alg, + plaintext, plaintext_length, + NULL, 0, + ciphertext, sizeof(ciphertext), + &ciphertext_length)); } - if( usage & PSA_KEY_USAGE_DECRYPT ) - { + if (usage & PSA_KEY_USAGE_DECRYPT) { psa_status_t status = - psa_asymmetric_decrypt( key, alg, - ciphertext, ciphertext_length, - NULL, 0, - plaintext, sizeof( plaintext ), - &plaintext_length ); - TEST_ASSERT( status == PSA_SUCCESS || - ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 && - ( status == PSA_ERROR_INVALID_ARGUMENT || - status == PSA_ERROR_INVALID_PADDING ) ) ); + psa_asymmetric_decrypt(key, alg, + ciphertext, ciphertext_length, + NULL, 0, + plaintext, sizeof(plaintext), + &plaintext_length); + TEST_ASSERT(status == PSA_SUCCESS || + ((usage & PSA_KEY_USAGE_ENCRYPT) == 0 && + (status == PSA_ERROR_INVALID_ARGUMENT || + status == PSA_ERROR_INVALID_PADDING))); } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } int mbedtls_test_psa_setup_key_derivation_wrap( - psa_key_derivation_operation_t* operation, + psa_key_derivation_operation_t *operation, mbedtls_svc_key_id_t key, psa_algorithm_t alg, - const unsigned char* input1, size_t input1_length, - const unsigned char* input2, size_t input2_length, - size_t capacity ) + const unsigned char *input1, size_t input1_length, + const unsigned char *input2, size_t input2_length, + size_t capacity) { - PSA_ASSERT( psa_key_derivation_setup( operation, alg ) ); - if( PSA_ALG_IS_HKDF( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_SALT, - input1, input1_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_INFO, - input2, - input2_length ) ); - } - else if( PSA_ALG_IS_TLS12_PRF( alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_SEED, - input1, input1_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( operation, - PSA_KEY_DERIVATION_INPUT_LABEL, - input2, input2_length ) ); - } - else - { - TEST_ASSERT( ! "Key derivation algorithm not supported" ); - } - - if( capacity != SIZE_MAX ) - PSA_ASSERT( psa_key_derivation_set_capacity( operation, capacity ) ); - - return( 1 ); + PSA_ASSERT(psa_key_derivation_setup(operation, alg)); + if (PSA_ALG_IS_HKDF(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); + } else if (PSA_ALG_IS_TLS12_PRF(alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SEED, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_LABEL, + input2, input2_length)); + } else { + TEST_FAIL("Key derivation algorithm not supported"); + } + + if (capacity != SIZE_MAX) { + PSA_ASSERT(psa_key_derivation_set_capacity(operation, capacity)); + } + + return 1; exit: - return( 0 ); + return 0; } -static int exercise_key_derivation_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_key_derivation_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; - size_t input1_length = sizeof( input1 ); + size_t input1_length = sizeof(input1); unsigned char input2[] = "Input 2"; - size_t input2_length = sizeof( input2 ); + size_t input2_length = sizeof(input2); unsigned char output[1]; - size_t capacity = sizeof( output ); + size_t capacity = sizeof(output); - if( usage & PSA_KEY_USAGE_DERIVE ) - { - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1, input1_length, - input2, input2_length, - capacity ) ) + if (usage & PSA_KEY_USAGE_DERIVE) { + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1, input1_length, + input2, input2_length, + capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, + capacity)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_key_derivation_operation_t *operation, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -515,34 +488,34 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self( psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - private_key_type = psa_get_key_type( &attributes ); - key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); - public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( key, public_key, public_key_length, - &public_key_length ) ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + TEST_CALLOC(public_key, public_key_length); + PSA_ASSERT(psa_export_public_key(key, public_key, public_key_length, + &public_key_length)); status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, key, - public_key, public_key_length ); + public_key, public_key_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( public_key ); - return( status ); + mbedtls_free(public_key); + return status; } /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_algorithm_t alg, - mbedtls_svc_key_id_t key ) + mbedtls_svc_key_id_t key) { psa_key_type_t private_key_type; psa_key_type_t public_key_type; @@ -557,26 +530,25 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - private_key_type = psa_get_key_type( &attributes ); - key_bits = psa_get_key_bits( &attributes ); - public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( private_key_type ); - public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_key_type, key_bits ); - ASSERT_ALLOC( public_key, public_key_length ); - PSA_ASSERT( psa_export_public_key( key, - public_key, public_key_length, - &public_key_length ) ); - - status = psa_raw_key_agreement( alg, key, - public_key, public_key_length, - output, sizeof( output ), &output_length ); - if ( status == PSA_SUCCESS ) - { - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( private_key_type, - key_bits ) ); - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + private_key_type = psa_get_key_type(&attributes); + key_bits = psa_get_key_bits(&attributes); + public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); + public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); + TEST_CALLOC(public_key, public_key_length); + PSA_ASSERT(psa_export_public_key(key, + public_key, public_key_length, + &public_key_length)); + + status = psa_raw_key_agreement(alg, key, + public_key, public_key_length, + output, sizeof(output), &output_length); + if (status == PSA_SUCCESS) { + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(private_key_type, + key_bits)); + TEST_ASSERT(output_length <= + PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); } exit: @@ -584,69 +556,86 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( public_key ); - return( status ); + mbedtls_free(public_key); + return status; } -static int exercise_raw_key_agreement_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_raw_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { int ok = 0; - if( usage & PSA_KEY_USAGE_DERIVE ) - { + if (usage & PSA_KEY_USAGE_DERIVE) { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( mbedtls_test_psa_raw_key_agreement_with_self( alg, key ) ); + PSA_ASSERT(mbedtls_test_psa_raw_key_agreement_with_self(alg, key)); } ok = 1; exit: - return( ok ); + return ok; } -static int exercise_key_agreement_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +static int exercise_key_agreement_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + unsigned char input[1]; unsigned char output[1]; int ok = 0; + psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); - if( usage & PSA_KEY_USAGE_DERIVE ) - { + if (usage & PSA_KEY_USAGE_DERIVE) { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( mbedtls_test_psa_key_agreement_with_self( &operation, key ) ); - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, - sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_SEED, + input, sizeof(input))); + } + + PSA_ASSERT(mbedtls_test_psa_key_agreement_with_self(&operation, key)); + + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_LABEL, + input, sizeof(input))); + } else if (PSA_ALG_IS_HKDF(kdf_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + input, sizeof(input))); + } + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, + sizeof(output))); + PSA_ASSERT(psa_key_derivation_abort(&operation)); } ok = 1; exit: - return( ok ); + return ok; } int mbedtls_test_psa_exported_key_sanity_check( psa_key_type_t type, size_t bits, - const uint8_t *exported, size_t exported_length ) + const uint8_t *exported, size_t exported_length) { - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ) ); + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits)); - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); - else + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); + } else #if defined(MBEDTLS_ASN1_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) - { - uint8_t *p = (uint8_t*) exported; + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + uint8_t *p = (uint8_t *) exported; const uint8_t *end = exported + exported_length; size_t len; /* RSAPrivateKey ::= SEQUENCE { @@ -661,139 +650,139 @@ int mbedtls_test_psa_exported_key_sanity_check( * coefficient INTEGER, -- (inverse of q) mod p * } */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), 0 ); - TEST_EQUAL( len, end - p ); - if( ! mbedtls_test_asn1_skip_integer( &p, end, 0, 0, 0 ) ) + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, 0, 0, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { goto exit; + } /* Require d to be at least half the size of n. */ - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits, 1 ) ) + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits, 1)) { goto exit; + } /* Require p and q to be at most half the size of n, rounded up. */ - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, bits / 2, bits / 2 + 1, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 1, bits / 2 + 1, 0)) { goto exit; - TEST_EQUAL( p - end, 0 ); + } + TEST_EQUAL(p - end, 0); - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { /* Just the secret value */ - TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) ); + TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ASN1_PARSE_C) - if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) - { - uint8_t *p = (uint8_t*) exported; + if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) { + uint8_t *p = (uint8_t *) exported; const uint8_t *end = exported + exported_length; size_t len; /* RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ), - 0 ); - TEST_EQUAL( len, end - p ); - if( ! mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ) + TEST_EQUAL(mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED), + 0); + TEST_EQUAL(len, end - p); + if (!mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)) { goto exit; - if( ! mbedtls_test_asn1_skip_integer( &p, end, 2, bits, 1 ) ) + } + if (!mbedtls_test_asn1_skip_integer(&p, end, 2, bits, 1)) { goto exit; - TEST_EQUAL( p - end, 0 ); + } + TEST_EQUAL(p - end, 0); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) ); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); - } - else + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } else #endif /* MBEDTLS_ASN1_PARSE_C */ #if defined(MBEDTLS_ECP_C) - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ) - { + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( type, bits ) ); - TEST_ASSERT( exported_length <= - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); - if( PSA_KEY_TYPE_ECC_GET_FAMILY( type ) == PSA_ECC_FAMILY_MONTGOMERY ) - { + if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_MONTGOMERY) { /* The representation of an ECC Montgomery public key is * the raw compressed point */ - TEST_EQUAL( PSA_BITS_TO_BYTES( bits ), exported_length ); - } - else - { + TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length); + } else { /* The representation of an ECC Weierstrass public key is: * - The byte 0x04; * - `x_P` as a `ceiling(m/8)`-byte string, big-endian; * - `y_P` as a `ceiling(m/8)`-byte string, big-endian; * - where m is the bit size associated with the curve. */ - TEST_EQUAL( 1 + 2 * PSA_BITS_TO_BYTES( bits ), exported_length ); - TEST_EQUAL( exported[0], 4 ); + TEST_EQUAL(1 + 2 * PSA_BITS_TO_BYTES(bits), exported_length); + TEST_EQUAL(exported[0], 4); } - } - else + } else #endif /* MBEDTLS_ECP_C */ { - TEST_ASSERT( ! "Sanity check not implemented for this key type" ); + (void) exported; + TEST_FAIL("Sanity check not implemented for this key type"); } #if defined(MBEDTLS_DES_C) - if( type == PSA_KEY_TYPE_DES ) - { + if (type == PSA_KEY_TYPE_DES) { /* Check the parity bits. */ unsigned i; - for( i = 0; i < bits / 8; i++ ) - { + for (i = 0; i < bits / 8; i++) { unsigned bit_count = 0; unsigned m; - for( m = 1; m <= 0x100; m <<= 1 ) - { - if( exported[i] & m ) + for (m = 1; m <= 0x100; m <<= 1) { + if (exported[i] & m) { ++bit_count; + } } - TEST_ASSERT( bit_count % 2 != 0 ); + TEST_ASSERT(bit_count % 2 != 0); } } #endif - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -static int exercise_export_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage ) +static int exercise_export_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *exported = NULL; @@ -801,42 +790,41 @@ static int exercise_export_key( mbedtls_svc_key_id_t key, size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); - - if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 && - ! PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( &attributes ) ) ) - { - TEST_EQUAL( psa_export_key( key, exported, - exported_size, &exported_length ), - PSA_ERROR_NOT_PERMITTED ); + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); + + if ((usage & PSA_KEY_USAGE_EXPORT) == 0 && + !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) { + TEST_EQUAL(psa_export_key(key, exported, + exported_size, &exported_length), + PSA_ERROR_NOT_PERMITTED); ok = 1; goto exit; } - PSA_ASSERT( psa_export_key( key, - exported, exported_size, - &exported_length ) ); + PSA_ASSERT(psa_export_key(key, + exported, exported_size, + &exported_length)); ok = mbedtls_test_psa_exported_key_sanity_check( - psa_get_key_type( &attributes ), psa_get_key_bits( &attributes ), - exported, exported_length ); + psa_get_key_type(&attributes), psa_get_key_bits(&attributes), + exported, exported_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - return( ok ); + mbedtls_free(exported); + return ok; } -static int exercise_export_public_key( mbedtls_svc_key_id_t key ) +static int exercise_export_public_key(mbedtls_svc_key_id_t key) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t public_type; @@ -845,119 +833,113 @@ static int exercise_export_public_key( mbedtls_svc_key_id_t key ) size_t exported_length = 0; int ok = 0; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( psa_get_key_type( &attributes ) ) ) - { + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + if (!PSA_KEY_TYPE_IS_ASYMMETRIC(psa_get_key_type(&attributes))) { exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( - psa_get_key_type( &attributes ), - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); + psa_get_key_type(&attributes), + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); - TEST_EQUAL( psa_export_public_key( key, exported, - exported_size, &exported_length ), - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(psa_export_public_key(key, exported, + exported_size, &exported_length), + PSA_ERROR_INVALID_ARGUMENT); ok = 1; goto exit; } public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( - psa_get_key_type( &attributes ) ); - exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, - psa_get_key_bits( &attributes ) ); - ASSERT_ALLOC( exported, exported_size ); - - PSA_ASSERT( psa_export_public_key( key, - exported, exported_size, - &exported_length ) ); + psa_get_key_type(&attributes)); + exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, + psa_get_key_bits(&attributes)); + TEST_CALLOC(exported, exported_size); + + PSA_ASSERT(psa_export_public_key(key, + exported, exported_size, + &exported_length)); ok = mbedtls_test_psa_exported_key_sanity_check( - public_type, psa_get_key_bits( &attributes ), - exported, exported_length ); + public_type, psa_get_key_bits(&attributes), + exported, exported_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - return( ok ); + mbedtls_free(exported); + return ok; } -int mbedtls_test_psa_exercise_key( mbedtls_svc_key_id_t key, - psa_key_usage_t usage, - psa_algorithm_t alg ) +int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, + psa_key_usage_t usage, + psa_algorithm_t alg) { int ok = 0; - if( ! check_key_attributes_sanity( key ) ) - return( 0 ); - - if( alg == 0 ) - ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */ - else if( PSA_ALG_IS_MAC( alg ) ) - ok = exercise_mac_key( key, usage, alg ); - else if( PSA_ALG_IS_CIPHER( alg ) ) - ok = exercise_cipher_key( key, usage, alg ); - else if( PSA_ALG_IS_AEAD( alg ) ) - ok = exercise_aead_key( key, usage, alg ); - else if( PSA_ALG_IS_SIGN( alg ) ) - ok = exercise_signature_key( key, usage, alg ); - else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - ok = exercise_asymmetric_encryption_key( key, usage, alg ); - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) - ok = exercise_key_derivation_key( key, usage, alg ); - else if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) - ok = exercise_raw_key_agreement_key( key, usage, alg ); - else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - ok = exercise_key_agreement_key( key, usage, alg ); - else - TEST_ASSERT( ! "No code to exercise this category of algorithm" ); - - ok = ok && exercise_export_key( key, usage ); - ok = ok && exercise_export_public_key( key ); + if (!check_key_attributes_sanity(key)) { + return 0; + } + + if (alg == 0) { + ok = 1; /* If no algorithm, do nothing (used for raw data "keys"). */ + } else if (PSA_ALG_IS_MAC(alg)) { + ok = exercise_mac_key(key, usage, alg); + } else if (PSA_ALG_IS_CIPHER(alg)) { + ok = exercise_cipher_key(key, usage, alg); + } else if (PSA_ALG_IS_AEAD(alg)) { + ok = exercise_aead_key(key, usage, alg); + } else if (PSA_ALG_IS_SIGN(alg)) { + ok = exercise_signature_key(key, usage, alg); + } else if (PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + ok = exercise_asymmetric_encryption_key(key, usage, alg); + } else if (PSA_ALG_IS_KEY_DERIVATION(alg)) { + ok = exercise_key_derivation_key(key, usage, alg); + } else if (PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { + ok = exercise_raw_key_agreement_key(key, usage, alg); + } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { + ok = exercise_key_agreement_key(key, usage, alg); + } else { + TEST_FAIL("No code to exercise this category of algorithm"); + } + + ok = ok && exercise_export_key(key, usage); + ok = ok && exercise_export_public_key(key); exit: - return( ok ); + return ok; } -psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, - psa_algorithm_t alg ) +psa_key_usage_t mbedtls_test_psa_usage_to_exercise(psa_key_type_t type, + psa_algorithm_t alg) { - if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) - { - if( PSA_ALG_IS_SIGN_HASH( alg ) ) - { - if( PSA_ALG_SIGN_GET_HASH( alg ) ) - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE: - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); + if (PSA_ALG_IS_MAC(alg) || PSA_ALG_IS_SIGN(alg)) { + if (PSA_ALG_IS_SIGN_HASH(alg)) { + if (PSA_ALG_SIGN_GET_HASH(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; + } + } else if (PSA_ALG_IS_SIGN_MESSAGE(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE; } - else if( PSA_ALG_IS_SIGN_MESSAGE( alg) ) - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_MESSAGE : - PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); - - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH : - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - } - else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || - PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) - { - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_ENCRYPT : - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - } - else if( PSA_ALG_IS_KEY_DERIVATION( alg ) || - PSA_ALG_IS_KEY_AGREEMENT( alg ) ) - { - return( PSA_KEY_USAGE_DERIVE ); - } - else - { - return( 0 ); + + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH; + } else if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg) || + PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)) { + return PSA_KEY_TYPE_IS_PUBLIC_KEY(type) ? + PSA_KEY_USAGE_ENCRYPT : + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT; + } else if (PSA_ALG_IS_KEY_DERIVATION(alg) || + PSA_ALG_IS_KEY_AGREEMENT(alg)) { + return PSA_KEY_USAGE_DERIVE; + } else { + return 0; } } diff --git a/third_party/mbedtls/repo/tests/src/random.c b/third_party/mbedtls/repo/tests/src/random.c index 7f3f40166cc..fc59e71d184 100644 --- a/third_party/mbedtls/repo/tests/src/random.c +++ b/third_party/mbedtls/repo/tests/src/random.c @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* @@ -37,109 +25,111 @@ #include -int mbedtls_test_rnd_std_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_std_rand(void *rng_state, + unsigned char *output, + size_t len) { #if !defined(__OpenBSD__) && !defined(__NetBSD__) size_t i; - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - for( i = 0; i < len; ++i ) + for (i = 0; i < len; ++i) { output[i] = rand(); + } #else - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - arc4random_buf( output, len ); + arc4random_buf(output, len); #endif /* !OpenBSD && !NetBSD */ - return( 0 ); + return 0; } -int mbedtls_test_rnd_zero_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_zero_rand(void *rng_state, + unsigned char *output, + size_t len) { - if( rng_state != NULL ) + if (rng_state != NULL) { rng_state = NULL; + } - memset( output, 0, len ); + memset(output, 0, len); - return( 0 ); + return 0; } -int mbedtls_test_rnd_buffer_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_buffer_rand(void *rng_state, + unsigned char *output, + size_t len) { mbedtls_test_rnd_buf_info *info = (mbedtls_test_rnd_buf_info *) rng_state; size_t use_len; - if( rng_state == NULL ) - return( mbedtls_test_rnd_std_rand( NULL, output, len ) ); + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } use_len = len; - if( len > info->length ) + if (len > info->length) { use_len = info->length; + } - if( use_len ) - { - memcpy( output, info->buf, use_len ); + if (use_len) { + memcpy(output, info->buf, use_len); info->buf += use_len; info->length -= use_len; } - if( len - use_len > 0 ) - { - if( info->fallback_f_rng != NULL ) - { - return( info->fallback_f_rng( info->fallback_p_rng, - output + use_len, - len - use_len ) ); + if (len - use_len > 0) { + if (info->fallback_f_rng != NULL) { + return info->fallback_f_rng(info->fallback_p_rng, + output + use_len, + len - use_len); + } else { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - else - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); } - return( 0 ); + return 0; } -int mbedtls_test_rnd_pseudo_rand( void *rng_state, - unsigned char *output, - size_t len ) +int mbedtls_test_rnd_pseudo_rand(void *rng_state, + unsigned char *output, + size_t len) { mbedtls_test_rnd_pseudo_info *info = (mbedtls_test_rnd_pseudo_info *) rng_state; - uint32_t i, *k, sum, delta=0x9E3779B9; + uint32_t i, *k, sum, delta = 0x9E3779B9; unsigned char result[4], *out = output; - if( rng_state == NULL ) - return( mbedtls_test_rnd_std_rand( NULL, output, len ) ); + if (rng_state == NULL) { + return mbedtls_test_rnd_std_rand(NULL, output, len); + } k = info->key; - while( len > 0 ) - { - size_t use_len = ( len > 4 ) ? 4 : len; + while (len > 0) { + size_t use_len = (len > 4) ? 4 : len; sum = 0; - for( i = 0; i < 32; i++ ) - { - info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) ) - + info->v1 ) ^ ( sum + k[sum & 3] ); + for (i = 0; i < 32; i++) { + info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + + info->v1) ^ (sum + k[sum & 3]); sum += delta; - info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) ) - + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] ); + info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + + info->v0) ^ (sum + k[(sum>>11) & 3]); } - PUT_UINT32_BE( info->v0, result, 0 ); - memcpy( out, result, use_len ); + PUT_UINT32_BE(info->v0, result, 0); + memcpy(out, result, use_len); len -= use_len; out += 4; } - return( 0 ); + return 0; } diff --git a/third_party/mbedtls/repo/tests/src/test_helpers/ssl_helpers.c b/third_party/mbedtls/repo/tests/src/test_helpers/ssl_helpers.c new file mode 100644 index 00000000000..2359615e51a --- /dev/null +++ b/third_party/mbedtls/repo/tests/src/test_helpers/ssl_helpers.c @@ -0,0 +1,1804 @@ +/** \file ssl_helpers.c + * + * \brief Helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +#if defined(MBEDTLS_SSL_TLS_C) + +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str) +{ + mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx; + + (void) level; + (void) line; + (void) file; + + if (NULL != p && + NULL != p->pattern && + NULL != strstr(str, p->pattern)) { + p->counter++; + } +} + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts) +{ + opts->cipher = ""; + opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE; + opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; + opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; + opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; + opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; + opts->pk_alg = MBEDTLS_PK_RSA; + opts->psk_str = NULL; + opts->dtls = 0; + opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; + opts->serialize = 0; + opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; + opts->cli_msg_len = 100; + opts->srv_msg_len = 100; + opts->expected_cli_fragments = 1; + opts->expected_srv_fragments = 1; + opts->renegotiate = 0; + opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + opts->srv_log_obj = NULL; + opts->srv_log_obj = NULL; + opts->srv_log_fun = NULL; + opts->cli_log_fun = NULL; + opts->resize_buffers = 1; +} + +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) +{ + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity) +{ + buf->buffer = (unsigned char *) mbedtls_calloc(capacity, + sizeof(unsigned char)); + if (NULL == buf->buffer) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + buf->capacity = capacity; + + return 0; +} + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf) +{ + if (buf->buffer != NULL) { + mbedtls_free(buf->buffer); + } + + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + /* Reduce input_len to a number that fits in the buffer. */ + if ((buf->content_length + input_len) > buf->capacity) { + input_len = buf->capacity - buf->content_length; + } + + if (input == NULL) { + return (input_len == 0) ? 0 : -1; + } + + /* Check if the buffer has not come full circle and free space is not in + * the middle */ + if (buf->start + buf->content_length < buf->capacity) { + + /* Calculate the number of bytes that need to be placed at lower memory + * address */ + if (buf->start + buf->content_length + input_len + > buf->capacity) { + overflow = (buf->start + buf->content_length + input_len) + % buf->capacity; + } + + memcpy(buf->buffer + buf->start + buf->content_length, input, + input_len - overflow); + memcpy(buf->buffer, input + input_len - overflow, overflow); + + } else { + /* The buffer has come full circle and free space is in the middle */ + memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, + input, input_len); + } + + buf->content_length += input_len; + return (input_len > INT_MAX) ? INT_MAX : (int) input_len; +} + +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + if (output == NULL && output_len == 0) { + return 0; + } + + if (buf->content_length < output_len) { + output_len = buf->content_length; + } + + /* Calculate the number of bytes that need to be drawn from lower memory + * address */ + if (buf->start + output_len > buf->capacity) { + overflow = (buf->start + output_len) % buf->capacity; + } + + if (output != NULL) { + memcpy(output, buf->buffer + buf->start, output_len - overflow); + memcpy(output + output_len - overflow, buf->buffer, overflow); + } + + buf->content_length -= output_len; + buf->start = (buf->start + output_len) % buf->capacity; + + return (output_len > INT_MAX) ? INT_MAX : (int) output_len; +} + +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity) +{ + queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); + if (NULL == queue->messages) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + + queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity; + queue->pos = 0; + queue->num = 0; + + return 0; +} + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue) +{ + if (queue == NULL) { + return; + } + + if (queue->messages != NULL) { + mbedtls_free(queue->messages); + } + + memset(queue, 0, sizeof(*queue)); +} + +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len) +{ + int place; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + place = (queue->pos + queue->num) % queue->capacity; + queue->messages[place] = len; + queue->num++; + return (len > INT_MAX) ? INT_MAX : (int) len; +} + +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len) +{ + size_t message_length; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + message_length = queue->messages[queue->pos]; + queue->messages[queue->pos] = 0; + queue->num--; + queue->pos++; + queue->pos %= queue->capacity; + if (queue->pos < 0) { + queue->pos += queue->capacity; + } + + return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX : + (message_length > buf_len) ? (int) buf_len : (int) message_length; +} + +/* + * Take a peek on the info about the next message length from the queue. + * This will be the oldest inserted message length(fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval 0, if the peek was successful. + * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is + * too small to fit the message. In this case the \p msg_len will be + * set to the full message length so that the + * caller knows what portion of the message can be dropped. + */ +static int test_ssl_message_queue_peek_info( + mbedtls_test_ssl_message_queue *queue, + size_t buf_len, size_t *msg_len) +{ + if (queue == NULL || msg_len == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + *msg_len = queue->messages[queue->pos]; + return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; +} + +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket) +{ + memset(socket, 0, sizeof(*socket)); +} + +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket) +{ + if (socket == NULL) { + return; + } + + if (socket->input != NULL) { + mbedtls_test_ssl_buffer_free(socket->input); + mbedtls_free(socket->input); + } + + if (socket->output != NULL) { + mbedtls_test_ssl_buffer_free(socket->output); + mbedtls_free(socket->output); + } + + if (socket->peer != NULL) { + memset(socket->peer, 0, sizeof(*socket->peer)); + } + + memset(socket, 0, sizeof(*socket)); +} + +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize) +{ + int ret = -1; + + peer1->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer1->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer1->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) { + goto exit; + } + + peer2->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer2->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer2->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) { + goto exit; + } + + peer1->peer = peer2; + peer2->peer = peer1; + peer1->input = peer2->output; + peer2->input = peer1->output; + + peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; + ret = 0; + +exit: + + if (ret != 0) { + mbedtls_test_mock_socket_close(peer1); + mbedtls_test_mock_socket_close(peer2); + } + + return ret; +} + +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->output->capacity == socket->output->content_length) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->input->content_length == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx) +{ + ctx->queue_input = NULL; + ctx->queue_output = NULL; + ctx->socket = NULL; +} + +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx) +{ + int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); + if (ret != 0) { + return ret; + } + ctx->queue_input = queue_input; + ctx->queue_output = queue_output; + ctx->socket = socket; + mbedtls_test_mock_socket_init(socket); + + return 0; +} + +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_test_ssl_message_queue_free(ctx->queue_input); + mbedtls_test_mock_socket_close(ctx->socket); + memset(ctx, 0, sizeof(*ctx)); +} + +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + + if (context == NULL || context->socket == NULL + || context->queue_output == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_output; + socket = context->socket; + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) { + return MBEDTLS_TEST_ERROR_SEND_FAILED; + } + + return mbedtls_test_ssl_message_queue_push_info(queue, len); +} + +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + size_t drop_len = 0; + size_t msg_len; + int ret; + + if (context == NULL || context->socket == NULL + || context->queue_input == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_input; + socket = context->socket; + + /* Peek first, so that in case of a socket error the data remains in + * the queue. */ + ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len); + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Calculate how much to drop */ + drop_len = msg_len - buf_len; + + /* Set the requested message len to be buffer length */ + msg_len = buf_len; + } else if (ret != 0) { + return ret; + } + + if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { + return MBEDTLS_TEST_ERROR_RECV_FAILED; + } + + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Drop the remaining part of the message */ + if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != + (int) drop_len) { + /* Inconsistent state - part of the message was read, + * and a part couldn't. Not much we can do here, but it should not + * happen in test environment, unless forced manually. */ + } + } + mbedtls_test_ssl_message_queue_pop_info(queue, buf_len); + + return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len; +} + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) + +/* + * Deinitializes certificates from endpoint represented by \p ep. + */ +static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) +{ + mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert); + if (cert != NULL) { + if (cert->ca_cert != NULL) { + mbedtls_x509_crt_free(cert->ca_cert); + mbedtls_free(cert->ca_cert); + cert->ca_cert = NULL; + } + if (cert->cert != NULL) { + mbedtls_x509_crt_free(cert->cert); + mbedtls_free(cert->cert); + cert->cert = NULL; + } + if (cert->pkey != NULL) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { + mbedtls_svc_key_id_t *key_slot = cert->pkey->pk_ctx; + psa_destroy_key(*key_slot); + } +#endif + mbedtls_pk_free(cert->pkey); + mbedtls_free(cert->pkey); + cert->pkey = NULL; + } + } +} + +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg) +{ + int i = 0; + int ret = -1; + mbedtls_test_ssl_endpoint_certificate *cert = NULL; + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + cert = &(ep->cert); + TEST_CALLOC(cert->ca_cert, 1); + TEST_CALLOC(cert->cert, 1); + TEST_CALLOC(cert->pkey, 1); + + mbedtls_x509_crt_init(cert->ca_cert); + mbedtls_x509_crt_init(cert->cert); + mbedtls_pk_init(cert->pkey); + + /* Load the trusted CA */ + + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der( + cert->ca_cert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + TEST_ASSERT(ret == 0); + } + + /* Load own certificate and private key */ + + if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, + mbedtls_test_srv_crt_rsa_sha256_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa_der, + mbedtls_test_srv_key_rsa_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_ec_der, + mbedtls_test_srv_crt_ec_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_ec_der, + mbedtls_test_srv_key_ec_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } + } else { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_rsa_der, + mbedtls_test_cli_crt_rsa_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_rsa_der, + mbedtls_test_cli_key_rsa_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_ec_der, + mbedtls_test_cli_crt_ec_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_ec_der, + mbedtls_test_cli_key_ec_der_len, NULL, 0); + TEST_ASSERT(ret == 0); + } + } + + mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); + +exit: + if (ret != 0) { + test_ssl_endpoint_certificate_free(ep); + } + + return ret; +} + +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, int pk_alg, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue, + const mbedtls_ecp_group_id *curves) +{ + int ret = -1; + + if (dtls_context != NULL && + (input_queue == NULL || output_queue == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + memset(ep, 0, sizeof(*ep)); + + ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; + + mbedtls_ssl_init(&(ep->ssl)); + mbedtls_ssl_config_init(&(ep->conf)); + mbedtls_ctr_drbg_init(&(ep->ctr_drbg)); + mbedtls_ssl_conf_rng(&(ep->conf), + mbedtls_ctr_drbg_random, + &(ep->ctr_drbg)); + mbedtls_entropy_init(&(ep->entropy)); + if (dtls_context != NULL) { + TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue, + 100, &(ep->socket), + dtls_context) == 0); + } else { + mbedtls_test_mock_socket_init(&(ep->socket)); + } + + ret = mbedtls_ctr_drbg_seed(&(ep->ctr_drbg), mbedtls_entropy_func, + &(ep->entropy), + (const unsigned char *) (ep->name), + strlen(ep->name)); + TEST_ASSERT(ret == 0); + + /* Non-blocking callbacks without timeout */ + if (dtls_context != NULL) { + mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + } else { + mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), + mbedtls_test_mock_tcp_send_nb, + mbedtls_test_mock_tcp_recv_nb, + NULL); + } + + ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, + (dtls_context != NULL) ? + MBEDTLS_SSL_TRANSPORT_DATAGRAM : + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT); + TEST_ASSERT(ret == 0); + +#if defined(MBEDTLS_ECP_C) + if (curves != NULL) { + mbedtls_ssl_conf_curves(&(ep->conf), curves); + } +#else + (void) curves; +#endif + + ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); + TEST_ASSERT(ret == 0); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { + mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); + } +#endif + + ret = mbedtls_test_ssl_endpoint_certificate_init(ep, pk_alg); + TEST_ASSERT(ret == 0); + +exit: + return ret; +} + +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context) +{ + test_ssl_endpoint_certificate_free(ep); + + mbedtls_ssl_free(&(ep->ssl)); + mbedtls_ssl_config_free(&(ep->conf)); + mbedtls_ctr_drbg_free(&(ep->ctr_drbg)); + mbedtls_entropy_free(&(ep->entropy)); + + if (context != NULL) { + mbedtls_test_message_socket_close(context); + } else { + mbedtls_test_mock_socket_close(&(ep->socket)); + } +} + +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state) +{ + enum { BUFFSIZE = 1024 }; + int max_steps = 1000; + int ret = 0; + + if (ssl == NULL || second_ssl == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + /* Perform communication via connected sockets */ + while ((ssl->state != state) && (--max_steps >= 0)) { + /* If /p second_ssl ends the handshake procedure before /p ssl then + * there is no need to call the next step */ + if (second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake_step(second_ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + /* We only care about the \p ssl state and returns, so we call it last, + * to leave the iteration as soon as the state is as expected. */ + ret = mbedtls_ssl_handshake_step(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + return (max_steps >= 0) ? ret : -1; +} + +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ + +/* + * Write application data. Increase write counter if necessary. + */ +int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *written, + const int expected_fragments) +{ + int ret; + + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); + if (ret > 0) { + *written += ret; + } + + if (expected_fragments == 0) { + /* Used for DTLS and the message size larger than MFL. In that case + * the message can not be fragmented and the library should return + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned + * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */ + return ret; + } else if (expected_fragments == 1) { + /* Used for TLS/DTLS and the message size lower than MFL */ + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + /* Used for TLS and the message size larger than MFL */ + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +/* + * Read application data and increase read counter and fragments counter + * if necessary. + */ +int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *read, int *fragments, + const int expected_fragments) +{ + int ret; + + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); + if (ret > 0) { + (*fragments)++; + *read += ret; + } + + if (expected_fragments == 0) { + TEST_ASSERT(ret == 0); + } else if (expected_fragments == 1) { + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) +static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, + int *forced_ciphersuite) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); + forced_ciphersuite[1] = 0; + + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); + + TEST_ASSERT(ciphersuite_info != NULL); + TEST_ASSERT(ciphersuite_info->min_minor_ver <= conf->max_minor_ver); + TEST_ASSERT(ciphersuite_info->max_minor_ver >= conf->min_minor_ver); + + if (conf->max_minor_ver > ciphersuite_info->max_minor_ver) { + conf->max_minor_ver = ciphersuite_info->max_minor_ver; + } + if (conf->min_minor_ver < ciphersuite_info->min_minor_ver) { + conf->min_minor_ver = ciphersuite_info->min_minor_ver; + } + + mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); + +exit: + return; +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) +static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) +{ + (void) p_info; + (void) ssl; + (void) name; + (void) name_len; + + return 0; +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + size_t cid0_len, + size_t cid1_len) +{ + mbedtls_cipher_info_t const *cipher_info; + int ret = 0; + + size_t keylen, maclen, ivlen; + unsigned char *key0 = NULL, *key1 = NULL; + unsigned char *md0 = NULL, *md1 = NULL; + unsigned char iv_enc[16], iv_dec[16]; + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + unsigned char cid0[SSL_CID_LEN_MIN]; + unsigned char cid1[SSL_CID_LEN_MIN]; + + mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); + mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); +#else + ((void) cid0_len); + ((void) cid1_len); +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + maclen = 0; + + /* Pick cipher */ + cipher_info = mbedtls_cipher_info_from_type(cipher_type); + CHK(cipher_info != NULL); + CHK(cipher_info->iv_size <= 16); + CHK(cipher_info->key_bitlen % 8 == 0); + + /* Pick keys */ + keylen = cipher_info->key_bitlen / 8; + /* Allocate `keylen + 1` bytes to ensure that we get + * a non-NULL pointers from `mbedtls_calloc` even if + * `keylen == 0` in the case of the NULL cipher. */ + CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); + CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); + memset(key0, 0x1, keylen); + memset(key1, 0x2, keylen); + + /* Setup cipher contexts */ + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if (cipher_info->mode == MBEDTLS_MODE_CBC) { + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); + + /* Setup MAC contexts */ +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) + if (cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_STREAM) { + mbedtls_md_info_t const *md_info; + + /* Pick hash */ + md_info = mbedtls_md_info_from_type(hash_id); + CHK(md_info != NULL); + + /* Pick hash keys */ + maclen = mbedtls_md_get_size(md_info); + CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); + CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); + memset(md0, 0x5, maclen); + memset(md1, 0x6, maclen); + + CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); + + if (ver > MBEDTLS_SSL_MINOR_VERSION_0) { + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, + md0, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, + md0, maclen) == 0); + } +#if defined(MBEDTLS_SSL_PROTO_SSL3) + else { + memcpy(&t_in->mac_enc, md0, maclen); + memcpy(&t_in->mac_dec, md1, maclen); + memcpy(&t_out->mac_enc, md1, maclen); + memcpy(&t_out->mac_dec, md0, maclen); + } +#endif + } +#else + ((void) hash_id); +#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ + + + /* Pick IV's (regardless of whether they + * are being used by the transform). */ + ivlen = cipher_info->iv_size; + memset(iv_enc, 0x3, sizeof(iv_enc)); + memset(iv_dec, 0x4, sizeof(iv_dec)); + + /* + * Setup transforms + */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ + defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) + t_out->encrypt_then_mac = etm; + t_in->encrypt_then_mac = etm; +#else + ((void) etm); +#endif + + t_out->minor_ver = ver; + t_in->minor_ver = ver; + t_out->ivlen = ivlen; + t_in->ivlen = ivlen; + + switch (cipher_info->mode) { + case MBEDTLS_MODE_GCM: + case MBEDTLS_MODE_CCM: +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + if (ver == MBEDTLS_SSL_MINOR_VERSION_4) { + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + } else +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + { + t_out->fixed_ivlen = 4; + t_in->fixed_ivlen = 4; + } + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_CHACHAPOLY: + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_STREAM: + case MBEDTLS_MODE_CBC: + t_out->fixed_ivlen = 0; /* redundant, must be 0 */ + t_in->fixed_ivlen = 0; /* redundant, must be 0 */ + t_out->taglen = 0; + t_in->taglen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->maclen = maclen; + t_in->maclen = maclen; + break; + case 1: /* Partial tag */ + t_out->maclen = 10; + t_in->maclen = 10; + break; + default: + ret = 1; + goto cleanup; + } + break; + default: + ret = 1; + goto cleanup; + break; + } + + /* Setup IV's */ + + memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); + memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + /* Add CID */ + memcpy(&t_in->in_cid, cid0, cid0_len); + memcpy(&t_in->out_cid, cid1, cid1_len); + t_in->in_cid_len = (uint8_t) cid0_len; + t_in->out_cid_len = (uint8_t) cid1_len; + memcpy(&t_out->in_cid, cid1, cid1_len); + memcpy(&t_out->out_cid, cid0, cid0_len); + t_out->in_cid_len = (uint8_t) cid1_len; + t_out->out_cid_len = (uint8_t) cid0_len; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +cleanup: + + mbedtls_free(key0); + mbedtls_free(key1); + + mbedtls_free(md0); + mbedtls_free(md1); + + return ret; +} + +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out) +{ + /* Serialized version of record header for MAC purposes */ + unsigned char add_data[13]; + memcpy(add_data, record->ctr, 8); + add_data[8] = record->type; + add_data[9] = record->ver[0]; + add_data[10] = record->ver[1]; + add_data[11] = (record->data_len >> 8) & 0xff; + add_data[12] = (record->data_len >> 0) & 0xff; + + /* MAC with additional data */ + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, + record->buf + record->data_offset, + record->data_len)); + /* Use a temporary buffer for the MAC, because with the truncated HMAC + * extension, there might not be enough room in the record for the + * full-length MAC. */ + unsigned char mac[MBEDTLS_MD_MAX_SIZE]; + TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac)); + memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen); + record->data_len += transform_out->maclen; + + return 0; + +exit: + return -1; +} +#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ + +int mbedtls_test_ssl_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file) +{ +#if defined(MBEDTLS_HAVE_TIME) + session->start = mbedtls_time(NULL) - 42; +#endif + session->ciphersuite = 0xabcd; + session->compression = 1; + session->id_len = sizeof(session->id); + memset(session->id, 66, session->id_len); + memset(session->master, 17, sizeof(session->master)); + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_FS_IO) + if (strlen(crt_file) != 0) { + mbedtls_x509_crt tmp_crt; + int ret; + + mbedtls_x509_crt_init(&tmp_crt); + ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); + if (ret != 0) { + return ret; + } + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* Move temporary CRT. */ + session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); + if (session->peer_cert == NULL) { + return -1; + } + *session->peer_cert = tmp_crt; + memset(&tmp_crt, 0, sizeof(tmp_crt)); +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /* Calculate digest of temporary CRT. */ + session->peer_cert_digest = + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (session->peer_cert_digest == NULL) { + return -1; + } + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + tmp_crt.raw.p, tmp_crt.raw.len, + session->peer_cert_digest); + if (ret != 0) { + return ret; + } + session->peer_cert_digest_type = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; + session->peer_cert_digest_len = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + mbedtls_x509_crt_free(&tmp_crt); + } +#else /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && MBEDTLS_FS_IO */ + (void) crt_file; +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && MBEDTLS_FS_IO */ + session->verify_result = 0xdeadbeef; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); + } + session->ticket_len = ticket_len; + session->ticket_lifetime = 86401; +#else + (void) ticket_len; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + session->mfl_code = 1; +#endif +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) + session->trunc_hmac = 1; +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + session->encrypt_then_mac = 1; +#endif + + return 0; +} + +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2) +{ + unsigned char *msg_buf_1 = malloc(msg_len_1); + unsigned char *msg_buf_2 = malloc(msg_len_2); + unsigned char *in_buf_1 = malloc(msg_len_2); + unsigned char *in_buf_2 = malloc(msg_len_1); + int msg_type, ret = -1; + + /* Perform this test with two message types. At first use a message + * consisting of only 0x00 for the client and only 0xFF for the server. + * At the second time use message with generated data */ + for (msg_type = 0; msg_type < 2; msg_type++) { + int written_1 = 0; + int written_2 = 0; + int read_1 = 0; + int read_2 = 0; + int fragments_1 = 0; + int fragments_2 = 0; + + if (msg_type == 0) { + memset(msg_buf_1, 0x00, msg_len_1); + memset(msg_buf_2, 0xff, msg_len_2); + } else { + int i, j = 0; + for (i = 0; i < msg_len_1; i++) { + msg_buf_1[i] = j++ & 0xFF; + } + for (i = 0; i < msg_len_2; i++) { + msg_buf_2[i] = (j -= 5) & 0xFF; + } + } + + while (read_1 < msg_len_2 || read_2 < msg_len_1) { + /* ssl_1 sending */ + if (msg_len_1 > written_1) { + ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, + msg_len_1, &written_1, + expected_fragments_1); + if (expected_fragments_1 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_1 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_2 sending */ + if (msg_len_2 > written_2) { + ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, + msg_len_2, &written_2, + expected_fragments_2); + if (expected_fragments_2 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_2 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_1 reading */ + if (read_1 < msg_len_2) { + ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, + msg_len_2, &read_1, + &fragments_2, + expected_fragments_2); + TEST_ASSERT(ret == 0); + } + + /* ssl_2 reading */ + if (read_2 < msg_len_1) { + ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, + msg_len_1, &read_2, + &fragments_1, + expected_fragments_1); + TEST_ASSERT(ret == 0); + } + } + + ret = -1; + TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); + TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); + TEST_ASSERT(fragments_1 == expected_fragments_1); + TEST_ASSERT(fragments_2 == expected_fragments_2); + } + + ret = 0; + +exit: + free(msg_buf_1); + free(in_buf_1); + free(msg_buf_2); + free(in_buf_2); + + return ret; +} + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints + * must be initialized and connected beforehand. + * + * \retval 0 on success, otherwise error code. + */ +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) && \ + (defined(MBEDTLS_SSL_RENEGOTIATION) || \ + defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)) +static int exchange_data(mbedtls_ssl_context *ssl_1, + mbedtls_ssl_context *ssl_2) +{ + return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1, + ssl_2, 256, 1); +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C && + (MBEDTLS_SSL_RENEGOTIATION || + MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */ + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) && \ + defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_C) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options) +{ + /* forced_ciphersuite needs to last until the end of the handshake */ + int forced_ciphersuite[2]; + enum { BUFFSIZE = 17000 }; + mbedtls_test_ssl_endpoint client, server; +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) + const char *psk_identity = "foo"; +#endif +#if defined(MBEDTLS_TIMING_C) + mbedtls_timing_delay_context timer_client, timer_server; +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + unsigned char *context_buf = NULL; + size_t context_buf_len; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int ret = -1; +#endif + int expected_handshake_result = 0; + + USE_PSA_INIT(); + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); + + mbedtls_test_ssl_message_queue server_queue, client_queue; + mbedtls_test_message_socket_context server_context, client_context; + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + + /* Client side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options->pk_alg, + &client_context, + &client_queue, + &server_queue, NULL) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options->pk_alg, NULL, NULL, + NULL, NULL) == 0); + } + + if (options->client_min_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_min_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->client_min_version); + } + + if (options->client_max_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_max_version(&client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->client_max_version); + } + + if (strlen(options->cipher) > 0) { + set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); + } + +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun, + options->cli_log_obj); + } +#endif + + /* Server side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options->pk_alg, + &server_context, + &server_queue, + &client_queue, NULL) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options->pk_alg, NULL, NULL, + NULL, NULL) == 0); + } + + mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); + + if (options->server_min_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_min_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->server_min_version); + } + + if (options->server_max_version != TEST_SSL_MINOR_VERSION_NONE) { + mbedtls_ssl_conf_max_version(&server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + options->server_max_version); + } + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), + (unsigned char) options->mfl) + == 0); + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), + (unsigned char) options->mfl) + == 0); +#else + TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) + if (options->psk_str != NULL && options->psk_str->len > 0) { + TEST_ASSERT(mbedtls_ssl_conf_psk( + &client.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + TEST_ASSERT(mbedtls_ssl_conf_psk( + &server.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); + } +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + mbedtls_ssl_conf_renegotiation(&(server.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + mbedtls_ssl_conf_renegotiation(&(client.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + + mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), + options->legacy_renegotiation); + mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), + options->legacy_renegotiation); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_DEBUG_C) + if (options->srv_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun, + options->srv_log_obj); + } +#endif + + TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + + if (options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE) { + expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; + } + + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER) + == expected_handshake_result); + + if (expected_handshake_result != 0) { + /* Connection will have failed by this point, skip to cleanup */ + goto exit; + } + + TEST_ASSERT(client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER); + TEST_ASSERT(server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER); + + /* Check that we agree on the version... */ + TEST_ASSERT(client.ssl.minor_ver == server.ssl.minor_ver); + + /* And check that the version negotiated is the expected one. */ + TEST_EQUAL(client.ssl.minor_ver, options->expected_negotiated_version); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + if (options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 && + options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1) { + /* A server, when using DTLS, might delay a buffer resize to happen + * after it receives a message, so we force it. */ + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } + } +#endif + + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + /* Start data exchanging test */ + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (options->serialize == 1) { + TEST_ASSERT(options->dtls == 1); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, + 0, &context_buf_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + + context_buf = mbedtls_calloc(1, context_buf_len); + TEST_ASSERT(context_buf != NULL); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, + context_buf_len, + &context_buf_len) + == 0); + + mbedtls_ssl_free(&(server.ssl)); + mbedtls_ssl_init(&(server.ssl)); + + TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); + + mbedtls_ssl_set_bio(&(server.ssl), &server_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, + context_buf_len) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after context deserialization */ + if (options->resize_buffers != 0) { + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif + /* Retest writing/reading */ + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } + } +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + /* Start test with renegotiation */ + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + /* After calling this function for the server, it only sends a handshake + * request. All renegotiation should happen during data exchanging */ + TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_PENDING); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + + /* After calling mbedtls_ssl_renegotiate for the client, + * all renegotiation should happen inside this function. + * However in this test, we cannot perform simultaneous communication + * between client and server so this function will return waiting error + * on the socket. All rest of renegotiation should happen + * during data exchanging */ + ret = mbedtls_ssl_renegotiate(&(client.ssl)); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(ret == 0 || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after renegotiation */ + if (options->resize_buffers != 0) { + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +exit: + mbedtls_test_ssl_endpoint_free(&client, + options->dtls != 0 ? &client_context : NULL); + mbedtls_test_ssl_endpoint_free(&server, + options->dtls != 0 ? &server_context : NULL); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(0); + } +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (context_buf != NULL) { + mbedtls_free(context_buf); + } +#endif +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C && + MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ + +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/third_party/mbedtls/repo/tests/src/threading_helpers.c b/third_party/mbedtls/repo/tests/src/threading_helpers.c index ca91b7933a5..6f405b00c6a 100644 --- a/third_party/mbedtls/repo/tests/src/threading_helpers.c +++ b/third_party/mbedtls/repo/tests/src/threading_helpers.c @@ -2,19 +2,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include @@ -70,8 +58,7 @@ * indicate the exact location of the problematic call. To locate the error, * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error(). */ -enum value_of_mutex_is_valid_field -{ +enum value_of_mutex_is_valid_field { /* Potential values for the is_valid field of mbedtls_threading_mutex_t. * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for * compatibility with threading_mutex_init_pthread() and @@ -82,12 +69,11 @@ enum value_of_mutex_is_valid_field MUTEX_LOCKED = 2, //!< Set by our lock }; -typedef struct -{ - void (*init)( mbedtls_threading_mutex_t * ); - void (*free)( mbedtls_threading_mutex_t * ); - int (*lock)( mbedtls_threading_mutex_t * ); - int (*unlock)( mbedtls_threading_mutex_t * ); +typedef struct { + void (*init)(mbedtls_threading_mutex_t *); + void (*free)(mbedtls_threading_mutex_t *); + int (*lock)(mbedtls_threading_mutex_t *); + int (*unlock)(mbedtls_threading_mutex_t *); } mutex_functions_t; static mutex_functions_t mutex_functions; @@ -98,94 +84,96 @@ static mutex_functions_t mutex_functions; */ static int live_mutexes; -static void mbedtls_test_mutex_usage_error( mbedtls_threading_mutex_t *mutex, - const char *msg ) +static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex, + const char *msg) { (void) mutex; - if( mbedtls_test_info.mutex_usage_error == NULL ) + if (mbedtls_test_info.mutex_usage_error == NULL) { mbedtls_test_info.mutex_usage_error = msg; - mbedtls_fprintf( stdout, "[mutex: %s] ", msg ); + } + mbedtls_fprintf(stdout, "[mutex: %s] ", msg); /* Don't mark the test as failed yet. This way, if the test fails later * for a functional reason, the test framework will report the message * and location for this functional reason. If the test passes, * mbedtls_test_mutex_usage_check() will mark it as failed. */ } -static void mbedtls_test_wrap_mutex_init( mbedtls_threading_mutex_t *mutex ) +static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex) { - mutex_functions.init( mutex ); - if( mutex->is_valid ) + mutex_functions.init(mutex); + if (mutex->is_valid) { ++live_mutexes; + } } -static void mbedtls_test_wrap_mutex_free( mbedtls_threading_mutex_t *mutex ) +static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) { - switch( mutex->is_valid ) - { + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "free without init or double free" ); + mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); break; case MUTEX_IDLE: /* Do nothing. The underlying free function will reset is_valid * to 0. */ break; case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error( mutex, "free without unlock" ); + mbedtls_test_mutex_usage_error(mutex, "free without unlock"); break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - if( mutex->is_valid ) + if (mutex->is_valid) { --live_mutexes; - mutex_functions.free( mutex ); + } + mutex_functions.free(mutex); } -static int mbedtls_test_wrap_mutex_lock( mbedtls_threading_mutex_t *mutex ) +static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) { - int ret = mutex_functions.lock( mutex ); - switch( mutex->is_valid ) - { + int ret = mutex_functions.lock(mutex); + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "lock without init" ); + mbedtls_test_mutex_usage_error(mutex, "lock without init"); break; case MUTEX_IDLE: - if( ret == 0 ) + if (ret == 0) { mutex->is_valid = 2; + } break; case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error( mutex, "double lock" ); + mbedtls_test_mutex_usage_error(mutex, "double lock"); break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - return( ret ); + return ret; } -static int mbedtls_test_wrap_mutex_unlock( mbedtls_threading_mutex_t *mutex ) +static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) { - int ret = mutex_functions.unlock( mutex ); - switch( mutex->is_valid ) - { + int ret = mutex_functions.unlock(mutex); + switch (mutex->is_valid) { case MUTEX_FREED: - mbedtls_test_mutex_usage_error( mutex, "unlock without init" ); + mbedtls_test_mutex_usage_error(mutex, "unlock without init"); break; case MUTEX_IDLE: - mbedtls_test_mutex_usage_error( mutex, "unlock without lock" ); + mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); break; case MUTEX_LOCKED: - if( ret == 0 ) + if (ret == 0) { mutex->is_valid = MUTEX_IDLE; + } break; default: - mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } - return( ret ); + return ret; } -void mbedtls_test_mutex_usage_init( void ) +void mbedtls_test_mutex_usage_init(void) { mutex_functions.init = mbedtls_mutex_init; mutex_functions.free = mbedtls_mutex_free; @@ -197,25 +185,24 @@ void mbedtls_test_mutex_usage_init( void ) mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock; } -void mbedtls_test_mutex_usage_check( void ) +void mbedtls_test_mutex_usage_check(void) { - if( live_mutexes != 0 ) - { + if (live_mutexes != 0) { /* A positive number (more init than free) means that a mutex resource * is leaking (on platforms where a mutex consumes more than the * mbedtls_threading_mutex_t object itself). The rare case of a * negative number means a missing init somewhere. */ - mbedtls_fprintf( stdout, "[mutex: %d leaked] ", live_mutexes ); + mbedtls_fprintf(stdout, "[mutex: %d leaked] ", live_mutexes); live_mutexes = 0; - if( mbedtls_test_info.mutex_usage_error == NULL ) + if (mbedtls_test_info.mutex_usage_error == NULL) { mbedtls_test_info.mutex_usage_error = "missing free"; + } } - if( mbedtls_test_info.mutex_usage_error != NULL && - mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED ) - { + if (mbedtls_test_info.mutex_usage_error != NULL && + mbedtls_test_info.result != MBEDTLS_TEST_RESULT_FAILED) { /* Functionally, the test passed. But there was a mutex usage error, * so mark the test as failed after all. */ - mbedtls_test_fail( "Mutex usage error", __LINE__, __FILE__ ); + mbedtls_test_fail("Mutex usage error", __LINE__, __FILE__); } mbedtls_test_info.mutex_usage_error = NULL; } diff --git a/third_party/mbedtls/repo/tests/ssl-opt-in-docker.sh b/third_party/mbedtls/repo/tests/ssl-opt-in-docker.sh index 401a69c569b..44e00e8fc3a 100755 --- a/third_party/mbedtls/repo/tests/ssl-opt-in-docker.sh +++ b/third_party/mbedtls/repo/tests/ssl-opt-in-docker.sh @@ -6,9 +6,13 @@ # ------- # This runs ssl-opt.sh in a Docker container. # +# WARNING: the Dockerfile used by this script is no longer maintained! See +# https://github.com/Mbed-TLS/mbedtls-test/blob/master/README.md#quick-start +# for the set of Docker images we use on the CI. +# # Notes for users # --------------- -# If OPENSSL_CMD, GNUTLS_CLI, or GNUTLS_SERV are specified, the path must +# If OPENSSL, GNUTLS_CLI, or GNUTLS_SERV are specified, the path must # correspond to an executable inside the Docker container. The special # values "next" and "legacy" are also allowed as shorthand for the # installations inside the container. @@ -18,25 +22,13 @@ # - ssl-opt.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh -case "${OPENSSL_CMD:-default}" in - "legacy") export OPENSSL_CMD="/usr/local/openssl-1.0.1j/bin/openssl";; - "next") export OPENSSL_CMD="/usr/local/openssl-1.1.1a/bin/openssl";; +case "${OPENSSL:-default}" in + "legacy") export OPENSSL="/usr/local/openssl-1.0.1j/bin/openssl";; + "next") export OPENSSL="/usr/local/openssl-1.1.1a/bin/openssl";; *) ;; esac @@ -58,6 +50,6 @@ run_in_docker \ -e P_PXY \ -e GNUTLS_CLI \ -e GNUTLS_SERV \ - -e OPENSSL_CMD \ + -e OPENSSL \ tests/ssl-opt.sh \ $@ diff --git a/third_party/mbedtls/repo/tests/ssl-opt.sh b/third_party/mbedtls/repo/tests/ssl-opt.sh index 43b6d0444e6..6e11b3c7fad 100755 --- a/third_party/mbedtls/repo/tests/ssl-opt.sh +++ b/third_party/mbedtls/repo/tests/ssl-opt.sh @@ -3,19 +3,7 @@ # ssl-opt.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # @@ -45,11 +33,23 @@ fi : ${P_SRV:=../programs/ssl/ssl_server2} : ${P_CLI:=../programs/ssl/ssl_client2} : ${P_PXY:=../programs/test/udp_proxy} -: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system +: ${P_QUERY:=../programs/test/query_compile_time_config} +: ${OPENSSL:=openssl} : ${GNUTLS_CLI:=gnutls-cli} : ${GNUTLS_SERV:=gnutls-serv} : ${PERL:=perl} +# The OPENSSL variable used to be OPENSSL_CMD for historical reasons. +# To help the migration, error out if the old variable is set, +# but only if it has a different value than the new one. +if [ "${OPENSSL_CMD+set}" = set ]; then + # the variable is set, we can now check its value + if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then + echo "Please use OPENSSL instead of OPENSSL_CMD." >&2 + exit 125 + fi +fi + guess_config_name() { if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then echo "default" @@ -61,8 +61,8 @@ guess_config_name() { : ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} -O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key" -O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client" +O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key" +O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client" G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt" TCP_CLIENT="$PERL scripts/tcp_client.pl" @@ -155,6 +155,9 @@ get_options() { -p|--preserve-logs) PRESERVE_LOGS=1 ;; + --outcome-file) + shift; MBEDTLS_TEST_OUTCOME_FILE=$1 + ;; --port) shift; SRV_PORT=$1 ;; @@ -178,22 +181,11 @@ get_options() { done } -# Make the outcome file path relative to the original directory, not -# to .../tests -case "$MBEDTLS_TEST_OUTCOME_FILE" in - [!/]*) - MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" - ;; -esac - # Read boolean configuration options from config.h for easy and quick # testing. Skip non-boolean options (with something other than spaces # and a comment after "#define SYMBOL"). The variable contains a # space-separated list of symbols. -CONFIGS_ENABLED=" $(<"$CONFIG_H" \ - sed -n 's!^ *#define *\([A-Za-z][0-9A-Z_a-z]*\) *\(/*\)*!\1!p' | - tr '\n' ' ')" - +CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )" # Skip next test; use this macro to skip tests which are legitimate # in theory and expected to be re-introduced at some point, but # aren't expected to succeed at the moment due to problems outside @@ -205,7 +197,7 @@ skip_next_test() { # skip next test if the flag is not enabled in config.h requires_config_enabled() { case $CONFIGS_ENABLED in - *" $1 "*) :;; + *" $1"[\ =]*) :;; *) SKIP_NEXT="YES";; esac } @@ -213,7 +205,7 @@ requires_config_enabled() { # skip next test if the flag is enabled in config.h requires_config_disabled() { case $CONFIGS_ENABLED in - *" $1 "*) SKIP_NEXT="YES";; + *" $1"[\ =]*) SKIP_NEXT="YES";; esac } @@ -261,6 +253,21 @@ requires_config_value_equals() { fi } +# Require Mbed TLS to support the given protocol version. +# +# Inputs: +# * $1: protocol version in mbedtls syntax (argument to force_version=) +requires_protocol_version() { + # Support for DTLS is detected separately in detect_dtls(). + case "$1" in + ssl3) requires_config_enabled MBEDTLS_SSL_PROTO_SSL3;; + tls1) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1;; + tls1_1|dtls1) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1;; + tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;; + *) echo "Unknown required protocol version: $1"; exit 1;; + esac +} + # Space-separated list of ciphersuites supported by this build of # Mbed TLS. P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null | @@ -273,37 +280,125 @@ requires_ciphersuite_enabled() { esac } -# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...] -# If CMD (call to a TLS client or server program) requires a specific -# ciphersuite, arrange to only run the test case if this ciphersuite is -# enabled. As an exception, do run the test case if it expects a ciphersuite -# mismatch. -maybe_requires_ciphersuite_enabled() { +# detect_required_features CMD [RUN_TEST_OPTION...] +# If CMD (call to a TLS client or server program) requires certain features, +# arrange to only run the following test case if those features are enabled. +detect_required_features() { case "$1" in - *\ force_ciphersuite=*) :;; - *) return;; # No specific required ciphersuite + *\ force_version=*) + tmp="${1##*\ force_version=}" + tmp="${tmp%%[!-0-9A-Z_a-z]*}" + requires_protocol_version "$tmp";; esac - ciphersuite="${1##*\ force_ciphersuite=}" - ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}" - shift - - case "$*" in - *"-s SSL - The server has no ciphersuites in common"*) - # This test case expects a ciphersuite mismatch, so it doesn't - # require the ciphersuite to be enabled. - ;; - *) - requires_ciphersuite_enabled "$ciphersuite" - ;; + + case "$1" in + *\ force_ciphersuite=*) + tmp="${1##*\ force_ciphersuite=}" + tmp="${tmp%%[!-0-9A-Z_a-z]*}" + case "$*" in + *"-s SSL - The server has no ciphersuites in common"*) + # This test case expects a ciphersuite mismatch, so it + # doesn't actually require the ciphersuite to be enabled. + :;; + *) requires_ciphersuite_enabled "$tmp";; + esac;; esac - unset ciphersuite + case " $1 " in + *[-_\ =]tickets=[^0]*) + requires_config_enabled MBEDTLS_SSL_TICKET_C;; + esac + case " $1 " in + *[-_\ =]alpn=*) + requires_config_enabled MBEDTLS_SSL_ALPN;; + esac + + case " $1 " in + *\ badmac_limit=*) + requires_config_enabled MBEDTLS_SSL_DTLS_BADMAC_LIMIT;; + esac + + case " $1 " in + *\ fallback=1\ *|*\ -fallback_scsv\ *) + requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV;; + esac + + unset tmp } +requires_certificate_authentication () { + if [ "$PSK_ONLY" = "YES" ]; then + SKIP_NEXT="YES" + fi +} + +adapt_cmd_for_psk () { + case "$2" in + *openssl*) s='-psk abc123 -nocert';; + *gnutls-*) s='--pskkey=abc123';; + *) s='psk=abc123';; + esac + eval $1='"$2 $s"' + unset s +} + +# maybe_adapt_for_psk [RUN_TEST_OPTION...] +# If running in a PSK-only build, maybe adapt the test to use a pre-shared key. +# +# If not running in a PSK-only build, do nothing. +# If the test looks like it doesn't use a pre-shared key but can run with a +# pre-shared key, pass a pre-shared key. If the test looks like it can't run +# with a pre-shared key, skip it. If the test looks like it's already using +# a pre-shared key, do nothing. +# +# This code does not consider builds with ECDHE-PSK or RSA-PSK. +# +# Inputs: +# * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands. +# * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges). +# * "$@": options passed to run_test. +# +# Outputs: +# * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments. +# * $SKIP_NEXT: set to YES if the test can't run with PSK. +maybe_adapt_for_psk() { + if [ "$PSK_ONLY" != "YES" ]; then + return + fi + if [ "$SKIP_NEXT" = "YES" ]; then + return + fi + case "$CLI_CMD $SRV_CMD" in + *[-_\ =]psk*|*[-_\ =]PSK*) + return;; + *force_ciphersuite*) + # The test case forces a non-PSK cipher suite. In some cases, a + # PSK cipher suite could be substituted, but we're not ready for + # that yet. + SKIP_NEXT="YES" + return;; + *\ auth_mode=*|*[-_\ =]crt[_=]*) + # The test case involves certificates. PSK won't do. + SKIP_NEXT="YES" + return;; + esac + adapt_cmd_for_psk CLI_CMD "$CLI_CMD" + adapt_cmd_for_psk SRV_CMD "$SRV_CMD" +} + +case " $CONFIGS_ENABLED " in + *\ MBEDTLS_KEY_EXCHANGE_[^P]*) PSK_ONLY="NO";; + *\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";; + *\ MBEDTLS_KEY_EXCHANGE_PS[^K]*) PSK_ONLY="NO";; + *\ MBEDTLS_KEY_EXCHANGE_PSK[^_]*) PSK_ONLY="NO";; + *\ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED\ *) PSK_ONLY="YES";; + *) PSK_ONLY="NO";; +esac + # skip next test if OpenSSL doesn't support FALLBACK_SCSV requires_openssl_with_fallback_scsv() { if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then - if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null + if $OPENSSL s_client -help 2>&1 | grep fallback_scsv >/dev/null then OPENSSL_HAS_FBSCSV="YES" else @@ -595,13 +690,11 @@ if type lsof >/dev/null 2>/dev/null; then fi # Make a tight loop, server normally takes less than 1s to start. while true; do - SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -F p) + SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t) # When we use a proxy, it will be listening on the same port we # are checking for as well as the server and lsof will list both. - # If multiple PIDs are returned, each one will be on a separate - # line, each prepended with 'p'. case ${newline}${SERVER_PIDS}${newline} in - *${newline}p${2}${newline}*) break;; + *${newline}${2}${newline}*) break;; esac if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then echo "$3 START TIMEOUT" @@ -742,6 +835,39 @@ is_gnutls() { esac } +# Determine what calc_verify trace is to be expected, if any. +# +# calc_verify is only called for two things: to calculate the +# extended master secret, and to process client authentication. +# +# Warning: the current implementation assumes that extended_ms is not +# disabled on the client or on the server. +# +# Inputs: +# * $1: the value of the server auth_mode parameter. +# 'required' if client authentication is expected, +# 'none' or absent if not. +# * $CONFIGS_ENABLED +# +# Outputs: +# * $maybe_calc_verify: set to a trace expected in the debug logs +set_maybe_calc_verify() { + maybe_calc_verify= + case $CONFIGS_ENABLED in + *\ MBEDTLS_SSL_EXTENDED_MASTER_SECRET\ *) :;; + *) + case ${1-} in + ''|none) return;; + required) :;; + *) echo "Bad parameter 1 to set_maybe_calc_verify: $1"; exit 1;; + esac + esac + case $CONFIGS_ENABLED in + *\ MBEDTLS_USE_PSA_CRYPTO\ *) maybe_calc_verify="PSA calc verify";; + *) maybe_calc_verify="<= calc verify";; + esac +} + # Compare file content # Usage: find_in_both pattern file1 file2 # extract from file1 the first line matching the pattern @@ -763,11 +889,15 @@ find_in_both() { # # Analyze and possibly instrument $PXY_CMD, $CLI_CMD, $SRV_CMD to pass # extra arguments or go through wrappers. -# Set $DTLS (0=TLS, 1=DTLS). +# +# Inputs: +# * $@: supplemental options to run_test() (after the mandatory arguments). +# * $CLI_CMD, $PXY_CMD, $SRV_CMD: the client, proxy and server commands. +# * $DTLS: 1 if DTLS, otherwise 0. +# +# Outputs: +# * $CLI_CMD, $PXY_CMD, $SRV_CMD: may be tweaked. analyze_test_commands() { - # update DTLS variable - detect_dtls "$SRV_CMD" - # if the test uses DTLS but no custom proxy, add a simple proxy # as it provides timing info that's useful to debug failures if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then @@ -1004,7 +1134,11 @@ do_run_test_once() { wait_server_start "$SRV_PORT" "$SRV_PID" printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT - eval "$CLI_CMD" >> $CLI_OUT 2>&1 & + # The client must be a subprocess of the script in order for killing it to + # work properly, that's why the ampersand is placed inside the eval command, + # not at the end of the line: the latter approach will spawn eval as a + # subprocess, and the $CLI_CMD as a grandchild. + eval "$CLI_CMD &" >> $CLI_OUT 2>&1 wait_client_done sleep 0.05 @@ -1070,9 +1204,19 @@ run_test() { requires_config_enabled MBEDTLS_FS_IO;; esac - # If the client or serve requires a ciphersuite, check that it's enabled. - maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@" - maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@" + # Check if the test uses DTLS. + detect_dtls "$SRV_CMD" + if [ "$DTLS" -eq 1 ]; then + requires_config_enabled MBEDTLS_SSL_PROTO_DTLS + fi + + # If the client or server requires certain features that can be detected + # from their command-line arguments, check that they're enabled. + detect_required_features "$SRV_CMD" "$@" + detect_required_features "$CLI_CMD" "$@" + + # If we're in a PSK-only build and the test can be adapted to PSK, do that. + maybe_adapt_for_psk "$@" # should we skip? if [ "X$SKIP_NEXT" = "XYES" ]; then @@ -1084,7 +1228,8 @@ run_test() { analyze_test_commands "$@" - TIMES_LEFT=2 + # One regular run and two retries + TIMES_LEFT=3 while [ $TIMES_LEFT -gt 0 ]; do TIMES_LEFT=$(( $TIMES_LEFT - 1 )) @@ -1113,17 +1258,18 @@ run_test() { run_test_psa() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO + set_maybe_calc_verify none run_test "PSA-supported ciphersuite: $1" \ "$P_SRV debug_level=3 force_version=tls12" \ "$P_CLI debug_level=3 force_version=tls12 force_ciphersuite=$1" \ 0 \ -c "Successfully setup PSA-based decryption cipher context" \ -c "Successfully setup PSA-based encryption cipher context" \ - -c "PSA calc verify" \ + -c "$maybe_calc_verify" \ -c "calc PSA finished" \ -s "Successfully setup PSA-based decryption cipher context" \ -s "Successfully setup PSA-based encryption cipher context" \ - -s "PSA calc verify" \ + -s "$maybe_calc_verify" \ -s "calc PSA finished" \ -C "Failed to setup PSA-based cipher context"\ -S "Failed to setup PSA-based cipher context"\ @@ -1132,21 +1278,23 @@ run_test_psa() { -c "Perform PSA-based computation of digest of ServerKeyExchange" \ -S "error" \ -C "error" + unset maybe_calc_verify } run_test_psa_force_curve() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO + set_maybe_calc_verify none run_test "PSA - ECDH with $1" \ "$P_SRV debug_level=4 force_version=tls12" \ "$P_CLI debug_level=4 force_version=tls12 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ 0 \ -c "Successfully setup PSA-based decryption cipher context" \ -c "Successfully setup PSA-based encryption cipher context" \ - -c "PSA calc verify" \ + -c "$maybe_calc_verify" \ -c "calc PSA finished" \ -s "Successfully setup PSA-based decryption cipher context" \ -s "Successfully setup PSA-based encryption cipher context" \ - -s "PSA calc verify" \ + -s "$maybe_calc_verify" \ -s "calc PSA finished" \ -C "Failed to setup PSA-based cipher context"\ -S "Failed to setup PSA-based cipher context"\ @@ -1155,6 +1303,7 @@ run_test_psa_force_curve() { -c "Perform PSA-based computation of digest of ServerKeyExchange" \ -S "error" \ -C "error" + unset maybe_calc_verify } # Test that the server's memory usage after a handshake is reduced when a client specifies @@ -1226,6 +1375,14 @@ cleanup() { get_options "$@" +# Make the outcome file path relative to the original directory, not +# to .../tests +case "$MBEDTLS_TEST_OUTCOME_FILE" in + [!/]*) + MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" + ;; +esac + # Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell # patterns rather than regular expressions, use a case statement instead # of calling grep. To keep the optimizer simple, it is incomplete and only @@ -1288,8 +1445,8 @@ if [ "$MEMCHECK" -gt 0 ]; then exit 1 fi fi -if which $OPENSSL_CMD >/dev/null 2>&1; then :; else - echo "Command '$OPENSSL_CMD' not found" +if which $OPENSSL >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL' not found" exit 1 fi @@ -1338,6 +1495,20 @@ if [ -n "${OPENSSL_LEGACY:-}" ]; then O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT" fi +# Newer versions of OpenSSL have a syntax to enable all "ciphers", even +# low-security ones. This covers not just cipher suites but also protocol +# versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on +# OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in +# OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find +# a way to discover it from -help, so check the openssl version. +case $($OPENSSL version) in + "OpenSSL 0"*|"OpenSSL 1.0"*) :;; + *) + O_CLI="$O_CLI -cipher ALL@SECLEVEL=0" + O_SRV="$O_SRV -cipher ALL@SECLEVEL=0" + ;; +esac + if [ -n "${OPENSSL_NEXT:-}" ]; then O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" @@ -1369,8 +1540,11 @@ trap cleanup INT TERM HUP # Checks that: # - things work with all ciphersuites active (used with config-full in all.sh) -# - the expected (highest security) parameters are selected -# ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) +# - the expected parameters are selected +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 +requires_config_enabled MBEDTLS_SHA512_C # "signature_algorithm ext: 6" +requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED run_test "Default" \ "$P_SRV debug_level=3" \ "$P_CLI" \ @@ -1382,6 +1556,8 @@ run_test "Default" \ -S "error" \ -C "error" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 run_test "Default, DTLS" \ "$P_SRV dtls=1" \ "$P_CLI dtls=1" \ @@ -1463,15 +1639,150 @@ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SHA256_C run_test "Opaque key for client authentication" \ - "$P_SRV auth_mode=required" \ + "$P_SRV auth_mode=required crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 0 \ + -c "key type: Opaque" \ + -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -s "Verifying peer X.509 certificate... ok" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA" \ + -S "error" \ + -C "error" + +# Test using an opaque private key for server authentication +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for server authentication" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + "$P_CLI crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ + 0 \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -s "key types: Opaque - invalid PK" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA" \ + -S "error" \ + -C "error" + +# Test using an opaque private key for client/server authentication +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SHA256_C +run_test "Opaque key for client/server authentication" \ + "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + key_file=data_files/server5.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ 0 \ -c "key type: Opaque" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "Ciphersuite is TLS-ECDHE-ECDSA" \ + -s "key types: Opaque - invalid PK" \ -s "Verifying peer X.509 certificate... ok" \ + -s "Ciphersuite is TLS-ECDHE-ECDSA" \ -S "error" \ -C "error" +# Opaque keys not supported for static ECDH +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +run_test "Opaque key: server: ECDH-ECDSA not supported" \ + "$P_SRV debug_level=1 key_opaque=1 + crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256" \ + 1 \ + -s "server key not ECDH capable" \ + -s "ssl_get_ecdh_params_from_cert() returned" \ + -s "error" \ + -c "error" + +# Opaque keys not supported for static ECDH +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +run_test "Opaque key: server: ECDH-RSA not supported" \ + "$P_SRV debug_level=1 key_opaque=1 + crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$P_CLI force_ciphersuite=TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256" \ + 1 \ + -s "server key not ECDH capable" \ + -s "ssl_get_ecdh_params_from_cert() returned" \ + -s "error" \ + -c "error" + +# Opaque PSKs not supported for mixed PSK + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: client: ECDHE-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "opaque PSK not supported with ECDHE-PSK" \ + -s "error" \ + -c "error" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: client: DHE-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "opaque PSK not supported with DHE-PSK" \ + -s "error" \ + -c "error" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: client: RSA-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ + 1 \ + -c "opaque PSK not supported with RSA-PSK" \ + -s "error" \ + -c "error" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: server: ECDHE-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \ + 1 \ + -s "opaque PSK not supported with ECDHE-PSK" \ + -s "error" \ + -c "error" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: server: DHE-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \ + 1 \ + -s "opaque PSK not supported with DHE-PSK" \ + -s "error" \ + -c "error" + +requires_config_enabled MBEDTLS_USE_PSA_CRYPTO +run_test "Opaque psk: server: RSA-PSK not supported" \ + "$P_SRV debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 \ + force_version=tls12 \ + force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ + "$P_CLI debug_level=1 psk=abc123 psk_identity=foo" \ + 1 \ + -s "opaque PSK not supported with RSA-PSK" \ + -s "error" \ + -c "error" + # Test ciphersuites which we expect to be fully supported by PSA Crypto # and check that we don't fall back to Mbed TLS' internal crypto primitives. run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM @@ -1501,7 +1812,7 @@ run_test_psa_force_curve "brainpoolP256r1" requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED run_test_psa_force_curve "secp224r1" ## SECP224K1 is buggy via the PSA API -## (https://github.com/ARMmbed/mbedtls/issues/3541), +## (https://github.com/Mbed-TLS/mbedtls/issues/3541), ## so it is disabled in PSA even when it's enabled in Mbed TLS. ## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet. @@ -1552,6 +1863,13 @@ run_test "Context-specific CRT verification callback" \ # Tests for rc4 option +# Manual dependencies on the ciphersuite support are necessary +# because the automatic requirements from force_ciphersuite=... detection +# make an exception for these test cases since they expect a handshake +# failure. +requires_config_enabled MBEDTLS_ARC4_C +requires_config_enabled MBEDTLS_SHA1_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server disabled, client enabled" \ "$P_SRV" \ @@ -1559,6 +1877,9 @@ run_test "RC4: server disabled, client enabled" \ 1 \ -s "SSL - The server has no ciphersuites in common" +requires_config_enabled MBEDTLS_ARC4_C +requires_config_enabled MBEDTLS_SHA1_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server half, client enabled" \ "$P_SRV arc4=1" \ @@ -1566,15 +1887,30 @@ run_test "RC4: server half, client enabled" \ 1 \ -s "SSL - The server has no ciphersuites in common" +requires_config_enabled MBEDTLS_ARC4_C +requires_config_enabled MBEDTLS_SHA1_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES run_test "RC4: server enabled, client disabled" \ "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ "$P_CLI" \ 1 \ -s "SSL - The server has no ciphersuites in common" +# Run even if the ciphersuite is disabled by default, but only if the +# requisite cryptographic mechanisms are present. +# Having "force_ciphersuite=..." in the client or server arguments would +# prevent that due to the automatic detection, so hide behind some +# shell expansion to fool the automatic detection. +with_rc4_ciphersuite() { + exec "$@" force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA +} +requires_config_enabled MBEDTLS_ARC4_C +requires_config_enabled MBEDTLS_SHA1_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED run_test "RC4: both enabled" \ - "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ + "with_rc4_ciphersuite $P_SRV" \ + "with_rc4_ciphersuite $P_CLI" \ 0 \ -S "SSL - None of the common ciphersuites is usable" \ -S "SSL - The server has no ciphersuites in common" @@ -1582,14 +1918,12 @@ run_test "RC4: both enabled" \ # Test empty CA list in CertificateRequest in TLS 1.1 and earlier requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \ "$G_SRV"\ "$P_CLI force_version=tls1_1" \ 0 requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \ "$G_SRV"\ "$P_CLI force_version=tls1" \ @@ -2618,7 +2952,6 @@ run_test "Encrypt then MAC: client disabled, server enabled" \ -C "using encrypt then mac" \ -S "using encrypt then mac" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Encrypt then MAC: client SSLv3, server enabled" \ "$P_SRV debug_level=3 min_version=ssl3 \ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ @@ -2631,7 +2964,6 @@ run_test "Encrypt then MAC: client SSLv3, server enabled" \ -C "using encrypt then mac" \ -S "using encrypt then mac" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Encrypt then MAC: client enabled, server SSLv3" \ "$P_SRV debug_level=3 force_version=ssl3 \ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ @@ -2646,6 +2978,7 @@ run_test "Encrypt then MAC: client enabled, server SSLv3" \ # Tests for Extended Master Secret extension +requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: default" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3" \ @@ -2657,6 +2990,7 @@ run_test "Extended Master Secret: default" \ -c "session hash for extended master secret" \ -s "session hash for extended master secret" +requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: client enabled, server disabled" \ "$P_SRV debug_level=3 extended_ms=0" \ "$P_CLI debug_level=3 extended_ms=1" \ @@ -2668,6 +3002,7 @@ run_test "Extended Master Secret: client enabled, server disabled" \ -C "session hash for extended master secret" \ -S "session hash for extended master secret" +requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: client disabled, server enabled" \ "$P_SRV debug_level=3 extended_ms=1" \ "$P_CLI debug_level=3 extended_ms=0" \ @@ -2679,7 +3014,6 @@ run_test "Extended Master Secret: client disabled, server enabled" \ -C "session hash for extended master secret" \ -S "session hash for extended master secret" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Extended Master Secret: client SSLv3, server enabled" \ "$P_SRV debug_level=3 min_version=ssl3" \ "$P_CLI debug_level=3 force_version=ssl3" \ @@ -2691,7 +3025,6 @@ run_test "Extended Master Secret: client SSLv3, server enabled" \ -C "session hash for extended master secret" \ -S "session hash for extended master secret" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Extended Master Secret: client enabled, server SSLv3" \ "$P_SRV debug_level=3 force_version=ssl3" \ "$P_CLI debug_level=3 min_version=ssl3" \ @@ -2757,6 +3090,7 @@ run_test "Fallback SCSV: enabled, openssl server" \ -c "adding FALLBACK_SCSV" \ -c "is a fatal alert message (msg 86)" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_openssl_with_fallback_scsv run_test "Fallback SCSV: disabled, openssl client" \ "$P_SRV debug_level=2" \ @@ -2765,6 +3099,7 @@ run_test "Fallback SCSV: disabled, openssl client" \ -S "received FALLBACK_SCSV" \ -S "inapropriate fallback" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_openssl_with_fallback_scsv run_test "Fallback SCSV: enabled, openssl client" \ "$P_SRV debug_level=2" \ @@ -2819,7 +3154,7 @@ run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \ ## The ClientHello content is spelled out below as a hex string as ## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". ## The expected response is an inappropriate_fallback alert. -requires_openssl_with_fallback_scsv +requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV run_test "Fallback SCSV: beginning of list" \ "$P_SRV debug_level=2" \ "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \ @@ -2827,7 +3162,7 @@ run_test "Fallback SCSV: beginning of list" \ -s "received FALLBACK_SCSV" \ -s "inapropriate fallback" -requires_openssl_with_fallback_scsv +requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV run_test "Fallback SCSV: end of list" \ "$P_SRV debug_level=2" \ "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \ @@ -2836,7 +3171,7 @@ run_test "Fallback SCSV: end of list" \ -s "inapropriate fallback" ## Here the expected response is a valid ServerHello prefix, up to the random. -requires_openssl_with_fallback_scsv +requires_config_enabled MBEDTLS_SSL_FALLBACK_SCSV run_test "Fallback SCSV: not in list" \ "$P_SRV debug_level=2" \ "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \ @@ -2873,7 +3208,6 @@ run_test "CBC Record splitting: TLS 1.0, splitting" \ -s "Read from client: 1 bytes read" \ -s "122 bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "CBC Record splitting: SSLv3, splitting" \ "$P_SRV min_version=ssl3" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ @@ -3110,6 +3444,7 @@ run_test "Session resume using cache: cache_max=0" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: cache_max=1" \ "$P_SRV debug_level=3 tickets=0 cache_max=1" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -3119,6 +3454,7 @@ run_test "Session resume using cache: cache_max=1" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: timeout > delay" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ @@ -3128,6 +3464,7 @@ run_test "Session resume using cache: timeout > delay" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: timeout < delay" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -3137,6 +3474,7 @@ run_test "Session resume using cache: timeout < delay" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: no timeout" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \ @@ -3146,6 +3484,7 @@ run_test "Session resume using cache: no timeout" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: session copy" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ @@ -3155,6 +3494,7 @@ run_test "Session resume using cache: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: openssl client" \ "$P_SRV debug_level=3 tickets=0" \ "( $O_CLI -sess_out $SESSION; \ @@ -3167,6 +3507,7 @@ run_test "Session resume using cache: openssl client" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: openssl server" \ "$O_SRV" \ "$P_CLI debug_level=3 tickets=0 reconnect=1" \ @@ -3175,8 +3516,32 @@ run_test "Session resume using cache: openssl server" \ -C "parse new session ticket" \ -c "a session has been resumed" +# Tests for Session resume and extensions + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID +run_test "Session resume and connection ID" \ + "$P_SRV debug_level=3 cid=1 cid_val=dead dtls=1 tickets=0" \ + "$P_CLI debug_level=3 cid=1 cid_val=beef dtls=1 tickets=0 reconnect=1" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" + # Tests for Session Resume based on session-ID and cache, DTLS +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: tickets enabled on client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -3191,6 +3556,7 @@ run_test "Session resume using cache, DTLS: tickets enabled on client" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: tickets enabled on server" \ "$P_SRV dtls=1 debug_level=3 tickets=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ @@ -3205,6 +3571,7 @@ run_test "Session resume using cache, DTLS: tickets enabled on server" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: cache_max=0" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ @@ -3214,6 +3581,7 @@ run_test "Session resume using cache, DTLS: cache_max=0" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: cache_max=1" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ @@ -3223,6 +3591,7 @@ run_test "Session resume using cache, DTLS: cache_max=1" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: timeout > delay" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \ @@ -3232,6 +3601,7 @@ run_test "Session resume using cache, DTLS: timeout > delay" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: timeout < delay" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \ @@ -3241,6 +3611,7 @@ run_test "Session resume using cache, DTLS: timeout < delay" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: no timeout" \ "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \ @@ -3250,6 +3621,7 @@ run_test "Session resume using cache, DTLS: no timeout" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: session copy" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \ @@ -3262,6 +3634,7 @@ run_test "Session resume using cache, DTLS: session copy" \ # For reasons that aren't fully understood, this test randomly fails with high # probability with OpenSSL 1.0.2g on the CI, see #5012. requires_openssl_next +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: openssl client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "( $O_NEXT_CLI -dtls1 -sess_out $SESSION; \ @@ -3274,6 +3647,7 @@ run_test "Session resume using cache, DTLS: openssl client" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache, DTLS: openssl server" \ "$O_SRV -dtls1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ @@ -4068,7 +4442,7 @@ run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ -C "error" \ -s "Extra-header:" -# Test for the "secure renegotation" extension only (no actual renegotiation) +# Test for the "secure renegotiation" extension only (no actual renegotiation) requires_gnutls run_test "Renego ext: gnutls server strict, client default" \ @@ -4278,7 +4652,6 @@ run_test "Authentication: client SHA384, server required" \ -c "Supported Signature Algorithm found: 4," \ -c "Supported Signature Algorithm found: 5," -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Authentication: client has no cert, server required (SSLv3)" \ "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \ "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \ @@ -4331,6 +4704,21 @@ run_test "Authentication: client badcert, server required" \ # detect that its write end of the connection is closed and abort # before reading the alert message. +run_test "Authentication: client cert self-signed and trusted, server required" \ + "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \ + "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ + key_file=data_files/server5.key" \ + 0 \ + -S "skip write certificate request" \ + -C "skip parse certificate request" \ + -c "got a certificate request" \ + -C "skip write certificate" \ + -C "skip write certificate verify" \ + -S "skip parse certificate verify" \ + -S "x509_verify_cert() returned" \ + -S "! The certificate is not correctly signed" \ + -S "X509 - Certificate verification failed" + run_test "Authentication: client cert not trusted, server required" \ "$P_SRV debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ @@ -4429,7 +4817,6 @@ run_test "Authentication: client no cert, openssl server required" \ -c "skip write certificate verify" \ -c "! mbedtls_ssl_handshake returned" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Authentication: client no cert, ssl3" \ "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \ "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \ @@ -4767,7 +5154,7 @@ run_test "Authentication, CA callback: client max_int chain, server required" -s "use CA callback for X.509 CRT verification" \ -S "X509 - A fatal error occurred" -# Tests for certificate selection based on SHA verson +# Tests for certificate selection based on SHA version run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ "$P_SRV crt_file=data_files/server5.crt \ @@ -5265,6 +5652,7 @@ run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \ # Tests for version negotiation +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Version check: all -> 1.2" \ "$P_SRV" \ "$P_CLI" \ @@ -5274,6 +5662,7 @@ run_test "Version check: all -> 1.2" \ -s "Protocol is TLSv1.2" \ -c "Protocol is TLSv1.2" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "Version check: cli max 1.1 -> 1.1" \ "$P_SRV" \ "$P_CLI max_version=tls1_1" \ @@ -5283,6 +5672,7 @@ run_test "Version check: cli max 1.1 -> 1.1" \ -s "Protocol is TLSv1.1" \ -c "Protocol is TLSv1.1" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "Version check: srv max 1.1 -> 1.1" \ "$P_SRV max_version=tls1_1" \ "$P_CLI" \ @@ -5292,6 +5682,7 @@ run_test "Version check: srv max 1.1 -> 1.1" \ -s "Protocol is TLSv1.1" \ -c "Protocol is TLSv1.1" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "Version check: cli+srv max 1.1 -> 1.1" \ "$P_SRV max_version=tls1_1" \ "$P_CLI max_version=tls1_1" \ @@ -5301,6 +5692,7 @@ run_test "Version check: cli+srv max 1.1 -> 1.1" \ -s "Protocol is TLSv1.1" \ -c "Protocol is TLSv1.1" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ "$P_SRV min_version=tls1_1" \ "$P_CLI max_version=tls1_1" \ @@ -5310,6 +5702,7 @@ run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ -s "Protocol is TLSv1.1" \ -c "Protocol is TLSv1.1" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ "$P_SRV max_version=tls1_1" \ "$P_CLI min_version=tls1_1" \ @@ -5319,6 +5712,8 @@ run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ -s "Protocol is TLSv1.1" \ -c "Protocol is TLSv1.1" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ "$P_SRV max_version=tls1_1" \ "$P_CLI min_version=tls12" \ @@ -5327,6 +5722,8 @@ run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ -c "mbedtls_ssl_handshake returned" \ -c "SSL - Handshake protocol not within min/max boundaries" +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ "$P_SRV min_version=tls12" \ "$P_CLI max_version=tls1_1" \ @@ -6188,7 +6585,6 @@ run_test "ECJPAKE: working, DTLS, nolog" \ # Tests for ciphersuites per version -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C run_test "Per-version suites: SSL3" \ @@ -6197,7 +6593,6 @@ run_test "Per-version suites: SSL3" \ 0 \ -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C run_test "Per-version suites: TLS 1.0" \ @@ -6206,7 +6601,6 @@ run_test "Per-version suites: TLS 1.0" \ 0 \ -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C run_test "Per-version suites: TLS 1.1" \ @@ -6215,9 +6609,9 @@ run_test "Per-version suites: TLS 1.1" \ 0 \ -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C +requires_config_enabled MBEDTLS_GCM_C run_test "Per-version suites: TLS 1.2" \ "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ "$P_CLI force_version=tls12" \ @@ -6235,21 +6629,34 @@ run_test "ClientHello without extensions" \ # Tests for mbedtls_ssl_get_bytes_avail() +# The server first reads buffer_size-1 bytes, then reads the remainder. run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ - "$P_SRV" \ + "$P_SRV buffer_size=100" \ "$P_CLI request_size=100" \ 0 \ -s "Read from client: 100 bytes read$" -run_test "mbedtls_ssl_get_bytes_avail: extra data" \ - "$P_SRV" \ - "$P_CLI request_size=500" \ +run_test "mbedtls_ssl_get_bytes_avail: extra data (+1)" \ + "$P_SRV buffer_size=100" \ + "$P_CLI request_size=101" \ 0 \ - -s "Read from client: 500 bytes read (.*+.*)" + -s "Read from client: 101 bytes read (100 + 1)" + +requires_max_content_len 200 +run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \ + "$P_SRV buffer_size=100" \ + "$P_CLI request_size=200" \ + 0 \ + -s "Read from client: 200 bytes read (100 + 100)" + +run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \ + "$P_SRV buffer_size=100" \ + "$P_CLI request_size=$MAX_CONTENT_LEN" \ + 0 \ + -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))" # Tests for small client packets -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Small client packet SSLv3 BlockCipher" \ "$P_SRV min_version=ssl3" \ "$P_CLI request_size=1 force_version=ssl3 \ @@ -6257,7 +6664,6 @@ run_test "Small client packet SSLv3 BlockCipher" \ 0 \ -s "Read from client: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Small client packet SSLv3 StreamCipher" \ "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ "$P_CLI request_size=1 force_version=ssl3 \ @@ -6538,7 +6944,6 @@ run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ # Tests for small server packets -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Small server packet SSLv3 BlockCipher" \ "$P_SRV response_size=1 min_version=ssl3" \ "$P_CLI force_version=ssl3 \ @@ -6546,7 +6951,6 @@ run_test "Small server packet SSLv3 BlockCipher" \ 0 \ -c "Read from server: 1 bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Small server packet SSLv3 StreamCipher" \ "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ "$P_CLI force_version=ssl3 \ @@ -6826,7 +7230,6 @@ run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \ -c "Read from server: 1 bytes read" # A test for extensions in SSLv3 -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 requires_max_content_len 4096 run_test "SSLv3 with extensions, server side" \ "$P_SRV min_version=ssl3 debug_level=3" \ @@ -6842,7 +7245,6 @@ fragments_for_write() { echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))" } -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Large client packet SSLv3 BlockCipher" \ "$P_SRV min_version=ssl3" \ "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \ @@ -6851,7 +7253,6 @@ run_test "Large client packet SSLv3 BlockCipher" \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Large client packet SSLv3 StreamCipher" \ "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ "$P_CLI request_size=16384 force_version=ssl3 \ @@ -7077,7 +7478,6 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ # Test for large server packets # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Large server packet SSLv3 StreamCipher" \ "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \ "$P_CLI force_version=ssl3 \ @@ -7086,7 +7486,6 @@ run_test "Large server packet SSLv3 StreamCipher" \ -c "Read from server: 16384 bytes read" # Checking next 4 tests logs for 1n-1 split against BEAST too -requires_config_enabled MBEDTLS_SSL_PROTO_SSL3 run_test "Large server packet SSLv3 BlockCipher" \ "$P_SRV response_size=16384 min_version=ssl3" \ "$P_CLI force_version=ssl3 recsplit=0 \ @@ -7323,6 +7722,8 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \ # Tests for restartable ECC +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, default" \ "$P_SRV auth_mode=required" \ @@ -7335,6 +7736,8 @@ run_test "EC restart: TLS, default" \ -C "mbedtls_ecdh_make_public.*4b00" \ -C "mbedtls_pk_sign.*4b00" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=0" \ "$P_SRV auth_mode=required" \ @@ -7347,6 +7750,8 @@ run_test "EC restart: TLS, max_ops=0" \ -C "mbedtls_ecdh_make_public.*4b00" \ -C "mbedtls_pk_sign.*4b00" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=65535" \ "$P_SRV auth_mode=required" \ @@ -7359,6 +7764,8 @@ run_test "EC restart: TLS, max_ops=65535" \ -C "mbedtls_ecdh_make_public.*4b00" \ -C "mbedtls_pk_sign.*4b00" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=1000" \ "$P_SRV auth_mode=required" \ @@ -7371,6 +7778,8 @@ run_test "EC restart: TLS, max_ops=1000" \ -c "mbedtls_ecdh_make_public.*4b00" \ -c "mbedtls_pk_sign.*4b00" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=1000, badsign" \ "$P_SRV auth_mode=required \ @@ -7388,6 +7797,8 @@ run_test "EC restart: TLS, max_ops=1000, badsign" \ -c "! mbedtls_ssl_handshake returned" \ -c "X509 - Certificate verification failed" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ "$P_SRV auth_mode=required \ @@ -7405,6 +7816,8 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \ -C "! mbedtls_ssl_handshake returned" \ -C "X509 - Certificate verification failed" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ "$P_SRV auth_mode=required \ @@ -7422,6 +7835,8 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \ -C "! mbedtls_ssl_handshake returned" \ -C "X509 - Certificate verification failed" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: DTLS, max_ops=1000" \ "$P_SRV auth_mode=required dtls=1" \ @@ -7434,6 +7849,8 @@ run_test "EC restart: DTLS, max_ops=1000" \ -c "mbedtls_ecdh_make_public.*4b00" \ -c "mbedtls_pk_sign.*4b00" +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_ECP_RESTARTABLE run_test "EC restart: TLS, max_ops=1000 no client auth" \ "$P_SRV" \ @@ -7445,11 +7862,19 @@ run_test "EC restart: TLS, max_ops=1000 no client auth" \ -c "mbedtls_ecdh_make_public.*4b00" \ -C "mbedtls_pk_sign.*4b00" + +# Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no +# restartable behaviour at all (not even client auth). +# This is the same as "EC restart: TLS, max_ops=1000" except with ECDHE-RSA, +# and all 4 assertions negated. requires_config_enabled MBEDTLS_ECP_RESTARTABLE -run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \ - "$P_SRV psk=abc123" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ - psk=abc123 debug_level=1 ec_max_ops=1000" \ +requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \ + "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ + key_file=data_files/server5.key crt_file=data_files/server5.crt \ + debug_level=1 ec_max_ops=1000" \ 0 \ -C "x509_verify_cert.*4b00" \ -C "mbedtls_pk_verify.*4b00" \ @@ -7492,7 +7917,6 @@ run_test "SSL async private: sign, delay=2" \ # Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1 # with RSA PKCS#1v1.5 as used in TLS 1.0/1.1. requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 run_test "SSL async private: sign, RSA, TLS 1.1" \ "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \ async_operations=s async_private_delay1=0 async_private_delay2=0" \ @@ -8791,7 +9215,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_gnutls requires_max_content_len 2048 run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ @@ -8807,7 +9230,6 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_gnutls requires_max_content_len 2048 run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ @@ -8825,12 +9247,11 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ # certificate obtained from the server. Here, however, it # connects to 127.0.0.1 while our test certificates use 'localhost' # as the server name in the certificate. This will make the -# certifiate validation fail, but passing --insecure makes +# certificate validation fail, but passing --insecure makes # GnuTLS continue the connection nonetheless. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_gnutls requires_not_i686 requires_max_content_len 2048 @@ -8847,7 +9268,6 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_gnutls requires_not_i686 requires_max_content_len 2048 @@ -8863,7 +9283,6 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_max_content_len 2048 run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ "$O_SRV -dtls1_2 -verify 10" \ @@ -8878,7 +9297,6 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_max_content_len 2048 run_test "DTLS fragmenting: openssl server, DTLS 1.0" \ "$O_SRV -dtls1 -verify 10" \ @@ -8893,7 +9311,6 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.0" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_max_content_len 2048 run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ @@ -8907,7 +9324,6 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 requires_max_content_len 2048 run_test "DTLS fragmenting: openssl client, DTLS 1.0" \ "$P_SRV dtls=1 debug_level=2 \ @@ -8926,7 +9342,6 @@ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ @@ -8944,7 +9359,6 @@ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ @@ -8962,7 +9376,6 @@ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ @@ -8979,7 +9392,6 @@ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ @@ -8992,21 +9404,17 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ 0 \ -s "fragmenting handshake message" -## Interop test with OpenSSL might trigger a bug in recent versions (including -## all versions installed on the CI machines), reported here: -## Bug report: https://github.com/openssl/openssl/issues/6902 -## They should be re-enabled once a fixed version of OpenSSL is available -## (this should happen in some 1.1.1_ release according to the ticket). -skip_next_test +## The two tests below require 1.1.1a or higher version of openssl, otherwise +## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902) +requires_openssl_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$O_SRV -dtls1_2 -verify 10" \ + "$O_NEXT_SRV -dtls1_2 -verify 10" \ "$P_CLI dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ @@ -9015,16 +9423,15 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ -c "fragmenting handshake message" \ -C "error" -skip_next_test +requires_openssl_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \ -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$O_SRV -dtls1 -verify 10" \ + "$O_NEXT_SRV -dtls1 -verify 10" \ "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ @@ -9033,11 +9440,12 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \ -c "fragmenting handshake message" \ -C "error" +## the two tests below will time out with certain seed. +## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887) skip_next_test requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ @@ -9056,7 +9464,6 @@ skip_next_test requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \ @@ -9726,6 +10133,7 @@ run_test "DTLS proxy: delay ChangeCipherSpec" \ # Tests for reordering support with DTLS +requires_certificate_authentication run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ -p "$P_PXY delay_srv=ServerHello" \ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ @@ -9742,6 +10150,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ -S "Injecting buffered CCS message" \ -S "Remember CCS message" +requires_certificate_authentication run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ -p "$P_PXY delay_srv=ServerHello" \ "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ @@ -9764,6 +10173,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message fragment on # Certificate message; at the time of writing, together these are aroudn 1200b # in size, so that the bound below ensures that the certificate can be reassembled # while keeping the ServerKeyExchange. +requires_certificate_authentication requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \ -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ @@ -9785,6 +10195,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex # The size constraints ensure that the delayed certificate message can't # be reassembled while keeping the ServerKeyExchange message, but it can # when dropping it first. +requires_certificate_authentication requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900 requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \ @@ -9804,6 +10215,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex -S "Injecting buffered CCS message" \ -S "Remember CCS message" +requires_certificate_authentication run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ -p "$P_PXY delay_cli=Certificate" \ "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \ @@ -9820,6 +10232,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ -S "Injecting buffered CCS message" \ -S "Remember CCS message" +requires_certificate_authentication run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ -p "$P_PXY delay_srv=NewSessionTicket" \ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ @@ -9836,6 +10249,7 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ -S "Injecting buffered CCS message" \ -S "Remember CCS message" +requires_certificate_authentication run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ -p "$P_PXY delay_cli=ClientKeyExchange" \ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ @@ -9962,6 +10376,7 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "DTLS proxy: 3d, min handshake, resumption" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -9976,6 +10391,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 +requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -10051,37 +10467,34 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ -s "Extra-header:" \ -c "HTTP/1.0 200 OK" -## Interop tests with OpenSSL might trigger a bug in recent versions (including -## all versions installed on the CI machines), reported here: -## Bug report: https://github.com/openssl/openssl/issues/6902 -## They should be re-enabled once a fixed version of OpenSSL is available -## (this should happen in some 1.1.1_ release according to the ticket). -skip_next_test +## The three tests below require 1.1.1a or higher version of openssl, otherwise +## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902) +requires_openssl_next client_needs_more_time 6 not_with_valgrind # risk of non-mbedtls peer timing out run_test "DTLS proxy: 3d, openssl server" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 2048" \ + "$O_NEXT_SRV -dtls1 -mtu 2048" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ 0 \ -c "HTTP/1.0 200 OK" -skip_next_test # see above +requires_openssl_next client_needs_more_time 8 not_with_valgrind # risk of non-mbedtls peer timing out run_test "DTLS proxy: 3d, openssl server, fragmentation" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 768" \ + "$O_NEXT_SRV -dtls1 -mtu 768" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ 0 \ -c "HTTP/1.0 200 OK" -skip_next_test # see above +requires_openssl_next client_needs_more_time 8 not_with_valgrind # risk of non-mbedtls peer timing out run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ - "$O_SRV -dtls1 -mtu 768" \ + "$O_NEXT_SRV -dtls1 -mtu 768" \ "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ 0 \ -c "HTTP/1.0 200 OK" @@ -10154,4 +10567,9 @@ fi PASSES=$(( $TESTS - $FAILS )) echo " ($PASSES / $TESTS tests ($SKIPS skipped))" +if [ $FAILS -gt 255 ]; then + # Clamp at 255 as caller gets exit code & 0xFF + # (so 256 would be 0, or success, etc) + FAILS=255 +fi exit $FAILS diff --git a/third_party/mbedtls/repo/tests/suites/helpers.function b/third_party/mbedtls/repo/tests/suites/helpers.function index 91ad925fbfa..12828f5ef26 100644 --- a/third_party/mbedtls/repo/tests/suites/helpers.function +++ b/third_party/mbedtls/repo/tests/suites/helpers.function @@ -2,27 +2,19 @@ /*----------------------------------------------------------------------------*/ /* Headers */ -#include +#include #include +#include #include #include +#include +#include +#include #include +#include -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else -#include -#define mbedtls_fprintf fprintf -#define mbedtls_snprintf snprintf -#define mbedtls_calloc calloc -#define mbedtls_free free -#define mbedtls_exit exit -#define mbedtls_time time -#define mbedtls_time_t time_t -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" @@ -33,31 +25,10 @@ #include #endif -#ifdef _MSC_VER -#include -typedef UINT8 uint8_t; -typedef INT32 int32_t; -typedef UINT32 uint32_t; -#define strncasecmp _strnicmp -#define strcasecmp _stricmp -#else -#include -#endif - -#include - #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) #include -#include #endif -/* Type for Hex parameters */ -typedef struct data_tag -{ - uint8_t * x; - uint32_t len; -} data_t; - /*----------------------------------------------------------------------------*/ /* Status and error constants */ @@ -88,11 +59,11 @@ jmp_buf jmp_tmp; /* Indicates whether we expect mbedtls_entropy_init * to initialize some strong entropy source. */ #if defined(MBEDTLS_TEST_NULL_ENTROPY) || \ - ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ - ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ - defined(MBEDTLS_HAVEGE_C) || \ - defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ - defined(ENTROPY_NV_SEED) ) ) + (!defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ + (!defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ + defined(MBEDTLS_HAVEGE_C) || \ + defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ + defined(ENTROPY_NV_SEED))) #define ENTROPY_HAVE_STRONG #endif @@ -100,72 +71,48 @@ jmp_buf jmp_tmp; /*----------------------------------------------------------------------------*/ /* Helper Functions */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -/** Check that no PSA Crypto key slots are in use. - * - * If any slots are in use, mark the current test as failed. - * - * \return 0 if the key store is empty, 1 otherwise. - */ -int test_fail_if_psa_leaking( int line_no, const char *filename ) -{ - const char *msg = mbedtls_test_helper_is_psa_leaking( ); - if( msg == NULL ) - return 0; - else - { - mbedtls_test_fail( msg, line_no, filename ); - return 1; - } -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */ - #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) -static int redirect_output( FILE* out_stream, const char* path ) +static int redirect_output(FILE *out_stream, const char *path) { int out_fd, dup_fd; - FILE* path_stream; + FILE *path_stream; - out_fd = fileno( out_stream ); - dup_fd = dup( out_fd ); + out_fd = fileno(out_stream); + dup_fd = dup(out_fd); - if( dup_fd == -1 ) - { - return( -1 ); + if (dup_fd == -1) { + return -1; } - path_stream = fopen( path, "w" ); - if( path_stream == NULL ) - { - close( dup_fd ); - return( -1 ); + path_stream = fopen(path, "w"); + if (path_stream == NULL) { + close(dup_fd); + return -1; } - fflush( out_stream ); - if( dup2( fileno( path_stream ), out_fd ) == -1 ) - { - close( dup_fd ); - fclose( path_stream ); - return( -1 ); + fflush(out_stream); + if (dup2(fileno(path_stream), out_fd) == -1) { + close(dup_fd); + fclose(path_stream); + return -1; } - fclose( path_stream ); - return( dup_fd ); + fclose(path_stream); + return dup_fd; } -static int restore_output( FILE* out_stream, int dup_fd ) +static int restore_output(FILE *out_stream, int dup_fd) { - int out_fd = fileno( out_stream ); - - fflush( out_stream ); - if( dup2( dup_fd, out_fd ) == -1 ) - { - close( out_fd ); - close( dup_fd ); - return( -1 ); + int out_fd = fileno(out_stream); + + fflush(out_stream); + if (dup2(dup_fd, out_fd) == -1) { + close(out_fd); + close(dup_fd); + return -1; } - close( dup_fd ); - return( 0 ); + close(dup_fd); + return 0; } #endif /* __unix__ || __APPLE__ __MACH__ */ diff --git a/third_party/mbedtls/repo/tests/suites/host_test.function b/third_party/mbedtls/repo/tests/suites/host_test.function index 17926ebb3c3..06f391fa4f1 100644 --- a/third_party/mbedtls/repo/tests/suites/host_test.function +++ b/third_party/mbedtls/repo/tests/suites/host_test.function @@ -8,20 +8,19 @@ * * \return 0 if success else 1 */ -int verify_string( char **str ) +int verify_string(char **str) { - if( ( *str )[0] != '"' || - ( *str )[strlen( *str ) - 1] != '"' ) - { - mbedtls_fprintf( stderr, - "Expected string (with \"\") for parameter and got: %s\n", *str ); - return( -1 ); + if ((*str)[0] != '"' || + (*str)[strlen(*str) - 1] != '"') { + mbedtls_fprintf(stderr, + "Expected string (with \"\") for parameter and got: %s\n", *str); + return -1; } - ( *str )++; - ( *str )[strlen( *str ) - 1] = '\0'; + (*str)++; + (*str)[strlen(*str) - 1] = '\0'; - return( 0 ); + return 0; } /** @@ -29,54 +28,28 @@ int verify_string( char **str ) * integer value. * * \param str Input string. - * \param value Pointer to int for output value. + * \param p_value Pointer to output value. * * \return 0 if success else 1 */ -int verify_int( char *str, int32_t *value ) +int verify_int(char *str, intmax_t *p_value) { - size_t i; - int minus = 0; - int digits = 1; - int hex = 0; - - for( i = 0; i < strlen( str ); i++ ) - { - if( i == 0 && str[i] == '-' ) - { - minus = 1; - continue; - } - - if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) && - str[i - 1] == '0' && ( str[i] == 'x' || str[i] == 'X' ) ) - { - hex = 1; - continue; - } - - if( ! ( ( str[i] >= '0' && str[i] <= '9' ) || - ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) || - ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) ) - { - digits = 0; - break; - } + char *end = NULL; + errno = 0; + /* Limit the range to long: for large integers, the test framework will + * use expressions anyway. */ + long value = strtol(str, &end, 0); + if (errno == EINVAL || *end != '\0') { + mbedtls_fprintf(stderr, + "Expected integer for parameter and got: %s\n", str); + return KEY_VALUE_MAPPING_NOT_FOUND; } - - if( digits ) - { - if( hex ) - *value = strtol( str, NULL, 16 ); - else - *value = strtol( str, NULL, 10 ); - - return( 0 ); + if (errno == ERANGE) { + mbedtls_fprintf(stderr, "Integer out of range: %s\n", str); + return KEY_VALUE_MAPPING_NOT_FOUND; } - - mbedtls_fprintf( stderr, - "Expected integer for parameter and got: %s\n", str ); - return( KEY_VALUE_MAPPING_NOT_FOUND ); + *p_value = value; + return 0; } @@ -107,44 +80,45 @@ int verify_int( char *str, int32_t *value ) * * \return 0 if success else -1 */ -int get_line( FILE *f, char *buf, size_t len ) +int get_line(FILE *f, char *buf, size_t len) { char *ret; int i = 0, str_len = 0, has_string = 0; /* Read until we get a valid line */ - do - { - ret = fgets( buf, len, f ); - if( ret == NULL ) - return( -1 ); + do { + ret = fgets(buf, len, f); + if (ret == NULL) { + return -1; + } - str_len = strlen( buf ); + str_len = strlen(buf); /* Skip empty line and comment */ - if ( str_len == 0 || buf[0] == '#' ) + if (str_len == 0 || buf[0] == '#') { continue; + } has_string = 0; - for ( i = 0; i < str_len; i++ ) - { + for (i = 0; i < str_len; i++) { char c = buf[i]; - if ( c != ' ' && c != '\t' && c != '\n' && - c != '\v' && c != '\f' && c != '\r' ) - { + if (c != ' ' && c != '\t' && c != '\n' && + c != '\v' && c != '\f' && c != '\r') { has_string = 1; break; } } - } while( !has_string ); + } while (!has_string); /* Strip new line and carriage return */ - ret = buf + strlen( buf ); - if( ret-- > buf && *ret == '\n' ) + ret = buf + strlen(buf); + if (ret-- > buf && *ret == '\n') { *ret = '\0'; - if( ret-- > buf && *ret == '\r' ) + } + if (ret-- > buf && *ret == '\r') { *ret = '\0'; + } - return( 0 ); + return 0; } /** @@ -157,8 +131,8 @@ int get_line( FILE *f, char *buf, size_t len ) * * \return Count of strings found. */ -static int parse_arguments( char *buf, size_t len, char **params, - size_t params_len ) +static int parse_arguments(char *buf, size_t len, char **params, + size_t params_len) { size_t cnt = 0, i; char *cur = buf; @@ -166,20 +140,16 @@ static int parse_arguments( char *buf, size_t len, char **params, params[cnt++] = cur; - while( *p != '\0' && p < ( buf + len ) ) - { - if( *p == '\\' ) - { + while (*p != '\0' && p < (buf + len)) { + if (*p == '\\') { p++; p++; continue; } - if( *p == ':' ) - { - if( p + 1 < buf + len ) - { + if (*p == ':') { + if (p + 1 < buf + len) { cur = p + 1; - TEST_HELPER_ASSERT( cnt < params_len ); + TEST_HELPER_ASSERT(cnt < params_len); params[cnt++] = cur; } *p = '\0'; @@ -188,36 +158,29 @@ static int parse_arguments( char *buf, size_t len, char **params, p++; } - /* Replace newlines, question marks and colons in strings */ - for( i = 0; i < cnt; i++ ) - { + /* Replace backslash escapes in strings */ + for (i = 0; i < cnt; i++) { p = params[i]; q = params[i]; - while( *p != '\0' ) - { - if( *p == '\\' && *( p + 1 ) == 'n' ) - { - p += 2; - *( q++ ) = '\n'; - } - else if( *p == '\\' && *( p + 1 ) == ':' ) - { - p += 2; - *( q++ ) = ':'; - } - else if( *p == '\\' && *( p + 1 ) == '?' ) - { - p += 2; - *( q++ ) = '?'; + while (*p != '\0') { + if (*p == '\\') { + ++p; + switch (*p) { + case 'n': + *p = '\n'; + break; + default: + // Fall through to copying *p + break; + } } - else - *( q++ ) = *( p++ ); + *(q++) = *(p++); } *q = '\0'; } - return( cnt ); + return cnt; } /** @@ -238,81 +201,60 @@ static int parse_arguments( char *buf, size_t len, char **params, * * \return 0 for success else 1 */ -static int convert_params( size_t cnt , char ** params , int32_t * int_params_store ) +static int convert_params(size_t cnt, char **params, + mbedtls_test_argument_t *int_params_store) { - char ** cur = params; - char ** out = params; + char **cur = params; + char **out = params; int ret = DISPATCH_TEST_SUCCESS; - while ( cur < params + cnt ) - { - char * type = *cur++; - char * val = *cur++; + while (cur < params + cnt) { + char *type = *cur++; + char *val = *cur++; - if ( strcmp( type, "char*" ) == 0 ) - { - if ( verify_string( &val ) == 0 ) - { - *out++ = val; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + if (strcmp(type, "char*") == 0) { + if (verify_string(&val) == 0) { + *out++ = val; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "int" ) == 0 ) - { - if ( verify_int( val, int_params_store ) == 0 ) - { - *out++ = (char *) int_params_store++; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + } else if (strcmp(type, "int") == 0) { + if (verify_int(val, &int_params_store->sint) == 0) { + *out++ = (char *) int_params_store++; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "hex" ) == 0 ) - { - if ( verify_string( &val ) == 0 ) - { + } else if (strcmp(type, "hex") == 0) { + if (verify_string(&val) == 0) { size_t len; TEST_HELPER_ASSERT( - mbedtls_test_unhexify( (unsigned char *) val, strlen( val ), - val, &len ) == 0 ); + mbedtls_test_unhexify((unsigned char *) val, strlen(val), + val, &len) == 0); - *int_params_store = len; + int_params_store->len = len; *out++ = val; - *out++ = (char *)(int_params_store++); - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); + *out++ = (char *) (int_params_store++); + } else { + ret = (DISPATCH_INVALID_TEST_DATA); break; } - } - else if ( strcmp( type, "exp" ) == 0 ) - { - int exp_id = strtol( val, NULL, 10 ); - if ( get_expression ( exp_id, int_params_store ) == 0 ) - { - *out++ = (char *)int_params_store++; - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); - break; + } else if (strcmp(type, "exp") == 0) { + int exp_id = strtol(val, NULL, 10); + if (get_expression(exp_id, &int_params_store->sint) == 0) { + *out++ = (char *) int_params_store++; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); + break; } - } - else - { - ret = ( DISPATCH_INVALID_TEST_DATA ); - break; + } else { + ret = (DISPATCH_INVALID_TEST_DATA); + break; } } - return( ret ); + return ret; } /** @@ -335,26 +277,27 @@ static int convert_params( size_t cnt , char ** params , int32_t * int_params_st #if defined(__GNUC__) __attribute__((__noinline__)) #endif -static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) +static int test_snprintf(size_t n, const char *ref_buf, int ref_ret) { int ret; char buf[10] = "xxxxxxxxx"; const char ref[10] = "xxxxxxxxx"; - if( n >= sizeof( buf ) ) - return( -1 ); - ret = mbedtls_snprintf( buf, n, "%s", "123" ); - if( ret < 0 || (size_t) ret >= n ) + if (n >= sizeof(buf)) { + return -1; + } + ret = mbedtls_snprintf(buf, n, "%s", "123"); + if (ret < 0 || (size_t) ret >= n) { ret = -1; + } - if( strncmp( ref_buf, buf, sizeof( buf ) ) != 0 || + if (strncmp(ref_buf, buf, sizeof(buf)) != 0 || ref_ret != ret || - memcmp( buf + n, ref + n, sizeof( buf ) - n ) != 0 ) - { - return( 1 ); + memcmp(buf + n, ref + n, sizeof(buf) - n) != 0) { + return 1; } - return( 0 ); + return 0; } /** @@ -362,14 +305,14 @@ static int test_snprintf( size_t n, const char *ref_buf, int ref_ret ) * * \return 0 for success else 1 */ -static int run_test_snprintf( void ) +static int run_test_snprintf(void) { - return( test_snprintf( 0, "xxxxxxxxx", -1 ) != 0 || - test_snprintf( 1, "", -1 ) != 0 || - test_snprintf( 2, "1", -1 ) != 0 || - test_snprintf( 3, "12", -1 ) != 0 || - test_snprintf( 4, "123", 3 ) != 0 || - test_snprintf( 5, "123", 3 ) != 0 ); + return test_snprintf(0, "xxxxxxxxx", -1) != 0 || + test_snprintf(1, "", -1) != 0 || + test_snprintf(2, "1", -1) != 0 || + test_snprintf(3, "12", -1) != 0 || + test_snprintf(4, "123", 3) != 0 || + test_snprintf(5, "123", 3) != 0; } /** \brief Write the description of the test case to the outcome CSV file. @@ -379,43 +322,44 @@ static int run_test_snprintf( void ) * \param argv0 The test suite name. * \param test_case The test case description. */ -static void write_outcome_entry( FILE *outcome_file, - const char *argv0, - const char *test_case ) +static void write_outcome_entry(FILE *outcome_file, + const char *argv0, + const char *test_case) { /* The non-varying fields are initialized on first use. */ static const char *platform = NULL; static const char *configuration = NULL; static const char *test_suite = NULL; - if( outcome_file == NULL ) + if (outcome_file == NULL) { return; + } - if( platform == NULL ) - { - platform = getenv( "MBEDTLS_TEST_PLATFORM" ); - if( platform == NULL ) + if (platform == NULL) { + platform = getenv("MBEDTLS_TEST_PLATFORM"); + if (platform == NULL) { platform = "unknown"; + } } - if( configuration == NULL ) - { - configuration = getenv( "MBEDTLS_TEST_CONFIGURATION" ); - if( configuration == NULL ) + if (configuration == NULL) { + configuration = getenv("MBEDTLS_TEST_CONFIGURATION"); + if (configuration == NULL) { configuration = "unknown"; + } } - if( test_suite == NULL ) - { - test_suite = strrchr( argv0, '/' ); - if( test_suite != NULL ) + if (test_suite == NULL) { + test_suite = strrchr(argv0, '/'); + if (test_suite != NULL) { test_suite += 1; // skip the '/' - else + } else { test_suite = argv0; + } } /* Write the beginning of the outcome line. * Ignore errors: writing the outcome file is on a best-effort basis. */ - mbedtls_fprintf( outcome_file, "%s;%s;%s;%s;", - platform, configuration, test_suite, test_case ); + mbedtls_fprintf(outcome_file, "%s;%s;%s;%s;", + platform, configuration, test_suite, test_case); } /** \brief Write the result of the test case to the outcome CSV file. @@ -429,65 +373,63 @@ static void write_outcome_entry( FILE *outcome_file, * \param ret The test dispatch status (DISPATCH_xxx). * \param info A pointer to the test info structure. */ -static void write_outcome_result( FILE *outcome_file, - size_t unmet_dep_count, - int unmet_dependencies[], - int missing_unmet_dependencies, - int ret, - const mbedtls_test_info_t *info ) +static void write_outcome_result(FILE *outcome_file, + size_t unmet_dep_count, + int unmet_dependencies[], + int missing_unmet_dependencies, + int ret, + const mbedtls_test_info_t *info) { - if( outcome_file == NULL ) + if (outcome_file == NULL) { return; + } /* Write the end of the outcome line. * Ignore errors: writing the outcome file is on a best-effort basis. */ - switch( ret ) - { + switch (ret) { case DISPATCH_TEST_SUCCESS: - if( unmet_dep_count > 0 ) - { + if (unmet_dep_count > 0) { size_t i; - mbedtls_fprintf( outcome_file, "SKIP" ); - for( i = 0; i < unmet_dep_count; i++ ) - { - mbedtls_fprintf( outcome_file, "%c%d", - i == 0 ? ';' : ':', - unmet_dependencies[i] ); + mbedtls_fprintf(outcome_file, "SKIP"); + for (i = 0; i < unmet_dep_count; i++) { + mbedtls_fprintf(outcome_file, "%c%d", + i == 0 ? ';' : ':', + unmet_dependencies[i]); + } + if (missing_unmet_dependencies) { + mbedtls_fprintf(outcome_file, ":..."); } - if( missing_unmet_dependencies ) - mbedtls_fprintf( outcome_file, ":..." ); break; } - switch( info->result ) - { + switch (info->result) { case MBEDTLS_TEST_RESULT_SUCCESS: - mbedtls_fprintf( outcome_file, "PASS;" ); + mbedtls_fprintf(outcome_file, "PASS;"); break; case MBEDTLS_TEST_RESULT_SKIPPED: - mbedtls_fprintf( outcome_file, "SKIP;Runtime skip" ); + mbedtls_fprintf(outcome_file, "SKIP;Runtime skip"); break; default: - mbedtls_fprintf( outcome_file, "FAIL;%s:%d:%s", - info->filename, info->line_no, - info->test ); + mbedtls_fprintf(outcome_file, "FAIL;%s:%d:%s", + info->filename, info->line_no, + info->test); break; } break; case DISPATCH_TEST_FN_NOT_FOUND: - mbedtls_fprintf( outcome_file, "FAIL;Test function not found" ); + mbedtls_fprintf(outcome_file, "FAIL;Test function not found"); break; case DISPATCH_INVALID_TEST_DATA: - mbedtls_fprintf( outcome_file, "FAIL;Invalid test data" ); + mbedtls_fprintf(outcome_file, "FAIL;Invalid test data"); break; case DISPATCH_UNSUPPORTED_SUITE: - mbedtls_fprintf( outcome_file, "SKIP;Unsupported suite" ); + mbedtls_fprintf(outcome_file, "SKIP;Unsupported suite"); break; default: - mbedtls_fprintf( outcome_file, "FAIL;Unknown cause" ); + mbedtls_fprintf(outcome_file, "FAIL;Unknown cause"); break; } - mbedtls_fprintf( outcome_file, "\n" ); - fflush( outcome_file ); + mbedtls_fprintf(outcome_file, "\n"); + fflush(outcome_file); } /** @@ -500,7 +442,7 @@ static void write_outcome_result( FILE *outcome_file, * * \return Program exit status. */ -int execute_tests( int argc , const char ** argv ) +int execute_tests(int argc, const char **argv) { /* Local Configurations and options */ const char *default_filename = "DATA_FILE"; @@ -519,23 +461,23 @@ int execute_tests( int argc , const char ** argv ) FILE *file; char buf[5000]; char *params[50]; - /* Store for proccessed integer params. */ - int32_t int_params[50]; + /* Store for processed integer params. */ + mbedtls_test_argument_t int_params[50]; void *pointer; #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) int stdout_fd = -1; #endif /* __unix__ || __APPLE__ __MACH__ */ - const char *outcome_file_name = getenv( "MBEDTLS_TEST_OUTCOME_FILE" ); + const char *outcome_file_name = getenv("MBEDTLS_TEST_OUTCOME_FILE"); FILE *outcome_file = NULL; #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) unsigned char alloc_buf[1000000]; - mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) ); + mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_init( ); + mbedtls_test_mutex_usage_init(); #endif /* @@ -543,279 +485,248 @@ int execute_tests( int argc , const char ** argv ) * of a NULL pointer. We do however use that in our code for initializing * structures, which should work on every modern platform. Let's be sure. */ - memset( &pointer, 0, sizeof( void * ) ); - if( pointer != NULL ) - { - mbedtls_fprintf( stderr, "all-bits-zero is not a NULL pointer\n" ); - return( 1 ); + memset(&pointer, 0, sizeof(void *)); + if (pointer != NULL) { + mbedtls_fprintf(stderr, "all-bits-zero is not a NULL pointer\n"); + return 1; } /* * Make sure we have a snprintf that correctly zero-terminates */ - if( run_test_snprintf() != 0 ) - { - mbedtls_fprintf( stderr, "the snprintf implementation is broken\n" ); - return( 1 ); + if (run_test_snprintf() != 0) { + mbedtls_fprintf(stderr, "the snprintf implementation is broken\n"); + return 1; } - if( outcome_file_name != NULL && *outcome_file_name != '\0' ) - { - outcome_file = fopen( outcome_file_name, "a" ); - if( outcome_file == NULL ) - { - mbedtls_fprintf( stderr, "Unable to open outcome file. Continuing anyway.\n" ); + if (outcome_file_name != NULL && *outcome_file_name != '\0') { + outcome_file = fopen(outcome_file_name, "a"); + if (outcome_file == NULL) { + mbedtls_fprintf(stderr, "Unable to open outcome file. Continuing anyway.\n"); } } - while( arg_index < argc ) - { + while (arg_index < argc) { next_arg = argv[arg_index]; - if( strcmp( next_arg, "--verbose" ) == 0 || - strcmp( next_arg, "-v" ) == 0 ) - { + if (strcmp(next_arg, "--verbose") == 0 || + strcmp(next_arg, "-v") == 0) { option_verbose = 1; - } - else if( strcmp(next_arg, "--help" ) == 0 || - strcmp(next_arg, "-h" ) == 0 ) - { - mbedtls_fprintf( stdout, USAGE ); - mbedtls_exit( EXIT_SUCCESS ); - } - else - { + } else if (strcmp(next_arg, "--help") == 0 || + strcmp(next_arg, "-h") == 0) { + mbedtls_fprintf(stdout, USAGE); + mbedtls_exit(EXIT_SUCCESS); + } else { /* Not an option, therefore treat all further arguments as the file * list. */ - test_files = &argv[ arg_index ]; + test_files = &argv[arg_index]; testfile_count = argc - arg_index; + break; } arg_index++; } /* If no files were specified, assume a default */ - if ( test_files == NULL || testfile_count == 0 ) - { + if (test_files == NULL || testfile_count == 0) { test_files = &default_filename; testfile_count = 1; } /* Initialize the struct that holds information about the last test */ - mbedtls_test_info_reset( ); + mbedtls_test_info_reset(); /* Now begin to execute the tests in the testfiles */ - for ( testfile_index = 0; - testfile_index < testfile_count; - testfile_index++ ) - { + for (testfile_index = 0; + testfile_index < testfile_count; + testfile_index++) { size_t unmet_dep_count = 0; int unmet_dependencies[20]; int missing_unmet_dependencies = 0; - test_filename = test_files[ testfile_index ]; + test_filename = test_files[testfile_index]; - file = fopen( test_filename, "r" ); - if( file == NULL ) - { - mbedtls_fprintf( stderr, "Failed to open test file: %s\n", - test_filename ); - if( outcome_file != NULL ) - fclose( outcome_file ); - return( 1 ); + file = fopen(test_filename, "r"); + if (file == NULL) { + mbedtls_fprintf(stderr, "Failed to open test file: %s\n", + test_filename); + if (outcome_file != NULL) { + fclose(outcome_file); + } + return 1; } - while( !feof( file ) ) - { - if( unmet_dep_count > 0 ) - { - mbedtls_fprintf( stderr, - "FATAL: Dep count larger than zero at start of loop\n" ); - mbedtls_exit( MBEDTLS_EXIT_FAILURE ); + while (!feof(file)) { + if (unmet_dep_count > 0) { + mbedtls_fprintf(stderr, + "FATAL: Dep count larger than zero at start of loop\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); } unmet_dep_count = 0; missing_unmet_dependencies = 0; - if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - mbedtls_fprintf( stdout, "%s%.66s", - mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ? - "\n" : "", buf ); - mbedtls_fprintf( stdout, " " ); - for( i = strlen( buf ) + 1; i < 67; i++ ) - mbedtls_fprintf( stdout, "." ); - mbedtls_fprintf( stdout, " " ); - fflush( stdout ); - write_outcome_entry( outcome_file, argv[0], buf ); + } + mbedtls_fprintf(stdout, "%s%.66s", + mbedtls_test_info.result == MBEDTLS_TEST_RESULT_FAILED ? + "\n" : "", buf); + mbedtls_fprintf(stdout, " "); + for (i = strlen(buf) + 1; i < 67; i++) { + mbedtls_fprintf(stdout, "."); + } + mbedtls_fprintf(stdout, " "); + fflush(stdout); + write_outcome_entry(outcome_file, argv[0], buf); total_tests++; - if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - cnt = parse_arguments( buf, strlen( buf ), params, - sizeof( params ) / sizeof( params[0] ) ); - - if( strcmp( params[0], "depends_on" ) == 0 ) - { - for( i = 1; i < cnt; i++ ) - { - int dep_id = strtol( params[i], NULL, 10 ); - if( dep_check( dep_id ) != DEPENDENCY_SUPPORTED ) - { - if( unmet_dep_count < - ARRAY_LENGTH( unmet_dependencies ) ) - { + } + cnt = parse_arguments(buf, strlen(buf), params, + sizeof(params) / sizeof(params[0])); + + if (strcmp(params[0], "depends_on") == 0) { + for (i = 1; i < cnt; i++) { + int dep_id = strtol(params[i], NULL, 10); + if (dep_check(dep_id) != DEPENDENCY_SUPPORTED) { + if (unmet_dep_count < + ARRAY_LENGTH(unmet_dependencies)) { unmet_dependencies[unmet_dep_count] = dep_id; unmet_dep_count++; - } - else - { + } else { missing_unmet_dependencies = 1; } } } - if( ( ret = get_line( file, buf, sizeof( buf ) ) ) != 0 ) + if ((ret = get_line(file, buf, sizeof(buf))) != 0) { break; - cnt = parse_arguments( buf, strlen( buf ), params, - sizeof( params ) / sizeof( params[0] ) ); + } + cnt = parse_arguments(buf, strlen(buf), params, + sizeof(params) / sizeof(params[0])); } // If there are no unmet dependencies execute the test - if( unmet_dep_count == 0 ) - { - mbedtls_test_info_reset( ); + if (unmet_dep_count == 0) { + mbedtls_test_info_reset(); #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) /* Suppress all output from the library unless we're verbose * mode */ - if( !option_verbose ) - { - stdout_fd = redirect_output( stdout, "/dev/null" ); - if( stdout_fd == -1 ) - { + if (!option_verbose) { + stdout_fd = redirect_output(stdout, "/dev/null"); + if (stdout_fd == -1) { /* Redirection has failed with no stdout so exit */ - exit( 1 ); + exit(1); } } #endif /* __unix__ || __APPLE__ __MACH__ */ - function_id = strtoul( params[0], NULL, 10 ); - if ( (ret = check_test( function_id )) == DISPATCH_TEST_SUCCESS ) - { - ret = convert_params( cnt - 1, params + 1, int_params ); - if ( DISPATCH_TEST_SUCCESS == ret ) - { - ret = dispatch_test( function_id, (void **)( params + 1 ) ); + function_id = strtoul(params[0], NULL, 10); + if ((ret = check_test(function_id)) == DISPATCH_TEST_SUCCESS) { + ret = convert_params(cnt - 1, params + 1, int_params); + if (DISPATCH_TEST_SUCCESS == ret) { + ret = dispatch_test(function_id, (void **) (params + 1)); } } #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) - if( !option_verbose && restore_output( stdout, stdout_fd ) ) - { - /* Redirection has failed with no stdout so exit */ - exit( 1 ); + if (!option_verbose && restore_output(stdout, stdout_fd)) { + /* Redirection has failed with no stdout so exit */ + exit(1); } #endif /* __unix__ || __APPLE__ __MACH__ */ } - write_outcome_result( outcome_file, - unmet_dep_count, unmet_dependencies, - missing_unmet_dependencies, - ret, &mbedtls_test_info ); - if( unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE ) - { + write_outcome_result(outcome_file, + unmet_dep_count, unmet_dependencies, + missing_unmet_dependencies, + ret, &mbedtls_test_info); + if (unmet_dep_count > 0 || ret == DISPATCH_UNSUPPORTED_SUITE) { total_skipped++; - mbedtls_fprintf( stdout, "----" ); + mbedtls_fprintf(stdout, "----"); - if( 1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE ) - { - mbedtls_fprintf( stdout, "\n Test Suite not enabled" ); + if (1 == option_verbose && ret == DISPATCH_UNSUPPORTED_SUITE) { + mbedtls_fprintf(stdout, "\n Test Suite not enabled"); } - if( 1 == option_verbose && unmet_dep_count > 0 ) - { - mbedtls_fprintf( stdout, "\n Unmet dependencies: " ); - for( i = 0; i < unmet_dep_count; i++ ) - { - mbedtls_fprintf( stdout, "%d ", - unmet_dependencies[i] ); + if (1 == option_verbose && unmet_dep_count > 0) { + mbedtls_fprintf(stdout, "\n Unmet dependencies: "); + for (i = 0; i < unmet_dep_count; i++) { + mbedtls_fprintf(stdout, "%d ", + unmet_dependencies[i]); + } + if (missing_unmet_dependencies) { + mbedtls_fprintf(stdout, "..."); } - if( missing_unmet_dependencies ) - mbedtls_fprintf( stdout, "..." ); } - mbedtls_fprintf( stdout, "\n" ); - fflush( stdout ); + mbedtls_fprintf(stdout, "\n"); + fflush(stdout); unmet_dep_count = 0; missing_unmet_dependencies = 0; - } - else if( ret == DISPATCH_TEST_SUCCESS ) - { - if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS ) - { - mbedtls_fprintf( stdout, "PASS\n" ); - } - else if( mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED ) - { - mbedtls_fprintf( stdout, "----\n" ); + } else if (ret == DISPATCH_TEST_SUCCESS) { + if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS) { + mbedtls_fprintf(stdout, "PASS\n"); + } else if (mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SKIPPED) { + mbedtls_fprintf(stdout, "----\n"); total_skipped++; - } - else - { + } else { total_errors++; - mbedtls_fprintf( stdout, "FAILED\n" ); - mbedtls_fprintf( stdout, " %s\n at ", - mbedtls_test_info.test ); - if( mbedtls_test_info.step != (unsigned long)( -1 ) ) - { - mbedtls_fprintf( stdout, "step %lu, ", - mbedtls_test_info.step ); + mbedtls_fprintf(stdout, "FAILED\n"); + mbedtls_fprintf(stdout, " %s\n at ", + mbedtls_test_info.test); + if (mbedtls_test_info.step != (unsigned long) (-1)) { + mbedtls_fprintf(stdout, "step %lu, ", + mbedtls_test_info.step); + } + mbedtls_fprintf(stdout, "line %d, %s", + mbedtls_test_info.line_no, + mbedtls_test_info.filename); + if (mbedtls_test_info.line1[0] != 0) { + mbedtls_fprintf(stdout, "\n %s", + mbedtls_test_info.line1); + } + if (mbedtls_test_info.line2[0] != 0) { + mbedtls_fprintf(stdout, "\n %s", + mbedtls_test_info.line2); } - mbedtls_fprintf( stdout, "line %d, %s", - mbedtls_test_info.line_no, - mbedtls_test_info.filename ); - if( mbedtls_test_info.line1[0] != 0 ) - mbedtls_fprintf( stdout, "\n %s", - mbedtls_test_info.line1 ); - if( mbedtls_test_info.line2[0] != 0 ) - mbedtls_fprintf( stdout, "\n %s", - mbedtls_test_info.line2 ); } - fflush( stdout ); - } - else if( ret == DISPATCH_INVALID_TEST_DATA ) - { - mbedtls_fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" ); - fclose( file ); - mbedtls_exit( 2 ); - } - else if( ret == DISPATCH_TEST_FN_NOT_FOUND ) - { - mbedtls_fprintf( stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n" ); - fclose( file ); - mbedtls_exit( 2 ); - } - else + fflush(stdout); + } else if (ret == DISPATCH_INVALID_TEST_DATA) { + mbedtls_fprintf(stderr, "FAILED: FATAL PARSE ERROR\n"); + fclose(file); + mbedtls_exit(2); + } else if (ret == DISPATCH_TEST_FN_NOT_FOUND) { + mbedtls_fprintf(stderr, "FAILED: FATAL TEST FUNCTION NOT FOUND\n"); + fclose(file); + mbedtls_exit(2); + } else { total_errors++; + } } - fclose( file ); + fclose(file); } - if( outcome_file != NULL ) - fclose( outcome_file ); + if (outcome_file != NULL) { + fclose(outcome_file); + } - mbedtls_fprintf( stdout, "\n----------------------------------------------------------------------------\n\n"); - if( total_errors == 0 ) - mbedtls_fprintf( stdout, "PASSED" ); - else - mbedtls_fprintf( stdout, "FAILED" ); + mbedtls_fprintf(stdout, + "\n----------------------------------------------------------------------------\n\n"); + if (total_errors == 0) { + mbedtls_fprintf(stdout, "PASSED"); + } else { + mbedtls_fprintf(stdout, "FAILED"); + } - mbedtls_fprintf( stdout, " (%u / %u tests (%u skipped))\n", - total_tests - total_errors, total_tests, total_skipped ); + mbedtls_fprintf(stdout, " (%u / %u tests (%u skipped))\n", + total_tests - total_errors, total_tests, total_skipped); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) @@ -825,5 +736,5 @@ int execute_tests( int argc , const char ** argv ) mbedtls_memory_buffer_alloc_free(); #endif - return( total_errors != 0 ); + return total_errors != 0; } diff --git a/third_party/mbedtls/repo/tests/suites/main_test.function b/third_party/mbedtls/repo/tests/suites/main_test.function index ac00f45e570..335ce84f918 100644 --- a/third_party/mbedtls/repo/tests/suites/main_test.function +++ b/third_party/mbedtls/repo/tests/suites/main_test.function @@ -3,17 +3,17 @@ * *** THIS FILE HAS BEEN MACHINE GENERATED *** * * This file has been machine generated using the script: - * $generator_script + * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT * - * Test file : $test_file + * Test file : __MBEDTLS_TEST_TEMPLATE__TEST_FILE * * The following files were used to create this file. * - * Main code file : $test_main_file - * Platform code file : $test_platform_file - * Helper file : $test_common_helper_file - * Test suite file : $test_case_file - * Test suite data : $test_case_data_file + * Main code file : __MBEDTLS_TEST_TEMPLATE__TEST_MAIN_FILE + * Platform code file : __MBEDTLS_TEST_TEMPLATE__TEST_PLATFORM_FILE + * Helper file : __MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPER_FILE + * Test suite file : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_FILE + * Test suite data : __MBEDTLS_TEST_TEMPLATE__TEST_CASE_DATA_FILE * */ @@ -49,9 +49,9 @@ /*----------------------------------------------------------------------------*/ /* Common helper code */ -$test_common_helpers +__MBEDTLS_TEST_TEMPLATE__TEST_COMMON_HELPERS -#line $line_no "suites/main_test.function" +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" /*----------------------------------------------------------------------------*/ @@ -60,9 +60,9 @@ $test_common_helpers #define TEST_SUITE_ACTIVE -$functions_code +__MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE -#line $line_no "suites/main_test.function" +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" /*----------------------------------------------------------------------------*/ @@ -74,31 +74,30 @@ $functions_code * For optimizing space for embedded targets each expression/macro * is identified by a unique identifier instead of string literals. * Identifiers and evaluation code is generated by script: - * $generator_script + * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT * * \param exp_id Expression identifier. * \param out_value Pointer to int to hold the integer. * * \return 0 if exp_id is found. 1 otherwise. */ -int get_expression( int32_t exp_id, int32_t * out_value ) +int get_expression(int32_t exp_id, intmax_t *out_value) { int ret = KEY_VALUE_MAPPING_FOUND; (void) exp_id; (void) out_value; - switch( exp_id ) - { -$expression_code -#line $line_no "suites/main_test.function" + switch (exp_id) { + __MBEDTLS_TEST_TEMPLATE__EXPRESSION_CODE +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" default: - { - ret = KEY_VALUE_MAPPING_NOT_FOUND; - } - break; + { + ret = KEY_VALUE_MAPPING_NOT_FOUND; + } + break; } - return( ret ); + return ret; } @@ -107,26 +106,25 @@ $expression_code * For optimizing space for embedded targets each dependency * is identified by a unique identifier instead of string literals. * Identifiers and check code is generated by script: - * $generator_script + * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT * * \param dep_id Dependency identifier. * * \return DEPENDENCY_SUPPORTED if set else DEPENDENCY_NOT_SUPPORTED */ -int dep_check( int dep_id ) +int dep_check(int dep_id) { int ret = DEPENDENCY_NOT_SUPPORTED; (void) dep_id; - switch( dep_id ) - { -$dep_check_code -#line $line_no "suites/main_test.function" + switch (dep_id) { + __MBEDTLS_TEST_TEMPLATE__DEP_CHECK_CODE +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" default: break; } - return( ret ); + return ret; } @@ -143,19 +141,19 @@ $dep_check_code * dereferences. Each wrapper function hard-codes the * number and types of the parameters. */ -typedef void (*TestWrapper_t)( void **param_array ); +typedef void (*TestWrapper_t)(void **param_array); /** * \brief Table of test function wrappers. Used by dispatch_test(). * This table is populated by script: - * $generator_script + * __MBEDTLS_TEST_TEMPLATE__GENERATOR_SCRIPT * */ TestWrapper_t test_funcs[] = { -$dispatch_code -#line $line_no "suites/main_test.function" + __MBEDTLS_TEST_TEMPLATE__DISPATCH_CODE +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" }; /** @@ -173,32 +171,29 @@ $dispatch_code void execute_function_ptr(TestWrapper_t fp, void **params) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - mbedtls_test_enable_insecure_external_rng( ); + mbedtls_test_enable_insecure_external_rng(); #endif #if defined(MBEDTLS_CHECK_PARAMS) mbedtls_test_param_failed_location_record_t location_record; - if ( setjmp( mbedtls_test_param_failed_get_state_buf( ) ) == 0 ) - { - fp( params ); - } - else - { + if (setjmp(mbedtls_test_param_failed_get_state_buf()) == 0) { + fp(params); + } else { /* Unexpected parameter validation error */ - mbedtls_test_param_failed_get_location_record( &location_record ); - mbedtls_test_fail( location_record.failure_condition, - location_record.line, - location_record.file ); + mbedtls_test_param_failed_get_location_record(&location_record); + mbedtls_test_fail(location_record.failure_condition, + location_record.line, + location_record.file); } - mbedtls_test_param_failed_reset_state( ); + mbedtls_test_param_failed_reset_state(); #else - fp( params ); + fp(params); #endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) - mbedtls_test_mutex_usage_check( ); + mbedtls_test_mutex_usage_check(); #endif /* MBEDTLS_TEST_MUTEX_USAGE */ } @@ -213,25 +208,23 @@ void execute_function_ptr(TestWrapper_t fp, void **params) * DISPATCH_TEST_FN_NOT_FOUND if not found * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. */ -int dispatch_test( size_t func_idx, void ** params ) +int dispatch_test(size_t func_idx, void **params) { int ret = DISPATCH_TEST_SUCCESS; TestWrapper_t fp = NULL; - if ( func_idx < (int)( sizeof( test_funcs ) / sizeof( TestWrapper_t ) ) ) - { + if (func_idx < (int) (sizeof(test_funcs) / sizeof(TestWrapper_t))) { fp = test_funcs[func_idx]; - if ( fp ) + if (fp) { execute_function_ptr(fp, params); - else + } else { ret = DISPATCH_UNSUPPORTED_SUITE; - } - else - { + } + } else { ret = DISPATCH_TEST_FN_NOT_FOUND; } - return( ret ); + return ret; } @@ -245,29 +238,27 @@ int dispatch_test( size_t func_idx, void ** params ) * DISPATCH_TEST_FN_NOT_FOUND if not found * DISPATCH_UNSUPPORTED_SUITE if not compile time enabled. */ -int check_test( size_t func_idx ) +int check_test(size_t func_idx) { int ret = DISPATCH_TEST_SUCCESS; TestWrapper_t fp = NULL; - if ( func_idx < (int)( sizeof(test_funcs)/sizeof( TestWrapper_t ) ) ) - { + if (func_idx < (int) (sizeof(test_funcs)/sizeof(TestWrapper_t))) { fp = test_funcs[func_idx]; - if ( fp == NULL ) + if (fp == NULL) { ret = DISPATCH_UNSUPPORTED_SUITE; - } - else - { + } + } else { ret = DISPATCH_TEST_FN_NOT_FOUND; } - return( ret ); + return ret; } -$platform_code +__MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE -#line $line_no "suites/main_test.function" +#line __MBEDTLS_TEST_TEMPLATE__LINE_NO "suites/main_test.function" /*----------------------------------------------------------------------------*/ /* Main Test code */ @@ -281,22 +272,21 @@ $platform_code * * \return Exit code. */ -int main( int argc, const char *argv[] ) +int main(int argc, const char *argv[]) { -#if defined(MBEDTLS_TEST_HOOKS) && defined (MBEDTLS_ERROR_C) +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ERROR_C) mbedtls_test_hook_error_add = &mbedtls_test_err_add_check; #endif int ret = mbedtls_test_platform_setup(); - if( ret != 0 ) - { - mbedtls_fprintf( stderr, - "FATAL: Failed to initialize platform - error %d\n", - ret ); - return( -1 ); + if (ret != 0) { + mbedtls_fprintf(stderr, + "FATAL: Failed to initialize platform - error %d\n", + ret); + return -1; } - ret = execute_tests( argc, argv ); + ret = execute_tests(argc, argv); mbedtls_test_platform_teardown(); - return( ret ); + return ret; } diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_aes.ecb.data b/third_party/mbedtls/repo/tests/suites/test_suite_aes.ecb.data index 6349034a693..faf69c04dc5 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_aes.ecb.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_aes.ecb.data @@ -228,3 +228,12 @@ aes_decrypt_ecb:"000000000000000000000000000000000000000000000000000000000000000 AES-256-ECB Decrypt NIST KAT #12 aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0 + +AES-128-ECB context alignment +aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f" + +AES-192-ECB context alignment +aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f1011121314151617" + +AES-256-ECB context alignment +aes_ecb_context_alignment:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_aes.function b/third_party/mbedtls/repo/tests/suites/test_suite_aes.function index 5a64099fb4d..b159e1a15c1 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_aes.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_aes.function @@ -1,5 +1,52 @@ /* BEGIN_HEADER */ #include "mbedtls/aes.h" + +/* Test AES with a copied context. + * + * enc and dec must be AES context objects. They don't need to + * be initialized, and are left freed. + */ +static int test_ctx_alignment(const data_t *key, + mbedtls_aes_context *enc, + mbedtls_aes_context *dec) +{ + unsigned char plaintext[16] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + }; + unsigned char ciphertext[16]; + unsigned char output[16]; + + // Set key and encrypt with original context + mbedtls_aes_init(enc); + TEST_ASSERT(mbedtls_aes_setkey_enc(enc, key->x, key->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_ecb(enc, MBEDTLS_AES_ENCRYPT, + plaintext, ciphertext) == 0); + + // Set key for decryption with original context + mbedtls_aes_init(dec); + TEST_ASSERT(mbedtls_aes_setkey_dec(dec, key->x, key->len * 8) == 0); + + // Wipe the original context to make sure nothing from it is used + memset(enc, 0, sizeof(*enc)); + mbedtls_aes_free(enc); + + // Decrypt + TEST_ASSERT(mbedtls_aes_crypt_ecb(dec, MBEDTLS_AES_DECRYPT, + ciphertext, output) == 0); + TEST_MEMORY_COMPARE(plaintext, 16, output, 16); + + mbedtls_aes_free(dec); + + return 1; + +exit: + /* Bug: we may be leaving something unfreed. This is harmless + * in our built-in implementations, but might cause a memory leak + * with alternative implementations. */ + return 0; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -8,107 +55,105 @@ */ /* BEGIN_CASE */ -void aes_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void aes_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void aes_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void aes_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ecb( &ctx, MBEDTLS_AES_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aes_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void aes_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aes_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void aes_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0) - { + TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string, - char *hex_src_string, char *hex_dst_string ) +void aes_encrypt_xts(char *hex_key_string, char *hex_data_unit_string, + char *hex_src_string, char *hex_dst_string) { enum { AES_BLOCK_SIZE = 16 }; unsigned char *data_unit = NULL; @@ -119,40 +164,40 @@ void aes_encrypt_xts( char *hex_key_string, char *hex_data_unit_string, mbedtls_aes_xts_context ctx; size_t key_len, src_len, dst_len, data_unit_len; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string, - &data_unit_len ); - TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE ); + data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string, + &data_unit_len); + TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE); - key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len ); - TEST_ASSERT( key_len % 2 == 0 ); + key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len); + TEST_ASSERT(key_len % 2 == 0); - src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len ); - dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len ); - TEST_ASSERT( src_len == dst_len ); + src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len); + dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len); + TEST_ASSERT(src_len == dst_len); - output = mbedtls_test_zero_alloc( dst_len ); + output = mbedtls_test_zero_alloc(dst_len); - TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, src_len, - data_unit, src, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, src_len, + data_unit, src, output) == 0); - TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 ); + TEST_ASSERT(memcmp(output, dst, dst_len) == 0); exit: - mbedtls_aes_xts_free( &ctx ); - mbedtls_free( data_unit ); - mbedtls_free( key ); - mbedtls_free( src ); - mbedtls_free( dst ); - mbedtls_free( output ); + mbedtls_aes_xts_free(&ctx); + mbedtls_free(data_unit); + mbedtls_free(key); + mbedtls_free(src); + mbedtls_free(dst); + mbedtls_free(output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string, - char *hex_dst_string, char *hex_src_string ) +void aes_decrypt_xts(char *hex_key_string, char *hex_data_unit_string, + char *hex_dst_string, char *hex_src_string) { enum { AES_BLOCK_SIZE = 16 }; unsigned char *data_unit = NULL; @@ -163,39 +208,39 @@ void aes_decrypt_xts( char *hex_key_string, char *hex_data_unit_string, mbedtls_aes_xts_context ctx; size_t key_len, src_len, dst_len, data_unit_len; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - data_unit = mbedtls_test_unhexify_alloc( hex_data_unit_string, - &data_unit_len ); - TEST_ASSERT( data_unit_len == AES_BLOCK_SIZE ); + data_unit = mbedtls_test_unhexify_alloc(hex_data_unit_string, + &data_unit_len); + TEST_ASSERT(data_unit_len == AES_BLOCK_SIZE); - key = mbedtls_test_unhexify_alloc( hex_key_string, &key_len ); - TEST_ASSERT( key_len % 2 == 0 ); + key = mbedtls_test_unhexify_alloc(hex_key_string, &key_len); + TEST_ASSERT(key_len % 2 == 0); - src = mbedtls_test_unhexify_alloc( hex_src_string, &src_len ); - dst = mbedtls_test_unhexify_alloc( hex_dst_string, &dst_len ); - TEST_ASSERT( src_len == dst_len ); + src = mbedtls_test_unhexify_alloc(hex_src_string, &src_len); + dst = mbedtls_test_unhexify_alloc(hex_dst_string, &dst_len); + TEST_ASSERT(src_len == dst_len); - output = mbedtls_test_zero_alloc( dst_len ); + output = mbedtls_test_zero_alloc(dst_len); - TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_DECRYPT, src_len, - data_unit, src, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_DECRYPT, src_len, + data_unit, src, output) == 0); - TEST_ASSERT( memcmp( output, dst, dst_len ) == 0 ); + TEST_ASSERT(memcmp(output, dst, dst_len) == 0); exit: - mbedtls_aes_xts_free( &ctx ); - mbedtls_free( data_unit ); - mbedtls_free( key ); - mbedtls_free( src ); - mbedtls_free( dst ); - mbedtls_free( output ); + mbedtls_aes_xts_free(&ctx); + mbedtls_free(data_unit); + mbedtls_free(key); + mbedtls_free(src); + mbedtls_free(dst); + mbedtls_free(output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_crypt_xts_size( int size, int retval ) +void aes_crypt_xts_size(int size, int retval) { mbedtls_aes_xts_context ctx; const unsigned char src[16] = { 0 }; @@ -203,166 +248,171 @@ void aes_crypt_xts_size( int size, int retval ) unsigned char data_unit[16]; size_t length = size; - mbedtls_aes_xts_init( &ctx ); - memset( data_unit, 0x00, sizeof( data_unit ) ); + mbedtls_aes_xts_init(&ctx); + memset(data_unit, 0x00, sizeof(data_unit)); /* Valid pointers are passed for builds with MBEDTLS_CHECK_PARAMS, as * otherwise we wouldn't get to the size check we're interested in. */ - TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval ); + TEST_ASSERT(mbedtls_aes_crypt_xts(&ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, + output) == retval); exit: - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_XTS */ -void aes_crypt_xts_keysize( int size, int retval ) +void aes_crypt_xts_keysize(int size, int retval) { mbedtls_aes_xts_context ctx; const unsigned char key[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; size_t key_len = size; - mbedtls_aes_xts_init( &ctx ); + mbedtls_aes_xts_init(&ctx); - TEST_ASSERT( mbedtls_aes_xts_setkey_enc( &ctx, key, key_len * 8 ) == retval ); - TEST_ASSERT( mbedtls_aes_xts_setkey_dec( &ctx, key, key_len * 8 ) == retval ); + TEST_ASSERT(mbedtls_aes_xts_setkey_enc(&ctx, key, key_len * 8) == retval); + TEST_ASSERT(mbedtls_aes_xts_setkey_dec(&ctx, key, key_len * 8) == retval); exit: - mbedtls_aes_xts_free( &ctx ); + mbedtls_aes_xts_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_encrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_ENCRYPT, 16, &iv_offset, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_decrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&ctx, MBEDTLS_AES_DECRYPT, 16, &iv_offset, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_encrypt_cfb8( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_encrypt_cfb8(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aes_decrypt_cfb8( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void aes_decrypt_cfb8(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_aes_context ctx; memset(output, 0x00, 100); - mbedtls_aes_init( &ctx ); + mbedtls_aes_init(&ctx); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_aes_crypt_cfb8( &ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_cfb8(&ctx, MBEDTLS_AES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */ -void aes_encrypt_ofb( int fragment_size, data_t *key_str, - data_t *iv_str, data_t *src_str, - data_t *expected_output ) +void aes_encrypt_ofb(int fragment_size, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *expected_output) { unsigned char output[32]; mbedtls_aes_context ctx; size_t iv_offset = 0; int in_buffer_len; - unsigned char* src_str_next; + unsigned char *src_str_next; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aes_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aes_init(&ctx); - TEST_ASSERT( (size_t)fragment_size < sizeof( output ) ); + TEST_ASSERT((size_t) fragment_size < sizeof(output)); - TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x, - key_str->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key_str->x, + key_str->len * 8) == 0); in_buffer_len = src_str->len; src_str_next = src_str->x; - while( in_buffer_len > 0 ) - { - TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset, - iv_str->x, src_str_next, output ) == 0 ); + while (in_buffer_len > 0) { + TEST_ASSERT(mbedtls_aes_crypt_ofb(&ctx, fragment_size, &iv_offset, + iv_str->x, src_str_next, output) == 0); - TEST_ASSERT( memcmp( output, expected_output->x, fragment_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_output->x, fragment_size) == 0); in_buffer_len -= fragment_size; expected_output->x += fragment_size; src_str_next += fragment_size; - if( in_buffer_len < fragment_size ) + if (in_buffer_len < fragment_size) { fragment_size = in_buffer_len; + } } exit: - mbedtls_aes_free( &ctx ); + mbedtls_aes_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void aes_check_params( ) +void aes_check_params() { mbedtls_aes_context aes_ctx; #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -375,194 +425,198 @@ void aes_check_params( ) const int valid_mode = MBEDTLS_AES_ENCRYPT; const int invalid_mode = 42; - TEST_INVALID_PARAM( mbedtls_aes_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_aes_init(NULL)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM( mbedtls_aes_xts_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_aes_xts_init(NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_enc( &aes_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_enc(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_enc(&aes_ctx, NULL, 128)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_setkey_dec( &aes_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_dec(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_setkey_dec(&aes_ctx, NULL, 128)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_enc( &xts_ctx, NULL, 128 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( NULL, key, 128 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_xts_setkey_dec( &xts_ctx, NULL, 128 ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_enc(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_enc(&xts_ctx, NULL, 128)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_dec(NULL, key, 128)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_xts_setkey_dec(&xts_ctx, NULL, 128)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( NULL, - valid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - invalid_mode, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ecb( &aes_ctx, - valid_mode, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(NULL, + valid_mode, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + invalid_mode, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + valid_mode, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ecb(&aes_ctx, + valid_mode, in, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( NULL, - valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cbc( &aes_ctx, - valid_mode, 16, - out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(NULL, + valid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + invalid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cbc(&aes_ctx, + valid_mode, 16, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( NULL, - valid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - invalid_mode, 16, - in, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_xts( &xts_ctx, - valid_mode, 16, - in, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(NULL, + valid_mode, 16, + in, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + invalid_mode, 16, + in, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + in, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_xts(&xts_ctx, + valid_mode, 16, + in, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( NULL, - valid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - invalid_mode, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb128( &aes_ctx, - valid_mode, 16, - &size, out, in, NULL ) ); - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(NULL, valid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, invalid_mode, 16, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + NULL, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_cfb8( &aes_ctx, + &size, NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, valid_mode, 16, - out, in, NULL ) ); + &size, out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb128(&aes_ctx, + valid_mode, 16, + &size, out, in, NULL)); + + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(NULL, + valid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + invalid_mode, 16, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_cfb8(&aes_ctx, + valid_mode, 16, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( NULL, 16, - &size, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - NULL, out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ofb( &aes_ctx, 16, - &size, out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(NULL, 16, + &size, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + NULL, out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ofb(&aes_ctx, 16, + &size, out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( NULL, 16, &size, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, NULL, out, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, NULL, - out, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - NULL, in, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, NULL, out ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_AES_BAD_INPUT_DATA, - mbedtls_aes_crypt_ctr( &aes_ctx, 16, &size, out, - out, in, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(NULL, 16, &size, out, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, NULL, out, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, NULL, + out, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + NULL, in, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + out, NULL, out)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_AES_BAD_INPUT_DATA, + mbedtls_aes_crypt_ctr(&aes_ctx, 16, &size, out, + out, in, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ } /* END_CASE */ /* BEGIN_CASE */ -void aes_misc_params( ) +void aes_misc_params() { #if defined(MBEDTLS_CIPHER_MODE_CBC) || \ defined(MBEDTLS_CIPHER_MODE_XTS) || \ defined(MBEDTLS_CIPHER_MODE_CFB) || \ defined(MBEDTLS_CIPHER_MODE_OFB) - mbedtls_aes_context aes_ctx; const unsigned char in[16] = { 0 }; unsigned char out[16]; #endif +#if defined(MBEDTLS_CIPHER_MODE_CBC) || \ + defined(MBEDTLS_CIPHER_MODE_CFB) || \ + defined(MBEDTLS_CIPHER_MODE_OFB) + mbedtls_aes_context aes_ctx; +#endif #if defined(MBEDTLS_CIPHER_MODE_XTS) mbedtls_aes_xts_context xts_ctx; #endif @@ -572,51 +626,122 @@ void aes_misc_params( ) #endif /* These calls accept NULL */ - TEST_VALID_PARAM( mbedtls_aes_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aes_free(NULL)); #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_VALID_PARAM( mbedtls_aes_xts_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aes_xts_free(NULL)); #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, - 15, - out, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - TEST_ASSERT( mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_ENCRYPT, - 17, - out, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, + 15, + out, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); + TEST_ASSERT(mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, + 17, + out, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); #endif #if defined(MBEDTLS_CIPHER_MODE_XTS) - TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT, - 15, - in, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); - TEST_ASSERT( mbedtls_aes_crypt_xts( &xts_ctx, MBEDTLS_AES_ENCRYPT, - (1 << 24) + 1, - in, in, out ) - == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); + TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT, + 15, + in, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); + TEST_ASSERT(mbedtls_aes_crypt_xts(&xts_ctx, MBEDTLS_AES_ENCRYPT, + (1 << 24) + 1, + in, in, out) + == MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH); #endif #if defined(MBEDTLS_CIPHER_MODE_CFB) size = 16; - TEST_ASSERT( mbedtls_aes_crypt_cfb128( &aes_ctx, MBEDTLS_AES_ENCRYPT, 16, - &size, out, in, out ) - == MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_aes_crypt_cfb128(&aes_ctx, MBEDTLS_AES_ENCRYPT, 16, + &size, out, in, out) + == MBEDTLS_ERR_AES_BAD_INPUT_DATA); #endif #if defined(MBEDTLS_CIPHER_MODE_OFB) size = 16; - TEST_ASSERT( mbedtls_aes_crypt_ofb( &aes_ctx, 16, &size, out, in, out ) - == MBEDTLS_ERR_AES_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_aes_crypt_ofb(&aes_ctx, 16, &size, out, in, out) + == MBEDTLS_ERR_AES_BAD_INPUT_DATA); #endif } /* END_CASE */ +/* BEGIN_CASE */ +void aes_ecb_context_alignment(data_t *key) +{ + /* We test alignment multiple times, with different alignments + * of the context and of the plaintext/ciphertext. */ + + struct align0 { + mbedtls_aes_context ctx; + }; + struct align0 *enc0 = NULL; + struct align0 *dec0 = NULL; + + struct align1 { + char bump; + mbedtls_aes_context ctx; + }; + struct align1 *enc1 = NULL; + struct align1 *dec1 = NULL; + + /* All peak alignment */ + TEST_CALLOC(enc0, 1); + TEST_CALLOC(dec0, 1); + if (!test_ctx_alignment(key, &enc0->ctx, &dec0->ctx)) { + goto exit; + } + mbedtls_free(enc0); + enc0 = NULL; + mbedtls_free(dec0); + dec0 = NULL; + + /* Enc aligned, dec not */ + TEST_CALLOC(enc0, 1); + TEST_CALLOC(dec1, 1); + if (!test_ctx_alignment(key, &enc0->ctx, &dec1->ctx)) { + goto exit; + } + mbedtls_free(enc0); + enc0 = NULL; + mbedtls_free(dec1); + dec1 = NULL; + + /* Dec aligned, enc not */ + TEST_CALLOC(enc1, 1); + TEST_CALLOC(dec0, 1); + if (!test_ctx_alignment(key, &enc1->ctx, &dec0->ctx)) { + goto exit; + } + mbedtls_free(enc1); + enc1 = NULL; + mbedtls_free(dec0); + dec0 = NULL; + + /* Both shifted */ + TEST_CALLOC(enc1, 1); + TEST_CALLOC(dec1, 1); + if (!test_ctx_alignment(key, &enc1->ctx, &dec1->ctx)) { + goto exit; + } + mbedtls_free(enc1); + enc1 = NULL; + mbedtls_free(dec1); + dec1 = NULL; + +exit: + mbedtls_free(enc0); + mbedtls_free(dec0); + mbedtls_free(enc1); + mbedtls_free(dec1); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void aes_selftest( ) +void aes_selftest() { - TEST_ASSERT( mbedtls_aes_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_aes_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_arc4.function b/third_party/mbedtls/repo/tests/suites/test_suite_arc4.function index c1e2386656a..c1b19d57980 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_arc4.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_arc4.function @@ -8,30 +8,30 @@ */ /* BEGIN_CASE */ -void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst ) +void mbedtls_arc4_crypt(data_t *src_str, data_t *key_str, data_t *dst) { unsigned char dst_str[1000]; mbedtls_arc4_context ctx; memset(dst_str, 0x00, 1000); - mbedtls_arc4_init( &ctx ); + mbedtls_arc4_init(&ctx); mbedtls_arc4_setup(&ctx, key_str->x, key_str->len); - TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len, - src_str->x, dst_str ) == 0 ); + TEST_ASSERT(mbedtls_arc4_crypt(&ctx, src_str->len, + src_str->x, dst_str) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(dst_str, dst->x, + src_str->len, dst->len) == 0); exit: - mbedtls_arc4_free( &ctx ); + mbedtls_arc4_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void arc4_selftest( ) +void arc4_selftest() { - TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_arc4_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_aria.function b/third_party/mbedtls/repo/tests/suites/test_suite_aria.function index 6d6a203356e..10c51a34626 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_aria.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_aria.function @@ -1,14 +1,14 @@ /* BEGIN_HEADER */ #include "mbedtls/aria.h" -/* Maxium size of data used by test vectors +/* Maximum size of data used by test vectors * WARNING: to be adapted if and when adding larger test cases */ #define ARIA_MAX_DATASIZE 160 /* Maximum sizes of hexified things */ -#define ARIA_MAX_KEY_STR ( 2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1 ) -#define ARIA_BLOCK_STR ( 2 * MBEDTLS_ARIA_BLOCKSIZE + 1 ) -#define ARIA_MAX_DATA_STR ( 2 * ARIA_MAX_DATASIZE + 1 ) +#define ARIA_MAX_KEY_STR (2 * MBEDTLS_ARIA_MAX_KEYSIZE + 1) +#define ARIA_BLOCK_STR (2 * MBEDTLS_ARIA_BLOCKSIZE + 1) +#define ARIA_MAX_DATA_STR (2 * ARIA_MAX_DATASIZE + 1) /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -17,14 +17,14 @@ */ /* BEGIN_CASE */ -void aria_valid_param( ) +void aria_valid_param() { - TEST_VALID_PARAM( mbedtls_aria_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_aria_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void aria_invalid_param( ) +void aria_invalid_param() { mbedtls_aria_context ctx; unsigned char key[128 / 8] = { 0 }; @@ -36,167 +36,167 @@ void aria_invalid_param( ) ((void) iv_off); ((void) iv); - TEST_INVALID_PARAM( mbedtls_aria_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_enc( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( NULL, key, - sizeof( key ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_setkey_dec( &ctx, NULL, - sizeof( key ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ecb( &ctx, input, NULL ) ); + TEST_INVALID_PARAM(mbedtls_aria_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_enc(NULL, key, + sizeof(key))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_enc(&ctx, NULL, + sizeof(key))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_dec(NULL, key, + sizeof(key))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_setkey_dec(&ctx, NULL, + sizeof(key))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(NULL, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(&ctx, NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ecb(&ctx, input, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - 42 /* invalid mode */, - sizeof( input ), - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cbc( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(NULL, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + 42 /* invalid mode */, + sizeof(input), + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cbc(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( NULL, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - 42, /* invalid mode */ - sizeof( input ), - &iv_off, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_cfb128( &ctx, - MBEDTLS_ARIA_ENCRYPT, - sizeof( input ), - &iv_off, - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(NULL, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + 42, /* invalid mode */ + sizeof(input), + &iv_off, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + NULL, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_cfb128(&ctx, + MBEDTLS_ARIA_ENCRYPT, + sizeof(input), + &iv_off, + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( NULL, - sizeof( input ), - &iv_off, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - NULL, - iv, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - NULL, - iv, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - NULL, - input, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - NULL, - output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, - mbedtls_aria_crypt_ctr( &ctx, - sizeof( input ), - &iv_off, - iv, - iv, - input, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(NULL, + sizeof(input), + &iv_off, + iv, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + NULL, + iv, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + NULL, + iv, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + NULL, + input, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + iv, + NULL, + output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + mbedtls_aria_crypt_ctr(&ctx, + sizeof(input), + &iv_off, + iv, + iv, + input, + NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -206,224 +206,218 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void aria_encrypt_ecb( data_t *key_str, data_t *src_str, - data_t *expected_output, int setkey_result ) +void aria_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *expected_output, int setkey_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t i; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) - == setkey_result ); - if( setkey_result == 0 ) - { - for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE ) - { - TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i, - output + i ) == 0 ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + TEST_ASSERT(mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8) + == setkey_result); + if (setkey_result == 0) { + for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) { + TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i, + output + i) == 0); } - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void aria_decrypt_ecb( data_t *key_str, data_t *src_str, - data_t *expected_output, int setkey_result ) +void aria_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *expected_output, int setkey_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t i; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) - == setkey_result ); - if( setkey_result == 0 ) - { - for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE ) - { - TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i, - output + i ) == 0 ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + TEST_ASSERT(mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8) + == setkey_result); + if (setkey_result == 0) { + for (i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE) { + TEST_ASSERT(mbedtls_aria_crypt_ecb(&ctx, src_str->x + i, + output + i) == 0); } - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aria_encrypt_cbc( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int cbc_result ) +void aria_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int cbc_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, - src_str->len, iv_str->x, src_str->x, - output ) == cbc_result ); - if( cbc_result == 0 ) - { - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, + src_str->len, iv_str->x, src_str->x, + output) == cbc_result); + if (cbc_result == 0) { + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void aria_decrypt_cbc( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int cbc_result ) +void aria_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int cbc_result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); - - mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, - src_str->len, iv_str->x, src_str->x, - output ) == cbc_result ); - if( cbc_result == 0 ) - { - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); + + mbedtls_aria_setkey_dec(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, + src_str->len, iv_str->x, src_str->x, + output) == cbc_result); + if (cbc_result == 0) { + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aria_encrypt_cfb128( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, - src_str->len, &iv_offset, - iv_str->x, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, + src_str->len, &iv_offset, + iv_str->x, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void aria_decrypt_cfb128( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, - src_str->len, &iv_offset, - iv_str->x, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, + src_str->len, &iv_offset, + iv_str->x, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void aria_encrypt_ctr( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_encrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset, - iv_str->x, blk, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset, + iv_str->x, blk, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void aria_decrypt_ctr( data_t *key_str, data_t *iv_str, - data_t *src_str, data_t *expected_output, - int result ) +void aria_decrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *expected_output, + int result) { unsigned char output[ARIA_MAX_DATASIZE]; unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE]; mbedtls_aria_context ctx; size_t iv_offset = 0; - memset( output, 0x00, sizeof( output ) ); - mbedtls_aria_init( &ctx ); + memset(output, 0x00, sizeof(output)); + mbedtls_aria_init(&ctx); - mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset, - iv_str->x, blk, src_str->x, output ) - == result ); + mbedtls_aria_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_aria_crypt_ctr(&ctx, src_str->len, &iv_offset, + iv_str->x, blk, src_str->x, output) + == result); - ASSERT_COMPARE( output, expected_output->len, - expected_output->x, expected_output->len ); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: - mbedtls_aria_free( &ctx ); + mbedtls_aria_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void aria_selftest() { - TEST_ASSERT( mbedtls_aria_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_aria_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_asn1parse.function b/third_party/mbedtls/repo/tests/suites/test_suite_asn1parse.function index 414278f29f2..77f268c53c8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_asn1parse.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_asn1parse.function @@ -16,8 +16,8 @@ * should not be checked. */ #define UNPREDICTABLE_RESULT 0x5552 -static int nested_parse( unsigned char **const p, - const unsigned char *const end ) +static int nested_parse(unsigned char **const p, + const unsigned char *const end) { int ret; size_t len = 0; @@ -28,31 +28,32 @@ static int nested_parse( unsigned char **const p, /* First get the length, skipping over the tag. */ content_start = start + 1; - ret = mbedtls_asn1_get_len( &content_start, end, &len ); - TEST_ASSERT( content_start <= end ); - if( ret != 0 ) - return( ret ); + ret = mbedtls_asn1_get_len(&content_start, end, &len); + TEST_ASSERT(content_start <= end); + if (ret != 0) { + return ret; + } /* Since we have a valid element start (tag and length), retrieve and * check the tag. */ tag = start[0]; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ^ 1 ), - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag ^ 1), + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); *p = start; - TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len2, tag ), 0 ); - TEST_EQUAL( len, len2 ); - TEST_ASSERT( *p == content_start ); + TEST_EQUAL(mbedtls_asn1_get_tag(p, end, &len2, tag), 0); + TEST_EQUAL(len, len2); + TEST_ASSERT(*p == content_start); *p = content_start; - switch( tag & 0x1f ) - { + switch (tag & 0x1f) { case MBEDTLS_ASN1_BOOLEAN: { int val = -257; *p = start; - ret = mbedtls_asn1_get_bool( p, end, &val ); - if( ret == 0 ) - TEST_ASSERT( val == 0 || val == 1 ); + ret = mbedtls_asn1_get_bool(p, end, &val); + if (ret == 0) { + TEST_ASSERT(val == 0 || val == 1); + } break; } @@ -60,23 +61,22 @@ static int nested_parse( unsigned char **const p, { #if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi mpi; - mbedtls_mpi_init( &mpi ); + mbedtls_mpi_init(&mpi); *p = start; - ret = mbedtls_asn1_get_mpi( p, end, &mpi ); - mbedtls_mpi_free( &mpi ); + ret = mbedtls_asn1_get_mpi(p, end, &mpi); + mbedtls_mpi_free(&mpi); #else *p = start + 1; - ret = mbedtls_asn1_get_len( p, end, &len ); + ret = mbedtls_asn1_get_len(p, end, &len); *p += len; #endif /* If we're sure that the number fits in an int, also * call mbedtls_asn1_get_int(). */ - if( ret == 0 && len < sizeof( int ) ) - { + if (ret == 0 && len < sizeof(int)) { int val = -257; unsigned char *q = start; - ret = mbedtls_asn1_get_int( &q, end, &val ); - TEST_ASSERT( *p == q ); + ret = mbedtls_asn1_get_int(&q, end, &val); + TEST_ASSERT(*p == q); } break; } @@ -85,14 +85,15 @@ static int nested_parse( unsigned char **const p, { mbedtls_asn1_bitstring bs; *p = start; - ret = mbedtls_asn1_get_bitstring( p, end, &bs ); + ret = mbedtls_asn1_get_bitstring(p, end, &bs); break; } case MBEDTLS_ASN1_SEQUENCE: { - while( *p <= end && *p < content_start + len && ret == 0 ) - ret = nested_parse( p, content_start + len ); + while (*p <= end && *p < content_start + len && ret == 0) { + ret = nested_parse(p, content_start + len); + } break; } @@ -111,18 +112,18 @@ static int nested_parse( unsigned char **const p, default: /* No further testing implemented for this tag. */ *p += len; - return( 0 ); + return 0; } - TEST_ASSERT( *p <= end ); - return( ret ); + TEST_ASSERT(*p <= end); + return ret; exit: - return( ERR_PARSE_INCONSISTENCY ); + return ERR_PARSE_INCONSISTENCY; } -int get_len_step( const data_t *input, size_t buffer_size, - size_t actual_length ) +int get_len_step(const data_t *input, size_t buffer_size, + size_t actual_length) { unsigned char *buf = NULL; unsigned char *p = NULL; @@ -130,53 +131,43 @@ int get_len_step( const data_t *input, size_t buffer_size, size_t parsed_length; int ret; - mbedtls_test_set_step( buffer_size ); + mbedtls_test_set_step(buffer_size); /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ - if( buffer_size == 0 ) - { - ASSERT_ALLOC( buf, 1 ); + if (buffer_size == 0) { + TEST_CALLOC(buf, 1); end = buf + 1; p = end; - } - else - { - ASSERT_ALLOC_WEAK( buf, buffer_size ); - if( buffer_size > input->len ) - { - memcpy( buf, input->x, input->len ); - memset( buf + input->len, 'A', buffer_size - input->len ); - } - else - { - memcpy( buf, input->x, buffer_size ); + } else { + TEST_CALLOC_OR_SKIP(buf, buffer_size); + if (buffer_size > input->len) { + memcpy(buf, input->x, input->len); + memset(buf + input->len, 'A', buffer_size - input->len); + } else { + memcpy(buf, input->x, buffer_size); } p = buf; end = buf + buffer_size; } - ret = mbedtls_asn1_get_len( &p, end, &parsed_length ); + ret = mbedtls_asn1_get_len(&p, end, &parsed_length); - if( buffer_size >= input->len + actual_length ) - { - TEST_EQUAL( ret, 0 ); - TEST_ASSERT( p == buf + input->len ); - TEST_EQUAL( parsed_length, actual_length ); + if (buffer_size >= input->len + actual_length) { + TEST_EQUAL(ret, 0); + TEST_ASSERT(p == buf + input->len); + TEST_EQUAL(parsed_length, actual_length); + } else { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - else - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - } - mbedtls_free( buf ); - return( 1 ); + mbedtls_free(buf); + return 1; exit: - mbedtls_free( buf ); - return( 0 ); + mbedtls_free(buf); + return 0; } -typedef struct -{ +typedef struct { const unsigned char *input_start; const char *description; } traverse_state_t; @@ -188,38 +179,40 @@ typedef struct #define RET_TRAVERSE_ERROR 2 -static int traverse_callback( void *ctx, int tag, - unsigned char *content, size_t len ) +static int traverse_callback(void *ctx, int tag, + unsigned char *content, size_t len) { traverse_state_t *state = ctx; size_t offset; const char *rest = state->description; unsigned long n; - TEST_ASSERT( content > state->input_start ); + TEST_ASSERT(content > state->input_start); offset = content - state->input_start; - mbedtls_test_set_step( offset ); + mbedtls_test_set_step(offset); - if( *rest == 0 ) - return( RET_TRAVERSE_STOP ); - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, offset ); - TEST_EQUAL( *rest, ',' ); + if (*rest == 0) { + return RET_TRAVERSE_STOP; + } + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, offset); + TEST_EQUAL(*rest, ','); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, (unsigned) tag ); - TEST_EQUAL( *rest, ',' ); + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, (unsigned) tag); + TEST_EQUAL(*rest, ','); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, len ); - if( *rest == ',' ) + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, len); + if (*rest == ',') { ++rest; + } state->description = rest; - return( 0 ); + return 0; exit: - return( RET_TRAVERSE_ERROR ); + return RET_TRAVERSE_ERROR; } /* END_HEADER */ @@ -230,9 +223,9 @@ exit: */ /* BEGIN_CASE */ -void parse_prefixes( const data_t *input, - int full_result, - int overfull_result ) +void parse_prefixes(const data_t *input, + int full_result, + int overfull_result) { /* full_result: expected result from parsing the given string. */ /* overfull_result: expected_result from parsing the given string plus @@ -250,45 +243,42 @@ void parse_prefixes( const data_t *input, * we wouldn't know what to parse the input as. * Also test the input followed by an extra byte. */ - for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) - { - mbedtls_test_set_step( buffer_size ); + for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) { + mbedtls_test_set_step(buffer_size); /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ - ASSERT_ALLOC( buf, buffer_size ); - memcpy( buf, input->x, buffer_size ); + TEST_CALLOC(buf, buffer_size); + memcpy(buf, input->x, buffer_size); p = buf; - ret = nested_parse( &p, buf + buffer_size ); + ret = nested_parse(&p, buf + buffer_size); - if( ret == ERR_PARSE_INCONSISTENCY ) + if (ret == ERR_PARSE_INCONSISTENCY) { goto exit; - if( buffer_size < input->len ) - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA ); } - else if( buffer_size == input->len ) - { - TEST_EQUAL( ret, full_result ); + if (buffer_size < input->len) { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_OUT_OF_DATA); + } else if (buffer_size == input->len) { + TEST_EQUAL(ret, full_result); + } else { /* ( buffer_size > input->len ) */ + if (overfull_result != UNPREDICTABLE_RESULT) { + TEST_EQUAL(ret, overfull_result); + } } - else /* ( buffer_size > input->len ) */ - { - if( overfull_result != UNPREDICTABLE_RESULT ) - TEST_EQUAL( ret, overfull_result ); + if (ret == 0) { + TEST_ASSERT(p == buf + input->len); } - if( ret == 0 ) - TEST_ASSERT( p == buf + input->len ); - mbedtls_free( buf ); + mbedtls_free(buf); buf = NULL; } exit: - mbedtls_free( buf ); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void get_len( const data_t *input, int actual_length_arg ) +void get_len(const data_t *input, int actual_length_arg) { size_t actual_length = actual_length_arg; size_t buffer_size; @@ -299,37 +289,38 @@ void get_len( const data_t *input, int actual_length_arg ) * the payload is truncated more than one byte away from either end, * and we only test the empty string on a 1-byte input. */ - for( buffer_size = 1; buffer_size <= input->len + 1; buffer_size++ ) - { - if( ! get_len_step( input, buffer_size, actual_length ) ) + for (buffer_size = 1; buffer_size <= input->len + 1; buffer_size++) { + if (!get_len_step(input, buffer_size, actual_length)) { goto exit; + } } - if( ! get_len_step( input, input->len + actual_length - 1, actual_length ) ) + if (!get_len_step(input, input->len + actual_length - 1, actual_length)) { goto exit; - if( ! get_len_step( input, input->len + actual_length, actual_length ) ) + } + if (!get_len_step(input, input->len + actual_length, actual_length)) { goto exit; + } } /* END_CASE */ /* BEGIN_CASE */ -void get_boolean( const data_t *input, - int expected_value, int expected_result ) +void get_boolean(const data_t *input, + int expected_value, int expected_result) { unsigned char *p = input->x; int val; int ret; - ret = mbedtls_asn1_get_bool( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_bool(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result); + if (expected_result == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } } /* END_CASE */ /* BEGIN_CASE */ -void empty_integer( const data_t *input ) +void empty_integer(const data_t *input) { unsigned char *p; #if defined(MBEDTLS_BIGNUM_C) @@ -338,34 +329,34 @@ void empty_integer( const data_t *input ) int val; #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_init( & actual_mpi ); + mbedtls_mpi_init(&actual_mpi); #endif /* An INTEGER with no content is not valid. */ p = input->x; - TEST_EQUAL( mbedtls_asn1_get_int( &p, input->x + input->len, &val ), - MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + TEST_EQUAL(mbedtls_asn1_get_int(&p, input->x + input->len, &val), + MBEDTLS_ERR_ASN1_INVALID_LENGTH); #if defined(MBEDTLS_BIGNUM_C) /* INTEGERs are sometimes abused as bitstrings, so the library accepts * an INTEGER with empty content and gives it the value 0. */ p = input->x; - TEST_EQUAL( mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ), - 0 ); - TEST_EQUAL( mbedtls_mpi_cmp_int( &actual_mpi, 0 ), 0 ); + TEST_EQUAL(mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi), + 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&actual_mpi, 0), 0); #endif exit: #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_free( &actual_mpi ); + mbedtls_mpi_free(&actual_mpi); #endif - /*empty cleanup in some configurations*/ ; + /*empty cleanup in some configurations*/; } /* END_CASE */ /* BEGIN_CASE */ -void get_integer( const data_t *input, - const char *expected_hex, int expected_result ) +void get_integer(const data_t *input, + const char *expected_hex, int expected_result) { unsigned char *p; #if defined(MBEDTLS_BIGNUM_C) @@ -380,26 +371,24 @@ void get_integer( const data_t *input, int ret; #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_init( &expected_mpi ); - mbedtls_mpi_init( &actual_mpi ); - mbedtls_mpi_init( &complement ); + mbedtls_mpi_init(&expected_mpi); + mbedtls_mpi_init(&actual_mpi); + mbedtls_mpi_init(&complement); #endif errno = 0; - expected_value = strtol( expected_hex, NULL, 16 ); - if( expected_result == 0 && - ( errno == ERANGE + expected_value = strtol(expected_hex, NULL, 16); + if (expected_result == 0 && + (errno == ERANGE #if LONG_MAX > INT_MAX - || expected_value > INT_MAX || expected_value < INT_MIN + || expected_value > INT_MAX || expected_value < INT_MIN #endif - ) ) - { + )) { /* The library returns the dubious error code INVALID_LENGTH * for integers that are out of range. */ expected_result_for_int = MBEDTLS_ERR_ASN1_INVALID_LENGTH; } - if( expected_result == 0 && expected_value < 0 ) - { + if (expected_result == 0 && expected_value < 0) { /* The library does not support negative INTEGERs and * returns the dubious error code INVALID_LENGTH. * Test that we preserve the historical behavior. If we @@ -408,34 +397,28 @@ void get_integer( const data_t *input, } p = input->x; - ret = mbedtls_asn1_get_int( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result_for_int ); - if( ret == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_int(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result_for_int); + if (ret == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } #if defined(MBEDTLS_BIGNUM_C) - ret = mbedtls_test_read_mpi( &expected_mpi, 16, expected_hex ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) - { + ret = mbedtls_test_read_mpi(&expected_mpi, expected_hex); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA); + if (ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA) { /* The data overflows the maximum MPI size. */ expected_result_for_mpi = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } p = input->x; - ret = mbedtls_asn1_get_mpi( &p, input->x + input->len, &actual_mpi ); - TEST_EQUAL( ret, expected_result_for_mpi ); - if( ret == 0 ) - { - if( expected_value >= 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &actual_mpi, - &expected_mpi ) == 0 ); - } - else - { + ret = mbedtls_asn1_get_mpi(&p, input->x + input->len, &actual_mpi); + TEST_EQUAL(ret, expected_result_for_mpi); + if (ret == 0) { + if (expected_value >= 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&actual_mpi, + &expected_mpi) == 0); + } else { /* The library ignores the sign bit in ASN.1 INTEGERs * (which makes sense insofar as INTEGERs are sometimes * abused as bit strings), so the result of parsing them @@ -448,32 +431,32 @@ void get_integer( const data_t *input, * negative INTEGERs, we'll fix this test code. */ unsigned char *q = input->x + 1; size_t len; - TEST_ASSERT( mbedtls_asn1_get_len( &q, input->x + input->len, - &len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &complement, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &complement, len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &complement, &complement, - &expected_mpi ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &complement, - &actual_mpi ) == 0 ); + TEST_ASSERT(mbedtls_asn1_get_len(&q, input->x + input->len, + &len) == 0); + TEST_ASSERT(mbedtls_mpi_lset(&complement, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&complement, len * 8) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&complement, &complement, + &expected_mpi) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&complement, + &actual_mpi) == 0); } - TEST_ASSERT( p == input->x + input->len ); + TEST_ASSERT(p == input->x + input->len); } #endif exit: #if defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi_free( &expected_mpi ); - mbedtls_mpi_free( &actual_mpi ); - mbedtls_mpi_free( &complement ); + mbedtls_mpi_free(&expected_mpi); + mbedtls_mpi_free(&actual_mpi); + mbedtls_mpi_free(&complement); #endif - /*empty cleanup in some configurations*/ ; + /*empty cleanup in some configurations*/; } /* END_CASE */ /* BEGIN_CASE */ -void get_enum( const data_t *input, - const char *expected_hex, int expected_result ) +void get_enum(const data_t *input, + const char *expected_hex, int expected_result) { unsigned char *p; long expected_value; @@ -482,20 +465,18 @@ void get_enum( const data_t *input, int ret; errno = 0; - expected_value = strtol( expected_hex, NULL, 16 ); - if( expected_result == 0 && - ( errno == ERANGE + expected_value = strtol(expected_hex, NULL, 16); + if (expected_result == 0 && + (errno == ERANGE #if LONG_MAX > INT_MAX - || expected_value > INT_MAX || expected_value < INT_MIN + || expected_value > INT_MAX || expected_value < INT_MIN #endif - ) ) - { + )) { /* The library returns the dubious error code INVALID_LENGTH * for integers that are out of range. */ expected_result_for_enum = MBEDTLS_ERR_ASN1_INVALID_LENGTH; } - if( expected_result == 0 && expected_value < 0 ) - { + if (expected_result == 0 && expected_value < 0) { /* The library does not support negative INTEGERs and * returns the dubious error code INVALID_LENGTH. * Test that we preserve the historical behavior. If we @@ -504,18 +485,17 @@ void get_enum( const data_t *input, } p = input->x; - ret = mbedtls_asn1_get_enum( &p, input->x + input->len, &val ); - TEST_EQUAL( ret, expected_result_for_enum ); - if( ret == 0 ) - { - TEST_EQUAL( val, expected_value ); - TEST_ASSERT( p == input->x + input->len ); + ret = mbedtls_asn1_get_enum(&p, input->x + input->len, &val); + TEST_EQUAL(ret, expected_result_for_enum); + if (ret == 0) { + TEST_EQUAL(val, expected_value); + TEST_ASSERT(p == input->x + input->len); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void get_mpi_too_large( ) +void get_mpi_too_large() { unsigned char *buf = NULL; unsigned char *p; @@ -524,63 +504,62 @@ void get_mpi_too_large( ) MBEDTLS_MPI_MAX_LIMBS * sizeof(mbedtls_mpi_uint) + 1; size_t size = too_many_octets + 6; - mbedtls_mpi_init( &actual_mpi ); + mbedtls_mpi_init(&actual_mpi); - ASSERT_ALLOC( buf, size ); + TEST_CALLOC(buf, size); buf[0] = 0x02; /* tag: INTEGER */ buf[1] = 0x84; /* 4-octet length */ - buf[2] = ( too_many_octets >> 24 ) & 0xff; - buf[3] = ( too_many_octets >> 16 ) & 0xff; - buf[4] = ( too_many_octets >> 8 ) & 0xff; + buf[2] = (too_many_octets >> 24) & 0xff; + buf[3] = (too_many_octets >> 16) & 0xff; + buf[4] = (too_many_octets >> 8) & 0xff; buf[5] = too_many_octets & 0xff; buf[6] = 0x01; /* most significant octet */ p = buf; - TEST_EQUAL( mbedtls_asn1_get_mpi( &p, buf + size, &actual_mpi ), - MBEDTLS_ERR_MPI_ALLOC_FAILED ); + TEST_EQUAL(mbedtls_asn1_get_mpi(&p, buf + size, &actual_mpi), + MBEDTLS_ERR_MPI_ALLOC_FAILED); exit: - mbedtls_mpi_free( &actual_mpi ); - mbedtls_free( buf ); + mbedtls_mpi_free(&actual_mpi); + mbedtls_free(buf); } /* END_CASE */ /* BEGIN_CASE */ -void get_bitstring( const data_t *input, - int expected_length, int expected_unused_bits, - int expected_result, int expected_result_null ) +void get_bitstring(const data_t *input, + int expected_length, int expected_unused_bits, + int expected_result, int expected_result_null) { mbedtls_asn1_bitstring bs = { 0xdead, 0x21, NULL }; unsigned char *p = input->x; - TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, input->x + input->len, &bs ), - expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( bs.len, (size_t) expected_length ); - TEST_EQUAL( bs.unused_bits, expected_unused_bits ); - TEST_ASSERT( bs.p != NULL ); - TEST_EQUAL( bs.p - input->x + bs.len, input->len ); - TEST_ASSERT( p == input->x + input->len ); + TEST_EQUAL(mbedtls_asn1_get_bitstring(&p, input->x + input->len, &bs), + expected_result); + if (expected_result == 0) { + TEST_EQUAL(bs.len, (size_t) expected_length); + TEST_EQUAL(bs.unused_bits, expected_unused_bits); + TEST_ASSERT(bs.p != NULL); + TEST_EQUAL(bs.p - input->x + bs.len, input->len); + TEST_ASSERT(p == input->x + input->len); } p = input->x; - TEST_EQUAL( mbedtls_asn1_get_bitstring_null( &p, input->x + input->len, - &bs.len ), - expected_result_null ); - if( expected_result_null == 0 ) - { - TEST_EQUAL( bs.len, (size_t) expected_length ); - if( expected_result == 0 ) - TEST_ASSERT( p == input->x + input->len - bs.len ); + TEST_EQUAL(mbedtls_asn1_get_bitstring_null(&p, input->x + input->len, + &bs.len), + expected_result_null); + if (expected_result_null == 0) { + TEST_EQUAL(bs.len, (size_t) expected_length); + if (expected_result == 0) { + TEST_ASSERT(p == input->x + input->len - bs.len); + } } } /* END_CASE */ /* BEGIN_CASE */ -void get_sequence_of( const data_t *input, int tag, - const char *description, - int expected_result ) +void get_sequence_of(const data_t *input, int tag, + const char *description, + int expected_result) { /* The description string is a comma-separated list of integers. * For each element in the SEQUENCE in input, description contains @@ -596,53 +575,49 @@ void get_sequence_of( const data_t *input, int tag, unsigned long n; unsigned int step = 0; - TEST_EQUAL( mbedtls_asn1_get_sequence_of( &p, input->x + input->len, - &head, tag ), - expected_result ); - if( expected_result == 0 ) - { - TEST_ASSERT( p == input->x + input->len ); - - if( ! *rest ) - { - TEST_EQUAL( head.buf.tag, 0 ); - TEST_ASSERT( head.buf.p == NULL ); - TEST_EQUAL( head.buf.len, 0 ); - TEST_ASSERT( head.next == NULL ); - } - else - { + TEST_EQUAL(mbedtls_asn1_get_sequence_of(&p, input->x + input->len, + &head, tag), + expected_result); + if (expected_result == 0) { + TEST_ASSERT(p == input->x + input->len); + + if (!*rest) { + TEST_EQUAL(head.buf.tag, 0); + TEST_ASSERT(head.buf.p == NULL); + TEST_EQUAL(head.buf.len, 0); + TEST_ASSERT(head.next == NULL); + } else { cur = &head; - while( *rest ) - { - mbedtls_test_set_step( step ); - TEST_ASSERT( cur != NULL ); - TEST_EQUAL( cur->buf.tag, tag ); - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, (size_t)( cur->buf.p - input->x ) ); + while (*rest) { + mbedtls_test_set_step(step); + TEST_ASSERT(cur != NULL); + TEST_EQUAL(cur->buf.tag, tag); + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, (size_t) (cur->buf.p - input->x)); ++rest; - n = strtoul( rest, (char **) &rest, 0 ); - TEST_EQUAL( n, cur->buf.len ); - if( *rest ) + n = strtoul(rest, (char **) &rest, 0); + TEST_EQUAL(n, cur->buf.len); + if (*rest) { ++rest; + } cur = cur->next; ++step; } - TEST_ASSERT( cur == NULL ); + TEST_ASSERT(cur == NULL); } } exit: - mbedtls_asn1_sequence_free( head.next ); + mbedtls_asn1_sequence_free(head.next); } /* END_CASE */ /* BEGIN_CASE */ -void traverse_sequence_of( const data_t *input, - int tag_must_mask, int tag_must_val, - int tag_may_mask, int tag_may_val, - const char *description, - int expected_result ) +void traverse_sequence_of(const data_t *input, + int tag_must_mask, int tag_must_val, + int tag_may_mask, int tag_may_val, + const char *description, + int expected_result) { /* The description string is a comma-separated list of integers. * For each element in the SEQUENCE in input, description contains @@ -652,144 +627,148 @@ void traverse_sequence_of( const data_t *input, * "offset1,tag1,length1,..." */ unsigned char *p = input->x; - traverse_state_t traverse_state = {input->x, description}; + traverse_state_t traverse_state = { input->x, description }; int ret; - ret = mbedtls_asn1_traverse_sequence_of( &p, input->x + input->len, - (uint8_t) tag_must_mask, (uint8_t) tag_must_val, - (uint8_t) tag_may_mask, (uint8_t) tag_may_val, - traverse_callback, &traverse_state ); - if( ret == RET_TRAVERSE_ERROR ) + ret = mbedtls_asn1_traverse_sequence_of(&p, input->x + input->len, + (uint8_t) tag_must_mask, (uint8_t) tag_must_val, + (uint8_t) tag_may_mask, (uint8_t) tag_may_val, + traverse_callback, &traverse_state); + if (ret == RET_TRAVERSE_ERROR) { goto exit; - TEST_EQUAL( ret, expected_result ); - TEST_EQUAL( *traverse_state.description, 0 ); + } + TEST_EQUAL(ret, expected_result); + TEST_EQUAL(*traverse_state.description, 0); } /* END_CASE */ /* BEGIN_CASE */ -void get_alg( const data_t *input, - int oid_offset, int oid_length, - int params_tag, int params_offset, int params_length, - int total_length, - int expected_result ) +void get_alg(const data_t *input, + int oid_offset, int oid_length, + int params_tag, int params_offset, int params_length, + int total_length, + int expected_result) { mbedtls_asn1_buf oid = { -1, 0, NULL }; mbedtls_asn1_buf params = { -1, 0, NULL }; unsigned char *p = input->x; int ret; - TEST_EQUAL( mbedtls_asn1_get_alg( &p, input->x + input->len, - &oid, ¶ms ), - expected_result ); - if( expected_result == 0 ) - { - TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); - TEST_EQUAL( oid.p - input->x, oid_offset ); - TEST_EQUAL( oid.len, (size_t) oid_length ); - TEST_EQUAL( params.tag, params_tag ); - if( params_offset != 0 ) - TEST_EQUAL( params.p - input->x, params_offset ); - else - TEST_ASSERT( params.p == NULL ); - TEST_EQUAL( params.len, (size_t) params_length ); - TEST_EQUAL( p - input->x, total_length ); + TEST_EQUAL(mbedtls_asn1_get_alg(&p, input->x + input->len, + &oid, ¶ms), + expected_result); + if (expected_result == 0) { + TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID); + TEST_EQUAL(oid.p - input->x, oid_offset); + TEST_EQUAL(oid.len, (size_t) oid_length); + TEST_EQUAL(params.tag, params_tag); + if (params_offset != 0) { + TEST_EQUAL(params.p - input->x, params_offset); + } else { + TEST_ASSERT(params.p == NULL); + } + TEST_EQUAL(params.len, (size_t) params_length); + TEST_EQUAL(p - input->x, total_length); } - ret = mbedtls_asn1_get_alg_null( &p, input->x + input->len, &oid ); - if( expected_result == 0 && params_offset == 0 ) - { - TEST_EQUAL( oid.tag, MBEDTLS_ASN1_OID ); - TEST_EQUAL( oid.p - input->x, oid_offset ); - TEST_EQUAL( oid.len, (size_t) oid_length ); - TEST_EQUAL( p - input->x, total_length ); + ret = mbedtls_asn1_get_alg_null(&p, input->x + input->len, &oid); + if (expected_result == 0 && params_offset == 0) { + TEST_EQUAL(oid.tag, MBEDTLS_ASN1_OID); + TEST_EQUAL(oid.p - input->x, oid_offset); + TEST_EQUAL(oid.len, (size_t) oid_length); + TEST_EQUAL(p - input->x, total_length); + } else { + TEST_ASSERT(ret != 0); } - else - TEST_ASSERT( ret != 0 ); } /* END_CASE */ /* BEGIN_CASE */ -void find_named_data( data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, - data_t *needle, int from, int position ) +void find_named_data(data_t *oid0, data_t *oid1, data_t *oid2, data_t *oid3, + data_t *needle, int from, int position) { - mbedtls_asn1_named_data nd[] ={ - { {0x06, oid0->len, oid0->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid1->len, oid1->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid2->len, oid2->x}, {0, 0, NULL}, NULL, 0 }, - { {0x06, oid3->len, oid3->x}, {0, 0, NULL}, NULL, 0 }, + mbedtls_asn1_named_data nd[] = { + { { 0x06, oid0->len, oid0->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid1->len, oid1->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid2->len, oid2->x }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, oid3->len, oid3->x }, { 0, 0, NULL }, NULL, 0 }, }; - mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1]; size_t i; mbedtls_asn1_named_data *found; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + for (i = 0; i < ARRAY_LENGTH(nd); i++) { pointers[i] = &nd[i]; - pointers[ARRAY_LENGTH( nd )] = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + } + pointers[ARRAY_LENGTH(nd)] = NULL; + for (i = 0; i < ARRAY_LENGTH(nd); i++) { nd[i].next = pointers[i+1]; + } - found = mbedtls_asn1_find_named_data( pointers[from], - (const char *) needle->x, - needle->len ); - TEST_ASSERT( found == pointers[position] ); + found = mbedtls_asn1_find_named_data(pointers[from], + (const char *) needle->x, + needle->len); + TEST_ASSERT(found == pointers[position]); } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data_null( ) +void free_named_data_null() { - mbedtls_asn1_free_named_data( NULL ); + mbedtls_asn1_free_named_data(NULL); goto exit; /* Silence unused label warning */ } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data( int with_oid, int with_val, int with_next ) +void free_named_data(int with_oid, int with_val, int with_next) { mbedtls_asn1_named_data next = - { {0x06, 0, NULL}, {0, 0xcafe, NULL}, NULL, 0 }; + { { 0x06, 0, NULL }, { 0, 0xcafe, NULL }, NULL, 0 }; mbedtls_asn1_named_data head = - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }; + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }; - if( with_oid ) - ASSERT_ALLOC( head.oid.p, 1 ); - if( with_val ) - ASSERT_ALLOC( head.val.p, 1 ); - if( with_next ) + if (with_oid) { + TEST_CALLOC(head.oid.p, 1); + } + if (with_val) { + TEST_CALLOC(head.val.p, 1); + } + if (with_next) { head.next = &next; + } - mbedtls_asn1_free_named_data( &head ); - TEST_ASSERT( head.oid.p == NULL ); - TEST_ASSERT( head.val.p == NULL ); - TEST_ASSERT( head.next == NULL ); - TEST_ASSERT( next.val.len == 0xcafe ); + mbedtls_asn1_free_named_data(&head); + TEST_ASSERT(head.oid.p == NULL); + TEST_ASSERT(head.val.p == NULL); + TEST_ASSERT(head.next == NULL); + TEST_ASSERT(next.val.len == 0xcafe); exit: - mbedtls_free( head.oid.p ); - mbedtls_free( head.val.p ); + mbedtls_free(head.oid.p); + mbedtls_free(head.val.p); } /* END_CASE */ /* BEGIN_CASE */ -void free_named_data_list( int length ) +void free_named_data_list(int length) { mbedtls_asn1_named_data *head = NULL; int i; - for( i = 0; i < length; i++ ) - { + for (i = 0; i < length; i++) { mbedtls_asn1_named_data *new = NULL; - ASSERT_ALLOC( new, sizeof( mbedtls_asn1_named_data ) ); + TEST_CALLOC(new, 1); new->next = head; head = new; } - mbedtls_asn1_free_named_data_list( &head ); - TEST_ASSERT( head == NULL ); + mbedtls_asn1_free_named_data_list(&head); + TEST_ASSERT(head == NULL); /* Most of the point of the test is that it doesn't leak memory. * So this test is only really useful under a memory leak detection * framework. */ exit: - mbedtls_asn1_free_named_data_list( &head ); + mbedtls_asn1_free_named_data_list(&head); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.data b/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.data index 7f5f5360e27..725cbc22aa0 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.data @@ -91,8 +91,11 @@ mbedtls_asn1_write_enum:0x12345678:"0A0412345678" ASN.1 Write enum 2147483647 mbedtls_asn1_write_enum:0x7fffffff:"0A047fffffff" -#ASN.1 Write mpi 0 -#mbedtls_asn1_write_mpi:"00":"020100" +ASN.1 Write mpi 0 (null) +mbedtls_asn1_write_mpi:"":"020100" + +ASN.1 Write mpi 0 (1 limb) +mbedtls_asn1_write_mpi:"00":"020100" ASN.1 Write mpi 1 mbedtls_asn1_write_mpi:"01":"020101" @@ -100,11 +103,17 @@ mbedtls_asn1_write_mpi:"01":"020101" ASN.1 Write mpi 0x7f mbedtls_asn1_write_mpi:"7f":"02017f" -#ASN.1 Write mpi 0x80 -#mbedtls_asn1_write_mpi:"7f":"02020080" +ASN.1 Write mpi 0x7f with leading 0 limb +mbedtls_asn1_write_mpi:"00000000000000007f":"02017f" + +ASN.1 Write mpi 0x80 +mbedtls_asn1_write_mpi:"80":"02020080" + +ASN.1 Write mpi 0x80 with leading 0 limb +mbedtls_asn1_write_mpi:"000000000000000080":"02020080" -#ASN.1 Write mpi 0xff -#mbedtls_asn1_write_mpi:"7f":"020200ff" +ASN.1 Write mpi 0xff +mbedtls_asn1_write_mpi:"ff":"020200ff" ASN.1 Write mpi 0x100 mbedtls_asn1_write_mpi:"0100":"02020100" @@ -112,17 +121,17 @@ mbedtls_asn1_write_mpi:"0100":"02020100" ASN.1 Write mpi, 127*8-1 bits mbedtls_asn1_write_mpi:"7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"027f7f7b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8" -#ASN.1 Write mpi, 127*8 bits -#mbedtls_asn1_write_mpi:"e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"028180e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8" +ASN.1 Write mpi, 127*8 bits +mbedtls_asn1_write_mpi:"e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8":"02818000e77b16e05c1537de7c41cef1a0985d6a3ced98aec28e091874cbad6b5e40a5c956258f18861c28bed8ba808259339ee34b2e509c4080149474d5d5b86093f90c475a6443fc87e1a293d4151be625d652f1c32a00a018bba10c8a2ae5b2b0ee4be64e053dce9d07ec7919526c9dfcf2ec9fc3db485caa8e5a68a2cd0a427de8" ASN.1 Write mpi, 127*8+1 bits -mbedtls_asn1_write_mpi:"108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c":"028180108446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c" +mbedtls_asn1_write_mpi:"018446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c":"028180018446d68934cc1af23c4cd909884d4bd737a1890e12f5ef8bf3d807d72feffa63c0bf2633345f8b8418d144617c871a7a0277ac0150eed4b3db7f9dff21114cd0d7f282400f03c931cb00c367550e374a1ed3762a1801ca714cfc8d5aac69707ca81e0661400ed0014d97cba48f94d835dd681fc3053c51958afbf7583cf49c" ASN.1 Write mpi, 255*8-1 bits mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0281ff7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c" -#ASN.1 Write mpi, 255*8 bits -#mbedtls_asn1_write_mpi:"fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0282010000fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c" +ASN.1 Write mpi, 255*8 bits +mbedtls_asn1_write_mpi:"fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c":"0282010000fbd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c" ASN.1 Write mpi, 256*8-1 bits mbedtls_asn1_write_mpi:"7bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89":"028201007bd1913fcfb652896209ad3e62f5d04a8dfc71eb1698543c52200bd7bbf3c11dd9ff57c299a2f4da172b3d5bd7e29affddf8859be7d50a45537a0df15b17af603d18803fd17134847cba78d83e64bf9fee58364d6124add0541da7bad331cd35fb48186a74bc502ddb967602401c0db02b19e5d38f09e8618fa7f6a1a3f738629baffdc63d9d70d396007d943fd64ae696e5b7e88f2c6d6ec322b461dbddd36efa91d990343b66419cf4832a22dc9ad13021185a1bf007989a50ba3bfd1152b8db899482d3ed498d1b9fae243a3cdae9530d8b29fdb684f70cdc0c9b8527265312603b405e67d59d4b1d654ddc3b7fd5515acb32440dc80903c8474a2c136c89" @@ -191,7 +200,7 @@ ASN.1 Write OID: length=1 mbedtls_asn1_write_string:MBEDTLS_ASN1_OID:"41":"060141" ASN.1 Write AlgorithmIdentifier, null parameters -mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944" +mbedtls_asn1_write_algorithm_identifier:"4f4944":0:"300706034f49440500" ASN.1 Write AlgorithmIdentifier, parameters (8 bytes) mbedtls_asn1_write_algorithm_identifier:"4f4944":8:"300d06034f4944" @@ -374,10 +383,13 @@ Store named data: found, larger data store_named_data_val_found:4:9 Store named data: new, val_len=0 -store_named_data_val_new:0 +store_named_data_val_new:0:1 + +Stored named data: new, val_len=0, val=NULL +store_named_data_val_new:0:0 Store named data: new, val_len=4 -store_named_data_val_new:4 +store_named_data_val_new:4:1 Store named data: new, val_len=4, val=NULL -store_named_data_val_new:-4 +store_named_data_val_new:4:0 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.function b/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.function index 88247390517..77bf4ef3c21 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_asn1write.function @@ -4,8 +4,7 @@ #define GUARD_LEN 4 #define GUARD_VAL 0x2a -typedef struct -{ +typedef struct { unsigned char *output; unsigned char *start; unsigned char *end; @@ -13,41 +12,38 @@ typedef struct size_t size; } generic_write_data_t; -int generic_write_start_step( generic_write_data_t *data ) +int generic_write_start_step(generic_write_data_t *data) { - mbedtls_test_set_step( data->size ); - ASSERT_ALLOC( data->output, data->size == 0 ? 1 : data->size ); + mbedtls_test_set_step(data->size); + mbedtls_free(data->output); + data->output = NULL; + TEST_CALLOC(data->output, data->size == 0 ? 1 : data->size); data->end = data->output + data->size; data->p = data->end; data->start = data->end - data->size; - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } -int generic_write_finish_step( generic_write_data_t *data, - const data_t *expected, int ret ) +int generic_write_finish_step(generic_write_data_t *data, + const data_t *expected, int ret) { int ok = 0; - if( data->size < expected->len ) - { - TEST_EQUAL( ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); - } - else - { - TEST_EQUAL( ret, data->end - data->p ); - TEST_ASSERT( data->p >= data->start ); - TEST_ASSERT( data->p <= data->end ); - ASSERT_COMPARE( data->p, (size_t)( data->end - data->p ), - expected->x, expected->len ); + if (data->size < expected->len) { + TEST_EQUAL(ret, MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); + } else { + TEST_EQUAL(ret, data->end - data->p); + TEST_ASSERT(data->p >= data->start); + TEST_ASSERT(data->p <= data->end); + TEST_MEMORY_COMPARE(data->p, (size_t) (data->end - data->p), + expected->x, expected->len); } ok = 1; exit: - mbedtls_free( data->output ); - data->output = NULL; - return( ok ); + return ok; } /* END_HEADER */ @@ -58,198 +54,294 @@ exit: */ /* BEGIN_CASE */ -void mbedtls_asn1_write_null( data_t *expected ) +void mbedtls_asn1_write_null(data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_null( &data.p, data.start ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_null(&data.p, data.start); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } + /* There's no parsing function for NULL. */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_bool( int val, data_t *expected ) +void mbedtls_asn1_write_bool(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_bool( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_bool(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } +#if defined(MBEDTLS_ASN1_PARSE_C) + if (ret >= 0) { + int read = 0xdeadbeef; + TEST_EQUAL(mbedtls_asn1_get_bool(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_int( int val, data_t *expected ) +void mbedtls_asn1_write_int(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_int( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_int(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } +#if defined(MBEDTLS_ASN1_PARSE_C) + if (ret >= 0) { + int read = 0xdeadbeef; + TEST_EQUAL(mbedtls_asn1_get_int(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_enum( int val, data_t *expected ) +void mbedtls_asn1_write_enum(int val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_enum( &data.p, data.start, val ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_enum(&data.p, data.start, val); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } +#if defined(MBEDTLS_ASN1_PARSE_C) + if (ret >= 0) { + int read = 0xdeadbeef; + TEST_EQUAL(mbedtls_asn1_get_enum(&data.p, data.end, &read), 0); + TEST_EQUAL(val, read); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void mbedtls_asn1_write_mpi( data_t *val, data_t *expected ) +void mbedtls_asn1_write_mpi(data_t *val, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; - mbedtls_mpi mpi; + mbedtls_mpi mpi, read; int ret; - mbedtls_mpi_init( &mpi ); - TEST_ASSERT( mbedtls_mpi_read_binary( &mpi, val->x, val->len ) == 0 ); + mbedtls_mpi_init(&mpi); + mbedtls_mpi_init(&read); + TEST_ASSERT(mbedtls_mpi_read_binary(&mpi, val->x, val->len) == 0); - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = mbedtls_asn1_write_mpi( &data.p, data.start, &mpi ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = mbedtls_asn1_write_mpi(&data.p, data.start, &mpi); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; - if( expected->len > 10 && data.size == 8 ) + } +#if defined(MBEDTLS_ASN1_PARSE_C) + if (ret >= 0) { + TEST_EQUAL(mbedtls_asn1_get_mpi(&data.p, data.end, &read), 0); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&mpi, &read)); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ + /* Skip some intermediate lengths, they're boring. */ + if (expected->len > 10 && data.size == 8) { data.size = expected->len - 2; + } } exit: - mbedtls_mpi_free( &mpi ); - mbedtls_free( data.output ); + mbedtls_mpi_free(&mpi); + mbedtls_mpi_free(&read); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_string( int tag, data_t *content, data_t *expected ) +void mbedtls_asn1_write_string(int tag, data_t *content, data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - switch( tag ) - { + } + switch (tag) { case MBEDTLS_ASN1_OCTET_STRING: ret = mbedtls_asn1_write_octet_string( - &data.p, data.start, content->x, content->len ); + &data.p, data.start, content->x, content->len); break; case MBEDTLS_ASN1_OID: ret = mbedtls_asn1_write_oid( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_UTF8_STRING: ret = mbedtls_asn1_write_utf8_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_PRINTABLE_STRING: ret = mbedtls_asn1_write_printable_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; case MBEDTLS_ASN1_IA5_STRING: ret = mbedtls_asn1_write_ia5_string( &data.p, data.start, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); break; default: ret = mbedtls_asn1_write_tagged_string( &data.p, data.start, tag, - (const char *) content->x, content->len ); + (const char *) content->x, content->len); } - if( ! generic_write_finish_step( &data, expected, ret ) ) + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; - if( expected->len > 10 && data.size == 8 ) + } + /* There's no parsing function for octet or character strings. */ + /* Skip some intermediate lengths, they're boring. */ + if (expected->len > 10 && data.size == 8) { data.size = expected->len - 2; + } } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_asn1_write_algorithm_identifier( data_t *oid, - int par_len, - data_t *expected ) +void mbedtls_asn1_write_algorithm_identifier(data_t *oid, + int par_len, + data_t *expected) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; +#if defined(MBEDTLS_ASN1_PARSE_C) + unsigned char *buf_complete = NULL; +#endif /* MBEDTLS_ASN1_PARSE_C */ - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; + } ret = mbedtls_asn1_write_algorithm_identifier( &data.p, data.start, - (const char *) oid->x, oid->len, par_len ); + (const char *) oid->x, oid->len, par_len); /* If params_len != 0, mbedtls_asn1_write_algorithm_identifier() * assumes that the parameters are already present in the buffer * and returns a length that accounts for this, but our test * data omits the parameters. */ - if( ret >= 0 ) + if (ret >= 0) { ret -= par_len; - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } + +#if defined(MBEDTLS_ASN1_PARSE_C) + /* Only do a parse-back test if the parameters aren't too large for + * a small-heap environment. The boundary is somewhat arbitrary. */ + if (ret >= 0 && par_len <= 1234) { + mbedtls_asn1_buf alg = { 0, 0, NULL }; + mbedtls_asn1_buf params = { 0, 0, NULL }; + /* The writing function doesn't write the parameters unless + * they're null: it only takes their length as input. But the + * parsing function requires the parameters to be present. + * Thus make up parameters. */ + size_t data_len = data.end - data.p; + size_t len_complete = data_len + par_len; + unsigned char expected_params_tag; + size_t expected_params_len; + TEST_CALLOC(buf_complete, len_complete); + unsigned char *end_complete = buf_complete + len_complete; + memcpy(buf_complete, data.p, data_len); + if (par_len == 0) { + /* mbedtls_asn1_write_algorithm_identifier() wrote a NULL */ + expected_params_tag = 0x05; + expected_params_len = 0; + } else if (par_len >= 2 && par_len < 2 + 128) { + /* Write an OCTET STRING with a short length encoding */ + expected_params_tag = buf_complete[data_len] = 0x04; + expected_params_len = par_len - 2; + buf_complete[data_len + 1] = (unsigned char) expected_params_len; + } else if (par_len >= 4 + 128 && par_len < 3 + 256 * 256) { + /* Write an OCTET STRING with a two-byte length encoding */ + expected_params_tag = buf_complete[data_len] = 0x04; + expected_params_len = par_len - 4; + buf_complete[data_len + 1] = 0x82; + buf_complete[data_len + 2] = (unsigned char) (expected_params_len >> 8); + buf_complete[data_len + 3] = (unsigned char) (expected_params_len); + } else { + TEST_FAIL("Bad test data: invalid length of ASN.1 element"); + } + unsigned char *p = buf_complete; + TEST_EQUAL(mbedtls_asn1_get_alg(&p, end_complete, + &alg, ¶ms), 0); + TEST_EQUAL(alg.tag, MBEDTLS_ASN1_OID); + TEST_MEMORY_COMPARE(alg.p, alg.len, oid->x, oid->len); + TEST_EQUAL(params.tag, expected_params_tag); + TEST_EQUAL(params.len, expected_params_len); + mbedtls_free(buf_complete); + buf_complete = NULL; + } +#endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); +#if defined(MBEDTLS_ASN1_PARSE_C) + mbedtls_free(buf_complete); +#endif /* MBEDTLS_ASN1_PARSE_C */ } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ -void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, - int result ) +void mbedtls_asn1_write_len(int len, data_t *asn1, int buf_len, + int result) { int ret; unsigned char buf[150]; @@ -257,217 +349,253 @@ void mbedtls_asn1_write_len( int len, data_t * asn1, int buf_len, size_t i; size_t read_len; - memset( buf, GUARD_VAL, sizeof( buf ) ); + memset(buf, GUARD_VAL, sizeof(buf)); p = buf + GUARD_LEN + buf_len; - ret = mbedtls_asn1_write_len( &p, buf + GUARD_LEN, (size_t) len ); + ret = mbedtls_asn1_write_len(&p, buf + GUARD_LEN, (size_t) len); - TEST_ASSERT( ret == result ); + TEST_ASSERT(ret == result); /* Check for buffer overwrite on both sides */ - for( i = 0; i < GUARD_LEN; i++ ) - { - TEST_ASSERT( buf[i] == GUARD_VAL ); - TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); + for (i = 0; i < GUARD_LEN; i++) { + TEST_ASSERT(buf[i] == GUARD_VAL); + TEST_ASSERT(buf[GUARD_LEN + buf_len + i] == GUARD_VAL); } - if( result >= 0 ) - { - TEST_ASSERT( p + asn1->len == buf + GUARD_LEN + buf_len ); + if (result >= 0) { + TEST_ASSERT(p + asn1->len == buf + GUARD_LEN + buf_len); - TEST_ASSERT( memcmp( p, asn1->x, asn1->len ) == 0 ); + TEST_ASSERT(memcmp(p, asn1->x, asn1->len) == 0); /* Read back with mbedtls_asn1_get_len() to check */ - ret = mbedtls_asn1_get_len( &p, buf + GUARD_LEN + buf_len, &read_len ); + ret = mbedtls_asn1_get_len(&p, buf + GUARD_LEN + buf_len, &read_len); - if( len == 0 ) - { - TEST_ASSERT( ret == 0 ); - } - else - { + if (len == 0) { + TEST_ASSERT(ret == 0); + } else { /* Return will be MBEDTLS_ERR_ASN1_OUT_OF_DATA because the rest of * the buffer is missing */ - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA ); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - TEST_ASSERT( read_len == (size_t) len ); - TEST_ASSERT( p == buf + GUARD_LEN + buf_len ); + TEST_ASSERT(read_len == (size_t) len); + TEST_ASSERT(p == buf + GUARD_LEN + buf_len); } } /* END_CASE */ /* BEGIN_CASE */ -void test_asn1_write_bitstrings( data_t *bitstring, int bits, - data_t *expected, int is_named ) +void test_asn1_write_bitstrings(data_t *bitstring, int bits, + data_t *expected, int is_named) { generic_write_data_t data = { NULL, NULL, NULL, NULL, 0 }; int ret; - int ( *func )( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ) = - ( is_named ? mbedtls_asn1_write_named_bitstring : - mbedtls_asn1_write_bitstring ); - - for( data.size = 0; data.size < expected->len + 1; data.size++ ) - { - if( ! generic_write_start_step( &data ) ) + int (*func)(unsigned char **p, unsigned char *start, + const unsigned char *buf, size_t bits) = + (is_named ? mbedtls_asn1_write_named_bitstring : + mbedtls_asn1_write_bitstring); +#if defined(MBEDTLS_ASN1_PARSE_C) + unsigned char *masked_bitstring = NULL; +#endif /* MBEDTLS_ASN1_PARSE_C */ + + /* The API expects `bitstring->x` to contain `bits` bits. */ + size_t byte_length = (bits + 7) / 8; + TEST_ASSERT(bitstring->len >= byte_length); + +#if defined(MBEDTLS_ASN1_PARSE_C) + TEST_CALLOC(masked_bitstring, byte_length); + if (byte_length != 0) { + memcpy(masked_bitstring, bitstring->x, byte_length); + if (bits % 8 != 0) { + masked_bitstring[byte_length - 1] &= ~(0xff >> (bits % 8)); + } + } + size_t value_bits = bits; + if (is_named) { + /* In a named bit string, all trailing 0 bits are removed. */ + while (byte_length > 0 && masked_bitstring[byte_length - 1] == 0) { + --byte_length; + } + value_bits = 8 * byte_length; + if (byte_length > 0) { + unsigned char last_byte = masked_bitstring[byte_length - 1]; + for (unsigned b = 1; b < 0xff && (last_byte & b) == 0; b <<= 1) { + --value_bits; + } + } + } +#endif /* MBEDTLS_ASN1_PARSE_C */ + + for (data.size = 0; data.size <= expected->len + 1; data.size++) { + if (!generic_write_start_step(&data)) { goto exit; - ret = ( *func )( &data.p, data.start, bitstring->x, bits ); - if( ! generic_write_finish_step( &data, expected, ret ) ) + } + ret = (*func)(&data.p, data.start, bitstring->x, bits); + if (!generic_write_finish_step(&data, expected, ret)) { goto exit; + } +#if defined(MBEDTLS_ASN1_PARSE_C) + if (ret >= 0) { + mbedtls_asn1_bitstring read = { 0, 0, NULL }; + TEST_EQUAL(mbedtls_asn1_get_bitstring(&data.p, data.end, + &read), 0); + TEST_MEMORY_COMPARE(read.p, read.len, + masked_bitstring, byte_length); + TEST_EQUAL(read.unused_bits, 8 * byte_length - value_bits); + } +#endif /* MBEDTLS_ASN1_PARSE_C */ } exit: - mbedtls_free( data.output ); + mbedtls_free(data.output); +#if defined(MBEDTLS_ASN1_PARSE_C) + mbedtls_free(masked_bitstring); +#endif /* MBEDTLS_ASN1_PARSE_C */ } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_find( data_t *oid0, data_t *oid1, - data_t *oid2, data_t *oid3, - data_t *needle, int from, int position ) +void store_named_data_find(data_t *oid0, data_t *oid1, + data_t *oid2, data_t *oid3, + data_t *needle, int from, int position) { - data_t *oid[4] = {oid0, oid1, oid2, oid3}; - mbedtls_asn1_named_data nd[] ={ - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, - { {0x06, 0, NULL}, {0, 0, NULL}, NULL, 0 }, + data_t *oid[4] = { oid0, oid1, oid2, oid3 }; + mbedtls_asn1_named_data nd[] = { + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, + { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }, }; - mbedtls_asn1_named_data *pointers[ARRAY_LENGTH( nd ) + 1]; + mbedtls_asn1_named_data *pointers[ARRAY_LENGTH(nd) + 1]; size_t i; mbedtls_asn1_named_data *head = NULL; mbedtls_asn1_named_data *found = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) + for (i = 0; i < ARRAY_LENGTH(nd); i++) { pointers[i] = &nd[i]; - pointers[ARRAY_LENGTH( nd )] = NULL; - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - { - ASSERT_ALLOC( nd[i].oid.p, oid[i]->len ); - memcpy( nd[i].oid.p, oid[i]->x, oid[i]->len ); + } + pointers[ARRAY_LENGTH(nd)] = NULL; + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + TEST_CALLOC(nd[i].oid.p, oid[i]->len); + memcpy(nd[i].oid.p, oid[i]->x, oid[i]->len); nd[i].oid.len = oid[i]->len; nd[i].next = pointers[i+1]; } head = pointers[from]; - found = mbedtls_asn1_store_named_data( &head, - (const char *) needle->x, - needle->len, - NULL, 0 ); + found = mbedtls_asn1_store_named_data(&head, + (const char *) needle->x, + needle->len, + NULL, 0); /* In any case, the existing list structure must be unchanged. */ - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - TEST_ASSERT( nd[i].next == pointers[i+1] ); + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + TEST_ASSERT(nd[i].next == pointers[i+1]); + } - if( position >= 0 ) - { + if (position >= 0) { /* position should have been found and modified. */ - TEST_ASSERT( head == pointers[from] ); - TEST_ASSERT( found == pointers[position] ); - } - else - { + TEST_ASSERT(head == pointers[from]); + TEST_ASSERT(found == pointers[position]); + } else { /* A new entry should have been created. */ - TEST_ASSERT( found == head ); - TEST_ASSERT( head->next == pointers[from] ); - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - TEST_ASSERT( found != &nd[i] ); + TEST_ASSERT(found == head); + TEST_ASSERT(head->next == pointers[from]); + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + TEST_ASSERT(found != &nd[i]); + } } exit: - if( found != NULL && found == head && found != pointers[from] ) - { - mbedtls_free( found->oid.p ); - mbedtls_free( found ); + if (found != NULL && found == head && found != pointers[from]) { + mbedtls_free(found->oid.p); + mbedtls_free(found); + } + for (i = 0; i < ARRAY_LENGTH(nd); i++) { + mbedtls_free(nd[i].oid.p); } - for( i = 0; i < ARRAY_LENGTH( nd ); i++ ) - mbedtls_free( nd[i].oid.p ); } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_val_found( int old_len, int new_len ) +void store_named_data_val_found(int old_len, int new_len) { mbedtls_asn1_named_data nd = - { {0x06, 3, (unsigned char *) "OID"}, {0, 0, NULL}, NULL, 0 }; + { { 0x06, 3, (unsigned char *) "OID" }, { 0, 0, NULL }, NULL, 0 }; mbedtls_asn1_named_data *head = &nd; mbedtls_asn1_named_data *found = NULL; unsigned char *old_val = NULL; unsigned char *new_val = (unsigned char *) "new value"; - if( old_len != 0 ) - { - ASSERT_ALLOC( nd.val.p, (size_t) old_len ); + if (old_len != 0) { + TEST_CALLOC(nd.val.p, (size_t) old_len); old_val = nd.val.p; nd.val.len = old_len; - memset( old_val, 'x', old_len ); + memset(old_val, 'x', old_len); } - if( new_len <= 0 ) - { - new_len = - new_len; + if (new_len <= 0) { + new_len = -new_len; new_val = NULL; } - found = mbedtls_asn1_store_named_data( &head, "OID", 3, - new_val, new_len ); - TEST_ASSERT( head == &nd ); - TEST_ASSERT( found == head ); - - if( new_val != NULL) - ASSERT_COMPARE( found->val.p, found->val.len, - new_val, (size_t) new_len ); - if( new_len == 0) - TEST_ASSERT( found->val.p == NULL ); - else if( new_len == old_len ) - TEST_ASSERT( found->val.p == old_val ); - else - TEST_ASSERT( found->val.p != old_val ); + found = mbedtls_asn1_store_named_data(&head, "OID", 3, + new_val, new_len); + TEST_ASSERT(head == &nd); + TEST_ASSERT(found == head); + + if (new_val != NULL) { + TEST_MEMORY_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); + } + if (new_len == 0) { + TEST_ASSERT(found->val.p == NULL); + } else if (new_len == old_len) { + TEST_ASSERT(found->val.p == old_val); + } else { + TEST_ASSERT(found->val.p != old_val); + } exit: - mbedtls_free( nd.val.p ); + mbedtls_free(nd.val.p); } /* END_CASE */ /* BEGIN_CASE */ -void store_named_data_val_new( int new_len ) +void store_named_data_val_new(int new_len, int set_new_val) { mbedtls_asn1_named_data *head = NULL; mbedtls_asn1_named_data *found = NULL; const unsigned char *oid = (unsigned char *) "OID"; - size_t oid_len = strlen( (const char *) oid ); + size_t oid_len = strlen((const char *) oid); const unsigned char *new_val = (unsigned char *) "new value"; - if( new_len <= 0 ) + if (set_new_val == 0) { new_val = NULL; - if( new_len < 0 ) - new_len = - new_len; - - found = mbedtls_asn1_store_named_data( &head, - (const char *) oid, oid_len, - new_val, (size_t) new_len ); - TEST_ASSERT( found != NULL ); - TEST_ASSERT( found == head ); - TEST_ASSERT( found->oid.p != oid ); - ASSERT_COMPARE( found->oid.p, found->oid.len, oid, oid_len ); - if( new_len == 0 ) - TEST_ASSERT( found->val.p == NULL ); - else if( new_val == NULL ) - TEST_ASSERT( found->val.p != NULL ); - else - { - TEST_ASSERT( found->val.p != new_val ); - ASSERT_COMPARE( found->val.p, found->val.len, - new_val, (size_t) new_len ); + } + + found = mbedtls_asn1_store_named_data(&head, + (const char *) oid, oid_len, + new_val, (size_t) new_len); + TEST_ASSERT(found != NULL); + TEST_ASSERT(found == head); + TEST_ASSERT(found->oid.p != oid); + TEST_MEMORY_COMPARE(found->oid.p, found->oid.len, oid, oid_len); + if (new_len == 0) { + TEST_ASSERT(found->val.p == NULL); + } else if (new_val == NULL) { + TEST_ASSERT(found->val.p != NULL); + } else { + TEST_ASSERT(found->val.p != new_val); + TEST_MEMORY_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); } exit: - if( found != NULL ) - { - mbedtls_free( found->oid.p ); - mbedtls_free( found->val.p ); + if (found != NULL) { + mbedtls_free(found->oid.p); + mbedtls_free(found->val.p); } - mbedtls_free( found ); + mbedtls_free(found); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_base64.function b/third_party/mbedtls/repo/tests/suites/test_suite_base64.function index 7baa3d501c8..ce6bd42b7e8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_base64.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_base64.function @@ -17,67 +17,66 @@ static const char base64_digits[] = */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void mask_of_range( int low_arg, int high_arg ) +void mask_of_range(int low_arg, int high_arg) { unsigned char low = low_arg, high = high_arg; unsigned c; - for( c = 0; c <= 0xff; c++ ) - { - mbedtls_test_set_step( c ); - TEST_CF_SECRET( &c, sizeof( c ) ); - unsigned char m = mbedtls_ct_uchar_mask_of_range( low, high, c ); - TEST_CF_PUBLIC( &c, sizeof( c ) ); - TEST_CF_PUBLIC( &m, sizeof( m ) ); - if( low <= c && c <= high ) - TEST_EQUAL( m, 0xff ); - else - TEST_EQUAL( m, 0 ); + for (c = 0; c <= 0xff; c++) { + mbedtls_test_set_step(c); + TEST_CF_SECRET(&c, sizeof(c)); + unsigned char m = mbedtls_ct_uchar_mask_of_range(low, high, c); + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&m, sizeof(m)); + if (low <= c && c <= high) { + TEST_EQUAL(m, 0xff); + } else { + TEST_EQUAL(m, 0); + } } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void enc_chars( ) +void enc_chars() { - for( unsigned value = 0; value < 64; value++ ) - { - mbedtls_test_set_step( value ); - TEST_CF_SECRET( &value, sizeof( value ) ); - unsigned char digit = mbedtls_ct_base64_enc_char( value ); - TEST_CF_PUBLIC( &value, sizeof( value ) ); - TEST_CF_PUBLIC( &digit, sizeof( digit ) ); - TEST_EQUAL( digit, base64_digits[value] ); + for (unsigned value = 0; value < 64; value++) { + mbedtls_test_set_step(value); + TEST_CF_SECRET(&value, sizeof(value)); + unsigned char digit = mbedtls_ct_base64_enc_char(value); + TEST_CF_PUBLIC(&value, sizeof(value)); + TEST_CF_PUBLIC(&digit, sizeof(digit)); + TEST_EQUAL(digit, base64_digits[value]); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void dec_chars( ) +void dec_chars() { char *p; signed char expected; - for( unsigned c = 0; c <= 0xff; c++ ) - { - mbedtls_test_set_step( c ); + for (unsigned c = 0; c <= 0xff; c++) { + mbedtls_test_set_step(c); /* base64_digits is 0-terminated. sizeof()-1 excludes the trailing 0. */ - p = memchr( base64_digits, c, sizeof( base64_digits ) - 1 ); - if( p == NULL ) + p = memchr(base64_digits, c, sizeof(base64_digits) - 1); + if (p == NULL) { expected = -1; - else + } else { expected = p - base64_digits; - TEST_CF_SECRET( &c, sizeof( c ) ); - signed char actual = mbedtls_ct_base64_dec_value( c ); - TEST_CF_PUBLIC( &c, sizeof( c ) ); - TEST_CF_PUBLIC( &actual, sizeof( actual ) ); - TEST_EQUAL( actual, expected ); + } + TEST_CF_SECRET(&c, sizeof(c)); + signed char actual = mbedtls_ct_base64_dec_value(c); + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&actual, sizeof(actual)); + TEST_EQUAL(actual, expected); } } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_base64_encode( char * src_string, char * dst_string, - int dst_buf_size, int result ) +void mbedtls_base64_encode(char *src_string, char *dst_string, + int dst_buf_size, int result) { unsigned char src_str[1000]; unsigned char dst_str[1000]; @@ -86,26 +85,25 @@ void mbedtls_base64_encode( char * src_string, char * dst_string, memset(src_str, 0x00, 1000); memset(dst_str, 0x00, 1000); - strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 ); - src_len = strlen( (char *) src_str ); + strncpy((char *) src_str, src_string, sizeof(src_str) - 1); + src_len = strlen((char *) src_str); - TEST_CF_SECRET( src_str, sizeof( src_str ) ); - TEST_ASSERT( mbedtls_base64_encode( dst_str, dst_buf_size, &len, src_str, src_len) == result ); - TEST_CF_PUBLIC( src_str, sizeof( src_str ) ); + TEST_CF_SECRET(src_str, sizeof(src_str)); + TEST_ASSERT(mbedtls_base64_encode(dst_str, dst_buf_size, &len, src_str, src_len) == result); + TEST_CF_PUBLIC(src_str, sizeof(src_str)); /* dest_str will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering CF failures by unmarking it. */ - TEST_CF_PUBLIC( dst_str, len ); + TEST_CF_PUBLIC(dst_str, len); - if( result == 0 ) - { - TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 ); + if (result == 0) { + TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_base64_decode( char * src_string, char * dst_string, int result ) +void mbedtls_base64_decode(char *src_string, char *dst_string, int result) { unsigned char src_str[1000]; unsigned char dst_str[1000]; @@ -115,77 +113,73 @@ void mbedtls_base64_decode( char * src_string, char * dst_string, int result ) memset(src_str, 0x00, 1000); memset(dst_str, 0x00, 1000); - strncpy( (char *) src_str, src_string, sizeof(src_str) - 1 ); - res = mbedtls_base64_decode( dst_str, sizeof( dst_str ), &len, src_str, strlen( (char *) src_str ) ); - TEST_ASSERT( res == result ); - if( result == 0 ) - { - TEST_ASSERT( strcmp( (char *) dst_str, dst_string ) == 0 ); + strncpy((char *) src_str, src_string, sizeof(src_str) - 1); + res = mbedtls_base64_decode(dst_str, sizeof(dst_str), &len, src_str, strlen((char *) src_str)); + TEST_ASSERT(res == result); + if (result == 0) { + TEST_ASSERT(strcmp((char *) dst_str, dst_string) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void base64_encode_hex( data_t * src, char * dst, int dst_buf_size, - int result ) +void base64_encode_hex(data_t *src, char *dst, int dst_buf_size, + int result) { unsigned char *res = NULL; size_t len; - res = mbedtls_test_zero_alloc( dst_buf_size ); + res = mbedtls_test_zero_alloc(dst_buf_size); - TEST_CF_SECRET( src->x, src->len ); - TEST_ASSERT( mbedtls_base64_encode( res, dst_buf_size, &len, src->x, src->len ) == result ); - TEST_CF_PUBLIC( src->x, src->len ); + TEST_CF_SECRET(src->x, src->len); + TEST_ASSERT(mbedtls_base64_encode(res, dst_buf_size, &len, src->x, src->len) == result); + TEST_CF_PUBLIC(src->x, src->len); /* res will have had tainted data copied to it, prevent the TEST_ASSERT below from triggering CF failures by unmarking it. */ - TEST_CF_PUBLIC( res, len ); + TEST_CF_PUBLIC(res, len); - if( result == 0 ) - { - TEST_ASSERT( len == strlen( dst ) ); - TEST_ASSERT( memcmp( dst, res, len ) == 0 ); + if (result == 0) { + TEST_ASSERT(len == strlen(dst)); + TEST_ASSERT(memcmp(dst, res, len) == 0); } exit: - mbedtls_free( res ); + mbedtls_free(res); } /* END_CASE */ /* BEGIN_CASE */ -void base64_decode_hex( char * src, data_t * dst, int dst_buf_size, - int result ) +void base64_decode_hex(char *src, data_t *dst, int dst_buf_size, + int result) { unsigned char *res = NULL; size_t len; - res = mbedtls_test_zero_alloc( dst_buf_size ); + res = mbedtls_test_zero_alloc(dst_buf_size); - TEST_ASSERT( mbedtls_base64_decode( res, dst_buf_size, &len, (unsigned char *) src, - strlen( src ) ) == result ); - if( result == 0 ) - { - TEST_ASSERT( len == dst->len ); - TEST_ASSERT( memcmp( dst->x, res, len ) == 0 ); + TEST_ASSERT(mbedtls_base64_decode(res, dst_buf_size, &len, (unsigned char *) src, + strlen(src)) == result); + if (result == 0) { + TEST_ASSERT(len == dst->len); + TEST_ASSERT(memcmp(dst->x, res, len) == 0); } exit: - mbedtls_free( res ); + mbedtls_free(res); } /* END_CASE */ /* BEGIN_CASE */ -void base64_decode_hex_src( data_t * src, char * dst_ref, int result ) +void base64_decode_hex_src(data_t *src, char *dst_ref, int result) { unsigned char dst[1000] = { 0 }; size_t len; - TEST_ASSERT( mbedtls_base64_decode( dst, sizeof( dst ), &len, src->x, src->len ) == result ); - if( result == 0 ) - { - TEST_ASSERT( len == strlen( dst_ref ) ); - TEST_ASSERT( memcmp( dst, dst_ref, len ) == 0 ); + TEST_ASSERT(mbedtls_base64_decode(dst, sizeof(dst), &len, src->x, src->len) == result); + if (result == 0) { + TEST_ASSERT(len == strlen(dst_ref)); + TEST_ASSERT(memcmp(dst, dst_ref, len) == 0); } exit: @@ -194,8 +188,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void base64_selftest( ) +void base64_selftest() { - TEST_ASSERT( mbedtls_base64_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_base64_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_bignum.function b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.function new file mode 100644 index 00000000000..a65a4897b57 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.function @@ -0,0 +1,1772 @@ +/* BEGIN_HEADER */ +#include "mbedtls/bignum.h" +#include "mbedtls/entropy.h" + +#if MBEDTLS_MPI_MAX_BITS > 792 +#define MPI_MAX_BITS_LARGER_THAN_792 +#endif + +/* Check the validity of the sign bit in an MPI object. Reject representations + * that are not supported by the rest of the library and indicate a bug when + * constructing the value. */ +static int sign_is_valid(const mbedtls_mpi *X) +{ + /* Only +1 and -1 are valid sign bits, not e.g. 0 */ + if (X->s != 1 && X->s != -1) { + return 0; + } + + /* The value 0 must be represented with the sign +1. A "negative zero" + * with s=-1 is an invalid representation. Forbid that. As an exception, + * we sometimes test the robustness of library functions when given + * a negative zero input. If a test case has a negative zero as input, + * we don't mind if the function has a negative zero output. */ + if (!mbedtls_test_case_uses_negative_0 && + mbedtls_mpi_bitlen(X) == 0 && X->s != 1) { + return 0; + } + + return 1; +} + +typedef struct mbedtls_test_mpi_random { + data_t *data; + size_t pos; + size_t chunk_len; +} mbedtls_test_mpi_random; + +/* + * This function is called by the Miller-Rabin primality test each time it + * chooses a random witness. The witnesses (or non-witnesses as provided by the + * test) are stored in the data member of the state structure. Each number is in + * the format that mbedtls_mpi_read_string understands and is chunk_len long. + */ +int mbedtls_test_mpi_miller_rabin_determinizer(void *state, + unsigned char *buf, + size_t len) +{ + mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random *) state; + + if (random == NULL || random->data->x == NULL || buf == NULL) { + return -1; + } + + if (random->pos + random->chunk_len > random->data->len + || random->chunk_len > len) { + return -1; + } + + memset(buf, 0, len); + + /* The witness is written to the end of the buffer, since the buffer is + * used as big endian, unsigned binary data in mbedtls_mpi_read_binary. + * Writing the witness to the start of the buffer would result in the + * buffer being 'witness 000...000', which would be treated as + * witness * 2^n for some n. */ + memcpy(buf + len - random->chunk_len, &random->data->x[random->pos], + random->chunk_len); + + random->pos += random->chunk_len; + + return 0; +} + +/* Random generator that is told how many bytes to return. */ +static int f_rng_bytes_left(void *state, unsigned char *buf, size_t len) +{ + size_t *bytes_left = state; + size_t i; + for (i = 0; i < len; i++) { + if (*bytes_left == 0) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + buf[i] = *bytes_left & 0xff; + --(*bytes_left); + } + return 0; +} + +/* Test whether bytes represents (in big-endian base 256) a number b that + * is significantly above a power of 2. That is, b must not have a long run + * of unset bits after the most significant bit. + * + * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}. + * This function returns 1 if, when drawing a number between 0 and b, + * the probability that this number is at least 2^n is not negligible. + * This probability is (b - 2^n) / b and this function checks that this + * number is above some threshold A. The threshold value is heuristic and + * based on the needs of mpi_random_many(). + */ +static int is_significantly_above_a_power_of_2(data_t *bytes) +{ + const uint8_t *p = bytes->x; + size_t len = bytes->len; + unsigned x; + + /* Skip leading null bytes */ + while (len > 0 && p[0] == 0) { + ++p; + --len; + } + /* 0 is not significantly above a power of 2 */ + if (len == 0) { + return 0; + } + /* Extract the (up to) 2 most significant bytes */ + if (len == 1) { + x = p[0]; + } else { + x = (p[0] << 8) | p[1]; + } + + /* Shift the most significant bit of x to position 8 and mask it out */ + while ((x & 0xfe00) != 0) { + x >>= 1; + } + x &= 0x00ff; + + /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above + * a power of 2 iff x is significantly above 0 compared to 2^8. + * Testing x >= 2^4 amounts to picking A = 1/16 in the function + * description above. */ + return x >= 0x10; +} + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_BIGNUM_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void mpi_valid_param() +{ + TEST_VALID_PARAM(mbedtls_mpi_free(NULL)); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ +void mpi_invalid_param() +{ + mbedtls_mpi X; + const char *s_in = "00101000101010"; + char s_out[16] = { 0 }; + unsigned char u_out[16] = { 0 }; + unsigned char u_in[16] = { 0 }; + size_t olen; + mbedtls_mpi_uint mpi_uint; + + TEST_INVALID_PARAM(mbedtls_mpi_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_grow(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_copy(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_copy(&X, NULL)); + + TEST_INVALID_PARAM(mbedtls_mpi_swap(NULL, &X)); + TEST_INVALID_PARAM(mbedtls_mpi_swap(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_assign(NULL, &X, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_assign(&X, NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_swap(NULL, &X, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_safe_cond_swap(&X, NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_lset(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_get_bit(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_set_bit(NULL, 42, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_string(NULL, 2, s_in)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_string(&X, 2, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(NULL, 2, + s_out, sizeof(s_out), + &olen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(&X, 2, + NULL, sizeof(s_out), + &olen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_string(&X, 2, + s_out, sizeof(s_out), + NULL)); + +#if defined(MBEDTLS_FS_IO) + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_file(NULL, 2, stdin)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_file(&X, 2, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_file("", NULL, 2, NULL)); +#endif /* MBEDTLS_FS_IO */ + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_binary(NULL, u_in, + sizeof(u_in))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_read_binary(&X, NULL, + sizeof(u_in))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_binary(NULL, u_out, + sizeof(u_out))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_write_binary(&X, NULL, + sizeof(u_out))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_shift_l(NULL, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_shift_r(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_abs(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_abs(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_mpi(NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_mpi(&X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_cmp_int(NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_abs(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_abs(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_add_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_sub_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mul_int(&X, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_mpi(&X, &X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_mpi(&X, &X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_div_int(&X, &X, NULL, 42)); + + TEST_INVALID_PARAM_RET(0, mbedtls_mpi_lsb(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_mpi(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_int(NULL, &X, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_mod_int(&mpi_uint, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(NULL, &X, &X, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, NULL, &X, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, &X, NULL, &X, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_exp_mod(&X, &X, &X, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_fill_random(NULL, 42, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_fill_random(&X, 42, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_gcd(&X, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(&X, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, + mbedtls_mpi_inv_mod(&X, &X, NULL)); + +exit: + return; +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_null() +{ + mbedtls_mpi X, Y, Z; + + mbedtls_mpi_init(&X); + mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&Z); + + TEST_ASSERT(mbedtls_mpi_get_bit(&X, 42) == 0); + TEST_ASSERT(mbedtls_mpi_lsb(&X) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&X) == 0); + TEST_ASSERT(mbedtls_mpi_size(&X) == 0); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_read_write_string(int radix_X, char *input_X, int radix_A, + char *input_A, int output_size, int result_read, + int result_write) +{ + mbedtls_mpi X; + char str[1000]; + size_t len; + + mbedtls_mpi_init(&X); + + memset(str, '!', sizeof(str)); + + TEST_ASSERT(mbedtls_mpi_read_string(&X, radix_X, input_X) == result_read); + if (result_read == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write); + if (result_write == 0) { + TEST_ASSERT(strcmp(str, input_A) == 0); + TEST_ASSERT(str[len] == '!'); + } + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_read_binary(data_t *buf, char *input_A) +{ + mbedtls_mpi X; + char str[1000]; + size_t len; + + mbedtls_mpi_init(&X); + + + TEST_ASSERT(mbedtls_mpi_read_binary(&X, buf->x, buf->len) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); + TEST_ASSERT(strcmp((char *) str, input_A) == 0); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_read_binary_le(data_t *buf, char *input_A) +{ + mbedtls_mpi X; + char str[1000]; + size_t len; + + mbedtls_mpi_init(&X); + + + TEST_ASSERT(mbedtls_mpi_read_binary_le(&X, buf->x, buf->len) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_write_string(&X, 16, str, sizeof(str), &len) == 0); + TEST_ASSERT(strcmp((char *) str, input_A) == 0); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_write_binary(char *input_X, data_t *input_A, + int output_size, int result) +{ + mbedtls_mpi X; + unsigned char buf[1000]; + size_t buflen; + + memset(buf, 0x00, 1000); + + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + buflen = mbedtls_mpi_size(&X); + if (buflen > (size_t) output_size) { + buflen = (size_t) output_size; + } + + TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == result); + if (result == 0) { + + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_write_binary_le(char *input_X, data_t *input_A, + int output_size, int result) +{ + mbedtls_mpi X; + unsigned char buf[1000]; + size_t buflen; + + memset(buf, 0x00, 1000); + + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + buflen = mbedtls_mpi_size(&X); + if (buflen > (size_t) output_size) { + buflen = (size_t) output_size; + } + + TEST_ASSERT(mbedtls_mpi_write_binary_le(&X, buf, buflen) == result); + if (result == 0) { + + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ +void mpi_read_file(char *input_file, data_t *input_A, int result) +{ + mbedtls_mpi X; + unsigned char buf[1000]; + size_t buflen; + FILE *file; + int ret; + + memset(buf, 0x00, 1000); + + mbedtls_mpi_init(&X); + + file = fopen(input_file, "r"); + TEST_ASSERT(file != NULL); + ret = mbedtls_mpi_read_file(&X, 16, file); + fclose(file); + TEST_ASSERT(ret == result); + + if (result == 0) { + TEST_ASSERT(sign_is_valid(&X)); + buflen = mbedtls_mpi_size(&X); + TEST_ASSERT(mbedtls_mpi_write_binary(&X, buf, buflen) == 0); + + + TEST_ASSERT(mbedtls_test_hexcmp(buf, input_A->x, + buflen, input_A->len) == 0); + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ +void mpi_write_file(char *input_X, char *output_file) +{ + mbedtls_mpi X, Y; + FILE *file_out, *file_in; + int ret; + + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + file_out = fopen(output_file, "w"); + TEST_ASSERT(file_out != NULL); + ret = mbedtls_mpi_write_file(NULL, &X, 16, file_out); + fclose(file_out); + TEST_ASSERT(ret == 0); + + file_in = fopen(output_file, "r"); + TEST_ASSERT(file_in != NULL); + ret = mbedtls_mpi_read_file(&Y, 16, file_in); + fclose(file_in); + TEST_ASSERT(ret == 0); + + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_get_bit(char *input_X, int pos, int val) +{ + mbedtls_mpi X; + mbedtls_mpi_init(&X); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_get_bit(&X, pos) == val); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_set_bit(char *input_X, int pos, int val, + char *output_Y, int result) +{ + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, output_Y) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&X, pos, val) == result); + + if (result == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_lsb(char *input_X, int nr_bits) +{ + mbedtls_mpi X; + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_lsb(&X) == (size_t) nr_bits); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_bitlen(char *input_X, int nr_bits) +{ + mbedtls_mpi X; + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&X) == (size_t) nr_bits); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_gcd(char *input_X, char *input_Y, + char *input_A) +{ + mbedtls_mpi A, X, Y, Z; + mbedtls_mpi_init(&A); mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_gcd(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + +exit: + mbedtls_mpi_free(&A); mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_cmp_int(int input_X, int input_A, int result_CMP) +{ + mbedtls_mpi X; + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_mpi_lset(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&X, input_A) == result_CMP); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_cmp_mpi(char *input_X, char *input_Y, + int input_A) +{ + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y) == input_A); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_lt_mpi_ct(int size_X, char *input_X, + int size_Y, char *input_Y, + int input_ret, int input_err) +{ + unsigned ret = -1; + unsigned input_uret = input_ret; + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + + TEST_ASSERT(mbedtls_mpi_grow(&X, size_X) == 0); + TEST_ASSERT(mbedtls_mpi_grow(&Y, size_Y) == 0); + + TEST_ASSERT(mbedtls_mpi_lt_mpi_ct(&X, &Y, &ret) == input_err); + if (input_err == 0) { + TEST_ASSERT(ret == input_uret); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_cmp_abs(char *input_X, char *input_Y, + int input_A) +{ + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_abs(&X, &Y) == input_A); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_copy(char *src_hex, char *dst_hex) +{ + mbedtls_mpi src, dst, ref; + mbedtls_mpi_init(&src); + mbedtls_mpi_init(&dst); + mbedtls_mpi_init(&ref); + + TEST_ASSERT(mbedtls_test_read_mpi(&src, src_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ref, dst_hex) == 0); + + /* mbedtls_mpi_copy() */ + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_copy(&dst, &src) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); + + /* mbedtls_mpi_safe_cond_assign(), assignment done */ + mbedtls_mpi_free(&dst); + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 1) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &src) == 0); + + /* mbedtls_mpi_safe_cond_assign(), assignment not done */ + mbedtls_mpi_free(&dst); + TEST_ASSERT(mbedtls_test_read_mpi(&dst, dst_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_assign(&dst, &src, 0) == 0); + TEST_ASSERT(sign_is_valid(&dst)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&dst, &ref) == 0); + +exit: + mbedtls_mpi_free(&src); + mbedtls_mpi_free(&dst); + mbedtls_mpi_free(&ref); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_copy_self(char *input_X) +{ + mbedtls_mpi X, A; + mbedtls_mpi_init(&A); + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_copy(&X, &X) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + +exit: + mbedtls_mpi_free(&A); + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_swap(char *X_hex, char *Y_hex) +{ + mbedtls_mpi X, Y, X0, Y0; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + mbedtls_mpi_init(&X0); mbedtls_mpi_init(&Y0); + + TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y0, Y_hex) == 0); + + /* mbedtls_mpi_swap() */ + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + mbedtls_mpi_swap(&X, &Y); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); + + /* mbedtls_mpi_safe_cond_swap(), swap done */ + mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 1) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &Y0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &X0) == 0); + + /* mbedtls_mpi_safe_cond_swap(), swap not done */ + mbedtls_mpi_free(&X); + mbedtls_mpi_free(&Y); + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, Y_hex) == 0); + TEST_ASSERT(mbedtls_mpi_safe_cond_swap(&X, &Y, 0) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &Y0) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + mbedtls_mpi_free(&X0); mbedtls_mpi_free(&Y0); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_swap_self(char *X_hex) +{ + mbedtls_mpi X, X0; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&X0); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, X_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X0, X_hex) == 0); + + mbedtls_mpi_swap(&X, &X); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &X0) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&X0); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_shrink(int before, int used, int min, int after) +{ + mbedtls_mpi X; + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_mpi_grow(&X, before) == 0); + if (used > 0) { + size_t used_bit_count = used * 8 * sizeof(mbedtls_mpi_uint); + TEST_ASSERT(mbedtls_mpi_set_bit(&X, used_bit_count - 1, 1) == 0); + } + TEST_EQUAL(X.n, (size_t) before); + TEST_ASSERT(mbedtls_mpi_shrink(&X, min) == 0); + TEST_EQUAL(X.n, (size_t) after); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_add_mpi(char *input_X, char *input_Y, + char *input_A) +{ + mbedtls_mpi X, Y, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + + /* result == first operand */ + TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + /* result == second operand */ + TEST_ASSERT(mbedtls_mpi_add_mpi(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_add_mpi_inplace(char *input_X, char *input_A) +{ + mbedtls_mpi X, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&X, 0) == 0); + TEST_ASSERT(sign_is_valid(&X)); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_mpi_add_mpi(&X, &X, &X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); +} +/* END_CASE */ + + +/* BEGIN_CASE */ +void mpi_add_abs(char *input_X, char *input_Y, + char *input_A) +{ + mbedtls_mpi X, Y, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_abs(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + + /* result == first operand */ + TEST_ASSERT(mbedtls_mpi_add_abs(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + /* result == second operand */ + TEST_ASSERT(mbedtls_mpi_add_abs(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_add_int(char *input_X, int input_Y, + char *input_A) +{ + mbedtls_mpi X, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_add_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_sub_mpi(char *input_X, char *input_Y, + char *input_A) +{ + mbedtls_mpi X, Y, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_sub_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + + /* result == first operand */ + TEST_ASSERT(mbedtls_mpi_sub_mpi(&X, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + /* result == second operand */ + TEST_ASSERT(mbedtls_mpi_sub_mpi(&Y, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Y)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_sub_abs(char *input_X, char *input_Y, + char *input_A, int sub_result) +{ + mbedtls_mpi X, Y, Z, A; + int res; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + + res = mbedtls_mpi_sub_abs(&Z, &X, &Y); + TEST_ASSERT(res == sub_result); + TEST_ASSERT(sign_is_valid(&Z)); + if (res == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + } + + /* result == first operand */ + TEST_ASSERT(mbedtls_mpi_sub_abs(&X, &X, &Y) == sub_result); + TEST_ASSERT(sign_is_valid(&X)); + if (sub_result == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + } + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + /* result == second operand */ + TEST_ASSERT(mbedtls_mpi_sub_abs(&Y, &X, &Y) == sub_result); + TEST_ASSERT(sign_is_valid(&Y)); + if (sub_result == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Y, &A) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_sub_int(char *input_X, int input_Y, + char *input_A) +{ + mbedtls_mpi X, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_sub_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_mul_mpi(char *input_X, char *input_Y, + char *input_A) +{ + mbedtls_mpi X, Y, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_mul_mpi(&Z, &X, &Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_mul_int(char *input_X, int input_Y, + char *input_A, char *result_comparison) +{ + mbedtls_mpi X, Z, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_mul_int(&Z, &X, input_Y) == 0); + TEST_ASSERT(sign_is_valid(&Z)); + if (strcmp(result_comparison, "==") == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + } else if (strcmp(result_comparison, "!=") == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) != 0); + } else { + TEST_ASSERT("unknown operator" == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_div_mpi(char *input_X, char *input_Y, + char *input_A, char *input_B, + int div_result) +{ + mbedtls_mpi X, Y, Q, R, A, B; + int res; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); + mbedtls_mpi_init(&A); mbedtls_mpi_init(&B); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); + res = mbedtls_mpi_div_mpi(&Q, &R, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Q)); + TEST_ASSERT(sign_is_valid(&R)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); + mbedtls_mpi_free(&A); mbedtls_mpi_free(&B); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_div_int(char *input_X, int input_Y, + char *input_A, char *input_B, + int div_result) +{ + mbedtls_mpi X, Q, R, A, B; + int res; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&R); mbedtls_mpi_init(&A); + mbedtls_mpi_init(&B); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&B, input_B) == 0); + res = mbedtls_mpi_div_int(&Q, &R, &X, input_Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Q)); + TEST_ASSERT(sign_is_valid(&R)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &A) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&R); mbedtls_mpi_free(&A); + mbedtls_mpi_free(&B); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_mod_mpi(char *input_X, char *input_Y, + char *input_A, int div_result) +{ + mbedtls_mpi X, Y, A; + int res; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + res = mbedtls_mpi_mod_mpi(&X, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_mod_int(char *input_X, mbedtls_mpi_sint y, + mbedtls_mpi_sint a, int mod_result) +{ + mbedtls_mpi X; + int res; + mbedtls_mpi_uint r; + + mbedtls_mpi_init(&X); + + TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0); + + res = mbedtls_mpi_mod_int(&r, &X, y); + TEST_EQUAL(res, mod_result); + if (res == 0) { + TEST_EQUAL(r, a); + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_exp_mod(char *input_A, char *input_E, + char *input_N, char *input_X, + int exp_result) +{ + mbedtls_mpi A, E, N, RR, Z, X; + int res; + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, NULL); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); + } + + /* Now test again with the speed-up parameter supplied as an output. */ + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); + } + + /* Now test again with the speed-up parameter supplied in calculated form. */ + res = mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR); + TEST_ASSERT(res == exp_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &X) == 0); + } + +exit: + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_exp_mod_size(int A_bytes, int E_bytes, int N_bytes, + char *input_RR, int exp_result) +{ + mbedtls_mpi A, E, N, RR, Z; + mbedtls_mpi_init(&A); mbedtls_mpi_init(&E); mbedtls_mpi_init(&N); + mbedtls_mpi_init(&RR); mbedtls_mpi_init(&Z); + + /* Set A to 2^(A_bytes - 1) + 1 */ + TEST_ASSERT(mbedtls_mpi_lset(&A, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&A, (A_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&A, 0, 1) == 0); + + /* Set E to 2^(E_bytes - 1) + 1 */ + TEST_ASSERT(mbedtls_mpi_lset(&E, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&E, (E_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 1) == 0); + + /* Set N to 2^(N_bytes - 1) + 1 */ + TEST_ASSERT(mbedtls_mpi_lset(&N, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&N, (N_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&N, 0, 1) == 0); + + if (strlen(input_RR)) { + TEST_ASSERT(mbedtls_test_read_mpi(&RR, input_RR) == 0); + } + + TEST_ASSERT(mbedtls_mpi_exp_mod(&Z, &A, &E, &N, &RR) == exp_result); + +exit: + mbedtls_mpi_free(&A); mbedtls_mpi_free(&E); mbedtls_mpi_free(&N); + mbedtls_mpi_free(&RR); mbedtls_mpi_free(&Z); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_inv_mod(char *input_X, char *input_Y, + char *input_A, int div_result) +{ + mbedtls_mpi X, Y, Z, A; + int res; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, input_Y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + res = mbedtls_mpi_inv_mod(&Z, &X, &Y); + TEST_ASSERT(res == div_result); + if (res == 0) { + TEST_ASSERT(sign_is_valid(&Z)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) == 0); + } + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ +void mpi_is_prime(char *input_X, int div_result) +{ + mbedtls_mpi X; + int res; + mbedtls_mpi_init(&X); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + res = mbedtls_mpi_is_prime_ext(&X, 40, mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(res == div_result); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ +void mpi_is_prime_det(data_t *input_X, data_t *witnesses, + int chunk_len, int rounds) +{ + mbedtls_mpi X; + int res; + mbedtls_test_mpi_random rand; + + mbedtls_mpi_init(&X); + rand.data = witnesses; + rand.pos = 0; + rand.chunk_len = chunk_len; + + TEST_ASSERT(mbedtls_mpi_read_binary(&X, input_X->x, input_X->len) == 0); + res = mbedtls_mpi_is_prime_ext(&X, rounds - 1, + mbedtls_test_mpi_miller_rabin_determinizer, + &rand); + TEST_ASSERT(res == 0); + + rand.data = witnesses; + rand.pos = 0; + rand.chunk_len = chunk_len; + + res = mbedtls_mpi_is_prime_ext(&X, rounds, + mbedtls_test_mpi_miller_rabin_determinizer, + &rand); + TEST_ASSERT(res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ +void mpi_gen_prime(int bits, int flags, int ref_ret) +{ + mbedtls_mpi X; + int my_ret; + + mbedtls_mpi_init(&X); + + my_ret = mbedtls_mpi_gen_prime(&X, bits, flags, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(my_ret == ref_ret); + + if (ref_ret == 0) { + size_t actual_bits = mbedtls_mpi_bitlen(&X); + + TEST_ASSERT(actual_bits >= (size_t) bits); + TEST_ASSERT(actual_bits <= (size_t) bits + 1); + TEST_ASSERT(sign_is_valid(&X)); + + TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, + mbedtls_test_rnd_std_rand, + NULL) == 0); + if (flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH) { + /* X = ( X - 1 ) / 2 */ + TEST_ASSERT(mbedtls_mpi_shift_r(&X, 1) == 0); + TEST_ASSERT(mbedtls_mpi_is_prime_ext(&X, 40, + mbedtls_test_rnd_std_rand, + NULL) == 0); + } + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_shift_l(char *input_X, int shift_X, + char *input_A) +{ + mbedtls_mpi X, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&X, shift_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_shift_r(char *input_X, int shift_X, + char *input_A) +{ + mbedtls_mpi X, A; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&A); + + TEST_ASSERT(mbedtls_test_read_mpi(&X, input_X) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&A, input_A) == 0); + TEST_ASSERT(mbedtls_mpi_shift_r(&X, shift_X) == 0); + TEST_ASSERT(sign_is_valid(&X)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&X, &A) == 0); + +exit: + mbedtls_mpi_free(&X); mbedtls_mpi_free(&A); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_fill_random(int wanted_bytes, int rng_bytes, + int before, int expected_ret) +{ + mbedtls_mpi X; + int ret; + size_t bytes_left = rng_bytes; + mbedtls_mpi_init(&X); + + if (before != 0) { + /* Set X to sign(before) * 2^(|before|-1) */ + TEST_ASSERT(mbedtls_mpi_lset(&X, before > 0 ? 1 : -1) == 0); + if (before < 0) { + before = -before; + } + TEST_ASSERT(mbedtls_mpi_shift_l(&X, before - 1) == 0); + } + + ret = mbedtls_mpi_fill_random(&X, wanted_bytes, + f_rng_bytes_left, &bytes_left); + TEST_ASSERT(ret == expected_ret); + + if (expected_ret == 0) { + /* mbedtls_mpi_fill_random is documented to use bytes from the RNG + * as a big-endian representation of the number. We know when + * our RNG function returns null bytes, so we know how many + * leading zero bytes the number has. */ + size_t leading_zeros = 0; + if (wanted_bytes > 0 && rng_bytes % 256 == 0) { + leading_zeros = 1; + } + TEST_ASSERT(mbedtls_mpi_size(&X) + leading_zeros == + (size_t) wanted_bytes); + TEST_ASSERT((int) bytes_left == rng_bytes - wanted_bytes); + TEST_ASSERT(sign_is_valid(&X)); + } + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_random_many(int min, data_t *bound_bytes, int iterations) +{ + /* Generate numbers in the range 1..bound-1. Do it iterations times. + * This function assumes that the value of bound is at least 2 and + * that iterations is large enough that a one-in-2^iterations chance + * effectively never occurs. + */ + + mbedtls_mpi upper_bound; + size_t n_bits; + mbedtls_mpi result; + size_t b; + /* If upper_bound is small, stats[b] is the number of times the value b + * has been generated. Otherwise stats[b] is the number of times a + * value with bit b set has been generated. */ + size_t *stats = NULL; + size_t stats_len; + int full_stats; + size_t i; + + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); + + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + n_bits = mbedtls_mpi_bitlen(&upper_bound); + /* Consider a bound "small" if it's less than 2^5. This value is chosen + * to be small enough that the probability of missing one value is + * negligible given the number of iterations. It must be less than + * 256 because some of the code below assumes that "small" values + * fit in a byte. */ + if (n_bits <= 5) { + full_stats = 1; + stats_len = bound_bytes->x[bound_bytes->len - 1]; + } else { + full_stats = 0; + stats_len = n_bits; + } + TEST_CALLOC(stats, stats_len); + + for (i = 0; i < (size_t) iterations; i++) { + mbedtls_test_set_step(i); + TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_ASSERT(sign_is_valid(&result)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0); + if (full_stats) { + uint8_t value; + TEST_EQUAL(0, mbedtls_mpi_write_binary(&result, &value, 1)); + TEST_ASSERT(value < stats_len); + ++stats[value]; + } else { + for (b = 0; b < n_bits; b++) { + stats[b] += mbedtls_mpi_get_bit(&result, b); + } + } + } + + if (full_stats) { + for (b = min; b < stats_len; b++) { + mbedtls_test_set_step(1000000 + b); + /* Assert that each value has been reached at least once. + * This is almost guaranteed if the iteration count is large + * enough. This is a very crude way of checking the distribution. + */ + TEST_ASSERT(stats[b] > 0); + } + } else { + int statistically_safe_all_the_way = + is_significantly_above_a_power_of_2(bound_bytes); + for (b = 0; b < n_bits; b++) { + mbedtls_test_set_step(1000000 + b); + /* Assert that each bit has been set in at least one result and + * clear in at least one result. Provided that iterations is not + * too small, it would be extremely unlikely for this not to be + * the case if the results are uniformly distributed. + * + * As an exception, the top bit may legitimately never be set + * if bound is a power of 2 or only slightly above. + */ + if (statistically_safe_all_the_way || b != n_bits - 1) { + TEST_ASSERT(stats[b] > 0); + } + TEST_ASSERT(stats[b] < (size_t) iterations); + } + } + +exit: + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); + mbedtls_free(stats); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_random_sizes(int min, data_t *bound_bytes, int nlimbs, int before) +{ + mbedtls_mpi upper_bound; + mbedtls_mpi result; + + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); + + if (before != 0) { + /* Set result to sign(before) * 2^(|before|-1) */ + TEST_ASSERT(mbedtls_mpi_lset(&result, before > 0 ? 1 : -1) == 0); + if (before < 0) { + before = -before; + } + TEST_ASSERT(mbedtls_mpi_shift_l(&result, before - 1) == 0); + } + + TEST_EQUAL(0, mbedtls_mpi_grow(&result, nlimbs)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + TEST_EQUAL(0, mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL)); + TEST_ASSERT(sign_is_valid(&result)); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&result, &upper_bound) < 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&result, min) >= 0); + +exit: + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_random_fail(int min, data_t *bound_bytes, int expected_ret) +{ + mbedtls_mpi upper_bound; + mbedtls_mpi result; + int actual_ret; + + mbedtls_mpi_init(&upper_bound); + mbedtls_mpi_init(&result); + + TEST_EQUAL(0, mbedtls_mpi_read_binary(&upper_bound, + bound_bytes->x, bound_bytes->len)); + actual_ret = mbedtls_mpi_random(&result, min, &upper_bound, + mbedtls_test_rnd_std_rand, NULL); + TEST_EQUAL(expected_ret, actual_ret); + +exit: + mbedtls_mpi_free(&upper_bound); + mbedtls_mpi_free(&result); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void most_negative_mpi_sint() +{ + /* Ad hoc tests for n = -p = -2^(biL-1) as a mbedtls_mpi_sint. We + * guarantee that mbedtls_mpi_sint is a two's complement type, so this + * is a valid value. However, negating it (`-n`) has undefined behavior + * (although in practice `-n` evaluates to the value n). + * + * This function has ad hoc tests for this value. It's separated from other + * functions because the test framework makes it hard to pass this value + * into test cases. + * + * In the comments here: + * - biL = number of bits in limbs + * - p = 2^(biL-1) (smallest positive value not in mbedtls_mpi_sint range) + * - n = -2^(biL-1) (largest negative value in mbedtls_mpi_sint range) + */ + + mbedtls_mpi A, R, X; + mbedtls_mpi_init(&A); + mbedtls_mpi_init(&R); + mbedtls_mpi_init(&X); + + const size_t biL = 8 * sizeof(mbedtls_mpi_sint); + mbedtls_mpi_uint most_positive_plus_1 = (mbedtls_mpi_uint) 1 << (biL - 1); + const mbedtls_mpi_sint most_positive = most_positive_plus_1 - 1; + const mbedtls_mpi_sint most_negative = -most_positive - 1; + TEST_EQUAL((mbedtls_mpi_uint) most_negative, + (mbedtls_mpi_uint) 1 << (biL - 1)); + TEST_EQUAL((mbedtls_mpi_uint) most_negative << 1, 0); + + /* Test mbedtls_mpi_lset() */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(A.s, -1); + TEST_EQUAL(A.n, 1); + TEST_EQUAL(A.p[0], most_positive_plus_1); + + /* Test mbedtls_mpi_cmp_int(): -p == -p */ + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 0); + + /* Test mbedtls_mpi_cmp_int(): -(p+1) < -p */ + A.p[0] = most_positive_plus_1 + 1; + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), -1); + + /* Test mbedtls_mpi_cmp_int(): -(p-1) > -p */ + A.p[0] = most_positive_plus_1 - 1; + TEST_EQUAL(mbedtls_mpi_cmp_int(&A, most_negative), 1); + + /* Test mbedtls_mpi_add_int(): (p-1) + (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); + + /* Test mbedtls_mpi_add_int(): (0) + (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, most_negative), 0); + + /* Test mbedtls_mpi_add_int(): (-p) + (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, -1); + TEST_EQUAL(X.n, 2); + TEST_EQUAL(X.p[0], 0); + TEST_EQUAL(X.p[1], 1); + + /* Test mbedtls_mpi_sub_int(): (p) - (-p) */ + mbedtls_mpi_free(&X); + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, 1); + TEST_EQUAL(X.n, 1); + TEST_EQUAL(X.p[0], ~(mbedtls_mpi_uint) 0); + + /* Test mbedtls_mpi_sub_int(): (0) - (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, 0), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(X.s, 1); + TEST_EQUAL(X.n, 1); + TEST_EQUAL(X.p[0], most_positive_plus_1); + + /* Test mbedtls_mpi_sub_int(): (-p) - (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_sub_int(&X, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); + + /* Test mbedtls_mpi_div_int(): (-p+1) / (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, -most_positive), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); + + /* Test mbedtls_mpi_div_int(): (-p) / (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); + + /* Test mbedtls_mpi_div_int(): (-2*p) / (-p) */ + TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 2), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); + + /* Test mbedtls_mpi_div_int(): (-2*p+1) / (-p) */ + TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, -most_positive), 0); + + /* Test mbedtls_mpi_div_int(): (p-1) / (-p) */ + TEST_EQUAL(mbedtls_mpi_lset(&A, most_positive), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, 0), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, most_positive), 0); + + /* Test mbedtls_mpi_div_int(): (p) / (-p) */ + TEST_EQUAL(mbedtls_mpi_add_int(&A, &A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); + + /* Test mbedtls_mpi_div_int(): (2*p) / (-p) */ + TEST_EQUAL(mbedtls_mpi_shift_l(&A, 1), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&X, &R, &A, most_negative), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&X, -2), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&R, 0), 0); + + /* Test mbedtls_mpi_mod_int(): never valid */ + TEST_EQUAL(mbedtls_mpi_mod_int(X.p, &A, most_negative), + MBEDTLS_ERR_MPI_NEGATIVE_VALUE); + + /* Test mbedtls_mpi_random(): never valid */ + TEST_EQUAL(mbedtls_mpi_random(&X, most_negative, &A, + mbedtls_test_rnd_std_rand, NULL), + MBEDTLS_ERR_MPI_BAD_INPUT_DATA); + +exit: + mbedtls_mpi_free(&A); + mbedtls_mpi_free(&R); + mbedtls_mpi_free(&X); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ +void mpi_selftest() +{ + TEST_ASSERT(mbedtls_mpi_self_test(1) == 0); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_bignum.generated.data b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.generated.data new file mode 100644 index 00000000000..6badd0b013a --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.generated.data @@ -0,0 +1,975 @@ +# Automatically generated by generate_bignum_tests.py. Do not edit! + +MPI add #1 0 (null) + 0 (null) +mpi_add_mpi:"":"":"0" + +MPI add #2 0 (null) + 0 (1 limb) +mpi_add_mpi:"":"0":"0" + +MPI add #3 0 (null) + negative 0 (null) +mpi_add_mpi:"":"-":"0" + +MPI add #4 0 (null) + negative with leading zero limb +mpi_add_mpi:"":"-0":"0" + +MPI add #5 0 (null) + positive +mpi_add_mpi:"":"7b":"7b" + +MPI add #6 0 (null) + negative +mpi_add_mpi:"":"-7b":"-7b" + +MPI add #7 0 (null) + positive with leading zero limb +mpi_add_mpi:"":"0000000000000000123":"123" + +MPI add #8 0 (null) + negative with leading zero limb +mpi_add_mpi:"":"-0000000000000000123":"-123" + +MPI add #9 0 (null) + large positive +mpi_add_mpi:"":"1230000000000000000":"1230000000000000000" + +MPI add #10 0 (null) + large negative +mpi_add_mpi:"":"-1230000000000000000":"-1230000000000000000" + +MPI add #11 0 (1 limb) + 0 (null) +mpi_add_mpi:"0":"":"0" + +MPI add #12 0 (1 limb) + 0 (1 limb) +mpi_add_mpi:"0":"0":"0" + +MPI add #13 0 (1 limb) + negative 0 (null) +mpi_add_mpi:"0":"-":"0" + +MPI add #14 0 (1 limb) + negative with leading zero limb +mpi_add_mpi:"0":"-0":"0" + +MPI add #15 0 (1 limb) + positive +mpi_add_mpi:"0":"7b":"7b" + +MPI add #16 0 (1 limb) + negative +mpi_add_mpi:"0":"-7b":"-7b" + +MPI add #17 0 (1 limb) + positive with leading zero limb +mpi_add_mpi:"0":"0000000000000000123":"123" + +MPI add #18 0 (1 limb) + negative with leading zero limb +mpi_add_mpi:"0":"-0000000000000000123":"-123" + +MPI add #19 0 (1 limb) + large positive +mpi_add_mpi:"0":"1230000000000000000":"1230000000000000000" + +MPI add #20 0 (1 limb) + large negative +mpi_add_mpi:"0":"-1230000000000000000":"-1230000000000000000" + +MPI add #21 negative 0 (null) + 0 (null) +mpi_add_mpi:"-":"":"0" + +MPI add #22 negative 0 (null) + 0 (1 limb) +mpi_add_mpi:"-":"0":"0" + +MPI add #23 negative 0 (null) + negative 0 (null) +mpi_add_mpi:"-":"-":"0" + +MPI add #24 negative 0 (null) + negative with leading zero limb +mpi_add_mpi:"-":"-0":"0" + +MPI add #25 negative 0 (null) + positive +mpi_add_mpi:"-":"7b":"7b" + +MPI add #26 negative 0 (null) + negative +mpi_add_mpi:"-":"-7b":"-7b" + +MPI add #27 negative 0 (null) + positive with leading zero limb +mpi_add_mpi:"-":"0000000000000000123":"123" + +MPI add #28 negative 0 (null) + negative with leading zero limb +mpi_add_mpi:"-":"-0000000000000000123":"-123" + +MPI add #29 negative 0 (null) + large positive +mpi_add_mpi:"-":"1230000000000000000":"1230000000000000000" + +MPI add #30 negative 0 (null) + large negative +mpi_add_mpi:"-":"-1230000000000000000":"-1230000000000000000" + +MPI add #31 negative with leading zero limb + 0 (null) +mpi_add_mpi:"-0":"":"0" + +MPI add #32 negative with leading zero limb + 0 (1 limb) +mpi_add_mpi:"-0":"0":"0" + +MPI add #33 negative with leading zero limb + negative 0 (null) +mpi_add_mpi:"-0":"-":"0" + +MPI add #34 negative with leading zero limb + negative with leading zero limb +mpi_add_mpi:"-0":"-0":"0" + +MPI add #35 negative with leading zero limb + positive +mpi_add_mpi:"-0":"7b":"7b" + +MPI add #36 negative with leading zero limb + negative +mpi_add_mpi:"-0":"-7b":"-7b" + +MPI add #37 negative with leading zero limb + positive with leading zero limb +mpi_add_mpi:"-0":"0000000000000000123":"123" + +MPI add #38 negative with leading zero limb + negative with leading zero limb +mpi_add_mpi:"-0":"-0000000000000000123":"-123" + +MPI add #39 negative with leading zero limb + large positive +mpi_add_mpi:"-0":"1230000000000000000":"1230000000000000000" + +MPI add #40 negative with leading zero limb + large negative +mpi_add_mpi:"-0":"-1230000000000000000":"-1230000000000000000" + +MPI add #41 positive + 0 (null) +mpi_add_mpi:"7b":"":"7b" + +MPI add #42 positive + 0 (1 limb) +mpi_add_mpi:"7b":"0":"7b" + +MPI add #43 positive + negative 0 (null) +mpi_add_mpi:"7b":"-":"7b" + +MPI add #44 positive + negative with leading zero limb +mpi_add_mpi:"7b":"-0":"7b" + +MPI add #45 positive + positive +mpi_add_mpi:"7b":"7b":"f6" + +MPI add #46 positive + negative , result=0 +mpi_add_mpi:"7b":"-7b":"0" + +MPI add #47 positive + positive with leading zero limb +mpi_add_mpi:"7b":"0000000000000000123":"19e" + +MPI add #48 positive + negative with leading zero limb , result<0 +mpi_add_mpi:"7b":"-0000000000000000123":"-a8" + +MPI add #49 positive + large positive +mpi_add_mpi:"7b":"1230000000000000000":"123000000000000007b" + +MPI add #50 positive + large negative , result<0 +mpi_add_mpi:"7b":"-1230000000000000000":"-122ffffffffffffff85" + +MPI add #51 negative + 0 (null) +mpi_add_mpi:"-7b":"":"-7b" + +MPI add #52 negative + 0 (1 limb) +mpi_add_mpi:"-7b":"0":"-7b" + +MPI add #53 negative + negative 0 (null) +mpi_add_mpi:"-7b":"-":"-7b" + +MPI add #54 negative + negative with leading zero limb +mpi_add_mpi:"-7b":"-0":"-7b" + +MPI add #55 negative + positive , result=0 +mpi_add_mpi:"-7b":"7b":"0" + +MPI add #56 negative + negative +mpi_add_mpi:"-7b":"-7b":"-f6" + +MPI add #57 negative + positive with leading zero limb , result>0 +mpi_add_mpi:"-7b":"0000000000000000123":"a8" + +MPI add #58 negative + negative with leading zero limb +mpi_add_mpi:"-7b":"-0000000000000000123":"-19e" + +MPI add #59 negative + large positive , result>0 +mpi_add_mpi:"-7b":"1230000000000000000":"122ffffffffffffff85" + +MPI add #60 negative + large negative +mpi_add_mpi:"-7b":"-1230000000000000000":"-123000000000000007b" + +MPI add #61 positive with leading zero limb + 0 (null) +mpi_add_mpi:"0000000000000000123":"":"123" + +MPI add #62 positive with leading zero limb + 0 (1 limb) +mpi_add_mpi:"0000000000000000123":"0":"123" + +MPI add #63 positive with leading zero limb + negative 0 (null) +mpi_add_mpi:"0000000000000000123":"-":"123" + +MPI add #64 positive with leading zero limb + negative with leading zero limb +mpi_add_mpi:"0000000000000000123":"-0":"123" + +MPI add #65 positive with leading zero limb + positive +mpi_add_mpi:"0000000000000000123":"7b":"19e" + +MPI add #66 positive with leading zero limb + negative , result>0 +mpi_add_mpi:"0000000000000000123":"-7b":"a8" + +MPI add #67 positive with leading zero limb + positive with leading zero limb +mpi_add_mpi:"0000000000000000123":"0000000000000000123":"246" + +MPI add #68 positive with leading zero limb + negative with leading zero limb , result=0 +mpi_add_mpi:"0000000000000000123":"-0000000000000000123":"0" + +MPI add #69 positive with leading zero limb + large positive +mpi_add_mpi:"0000000000000000123":"1230000000000000000":"1230000000000000123" + +MPI add #70 positive with leading zero limb + large negative , result<0 +mpi_add_mpi:"0000000000000000123":"-1230000000000000000":"-122fffffffffffffedd" + +MPI add #71 negative with leading zero limb + 0 (null) +mpi_add_mpi:"-0000000000000000123":"":"-123" + +MPI add #72 negative with leading zero limb + 0 (1 limb) +mpi_add_mpi:"-0000000000000000123":"0":"-123" + +MPI add #73 negative with leading zero limb + negative 0 (null) +mpi_add_mpi:"-0000000000000000123":"-":"-123" + +MPI add #74 negative with leading zero limb + negative with leading zero limb +mpi_add_mpi:"-0000000000000000123":"-0":"-123" + +MPI add #75 negative with leading zero limb + positive , result<0 +mpi_add_mpi:"-0000000000000000123":"7b":"-a8" + +MPI add #76 negative with leading zero limb + negative +mpi_add_mpi:"-0000000000000000123":"-7b":"-19e" + +MPI add #77 negative with leading zero limb + positive with leading zero limb , result=0 +mpi_add_mpi:"-0000000000000000123":"0000000000000000123":"0" + +MPI add #78 negative with leading zero limb + negative with leading zero limb +mpi_add_mpi:"-0000000000000000123":"-0000000000000000123":"-246" + +MPI add #79 negative with leading zero limb + large positive , result>0 +mpi_add_mpi:"-0000000000000000123":"1230000000000000000":"122fffffffffffffedd" + +MPI add #80 negative with leading zero limb + large negative +mpi_add_mpi:"-0000000000000000123":"-1230000000000000000":"-1230000000000000123" + +MPI add #81 large positive + 0 (null) +mpi_add_mpi:"1230000000000000000":"":"1230000000000000000" + +MPI add #82 large positive + 0 (1 limb) +mpi_add_mpi:"1230000000000000000":"0":"1230000000000000000" + +MPI add #83 large positive + negative 0 (null) +mpi_add_mpi:"1230000000000000000":"-":"1230000000000000000" + +MPI add #84 large positive + negative with leading zero limb +mpi_add_mpi:"1230000000000000000":"-0":"1230000000000000000" + +MPI add #85 large positive + positive +mpi_add_mpi:"1230000000000000000":"7b":"123000000000000007b" + +MPI add #86 large positive + negative , result>0 +mpi_add_mpi:"1230000000000000000":"-7b":"122ffffffffffffff85" + +MPI add #87 large positive + positive with leading zero limb +mpi_add_mpi:"1230000000000000000":"0000000000000000123":"1230000000000000123" + +MPI add #88 large positive + negative with leading zero limb , result>0 +mpi_add_mpi:"1230000000000000000":"-0000000000000000123":"122fffffffffffffedd" + +MPI add #89 large positive + large positive +mpi_add_mpi:"1230000000000000000":"1230000000000000000":"2460000000000000000" + +MPI add #90 large positive + large negative , result=0 +mpi_add_mpi:"1230000000000000000":"-1230000000000000000":"0" + +MPI add #91 large negative + 0 (null) +mpi_add_mpi:"-1230000000000000000":"":"-1230000000000000000" + +MPI add #92 large negative + 0 (1 limb) +mpi_add_mpi:"-1230000000000000000":"0":"-1230000000000000000" + +MPI add #93 large negative + negative 0 (null) +mpi_add_mpi:"-1230000000000000000":"-":"-1230000000000000000" + +MPI add #94 large negative + negative with leading zero limb +mpi_add_mpi:"-1230000000000000000":"-0":"-1230000000000000000" + +MPI add #95 large negative + positive , result<0 +mpi_add_mpi:"-1230000000000000000":"7b":"-122ffffffffffffff85" + +MPI add #96 large negative + negative +mpi_add_mpi:"-1230000000000000000":"-7b":"-123000000000000007b" + +MPI add #97 large negative + positive with leading zero limb , result<0 +mpi_add_mpi:"-1230000000000000000":"0000000000000000123":"-122fffffffffffffedd" + +MPI add #98 large negative + negative with leading zero limb +mpi_add_mpi:"-1230000000000000000":"-0000000000000000123":"-1230000000000000123" + +MPI add #99 large negative + large positive , result=0 +mpi_add_mpi:"-1230000000000000000":"1230000000000000000":"0" + +MPI add #100 large negative + large negative +mpi_add_mpi:"-1230000000000000000":"-1230000000000000000":"-2460000000000000000" + +MPI add #101 large positive + large positive +mpi_add_mpi:"1c67967269c6":"1c67967269c6":"38cf2ce4d38c" + +MPI add #102 large positive + positive +mpi_add_mpi:"1c67967269c6":"9cde3":"1c67967c37a9" + +MPI add #103 large positive + large negative , result=0 +mpi_add_mpi:"1c67967269c6":"-1c67967269c6":"0" + +MPI add #104 large positive + negative , result>0 +mpi_add_mpi:"1c67967269c6":"-9cde3":"1c6796689be3" + +MPI add #105 positive + large positive +mpi_add_mpi:"9cde3":"1c67967269c6":"1c67967c37a9" + +MPI add #106 positive + positive +mpi_add_mpi:"9cde3":"9cde3":"139bc6" + +MPI add #107 positive + large negative , result<0 +mpi_add_mpi:"9cde3":"-1c67967269c6":"-1c6796689be3" + +MPI add #108 positive + negative , result=0 +mpi_add_mpi:"9cde3":"-9cde3":"0" + +MPI add #109 large negative + large positive , result=0 +mpi_add_mpi:"-1c67967269c6":"1c67967269c6":"0" + +MPI add #110 large negative + positive , result<0 +mpi_add_mpi:"-1c67967269c6":"9cde3":"-1c6796689be3" + +MPI add #111 large negative + large negative +mpi_add_mpi:"-1c67967269c6":"-1c67967269c6":"-38cf2ce4d38c" + +MPI add #112 large negative + negative +mpi_add_mpi:"-1c67967269c6":"-9cde3":"-1c67967c37a9" + +MPI add #113 negative + large positive , result>0 +mpi_add_mpi:"-9cde3":"1c67967269c6":"1c6796689be3" + +MPI add #114 negative + positive , result=0 +mpi_add_mpi:"-9cde3":"9cde3":"0" + +MPI add #115 negative + large negative +mpi_add_mpi:"-9cde3":"-1c67967269c6":"-1c67967c37a9" + +MPI add #116 negative + negative +mpi_add_mpi:"-9cde3":"-9cde3":"-139bc6" + +MPI compare #1 0 (null) == 0 (null) +mpi_cmp_mpi:"":"":0 + +MPI compare #2 0 (null) == 0 (1 limb) +mpi_cmp_mpi:"":"0":0 + +MPI compare #3 0 (null) == negative 0 (null) +mpi_cmp_mpi:"":"-":0 + +MPI compare #4 0 (null) == negative with leading zero limb +mpi_cmp_mpi:"":"-0":0 + +MPI compare #5 0 (null) < positive +mpi_cmp_mpi:"":"7b":-1 + +MPI compare #6 0 (null) > negative +mpi_cmp_mpi:"":"-7b":1 + +MPI compare #7 0 (null) < positive with leading zero limb +mpi_cmp_mpi:"":"0000000000000000123":-1 + +MPI compare #8 0 (null) > negative with leading zero limb +mpi_cmp_mpi:"":"-0000000000000000123":1 + +MPI compare #9 0 (null) < large positive +mpi_cmp_mpi:"":"1230000000000000000":-1 + +MPI compare #10 0 (null) > large negative +mpi_cmp_mpi:"":"-1230000000000000000":1 + +MPI compare #11 0 (1 limb) == 0 (null) +mpi_cmp_mpi:"0":"":0 + +MPI compare #12 0 (1 limb) == 0 (1 limb) +mpi_cmp_mpi:"0":"0":0 + +MPI compare #13 0 (1 limb) == negative 0 (null) +mpi_cmp_mpi:"0":"-":0 + +MPI compare #14 0 (1 limb) == negative with leading zero limb +mpi_cmp_mpi:"0":"-0":0 + +MPI compare #15 0 (1 limb) < positive +mpi_cmp_mpi:"0":"7b":-1 + +MPI compare #16 0 (1 limb) > negative +mpi_cmp_mpi:"0":"-7b":1 + +MPI compare #17 0 (1 limb) < positive with leading zero limb +mpi_cmp_mpi:"0":"0000000000000000123":-1 + +MPI compare #18 0 (1 limb) > negative with leading zero limb +mpi_cmp_mpi:"0":"-0000000000000000123":1 + +MPI compare #19 0 (1 limb) < large positive +mpi_cmp_mpi:"0":"1230000000000000000":-1 + +MPI compare #20 0 (1 limb) > large negative +mpi_cmp_mpi:"0":"-1230000000000000000":1 + +MPI compare #21 negative 0 (null) == 0 (null) +mpi_cmp_mpi:"-":"":0 + +MPI compare #22 negative 0 (null) == 0 (1 limb) +mpi_cmp_mpi:"-":"0":0 + +MPI compare #23 negative 0 (null) == negative 0 (null) +mpi_cmp_mpi:"-":"-":0 + +MPI compare #24 negative 0 (null) == negative with leading zero limb +mpi_cmp_mpi:"-":"-0":0 + +MPI compare #25 negative 0 (null) < positive +mpi_cmp_mpi:"-":"7b":-1 + +MPI compare #26 negative 0 (null) > negative +mpi_cmp_mpi:"-":"-7b":1 + +MPI compare #27 negative 0 (null) < positive with leading zero limb +mpi_cmp_mpi:"-":"0000000000000000123":-1 + +MPI compare #28 negative 0 (null) > negative with leading zero limb +mpi_cmp_mpi:"-":"-0000000000000000123":1 + +MPI compare #29 negative 0 (null) < large positive +mpi_cmp_mpi:"-":"1230000000000000000":-1 + +MPI compare #30 negative 0 (null) > large negative +mpi_cmp_mpi:"-":"-1230000000000000000":1 + +MPI compare #31 negative with leading zero limb == 0 (null) +mpi_cmp_mpi:"-0":"":0 + +MPI compare #32 negative with leading zero limb == 0 (1 limb) +mpi_cmp_mpi:"-0":"0":0 + +MPI compare #33 negative with leading zero limb == negative 0 (null) +mpi_cmp_mpi:"-0":"-":0 + +MPI compare #34 negative with leading zero limb == negative with leading zero limb +mpi_cmp_mpi:"-0":"-0":0 + +MPI compare #35 negative with leading zero limb < positive +mpi_cmp_mpi:"-0":"7b":-1 + +MPI compare #36 negative with leading zero limb > negative +mpi_cmp_mpi:"-0":"-7b":1 + +MPI compare #37 negative with leading zero limb < positive with leading zero limb +mpi_cmp_mpi:"-0":"0000000000000000123":-1 + +MPI compare #38 negative with leading zero limb > negative with leading zero limb +mpi_cmp_mpi:"-0":"-0000000000000000123":1 + +MPI compare #39 negative with leading zero limb < large positive +mpi_cmp_mpi:"-0":"1230000000000000000":-1 + +MPI compare #40 negative with leading zero limb > large negative +mpi_cmp_mpi:"-0":"-1230000000000000000":1 + +MPI compare #41 positive > 0 (null) +mpi_cmp_mpi:"7b":"":1 + +MPI compare #42 positive > 0 (1 limb) +mpi_cmp_mpi:"7b":"0":1 + +MPI compare #43 positive > negative 0 (null) +mpi_cmp_mpi:"7b":"-":1 + +MPI compare #44 positive > negative with leading zero limb +mpi_cmp_mpi:"7b":"-0":1 + +MPI compare #45 positive == positive +mpi_cmp_mpi:"7b":"7b":0 + +MPI compare #46 positive > negative +mpi_cmp_mpi:"7b":"-7b":1 + +MPI compare #47 positive < positive with leading zero limb +mpi_cmp_mpi:"7b":"0000000000000000123":-1 + +MPI compare #48 positive > negative with leading zero limb +mpi_cmp_mpi:"7b":"-0000000000000000123":1 + +MPI compare #49 positive < large positive +mpi_cmp_mpi:"7b":"1230000000000000000":-1 + +MPI compare #50 positive > large negative +mpi_cmp_mpi:"7b":"-1230000000000000000":1 + +MPI compare #51 negative < 0 (null) +mpi_cmp_mpi:"-7b":"":-1 + +MPI compare #52 negative < 0 (1 limb) +mpi_cmp_mpi:"-7b":"0":-1 + +MPI compare #53 negative < negative 0 (null) +mpi_cmp_mpi:"-7b":"-":-1 + +MPI compare #54 negative < negative with leading zero limb +mpi_cmp_mpi:"-7b":"-0":-1 + +MPI compare #55 negative < positive +mpi_cmp_mpi:"-7b":"7b":-1 + +MPI compare #56 negative == negative +mpi_cmp_mpi:"-7b":"-7b":0 + +MPI compare #57 negative < positive with leading zero limb +mpi_cmp_mpi:"-7b":"0000000000000000123":-1 + +MPI compare #58 negative > negative with leading zero limb +mpi_cmp_mpi:"-7b":"-0000000000000000123":1 + +MPI compare #59 negative < large positive +mpi_cmp_mpi:"-7b":"1230000000000000000":-1 + +MPI compare #60 negative > large negative +mpi_cmp_mpi:"-7b":"-1230000000000000000":1 + +MPI compare #61 positive with leading zero limb > 0 (null) +mpi_cmp_mpi:"0000000000000000123":"":1 + +MPI compare #62 positive with leading zero limb > 0 (1 limb) +mpi_cmp_mpi:"0000000000000000123":"0":1 + +MPI compare #63 positive with leading zero limb > negative 0 (null) +mpi_cmp_mpi:"0000000000000000123":"-":1 + +MPI compare #64 positive with leading zero limb > negative with leading zero limb +mpi_cmp_mpi:"0000000000000000123":"-0":1 + +MPI compare #65 positive with leading zero limb > positive +mpi_cmp_mpi:"0000000000000000123":"7b":1 + +MPI compare #66 positive with leading zero limb > negative +mpi_cmp_mpi:"0000000000000000123":"-7b":1 + +MPI compare #67 positive with leading zero limb == positive with leading zero limb +mpi_cmp_mpi:"0000000000000000123":"0000000000000000123":0 + +MPI compare #68 positive with leading zero limb > negative with leading zero limb +mpi_cmp_mpi:"0000000000000000123":"-0000000000000000123":1 + +MPI compare #69 positive with leading zero limb < large positive +mpi_cmp_mpi:"0000000000000000123":"1230000000000000000":-1 + +MPI compare #70 positive with leading zero limb > large negative +mpi_cmp_mpi:"0000000000000000123":"-1230000000000000000":1 + +MPI compare #71 negative with leading zero limb < 0 (null) +mpi_cmp_mpi:"-0000000000000000123":"":-1 + +MPI compare #72 negative with leading zero limb < 0 (1 limb) +mpi_cmp_mpi:"-0000000000000000123":"0":-1 + +MPI compare #73 negative with leading zero limb < negative 0 (null) +mpi_cmp_mpi:"-0000000000000000123":"-":-1 + +MPI compare #74 negative with leading zero limb < negative with leading zero limb +mpi_cmp_mpi:"-0000000000000000123":"-0":-1 + +MPI compare #75 negative with leading zero limb < positive +mpi_cmp_mpi:"-0000000000000000123":"7b":-1 + +MPI compare #76 negative with leading zero limb < negative +mpi_cmp_mpi:"-0000000000000000123":"-7b":-1 + +MPI compare #77 negative with leading zero limb < positive with leading zero limb +mpi_cmp_mpi:"-0000000000000000123":"0000000000000000123":-1 + +MPI compare #78 negative with leading zero limb == negative with leading zero limb +mpi_cmp_mpi:"-0000000000000000123":"-0000000000000000123":0 + +MPI compare #79 negative with leading zero limb < large positive +mpi_cmp_mpi:"-0000000000000000123":"1230000000000000000":-1 + +MPI compare #80 negative with leading zero limb > large negative +mpi_cmp_mpi:"-0000000000000000123":"-1230000000000000000":1 + +MPI compare #81 large positive > 0 (null) +mpi_cmp_mpi:"1230000000000000000":"":1 + +MPI compare #82 large positive > 0 (1 limb) +mpi_cmp_mpi:"1230000000000000000":"0":1 + +MPI compare #83 large positive > negative 0 (null) +mpi_cmp_mpi:"1230000000000000000":"-":1 + +MPI compare #84 large positive > negative with leading zero limb +mpi_cmp_mpi:"1230000000000000000":"-0":1 + +MPI compare #85 large positive > positive +mpi_cmp_mpi:"1230000000000000000":"7b":1 + +MPI compare #86 large positive > negative +mpi_cmp_mpi:"1230000000000000000":"-7b":1 + +MPI compare #87 large positive > positive with leading zero limb +mpi_cmp_mpi:"1230000000000000000":"0000000000000000123":1 + +MPI compare #88 large positive > negative with leading zero limb +mpi_cmp_mpi:"1230000000000000000":"-0000000000000000123":1 + +MPI compare #89 large positive == large positive +mpi_cmp_mpi:"1230000000000000000":"1230000000000000000":0 + +MPI compare #90 large positive > large negative +mpi_cmp_mpi:"1230000000000000000":"-1230000000000000000":1 + +MPI compare #91 large negative < 0 (null) +mpi_cmp_mpi:"-1230000000000000000":"":-1 + +MPI compare #92 large negative < 0 (1 limb) +mpi_cmp_mpi:"-1230000000000000000":"0":-1 + +MPI compare #93 large negative < negative 0 (null) +mpi_cmp_mpi:"-1230000000000000000":"-":-1 + +MPI compare #94 large negative < negative with leading zero limb +mpi_cmp_mpi:"-1230000000000000000":"-0":-1 + +MPI compare #95 large negative < positive +mpi_cmp_mpi:"-1230000000000000000":"7b":-1 + +MPI compare #96 large negative < negative +mpi_cmp_mpi:"-1230000000000000000":"-7b":-1 + +MPI compare #97 large negative < positive with leading zero limb +mpi_cmp_mpi:"-1230000000000000000":"0000000000000000123":-1 + +MPI compare #98 large negative < negative with leading zero limb +mpi_cmp_mpi:"-1230000000000000000":"-0000000000000000123":-1 + +MPI compare #99 large negative < large positive +mpi_cmp_mpi:"-1230000000000000000":"1230000000000000000":-1 + +MPI compare #100 large negative == large negative +mpi_cmp_mpi:"-1230000000000000000":"-1230000000000000000":0 + +MPI compare #101 negative > negative +mpi_cmp_mpi:"-2":"-3":1 + +MPI compare #102 negative == negative +mpi_cmp_mpi:"-2":"-2":0 + +MPI compare #103 positive < positive +mpi_cmp_mpi:"2b4":"2b5":-1 + +MPI compare #104 positive < positive +mpi_cmp_mpi:"2b5":"2b6":-1 + +MPI compare (abs) #1 0 (null) == 0 (null) +mpi_cmp_abs:"":"":0 + +MPI compare (abs) #2 0 (null) == 0 (1 limb) +mpi_cmp_abs:"":"0":0 + +MPI compare (abs) #3 0 (null) == 0 (null) +mpi_cmp_abs:"":"":0 + +MPI compare (abs) #4 0 (null) == 0 (1 limb) +mpi_cmp_abs:"":"0":0 + +MPI compare (abs) #5 0 (null) < positive +mpi_cmp_abs:"":"7b":-1 + +MPI compare (abs) #6 0 (null) < positive +mpi_cmp_abs:"":"7b":-1 + +MPI compare (abs) #7 0 (null) < positive with leading zero limb +mpi_cmp_abs:"":"0000000000000000123":-1 + +MPI compare (abs) #8 0 (null) < positive with leading zero limb +mpi_cmp_abs:"":"0000000000000000123":-1 + +MPI compare (abs) #9 0 (null) < large positive +mpi_cmp_abs:"":"1230000000000000000":-1 + +MPI compare (abs) #10 0 (null) < large positive +mpi_cmp_abs:"":"1230000000000000000":-1 + +MPI compare (abs) #11 0 (1 limb) == 0 (null) +mpi_cmp_abs:"0":"":0 + +MPI compare (abs) #12 0 (1 limb) == 0 (1 limb) +mpi_cmp_abs:"0":"0":0 + +MPI compare (abs) #13 0 (1 limb) == 0 (null) +mpi_cmp_abs:"0":"":0 + +MPI compare (abs) #14 0 (1 limb) == 0 (1 limb) +mpi_cmp_abs:"0":"0":0 + +MPI compare (abs) #15 0 (1 limb) < positive +mpi_cmp_abs:"0":"7b":-1 + +MPI compare (abs) #16 0 (1 limb) < positive +mpi_cmp_abs:"0":"7b":-1 + +MPI compare (abs) #17 0 (1 limb) < positive with leading zero limb +mpi_cmp_abs:"0":"0000000000000000123":-1 + +MPI compare (abs) #18 0 (1 limb) < positive with leading zero limb +mpi_cmp_abs:"0":"0000000000000000123":-1 + +MPI compare (abs) #19 0 (1 limb) < large positive +mpi_cmp_abs:"0":"1230000000000000000":-1 + +MPI compare (abs) #20 0 (1 limb) < large positive +mpi_cmp_abs:"0":"1230000000000000000":-1 + +MPI compare (abs) #21 0 (null) == 0 (null) +mpi_cmp_abs:"":"":0 + +MPI compare (abs) #22 0 (null) == 0 (1 limb) +mpi_cmp_abs:"":"0":0 + +MPI compare (abs) #23 0 (null) == 0 (null) +mpi_cmp_abs:"":"":0 + +MPI compare (abs) #24 0 (null) == 0 (1 limb) +mpi_cmp_abs:"":"0":0 + +MPI compare (abs) #25 0 (null) < positive +mpi_cmp_abs:"":"7b":-1 + +MPI compare (abs) #26 0 (null) < positive +mpi_cmp_abs:"":"7b":-1 + +MPI compare (abs) #27 0 (null) < positive with leading zero limb +mpi_cmp_abs:"":"0000000000000000123":-1 + +MPI compare (abs) #28 0 (null) < positive with leading zero limb +mpi_cmp_abs:"":"0000000000000000123":-1 + +MPI compare (abs) #29 0 (null) < large positive +mpi_cmp_abs:"":"1230000000000000000":-1 + +MPI compare (abs) #30 0 (null) < large positive +mpi_cmp_abs:"":"1230000000000000000":-1 + +MPI compare (abs) #31 0 (1 limb) == 0 (null) +mpi_cmp_abs:"0":"":0 + +MPI compare (abs) #32 0 (1 limb) == 0 (1 limb) +mpi_cmp_abs:"0":"0":0 + +MPI compare (abs) #33 0 (1 limb) == 0 (null) +mpi_cmp_abs:"0":"":0 + +MPI compare (abs) #34 0 (1 limb) == 0 (1 limb) +mpi_cmp_abs:"0":"0":0 + +MPI compare (abs) #35 0 (1 limb) < positive +mpi_cmp_abs:"0":"7b":-1 + +MPI compare (abs) #36 0 (1 limb) < positive +mpi_cmp_abs:"0":"7b":-1 + +MPI compare (abs) #37 0 (1 limb) < positive with leading zero limb +mpi_cmp_abs:"0":"0000000000000000123":-1 + +MPI compare (abs) #38 0 (1 limb) < positive with leading zero limb +mpi_cmp_abs:"0":"0000000000000000123":-1 + +MPI compare (abs) #39 0 (1 limb) < large positive +mpi_cmp_abs:"0":"1230000000000000000":-1 + +MPI compare (abs) #40 0 (1 limb) < large positive +mpi_cmp_abs:"0":"1230000000000000000":-1 + +MPI compare (abs) #41 positive > 0 (null) +mpi_cmp_abs:"7b":"":1 + +MPI compare (abs) #42 positive > 0 (1 limb) +mpi_cmp_abs:"7b":"0":1 + +MPI compare (abs) #43 positive > 0 (null) +mpi_cmp_abs:"7b":"":1 + +MPI compare (abs) #44 positive > 0 (1 limb) +mpi_cmp_abs:"7b":"0":1 + +MPI compare (abs) #45 positive == positive +mpi_cmp_abs:"7b":"7b":0 + +MPI compare (abs) #46 positive == positive +mpi_cmp_abs:"7b":"7b":0 + +MPI compare (abs) #47 positive < positive with leading zero limb +mpi_cmp_abs:"7b":"0000000000000000123":-1 + +MPI compare (abs) #48 positive < positive with leading zero limb +mpi_cmp_abs:"7b":"0000000000000000123":-1 + +MPI compare (abs) #49 positive < large positive +mpi_cmp_abs:"7b":"1230000000000000000":-1 + +MPI compare (abs) #50 positive < large positive +mpi_cmp_abs:"7b":"1230000000000000000":-1 + +MPI compare (abs) #51 positive > 0 (null) +mpi_cmp_abs:"7b":"":1 + +MPI compare (abs) #52 positive > 0 (1 limb) +mpi_cmp_abs:"7b":"0":1 + +MPI compare (abs) #53 positive > 0 (null) +mpi_cmp_abs:"7b":"":1 + +MPI compare (abs) #54 positive > 0 (1 limb) +mpi_cmp_abs:"7b":"0":1 + +MPI compare (abs) #55 positive == positive +mpi_cmp_abs:"7b":"7b":0 + +MPI compare (abs) #56 positive == positive +mpi_cmp_abs:"7b":"7b":0 + +MPI compare (abs) #57 positive < positive with leading zero limb +mpi_cmp_abs:"7b":"0000000000000000123":-1 + +MPI compare (abs) #58 positive < positive with leading zero limb +mpi_cmp_abs:"7b":"0000000000000000123":-1 + +MPI compare (abs) #59 positive < large positive +mpi_cmp_abs:"7b":"1230000000000000000":-1 + +MPI compare (abs) #60 positive < large positive +mpi_cmp_abs:"7b":"1230000000000000000":-1 + +MPI compare (abs) #61 positive with leading zero limb > 0 (null) +mpi_cmp_abs:"0000000000000000123":"":1 + +MPI compare (abs) #62 positive with leading zero limb > 0 (1 limb) +mpi_cmp_abs:"0000000000000000123":"0":1 + +MPI compare (abs) #63 positive with leading zero limb > 0 (null) +mpi_cmp_abs:"0000000000000000123":"":1 + +MPI compare (abs) #64 positive with leading zero limb > 0 (1 limb) +mpi_cmp_abs:"0000000000000000123":"0":1 + +MPI compare (abs) #65 positive with leading zero limb > positive +mpi_cmp_abs:"0000000000000000123":"7b":1 + +MPI compare (abs) #66 positive with leading zero limb > positive +mpi_cmp_abs:"0000000000000000123":"7b":1 + +MPI compare (abs) #67 positive with leading zero limb == positive with leading zero limb +mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0 + +MPI compare (abs) #68 positive with leading zero limb == positive with leading zero limb +mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0 + +MPI compare (abs) #69 positive with leading zero limb < large positive +mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1 + +MPI compare (abs) #70 positive with leading zero limb < large positive +mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1 + +MPI compare (abs) #71 positive with leading zero limb > 0 (null) +mpi_cmp_abs:"0000000000000000123":"":1 + +MPI compare (abs) #72 positive with leading zero limb > 0 (1 limb) +mpi_cmp_abs:"0000000000000000123":"0":1 + +MPI compare (abs) #73 positive with leading zero limb > 0 (null) +mpi_cmp_abs:"0000000000000000123":"":1 + +MPI compare (abs) #74 positive with leading zero limb > 0 (1 limb) +mpi_cmp_abs:"0000000000000000123":"0":1 + +MPI compare (abs) #75 positive with leading zero limb > positive +mpi_cmp_abs:"0000000000000000123":"7b":1 + +MPI compare (abs) #76 positive with leading zero limb > positive +mpi_cmp_abs:"0000000000000000123":"7b":1 + +MPI compare (abs) #77 positive with leading zero limb == positive with leading zero limb +mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0 + +MPI compare (abs) #78 positive with leading zero limb == positive with leading zero limb +mpi_cmp_abs:"0000000000000000123":"0000000000000000123":0 + +MPI compare (abs) #79 positive with leading zero limb < large positive +mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1 + +MPI compare (abs) #80 positive with leading zero limb < large positive +mpi_cmp_abs:"0000000000000000123":"1230000000000000000":-1 + +MPI compare (abs) #81 large positive > 0 (null) +mpi_cmp_abs:"1230000000000000000":"":1 + +MPI compare (abs) #82 large positive > 0 (1 limb) +mpi_cmp_abs:"1230000000000000000":"0":1 + +MPI compare (abs) #83 large positive > 0 (null) +mpi_cmp_abs:"1230000000000000000":"":1 + +MPI compare (abs) #84 large positive > 0 (1 limb) +mpi_cmp_abs:"1230000000000000000":"0":1 + +MPI compare (abs) #85 large positive > positive +mpi_cmp_abs:"1230000000000000000":"7b":1 + +MPI compare (abs) #86 large positive > positive +mpi_cmp_abs:"1230000000000000000":"7b":1 + +MPI compare (abs) #87 large positive > positive with leading zero limb +mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1 + +MPI compare (abs) #88 large positive > positive with leading zero limb +mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1 + +MPI compare (abs) #89 large positive == large positive +mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0 + +MPI compare (abs) #90 large positive == large positive +mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0 + +MPI compare (abs) #91 large positive > 0 (null) +mpi_cmp_abs:"1230000000000000000":"":1 + +MPI compare (abs) #92 large positive > 0 (1 limb) +mpi_cmp_abs:"1230000000000000000":"0":1 + +MPI compare (abs) #93 large positive > 0 (null) +mpi_cmp_abs:"1230000000000000000":"":1 + +MPI compare (abs) #94 large positive > 0 (1 limb) +mpi_cmp_abs:"1230000000000000000":"0":1 + +MPI compare (abs) #95 large positive > positive +mpi_cmp_abs:"1230000000000000000":"7b":1 + +MPI compare (abs) #96 large positive > positive +mpi_cmp_abs:"1230000000000000000":"7b":1 + +MPI compare (abs) #97 large positive > positive with leading zero limb +mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1 + +MPI compare (abs) #98 large positive > positive with leading zero limb +mpi_cmp_abs:"1230000000000000000":"0000000000000000123":1 + +MPI compare (abs) #99 large positive == large positive +mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0 + +MPI compare (abs) #100 large positive == large positive +mpi_cmp_abs:"1230000000000000000":"1230000000000000000":0 + +MPI compare (abs) #101 positive < positive +mpi_cmp_abs:"2":"3":-1 + +MPI compare (abs) #102 positive == positive +mpi_cmp_abs:"2":"2":0 + +MPI compare (abs) #103 positive < positive +mpi_cmp_abs:"2b4":"2b5":-1 + +MPI compare (abs) #104 positive < positive +mpi_cmp_abs:"2b5":"2b6":-1 + +# End of automatically generated file. diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_bignum.misc.data b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.misc.data new file mode 100644 index 00000000000..2df3ad3dbcc --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_bignum.misc.data @@ -0,0 +1,1963 @@ +MPI - Valid parameters +mpi_valid_param: + +MPI - Invalid parameters +mpi_invalid_param: + +Arguments with no value +mpi_null: + +Base test mpi_read_write_string #1 +mpi_read_write_string:10:"128":10:"128":100:0:0 + +Base test mpi_read_write_string #1 (Leading 0) +mpi_read_write_string:10:"0128":10:"128":100:0:0 + +Base test mpi_read_write_string #2 +mpi_read_write_string:10:"128":16:"80":100:0:0 + +Base test mpi_read_write_string #3 (Read zero decimal) +mpi_read_write_string:10:"0":10:"0":100:0:0 + +Base test mpi_read_write_string #3 (Read zero hex) +mpi_read_write_string:16:"0":16:"00":100:0:0 + +Base test mpi_read_write_string #3 (Read minus zero decimal) +mpi_read_write_string:10:"-0":10:"0":100:0:0 + +Base test mpi_read_write_string #3 (Read minus zero hex) +mpi_read_write_string:16:"-0":16:"00":100:0:0 + +Base test mpi_read_write_string #3 (Negative decimal) +mpi_read_write_string:10:"-23":10:"-23":100:0:0 + +Base test mpi_read_write_string #3 (Negative decimal, leading 0) +mpi_read_write_string:10:"-023":10:"-23":100:0:0 + +Base test mpi_read_write_string #3 (Negative hex -> decimal) +mpi_read_write_string:16:"-20":10:"-32":100:0:0 + +Base test mpi_read_write_string #3 (Negative hex) +mpi_read_write_string:16:"-23":16:"-23":100:0:0 + +Base test mpi_read_write_string #3 (Negative hex, leading 0) +mpi_read_write_string:16:"-023":16:"-23":100:0:0 + +Base test mpi_read_write_string #4 (Buffer just fits) +mpi_read_write_string:16:"-4":4:"-10":4:0:0 + +Test mpi_read_write_string #1 (Invalid character) +mpi_read_write_string:10:"a28":0:"":100:MBEDTLS_ERR_MPI_INVALID_CHARACTER:0 + +Test mpi_read_write_string #2 (Illegal input radix) +mpi_read_write_string:19:"a28":0:"":100:MBEDTLS_ERR_MPI_BAD_INPUT_DATA:0 + +Test mpi_read_write_string #3 (Buffer just fits) +mpi_read_write_string:16:"-23":16:"-23":4:0:0 + +Test mpi_read_write_string #4 (Buffer too small) +mpi_read_write_string:16:"-23":16:"-23":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL + +Test mpi_read_write_string #5 (Illegal output radix) +mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mpi_read_write_string #6 (Output radix of 15) +mpi_read_write_string:10:"29":15:"1E":100:0:0 + +Test mpi_read_write_string #7 +mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424":200:0:0 + +Test mpi_read_write_string #8 (Empty MPI hex -> hex) +mpi_read_write_string:16:"":16:"":4:0:0 + +Test mpi_read_write_string #9 (Empty MPI hex -> dec) +mpi_read_write_string:16:"":10:"0":4:0:0 + +Test mpi_read_write_string #9 (Empty MPI hex -> base 2) +mpi_read_write_string:16:"":2:"0":4:0:0 + +Test mpi_read_write_string #8 (Empty MPI dec -> hex) +mpi_read_write_string:10:"":16:"":4:0:0 + +Test mpi_read_write_string #9 (Empty MPI dec -> dec) +mpi_read_write_string:10:"":10:"0":4:0:0 + +Test mpi_read_write_string #9 (Empty MPI dec -> base 2) +mpi_read_write_string:16:"":2:"0":4:0:0 + +Test mpi_write_string #10 (Negative hex with odd number of digits) +mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL + +Base test mbedtls_mpi_read_binary #1 +mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424" + +Base test mbedtls_mpi_read_binary_le #1 +mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448B952FBBEF93F89286BA330E62528B151EAC265CC8CE3038519D09E148AF89288E91F48B41ACAD55D9DC5E2B18097C106BE4CE132721BF6359EAF403E7FF90623E8866EE5C192320418DAA682F144ADEDF84F25DE11F49D1FE009D374109" + +Base test mbedtls_mpi_write_binary #1 +mpi_write_binary:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0 + +Test mbedtls_mpi_write_binary #1 (Buffer just fits) +mpi_write_binary:"123123123123123123123123123":"0123123123123123123123123123":14:0 + +Test mbedtls_mpi_write_binary #2 (Buffer too small) +mpi_write_binary:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL + +Base test mbedtls_mpi_write_binary_le #1 +mpi_write_binary_le:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d374109":200:0 + +Test mbedtls_mpi_write_binary_le #1 (Buffer just fits) +mpi_write_binary_le:"123123123123123123123123123":"2331122331122331122331122301":14:0 + +Test mbedtls_mpi_write_binary_le #2 (Buffer too small) +mpi_write_binary_le:"123123123123123123123123123":"23311223311223311223311223":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL + +Base test mbedtls_mpi_read_file #1 +mpi_read_file:"data_files/mpi_16":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0 + +Test mbedtls_mpi_read_file #1 (Empty file) +mpi_read_file:"data_files/hash_file_4":"":MBEDTLS_ERR_MPI_FILE_IO_ERROR + +Test mbedtls_mpi_read_file #2 (Illegal input) +mpi_read_file:"data_files/hash_file_2":"":0 + +Test mbedtls_mpi_read_file #3 (Input too big) +mpi_read_file:"data_files/mpi_too_big":"":MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL + +Base test mbedtls_mpi_write_file #1 +mpi_write_file:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"data_files/mpi_write" + +Test mbedtls_mpi_lsb: 0 (null) +mpi_lsb:"":0 + +Test mbedtls_mpi_lsb: 0 (1 limb) +mpi_lsb:"0":0 + +Base test mbedtls_mpi_lsb #1 +mpi_lsb:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":2 + +Base test mbedtls_mpi_lsb #2 +mpi_lsb:"18":3 + +Base test mbedtls_mpi_lsb #3 +mpi_lsb:"24":2 + +Base test mbedtls_mpi_lsb #4 +mpi_lsb:"2000":13 + +Base test mbedtls_mpi_bitlen #1 +mpi_bitlen:"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":764 + +Base test mbedtls_mpi_bitlen #2 +mpi_bitlen:"18":5 + +Base test mbedtls_mpi_bitlen #3 +mpi_bitlen:"1":1 + +Base test mbedtls_mpi_bitlen #4 +mpi_bitlen:"f":4 + +Base test mbedtls_mpi_bitlen #5 +mpi_bitlen:"10":5 + +Base test mbedtls_mpi_bitlen #6 +mpi_bitlen:"a":4 + +Base test mbedtls_mpi_bitlen: 0 (null) +mpi_bitlen:"":0 + +Base test mbedtls_mpi_bitlen: 0 (1 limb) +mpi_bitlen:"0":0 + +Base test mbedtls_mpi_cmp_int #1 +mpi_cmp_int:693:693:0 + +Base test mbedtls_mpi_cmp_int #2 +mpi_cmp_int:693:692:1 + +Base test mbedtls_mpi_cmp_int #3 +mpi_cmp_int:693:694:-1 + +Base test mbedtls_mpi_cmp_int (Negative values) #1 +mpi_cmp_int:-2:-2:0 + +Base test mbedtls_mpi_cmp_int (Negative values) #2 +mpi_cmp_int:-2:-3:1 + +Base test mbedtls_mpi_cmp_int (Negative values) #3 +mpi_cmp_int:-2:-1:-1 + +Base test mbedtls_mpi_cmp_mpi #1 +mpi_cmp_mpi:"2b5":"2b5":0 + +Base test mbedtls_mpi_cmp_mpi #2 +mpi_cmp_mpi:"2b5":"2b4":1 + +Base test mbedtls_mpi_cmp_mpi #3 +mpi_cmp_mpi:"2b5":"2b6":-1 + +Base test mbedtls_mpi_cmp_mpi (Negative values) #1 +mpi_cmp_mpi:"-2":"-2":0 + +Base test mbedtls_mpi_cmp_mpi (Negative values) #2 +mpi_cmp_mpi:"-2":"-3":1 + +Base test mbedtls_mpi_cmp_mpi (Negative values) #3 +mpi_cmp_mpi:"-2":"-1":-1 + +Base test mbedtls_mpi_cmp_mpi (Mixed values) #4 +mpi_cmp_mpi:"-3":"2":-1 + +Base test mbedtls_mpi_cmp_mpi (Mixed values) #5 +mpi_cmp_mpi:"2":"-3":1 + +Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 +mpi_cmp_mpi:"-2":"1c67967269c6":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null) +mpi_cmp_mpi:"":"":0 + +Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb) +mpi_cmp_mpi:"":"0":0 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null) +mpi_cmp_mpi:"0":"":0 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb) +mpi_cmp_mpi:"0":"0":0 + +Test mbedtls_mpi_cmp_mpi: 0 (null) < positive +mpi_cmp_mpi:"":"7b":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive +mpi_cmp_mpi:"0":"7b":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) > negative +mpi_cmp_mpi:"":"-7b":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative +mpi_cmp_mpi:"0":"-7b":1 + +Test mbedtls_mpi_cmp_mpi: positive > 0 (null) +mpi_cmp_mpi:"7b":"":1 + +Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb) +mpi_cmp_mpi:"7b":"0":1 + +Test mbedtls_mpi_cmp_mpi: negative < 0 (null) +mpi_cmp_mpi:"-7b":"":-1 + +Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb) +mpi_cmp_mpi:"-7b":"0":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb +mpi_cmp_mpi:"":"0000000000000000123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb +mpi_cmp_mpi:"0":"0000000000000000123":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb +mpi_cmp_mpi:"":"-0000000000000000123":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb +mpi_cmp_mpi:"0":"-0000000000000000123":1 + +Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null) +mpi_cmp_mpi:"0000000000000000123":"":1 + +Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb) +mpi_cmp_mpi:"0000000000000000123":"0":1 + +Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null) +mpi_cmp_mpi:"-0000000000000000123":"":-1 + +Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb) +mpi_cmp_mpi:"-0000000000000000123":"0":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive +mpi_cmp_mpi:"":"1230000000000000000":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive +mpi_cmp_mpi:"0":"1230000000000000000":-1 + +Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative +mpi_cmp_mpi:"":"-1230000000000000000":1 + +Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative +mpi_cmp_mpi:"0":"-1230000000000000000":1 + +Test mbedtls_mpi_cmp_mpi: large positive > 0 (null) +mpi_cmp_mpi:"1230000000000000000":"":1 + +Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb) +mpi_cmp_mpi:"1230000000000000000":"0":1 + +Test mbedtls_mpi_cmp_mpi: large negative < 0 (null) +mpi_cmp_mpi:"-1230000000000000000":"":-1 + +Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb) +mpi_cmp_mpi:"-1230000000000000000":"0":-1 + +Base test mbedtls_mpi_lt_mpi_ct #1 +mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0 + +Base test mbedtls_mpi_lt_mpi_ct #2 +mpi_lt_mpi_ct:1:"2B5":1:"2B4":0:0 + +Base test mbedtls_mpi_lt_mpi_ct #3 +mpi_lt_mpi_ct:1:"2B5":1:"2B6":1:0 + +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1 +mpi_lt_mpi_ct:1:"-2":1:"-2":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2 +mpi_lt_mpi_ct:1:"-2":1:"-3":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3 +mpi_lt_mpi_ct:1:"-2":1:"-1":1:0 + +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #1 +mpi_lt_mpi_ct:1:"-3":1:"2":1:0 + +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #2 +mpi_lt_mpi_ct:1:"2":1:"-3":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #3 +mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0 + +Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) +mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) +mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_lt_mpi_ct (length=0) +mpi_lt_mpi_ct:0:"":0:"":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 +mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2 +mpi_lt_mpi_ct:2:"8000000000000000":2:"7FFFFFFFFFFFFFFF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3 +mpi_lt_mpi_ct:2:"8000000000000000":2:"1":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4 +mpi_lt_mpi_ct:2:"8000000000000000":2:"0":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5 +mpi_lt_mpi_ct:2:"FFFFFFFFFFFFFFFF":2:"FF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1 +mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2 +mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3 +mpi_lt_mpi_ct:1:"80000000":1:"1":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4 +mpi_lt_mpi_ct:1:"80000000":1:"0":0:0 + +Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5 +mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (XY, equal MS limbs) +mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y) +mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) +mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #1 +mpi_lt_mpi_ct:2:"11FFFFFFFFFFFFFFFF":2:"FF1111111111111111":1:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #2 +mpi_lt_mpi_ct:2:"FF1111111111111111":2:"11FFFFFFFFFFFFFFFF":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #3 +mpi_lt_mpi_ct:2:"-11FFFFFFFFFFFFFFFF":2:"-FF1111111111111111":0:0 + +Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #4 +mpi_lt_mpi_ct:2:"-FF1111111111111111":2:"-11FFFFFFFFFFFFFFFF":1:0 + +Base test mbedtls_mpi_cmp_abs #1 +mpi_cmp_abs:"2b5":"2b5":0 + +Base test mbedtls_mpi_cmp_abs #2 +mpi_cmp_abs:"2b5":"2b4":1 + +Base test mbedtls_mpi_cmp_abs #3 +mpi_cmp_abs:"2b5":"2b6":-1 + +Base test mbedtls_mpi_cmp_abs (Negative values) #1 +mpi_cmp_abs:"-2":"-2":0 + +Base test mbedtls_mpi_cmp_abs (Negative values) #2 +mpi_cmp_abs:"-2":"-3":-1 + +Base test mbedtls_mpi_cmp_abs (Negative values) #3 +mpi_cmp_abs:"-2":"-1":1 + +Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null) +mpi_cmp_abs:"":"":0 + +Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb) +mpi_cmp_abs:"":"0":0 + +Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null) +mpi_cmp_abs:"0":"":0 + +Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb) +mpi_cmp_abs:"0":"0":0 + +Base test mbedtls_mpi_cmp_abs (Mix values) #1 +mpi_cmp_abs:"-2":"2":0 + +Base test mbedtls_mpi_cmp_abs (Mix values) #2 +mpi_cmp_abs:"2":"-3":-1 + +Base test mbedtls_mpi_cmp_abs (Mix values) #3 +mpi_cmp_abs:"-2":"1":1 + +Copy large negative to large negative +mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Copy large negative to large positive +mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Copy large negative to small negative +mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef" + +Copy large negative to small positive +mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef" + +Copy large negative to zero (1 limb) +mpi_copy:"-ca5cadedb01dfaceacc01ade":"0" + +Copy large negative to zero (null) +mpi_copy:"-ca5cadedb01dfaceacc01ade":"" + +Copy large positive to large negative +mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Copy large positive to large positive +mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Copy large positive to small negative +mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef" + +Copy large positive to small positive +mpi_copy:"ca5cadedb01dfaceacc01ade":"beef" + +Copy large positive to zero (1 limb) +mpi_copy:"ca5cadedb01dfaceacc01ade":"0" + +Copy large positive to zero (null) +mpi_copy:"ca5cadedb01dfaceacc01ade":"" + +Copy small negative to large negative +mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5" + +Copy small negative to large positive +mpi_copy:"-bead":"face1e55ca11ab1ecab005e5" + +Copy small negative to small negative +mpi_copy:"-bead":"-beef" + +Copy small negative to small positive +mpi_copy:"-bead":"beef" + +Copy small negative to zero (1 limb) +mpi_copy:"-bead":"0" + +Copy small negative to zero (null) +mpi_copy:"-bead":"" + +Copy small positive to large negative +mpi_copy:"bead":"-face1e55ca11ab1ecab005e5" + +Copy small positive to large positive +mpi_copy:"bead":"face1e55ca11ab1ecab005e5" + +Copy small positive to small negative +mpi_copy:"bead":"-beef" + +Copy small positive to small positive +mpi_copy:"bead":"beef" + +Copy small positive to zero (1 limb) +mpi_copy:"bead":"0" + +Copy small positive to zero (null) +mpi_copy:"bead":"" + +Copy zero (1 limb) to large negative +mpi_copy:"0":"-face1e55ca11ab1ecab005e5" + +Copy zero (1 limb) to large positive +mpi_copy:"0":"face1e55ca11ab1ecab005e5" + +Copy zero (1 limb) to small negative +mpi_copy:"0":"-beef" + +Copy zero (1 limb) to small positive +mpi_copy:"0":"beef" + +Copy zero (1 limb) to zero (1 limb) +mpi_copy:"0":"0" + +Copy zero (1 limb) to zero (null) +mpi_copy:"0":"" + +Copy zero (null) to large negative +mpi_copy:"":"-face1e55ca11ab1ecab005e5" + +Copy zero (null) to large positive +mpi_copy:"":"face1e55ca11ab1ecab005e5" + +Copy zero (null) to small negative +mpi_copy:"":"-beef" + +Copy zero (null) to small positive +mpi_copy:"":"beef" + +Copy zero (null) to zero (1 limb) +mpi_copy:"":"0" + +Copy zero (null) to zero (null) +mpi_copy:"":"" + +Copy self: large negative +mpi_copy_self:"-ca5cadedb01dfaceacc01ade" + +Copy self: large positive +mpi_copy_self:"ca5cadedb01dfaceacc01ade" + +Copy self: small negative +mpi_copy_self:"-bead" + +Copy self: small positive +mpi_copy_self:"bead" + +Copy self: zero (1 limb) +mpi_copy_self:"0" + +Copy self: zero (null) +mpi_copy_self:"" + +Swap large negative with large negative +mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Swap large negative with large positive +mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Swap large negative with small negative +mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef" + +Swap large negative with small positive +mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef" + +Swap large negative with zero (1 limb) +mpi_swap:"-ca5cadedb01dfaceacc01ade":"0" + +Swap large negative with zero (null) +mpi_swap:"-ca5cadedb01dfaceacc01ade":"" + +Swap large positive with large negative +mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" + +Swap large positive with large positive +mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" + +Swap large positive with small negative +mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef" + +Swap large positive with small positive +mpi_swap:"ca5cadedb01dfaceacc01ade":"beef" + +Swap large positive with zero (1 limb) +mpi_swap:"ca5cadedb01dfaceacc01ade":"0" + +Swap large positive with zero (null) +mpi_swap:"ca5cadedb01dfaceacc01ade":"" + +Swap small negative with large negative +mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5" + +Swap small negative with large positive +mpi_swap:"-bead":"face1e55ca11ab1ecab005e5" + +Swap small negative with small negative +mpi_swap:"-bead":"-beef" + +Swap small negative with small positive +mpi_swap:"-bead":"beef" + +Swap small negative with zero (1 limb) +mpi_swap:"-bead":"0" + +Swap small negative with zero (null) +mpi_swap:"-bead":"" + +Swap small positive with large negative +mpi_swap:"bead":"-face1e55ca11ab1ecab005e5" + +Swap small positive with large positive +mpi_swap:"bead":"face1e55ca11ab1ecab005e5" + +Swap small positive with small negative +mpi_swap:"bead":"-beef" + +Swap small positive with small positive +mpi_swap:"bead":"beef" + +Swap small positive with zero (1 limb) +mpi_swap:"bead":"0" + +Swap small positive with zero (null) +mpi_swap:"bead":"" + +Swap zero (1 limb) with large negative +mpi_swap:"0":"-face1e55ca11ab1ecab005e5" + +Swap zero (1 limb) with large positive +mpi_swap:"0":"face1e55ca11ab1ecab005e5" + +Swap zero (1 limb) with small negative +mpi_swap:"0":"-beef" + +Swap zero (1 limb) with small positive +mpi_swap:"0":"beef" + +Swap zero (1 limb) with zero (1 limb) +mpi_swap:"0":"0" + +Swap zero (1 limb) with zero (null) +mpi_swap:"0":"" + +Swap zero (null) with large negative +mpi_swap:"":"-face1e55ca11ab1ecab005e5" + +Swap zero (null) with large positive +mpi_swap:"":"face1e55ca11ab1ecab005e5" + +Swap zero (null) with small negative +mpi_swap:"":"-beef" + +Swap zero (null) with small positive +mpi_swap:"":"beef" + +Swap zero (null) with zero (1 limb) +mpi_swap:"":"0" + +Swap zero (null) with zero (null) +mpi_swap:"":"" + +Swap self: large negative +mpi_swap_self:"-ca5cadedb01dfaceacc01ade" + +Swap self: large positive +mpi_swap_self:"ca5cadedb01dfaceacc01ade" + +Swap self: small negative +mpi_swap_self:"-bead" + +Swap self: small positive +mpi_swap_self:"bead" + +Swap self: zero (1 limb) +mpi_swap_self:"0" + +Swap self: zero (null) +mpi_swap_self:"" + +Shrink 0 limbs in a buffer of size 0 to 0 +mpi_shrink:0:0:0:0 + +Shrink 2 limbs in a buffer of size 2 to 4 +mpi_shrink:2:2:4:4 + +Shrink 2 limbs in a buffer of size 4 to 4 +mpi_shrink:4:2:4:4 + +Shrink 2 limbs in a buffer of size 8 to 4 +mpi_shrink:8:2:4:4 + +Shrink 4 limbs in a buffer of size 8 to 4 +mpi_shrink:8:4:4:4 + +Shrink 6 limbs in a buffer of size 8 to 4 yielding 6 +mpi_shrink:8:6:4:6 + +Shrink 2 limbs in a buffer of size 4 to 0 yielding 2 +mpi_shrink:4:2:0:2 + +Shrink 1 limbs in a buffer of size 4 to 0 yielding 1 +mpi_shrink:4:1:0:1 + +Shrink 0 limbs in a buffer of size 4 to 0 yielding 1 +mpi_shrink:4:0:0:1 + +Base test mbedtls_mpi_add_abs #1 +mpi_add_abs:"bc614e":"9cde3":"c62f31" + +Base test mbedtls_mpi_add_abs #2 +mpi_add_abs:"-bc614e":"9cde3":"c62f31" + +Base test mbedtls_mpi_add_abs #3 +mpi_add_abs:"bc614e":"-9cde3":"c62f31" + +Base test mbedtls_mpi_add_abs #4 +mpi_add_abs:"-bc614e":"-9cde3":"c62f31" + +Test mbedtls_mpi_add_abs: 0 (null) + 0 (null) +mpi_add_abs:"":"":"0" + +Test mbedtls_mpi_add_abs: 0 (null) + 1 +mpi_add_abs:"":"01":"01" + +Test mbedtls_mpi_add_abs: 1 + 0 (null) +mpi_add_abs:"01":"":"01" + +Test mbedtls_mpi_add_abs #1 +mpi_add_abs:"-1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424" + +Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#1] +mpi_add_abs:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":"08":"1000000000000000000000000000000" + +Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#2] +mpi_add_abs:"08":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":"1000000000000000000000000000000" + +Base test mbedtls_mpi_add_mpi #1 +mpi_add_mpi:"bc614e":"9cde3":"c62f31" + +Base test mbedtls_mpi_add_mpi #2 +mpi_add_mpi:"-bc614e":"9cde3":"-b2936b" + +Base test mbedtls_mpi_add_mpi #3 +mpi_add_mpi:"bc614e":"-9cde3":"b2936b" + +Base test mbedtls_mpi_add_mpi #4 +mpi_add_mpi:"-bc614e":"-9cde3":"-c62f31" + +Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null) +mpi_add_mpi:"":"":"0" + +Test mbedtls_mpi_add_mpi: 0 (null) + 1 +mpi_add_mpi:"":"01":"01" + +Test mbedtls_mpi_add_mpi: 1 + 0 (null) +mpi_add_mpi:"01":"":"01" + +Test mbedtls_mpi_add_mpi: 0 (null) + -1 +mpi_add_mpi:"":"-01":"-01" + +Test mbedtls_mpi_add_mpi: -1 + 0 (null) +mpi_add_mpi:"-01":"":"-01" + +Test mbedtls_mpi_add_mpi #1 +mpi_add_mpi:"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":"1194815323a3b10dc8cb9293d7c85b719d79974dd43a0e4de3a5babaee7276e428559e1caa42d296a6234b1628323acff85fd798f9632d6b3d437c122ddb0c8ec215a8159a1fe2aaa91390af0b8cf65967dde43439da979d0d23b88fe14a13e30407471f77bb1c10ef08ca8af2f29f92b2874bcd5065bd2fc58b1ea366" + +Test mbedtls_mpi_add_mpi #2 +mpi_add_mpi:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424" + +Base test mbedtls_mpi_add_mpi inplace #1 +mpi_add_mpi_inplace:"bc614e":"178c29c" + +Test mbedtls_mpi_add_mpi inplace #2 +mpi_add_mpi_inplace:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"3eaa665874917221f3285ed9229cb17de6f48fdc8b962c94b6d71a200d7eb340b3842893273d7d7fbea2fa5c3b75910021af63e283d32f7ad003bb5d93a0b221e9e5bc56589ae29c58294e5f8fe2f54851ab38a62c4fe12" + +Test mbedtls_mpi_add_mpi inplace #3 +mpi_add_mpi_inplace:"ffffffffffffffffffffffffffffffff":"01fffffffffffffffffffffffffffffffe" + +Test mbedtls_mpi_add_int #1 +mpi_add_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9343e109" + +Test mbedtls_mpi_add_int #2 +mpi_add_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9216a209" + +Test mbedtls_mpi_add_int: 0 (null) + 0 +mpi_add_int:"":0:"0" + +Test mbedtls_mpi_add_int: 0 (null) + 1 +mpi_add_int:"":1:"1" + +Base test mbedtls_mpi_sub_abs #1 (|B| > |A|) +mpi_sub_abs:"5":"7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #2 (|B| > |A|) +mpi_sub_abs:"-5":"-7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #3 (|B| > |A|) +mpi_sub_abs:"-5":"7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #4 (|B| > |A|) +mpi_sub_abs:"5":"-7":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #1 (|B| >> |A| with more limbs) +mpi_sub_abs:"5":"123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #2 (|B| >> |A| with more limbs) +mpi_sub_abs:"-5":"-123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #3 (|B| >> |A| with more limbs) +mpi_sub_abs:"-5":"123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #4 (|B| >> |A| with more limbs) +mpi_sub_abs:"5":"-123456789abcdef01":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_sub_abs #1 +mpi_sub_abs:"7":"5":"2":0 + +Base test mbedtls_mpi_sub_abs #2 +mpi_sub_abs:"-7":"-5":"2":0 + +Base test mbedtls_mpi_sub_abs #3 +mpi_sub_abs:"-7":"5":"2":0 + +Base test mbedtls_mpi_sub_abs #4 +mpi_sub_abs:"7":"-5":"2":0 + +Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null) +mpi_sub_abs:"":"":"":0 + +Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb) +mpi_sub_abs:"":"00":"":0 + +Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null) +mpi_sub_abs:"00":"":"":0 + +Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb) +mpi_sub_abs:"00":"00":"":0 + +Test mbedtls_mpi_sub_abs: 1 - 0 (null) +mpi_sub_abs:"01":"":"01":0 + +Test mbedtls_mpi_sub_abs: 0 (null) - 1 +mpi_sub_abs:"":"01":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Test mbedtls_mpi_sub_abs #1 +mpi_sub_abs:"FFFFFFFFFF":"01":"FFFFFFFFFE":0 + +Test mbedtls_mpi_sub_abs #2 +mpi_sub_abs:"FFFFFFFFF0":"01":"FFFFFFFFEF":0 + +Test mbedtls_mpi_sub_abs #3 +mpi_sub_abs:"FF00000000":"0F00000000":"F000000000":0 + +Test mbedtls_mpi_sub_abs #4 +mpi_sub_abs:"FF00000000":"0F00000001":"EFFFFFFFFF":0 + +Base test mbedtls_mpi_sub_mpi #1 (Test with negative result) +mpi_sub_mpi:"5":"7":"-2" + +Base test mbedtls_mpi_sub_mpi #2 (Test with negative inputs) +mpi_sub_mpi:"-5":"-7":"2" + +Base test mbedtls_mpi_sub_mpi #3 (Test with negative base) +mpi_sub_mpi:"-5":"7":"-c" + +Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction) +mpi_sub_mpi:"5":"-7":"c" + +Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null) +mpi_sub_mpi:"":"":"0" + +Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb) +mpi_sub_mpi:"":"00":"0" + +Test mbedtls_mpi_sub_mpi: 0 (null) - 1 +mpi_sub_mpi:"":"1":"-1" + +Test mbedtls_mpi_sub_mpi: 0 (null) - -1 +mpi_sub_mpi:"":"-1":"1" + +Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null) +mpi_sub_mpi:"00":"":"0" + +Test mbedtls_mpi_sub_mpi: 1 - 0 (null) +mpi_sub_mpi:"1":"":"1" + +Test mbedtls_mpi_sub_mpi: -1 - 0 (null) +mpi_sub_mpi:"-1":"":"-1" + +Test mbedtls_mpi_sub_mpi #1 +mpi_sub_mpi:"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":"7d59bb22d0ccd7c1334b894851e69c098d02afef307ad3685a53b64082d787c232916b1657ae5ba8baacbd0f85357e53a6530270289bd45afcb8c984ae8b9770eecaf7c83f77e2827ce0ec315ddcb4495d3cf03451969c92c77c21e056888d1c672b3058287b351732b00fdc58c4dd7152abd8627b3b957c0ea314110" + +Test mbedtls_mpi_sub_mpi #2 (Test for negative result) +mpi_sub_mpi:"1f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":"941379d00fed1491dec0abfc13b52b9049625b3c42c3a972a2549e7a3e1b12c5a304b23e9ed6e251b8af28a4b3124900b23138bfafda925ab3410d57d6f8f0dd8c8c32eb0b4329fbf792e43f9593e766fa0c3c0be077b4e5162616a6428c51b":"-941379d00fed1491bf6b78cfd96c727f4fce2bcfb17550b3aeda568bf84ffc7b4799252e981788b15eed145b1f738a40d2dfbb91921fc9daa2695b66950f5920248a553c4172d0eb02a0061469467618cdf794dc18863a40ed507a532c64612" + +Test mbedtls_mpi_sub_int #1 +mpi_sub_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9343e109" + +Test mbedtls_mpi_sub_int #2 +mpi_sub_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd9216a209" + +Test mbedtls_mpi_sub_int: 0 (null) - 0 +mpi_sub_int:"":0:"0" + +Test mbedtls_mpi_sub_int: 0 (null) - 1 +mpi_sub_int:"":1:"-1" + +Test mbedtls_mpi_sub_int: 0 (null) - -1 +mpi_sub_int:"":-1:"1" + +Test mbedtls_mpi_shift_l #1 +mpi_shift_l:"40":1:"80" + +Test mbedtls_mpi_shift_l #2 +mpi_shift_l:"1946e2958a85d8863ae21f4904fcc49478412534ed53eaf321f63f2a2227a3c63acbf50b6305595f90cfa8327f6db80d986fe96080bcbb5df1bdbe9b74fb8dedf2bddb3f8215b54dffd66409323bcc473e45a8fe9d08e77a511698b5dad0416305db7fcf":37:"328dc52b150bb10c75c43e9209f98928f0824a69daa7d5e643ec7e54444f478c7597ea16c60ab2bf219f5064fedb701b30dfd2c1017976bbe37b7d36e9f71bdbe57bb67f042b6a9bffacc8126477988e7c8b51fd3a11cef4a22d316bb5a082c60bb6ff9e000000000" + +Test mbedtls_mpi_shift_l: 0 (null) <<= 0 +mpi_shift_l:"":0:"0" + +Test mbedtls_mpi_shift_l: 0 (null) <<= 1 +mpi_shift_l:"":1:"0" + +Test mbedtls_mpi_shift_l: 0 (null) <<= 64 +mpi_shift_l:"":64:"0" + +Test mbedtls_mpi_shift_r #1 +mpi_shift_r:"80":1:"40" + +Test mbedtls_mpi_shift_r #2 +mpi_shift_r:"4a36ce2a2eba161116629d6196efb17ee4f01ef753cd32b9e952d4d69e4b2401e85e0c3ba0ea761f44e312db10209fb6b38963c9c0302dc67b1b531c32301d8d341968c734387ef8bc2496051e0bb530975839852d8dd15684788f9dca62cb0c372ac51":45:"251b6715175d0b088b314eb0cb77d8bf72780f7ba9e6995cf4a96a6b4f259200f42f061dd0753b0fa271896d88104fdb59c4b1e4e01816e33d8da98e19180ec69a0cb4639a1c3f7c5e124b028f05da984bac1cc296c6e8ab423c47cee531" + +Test mbedtls_mpi_shift_r #4 [#1] +mpi_shift_r:"FFFFFFFFFFFFFFFF":63:"01" + +Test mbedtls_mpi_shift_r #4 [#2] +mpi_shift_r:"FFFFFFFFFFFFFFFF":64:"00" + +Test mbedtls_mpi_shift_r #6 +mpi_shift_r:"FFFFFFFFFFFFFFFF":65:"00" + +Test mbedtls_mpi_shift_r #7 +mpi_shift_r:"FFFFFFFFFFFFFFFF":128:"00" + +Test mbedtls_mpi_shift_r: 0 (null) >>= 0 +mpi_shift_r:"":0:"0" + +Test mbedtls_mpi_shift_r: 0 (null) >>= 1 +mpi_shift_r:"":1:"0" + +Test mbedtls_mpi_shift_r: 0 (null) >>= 64 +mpi_shift_r:"":64:"0" + +Base test mbedtls_mpi_mul_mpi #1 +mpi_mul_mpi:"5":"7":"23" + +Base test mbedtls_mpi_mul_mpi #2 +mpi_mul_mpi:"-5":"7":"-23" + +Base test mbedtls_mpi_mul_mpi #3 +mpi_mul_mpi:"5":"-7":"-23" + +Base test mbedtls_mpi_mul_mpi #4 +mpi_mul_mpi:"-5":"-7":"23" + +Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null) +mpi_mul_mpi:"":"":"0" + +Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb) +mpi_mul_mpi:"":"00":"0" + +Test mbedtls_mpi_mul_mpi: 0 (null) * 1 +mpi_mul_mpi:"":"01":"0" + +Test mbedtls_mpi_mul_mpi: 0 (null) * -1 +mpi_mul_mpi:"":"-01":"0" + +Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1 +mpi_mul_mpi:"00":"-01":"0" + +Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) +mpi_mul_mpi:"00":"":"0" + +Test mbedtls_mpi_mul_mpi: 1 * 0 (null) +mpi_mul_mpi:"01":"":"0" + +Test mbedtls_mpi_mul_mpi: -1 * 0 (null) +mpi_mul_mpi:"-01":"":"0" + +Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb) +mpi_mul_mpi:"-01":"00":"0" + +Test mbedtls_mpi_mul_mpi #1 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A +mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0 +mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0 +mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0 +mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B +mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0 +mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0 +mpi_mul_mpi:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0 +mpi_mul_mpi:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0 +mpi_mul_mpi:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0 +mpi_mul_mpi:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" + +Test mbedtls_mpi_mul_int #1 +mpi_mul_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"==" + +Test mbedtls_mpi_mul_int #2 (Unsigned, thus failure) +mpi_mul_int:"10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"-9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"!=" + +Test mbedtls_mpi_mul_int #3 +mpi_mul_int:"-10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":9871232:"-9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"==" + +Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure) +mpi_mul_int:"-10cc4ebcb68cbdaa438b80692d9e586b384ae3e1fa33f3db5962d394bec17fd92ad4189":-9871232:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"!=" + +Test mbedtls_mpi_mul_int: 0 (null) * 0 +mpi_mul_int:"":0:"":"==" + +Test mbedtls_mpi_mul_int: 0 (null) * 1 +mpi_mul_int:"":1:"":"==" + +Test mbedtls_mpi_mul_int: 0 (null) * 0x1234 +mpi_mul_int:"":0x1234:"":"==" + +Base test mbedtls_mpi_div_mpi #1 +mpi_div_mpi:"3e8":"d":"4c":"c":0 + +Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb)) +mpi_div_mpi:"3e8":"0":"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null)) +mpi_div_mpi:"3e8":"":"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_div_mpi #3 +mpi_div_mpi:"3e8":"-d":"-4c":"c":0 + +Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null) +mpi_div_mpi:"":"":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb) +mpi_div_mpi:"":"0":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null) +mpi_div_mpi:"0":"":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb) +mpi_div_mpi:"0":"0":"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_mpi: 0 (null) / 1 +mpi_div_mpi:"":"1":"":"":0 + +Test mbedtls_mpi_div_mpi: 0 (null) / -1 +mpi_div_mpi:"":"-1":"":"":0 + +Test mbedtls_mpi_div_mpi: -0 (null) / 1 +mpi_div_mpi:"-":"1":"":"":0 + +Test mbedtls_mpi_div_mpi: -0 (null) / -1 +mpi_div_mpi:"-":"-1":"":"":0 + +Test mbedtls_mpi_div_mpi: -0 (null) / 42 +mpi_div_mpi:"-":"2a":"":"":0 + +Test mbedtls_mpi_div_mpi: -0 (null) / -42 +mpi_div_mpi:"-":"-2a":"":"":0 + +Test mbedtls_mpi_div_mpi #1 +mpi_div_mpi:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":"22":"4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0 + +Test mbedtls_mpi_div_mpi #2 +mpi_div_mpi:"503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5a":"2f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":"1b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":"1":0 + +Test mbedtls_mpi_div_mpi #3 +mpi_div_mpi:"3e8":"7":"8e":"6":0 + +Test mbedtls_mpi_div_mpi #4 +mpi_div_mpi:"309":"7":"6f":"0":0 + +Base test mbedtls_mpi_div_int #1 +mpi_div_int:"3e8":13:"4c":"c":0 + +Base test mbedtls_mpi_div_int #2 (Divide by zero) +mpi_div_int:"3e8":0:"1":"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_div_int #3 +mpi_div_int:"3e8":-13:"-4c":"c":0 + +Test mbedtls_mpi_div_int #1 +mpi_div_int:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":34:"4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0 + +Test mbedtls_mpi_div_int #2 +mpi_div_int:"9e22d6da18a33d1ef28d2a82242b3f6e9c9742f63e5d440f58a190bfaf23a7866e67589adb80":-34:"-4a6abf75b13dc268ea9cc8b5b6aaf0ac85ecd437a4e0987fb13cf8d2acc57c0306c738c1583":"1a":0 + +Test mbedtls_mpi_div_int: 0 (null) / 0 +mpi_div_int:"":0:"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_int: 0 (1 limb) / 0 +mpi_div_int:"00":0:"":"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Test mbedtls_mpi_div_int: 0 (null) / 1 +mpi_div_int:"":1:"":"":0 + +Base test mbedtls_mpi_mod_mpi #1 +mpi_mod_mpi:"3e8":"d":"c":0 + +Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null)) +mpi_mod_mpi:"3e8":"":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb)) +mpi_mod_mpi:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_mod_mpi #3 +mpi_mod_mpi:"-3e8":"d":"1":0 + +Base test mbedtls_mpi_mod_mpi #4 (Negative modulo) +mpi_mod_mpi:"3e8":"-d":"-1":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_mod_mpi #5 (Negative modulo) +mpi_mod_mpi:"-3e8":"-d":"-c":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Test mbedtls_mpi_mod_mpi: 0 (null) % 1 +mpi_mod_mpi:"":"1":"":0 + +Test mbedtls_mpi_mod_mpi: 0 (null) % -1 +mpi_mod_mpi:"":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Test mbedtls_mpi_mod_mpi: -0 (null) % 1 +mpi_mod_mpi:"-":"1":"":0 + +Test mbedtls_mpi_mod_mpi: -0 (null) % -1 +mpi_mod_mpi:"-":"-1":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Test mbedtls_mpi_mod_mpi: -0 (null) % 42 +mpi_mod_mpi:"-":"2a":"":0 + +Test mbedtls_mpi_mod_mpi: -0 (null) % -42 +mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_mod_int #1 +mpi_mod_int:"3e8":0xd:0xc:0 + +Base test mbedtls_mpi_mod_int #2 (Divide by zero) +mpi_mod_int:"3e8":0x0:0x0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO + +Base test mbedtls_mpi_mod_int #3 +mpi_mod_int:"-3e8":0xd:0x1:0 + +Base test mbedtls_mpi_mod_int #4 (Negative modulo) +mpi_mod_int:"3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_mod_int #5 (Negative modulo) +mpi_mod_int:"-3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Base test mbedtls_mpi_mod_int #6 (By 1) +mpi_mod_int:"3e8":0x1:0x0:0 + +Base test mbedtls_mpi_mod_int #7 (By 2) +mpi_mod_int:"3e9":0x2:0x1:0 + +Base test mbedtls_mpi_mod_int #8 (By 2) +mpi_mod_int:"3e8":0x2:0x0:0 + +Test mbedtls_mpi_mod_int: 0 (null) % 1 +mpi_mod_int:"":0x1:0x0:0 + +Test mbedtls_mpi_mod_int: 0 (null) % 2 +mpi_mod_int:"":0x2:0x0:0 + +Test mbedtls_mpi_mod_int: 0 (null) % -1 +mpi_mod_int:"":-0x1:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +Test mbedtls_mpi_mod_int: 0 (null) % -2 +mpi_mod_int:"":-0x2:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE + +# CURRENTLY FAILS - SEE GITHUB ISSUE #6540 +#Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810 +#depends_on:MBEDTLS_HAVE_INT64 +#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA4847DCCA48:0x2EFE6F1A7D28035A:0 + +Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810 +mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0 + +# CURRENTLY FAILS - SEE GITHUB ISSUE #6540 +#Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0 +#depends_on:MBEDTLS_HAVE_INT64 +#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":0x47DCCA4847DCCA48:0x0:0 + +Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0 +mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0 + +# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE +Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370 +depends_on:MBEDTLS_HAVE_INT64 +mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA48:0x379BD2:0 + +Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370 +mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0 + +# CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE +Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0 +depends_on:MBEDTLS_HAVE_INT64 +mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":0x47DCCA48:0x0:0 + +Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0 +mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0 + +Base test mbedtls_mpi_exp_mod #1 +mpi_exp_mod:"17":"d":"1d":"18":0 + +Base test mbedtls_mpi_exp_mod #2 (Even N) +mpi_exp_mod:"17":"d":"1e":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_exp_mod #2 (N = 0 (null)) +mpi_exp_mod:"17":"d":"":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_exp_mod #3 (Negative N) +mpi_exp_mod:"17":"d":"-1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_exp_mod #4 (Negative base) +mpi_exp_mod:"-17":"d":"1d":"5":0 + +Base test mbedtls_mpi_exp_mod #5 (Negative exponent) +mpi_exp_mod:"17":"-d":"1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent) +mpi_exp_mod:"-17":"-d":"1d":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9 +mpi_exp_mod:"":"":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9 +mpi_exp_mod:"":"00":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9 +mpi_exp_mod:"":"01":"09":"":0 + +Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9 +mpi_exp_mod:"":"02":"09":"":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9 +mpi_exp_mod:"00":"":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9 +mpi_exp_mod:"00":"00":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9 +mpi_exp_mod:"00":"01":"09":"":0 + +Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9 +mpi_exp_mod:"00":"02":"09":"":0 + +Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9 +mpi_exp_mod:"01":"":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9 +mpi_exp_mod:"04":"":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9 +mpi_exp_mod:"0a":"":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9 +mpi_exp_mod:"01":"00":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9 +mpi_exp_mod:"04":"00":"09":"1":0 + +Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9 +mpi_exp_mod:"0a":"00":"09":"1":0 + +Test mbedtls_mpi_exp_mod: MAX_SIZE exponent +mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:"":0 + +Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent +mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_exp_mod: MAX_SIZE modulus +mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE:"":0 + +Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 modulus +mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE + 1:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_exp_mod: MAX_SIZE exponent and modulus +mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:"":0 + +Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent and modulus +mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_exp_mod #1 +depends_on:MPI_MAX_BITS_LARGER_THAN_792 +mpi_exp_mod:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"11a9351d2d32ccd568e75bf8b4ebbb2a36be691b55832edac662ff79803df8af525fba453068be16ac3920bcc1b468f8f7fe786e0fa4ecbabcad31e5e3b05def802eb8600deaf11ef452487db878df20a80606e4bb6a163b83895d034cc8b53dbcd005be42ffdd2ce99bed06089a0b79d":"37880b547b41bda303bddda307eefe24b4aedf076c9b814b903aaf328a10825c7e259a20afc6b70b487bb21a6d32d0ee98a0b9f42ff812c901e2f79237fe3e00856992dd69d93ebc0664c75863829621751b0ac35a8ae8a0965841607d3099b8e0ed24442749ba09acbcb165598dcd40":0 + +Test mbedtls_mpi_exp_mod (Negative base) [#1] +mpi_exp_mod:"-2540be400":"2540be400":"1869f":"1":0 + +Test mbedtls_mpi_exp_mod (Negative base) [#2] +depends_on:MPI_MAX_BITS_LARGER_THAN_792 +mpi_exp_mod:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0 + +Base test GCD #1 +mpi_gcd:"2b5":"261":"15" + +Base test GCD #2 +mpi_gcd:"6e4":"364":"1c" + +Base test GCD #3 +mpi_gcd:"2dcdb10b":"2050d306":"1" + +Test GCD: 0 (null), 0 (null) +mpi_gcd:"":"":"0" + +Test GCD: 0 (null), 0 (1 limb) +mpi_gcd:"":"00":"0" + +Test GCD: 0 (null), 3 +mpi_gcd:"":"03":"3" + +Test GCD: 0 (null), 6 +mpi_gcd:"":"06":"6" + +Test GCD: 0 (1 limb), 0 (null) +mpi_gcd:"00":"":"0" + +Test GCD: 0 (1 limb), 3 +mpi_gcd:"00":"03":"3" + +Test GCD: 0 (1 limb), 6 +mpi_gcd:"00":"06":"6" + +Test GCD: 3, 0 (null) +mpi_gcd:"03":"":"3" + +Test GCD: 3, 0 (1 limb) +mpi_gcd:"03":"00":"3" + +Test GCD: 6, 0 (null) +mpi_gcd:"06":"":"6" + +Test GCD: 6, 0 (1 limb) +mpi_gcd:"06":"00":"6" + +Test GCD: gcd=1, 0 < A < B +mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1" + +Test GCD: gcd=1, 0 < B < A +mpi_gcd:"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"1" + +Test GCD: gcd=1, A > 0, B < 0 +mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"-33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1" + +Test GCD: gcd=1, A < 0 < B, |A| < |B| +mpi_gcd:"-109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1" + +Test GCD: gcd=1, B < A < 0 +mpi_gcd:"-109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"-33ae3764fd06a00cdc3cba5c45dc79a9edb4e67e4d057cc74139d531c25190d111775fc4a0f4439b8b1930bbd766e7b46f170601f316c8a18ff8d5cb5ca5581f168345d101edb462b7d93b7c520ccb8fb276b447a63d869203cc11f67a1122dc4da034218de85e39":"1" + +Test GCD: gcd=2, 0 < A < B +mpi_gcd:"213fc8ae290cdcadfba95b36d6d0dbe4e4495f6f0d19e9e1976f28a4d2650a797e17dd4c2b282ccca9a279b3fc1b3b4b2952fdc40461e25f6a869bce7f69f0204e4b402c4566363d485c744ca032073583be630d37b2f261af25f6e59b552e3b15002b5e":"675c6ec9fa0d4019b87974b88bb8f353db69ccfc9a0af98e8273aa6384a321a222eebf8941e8873716326177aecdcf68de2e0c03e62d91431ff1ab96b94ab03e2d068ba203db68c56fb276f8a419971f64ed688f4c7b0d24079823ecf42245b89b4068431bd0bc72":"2" + +Test GCD: gcd=2, 0 < B < A +mpi_gcd:"675c6ec9fa0d4019b87974b88bb8f353db69ccfc9a0af98e8273aa6384a321a222eebf8941e8873716326177aecdcf68de2e0c03e62d91431ff1ab96b94ab03e2d068ba203db68c56fb276f8a419971f64ed688f4c7b0d24079823ecf42245b89b4068431bd0bc72":"213fc8ae290cdcadfba95b36d6d0dbe4e4495f6f0d19e9e1976f28a4d2650a797e17dd4c2b282ccca9a279b3fc1b3b4b2952fdc40461e25f6a869bce7f69f0204e4b402c4566363d485c744ca032073583be630d37b2f261af25f6e59b552e3b15002b5e":"2" + +Test GCD: gcd=3, 0 < A < B +mpi_gcd:"31dfad053d934b04f97e08d2423949d7566e0f2693a6ded26326bcf73b978fb63d23cbf240bc4332fe73b68dfa28d8f0bdfc7ca60692d38f1fc9e9b5bf1ee8307570e0426819515bec8aae72f04b0ad0459d9493d38c6b9286b8f25868ffc5589f80410d":"9b0aa62ef713e02694b62f14d1956cfdc91eb37ae7107655c3ad7f9546f4b27334661f4de2dccad2a14b92338634b71d4d451205d94459e4afea816215f0085d4389d17305c91d28278bb274f62662af17641cd6f2b893b60b6435e36e336894e8e09c64a9b91aab":"3" + +Test GCD: gcd=3, 0 < B < A +mpi_gcd:"9b0aa62ef713e02694b62f14d1956cfdc91eb37ae7107655c3ad7f9546f4b27334661f4de2dccad2a14b92338634b71d4d451205d94459e4afea816215f0085d4389d17305c91d28278bb274f62662af17641cd6f2b893b60b6435e36e336894e8e09c64a9b91aab":"31dfad053d934b04f97e08d2423949d7566e0f2693a6ded26326bcf73b978fb63d23cbf240bc4332fe73b68dfa28d8f0bdfc7ca60692d38f1fc9e9b5bf1ee8307570e0426819515bec8aae72f04b0ad0459d9493d38c6b9286b8f25868ffc5589f80410d":"3" + +Test GCD: gcd=4, 0 < A < B +mpi_gcd:"427f915c5219b95bf752b66dada1b7c9c892bede1a33d3c32ede5149a4ca14f2fc2fba98565059995344f367f836769652a5fb8808c3c4bed50d379cfed3e0409c9680588acc6c7a90b8e89940640e6b077cc61a6f65e4c35e4bedcb36aa5c762a0056bc":"ceb8dd93f41a803370f2e9711771e6a7b6d399f93415f31d04e754c70946434445dd7f1283d10e6e2c64c2ef5d9b9ed1bc5c1807cc5b22863fe3572d7295607c5a0d174407b6d18adf64edf148332e3ec9dad11e98f61a480f3047d9e8448b713680d08637a178e4":"4" + +Test GCD: gcd=4, 0 < B < A +mpi_gcd:"ceb8dd93f41a803370f2e9711771e6a7b6d399f93415f31d04e754c70946434445dd7f1283d10e6e2c64c2ef5d9b9ed1bc5c1807cc5b22863fe3572d7295607c5a0d174407b6d18adf64edf148332e3ec9dad11e98f61a480f3047d9e8448b713680d08637a178e4":"427f915c5219b95bf752b66dada1b7c9c892bede1a33d3c32ede5149a4ca14f2fc2fba98565059995344f367f836769652a5fb8808c3c4bed50d379cfed3e0409c9680588acc6c7a90b8e89940640e6b077cc61a6f65e4c35e4bedcb36aa5c762a0056bc":"4" + +Test GCD: gcd=6, 0 < A < B +mpi_gcd:"63bf5a0a7b269609f2fc11a4847293aeacdc1e4d274dbda4c64d79ee772f1f6c7a4797e481788665fce76d1bf451b1e17bf8f94c0d25a71e3f93d36b7e3dd060eae1c084d032a2b7d9155ce5e09615a08b3b2927a718d7250d71e4b0d1ff8ab13f00821a":"136154c5dee27c04d296c5e29a32ad9fb923d66f5ce20ecab875aff2a8de964e668cc3e9bc5b995a5429724670c696e3a9a8a240bb288b3c95fd502c42be010ba8713a2e60b923a504f1764e9ec4cc55e2ec839ade571276c16c86bc6dc66d129d1c138c953723556":"6" + +Test GCD: gcd=6, 0 < B < A +mpi_gcd:"136154c5dee27c04d296c5e29a32ad9fb923d66f5ce20ecab875aff2a8de964e668cc3e9bc5b995a5429724670c696e3a9a8a240bb288b3c95fd502c42be010ba8713a2e60b923a504f1764e9ec4cc55e2ec839ade571276c16c86bc6dc66d129d1c138c953723556":"63bf5a0a7b269609f2fc11a4847293aeacdc1e4d274dbda4c64d79ee772f1f6c7a4797e481788665fce76d1bf451b1e17bf8f94c0d25a71e3f93d36b7e3dd060eae1c084d032a2b7d9155ce5e09615a08b3b2927a718d7250d71e4b0d1ff8ab13f00821a":"6" + +Test GCD: 0 < A = B +mpi_gcd:"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af":"109fe45714866e56fdd4ad9b6b686df27224afb7868cf4f0cbb794526932853cbf0beea61594166654d13cd9fe0d9da594a97ee20230f12fb5434de73fb4f8102725a01622b31b1ea42e3a265019039ac1df31869bd97930d792fb72cdaa971d8a8015af" + +Base test mbedtls_mpi_inv_mod #1 +mpi_inv_mod:"3":"b":"4":0 + +Test mbedtls_mpi_inv_mod: mod 0 (null) +mpi_inv_mod:"3":"":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_inv_mod: mod 0 (1 limb) +mpi_inv_mod:"3":"0":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_inv_mod: mod negative +mpi_inv_mod:"3":"-b":"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_inv_mod: 2^-1 mod 4 +mpi_inv_mod:"2":"4":"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_inv_mod: mod 1 +mpi_inv_mod:"3":"1":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_inv_mod: 0 (null) ^-1 +mpi_inv_mod:"":"11":"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1 +mpi_inv_mod:"00":"11":"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_inv_mod #1 +mpi_inv_mod:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0 + +Base test mbedtls_mpi_is_prime #1 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Base test mbedtls_mpi_is_prime #2 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Base test mbedtls_mpi_is_prime #3 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2":0 + +Base test mbedtls_mpi_is_prime #4 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"3":0 + +Base test mbedtls_mpi_is_prime #5 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"4":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Base test mbedtls_mpi_is_prime #6 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"5":0 + +Base test mbedtls_mpi_is_prime #7 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"1b":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Base test mbedtls_mpi_is_prime #8 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2f":0 + +Test mbedtls_mpi_is_prime #1a +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"b91ba63180c726fbd57786f27f1ede97a3b40c59a7fcfb5898f076e9af57028d":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_is_prime #1b +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"b3a119602ee213cde28581ecd892e0f592a338655dce4ca88054b3d124d0e561":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_is_prime #2a +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba0123":0 + +Test mbedtls_mpi_is_prime #2b +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba00c1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + +Test mbedtls_mpi_is_prime #3 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"257ffffffffffffffffff":0 + +Test mbedtls_mpi_is_prime #4 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"a1ffffffffffffffffffff":0 + +Test mbedtls_mpi_is_prime #5 [#1] +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"397ffffffffffffffffffffffffffff":0 + +Test mbedtls_mpi_is_prime #5 [#2] +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"aaaaaaaaaaaaaab":0 + +Test mbedtls_mpi_is_prime #6 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2aaaaaaaaaaaaaaaaaab":0 + +Test mbedtls_mpi_is_prime #7 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"aaaaaaaaaaaaaaaaaaaaaaaab":0 + +Test mbedtls_mpi_is_prime #8 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaab":0 + +Test mbedtls_mpi_is_prime #9 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"4df72d07b4b71c8dacb6cffa954f8d88254b6277099308baf003fab73227f34029643b5a263f66e0d3c3fa297ef71755efd53b8fb6cb812c6bbf7bcf179298bd9947c4c8b14324140a2c0f5fad7958a69050a987a6096e9f055fb38edf0c5889eca4a0cfa99b45fbdeee4c696b328ddceae4723945901ec025076b12b":0 + +Test mbedtls_mpi_is_prime #10 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"cb50e82a8583f44ee0025942e7362991b24e12663a0ddc234a57b0f7b4ff7b025bf5a6707dedc2898e70b739042c95a996283dffdf67558768784553c61e302e8812bc90f0bb0696870cfb910b560cefed8d99bbf7a00b31ccdbd56f3594e5a653cfd127d2167b13119e5c45c3f76b4e3d904a9bc0cbb43c33aa7f23b":0 + +Test mbedtls_mpi_is_prime #11 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"7a364ab3de755f924642bd5273524234f78395da1ed9098f39af4fe248288b0cb7f1c27214588969479d7dc9f0d327b5544dd4c095aa1fa271df421fe9ee460855cc8423d223e2c85dc793f6babdca7fc804ea1f408f867db053bfd98c45085ea5d805c78d2863bacdfcaf4c6147ebb74a9056045074785714c0b84ed":0 + +Test mbedtls_mpi_is_prime #12 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"9c3525e8404f89b7d30b3ccfdb0fab17f81adebbac1b6c6bf558a796014fe3b6cd2c4445c0826d7ef5f5d3aff5ac108185675d2159cd275c64812f24da66dbb0147efc6a3d2f8060e8304f48844abc9d33686087ccc11f":0 + +Test mbedtls_mpi_is_prime #13 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"284139ea19c139ebe09a8111926aaa39a2c2be12ed487a809d3cb5bc55854725b4cdcb5734c58f90b2f60d99cc1950cdbc8d651793e93c9c6f0ead752500a32c56c62082912b66132b2a6aa42ada923e1ad22ceb7ba0123":0 + +Test mbedtls_mpi_is_prime #14 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2eede25f74336afd1f51cbc4e809f8bb746ffac49335d129d1ff322ee3498b2b8144f0b136de076db169da4f4436de1f0c715b3d255272b4d77523174081a2fb703f82409185e0ef73e5a8bdf94e5b789fb7bf9be8eec9f":0 + +Test mbedtls_mpi_is_prime #15 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"7fffffffffffffffffffffffffffffff":0 + +Test mbedtls_mpi_is_prime #16 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"7fffffff":0 + +Test mbedtls_mpi_is_prime #17 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"39531fcd":0 + +Test mbedtls_mpi_is_prime #18 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"ab1cdb3":0 + +Test mbedtls_mpi_is_prime #19 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"1ef3103":0 + +Test mbedtls_mpi_is_prime #20 +depends_on:MBEDTLS_GENPRIME +mpi_is_prime:"2faa127":0 + +Test mbedtls_mpi_is_prime_det (4 non-witnesses) +depends_on:MBEDTLS_GENPRIME +mpi_is_prime_det:"043BD64BA10B11DA83FBD296B04BCA9E0552FAF6E09CAC74E2D7E735ED0DB09FC47ED76145644203EE0C826013BC602F560BCDAAED557D04683859A65D659FF828A245A2C5B1AC41E01E4669A525A45E23AF":"040EA852F7935ACCECC0E87B845281F047D10DC9AAFEF990AF9D3D66770DA30B0C5B5E03EEA8C0CB79B936FE0BB8EE5389EC1D34EB16C58AA3F2E11AF084160CDF6400BE1CC179867AB074866952D9F34EE7042D27F960E715A97FCB93F3182247D0A6AE51BD21CC2F6B0651F9E572C5FB86F3137053FA85FD7A51816D69B3A53A5A438C17754836D04E98CA240B901F828332F2D72D88C497DA45F533F99A6E53EDEA6B0424EC8951B048FA9A80134B37D0A67014597934E3CFC52C5A4DD4751ADF8D66FC79E84E2A3148C4B15C17E12CB659390FD275F39A331FFC80EC699BC3F6FAB868E30E9B14575FCDAB6FAED01E00112DD28704177E09C335AD43A696FEA761E8DF3B0663277A5C3637F9060CB5E5654F72E9A6B0F369E660AD4CF7ABF4195493545B367BD55271CD4BB7D9C15D3F508FE8F7409C2126FC8E73B43A67CD4EFB21E9F15DBF040A2A8D5F5ED75CEAC12B595C0051F3EC9D5A58ACE82A9506E64F780E9836728260FFE1BFD73E8A9869E3D46A35A856D3028F7FEAB9F4F1A04449AEDC80017EE1014080D87F0B50C8EF255324CD89F7D039":82:5 + +Test mbedtls_mpi_is_prime_det (39 non-witnesses) +depends_on:MBEDTLS_GENPRIME +mpi_is_prime_det:"155102B67930FBE8858DF6C0642D77D419A7B7968E622CC7500F3E3F2C5168368C50E0083187":"119B3E2C721834D83416239B04447AA18AE0163E61DCAE97054563D79E094A6FA4485BD6A0501445BF57FE9C058926CDB862E04CC1A95D79D61D9AB3466857A53E04F8D7470C9C86649B226A13DDC534E18DFD5C22FAEA317CA4D4960F18457FD6D2FFB5F3273F74C89980DC774590D8D30D1159CA81999ED94A042D67DA68C82616AD46C2C88288A8EBD0B37AC7C152D9522CA4544642AD1210F6B642FEBF43563FA872B0DEFAFC69D0B6570E8FEA9570D0AADCFA9B06CC8BFD62CEDC221541210EEEF9762448C6D49F26AA767A4D66CB168589E0201923015314E6CD4A480E5936E7CF145F73A564C5B782635B3AFC3028E2632C5D3458224A7C9E8BA1876E8F690463C878292D3DC011E9640331E7F7621F2B5E0F6713DD8C9D6767521C4BA880DA8D11C67753C8493D2C4C4F1443147550D0B25B7FAD04EAFA9F8AA60974C1365C8A794CFEECEB4279B1150909A97E5A7A10B5D91186CA5B25A612036631FE73529C8CFAE51E76FB704A772DE5320EFC1212E7A399B1FEBF57D014AF9129DFF5D2C5DFBBEEAC55F360CF6D22FA90B8E2E9AD0C71AB6495A9452A58D653B8CC26128C66B43EFBA6E39AEC5717A1A3C2AE1449FCABAFE1180B159DA55190CD81A3D9E8D798647E11B827F0A057D6DA5AAD78AB5112EE65E10E8B8B369BA24E1B8AD2CD8548C497016C07A143DE1232F8059BE303572456FA92E76A0F23D1340629228B7D27C02D3833A72745B91A3DBEB5E081117A9F19597F00E4277B414FAEA8C8CEB895C37F956A5A22F8D7A10ADA50B22BAB312504904511AA0EFDD4D3BF20ECB17E8A684564FFB5BBD5E22C429F9A75A4FB4AE468FE7612ED53C7A11212E7EF3435CC9CA6E7DB167B8CCE2BECF35F89013F8F876223C77FA81570970858663C6E32B91080AA47F9C90177F51E6FD7747B910C9489C7B6ACB070996198AD9A40A69711274159210A9A12DBAAA4FB4632446066AB70D735DC95F7C2BCE517E88C064D728DE82B1B043DF4AEE0EFF5131120A4E5B9B4180EB6F6B8A0D1491ABDA069058A9966B1A517D8E7B4997DC52A1E698FD79E271153DF1913FE6787A5D99DE69F39C3F22D26DC731CFBB33FF5C267D85D7A3DAE8E1C87E1DB2F1236212EF1942EA756967FB3D07D629E59EA4034D9A9B5E270DD4A31C8A3DFDA99C1094B5537132C196DA2AEAF5253A019B9AF25B5DCB0D4DD75C7C9C353DA9DAABFB23959A5455312E7E1C21268C1BC14E83DCFDF50C27FD3E8B4EDC04C5F3CB5FCFFF2B57151E1B1EE1A6456DC006BC43E1158674AA4CF7D146DE4A57103BE43ED130C8007294ED2418C7A2B769A7D20EBB5A8367A77B313F81BB119B9954305FF160FF83EED7F808EE6D340A5CCC000CF81AA497D315D350CCE4E86A31456B8AA85B677491FC662933DFA55EB5BFF64B8D85430D676A85D1CAFAFF383E68C4E6C22A51063739EC03FC58C36C07C44E54828BE2152B2E9AFB0F179B157D09B64C147B524BB5424BB1914419424D9100D06EDCFC718F4DF3D562E9E16C446663F35273CA7BC5426B868A80C8D415C9A12A1619CDB7CDB5BEBC70313150BDF8C3AB26B809FE62D28E798EF1EF98C410A2DA0A9071F82154AC569078B0E647E2C085D1D907E634453442803D0492D3D0C78CACB762020C0E589C8B0981321EA2771305FD0413F3B2963FCE9A232F6641DB7E12ADC009A032063C41756E5E19E5711DE12711F07AFE7545B4D83F3EFD7BFD0435297C89DF3D4AF96EBE2CE8D64B93E36EA5D7E5A0492151D0CAEE7449A7D35E1A3C83E22C3B35162C073CC3B1CF76FBDEE84270721FC042EAAEB7325110181415E2031CFB7462F15111291CDAC0560FF9F4C7341F2FA261B97CEF348D074AA2EB4DB153FE6B1410519DA4213B611999868F3B867A2B6D758D333C4989DE80782683CA26ECDE373C71524F01B76349CE8A07A5EBECBB42259CF970DDA756EC996B189FEA045FEE45F23D476960913106ECA2510B8517AA75D56FA4152B2BDDC212014E5D07FD964D6EE532F0616DF74E104659955132331FABF2D2AD265E71C93C648A956FA0A3DB21FF103D516527F2DA0E870340B61EE8A8ED913B60605EB5A67B834D0FC90564386012585609870FEF6530B3E3C037B55506F0B5694F6B0FC":38:40 + +Test mbedtls_mpi_gen_prime (Too small) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:2:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Test mbedtls_mpi_gen_prime (OK, minimum size) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:3:0:0 + +Test mbedtls_mpi_gen_prime (corner case limb size -1 bits) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:63:0:0 + +Test mbedtls_mpi_gen_prime (corner case limb size) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:64:0:0 + +Test mbedtls_mpi_gen_prime (corner case limb size +1 bits) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:65:0:0 + +Test mbedtls_mpi_gen_prime (Larger) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:128:0:0 + +Test mbedtls_mpi_gen_prime (Safe) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH:0 + +Test mbedtls_mpi_gen_prime (Safe with lower error rate) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH | MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 + +Test mbedtls_mpi_gen_prime standard RSA #1 (lower error rate) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:1024:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 + +Test mbedtls_mpi_gen_prime standard RSA #2 (lower error rate) +depends_on:MBEDTLS_GENPRIME +mpi_gen_prime:1536:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 + +Test bit getting (Value bit 25) +mpi_get_bit:"2faa127":25:1 + +Test bit getting (Larger but same limb) +mpi_get_bit:"2faa127":26:0 + +Test bit getting (Larger and non-existing limb) +mpi_get_bit:"2faa127":500:0 + +Test bit getting in 0 (null) +mpi_get_bit:"":500:0 + +Test bit getting (Value bit 24) +mpi_get_bit:"2faa127":24:0 + +Test bit getting (Value bit 23) +mpi_get_bit:"2faa127":23:1 + +Test bit set (Change existing value with a 1) +mpi_set_bit:"2faa127":24:1:"3faa127":0 + +Test bit set (Change existing value with a 0) +mpi_set_bit:"2faa127":25:0:"faa127":0 + +Test bit set (Add above existing limbs with a 0) +mpi_set_bit:"2faa127":80:0:"2faa127":0 + +Test bit set (Add above existing limbs with a 1) +mpi_set_bit:"2faa127":80:1:"100000000000002faa127":0 + +Test bit set (Add to 0 (null) with a 0) +mpi_set_bit:"":65:0:"":0 + +Test bit set (Add to 0 (null) with a 1) +mpi_set_bit:"":65:1:"020000000000000000":0 + +Test bit set (Bit index larger than 31 with a 0) +mpi_set_bit:"FFFFFFFFFFFFFFFF":32:0:"FFFFFFFEFFFFFFFF":0 + +Test bit set (Bit index larger than 31 with a 1) +mpi_set_bit:"00":32:1:"0100000000":0 + +Test bit set (Invalid bit value) +mpi_set_bit:"00":5:2:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Fill random: 0 bytes +mpi_fill_random:0:0:0:0 + +Fill random: 1 byte, good +mpi_fill_random:1:1:0:0 + +Fill random: 2 bytes, good, no leading zero +mpi_fill_random:2:2:0:0 + +Fill random: 2 bytes, good, 1 leading zero +mpi_fill_random:2:256:0:0 + +Fill random: MAX_SIZE - 7, good +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0:0 + +Fill random: MAX_SIZE, good +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0:0 + +Fill random: 0 bytes, previously small >0 +mpi_fill_random:0:0:1:0 + +Fill random: 0 bytes, previously small <0 +mpi_fill_random:0:0:-1:0 + +Fill random: 0 bytes, previously large >0 +mpi_fill_random:0:0:65:0 + +Fill random: 0 bytes, previously large <0 +mpi_fill_random:0:0:-65:0 + +Fill random: 1 byte, previously small >0 +mpi_fill_random:1:1:1:0 + +Fill random: 1 byte, previously small <0 +mpi_fill_random:1:1:-1:0 + +Fill random: 1 byte, previously large >0 +mpi_fill_random:1:1:65:0 + +Fill random: 1 byte, previously large <0 +mpi_fill_random:1:1:-65:0 + +Fill random: 9 bytes, previously small >0 +mpi_fill_random:1:1:1:0 + +Fill random: 9 bytes, previously small <0 +mpi_fill_random:1:1:-1:0 + +Fill random: 1 byte, RNG failure +mpi_fill_random:1:0:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 2 bytes, RNG failure after 1 byte +mpi_fill_random:2:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 4 bytes, RNG failure after 3 bytes +mpi_fill_random:4:3:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 8 bytes, RNG failure after 7 bytes +mpi_fill_random:8:7:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 16 bytes, RNG failure after 1 bytes +mpi_fill_random:16:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 16 bytes, RNG failure after 8 bytes +mpi_fill_random:16:8:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: 16 bytes, RNG failure after 15 bytes +mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes +mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED + +MPI random in range: 1..2 +mpi_random_many:1:"02":1000 + +MPI random in range: 1..3 +mpi_random_many:1:"03":1000 + +MPI random in range: 1..4 +mpi_random_many:1:"04":1000 + +MPI random in range: 1..5 +mpi_random_many:1:"05":1000 + +MPI random in range: 1..6 +mpi_random_many:1:"06":1000 + +MPI random in range: 1..7 +mpi_random_many:1:"07":1000 + +MPI random in range: 1..8 +mpi_random_many:1:"08":1000 + +MPI random in range: 1..9 +mpi_random_many:1:"09":1000 + +MPI random in range: 1..10 +mpi_random_many:1:"0a":1000 + +MPI random in range: 1..11 +mpi_random_many:1:"0b":1000 + +MPI random in range: 1..12 +mpi_random_many:1:"0c":1000 + +MPI random in range: 1..255 +mpi_random_many:1:"ff":100 + +MPI random in range: 1..256 +mpi_random_many:1:"0100":100 + +MPI random in range: 1..257 +mpi_random_many:1:"0101":100 + +MPI random in range: 1..272 +mpi_random_many:1:"0110":100 + +MPI random in range: 1..2^64-1 +mpi_random_many:1:"ffffffffffffffff":100 + +MPI random in range: 1..2^64 +mpi_random_many:1:"010000000000000000":100 + +MPI random in range: 1..2^64+1 +mpi_random_many:1:"010000000000000001":100 + +MPI random in range: 1..2^64+2^63 +mpi_random_many:1:"018000000000000000":100 + +MPI random in range: 1..2^65-1 +mpi_random_many:1:"01ffffffffffffffff":100 + +MPI random in range: 1..2^65 +mpi_random_many:1:"020000000000000000":100 + +MPI random in range: 1..2^65+1 +mpi_random_many:1:"020000000000000001":100 + +MPI random in range: 1..2^65+2^64 +mpi_random_many:1:"030000000000000000":100 + +MPI random in range: 1..2^66+2^65 +mpi_random_many:1:"060000000000000000":100 + +MPI random in range: 1..2^71-1 +mpi_random_many:1:"7fffffffffffffffff":100 + +MPI random in range: 1..2^71 +mpi_random_many:1:"800000000000000000":100 + +MPI random in range: 1..2^71+1 +mpi_random_many:1:"800000000000000001":100 + +MPI random in range: 1..2^71+2^70 +mpi_random_many:1:"c00000000000000000":100 + +MPI random in range: 1..2^72-1 +mpi_random_many:1:"ffffffffffffffffff":100 + +MPI random in range: 1..2^72 +mpi_random_many:1:"01000000000000000000":100 + +MPI random in range: 1..2^72+1 +mpi_random_many:1:"01000000000000000001":100 + +MPI random in range: 1..2^72+2^71 +mpi_random_many:1:"01800000000000000000":100 + +MPI random in range: 0..1 +mpi_random_many:0:"04":10000 + +MPI random in range: 0..4 +mpi_random_many:0:"04":10000 + +MPI random in range: 2..4 +mpi_random_many:2:"04":10000 + +MPI random in range: 3..4 +mpi_random_many:3:"04":10000 + +MPI random in range: smaller result +mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0 + +MPI random in range: same size result (32-bit limbs) +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":2:0 + +MPI random in range: same size result (64-bit limbs) +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0 + +MPI random in range: larger result +mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0 + +## The "0 limb in upper bound" tests rely on the fact that +## mbedtls_mpi_read_binary() bases the size of the MPI on the size of +## the input, without first checking for leading zeros. If this was +## not the case, the tests would still pass, but would not exercise +## the advertised behavior. +MPI random in range: leading 0 limb in upper bound #0 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0 + +MPI random in range: leading 0 limb in upper bound #1 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":1:0 + +MPI random in range: leading 0 limb in upper bound #2 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":2:0 + +MPI random in range: leading 0 limb in upper bound #3 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":3:0 + +MPI random in range: leading 0 limb in upper bound #4 +mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":4:0 + +MPI random in range: previously small >0 +mpi_random_sizes:1:"1234567890":4:1 + +MPI random in range: previously small <0 +mpi_random_sizes:1:"1234567890":4:-1 + +MPI random in range: previously large >0 +mpi_random_sizes:1:"1234":4:65 + +MPI random in range: previously large <0 +mpi_random_sizes:1:"1234":4:-65 + +MPI random bad arguments: min < 0 +mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min = N = 0 +mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min = N = 1 +mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min > N = 0 +mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min > N = 1 +mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +MPI random bad arguments: min > N = 1, 0 limb in upper bound +mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA + +Most negative mbedtls_mpi_sint +most_negative_mpi_sint: + +MPI Selftest +depends_on:MBEDTLS_SELF_TEST +mpi_selftest: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_blowfish.function b/third_party/mbedtls/repo/tests/suites/test_suite_blowfish.function index f89353ce952..95417113dd8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_blowfish.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_blowfish.function @@ -8,156 +8,156 @@ */ /* BEGIN_CASE */ -void blowfish_valid_param( ) +void blowfish_valid_param() { - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_blowfish_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void blowfish_invalid_param( ) +void blowfish_invalid_param() { mbedtls_blowfish_context ctx; unsigned char buf[16] = { 0 }; - size_t const valid_keylength = sizeof( buf ) * 8; + size_t const valid_keylength = sizeof(buf) * 8; size_t valid_mode = MBEDTLS_BLOWFISH_ENCRYPT; size_t invalid_mode = 42; size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_blowfish_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_blowfish_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( NULL, - buf, - valid_keylength ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_setkey( &ctx, - NULL, - valid_keylength ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - invalid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); + TEST_INVALID_PARAM(mbedtls_blowfish_init(NULL)); + TEST_VALID_PARAM(mbedtls_blowfish_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_setkey(NULL, + buf, + valid_keylength)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_setkey(&ctx, + NULL, + valid_keylength)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(NULL, + valid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + invalid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + valid_mode, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ecb(&ctx, + valid_mode, + buf, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(NULL, + valid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + invalid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, buf, NULL)); +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + +#if defined(MBEDTLS_CIPHER_MODE_CFB) + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(NULL, valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, invalid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cbc( &ctx, + sizeof(buf), + &off, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - invalid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_cfb64( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); + sizeof(buf), + &off, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_cfb64(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, - mbedtls_blowfish_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(NULL, + sizeof(buf), + &off, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + NULL, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA, + mbedtls_blowfish_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -166,155 +166,157 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void blowfish_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void blowfish_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_blowfish_crypt_ecb(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void blowfish_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void blowfish_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_blowfish_context ctx; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0) - { + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cbc(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_encrypt_cfb64(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_blowfish_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, + &iv_offset, iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_decrypt_cfb64(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_blowfish_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, + &iv_offset, iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ -void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void blowfish_encrypt_ctr(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char stream_str[100]; unsigned char output[100]; @@ -323,16 +325,17 @@ void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str, memset(stream_str, 0x00, 100); memset(output, 0x00, 100); - mbedtls_blowfish_init( &ctx ); + mbedtls_blowfish_init(&ctx); - mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 ); + mbedtls_blowfish_setkey(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_blowfish_crypt_ctr(&ctx, src_str->len, &iv_offset, iv_str->x, stream_str, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); exit: - mbedtls_blowfish_free( &ctx ); + mbedtls_blowfish_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_camellia.function b/third_party/mbedtls/repo/tests/suites/test_suite_camellia.function index 312495c9ae2..da4276a85a0 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_camellia.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_camellia.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE */ -void camellia_valid_param( ) +void camellia_valid_param() { - TEST_VALID_PARAM( mbedtls_camellia_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_camellia_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void camellia_invalid_param( ) +void camellia_invalid_param() { mbedtls_camellia_context ctx; unsigned char buf[16] = { 0 }; @@ -25,147 +25,147 @@ void camellia_invalid_param( ) size_t off; ((void) off); - TEST_INVALID_PARAM( mbedtls_camellia_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_enc( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( NULL, - buf, - valid_keybits ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_setkey_dec( &ctx, - NULL, - valid_keybits ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( NULL, - valid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - invalid_mode, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ecb( &ctx, - valid_mode, - buf, NULL ) ); + TEST_INVALID_PARAM(mbedtls_camellia_init(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_enc(NULL, + buf, + valid_keybits)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_enc(&ctx, + NULL, + valid_keybits)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_dec(NULL, + buf, + valid_keybits)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_setkey_dec(&ctx, + NULL, + valid_keybits)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(NULL, + valid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + invalid_mode, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + valid_mode, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ecb(&ctx, + valid_mode, + buf, NULL)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( NULL, - valid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - invalid_mode, - sizeof( buf ), - buf, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cbc( &ctx, - valid_mode, - sizeof( buf ), - buf, buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(NULL, + valid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + invalid_mode, + sizeof(buf), + buf, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cbc(&ctx, + valid_mode, + sizeof(buf), + buf, buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( NULL, - valid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - invalid_mode, - sizeof( buf ), - &off, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_cfb128( &ctx, - valid_mode, - sizeof( buf ), - &off, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(NULL, + valid_mode, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + invalid_mode, + sizeof(buf), + &off, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_cfb128(&ctx, + valid_mode, + sizeof(buf), + &off, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( NULL, - sizeof( buf ), - &off, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - NULL, - buf, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - NULL, buf, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, - mbedtls_camellia_crypt_ctr( &ctx, - sizeof( buf ), - &off, - buf, buf, - buf, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(NULL, + sizeof(buf), + &off, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + NULL, + buf, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + NULL, buf, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA, + mbedtls_camellia_crypt_ctr(&ctx, + sizeof(buf), + &off, + buf, buf, + buf, NULL)); #endif /* MBEDTLS_CIPHER_MODE_CTR */ exit: @@ -174,152 +174,154 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void camellia_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void camellia_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - TEST_ASSERT( mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void camellia_decrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst, int setkey_result ) +void camellia_decrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst, int setkey_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - TEST_ASSERT( mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ) == setkey_result ); - if( setkey_result == 0 ) - { - TEST_ASSERT( mbedtls_camellia_crypt_ecb( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8) == setkey_result); + if (setkey_result == 0) { + TEST_ASSERT(mbedtls_camellia_crypt_ecb(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->x, + output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void camellia_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, int cbc_result ) +void camellia_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, src_str->x, output) == cbc_result ); - if( cbc_result == 0 ) - { + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void camellia_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void camellia_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_camellia_context ctx; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_dec( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cbc( &ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + mbedtls_camellia_setkey_dec(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cbc(&ctx, MBEDTLS_CAMELLIA_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void camellia_encrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void camellia_encrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_camellia_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_ENCRYPT, 16, &iv_offset, + iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */ -void camellia_decrypt_cfb128( data_t * key_str, data_t * iv_str, - data_t * src_str, - data_t * dst ) +void camellia_decrypt_cfb128(data_t *key_str, data_t *iv_str, + data_t *src_str, + data_t *dst) { unsigned char output[100]; mbedtls_camellia_context ctx; size_t iv_offset = 0; memset(output, 0x00, 100); - mbedtls_camellia_init( &ctx ); + mbedtls_camellia_init(&ctx); - mbedtls_camellia_setkey_enc( &ctx, key_str->x, key_str->len * 8 ); - TEST_ASSERT( mbedtls_camellia_crypt_cfb128( &ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, iv_str->x, src_str->x, output ) == 0 ); + mbedtls_camellia_setkey_enc(&ctx, key_str->x, key_str->len * 8); + TEST_ASSERT(mbedtls_camellia_crypt_cfb128(&ctx, MBEDTLS_CAMELLIA_DECRYPT, 16, &iv_offset, + iv_str->x, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 16, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 16, dst->len) == 0); exit: - mbedtls_camellia_free( &ctx ); + mbedtls_camellia_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void camellia_selftest( ) +void camellia_selftest() { - TEST_ASSERT( mbedtls_camellia_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_camellia_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ccm.function b/third_party/mbedtls/repo/tests/suites/test_suite_ccm.function index 5a3726e07bb..8e5952884cd 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ccm.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ccm.function @@ -8,34 +8,34 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ -void mbedtls_ccm_self_test( ) +void mbedtls_ccm_self_test() { - TEST_ASSERT( mbedtls_ccm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_setkey( int cipher_id, int key_size, int result ) +void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) { mbedtls_ccm_context ctx; unsigned char key[32]; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - ret = mbedtls_ccm_setkey( &ctx, cipher_id, key, key_size ); - TEST_ASSERT( ret == result ); + ret = mbedtls_ccm_setkey(&ctx, cipher_id, key, key_size); + TEST_ASSERT(ret == result); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) +void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { mbedtls_ccm_context ctx; unsigned char key[16]; @@ -46,38 +46,39 @@ void ccm_lengths( int msg_len, int iv_len, int add_len, int tag_len, int res ) unsigned char tag[18]; int decrypt_ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - ASSERT_ALLOC_WEAK( add, add_len ); - memset( key, 0, sizeof( key ) ); - memset( msg, 0, sizeof( msg ) ); - memset( iv, 0, sizeof( iv ) ); - memset( out, 0, sizeof( out ) ); - memset( tag, 0, sizeof( tag ) ); + TEST_CALLOC_OR_SKIP(add, add_len); + memset(key, 0, sizeof(key)); + memset(msg, 0, sizeof(msg)); + memset(iv, 0, sizeof(iv)); + memset(out, 0, sizeof(out)); + memset(tag, 0, sizeof(tag)); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ) ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key)) == 0); - TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg_len, iv, iv_len, add, add_len, - msg, out, tag, tag_len ) == res ); + TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg_len, iv, iv_len, add, add_len, + msg, out, tag, tag_len) == res); - decrypt_ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len, iv, iv_len, add, add_len, - msg, out, tag, tag_len ); + decrypt_ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len, iv, iv_len, add, add_len, + msg, out, tag, tag_len); - if( res == 0 ) - TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); - else - TEST_ASSERT( decrypt_ret == res ); + if (res == 0) { + TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); + } else { + TEST_ASSERT(decrypt_ret == res); + } exit: - mbedtls_free( add ); - mbedtls_ccm_free( &ctx ); + mbedtls_free(add); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len, - int res ) +void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, + int res) { mbedtls_ccm_context ctx; unsigned char key[16]; @@ -88,115 +89,115 @@ void ccm_star_lengths( int msg_len, int iv_len, int add_len, int tag_len, unsigned char tag[18]; int decrypt_ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( key, 0, sizeof( key ) ); - memset( msg, 0, sizeof( msg ) ); - memset( iv, 0, sizeof( iv ) ); - memset( add, 0, sizeof( add ) ); - memset( out, 0, sizeof( out ) ); - memset( tag, 0, sizeof( tag ) ); + memset(key, 0, sizeof(key)); + memset(msg, 0, sizeof(msg)); + memset(iv, 0, sizeof(iv)); + memset(add, 0, sizeof(add)); + memset(out, 0, sizeof(out)); + memset(tag, 0, sizeof(tag)); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ) ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key)) == 0); - TEST_ASSERT( mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len, - add, add_len, msg, out, tag, tag_len ) == res ); + TEST_ASSERT(mbedtls_ccm_star_encrypt_and_tag(&ctx, msg_len, iv, iv_len, + add, add_len, msg, out, tag, tag_len) == res); - decrypt_ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len, add, - add_len, msg, out, tag, tag_len ); + decrypt_ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg_len, iv, iv_len, add, + add_len, msg, out, tag, tag_len); - if( res == 0 && tag_len != 0 ) - TEST_ASSERT( decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED ); - else - TEST_ASSERT( decrypt_ret == res ); + if (res == 0 && tag_len != 0) { + TEST_ASSERT(decrypt_ret == MBEDTLS_ERR_CCM_AUTH_FAILED); + } else { + TEST_ASSERT(decrypt_ret == res); + } exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_encrypt_and_tag( int cipher_id, data_t * key, - data_t * msg, data_t * iv, - data_t * add, data_t * result ) +void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, + data_t *msg, data_t *iv, + data_t *add, data_t *result) { mbedtls_ccm_context ctx; size_t tag_len; - uint8_t * msg_n_tag = (uint8_t *)malloc( result->len + 2 ); + uint8_t *msg_n_tag = (uint8_t *) malloc(result->len + 2); - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( msg_n_tag, 0, result->len + 2 ); - memcpy( msg_n_tag, msg->x, msg->len ); + memset(msg_n_tag, 0, result->len + 2); + memcpy(msg_n_tag, msg->x, msg->len); tag_len = result->len - msg->len; - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_encrypt_and_tag( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg_n_tag, msg_n_tag, msg_n_tag + msg->len, tag_len ) == 0 ); + TEST_ASSERT(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len, + msg_n_tag, msg_n_tag, msg_n_tag + msg->len, + tag_len) == 0); - TEST_ASSERT( memcmp( msg_n_tag, result->x, result->len ) == 0 ); + TEST_ASSERT(memcmp(msg_n_tag, result->x, result->len) == 0); /* Check we didn't write past the end */ - TEST_ASSERT( msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0 ); + TEST_ASSERT(msg_n_tag[result->len] == 0 && msg_n_tag[result->len + 1] == 0); exit: - mbedtls_ccm_free( &ctx ); - free( msg_n_tag ); + mbedtls_ccm_free(&ctx); + free(msg_n_tag); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_auth_decrypt( int cipher_id, data_t * key, - data_t * msg, data_t * iv, - data_t * add, int tag_len, int result, - data_t * expected_msg ) +void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, + data_t *msg, data_t *iv, + data_t *add, int tag_len, int result, + data_t *expected_msg) { unsigned char tag[16]; mbedtls_ccm_context ctx; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( tag, 0x00, sizeof( tag ) ); + memset(tag, 0x00, sizeof(tag)); msg->len -= tag_len; - memcpy( tag, msg->x + msg->len, tag_len ); + memcpy(tag, msg->x + msg->len, tag_len); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_ccm_auth_decrypt( &ctx, msg->len, iv->x, iv->len, add->x, add->len, - msg->x, msg->x, msg->x + msg->len, tag_len ) == result ); + TEST_ASSERT(mbedtls_ccm_auth_decrypt(&ctx, msg->len, iv->x, iv->len, add->x, add->len, + msg->x, msg->x, msg->x + msg->len, tag_len) == result); - if( result == 0 ) - { - TEST_ASSERT( memcmp( msg->x, expected_msg->x, expected_msg->len ) == 0 ); - } - else - { + if (result == 0) { + TEST_ASSERT(memcmp(msg->x, expected_msg->x, expected_msg->len) == 0); + } else { size_t i; - for( i = 0; i < msg->len; i++ ) - TEST_ASSERT( msg->x[i] == 0 ); + for (i = 0; i < msg->len; i++) { + TEST_ASSERT(msg->x[i] == 0); + } } /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( memcmp( msg->x + msg->len, tag, tag_len ) == 0 ); + TEST_ASSERT(memcmp(msg->x + msg->len, tag, tag_len) == 0); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, - data_t *key, data_t *msg, - data_t *source_address, data_t *frame_counter, - int sec_level, data_t *add, - data_t *expected_result, int output_ret ) +void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, + data_t *key, data_t *msg, + data_t *source_address, data_t *frame_counter, + int sec_level, data_t *add, + data_t *expected_result, int output_ret) { unsigned char iv[13]; unsigned char result[50]; @@ -204,49 +205,50 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id, size_t iv_len, tag_len; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( result, 0x00, sizeof( result ) ); + memset(result, 0x00, sizeof(result)); - if( sec_level % 4 == 0) + if (sec_level % 4 == 0) { tag_len = 0; - else - tag_len = 1 << ( sec_level % 4 + 1); + } else { + tag_len = 1 << (sec_level % 4 + 1); + } - TEST_ASSERT( source_address->len == 8 ); - TEST_ASSERT( frame_counter->len == 4 ); - memcpy( iv, source_address->x, source_address->len ); - memcpy( iv + source_address->len, frame_counter->x, frame_counter->len ); + TEST_ASSERT(source_address->len == 8); + TEST_ASSERT(frame_counter->len == 4); + memcpy(iv, source_address->x, source_address->len); + memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); iv[source_address->len + frame_counter->len] = sec_level; - iv_len = sizeof( iv ); + iv_len = sizeof(iv); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, - key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, + key->x, key->len * 8) == 0); - ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len, - add->x, add->len, msg->x, - result, result + msg->len, tag_len ); + ret = mbedtls_ccm_star_encrypt_and_tag(&ctx, msg->len, iv, iv_len, + add->x, add->len, msg->x, + result, result + msg->len, tag_len); - TEST_ASSERT( ret == output_ret ); + TEST_ASSERT(ret == output_ret); - TEST_ASSERT( memcmp( result, - expected_result->x, expected_result->len ) == 0 ); + TEST_ASSERT(memcmp(result, + expected_result->x, expected_result->len) == 0); /* Check we didn't write past the end */ - TEST_ASSERT( result[expected_result->len] == 0 && - result[expected_result->len + 1] == 0 ); + TEST_ASSERT(result[expected_result->len] == 0 && + result[expected_result->len + 1] == 0); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ccm_star_auth_decrypt( int cipher_id, - data_t *key, data_t *msg, - data_t *source_address, data_t *frame_counter, - int sec_level, data_t *add, - data_t *expected_result, int output_ret ) +void mbedtls_ccm_star_auth_decrypt(int cipher_id, + data_t *key, data_t *msg, + data_t *source_address, data_t *frame_counter, + int sec_level, data_t *add, + data_t *expected_result, int output_ret) { unsigned char iv[13]; unsigned char result[50]; @@ -254,46 +256,47 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id, size_t iv_len, tag_len; int ret; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); - memset( iv, 0x00, sizeof( iv ) ); - memset( result, '+', sizeof( result ) ); + memset(iv, 0x00, sizeof(iv)); + memset(result, '+', sizeof(result)); - if( sec_level % 4 == 0) + if (sec_level % 4 == 0) { tag_len = 0; - else - tag_len = 1 << ( sec_level % 4 + 1); + } else { + tag_len = 1 << (sec_level % 4 + 1); + } - TEST_ASSERT( source_address->len == 8 ); - TEST_ASSERT( frame_counter->len == 4 ); - memcpy( iv, source_address->x, source_address->len ); - memcpy( iv + source_address->len, frame_counter->x, frame_counter->len ); + TEST_ASSERT(source_address->len == 8); + TEST_ASSERT(frame_counter->len == 4); + memcpy(iv, source_address->x, source_address->len); + memcpy(iv + source_address->len, frame_counter->x, frame_counter->len); iv[source_address->len + frame_counter->len] = sec_level; - iv_len = sizeof( iv ); + iv_len = sizeof(iv); - TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 ); + TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); - ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len, - add->x, add->len, msg->x, result, - msg->x + msg->len - tag_len, tag_len ); + ret = mbedtls_ccm_star_auth_decrypt(&ctx, msg->len - tag_len, iv, iv_len, + add->x, add->len, msg->x, result, + msg->x + msg->len - tag_len, tag_len); - TEST_ASSERT( ret == output_ret ); + TEST_ASSERT(ret == output_ret); - TEST_ASSERT( memcmp( result, expected_result->x, - expected_result->len ) == 0 ); + TEST_ASSERT(memcmp(result, expected_result->x, + expected_result->len) == 0); /* Check we didn't write past the end (where the original tag is) */ - TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) ); - TEST_EQUAL( result[msg->len], '+' ); - TEST_EQUAL( result[msg->len + 1], '+' ); + TEST_ASSERT((msg->len + 2) <= sizeof(result)); + TEST_EQUAL(result[msg->len], '+'); + TEST_EQUAL(result[msg->len + 1], '+'); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ccm_invalid_param( ) +void ccm_invalid_param() { struct mbedtls_ccm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; @@ -301,205 +304,205 @@ void ccm_invalid_param( ) int valid_len = sizeof(valid_buffer); int valid_bitlen = valid_len * 8; - mbedtls_ccm_init( &ctx ); + mbedtls_ccm_init(&ctx); /* mbedtls_ccm_init() */ - TEST_INVALID_PARAM( mbedtls_ccm_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ccm_init(NULL)); /* mbedtls_ccm_setkey() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); + mbedtls_ccm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); + mbedtls_ccm_setkey(&ctx, valid_cipher, NULL, valid_bitlen)); /* mbedtls_ccm_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_star_encrypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len) ); + mbedtls_ccm_star_encrypt_and_tag(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_encrypt_and_tag( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_star_encrypt_and_tag(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); /* mbedtls_ccm_star_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_buffer, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CCM_BAD_INPUT, - mbedtls_ccm_star_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - NULL, valid_len ) ); + mbedtls_ccm_star_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + NULL, valid_len)); exit: - mbedtls_ccm_free( &ctx ); + mbedtls_ccm_free(&ctx); return; } /* END_CASE */ /* BEGIN_CASE */ -void ccm_valid_param( ) +void ccm_valid_param() { - TEST_VALID_PARAM( mbedtls_ccm_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ccm_free(NULL)); exit: return; } diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_chacha20.function b/third_party/mbedtls/repo/tests/suites/test_suite_chacha20.function index 67c8de2ec1b..3c6f06ce7a2 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_chacha20.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_chacha20.function @@ -8,43 +8,44 @@ */ /* BEGIN_CASE */ -void chacha20_crypt( data_t *key_str, - data_t *nonce_str, - int counter, - data_t *src_str, - data_t *expected_output_str ) +void chacha20_crypt(data_t *key_str, + data_t *nonce_str, + int counter, + data_t *src_str, + data_t *expected_output_str) { unsigned char output[375]; mbedtls_chacha20_context ctx; - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( src_str->len == expected_output_str->len ); - TEST_ASSERT( key_str->len == 32U ); - TEST_ASSERT( nonce_str->len == 12U ); + TEST_ASSERT(src_str->len == expected_output_str->len); + TEST_ASSERT(key_str->len == 32U); + TEST_ASSERT(nonce_str->len == 12U); /* * Test the integrated API */ - TEST_ASSERT( mbedtls_chacha20_crypt( key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_crypt(key_str->x, nonce_str->x, counter, src_str->len, src_str->x, + output) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API */ - mbedtls_chacha20_init( &ctx ); + mbedtls_chacha20_init(&ctx); - TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_setkey(&ctx, key_str->x) == 0); - TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len, src_str->x, output ) == 0 ); + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len, src_str->x, output) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API again, piecewise @@ -52,17 +53,17 @@ void chacha20_crypt( data_t *key_str, /* Don't free/init the context nor set the key again, * in order to test that starts() does the right thing. */ - TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_starts(&ctx, nonce_str->x, counter) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str->x, output ) == 0 ); - TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len - 1, - src_str->x + 1, output + 1 ) == 0 ); + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, 1, src_str->x, output) == 0); + TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len - 1, + src_str->x + 1, output + 1) == 0); - ASSERT_COMPARE( output, expected_output_str->len, - expected_output_str->x, expected_output_str->len ); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); - mbedtls_chacha20_free( &ctx ); + mbedtls_chacha20_free(&ctx); } /* END_CASE */ @@ -74,37 +75,37 @@ void chacha20_bad_params() unsigned char src[1]; unsigned char dst[1]; uint32_t counter = 0; - size_t len = sizeof( src ); + size_t len = sizeof(src); mbedtls_chacha20_context ctx; - TEST_INVALID_PARAM( mbedtls_chacha20_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chacha20_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_setkey( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( NULL, nonce, counter ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_starts( &ctx, NULL, counter ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( NULL, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_update( &ctx, len, src, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( NULL, nonce, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, NULL, counter, 0, src, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, NULL, dst ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, - mbedtls_chacha20_crypt( key, nonce, counter, len, src, NULL ) ); + TEST_INVALID_PARAM(mbedtls_chacha20_init(NULL)); + TEST_VALID_PARAM(mbedtls_chacha20_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_setkey(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_setkey(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_starts(NULL, nonce, counter)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_starts(&ctx, NULL, counter)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(NULL, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(&ctx, len, NULL, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_update(&ctx, len, src, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(NULL, nonce, counter, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, NULL, counter, 0, src, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, nonce, counter, len, NULL, dst)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA, + mbedtls_chacha20_crypt(key, nonce, counter, len, src, NULL)); exit: return; @@ -115,6 +116,6 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void chacha20_self_test() { - TEST_ASSERT( mbedtls_chacha20_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_chacha20_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_chachapoly.function b/third_party/mbedtls/repo/tests/suites/test_suite_chachapoly.function index 96128e4ec35..906e3f5ade9 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_chachapoly.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_chachapoly.function @@ -8,61 +8,71 @@ */ /* BEGIN_CASE */ -void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str ) +void mbedtls_chachapoly_enc(data_t *key_str, + data_t *nonce_str, + data_t *aad_str, + data_t *input_str, + data_t *output_str, + data_t *mac_str) { unsigned char output[265]; unsigned char mac[16]; /* size set by the standard */ mbedtls_chachapoly_context ctx; - TEST_ASSERT( key_str->len == 32 ); - TEST_ASSERT( nonce_str->len == 12 ); - TEST_ASSERT( mac_str->len == 16 ); + TEST_ASSERT(key_str->len == 32); + TEST_ASSERT(nonce_str->len == 12); + TEST_ASSERT(mac_str->len == 16); - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0); - TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_str->len, nonce_str->x, - aad_str->x, aad_str->len, - input_str->x, output, mac ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_str->len, nonce_str->x, + aad_str->x, aad_str->len, + input_str->x, output, mac) == 0); - TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 ); - TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 ); + TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0); + TEST_ASSERT(memcmp(mac_str->x, mac, 16U) == 0); exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp ) +void mbedtls_chachapoly_dec(data_t *key_str, + data_t *nonce_str, + data_t *aad_str, + data_t *input_str, + data_t *output_str, + data_t *mac_str, + int ret_exp) { unsigned char output[265]; int ret; mbedtls_chachapoly_context ctx; - TEST_ASSERT( key_str->len == 32 ); - TEST_ASSERT( nonce_str->len == 12 ); - TEST_ASSERT( mac_str->len == 16 ); + TEST_ASSERT(key_str->len == 32); + TEST_ASSERT(nonce_str->len == 12); + TEST_ASSERT(mac_str->len == 16); - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key_str->x) == 0); - ret = mbedtls_chachapoly_auth_decrypt( &ctx, - input_str->len, nonce_str->x, - aad_str->x, aad_str->len, - mac_str->x, input_str->x, output ); + ret = mbedtls_chachapoly_auth_decrypt(&ctx, + input_str->len, nonce_str->x, + aad_str->x, aad_str->len, + mac_str->x, input_str->x, output); - TEST_ASSERT( ret == ret_exp ); - if( ret_exp == 0 ) - { - TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 ); + TEST_ASSERT(ret == ret_exp); + if (ret_exp == 0) { + TEST_ASSERT(memcmp(output_str->x, output, output_str->len) == 0); } exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ @@ -75,122 +85,122 @@ void chachapoly_bad_params() unsigned char input[1]; unsigned char output[1]; unsigned char mac[16]; - size_t input_len = sizeof( input ); - size_t aad_len = sizeof( aad ); + size_t input_len = sizeof(input); + size_t aad_len = sizeof(aad); mbedtls_chachapoly_context ctx; - memset( key, 0x00, sizeof( key ) ); - memset( nonce, 0x00, sizeof( nonce ) ); - memset( aad, 0x00, sizeof( aad ) ); - memset( input, 0x00, sizeof( input ) ); - memset( output, 0x00, sizeof( output ) ); - memset( mac, 0x00, sizeof( mac ) ); + memset(key, 0x00, sizeof(key)); + memset(nonce, 0x00, sizeof(nonce)); + memset(aad, 0x00, sizeof(aad)); + memset(input, 0x00, sizeof(input)); + memset(output, 0x00, sizeof(output)); + memset(mac, 0x00, sizeof(mac)); - TEST_INVALID_PARAM( mbedtls_chachapoly_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_chachapoly_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_chachapoly_init(NULL)); + TEST_VALID_PARAM(mbedtls_chachapoly_free(NULL)); /* setkey */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_setkey( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_setkey(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_setkey(&ctx, NULL)); /* encrypt_and_tag */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( NULL, - 0, nonce, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, NULL, - aad, 0, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - NULL, aad_len, - input, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - NULL, output, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - input_len, nonce, - aad, 0, - input, NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_encrypt_and_tag( &ctx, - 0, nonce, - aad, 0, - input, output, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(NULL, + 0, nonce, + aad, 0, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, NULL, + aad, 0, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, nonce, + NULL, aad_len, + input, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_len, nonce, + aad, 0, + NULL, output, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + input_len, nonce, + aad, 0, + input, NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_encrypt_and_tag(&ctx, + 0, nonce, + aad, 0, + input, output, NULL)); /* auth_decrypt */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( NULL, - 0, nonce, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, NULL, - aad, 0, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - NULL, aad_len, - mac, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - 0, nonce, - aad, 0, - NULL, input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_auth_decrypt( &ctx, - input_len, nonce, - aad, 0, - mac, input, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(NULL, + 0, nonce, + aad, 0, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, NULL, + aad, 0, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, nonce, + NULL, aad_len, + mac, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + 0, nonce, + aad, 0, + NULL, input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + input_len, nonce, + aad, 0, + mac, NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_auth_decrypt(&ctx, + input_len, nonce, + aad, 0, + mac, input, NULL)); /* starts */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( NULL, nonce, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_starts( &ctx, NULL, - MBEDTLS_CHACHAPOLY_ENCRYPT ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_starts(NULL, nonce, + MBEDTLS_CHACHAPOLY_ENCRYPT)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_starts(&ctx, NULL, + MBEDTLS_CHACHAPOLY_ENCRYPT)); /* update_aad */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( NULL, aad, - aad_len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update_aad( &ctx, NULL, - aad_len ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update_aad(NULL, aad, + aad_len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update_aad(&ctx, NULL, + aad_len)); /* update */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( NULL, input_len, - input, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - NULL, output ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_update( &ctx, input_len, - input, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(NULL, input_len, + input, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(&ctx, input_len, + NULL, output)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_update(&ctx, input_len, + input, NULL)); /* finish */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_chachapoly_finish( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_finish(NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_chachapoly_finish(&ctx, NULL)); exit: return; @@ -206,80 +216,80 @@ void chachapoly_state() unsigned char input[1]; unsigned char output[1]; unsigned char mac[16]; - size_t input_len = sizeof( input ); - size_t aad_len = sizeof( aad ); + size_t input_len = sizeof(input); + size_t aad_len = sizeof(aad); mbedtls_chachapoly_context ctx; - memset( key, 0x00, sizeof( key ) ); - memset( nonce, 0x00, sizeof( nonce ) ); - memset( aad, 0x00, sizeof( aad ) ); - memset( input, 0x00, sizeof( input ) ); - memset( output, 0x00, sizeof( output ) ); - memset( mac, 0x00, sizeof( mac ) ); + memset(key, 0x00, sizeof(key)); + memset(nonce, 0x00, sizeof(nonce)); + memset(aad, 0x00, sizeof(aad)); + memset(input, 0x00, sizeof(input)); + memset(output, 0x00, sizeof(output)); + memset(mac, 0x00, sizeof(mac)); /* Initial state: finish, update, update_aad forbidden */ - mbedtls_chachapoly_init( &ctx ); + mbedtls_chachapoly_init(&ctx); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Still initial state: finish, update, update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_setkey(&ctx, key) + == 0); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> finish OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == 0); /* After finish: update, update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> update* OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update( &ctx, input_len, input, output ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update(&ctx, input_len, input, output) + == 0); /* After update: update_aad forbidden */ - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == MBEDTLS_ERR_CHACHAPOLY_BAD_STATE); /* Starts -> update_aad* -> finish OK */ - TEST_ASSERT( mbedtls_chachapoly_starts( &ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_update_aad( &ctx, aad, aad_len ) - == 0 ); - TEST_ASSERT( mbedtls_chachapoly_finish( &ctx, mac ) - == 0 ); + TEST_ASSERT(mbedtls_chachapoly_starts(&ctx, nonce, MBEDTLS_CHACHAPOLY_ENCRYPT) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == 0); + TEST_ASSERT(mbedtls_chachapoly_update_aad(&ctx, aad, aad_len) + == 0); + TEST_ASSERT(mbedtls_chachapoly_finish(&ctx, mac) + == 0); exit: - mbedtls_chachapoly_free( &ctx ); + mbedtls_chachapoly_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void chachapoly_selftest() { - TEST_ASSERT( mbedtls_chachapoly_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_chachapoly_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aes.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aes.data index c8fbca290b0..78bb7cc4c05 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aes.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aes.data @@ -1703,195 +1703,195 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1 AES-128-CBC crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1 AES-128-CBC crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1 AES-128-CBC crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1 AES-128-CBC crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1 AES-128-CBC crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1 AES-128-CBC crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1 AES-128-CBC crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-CBC crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1 AES-192-CBC crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1 AES-192-CBC crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1 AES-192-CBC crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-CBC crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-CBC crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1 AES-256-CBC crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1 AES-256-CBC crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1 AES-256-CBC crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-CBC crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_MODE_CBC test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 AES-128-ECB crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1 AES-128-ECB crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1 AES-128-ECB crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1 AES-128-ECB crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1 AES-128-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-ECB crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1 AES-192-ECB crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1 AES-192-ECB crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1 AES-192-ECB crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-ECB crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1 AES-256-ECB crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1 AES-256-ECB crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1 AES-256-ECB crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 Cipher Corner Case behaviours diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aria.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aria.data index 2c50a21fc7b..79c0bf6bd31 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aria.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.aria.data @@ -1,3 +1,3 @@ Aria CBC Decrypt empty buffer -depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 dec_empty_buf:MBEDTLS_CIPHER_ARIA_128_CBC:0:0 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.blowfish.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.blowfish.data index a05a4e7b3e7..eb3a0c4bbe8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.blowfish.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.blowfish.data @@ -3,7 +3,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0 BLOWFISH Encrypt and decrypt 0 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1 BLOWFISH Encrypt and decrypt 1 byte [#1] @@ -19,7 +19,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1 BLOWFISH Encrypt and decrypt 8 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1 BLOWFISH Encrypt and decrypt 9 bytes [#1] @@ -31,7 +31,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1 BLOWFISH Encrypt and decrypt 16 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1 BLOWFISH Encrypt and decrypt 17 bytes [#1] @@ -43,7 +43,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1 BLOWFISH Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1 BLOWFISH Encrypt and decrypt 32 bytes [#2] @@ -55,7 +55,7 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1 BLOWFISH Encrypt and decrypt 48 bytes [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1 BLOWFISH Encrypt and decrypt 49 bytes [#1] @@ -63,247 +63,247 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1 BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN BLOWFISH Encrypt and decrypt 0 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 1 byte with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 2 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 7 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 8 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 9 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 15 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 16 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 17 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 31 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 47 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 48 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 49 bytes with zeros padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS BLOWFISH Encrypt and decrypt 0 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE BLOWFISH Encrypt and decrypt 8 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE BLOWFISH Encrypt and decrypt 16 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE BLOWFISH Encrypt and decrypt 32 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE BLOWFISH Encrypt and decrypt 48 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE BLOWFISH Try encrypting 1 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 2 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 7 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 9 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 15 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 17 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 31 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 33 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 47 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Try encrypting 49 bytes with no padding -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0 BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1] @@ -319,15 +319,15 @@ depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16 BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1] -depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8 BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1] diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.camellia.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.camellia.data index 3e7bffa45b2..d7401a1d52e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.camellia.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.camellia.data @@ -67,183 +67,183 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:-1 CAMELLIA Encrypt and decrypt 0 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 1 byte with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 2 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 7 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 8 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 9 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 15 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 16 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 17 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 31 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#1] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 32 bytes with one and zeros padding [#2] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 47 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 48 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 49 bytes with one and zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS CAMELLIA Encrypt and decrypt 0 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 1 byte with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 2 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 7 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 8 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 9 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 15 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 16 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 17 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 31 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#1] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 32 bytes with zeros and len padding [#2] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 47 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 48 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 49 bytes with zeros and len padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN CAMELLIA Encrypt and decrypt 0 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 1 byte with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 2 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 7 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 8 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 9 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 15 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 16 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 17 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 31 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#1] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 32 bytes with zeros padding [#2] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 47 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 48 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 49 bytes with zeros padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_ZEROS CAMELLIA Encrypt and decrypt 0 bytes with no padding diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.ccm.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.ccm.data index 79725008ffe..3be5098eef8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.ccm.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.ccm.data @@ -479,385 +479,385 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":0 AES-128-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":1 AES-128-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":1 AES-128-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":1 AES-128-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":1 AES-128-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":1 AES-128-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":1 AES-128-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":1 AES-128-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":1 AES-128-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-128-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":1 AES-128-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-128-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":1 AES-128-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-128-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":1 AES-128-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-128-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":1 AES-128-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":1 AES-128-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":1 AES-128-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":1 AES-128-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":1 AES-128-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":1 AES-128-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":1 AES-128-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":1 AES-128-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":1 AES-128-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-128-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":1 AES-128-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-128-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":1 AES-128-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-128-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":1 AES-128-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-128-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1 AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1 AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1 AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1 AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1 AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1 AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1 AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1 AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1 AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1 AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1 AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1 AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1 AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1 AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1 AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1 AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1 AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1 AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1 AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1 AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1 AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1 AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1 AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1 AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1 AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1 AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1 AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1 AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1 AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1 AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1 AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1 AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1 AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1 AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1 AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1 AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1 AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1 AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1 AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1 AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1 AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1 AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1 AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1 AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1 AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1 AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1 AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1 AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chacha20.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chacha20.data index 11de1038af2..11bbfa231d3 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chacha20.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chacha20.data @@ -1,3 +1,7 @@ +Decrypt empty buffer +depends_on:MBEDTLS_CHACHAPOLY_C +dec_empty_buf:MBEDTLS_CIPHER_CHACHA20:0:0 + Chacha20 RFC 7539 Test Vector #1 depends_on:MBEDTLS_CHACHA20_C decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20:-1:"0000000000000000000000000000000000000000000000000000000000000000":"000000000000000000000000":"76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":"":"":0:0 @@ -109,3 +113,23 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:6:16:-1:6:16:6:16 ChaCha20 Encrypt and decrypt 32 bytes in multiple parts depends_on:MBEDTLS_CHACHA20_C enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20:256:16:16:-1:16:16:16:16 + +ChaCha20 IV Length 0 +depends_on:MBEDTLS_CHACHA20_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20 IV Length 11 +depends_on:MBEDTLS_CHACHA20_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":11:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20 IV Length 12 +depends_on:MBEDTLS_CHACHA20_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":12:0 + +ChaCha20 IV Length 13 +depends_on:MBEDTLS_CHACHA20_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":13:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20 IV Length 16 +depends_on:MBEDTLS_CHACHA20_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20:"CHACHA20":16:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chachapoly.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chachapoly.data index 8c246adb401..df789179257 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chachapoly.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.chachapoly.data @@ -121,3 +121,23 @@ auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0 Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming) depends_on:MBEDTLS_CHACHAPOLY_C decrypt_test_vec:MBEDTLS_CIPHER_CHACHA20_POLY1305:-1:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":"f33388860000000000004e91":"eead9d67890cbb22392336fea1851f38":0:0 + +ChaCha20+Poly1305 IV Length 0 +depends_on:MBEDTLS_CHACHAPOLY_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20+Poly1305 IV Length 11 +depends_on:MBEDTLS_CHACHAPOLY_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":11:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20+Poly1305 IV Length 12 +depends_on:MBEDTLS_CHACHAPOLY_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":12:0 + +ChaCha20+Poly1305 IV Length 13 +depends_on:MBEDTLS_CHACHAPOLY_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":13:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +ChaCha20+Poly1305 IV Length 16 +depends_on:MBEDTLS_CHACHAPOLY_C +iv_len_validity:MBEDTLS_CIPHER_CHACHA20_POLY1305:"CHACHA20-POLY1305":16:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.des.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.des.data index 9410262e685..77f7515b949 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.des.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.des.data @@ -71,243 +71,243 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:-1 DES Encrypt and decrypt 0 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 1 byte with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 2 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 7 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 8 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 9 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 15 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 16 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 17 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 31 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 32 bytes with one and zeros padding [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 32 bytes with one and zeros padding [#2] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 47 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 48 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 49 bytes with one and zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ONE_AND_ZEROS DES Encrypt and decrypt 0 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 1 byte with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 2 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 7 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 8 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 9 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 15 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 16 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 17 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 31 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 32 bytes with zeros and len padding [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 32 bytes with zeros and len padding [#2] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 47 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 48 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 49 bytes with zeros and len padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS_AND_LEN DES Encrypt and decrypt 0 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 1 byte with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 2 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 7 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 8 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 9 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 15 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 16 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 17 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 31 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 32 bytes with zeros padding [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 32 bytes with zeros padding [#2] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 47 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 48 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 49 bytes with zeros padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ZEROS enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_ZEROS DES Encrypt and decrypt 0 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_NONE DES Encrypt and decrypt 8 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_NONE DES Encrypt and decrypt 16 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_NONE DES Encrypt and decrypt 32 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_NONE DES Encrypt and decrypt 48 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_NONE DES Try encrypting 1 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 2 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 7 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 9 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 15 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 17 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 31 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 33 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 47 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Try encrypting 49 bytes with no padding -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED DES Encrypt and decrypt 0 bytes in multiple parts diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.function b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.function index b0b1629a82a..9235e3db6a5 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.function @@ -1,9 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/cipher.h" - -#if defined(MBEDTLS_AES_C) #include "mbedtls/aes.h" -#endif #if defined(MBEDTLS_GCM_C) #include "mbedtls/gcm.h" @@ -23,35 +20,33 @@ * individual ciphers, and it doesn't work with the PSA wrappers. So don't do * it, and instead start with a fresh context. */ -static int cipher_reset_key( mbedtls_cipher_context_t *ctx, int cipher_id, - int use_psa, size_t tag_len, const data_t *key, int direction ) +static int cipher_reset_key(mbedtls_cipher_context_t *ctx, int cipher_id, + int use_psa, size_t tag_len, const data_t *key, int direction) { - mbedtls_cipher_free( ctx ); - mbedtls_cipher_init( ctx ); + mbedtls_cipher_free(ctx); + mbedtls_cipher_init(ctx); #if !defined(MBEDTLS_USE_PSA_CRYPTO) (void) use_psa; (void) tag_len; #else - if( use_psa == 1 ) - { - TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( ctx, - mbedtls_cipher_info_from_type( cipher_id ), - tag_len ) ); - } - else + if (use_psa == 1) { + TEST_ASSERT(0 == mbedtls_cipher_setup_psa(ctx, + mbedtls_cipher_info_from_type(cipher_id), + tag_len)); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { - TEST_ASSERT( 0 == mbedtls_cipher_setup( ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(ctx, + mbedtls_cipher_info_from_type(cipher_id))); } - TEST_ASSERT( 0 == mbedtls_cipher_setkey( ctx, key->x, 8 * key->len, - direction ) ); - return( 1 ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(ctx, key->x, 8 * key->len, + direction)); + return 1; exit: - return( 0 ); + return 0; } /* @@ -59,11 +54,13 @@ exit: * return 1 if it is, * 0 if it isn't. */ -int buffer_is_all_zero( const uint8_t *buf, size_t size ) +int buffer_is_all_zero(const uint8_t *buf, size_t size) { - for( size_t i = 0; i < size; i++ ) - if( buf[i] != 0 ) + for (size_t i = 0; i < size; i++) { + if (buf[i] != 0) { return 0; + } + } return 1; } #endif /* MBEDTLS_CIPHER_AUTH_CRYPT */ @@ -76,17 +73,18 @@ int buffer_is_all_zero( const uint8_t *buf, size_t size ) */ /* BEGIN_CASE */ -void mbedtls_cipher_list( ) +void mbedtls_cipher_list() { const int *cipher_type; - for( cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++ ) - TEST_ASSERT( mbedtls_cipher_info_from_type( *cipher_type ) != NULL ); + for (cipher_type = mbedtls_cipher_list(); *cipher_type != 0; cipher_type++) { + TEST_ASSERT(mbedtls_cipher_info_from_type(*cipher_type) != NULL); + } } /* END_CASE */ /* BEGIN_CASE */ -void cipher_invalid_param_unconditional( ) +void cipher_invalid_param_unconditional() { mbedtls_cipher_context_t valid_ctx; mbedtls_cipher_context_t invalid_ctx; @@ -96,120 +94,120 @@ void cipher_invalid_param_unconditional( ) int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( - *( mbedtls_cipher_list() ) ); + *(mbedtls_cipher_list())); size_t size_t_var; - (void)valid_mode; /* In some configurations this is unused */ + (void) valid_mode; /* In some configurations this is unused */ - mbedtls_cipher_init( &valid_ctx ); - mbedtls_cipher_init( &invalid_ctx ); + mbedtls_cipher_init(&valid_ctx); + mbedtls_cipher_init(&invalid_ctx); - TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, valid_info) == 0); /* mbedtls_cipher_setup() */ - TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_get_block_size() */ - TEST_ASSERT( mbedtls_cipher_get_block_size( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_block_size(&invalid_ctx) == 0); /* mbedtls_cipher_get_cipher_mode() */ - TEST_ASSERT( mbedtls_cipher_get_cipher_mode( &invalid_ctx ) == - MBEDTLS_MODE_NONE ); + TEST_ASSERT(mbedtls_cipher_get_cipher_mode(&invalid_ctx) == + MBEDTLS_MODE_NONE); /* mbedtls_cipher_get_iv_size() */ - TEST_ASSERT( mbedtls_cipher_get_iv_size( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_iv_size(&invalid_ctx) == 0); /* mbedtls_cipher_get_type() */ TEST_ASSERT( - mbedtls_cipher_get_type( &invalid_ctx ) == + mbedtls_cipher_get_type(&invalid_ctx) == MBEDTLS_CIPHER_NONE); /* mbedtls_cipher_get_name() */ - TEST_ASSERT( mbedtls_cipher_get_name( &invalid_ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_get_name(&invalid_ctx) == 0); /* mbedtls_cipher_get_key_bitlen() */ - TEST_ASSERT( mbedtls_cipher_get_key_bitlen( &invalid_ctx ) == - MBEDTLS_KEY_LENGTH_NONE ); + TEST_ASSERT(mbedtls_cipher_get_key_bitlen(&invalid_ctx) == + MBEDTLS_KEY_LENGTH_NONE); /* mbedtls_cipher_get_operation() */ - TEST_ASSERT( mbedtls_cipher_get_operation( &invalid_ctx ) == - MBEDTLS_OPERATION_NONE ); + TEST_ASSERT(mbedtls_cipher_get_operation(&invalid_ctx) == + MBEDTLS_OPERATION_NONE); /* mbedtls_cipher_setkey() */ TEST_ASSERT( - mbedtls_cipher_setkey( &invalid_ctx, - valid_buffer, - valid_bitlen, - valid_operation ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_setkey(&invalid_ctx, + valid_buffer, + valid_bitlen, + valid_operation) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_set_iv() */ TEST_ASSERT( - mbedtls_cipher_set_iv( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_set_iv(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_reset() */ - TEST_ASSERT( mbedtls_cipher_reset( &invalid_ctx ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_reset(&invalid_ctx) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_update_ad() */ TEST_ASSERT( - mbedtls_cipher_update_ad( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_update_ad(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* mbedtls_cipher_set_padding_mode() */ - TEST_ASSERT( mbedtls_cipher_set_padding_mode( &invalid_ctx, valid_mode ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_set_padding_mode(&invalid_ctx, valid_mode) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* mbedtls_cipher_update() */ TEST_ASSERT( - mbedtls_cipher_update( &invalid_ctx, - valid_buffer, - valid_size, - valid_buffer, - &size_t_var ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_update(&invalid_ctx, + valid_buffer, + valid_size, + valid_buffer, + &size_t_var) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_finish() */ TEST_ASSERT( - mbedtls_cipher_finish( &invalid_ctx, - valid_buffer, - &size_t_var ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_finish(&invalid_ctx, + valid_buffer, + &size_t_var) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_write_tag() */ TEST_ASSERT( - mbedtls_cipher_write_tag( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_write_tag(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); /* mbedtls_cipher_check_tag() */ TEST_ASSERT( - mbedtls_cipher_check_tag( &invalid_ctx, - valid_buffer, - valid_size ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + mbedtls_cipher_check_tag(&invalid_ctx, + valid_buffer, + valid_size) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ exit: - mbedtls_cipher_free( &invalid_ctx ); - mbedtls_cipher_free( &valid_ctx ); + mbedtls_cipher_free(&invalid_ctx); + mbedtls_cipher_free(&valid_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void cipher_invalid_param_conditional( ) +void cipher_invalid_param_conditional() { mbedtls_cipher_context_t valid_ctx; @@ -220,490 +218,490 @@ void cipher_invalid_param_conditional( ) int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( - *( mbedtls_cipher_list() ) ); + *(mbedtls_cipher_list())); size_t size_t_var; - (void)valid_mode; /* In some configurations this is unused */ + (void) valid_mode; /* In some configurations this is unused */ /* mbedtls_cipher_init() */ - TEST_VALID_PARAM( mbedtls_cipher_init( &valid_ctx ) ); - TEST_INVALID_PARAM( mbedtls_cipher_init( NULL ) ); + TEST_VALID_PARAM(mbedtls_cipher_init(&valid_ctx)); + TEST_INVALID_PARAM(mbedtls_cipher_init(NULL)); /* mbedtls_cipher_setup() */ - TEST_VALID_PARAM( mbedtls_cipher_setup( &valid_ctx, valid_info ) ); + TEST_VALID_PARAM(mbedtls_cipher_setup(&valid_ctx, valid_info)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setup( NULL, valid_info ) ); + mbedtls_cipher_setup(NULL, valid_info)); /* mbedtls_cipher_get_block_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_block_size( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_block_size(NULL)); /* mbedtls_cipher_get_cipher_mode() */ TEST_INVALID_PARAM_RET( MBEDTLS_MODE_NONE, - mbedtls_cipher_get_cipher_mode( NULL ) ); + mbedtls_cipher_get_cipher_mode(NULL)); /* mbedtls_cipher_get_iv_size() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_iv_size( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_iv_size(NULL)); /* mbedtls_cipher_get_type() */ TEST_INVALID_PARAM_RET( MBEDTLS_CIPHER_NONE, - mbedtls_cipher_get_type( NULL ) ); + mbedtls_cipher_get_type(NULL)); /* mbedtls_cipher_get_name() */ - TEST_INVALID_PARAM_RET( 0, mbedtls_cipher_get_name( NULL ) ); + TEST_INVALID_PARAM_RET(0, mbedtls_cipher_get_name(NULL)); /* mbedtls_cipher_get_key_bitlen() */ TEST_INVALID_PARAM_RET( MBEDTLS_KEY_LENGTH_NONE, - mbedtls_cipher_get_key_bitlen( NULL ) ); + mbedtls_cipher_get_key_bitlen(NULL)); /* mbedtls_cipher_get_operation() */ TEST_INVALID_PARAM_RET( MBEDTLS_OPERATION_NONE, - mbedtls_cipher_get_operation( NULL ) ); + mbedtls_cipher_get_operation(NULL)); /* mbedtls_cipher_setkey() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( NULL, - valid_buffer, - valid_bitlen, - valid_operation ) ); + mbedtls_cipher_setkey(NULL, + valid_buffer, + valid_bitlen, + valid_operation)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( &valid_ctx, - NULL, - valid_bitlen, - valid_operation ) ); + mbedtls_cipher_setkey(&valid_ctx, + NULL, + valid_bitlen, + valid_operation)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_setkey( &valid_ctx, - valid_buffer, - valid_bitlen, - invalid_operation ) ); + mbedtls_cipher_setkey(&valid_ctx, + valid_buffer, + valid_bitlen, + invalid_operation)); /* mbedtls_cipher_set_iv() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_set_iv(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_iv( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_set_iv(&valid_ctx, + NULL, + valid_size)); /* mbedtls_cipher_reset() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_reset( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_cipher_reset(NULL)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_update_ad() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_update_ad(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update_ad( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_update_ad(&valid_ctx, + NULL, + valid_size)); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* mbedtls_cipher_set_padding_mode() */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_set_padding_mode( NULL, valid_mode ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_cipher_set_padding_mode(NULL, valid_mode)); #endif /* mbedtls_cipher_update() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( NULL, - valid_buffer, - valid_size, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_update(NULL, + valid_buffer, + valid_size, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - NULL, valid_size, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_update(&valid_ctx, + NULL, valid_size, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - NULL, - &size_t_var ) ); + mbedtls_cipher_update(&valid_ctx, + valid_buffer, valid_size, + NULL, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_update( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, - NULL ) ); + mbedtls_cipher_update(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, + NULL)); /* mbedtls_cipher_finish() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( NULL, - valid_buffer, - &size_t_var ) ); + mbedtls_cipher_finish(NULL, + valid_buffer, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - NULL, - &size_t_var ) ); + mbedtls_cipher_finish(&valid_ctx, + NULL, + &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_finish( &valid_ctx, - valid_buffer, - NULL ) ); + mbedtls_cipher_finish(&valid_ctx, + valid_buffer, + NULL)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* mbedtls_cipher_write_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_write_tag(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_write_tag( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_write_tag(&valid_ctx, + NULL, + valid_size)); /* mbedtls_cipher_check_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( NULL, - valid_buffer, - valid_size ) ); + mbedtls_cipher_check_tag(NULL, + valid_buffer, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_check_tag( &valid_ctx, - NULL, - valid_size ) ); + mbedtls_cipher_check_tag(&valid_ctx, + NULL, + valid_size)); #endif /* defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) */ /* mbedtls_cipher_crypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_crypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL ) ); + mbedtls_cipher_crypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL)); #if defined(MBEDTLS_CIPHER_MODE_AEAD) /* mbedtls_cipher_auth_encrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); + mbedtls_cipher_auth_encrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + NULL, valid_size)); /* mbedtls_cipher_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, &size_t_var, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, &size_t_var, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, NULL, - valid_buffer, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, NULL, + valid_buffer, valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, &size_t_var, - NULL, valid_size ) ); + mbedtls_cipher_auth_decrypt(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, &size_t_var, + NULL, valid_size)); #endif /* defined(MBEDTLS_CIPHER_MODE_AEAD) */ #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* mbedtls_cipher_auth_encrypt_ext */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_encrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); + mbedtls_cipher_auth_encrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, NULL, + valid_size)); /* mbedtls_cipher_auth_decrypt_ext */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( NULL, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(NULL, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, - valid_buffer, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, + valid_buffer, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - NULL, valid_size, &size_t_var, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + NULL, valid_size, &size_t_var, + valid_size)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, - mbedtls_cipher_auth_decrypt_ext( &valid_ctx, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, - valid_buffer, valid_size, NULL, - valid_size ) ); + mbedtls_cipher_auth_decrypt_ext(&valid_ctx, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, + valid_buffer, valid_size, NULL, + valid_size)); #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ /* mbedtls_cipher_free() */ - TEST_VALID_PARAM( mbedtls_cipher_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_cipher_free(NULL)); exit: - TEST_VALID_PARAM( mbedtls_cipher_free( &valid_ctx ) ); + TEST_VALID_PARAM(mbedtls_cipher_free(&valid_ctx)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void cipher_special_behaviours( ) +void cipher_special_behaviours() { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; unsigned char input[32]; unsigned char output[32]; -#if defined (MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_CIPHER_MODE_CBC) unsigned char iv[32]; #endif size_t olen = 0; - mbedtls_cipher_init( &ctx ); - memset( input, 0, sizeof( input ) ); - memset( output, 0, sizeof( output ) ); + mbedtls_cipher_init(&ctx); + memset(input, 0, sizeof(input)); + memset(output, 0, sizeof(output)); #if defined(MBEDTLS_CIPHER_MODE_CBC) - memset( iv, 0, sizeof( iv ) ); + memset(iv, 0, sizeof(iv)); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_CBC ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_CBC); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); /* IV too big */ - TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1 ) - == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); + TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, MBEDTLS_MAX_IV_LENGTH + 1) + == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); /* IV too small */ - TEST_ASSERT( mbedtls_cipher_set_iv( &ctx, iv, 0 ) - == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_cipher_set_iv(&ctx, iv, 0) + == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - mbedtls_cipher_free( &ctx ); - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_free(&ctx); + mbedtls_cipher_init(&ctx); #endif /* MBEDTLS_CIPHER_MODE_CBC */ - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); /* Update ECB with partial block */ - TEST_ASSERT( mbedtls_cipher_update( &ctx, input, 1, output, &olen ) - == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED ); + TEST_ASSERT(mbedtls_cipher_update(&ctx, input, 1, output, &olen) + == MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, - int length_val, int pad_mode ) +void enc_dec_buf(int cipher_id, char *cipher_string, int key_len, + int length_val, int pad_mode) { - size_t length = length_val, outlen, total_len, i, block_size; + size_t length = length_val, outlen, total_len, i, block_size, iv_len; unsigned char key[64]; unsigned char iv[16]; unsigned char ad[13]; @@ -719,28 +717,27 @@ void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, /* * Prepare contexts */ - mbedtls_cipher_init( &ctx_dec ); - mbedtls_cipher_init( &ctx_enc ); + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); - memset( key, 0x2a, sizeof( key ) ); + memset(key, 0x2a, sizeof(key)); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); - TEST_ASSERT( mbedtls_cipher_info_from_string( cipher_string ) == cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info); /* Initialise enc and dec contexts */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( -1 != pad_mode ) - { - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); + if (-1 != pad_mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode)); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode)); } #else (void) pad_mode; @@ -749,84 +746,90 @@ void enc_dec_buf( int cipher_id, char * cipher_string, int key_len, /* * Do a few encode/decode cycles */ - for( i = 0; i < 3; i++ ) - { - memset( iv , 0x00 + i, sizeof( iv ) ); - memset( ad, 0x10 + i, sizeof( ad ) ); - memset( inbuf, 0x20 + i, sizeof( inbuf ) ); - - memset( encbuf, 0, sizeof( encbuf ) ); - memset( decbuf, 0, sizeof( decbuf ) ); - memset( tag, 0, sizeof( tag ) ); + for (i = 0; i < 3; i++) { + memset(iv, 0x00 + i, sizeof(iv)); + memset(ad, 0x10 + i, sizeof(ad)); + memset(inbuf, 0x20 + i, sizeof(inbuf)); + + memset(encbuf, 0, sizeof(encbuf)); + memset(decbuf, 0, sizeof(decbuf)); + memset(tag, 0, sizeof(tag)); + + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + iv_len = 12; + } else { + iv_len = sizeof(iv); + } - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, sizeof( iv ) ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, sizeof( iv ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, ad, sizeof( ad ) - i ) ); - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, ad, sizeof( ad ) - i ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, ad, sizeof(ad) - i)); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, ad, sizeof(ad) - i)); #endif - block_size = mbedtls_cipher_get_block_size( &ctx_enc ); - TEST_ASSERT( block_size != 0 ); + block_size = mbedtls_cipher_get_block_size(&ctx_enc); + TEST_ASSERT(block_size != 0); - /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, length, encbuf, &outlen ) ); - total_len = outlen; + /* encode length number of bytes from inbuf */ + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, length, encbuf, &outlen)); + total_len = outlen; - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len < length && - total_len + block_size > length ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len < length && + total_len + block_size > length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + outlen, &outlen ) ); - total_len += outlen; + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + outlen, &outlen)); + total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_write_tag( &ctx_enc, tag, sizeof( tag ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_write_tag(&ctx_enc, tag, sizeof(tag))); #endif - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len > length && - total_len <= length + block_size ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len > length && + total_len <= length + block_size)); - /* decode the previously encoded string */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, total_len, decbuf, &outlen ) ); - total_len = outlen; + /* decode the previously encoded string */ + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, total_len, decbuf, &outlen)); + total_len = outlen; - TEST_ASSERT( total_len == length || - ( total_len % block_size == 0 && - total_len < length && - total_len + block_size >= length ) ); + TEST_ASSERT(total_len == length || + (total_len % block_size == 0 && + total_len < length && + total_len + block_size >= length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + outlen, &outlen ) ); - total_len += outlen; + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + outlen, &outlen)); + total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_check_tag( &ctx_dec, tag, sizeof( tag ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_check_tag(&ctx_dec, tag, sizeof(tag))); #endif - /* check result */ - TEST_ASSERT( total_len == length ); - TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); + /* check result */ + TEST_ASSERT(total_len == length); + TEST_ASSERT(0 == memcmp(inbuf, decbuf, length)); } /* * Done */ exit: - mbedtls_cipher_free( &ctx_dec ); - mbedtls_cipher_free( &ctx_enc ); + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ /* BEGIN_CASE */ -void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val, - int ret ) +void enc_fail(int cipher_id, int pad_mode, int key_len, int length_val, + int ret) { size_t length = length_val; unsigned char key[32]; @@ -840,49 +843,50 @@ void enc_fail( int cipher_id, int pad_mode, int key_len, int length_val, size_t outlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( inbuf, 5, 64 ); - memset( encbuf, 0, 64 ); + memset(inbuf, 5, 64); + memset(encbuf, 0, 64); /* Check and get info structures */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); /* Initialise context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv, 16 ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv, 16)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, NULL, 0)); #endif /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, inbuf, length, encbuf, &outlen ) ); - TEST_ASSERT( ret == mbedtls_cipher_finish( &ctx, encbuf + outlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, inbuf, length, encbuf, &outlen)); + TEST_ASSERT(ret == mbedtls_cipher_finish(&ctx, encbuf + outlen, &outlen)); /* done */ exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void dec_empty_buf( int cipher, - int expected_update_ret, - int expected_finish_ret ) +void dec_empty_buf(int cipher, + int expected_update_ret, + int expected_finish_ret) { unsigned char key[32]; unsigned char iv[16]; + size_t iv_len = sizeof(iv); mbedtls_cipher_context_t ctx_dec; const mbedtls_cipher_info_t *cipher_info; @@ -892,42 +896,47 @@ void dec_empty_buf( int cipher, size_t outlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx_dec ); + mbedtls_cipher_init(&ctx_dec); - memset( encbuf, 0, 64 ); - memset( decbuf, 0, 64 ); + memset(encbuf, 0, 64); + memset(decbuf, 0, 64); /* Initialise context */ - cipher_info = mbedtls_cipher_info_from_type( cipher ); - TEST_ASSERT( NULL != cipher_info); - TEST_ASSERT( sizeof(key) * 8 >= cipher_info->key_bitlen ); + cipher_info = mbedtls_cipher_info_from_type(cipher); + TEST_ASSERT(NULL != cipher_info); + + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + iv_len = 12; + } + + TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, - key, cipher_info->key_bitlen, - MBEDTLS_DECRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, + key, cipher_info->key_bitlen, + MBEDTLS_DECRYPT)); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0)); #endif /* decode 0-byte string */ - TEST_ASSERT( expected_update_ret == - mbedtls_cipher_update( &ctx_dec, encbuf, 0, decbuf, &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(expected_update_ret == + mbedtls_cipher_update(&ctx_dec, encbuf, 0, decbuf, &outlen)); + TEST_ASSERT(0 == outlen); - if ( expected_finish_ret == 0 && - ( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_ECB ) ) - { + if (expected_finish_ret == 0 && + (cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_ECB)) { /* Non-CBC and non-ECB ciphers are OK with decrypting empty buffers and * return success, not MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED, when * decrypting an empty buffer. @@ -936,25 +945,25 @@ void dec_empty_buf( int cipher, expected_finish_ret = MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } - TEST_ASSERT( expected_finish_ret == mbedtls_cipher_finish( - &ctx_dec, decbuf + outlen, &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(expected_finish_ret == mbedtls_cipher_finish( + &ctx_dec, decbuf + outlen, &outlen)); + TEST_ASSERT(0 == outlen); exit: - mbedtls_cipher_free( &ctx_dec ); + mbedtls_cipher_free(&ctx_dec); } /* END_CASE */ /* BEGIN_CASE */ -void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, - int second_length_val, int pad_mode, - int first_encrypt_output_len, int second_encrypt_output_len, - int first_decrypt_output_len, int second_decrypt_output_len ) +void enc_dec_buf_multipart(int cipher_id, int key_len, int first_length_val, + int second_length_val, int pad_mode, + int first_encrypt_output_len, int second_encrypt_output_len, + int first_decrypt_output_len, int second_decrypt_output_len) { size_t first_length = first_length_val; size_t second_length = second_length_val; size_t length = first_length + second_length; - size_t block_size; + size_t block_size, iv_len; unsigned char key[32]; unsigned char iv[16]; @@ -969,109 +978,121 @@ void enc_dec_buf_multipart( int cipher_id, int key_len, int first_length_val, size_t outlen = 0; size_t totaloutlen = 0; - memset( key, 0, 32 ); - memset( iv , 0, 16 ); + memset(key, 0, 32); + memset(iv, 0, 16); - mbedtls_cipher_init( &ctx_dec ); - mbedtls_cipher_init( &ctx_enc ); + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); - memset( inbuf, 5, 64 ); - memset( encbuf, 0, 64 ); - memset( decbuf, 0, 64 ); + memset(inbuf, 5, 64); + memset(encbuf, 0, 64); + memset(decbuf, 0, 64); /* Initialise enc and dec contexts */ - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_dec, cipher_info ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx_enc, cipher_info ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_dec, key, key_len, MBEDTLS_DECRYPT ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx_enc, key, key_len, MBEDTLS_ENCRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, key, key_len, MBEDTLS_DECRYPT)); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_enc, key, key_len, MBEDTLS_ENCRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( -1 != pad_mode ) - { - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_dec, pad_mode ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx_enc, pad_mode ) ); + if (-1 != pad_mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, pad_mode)); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_enc, pad_mode)); } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_dec, iv, 16 ) ); - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx_enc, iv, 16 ) ); + if (cipher_info->type == MBEDTLS_CIPHER_CHACHA20 || + cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + iv_len = 12; + } else { + iv_len = sizeof(iv); + } + + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_dec ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx_enc ) ); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_enc)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_dec, NULL, 0 ) ); - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx_enc, NULL, 0 ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_dec, NULL, 0)); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx_enc, NULL, 0)); #endif - block_size = mbedtls_cipher_get_block_size( &ctx_enc ); - TEST_ASSERT( block_size != 0 ); + block_size = mbedtls_cipher_get_block_size(&ctx_enc); + TEST_ASSERT(block_size != 0); /* encode length number of bytes from inbuf */ - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf, first_length, encbuf, &outlen ) ); - TEST_ASSERT( (size_t)first_encrypt_output_len == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_enc, inbuf, first_length, encbuf, &outlen)); + TEST_ASSERT((size_t) first_encrypt_output_len == outlen); totaloutlen = outlen; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_enc, inbuf + first_length, second_length, encbuf + totaloutlen, &outlen ) ); - TEST_ASSERT( (size_t)second_encrypt_output_len == outlen ); + TEST_ASSERT(0 == + mbedtls_cipher_update(&ctx_enc, inbuf + first_length, second_length, + encbuf + totaloutlen, + &outlen)); + TEST_ASSERT((size_t) second_encrypt_output_len == outlen); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen < length && - totaloutlen + block_size > length ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen < length && + totaloutlen + block_size > length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_enc, encbuf + totaloutlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_enc, encbuf + totaloutlen, &outlen)); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen > length && - totaloutlen <= length + block_size ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen > length && + totaloutlen <= length + block_size)); /* decode the previously encoded string */ second_length = totaloutlen - first_length; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf, first_length, decbuf, &outlen ) ); - TEST_ASSERT( (size_t)first_decrypt_output_len == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx_dec, encbuf, first_length, decbuf, &outlen)); + TEST_ASSERT((size_t) first_decrypt_output_len == outlen); totaloutlen = outlen; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx_dec, encbuf + first_length, second_length, decbuf + totaloutlen, &outlen ) ); - TEST_ASSERT( (size_t)second_decrypt_output_len == outlen ); + TEST_ASSERT(0 == + mbedtls_cipher_update(&ctx_dec, encbuf + first_length, second_length, + decbuf + totaloutlen, + &outlen)); + TEST_ASSERT((size_t) second_decrypt_output_len == outlen); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length || - ( totaloutlen % block_size == 0 && - totaloutlen < length && - totaloutlen + block_size >= length ) ); + TEST_ASSERT(totaloutlen == length || + (totaloutlen % block_size == 0 && + totaloutlen < length && + totaloutlen + block_size >= length)); - TEST_ASSERT( 0 == mbedtls_cipher_finish( &ctx_dec, decbuf + totaloutlen, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_finish(&ctx_dec, decbuf + totaloutlen, &outlen)); totaloutlen += outlen; - TEST_ASSERT( totaloutlen == length ); + TEST_ASSERT(totaloutlen == length); - TEST_ASSERT( 0 == memcmp(inbuf, decbuf, length) ); + TEST_ASSERT(0 == memcmp(inbuf, decbuf, length)); exit: - mbedtls_cipher_free( &ctx_dec ); - mbedtls_cipher_free( &ctx_enc ); + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ /* BEGIN_CASE */ -void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key, - data_t * iv, data_t * cipher, - data_t * clear, data_t * ad, data_t * tag, - int finish_result, int tag_result ) +void decrypt_test_vec(int cipher_id, int pad_mode, data_t *key, + data_t *iv, data_t *cipher, + data_t *clear, data_t *ad, data_t *tag, + int finish_result, int tag_result) { unsigned char output[265]; mbedtls_cipher_context_t ctx; size_t outlen, total_len; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); #if !defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CHACHAPOLY_C) ((void) ad); @@ -1079,48 +1100,48 @@ void decrypt_test_vec( int cipher_id, int pad_mode, data_t * key, #endif /* Prepare context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT)); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - if( pad_mode != -1 ) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + if (pad_mode != -1) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); + } #else (void) pad_mode; #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - TEST_ASSERT( 0 == mbedtls_cipher_set_iv( &ctx, iv->x, iv->len ) ); - TEST_ASSERT( 0 == mbedtls_cipher_reset( &ctx ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx, iv->x, iv->len)); + TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx)); #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( 0 == mbedtls_cipher_update_ad( &ctx, ad->x, ad->len ) ); + TEST_ASSERT(0 == mbedtls_cipher_update_ad(&ctx, ad->x, ad->len)); #endif /* decode buffer and check tag->x */ total_len = 0; - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, cipher->x, cipher->len, output, &outlen ) ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, cipher->x, cipher->len, output, &outlen)); total_len += outlen; - TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, - &outlen ) ); + TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen, + &outlen)); total_len += outlen; #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) - TEST_ASSERT( tag_result == mbedtls_cipher_check_tag( &ctx, tag->x, tag->len ) ); + TEST_ASSERT(tag_result == mbedtls_cipher_check_tag(&ctx, tag->x, tag->len)); #endif /* check plaintext only if everything went fine */ - if( 0 == finish_result && 0 == tag_result ) - { - TEST_ASSERT( total_len == clear->len ); - TEST_ASSERT( 0 == memcmp( output, clear->x, clear->len ) ); + if (0 == finish_result && 0 == tag_result) { + TEST_ASSERT(total_len == clear->len); + TEST_ASSERT(0 == memcmp(output, clear->x, clear->len)); } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */ -void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, - data_t * ad, data_t * cipher, data_t * tag, - char * result, data_t * clear, int use_psa ) +void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, + data_t *ad, data_t *cipher, data_t *tag, + char *result, data_t *clear, int use_psa) { /* * Take an AEAD ciphertext + tag and perform a pair @@ -1157,19 +1178,23 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* Null pointers are documented as valid for inputs of length 0. * The test framework passes non-null pointers, so set them to NULL. * key, cipher and tag can't be empty. */ - if( iv->len == 0 ) + if (iv->len == 0) { iv->x = NULL; - if( ad->len == 0 ) + } + if (ad->len == 0) { ad->x = NULL; - if( clear->len == 0 ) + } + if (clear->len == 0) { clear->x = NULL; + } - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Initialize PSA Crypto */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - PSA_ASSERT( psa_crypto_init( ) ); + if (use_psa == 1) { + PSA_ASSERT(psa_crypto_init()); + } #else (void) use_psa; #endif @@ -1194,125 +1219,121 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* * Prepare context for decryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_DECRYPT)) { goto exit; + } /* * prepare buffer for decryption * (we need the tag appended to the ciphertext) */ cipher_plus_tag_len = cipher->len + tag->len; - ASSERT_ALLOC( cipher_plus_tag, cipher_plus_tag_len ); - memcpy( cipher_plus_tag, cipher->x, cipher->len ); - memcpy( cipher_plus_tag + cipher->len, tag->x, tag->len ); + TEST_CALLOC(cipher_plus_tag, cipher_plus_tag_len); + memcpy(cipher_plus_tag, cipher->x, cipher->len); + memcpy(cipher_plus_tag + cipher->len, tag->x, tag->len); /* * Compute length of output buffer according to the documentation */ - if( using_nist_kw ) + if (using_nist_kw) { decrypt_buf_len = cipher_plus_tag_len - 8; - else + } else { decrypt_buf_len = cipher_plus_tag_len - tag->len; + } /* * Try decrypting to a buffer that's 1B too small */ - if( decrypt_buf_len != 0 ) - { - ASSERT_ALLOC( decrypt_buf, decrypt_buf_len - 1 ); + if (decrypt_buf_len != 0) { + TEST_CALLOC(decrypt_buf, decrypt_buf_len - 1); outlen = 0; - ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, - decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len ); - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, + decrypt_buf, decrypt_buf_len - 1, &outlen, tag->len); + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; } /* * Authenticate and decrypt, and check result */ - ASSERT_ALLOC( decrypt_buf, decrypt_buf_len ); + TEST_CALLOC(decrypt_buf, decrypt_buf_len); outlen = 0; - ret = mbedtls_cipher_auth_decrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, - decrypt_buf, decrypt_buf_len, &outlen, tag->len ); - - if( strcmp( result, "FAIL" ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, decrypt_buf_len ) ); - } - else - { - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); + ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, cipher_plus_tag, cipher_plus_tag_len, + decrypt_buf, decrypt_buf_len, &outlen, tag->len); + + if (strcmp(result, "FAIL") == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + TEST_ASSERT(buffer_is_all_zero(decrypt_buf, decrypt_buf_len)); + } else { + TEST_ASSERT(ret == 0); + TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len); } /* Free this, but keep cipher_plus_tag for deprecated function with PSA */ - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; /* * Encrypt back if test data was authentic */ - if( strcmp( result, "FAIL" ) != 0 ) - { + if (strcmp(result, "FAIL") != 0) { /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_ENCRYPT)) { goto exit; + } /* * Compute size of output buffer according to documentation */ - if( using_nist_kw ) - { + if (using_nist_kw) { encrypt_buf_len = clear->len + 8; - if( using_nist_kw_padding && encrypt_buf_len % 8 != 0 ) + if (using_nist_kw_padding && encrypt_buf_len % 8 != 0) { encrypt_buf_len += 8 - encrypt_buf_len % 8; - } - else - { + } + } else { encrypt_buf_len = clear->len + tag->len; } /* * Try encrypting with an output buffer that's 1B too small */ - ASSERT_ALLOC( encrypt_buf, encrypt_buf_len - 1 ); + TEST_CALLOC(encrypt_buf, encrypt_buf_len - 1); outlen = 0; - ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, clear->x, clear->len, - encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, clear->x, clear->len, + encrypt_buf, encrypt_buf_len - 1, &outlen, tag->len); + TEST_ASSERT(ret != 0); - mbedtls_free( encrypt_buf ); + mbedtls_free(encrypt_buf); encrypt_buf = NULL; /* * Encrypt and check the result */ - ASSERT_ALLOC( encrypt_buf, encrypt_buf_len ); + TEST_CALLOC(encrypt_buf, encrypt_buf_len); outlen = 0; - ret = mbedtls_cipher_auth_encrypt_ext( &ctx, iv->x, iv->len, - ad->x, ad->len, clear->x, clear->len, - encrypt_buf, encrypt_buf_len, &outlen, tag->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, + ad->x, ad->len, clear->x, clear->len, + encrypt_buf, encrypt_buf_len, &outlen, tag->len); + TEST_ASSERT(ret == 0); - TEST_ASSERT( outlen == cipher->len + tag->len ); - TEST_ASSERT( memcmp( encrypt_buf, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( encrypt_buf + cipher->len, - tag->x, tag->len ) == 0 ); + TEST_ASSERT(outlen == cipher->len + tag->len); + TEST_ASSERT(memcmp(encrypt_buf, cipher->x, cipher->len) == 0); + TEST_ASSERT(memcmp(encrypt_buf + cipher->len, + tag->x, tag->len) == 0); - mbedtls_free( encrypt_buf ); + mbedtls_free(encrypt_buf); encrypt_buf = NULL; } @@ -1328,22 +1349,21 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, /* * Prepare context for decryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_DECRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_DECRYPT)) { goto exit; + } /* * Prepare pointers for decryption */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - { + if (use_psa == 1) { /* PSA requires that the tag immediately follows the ciphertext. * Fortunately, we already have that from testing the new API. */ tmp_cipher = cipher_plus_tag; tmp_tag = tmp_cipher + cipher->len; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { tmp_cipher = cipher->x; @@ -1354,58 +1374,51 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * Authenticate and decrypt, and check result */ - ASSERT_ALLOC( decrypt_buf, cipher->len ); + TEST_CALLOC(decrypt_buf, cipher->len); outlen = 0; - ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - tmp_cipher, cipher->len, decrypt_buf, &outlen, - tmp_tag, tag->len ); + ret = mbedtls_cipher_auth_decrypt(&ctx, iv->x, iv->len, ad->x, ad->len, + tmp_cipher, cipher->len, decrypt_buf, &outlen, + tmp_tag, tag->len); - if( using_nist_kw ) - { + if (using_nist_kw) { /* NIST_KW with legacy API */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else if( strcmp( result, "FAIL" ) == 0 ) - { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); + } else if (strcmp(result, "FAIL") == 0) { /* unauthentic message */ - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - TEST_ASSERT( buffer_is_all_zero( decrypt_buf, cipher->len ) ); - } - else - { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + TEST_ASSERT(buffer_is_all_zero(decrypt_buf, cipher->len)); + } else { /* authentic message: is the plaintext correct? */ - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( decrypt_buf, outlen, clear->x, clear->len ); + TEST_ASSERT(ret == 0); + TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len); } - mbedtls_free( decrypt_buf ); + mbedtls_free(decrypt_buf); decrypt_buf = NULL; - mbedtls_free( cipher_plus_tag ); + mbedtls_free(cipher_plus_tag); cipher_plus_tag = NULL; /* * Encrypt back if test data was authentic */ - if( strcmp( result, "FAIL" ) != 0 ) - { + if (strcmp(result, "FAIL") != 0) { /* prepare context for encryption */ - if( ! cipher_reset_key( &ctx, cipher_id, use_psa, tag->len, key, - MBEDTLS_ENCRYPT ) ) + if (!cipher_reset_key(&ctx, cipher_id, use_psa, tag->len, key, + MBEDTLS_ENCRYPT)) { goto exit; + } /* prepare buffers for encryption */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa ) - { - ASSERT_ALLOC( cipher_plus_tag, cipher->len + tag->len ); + if (use_psa) { + TEST_CALLOC(cipher_plus_tag, cipher->len + tag->len); tmp_cipher = cipher_plus_tag; tmp_tag = cipher_plus_tag + cipher->len; - } - else + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { - ASSERT_ALLOC( encrypt_buf, cipher->len ); - ASSERT_ALLOC( tag_buf, tag->len ); + TEST_CALLOC(encrypt_buf, cipher->len); + TEST_CALLOC(tag_buf, tag->len); tmp_cipher = encrypt_buf; tmp_tag = tag_buf; } @@ -1414,22 +1427,20 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, * Encrypt and check the result */ outlen = 0; - ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len, - clear->x, clear->len, tmp_cipher, &outlen, - tmp_tag, tag->len ); - - if( using_nist_kw ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( outlen == cipher->len ); - if( cipher->len != 0 ) - TEST_ASSERT( memcmp( tmp_cipher, cipher->x, cipher->len ) == 0 ); - TEST_ASSERT( memcmp( tmp_tag, tag->x, tag->len ) == 0 ); + ret = mbedtls_cipher_auth_encrypt(&ctx, iv->x, iv->len, ad->x, ad->len, + clear->x, clear->len, tmp_cipher, &outlen, + tmp_tag, tag->len); + + if (using_nist_kw) { + TEST_ASSERT(ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE); + } else { + TEST_ASSERT(ret == 0); + + TEST_ASSERT(outlen == cipher->len); + if (cipher->len != 0) { + TEST_ASSERT(memcmp(tmp_cipher, cipher->x, cipher->len) == 0); + } + TEST_ASSERT(memcmp(tmp_tag, tag->x, tag->len) == 0); } } @@ -1437,145 +1448,186 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv, exit: - mbedtls_cipher_free( &ctx ); - mbedtls_free( decrypt_buf ); - mbedtls_free( encrypt_buf ); - mbedtls_free( cipher_plus_tag ); + mbedtls_cipher_free(&ctx); + mbedtls_free(decrypt_buf); + mbedtls_free(encrypt_buf); + mbedtls_free(cipher_plus_tag); #if !defined(MBEDTLS_DEPRECATED_WARNING) && \ !defined(MBEDTLS_DEPRECATED_REMOVED) - mbedtls_free( tag_buf ); + mbedtls_free(tag_buf); #endif /* !MBEDTLS_DEPRECATED_WARNING && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - if( use_psa == 1 ) - PSA_DONE( ); + if (use_psa == 1) { + PSA_DONE(); + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ } /* END_CASE */ /* BEGIN_CASE */ -void test_vec_ecb( int cipher_id, int operation, data_t * key, - data_t * input, data_t * result, int finish_result - ) +void test_vec_ecb(int cipher_id, int operation, data_t *key, + data_t *input, data_t *result, int finish_result + ) { mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); /* Prepare context */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation)); - TEST_ASSERT( 0 == mbedtls_cipher_update( &ctx, input->x, - mbedtls_cipher_get_block_size( &ctx ), - output, &outlen ) ); - TEST_ASSERT( outlen == mbedtls_cipher_get_block_size( &ctx ) ); - TEST_ASSERT( finish_result == mbedtls_cipher_finish( &ctx, output + outlen, - &outlen ) ); - TEST_ASSERT( 0 == outlen ); + TEST_ASSERT(0 == mbedtls_cipher_update(&ctx, input->x, + mbedtls_cipher_get_block_size(&ctx), + output, &outlen)); + TEST_ASSERT(outlen == mbedtls_cipher_get_block_size(&ctx)); + TEST_ASSERT(finish_result == mbedtls_cipher_finish(&ctx, output + outlen, + &outlen)); + TEST_ASSERT(0 == outlen); /* check plaintext only if everything went fine */ - if( 0 == finish_result ) - TEST_ASSERT( 0 == memcmp( output, result->x, - mbedtls_cipher_get_block_size( &ctx ) ) ); + if (0 == finish_result) { + TEST_ASSERT(0 == memcmp(output, result->x, + mbedtls_cipher_get_block_size(&ctx))); + } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ -void test_vec_crypt( int cipher_id, int operation, data_t *key, - data_t *iv, data_t *input, data_t *result, - int finish_result, int use_psa ) +void test_vec_crypt(int cipher_id, int operation, data_t *key, + data_t *iv, data_t *input, data_t *result, + int finish_result, int use_psa) { mbedtls_cipher_context_t ctx; unsigned char output[32]; size_t outlen; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - memset( output, 0x00, sizeof( output ) ); + memset(output, 0x00, sizeof(output)); /* Prepare context */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) (void) use_psa; #else - if( use_psa == 1 ) - { - PSA_ASSERT( psa_crypto_init( ) ); - TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx, - mbedtls_cipher_info_from_type( cipher_id ), 0 ) ); - } - else + if (use_psa == 1) { + PSA_ASSERT(psa_crypto_init()); + TEST_ASSERT(0 == mbedtls_cipher_setup_psa(&ctx, + mbedtls_cipher_info_from_type(cipher_id), 0)); + } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, - mbedtls_cipher_info_from_type( cipher_id ) ) ); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, + mbedtls_cipher_info_from_type(cipher_id))); - TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) ); - if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode ) - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) ); + TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx, key->x, 8 * key->len, operation)); + if (MBEDTLS_MODE_CBC == ctx.cipher_info->mode) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_NONE)); + } - TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL, - iv->len, input->x, input->len, - output, &outlen ) ); - TEST_ASSERT( result->len == outlen ); + TEST_ASSERT(finish_result == mbedtls_cipher_crypt(&ctx, iv->len ? iv->x : NULL, + iv->len, input->x, input->len, + output, &outlen)); + TEST_ASSERT(result->len == outlen); /* check plaintext only if everything went fine */ - if( 0 == finish_result ) - TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) ); + if (0 == finish_result) { + TEST_ASSERT(0 == memcmp(output, result->x, outlen)); + } exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); #if defined(MBEDTLS_USE_PSA_CRYPTO) - PSA_DONE( ); + PSA_DONE(); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ -void set_padding( int cipher_id, int pad_mode, int ret ) +void set_padding(int cipher_id, int pad_mode, int ret) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); - cipher_info = mbedtls_cipher_info_from_type( cipher_id ); - TEST_ASSERT( NULL != cipher_info ); - TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx, cipher_info ) ); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx, cipher_info)); - TEST_ASSERT( ret == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(ret == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void check_padding( int pad_mode, data_t * input, int ret, int dlen_check - ) +void check_padding(int pad_mode, data_t *input, int ret, int dlen_check + ) { mbedtls_cipher_info_t cipher_info; mbedtls_cipher_context_t ctx; size_t dlen; /* build a fake context just for getting access to get_padding */ - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); cipher_info.mode = MBEDTLS_MODE_CBC; ctx.cipher_info = &cipher_info; - TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, pad_mode ) ); + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx, pad_mode)); - TEST_ASSERT( ret == ctx.get_padding( input->x, input->len, &dlen ) ); - if( 0 == ret ) - TEST_ASSERT( dlen == (size_t) dlen_check ); + TEST_ASSERT(ret == ctx.get_padding(input->x, input->len, &dlen)); + if (0 == ret) { + TEST_ASSERT(dlen == (size_t) dlen_check); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void iv_len_validity(int cipher_id, char *cipher_string, + int iv_len_val, int ret) +{ + size_t iv_len = iv_len_val; + unsigned char iv[16]; + + /* Initialise iv buffer */ + memset(iv, 0, sizeof(iv)); + + const mbedtls_cipher_info_t *cipher_info; + mbedtls_cipher_context_t ctx_dec; + mbedtls_cipher_context_t ctx_enc; + + /* + * Prepare contexts + */ + mbedtls_cipher_init(&ctx_dec); + mbedtls_cipher_init(&ctx_enc); + + /* Check and get info structures */ + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + TEST_ASSERT(NULL != cipher_info); + TEST_ASSERT(mbedtls_cipher_info_from_string(cipher_string) == cipher_info); + + /* Initialise enc and dec contexts */ + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); + TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_enc, cipher_info)); + + TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); + TEST_ASSERT(ret == mbedtls_cipher_set_iv(&ctx_enc, iv, iv_len)); + +exit: + mbedtls_cipher_free(&ctx_dec); + mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.gcm.data b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.gcm.data index a4cebd24121..63e728b3949 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cipher.gcm.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cipher.gcm.data @@ -2731,2017 +2731,2017 @@ depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1 AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cmac.data b/third_party/mbedtls/repo/tests/suites/test_suite_cmac.data index 70b7609e489..3ca5e542d03 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cmac.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cmac.data @@ -2,6 +2,7 @@ CMAC self test mbedtls_cmac_self_test: CMAC null arguments +depends_on:MBEDTLS_AES_C mbedtls_cmac_null_args: CMAC init #1 AES-128: OK @@ -16,49 +17,59 @@ CMAC init #3 AES-256: OK depends_on:MBEDTLS_AES_C mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_256_ECB:256:0 -CMAC init #4 3DES : OK +CMAC init #4 3DES: OK depends_on:MBEDTLS_DES_C mbedtls_cmac_setkey:MBEDTLS_CIPHER_DES_EDE3_ECB:192:0 CMAC init #5 AES-224: bad key size depends_on:MBEDTLS_AES_C -mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:224:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA CMAC init #6 AES-0: bad key size depends_on:MBEDTLS_AES_C -mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA CMAC init #7 Camellia: wrong cipher depends_on:MBEDTLS_CAMELLIA_C -mbedtls_cmac_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_192_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA CMAC Single Blocks #1 - Empty block, no updates +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746" CMAC Single Blocks #2 - Single 16 byte block +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c" CMAC Single Blocks #3 - Single 64 byte block +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe" CMAC Multiple Blocks #1 - Multiple 8 byte blocks +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c" CMAC Multiple Blocks #2 - Multiple 16 byte blocks +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe" CMAC Multiple Blocks #3 - Multiple variable sized blocks +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe" CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c" CMAC Multiple Operations, same key #1 - Empty, empty +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367" CMAC Multiple Operations, same key #2 - Empty, 64 byte block +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11" CMAC Multiple Operations, same key #3 - variable byte blocks +depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_cmac.function b/third_party/mbedtls/repo/tests/suites/test_suite_cmac.function index cabf1070c15..9624e8fea08 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_cmac.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_cmac.function @@ -9,14 +9,14 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mbedtls_cmac_self_test( ) +void mbedtls_cmac_self_test() { - TEST_ASSERT( mbedtls_cmac_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_cmac_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_null_args( ) +void mbedtls_cmac_null_args() { mbedtls_cipher_context_t ctx; const mbedtls_cipher_info_t *cipher_info; @@ -24,108 +24,108 @@ void mbedtls_cmac_null_args( ) unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX]; unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX]; - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Test NULL cipher info */ - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, test_data, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB ); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); - - TEST_ASSERT( mbedtls_cipher_cmac_starts( NULL, test_key, 128 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, NULL, 128 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_update( NULL, test_data, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, NULL, 16 ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_finish( NULL, test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac_reset( NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac( NULL, - test_key, 128, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - NULL, 128, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - test_key, 128, - NULL, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_cipher_cmac( cipher_info, - test_key, 128, - test_data, 16, - NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_aes_cmac_prf_128( NULL, 16, - test_data, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, - NULL, 16, - test_output ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_aes_cmac_prf_128( test_key, 16, - test_data, 16, - NULL ) == - MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, test_data, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); + + TEST_ASSERT(mbedtls_cipher_cmac_starts(NULL, test_key, 128) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, NULL, 128) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_update(NULL, test_data, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, NULL, 16) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_finish(NULL, test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac_reset(NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac(NULL, + test_key, 128, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + NULL, 128, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + test_key, 128, + NULL, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_cipher_cmac(cipher_info, + test_key, 128, + test_data, 16, + NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); +#if defined(MBEDTLS_AES_C) + TEST_ASSERT(mbedtls_aes_cmac_prf_128(NULL, 16, + test_data, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16, + NULL, 16, + test_output) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_aes_cmac_prf_128(test_key, 16, + test_data, 16, + NULL) == + MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA); +#endif exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_setkey( int cipher_type, int key_size, int result ) +void mbedtls_cmac_setkey(int cipher_type, int key_size, int result) { const mbedtls_cipher_info_t *cipher_info; unsigned char key[32]; unsigned char buf[16]; unsigned char tmp[16]; - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - memset( buf, 0x2A, sizeof( buf ) ); - TEST_ASSERT( ( result == mbedtls_cipher_cmac( cipher_info, key, key_size, - buf, 16, tmp ) ) != 0 ); + memset(buf, 0x2A, sizeof(buf)); + TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size, + buf, 16, tmp)) != 0); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key, - int keybits, int block_size, - data_t * block1, int block1_len, - data_t * block2, int block2_len, - data_t * block3, int block3_len, - data_t * block4, int block4_len, - data_t * expected_result ) +void mbedtls_cmac_multiple_blocks(int cipher_type, data_t *key, + int keybits, int block_size, + data_t *block1, int block1_len, + data_t *block2, int block2_len, + data_t *block3, int block3_len, + data_t *block4, int block4_len, + data_t *expected_result) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; @@ -133,74 +133,78 @@ void mbedtls_cmac_multiple_blocks( int cipher_type, data_t * key, /* Convert the test parameters to binary data */ - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Validate the test inputs */ - TEST_ASSERT( block1_len <= 100 ); - TEST_ASSERT( block2_len <= 100 ); - TEST_ASSERT( block3_len <= 100 ); - TEST_ASSERT( block4_len <= 100 ); + TEST_ASSERT(block1_len <= 100); + TEST_ASSERT(block2_len <= 100); + TEST_ASSERT(block3_len <= 100); + TEST_ASSERT(block4_len <= 100); /* Set up */ - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, - (const unsigned char*)key->x, - keybits ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, + (const unsigned char *) key->x, + keybits) == 0); /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block1_len >= 0) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block1->x, - block1_len ) == 0); - - if( block2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block2->x, - block2_len ) == 0); - - if( block3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block3->x, - block3_len ) == 0); - - if( block4_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block4->x, - block4_len ) == 0); - - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); - - TEST_ASSERT( memcmp( output, expected_result->x, block_size ) == 0 ); + if (block1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block1->x, + block1_len) == 0); + } + + if (block2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block2->x, + block2_len) == 0); + } + + if (block3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block3->x, + block3_len) == 0); + } + + if (block4_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block4->x, + block4_len) == 0); + } + + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); + + TEST_ASSERT(memcmp(output, expected_result->x, block_size) == 0); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_cmac_multiple_operations_same_key( int cipher_type, - data_t * key, int keybits, - int block_size, - data_t * block_a1, - int block_a1_len, - data_t * block_a2, - int block_a2_len, - data_t * block_a3, - int block_a3_len, - data_t * expected_result_a, - data_t * block_b1, - int block_b1_len, - data_t * block_b2, - int block_b2_len, - data_t * block_b3, - int block_b3_len, - data_t * expected_result_b - ) +void mbedtls_cmac_multiple_operations_same_key(int cipher_type, + data_t *key, int keybits, + int block_size, + data_t *block_a1, + int block_a1_len, + data_t *block_a2, + int block_a2_len, + data_t *block_a3, + int block_a3_len, + data_t *expected_result_a, + data_t *block_b1, + int block_b1_len, + data_t *block_b2, + int block_b2_len, + data_t *block_b3, + int block_b3_len, + data_t *expected_result_b + ) { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; @@ -210,77 +214,82 @@ void mbedtls_cmac_multiple_operations_same_key( int cipher_type, - mbedtls_cipher_init( &ctx ); + mbedtls_cipher_init(&ctx); /* Validate the test inputs */ - TEST_ASSERT( block_a1_len <= 100 ); - TEST_ASSERT( block_a2_len <= 100 ); - TEST_ASSERT( block_a3_len <= 100 ); + TEST_ASSERT(block_a1_len <= 100); + TEST_ASSERT(block_a2_len <= 100); + TEST_ASSERT(block_a3_len <= 100); - TEST_ASSERT( block_b1_len <= 100 ); - TEST_ASSERT( block_b2_len <= 100 ); - TEST_ASSERT( block_b3_len <= 100 ); + TEST_ASSERT(block_b1_len <= 100); + TEST_ASSERT(block_b2_len <= 100); + TEST_ASSERT(block_b3_len <= 100); /* Set up */ - TEST_ASSERT( ( cipher_info = mbedtls_cipher_info_from_type( cipher_type ) ) - != NULL ); + TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) + != NULL); - TEST_ASSERT( mbedtls_cipher_setup( &ctx, cipher_info ) == 0 ); + TEST_ASSERT(mbedtls_cipher_setup(&ctx, cipher_info) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_starts( &ctx, - (const unsigned char*)key->x, - keybits ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_starts(&ctx, + (const unsigned char *) key->x, + keybits) == 0); /* Sequence A */ /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block_a1_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a1->x, - block_a1_len ) == 0); + if (block_a1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a1->x, + block_a1_len) == 0); + } - if( block_a2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a2->x, - block_a2_len ) == 0); + if (block_a2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a2->x, + block_a2_len) == 0); + } - if( block_a3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_a3->x, - block_a3_len ) == 0); + if (block_a3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_a3->x, + block_a3_len) == 0); + } - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); - TEST_ASSERT( memcmp( output, expected_result_a->x, block_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_result_a->x, block_size) == 0); - TEST_ASSERT( mbedtls_cipher_cmac_reset( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_reset(&ctx) == 0); /* Sequence B */ /* Multiple partial and complete blocks. A negative length means skip the * update operation */ - if( block_b1_len >= 0) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b1->x, - block_b1_len ) == 0); + if (block_b1_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b1->x, + block_b1_len) == 0); + } - if( block_b2_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b2->x, - block_b2_len ) == 0); + if (block_b2_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b2->x, + block_b2_len) == 0); + } - if( block_b3_len >= 0 ) - TEST_ASSERT( mbedtls_cipher_cmac_update( &ctx, - (unsigned char*)block_b3->x, - block_b3_len ) == 0); + if (block_b3_len >= 0) { + TEST_ASSERT(mbedtls_cipher_cmac_update(&ctx, + (unsigned char *) block_b3->x, + block_b3_len) == 0); + } - TEST_ASSERT( mbedtls_cipher_cmac_finish( &ctx, output ) == 0 ); + TEST_ASSERT(mbedtls_cipher_cmac_finish(&ctx, output) == 0); - TEST_ASSERT( memcmp( output, expected_result_b->x, block_size ) == 0 ); + TEST_ASSERT(memcmp(output, expected_result_b->x, block_size) == 0); exit: - mbedtls_cipher_free( &ctx ); + mbedtls_cipher_free(&ctx); } /* END_CASE */ - diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.data b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.data new file mode 100644 index 00000000000..4504aa4d675 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.data @@ -0,0 +1,11 @@ +# these are the numbers we'd get with an empty plaintext and truncated HMAC +Constant-flow memcpy from offset: small +ssl_cf_memcpy_offset:0:5:10 + +# we could get this with 255-bytes plaintext and untruncated SHA-256 +Constant-flow memcpy from offset: medium +ssl_cf_memcpy_offset:0:255:32 + +# we could get this with 255-bytes plaintext and untruncated SHA-384 +Constant-flow memcpy from offset: large +ssl_cf_memcpy_offset:100:339:48 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.function b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.function new file mode 100644 index 00000000000..3f91a7d1ff5 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time.function @@ -0,0 +1,48 @@ +/* BEGIN_HEADER */ +/** \file test_suite_constant_time.function + * + * Functional testing of functions in the constant_time module. + * + * The tests are instrumented with #TEST_CF_SECRET and #TEST_CF_PUBLIC + * (see tests/include/test/constant_flow.h) so that running the tests + * under MSan or Valgrind will detect a non-constant-time implementation. + */ + +#include +#include +#include + +#include +/* END_HEADER */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ +void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len) +{ + unsigned char *dst = NULL; + unsigned char *src = NULL; + size_t src_len = offset_max + len; + size_t secret; + + TEST_CALLOC(dst, len); + TEST_CALLOC(src, src_len); + + /* Fill src in a way that we can detect if we copied the right bytes */ + mbedtls_test_rnd_std_rand(NULL, src, src_len); + + for (secret = offset_min; secret <= (size_t) offset_max; secret++) { + mbedtls_test_set_step((int) secret); + + TEST_CF_SECRET(&secret, sizeof(secret)); + mbedtls_ct_memcpy_offset(dst, src, secret, + offset_min, offset_max, len); + TEST_CF_PUBLIC(&secret, sizeof(secret)); + TEST_CF_PUBLIC(dst, len); + + TEST_MEMORY_COMPARE(dst, len, src + secret, len); + } + +exit: + mbedtls_free(dst); + mbedtls_free(src); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.data b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.data new file mode 100644 index 00000000000..5339f2046aa --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.data @@ -0,0 +1,15 @@ +Constant-flow HMAC: MD5 +depends_on:MBEDTLS_MD5_C +ssl_cf_hmac:MBEDTLS_MD_MD5 + +Constant-flow HMAC: SHA1 +depends_on:MBEDTLS_SHA1_C +ssl_cf_hmac:MBEDTLS_MD_SHA1 + +Constant-flow HMAC: SHA256 +depends_on:MBEDTLS_SHA256_C +ssl_cf_hmac:MBEDTLS_MD_SHA256 + +Constant-flow HMAC: SHA384 +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_cf_hmac:MBEDTLS_MD_SHA384 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.function b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.function new file mode 100644 index 00000000000..45f0c01c611 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_constant_time_hmac.function @@ -0,0 +1,101 @@ +/* BEGIN_HEADER */ + +#include +#include +#include + +#include +/* END_HEADER */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ +void ssl_cf_hmac(int hash) +{ + /* + * Test the function mbedtls_ct_hmac() against a reference + * implementation. + */ + mbedtls_md_context_t ctx, ref_ctx; + const mbedtls_md_info_t *md_info; + size_t out_len, block_size; + size_t min_in_len, in_len, max_in_len, i; + /* TLS additional data is 13 bytes (hence the "lucky 13" name) */ + unsigned char add_data[13]; + unsigned char ref_out[MBEDTLS_MD_MAX_SIZE]; + unsigned char *data = NULL; + unsigned char *out = NULL; + unsigned char rec_num = 0; + + mbedtls_md_init(&ctx); + mbedtls_md_init(&ref_ctx); + + md_info = mbedtls_md_info_from_type(hash); + TEST_ASSERT(md_info != NULL); + out_len = mbedtls_md_get_size(md_info); + TEST_ASSERT(out_len != 0); + block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64; + + /* Use allocated out buffer to catch overwrites */ + TEST_CALLOC(out, out_len); + + /* Set up contexts with the given hash and a dummy key */ + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1)); + TEST_EQUAL(0, mbedtls_md_setup(&ref_ctx, md_info, 1)); + memset(ref_out, 42, sizeof(ref_out)); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, ref_out, out_len)); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ref_ctx, ref_out, out_len)); + memset(ref_out, 0, sizeof(ref_out)); + + /* + * Test all possible lengths up to a point. The difference between + * max_in_len and min_in_len is at most 255, and make sure they both vary + * by at least one block size. + */ + for (max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++) { + mbedtls_test_set_step(max_in_len * 10000); + + /* Use allocated in buffer to catch overreads */ + TEST_CALLOC(data, max_in_len); + + min_in_len = max_in_len > 255 ? max_in_len - 255 : 0; + for (in_len = min_in_len; in_len <= max_in_len; in_len++) { + mbedtls_test_set_step(max_in_len * 10000 + in_len); + + /* Set up dummy data and add_data */ + rec_num++; + memset(add_data, rec_num, sizeof(add_data)); + for (i = 0; i < in_len; i++) { + data[i] = (i & 0xff) ^ rec_num; + } + + /* Get the function's result */ + TEST_CF_SECRET(&in_len, sizeof(in_len)); + TEST_EQUAL(0, mbedtls_ct_hmac(&ctx, add_data, sizeof(add_data), + data, in_len, + min_in_len, max_in_len, + out)); + TEST_CF_PUBLIC(&in_len, sizeof(in_len)); + TEST_CF_PUBLIC(out, out_len); + + /* Compute the reference result */ + TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, add_data, + sizeof(add_data))); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ref_ctx, data, in_len)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ref_ctx, ref_out)); + TEST_EQUAL(0, mbedtls_md_hmac_reset(&ref_ctx)); + + /* Compare */ + TEST_MEMORY_COMPARE(out, out_len, ref_out, out_len); + } + + mbedtls_free(data); + data = NULL; + } + +exit: + mbedtls_md_free(&ref_ctx); + mbedtls_md_free(&ctx); + + mbedtls_free(data); + mbedtls_free(out); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ctr_drbg.function b/third_party/mbedtls/repo/tests/suites/test_suite_ctr_drbg.function index c3ffe3b47b1..4c6ee6f5a68 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ctr_drbg.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ctr_drbg.function @@ -4,8 +4,7 @@ #include "string.h" /* Modes for ctr_drbg_validate */ -enum reseed_mode -{ +enum reseed_mode { RESEED_NEVER, /* never reseed */ RESEED_FIRST, /* instantiate, reseed, generate, generate */ RESEED_SECOND, /* instantiate, generate, reseed, generate */ @@ -14,83 +13,83 @@ enum reseed_mode static size_t test_offset_idx = 0; static size_t test_max_idx = 0; -static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len ) +static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len) { const unsigned char *p = (unsigned char *) data; - if( test_offset_idx + len > test_max_idx ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - memcpy( buf, p + test_offset_idx, len ); + if (test_offset_idx + len > test_max_idx) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + memcpy(buf, p + test_offset_idx, len); test_offset_idx += len; - return( 0 ); + return 0; } -static void ctr_drbg_validate_internal( int reseed_mode, data_t * nonce, - int entropy_len_arg, data_t * entropy, - data_t * reseed, - data_t * add1, data_t * add2, - data_t * result ) +static void ctr_drbg_validate_internal(int reseed_mode, data_t *nonce, + int entropy_len_arg, data_t *entropy, + data_t *reseed, + data_t *add1, data_t *add2, + data_t *result) { mbedtls_ctr_drbg_context ctx; unsigned char buf[64]; size_t entropy_chunk_len = (size_t) entropy_len_arg; - TEST_ASSERT( entropy_chunk_len <= sizeof( buf ) ); + TEST_ASSERT(entropy_chunk_len <= sizeof(buf)); test_offset_idx = 0; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_max_idx = entropy->len; /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, ) * where nonce||perso = nonce[nonce->len] */ - mbedtls_ctr_drbg_set_entropy_len( &ctx, entropy_chunk_len ); - mbedtls_ctr_drbg_set_nonce_len( &ctx, 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_seed( - &ctx, - mbedtls_test_entropy_func, entropy->x, - nonce->x, nonce->len ) == 0 ); - if( reseed_mode == RESEED_ALWAYS ) + mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_chunk_len); + mbedtls_ctr_drbg_set_nonce_len(&ctx, 0); + TEST_ASSERT(mbedtls_ctr_drbg_seed( + &ctx, + mbedtls_test_entropy_func, entropy->x, + nonce->x, nonce->len) == 0); + if (reseed_mode == RESEED_ALWAYS) { mbedtls_ctr_drbg_set_prediction_resistance( &ctx, - MBEDTLS_CTR_DRBG_PR_ON ); + MBEDTLS_CTR_DRBG_PR_ON); + } - if( reseed_mode == RESEED_FIRST ) - { + if (reseed_mode == RESEED_FIRST) { /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len], * reseed[:reseed->len]) */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( - &ctx, - reseed->x, reseed->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed( + &ctx, + reseed->x, reseed->len) == 0); } /* CTR_DRBG_Generate(result->len * 8 bits, add1[:add1->len]) -> buf */ /* Then reseed if prediction resistance is enabled. */ - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( - &ctx, - buf, result->len, - add1->x, add1->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add( + &ctx, + buf, result->len, + add1->x, add1->len) == 0); - if( reseed_mode == RESEED_SECOND ) - { + if (reseed_mode == RESEED_SECOND) { /* CTR_DRBG_Reseed(entropy[idx:idx+entropy->len], * reseed[:reseed->len]) */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( - &ctx, - reseed->x, reseed->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed( + &ctx, + reseed->x, reseed->len) == 0); } /* CTR_DRBG_Generate(result->len * 8 bits, add2->x[:add2->len]) -> buf */ /* Then reseed if prediction resistance is enabled. */ - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( - &ctx, - buf, result->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( memcmp( buf, result->x, result->len ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add( + &ctx, + buf, result->len, + add2->x, add2->len) == 0); + TEST_ASSERT(memcmp(buf, result->x, result->len) == 0); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_HEADER */ @@ -101,127 +100,127 @@ exit: */ /* BEGIN_CASE */ -void ctr_drbg_special_behaviours( ) +void ctr_drbg_special_behaviours() { mbedtls_ctr_drbg_context ctx; unsigned char output[512]; unsigned char additional[512]; - mbedtls_ctr_drbg_init( &ctx ); - memset( output, 0, sizeof( output ) ); - memset( additional, 0, sizeof( additional ) ); - - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, - output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1, - additional, 16 ) == - MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, - output, 16, - additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1 ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, - MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1 ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - - mbedtls_ctr_drbg_set_entropy_len( &ctx, ~0 ); - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, additional, - MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) == - MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + mbedtls_ctr_drbg_init(&ctx); + memset(output, 0, sizeof(output)); + memset(additional, 0, sizeof(additional)); + + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, + output, MBEDTLS_CTR_DRBG_MAX_REQUEST + 1, + additional, 16) == + MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, + output, 16, + additional, MBEDTLS_CTR_DRBG_MAX_INPUT + 1) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); + + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional, + MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + 1) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); + + mbedtls_ctr_drbg_set_entropy_len(&ctx, ~0); + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, additional, + MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) == + MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_no_reseed( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add2, - data_t * result_string ) +void ctr_drbg_validate_no_reseed(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add2, + data_t *result_string) { data_t empty = { 0, 0 }; - ctr_drbg_validate_internal( RESEED_NEVER, add_init, - entropy->len, entropy, - &empty, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_NEVER, add_init, + entropy->len, entropy, + &empty, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_pr( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add2, - data_t * result_string ) +void ctr_drbg_validate_pr(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add2, + data_t *result_string) { data_t empty = { 0, 0 }; - ctr_drbg_validate_internal( RESEED_ALWAYS, add_init, - entropy->len / 3, entropy, - &empty, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_ALWAYS, add_init, + entropy->len / 3, entropy, + &empty, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_reseed_between( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add_reseed, - data_t * add2, data_t * result_string ) +void ctr_drbg_validate_reseed_between(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add_reseed, + data_t *add2, data_t *result_string) { - ctr_drbg_validate_internal( RESEED_SECOND, add_init, - entropy->len / 2, entropy, - add_reseed, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_SECOND, add_init, + entropy->len / 2, entropy, + add_reseed, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_validate_reseed_first( data_t * add_init, data_t * entropy, - data_t * add1, data_t * add_reseed, - data_t * add2, data_t * result_string ) +void ctr_drbg_validate_reseed_first(data_t *add_init, data_t *entropy, + data_t *add1, data_t *add_reseed, + data_t *add2, data_t *result_string) { - ctr_drbg_validate_internal( RESEED_FIRST, add_init, - entropy->len / 2, entropy, - add_reseed, add1, add2, - result_string ); + ctr_drbg_validate_internal(RESEED_FIRST, add_init, + entropy->len / 2, entropy, + add_reseed, add1, add2, + result_string); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_entropy_strength( int expected_bit_strength ) +void ctr_drbg_entropy_strength(int expected_bit_strength) { unsigned char entropy[/*initial entropy*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN + - /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + - /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN]; + /*nonce*/ MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN + + /*reseed*/ MBEDTLS_CTR_DRBG_ENTROPY_LEN]; mbedtls_ctr_drbg_context ctx; size_t last_idx; size_t byte_strength = expected_bit_strength / 8; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset_idx = 0; - test_max_idx = sizeof( entropy ); - memset( entropy, 0, sizeof( entropy ) ); + test_max_idx = sizeof(entropy); + memset(entropy, 0, sizeof(entropy)); /* The initial seeding must grab at least byte_strength bytes of entropy * for the entropy input and byte_strength/2 bytes for a nonce. */ - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, - mbedtls_test_entropy_func, entropy, - NULL, 0 ) == 0 ); - TEST_ASSERT( test_offset_idx >= ( byte_strength * 3 + 1 ) / 2 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, + mbedtls_test_entropy_func, entropy, + NULL, 0) == 0); + TEST_ASSERT(test_offset_idx >= (byte_strength * 3 + 1) / 2); last_idx = test_offset_idx; /* A reseed must grab at least byte_strength bytes of entropy. */ - TEST_ASSERT( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) == 0 ); - TEST_ASSERT( test_offset_idx - last_idx >= byte_strength ); + TEST_ASSERT(mbedtls_ctr_drbg_reseed(&ctx, NULL, 0) == 0); + TEST_ASSERT(test_offset_idx - last_idx >= byte_strength); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void ctr_drbg_entropy_usage( int entropy_nonce_len ) +void ctr_drbg_entropy_usage(int entropy_nonce_len) { unsigned char out[16]; unsigned char add[16]; @@ -230,109 +229,109 @@ void ctr_drbg_entropy_usage( int entropy_nonce_len ) size_t i, reps = 10; size_t expected_idx = 0; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); test_offset_idx = 0; - test_max_idx = sizeof( entropy ); - memset( entropy, 0, sizeof( entropy ) ); - memset( out, 0, sizeof( out ) ); - memset( add, 0, sizeof( add ) ); + test_max_idx = sizeof(entropy); + memset(entropy, 0, sizeof(entropy)); + memset(out, 0, sizeof(out)); + memset(add, 0, sizeof(add)); - if( entropy_nonce_len >= 0 ) - TEST_ASSERT( mbedtls_ctr_drbg_set_nonce_len( &ctx, entropy_nonce_len ) == 0 ); + if (entropy_nonce_len >= 0) { + TEST_ASSERT(mbedtls_ctr_drbg_set_nonce_len(&ctx, entropy_nonce_len) == 0); + } /* Set reseed interval before seed */ - mbedtls_ctr_drbg_set_reseed_interval( &ctx, 2 * reps ); + mbedtls_ctr_drbg_set_reseed_interval(&ctx, 2 * reps); /* Init must use entropy */ - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_entropy_func, entropy, NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - if( entropy_nonce_len >= 0 ) + if (entropy_nonce_len >= 0) { expected_idx += entropy_nonce_len; - else + } else { expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + } + TEST_EQUAL(test_offset_idx, expected_idx); /* By default, PR is off, and reseed interval was set to * 2 * reps so the next few calls should not use entropy */ - for( i = 0; i < reps; i++ ) - { - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, - add, sizeof( add ) ) == 0 ); + for (i = 0; i < reps; i++) { + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out) - 4) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out) - 4, + add, sizeof(add)) == 0); } - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* While at it, make sure we didn't write past the requested length */ - TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 3] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 2] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 1] == 0 ); + TEST_ASSERT(out[sizeof(out) - 4] == 0); + TEST_ASSERT(out[sizeof(out) - 3] == 0); + TEST_ASSERT(out[sizeof(out) - 2] == 0); + TEST_ASSERT(out[sizeof(out) - 1] == 0); /* There have been 2 * reps calls to random. The next call should reseed */ - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* Set reseed interval after seed */ - mbedtls_ctr_drbg_set_reseed_interval( &ctx, 4 * reps + 1 ); + mbedtls_ctr_drbg_set_reseed_interval(&ctx, 4 * reps + 1); /* The next few calls should not reseed */ - for( i = 0; i < (2 * reps); i++ ) - { - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_random_with_add( &ctx, out, sizeof( out ) , - add, sizeof( add ) ) == 0 ); + for (i = 0; i < (2 * reps); i++) { + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_random_with_add(&ctx, out, sizeof(out), + add, sizeof(add)) == 0); } - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); - /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT). + /* Call update with too much data (sizeof(entropy) > MAX(_SEED)_INPUT). * Make sure it's detected as an error and doesn't cause memory * corruption. */ - TEST_ASSERT( mbedtls_ctr_drbg_update_ret( - &ctx, entropy, sizeof( entropy ) ) != 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_update_ret( + &ctx, entropy, sizeof(entropy)) != 0); /* Now enable PR, so the next few calls should all reseed */ - mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += MBEDTLS_CTR_DRBG_ENTROPY_LEN; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); /* Finally, check setting entropy_len */ - mbedtls_ctr_drbg_set_entropy_len( &ctx, 42 ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, 42); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += 42; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); - mbedtls_ctr_drbg_set_entropy_len( &ctx, 13 ); - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_ctr_drbg_set_entropy_len(&ctx, 13); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)) == 0); expected_idx += 13; - TEST_EQUAL( test_offset_idx, expected_idx ); + TEST_EQUAL(test_offset_idx, expected_idx); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void ctr_drbg_seed_file( char * path, int ret ) +void ctr_drbg_seed_file(char *path, int ret) { mbedtls_ctr_drbg_context ctx; - mbedtls_ctr_drbg_init( &ctx ); + mbedtls_ctr_drbg_init(&ctx); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctx, mbedtls_test_rnd_std_rand, - NULL, NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_ctr_drbg_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_ctr_drbg_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_rnd_std_rand, + NULL, NULL, 0) == 0); + TEST_ASSERT(mbedtls_ctr_drbg_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_ctr_drbg_update_seed_file(&ctx, path) == ret); exit: - mbedtls_ctr_drbg_free( &ctx ); + mbedtls_ctr_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ctr_drbg_selftest( ) +void ctr_drbg_selftest() { - TEST_ASSERT( mbedtls_ctr_drbg_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_debug.data b/third_party/mbedtls/repo/tests/suites/test_suite_debug.data index 6d574424402..87ec67c8ce3 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_debug.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_debug.data @@ -38,25 +38,25 @@ Debug print buffer #5 mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n" Debug print mbedtls_mpi: 0 (empty representation) -mbedtls_debug_print_mpi:16:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" +mbedtls_debug_print_mpi:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" Debug print mbedtls_mpi: 0 (non-empty representation) -mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" +mbedtls_debug_print_mpi:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n" Debug print mbedtls_mpi #2: 3 bits -mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" +mbedtls_debug_print_mpi:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n" Debug print mbedtls_mpi: 49 bits -mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" +mbedtls_debug_print_mpi:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n" Debug print mbedtls_mpi: 759 bits -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" +mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" Debug print mbedtls_mpi: 764 bits #1 -mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" +mbedtls_debug_print_mpi:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" Debug print mbedtls_mpi: 764 bits #2 -mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" +mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" Debug print certificate #1 (RSA) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C @@ -65,3 +65,6 @@ mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile( Debug print certificate #2 (EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" + +Check mbedtls_calloc overallocation +check_mbedtls_calloc_overallocation:1:1 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_debug.function b/third_party/mbedtls/repo/tests/suites/test_suite_debug.function index fe5549a171a..9ece2807151 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_debug.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_debug.function @@ -2,8 +2,7 @@ #include "mbedtls/debug.h" #include "string.h" -struct buffer_data -{ +struct buffer_data { char buf[2000]; char *ptr; }; @@ -14,29 +13,32 @@ void string_debug(void *data, int level, const char *file, int line, const char char *p = buffer->ptr; ((void) level); - memcpy( p, file, strlen( file ) ); - p += strlen( file ); + memcpy(p, file, strlen(file)); + p += strlen(file); *p++ = '('; - *p++ = '0' + ( line / 1000 ) % 10; - *p++ = '0' + ( line / 100 ) % 10; - *p++ = '0' + ( line / 10 ) % 10; - *p++ = '0' + ( line / 1 ) % 10; + *p++ = '0' + (line / 1000) % 10; + *p++ = '0' + (line / 100) % 10; + *p++ = '0' + (line / 10) % 10; + *p++ = '0' + (line / 1) % 10; *p++ = ')'; *p++ = ':'; *p++ = ' '; #if defined(MBEDTLS_THREADING_C) /* Skip "thread ID" (up to the first space) as it is not predictable */ - while( *str++ != ' ' ); + while (*str++ != ' ') { + ; + } #endif - memcpy( p, str, strlen( str ) ); - p += strlen( str ); + memcpy(p, str, strlen(str)); + p += strlen(str); /* Detect if debug messages output partial lines and mark them */ - if( p[-1] != '\n' ) + if (p[-1] != '\n') { *p++ = '*'; + } buffer->ptr = p; } @@ -48,148 +50,172 @@ void string_debug(void *data, int level, const char *file, int line, const char */ /* BEGIN_CASE */ -void debug_print_msg_threshold( int threshold, int level, char * file, - int line, char * result_str ) +void debug_print_msg_threshold(int threshold, int level, char *file, + int line, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_debug_set_threshold( threshold ); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_debug_set_threshold(threshold); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_msg( &ssl, level, file, line, - "Text message, 2 == %d", 2 ); + mbedtls_debug_print_msg(&ssl, level, file, line, + "Text message, 2 == %d", 2); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_debug_print_ret( char * file, int line, char * text, int value, - char * result_str ) +void mbedtls_debug_print_ret(char *file, int line, char *text, int value, + char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_ret( &ssl, 0, file, line, text, value); + mbedtls_debug_print_ret(&ssl, 0, file, line, text, value); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_debug_print_buf( char * file, int line, char * text, - data_t * data, char * result_str ) +void mbedtls_debug_print_buf(char *file, int line, char *text, + data_t *data, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); - - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - mbedtls_debug_print_buf( &ssl, 0, file, line, text, data->x, data->len ); + mbedtls_debug_print_buf(&ssl, 0, file, line, text, data->x, data->len); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_debug_print_crt( char * crt_file, char * file, int line, - char * prefix, char * result_str ) +void mbedtls_debug_print_crt(char *crt_file, char *file, int line, + char *prefix, char *result_str) { mbedtls_x509_crt crt; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_x509_crt_init( &crt ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); + + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt); + TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + mbedtls_debug_print_crt(&ssl, 0, file, line, prefix, &crt); - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_x509_crt_free(&crt); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_BIGNUM_C */ -void mbedtls_debug_print_mpi( int radix, char * value, char * file, int line, - char * prefix, char * result_str ) +void mbedtls_debug_print_mpi(char *value, char *file, int line, + char *prefix, char *result_str) { mbedtls_ssl_context ssl; mbedtls_ssl_config conf; struct buffer_data buffer; mbedtls_mpi val; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); - mbedtls_mpi_init( &val ); - memset( buffer.buf, 0, 2000 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_mpi_init(&val); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&val, value) == 0); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + mbedtls_ssl_conf_dbg(&conf, string_debug, &buffer); - TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 ); + mbedtls_debug_print_mpi(&ssl, 0, file, line, prefix, &val); - mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer); + TEST_ASSERT(strcmp(buffer.buf, result_str) == 0); - mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val); +exit: + mbedtls_mpi_free(&val); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); +} +/* END_CASE */ - TEST_ASSERT( strcmp( buffer.buf, result_str ) == 0 ); +/* BEGIN_CASE */ +void check_mbedtls_calloc_overallocation(int num, int size) +{ + unsigned char *buf; + buf = mbedtls_calloc((size_t) num * SIZE_MAX/2, (size_t) size * SIZE_MAX/2); + /* Dummy usage of the pointer to prevent optimizing it */ + mbedtls_printf("calloc pointer : %p\n", buf); + TEST_ASSERT(buf == NULL); exit: - mbedtls_mpi_free( &val ); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); + mbedtls_free(buf); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_des.function b/third_party/mbedtls/repo/tests/suites/test_suite_des.function index 7256fb5376e..b846d777a05 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_des.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_des.function @@ -8,269 +8,273 @@ */ /* BEGIN_CASE */ -void des_check_weak( data_t * key, int ret ) +void des_check_weak(data_t *key, int ret) { - TEST_ASSERT( mbedtls_des_key_check_weak( key->x ) == ret ); + TEST_ASSERT(mbedtls_des_key_check_weak(key->x) == ret); } /* END_CASE */ /* BEGIN_CASE */ -void des_encrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void des_encrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_enc( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void des_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_dec( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, int cbc_result ) +void des_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_enc( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_des_setkey_enc(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst, - int cbc_result ) +void des_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst, + int cbc_result) { unsigned char output[100]; mbedtls_des_context ctx; memset(output, 0x00, 100); - mbedtls_des_init( &ctx ); + mbedtls_des_init(&ctx); - TEST_ASSERT( mbedtls_des_setkey_dec( &ctx, key_str->x ) == 0 ); - TEST_ASSERT( mbedtls_des_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); - if( cbc_result == 0 ) - { + TEST_ASSERT(mbedtls_des_setkey_dec(&ctx, key_str->x) == 0); + TEST_ASSERT(mbedtls_des_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des_free( &ctx ); + mbedtls_des_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des3_encrypt_ecb( int key_count, data_t * key_str, - data_t * src_str, data_t * dst ) +void des3_encrypt_ecb(int key_count, data_t *key_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_enc( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_enc( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des3_decrypt_ecb( int key_count, data_t * key_str, - data_t * src_str, data_t * dst ) +void des3_decrypt_ecb(int key_count, data_t *key_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_dec( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_dec( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_ecb( &ctx, src_str->x, output ) == 0 ); + TEST_ASSERT(mbedtls_des3_crypt_ecb(&ctx, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des3_encrypt_cbc( int key_count, data_t * key_str, - data_t * iv_str, data_t * src_str, - data_t * dst, int cbc_result ) +void des3_encrypt_cbc(int key_count, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_enc( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_enc( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_enc(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_enc(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); + TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); - if( cbc_result == 0 ) - { + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void des3_decrypt_cbc( int key_count, data_t * key_str, - data_t * iv_str, data_t * src_str, - data_t * dst, int cbc_result ) +void des3_decrypt_cbc(int key_count, data_t *key_str, + data_t *iv_str, data_t *src_str, + data_t *dst, int cbc_result) { unsigned char output[100]; mbedtls_des3_context ctx; memset(output, 0x00, 100); - mbedtls_des3_init( &ctx ); + mbedtls_des3_init(&ctx); - if( key_count == 2 ) - TEST_ASSERT( mbedtls_des3_set2key_dec( &ctx, key_str->x ) == 0 ); - else if( key_count == 3 ) - TEST_ASSERT( mbedtls_des3_set3key_dec( &ctx, key_str->x ) == 0 ); - else - TEST_ASSERT( 0 ); + if (key_count == 2) { + TEST_ASSERT(mbedtls_des3_set2key_dec(&ctx, key_str->x) == 0); + } else if (key_count == 3) { + TEST_ASSERT(mbedtls_des3_set3key_dec(&ctx, key_str->x) == 0); + } else { + TEST_ASSERT(0); + } - TEST_ASSERT( mbedtls_des3_crypt_cbc( &ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, src_str->x, output ) == cbc_result ); + TEST_ASSERT(mbedtls_des3_crypt_cbc(&ctx, MBEDTLS_DES_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == cbc_result); - if( cbc_result == 0 ) - { + if (cbc_result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len, - dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, src_str->len, + dst->len) == 0); } exit: - mbedtls_des3_free( &ctx ); + mbedtls_des3_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void des_key_parity_run( ) +void des_key_parity_run() { int i, j, cnt; unsigned char key[MBEDTLS_DES_KEY_SIZE]; unsigned int parity; - memset( key, 0, MBEDTLS_DES_KEY_SIZE ); + memset(key, 0, MBEDTLS_DES_KEY_SIZE); cnt = 0; // Iterate through all possible byte values // - for( i = 0; i < 32; i++ ) - { - for( j = 0; j < 8; j++ ) + for (i = 0; i < 32; i++) { + for (j = 0; j < 8; j++) { key[j] = cnt++; + } // Set the key parity according to the table // - mbedtls_des_key_set_parity( key ); + mbedtls_des_key_set_parity(key); // Check the parity with a function // - for( j = 0; j < 8; j++ ) - { - parity = key[j] ^ ( key[j] >> 4 ); + for (j = 0; j < 8; j++) { + parity = key[j] ^ (key[j] >> 4); parity = parity ^ - ( parity >> 1 ) ^ - ( parity >> 2 ) ^ - ( parity >> 3 ); + (parity >> 1) ^ + (parity >> 2) ^ + (parity >> 3); parity &= 1; - if( parity != 1 ) - TEST_ASSERT( 0 ); + if (parity != 1) { + TEST_ASSERT(0); + } } // Check the parity with the table // - TEST_ASSERT( mbedtls_des_key_check_key_parity( key ) == 0 ); + TEST_ASSERT(mbedtls_des_key_check_key_parity(key) == 0); } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void des_selftest( ) +void des_selftest() { - TEST_ASSERT( mbedtls_des_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_des_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_dhm.data b/third_party/mbedtls/repo/tests/suites/test_suite_dhm.data index 4e13e48535e..48c4bb51a0d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_dhm.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_dhm.data @@ -1,122 +1,127 @@ Diffie-Hellman full exchange: tiny x_size -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman parameter validation dhm_invalid_params: Diffie-Hellman full exchange: 5-bit, x_size=3 -dhm_do_dhm:10:"23":3:10:"5":0 +dhm_do_dhm:"17":3:"5":0 Diffie-Hellman full exchange: 5-bit, x_size=2 -dhm_do_dhm:10:"23":2:10:"5":0 +dhm_do_dhm:"17":2:"5":0 ## Repeat this test case and a few similar ones several times. The RNG state ## changes, so we get to exercise the code with a few different values. Diffie-Hellman full exchange: 5-bit #1 -dhm_do_dhm:10:"23":1:10:"5":0 +dhm_do_dhm:"17":1:"5":0 Diffie-Hellman full exchange: 5-bit #2 -dhm_do_dhm:10:"23":1:10:"5":0 +dhm_do_dhm:"17":1:"5":0 Diffie-Hellman full exchange: 5-bit #3 -dhm_do_dhm:10:"23":1:10:"5":0 +dhm_do_dhm:"17":1:"5":0 Diffie-Hellman full exchange: 5-bit #4 -dhm_do_dhm:10:"23":1:10:"5":0 +dhm_do_dhm:"17":1:"5":0 Diffie-Hellman full exchange: 5-bit #5 -dhm_do_dhm:10:"23":1:10:"5":0 +dhm_do_dhm:"17":1:"5":0 ## This is x_size = P_size + 1. Arguably x_size > P_size makes no sense, ## but it's the current undocumented behavior to treat it the same as when ## x_size = P_size. If this behavior changes in the future, change the expected ## return status from 0 to MBEDTLS_ERR_DHM_BAD_INPUT_DATA. Diffie-Hellman full exchange: 97-bit, x_size=14 -dhm_do_dhm:10:"93450983094850938450983409623":14:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":14:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit #1 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit #2 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit #3 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit #4 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit #5 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=12 -dhm_do_dhm:10:"93450983094850938450983409623":12:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":12:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=11 -dhm_do_dhm:10:"93450983094850938450983409623":11:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":11:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=1 #1 -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=1 #2 -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=1 #3 -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=1 #4 -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 97-bit, x_size=1 #5 -dhm_do_dhm:10:"93450983094850938450983409623":1:10:"9345098304850938450983409622":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":1:"1e32158a35e34d7b619657d6":0 Diffie-Hellman full exchange: 286-bit -dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0 +dhm_do_dhm:"301abc09a57b66a953bfcc206a32e9ab56724084e4b47635779ca35fee79ce1060cb4117":36:"15aa1039b4dd361ed1b5b88e52f2919d0cbcb15adbe5fc290dab13b34e7":0 Diffie-Hellman small modulus -dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA +dhm_do_dhm:"3":1:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA Diffie-Hellman zero modulus -dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"0":1:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=0 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=1 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=-1 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=P-1 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d6":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=P-2 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409621":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d5":0 Diffie-Hellman with G=P -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409623":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d7":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=P+1 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409624":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d8":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman with G=P+2 -dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409625":0 +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":13:"12df4d7689dff4c99d9ae57d9":0 Diffie-Hellman: x_size < 0 -dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA +dhm_do_dhm:"12df4d7689dff4c99d9ae57d7":-1:"1e32158a35e34d7b619657d6":MBEDTLS_ERR_DHM_BAD_INPUT_DATA Diffie-Hellman MPI_MAX_SIZE modulus -dhm_make_public:MBEDTLS_MPI_MAX_SIZE:10:"5":0 +dhm_make_public:MBEDTLS_MPI_MAX_SIZE:"5":0 Diffie-Hellman MPI_MAX_SIZE + 1 modulus -dhm_make_public:MBEDTLS_MPI_MAX_SIZE + 1:10:"5":MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA +dhm_make_public:MBEDTLS_MPI_MAX_SIZE + 1:"5":MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA -Diffie-Hellman load parameters from file [#1] +DH load parameters from PEM file (1024-bit, g=2) +depends_on:MBEDTLS_PEM_PARSE_C dhm_file:"data_files/dhparams.pem":"9e35f430443a09904f3a39a979797d070df53378e79c2438bef4e761f3c714553328589b041c809be1d6c6b5f1fc9f47d3a25443188253a992a56818b37ba9de5a40d362e56eff0be5417474c125c199272c8fe41dea733df6f662c92ae76556e755d10c64e6a50968f67fc6ea73d0dca8569be2ba204e23580d8bca2f4975b3":"02":128 -Diffie-Hellman load parameters from file [#2] +DH load parameters from PEM file (2048-bit, large g, privateValueLength) +depends_on:MBEDTLS_PEM_PARSE_C dhm_file:"data_files/dh.optlen.pem":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256 +DH load parameters from DER file (2048-bit, large g, privateValueLength) +dhm_file:"data_files/dh.optlen.der":"b3126aeaf47153c7d67f403030b292b5bd5a6c9eae1c137af34087fce2a36a578d70c5c560ad2bdb924c4a4dbee20a1671be7103ce87defa76908936803dbeca60c33e1289c1a03ac2c6c4e49405e5902fa0596a1cbaa895cc402d5213ed4a5f1f5ba8b5e1ed3da951a4c475afeb0ca660b7368c38c8e809f382d96ae19e60dc984e61cb42b5dfd723322acf327f9e413cda6400c15c5b2ea1fa34405d83982fba40e6d852da3d91019bf23511314254dc211a90833e5b1798ee52a78198c555644729ad92f060367c74ded37704adfc273a4a33fec821bd2ebd3bc051730e97a4dd14d2b766062592f5eec09d16bb50efebf2cc00dd3e0e3418e60ec84870f7":"800abfe7dc667aa17bcd7c04614bc221a65482ccc04b604602b0e131908a938ea11b48dc515dab7abcbb1e0c7fd66511edc0d86551b7632496e03df94357e1c4ea07a7ce1e381a2fcafdff5f5bf00df828806020e875c00926e4d011f88477a1b01927d73813cad4847c6396b9244621be2b00b63c659253318413443cd244215cd7fd4cbe796e82c6cf70f89cc0c528fb8e344809b31876e7ef739d5160d095c9684188b0c8755c7a468d47f56d6db9ea012924ecb0556fb71312a8d7c93bb2898ea08ee54eeb594548285f06a973cbbe2a0cb02e90f323fe045521f34c68354a6d3e95dbfff1eb64692edc0a44f3d3e408d0e479a541e779a6054259e2d854":256 + Diffie-Hellman selftest dhm_selftest: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_dhm.function b/third_party/mbedtls/repo/tests/suites/test_suite_dhm.function index 96ff2ac7343..1251723b1a4 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_dhm.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_dhm.function @@ -4,63 +4,66 @@ /* Sanity checks on a Diffie-Hellman parameter: check the length-value * syntax and check that the value is the expected one (taken from the * DHM context by the caller). */ -static int check_dhm_param_output( const mbedtls_mpi *expected, - const unsigned char *buffer, - size_t size, - size_t *offset ) +static int check_dhm_param_output(const mbedtls_mpi *expected, + const unsigned char *buffer, + size_t size, + size_t *offset) { size_t n; mbedtls_mpi actual; int ok = 0; - mbedtls_mpi_init( &actual ); + mbedtls_mpi_init(&actual); ++mbedtls_test_info.step; - TEST_ASSERT( size >= *offset + 2 ); - n = ( buffer[*offset] << 8 ) | buffer[*offset + 1]; + TEST_ASSERT(size >= *offset + 2); + n = (buffer[*offset] << 8) | buffer[*offset + 1]; *offset += 2; /* The DHM param output from Mbed TLS has leading zeros stripped, as * permitted but not required by RFC 5246 \S4.4. */ - TEST_EQUAL( n, mbedtls_mpi_size( expected ) ); - TEST_ASSERT( size >= *offset + n ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &actual, buffer + *offset, n ) ); - TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( expected, &actual ) ); + TEST_EQUAL(n, mbedtls_mpi_size(expected)); + TEST_ASSERT(size >= *offset + n); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&actual, buffer + *offset, n)); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(expected, &actual)); *offset += n; ok = 1; exit: - mbedtls_mpi_free( &actual ); - return( ok ); + mbedtls_mpi_free(&actual); + return ok; } /* Sanity checks on Diffie-Hellman parameters: syntax, range, and comparison * against the context. */ -static int check_dhm_params( const mbedtls_dhm_context *ctx, - size_t x_size, - const unsigned char *ske, size_t ske_len ) +static int check_dhm_params(const mbedtls_dhm_context *ctx, + size_t x_size, + const unsigned char *ske, size_t ske_len) { size_t offset = 0; /* Check that ctx->X and ctx->GX are within range. */ - TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->X, 1 ) > 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) < 0 ); - TEST_ASSERT( mbedtls_mpi_size( &ctx->X ) <= x_size ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &ctx->GX, 1 ) > 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx->GX, &ctx->P ) < 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->X, 1) > 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->X, &ctx->P) < 0); + TEST_ASSERT(mbedtls_mpi_size(&ctx->X) <= x_size); + TEST_ASSERT(mbedtls_mpi_cmp_int(&ctx->GX, 1) > 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx->GX, &ctx->P) < 0); /* Check ske: it must contain P, G and G^X, each prefixed with a * 2-byte size. */ - if( !check_dhm_param_output( &ctx->P, ske, ske_len, &offset ) ) + if (!check_dhm_param_output(&ctx->P, ske, ske_len, &offset)) { goto exit; - if( !check_dhm_param_output( &ctx->G, ske, ske_len, &offset ) ) + } + if (!check_dhm_param_output(&ctx->G, ske, ske_len, &offset)) { goto exit; - if( !check_dhm_param_output( &ctx->GX, ske, ske_len, &offset ) ) + } + if (!check_dhm_param_output(&ctx->GX, ske, ske_len, &offset)) { goto exit; - TEST_EQUAL( offset, ske_len ); + } + TEST_EQUAL(offset, ske_len); - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /* END_HEADER */ @@ -71,104 +74,104 @@ exit: */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void dhm_invalid_params( ) +void dhm_invalid_params() { mbedtls_dhm_context ctx; unsigned char buf[42] = { 0 }; unsigned char *buf_null = NULL; mbedtls_mpi X; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); size_t len; - TEST_INVALID_PARAM( mbedtls_dhm_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_dhm_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( NULL, - (unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, &buf_null, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_params( &ctx, - (unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( NULL, buflen, - buf, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - NULL, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_params( &ctx, buflen, - buf, &len, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_set_group( &ctx, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( NULL, buflen, - buf, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - NULL, buflen, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_make_public( &ctx, buflen, - buf, buflen, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( NULL, buf, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, NULL, buflen, &len, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_calc_secret( &ctx, buf, buflen, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); + TEST_INVALID_PARAM(mbedtls_dhm_init(NULL)); + TEST_VALID_PARAM(mbedtls_dhm_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(NULL, + (unsigned char **) &buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, &buf_null, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_params(&ctx, + (unsigned char **) &buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(NULL, buflen, + buf, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + NULL, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + buf, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_params(&ctx, buflen, + buf, &len, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(NULL, &X, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(&ctx, NULL, &X)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_set_group(&ctx, &X, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_public(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_read_public(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(NULL, buflen, + buf, buflen, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(&ctx, buflen, + NULL, buflen, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_make_public(&ctx, buflen, + buf, buflen, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(NULL, buf, buflen, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(&ctx, NULL, buflen, &len, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_calc_secret(&ctx, buf, buflen, NULL, + mbedtls_test_rnd_std_rand, + NULL)); #if defined(MBEDTLS_ASN1_PARSE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhm( &ctx, NULL, buflen ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhm(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhm(&ctx, NULL, buflen)); #if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( NULL, "" ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_DHM_BAD_INPUT_DATA, - mbedtls_dhm_parse_dhmfile( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhmfile(NULL, "")); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_DHM_BAD_INPUT_DATA, + mbedtls_dhm_parse_dhmfile(&ctx, NULL)); #endif /* MBEDTLS_FS_IO */ #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -178,8 +181,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void dhm_do_dhm( int radix_P, char *input_P, int x_size, - int radix_G, char *input_G, int result ) +void dhm_do_dhm(char *input_P, int x_size, + char *input_G, int result) { mbedtls_dhm_context ctx_srv; mbedtls_dhm_context ctx_cli; @@ -195,65 +198,67 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, int i; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_dhm_init( &ctx_srv ); - mbedtls_dhm_init( &ctx_cli ); - memset( ske, 0x00, 1000 ); - memset( pub_cli, 0x00, 1000 ); - memset( sec_srv, 0x00, 1000 ); - memset( sec_cli, 0x00, 1000 ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_dhm_init(&ctx_srv); + mbedtls_dhm_init(&ctx_cli); + memset(ske, 0x00, 1000); + memset(pub_cli, 0x00, 1000); + memset(sec_srv, 0x00, 1000); + memset(sec_cli, 0x00, 1000); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); /* * Set params */ - TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, radix_G, input_G ) == 0 ); - pub_cli_len = mbedtls_mpi_size( &ctx_srv.P ); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx_srv.G, input_G) == 0); + pub_cli_len = mbedtls_mpi_size(&ctx_srv.P); /* * First key exchange */ - mbedtls_test_set_step( 10 ); - TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == result ); - if ( result != 0 ) + mbedtls_test_set_step(10); + TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == result); + if (result != 0) { goto exit; - if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + } + if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) { goto exit; + } ske[ske_len++] = 0; ske[ske_len++] = 0; - TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), - &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv), + &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL, + NULL) == 0); - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); /* Re-do calc_secret on server a few times to test update of blinding values */ - for( i = 0; i < 3; i++ ) - { - mbedtls_test_set_step( 20 + i ); + for (i = 0; i < 3; i++) { + mbedtls_test_set_step(20 + i); sec_srv_len = 1000; - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, - sizeof( sec_srv ), &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, + sizeof(sec_srv), &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); } /* @@ -261,94 +266,96 @@ void dhm_do_dhm( int radix_P, char *input_P, int x_size, */ p = ske; - mbedtls_test_set_step( 30 ); - TEST_ASSERT( mbedtls_dhm_make_params( &ctx_srv, x_size, ske, &ske_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - if( !check_dhm_params( &ctx_srv, x_size, ske, ske_len ) ) + mbedtls_test_set_step(30); + TEST_ASSERT(mbedtls_dhm_make_params(&ctx_srv, x_size, ske, &ske_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + if (!check_dhm_params(&ctx_srv, x_size, ske, ske_len)) { goto exit; + } ske[ske_len++] = 0; ske[ske_len++] = 0; - TEST_ASSERT( mbedtls_dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_read_params(&ctx_cli, &p, ske + ske_len) == 0); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 ); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx_cli, x_size, pub_cli, pub_cli_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_read_public(&ctx_srv, pub_cli, pub_cli_len) == 0); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_srv, sec_srv, sizeof( sec_srv ), - &sec_srv_len, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_srv, sec_srv, sizeof(sec_srv), + &sec_srv_len, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_dhm_calc_secret(&ctx_cli, sec_cli, sizeof(sec_cli), &sec_cli_len, NULL, + NULL) == 0); - TEST_ASSERT( sec_srv_len == sec_cli_len ); - TEST_ASSERT( sec_srv_len != 0 ); - TEST_ASSERT( memcmp( sec_srv, sec_cli, sec_srv_len ) == 0 ); + TEST_ASSERT(sec_srv_len == sec_cli_len); + TEST_ASSERT(sec_srv_len != 0); + TEST_ASSERT(memcmp(sec_srv, sec_cli, sec_srv_len) == 0); exit: - mbedtls_dhm_free( &ctx_srv ); - mbedtls_dhm_free( &ctx_cli ); + mbedtls_dhm_free(&ctx_srv); + mbedtls_dhm_free(&ctx_cli); } /* END_CASE */ /* BEGIN_CASE */ -void dhm_make_public( int P_bytes, int radix_G, char *input_G, int result ) +void dhm_make_public(int P_bytes, char *input_G, int result) { mbedtls_mpi P, G; mbedtls_dhm_context ctx; unsigned char output[MBEDTLS_MPI_MAX_SIZE]; - mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &G ); - mbedtls_dhm_init( &ctx ); + mbedtls_mpi_init(&P); + mbedtls_mpi_init(&G); + mbedtls_dhm_init(&ctx); - TEST_ASSERT( mbedtls_mpi_lset( &P, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_lset(&P, 1) == 0); + TEST_ASSERT(mbedtls_mpi_shift_l(&P, (P_bytes * 8) - 1) == 0); + TEST_ASSERT(mbedtls_mpi_set_bit(&P, 0, 1) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &G, radix_G, input_G ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&G, input_G) == 0); - TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 ); - TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ), - output, sizeof(output), - &mbedtls_test_rnd_pseudo_rand, - NULL ) == result ); + TEST_ASSERT(mbedtls_dhm_set_group(&ctx, &P, &G) == 0); + TEST_ASSERT(mbedtls_dhm_make_public(&ctx, (int) mbedtls_mpi_size(&P), + output, sizeof(output), + &mbedtls_test_rnd_pseudo_rand, + NULL) == result); exit: - mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &G ); - mbedtls_dhm_free( &ctx ); + mbedtls_mpi_free(&P); + mbedtls_mpi_free(&G); + mbedtls_dhm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void dhm_file( char * filename, char * p, char * g, int len ) +void dhm_file(char *filename, char *p, char *g, int len) { mbedtls_dhm_context ctx; mbedtls_mpi P, G; - mbedtls_dhm_init( &ctx ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G ); + mbedtls_dhm_init(&ctx); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&G); - TEST_ASSERT( mbedtls_test_read_mpi( &P, 16, p ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &G, 16, g ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, p) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&G, g) == 0); - TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 ); + TEST_ASSERT(mbedtls_dhm_parse_dhmfile(&ctx, filename) == 0); - TEST_ASSERT( ctx.len == (size_t) len ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.G, &G ) == 0 ); + TEST_ASSERT(ctx.len == (size_t) len); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.G, &G) == 0); exit: - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &G ); - mbedtls_dhm_free( &ctx ); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&G); + mbedtls_dhm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void dhm_selftest( ) +void dhm_selftest() { - TEST_ASSERT( mbedtls_dhm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_dhm_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecdh.function b/third_party/mbedtls/repo/tests/suites/test_suite_ecdh.function index 69197e666be..0de7c08dcba 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecdh.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecdh.function @@ -1,39 +1,39 @@ /* BEGIN_HEADER */ #include "mbedtls/ecdh.h" -static int load_public_key( int grp_id, data_t *point, - mbedtls_ecp_keypair *ecp ) +static int load_public_key(int grp_id, data_t *point, + mbedtls_ecp_keypair *ecp) { int ok = 0; - TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &ecp->grp, - &ecp->Q, - point->x, - point->len ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &ecp->grp, - &ecp->Q ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ecp->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&ecp->grp, + &ecp->Q, + point->x, + point->len) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&ecp->grp, + &ecp->Q) == 0); ok = 1; exit: - return( ok ); + return ok; } -static int load_private_key( int grp_id, data_t *private_key, - mbedtls_ecp_keypair *ecp, - mbedtls_test_rnd_pseudo_info *rnd_info ) +static int load_private_key(int grp_id, data_t *private_key, + mbedtls_ecp_keypair *ecp, + mbedtls_test_rnd_pseudo_info *rnd_info) { int ok = 0; - TEST_ASSERT( mbedtls_ecp_read_key( grp_id, ecp, - private_key->x, - private_key->len ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_read_key(grp_id, ecp, + private_key->x, + private_key->len) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&ecp->grp, &ecp->d) == 0); /* Calculate the public key from the private key. */ - TEST_ASSERT( mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, - &ecp->grp.G, - &mbedtls_test_rnd_pseudo_rand, - rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, + &ecp->grp.G, + &mbedtls_test_rnd_pseudo_rand, + rnd_info) == 0); ok = 1; exit: - return( ok ); + return ok; } /* END_HEADER */ @@ -44,14 +44,14 @@ exit: */ /* BEGIN_CASE */ -void ecdh_valid_param( ) +void ecdh_valid_param() { - TEST_VALID_PARAM( mbedtls_ecdh_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecdh_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecdh_invalid_param( ) +void ecdh_invalid_param() { mbedtls_ecp_group grp; mbedtls_ecdh_context ctx; @@ -61,122 +61,124 @@ void ecdh_invalid_param( ) size_t olen; unsigned char buf[42] = { 0 }; const unsigned char *buf_null = NULL; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int invalid_side = 42; mbedtls_ecp_group_id valid_grp = MBEDTLS_ECP_DP_SECP192R1; - TEST_INVALID_PARAM( mbedtls_ecdh_init( NULL ) ); + mbedtls_ecp_keypair_init(&kp); + mbedtls_ecdh_init(&ctx); + TEST_INVALID_PARAM(mbedtls_ecdh_init(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdh_enable_restart( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecdh_enable_restart(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_gen_public( &grp, &m, &P, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( NULL, &m, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, NULL, &P, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, NULL, &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_compute_shared( &grp, &m, &P, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_setup( NULL, valid_grp ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_params( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( NULL, - (const unsigned char**) &buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, &buf_null, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_params( &ctx, - (const unsigned char**) &buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( NULL, &kp, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( &ctx, NULL, - MBEDTLS_ECDH_OURS ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_get_params( &ctx, &kp, - invalid_side ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_make_public( &ctx, &olen, buf, buflen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_read_public( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( NULL, &olen, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, NULL, buf, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdh_calc_secret( &ctx, &olen, NULL, buflen, - mbedtls_test_rnd_std_rand, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_gen_public(&grp, &m, &P, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(NULL, &m, &P, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, NULL, &P, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, &m, NULL, &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_compute_shared(&grp, &m, &P, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_setup(NULL, valid_grp)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_params(&ctx, &olen, buf, buflen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(NULL, + (const unsigned char **) &buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, &buf_null, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_params(&ctx, + (const unsigned char **) &buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(NULL, &kp, + MBEDTLS_ECDH_OURS)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(&ctx, NULL, + MBEDTLS_ECDH_OURS)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_get_params(&ctx, &kp, + invalid_side)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_make_public(&ctx, &olen, buf, buflen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_public(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_read_public(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(NULL, &olen, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(&ctx, NULL, buf, buflen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdh_calc_secret(&ctx, &olen, NULL, buflen, + mbedtls_test_rnd_std_rand, NULL)); exit: return; @@ -184,59 +186,59 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void ecdh_primitive_random( int id ) +void ecdh_primitive_random(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point qA, qB; mbedtls_mpi dA, dB, zA, zB; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB, + NULL, NULL) == 0); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &zB) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, - char * yA_str, data_t * rnd_buf_B, - char * xB_str, char * yB_str, char * z_str ) +void ecdh_primitive_testvec(int id, data_t *rnd_buf_A, char *xA_str, + char *yA_str, data_t *rnd_buf_B, + char *xB_str, char *yB_str, char *z_str) { mbedtls_ecp_group grp; mbedtls_ecp_point qA, qB; mbedtls_mpi dA, dB, zA, zB, check; mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&qA); mbedtls_ecp_point_init(&qB); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&zA); mbedtls_mpi_init(&zB); mbedtls_mpi_init(&check); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); rnd_info_A.buf = rnd_buf_A->x; rnd_info_A.length = rnd_buf_A->len; @@ -244,14 +246,14 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_A.fallback_p_rng = NULL; /* Fix rnd_buf_A->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info_A.length - 1; i++ ) + for (i = 0; i < rnd_info_A.length - 1; i++) { rnd_buf_A->x[i] = rnd_buf_A->x[i] << shift - | rnd_buf_A->x[i+1] >> ( 8 - shift ); + | rnd_buf_A->x[i+1] >> (8 - shift); + } rnd_buf_A->x[rnd_info_A.length-1] <<= shift; } @@ -262,52 +264,52 @@ void ecdh_primitive_testvec( int id, data_t * rnd_buf_A, char * xA_str, rnd_info_B.fallback_p_rng = NULL; /* Fix rnd_buf_B->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info_B.length - 1; i++ ) + for (i = 0; i < rnd_info_B.length - 1; i++) { rnd_buf_B->x[i] = rnd_buf_B->x[i] << shift - | rnd_buf_B->x[i+1] >> ( 8 - shift ); + | rnd_buf_B->x[i+1] >> (8 - shift); + } rnd_buf_B->x[rnd_info_B.length-1] <<= shift; } - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dA, &qA, - mbedtls_test_rnd_buffer_rand, - &rnd_info_A ) == 0 ); - TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 ); - - TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB, - mbedtls_test_rnd_buffer_rand, - &rnd_info_B ) == 0 ); - TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yB_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, z_str ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dA, &qA, + mbedtls_test_rnd_buffer_rand, + &rnd_info_A) == 0); + TEST_ASSERT(!mbedtls_ecp_is_zero(&qA)); + TEST_ASSERT(mbedtls_test_read_mpi(&check, xA_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.X, &check) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&check, yA_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qA.Y, &check) == 0); + + TEST_ASSERT(mbedtls_ecdh_gen_public(&grp, &dB, &qB, + mbedtls_test_rnd_buffer_rand, + &rnd_info_B) == 0); + TEST_ASSERT(!mbedtls_ecp_is_zero(&qB)); + TEST_ASSERT(mbedtls_test_read_mpi(&check, xB_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.X, &check) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&check, yB_str) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&qB.Y, &check) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&check, z_str) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zA, &qB, &dA, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zA, &check) == 0); + TEST_ASSERT(mbedtls_ecdh_compute_shared(&grp, &zB, &qA, &dB, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&zB, &check) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &qA ); mbedtls_ecp_point_free( &qB ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &zA ); mbedtls_mpi_free( &zB ); mbedtls_mpi_free( &check ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&qA); mbedtls_ecp_point_free(&qB); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&zA); mbedtls_mpi_free(&zB); mbedtls_mpi_free(&check); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange( int id ) +void ecdh_exchange(int id) { mbedtls_ecdh_context srv, cli; unsigned char buf[1000]; @@ -317,41 +319,41 @@ void ecdh_exchange( int id ) unsigned char res_buf[1000]; size_t res_len; - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0); - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); - memset( buf, 0x00, sizeof( buf ) ); - TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); + TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000, - NULL, NULL ) == 0 ); - TEST_ASSERT( len == res_len ); - TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &res_len, res_buf, 1000, + NULL, NULL) == 0); + TEST_ASSERT(len == res_len); + TEST_ASSERT(memcmp(buf, res_buf, len) == 0); exit: - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, - int enable, int max_ops, int min_restart, int max_restart ) +void ecdh_restart(int id, data_t *dA, data_t *dB, data_t *z, + int enable, int max_ops, int min_restart, int max_restart) { int ret; mbedtls_ecdh_context srv, cli; @@ -362,9 +364,9 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, int cnt_restart; mbedtls_ecp_group grp; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info_A.fallback_p_rng = NULL; @@ -376,105 +378,104 @@ void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z, rnd_info_B.buf = dB->x; rnd_info_B.length = dB->len; - /* The ECDH context is not guaranteed ot have an mbedtls_ecp_group structure + /* The ECDH context is not guaranteed to have an mbedtls_ecp_group structure * in every configuration, therefore we load it separately. */ - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); /* Otherwise we would have to fix the random buffer, * as in ecdh_primitive_testvec. */ - TEST_ASSERT( grp.nbits % 8 == 0 ); + TEST_ASSERT(grp.nbits % 8 == 0); - TEST_ASSERT( mbedtls_ecdh_setup( &srv, id ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_setup(&srv, id) == 0); /* set up restart parameters */ - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - if( enable ) - { - mbedtls_ecdh_enable_restart( &srv ); - mbedtls_ecdh_enable_restart( &cli ); + if (enable) { + mbedtls_ecdh_enable_restart(&srv); + mbedtls_ecdh_enable_restart(&cli); } /* server writes its parameters */ - memset( buf, 0x00, sizeof( buf ) ); + memset(buf, 0x00, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_make_params( &srv, &len, buf, sizeof( buf ), - mbedtls_test_rnd_buffer_rand, - &rnd_info_A ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_make_params(&srv, &len, buf, sizeof(buf), + mbedtls_test_rnd_buffer_rand, + &rnd_info_A); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* client read server params */ vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); /* client writes its key share */ - memset( buf, 0x00, sizeof( buf ) ); + memset(buf, 0x00, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_make_public( &cli, &len, buf, sizeof( buf ), - mbedtls_test_rnd_buffer_rand, - &rnd_info_B ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_make_public(&cli, &len, buf, sizeof(buf), + mbedtls_test_rnd_buffer_rand, + &rnd_info_B); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* server reads client key share */ - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); /* server computes shared secret */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ), - NULL, NULL ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_calc_secret(&srv, &len, buf, sizeof(buf), + NULL, NULL); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); - TEST_ASSERT( len == z->len ); - TEST_ASSERT( memcmp( buf, z->x, len ) == 0 ); + TEST_ASSERT(len == z->len); + TEST_ASSERT(memcmp(buf, z->x, len) == 0); /* client computes shared secret */ - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); len = 0; cnt_restart = 0; do { - ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ), - NULL, NULL ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdh_calc_secret(&cli, &len, buf, sizeof(buf), + NULL, NULL); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); - TEST_ASSERT( len == z->len ); - TEST_ASSERT( memcmp( buf, z->x, len ) == 0 ); + TEST_ASSERT(len == z->len); + TEST_ASSERT(memcmp(buf, z->x, len) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDH_LEGACY_CONTEXT */ -void ecdh_exchange_legacy( int id ) +void ecdh_exchange_legacy(int id) { mbedtls_ecdh_context srv, cli; unsigned char buf[1000]; @@ -483,43 +484,43 @@ void ecdh_exchange_legacy( int id ) mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecdh_init( &srv ); - mbedtls_ecdh_init( &cli ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecdh_init(&srv); + mbedtls_ecdh_init(&cli); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &srv.grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&srv.grp, id) == 0); - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecdh_make_params( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_params( &cli, &vbuf, buf + len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecdh_make_params(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_params(&cli, &vbuf, buf + len) == 0); - memset( buf, 0x00, sizeof( buf ) ); - TEST_ASSERT( mbedtls_ecdh_make_public( &cli, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_read_public( &srv, buf, len ) == 0 ); + memset(buf, 0x00, sizeof(buf)); + TEST_ASSERT(mbedtls_ecdh_make_public(&cli, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_read_public(&srv, buf, len) == 0); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &srv, &len, buf, 1000, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &len, buf, 1000, NULL, - NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &srv.z, &cli.z ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&srv, &len, buf, 1000, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdh_calc_secret(&cli, &len, buf, 1000, NULL, + NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&srv.z, &cli.z) == 0); exit: - mbedtls_ecdh_free( &srv ); - mbedtls_ecdh_free( &cli ); + mbedtls_ecdh_free(&srv); + mbedtls_ecdh_free(&cli); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange_calc_secret( int grp_id, - data_t *our_private_key, - data_t *their_point, - int ours_first, - data_t *expected ) +void ecdh_exchange_calc_secret(int grp_id, + data_t *our_private_key, + data_t *their_point, + int ours_first, + data_t *expected) { mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_keypair our_key; @@ -528,92 +529,90 @@ void ecdh_exchange_calc_secret( int grp_id, unsigned char shared_secret[MBEDTLS_ECP_MAX_BYTES]; size_t shared_secret_length = 0; - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_ecdh_init( &ecdh ); - mbedtls_ecp_keypair_init( &our_key ); - mbedtls_ecp_keypair_init( &their_key ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_ecdh_init(&ecdh); + mbedtls_ecp_keypair_init(&our_key); + mbedtls_ecp_keypair_init(&their_key); - if( ! load_private_key( grp_id, our_private_key, &our_key, &rnd_info ) ) + if (!load_private_key(grp_id, our_private_key, &our_key, &rnd_info)) { goto exit; - if( ! load_public_key( grp_id, their_point, &their_key ) ) + } + if (!load_public_key(grp_id, their_point, &their_key)) { goto exit; + } /* Import the keys to the ECDH calculation. */ - if( ours_first ) - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); + if (ours_first) { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + } else { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); } /* Perform the ECDH calculation. */ - TEST_ASSERT( mbedtls_ecdh_calc_secret( - &ecdh, - &shared_secret_length, - shared_secret, sizeof( shared_secret ), - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( shared_secret_length == expected->len ); - TEST_ASSERT( memcmp( expected->x, shared_secret, - shared_secret_length ) == 0 ); + TEST_ASSERT(mbedtls_ecdh_calc_secret( + &ecdh, + &shared_secret_length, + shared_secret, sizeof(shared_secret), + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(shared_secret_length == expected->len); + TEST_ASSERT(memcmp(expected->x, shared_secret, + shared_secret_length) == 0); exit: - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( &our_key ); - mbedtls_ecp_keypair_free( &their_key ); + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(&our_key); + mbedtls_ecp_keypair_free(&their_key); } /* END_CASE */ /* BEGIN_CASE */ -void ecdh_exchange_get_params_fail( int our_grp_id, - data_t *our_private_key, - int their_grp_id, - data_t *their_point, - int ours_first, - int expected_ret ) +void ecdh_exchange_get_params_fail(int our_grp_id, + data_t *our_private_key, + int their_grp_id, + data_t *their_point, + int ours_first, + int expected_ret) { mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_ecp_keypair our_key; mbedtls_ecp_keypair their_key; mbedtls_ecdh_context ecdh; - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_ecdh_init( &ecdh ); - mbedtls_ecp_keypair_init( &our_key ); - mbedtls_ecp_keypair_init( &their_key ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_ecdh_init(&ecdh); + mbedtls_ecp_keypair_init(&our_key); + mbedtls_ecp_keypair_init(&their_key); - if( ! load_private_key( our_grp_id, our_private_key, &our_key, &rnd_info ) ) + if (!load_private_key(our_grp_id, our_private_key, &our_key, &rnd_info)) { goto exit; - if( ! load_public_key( their_grp_id, their_point, &their_key ) ) + } + if (!load_public_key(their_grp_id, their_point, &their_key)) { goto exit; - - if( ours_first ) - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == - expected_ret ); } - else - { - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &their_key, MBEDTLS_ECDH_THEIRS ) == 0 ); - TEST_ASSERT( mbedtls_ecdh_get_params( - &ecdh, &our_key, MBEDTLS_ECDH_OURS ) == - expected_ret ); + + if (ours_first) { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == + expected_ret); + } else { + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &their_key, MBEDTLS_ECDH_THEIRS) == 0); + TEST_ASSERT(mbedtls_ecdh_get_params( + &ecdh, &our_key, MBEDTLS_ECDH_OURS) == + expected_ret); } exit: - mbedtls_ecdh_free( &ecdh ); - mbedtls_ecp_keypair_free( &our_key ); - mbedtls_ecp_keypair_free( &their_key ); + mbedtls_ecdh_free(&ecdh); + mbedtls_ecp_keypair_free(&our_key); + mbedtls_ecp_keypair_free(&their_key); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.data b/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.data index 755a43cdd0c..4b411117c3f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.data @@ -364,3 +364,63 @@ ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0":"0151518F1AF0F563517EDD5485 ECDSA private parameter greater than n p521 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED ecdsa_prim_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0065FDA3409451DCAB0A0EAD45495112A3D813C17BFD34BDF8C1209D7DF5849120597779060A7FF9D704ADF78B570FFAD6F062E95C7E0C5D5481C5B153B48B375FA11":"0151518F1AF0F563517EDD5485190DF95A4BF57B5CBA4CF2A9A3F6474725A35F7AFE0A6DDEB8BEDBCD6A197E592D40188901CECD650699C9B5E456AEA5ADD19052A8":"006F3B142EA1BFFF7E2837AD44C9E4FF6D2D34C73184BBAD90026DD5E6E85317D9DF45CAD7803C6C20035B2F3FF63AFF4E1BA64D1C077577DA3F4286C58F0AEAE643":"00C1C2B305419F5A41344D7E4359933D734096F556197A9B244342B8B62F46F9373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B956C2F":"DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F":"0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE544320552251":"017705A7030290D1CEB605A9A1BB03FF9CDD521E87A696EC926C8C10C8362DF4975367101F67D1CF9BCCBF2F3D239534FA509E70AAC851AE01AAC68D62F866472660":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (not on curve), zero bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (not on curve), one byte of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"00":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (not on curve), r=1, s=1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (also not on curve), r=1, s=1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"12345":"1":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (not on curve), r=12345, s=1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"12345":"1":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify invalid pub key (not on curve), r=1, s=12345 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"1":"2":"1":"12345":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_INVALID_KEY + +ECDSA verify valid pub key, invalid sig (r=0), 0 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"0":"1":"":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid pub key, invalid sig (r=0), 1 byte of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"0":"1":"00":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid pub key, invalid sig (r>n-1), 32 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141":"12":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid pub key, valid/incorrect sig, 0 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid pub key, valid/incorrect sig, 1 byte of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"00":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid pub key, valid/incorrect sig, 32 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"84eead3fb3cdbdac882412af64cc125b6784690bebf575f1c32162ab65080037":"0000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ECP_VERIFY_FAILED + +ECDSA verify valid public key, correct sig, 0 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"":0 + +ECDSA verify valid pub key, correct sig, 1 byte of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"00":0 + +ECDSA verify valid pub key, correct sig, 32 bytes of data +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecdsa_verify:MBEDTLS_ECP_DP_SECP256K1:"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798":"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8":"ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88":"c9cc1ba95156bc103055a5d7946f3a3ae7f0657d1e53f1d5c2c9782950aa69b":"0000000000000000000000000000000000000000000000000000000000000000":0 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.function b/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.function index d47bb4ed892..470495dff5f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecdsa.function @@ -8,7 +8,7 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecdsa_invalid_param( ) +void ecdsa_invalid_param() { mbedtls_ecdsa_context ctx; mbedtls_ecp_keypair key; @@ -20,192 +20,204 @@ void ecdsa_invalid_param( ) size_t slen; unsigned char buf[42] = { 0 }; - TEST_INVALID_PARAM( mbedtls_ecdsa_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_free( NULL ) ); + mbedtls_ecdsa_init(&ctx); + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&m); + + TEST_INVALID_PARAM(mbedtls_ecdsa_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecdsa_free(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecdsa_restart_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecdsa_restart_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_ecdsa_restart_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecdsa_restart_free(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( NULL, &m, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, NULL, &m, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, NULL, &m, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, NULL, - buf, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign( &grp, &m, &m, &m, - buf, sizeof( buf ), - NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(NULL, &m, &m, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, NULL, &m, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, NULL, &m, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, NULL, + buf, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, &m, + NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign(&grp, &m, &m, &m, + buf, sizeof(buf), + NULL, NULL)); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( NULL, &m, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, NULL, &m, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, NULL, &m, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, NULL, - buf, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_sign_det_ext( &grp, &m, &m, &m, - NULL, sizeof( buf ), - valid_md, - mbedtls_test_rnd_std_rand, - NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(NULL, &m, &m, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, NULL, &m, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, NULL, &m, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, NULL, + buf, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_sign_det_ext(&grp, &m, &m, &m, + NULL, sizeof(buf), + valid_md, + mbedtls_test_rnd_std_rand, + NULL)); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( NULL, - buf, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - NULL, sizeof( buf ), - &P, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - NULL, &m, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_verify( &grp, - buf, sizeof( buf ), - &P, &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( NULL, valid_md, buf, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, NULL, sizeof( buf ), - buf, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - NULL, &slen, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature( &ctx, valid_md, buf, sizeof( buf ), - buf, NULL, mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( NULL, valid_md, buf, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, NULL, - sizeof( buf ), buf, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), NULL, &slen, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_write_signature_restartable( &ctx, valid_md, buf, - sizeof( buf ), buf, NULL, - mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_read_signature_restartable( &ctx, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( NULL, valid_group, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_genkey( &ctx, valid_group, - NULL, NULL ) ); - - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( NULL, &key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecdsa_from_keypair( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(NULL, + buf, sizeof(buf), + &P, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + NULL, sizeof(buf), + &P, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + NULL, &m, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + &P, NULL, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_verify(&grp, + buf, sizeof(buf), + &P, &m, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(NULL, valid_md, buf, sizeof(buf), + buf, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, NULL, sizeof(buf), + buf, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf), + NULL, &slen, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature(&ctx, valid_md, buf, sizeof(buf), + buf, NULL, mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(NULL, valid_md, buf, + sizeof(buf), buf, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, NULL, + sizeof(buf), buf, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf, + sizeof(buf), NULL, &slen, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_write_signature_restartable(&ctx, valid_md, buf, + sizeof(buf), buf, NULL, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(NULL, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(&ctx, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature(&ctx, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(NULL, + buf, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(&ctx, + NULL, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_read_signature_restartable(&ctx, + buf, sizeof(buf), + NULL, sizeof(buf), + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_genkey(NULL, valid_group, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_genkey(&ctx, valid_group, + NULL, NULL)); + + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_from_keypair(NULL, &key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecdsa_from_keypair(&ctx, NULL)); exit: + mbedtls_ecdsa_free(&ctx); + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&m); + return; } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_zero( int id ) +void ecdsa_prim_zero(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; @@ -213,31 +225,31 @@ void ecdsa_prim_zero( int id ) mbedtls_test_rnd_pseudo_info rnd_info; unsigned char buf[MBEDTLS_MD_MAX_SIZE]; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(buf, 0, sizeof(buf)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ), - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf), + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_random( int id ) +void ecdsa_prim_random(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; @@ -245,102 +257,151 @@ void ecdsa_prim_random( int id ) mbedtls_test_rnd_pseudo_info rnd_info; unsigned char buf[MBEDTLS_MD_MAX_SIZE]; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( buf, 0, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(buf, 0, sizeof(buf)); /* prepare material for signature */ - TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info, - buf, sizeof( buf ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ), - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 ); + TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info, + buf, sizeof(buf)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, buf, sizeof(buf), + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_verify(&grp, buf, sizeof(buf), &Q, &r, &s) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); } /* END_CASE */ /* BEGIN_CASE */ -void ecdsa_prim_test_vectors( int id, char * d_str, char * xQ_str, - char * yQ_str, data_t * rnd_buf, - data_t * hash, char * r_str, char * s_str, - int result ) +void ecdsa_prim_test_vectors(int id, char *d_str, char *xQ_str, + char *yQ_str, data_t *rnd_buf, + data_t *hash, char *r_str, char *s_str, + int result) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; - mbedtls_mpi d, r, s, r_check, s_check; + mbedtls_mpi d, r, s, r_check, s_check, zero; mbedtls_test_rnd_buf_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check); + mbedtls_mpi_init(&zero); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_string(&Q, 16, xQ_str, yQ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0); rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand; rnd_info.fallback_p_rng = NULL; rnd_info.buf = rnd_buf->x; rnd_info.length = rnd_buf->len; /* Fix rnd_buf->x by shifting it left if necessary */ - if( grp.nbits % 8 != 0 ) - { - unsigned char shift = 8 - ( grp.nbits % 8 ); + if (grp.nbits % 8 != 0) { + unsigned char shift = 8 - (grp.nbits % 8); size_t i; - for( i = 0; i < rnd_info.length - 1; i++ ) - rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> ( 8 - shift ); + for (i = 0; i < rnd_info.length - 1; i++) { + rnd_buf->x[i] = rnd_buf->x[i] << shift | rnd_buf->x[i+1] >> (8 - shift); + } rnd_buf->x[rnd_info.length-1] <<= shift; } - TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, hash->x, hash->len, - mbedtls_test_rnd_buffer_rand, &rnd_info ) == result ); - - if ( result == 0) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 ); - - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, &Q, &r_check, &s_check ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_sub_int( &r, &r, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_int( &s, &s, 1 ) == 0 ); - - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, - &Q, &r, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, - &Q, &r_check, &s ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); - TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash->x, hash->len, - &grp.G, &r_check, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_sign(&grp, &r, &s, &d, hash->x, hash->len, + mbedtls_test_rnd_buffer_rand, &rnd_info) == result); + + if (result == 0) { + /* Check we generated the expected values */ + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&r, &r_check), 0); + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&s, &s_check), 0); + + /* Valid signature */ + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, + &Q, &r_check, &s_check), 0); + + /* Invalid signature: wrong public key (G instead of Q) */ + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, + &grp.G, &r_check, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + + /* Invalid signatures: r or s or both one off */ + TEST_EQUAL(mbedtls_mpi_sub_int(&r, &r_check, 1), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&s, &s_check, 1), 0); + + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + + /* Invalid signatures: r, s or both (CVE-2022-21449) are zero */ + TEST_EQUAL(mbedtls_mpi_lset(&zero, 0), 0); + + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &zero, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &zero, &zero), MBEDTLS_ERR_ECP_VERIFY_FAILED); + + /* Invalid signatures: r, s or both are == N */ + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &grp.N, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &grp.N, &grp.N), MBEDTLS_ERR_ECP_VERIFY_FAILED); + + /* Invalid signatures: r, s or both are negative */ + TEST_EQUAL(mbedtls_mpi_sub_mpi(&r, &r_check, &grp.N), 0); + TEST_EQUAL(mbedtls_mpi_sub_mpi(&s, &s_check, &grp.N), 0); + + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + + /* Invalid signatures: r or s or both are > N */ + TEST_EQUAL(mbedtls_mpi_add_mpi(&r, &r_check, &grp.N), 0); + TEST_EQUAL(mbedtls_mpi_add_mpi(&s, &s_check, &grp.N), 0); + + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s_check), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r_check, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); + TEST_EQUAL(mbedtls_ecdsa_verify(&grp, hash->x, hash->len, &Q, + &r, &s), MBEDTLS_ERR_ECP_VERIFY_FAILED); } exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); - mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); + mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check); + mbedtls_mpi_free(&zero); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_DETERMINISTIC */ -void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, - char * r_str, char * s_str ) +void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, char *msg, + char *r_str, char *s_str) { mbedtls_ecp_group grp; mbedtls_mpi d, r, s, r_check, s_check; @@ -348,40 +409,40 @@ void ecdsa_det_test_vectors( int id, char * d_str, int md_alg, char * msg, size_t hlen; const mbedtls_md_info_t *md_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); - mbedtls_mpi_init( &r_check ); mbedtls_mpi_init( &s_check ); - memset( hash, 0, sizeof( hash ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); + mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check); + memset(hash, 0, sizeof(hash)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, d_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&r_check, r_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&s_check, s_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, (const unsigned char *) msg, - strlen( msg ), hash ) == 0 ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, (const unsigned char *) msg, + strlen(msg), hash) == 0); TEST_ASSERT( - mbedtls_ecdsa_sign_det_ext( &grp, &r, &s, &d, hash, hlen, - md_alg, mbedtls_test_rnd_std_rand, - NULL ) - == 0 ); + mbedtls_ecdsa_sign_det_ext(&grp, &r, &s, &d, hash, hlen, + md_alg, mbedtls_test_rnd_std_rand, + NULL) + == 0); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &r, &r_check ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &s, &s_check ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&r, &r_check) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&s, &s_check) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_mpi_free( &d ); mbedtls_mpi_free( &r ); mbedtls_mpi_free( &s ); - mbedtls_mpi_free( &r_check ); mbedtls_mpi_free( &s_check ); + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); + mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void ecdsa_write_read_zero( int id ) +void ecdsa_write_read_zero(int id) { mbedtls_ecdsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; @@ -389,59 +450,60 @@ void ecdsa_write_read_zero( int id ) unsigned char sig[200]; size_t sig_len, i; - mbedtls_ecdsa_init( &ctx ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0x2a, sizeof( sig ) ); + mbedtls_ecdsa_init(&ctx); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(hash, 0, sizeof(hash)); + memset(sig, 0x2a, sizeof(sig)); /* generate signing key */ - TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); /* generate and write signature, then read and verify it */ - TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == 0); /* check we didn't write past the announced length */ - for( i = sig_len; i < sizeof( sig ); i++ ) - TEST_ASSERT( sig[i] == 0x2a ); + for (i = sig_len; i < sizeof(sig); i++) { + TEST_ASSERT(sig[i] == 0x2a); + } /* try verification with invalid length */ - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len - 1 ) != 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len + 1 ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len - 1) != 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len + 1) != 0); /* try invalid sequence tag */ sig[0]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) != 0); sig[0]--; /* try modifying r */ sig[10]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[10]--; /* try modifying s */ sig[sig_len - 1]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[sig_len - 1]--; exit: - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void ecdsa_write_read_random( int id ) +void ecdsa_write_read_random(int id) { mbedtls_ecdsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; @@ -449,127 +511,131 @@ void ecdsa_write_read_random( int id ) unsigned char sig[200]; size_t sig_len, i; - mbedtls_ecdsa_init( &ctx ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0x2a, sizeof( sig ) ); + mbedtls_ecdsa_init(&ctx); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(hash, 0, sizeof(hash)); + memset(sig, 0x2a, sizeof(sig)); /* prepare material for signature */ - TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info, - hash, sizeof( hash ) ) == 0 ); + TEST_ASSERT(mbedtls_test_rnd_pseudo_rand(&rnd_info, + hash, sizeof(hash)) == 0); /* generate signing key */ - TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_genkey(&ctx, id, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); /* generate and write signature, then read and verify it */ - TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256, - hash, sizeof( hash ), - sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_ecdsa_write_signature(&ctx, MBEDTLS_MD_SHA256, + hash, sizeof(hash), + sig, &sig_len, &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == 0); /* check we didn't write past the announced length */ - for( i = sig_len; i < sizeof( sig ); i++ ) - TEST_ASSERT( sig[i] == 0x2a ); + for (i = sig_len; i < sizeof(sig); i++) { + TEST_ASSERT(sig[i] == 0x2a); + } /* try verification with invalid length */ - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len - 1 ) != 0 ); - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len + 1 ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len - 1) != 0); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len + 1) != 0); /* try invalid sequence tag */ sig[0]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) != 0); sig[0]--; /* try modifying r */ sig[10]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[10]--; /* try modifying s */ sig[sig_len - 1]++; - TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ), - sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + TEST_ASSERT(mbedtls_ecdsa_read_signature(&ctx, hash, sizeof(hash), + sig, sig_len) == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig[sig_len - 1]--; exit: - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecdsa_read_restart( int id, data_t *pk, data_t *hash, data_t *sig, - int max_ops, int min_restart, int max_restart ) +void ecdsa_read_restart(int id, data_t *pk, data_t *hash, data_t *sig, + int max_ops, int min_restart, int max_restart) { mbedtls_ecdsa_context ctx; mbedtls_ecdsa_restart_ctx rs_ctx; int ret, cnt_restart; - mbedtls_ecdsa_init( &ctx ); - mbedtls_ecdsa_restart_init( &rs_ctx ); + mbedtls_ecdsa_init(&ctx); + mbedtls_ecdsa_restart_init(&rs_ctx); - TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, - pk->x, pk->len ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&ctx.grp, &ctx.Q, + pk->x, pk->len) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); cnt_restart = 0; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* try modifying r */ - TEST_ASSERT( sig->len > 10 ); + TEST_ASSERT(sig->len > 10); sig->x[10]++; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig->x[10]--; /* try modifying s */ sig->x[sig->len - 1]++; do { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED ); + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_VERIFY_FAILED); sig->x[sig->len - 1]--; /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_ecdsa_read_signature_restartable( &ctx, - hash->x, hash->len, sig->x, sig->len, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_ecdsa_read_signature_restartable(&ctx, + hash->x, hash->len, sig->x, sig->len, + &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecdsa_free( &ctx ); - mbedtls_ecdsa_restart_free( &rs_ctx ); + mbedtls_ecdsa_free(&ctx); + mbedtls_ecdsa_restart_free(&rs_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */ -void ecdsa_write_restart( int id, char *d_str, int md_alg, - char *msg, data_t *sig_check, - int max_ops, int min_restart, int max_restart ) +void ecdsa_write_restart(int id, char *d_str, int md_alg, + char *msg, data_t *sig_check, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_ecdsa_restart_ctx rs_ctx; @@ -579,49 +645,99 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg, size_t hlen, slen; const mbedtls_md_info_t *md_info; - mbedtls_ecdsa_restart_init( &rs_ctx ); - mbedtls_ecdsa_init( &ctx ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0, sizeof( sig ) ); + mbedtls_ecdsa_restart_init(&rs_ctx); + mbedtls_ecdsa_init(&ctx); + memset(hash, 0, sizeof(hash)); + memset(sig, 0, sizeof(sig)); - TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, 16, d_str ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&ctx.grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.d, d_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, - (const unsigned char *) msg, strlen( msg ), - hash ) == 0 ); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, + (const unsigned char *) msg, strlen(msg), + hash) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - slen = sizeof( sig ); + slen = sizeof(sig); cnt_restart = 0; do { - ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); - - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( slen == sig_check->len ); - TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 ); - - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + ret = mbedtls_ecdsa_write_signature_restartable(&ctx, + md_alg, + hash, + hlen, + sig, + &slen, + NULL, + NULL, + &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); + + TEST_ASSERT(ret == 0); + TEST_ASSERT(slen == sig_check->len); + TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0); + + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_ecdsa_write_signature_restartable( &ctx, - md_alg, hash, hlen, sig, &slen, NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_ecdsa_write_signature_restartable(&ctx, + md_alg, + hash, + hlen, + sig, + &slen, + NULL, + NULL, + &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecdsa_restart_free( &rs_ctx ); - mbedtls_ecdsa_free( &ctx ); + mbedtls_ecdsa_restart_free(&rs_ctx); + mbedtls_ecdsa_free(&ctx); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecdsa_verify(int grp_id, char *x, char *y, char *r, char *s, data_t *content, int expected) +{ + mbedtls_ecdsa_context ctx; + mbedtls_mpi sig_r, sig_s; + + mbedtls_ecdsa_init(&ctx); + mbedtls_mpi_init(&sig_r); + mbedtls_mpi_init(&sig_s); + + /* Prepare ECP group context */ + TEST_EQUAL(mbedtls_ecp_group_load(&ctx.grp, grp_id), 0); + + /* Prepare public key */ + TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.X, x), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&ctx.Q.Y, y), 0); + TEST_EQUAL(mbedtls_mpi_lset(&ctx.Q.Z, 1), 0); + + /* Prepare signature R & S */ + TEST_EQUAL(mbedtls_test_read_mpi(&sig_r, r), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&sig_s, s), 0); + + /* Test whether public key has expected validity */ + TEST_EQUAL(mbedtls_ecp_check_pubkey(&ctx.grp, &ctx.Q), + expected == MBEDTLS_ERR_ECP_INVALID_KEY ? MBEDTLS_ERR_ECP_INVALID_KEY : 0); + + /* Verification */ + int result = mbedtls_ecdsa_verify(&ctx.grp, content->x, content->len, &ctx.Q, &sig_r, &sig_s); + + TEST_EQUAL(result, expected); +exit: + mbedtls_ecdsa_free(&ctx); + mbedtls_mpi_free(&sig_r); + mbedtls_mpi_free(&sig_s); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.data b/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.data index fe14f88281f..73808c94066 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.data @@ -49,7 +49,7 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779 ECJPAKE round one: KKP1: no second point data read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA -ECJPAKE round one: KKP1: unknow second point format +ECJPAKE round one: KKP1: unknown second point format read_round_one:MBEDTLS_ECJPAKE_CLIENT:"41047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ECJPAKE round one: KKP1: nothing after second point @@ -97,7 +97,7 @@ read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5 ECJPAKE round one: KKP2: no second point data read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b0104":MBEDTLS_ERR_ECP_BAD_INPUT_DATA -ECJPAKE round one: KKP2: unknow second point format +ECJPAKE round one: KKP2: unknown second point format read_round_one:MBEDTLS_ECJPAKE_CLIENT:"4104190a07700ffa4be6ae1d79ee0f06aeb544cd5addaabedf70f8623321332c54f355f0fbfec783ed359e5d0bf7377a0fc4ea7ace473c9c112b41ccd41ac56a56124104360a1cea33fce641156458e0a4eac219e96831e6aebc88b3f3752f93a0281d1bf1fb106051db9694a8d6e862a5ef1324a3d9e27894f1ee4f7c59199965a8dd4a2091847d2d22df3ee55faa2a3fb33fd2d1e055a07a7c61ecfb8d80ec00c2c9eb1241047ea6e3a4487037a9e0dbd79262b2cc273e779930fc18409ac5361c5fe669d702e147790aeb4ce7fd6575ab0f6c7fd1c335939aa863ba37ec91b7e32bb013bb2b410509f85b3d20ebd7885ce464c08d056d6428fe4dd9287aa365f131f4360ff386d846898bc4b41583c2a5197f65d78742746c12a5ec0a4ffe2f270a750a1d8fb516":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ECJPAKE round one: KKP2: nothing after second point @@ -190,7 +190,7 @@ read_round_two_srv:"410469d54ee85e90ce3f1246742de507e939e81d1dc1c5cb988b58c310c9 ECJPAKE round two server: no data read_round_two_srv:"":MBEDTLS_ERR_ECP_BAD_INPUT_DATA -ECJPAKE round two server: length of forst point too small +ECJPAKE round two server: length of first point too small read_round_two_srv:"00":MBEDTLS_ERR_ECP_BAD_INPUT_DATA ECJPAKE round two server: length of first point too big diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.function b/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.function index ab672a8dcb9..16f52b27636 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecjpake.function @@ -63,33 +63,33 @@ static const unsigned char ecjpake_test_X4[] = { }; /* Load my private and public keys, and peer's public keys */ -static int ecjpake_test_load( mbedtls_ecjpake_context *ctx, - const unsigned char *xm1, size_t len_xm1, - const unsigned char *xm2, size_t len_xm2, - const unsigned char *Xm1, size_t len_Xm1, - const unsigned char *Xm2, size_t len_Xm2, - const unsigned char *Xp1, size_t len_Xp1, - const unsigned char *Xp2, size_t len_Xp2 ) +static int ecjpake_test_load(mbedtls_ecjpake_context *ctx, + const unsigned char *xm1, size_t len_xm1, + const unsigned char *xm2, size_t len_xm2, + const unsigned char *Xm1, size_t len_Xm1, + const unsigned char *Xm2, size_t len_Xm2, + const unsigned char *Xp1, size_t len_Xp1, + const unsigned char *Xp2, size_t len_Xp2) { int ret; - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len_xm1 ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len_xm2 ) ); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm1, xm1, len_xm1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ctx->xm2, xm2, len_xm2)); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xm1, Xm1, len_Xm1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xm2, Xm2, len_Xm2 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xp1, Xp1, len_Xp1 ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_point_read_binary( &ctx->grp, - &ctx->Xp2, Xp2, len_Xp2 ) ); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xm1, Xm1, len_Xm1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xm2, Xm2, len_Xm2)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xp1, Xp1, len_Xp1)); + MBEDTLS_MPI_CHK(mbedtls_ecp_point_read_binary(&ctx->grp, + &ctx->Xp2, Xp2, len_Xp2)); cleanup: - return( ret ); + return ret; } -#define ADD_SIZE( x ) x, sizeof( x ) +#define ADD_SIZE(x) x, sizeof(x) #endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */ /* END_HEADER */ @@ -99,99 +99,101 @@ cleanup: */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecjpake_invalid_param( ) +void ecjpake_invalid_param() { mbedtls_ecjpake_context ctx; unsigned char buf[42] = { 0 }; size_t olen; - size_t const len = sizeof( buf ); + size_t const len = sizeof(buf); mbedtls_ecjpake_role valid_role = MBEDTLS_ECJPAKE_SERVER; mbedtls_ecjpake_role invalid_role = (mbedtls_ecjpake_role) 42; mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1; - TEST_INVALID_PARAM( mbedtls_ecjpake_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecjpake_free( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( NULL, - valid_role, - valid_md, - valid_group, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( &ctx, - invalid_role, - valid_md, - valid_group, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_setup( &ctx, - valid_role, - valid_md, - valid_group, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_check( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_one( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_write_round_two( &ctx, buf, len, &olen, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_one( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( NULL, - buf, len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_read_round_two( &ctx, - NULL, len ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( NULL, buf, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, NULL, len, &olen, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecjpake_derive_secret( &ctx, buf, len, &olen, NULL, NULL ) ); + mbedtls_ecjpake_init(&ctx); + + TEST_INVALID_PARAM(mbedtls_ecjpake_init(NULL)); + TEST_VALID_PARAM(mbedtls_ecjpake_free(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(NULL, + valid_role, + valid_md, + valid_group, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(&ctx, + invalid_role, + valid_md, + valid_group, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_setup(&ctx, + valid_role, + valid_md, + valid_group, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_check(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_one(&ctx, buf, len, &olen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_write_round_two(&ctx, buf, len, &olen, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_one(NULL, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_one(&ctx, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_two(NULL, + buf, len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_read_round_two(&ctx, + NULL, len)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(NULL, buf, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, NULL, len, &olen, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, buf, len, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecjpake_derive_secret(&ctx, buf, len, &olen, NULL, NULL)); exit: return; @@ -199,98 +201,102 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ecjpake_selftest( ) +void ecjpake_selftest() { - TEST_ASSERT( mbedtls_ecjpake_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_bad_md( data_t *msg ) +void read_bad_md(data_t *msg) { mbedtls_ecjpake_context corrupt_ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; int any_role = MBEDTLS_ECJPAKE_CLIENT; - mbedtls_ecjpake_init( &corrupt_ctx ); - TEST_ASSERT( mbedtls_ecjpake_setup( &corrupt_ctx, any_role, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + mbedtls_ecjpake_init(&corrupt_ctx); + TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); corrupt_ctx.md_info = NULL; - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &corrupt_ctx, msg->x, - msg->len ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&corrupt_ctx, msg->x, + msg->len) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); exit: - mbedtls_ecjpake_free( &corrupt_ctx ); + mbedtls_ecjpake_free(&corrupt_ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_one( int role, data_t * msg, int ref_ret ) +void read_round_one(int role, data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, role, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_one( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_one(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_two_cli( data_t * msg, int ref_ret ) +void read_round_two_cli(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_CLIENT, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( ecjpake_test_load( &ctx, - ADD_SIZE( ecjpake_test_x1 ), ADD_SIZE( ecjpake_test_x2 ), - ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ), - ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ) ) - == 0 ); + TEST_ASSERT(ecjpake_test_load(&ctx, + ADD_SIZE(ecjpake_test_x1), ADD_SIZE(ecjpake_test_x2), + ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2), + ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4)) + == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void read_round_two_srv( data_t * msg, int ref_ret ) +void read_round_two_srv(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; - const unsigned char * pw = NULL; + const unsigned char *pw = NULL; const size_t pw_len = 0; - mbedtls_ecjpake_init( &ctx ); + mbedtls_ecjpake_init(&ctx); - TEST_ASSERT( mbedtls_ecjpake_setup( &ctx, MBEDTLS_ECJPAKE_SERVER, - MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, pw_len ) == 0 ); + TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER, + MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, + pw_len) == 0); - TEST_ASSERT( ecjpake_test_load( &ctx, - ADD_SIZE( ecjpake_test_x3 ), ADD_SIZE( ecjpake_test_x4 ), - ADD_SIZE( ecjpake_test_X3 ), ADD_SIZE( ecjpake_test_X4 ), - ADD_SIZE( ecjpake_test_X1 ), ADD_SIZE( ecjpake_test_X2 ) ) - == 0 ); + TEST_ASSERT(ecjpake_test_load(&ctx, + ADD_SIZE(ecjpake_test_x3), ADD_SIZE(ecjpake_test_x4), + ADD_SIZE(ecjpake_test_X3), ADD_SIZE(ecjpake_test_X4), + ADD_SIZE(ecjpake_test_X1), ADD_SIZE(ecjpake_test_X2)) + == 0); - TEST_ASSERT( mbedtls_ecjpake_read_round_two( &ctx, msg->x, msg->len ) == ref_ret ); + TEST_ASSERT(mbedtls_ecjpake_read_round_two(&ctx, msg->x, msg->len) == ref_ret); exit: - mbedtls_ecjpake_free( &ctx ); + mbedtls_ecjpake_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecp.data b/third_party/mbedtls/repo/tests/suites/test_suite_ecp.data index 79912ebc3d4..6211fb7297f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecp.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecp.data @@ -288,6 +288,58 @@ ECP tls write-read point #2 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED ecp_tls_write_read_point:MBEDTLS_ECP_DP_SECP521R1 +Check ECP group metadata #1 secp192k1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP192K1:192:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffeffffee37":"000000000000000000000000000000000000000000000000":"000000000000000000000000000000000000000000000003":"db4ff10ec057e9ae26b07d0280b7f4341da5d1b1eae06c7d":"9b2f2f6d9c5628a7844163d015be86344082aa88d95e2f9d":"fffffffffffffffffffffffe26f2fc170f69466a74defd8d":18 + +Check ECP group metadata #2 secp192r1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP192R1:192:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffeffffffffffffffff":"":"64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1":"188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012":"07192b95ffc8da78631011ed6b24cdd573f977a11e794811":"ffffffffffffffffffffffff99def836146bc9b1b4d22831":19 + +Check ECP group metadata #3 secp224k1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP224K1:224:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d":"00000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000000000000000000000000005":"a1455b334df099df30fc28a169a467e9e47075a90f7e650eb6b7a45c":"7e089fed7fba344282cafbd6f7e319f7c0b0bd59e2ca4bdb556d61a5":"010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7":20 + +Check ECP group metadata #4 secp224r1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP224R1:224:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"ffffffffffffffffffffffffffffffff000000000000000000000001":"":"b4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4":"b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21":"bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34":"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d":21 + +Check ECP group metadata #5 secp256k1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP256K1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f":"0000000000000000000000000000000000000000000000000000000000000000":"0000000000000000000000000000000000000000000000000000000000000007":"79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798":"483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8":"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141":22 + +Check ECP group metadata #6 secp256r1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP256R1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff":"":"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b":"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296":"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5":"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":23 + +Check ECP group metadata #7 secp384r1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP384R1:384:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff":"":"b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef":"aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7":"3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f":"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973":24 + +Check ECP group metadata #8 secp521r1 (SEC 2) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_SECP521R1:521:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":"0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00":"00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66":"011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650":"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409":25 + +Check ECP group metadata #9 bp256r1 (RFC 5639) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP256R1:256:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377":"7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9":"26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6":"8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262":"547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997":"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7":26 + +Check ECP group metadata #10 bp384r1 (RFC 5639) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP384R1:384:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":"7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826":"04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11":"1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e":"8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315":"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565":27 + +Check ECP group metadata #11 bp512r1 (RFC 5639) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_BP512R1:512:MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3":"7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca":"3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723":"81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822":"7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892":"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069":28 + +Check ECP group metadata #12 curve25519 (RFC 7748) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_CURVE25519:256:MBEDTLS_ECP_TYPE_MONTGOMERY:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":"76d06":"":"9":"":"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed":29 + +Check ECP group metadata #13 curve448 (RFC 7748) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +mbedtls_ecp_group_metadata:MBEDTLS_ECP_DP_CURVE448:448:MBEDTLS_ECP_TYPE_MONTGOMERY:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"262a6":"":"5":"":"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":30 + ECP tls read group #1 (record too short) mbedtls_ecp_tls_read_group:"0313":MBEDTLS_ERR_ECP_BAD_INPUT_DATA:0:0 @@ -622,6 +674,10 @@ ECP point muladd secp256r1 #2 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecp_muladd:MBEDTLS_ECP_DP_SECP256R1:"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1ffffffff20e120e1e1e1e13a4e135157317b79d4ecf329fed4f9eb00dc67dbddae33faca8b6d8a0255b5ce":"01":"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579":"04fab65e09aa5dd948320f86246be1d3fc571e7f799d9005170ed5cc868b67598431a668f96aa9fd0b0eb15f0edf4c7fe1be2885eadcb57e3db4fdd093585d3fa6" +ECP point set zero +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_zero:MBEDTLS_ECP_DP_SECP256R1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579" + ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate) depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecp_test_vec_x:MBEDTLS_ECP_DP_CURVE448:"eb7298a5c0d8c29a1dab27f1a6826300917389449741a974f5bac9d98dc298d46555bce8bae89eeed400584bb046cf75579f51d125498f98":"a01fc432e5807f17530d1288da125b0cd453d941726436c8bbd9c5222c3da7fa639ce03db8d23b274a0721a1aed5227de6e3b731ccf7089b":"ad997351b6106f36b0d1091b929c4c37213e0d2b97e85ebb20c127691d0dad8f1d8175b0723745e639a3cb7044290b99e0e2a0c27a6a301c":"0936f37bc6c1bd07ae3dec7ab5dc06a73ca13242fb343efc72b9d82730b445f3d4b0bd077162a46dcfec6f9b590bfcbcf520cdb029a8b73e":"9d874a5137509a449ad5853040241c5236395435c36424fd560b0cb62b281d285275a740ce32a22dd1740f4aa9161cec95ccc61a18f4ff07" @@ -796,3 +852,55 @@ fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff": # The first call to fix_negative in the test case of issue #4296. ECP fix_negative: #4296.1 fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256 + +ECP check order for SECP192R1 +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831" + +ECP check order for SECP224R1 +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP224R1:"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D" + +ECP check order for SECP256R1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP256R1:"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551" + +ECP check order for SECP384R1 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP384R1:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973" + +ECP check order for SECP521R1 +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP521R1:"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409" + +ECP check order for BP256R1 +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_BP256R1:"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7" + +ECP check order for BP384R1 +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_BP384R1:"8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565" + +ECP check order for BP512R1 +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_BP512R1:"AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069" + +ECP check order for CURVE25519 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed" + +ECP check order for SECP192K1 +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP192K1:"fffffffffffffffffffffffe26f2fc170f69466a74defd8d" + +ECP check order for SECP224K1 +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP224K1:"10000000000000000000000000001dce8d2ec6184caf0a971769fb1f7" + +ECP check order for SECP256K1 +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_SECP256K1:"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141" + +ECP check order for CURVE448 +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_check_order:MBEDTLS_ECP_DP_CURVE448:"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ecp.function b/third_party/mbedtls/repo/tests/suites/test_suite_ecp.function index 538c648c97d..b1340614567 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ecp.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ecp.function @@ -1,20 +1,74 @@ /* BEGIN_HEADER */ #include "mbedtls/ecp.h" +#include "mbedtls/ecdsa.h" +#include "mbedtls/ecdh.h" #include "ecp_invasive.h" #if defined(MBEDTLS_TEST_HOOKS) && \ - ( defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) ) + (defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)) #define HAVE_FIX_NEGATIVE #endif #define ECP_PF_UNKNOWN -1 -#define ECP_PT_RESET( x ) \ - mbedtls_ecp_point_free( x ); \ - mbedtls_ecp_point_init( x ); +#define ECP_PT_RESET(x) \ + mbedtls_ecp_point_free(x); \ + mbedtls_ecp_point_init(x); + +/* Auxiliary function to compare two mbedtls_ecp_group objects. */ +inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1, + mbedtls_ecp_group *grp2) +{ + if (mbedtls_mpi_cmp_mpi(&grp1->P, &grp2->P) != 0) { + return 1; + } + if (mbedtls_mpi_cmp_mpi(&grp1->A, &grp2->A) != 0) { + return 1; + } + if (mbedtls_mpi_cmp_mpi(&grp1->B, &grp2->B) != 0) { + return 1; + } + if (mbedtls_mpi_cmp_mpi(&grp1->N, &grp2->N) != 0) { + return 1; + } + if (mbedtls_ecp_point_cmp(&grp1->G, &grp2->G) != 0) { + return 1; + } + if (grp1->id != grp2->id) { + return 1; + } + if (grp1->pbits != grp2->pbits) { + return 1; + } + if (grp1->nbits != grp2->nbits) { + return 1; + } + if (grp1->h != grp2->h) { + return 1; + } + if (grp1->modp != grp2->modp) { + return 1; + } + if (grp1->t_pre != grp2->t_pre) { + return 1; + } + if (grp1->t_post != grp2->t_post) { + return 1; + } + if (grp1->t_data != grp2->t_data) { + return 1; + } + /* Here we should not compare T and T_size as the value of T is + * always NULL for Montgomery curves and for Weierstrass curves + * it will be NULL until ecp_mul is called. After calling ecp_mul, + * the value will be unique (dynamically allocated). + */ + + return 0; +} /* END_HEADER */ @@ -24,14 +78,14 @@ */ /* BEGIN_CASE */ -void ecp_valid_param( ) +void ecp_valid_param() { - TEST_VALID_PARAM( mbedtls_ecp_group_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_keypair_free( NULL ) ); - TEST_VALID_PARAM( mbedtls_ecp_point_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecp_group_free(NULL)); + TEST_VALID_PARAM(mbedtls_ecp_keypair_free(NULL)); + TEST_VALID_PARAM(mbedtls_ecp_point_free(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_ecp_restart_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_ecp_restart_free(NULL)); #endif /* MBEDTLS_ECP_RESTARTABLE */ exit: @@ -40,7 +94,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void ecp_invalid_param( ) +void ecp_invalid_param() { mbedtls_ecp_group grp; mbedtls_ecp_keypair kp; @@ -57,313 +111,316 @@ void ecp_invalid_param( ) mbedtls_ecp_restart_ctx restart_ctx; #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM( mbedtls_ecp_point_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_keypair_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_group_init( NULL ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); + + TEST_INVALID_PARAM(mbedtls_ecp_point_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_keypair_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_group_init(NULL)); #if defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_ecp_restart_init( NULL ) ); - TEST_INVALID_PARAM( mbedtls_ecp_check_budget( NULL, &restart_ctx, 42 ) ); + TEST_INVALID_PARAM(mbedtls_ecp_restart_init(NULL)); + TEST_INVALID_PARAM(mbedtls_ecp_check_budget(NULL, &restart_ctx, 42)); #endif /* MBEDTLS_ECP_RESTARTABLE */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_copy( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( NULL, &grp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_copy( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( NULL, - &m, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_privkey( &grp, - &m, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_set_zero( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_is_zero( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_cmp( &P, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( NULL, 2, - x, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - NULL, x ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_string( &P, 2, - x, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( NULL, &P, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, NULL, - valid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - invalid_fmt, - &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_write_binary( &grp, &P, - valid_fmt, - &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( NULL, &P, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, NULL, buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_point_read_binary( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( NULL, &P, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, &null_buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_point( &grp, &P, NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( NULL, &P, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, NULL, - valid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - invalid_fmt, - &olen, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - NULL, - buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_point( &grp, &P, - valid_fmt, - &olen, - NULL, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_group_load( NULL, valid_group ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group( &grp, &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( NULL, - (const unsigned char **) &buf, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, NULL, - sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_read_group_id( &valid_group, - &null_buf, - sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( NULL, &olen, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_tls_write_group( &grp, &olen, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_mul_restartable( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, - NULL , NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( NULL, &P, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, NULL, &m, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, NULL, &P, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, NULL, - &m, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd( &grp, &P, &m, &P, - &m, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( NULL, &P, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, NULL, &m, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, NULL, &P, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, NULL, - &m, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - NULL, &P, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_muladd_restartable( &grp, &P, &m, &P, - &m, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( NULL, &P ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pubkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( NULL, &kp ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_pub_priv( &kp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( NULL, &m ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_check_privkey( &grp, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( NULL, &P, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, NULL, &m, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, NULL, &P, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, NULL, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair_base( &grp, &P, &m, &P, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( NULL, - &m, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - NULL, &P, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_keypair( &grp, - &m, &P, - NULL, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, NULL, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_ECP_BAD_INPUT_DATA, - mbedtls_ecp_gen_key( valid_group, &kp, - NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_copy(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_copy(&P, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_copy(NULL, &grp)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_copy(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(NULL, + &m, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(&grp, + NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_privkey(&grp, + &m, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_set_zero(NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_is_zero(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_cmp(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_cmp(&P, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(NULL, 2, + x, x)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(&P, 2, + NULL, x)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_string(&P, 2, + x, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(NULL, &P, + valid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, NULL, + valid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + invalid_fmt, + &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + valid_fmt, + NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_write_binary(&grp, &P, + valid_fmt, + &olen, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(NULL, &P, buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(&grp, NULL, buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_point_read_binary(&grp, &P, NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(NULL, &P, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, &P, &null_buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_point(&grp, &P, NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(NULL, &P, + valid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, NULL, + valid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + invalid_fmt, + &olen, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + valid_fmt, + NULL, + buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_point(&grp, &P, + valid_fmt, + &olen, + NULL, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_group_load(NULL, valid_group)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(&grp, NULL, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group(&grp, &null_buf, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(NULL, + (const unsigned char **) &buf, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(&valid_group, NULL, + sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_read_group_id(&valid_group, + &null_buf, + sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(NULL, &olen, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(&grp, NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_tls_write_group(&grp, &olen, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_mul_restartable(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(NULL, &P, &m, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, NULL, &m, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, NULL, &P, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, NULL, + &m, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, &P, + NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd(&grp, &P, &m, &P, + &m, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(NULL, &P, &m, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, NULL, &m, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, NULL, &P, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, NULL, + &m, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P, + NULL, &P, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_muladd_restartable(&grp, &P, &m, &P, + &m, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pubkey(NULL, &P)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pubkey(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pub_priv(NULL, &kp)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_pub_priv(&kp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_privkey(NULL, &m)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_check_privkey(&grp, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(NULL, &P, &m, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, NULL, &m, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, NULL, &P, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, &m, NULL, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair_base(&grp, &P, &m, &P, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(NULL, + &m, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + NULL, &P, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + &m, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_keypair(&grp, + &m, &P, + NULL, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_key(valid_group, NULL, + mbedtls_test_rnd_std_rand, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, + mbedtls_ecp_gen_key(valid_group, &kp, + NULL, NULL)); exit: return; @@ -371,55 +428,55 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_curve_info( int id, int tls_id, int size, char * name ) +void mbedtls_ecp_curve_info(int id, int tls_id, int size, char *name) { const mbedtls_ecp_curve_info *by_id, *by_tls, *by_name; - by_id = mbedtls_ecp_curve_info_from_grp_id( id ); - by_tls = mbedtls_ecp_curve_info_from_tls_id( tls_id ); - by_name = mbedtls_ecp_curve_info_from_name( name ); - TEST_ASSERT( by_id != NULL ); - TEST_ASSERT( by_tls != NULL ); - TEST_ASSERT( by_name != NULL ); + by_id = mbedtls_ecp_curve_info_from_grp_id(id); + by_tls = mbedtls_ecp_curve_info_from_tls_id(tls_id); + by_name = mbedtls_ecp_curve_info_from_name(name); + TEST_ASSERT(by_id != NULL); + TEST_ASSERT(by_tls != NULL); + TEST_ASSERT(by_name != NULL); - TEST_ASSERT( by_id == by_tls ); - TEST_ASSERT( by_id == by_name ); + TEST_ASSERT(by_id == by_tls); + TEST_ASSERT(by_id == by_name); - TEST_ASSERT( by_id->bit_size == size ); - TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BITS ); - TEST_ASSERT( size <= MBEDTLS_ECP_MAX_BYTES * 8 ); + TEST_ASSERT(by_id->bit_size == size); + TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BITS); + TEST_ASSERT(size <= MBEDTLS_ECP_MAX_BYTES * 8); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_check_pub( int grp_id, char * x_hex, char * y_hex, char * z_hex, - int ret ) +void ecp_check_pub(int grp_id, char *x_hex, char *y_hex, char *z_hex, + int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, grp_id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z_hex) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &P) == ret); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &P ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecp_test_vect_restart( int id, - char *dA_str, char *xA_str, char *yA_str, - char *dB_str, char *xZ_str, char *yZ_str, - int max_ops, int min_restarts, int max_restarts ) +void ecp_test_vect_restart(int id, + char *dA_str, char *xA_str, char *yA_str, + char *dB_str, char *xZ_str, char *yZ_str, + int max_ops, int min_restarts, int max_restarts) { /* * Test for early restart. Based on test vectors like ecp_test_vect(), @@ -432,7 +489,7 @@ void ecp_test_vect_restart( int id, * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may * change in the future. A factor 2 is a minimum safety margin. * - * For reference, with mbed TLS 2.4 and default settings, for P-256: + * For reference, with Mbed TLS 2.4 and default settings, for P-256: * - Random point mult: ~3250M * - Cold base point mult: ~3300M * - Hot base point mult: ~1100M @@ -446,75 +503,74 @@ void ecp_test_vect_restart( int id, int cnt_restarts; int ret; - mbedtls_ecp_restart_init( &ctx ); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); - mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ ); + mbedtls_ecp_restart_init(&ctx); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA); + mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0); - mbedtls_ecp_set_max_ops( (unsigned) max_ops ); + mbedtls_ecp_set_max_ops((unsigned) max_ops); /* Base point case */ cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dA, &grp.G, NULL, NULL, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Non-base point case */ - mbedtls_ecp_copy( &P, &R ); + mbedtls_ecp_copy(&P, &R); cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restarts > 0 ) - { - ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restarts > 0) { + ret = mbedtls_ecp_mul_restartable(&grp, &R, &dB, &P, NULL, NULL, &ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecp_restart_free( &ctx ); - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); - mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ ); + mbedtls_ecp_restart_free(&ctx); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA); + mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ -void ecp_muladd_restart( int id, char *xR_str, char *yR_str, - char *u1_str, char *u2_str, - char *xQ_str, char *yQ_str, - int max_ops, int min_restarts, int max_restarts ) +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +void ecp_muladd_restart(int id, char *xR_str, char *yR_str, + char *u1_str, char *u2_str, + char *xQ_str, char *yQ_str, + int max_ops, int min_restarts, int max_restarts) { /* * Compute R = u1 * G + u2 * Q @@ -529,246 +585,244 @@ void ecp_muladd_restart( int id, char *xR_str, char *yR_str, int cnt_restarts; int ret; - mbedtls_ecp_restart_init( &ctx ); - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); - mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &yR ); + mbedtls_ecp_restart_init(&ctx); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&u1); mbedtls_mpi_init(&u2); + mbedtls_mpi_init(&xR); mbedtls_mpi_init(&yR); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &u1, 16, u1_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &u2, 16, u2_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xR, 16, xR_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yR, 16, yR_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&u1, u1_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&u2, u2_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xR, xR_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yR, yR_str) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, 16, xQ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, 16, yQ_str ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&Q.X, xQ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q.Y, yQ_str) == 0); + TEST_ASSERT(mbedtls_mpi_lset(&Q.Z, 1) == 0); - mbedtls_ecp_set_max_ops( (unsigned) max_ops ); + mbedtls_ecp_set_max_ops((unsigned) max_ops); cnt_restarts = 0; do { - ECP_PT_RESET( &R ); - ret = mbedtls_ecp_muladd_restartable( &grp, &R, - &u1, &grp.G, &u2, &Q, &ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts ); + ECP_PT_RESET(&R); + ret = mbedtls_ecp_muladd_restartable(&grp, &R, + &u1, &grp.G, &u2, &Q, &ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xR ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yR ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xR) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yR) == 0); - TEST_ASSERT( cnt_restarts >= min_restarts ); - TEST_ASSERT( cnt_restarts <= max_restarts ); + TEST_ASSERT(cnt_restarts >= min_restarts); + TEST_ASSERT(cnt_restarts <= max_restarts); /* Do we leak memory when aborting an operation? * This test only makes sense when we actually restart */ - if( min_restarts > 0 ) - { - ret = mbedtls_ecp_muladd_restartable( &grp, &R, - &u1, &grp.G, &u2, &Q, &ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restarts > 0) { + ret = mbedtls_ecp_muladd_restartable(&grp, &R, + &u1, &grp.G, &u2, &Q, &ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_ecp_restart_free( &ctx ); - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); - mbedtls_mpi_free( &xR ); mbedtls_mpi_free( &yR ); + mbedtls_ecp_restart_free(&ctx); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&u1); mbedtls_mpi_free(&u2); + mbedtls_mpi_free(&xR); mbedtls_mpi_free(&yR); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_vect( int id, char * dA_str, char * xA_str, char * yA_str, - char * dB_str, char * xB_str, char * yB_str, - char * xZ_str, char * yZ_str ) +void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str, + char *dB_str, char *xB_str, char *yB_str, + char *xZ_str, char *yZ_str) { mbedtls_ecp_group grp; mbedtls_ecp_point R; mbedtls_mpi dA, xA, yA, dB, xB, yB, xZ, yZ; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA ); mbedtls_mpi_init( &dB ); - mbedtls_mpi_init( &xB ); mbedtls_mpi_init( &yB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yB, 16, yB_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); mbedtls_mpi_init(&yA); mbedtls_mpi_init(&dB); + mbedtls_mpi_init(&xB); mbedtls_mpi_init(&yB); mbedtls_mpi_init(&xZ); mbedtls_mpi_init(&yZ); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); + + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yA, yA_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yB, yB_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xZ, xZ_str) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&yZ, yZ_str) == 0); + + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yA) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yB) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xZ) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.Y, &yZ) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); mbedtls_mpi_free( &yA ); mbedtls_mpi_free( &dB ); - mbedtls_mpi_free( &xB ); mbedtls_mpi_free( &yB ); mbedtls_mpi_free( &xZ ); mbedtls_mpi_free( &yZ ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); mbedtls_mpi_free(&yA); mbedtls_mpi_free(&dB); + mbedtls_mpi_free(&xB); mbedtls_mpi_free(&yB); mbedtls_mpi_free(&xZ); mbedtls_mpi_free(&yZ); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_vec_x( int id, char * dA_hex, char * xA_hex, char * dB_hex, - char * xB_hex, char * xS_hex ) +void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex, + char *xB_hex, char *xS_hex) { mbedtls_ecp_group grp; mbedtls_ecp_point R; mbedtls_mpi dA, xA, dB, xB, xS; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); - mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xB ); - mbedtls_mpi_init( &xS ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&dA); mbedtls_mpi_init(&xA); + mbedtls_mpi_init(&dB); mbedtls_mpi_init(&xB); + mbedtls_mpi_init(&xS); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &xS, 16, xS_hex ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&dA, dA_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&dB, dB_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xA, xA_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xB, xB_hex) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&xS, xS_hex) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &grp.G, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xA) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &R, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dB, &grp.G, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xB) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &dA, &R, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &R) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R.X, &xS) == 0); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &dA ); mbedtls_mpi_free( &xA ); - mbedtls_mpi_free( &dB ); mbedtls_mpi_free( &xB ); - mbedtls_mpi_free( &xS ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&dA); mbedtls_mpi_free(&xA); + mbedtls_mpi_free(&dB); mbedtls_mpi_free(&xB); + mbedtls_mpi_free(&xS); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_mul( int id, data_t * n_hex, - data_t * Px_hex, data_t * Py_hex, data_t * Pz_hex, - data_t * nPx_hex, data_t * nPy_hex, data_t * nPz_hex, - int expected_ret ) +void ecp_test_mul(int id, data_t *n_hex, + data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex, + data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex, + int expected_ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P, nP, R; mbedtls_mpi n; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &R ); - mbedtls_ecp_point_init( &P ); mbedtls_ecp_point_init( &nP ); - mbedtls_mpi_init( &n ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&R); + mbedtls_ecp_point_init(&P); mbedtls_ecp_point_init(&nP); + mbedtls_mpi_init(&n); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &n, n_hex->x, n_hex->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&n, n_hex->x, n_hex->len) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.X, Px_hex->x, Px_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.Y, Py_hex->x, Py_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &P.Z, Pz_hex->x, Pz_hex->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.X, nPx_hex->x, nPx_hex->len ) - == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Y, nPy_hex->x, nPy_hex->len ) - == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &nP.Z, nPz_hex->x, nPz_hex->len ) - == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.X, Px_hex->x, Px_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.Y, Py_hex->x, Py_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&P.Z, Pz_hex->x, Pz_hex->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.X, nPx_hex->x, nPx_hex->len) + == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Y, nPy_hex->x, nPy_hex->len) + == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&nP.Z, nPz_hex->x, nPz_hex->len) + == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &n, &P, - &mbedtls_test_rnd_pseudo_rand, &rnd_info ) - == expected_ret ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &R, &n, &P, + &mbedtls_test_rnd_pseudo_rand, &rnd_info) + == expected_ret); - if( expected_ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.X, &R.X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Y, &R.Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &nP.Z, &R.Z ) == 0 ); + if (expected_ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.X, &R.X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Y, &R.Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&nP.Z, &R.Z) == 0); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &R ); - mbedtls_ecp_point_free( &P ); mbedtls_ecp_point_free( &nP ); - mbedtls_mpi_free( &n ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&R); + mbedtls_ecp_point_free(&P); mbedtls_ecp_point_free(&nP); + mbedtls_mpi_free(&n); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_test_mul_rng( int id, data_t * d_hex) +void ecp_test_mul_rng(int id, data_t *d_hex) { mbedtls_ecp_group grp; mbedtls_mpi d; mbedtls_ecp_point Q; - mbedtls_ecp_group_init( &grp ); mbedtls_mpi_init( &d ); - mbedtls_ecp_point_init( &Q ); + mbedtls_ecp_group_init(&grp); mbedtls_mpi_init(&d); + mbedtls_ecp_point_init(&Q); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &grp.G) == 0); - TEST_ASSERT( mbedtls_mpi_read_binary( &d, d_hex->x, d_hex->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&d, d_hex->x, d_hex->len) == 0); - TEST_ASSERT( mbedtls_ecp_mul( &grp, &Q, &d, &grp.G, - &mbedtls_test_rnd_zero_rand, NULL ) - == MBEDTLS_ERR_ECP_RANDOM_FAILED ); + TEST_ASSERT(mbedtls_ecp_mul(&grp, &Q, &d, &grp.G, + &mbedtls_test_rnd_zero_rand, NULL) + == MBEDTLS_ERR_ECP_RANDOM_FAILED); exit: - mbedtls_ecp_group_free( &grp ); mbedtls_mpi_free( &d ); - mbedtls_ecp_point_free( &Q ); + mbedtls_ecp_group_free(&grp); mbedtls_mpi_free(&d); + mbedtls_ecp_point_free(&Q); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ -void ecp_muladd( int id, - data_t *u1_bin, data_t *P1_bin, - data_t *u2_bin, data_t *P2_bin, - data_t *expected_result ) +void ecp_muladd(int id, + data_t *u1_bin, data_t *P1_bin, + data_t *u2_bin, data_t *P2_bin, + data_t *expected_result) { /* Compute R = u1 * P1 + u2 * P2 */ mbedtls_ecp_group grp; @@ -777,152 +831,147 @@ void ecp_muladd( int id, uint8_t actual_result[MBEDTLS_ECP_MAX_PT_LEN]; size_t len; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &P1 ); - mbedtls_ecp_point_init( &P2 ); - mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &u1 ); - mbedtls_mpi_init( &u2 ); - - TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, id ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u1, u1_bin->x, u1_bin->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &u2, u2_bin->x, u2_bin->len ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P1, - P1_bin->x, P1_bin->len ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_read_binary( &grp, &P2, - P2_bin->x, P2_bin->len ) ); - - TEST_EQUAL( 0, mbedtls_ecp_muladd( &grp, &R, &u1, &P1, &u2, &P2 ) ); - TEST_EQUAL( 0, mbedtls_ecp_point_write_binary( - &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED, - &len, actual_result, sizeof( actual_result ) ) ); - TEST_ASSERT( len <= MBEDTLS_ECP_MAX_PT_LEN ); - - ASSERT_COMPARE( expected_result->x, expected_result->len, - actual_result, len ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&P1); + mbedtls_ecp_point_init(&P2); + mbedtls_ecp_point_init(&R); + mbedtls_mpi_init(&u1); + mbedtls_mpi_init(&u2); + + TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, id)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&u1, u1_bin->x, u1_bin->len)); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&u2, u2_bin->x, u2_bin->len)); + TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P1, + P1_bin->x, P1_bin->len)); + TEST_EQUAL(0, mbedtls_ecp_point_read_binary(&grp, &P2, + P2_bin->x, P2_bin->len)); + + TEST_EQUAL(0, mbedtls_ecp_muladd(&grp, &R, &u1, &P1, &u2, &P2)); + TEST_EQUAL(0, mbedtls_ecp_point_write_binary( + &grp, &R, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, actual_result, sizeof(actual_result))); + TEST_ASSERT(len <= MBEDTLS_ECP_MAX_PT_LEN); + + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + actual_result, len); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &P1 ); - mbedtls_ecp_point_free( &P2 ); - mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &u1 ); - mbedtls_mpi_free( &u2 ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&P1); + mbedtls_ecp_point_free(&P2); + mbedtls_ecp_point_free(&R); + mbedtls_mpi_free(&u1); + mbedtls_mpi_free(&u2); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_fast_mod( int id, char * N_str ) +void ecp_fast_mod(int id, char *N_str) { mbedtls_ecp_group grp; mbedtls_mpi N, R; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R ); - mbedtls_ecp_group_init( &grp ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&R); + mbedtls_ecp_group_init(&grp); - TEST_ASSERT( mbedtls_test_read_mpi( &N, 16, N_str ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( grp.modp != NULL ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, N_str) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(grp.modp != NULL); /* * Store correct result before we touch N */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &N, &grp.P ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &N, &grp.P) == 0); - TEST_ASSERT( grp.modp( &N ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &N ) <= grp.pbits + 3 ); + TEST_ASSERT(grp.modp(&N) == 0); + TEST_ASSERT(mbedtls_mpi_bitlen(&N) <= grp.pbits + 3); /* * Use mod rather than addition/subtraction in case previous test fails */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &N, &N, &grp.P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &R ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&N, &N, &grp.P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &R) == 0); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &R ); - mbedtls_ecp_group_free( &grp ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&R); + mbedtls_ecp_group_free(&grp); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_write_binary( int id, char * x, char * y, char * z, int format, - data_t * out, int blen, int ret ) +void ecp_write_binary(int id, char *x, char *y, char *z, int format, + data_t *out, int blen, int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; unsigned char buf[256]; size_t olen; - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format, - &olen, buf, blen ) == ret ); + TEST_ASSERT(mbedtls_ecp_point_write_binary(&grp, &P, format, + &olen, buf, blen) == ret); - if( ret == 0 ) - { - TEST_ASSERT( olen <= MBEDTLS_ECP_MAX_PT_LEN ); - TEST_ASSERT( mbedtls_test_hexcmp( buf, out->x, olen, out->len ) == 0 ); + if (ret == 0) { + TEST_ASSERT(olen <= MBEDTLS_ECP_MAX_PT_LEN); + TEST_ASSERT(mbedtls_test_hexcmp(buf, out->x, olen, out->len) == 0); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_read_binary( int id, data_t * buf, char * x, char * y, char * z, - int ret ) +void ecp_read_binary(int id, data_t *buf, char *x, char *y, char *z, + int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; mbedtls_mpi X, Y, Z; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret ); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&grp, &P, buf->x, buf->len) == ret); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 ); - if( mbedtls_ecp_get_type( &grp ) == MBEDTLS_ECP_TYPE_MONTGOMERY ) - { - TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, 0 ) == 0 ); - TEST_ASSERT( P.Y.p == NULL ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &Z, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &P.Z, 1 ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 ); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0); + if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) { + TEST_ASSERT(mbedtls_mpi_cmp_int(&Y, 0) == 0); + TEST_ASSERT(P.Y.p == NULL); + TEST_ASSERT(mbedtls_mpi_cmp_int(&Z, 1) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_int(&P.Z, 1) == 0); + } else { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0); } } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y, - char * z, int ret ) +void mbedtls_ecp_tls_read_point(int id, data_t *buf, char *x, char *y, + char *z, int ret) { mbedtls_ecp_group grp; mbedtls_ecp_point P; @@ -930,33 +979,32 @@ void mbedtls_ecp_tls_read_point( int id, data_t * buf, char * x, char * y, const unsigned char *vbuf = buf->x; - mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &P ); - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); + mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); mbedtls_mpi_init(&Z); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&X, x) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Y, y) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Z, z) == 0); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret ); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &P, &vbuf, buf->len) == ret); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.X, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Y, &Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P.Z, &Z ) == 0 ); - TEST_ASSERT( (uint32_t)( vbuf - buf->x ) == buf->len ); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.X, &X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Y, &Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P.Z, &Z) == 0); + TEST_ASSERT((uint32_t) (vbuf - buf->x) == buf->len); } exit: - mbedtls_ecp_group_free( &grp ); mbedtls_ecp_point_free( &P ); - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); mbedtls_mpi_free(&Z); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_tls_write_read_point( int id ) +void ecp_tls_write_read_point(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point pt; @@ -964,75 +1012,74 @@ void ecp_tls_write_read_point( int id ) const unsigned char *vbuf; size_t olen; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &pt ); - - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G, - MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) - == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &grp.G, - MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.X, &pt.X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Y, &pt.Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp.G.Z, &pt.Z ) == 0 ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt, - MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) ); - TEST_ASSERT( vbuf == buf + olen ); - - memset( buf, 0x00, sizeof( buf ) ); vbuf = buf; - TEST_ASSERT( mbedtls_ecp_set_zero( &pt ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_write_point( &grp, &pt, - MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256 ) == 0 ); - TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &pt, &vbuf, olen ) == 0 ); - TEST_ASSERT( mbedtls_ecp_is_zero( &pt ) ); - TEST_ASSERT( vbuf == buf + olen ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&pt); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G, + MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) + == MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &grp.G, + MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.X, &pt.X) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Y, &pt.Y) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.G.Z, &pt.Z) == 0); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0); + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt, + MBEDTLS_ECP_PF_COMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_ecp_is_zero(&pt)); + TEST_ASSERT(vbuf == buf + olen); + + memset(buf, 0x00, sizeof(buf)); vbuf = buf; + TEST_ASSERT(mbedtls_ecp_set_zero(&pt) == 0); + TEST_ASSERT(mbedtls_ecp_tls_write_point(&grp, &pt, + MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, 256) == 0); + TEST_ASSERT(mbedtls_ecp_tls_read_point(&grp, &pt, &vbuf, olen) == 0); + TEST_ASSERT(mbedtls_ecp_is_zero(&pt)); + TEST_ASSERT(vbuf == buf + olen); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &pt ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&pt); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_tls_read_group( data_t * buf, int result, int bits, - int record_len ) +void mbedtls_ecp_tls_read_group(data_t *buf, int result, int bits, + int record_len) { mbedtls_ecp_group grp; const unsigned char *vbuf = buf->x; int ret; - mbedtls_ecp_group_init( &grp ); + mbedtls_ecp_group_init(&grp); - ret = mbedtls_ecp_tls_read_group( &grp, &vbuf, buf->len ); + ret = mbedtls_ecp_tls_read_group(&grp, &vbuf, buf->len); - TEST_ASSERT( ret == result ); - if( ret == 0) - { - TEST_ASSERT( mbedtls_mpi_bitlen( &grp.P ) == (size_t) bits ); - TEST_ASSERT( vbuf - buf->x == record_len); + TEST_ASSERT(ret == result); + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_bitlen(&grp.P) == (size_t) bits); + TEST_ASSERT(vbuf - buf->x == record_len); } exit: - mbedtls_ecp_group_free( &grp ); + mbedtls_ecp_group_free(&grp); } /* END_CASE */ /* BEGIN_CASE */ -void ecp_tls_write_read_group( int id ) +void ecp_tls_write_read_group(int id) { mbedtls_ecp_group grp1, grp2; unsigned char buf[10]; @@ -1040,237 +1087,357 @@ void ecp_tls_write_read_group( int id ) size_t len; int ret; - mbedtls_ecp_group_init( &grp1 ); - mbedtls_ecp_group_init( &grp2 ); - memset( buf, 0x00, sizeof( buf ) ); + mbedtls_ecp_group_init(&grp1); + mbedtls_ecp_group_init(&grp2); + memset(buf, 0x00, sizeof(buf)); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp1, id) == 0); + + TEST_ASSERT(mbedtls_ecp_tls_write_group(&grp1, &len, buf, 10) == 0); + ret = mbedtls_ecp_tls_read_group(&grp2, &vbuf, len); + TEST_ASSERT(ret == 0); + + if (ret == 0) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp1.N, &grp2.N) == 0); + TEST_ASSERT(grp1.id == grp2.id); + } + +exit: + mbedtls_ecp_group_free(&grp1); + mbedtls_ecp_group_free(&grp2); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C */ +void mbedtls_ecp_group_metadata(int id, int bit_size, int crv_type, + char *P, char *A, char *B, + char *G_x, char *G_y, char *N, + int tls_id) +{ + mbedtls_ecp_group grp, grp_read, grp_cpy; + const mbedtls_ecp_group_id *g_id; + mbedtls_ecp_group_id read_g_id; + const mbedtls_ecp_curve_info *crv, *crv_tls_id, *crv_name; + + mbedtls_mpi exp_P, exp_A, exp_B, exp_G_x, exp_G_y, exp_N; - TEST_ASSERT( mbedtls_ecp_group_load( &grp1, id ) == 0 ); + unsigned char buf[3], ecparameters[3] = { 3, 0, tls_id }; + const unsigned char *vbuf = buf; + size_t olen; + + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_group_init(&grp_read); + mbedtls_ecp_group_init(&grp_cpy); + + mbedtls_mpi_init(&exp_P); + mbedtls_mpi_init(&exp_A); + mbedtls_mpi_init(&exp_B); + mbedtls_mpi_init(&exp_G_x); + mbedtls_mpi_init(&exp_G_y); + mbedtls_mpi_init(&exp_N); + + // Read expected parameters + TEST_EQUAL(mbedtls_test_read_mpi(&exp_P, P), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_A, A), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_x, G_x), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_N, N), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_B, B), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&exp_G_y, G_y), 0); + + // Convert exp_A to internal representation (A+2)/4 + if (crv_type == MBEDTLS_ECP_TYPE_MONTGOMERY) { + TEST_EQUAL(mbedtls_mpi_add_int(&exp_A, &exp_A, 2), 0); + TEST_EQUAL(mbedtls_mpi_div_int(&exp_A, NULL, &exp_A, 4), 0); + } - TEST_ASSERT( mbedtls_ecp_tls_write_group( &grp1, &len, buf, 10 ) == 0 ); - ret = mbedtls_ecp_tls_read_group( &grp2, &vbuf, len ); - TEST_ASSERT( ret == 0 ); + // Load group + TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0); - if( ret == 0 ) - { - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &grp1.N, &grp2.N ) == 0 ); - TEST_ASSERT( grp1.id == grp2.id ); + // Compare group with expected parameters + // A is NULL for SECPxxxR1 curves + // B and G_y are NULL for curve25519 and curve448 + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_P, &grp.P), 0); + if (*A != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_A, &grp.A), 0); + } + if (*B != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_B, &grp.B), 0); + } + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_x, &grp.G.X), 0); + if (*G_y != 0) { + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_G_y, &grp.G.Y), 0); + } + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&exp_N, &grp.N), 0); + + // Load curve info and compare with known values + crv = mbedtls_ecp_curve_info_from_grp_id(id); + TEST_EQUAL(crv->grp_id, id); + TEST_EQUAL(crv->bit_size, bit_size); + TEST_EQUAL(crv->tls_id, tls_id); + + // Load curve from TLS ID and name, and compare IDs + crv_tls_id = mbedtls_ecp_curve_info_from_tls_id(crv->tls_id); + crv_name = mbedtls_ecp_curve_info_from_name(crv->name); + TEST_EQUAL(crv_tls_id->grp_id, id); + TEST_EQUAL(crv_name->grp_id, id); + + // Validate write_group against test data + TEST_EQUAL(mbedtls_ecp_tls_write_group(&grp, &olen, + buf, sizeof(buf)), + 0); + TEST_EQUAL(mbedtls_test_hexcmp(buf, ecparameters, olen, + sizeof(ecparameters)), + 0); + + // Read group from buffer and compare with expected ID + TEST_EQUAL(mbedtls_ecp_tls_read_group_id(&read_g_id, &vbuf, olen), + 0); + TEST_EQUAL(read_g_id, id); + vbuf = buf; + TEST_EQUAL(mbedtls_ecp_tls_read_group(&grp_read, &vbuf, olen), + 0); + TEST_EQUAL(grp_read.id, id); + + // Check curve type, and if it can be used for ECDH/ECDSA + TEST_EQUAL(mbedtls_ecp_get_type(&grp), crv_type); + TEST_EQUAL(mbedtls_ecdh_can_do(id), 1); + TEST_EQUAL(mbedtls_ecdsa_can_do(id), + crv_type == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS); + + // Copy group and compare with original + TEST_EQUAL(mbedtls_ecp_group_copy(&grp_cpy, &grp), 0); + TEST_ASSERT(grp_cpy.T == NULL); + TEST_ASSERT(grp_cpy.T_size == 0); + TEST_EQUAL(mbedtls_ecp_group_cmp(&grp, &grp_cpy), 0); + + // Check curve is in curve list and group ID list + for (crv = mbedtls_ecp_curve_list(); + crv->grp_id != MBEDTLS_ECP_DP_NONE && + crv->grp_id != (unsigned) id; + crv++) { + ; + } + TEST_EQUAL(crv->grp_id, id); + for (g_id = mbedtls_ecp_grp_id_list(); + *g_id != MBEDTLS_ECP_DP_NONE && *g_id != (unsigned) id; + g_id++) { + ; } + TEST_EQUAL(*g_id, (unsigned) id); exit: - mbedtls_ecp_group_free( &grp1 ); - mbedtls_ecp_group_free( &grp2 ); + mbedtls_ecp_group_free(&grp); mbedtls_ecp_group_free(&grp_cpy); + mbedtls_ecp_group_free(&grp_read); + mbedtls_mpi_free(&exp_P); mbedtls_mpi_free(&exp_A); + mbedtls_mpi_free(&exp_B); mbedtls_mpi_free(&exp_G_x); + mbedtls_mpi_free(&exp_G_y); mbedtls_mpi_free(&exp_N); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_check_privkey( int id, char * key_hex, int ret ) +void mbedtls_ecp_check_privkey(int id, char *key_hex, int ret) { mbedtls_ecp_group grp; mbedtls_mpi d; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, key_hex ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&d, key_hex) == 0); - TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == ret); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_mpi_free( &d ); + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&d); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_check_pub_priv( int id_pub, char * Qx_pub, char * Qy_pub, - int id, char * d, char * Qx, char * Qy, - int ret ) +void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub, + int id, char *d, char *Qx, char *Qy, + int ret) { mbedtls_ecp_keypair pub, prv; - mbedtls_ecp_keypair_init( &pub ); - mbedtls_ecp_keypair_init( &prv ); + mbedtls_ecp_keypair_init(&pub); + mbedtls_ecp_keypair_init(&prv); - if( id_pub != MBEDTLS_ECP_DP_NONE ) - TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &pub.Q, 16, Qx_pub, Qy_pub ) == 0 ); + if (id_pub != MBEDTLS_ECP_DP_NONE) { + TEST_ASSERT(mbedtls_ecp_group_load(&pub.grp, id_pub) == 0); + } + TEST_ASSERT(mbedtls_ecp_point_read_string(&pub.Q, 16, Qx_pub, Qy_pub) == 0); - if( id != MBEDTLS_ECP_DP_NONE ) - TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, 16, d ) == 0 ); + if (id != MBEDTLS_ECP_DP_NONE) { + TEST_ASSERT(mbedtls_ecp_group_load(&prv.grp, id) == 0); + } + TEST_ASSERT(mbedtls_ecp_point_read_string(&prv.Q, 16, Qx, Qy) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&prv.d, d) == 0); - TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret ); + TEST_ASSERT(mbedtls_ecp_check_pub_priv(&pub, &prv) == ret); exit: - mbedtls_ecp_keypair_free( &pub ); - mbedtls_ecp_keypair_free( &prv ); + mbedtls_ecp_keypair_free(&pub); + mbedtls_ecp_keypair_free(&prv); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_gen_keypair( int id ) +void mbedtls_ecp_gen_keypair(int id) { mbedtls_ecp_group grp; mbedtls_ecp_point Q; mbedtls_mpi d; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_group_init( &grp ); - mbedtls_ecp_point_init( &Q ); - mbedtls_mpi_init( &d ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&Q); + mbedtls_mpi_init(&d); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); - TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_gen_keypair(&grp, &d, &Q, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &Q ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&grp, &Q) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&grp, &d) == 0); exit: - mbedtls_ecp_group_free( &grp ); - mbedtls_ecp_point_free( &Q ); - mbedtls_mpi_free( &d ); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_gen_key( int id ) +void mbedtls_ecp_gen_key(int id) { mbedtls_ecp_keypair key; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_ecp_keypair_init( &key ); - memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) ); + mbedtls_ecp_keypair_init(&key); + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_ecp_gen_key( id, &key, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info ) == 0 ); + TEST_ASSERT(mbedtls_ecp_gen_key(id, &key, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info) == 0); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &key.grp, &key.Q ) == 0 ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &key.grp, &key.d ) == 0 ); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&key.grp, &key.Q) == 0); + TEST_ASSERT(mbedtls_ecp_check_privkey(&key.grp, &key.d) == 0); exit: - mbedtls_ecp_keypair_free( &key ); + mbedtls_ecp_keypair_free(&key); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected, int canonical ) +void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonical) { int ret = 0; mbedtls_ecp_keypair key; mbedtls_ecp_keypair key2; - mbedtls_ecp_keypair_init( &key ); - mbedtls_ecp_keypair_init( &key2 ); + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_keypair_init(&key2); - ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len ); - TEST_ASSERT( ret == expected ); + ret = mbedtls_ecp_read_key(grp_id, &key, in_key->x, in_key->len); + TEST_ASSERT(ret == expected); - if( expected == 0 ) - { - ret = mbedtls_ecp_check_privkey( &key.grp, &key.d ); - TEST_ASSERT( ret == 0 ); + if (expected == 0) { + ret = mbedtls_ecp_check_privkey(&key.grp, &key.d); + TEST_ASSERT(ret == 0); - if( canonical ) - { + if (canonical) { unsigned char buf[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( &key, buf, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key, buf, in_key->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( in_key->x, in_key->len, - buf, in_key->len ); - } - else - { + TEST_MEMORY_COMPARE(in_key->x, in_key->len, + buf, in_key->len); + } else { unsigned char export1[MBEDTLS_ECP_MAX_BYTES]; unsigned char export2[MBEDTLS_ECP_MAX_BYTES]; - ret = mbedtls_ecp_write_key( &key, export1, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key, export1, in_key->len); + TEST_ASSERT(ret == 0); - ret = mbedtls_ecp_read_key( grp_id, &key2, export1, in_key->len ); - TEST_ASSERT( ret == expected ); + ret = mbedtls_ecp_read_key(grp_id, &key2, export1, in_key->len); + TEST_ASSERT(ret == expected); - ret = mbedtls_ecp_write_key( &key2, export2, in_key->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ecp_write_key(&key2, export2, in_key->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( export1, in_key->len, - export2, in_key->len ); + TEST_MEMORY_COMPARE(export1, in_key->len, + export2, in_key->len); } } exit: - mbedtls_ecp_keypair_free( &key ); - mbedtls_ecp_keypair_free( &key2 ); + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_keypair_free(&key2); } /* END_CASE */ /* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */ -void fix_negative( data_t *N_bin, int c, int bits ) +void fix_negative(data_t *N_bin, int c, int bits) { mbedtls_mpi C, M, N; - mbedtls_mpi_init( &C ); - mbedtls_mpi_init( &M ); - mbedtls_mpi_init( &N ); + mbedtls_mpi_init(&C); + mbedtls_mpi_init(&M); + mbedtls_mpi_init(&N); /* C = - c * 2^bits (positive since c is negative) */ - TEST_EQUAL( 0, mbedtls_mpi_lset( &C, -c ) ); - TEST_EQUAL( 0, mbedtls_mpi_shift_l( &C, bits ) ); + TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c)); + TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits)); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &N, N_bin->x, N_bin->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_grow( &N, C.n ) ); + TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len)); + TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n)); /* M = N - C = - ( C - N ) (expected result of fix_negative) */ - TEST_EQUAL( 0, mbedtls_mpi_sub_mpi( &M, &N, &C ) ); + TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C)); - mbedtls_ecp_fix_negative( &N, c, bits ); + mbedtls_ecp_fix_negative(&N, c, bits); - TEST_EQUAL( 0, mbedtls_mpi_cmp_mpi( &N, &M ) ); + TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M)); exit: - mbedtls_mpi_free( &C ); - mbedtls_mpi_free( &M ); - mbedtls_mpi_free( &N ); + mbedtls_mpi_free(&C); + mbedtls_mpi_free(&M); + mbedtls_mpi_free(&N); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */ -void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected ) +void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) { mbedtls_test_rnd_buf_info rnd_info; mbedtls_mpi d; int ret; uint8_t *actual = NULL; - mbedtls_mpi_init( &d ); + mbedtls_mpi_init(&d); rnd_info.buf = seed->x; rnd_info.length = seed->len; rnd_info.fallback_f_rng = NULL; rnd_info.fallback_p_rng = NULL; - ASSERT_ALLOC( actual, expected->len ); + TEST_CALLOC(actual, expected->len); - ret = mbedtls_ecp_gen_privkey_mx( bits, &d, - mbedtls_test_rnd_buffer_rand, &rnd_info ); + ret = mbedtls_ecp_gen_privkey_mx(bits, &d, + mbedtls_test_rnd_buffer_rand, &rnd_info); - if( expected->len == 0 ) - { + if (expected->len == 0) { /* Expecting an error (happens if there isn't enough randomness) */ - TEST_ASSERT( ret != 0 ); - } - else - { - TEST_EQUAL( ret, 0 ); - TEST_EQUAL( (size_t) bits + 1, mbedtls_mpi_bitlen( &d ) ); - TEST_EQUAL( 0, mbedtls_mpi_write_binary( &d, actual, expected->len ) ); + TEST_ASSERT(ret != 0); + } else { + TEST_EQUAL(ret, 0); + TEST_EQUAL((size_t) bits + 1, mbedtls_mpi_bitlen(&d)); + TEST_EQUAL(0, mbedtls_mpi_write_binary(&d, actual, expected->len)); /* Test the exact result. This assumes that the output of the * RNG is used in a specific way, which is overly constraining. * The advantage is that it's easier to test the expected properties @@ -1281,19 +1448,109 @@ void genkey_mx_known_answer( int bits, data_t *seed, data_t *expected ) * (can be enforced by checking these bits). * - Other bits must be random (by testing with different RNG outputs, * we validate that those bits are indeed influenced by the RNG). */ - ASSERT_COMPARE( expected->x, expected->len, - actual, expected->len ); + TEST_MEMORY_COMPARE(expected->x, expected->len, + actual, expected->len); } exit: - mbedtls_free( actual ); - mbedtls_mpi_free( &d ); + mbedtls_free(actual); + mbedtls_mpi_free(&d); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecp_set_zero(int id, data_t *P_bin) +{ + mbedtls_ecp_group grp; + mbedtls_ecp_point pt, zero_pt, nonzero_pt; + + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point_init(&pt); + mbedtls_ecp_point_init(&zero_pt); + mbedtls_ecp_point_init(&nonzero_pt); + + // Set zero and non-zero points for comparison + TEST_EQUAL(mbedtls_ecp_set_zero(&zero_pt), 0); + TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &nonzero_pt, + P_bin->x, P_bin->len), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&zero_pt), 1); + TEST_EQUAL(mbedtls_ecp_is_zero(&nonzero_pt), 0); + + // Test initialized point + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &zero_pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + + // Test zeroed point + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + + // Set point to non-zero value + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt, + P_bin->x, P_bin->len), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), 0); + + // Test non-zero point + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + + // Test freed non-zero point + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &pt, + P_bin->x, P_bin->len), 0); + mbedtls_ecp_point_free(&pt); + TEST_EQUAL(mbedtls_ecp_set_zero(&pt), 0); + TEST_EQUAL(mbedtls_ecp_is_zero(&pt), 1); + TEST_EQUAL(mbedtls_ecp_point_cmp(&zero_pt, &pt), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&nonzero_pt, &pt), + MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + +exit: + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&pt); + mbedtls_ecp_point_free(&zero_pt); + mbedtls_ecp_point_free(&nonzero_pt); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void ecp_selftest( ) +void ecp_selftest() +{ + TEST_ASSERT(mbedtls_ecp_self_test(1) == 0); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecp_check_order(int id, char *expected_order_hex) { - TEST_ASSERT( mbedtls_ecp_self_test( 1 ) == 0 ); + mbedtls_ecp_group grp; + mbedtls_mpi expected_n; + + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&expected_n); + + TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&expected_n, expected_order_hex) == 0); + + // check sign bits are well-formed (i.e. 1 or -1) - see #5810 + TEST_ASSERT(grp.N.s == -1 || grp.N.s == 1); + TEST_ASSERT(expected_n.s == -1 || expected_n.s == 1); + + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&grp.N, &expected_n) == 0); + +exit: + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&expected_n); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_entropy.function b/third_party/mbedtls/repo/tests/suites/test_suite_entropy.function index e5e88bb35b0..5d8487c5998 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_entropy.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_entropy.function @@ -4,15 +4,13 @@ #include "mbedtls/md.h" #include "string.h" -typedef enum -{ +typedef enum { DUMMY_CONSTANT_LENGTH, /* Output context->length bytes */ DUMMY_REQUESTED_LENGTH, /* Output whatever length was requested */ DUMMY_FAIL, /* Return an error code */ } entropy_dummy_instruction; -typedef struct -{ +typedef struct { entropy_dummy_instruction instruction; size_t length; /* Length to return for DUMMY_CONSTANT_LENGTH */ size_t calls; /* Incremented at each call */ @@ -24,14 +22,13 @@ typedef struct * If data is NULL, write exactly the requested length. * Otherwise, write the length indicated by data or error if negative */ -static int entropy_dummy_source( void *arg, unsigned char *output, - size_t len, size_t *olen ) +static int entropy_dummy_source(void *arg, unsigned char *output, + size_t len, size_t *olen) { entropy_dummy_context *context = arg; ++context->calls; - switch( context->instruction ) - { + switch (context->instruction) { case DUMMY_CONSTANT_LENGTH: *olen = context->length; break; @@ -39,11 +36,11 @@ static int entropy_dummy_source( void *arg, unsigned char *output, *olen = len; break; case DUMMY_FAIL: - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; } - memset( output, 0x2a, *olen ); - return( 0 ); + memset(output, 0x2a, *olen); + return 0; } /* @@ -57,7 +54,7 @@ static int entropy_dummy_source( void *arg, unsigned char *output, * This might break memory checks in the future if sources need 'free-ing' then * as well. */ -static void entropy_clear_sources( mbedtls_entropy_context *ctx ) +static void entropy_clear_sources(mbedtls_entropy_context *ctx) { ctx->source_count = 0; } @@ -68,74 +65,82 @@ static void entropy_clear_sources( mbedtls_entropy_context *ctx ) */ static unsigned char buffer_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; -int buffer_nv_seed_read( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_read(unsigned char *buf, size_t buf_len) { - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - memcpy( buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ); - return( 0 ); + memcpy(buf, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE); + return 0; } -int buffer_nv_seed_write( unsigned char *buf, size_t buf_len ) +int buffer_nv_seed_write(unsigned char *buf, size_t buf_len) { - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - memcpy( buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); - return( 0 ); + memcpy(buffer_seed, buf, MBEDTLS_ENTROPY_BLOCK_SIZE); + return 0; } /* * NV seed read/write helpers that fill the base seedfile */ -static int write_nv_seed( unsigned char *buf, size_t buf_len ) +static int write_nv_seed(unsigned char *buf, size_t buf_len) { FILE *f; - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL ) - return( -1 ); + if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w")) == NULL) { + return -1; + } - if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != - MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != + MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } -int read_nv_seed( unsigned char *buf, size_t buf_len ) +int read_nv_seed(unsigned char *buf, size_t buf_len) { FILE *f; - if( buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (buf_len != MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - if( ( f = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL ) - return( -1 ); + if ((f = fopen(MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb")) == NULL) { + return -1; + } - if( fread( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != - MBEDTLS_ENTROPY_BLOCK_SIZE ) - return( -1 ); + if (fread(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != + MBEDTLS_ENTROPY_BLOCK_SIZE) { + return -1; + } - fclose( f ); + fclose(f); - return( 0 ); + return 0; } #endif /* MBEDTLS_ENTROPY_NV_SEED */ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ENTROPY_C + * depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY * END_DEPENDENCIES */ /* BEGIN_CASE */ -void entropy_init_free( int reinit ) +void entropy_init_free(int reinit) { mbedtls_entropy_context ctx; @@ -143,12 +148,13 @@ void entropy_init_free( int reinit ) * to call mbedtls_entropy_free() unconditionally on an error path without * checking whether it has already been called in the success path. */ - mbedtls_entropy_init( &ctx ); - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_init(&ctx); + mbedtls_entropy_free(&ctx); - if( reinit ) - mbedtls_entropy_init( &ctx ); - mbedtls_entropy_free( &ctx ); + if (reinit) { + mbedtls_entropy_init(&ctx); + } + mbedtls_entropy_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -157,189 +163,190 @@ void entropy_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void entropy_seed_file( char * path, int ret ) +void entropy_seed_file(char *path, int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) == ret); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void entropy_write_base_seed_file( int ret ) +void entropy_write_base_seed_file(int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE ) == ret ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_no_sources( ) +void entropy_no_sources() { mbedtls_entropy_context ctx; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); - TEST_EQUAL( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ), - MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); + TEST_EQUAL(mbedtls_entropy_func(&ctx, buf, sizeof(buf)), + MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_too_many_sources( ) +void entropy_too_many_sources() { mbedtls_entropy_context ctx; size_t i; - entropy_dummy_context dummy = {DUMMY_REQUESTED_LENGTH, 0, 0}; + entropy_dummy_context dummy = { DUMMY_REQUESTED_LENGTH, 0, 0 }; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* * It's hard to tell precisely when the error will occur, * since we don't know how many sources were automatically added. */ - for( i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++ ) - (void) mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, - 16, MBEDTLS_ENTROPY_SOURCE_WEAK ); + for (i = 0; i < MBEDTLS_ENTROPY_MAX_SOURCES; i++) { + (void) mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy, + 16, MBEDTLS_ENTROPY_SOURCE_WEAK); + } - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, &dummy, - 16, MBEDTLS_ENTROPY_SOURCE_WEAK ) - == MBEDTLS_ERR_ENTROPY_MAX_SOURCES ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy, + 16, MBEDTLS_ENTROPY_SOURCE_WEAK) + == MBEDTLS_ERR_ENTROPY_MAX_SOURCES); exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG */ -void entropy_func_len( int len, int ret ) +void entropy_func_len(int len, int ret) { mbedtls_entropy_context ctx; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 }; unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE + 10] = { 0 }; size_t i, j; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); /* * See comments in mbedtls_entropy_self_test() */ - for( i = 0; i < 8; i++ ) - { - TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, len ) == ret ); - for( j = 0; j < sizeof( buf ); j++ ) + for (i = 0; i < 8; i++) { + TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, len) == ret); + for (j = 0; j < sizeof(buf); j++) { acc[j] |= buf[j]; + } } - if( ret == 0 ) - for( j = 0; j < (size_t) len; j++ ) - TEST_ASSERT( acc[j] != 0 ); + if (ret == 0) { + for (j = 0; j < (size_t) len; j++) { + TEST_ASSERT(acc[j] != 0); + } + } - for( j = len; j < sizeof( buf ); j++ ) - TEST_ASSERT( acc[j] == 0 ); + for (j = len; j < sizeof(buf); j++) { + TEST_ASSERT(acc[j] == 0); + } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_source_fail( char * path ) +void entropy_source_fail(char *path) { mbedtls_entropy_context ctx; unsigned char buf[16]; - entropy_dummy_context dummy = {DUMMY_FAIL, 0, 0}; + entropy_dummy_context dummy = { DUMMY_FAIL, 0, 0 }; - mbedtls_entropy_init( &ctx ); + mbedtls_entropy_init(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy, 16, - MBEDTLS_ENTROPY_SOURCE_WEAK ) - == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy, 16, + MBEDTLS_ENTROPY_SOURCE_WEAK) + == 0); - TEST_ASSERT( mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - TEST_ASSERT( mbedtls_entropy_gather( &ctx ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT(mbedtls_entropy_func(&ctx, buf, sizeof(buf)) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); + TEST_ASSERT(mbedtls_entropy_gather(&ctx) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); #if defined(MBEDTLS_FS_IO) && defined(MBEDTLS_ENTROPY_NV_SEED) - TEST_ASSERT( mbedtls_entropy_write_seed_file( &ctx, path ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - TEST_ASSERT( mbedtls_entropy_update_seed_file( &ctx, path ) - == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); + TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) + == MBEDTLS_ERR_ENTROPY_SOURCE_FAILED); #else ((void) path); #endif exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_threshold( int threshold, int chunk_size, int result ) +void entropy_threshold(int threshold, int chunk_size, int result) { mbedtls_entropy_context ctx; entropy_dummy_context strong = - {DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0}; - entropy_dummy_context weak = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + { DUMMY_CONSTANT_LENGTH, MBEDTLS_ENTROPY_BLOCK_SIZE, 0 }; + entropy_dummy_context weak = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); /* Set strong source that reaches its threshold immediately and * a weak source whose threshold is a test parameter. */ - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &strong, 1, - MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &weak, threshold, - MBEDTLS_ENTROPY_SOURCE_WEAK ) == 0 ); - - ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); - - if( result >= 0 ) - { - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &strong, 1, + MBEDTLS_ENTROPY_SOURCE_STRONG) == 0); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &weak, threshold, + MBEDTLS_ENTROPY_SOURCE_WEAK) == 0); + + ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf)); + + if (result >= 0) { + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_ENTROPY_NV_SEED) /* If the NV seed functionality is enabled, there are two entropy * updates: before and after updating the NV seed. */ result *= 2; #endif - TEST_ASSERT( weak.calls == (size_t) result ); - } - else - { - TEST_ASSERT( ret == result ); + TEST_ASSERT(weak.calls == (size_t) result); + } else { + TEST_ASSERT(ret == result); } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void entropy_calls( int strength1, int strength2, - int threshold, int chunk_size, - int result ) +void entropy_calls(int strength1, int strength2, + int threshold, int chunk_size, + int result) { /* * if result >= 0: result = expected number of calls to source 1 @@ -347,101 +354,98 @@ void entropy_calls( int strength1, int strength2, */ mbedtls_entropy_context ctx; - entropy_dummy_context dummy1 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; - entropy_dummy_context dummy2 = {DUMMY_CONSTANT_LENGTH, chunk_size, 0}; + entropy_dummy_context dummy1 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; + entropy_dummy_context dummy2 = { DUMMY_CONSTANT_LENGTH, chunk_size, 0 }; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; int ret; - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy1, threshold, - strength1 ) == 0 ); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, entropy_dummy_source, - &dummy2, threshold, - strength2 ) == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy1, threshold, + strength1) == 0); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, + &dummy2, threshold, + strength2) == 0); - ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ); + ret = mbedtls_entropy_func(&ctx, buf, sizeof(buf)); - if( result >= 0 ) - { - TEST_ASSERT( ret == 0 ); + if (result >= 0) { + TEST_ASSERT(ret == 0); #if defined(MBEDTLS_ENTROPY_NV_SEED) /* If the NV seed functionality is enabled, there are two entropy * updates: before and after updating the NV seed. */ result *= 2; #endif - TEST_ASSERT( dummy1.calls == (size_t) result ); - } - else - { - TEST_ASSERT( ret == result ); + TEST_ASSERT(dummy1.calls == (size_t) result); + } else { + TEST_ASSERT(ret == result); } exit: - mbedtls_entropy_free( &ctx ); + mbedtls_entropy_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO */ -void nv_seed_file_create( ) +void nv_seed_file_create() { unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - TEST_ASSERT( write_nv_seed( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(write_nv_seed(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_FS_IO:MBEDTLS_PLATFORM_NV_SEED_ALT */ -void entropy_nv_seed_std_io( ) +void entropy_nv_seed_std_io() { unsigned char io_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(io_seed, 1, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); - mbedtls_platform_set_nv_seed( mbedtls_platform_std_nv_seed_read, - mbedtls_platform_std_nv_seed_write ); + mbedtls_platform_set_nv_seed(mbedtls_platform_std_nv_seed_read, + mbedtls_platform_std_nv_seed_write); /* Check if platform NV read and write manipulate the same data */ - TEST_ASSERT( write_nv_seed( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_nv_seed_read( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == - MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT(write_nv_seed(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_nv_seed_read(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == + MBEDTLS_ENTROPY_BLOCK_SIZE); - TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - memset( check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(check_seed, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); /* Check if platform NV write and raw read manipulate the same data */ - TEST_ASSERT( mbedtls_nv_seed_write( io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == - MBEDTLS_ENTROPY_BLOCK_SIZE ); - TEST_ASSERT( read_nv_seed( check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_nv_seed_write(io_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == + MBEDTLS_ENTROPY_BLOCK_SIZE); + TEST_ASSERT(read_nv_seed(check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - TEST_ASSERT( memcmp( io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(io_seed, check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD_C:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PLATFORM_NV_SEED_ALT */ -void entropy_nv_seed( data_t * read_seed ) +void entropy_nv_seed(data_t *read_seed) { #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); + mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); #elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) const mbedtls_md_info_t *md_info = - mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); #else #error "Unsupported entropy accumulator" #endif mbedtls_md_context_t accumulator; mbedtls_entropy_context ctx; - int (*original_mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) = + int (*original_mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len) = mbedtls_nv_seed_read; - int (*original_mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) = + int (*original_mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len) = mbedtls_nv_seed_write; unsigned char header[2]; @@ -451,80 +455,80 @@ void entropy_nv_seed( data_t * read_seed ) unsigned char check_seed[MBEDTLS_ENTROPY_BLOCK_SIZE]; unsigned char check_entropy[MBEDTLS_ENTROPY_BLOCK_SIZE]; - memset( entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE ); - memset( check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE ); + memset(entropy, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(empty, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_seed, 2, MBEDTLS_ENTROPY_BLOCK_SIZE); + memset(check_entropy, 3, MBEDTLS_ENTROPY_BLOCK_SIZE); // Make sure we read/write NV seed from our buffers - mbedtls_platform_set_nv_seed( buffer_nv_seed_read, buffer_nv_seed_write ); + mbedtls_platform_set_nv_seed(buffer_nv_seed_read, buffer_nv_seed_write); - mbedtls_md_init( &accumulator ); - mbedtls_entropy_init( &ctx ); - entropy_clear_sources( &ctx ); + mbedtls_md_init(&accumulator); + mbedtls_entropy_init(&ctx); + entropy_clear_sources(&ctx); - TEST_ASSERT( mbedtls_entropy_add_source( &ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ) == 0 ); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG) == 0); // Set the initial NV seed to read - TEST_ASSERT( read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE ); - memcpy( buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ); + TEST_ASSERT(read_seed->len >= MBEDTLS_ENTROPY_BLOCK_SIZE); + memcpy(buffer_seed, read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE); // Do an entropy run - TEST_ASSERT( mbedtls_entropy_func( &ctx, entropy, sizeof( entropy ) ) == 0 ); + TEST_ASSERT(mbedtls_entropy_func(&ctx, entropy, sizeof(entropy)) == 0); // Determine what should have happened with manual entropy internal logic // Init accumulator header[1] = MBEDTLS_ENTROPY_BLOCK_SIZE; - TEST_ASSERT( mbedtls_md_setup( &accumulator, md_info, 0 ) == 0 ); + TEST_ASSERT(mbedtls_md_setup(&accumulator, md_info, 0) == 0); // First run for updating write_seed header[0] = 0; - TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); + TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + read_seed->x, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0); - TEST_ASSERT( mbedtls_md_starts( &accumulator ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_md_starts(&accumulator) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + buf, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); - TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - check_seed ) == 0 ); + TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_seed) == 0); // Second run for actual entropy (triggers mbedtls_entropy_update_nv_seed) header[0] = MBEDTLS_ENTROPY_SOURCE_MANUAL; - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - empty, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + empty, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); header[0] = 0; - TEST_ASSERT( mbedtls_md_update( &accumulator, header, 2 ) == 0 ); - TEST_ASSERT( mbedtls_md_update( &accumulator, - check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( mbedtls_md_finish( &accumulator, buf ) == 0 ); + TEST_ASSERT(mbedtls_md_update(&accumulator, header, 2) == 0); + TEST_ASSERT(mbedtls_md_update(&accumulator, + check_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(mbedtls_md_finish(&accumulator, buf) == 0); - TEST_ASSERT( mbedtls_md( md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - check_entropy ) == 0 ); + TEST_ASSERT(mbedtls_md(md_info, buf, MBEDTLS_ENTROPY_BLOCK_SIZE, + check_entropy) == 0); // Check result of both NV file and entropy received with the manual calculations - TEST_ASSERT( memcmp( check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); - TEST_ASSERT( memcmp( check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE ) == 0 ); + TEST_ASSERT(memcmp(check_seed, buffer_seed, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); + TEST_ASSERT(memcmp(check_entropy, entropy, MBEDTLS_ENTROPY_BLOCK_SIZE) == 0); exit: - mbedtls_md_free( &accumulator ); - mbedtls_entropy_free( &ctx ); + mbedtls_md_free(&accumulator); + mbedtls_entropy_free(&ctx); mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */ -void entropy_selftest( int result ) +void entropy_selftest(int result) { - TEST_ASSERT( mbedtls_entropy_self_test( 1 ) == result ); + TEST_ASSERT(mbedtls_entropy_self_test(1) == result); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_error.function b/third_party/mbedtls/repo/tests/suites/test_suite_error.function index 68831ce51d0..4c38ab05f22 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_error.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_error.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE */ -void error_strerror( int code, char * result_str ) +void error_strerror(int code, char *result_str) { char buf[500]; - memset( buf, 0, sizeof( buf ) ); + memset(buf, 0, sizeof(buf)); - mbedtls_strerror( code, buf, 500 ); + mbedtls_strerror(code, buf, 500); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_ASSERT(strcmp(buf, result_str) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_gcm.function b/third_party/mbedtls/repo/tests/suites/test_suite_gcm.function index 9b7b0ee14cc..b0c7bbcf20e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_gcm.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_gcm.function @@ -8,107 +8,114 @@ */ /* BEGIN_CASE */ -void gcm_bad_parameters( int cipher_id, int direction, - data_t *key_str, data_t *src_str, - data_t *iv_str, data_t *add_str, - int tag_len_bits, int gcm_result ) +void gcm_bad_parameters(int cipher_id, int direction, + data_t *key_str, data_t *src_str, + data_t *iv_str, data_t *add_str, + int tag_len_bits, int gcm_result) { unsigned char output[128]; unsigned char tag_output[16]; mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); - memset( output, 0x00, sizeof( output ) ); - memset( tag_output, 0x00, sizeof( tag_output ) ); + memset(output, 0x00, sizeof(output)); + memset(tag_output, 0x00, sizeof(tag_output)); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 ); - TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, direction, src_str->len, iv_str->x, iv_str->len, - add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == gcm_result ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); + TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, direction, src_str->len, iv_str->x, iv_str->len, + add_str->x, add_str->len, src_str->x, output, tag_len, + tag_output) == gcm_result); exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, - data_t * src_str, data_t * iv_str, - data_t * add_str, data_t * dst, - int tag_len_bits, data_t * tag, - int init_result ) +void gcm_encrypt_and_tag(int cipher_id, data_t *key_str, + data_t *src_str, data_t *iv_str, + data_t *add_str, data_t *dst, + int tag_len_bits, data_t *tag, + int init_result) { unsigned char output[128]; unsigned char tag_output[16]; mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); memset(tag_output, 0x00, 16); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result); + if (init_result == 0) { + TEST_ASSERT(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, + iv_str->len, add_str->x, add_str->len, src_str->x, + output, tag_len, tag_output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( tag_output, tag->x, - tag_len, tag->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); + TEST_ASSERT(mbedtls_test_hexcmp(tag_output, tag->x, + tag_len, tag->len) == 0); } exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, - data_t * src_str, data_t * iv_str, - data_t * add_str, int tag_len_bits, - data_t * tag_str, char * result, - data_t * pt_result, int init_result ) +void gcm_decrypt_and_verify(int cipher_id, data_t *key_str, + data_t *src_str, data_t *iv_str, + data_t *add_str, int tag_len_bits, + data_t *tag_str, char *result, + data_t *pt_result, int init_result) { unsigned char output[128]; mbedtls_gcm_context ctx; int ret; size_t tag_len = tag_len_bits / 8; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); - TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == init_result ); - if( init_result == 0 ) - { - ret = mbedtls_gcm_auth_decrypt( &ctx, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, tag_str->x, tag_len, src_str->x, output ); - - if( strcmp( "FAIL", result ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_GCM_AUTH_FAILED ); - } - else - { - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, pt_result->x, - src_str->len, - pt_result->len ) == 0 ); + TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == init_result); + if (init_result == 0) { + ret = mbedtls_gcm_auth_decrypt(&ctx, + src_str->len, + iv_str->x, + iv_str->len, + add_str->x, + add_str->len, + tag_str->x, + tag_len, + src_str->x, + output); + + if (strcmp("FAIL", result) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED); + } else { + TEST_ASSERT(ret == 0); + + TEST_ASSERT(mbedtls_test_hexcmp(output, pt_result->x, + src_str->len, + pt_result->len) == 0); } } exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void gcm_invalid_param( ) +void gcm_invalid_param() { mbedtls_gcm_context ctx; unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }; @@ -117,168 +124,168 @@ void gcm_invalid_param( ) int valid_len = sizeof(valid_buffer); int valid_bitlen = 128, invalid_bitlen = 1; - mbedtls_gcm_init( &ctx ); + mbedtls_gcm_init(&ctx); /* mbedtls_gcm_init() */ - TEST_INVALID_PARAM( mbedtls_gcm_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_gcm_init(NULL)); /* mbedtls_gcm_setkey */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( NULL, valid_cipher, valid_buffer, valid_bitlen ) ); + mbedtls_gcm_setkey(NULL, valid_cipher, valid_buffer, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( &ctx, valid_cipher, NULL, valid_bitlen ) ); + mbedtls_gcm_setkey(&ctx, valid_cipher, NULL, valid_bitlen)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_setkey( &ctx, valid_cipher, valid_buffer, invalid_bitlen ) ); + mbedtls_gcm_setkey(&ctx, valid_cipher, valid_buffer, invalid_bitlen)); /* mbedtls_gcm_crypt_and_tag() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( NULL, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(NULL, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL, - valid_len, valid_buffer ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL, + valid_len, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_crypt_and_tag( &ctx, valid_mode, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer, - valid_len, NULL ) ); + mbedtls_gcm_crypt_and_tag(&ctx, valid_mode, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer, + valid_len, NULL)); /* mbedtls_gcm_auth_decrypt() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_len, - valid_buffer, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - NULL, valid_buffer) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + NULL, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_auth_decrypt( &ctx, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, valid_len, - valid_buffer, NULL) ); + mbedtls_gcm_auth_decrypt(&ctx, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, valid_len, + valid_buffer, NULL)); /* mbedtls_gcm_starts() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( NULL, valid_mode, - valid_buffer, valid_len, - valid_buffer, valid_len ) ); + mbedtls_gcm_starts(NULL, valid_mode, + valid_buffer, valid_len, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - NULL, valid_len, - valid_buffer, valid_len ) ); + mbedtls_gcm_starts(&ctx, valid_mode, + NULL, valid_len, + valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - valid_buffer, valid_len, - NULL, valid_len ) ); + mbedtls_gcm_starts(&ctx, valid_mode, + valid_buffer, valid_len, + NULL, valid_len)); /* mbedtls_gcm_update() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( NULL, valid_len, - valid_buffer, valid_buffer ) ); + mbedtls_gcm_update(NULL, valid_len, + valid_buffer, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - NULL, valid_buffer ) ); + mbedtls_gcm_update(&ctx, valid_len, + NULL, valid_buffer)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - valid_buffer, NULL ) ); + mbedtls_gcm_update(&ctx, valid_len, + valid_buffer, NULL)); /* mbedtls_gcm_finish() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( NULL, valid_buffer, valid_len ) ); + mbedtls_gcm_finish(NULL, valid_buffer, valid_len)); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( &ctx, NULL, valid_len ) ); + mbedtls_gcm_finish(&ctx, NULL, valid_len)); exit: - mbedtls_gcm_free( &ctx ); + mbedtls_gcm_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void gcm_valid_param( ) +void gcm_valid_param() { - TEST_VALID_PARAM( mbedtls_gcm_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_gcm_free(NULL)); exit: return; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void gcm_selftest( ) +/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ +void gcm_selftest() { - TEST_ASSERT( mbedtls_gcm_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_gcm_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_hkdf.function b/third_party/mbedtls/repo/tests/suites/test_suite_hkdf.function index 4c597c3f9d4..f307a7d3048 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_hkdf.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_hkdf.function @@ -9,29 +9,29 @@ */ /* BEGIN_CASE */ -void test_hkdf( int md_alg, data_t *ikm, data_t *salt, data_t *info, - data_t *expected_okm ) +void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info, + data_t *expected_okm) { int ret; unsigned char okm[128] = { '\0' }; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - TEST_ASSERT( expected_okm->len <= sizeof( okm ) ); + TEST_ASSERT(expected_okm->len <= sizeof(okm)); - ret = mbedtls_hkdf( md, salt->x, salt->len, ikm->x, ikm->len, - info->x, info->len, okm, expected_okm->len ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_hkdf(md, salt->x, salt->len, ikm->x, ikm->len, + info->x, info->len, okm, expected_okm->len); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( okm , expected_okm->len, - expected_okm->x, expected_okm->len ); + TEST_MEMORY_COMPARE(okm, expected_okm->len, + expected_okm->x, expected_okm->len); } /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_extract( int md_alg, char *hex_ikm_string, - char *hex_salt_string, char *hex_prk_string ) +void test_hkdf_extract(int md_alg, char *hex_ikm_string, + char *hex_salt_string, char *hex_prk_string) { int ret; unsigned char *ikm = NULL; @@ -40,20 +40,20 @@ void test_hkdf_extract( int md_alg, char *hex_ikm_string, unsigned char *output_prk = NULL; size_t ikm_len, salt_len, prk_len, output_prk_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - output_prk_len = mbedtls_md_get_size( md ); - output_prk = mbedtls_calloc( 1, output_prk_len ); + output_prk_len = mbedtls_md_get_size(md); + output_prk = mbedtls_calloc(1, output_prk_len); - ikm = mbedtls_test_unhexify_alloc( hex_ikm_string, &ikm_len ); - salt = mbedtls_test_unhexify_alloc( hex_salt_string, &salt_len ); - prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len ); + ikm = mbedtls_test_unhexify_alloc(hex_ikm_string, &ikm_len); + salt = mbedtls_test_unhexify_alloc(hex_salt_string, &salt_len); + prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len); - ret = mbedtls_hkdf_extract( md, salt, salt_len, ikm, ikm_len, output_prk ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_hkdf_extract(md, salt, salt_len, ikm, ikm_len, output_prk); + TEST_ASSERT(ret == 0); - ASSERT_COMPARE( output_prk, output_prk_len, prk, prk_len ); + TEST_MEMORY_COMPARE(output_prk, output_prk_len, prk, prk_len); exit: mbedtls_free(ikm); @@ -64,8 +64,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_expand( int md_alg, char *hex_info_string, - char *hex_prk_string, char *hex_okm_string ) +void test_hkdf_expand(int md_alg, char *hex_info_string, + char *hex_prk_string, char *hex_okm_string) { enum { OKM_LEN = 1024 }; int ret; @@ -75,21 +75,21 @@ void test_hkdf_expand( int md_alg, char *hex_info_string, unsigned char *output_okm = NULL; size_t info_len, prk_len, okm_len; - const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md != NULL ); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md != NULL); - output_okm = mbedtls_calloc( OKM_LEN, 1 ); + output_okm = mbedtls_calloc(OKM_LEN, 1); - prk = mbedtls_test_unhexify_alloc( hex_prk_string, &prk_len ); - info = mbedtls_test_unhexify_alloc( hex_info_string, &info_len ); - okm = mbedtls_test_unhexify_alloc( hex_okm_string, &okm_len ); - TEST_ASSERT( prk_len == mbedtls_md_get_size( md ) ); - TEST_ASSERT( okm_len < OKM_LEN ); + prk = mbedtls_test_unhexify_alloc(hex_prk_string, &prk_len); + info = mbedtls_test_unhexify_alloc(hex_info_string, &info_len); + okm = mbedtls_test_unhexify_alloc(hex_okm_string, &okm_len); + TEST_ASSERT(prk_len == mbedtls_md_get_size(md)); + TEST_ASSERT(okm_len < OKM_LEN); - ret = mbedtls_hkdf_expand( md, prk, prk_len, info, info_len, - output_okm, OKM_LEN ); - TEST_ASSERT( ret == 0 ); - ASSERT_COMPARE( output_okm, okm_len, okm, okm_len ); + ret = mbedtls_hkdf_expand(md, prk, prk_len, info, info_len, + output_okm, OKM_LEN); + TEST_ASSERT(ret == 0); + TEST_MEMORY_COMPARE(output_okm, okm_len, okm, okm_len); exit: mbedtls_free(info); @@ -100,7 +100,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_extract_ret( int hash_len, int ret ) +void test_hkdf_extract_ret(int hash_len, int ret) { int output_ret; unsigned char *salt = NULL; @@ -109,17 +109,17 @@ void test_hkdf_extract_ret( int hash_len, int ret ) size_t salt_len, ikm_len; struct mbedtls_md_info_t fake_md_info; - memset( &fake_md_info, 0, sizeof( fake_md_info ) ); + memset(&fake_md_info, 0, sizeof(fake_md_info)); fake_md_info.type = MBEDTLS_MD_NONE; fake_md_info.size = hash_len; - prk = mbedtls_calloc( MBEDTLS_MD_MAX_SIZE, 1 ); + prk = mbedtls_calloc(MBEDTLS_MD_MAX_SIZE, 1); salt_len = 0; ikm_len = 0; - output_ret = mbedtls_hkdf_extract( &fake_md_info, salt, salt_len, - ikm, ikm_len, prk ); - TEST_ASSERT( output_ret == ret ); + output_ret = mbedtls_hkdf_extract(&fake_md_info, salt, salt_len, + ikm, ikm_len, prk); + TEST_ASSERT(output_ret == ret); exit: mbedtls_free(prk); @@ -127,7 +127,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) +void test_hkdf_expand_ret(int hash_len, int prk_len, int okm_len, int ret) { int output_ret; unsigned char *info = NULL; @@ -136,21 +136,23 @@ void test_hkdf_expand_ret( int hash_len, int prk_len, int okm_len, int ret ) size_t info_len; struct mbedtls_md_info_t fake_md_info; - memset( &fake_md_info, 0, sizeof( fake_md_info ) ); + memset(&fake_md_info, 0, sizeof(fake_md_info)); fake_md_info.type = MBEDTLS_MD_NONE; fake_md_info.size = hash_len; info_len = 0; - if (prk_len > 0) - prk = mbedtls_calloc( prk_len, 1 ); + if (prk_len > 0) { + prk = mbedtls_calloc(prk_len, 1); + } - if (okm_len > 0) - okm = mbedtls_calloc( okm_len, 1 ); + if (okm_len > 0) { + okm = mbedtls_calloc(okm_len, 1); + } - output_ret = mbedtls_hkdf_expand( &fake_md_info, prk, prk_len, - info, info_len, okm, okm_len ); - TEST_ASSERT( output_ret == ret ); + output_ret = mbedtls_hkdf_expand(&fake_md_info, prk, prk_len, + info, info_len, okm, okm_len); + TEST_ASSERT(output_ret == ret); exit: mbedtls_free(prk); diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_hmac_drbg.function b/third_party/mbedtls/repo/tests/suites/test_suite_hmac_drbg.function index b83d760d22d..830155a32b0 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_hmac_drbg.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_hmac_drbg.function @@ -2,25 +2,25 @@ #include "mbedtls/hmac_drbg.h" #include "string.h" -typedef struct -{ +typedef struct { unsigned char *p; size_t len; } entropy_ctx; -static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len ) +static int mbedtls_test_entropy_func(void *data, unsigned char *buf, size_t len) { entropy_ctx *ctx = (entropy_ctx *) data; - if( len > ctx->len ) - return( -1 ); + if (len > ctx->len) { + return -1; + } - memcpy( buf, ctx->p, len ); + memcpy(buf, ctx->p, len); ctx->p += len; ctx->len -= len; - return( 0 ); + return 0; } /* END_HEADER */ @@ -30,7 +30,7 @@ static int mbedtls_test_entropy_func( void *data, unsigned char *buf, size_t len */ /* BEGIN_CASE */ -void hmac_drbg_entropy_usage( int md_alg ) +void hmac_drbg_entropy_usage(int md_alg) { unsigned char out[16]; unsigned char buf[1024]; @@ -41,112 +41,111 @@ void hmac_drbg_entropy_usage( int md_alg ) size_t default_entropy_len; size_t expected_consumed_entropy = 0; - mbedtls_hmac_drbg_init( &ctx ); - memset( buf, 0, sizeof( buf ) ); - memset( out, 0, sizeof( out ) ); + mbedtls_hmac_drbg_init(&ctx); + memset(buf, 0, sizeof(buf)); + memset(out, 0, sizeof(out)); - entropy.len = sizeof( buf ); + entropy.len = sizeof(buf); entropy.p = buf; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - if( mbedtls_md_get_size( md_info ) <= 20 ) + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + if (mbedtls_md_get_size(md_info) <= 20) { default_entropy_len = 16; - else if( mbedtls_md_get_size( md_info ) <= 28 ) + } else if (mbedtls_md_get_size(md_info) <= 28) { default_entropy_len = 24; - else + } else { default_entropy_len = 32; + } /* Set reseed interval before seed */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 2 * reps ); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 2 * reps); /* Init must use entropy */ - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &entropy, - NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &entropy, + NULL, 0) == 0); /* default_entropy_len of entropy, plus half as much for the nonce */ expected_consumed_entropy += default_entropy_len * 3 / 2; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* By default, PR is off, and reseed interval was set to * 2 * reps so the next few calls should not use entropy */ - for( i = 0; i < reps; i++ ) - { - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, - buf, 16 ) == 0 ); + for (i = 0; i < reps; i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out) - 4) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out) - 4, + buf, 16) == 0); } - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* While at it, make sure we didn't write past the requested length */ - TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 3] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 2] == 0 ); - TEST_ASSERT( out[sizeof( out ) - 1] == 0 ); + TEST_ASSERT(out[sizeof(out) - 4] == 0); + TEST_ASSERT(out[sizeof(out) - 3] == 0); + TEST_ASSERT(out[sizeof(out) - 2] == 0); + TEST_ASSERT(out[sizeof(out) - 1] == 0); /* There have been 2 * reps calls to random. The next call should reseed */ - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += default_entropy_len; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Set reseed interval after seed */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 4 * reps + 1); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 4 * reps + 1); /* The new few calls should not reseed */ - for( i = 0; i < (2 * reps); i++ ) - { - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, out, sizeof( out ) , - buf, 16 ) == 0 ); + for (i = 0; i < (2 * reps); i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, out, sizeof(out), + buf, 16) == 0); } - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Now enable PR, so the next few calls should all reseed */ - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += default_entropy_len; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); /* Finally, check setting entropy_len */ - mbedtls_hmac_drbg_set_entropy_len( &ctx, 42 ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_entropy_len(&ctx, 42); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += 42; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); - mbedtls_hmac_drbg_set_entropy_len( &ctx, 13 ); - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + mbedtls_hmac_drbg_set_entropy_len(&ctx, 13); + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); expected_consumed_entropy += 13; - TEST_EQUAL( sizeof( buf ) - entropy.len, expected_consumed_entropy ); + TEST_EQUAL(sizeof(buf) - entropy.len, expected_consumed_entropy); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void hmac_drbg_seed_file( int md_alg, char * path, int ret ) +void hmac_drbg_seed_file(int md_alg, char *path, int ret) { const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, - mbedtls_test_rnd_std_rand, NULL, - NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, + mbedtls_test_rnd_std_rand, NULL, + NULL, 0) == 0); - TEST_ASSERT( mbedtls_hmac_drbg_write_seed_file( &ctx, path ) == ret ); - TEST_ASSERT( mbedtls_hmac_drbg_update_seed_file( &ctx, path ) == ret ); + TEST_ASSERT(mbedtls_hmac_drbg_write_seed_file(&ctx, path) == ret); + TEST_ASSERT(mbedtls_hmac_drbg_update_seed_file(&ctx, path) == ret); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_buf( int md_alg ) +void hmac_drbg_buf(int md_alg) { unsigned char out[16]; unsigned char buf[100]; @@ -154,30 +153,31 @@ void hmac_drbg_buf( int md_alg ) mbedtls_hmac_drbg_context ctx; size_t i; - mbedtls_hmac_drbg_init( &ctx ); - memset( buf, 0, sizeof( buf ) ); - memset( out, 0, sizeof( out ) ); + mbedtls_hmac_drbg_init(&ctx); + memset(buf, 0, sizeof(buf)); + memset(out, 0, sizeof(out)); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info, buf, sizeof(buf)) == 0); /* Make sure it never tries to reseed (would segfault otherwise) */ - mbedtls_hmac_drbg_set_reseed_interval( &ctx, 3 ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); + mbedtls_hmac_drbg_set_reseed_interval(&ctx, 3); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); - for( i = 0; i < 30; i++ ) - TEST_ASSERT( mbedtls_hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); + for (i = 0; i < 30; i++) { + TEST_ASSERT(mbedtls_hmac_drbg_random(&ctx, out, sizeof(out)) == 0); + } exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_no_reseed( int md_alg, data_t * entropy, - data_t * custom, data_t * add1, - data_t * add2, data_t * output ) +void hmac_drbg_no_reseed(int md_alg, data_t *entropy, + data_t *custom, data_t *add1, + data_t *add2, data_t *output) { unsigned char data[1024]; unsigned char my_output[512]; @@ -185,111 +185,111 @@ void hmac_drbg_no_reseed( int md_alg, data_t * entropy, const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); /* Test the simplified buffer-based variant */ - memcpy( data, entropy->x, p_entropy.len ); - memcpy( data + p_entropy.len, custom->x, custom->len ); - TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, - data, p_entropy.len + custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); + memcpy(data, entropy->x, p_entropy.len); + memcpy(data + p_entropy.len, custom->x, custom->len); + TEST_ASSERT(mbedtls_hmac_drbg_seed_buf(&ctx, md_info, + data, p_entropy.len + custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); /* Reset context for second run */ - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); /* And now the normal entropy-based variant */ - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_nopr( int md_alg, data_t * entropy, data_t * custom, - data_t * add1, data_t * add2, data_t * add3, - data_t * output ) +void hmac_drbg_nopr(int md_alg, data_t *entropy, data_t *custom, + data_t *add1, data_t *add2, data_t *add3, + data_t *output) { unsigned char my_output[512]; entropy_ctx p_entropy; const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add3->x, add3->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_reseed(&ctx, add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add3->x, add3->len) == 0); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void hmac_drbg_pr( int md_alg, data_t * entropy, data_t * custom, - data_t * add1, data_t * add2, data_t * output ) +void hmac_drbg_pr(int md_alg, data_t *entropy, data_t *custom, + data_t *add1, data_t *add2, data_t *output) { unsigned char my_output[512]; entropy_ctx p_entropy; const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; - mbedtls_hmac_drbg_init( &ctx ); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; p_entropy.len = entropy->len; - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_test_entropy_func, &p_entropy, - custom->x, custom->len ) == 0 ); - mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add1->x, add1->len ) == 0 ); - TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, output->len, - add2->x, add2->len ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_seed(&ctx, md_info, mbedtls_test_entropy_func, &p_entropy, + custom->x, custom->len) == 0); + mbedtls_hmac_drbg_set_prediction_resistance(&ctx, MBEDTLS_HMAC_DRBG_PR_ON); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add1->x, add1->len) == 0); + TEST_ASSERT(mbedtls_hmac_drbg_random_with_add(&ctx, my_output, output->len, + add2->x, add2->len) == 0); - TEST_ASSERT( memcmp( my_output, output->x, output->len ) == 0 ); + TEST_ASSERT(memcmp(my_output, output->x, output->len) == 0); exit: - mbedtls_hmac_drbg_free( &ctx ); + mbedtls_hmac_drbg_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void hmac_drbg_selftest( ) +void hmac_drbg_selftest() { - TEST_ASSERT( mbedtls_hmac_drbg_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_hmac_drbg_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_md.data b/third_party/mbedtls/repo/tests/suites/test_suite_md.data index bdcc8db7b87..1bd31e62b37 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_md.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_md.data @@ -43,1184 +43,1184 @@ md_info:MBEDTLS_MD_SHA512:"SHA512":64 generic mbedtls_md2 Test vector RFC1319 #1 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"":"8350e5a3e24c153df2275c9f80692773" +md_text:MBEDTLS_MD_MD2:"":"8350e5a3e24c153df2275c9f80692773" generic mbedtls_md2 Test vector RFC1319 #2 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" +md_text:MBEDTLS_MD_MD2:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" generic mbedtls_md2 Test vector RFC1319 #3 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb" +md_text:MBEDTLS_MD_MD2:"abc":"da853b0d3f88d99b30283a69e6ded6bb" generic mbedtls_md2 Test vector RFC1319 #4 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0" +md_text:MBEDTLS_MD_MD2:"message digest":"ab4f496bfb2a530b219ff33031fe06b0" generic mbedtls_md2 Test vector RFC1319 #5 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" +md_text:MBEDTLS_MD_MD2:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" generic mbedtls_md2 Test vector RFC1319 #6 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" +md_text:MBEDTLS_MD_MD2:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" generic mbedtls_md2 Test vector RFC1319 #7 depends_on:MBEDTLS_MD2_C -md_text:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" +md_text:MBEDTLS_MD_MD2:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" generic mbedtls_md4 Test vector RFC1320 #1 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0" +md_text:MBEDTLS_MD_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" generic mbedtls_md4 Test vector RFC1320 #2 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24" +md_text:MBEDTLS_MD_MD4:"a":"bde52cb31de33e46245e05fbdbd6fb24" generic mbedtls_md4 Test vector RFC1320 #3 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d" +md_text:MBEDTLS_MD_MD4:"abc":"a448017aaf21d8525fc10ae87aa6729d" generic mbedtls_md4 Test vector RFC1320 #4 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b" +md_text:MBEDTLS_MD_MD4:"message digest":"d9130a8164549fe818874806e1c7014b" generic mbedtls_md4 Test vector RFC1320 #5 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" +md_text:MBEDTLS_MD_MD4:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" generic mbedtls_md4 Test vector RFC1320 #6 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" +md_text:MBEDTLS_MD_MD4:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" generic mbedtls_md4 Test vector RFC1320 #7 depends_on:MBEDTLS_MD4_C -md_text:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" +md_text:MBEDTLS_MD_MD4:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" generic mbedtls_md5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" +md_text:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" generic mbedtls_md5 Test vector RFC1321 #2 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661" +md_text:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661" generic mbedtls_md5 Test vector RFC1321 #3 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72" +md_text:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72" generic mbedtls_md5 Test vector RFC1321 #4 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0" +md_text:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0" generic mbedtls_md5 Test vector RFC1321 #5 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" +md_text:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" generic mbedtls_md5 Test vector RFC1321 #6 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" +md_text:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" generic mbedtls_md5 Test vector RFC1321 #7 depends_on:MBEDTLS_MD5_C -md_text:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" +md_text:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" generic mbedtls_ripemd160 Test vector from paper #1 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +md_text:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic mbedtls_ripemd160 Test vector from paper #2 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" +md_text:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" generic mbedtls_ripemd160 Test vector from paper #3 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" +md_text:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" generic mbedtls_ripemd160 Test vector from paper #4 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" +md_text:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" generic mbedtls_ripemd160 Test vector from paper #5 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" +md_text:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" generic mbedtls_ripemd160 Test vector from paper #6 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" +md_text:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" generic mbedtls_ripemd160 Test vector from paper #7 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" +md_text:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" generic mbedtls_ripemd160 Test vector from paper #8 depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" +md_text:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" generic HMAC-MD2 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" +mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" generic HMAC-MD2 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" +mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" generic HMAC-MD2 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" +mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" generic HMAC-MD4 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" +mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" generic HMAC-MD4 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" +mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" generic HMAC-MD4 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" +mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" generic HMAC-MD5 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" generic HMAC-MD5 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" generic HMAC-MD5 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" HMAC-MD2 Bouncy Castle test #1 depends_on:MBEDTLS_MD2_C -mbedtls_md_hmac:"MD2":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808" +mbedtls_md_hmac:MBEDTLS_MD_MD2:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808" HMAC-MD4 Bouncy Castle test #1 depends_on:MBEDTLS_MD4_C -mbedtls_md_hmac:"MD4":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a" +mbedtls_md_hmac:MBEDTLS_MD_MD4:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a" HMAC-MD5 Bouncy Castle test #1 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc" generic HMAC-MD5 Test Vector RFC2202 #1 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" generic HMAC-MD5 Test Vector RFC2202 #2 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" generic HMAC-MD5 Test Vector RFC2202 #3 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" generic HMAC-MD5 Test Vector RFC2202 #4 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" generic HMAC-MD5 Test Vector RFC2202 #5 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" +mbedtls_md_hmac:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" generic HMAC-MD5 Test Vector RFC2202 #6 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" generic HMAC-MD5 Test Vector RFC2202 #7 depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" generic HMAC-RIPEMD160 Test vector RFC 2286 #1 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" generic HMAC-RIPEMD160 Test vector RFC 2286 #2 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" generic HMAC-RIPEMD160 Test vector RFC 2286 #3 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" generic HMAC-RIPEMD160 Test vector RFC 2286 #4 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" generic HMAC-RIPEMD160 Test vector RFC 2286 #5 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" generic HMAC-RIPEMD160 Test vector RFC 2286 #6 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" generic HMAC-RIPEMD160 Test vector RFC 2286 #7 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" generic multi step mbedtls_md2 Test vector RFC1319 #1 depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C -md_text_multi:"MD2":"":"8350e5a3e24c153df2275c9f80692773" +md_text_multi:MBEDTLS_MD_MD2:"":"8350e5a3e24c153df2275c9f80692773" generic multi step mbedtls_md2 Test vector RFC1319 #2 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" +md_text_multi:MBEDTLS_MD_MD2:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1" generic multi step mbedtls_md2 Test vector RFC1319 #3 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb" +md_text_multi:MBEDTLS_MD_MD2:"abc":"da853b0d3f88d99b30283a69e6ded6bb" generic multi step mbedtls_md2 Test vector RFC1319 #4 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0" +md_text_multi:MBEDTLS_MD_MD2:"message digest":"ab4f496bfb2a530b219ff33031fe06b0" generic multi step mbedtls_md2 Test vector RFC1319 #5 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" +md_text_multi:MBEDTLS_MD_MD2:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b" generic multi step mbedtls_md2 Test vector RFC1319 #6 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" +md_text_multi:MBEDTLS_MD_MD2:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd" generic multi step mbedtls_md2 Test vector RFC1319 #7 depends_on:MBEDTLS_MD2_C -md_text_multi:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" +md_text_multi:MBEDTLS_MD_MD2:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8" generic multi step mbedtls_md4 Test vector RFC1320 #1 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0" +md_text_multi:MBEDTLS_MD_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0" generic multi step mbedtls_md4 Test vector RFC1320 #2 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24" +md_text_multi:MBEDTLS_MD_MD4:"a":"bde52cb31de33e46245e05fbdbd6fb24" generic multi step mbedtls_md4 Test vector RFC1320 #3 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d" +md_text_multi:MBEDTLS_MD_MD4:"abc":"a448017aaf21d8525fc10ae87aa6729d" generic multi step mbedtls_md4 Test vector RFC1320 #4 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b" +md_text_multi:MBEDTLS_MD_MD4:"message digest":"d9130a8164549fe818874806e1c7014b" generic multi step mbedtls_md4 Test vector RFC1320 #5 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" +md_text_multi:MBEDTLS_MD_MD4:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9" generic multi step mbedtls_md4 Test vector RFC1320 #6 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" +md_text_multi:MBEDTLS_MD_MD4:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4" generic multi step mbedtls_md4 Test vector RFC1320 #7 depends_on:MBEDTLS_MD4_C -md_text_multi:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" +md_text_multi:MBEDTLS_MD_MD4:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536" generic multi step mbedtls_md5 Test vector RFC1321 #1 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" +md_text_multi:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" generic multi step mbedtls_md5 Test vector RFC1321 #2 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661" +md_text_multi:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661" generic multi step mbedtls_md5 Test vector RFC1321 #3 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72" +md_text_multi:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72" generic multi step mbedtls_md5 Test vector RFC1321 #4 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0" +md_text_multi:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0" generic multi step mbedtls_md5 Test vector RFC1321 #5 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" +md_text_multi:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" generic multi step mbedtls_md5 Test vector RFC1321 #6 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" +md_text_multi:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" generic multi step mbedtls_md5 Test vector RFC1321 #7 depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" +md_text_multi:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" generic multi step mbedtls_ripemd160 Test vector from paper #1 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +md_text_multi:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic multi step mbedtls_ripemd160 Test vector from paper #2 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" +md_text_multi:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" generic multi step mbedtls_ripemd160 Test vector from paper #3 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" +md_text_multi:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" generic multi step mbedtls_ripemd160 Test vector from paper #4 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" +md_text_multi:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" generic multi step mbedtls_ripemd160 Test vector from paper #5 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" +md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" generic multi step mbedtls_ripemd160 Test vector from paper #6 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" +md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" generic multi step mbedtls_ripemd160 Test vector from paper #7 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" +md_text_multi:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" generic multi step mbedtls_ripemd160 Test vector from paper #8 depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" +md_text_multi:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" generic multi step HMAC-MD2 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" +md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c" generic multi step HMAC-MD2 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" +md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9" generic multi step HMAC-MD2 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD2_C -md_hmac_multi:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" +md_hmac_multi:MBEDTLS_MD_MD2:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365" generic multi step HMAC-MD4 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" +md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f" generic multi step HMAC-MD4 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" +md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc" generic multi step HMAC-MD4 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD4_C -md_hmac_multi:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" +md_hmac_multi:MBEDTLS_MD_MD4:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b" generic multi step HMAC-MD5 Hash File OpenSSL test #1 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" generic multi step HMAC-MD5 Hash File OpenSSL test #2 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" generic multi step HMAC-MD5 Hash File OpenSSL test #3 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" generic multi step HMAC-MD5 Test Vector RFC2202 #1 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" +md_hmac_multi:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" generic multi step HMAC-MD5 Test Vector RFC2202 #2 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" +md_hmac_multi:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" generic multi step HMAC-MD5 Test Vector RFC2202 #3 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" generic multi step HMAC-MD5 Test Vector RFC2202 #4 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" +md_hmac_multi:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" generic multi step HMAC-MD5 Test Vector RFC2202 #5 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" +md_hmac_multi:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" generic multi step HMAC-MD5 Test Vector RFC2202 #6 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" generic multi step HMAC-MD5 Test Vector RFC2202 #7 depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #1 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #2 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #3 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #4 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #5 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #6 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7 depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" generic MD2 Hash file #1 depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8" +mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8" generic MD2 Hash file #2 depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f" +mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f" generic MD2 Hash file #3 depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d" +mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d" generic MD2 Hash file #4 depends_on:MBEDTLS_MD2_C -mbedtls_md_file:"MD2":"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773" +mbedtls_md_file:MBEDTLS_MD_MD2:"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773" generic MD4 Hash file #1 depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9" +mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9" generic MD4 Hash file #2 depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd" +mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd" generic MD4 Hash file #3 depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42" +mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42" generic MD4 Hash file #4 depends_on:MBEDTLS_MD4_C -mbedtls_md_file:"MD4":"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0" +mbedtls_md_file:MBEDTLS_MD_MD4:"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0" generic MD5 Hash file #1 depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415" +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415" generic MD5 Hash file #2 depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0" +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0" generic MD5 Hash file #3 depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920" +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920" generic MD5 Hash file #4 depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e" +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e" generic RIPEMD160 Hash file #0 (from paper) depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528" +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528" generic RIPEMD160 Hash file #1 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6" +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6" generic RIPEMD160 Hash file #2 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f" +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f" generic RIPEMD160 Hash file #3 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48" +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48" generic RIPEMD160 Hash file #4 depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic HMAC-SHA-1 Test Vector FIPS-198a #1 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" generic HMAC-SHA-1 Test Vector FIPS-198a #2 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" generic HMAC-SHA-1 Test Vector FIPS-198a #3 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" generic HMAC-SHA-1 Test Vector FIPS-198a #4 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" generic HMAC-SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" generic HMAC-SHA-1 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" generic HMAC-SHA-1 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" generic HMAC-SHA-1 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" generic HMAC-SHA-1 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" generic HMAC-SHA-1 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" generic HMAC-SHA-1 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" generic HMAC-SHA-224 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" generic HMAC-SHA-224 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" generic HMAC-SHA-224 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" generic HMAC-SHA-224 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" generic HMAC-SHA-224 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" generic HMAC-SHA-224 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" generic HMAC-SHA-224 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" +mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" generic HMAC-SHA-256 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" generic HMAC-SHA-256 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" generic HMAC-SHA-256 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" generic HMAC-SHA-256 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" generic HMAC-SHA-256 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" generic HMAC-SHA-256 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic HMAC-SHA-384 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic HMAC-SHA-384 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic HMAC-SHA-384 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic HMAC-SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic HMAC-SHA-512 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" generic HMAC-SHA-512 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" generic HMAC-SHA-512 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" generic HMAC-SHA-512 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" generic HMAC-SHA-512 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" generic HMAC-SHA-512 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" generic multi step HMAC-SHA-1 Test Vector FIPS-198a #1 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" +md_hmac_multi:MBEDTLS_MD_SHA1:20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" generic multi step HMAC-SHA-1 Test Vector FIPS-198a #2 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" +md_hmac_multi:MBEDTLS_MD_SHA1:20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" generic multi step HMAC-SHA-1 Test Vector FIPS-198a #3 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" +md_hmac_multi:MBEDTLS_MD_SHA1:20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" generic multi step HMAC-SHA-1 Test Vector FIPS-198a #4 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" +md_hmac_multi:MBEDTLS_MD_SHA1:12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" generic multi step HMAC-SHA-1 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA1_C -md_hmac_multi:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" +md_hmac_multi:MBEDTLS_MD_SHA1:10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" +md_hmac_multi:MBEDTLS_MD_SHA224:14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" +md_hmac_multi:MBEDTLS_MD_SHA224:14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" +md_hmac_multi:MBEDTLS_MD_SHA224:14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" +md_hmac_multi:MBEDTLS_MD_SHA224:14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" +md_hmac_multi:MBEDTLS_MD_SHA224:14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" +md_hmac_multi:MBEDTLS_MD_SHA224:28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" +md_hmac_multi:MBEDTLS_MD_SHA224:28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" +md_hmac_multi:MBEDTLS_MD_SHA256:16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" +md_hmac_multi:MBEDTLS_MD_SHA256:16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" +md_hmac_multi:MBEDTLS_MD_SHA256:16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" +md_hmac_multi:MBEDTLS_MD_SHA256:24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" +md_hmac_multi:MBEDTLS_MD_SHA256:24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hmac_multi:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" +md_hmac_multi:MBEDTLS_MD_SHA256:24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" +md_hmac_multi:MBEDTLS_MD_SHA384:32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" +md_hmac_multi:MBEDTLS_MD_SHA384:32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" +md_hmac_multi:MBEDTLS_MD_SHA384:32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" +md_hmac_multi:MBEDTLS_MD_SHA384:48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" +md_hmac_multi:MBEDTLS_MD_SHA384:48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hmac_multi:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" +md_hmac_multi:MBEDTLS_MD_SHA384:48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" +md_hmac_multi:MBEDTLS_MD_SHA512:32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" +md_hmac_multi:MBEDTLS_MD_SHA512:32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" +md_hmac_multi:MBEDTLS_MD_SHA512:32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" +md_hmac_multi:MBEDTLS_MD_SHA512:48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" +md_hmac_multi:MBEDTLS_MD_SHA512:48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C -md_hmac_multi:"SHA512":48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" +md_hmac_multi:MBEDTLS_MD_SHA512:48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" generic SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" +md_hex:MBEDTLS_MD_SHA1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" generic SHA-1 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" +md_hex:MBEDTLS_MD_SHA1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" generic SHA-1 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" +md_hex:MBEDTLS_MD_SHA1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" generic SHA-1 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" +md_hex:MBEDTLS_MD_SHA1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" generic SHA-1 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" +md_hex:MBEDTLS_MD_SHA1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" generic SHA-1 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" +md_hex:MBEDTLS_MD_SHA1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" generic SHA-1 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" +md_hex:MBEDTLS_MD_SHA1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" generic SHA-1 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" +md_hex:MBEDTLS_MD_SHA1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" generic SHA-1 Test Vector NIST CAVS #9 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" +md_hex:MBEDTLS_MD_SHA1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" generic SHA-1 Test Vector NIST CAVS #10 depends_on:MBEDTLS_SHA1_C -md_hex:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" +md_hex:MBEDTLS_MD_SHA1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" generic SHA-224 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" +md_hex:MBEDTLS_MD_SHA224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic SHA-224 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" +md_hex:MBEDTLS_MD_SHA224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" generic SHA-224 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" +md_hex:MBEDTLS_MD_SHA224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" generic SHA-224 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" +md_hex:MBEDTLS_MD_SHA224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" generic SHA-224 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" +md_hex:MBEDTLS_MD_SHA224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" generic SHA-224 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" +md_hex:MBEDTLS_MD_SHA224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" generic SHA-224 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" +md_hex:MBEDTLS_MD_SHA224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" generic SHA-256 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" +md_hex:MBEDTLS_MD_SHA256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" generic SHA-256 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +md_hex:MBEDTLS_MD_SHA256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" generic SHA-256 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" +md_hex:MBEDTLS_MD_SHA256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" generic SHA-256 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" +md_hex:MBEDTLS_MD_SHA256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" generic SHA-256 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" +md_hex:MBEDTLS_MD_SHA256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" generic SHA-256 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" +md_hex:MBEDTLS_MD_SHA256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" generic SHA-256 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -md_hex:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" +md_hex:MBEDTLS_MD_SHA256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic SHA-384 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" +md_hex:MBEDTLS_MD_SHA384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-384 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" +md_hex:MBEDTLS_MD_SHA384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic SHA-384 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" +md_hex:MBEDTLS_MD_SHA384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" +md_hex:MBEDTLS_MD_SHA384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic SHA-384 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" +md_hex:MBEDTLS_MD_SHA384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic SHA-384 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" +md_hex:MBEDTLS_MD_SHA384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic SHA-384 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" +md_hex:MBEDTLS_MD_SHA384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic SHA-384 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" +md_hex:MBEDTLS_MD_SHA384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic SHA-512 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" +md_hex:MBEDTLS_MD_SHA512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" generic SHA-512 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" +md_hex:MBEDTLS_MD_SHA512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" generic SHA-512 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" +md_hex:MBEDTLS_MD_SHA512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" generic SHA-512 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" +md_hex:MBEDTLS_MD_SHA512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" generic SHA-512 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" +md_hex:MBEDTLS_MD_SHA512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" generic SHA-512 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" +md_hex:MBEDTLS_MD_SHA512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" generic SHA-512 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" +md_hex:MBEDTLS_MD_SHA512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" generic SHA-512 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C -md_hex:"SHA512":"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" +md_hex:MBEDTLS_MD_SHA512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" generic multi step SHA-1 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" +md_hex_multi:MBEDTLS_MD_SHA1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" generic multi step SHA-1 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" +md_hex_multi:MBEDTLS_MD_SHA1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15" generic multi step SHA-1 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" +md_hex_multi:MBEDTLS_MD_SHA1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024" generic multi step SHA-1 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" +md_hex_multi:MBEDTLS_MD_SHA1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619" generic multi step SHA-1 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" +md_hex_multi:MBEDTLS_MD_SHA1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253" generic multi step SHA-1 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" +md_hex_multi:MBEDTLS_MD_SHA1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93" generic multi step SHA-1 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" +md_hex_multi:MBEDTLS_MD_SHA1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217" generic multi step SHA-1 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" +md_hex_multi:MBEDTLS_MD_SHA1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19" generic multi step SHA-1 Test Vector NIST CAVS #9 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" +md_hex_multi:MBEDTLS_MD_SHA1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45" generic multi step SHA-1 Test Vector NIST CAVS #10 depends_on:MBEDTLS_SHA1_C -md_hex_multi:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" +md_hex_multi:MBEDTLS_MD_SHA1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" generic multi step SHA-224 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" +md_hex_multi:MBEDTLS_MD_SHA224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic multi step SHA-224 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" +md_hex_multi:MBEDTLS_MD_SHA224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" generic multi step SHA-224 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" +md_hex_multi:MBEDTLS_MD_SHA224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" generic multi step SHA-224 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" +md_hex_multi:MBEDTLS_MD_SHA224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" generic multi step SHA-224 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" +md_hex_multi:MBEDTLS_MD_SHA224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" generic multi step SHA-224 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" +md_hex_multi:MBEDTLS_MD_SHA224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" generic multi step SHA-224 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" +md_hex_multi:MBEDTLS_MD_SHA224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" generic multi step SHA-256 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" +md_hex_multi:MBEDTLS_MD_SHA256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" generic multi step SHA-256 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" +md_hex_multi:MBEDTLS_MD_SHA256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b" generic multi step SHA-256 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" +md_hex_multi:MBEDTLS_MD_SHA256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788" generic multi step SHA-256 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" +md_hex_multi:MBEDTLS_MD_SHA256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803" generic multi step SHA-256 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" +md_hex_multi:MBEDTLS_MD_SHA256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504" generic multi step SHA-256 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" +md_hex_multi:MBEDTLS_MD_SHA256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605" generic multi step SHA-256 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA256_C -md_hex_multi:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" +md_hex_multi:MBEDTLS_MD_SHA256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic multi step SHA-384 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" +md_hex_multi:MBEDTLS_MD_SHA384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic multi step SHA-384 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" +md_hex_multi:MBEDTLS_MD_SHA384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic multi step SHA-384 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" +md_hex_multi:MBEDTLS_MD_SHA384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic multi step SHA-384 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" +md_hex_multi:MBEDTLS_MD_SHA384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic multi step SHA-384 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" +md_hex_multi:MBEDTLS_MD_SHA384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic multi step SHA-384 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" +md_hex_multi:MBEDTLS_MD_SHA384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic multi step SHA-384 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" +md_hex_multi:MBEDTLS_MD_SHA384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic multi step SHA-384 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -md_hex_multi:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" +md_hex_multi:MBEDTLS_MD_SHA384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic multi step SHA-512 Test Vector NIST CAVS #1 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" +md_hex_multi:MBEDTLS_MD_SHA512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" generic multi step SHA-512 Test Vector NIST CAVS #2 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" +md_hex_multi:MBEDTLS_MD_SHA512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a" generic multi step SHA-512 Test Vector NIST CAVS #3 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" +md_hex_multi:MBEDTLS_MD_SHA512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231" generic multi step SHA-512 Test Vector NIST CAVS #4 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" +md_hex_multi:MBEDTLS_MD_SHA512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014" generic multi step SHA-512 Test Vector NIST CAVS #5 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" +md_hex_multi:MBEDTLS_MD_SHA512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f" generic multi step SHA-512 Test Vector NIST CAVS #6 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" +md_hex_multi:MBEDTLS_MD_SHA512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297" generic multi step SHA-512 Test Vector NIST CAVS #7 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" +md_hex_multi:MBEDTLS_MD_SHA512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94" generic multi step SHA-512 Test Vector NIST CAVS #8 depends_on:MBEDTLS_SHA512_C -md_hex_multi:"SHA512":"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" +md_hex_multi:MBEDTLS_MD_SHA512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" generic SHA1 Hash file #1 depends_on:MBEDTLS_SHA1_C -mbedtls_md_file:"SHA1":"data_files/hash_file_1":"d21c965b1e768bd7a6aa6869f5f821901d255f9f" +mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_1":"d21c965b1e768bd7a6aa6869f5f821901d255f9f" generic SHA1 Hash file #2 depends_on:MBEDTLS_SHA1_C -mbedtls_md_file:"SHA1":"data_files/hash_file_2":"353f34271f2aef49d23a8913d4a6bd82b2cecdc6" +mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_2":"353f34271f2aef49d23a8913d4a6bd82b2cecdc6" generic SHA1 Hash file #3 depends_on:MBEDTLS_SHA1_C -mbedtls_md_file:"SHA1":"data_files/hash_file_3":"93640ed592076328096270c756db2fba9c486b35" +mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_3":"93640ed592076328096270c756db2fba9c486b35" generic SHA1 Hash file #4 depends_on:MBEDTLS_SHA1_C -mbedtls_md_file:"SHA1":"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709" +mbedtls_md_file:MBEDTLS_MD_SHA1:"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709" generic SHA-224 Hash file #1 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA224":"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48" +mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48" generic SHA-224 Hash file #2 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA224":"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03" +mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03" generic SHA-224 Hash file #3 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA224":"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe" +mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe" generic SHA-224 Hash file #4 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA224":"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" +mbedtls_md_file:MBEDTLS_MD_SHA224:"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic SHA-256 Hash file #1 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA256":"data_files/hash_file_1":"975d0c620d3936886f8a3665e585a3e84aa0501f4225bf53029710242823e391" +mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_1":"975d0c620d3936886f8a3665e585a3e84aa0501f4225bf53029710242823e391" generic SHA-256 Hash file #2 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA256":"data_files/hash_file_2":"11fcbf1baa36ca45745f10cc5467aee86f066f80ba2c46806d876bf783022ad2" +mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_2":"11fcbf1baa36ca45745f10cc5467aee86f066f80ba2c46806d876bf783022ad2" generic SHA-256 Hash file #3 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA256":"data_files/hash_file_3":"9ae4b369f9f4f03b86505b46a5469542e00aaff7cf7417a71af6d6d0aba3b70c" +mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_3":"9ae4b369f9f4f03b86505b46a5469542e00aaff7cf7417a71af6d6d0aba3b70c" generic SHA-256 Hash file #4 depends_on:MBEDTLS_SHA256_C -mbedtls_md_file:"SHA256":"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" +mbedtls_md_file:MBEDTLS_MD_SHA256:"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" generic SHA-384 Hash file #1 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_file:"SHA384":"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e" +mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e" generic SHA-384 Hash file #2 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_file:"SHA384":"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf" +mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf" generic SHA-384 Hash file #3 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_file:"SHA384":"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4" +mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4" generic SHA-384 Hash file #4 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_md_file:"SHA384":"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" +mbedtls_md_file:MBEDTLS_MD_SHA384:"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-512 Hash file #1 depends_on:MBEDTLS_SHA512_C -mbedtls_md_file:"SHA512":"data_files/hash_file_1":"d8207a2e1ff2b424f2c4163fe1b723c9bd42e464061eb411e8df730bcd24a7ab3956a6f3ff044a52eb2d262f9e4ca6b524092b544ab78f14d6f9c4cc8ddf335a" +mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_1":"d8207a2e1ff2b424f2c4163fe1b723c9bd42e464061eb411e8df730bcd24a7ab3956a6f3ff044a52eb2d262f9e4ca6b524092b544ab78f14d6f9c4cc8ddf335a" generic SHA-512 Hash file #2 depends_on:MBEDTLS_SHA512_C -mbedtls_md_file:"SHA512":"data_files/hash_file_2":"ecbb7f0ed8a702b49f16ad3088bcc06ea93451912a7187db15f64d93517b09630b039293aed418d4a00695777b758b1f381548c2fd7b92ce5ed996b32c8734e7" +mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_2":"ecbb7f0ed8a702b49f16ad3088bcc06ea93451912a7187db15f64d93517b09630b039293aed418d4a00695777b758b1f381548c2fd7b92ce5ed996b32c8734e7" generic SHA-512 Hash file #3 depends_on:MBEDTLS_SHA512_C -mbedtls_md_file:"SHA512":"data_files/hash_file_3":"7ccc9b2da71ffde9966c3ce44d7f20945fccf33b1fade4da152b021f1afcc7293382944aa6c09eac67af25f22026758e2bf6bed86ae2a43592677ee50f8eea41" +mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_3":"7ccc9b2da71ffde9966c3ce44d7f20945fccf33b1fade4da152b021f1afcc7293382944aa6c09eac67af25f22026758e2bf6bed86ae2a43592677ee50f8eea41" generic SHA-512 Hash file #4 depends_on:MBEDTLS_SHA512_C -mbedtls_md_file:"SHA512":"data_files/hash_file_4":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" +mbedtls_md_file:MBEDTLS_MD_SHA512:"data_files/hash_file_4":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_md.function b/third_party/mbedtls/repo/tests/suites/test_suite_md.function index d918ce3b960..308eaa18aaf 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_md.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_md.function @@ -8,366 +8,312 @@ */ /* BEGIN_CASE */ -void mbedtls_md_process( ) +void mbedtls_md_process() { const int *md_type_ptr; const mbedtls_md_info_t *info; mbedtls_md_context_t ctx; unsigned char buf[150]; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); + memset(buf, 0, sizeof(buf)); /* * Very minimal testing of mbedtls_md_process, just make sure the various * xxx_process_wrap() function pointers are valid. (Testing that they - * indeed do the right thing whould require messing with the internal + * indeed do the right thing would require messing with the internal * state of the underlying mbedtls_md/sha context.) * * Also tests that mbedtls_md_list() only returns valid MDs. */ - for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) - { - info = mbedtls_md_info_from_type( *md_type_ptr ); - TEST_ASSERT( info != NULL ); - TEST_ASSERT( mbedtls_md_setup( &ctx, info, 0 ) == 0 ); - TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == 0 ); - mbedtls_md_free( &ctx ); + for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) { + info = mbedtls_md_info_from_type(*md_type_ptr); + TEST_ASSERT(info != NULL); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, info, 0)); + TEST_EQUAL(0, mbedtls_md_starts(&ctx)); + TEST_EQUAL(0, mbedtls_md_process(&ctx, buf)); + mbedtls_md_free(&ctx); } exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void md_null_args( ) +void md_null_args() { mbedtls_md_context_t ctx; - const mbedtls_md_info_t *info = mbedtls_md_info_from_type( *( mbedtls_md_list() ) ); + const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*(mbedtls_md_list())); unsigned char buf[1] = { 0 }; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - TEST_ASSERT( mbedtls_md_get_size( NULL ) == 0 ); - TEST_ASSERT( mbedtls_md_get_type( NULL ) == MBEDTLS_MD_NONE ); - TEST_ASSERT( mbedtls_md_get_name( NULL ) == NULL ); + TEST_EQUAL(0, mbedtls_md_get_size(NULL)); + TEST_EQUAL(mbedtls_md_get_type(NULL), MBEDTLS_MD_NONE); + TEST_ASSERT(mbedtls_md_get_name(NULL) == NULL); - TEST_ASSERT( mbedtls_md_info_from_string( NULL ) == NULL ); + TEST_ASSERT(mbedtls_md_info_from_string(NULL) == NULL); - TEST_ASSERT( mbedtls_md_setup( &ctx, NULL, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_setup( NULL, info, 0 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_setup(&ctx, NULL, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_setup(NULL, info, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_starts( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_starts( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_starts(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_starts(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_update( NULL, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_update( &ctx, buf, 1 ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_update(NULL, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_update(&ctx, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_finish( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_finish( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md( NULL, buf, 1, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md(NULL, buf, 1, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); #if defined(MBEDTLS_FS_IO) - TEST_ASSERT( mbedtls_md_file( NULL, "", buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_file(NULL, "", buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); #endif - TEST_ASSERT( mbedtls_md_hmac_starts( NULL, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_starts( &ctx, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_hmac_starts(NULL, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_starts(&ctx, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_update( NULL, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_update( &ctx, buf, 1 ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_hmac_update(NULL, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_update(&ctx, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_finish( NULL, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_finish( &ctx, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_hmac_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac_reset( NULL ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_hmac_reset( &ctx ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_hmac_reset(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_reset(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_hmac( NULL, buf, 1, buf, 1, buf ) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_md_process( NULL, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); - TEST_ASSERT( mbedtls_md_process( &ctx, buf ) == MBEDTLS_ERR_MD_BAD_INPUT_DATA ); + TEST_EQUAL(mbedtls_md_process(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_process(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); /* Ok, this is not NULL arg but NULL return... */ - TEST_ASSERT( mbedtls_md_info_from_type( MBEDTLS_MD_NONE ) == NULL ); - TEST_ASSERT( mbedtls_md_info_from_string( "no such md" ) == NULL ); + TEST_ASSERT(mbedtls_md_info_from_type(MBEDTLS_MD_NONE) == NULL); + TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL); } /* END_CASE */ /* BEGIN_CASE */ -void md_info( int md_type, char * md_name, int md_size ) +void md_info(int md_type, char *md_name, int md_size) { const mbedtls_md_info_t *md_info; const int *md_type_ptr; int found; - md_info = mbedtls_md_info_from_type( md_type ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT( md_info == mbedtls_md_info_from_string( md_name ) ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + TEST_ASSERT(md_info == mbedtls_md_info_from_string(md_name)); - TEST_ASSERT( mbedtls_md_get_type( md_info ) == (mbedtls_md_type_t) md_type ); - TEST_ASSERT( mbedtls_md_get_size( md_info ) == (unsigned char) md_size ); - TEST_ASSERT( strcmp( mbedtls_md_get_name( md_info ), md_name ) == 0 ); + TEST_EQUAL(mbedtls_md_get_type(md_info), (mbedtls_md_type_t) md_type); + TEST_EQUAL(mbedtls_md_get_size(md_info), (unsigned char) md_size); + TEST_EQUAL(0, strcmp(mbedtls_md_get_name(md_info), md_name)); found = 0; - for( md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++ ) - if( *md_type_ptr == md_type ) + for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) { + if (*md_type_ptr == md_type) { found = 1; - TEST_ASSERT( found == 1 ); + } + } + TEST_EQUAL(found, 1); } /* END_CASE */ /* BEGIN_CASE */ -void md_text( char * text_md_name, char * text_src_string, - data_t * hash ) +void md_text(int md_type, char *text_src_string, data_t *hash) { - char md_name[100]; - unsigned char src_str[1000]; - unsigned char output[100]; + unsigned char *src = (unsigned char *) text_src_string; + size_t src_len = strlen(text_src_string); + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( src_str, 0x00, 1000 ); - memset( output, 0x00, 100 ); - - strncpy( (char *) src_str, text_src_string, sizeof( src_str ) - 1 ); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str, strlen( (char *) src_str ), output ) ); + TEST_EQUAL(0, mbedtls_md(md_info, src, src_len, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex( char * text_md_name, data_t * src_str, data_t * hash ) +void md_hex(int md_type, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + TEST_EQUAL(0, mbedtls_md(md_info, src_str->x, src_str->len, output)); - TEST_ASSERT ( 0 == mbedtls_md( md_info, src_str->x, src_str->len, output ) ); - - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); } /* END_CASE */ /* BEGIN_CASE */ -void md_text_multi( char * text_md_name, char * text_src_string, - data_t * hash ) +void md_text_multi(int md_type, char *text_src_string, + data_t *hash) { - char md_name[100]; - unsigned char src_str[1000]; - unsigned char output[100]; - int halfway, len; + unsigned char *src = (unsigned char *) text_src_string; + size_t src_len = strlen(text_src_string); + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; + size_t halfway; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ctx_copy ); - - memset( md_name, 0x00, 100 ); - memset( src_str, 0x00, 1000 ); - memset( output, 0x00, 100 ); + mbedtls_md_init(&ctx); + mbedtls_md_init(&ctx_copy); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); - strncpy( (char *) md_name, text_md_name, sizeof(md_name) - 1 ); - len = strlen( (char *) src_str ); - halfway = len / 2; + halfway = src_len / 2; - md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0)); - TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) ); + TEST_EQUAL(0, mbedtls_md_starts(&ctx)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src, halfway)); + TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str + halfway, len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len) == 0 ); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src + halfway, src_len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); /* Test clone */ - memset( output, 0x00, 100 ); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str + halfway, len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src + halfway, src_len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); exit: - mbedtls_md_free( &ctx ); - mbedtls_md_free( &ctx_copy ); + mbedtls_md_free(&ctx); + mbedtls_md_free(&ctx_copy); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex_multi( char * text_md_name, data_t * src_str, data_t * hash ) +void md_hex_multi(int md_type, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; int halfway; - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ctx_copy ); + mbedtls_md_init(&ctx); + mbedtls_md_init(&ctx_copy); - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); - - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string(md_name); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 0 ) ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx_copy, md_info, 0 ) ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0)); halfway = src_str->len / 2; - TEST_ASSERT ( 0 == mbedtls_md_starts( &ctx ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_clone( &ctx_copy, &ctx ) ); + TEST_EQUAL(0, mbedtls_md_starts(&ctx)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx, src_str->x + halfway, src_str->len - halfway) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); /* Test clone */ - memset( output, 0x00, 100 ); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT ( 0 == mbedtls_md_update( &ctx_copy, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_finish( &ctx_copy, output ) ); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); exit: - mbedtls_md_free( &ctx ); - mbedtls_md_free( &ctx_copy ); + mbedtls_md_free(&ctx); + mbedtls_md_free(&ctx_copy); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_md_hmac( char * text_md_name, int trunc_size, - data_t * key_str, data_t * src_str, - data_t * hash ) +void mbedtls_md_hmac(int md_type, int trunc_size, + data_t *key_str, data_t *src_str, + data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); - - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT ( mbedtls_md_hmac( md_info, key_str->x, key_str->len, src_str->x, src_str->len, output ) == 0 ); + TEST_EQUAL(0, mbedtls_md_hmac(md_info, key_str->x, key_str->len, + src_str->x, src_str->len, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); } /* END_CASE */ /* BEGIN_CASE */ -void md_hmac_multi( char * text_md_name, int trunc_size, data_t * key_str, - data_t * src_str, data_t * hash ) +void md_hmac_multi(int md_type, int trunc_size, data_t *key_str, + data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx; int halfway; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); - - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_setup( &ctx, md_info, 1 ) ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1)); halfway = src_str->len / 2; - TEST_ASSERT ( 0 == mbedtls_md_hmac_starts( &ctx, key_str->x, key_str->len ) ); - TEST_ASSERT ( ctx.md_ctx != NULL ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) ); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, key_str->x, key_str->len)); + TEST_ASSERT(ctx.md_ctx != NULL); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); /* Test again, for reset() */ - memset( output, 0x00, 100 ); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT ( 0 == mbedtls_md_hmac_reset( &ctx ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x, halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_update( &ctx, src_str->x + halfway, src_str->len - halfway ) ); - TEST_ASSERT ( 0 == mbedtls_md_hmac_finish( &ctx, output ) ); + TEST_EQUAL(0, mbedtls_md_hmac_reset(&ctx)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - trunc_size, hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_md_file( char * text_md_name, char * filename, - data_t * hash ) +void mbedtls_md_file(int md_type, char *filename, + data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset( md_name, 0x00, 100 ); - memset( output, 0x00, 100 ); - - strncpy( (char *) md_name, text_md_name, sizeof( md_name ) - 1 ); - md_info = mbedtls_md_info_from_string( md_name ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_type); + TEST_ASSERT(md_info != NULL); - TEST_ASSERT( mbedtls_md_file( md_info, filename, output ) == 0 ); + TEST_EQUAL(0, mbedtls_md_file(md_info, filename, output)); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - mbedtls_md_get_size( md_info ), - hash->len ) == 0 ); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_mdx.function b/third_party/mbedtls/repo/tests/suites/test_suite_mdx.function index aa35c583eb4..5e950a19890 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_mdx.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_mdx.function @@ -6,109 +6,109 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_MD2_C */ -void md2_text( char * text_src_string, data_t * hash ) +void md2_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ) ; + ret = mbedtls_md2_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof(output), hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD4_C */ -void md4_text( char * text_src_string, data_t * hash ) +void md4_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_md4_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof(output), hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD5_C */ -void md5_text( char * text_src_string, data_t * hash ) +void md5_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[16]; - memset( src_str, 0x00, sizeof src_str ); - memset( output, 0x00, sizeof output ); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_md5_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof(output), hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C */ -void ripemd160_text( char * text_src_string, data_t * hash ) +void ripemd160_text(char *text_src_string, data_t *hash) { int ret; unsigned char src_str[100]; unsigned char output[20]; - memset(src_str, 0x00, sizeof src_str); - memset(output, 0x00, sizeof output); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); - strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 ); + strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ripemd160_ret(src_str, strlen((char *) src_str), output); + TEST_ASSERT(ret == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, - sizeof output, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, + sizeof(output), hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */ -void md2_selftest( ) +void md2_selftest() { - TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md2_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */ -void md4_selftest( ) +void md4_selftest() { - TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md4_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */ -void md5_selftest( ) +void md5_selftest() { - TEST_ASSERT( mbedtls_md5_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_md5_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_SELF_TEST */ -void ripemd160_selftest( ) +void ripemd160_selftest() { - TEST_ASSERT( mbedtls_ripemd160_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_ripemd160_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_memory_buffer_alloc.function b/third_party/mbedtls/repo/tests/suites/test_suite_memory_buffer_alloc.function index cc884c28e55..2b81097a562 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_memory_buffer_alloc.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_memory_buffer_alloc.function @@ -10,34 +10,36 @@ */ /* BEGIN_SUITE_HELPERS */ -static int check_pointer( void *p ) +static int check_pointer(void *p) { - if( p == NULL ) - return( -1 ); + if (p == NULL) { + return -1; + } - if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 ) - return( -1 ); + if ((size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0) { + return -1; + } - return( 0 ); + return 0; } /* END_SUITE_HELPERS */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mbedtls_memory_buffer_alloc_self_test( ) +void mbedtls_memory_buffer_alloc_self_test() { - TEST_ASSERT( mbedtls_memory_buffer_alloc_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, - int d_bytes, int free_a, int free_b, - int free_c, int free_d, int e_bytes, - int f_bytes ) +void memory_buffer_alloc_free_alloc(int a_bytes, int b_bytes, int c_bytes, + int d_bytes, int free_a, int free_b, + int free_c, int free_d, int e_bytes, + int f_bytes) { unsigned char buf[1024]; unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL, *ptr_d = NULL, - *ptr_e = NULL, *ptr_f = NULL; + *ptr_e = NULL, *ptr_f = NULL; #if defined(MBEDTLS_MEMORY_DEBUG) size_t reported_blocks; @@ -45,98 +47,88 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, #endif size_t allocated_bytes = 0; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS); - if( a_bytes > 0 ) - { - ptr_a = mbedtls_calloc( a_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + if (a_bytes > 0) { + ptr_a = mbedtls_calloc(a_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_a) == 0); allocated_bytes += a_bytes * sizeof(char); } - if( b_bytes > 0 ) - { - ptr_b = mbedtls_calloc( b_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + if (b_bytes > 0) { + ptr_b = mbedtls_calloc(b_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_b) == 0); allocated_bytes += b_bytes * sizeof(char); } - if( c_bytes > 0 ) - { - ptr_c = mbedtls_calloc( c_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_c ) == 0 ); + if (c_bytes > 0) { + ptr_c = mbedtls_calloc(c_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_c) == 0); allocated_bytes += c_bytes * sizeof(char); } - if( d_bytes > 0 ) - { - ptr_d = mbedtls_calloc( d_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_d ) == 0 ); + if (d_bytes > 0) { + ptr_d = mbedtls_calloc(d_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_d) == 0); allocated_bytes += d_bytes * sizeof(char); } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == allocated_bytes ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == allocated_bytes); #endif - if( free_a ) - { - mbedtls_free( ptr_a ); + if (free_a) { + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= a_bytes * sizeof(char); } - if( free_b ) - { - mbedtls_free( ptr_b ); + if (free_b) { + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= b_bytes * sizeof(char); } - if( free_c ) - { - mbedtls_free( ptr_c ); + if (free_c) { + mbedtls_free(ptr_c); ptr_c = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= c_bytes * sizeof(char); } - if( free_d ) - { - mbedtls_free( ptr_d ); + if (free_d) { + mbedtls_free(ptr_d); ptr_d = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); allocated_bytes -= d_bytes * sizeof(char); } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == allocated_bytes ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == allocated_bytes); #endif - if( e_bytes > 0 ) - { - ptr_e = mbedtls_calloc( e_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_e ) == 0 ); + if (e_bytes > 0) { + ptr_e = mbedtls_calloc(e_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_e) == 0); } - if( f_bytes > 0 ) - { - ptr_f = mbedtls_calloc( f_bytes, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_f ) == 0 ); + if (f_bytes > 0) { + ptr_f = mbedtls_calloc(f_bytes, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_f) == 0); } /* Once blocks are reallocated, the block allocated to the memory request @@ -144,61 +136,55 @@ void memory_buffer_alloc_free_alloc( int a_bytes, int b_bytes, int c_bytes, * bytes, and makes it hard to know what the reported size will be, so * we don't check the size after blocks have been reallocated. */ - if( ptr_a != NULL ) - { - mbedtls_free( ptr_a ); + if (ptr_a != NULL) { + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_b != NULL ) - { - mbedtls_free( ptr_b ); + if (ptr_b != NULL) { + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_c != NULL ) - { - mbedtls_free( ptr_c ); + if (ptr_c != NULL) { + mbedtls_free(ptr_c); ptr_c = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_d != NULL ) - { - mbedtls_free( ptr_d ); + if (ptr_d != NULL) { + mbedtls_free(ptr_d); ptr_d = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_e != NULL ) - { - mbedtls_free( ptr_e ); + if (ptr_e != NULL) { + mbedtls_free(ptr_e); ptr_e = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } - if( ptr_f != NULL ) - { - mbedtls_free( ptr_f ); + if (ptr_f != NULL) { + mbedtls_free(ptr_f); ptr_f = NULL; } #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == 0 ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == 0); #endif - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); exit: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_alloc_oom_test( ) +void memory_buffer_alloc_oom_test() { unsigned char buf[1024]; unsigned char *ptr_a = NULL, *ptr_b = NULL, *ptr_c = NULL; @@ -206,71 +192,70 @@ void memory_buffer_alloc_oom_test( ) size_t reported_blocks, reported_bytes; #endif - (void)ptr_c; + (void) ptr_c; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); - mbedtls_memory_buffer_set_verify( MBEDTLS_MEMORY_VERIFY_ALWAYS ); + mbedtls_memory_buffer_set_verify(MBEDTLS_MEMORY_VERIFY_ALWAYS); - ptr_a = mbedtls_calloc( 432, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_a ) == 0 ); + ptr_a = mbedtls_calloc(432, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_a) == 0); - ptr_b = mbedtls_calloc( 432, sizeof(char) ); - TEST_ASSERT( check_pointer( ptr_b ) == 0 ); + ptr_b = mbedtls_calloc(432, sizeof(char)); + TEST_ASSERT(check_pointer(ptr_b) == 0); - ptr_c = mbedtls_calloc( 431, sizeof(char) ); - TEST_ASSERT( ptr_c == NULL ); + ptr_c = mbedtls_calloc(431, sizeof(char)); + TEST_ASSERT(ptr_c == NULL); #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes >= 864 && reported_bytes <= sizeof(buf) ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes >= 864 && reported_bytes <= sizeof(buf)); #endif - mbedtls_free( ptr_a ); + mbedtls_free(ptr_a); ptr_a = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); - mbedtls_free( ptr_b ); + mbedtls_free(ptr_b); ptr_b = NULL; - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); #if defined(MBEDTLS_MEMORY_DEBUG) - mbedtls_memory_buffer_alloc_cur_get( &reported_bytes, &reported_blocks ); - TEST_ASSERT( reported_bytes == 0 ); + mbedtls_memory_buffer_alloc_cur_get(&reported_bytes, &reported_blocks); + TEST_ASSERT(reported_bytes == 0); #endif - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); exit: - mbedtls_memory_buffer_alloc_free( ); + mbedtls_memory_buffer_alloc_free(); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_heap_too_small( ) +void memory_buffer_heap_too_small() { unsigned char buf[1]; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); /* With MBEDTLS_MEMORY_DEBUG enabled, this prints a message * "FATAL: verification of first header failed". */ - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() != 0 ); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() != 0); } /* END_CASE */ /* BEGIN_CASE */ -void memory_buffer_underalloc( ) +void memory_buffer_underalloc() { unsigned char buf[100]; size_t i; - mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) ); - for( i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++ ) - { - TEST_ASSERT( mbedtls_calloc( 1, - (size_t)-( MBEDTLS_MEMORY_ALIGN_MULTIPLE - i ) ) == NULL ); - TEST_ASSERT( mbedtls_memory_buffer_alloc_verify() == 0 ); + mbedtls_memory_buffer_alloc_init(buf, sizeof(buf)); + for (i = 1; i < MBEDTLS_MEMORY_ALIGN_MULTIPLE; i++) { + TEST_ASSERT(mbedtls_calloc(1, + (size_t) -(MBEDTLS_MEMORY_ALIGN_MULTIPLE - i)) == NULL); + TEST_ASSERT(mbedtls_memory_buffer_alloc_verify() == 0); } exit: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_mpi.data b/third_party/mbedtls/repo/tests/suites/test_suite_mpi.data deleted file mode 100644 index 2addd23b4bd..00000000000 --- a/third_party/mbedtls/repo/tests/suites/test_suite_mpi.data +++ /dev/null @@ -1,1892 +0,0 @@ -MPI - Valid parameters -mpi_valid_param: - -MPI - Invalid parameters -mpi_invalid_param: - -Arguments with no value -mpi_null: - -Base test mpi_read_write_string #1 -mpi_read_write_string:10:"128":10:"128":100:0:0 - -Base test mpi_read_write_string #1 (Leading 0) -mpi_read_write_string:10:"0128":10:"128":100:0:0 - -Base test mpi_read_write_string #2 -mpi_read_write_string:10:"128":16:"80":100:0:0 - -Base test mpi_read_write_string #3 (Read zero decimal) -mpi_read_write_string:10:"0":10:"0":100:0:0 - -Base test mpi_read_write_string #3 (Read zero hex) -mpi_read_write_string:16:"0":16:"00":100:0:0 - -Base test mpi_read_write_string #3 (Read minus zero decimal) -mpi_read_write_string:10:"-0":10:"0":100:0:0 - -Base test mpi_read_write_string #3 (Read minus zero hex) -mpi_read_write_string:16:"-0":16:"00":100:0:0 - -Base test mpi_read_write_string #3 (Negative decimal) -mpi_read_write_string:10:"-23":10:"-23":100:0:0 - -Base test mpi_read_write_string #3 (Negative decimal, leading 0) -mpi_read_write_string:10:"-023":10:"-23":100:0:0 - -Base test mpi_read_write_string #3 (Negative hex -> decimal) -mpi_read_write_string:16:"-20":10:"-32":100:0:0 - -Base test mpi_read_write_string #3 (Negative hex) -mpi_read_write_string:16:"-23":16:"-23":100:0:0 - -Base test mpi_read_write_string #3 (Negative hex, leading 0) -mpi_read_write_string:16:"-023":16:"-23":100:0:0 - -Base test mpi_read_write_string #4 (Buffer just fits) -mpi_read_write_string:16:"-4":4:"-10":4:0:0 - -Test mpi_read_write_string #1 (Invalid character) -mpi_read_write_string:10:"a28":0:"":100:MBEDTLS_ERR_MPI_INVALID_CHARACTER:0 - -Test mpi_read_write_string #2 (Illegal input radix) -mpi_read_write_string:19:"a28":0:"":100:MBEDTLS_ERR_MPI_BAD_INPUT_DATA:0 - -Test mpi_read_write_string #3 (Buffer just fits) -mpi_read_write_string:16:"-23":16:"-23":4:0:0 - -Test mpi_read_write_string #4 (Buffer too small) -mpi_read_write_string:16:"-23":16:"-23":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL - -Test mpi_read_write_string #5 (Illegal output radix) -mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mpi_read_write_string #6 (Output radix of 15) -mpi_read_write_string:10:"29":15:"1e":100:0:0 - -Test mpi_read_write_string #7 -mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0 - -Test mpi_read_write_string #8 (Empty MPI hex -> hex) -mpi_read_write_string:16:"":16:"":4:0:0 - -Test mpi_read_write_string #9 (Empty MPI hex -> dec) -mpi_read_write_string:16:"":10:"0":4:0:0 - -Test mpi_read_write_string #8 (Empty MPI dec -> hex) -mpi_read_write_string:10:"":16:"":4:0:0 - -Test mpi_read_write_string #9 (Empty MPI dec -> dec) -mpi_read_write_string:10:"":10:"0":4:0:0 - -Test mpi_write_string #10 (Negative hex with odd number of digits) -mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL - -Base test mbedtls_mpi_read_binary #1 -mbedtls_mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924" - -Base test mbedtls_mpi_read_binary_le #1 -mbedtls_mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"219946662473865722255717126709915431768051735954189829340600976826409773245337023925691629251672268961177825243440202069039100741562168093042339401187848509859789949044607421190014088260008793380554914226244485299326152319899746569" - -Base test mbedtls_mpi_write_binary #1 -mbedtls_mpi_write_binary:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0 - -Test mbedtls_mpi_write_binary #1 (Buffer just fits) -mbedtls_mpi_write_binary:16:"123123123123123123123123123":"0123123123123123123123123123":14:0 - -Test mbedtls_mpi_write_binary #2 (Buffer too small) -mbedtls_mpi_write_binary:16:"123123123123123123123123123":"23123123123123123123123123":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL - -Base test mbedtls_mpi_write_binary_le #1 -mbedtls_mpi_write_binary_le:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":"24448b952fbbef93f89286ba330e62528b151eac265cc8ce3038519d09e148af89288e91f48b41acad55d9dc5e2b18097c106be4ce132721bf6359eaf403e7ff90623e8866ee5c192320418daa682f144adedf84f25de11f49d1fe009d374109":200:0 - -Test mbedtls_mpi_write_binary_le #1 (Buffer just fits) -mbedtls_mpi_write_binary_le:16:"123123123123123123123123123":"2331122331122331122331122301":14:0 - -Test mbedtls_mpi_write_binary_le #2 (Buffer too small) -mbedtls_mpi_write_binary_le:16:"123123123123123123123123123":"23311223311223311223311223":13:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL - -Base test mbedtls_mpi_read_file #1 -mbedtls_mpi_read_file:10:"data_files/mpi_10":"01f55332c3a48b910f9942f6c914e58bef37a47ee45cb164a5b6b8d1006bf59a059c21449939ebebfdf517d2e1dbac88010d7b1f141e997bd6801ddaec9d05910f4f2de2b2c4d714e2c14a72fc7f17aa428d59c531627f09":0 - -Test mbedtls_mpi_read_file #1 (Empty file) -mbedtls_mpi_read_file:10:"data_files/hash_file_4":"":MBEDTLS_ERR_MPI_FILE_IO_ERROR - -Test mbedtls_mpi_read_file #2 (Illegal input) -mbedtls_mpi_read_file:10:"data_files/hash_file_3":"":0 - -Test mbedtls_mpi_read_file #3 (Input too big) -mbedtls_mpi_read_file:10:"data_files/mpi_too_big":"":MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL - -Base test mbedtls_mpi_write_file #1 -mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write" - -Test mbedtls_mpi_lsb: 0 (null) -mbedtls_mpi_lsb:16:"":0 - -Test mbedtls_mpi_lsb: 0 (1 limb) -mbedtls_mpi_lsb:16:"0":0 - -Base test mbedtls_mpi_lsb #1 -mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2 - -Base test mbedtls_mpi_lsb #2 -mbedtls_mpi_lsb:10:"24":3 - -Base test mbedtls_mpi_lsb #3 -mbedtls_mpi_lsb:16:"24":2 - -Base test mbedtls_mpi_lsb #4 -mbedtls_mpi_lsb:16:"2000":13 - -Base test mbedtls_mpi_bitlen #1 -mbedtls_mpi_bitlen:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":764 - -Base test mbedtls_mpi_bitlen #2 -mbedtls_mpi_bitlen:10:"24":5 - -Base test mbedtls_mpi_bitlen #3 -mbedtls_mpi_bitlen:10:"1":1 - -Base test mbedtls_mpi_bitlen #4 -mbedtls_mpi_bitlen:10:"15":4 - -Base test mbedtls_mpi_bitlen #5 -mbedtls_mpi_bitlen:10:"16":5 - -Base test mbedtls_mpi_bitlen #6 -mbedtls_mpi_bitlen:10:"10":4 - -Base test mbedtls_mpi_bitlen: 0 (null) -mbedtls_mpi_bitlen:10:"":0 - -Base test mbedtls_mpi_bitlen: 0 (1 limb) -mbedtls_mpi_bitlen:10:"0":0 - -Base test mbedtls_mpi_cmp_int #1 -mbedtls_mpi_cmp_int:693:693:0 - -Base test mbedtls_mpi_cmp_int #2 -mbedtls_mpi_cmp_int:693:692:1 - -Base test mbedtls_mpi_cmp_int #3 -mbedtls_mpi_cmp_int:693:694:-1 - -Base test mbedtls_mpi_cmp_int (Negative values) #1 -mbedtls_mpi_cmp_int:-2:-2:0 - -Base test mbedtls_mpi_cmp_int (Negative values) #2 -mbedtls_mpi_cmp_int:-2:-3:1 - -Base test mbedtls_mpi_cmp_int (Negative values) #3 -mbedtls_mpi_cmp_int:-2:-1:-1 - -Base test mbedtls_mpi_cmp_mpi #1 -mbedtls_mpi_cmp_mpi:10:"693":10:"693":0 - -Base test mbedtls_mpi_cmp_mpi #2 -mbedtls_mpi_cmp_mpi:10:"693":10:"692":1 - -Base test mbedtls_mpi_cmp_mpi #3 -mbedtls_mpi_cmp_mpi:10:"693":10:"694":-1 - -Base test mbedtls_mpi_cmp_mpi (Negative values) #1 -mbedtls_mpi_cmp_mpi:10:"-2":10:"-2":0 - -Base test mbedtls_mpi_cmp_mpi (Negative values) #2 -mbedtls_mpi_cmp_mpi:10:"-2":10:"-3":1 - -Base test mbedtls_mpi_cmp_mpi (Negative values) #3 -mbedtls_mpi_cmp_mpi:10:"-2":10:"-1":-1 - -Base test mbedtls_mpi_cmp_mpi (Mixed values) #4 -mbedtls_mpi_cmp_mpi:10:"-3":10:"2":-1 - -Base test mbedtls_mpi_cmp_mpi (Mixed values) #5 -mbedtls_mpi_cmp_mpi:10:"2":10:"-3":1 - -Base test mbedtls_mpi_cmp_mpi (Mixed values) #6 -mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null) -mbedtls_mpi_cmp_mpi:10:"":10:"":0 - -Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb) -mbedtls_mpi_cmp_mpi:10:"":10:"0":0 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null) -mbedtls_mpi_cmp_mpi:10:"0":10:"":0 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb) -mbedtls_mpi_cmp_mpi:10:"0":10:"0":0 - -Test mbedtls_mpi_cmp_mpi: 0 (null) < positive -mbedtls_mpi_cmp_mpi:10:"":10:"123":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive -mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) > negative -mbedtls_mpi_cmp_mpi:10:"":10:"-123":1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative -mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1 - -Test mbedtls_mpi_cmp_mpi: positive > 0 (null) -mbedtls_mpi_cmp_mpi:10:"123":10:"":1 - -Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb) -mbedtls_mpi_cmp_mpi:10:"123":10:"0":1 - -Test mbedtls_mpi_cmp_mpi: negative < 0 (null) -mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1 - -Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb) -mbedtls_mpi_cmp_mpi:10:"-123":10:"0":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb -mbedtls_mpi_cmp_mpi:16:"":16:"0000000000000000123":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb -mbedtls_mpi_cmp_mpi:16:"0":16:"0000000000000000123":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb -mbedtls_mpi_cmp_mpi:16:"":16:"-0000000000000000123":1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb -mbedtls_mpi_cmp_mpi:16:"0":16:"-0000000000000000123":1 - -Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null) -mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"":1 - -Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb) -mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"0":1 - -Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null) -mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"":-1 - -Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb) -mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"0":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive -mbedtls_mpi_cmp_mpi:16:"":16:"1230000000000000000":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive -mbedtls_mpi_cmp_mpi:16:"0":16:"1230000000000000000":-1 - -Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative -mbedtls_mpi_cmp_mpi:16:"":16:"-1230000000000000000":1 - -Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative -mbedtls_mpi_cmp_mpi:16:"0":16:"-1230000000000000000":1 - -Test mbedtls_mpi_cmp_mpi: large positive > 0 (null) -mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"":1 - -Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb) -mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"0":1 - -Test mbedtls_mpi_cmp_mpi: large negative < 0 (null) -mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"":-1 - -Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb) -mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"0":-1 - -Base test mbedtls_mpi_lt_mpi_ct #1 -mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0 - -Base test mbedtls_mpi_lt_mpi_ct #2 -mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B4":0:0 - -Base test mbedtls_mpi_lt_mpi_ct #3 -mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B6":1:0 - -Base test mbedtls_mpi_lt_mpi_ct (Negative values) #1 -mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-2":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (Negative values) #2 -mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-3":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (Negative values) #3 -mbedtls_mpi_lt_mpi_ct:1:"-2":1:"-1":1:0 - -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #1 -mbedtls_mpi_lt_mpi_ct:1:"-3":1:"2":1:0 - -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #2 -mbedtls_mpi_lt_mpi_ct:1:"2":1:"-3":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (Mixed values) #3 -mbedtls_mpi_lt_mpi_ct:2:"-2":2:"1C67967269C6":1:0 - -Base test mbedtls_mpi_lt_mpi_ct (X is longer in storage) -mbedtls_mpi_lt_mpi_ct:3:"2B5":2:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage) -mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_lt_mpi_ct (length=0) -mbedtls_mpi_lt_mpi_ct:0:"":0:"":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1 -mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #2 -mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"7FFFFFFFFFFFFFFF":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #3 -mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"1":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #4 -mbedtls_mpi_lt_mpi_ct:2:"8000000000000000":2:"0":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #5 -mbedtls_mpi_lt_mpi_ct:2:"FFFFFFFFFFFFFFFF":2:"FF":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #1 -mbedtls_mpi_lt_mpi_ct:1:"7FFFFFFF":1:"FF":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #2 -mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"7FFFFFFF":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #3 -mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"1":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #4 -mbedtls_mpi_lt_mpi_ct:1:"80000000":1:"0":0:0 - -Base test mbedtls_mpi_lt_mpi_ct (corner case - 32 bit) #5 -mbedtls_mpi_lt_mpi_ct:1:"FFFFFFFF":1:"FF":0:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (XY, equal MS limbs) -mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFF1":2:"-EEFFFFFFFFFFFFFFFF":0:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (X=Y) -mbedtls_mpi_lt_mpi_ct:2:"EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":0:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (X=-Y) -mbedtls_mpi_lt_mpi_ct:2:"-EEFFFFFFFFFFFFFFFF":2:"EEFFFFFFFFFFFFFFFF":1:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #1 -mbedtls_mpi_lt_mpi_ct:2:"11FFFFFFFFFFFFFFFF":2:"FF1111111111111111":1:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #2 -mbedtls_mpi_lt_mpi_ct:2:"FF1111111111111111":2:"11FFFFFFFFFFFFFFFF":0:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #3 -mbedtls_mpi_lt_mpi_ct:2:"-11FFFFFFFFFFFFFFFF":2:"-FF1111111111111111":0:0 - -Multi-limb mbedtls_mpi_lt_mpi_ct (Alternating limbs) #4 -mbedtls_mpi_lt_mpi_ct:2:"-FF1111111111111111":2:"-11FFFFFFFFFFFFFFFF":1:0 - -Base test mbedtls_mpi_cmp_abs #1 -mbedtls_mpi_cmp_abs:10:"693":10:"693":0 - -Base test mbedtls_mpi_cmp_abs #2 -mbedtls_mpi_cmp_abs:10:"693":10:"692":1 - -Base test mbedtls_mpi_cmp_abs #3 -mbedtls_mpi_cmp_abs:10:"693":10:"694":-1 - -Base test mbedtls_mpi_cmp_abs (Negative values) #1 -mbedtls_mpi_cmp_abs:10:"-2":10:"-2":0 - -Base test mbedtls_mpi_cmp_abs (Negative values) #2 -mbedtls_mpi_cmp_abs:10:"-2":10:"-3":-1 - -Base test mbedtls_mpi_cmp_abs (Negative values) #3 -mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1 - -Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null) -mbedtls_mpi_cmp_abs:10:"":10:"":0 - -Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb) -mbedtls_mpi_cmp_abs:10:"":10:"0":0 - -Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null) -mbedtls_mpi_cmp_abs:10:"0":10:"":0 - -Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb) -mbedtls_mpi_cmp_abs:10:"0":10:"0":0 - -Base test mbedtls_mpi_cmp_abs (Mix values) #1 -mbedtls_mpi_cmp_abs:10:"-2":10:"2":0 - -Base test mbedtls_mpi_cmp_abs (Mix values) #2 -mbedtls_mpi_cmp_abs:10:"2":10:"-3":-1 - -Base test mbedtls_mpi_cmp_abs (Mix values) #3 -mbedtls_mpi_cmp_abs:10:"-2":10:"1":1 - -Copy large negative to large negative -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" - -Copy large negative to large positive -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" - -Copy large negative to small negative -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef" - -Copy large negative to small positive -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef" - -Copy large negative to zero (1 limb) -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"0" - -Copy large negative to zero (null) -mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"" - -Copy large positive to large negative -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" - -Copy large positive to large positive -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" - -Copy large positive to small negative -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef" - -Copy large positive to small positive -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"beef" - -Copy large positive to zero (1 limb) -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"0" - -Copy large positive to zero (null) -mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"" - -Copy small negative to large negative -mbedtls_mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5" - -Copy small negative to large positive -mbedtls_mpi_copy:"-bead":"face1e55ca11ab1ecab005e5" - -Copy small negative to small negative -mbedtls_mpi_copy:"-bead":"-beef" - -Copy small negative to small positive -mbedtls_mpi_copy:"-bead":"beef" - -Copy small negative to zero (1 limb) -mbedtls_mpi_copy:"-bead":"0" - -Copy small negative to zero (null) -mbedtls_mpi_copy:"-bead":"" - -Copy small positive to large negative -mbedtls_mpi_copy:"bead":"-face1e55ca11ab1ecab005e5" - -Copy small positive to large positive -mbedtls_mpi_copy:"bead":"face1e55ca11ab1ecab005e5" - -Copy small positive to small negative -mbedtls_mpi_copy:"bead":"-beef" - -Copy small positive to small positive -mbedtls_mpi_copy:"bead":"beef" - -Copy small positive to zero (1 limb) -mbedtls_mpi_copy:"bead":"0" - -Copy small positive to zero (null) -mbedtls_mpi_copy:"bead":"" - -Copy zero (1 limb) to large negative -mbedtls_mpi_copy:"0":"-face1e55ca11ab1ecab005e5" - -Copy zero (1 limb) to large positive -mbedtls_mpi_copy:"0":"face1e55ca11ab1ecab005e5" - -Copy zero (1 limb) to small negative -mbedtls_mpi_copy:"0":"-beef" - -Copy zero (1 limb) to small positive -mbedtls_mpi_copy:"0":"beef" - -Copy zero (1 limb) to zero (1 limb) -mbedtls_mpi_copy:"0":"0" - -Copy zero (1 limb) to zero (null) -mbedtls_mpi_copy:"0":"" - -Copy zero (null) to large negative -mbedtls_mpi_copy:"":"-face1e55ca11ab1ecab005e5" - -Copy zero (null) to large positive -mbedtls_mpi_copy:"":"face1e55ca11ab1ecab005e5" - -Copy zero (null) to small negative -mbedtls_mpi_copy:"":"-beef" - -Copy zero (null) to small positive -mbedtls_mpi_copy:"":"beef" - -Copy zero (null) to zero (1 limb) -mbedtls_mpi_copy:"":"0" - -Copy zero (null) to zero (null) -mbedtls_mpi_copy:"":"" - -Copy self: large negative -mpi_copy_self:"-ca5cadedb01dfaceacc01ade" - -Copy self: large positive -mpi_copy_self:"ca5cadedb01dfaceacc01ade" - -Copy self: small negative -mpi_copy_self:"-bead" - -Copy self: small positive -mpi_copy_self:"bead" - -Copy self: zero (1 limb) -mpi_copy_self:"0" - -Copy self: zero (null) -mpi_copy_self:"" - -Swap large negative with large negative -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" - -Swap large negative with large positive -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" - -Swap large negative with small negative -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef" - -Swap large negative with small positive -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef" - -Swap large negative with zero (1 limb) -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"0" - -Swap large negative with zero (null) -mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"" - -Swap large positive with large negative -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5" - -Swap large positive with large positive -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5" - -Swap large positive with small negative -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef" - -Swap large positive with small positive -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"beef" - -Swap large positive with zero (1 limb) -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"0" - -Swap large positive with zero (null) -mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"" - -Swap small negative with large negative -mbedtls_mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5" - -Swap small negative with large positive -mbedtls_mpi_swap:"-bead":"face1e55ca11ab1ecab005e5" - -Swap small negative with small negative -mbedtls_mpi_swap:"-bead":"-beef" - -Swap small negative with small positive -mbedtls_mpi_swap:"-bead":"beef" - -Swap small negative with zero (1 limb) -mbedtls_mpi_swap:"-bead":"0" - -Swap small negative with zero (null) -mbedtls_mpi_swap:"-bead":"" - -Swap small positive with large negative -mbedtls_mpi_swap:"bead":"-face1e55ca11ab1ecab005e5" - -Swap small positive with large positive -mbedtls_mpi_swap:"bead":"face1e55ca11ab1ecab005e5" - -Swap small positive with small negative -mbedtls_mpi_swap:"bead":"-beef" - -Swap small positive with small positive -mbedtls_mpi_swap:"bead":"beef" - -Swap small positive with zero (1 limb) -mbedtls_mpi_swap:"bead":"0" - -Swap small positive with zero (null) -mbedtls_mpi_swap:"bead":"" - -Swap zero (1 limb) with large negative -mbedtls_mpi_swap:"0":"-face1e55ca11ab1ecab005e5" - -Swap zero (1 limb) with large positive -mbedtls_mpi_swap:"0":"face1e55ca11ab1ecab005e5" - -Swap zero (1 limb) with small negative -mbedtls_mpi_swap:"0":"-beef" - -Swap zero (1 limb) with small positive -mbedtls_mpi_swap:"0":"beef" - -Swap zero (1 limb) with zero (1 limb) -mbedtls_mpi_swap:"0":"0" - -Swap zero (1 limb) with zero (null) -mbedtls_mpi_swap:"0":"" - -Swap zero (null) with large negative -mbedtls_mpi_swap:"":"-face1e55ca11ab1ecab005e5" - -Swap zero (null) with large positive -mbedtls_mpi_swap:"":"face1e55ca11ab1ecab005e5" - -Swap zero (null) with small negative -mbedtls_mpi_swap:"":"-beef" - -Swap zero (null) with small positive -mbedtls_mpi_swap:"":"beef" - -Swap zero (null) with zero (1 limb) -mbedtls_mpi_swap:"":"0" - -Swap zero (null) with zero (null) -mbedtls_mpi_swap:"":"" - -Swap self: large negative -mpi_swap_self:"-ca5cadedb01dfaceacc01ade" - -Swap self: large positive -mpi_swap_self:"ca5cadedb01dfaceacc01ade" - -Swap self: small negative -mpi_swap_self:"-bead" - -Swap self: small positive -mpi_swap_self:"bead" - -Swap self: zero (1 limb) -mpi_swap_self:"0" - -Swap self: zero (null) -mpi_swap_self:"" - -Shrink 0 limbs in a buffer of size 0 to 0 -mbedtls_mpi_shrink:0:0:0:0 - -Shrink 2 limbs in a buffer of size 2 to 4 -mbedtls_mpi_shrink:2:2:4:4 - -Shrink 2 limbs in a buffer of size 4 to 4 -mbedtls_mpi_shrink:4:2:4:4 - -Shrink 2 limbs in a buffer of size 8 to 4 -mbedtls_mpi_shrink:8:2:4:4 - -Shrink 4 limbs in a buffer of size 8 to 4 -mbedtls_mpi_shrink:8:4:4:4 - -Shrink 6 limbs in a buffer of size 8 to 4 yielding 6 -mbedtls_mpi_shrink:8:6:4:6 - -Shrink 2 limbs in a buffer of size 4 to 0 yielding 2 -mbedtls_mpi_shrink:4:2:0:2 - -Shrink 1 limbs in a buffer of size 4 to 0 yielding 1 -mbedtls_mpi_shrink:4:1:0:1 - -Shrink 0 limbs in a buffer of size 4 to 0 yielding 1 -mbedtls_mpi_shrink:4:0:0:1 - -Base test mbedtls_mpi_add_abs #1 -mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209" - -Base test mbedtls_mpi_add_abs #2 -mbedtls_mpi_add_abs:10:"-12345678":10:"642531":10:"12988209" - -Base test mbedtls_mpi_add_abs #3 -mbedtls_mpi_add_abs:10:"12345678":10:"-642531":10:"12988209" - -Base test mbedtls_mpi_add_abs #4 -mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209" - -Test mbedtls_mpi_add_abs: 0 (null) + 0 (null) -mbedtls_mpi_add_abs:16:"":16:"":16:"0" - -Test mbedtls_mpi_add_abs: 0 (null) + 1 -mbedtls_mpi_add_abs:16:"":16:"01":16:"01" - -Test mbedtls_mpi_add_abs: 1 + 0 (null) -mbedtls_mpi_add_abs:16:"01":16:"":16:"01" - -Test mbedtls_mpi_add_abs #1 -mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924" - -Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#1] -mbedtls_mpi_add_abs:16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"08":16:"1000000000000000000000000000000" - -Regression mbedtls_mpi_add_abs (add small to very large MPI with carry rollover) [#2] -mbedtls_mpi_add_abs:16:"08":16:"FFFFFFFFFFFFFFFFFFFFFFFFFFFFF8":16:"1000000000000000000000000000000" - -Base test mbedtls_mpi_add_mpi #1 -mbedtls_mpi_add_mpi:10:"12345678":10:"642531":10:"12988209" - -Base test mbedtls_mpi_add_mpi #2 -mbedtls_mpi_add_mpi:10:"-12345678":10:"642531":10:"-11703147" - -Base test mbedtls_mpi_add_mpi #3 -mbedtls_mpi_add_mpi:10:"12345678":10:"-642531":10:"11703147" - -Base test mbedtls_mpi_add_mpi #4 -mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209" - -Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null) -mbedtls_mpi_add_mpi:16:"":16:"":16:"0" - -Test mbedtls_mpi_add_mpi: 0 (null) + 1 -mbedtls_mpi_add_mpi:16:"":16:"01":16:"01" - -Test mbedtls_mpi_add_mpi: 1 + 0 (null) -mbedtls_mpi_add_mpi:16:"01":16:"":16:"01" - -Test mbedtls_mpi_add_mpi: 0 (null) + -1 -mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01" - -Test mbedtls_mpi_add_mpi: -1 + 0 (null) -mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01" - -Test mbedtls_mpi_add_mpi #1 -mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342" - -Test mbedtls_mpi_add_mpi #2 -mbedtls_mpi_add_mpi:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924" - -Base test mbedtls_mpi_add_mpi inplace #1 -mbedtls_mpi_add_mpi_inplace:10:"12345678":10:"24691356" - -Test mbedtls_mpi_add_mpi inplace #2 -mbedtls_mpi_add_mpi_inplace:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"1287616013607108878460259709922985398302772215068026865836146879048276529684741260122739430789478268181845874665180769440794266671939098512645241958073373266427807905932350214193538360035292323703146295192780306" - -Test mbedtls_mpi_add_mpi inplace #3 -mbedtls_mpi_add_mpi_inplace:16:"ffffffffffffffffffffffffffffffff":16:"01fffffffffffffffffffffffffffffffe" - -Test mbedtls_mpi_add_int #1 -mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227022647561" - -Test mbedtls_mpi_add_int #2 -mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" - -Test mbedtls_mpi_add_int: 0 (null) + 0 -mbedtls_mpi_add_int:16:"":0:16:"0" - -Test mbedtls_mpi_add_int: 0 (null) + 1 -mbedtls_mpi_add_int:16:"":1:16:"1" - -Base test mbedtls_mpi_sub_abs #1 (|B| > |A|) -mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #2 (|B| > |A|) -mbedtls_mpi_sub_abs:10:"-5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #3 (|B| > |A|) -mbedtls_mpi_sub_abs:10:"-5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #4 (|B| > |A|) -mbedtls_mpi_sub_abs:10:"5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #1 (|B| >> |A| with more limbs) -mbedtls_mpi_sub_abs:10:"5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #2 (|B| >> |A| with more limbs) -mbedtls_mpi_sub_abs:10:"-5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #3 (|B| >> |A| with more limbs) -mbedtls_mpi_sub_abs:10:"-5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #4 (|B| >> |A| with more limbs) -mbedtls_mpi_sub_abs:10:"5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_sub_abs #1 -mbedtls_mpi_sub_abs:10:"7":10:"5":10:"2":0 - -Base test mbedtls_mpi_sub_abs #2 -mbedtls_mpi_sub_abs:10:"-7":10:"-5":10:"2":0 - -Base test mbedtls_mpi_sub_abs #3 -mbedtls_mpi_sub_abs:10:"-7":10:"5":10:"2":0 - -Base test mbedtls_mpi_sub_abs #4 -mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0 - -Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null) -mbedtls_mpi_sub_abs:16:"":16:"":16:"":0 - -Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb) -mbedtls_mpi_sub_abs:16:"":16:"00":16:"":0 - -Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null) -mbedtls_mpi_sub_abs:16:"00":16:"":16:"":0 - -Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb) -mbedtls_mpi_sub_abs:16:"00":16:"00":16:"":0 - -Test mbedtls_mpi_sub_abs: 1 - 0 (null) -mbedtls_mpi_sub_abs:16:"01":16:"":16:"01":0 - -Test mbedtls_mpi_sub_abs: 0 (null) - 1 -mbedtls_mpi_sub_abs:16:"":16:"01":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Test mbedtls_mpi_sub_abs #1 -mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0 - -Test mbedtls_mpi_sub_abs #2 -mbedtls_mpi_sub_abs:16:"FFFFFFFFF0":16:"01":16:"FFFFFFFFEF":0 - -Test mbedtls_mpi_sub_abs #3 -mbedtls_mpi_sub_abs:16:"FF00000000":16:"0F00000000":16:"F000000000":0 - -Test mbedtls_mpi_sub_abs #4 -mbedtls_mpi_sub_abs:16:"FF00000000":16:"0F00000001":16:"EFFFFFFFFF":0 - -Base test mbedtls_mpi_sub_mpi #1 (Test with negative result) -mbedtls_mpi_sub_mpi:10:"5":10:"7":10:"-2" - -Base test mbedtls_mpi_sub_mpi #2 (Test with negative inputs) -mbedtls_mpi_sub_mpi:10:"-5":10:"-7":10:"2" - -Base test mbedtls_mpi_sub_mpi #3 (Test with negative base) -mbedtls_mpi_sub_mpi:10:"-5":10:"7":10:"-12" - -Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction) -mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12" - -Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null) -mbedtls_mpi_sub_mpi:16:"":16:"":16:"0" - -Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb) -mbedtls_mpi_sub_mpi:16:"":16:"00":16:"0" - -Test mbedtls_mpi_sub_mpi: 0 (null) - 1 -mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1" - -Test mbedtls_mpi_sub_mpi: 0 (null) - -1 -mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1" - -Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null) -mbedtls_mpi_sub_mpi:16:"00":16:"":16:"0" - -Test mbedtls_mpi_sub_mpi: 1 - 0 (null) -mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1" - -Test mbedtls_mpi_sub_mpi: -1 - 0 (null) -mbedtls_mpi_sub_mpi:16:"-1":16:"":16:"-1" - -Test mbedtls_mpi_sub_mpi #1 -mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096" - -Test mbedtls_mpi_sub_mpi #2 (Test for negative result) -mbedtls_mpi_sub_mpi:10:"643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"-56125680981752282332854280306765380612153703983633407122513245677043323738275550803657221789827307780393959397039813808626161066208794210143732806809073537503708671504303382290292211925255014779394363592722015507193385383534937618" - -Test mbedtls_mpi_sub_int #1 -mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227022647561" - -Test mbedtls_mpi_sub_int #2 -mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097" - -Test mbedtls_mpi_sub_int: 0 (null) - 0 -mbedtls_mpi_sub_int:16:"":0:16:"0" - -Test mbedtls_mpi_sub_int: 0 (null) - 1 -mbedtls_mpi_sub_int:16:"":1:16:"-1" - -Test mbedtls_mpi_sub_int: 0 (null) - -1 -mbedtls_mpi_sub_int:16:"":-1:16:"1" - -Test mbedtls_mpi_shift_l #1 -mbedtls_mpi_shift_l:10:"64":1:10:"128" - -Test mbedtls_mpi_shift_l #2 -mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704" - -Test mbedtls_mpi_shift_l: 0 (null) <<= 0 -mbedtls_mpi_shift_l:16:"":0:16:"0" - -Test mbedtls_mpi_shift_l: 0 (null) <<= 1 -mbedtls_mpi_shift_l:16:"":1:16:"0" - -Test mbedtls_mpi_shift_l: 0 (null) <<= 64 -mbedtls_mpi_shift_l:16:"":64:16:"0" - -Test mbedtls_mpi_shift_r #1 -mbedtls_mpi_shift_r:10:"128":1:10:"64" - -Test mbedtls_mpi_shift_r #2 -mbedtls_mpi_shift_r:10:"120815570979701484704906977000760567182871429114712069861589084706550626575967516787438008593490722779337547394120718248995900363209947025063336882559539208430319216688889117222633155838468458047056355241515415159736436403445579777425189969":45:10:"3433785053053426415343295076376096153094051405637175942660777670498379921354157795219578264137985649407981651226029903483433269093721578004287291678324982297860947730012217028349628999378309630601971640587504883789518896817457" - -Test mbedtls_mpi_shift_r #4 [#1] -mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":63:16:"01" - -Test mbedtls_mpi_shift_r #4 [#2] -mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":64:16:"00" - -Test mbedtls_mpi_shift_r #6 -mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":65:16:"00" - -Test mbedtls_mpi_shift_r #7 -mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00" - -Test mbedtls_mpi_shift_r: 0 (null) >>= 0 -mbedtls_mpi_shift_r:16:"":0:16:"0" - -Test mbedtls_mpi_shift_r: 0 (null) >>= 1 -mbedtls_mpi_shift_r:16:"":1:16:"0" - -Test mbedtls_mpi_shift_r: 0 (null) >>= 64 -mbedtls_mpi_shift_r:16:"":64:16:"0" - -Base test mbedtls_mpi_mul_mpi #1 -mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35" - -Base test mbedtls_mpi_mul_mpi #2 -mbedtls_mpi_mul_mpi:10:"-5":10:"7":10:"-35" - -Base test mbedtls_mpi_mul_mpi #3 -mbedtls_mpi_mul_mpi:10:"5":10:"-7":10:"-35" - -Base test mbedtls_mpi_mul_mpi #4 -mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35" - -Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null) -mbedtls_mpi_mul_mpi:16:"":16:"":16:"0" - -Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb) -mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0" - -Test mbedtls_mpi_mul_mpi: 0 (null) * 1 -mbedtls_mpi_mul_mpi:16:"":16:"01":16:"0" - -Test mbedtls_mpi_mul_mpi: 0 (null) * -1 -mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"0" - -Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1 -mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0" - -Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null) -mbedtls_mpi_mul_mpi:16:"00":16:"":16:"0" - -Test mbedtls_mpi_mul_mpi: 1 * 0 (null) -mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0" - -Test mbedtls_mpi_mul_mpi: -1 * 0 (null) -mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"0" - -Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb) -mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"0" - -Test mbedtls_mpi_mul_mpi #1 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A -mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0 -mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0 -mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B -mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0 -mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0 -mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0 -mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0 -mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000" - -Test mbedtls_mpi_mul_int #1 -mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"==" - -Test mbedtls_mpi_mul_int #2 (Unsigned, thus failure) -mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"-20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!=" - -Test mbedtls_mpi_mul_int #3 -mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"-20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"==" - -Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure) -mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!=" - -Test mbedtls_mpi_mul_int: 0 (null) * 0 -mbedtls_mpi_mul_int:16:"":0:16:"":"==" - -Test mbedtls_mpi_mul_int: 0 (null) * 1 -mbedtls_mpi_mul_int:16:"":1:16:"":"==" - -Test mbedtls_mpi_mul_int: 0 (null) * 0x1234 -mbedtls_mpi_mul_int:16:"":0x1234:16:"":"==" - -Base test mbedtls_mpi_div_mpi #1 -mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0 - -Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb)) -mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null)) -mbedtls_mpi_div_mpi:10:"1000":10:"":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_div_mpi #3 -mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0 - -Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null) -mbedtls_mpi_div_mpi:16:"":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb) -mbedtls_mpi_div_mpi:16:"":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null) -mbedtls_mpi_div_mpi:16:"0":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb) -mbedtls_mpi_div_mpi:16:"0":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_mpi: 0 (null) / 1 -mbedtls_mpi_div_mpi:16:"":16:"1":16:"":16:"":0 - -Test mbedtls_mpi_div_mpi: 0 (null) / -1 -mbedtls_mpi_div_mpi:16:"":16:"-1":16:"":16:"":0 - -Test mbedtls_mpi_div_mpi #1 -mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0 - -Test mbedtls_mpi_div_mpi #2 -mbedtls_mpi_div_mpi:10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188762":10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"1":0 - -Test mbedtls_mpi_div_mpi #3 -mbedtls_mpi_div_mpi:10:"1000":10:"7":10:"142":10:"6":0 - -Test mbedtls_mpi_div_mpi #4 -mbedtls_mpi_div_mpi:10:"777":10:"7":10:"111":10:"0":0 - -Base test mbedtls_mpi_div_int #1 -mbedtls_mpi_div_int:10:"1000":13:10:"76":10:"12":0 - -Base test mbedtls_mpi_div_int #2 (Divide by zero) -mbedtls_mpi_div_int:10:"1000":0:10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_div_int #3 -mbedtls_mpi_div_int:10:"1000":-13:10:"-76":10:"12":0 - -Test mbedtls_mpi_div_int #1 -mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":34:10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0 - -Test mbedtls_mpi_div_int #2 -mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0 - -Test mbedtls_mpi_div_int: 0 (null) / 0 -mbedtls_mpi_div_int:16:"":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_int: 0 (1 limb) / 0 -mbedtls_mpi_div_int:16:"00":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Test mbedtls_mpi_div_int: 0 (null) / 1 -mbedtls_mpi_div_int:16:"":1:16:"":16:"":0 - -Base test mbedtls_mpi_mod_mpi #1 -mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0 - -Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null)) -mbedtls_mpi_mod_mpi:10:"1000":10:"":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb)) -mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_mod_mpi #3 -mbedtls_mpi_mod_mpi:10:"-1000":10:"13":10:"1":0 - -Base test mbedtls_mpi_mod_mpi #4 (Negative modulo) -mbedtls_mpi_mod_mpi:10:"1000":10:"-13":10:"-1":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_mod_mpi #5 (Negative modulo) -mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Test mbedtls_mpi_mod_mpi: 0 (null) % 1 -mbedtls_mpi_mod_mpi:16:"":16:"1":16:"":0 - -Test mbedtls_mpi_mod_mpi: 0 (null) % -1 -mbedtls_mpi_mod_mpi:16:"":16:"-1":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_mod_int #1 -mbedtls_mpi_mod_int:10:"1000":13:12:0 - -Base test mbedtls_mpi_mod_int #2 (Divide by zero) -mbedtls_mpi_mod_int:10:"1000":0:0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO - -Base test mbedtls_mpi_mod_int #3 -mbedtls_mpi_mod_int:10:"-1000":13:1:0 - -Base test mbedtls_mpi_mod_int #4 (Negative modulo) -mbedtls_mpi_mod_int:10:"1000":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_mod_int #5 (Negative modulo) -mbedtls_mpi_mod_int:10:"-1000":-13:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_mod_int #6 (By 1) -mbedtls_mpi_mod_int:10:"1000":1:0:0 - -Base test mbedtls_mpi_mod_int #7 (By 2) -mbedtls_mpi_mod_int:10:"1001":2:1:0 - -Base test mbedtls_mpi_mod_int #8 (By 2) -mbedtls_mpi_mod_int:10:"1000":2:0:0 - -Test mbedtls_mpi_mod_int: 0 (null) % 1 -mbedtls_mpi_mod_int:16:"":1:0:0 - -Test mbedtls_mpi_mod_int: 0 (null) % -1 -mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE - -Base test mbedtls_mpi_exp_mod #1 -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0 - -Base test mbedtls_mpi_exp_mod #2 (Even N) -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_exp_mod #2 (N = 0 (null)) -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_exp_mod #3 (Negative N) -mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_exp_mod #4 (Negative base) -mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"5":0 - -Base test mbedtls_mpi_exp_mod #5 (Negative exponent) -mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent) -mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9 -mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9 -mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9 -mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0 - -Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9 -mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0 - -Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9 -mbedtls_mpi_exp_mod:16:"00":16:"":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9 -mbedtls_mpi_exp_mod:16:"00":16:"00":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9 -mbedtls_mpi_exp_mod:16:"00":16:"01":16:"09":16:"":0 - -Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9 -mbedtls_mpi_exp_mod:16:"00":16:"02":16:"09":16:"":0 - -Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9 -mbedtls_mpi_exp_mod:16:"01":16:"":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9 -mbedtls_mpi_exp_mod:16:"04":16:"":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9 -mbedtls_mpi_exp_mod:16:"0a":16:"":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9 -mbedtls_mpi_exp_mod:16:"01":16:"00":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9 -mbedtls_mpi_exp_mod:16:"04":16:"00":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9 -mbedtls_mpi_exp_mod:16:"0a":16:"00":16:"09":16:"1":0 - -Test mbedtls_mpi_exp_mod: MAX_SIZE exponent -mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0 - -Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent -mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:10:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_exp_mod: MAX_SIZE modulus -mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE:10:"":0 - -Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 modulus -mbedtls_mpi_exp_mod_size:2:2:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_exp_mod: MAX_SIZE exponent and modulus -mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:10:"":0 - -Test mbedtls_mpi_exp_mod: MAX_SIZE + 1 exponent and modulus -mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE + 1:MBEDTLS_MPI_MAX_SIZE + 1:10:"":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_exp_mod #1 -depends_on:MPI_MAX_BITS_LARGER_THAN_792 -mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0 - -Test mbedtls_mpi_exp_mod (Negative base) [#1] -mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"1":0 - -Test mbedtls_mpi_exp_mod (Negative base) [#2] -depends_on:MPI_MAX_BITS_LARGER_THAN_792 -mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0 - -Base test GCD #1 -mbedtls_mpi_gcd:10:"693":10:"609":10:"21" - -Base test GCD #2 -mbedtls_mpi_gcd:10:"1764":10:"868":10:"28" - -Base test GCD #3 -mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1" - -Test GCD: 0 (null), 0 (null) -mbedtls_mpi_gcd:16:"":16:"":16:"0" - -Test GCD: 0 (null), 0 (1 limb) -mbedtls_mpi_gcd:16:"":16:"00":16:"0" - -Test GCD: 0 (null), 3 -mbedtls_mpi_gcd:16:"":16:"03":16:"3" - -Test GCD: 0 (null), 6 -mbedtls_mpi_gcd:16:"":16:"06":16:"6" - -Test GCD: 0 (1 limb), 0 (null) -mbedtls_mpi_gcd:16:"00":16:"":16:"0" - -Test GCD: 0 (1 limb), 3 -mbedtls_mpi_gcd:16:"00":16:"03":16:"3" - -Test GCD: 0 (1 limb), 6 -mbedtls_mpi_gcd:16:"00":16:"06":16:"6" - -Test GCD: 3, 0 (null) -mbedtls_mpi_gcd:16:"03":16:"":16:"3" - -Test GCD: 3, 0 (1 limb) -mbedtls_mpi_gcd:16:"03":16:"00":16:"3" - -Test GCD: 6, 0 (null) -mbedtls_mpi_gcd:16:"06":16:"":16:"6" - -Test GCD: 6, 0 (1 limb) -mbedtls_mpi_gcd:16:"06":16:"00":16:"6" - -Test GCD: gcd=1, 0 < A < B -mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" - -Test GCD: gcd=1, 0 < B < A -mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1" - -Test GCD: gcd=1, A > 0, B < 0 -mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" - -Test GCD: gcd=1, A < 0 < B, |A| < |B| -mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" - -Test GCD: gcd=1, B < A < 0 -mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1" - -Test GCD: gcd=2, 0 < A < B -mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2" - -Test GCD: gcd=2, 0 < B < A -mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2" - -Test GCD: gcd=3, 0 < A < B -mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3" - -Test GCD: gcd=3, 0 < B < A -mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3" - -Test GCD: gcd=4, 0 < A < B -mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4" - -Test GCD: gcd=4, 0 < B < A -mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4" - -Test GCD: gcd=6, 0 < A < B -mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6" - -Test GCD: gcd=6, 0 < B < A -mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6" - -Test GCD: 0 < A = B -mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847" - -Base test mbedtls_mpi_inv_mod #1 -mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0 - -Test mbedtls_mpi_inv_mod: mod 0 (null) -mbedtls_mpi_inv_mod:10:"3":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_inv_mod: mod 0 (1 limb) -mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_inv_mod: mod negative -mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_inv_mod: 2^-1 mod 4 -mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_inv_mod: mod 1 -mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_inv_mod: 0 (null) ^-1 -mbedtls_mpi_inv_mod:16:"":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1 -mbedtls_mpi_inv_mod:16:"00":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_inv_mod #1 -mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0 - -Base test mbedtls_mpi_is_prime #1 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Base test mbedtls_mpi_is_prime #2 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"1":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Base test mbedtls_mpi_is_prime #3 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"2":0 - -Base test mbedtls_mpi_is_prime #4 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"3":0 - -Base test mbedtls_mpi_is_prime #5 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"4":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Base test mbedtls_mpi_is_prime #6 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"5":0 - -Base test mbedtls_mpi_is_prime #7 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"27":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Base test mbedtls_mpi_is_prime #8 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"47":0 - -Test mbedtls_mpi_is_prime #1a -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"83726728883146151979668243326097049289208482987685965276439157162337476477581":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_is_prime #1b -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"81248637410584921454869308488899267096530643632730258201256092582281263244641":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_is_prime #2a -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912099":0 - -Test mbedtls_mpi_is_prime #2b -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912001":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE - -Test mbedtls_mpi_is_prime #3 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"2833419889721787128217599":0 - -Test mbedtls_mpi_is_prime #4 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"195845982777569926302400511":0 - -Test mbedtls_mpi_is_prime #5 [#1] -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"4776913109852041418248056622882488319":0 - -Test mbedtls_mpi_is_prime #5 [#2] -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"768614336404564651":0 - -Test mbedtls_mpi_is_prime #6 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"201487636602438195784363":0 - -Test mbedtls_mpi_is_prime #7 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"845100400152152934331135470251":0 - -Test mbedtls_mpi_is_prime #8 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"56713727820156410577229101238628035243":0 - -Test mbedtls_mpi_is_prime #9 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":0 - -Test mbedtls_mpi_is_prime #10 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":0 - -Test mbedtls_mpi_is_prime #11 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"319705304701141539155720137200974664666792526059405792539680974929469783512821793995613718943171723765238853752439032835985158829038528214925658918372196742089464683960239919950882355844766055365179937610326127675178857306260955550407044463370239890187189750909036833976197804646589380690779463976173":0 - -Test mbedtls_mpi_is_prime #12 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"200603822195324642393516294012917598972967449320074999667103434371470616000652036570009912021332527788252300901905236578801044680456930305350440933538867383130165841118050781326291059830545891570648243241795871":0 - -Test mbedtls_mpi_is_prime #13 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"827131507221654563937832686696200995595835694437983658840870036586124168186967796809117749047430768825822857042432722828096779098498192459819306321073968735177531164565305635281198148032612029767584644305912099":0 - -Test mbedtls_mpi_is_prime #14 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"964274047248418797145090983157197980855078966882276492572788532954904112655338439361306213898569516593744267391754033306465125919199692703323878557833023573312685002670662846477592597659826113460619815244721311":0 - -Test mbedtls_mpi_is_prime #15 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"170141183460469231731687303715884105727":0 - -Test mbedtls_mpi_is_prime #16 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"2147483647":0 - -Test mbedtls_mpi_is_prime #17 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"961748941":0 - -Test mbedtls_mpi_is_prime #18 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"179424691":0 - -Test mbedtls_mpi_is_prime #19 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"32452867":0 - -Test mbedtls_mpi_is_prime #20 -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime:10:"49979687":0 - -Test mbedtls_mpi_is_prime_det (4 non-witnesses) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime_det:"043BD64BA10B11DA83FBD296B04BCA9E0552FAF6E09CAC74E2D7E735ED0DB09FC47ED76145644203EE0C826013BC602F560BCDAAED557D04683859A65D659FF828A245A2C5B1AC41E01E4669A525A45E23AF":"040EA852F7935ACCECC0E87B845281F047D10DC9AAFEF990AF9D3D66770DA30B0C5B5E03EEA8C0CB79B936FE0BB8EE5389EC1D34EB16C58AA3F2E11AF084160CDF6400BE1CC179867AB074866952D9F34EE7042D27F960E715A97FCB93F3182247D0A6AE51BD21CC2F6B0651F9E572C5FB86F3137053FA85FD7A51816D69B3A53A5A438C17754836D04E98CA240B901F828332F2D72D88C497DA45F533F99A6E53EDEA6B0424EC8951B048FA9A80134B37D0A67014597934E3CFC52C5A4DD4751ADF8D66FC79E84E2A3148C4B15C17E12CB659390FD275F39A331FFC80EC699BC3F6FAB868E30E9B14575FCDAB6FAED01E00112DD28704177E09C335AD43A696FEA761E8DF3B0663277A5C3637F9060CB5E5654F72E9A6B0F369E660AD4CF7ABF4195493545B367BD55271CD4BB7D9C15D3F508FE8F7409C2126FC8E73B43A67CD4EFB21E9F15DBF040A2A8D5F5ED75CEAC12B595C0051F3EC9D5A58ACE82A9506E64F780E9836728260FFE1BFD73E8A9869E3D46A35A856D3028F7FEAB9F4F1A04449AEDC80017EE1014080D87F0B50C8EF255324CD89F7D039":82:5 - -Test mbedtls_mpi_is_prime_det (39 non-witnesses) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_is_prime_det:"155102B67930FBE8858DF6C0642D77D419A7B7968E622CC7500F3E3F2C5168368C50E0083187":"119B3E2C721834D83416239B04447AA18AE0163E61DCAE97054563D79E094A6FA4485BD6A0501445BF57FE9C058926CDB862E04CC1A95D79D61D9AB3466857A53E04F8D7470C9C86649B226A13DDC534E18DFD5C22FAEA317CA4D4960F18457FD6D2FFB5F3273F74C89980DC774590D8D30D1159CA81999ED94A042D67DA68C82616AD46C2C88288A8EBD0B37AC7C152D9522CA4544642AD1210F6B642FEBF43563FA872B0DEFAFC69D0B6570E8FEA9570D0AADCFA9B06CC8BFD62CEDC221541210EEEF9762448C6D49F26AA767A4D66CB168589E0201923015314E6CD4A480E5936E7CF145F73A564C5B782635B3AFC3028E2632C5D3458224A7C9E8BA1876E8F690463C878292D3DC011E9640331E7F7621F2B5E0F6713DD8C9D6767521C4BA880DA8D11C67753C8493D2C4C4F1443147550D0B25B7FAD04EAFA9F8AA60974C1365C8A794CFEECEB4279B1150909A97E5A7A10B5D91186CA5B25A612036631FE73529C8CFAE51E76FB704A772DE5320EFC1212E7A399B1FEBF57D014AF9129DFF5D2C5DFBBEEAC55F360CF6D22FA90B8E2E9AD0C71AB6495A9452A58D653B8CC26128C66B43EFBA6E39AEC5717A1A3C2AE1449FCABAFE1180B159DA55190CD81A3D9E8D798647E11B827F0A057D6DA5AAD78AB5112EE65E10E8B8B369BA24E1B8AD2CD8548C497016C07A143DE1232F8059BE303572456FA92E76A0F23D1340629228B7D27C02D3833A72745B91A3DBEB5E081117A9F19597F00E4277B414FAEA8C8CEB895C37F956A5A22F8D7A10ADA50B22BAB312504904511AA0EFDD4D3BF20ECB17E8A684564FFB5BBD5E22C429F9A75A4FB4AE468FE7612ED53C7A11212E7EF3435CC9CA6E7DB167B8CCE2BECF35F89013F8F876223C77FA81570970858663C6E32B91080AA47F9C90177F51E6FD7747B910C9489C7B6ACB070996198AD9A40A69711274159210A9A12DBAAA4FB4632446066AB70D735DC95F7C2BCE517E88C064D728DE82B1B043DF4AEE0EFF5131120A4E5B9B4180EB6F6B8A0D1491ABDA069058A9966B1A517D8E7B4997DC52A1E698FD79E271153DF1913FE6787A5D99DE69F39C3F22D26DC731CFBB33FF5C267D85D7A3DAE8E1C87E1DB2F1236212EF1942EA756967FB3D07D629E59EA4034D9A9B5E270DD4A31C8A3DFDA99C1094B5537132C196DA2AEAF5253A019B9AF25B5DCB0D4DD75C7C9C353DA9DAABFB23959A5455312E7E1C21268C1BC14E83DCFDF50C27FD3E8B4EDC04C5F3CB5FCFFF2B57151E1B1EE1A6456DC006BC43E1158674AA4CF7D146DE4A57103BE43ED130C8007294ED2418C7A2B769A7D20EBB5A8367A77B313F81BB119B9954305FF160FF83EED7F808EE6D340A5CCC000CF81AA497D315D350CCE4E86A31456B8AA85B677491FC662933DFA55EB5BFF64B8D85430D676A85D1CAFAFF383E68C4E6C22A51063739EC03FC58C36C07C44E54828BE2152B2E9AFB0F179B157D09B64C147B524BB5424BB1914419424D9100D06EDCFC718F4DF3D562E9E16C446663F35273CA7BC5426B868A80C8D415C9A12A1619CDB7CDB5BEBC70313150BDF8C3AB26B809FE62D28E798EF1EF98C410A2DA0A9071F82154AC569078B0E647E2C085D1D907E634453442803D0492D3D0C78CACB762020C0E589C8B0981321EA2771305FD0413F3B2963FCE9A232F6641DB7E12ADC009A032063C41756E5E19E5711DE12711F07AFE7545B4D83F3EFD7BFD0435297C89DF3D4AF96EBE2CE8D64B93E36EA5D7E5A0492151D0CAEE7449A7D35E1A3C83E22C3B35162C073CC3B1CF76FBDEE84270721FC042EAAEB7325110181415E2031CFB7462F15111291CDAC0560FF9F4C7341F2FA261B97CEF348D074AA2EB4DB153FE6B1410519DA4213B611999868F3B867A2B6D758D333C4989DE80782683CA26ECDE373C71524F01B76349CE8A07A5EBECBB42259CF970DDA756EC996B189FEA045FEE45F23D476960913106ECA2510B8517AA75D56FA4152B2BDDC212014E5D07FD964D6EE532F0616DF74E104659955132331FABF2D2AD265E71C93C648A956FA0A3DB21FF103D516527F2DA0E870340B61EE8A8ED913B60605EB5A67B834D0FC90564386012585609870FEF6530B3E3C037B55506F0B5694F6B0FC":38:40 - -Test mbedtls_mpi_gen_prime (Too small) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:2:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Test mbedtls_mpi_gen_prime (OK, minimum size) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:3:0:0 - -Test mbedtls_mpi_gen_prime (corner case limb size -1 bits) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:63:0:0 - -Test mbedtls_mpi_gen_prime (corner case limb size) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:64:0:0 - -Test mbedtls_mpi_gen_prime (corner case limb size +1 bits) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:65:0:0 - -Test mbedtls_mpi_gen_prime (Larger) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:128:0:0 - -Test mbedtls_mpi_gen_prime (Safe) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH:0 - -Test mbedtls_mpi_gen_prime (Safe with lower error rate) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH | MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 - -Test mbedtls_mpi_gen_prime standard RSA #1 (lower error rate) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:1024:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 - -Test mbedtls_mpi_gen_prime standard RSA #2 (lower error rate) -depends_on:MBEDTLS_GENPRIME -mbedtls_mpi_gen_prime:1536:MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR:0 - -Test bit getting (Value bit 25) -mbedtls_mpi_get_bit:10:"49979687":25:1 - -Test bit getting (Larger but same limb) -mbedtls_mpi_get_bit:10:"49979687":26:0 - -Test bit getting (Larger and non-existing limb) -mbedtls_mpi_get_bit:10:"49979687":500:0 - -Test bit getting in 0 (null) -mbedtls_mpi_get_bit:10:"":500:0 - -Test bit getting (Value bit 24) -mbedtls_mpi_get_bit:10:"49979687":24:0 - -Test bit getting (Value bit 23) -mbedtls_mpi_get_bit:10:"49979687":23:1 - -Test bit set (Change existing value with a 1) -mbedtls_mpi_set_bit:10:"49979687":24:1:10:"66756903":0 - -Test bit set (Change existing value with a 0) -mbedtls_mpi_set_bit:10:"49979687":25:0:10:"16425255":0 - -Test bit set (Add above existing limbs with a 0) -mbedtls_mpi_set_bit:10:"49979687":80:0:10:"49979687":0 - -Test bit set (Add above existing limbs with a 1) -mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0 - -Test bit set (Add to 0 (null) with a 0) -mbedtls_mpi_set_bit:16:"":65:0:16:"":0 - -Test bit set (Add to 0 (null) with a 1) -mbedtls_mpi_set_bit:16:"":65:1:16:"020000000000000000":0 - -Test bit set (Bit index larger than 31 with a 0) -mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0 - -Test bit set (Bit index larger than 31 with a 1) -mbedtls_mpi_set_bit:16:"00":32:1:16:"0100000000":0 - -Test bit set (Invalid bit value) -mbedtls_mpi_set_bit:16:"00":5:2:16:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -Fill random: 0 bytes -mpi_fill_random:0:0:0:0 - -Fill random: 1 byte, good -mpi_fill_random:1:1:0:0 - -Fill random: 2 bytes, good, no leading zero -mpi_fill_random:2:2:0:0 - -Fill random: 2 bytes, good, 1 leading zero -mpi_fill_random:2:256:0:0 - -Fill random: MAX_SIZE - 7, good -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE - 7:MBEDTLS_MPI_MAX_SIZE - 7:0:0 - -Fill random: MAX_SIZE, good -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE:0:0 - -Fill random: 0 bytes, previously small >0 -mpi_fill_random:0:0:1:0 - -Fill random: 0 bytes, previously small <0 -mpi_fill_random:0:0:-1:0 - -Fill random: 0 bytes, previously large >0 -mpi_fill_random:0:0:65:0 - -Fill random: 0 bytes, previously large <0 -mpi_fill_random:0:0:-65:0 - -Fill random: 1 byte, previously small >0 -mpi_fill_random:1:1:1:0 - -Fill random: 1 byte, previously small <0 -mpi_fill_random:1:1:-1:0 - -Fill random: 1 byte, previously large >0 -mpi_fill_random:1:1:65:0 - -Fill random: 1 byte, previously large <0 -mpi_fill_random:1:1:-65:0 - -Fill random: 9 bytes, previously small >0 -mpi_fill_random:1:1:1:0 - -Fill random: 9 bytes, previously small <0 -mpi_fill_random:1:1:-1:0 - -Fill random: 1 byte, RNG failure -mpi_fill_random:1:0:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 2 bytes, RNG failure after 1 byte -mpi_fill_random:2:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 4 bytes, RNG failure after 3 bytes -mpi_fill_random:4:3:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 8 bytes, RNG failure after 7 bytes -mpi_fill_random:8:7:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 16 bytes, RNG failure after 1 bytes -mpi_fill_random:16:1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 16 bytes, RNG failure after 8 bytes -mpi_fill_random:16:8:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: 16 bytes, RNG failure after 15 bytes -mpi_fill_random:16:15:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -Fill random: MAX_SIZE bytes, RNG failure after MAX_SIZE-1 bytes -mpi_fill_random:MBEDTLS_MPI_MAX_SIZE:MBEDTLS_MPI_MAX_SIZE-1:0:MBEDTLS_ERR_ENTROPY_SOURCE_FAILED - -MPI random in range: 1..2 -mpi_random_many:1:"02":1000 - -MPI random in range: 1..3 -mpi_random_many:1:"03":1000 - -MPI random in range: 1..4 -mpi_random_many:1:"04":1000 - -MPI random in range: 1..5 -mpi_random_many:1:"05":1000 - -MPI random in range: 1..6 -mpi_random_many:1:"06":1000 - -MPI random in range: 1..7 -mpi_random_many:1:"07":1000 - -MPI random in range: 1..8 -mpi_random_many:1:"08":1000 - -MPI random in range: 1..9 -mpi_random_many:1:"09":1000 - -MPI random in range: 1..10 -mpi_random_many:1:"0a":1000 - -MPI random in range: 1..11 -mpi_random_many:1:"0b":1000 - -MPI random in range: 1..12 -mpi_random_many:1:"0c":1000 - -MPI random in range: 1..255 -mpi_random_many:1:"ff":100 - -MPI random in range: 1..256 -mpi_random_many:1:"0100":100 - -MPI random in range: 1..257 -mpi_random_many:1:"0101":100 - -MPI random in range: 1..272 -mpi_random_many:1:"0110":100 - -MPI random in range: 1..2^64-1 -mpi_random_many:1:"ffffffffffffffff":100 - -MPI random in range: 1..2^64 -mpi_random_many:1:"010000000000000000":100 - -MPI random in range: 1..2^64+1 -mpi_random_many:1:"010000000000000001":100 - -MPI random in range: 1..2^64+2^63 -mpi_random_many:1:"018000000000000000":100 - -MPI random in range: 1..2^65-1 -mpi_random_many:1:"01ffffffffffffffff":100 - -MPI random in range: 1..2^65 -mpi_random_many:1:"020000000000000000":100 - -MPI random in range: 1..2^65+1 -mpi_random_many:1:"020000000000000001":100 - -MPI random in range: 1..2^65+2^64 -mpi_random_many:1:"030000000000000000":100 - -MPI random in range: 1..2^66+2^65 -mpi_random_many:1:"060000000000000000":100 - -MPI random in range: 1..2^71-1 -mpi_random_many:1:"7fffffffffffffffff":100 - -MPI random in range: 1..2^71 -mpi_random_many:1:"800000000000000000":100 - -MPI random in range: 1..2^71+1 -mpi_random_many:1:"800000000000000001":100 - -MPI random in range: 1..2^71+2^70 -mpi_random_many:1:"c00000000000000000":100 - -MPI random in range: 1..2^72-1 -mpi_random_many:1:"ffffffffffffffffff":100 - -MPI random in range: 1..2^72 -mpi_random_many:1:"01000000000000000000":100 - -MPI random in range: 1..2^72+1 -mpi_random_many:1:"01000000000000000001":100 - -MPI random in range: 1..2^72+2^71 -mpi_random_many:1:"01800000000000000000":100 - -MPI random in range: 0..1 -mpi_random_many:0:"04":10000 - -MPI random in range: 0..4 -mpi_random_many:0:"04":10000 - -MPI random in range: 2..4 -mpi_random_many:2:"04":10000 - -MPI random in range: 3..4 -mpi_random_many:3:"04":10000 - -MPI random in range: smaller result -mpi_random_sizes:1:"aaaaaaaaaaaaaaaabbbbbbbbbbbbbbbb":1:0 - -MPI random in range: same size result (32-bit limbs) -mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":2:0 - -MPI random in range: same size result (64-bit limbs) -mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":1:0 - -MPI random in range: larger result -mpi_random_sizes:1:"aaaaaaaaaaaaaaaa":3:0 - -## The "0 limb in upper bound" tests rely on the fact that -## mbedtls_mpi_read_binary() bases the size of the MPI on the size of -## the input, without first checking for leading zeros. If this was -## not the case, the tests would still pass, but would not exercise -## the advertised behavior. -MPI random in range: leading 0 limb in upper bound #0 -mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":0:0 - -MPI random in range: leading 0 limb in upper bound #1 -mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":1:0 - -MPI random in range: leading 0 limb in upper bound #2 -mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":2:0 - -MPI random in range: leading 0 limb in upper bound #3 -mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":3:0 - -MPI random in range: leading 0 limb in upper bound #4 -mpi_random_sizes:1:"00aaaaaaaaaaaaaaaa":4:0 - -MPI random in range: previously small >0 -mpi_random_sizes:1:"1234567890":4:1 - -MPI random in range: previously small <0 -mpi_random_sizes:1:"1234567890":4:-1 - -MPI random in range: previously large >0 -mpi_random_sizes:1:"1234":4:65 - -MPI random in range: previously large <0 -mpi_random_sizes:1:"1234":4:-65 - -MPI random bad arguments: min < 0 -mpi_random_fail:-1:"04":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI random bad arguments: min = N = 0 -mpi_random_fail:0:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI random bad arguments: min = N = 1 -mpi_random_fail:1:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI random bad arguments: min > N = 0 -mpi_random_fail:1:"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI random bad arguments: min > N = 1 -mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI random bad arguments: min > N = 1, 0 limb in upper bound -mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA - -MPI Selftest -depends_on:MBEDTLS_SELF_TEST -mpi_selftest: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_mpi.function b/third_party/mbedtls/repo/tests/suites/test_suite_mpi.function deleted file mode 100644 index 360916a4a6b..00000000000 --- a/third_party/mbedtls/repo/tests/suites/test_suite_mpi.function +++ /dev/null @@ -1,1644 +0,0 @@ -/* BEGIN_HEADER */ -#include "mbedtls/bignum.h" -#include "mbedtls/entropy.h" - -#if MBEDTLS_MPI_MAX_BITS > 792 -#define MPI_MAX_BITS_LARGER_THAN_792 -#endif - -/* Check the validity of the sign bit in an MPI object. Reject representations - * that are not supported by the rest of the library and indicate a bug when - * constructing the value. */ -static int sign_is_valid( const mbedtls_mpi *X ) -{ - if( X->s != 1 && X->s != -1 ) - return( 0 ); // invalid sign bit, e.g. 0 - if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 ) - return( 0 ); // negative zero - return( 1 ); -} - -typedef struct mbedtls_test_mpi_random -{ - data_t *data; - size_t pos; - size_t chunk_len; -} mbedtls_test_mpi_random; - -/* - * This function is called by the Miller-Rabin primality test each time it - * chooses a random witness. The witnesses (or non-witnesses as provided by the - * test) are stored in the data member of the state structure. Each number is in - * the format that mbedtls_mpi_read_string understands and is chunk_len long. - */ -int mbedtls_test_mpi_miller_rabin_determinizer( void* state, - unsigned char* buf, - size_t len ) -{ - mbedtls_test_mpi_random *random = (mbedtls_test_mpi_random*) state; - - if( random == NULL || random->data->x == NULL || buf == NULL ) - return( -1 ); - - if( random->pos + random->chunk_len > random->data->len - || random->chunk_len > len ) - { - return( -1 ); - } - - memset( buf, 0, len ); - - /* The witness is written to the end of the buffer, since the buffer is - * used as big endian, unsigned binary data in mbedtls_mpi_read_binary. - * Writing the witness to the start of the buffer would result in the - * buffer being 'witness 000...000', which would be treated as - * witness * 2^n for some n. */ - memcpy( buf + len - random->chunk_len, &random->data->x[random->pos], - random->chunk_len ); - - random->pos += random->chunk_len; - - return( 0 ); -} - -/* Random generator that is told how many bytes to return. */ -static int f_rng_bytes_left( void *state, unsigned char *buf, size_t len ) -{ - size_t *bytes_left = state; - size_t i; - for( i = 0; i < len; i++ ) - { - if( *bytes_left == 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - buf[i] = *bytes_left & 0xff; - --( *bytes_left ); - } - return( 0 ); -} - -/* Test whether bytes represents (in big-endian base 256) a number b that - * is significantly above a power of 2. That is, b must not have a long run - * of unset bits after the most significant bit. - * - * Let n be the bit-size of b, i.e. the integer such that 2^n <= b < 2^{n+1}. - * This function returns 1 if, when drawing a number between 0 and b, - * the probability that this number is at least 2^n is not negligible. - * This probability is (b - 2^n) / b and this function checks that this - * number is above some threshold A. The threshold value is heuristic and - * based on the needs of mpi_random_many(). - */ -static int is_significantly_above_a_power_of_2( data_t *bytes ) -{ - const uint8_t *p = bytes->x; - size_t len = bytes->len; - unsigned x; - - /* Skip leading null bytes */ - while( len > 0 && p[0] == 0 ) - { - ++p; - --len; - } - /* 0 is not significantly above a power of 2 */ - if( len == 0 ) - return( 0 ); - /* Extract the (up to) 2 most significant bytes */ - if( len == 1 ) - x = p[0]; - else - x = ( p[0] << 8 ) | p[1]; - - /* Shift the most significant bit of x to position 8 and mask it out */ - while( ( x & 0xfe00 ) != 0 ) - x >>= 1; - x &= 0x00ff; - - /* At this point, x = floor((b - 2^n) / 2^(n-8)). b is significantly above - * a power of 2 iff x is significantly above 0 compared to 2^8. - * Testing x >= 2^4 amounts to picking A = 1/16 in the function - * description above. */ - return( x >= 0x10 ); -} - -/* END_HEADER */ - -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ -void mpi_valid_param( ) -{ - TEST_VALID_PARAM( mbedtls_mpi_free( NULL ) ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void mpi_invalid_param( ) -{ - mbedtls_mpi X; - const char *s_in = "00101000101010"; - char s_out[16] = { 0 }; - unsigned char u_out[16] = { 0 }; - unsigned char u_in[16] = { 0 }; - size_t olen; - mbedtls_mpi_uint mpi_uint; - - TEST_INVALID_PARAM( mbedtls_mpi_init( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_grow( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_copy( &X, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_mpi_swap( NULL, &X ) ); - TEST_INVALID_PARAM( mbedtls_mpi_swap( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_assign( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( NULL, &X, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_safe_cond_swap( &X, NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_lset( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_get_bit( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_set_bit( NULL, 42, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( NULL, 2, s_in ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_string( &X, 2, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( NULL, 2, - s_out, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - NULL, sizeof( s_out ), - &olen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_string( &X, 2, - s_out, sizeof( s_out ), - NULL ) ); - -#if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( NULL, 2, stdin ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_file( &X, 2, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_file( "", NULL, 2, NULL ) ); -#endif /* MBEDTLS_FS_IO */ - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( NULL, u_in, - sizeof( u_in ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_read_binary( &X, NULL, - sizeof( u_in ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( NULL, u_out, - sizeof( u_out ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_write_binary( &X, NULL, - sizeof( u_out ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_l( NULL, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_shift_r( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_abs( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_mpi( &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_cmp_int( NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_abs( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_add_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_sub_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mul_int( &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_mpi( &X, &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_div_int( &X, &X, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( 0, mbedtls_mpi_lsb( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_mpi( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( NULL, &X, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_mod_int( &mpi_uint, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( NULL, &X, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, NULL, &X, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, NULL, &X, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_exp_mod( &X, &X, &X, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( NULL, 42, - mbedtls_test_rnd_std_rand, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_fill_random( &X, 42, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_gcd( &X, &X, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( NULL, &X, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, NULL, &X ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_MPI_BAD_INPUT_DATA, - mbedtls_mpi_inv_mod( &X, &X, NULL ) ); - -exit: - return; -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_null( ) -{ - mbedtls_mpi X, Y, Z; - - mbedtls_mpi_init( &X ); - mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &Z ); - - TEST_ASSERT( mbedtls_mpi_get_bit( &X, 42 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lsb( &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_size( &X ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_read_write_string( int radix_X, char * input_X, int radix_A, - char * input_A, int output_size, int result_read, - int result_write ) -{ - mbedtls_mpi X; - char str[1000]; - size_t len; - - mbedtls_mpi_init( &X ); - - memset( str, '!', sizeof( str ) ); - - TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read ); - if( result_read == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write ); - if( result_write == 0 ) - { - TEST_ASSERT( strcasecmp( str, input_A ) == 0 ); - TEST_ASSERT( str[len] == '!' ); - } - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_read_binary( data_t * buf, int radix_A, char * input_A ) -{ - mbedtls_mpi X; - char str[1000]; - size_t len; - - mbedtls_mpi_init( &X ); - - - TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 ); - TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_read_binary_le( data_t * buf, int radix_A, char * input_A ) -{ - mbedtls_mpi X; - char str[1000]; - size_t len; - - mbedtls_mpi_init( &X ); - - - TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 ); - TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_write_binary( int radix_X, char * input_X, - data_t * input_A, int output_size, - int result ) -{ - mbedtls_mpi X; - unsigned char buf[1000]; - size_t buflen; - - memset( buf, 0x00, 1000 ); - - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - buflen = mbedtls_mpi_size( &X ); - if( buflen > (size_t) output_size ) - buflen = (size_t) output_size; - - TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == result ); - if( result == 0) - { - - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_write_binary_le( int radix_X, char * input_X, - data_t * input_A, int output_size, - int result ) -{ - mbedtls_mpi X; - unsigned char buf[1000]; - size_t buflen; - - memset( buf, 0x00, 1000 ); - - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - buflen = mbedtls_mpi_size( &X ); - if( buflen > (size_t) output_size ) - buflen = (size_t) output_size; - - TEST_ASSERT( mbedtls_mpi_write_binary_le( &X, buf, buflen ) == result ); - if( result == 0) - { - - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_mpi_read_file( int radix_X, char * input_file, - data_t * input_A, int result ) -{ - mbedtls_mpi X; - unsigned char buf[1000]; - size_t buflen; - FILE *file; - int ret; - - memset( buf, 0x00, 1000 ); - - mbedtls_mpi_init( &X ); - - file = fopen( input_file, "r" ); - TEST_ASSERT( file != NULL ); - ret = mbedtls_mpi_read_file( &X, radix_X, file ); - fclose(file); - TEST_ASSERT( ret == result ); - - if( result == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - buflen = mbedtls_mpi_size( &X ); - TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 ); - - - TEST_ASSERT( mbedtls_test_hexcmp( buf, input_A->x, - buflen, input_A->len ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_mpi_write_file( int radix_X, char * input_X, int output_radix, - char * output_file ) -{ - mbedtls_mpi X, Y; - FILE *file_out, *file_in; - int ret; - - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - file_out = fopen( output_file, "w" ); - TEST_ASSERT( file_out != NULL ); - ret = mbedtls_mpi_write_file( NULL, &X, output_radix, file_out ); - fclose(file_out); - TEST_ASSERT( ret == 0 ); - - file_in = fopen( output_file, "r" ); - TEST_ASSERT( file_in != NULL ); - ret = mbedtls_mpi_read_file( &Y, output_radix, file_in ); - fclose(file_in); - TEST_ASSERT( ret == 0 ); - - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_get_bit( int radix_X, char * input_X, int pos, int val ) -{ - mbedtls_mpi X; - mbedtls_mpi_init( &X ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_set_bit( int radix_X, char * input_X, int pos, int val, - int radix_Y, char * output_Y, int result ) -{ - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, output_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result ); - - if( result == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_lsb( int radix_X, char * input_X, int nr_bits ) -{ - mbedtls_mpi X; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_bitlen( int radix_X, char * input_X, int nr_bits ) -{ - mbedtls_mpi X; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_gcd( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A ) -{ - mbedtls_mpi A, X, Y, Z; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_cmp_int( int input_X, int input_A, int result_CMP ) -{ - mbedtls_mpi X; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_A ) == result_CMP); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_cmp_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int input_A ) -{ - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X, - int size_Y, char * input_Y, - int input_ret, int input_err ) -{ - unsigned ret = -1; - unsigned input_uret = input_ret; - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, input_Y ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err ); - if( input_err == 0 ) - TEST_ASSERT( ret == input_uret ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_cmp_abs( int radix_X, char * input_X, int radix_Y, - char * input_Y, int input_A ) -{ - mbedtls_mpi X, Y; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_copy( char *src_hex, char *dst_hex ) -{ - mbedtls_mpi src, dst, ref; - mbedtls_mpi_init( &src ); - mbedtls_mpi_init( &dst ); - mbedtls_mpi_init( &ref ); - - TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &ref, 16, dst_hex ) == 0 ); - - /* mbedtls_mpi_copy() */ - TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); - - /* mbedtls_mpi_safe_cond_assign(), assignment done */ - mbedtls_mpi_free( &dst ); - TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 ); - - /* mbedtls_mpi_safe_cond_assign(), assignment not done */ - mbedtls_mpi_free( &dst ); - TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &dst ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 ); - -exit: - mbedtls_mpi_free( &src ); - mbedtls_mpi_free( &dst ); - mbedtls_mpi_free( &ref ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_copy_self( char *input_X ) -{ - mbedtls_mpi X, A; - mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &A, 16, input_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_swap( char *X_hex, char *Y_hex ) -{ - mbedtls_mpi X, Y, X0, Y0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); - mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 ); - - /* mbedtls_mpi_swap() */ - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); - mbedtls_mpi_swap( &X, &Y ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); - - /* mbedtls_mpi_safe_cond_swap(), swap done */ - mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 ); - - /* mbedtls_mpi_safe_cond_swap(), swap not done */ - mbedtls_mpi_free( &X ); - mbedtls_mpi_free( &Y ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 ); - TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); - mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_swap_self( char *X_hex ) -{ - mbedtls_mpi X, X0; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 ); - - mbedtls_mpi_swap( &X, &X ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_shrink( int before, int used, int min, int after ) -{ - mbedtls_mpi X; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 ); - if( used > 0 ) - { - size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint ); - TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 ); - } - TEST_EQUAL( X.n, (size_t) before ); - TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 ); - TEST_EQUAL( X.n, (size_t) after ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A ) -{ - mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - - /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_add_mpi_inplace( int radix_X, char * input_X, int radix_A, - char * input_A ) -{ - mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - - -/* BEGIN_CASE */ -void mbedtls_mpi_add_abs( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A ) -{ - mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - - /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_add_int( int radix_X, char * input_X, int input_Y, - int radix_A, char * input_A ) -{ - mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_sub_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A ) -{ - mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - - /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Y ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_sub_abs( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A, - int sub_result ) -{ - mbedtls_mpi X, Y, Z, A; - int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - - res = mbedtls_mpi_sub_abs( &Z, &X, &Y ); - TEST_ASSERT( res == sub_result ); - TEST_ASSERT( sign_is_valid( &Z ) ); - if( res == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - - /* result == first operand */ - TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result ); - TEST_ASSERT( sign_is_valid( &X ) ); - if( sub_result == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - /* result == second operand */ - TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result ); - TEST_ASSERT( sign_is_valid( &Y ) ); - if( sub_result == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_sub_int( int radix_X, char * input_X, int input_Y, - int radix_A, char * input_A ) -{ - mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_mul_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A ) -{ - mbedtls_mpi X, Y, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_mul_int( int radix_X, char * input_X, int input_Y, - int radix_A, char * input_A, - char * result_comparison ) -{ - mbedtls_mpi X, Z, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 ); - TEST_ASSERT( sign_is_valid( &Z ) ); - if( strcmp( result_comparison, "==" ) == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - else if( strcmp( result_comparison, "!=" ) == 0 ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) != 0 ); - else - TEST_ASSERT( "unknown operator" == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_div_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A, - int radix_B, char * input_B, int div_result ) -{ - mbedtls_mpi X, Y, Q, R, A, B; - int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 ); - res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Q ) ); - TEST_ASSERT( sign_is_valid( &R ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &B ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_div_int( int radix_X, char * input_X, int input_Y, - int radix_A, char * input_A, int radix_B, - char * input_B, int div_result ) -{ - mbedtls_mpi X, Q, R, A, B; - int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A ); - mbedtls_mpi_init( &B ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 ); - res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Q ) ); - TEST_ASSERT( sign_is_valid( &R ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &A ); - mbedtls_mpi_free( &B ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_mod_mpi( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A, - int div_result ) -{ - mbedtls_mpi X, Y, A; - int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - res = mbedtls_mpi_mod_mpi( &X, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_mod_int( int radix_X, char * input_X, int input_Y, - int input_A, int div_result ) -{ - mbedtls_mpi X; - int res; - mbedtls_mpi_uint r; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - res = mbedtls_mpi_mod_int( &r, &X, input_Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( r == (mbedtls_mpi_uint) input_A ); - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E, - char * input_E, int radix_N, char * input_N, - int radix_X, char * input_X, int exp_result ) -{ - mbedtls_mpi A, E, N, RR, Z, X; - int res; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); - } - - /* Now test again with the speed-up parameter supplied as an output. */ - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); - } - - /* Now test again with the speed-up parameter supplied in calculated form. */ - res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ); - TEST_ASSERT( res == exp_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 ); - } - -exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_exp_mod_size( int A_bytes, int E_bytes, int N_bytes, - int radix_RR, char * input_RR, int exp_result ) -{ - mbedtls_mpi A, E, N, RR, Z; - mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); - - /* Set A to 2^(A_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &A, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &A, ( A_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &A, 0, 1 ) == 0 ); - - /* Set E to 2^(E_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &E, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &E, ( E_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 1 ) == 0 ); - - /* Set N to 2^(N_bytes - 1) + 1 */ - TEST_ASSERT( mbedtls_mpi_lset( &N, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &N, ( N_bytes * 8 ) - 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 ); - - if( strlen( input_RR ) ) - TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 ); - - TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result ); - -exit: - mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &RR ); mbedtls_mpi_free( &Z ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_inv_mod( int radix_X, char * input_X, int radix_Y, - char * input_Y, int radix_A, char * input_A, - int div_result ) -{ - mbedtls_mpi X, Y, Z, A; - int res; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - res = mbedtls_mpi_inv_mod( &Z, &X, &Y ); - TEST_ASSERT( res == div_result ); - if( res == 0 ) - { - TEST_ASSERT( sign_is_valid( &Z ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 ); - } - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_is_prime( int radix_X, char * input_X, int div_result ) -{ - mbedtls_mpi X; - int res; - mbedtls_mpi_init( &X ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( res == div_result ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_is_prime_det( data_t * input_X, data_t * witnesses, - int chunk_len, int rounds ) -{ - mbedtls_mpi X; - int res; - mbedtls_test_mpi_random rand; - - mbedtls_mpi_init( &X ); - rand.data = witnesses; - rand.pos = 0; - rand.chunk_len = chunk_len; - - TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 ); - res = mbedtls_mpi_is_prime_ext( &X, rounds - 1, - mbedtls_test_mpi_miller_rabin_determinizer, - &rand ); - TEST_ASSERT( res == 0 ); - - rand.data = witnesses; - rand.pos = 0; - rand.chunk_len = chunk_len; - - res = mbedtls_mpi_is_prime_ext( &X, rounds, - mbedtls_test_mpi_miller_rabin_determinizer, - &rand ); - TEST_ASSERT( res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ); - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void mbedtls_mpi_gen_prime( int bits, int flags, int ref_ret ) -{ - mbedtls_mpi X; - int my_ret; - - mbedtls_mpi_init( &X ); - - my_ret = mbedtls_mpi_gen_prime( &X, bits, flags, - mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( my_ret == ref_ret ); - - if( ref_ret == 0 ) - { - size_t actual_bits = mbedtls_mpi_bitlen( &X ); - - TEST_ASSERT( actual_bits >= (size_t) bits ); - TEST_ASSERT( actual_bits <= (size_t) bits + 1 ); - TEST_ASSERT( sign_is_valid( &X ) ); - - TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40, - mbedtls_test_rnd_std_rand, - NULL ) == 0 ); - if( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) - { - /* X = ( X - 1 ) / 2 */ - TEST_ASSERT( mbedtls_mpi_shift_r( &X, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40, - mbedtls_test_rnd_std_rand, - NULL ) == 0 ); - } - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_shift_l( int radix_X, char * input_X, int shift_X, - int radix_A, char * input_A ) -{ - mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mbedtls_mpi_shift_r( int radix_X, char * input_X, int shift_X, - int radix_A, char * input_A ) -{ - mbedtls_mpi X, A; - mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A ); - - TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 ); - TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 ); - TEST_ASSERT( sign_is_valid( &X ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 ); - -exit: - mbedtls_mpi_free( &X ); mbedtls_mpi_free( &A ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_fill_random( int wanted_bytes, int rng_bytes, - int before, int expected_ret ) -{ - mbedtls_mpi X; - int ret; - size_t bytes_left = rng_bytes; - mbedtls_mpi_init( &X ); - - if( before != 0 ) - { - /* Set X to sign(before) * 2^(|before|-1) */ - TEST_ASSERT( mbedtls_mpi_lset( &X, before > 0 ? 1 : -1 ) == 0 ); - if( before < 0 ) - before = - before; - TEST_ASSERT( mbedtls_mpi_shift_l( &X, before - 1 ) == 0 ); - } - - ret = mbedtls_mpi_fill_random( &X, wanted_bytes, - f_rng_bytes_left, &bytes_left ); - TEST_ASSERT( ret == expected_ret ); - - if( expected_ret == 0 ) - { - /* mbedtls_mpi_fill_random is documented to use bytes from the RNG - * as a big-endian representation of the number. We know when - * our RNG function returns null bytes, so we know how many - * leading zero bytes the number has. */ - size_t leading_zeros = 0; - if( wanted_bytes > 0 && rng_bytes % 256 == 0 ) - leading_zeros = 1; - TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros == - (size_t) wanted_bytes ); - TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes ); - TEST_ASSERT( sign_is_valid( &X ) ); - } - -exit: - mbedtls_mpi_free( &X ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_random_many( int min, data_t *bound_bytes, int iterations ) -{ - /* Generate numbers in the range 1..bound-1. Do it iterations times. - * This function assumes that the value of bound is at least 2 and - * that iterations is large enough that a one-in-2^iterations chance - * effectively never occurs. - */ - - mbedtls_mpi upper_bound; - size_t n_bits; - mbedtls_mpi result; - size_t b; - /* If upper_bound is small, stats[b] is the number of times the value b - * has been generated. Otherwise stats[b] is the number of times a - * value with bit b set has been generated. */ - size_t *stats = NULL; - size_t stats_len; - int full_stats; - size_t i; - - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); - - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - n_bits = mbedtls_mpi_bitlen( &upper_bound ); - /* Consider a bound "small" if it's less than 2^5. This value is chosen - * to be small enough that the probability of missing one value is - * negligible given the number of iterations. It must be less than - * 256 because some of the code below assumes that "small" values - * fit in a byte. */ - if( n_bits <= 5 ) - { - full_stats = 1; - stats_len = bound_bytes->x[bound_bytes->len - 1]; - } - else - { - full_stats = 0; - stats_len = n_bits; - } - ASSERT_ALLOC( stats, stats_len ); - - for( i = 0; i < (size_t) iterations; i++ ) - { - mbedtls_test_set_step( i ); - TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_ASSERT( sign_is_valid( &result ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); - if( full_stats ) - { - uint8_t value; - TEST_EQUAL( 0, mbedtls_mpi_write_binary( &result, &value, 1 ) ); - TEST_ASSERT( value < stats_len ); - ++stats[value]; - } - else - { - for( b = 0; b < n_bits; b++ ) - stats[b] += mbedtls_mpi_get_bit( &result, b ); - } - } - - if( full_stats ) - { - for( b = min; b < stats_len; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); - /* Assert that each value has been reached at least once. - * This is almost guaranteed if the iteration count is large - * enough. This is a very crude way of checking the distribution. - */ - TEST_ASSERT( stats[b] > 0 ); - } - } - else - { - int statistically_safe_all_the_way = - is_significantly_above_a_power_of_2( bound_bytes ); - for( b = 0; b < n_bits; b++ ) - { - mbedtls_test_set_step( 1000000 + b ); - /* Assert that each bit has been set in at least one result and - * clear in at least one result. Provided that iterations is not - * too small, it would be extremely unlikely for this not to be - * the case if the results are uniformly distributed. - * - * As an exception, the top bit may legitimately never be set - * if bound is a power of 2 or only slightly above. - */ - if( statistically_safe_all_the_way || b != n_bits - 1 ) - { - TEST_ASSERT( stats[b] > 0 ); - } - TEST_ASSERT( stats[b] < (size_t) iterations ); - } - } - -exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); - mbedtls_free( stats ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_random_sizes( int min, data_t *bound_bytes, int nlimbs, int before ) -{ - mbedtls_mpi upper_bound; - mbedtls_mpi result; - - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); - - if( before != 0 ) - { - /* Set result to sign(before) * 2^(|before|-1) */ - TEST_ASSERT( mbedtls_mpi_lset( &result, before > 0 ? 1 : -1 ) == 0 ); - if( before < 0 ) - before = - before; - TEST_ASSERT( mbedtls_mpi_shift_l( &result, before - 1 ) == 0 ); - } - - TEST_EQUAL( 0, mbedtls_mpi_grow( &result, nlimbs ) ); - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ) ); - TEST_ASSERT( sign_is_valid( &result ) ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 ); - -exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); -} -/* END_CASE */ - -/* BEGIN_CASE */ -void mpi_random_fail( int min, data_t *bound_bytes, int expected_ret ) -{ - mbedtls_mpi upper_bound; - mbedtls_mpi result; - int actual_ret; - - mbedtls_mpi_init( &upper_bound ); - mbedtls_mpi_init( &result ); - - TEST_EQUAL( 0, mbedtls_mpi_read_binary( &upper_bound, - bound_bytes->x, bound_bytes->len ) ); - actual_ret = mbedtls_mpi_random( &result, min, &upper_bound, - mbedtls_test_rnd_std_rand, NULL ); - TEST_EQUAL( expected_ret, actual_ret ); - -exit: - mbedtls_mpi_free( &upper_bound ); - mbedtls_mpi_free( &result ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void mpi_selftest( ) -{ - TEST_ASSERT( mbedtls_mpi_self_test( 1 ) == 0 ); -} -/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_mps.function b/third_party/mbedtls/repo/tests/suites/test_suite_mps.function index 9df8a3c6e41..03818ec3c1a 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_mps.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_mps.function @@ -25,7 +25,7 @@ */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_single_step_single_round( int with_acc ) +void mbedtls_mps_reader_no_pausing_single_step_single_round(int with_acc) { /* This test exercises the most basic use of the MPS reader: * - The 'producing' layer provides a buffer @@ -46,29 +46,31 @@ void mbedtls_mps_reader_no_pausing_single_step_single_round( int with_acc ) unsigned char *tmp; int paused; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Consume exactly what's available */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufA, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 100, bufA, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 ); - TEST_ASSERT( paused == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); + TEST_ASSERT(paused == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds( int with_acc ) +void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds(int with_acc) { /* This test exercises multiple rounds of the basic use of the MPS reader: * - The 'producing' layer provides a buffer @@ -89,37 +91,40 @@ void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds( int with_acc ) unsigned char acc[10]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Consume exactly what's available */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufA, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 100, bufA, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufB, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 100, bufB, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_multiple_steps_single_round( int with_acc ) +void mbedtls_mps_reader_no_pausing_multiple_steps_single_round(int with_acc) { /* This test exercises one round of the following: * - The 'producing' layer provides a buffer @@ -144,31 +149,33 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_single_round( int with_acc ) unsigned char *tmp; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, buf, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 70, buf + 10, 70 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, buf + 80, 20 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, buf, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 70, buf + 10, 70); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); + TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 80, 20); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds( int with_acc ) +void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds(int with_acc) { /* This test exercises one round of fetching a buffer in multiple chunks * and passing it back to the producer afterwards, followed by another @@ -179,35 +186,38 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds( int with_acc unsigned char *tmp; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - if( with_acc == 0 ) - mbedtls_mps_reader_init( &rd, NULL, 0 ); - else - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + if (with_acc == 0) { + mbedtls_mps_reader_init(&rd, NULL, 0); + } else { + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + } + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 70, bufA + 10, 70 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 20 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 70, bufA + 10, 70); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); + TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 20); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, bufB, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 100, bufB, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -224,22 +234,23 @@ void mbedtls_mps_reader_pausing_needed_disabled() unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -264,28 +275,29 @@ void mbedtls_mps_reader_pausing_needed_buffer_too_small() mbedtls_mps_reader rd; mbedtls_mps_size_t tmp_len; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, buf + 50, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, buf + 50, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, buf + 50, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, &tmp_len) == 0); + TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 50, 50); - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -295,7 +307,7 @@ void mbedtls_mps_reader_reclaim_overflow() /* This test exercises the behaviour of the MPS reader with accumulator * in the situation where upon calling mbedtls_mps_reader_reclaim(), the * uncommitted data together with the excess data missing in the last - * call to medtls_mps_reader_get() exceeds the bounds of the type + * call to mbedtls_mps_reader_get() exceeds the bounds of the type * holding the buffer length. */ @@ -304,28 +316,29 @@ void mbedtls_mps_reader_reclaim_overflow() unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); /* Excess request */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_pausing( int option ) +void mbedtls_mps_reader_pausing(int option) { /* This test exercises the behaviour of the reader when the * accumulator is used to fulfill a consumer's request. @@ -349,108 +362,108 @@ void mbedtls_mps_reader_pausing( int option ) unsigned char acc[40]; int paused; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + switch (option) { case 0: /* Single uncommitted fetch at pausing */ case 1: - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; default: /* Multiple uncommitted fetches at pausing */ break; } - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, &paused ) == 0 ); - TEST_ASSERT( paused == 1 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); + TEST_ASSERT(paused == 1); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - switch( option ) - { + switch (option) { case 0: /* Single fetch at pausing, re-fetch with commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 1: /* Single fetch at pausing, re-fetch without commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 2: /* Multiple fetches at pausing, repeat without commit. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 3: /* Multiple fetches at pausing, repeat with commit 1. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 4: /* Multiple fetches at pausing, repeat with commit 2. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 5: /* Multiple fetches at pausing, repeat with commit 3. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); } /* In all cases, fetch the rest of the second buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 90, bufB + 10, 90 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_pausing_multiple_feeds( int option ) +void mbedtls_mps_reader_pausing_multiple_feeds(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -471,93 +484,91 @@ void mbedtls_mps_reader_pausing_multiple_feeds( int option ) unsigned char acc[70]; mbedtls_mps_reader rd; mbedtls_mps_size_t fetch_len; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* 20 left, ask for 70 -> 50 overhead */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + switch (option) { case 0: /* 10 + 10 + 80 byte feed */ - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, 10 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 10, 10 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 20, 80 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, 10) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 10, 10) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 20, 80) == 0); break; case 1: /* 50 x 1byte */ - for( size_t num_feed = 0; num_feed < 49; num_feed++ ) - { - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); + for (size_t num_feed = 0; num_feed < 49; num_feed++) { + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); } - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 1) == 0); break; case 2: /* 49 x 1byte + 51bytes */ - for( size_t num_feed = 0; num_feed < 49; num_feed++ ) - { - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + num_feed, 1 ) == - MBEDTLS_ERR_MPS_READER_NEED_MORE ); + for (size_t num_feed = 0; num_feed < 49; num_feed++) { + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + num_feed, 1) == + MBEDTLS_ERR_MPS_READER_NEED_MORE); } - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB + 49, 51 ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB + 49, 51) == 0); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 70, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 50, bufB, 50 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 1000, &tmp, &fetch_len ) == 0 ); - switch( option ) - { + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 50, bufB, 50); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 1000, &tmp, &fetch_len) == 0); + switch (option) { case 0: - TEST_ASSERT( fetch_len == 50 ); + TEST_ASSERT(fetch_len == 50); break; case 1: - TEST_ASSERT( fetch_len == 0 ); + TEST_ASSERT(fetch_len == 0); break; case 2: - TEST_ASSERT( fetch_len == 50 ); + TEST_ASSERT(fetch_len == 50); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_reclaim_data_left( int option ) +void mbedtls_mps_reader_reclaim_data_left(int option) { /* This test exercises the behaviour of the MPS reader when a * call to mbedtls_mps_reader_reclaim() is made before all data @@ -566,53 +577,53 @@ void mbedtls_mps_reader_reclaim_data_left( int option ) unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - switch( option ) - { + switch (option) { case 0: /* Fetch (but not commit) the entire buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ), &tmp, NULL ) - == 0 ); - ASSERT_COMPARE( tmp, 100, buf, 100 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf), &tmp, NULL) + == 0); + TEST_MEMORY_COMPARE(tmp, 100, buf, 100); break; case 1: /* Fetch (but not commit) parts of the buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); break; case 2: /* Fetch and commit parts of the buffer, then * fetch but not commit the rest of the buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, buf, sizeof( buf ) / 2 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, sizeof( buf ) / 2, - &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, sizeof( buf ) / 2, - buf + sizeof( buf ) / 2, - sizeof( buf ) / 2 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, + &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, + buf + sizeof(buf) / 2, + sizeof(buf) / 2); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_DATA_LEFT ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_DATA_LEFT); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -626,33 +637,34 @@ void mbedtls_mps_reader_reclaim_data_left_retry() unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf + 50, 50 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_DATA_LEFT ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_DATA_LEFT); /* Consumption */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 50, buf + 50, 50 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_mps_reader_multiple_pausing( int option ) +void mbedtls_mps_reader_multiple_pausing(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -670,126 +682,128 @@ void mbedtls_mps_reader_multiple_pausing( int option ) unsigned char acc[50]; mbedtls_mps_size_t tmp_len; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); - for( size_t i=0; (unsigned) i < sizeof( bufC ); i++ ) - bufC[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufC); i++) { + bufC[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ /* Ask for more than what's available. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 80, bufA, 80 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); - switch( option ) - { + switch (option) { case 0: /* Fetch same chunks, commit afterwards, and * then exceed bounds of new buffer; accumulator * large enough. */ /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, &tmp_len ) == 0 ); - ASSERT_COMPARE( tmp, tmp_len, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, &tmp_len) == 0); + TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );; + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);; /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufB + 10, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufC, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufB + 10, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufC, 10); break; case 1: /* Fetch same chunks, commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 51, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 51, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); break; case 2: /* Fetch same chunks, don't commit afterwards, and * then exceed bounds of new buffer; accumulator * large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufC, sizeof( bufC ) ) == 0 );; + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufC, sizeof(bufC)) == 0);; /* Consume */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 50, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 20, bufB, 20 ); - ASSERT_COMPARE( tmp + 40, 10, bufC, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 20, bufB, 20); + TEST_MEMORY_COMPARE(tmp + 40, 10, bufC, 10); break; case 3: /* Fetch same chunks, don't commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 80, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 10, bufA + 90, 10 ); - ASSERT_COMPARE( tmp + 10, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 21, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 21, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Prepare */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == - MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == + MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER:MBEDTLS_MPS_STATE_VALIDATION */ -void mbedtls_mps_reader_random_usage( int num_out_chunks, - int max_chunk_size, - int max_request, - int acc_size ) +void mbedtls_mps_reader_random_usage(int num_out_chunks, + int max_chunk_size, + int max_request, + int acc_size) { /* Randomly pass a reader object back and forth between lower and @@ -829,130 +843,108 @@ void mbedtls_mps_reader_random_usage( int num_out_chunks, * returning the reader to the upper layer. */ mbedtls_mps_reader rd; - if( acc_size > 0 ) - { - ASSERT_ALLOC( acc, acc_size ); + if (acc_size > 0) { + TEST_CALLOC(acc, acc_size); } /* This probably needs to be changed because we want * our tests to be deterministic. */ // srand( time( NULL ) ); - ASSERT_ALLOC( outgoing, num_out_chunks * max_chunk_size ); - ASSERT_ALLOC( incoming, num_out_chunks * max_chunk_size ); + TEST_CALLOC(outgoing, num_out_chunks * max_chunk_size); + TEST_CALLOC(incoming, num_out_chunks * max_chunk_size); - mbedtls_mps_reader_init( &rd, acc, acc_size ); + mbedtls_mps_reader_init(&rd, acc, acc_size); cur_out_chunk = 0; in_commit = 0; in_fetch = 0; out_pos = 0; - while( cur_out_chunk < (unsigned) num_out_chunks ) - { - if( mode == 0 ) - { + while (cur_out_chunk < (unsigned) num_out_chunks) { + if (mode == 0) { /* Choose randomly between reclaim and feed */ rand_op = rand() % 2; - if( rand_op == 0 ) - { + if (rand_op == 0) { /* Reclaim */ - ret = mbedtls_mps_reader_reclaim( &rd, NULL ); + ret = mbedtls_mps_reader_reclaim(&rd, NULL); - if( ret == 0 ) - { - TEST_ASSERT( cur_chunk != NULL ); - mbedtls_free( cur_chunk ); + if (ret == 0) { + TEST_ASSERT(cur_chunk != NULL); + mbedtls_free(cur_chunk); cur_chunk = NULL; } reclaimed = 1; - } - else - { + } else { /* Feed reader with a random chunk */ unsigned char *tmp = NULL; size_t tmp_size; - if( cur_out_chunk == (unsigned) num_out_chunks ) + if (cur_out_chunk == (unsigned) num_out_chunks) { continue; + } - tmp_size = ( rand() % max_chunk_size ) + 1; - ASSERT_ALLOC( tmp, tmp_size ); + tmp_size = (rand() % max_chunk_size) + 1; + TEST_CALLOC(tmp, tmp_size); - TEST_ASSERT( mbedtls_test_rnd_std_rand( NULL, tmp, tmp_size ) == 0 ); - ret = mbedtls_mps_reader_feed( &rd, tmp, tmp_size ); + TEST_ASSERT(mbedtls_test_rnd_std_rand(NULL, tmp, tmp_size) == 0); + ret = mbedtls_mps_reader_feed(&rd, tmp, tmp_size); - if( ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE ) - { + if (ret == 0 || ret == MBEDTLS_ERR_MPS_READER_NEED_MORE) { cur_out_chunk++; - memcpy( outgoing + out_pos, tmp, tmp_size ); + memcpy(outgoing + out_pos, tmp, tmp_size); out_pos += tmp_size; } - if( ret == 0 ) - { - TEST_ASSERT( cur_chunk == NULL ); + if (ret == 0) { + TEST_ASSERT(cur_chunk == NULL); cur_chunk = tmp; - } - else - { - mbedtls_free( tmp ); + } else { + mbedtls_free(tmp); } } /* Randomly switch to consumption mode if reclaim * was called at least once. */ - if( reclaimed == 1 && rand() % 3 == 0 ) - { + if (reclaimed == 1 && rand() % 3 == 0) { in_fetch = 0; mode = 1; } - } - else - { + } else { /* Choose randomly between get tolerating fewer data, * get not tolerating fewer data, and commit. */ rand_op = rand() % 3; - if( rand_op == 0 || rand_op == 1 ) - { + if (rand_op == 0 || rand_op == 1) { mbedtls_mps_size_t get_size, real_size; unsigned char *chunk_get; - get_size = ( rand() % max_request ) + 1; - if( rand_op == 0 ) - { - ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get, - &real_size ); - } - else - { + get_size = (rand() % max_request) + 1; + if (rand_op == 0) { + ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get, + &real_size); + } else { real_size = get_size; - ret = mbedtls_mps_reader_get( &rd, get_size, &chunk_get, NULL ); + ret = mbedtls_mps_reader_get(&rd, get_size, &chunk_get, NULL); } /* Check if output is in accordance with what was written */ - if( ret == 0 ) - { - memcpy( incoming + in_commit + in_fetch, - chunk_get, real_size ); - TEST_ASSERT( memcmp( incoming + in_commit + in_fetch, - outgoing + in_commit + in_fetch, - real_size ) == 0 ); + if (ret == 0) { + memcpy(incoming + in_commit + in_fetch, + chunk_get, real_size); + TEST_ASSERT(memcmp(incoming + in_commit + in_fetch, + outgoing + in_commit + in_fetch, + real_size) == 0); in_fetch += real_size; } - } - else if( rand_op == 2 ) /* Commit */ - { - ret = mbedtls_mps_reader_commit( &rd ); - if( ret == 0 ) - { + } else if (rand_op == 2) { /* Commit */ + ret = mbedtls_mps_reader_commit(&rd); + if (ret == 0) { in_commit += in_fetch; in_fetch = 0; } } /* Randomly switch back to preparation */ - if( rand() % 3 == 0 ) - { + if (rand() % 3 == 0) { reclaimed = 0; mode = 0; } @@ -960,16 +952,16 @@ void mbedtls_mps_reader_random_usage( int num_out_chunks, } /* Cleanup */ - mbedtls_mps_reader_free( &rd ); - mbedtls_free( incoming ); - mbedtls_free( outgoing ); - mbedtls_free( acc ); - mbedtls_free( cur_chunk ); + mbedtls_mps_reader_free(&rd); + mbedtls_free(incoming); + mbedtls_free(outgoing); + mbedtls_free(acc); + mbedtls_free(cur_chunk); } /* END_CASE */ /* BEGIN_CASE depends_on:TEST_SUITE_MPS_READER */ -void mbedtls_reader_inconsistent_usage( int option ) +void mbedtls_reader_inconsistent_usage(int option) { /* This test exercises the behaviour of the MPS reader * in the following situation: @@ -989,130 +981,130 @@ void mbedtls_reader_inconsistent_usage( int option ) unsigned char acc[40]; mbedtls_mps_reader rd; int success = 0; - for( size_t i=0; (unsigned) i < sizeof( bufA ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(bufA); i++) { bufA[i] = (unsigned char) i; - for( size_t i=0; (unsigned) i < sizeof( bufB ); i++ ) - bufB[i] = ~ ((unsigned char) i); + } + for (size_t i = 0; (unsigned) i < sizeof(bufB); i++) { + bufB[i] = ~((unsigned char) i); + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, acc, sizeof( acc ) ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufA, sizeof( bufA ) ) == 0 ); + mbedtls_mps_reader_init(&rd, acc, sizeof(acc)); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 80, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 20, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_OUT_OF_DATA ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Preparation */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, bufB, sizeof( bufB ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ - switch( option ) - { + switch (option) { case 0: /* Ask for buffered data in a single chunk, no commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10); success = 1; break; case 1: /* Ask for buffered data in a single chunk, with commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 30, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 20, bufA + 80, 20 ); - ASSERT_COMPARE( tmp + 20, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; case 2: /* Ask for more than was requested when pausing, #1 */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 31, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 31, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 3: /* Ask for more than was requested when pausing #2 */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, (mbedtls_mps_size_t) -1, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 4: /* Asking for buffered data in different * chunks than before CAN fail. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 10, &tmp, NULL ) == - MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == + MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; case 5: /* Asking for buffered data different chunks * than before NEED NOT fail - no commits */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; case 6: /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; case 7: /* Asking for buffered data different chunks * than before NEED NOT fail - end commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; case 8: /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate & end commit */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 15, bufA + 80, 15 ); - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 15, &tmp, NULL ) == 0 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); - ASSERT_COMPARE( tmp, 5, bufA + 95, 5 ); - ASSERT_COMPARE( tmp + 5, 10, bufB, 10 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - if( success == 1 ) - { + if (success == 1) { /* In all succeeding cases, fetch the rest of the second buffer. */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 90, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 90, bufB + 10, 90 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); } /* Wrapup */ - mbedtls_mps_reader_free( &rd ); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -1124,25 +1116,26 @@ void mbedtls_mps_reader_feed_empty() unsigned char buf[100]; unsigned char *tmp; mbedtls_mps_reader rd; - for( size_t i=0; (unsigned) i < sizeof( buf ); i++ ) + for (size_t i = 0; (unsigned) i < sizeof(buf); i++) { buf[i] = (unsigned char) i; + } /* Preparation (lower layer) */ - mbedtls_mps_reader_init( &rd, NULL, 0 ); + mbedtls_mps_reader_init(&rd, NULL, 0); - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, NULL, sizeof( buf ) ) == - MBEDTLS_ERR_MPS_READER_INVALID_ARG ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, NULL, sizeof(buf)) == + MBEDTLS_ERR_MPS_READER_INVALID_ARG); /* Subsequent feed-calls should still succeed. */ - TEST_ASSERT( mbedtls_mps_reader_feed( &rd, buf, sizeof( buf ) ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ - TEST_ASSERT( mbedtls_mps_reader_get( &rd, 100, &tmp, NULL ) == 0 ); - ASSERT_COMPARE( tmp, 100, buf, 100 ); - TEST_ASSERT( mbedtls_mps_reader_commit( &rd ) == 0 ); + TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); + TEST_MEMORY_COMPARE(tmp, 100, buf, 100); + TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ - TEST_ASSERT( mbedtls_mps_reader_reclaim( &rd, NULL ) == 0 ); - mbedtls_mps_reader_free( &rd ); + TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + mbedtls_mps_reader_free(&rd); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_net.function b/third_party/mbedtls/repo/tests/suites/test_suite_net.function index 513b72364b4..fa09f5a64f8 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_net.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_net.function @@ -28,21 +28,20 @@ * On success, it refers to the opened file (\p wanted_fd). * \param wanted_fd The desired file descriptor. * - * \return \c 0 on succes, a negative error code on error. + * \return \c 0 on success, a negative error code on error. */ -static int open_file_on_fd( mbedtls_net_context *ctx, int wanted_fd ) +static int open_file_on_fd(mbedtls_net_context *ctx, int wanted_fd) { - int got_fd = open( "/dev/null", O_RDONLY ); - TEST_ASSERT( got_fd >= 0 ); - if( got_fd != wanted_fd ) - { - TEST_ASSERT( dup2( got_fd, wanted_fd ) >= 0 ); - TEST_ASSERT( close( got_fd ) >= 0 ); + int got_fd = open("/dev/null", O_RDONLY); + TEST_ASSERT(got_fd >= 0); + if (got_fd != wanted_fd) { + TEST_ASSERT(dup2(got_fd, wanted_fd) >= 0); + TEST_ASSERT(close(got_fd) >= 0); } ctx->fd = wanted_fd; - return( 0 ); + return 0; exit: - return( -1 ); + return -1; } #endif /* MBEDTLS_PLATFORM_IS_UNIXLIKE */ @@ -54,16 +53,17 @@ exit: */ /* BEGIN_CASE */ -void context_init_free( int reinit ) +void context_init_free(int reinit) { mbedtls_net_context ctx; - mbedtls_net_init( &ctx ); - mbedtls_net_free( &ctx ); + mbedtls_net_init(&ctx); + mbedtls_net_free(&ctx); - if( reinit ) - mbedtls_net_init( &ctx ); - mbedtls_net_free( &ctx ); + if (reinit) { + mbedtls_net_init(&ctx); + } + mbedtls_net_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -72,7 +72,7 @@ void context_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PLATFORM_IS_UNIXLIKE */ -void poll_beyond_fd_setsize( ) +void poll_beyond_fd_setsize() { /* Test that mbedtls_net_poll does not misbehave when given a file * descriptor greater or equal to FD_SETSIZE. This code is specific to @@ -85,7 +85,7 @@ void poll_beyond_fd_setsize( ) mbedtls_net_context ctx; uint8_t buf[1]; - mbedtls_net_init( &ctx ); + mbedtls_net_init(&ctx); /* On many systems, by default, the maximum permitted file descriptor * number is less than FD_SETSIZE. If so, raise the limit if @@ -99,17 +99,16 @@ void poll_beyond_fd_setsize( ) * might do); but we don't do such things in our test code, so the unit * test will run if it can. */ - TEST_ASSERT( getrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 ); - if( rlim_nofile.rlim_cur < FD_SETSIZE + 1 ) - { + TEST_ASSERT(getrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0); + if (rlim_nofile.rlim_cur < FD_SETSIZE + 1) { rlim_t old_rlim_cur = rlim_nofile.rlim_cur; rlim_nofile.rlim_cur = FD_SETSIZE + 1; - TEST_ASSUME( setrlimit( RLIMIT_NOFILE, &rlim_nofile ) == 0 ); + TEST_ASSUME(setrlimit(RLIMIT_NOFILE, &rlim_nofile) == 0); rlim_nofile.rlim_cur = old_rlim_cur; restore_rlim_nofile = 1; } - TEST_ASSERT( open_file_on_fd( &ctx, FD_SETSIZE ) == 0 ); + TEST_ASSERT(open_file_on_fd(&ctx, FD_SETSIZE) == 0); /* In principle, mbedtls_net_poll() with valid arguments should succeed. * However, we know that on Unix-like platforms (and others), this function @@ -122,16 +121,17 @@ void poll_beyond_fd_setsize( ) * is problematic on the particular platform where the code is running, * a memory sanitizer such as UBSan should catch it. */ - ret = mbedtls_net_poll( &ctx, MBEDTLS_NET_POLL_READ, 0 ); - TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED ); + ret = mbedtls_net_poll(&ctx, MBEDTLS_NET_POLL_READ, 0); + TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED); /* mbedtls_net_recv_timeout() uses select() and fd_set in the same way. */ - ret = mbedtls_net_recv_timeout( &ctx, buf, sizeof( buf ), 0 ); - TEST_EQUAL( ret, MBEDTLS_ERR_NET_POLL_FAILED ); + ret = mbedtls_net_recv_timeout(&ctx, buf, sizeof(buf), 0); + TEST_EQUAL(ret, MBEDTLS_ERR_NET_POLL_FAILED); exit: - mbedtls_net_free( &ctx ); - if( restore_rlim_nofile ) - setrlimit( RLIMIT_NOFILE, &rlim_nofile ); + mbedtls_net_free(&ctx); + if (restore_rlim_nofile) { + setrlimit(RLIMIT_NOFILE, &rlim_nofile); + } } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_nist_kw.function b/third_party/mbedtls/repo/tests/suites/test_suite_nist_kw.function index 6a810520f44..f2b794441aa 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_nist_kw.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_nist_kw.function @@ -8,14 +8,14 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ -void mbedtls_nist_kw_self_test( ) +void mbedtls_nist_kw_self_test() { - TEST_ASSERT( mbedtls_nist_kw_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void mbedtls_nist_kw_mix_contexts( ) +void mbedtls_nist_kw_mix_contexts() { mbedtls_nist_kw_context ctx1, ctx2; unsigned char key[16]; @@ -24,129 +24,126 @@ void mbedtls_nist_kw_mix_contexts( ) unsigned char ciphertext2[40]; size_t output_len, i; - memset( plaintext, 0, sizeof( plaintext ) ); - memset( ciphertext1, 0, sizeof( ciphertext1 ) ); - memset( ciphertext2, 0, sizeof( ciphertext2 ) ); - memset( key, 0, sizeof( key ) ); + memset(plaintext, 0, sizeof(plaintext)); + memset(ciphertext1, 0, sizeof(ciphertext1)); + memset(ciphertext2, 0, sizeof(ciphertext2)); + memset(key, 0, sizeof(key)); /* * 1. Check wrap and unwrap with two separate contexts */ - mbedtls_nist_kw_init( &ctx1 ); - mbedtls_nist_kw_init( &ctx2 ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW, - plaintext, sizeof( plaintext ), - ciphertext1, &output_len, - sizeof( ciphertext1 ) ) == 0 ); - TEST_ASSERT( output_len == sizeof( ciphertext1 ) ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 0 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW, - ciphertext1, output_len, - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( plaintext ) ); - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + mbedtls_nist_kw_init(&ctx1); + mbedtls_nist_kw_init(&ctx2); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, + plaintext, sizeof(plaintext), + ciphertext1, &output_len, + sizeof(ciphertext1)) == 0); + TEST_ASSERT(output_len == sizeof(ciphertext1)); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 0) == 0); + + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, + ciphertext1, output_len, + plaintext, &output_len, + sizeof(plaintext)) == 0); + + TEST_ASSERT(output_len == sizeof(plaintext)); + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } - mbedtls_nist_kw_free( &ctx1 ); - mbedtls_nist_kw_free( &ctx2 ); + mbedtls_nist_kw_free(&ctx1); + mbedtls_nist_kw_free(&ctx2); /* * 2. Check wrapping with two modes, on same context */ - mbedtls_nist_kw_init( &ctx1 ); - mbedtls_nist_kw_init( &ctx2 ); - output_len = sizeof( ciphertext1 ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx1, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KW, - plaintext, sizeof( plaintext ), - ciphertext1, &output_len, - sizeof( ciphertext1 ) ) == 0 ); - TEST_ASSERT( output_len == sizeof( ciphertext1 ) ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx1, MBEDTLS_KW_MODE_KWP, - plaintext, sizeof( plaintext ), - ciphertext2, &output_len, - sizeof( ciphertext2 ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( ciphertext2 ) ); - - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx2, - MBEDTLS_CIPHER_ID_AES, - key, sizeof( key ) * 8, - 0 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KW, - ciphertext1, sizeof( ciphertext1 ), - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); - - TEST_ASSERT( output_len == sizeof( plaintext ) ); - - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + mbedtls_nist_kw_init(&ctx1); + mbedtls_nist_kw_init(&ctx2); + output_len = sizeof(ciphertext1); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx1, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KW, + plaintext, sizeof(plaintext), + ciphertext1, &output_len, + sizeof(ciphertext1)) == 0); + TEST_ASSERT(output_len == sizeof(ciphertext1)); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx1, MBEDTLS_KW_MODE_KWP, + plaintext, sizeof(plaintext), + ciphertext2, &output_len, + sizeof(ciphertext2)) == 0); + + TEST_ASSERT(output_len == sizeof(ciphertext2)); + + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx2, + MBEDTLS_CIPHER_ID_AES, + key, sizeof(key) * 8, + 0) == 0); + + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KW, + ciphertext1, sizeof(ciphertext1), + plaintext, &output_len, + sizeof(plaintext)) == 0); + + TEST_ASSERT(output_len == sizeof(plaintext)); + + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx2, MBEDTLS_KW_MODE_KWP, - ciphertext2, sizeof( ciphertext2 ), - plaintext, &output_len, - sizeof( plaintext ) ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx2, MBEDTLS_KW_MODE_KWP, + ciphertext2, sizeof(ciphertext2), + plaintext, &output_len, + sizeof(plaintext)) == 0); - TEST_ASSERT( output_len == sizeof( plaintext ) ); + TEST_ASSERT(output_len == sizeof(plaintext)); - for( i = 0; i < sizeof( plaintext ); i++ ) - { - TEST_ASSERT( plaintext[i] == 0 ); + for (i = 0; i < sizeof(plaintext); i++) { + TEST_ASSERT(plaintext[i] == 0); } exit: - mbedtls_nist_kw_free( &ctx1 ); - mbedtls_nist_kw_free( &ctx2 ); + mbedtls_nist_kw_free(&ctx1); + mbedtls_nist_kw_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_setkey( int cipher_id, int key_size, - int is_wrap, int result ) +void mbedtls_nist_kw_setkey(int cipher_id, int key_size, + int is_wrap, int result) { mbedtls_nist_kw_context ctx; unsigned char key[32]; int ret; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0x2A, sizeof( key ) ); - TEST_ASSERT( (unsigned) key_size <= 8 * sizeof( key ) ); + memset(key, 0x2A, sizeof(key)); + TEST_ASSERT((unsigned) key_size <= 8 * sizeof(key)); - ret = mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_size, is_wrap ); - TEST_ASSERT( ret == result ); + ret = mbedtls_nist_kw_setkey(&ctx, cipher_id, key, key_size, is_wrap); + TEST_ASSERT(ret == result); exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res ) +void nist_kw_plaintext_lengths(int in_len, int out_len, int mode, int res) { mbedtls_nist_kw_context ctx; unsigned char key[16]; @@ -154,50 +151,46 @@ void nist_kw_plaintext_lengths( int in_len, int out_len, int mode, int res ) unsigned char *ciphertext = NULL; size_t output_len = out_len; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0, sizeof( key ) ); + memset(key, 0, sizeof(key)); - if( in_len != 0 ) - { - plaintext = mbedtls_calloc( 1, in_len ); - TEST_ASSERT( plaintext != NULL ); + if (in_len != 0) { + plaintext = mbedtls_calloc(1, in_len); + TEST_ASSERT(plaintext != NULL); } - if( out_len != 0 ) - { - ciphertext = mbedtls_calloc( 1, output_len ); - TEST_ASSERT( ciphertext != NULL ); + if (out_len != 0) { + ciphertext = mbedtls_calloc(1, output_len); + TEST_ASSERT(ciphertext != NULL); } - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ), 1 ) == 0 ); - - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, plaintext, in_len, - ciphertext, &output_len, - output_len ) == res ); - if( res == 0 ) - { - if( mode == MBEDTLS_KW_MODE_KWP ) - TEST_ASSERT( output_len == (size_t) in_len + 8 - - ( in_len % 8 ) + 8 ); - else - TEST_ASSERT( output_len == (size_t) in_len + 8 ); - } - else - { - TEST_ASSERT( output_len == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key), 1) == 0); + + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, plaintext, in_len, + ciphertext, &output_len, + output_len) == res); + if (res == 0) { + if (mode == MBEDTLS_KW_MODE_KWP) { + TEST_ASSERT(output_len == (size_t) in_len + 8 - + (in_len % 8) + 8); + } else { + TEST_ASSERT(output_len == (size_t) in_len + 8); + } + } else { + TEST_ASSERT(output_len == 0); } exit: - mbedtls_free( ciphertext ); - mbedtls_free( plaintext ); - mbedtls_nist_kw_free( &ctx ); + mbedtls_free(ciphertext); + mbedtls_free(plaintext); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_AES_C */ -void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res ) +void nist_kw_ciphertext_lengths(int in_len, int out_len, int mode, int res) { mbedtls_nist_kw_context ctx; unsigned char key[16]; @@ -206,111 +199,105 @@ void nist_kw_ciphertext_lengths( int in_len, int out_len, int mode, int res ) int unwrap_ret; size_t output_len = out_len; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( key, 0, sizeof( key ) ); + memset(key, 0, sizeof(key)); - if( out_len != 0 ) - { - plaintext = mbedtls_calloc( 1, output_len ); - TEST_ASSERT( plaintext != NULL ); + if (out_len != 0) { + plaintext = mbedtls_calloc(1, output_len); + TEST_ASSERT(plaintext != NULL); } - if( in_len != 0 ) - { - ciphertext = mbedtls_calloc( 1, in_len ); - TEST_ASSERT( ciphertext != NULL ); + if (in_len != 0) { + ciphertext = mbedtls_calloc(1, in_len); + TEST_ASSERT(ciphertext != NULL); } - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, - key, 8 * sizeof( key ), 0 ) == 0 ); - unwrap_ret = mbedtls_nist_kw_unwrap( &ctx, mode, ciphertext, in_len, - plaintext, &output_len, - output_len ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + key, 8 * sizeof(key), 0) == 0); + unwrap_ret = mbedtls_nist_kw_unwrap(&ctx, mode, ciphertext, in_len, + plaintext, &output_len, + output_len); - if( res == 0 ) - TEST_ASSERT( unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED ); - else - TEST_ASSERT( unwrap_ret == res ); + if (res == 0) { + TEST_ASSERT(unwrap_ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED); + } else { + TEST_ASSERT(unwrap_ret == res); + } - TEST_ASSERT( output_len == 0 ); + TEST_ASSERT(output_len == 0); exit: - mbedtls_free( ciphertext ); - mbedtls_free( plaintext ); - mbedtls_nist_kw_free( &ctx ); + mbedtls_free(ciphertext); + mbedtls_free(plaintext); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_wrap( int cipher_id, int mode, data_t *key, data_t *msg, - data_t *expected_result ) +void mbedtls_nist_kw_wrap(int cipher_id, int mode, data_t *key, data_t *msg, + data_t *expected_result) { unsigned char result[528]; mbedtls_nist_kw_context ctx; size_t result_len, i, padlen; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( result, '+', sizeof( result ) ); + memset(result, '+', sizeof(result)); - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, - key->x, key->len * 8, 1 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, + key->x, key->len * 8, 1) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg->x, msg->len, - result, &result_len, sizeof( result ) ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_wrap(&ctx, mode, msg->x, msg->len, + result, &result_len, sizeof(result)) == 0); - TEST_ASSERT( result_len == expected_result->len ); + TEST_ASSERT(result_len == expected_result->len); - TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 ); + TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); - padlen = ( msg->len % 8 != 0 ) ? 8 - (msg->len % 8 ) : 0; + padlen = (msg->len % 8 != 0) ? 8 - (msg->len % 8) : 0; /* Check that the function didn't write beyond the end of the buffer. */ - for( i = msg->len + 8 + padlen; i < sizeof( result ); i++ ) - { - TEST_ASSERT( result[i] == '+' ); + for (i = msg->len + 8 + padlen; i < sizeof(result); i++) { + TEST_ASSERT(result[i] == '+'); } exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_nist_kw_unwrap( int cipher_id, int mode, data_t *key, data_t *msg, - data_t *expected_result, int expected_ret ) +void mbedtls_nist_kw_unwrap(int cipher_id, int mode, data_t *key, data_t *msg, + data_t *expected_result, int expected_ret) { unsigned char result[528]; mbedtls_nist_kw_context ctx; size_t result_len, i; - mbedtls_nist_kw_init( &ctx ); + mbedtls_nist_kw_init(&ctx); - memset( result, '+', sizeof( result ) ); + memset(result, '+', sizeof(result)); - TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, - key->x, key->len * 8, 0 ) == 0 ); + TEST_ASSERT(mbedtls_nist_kw_setkey(&ctx, cipher_id, + key->x, key->len * 8, 0) == 0); /* Test with input == output */ - TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg->x, msg->len, - result, &result_len, sizeof( result ) ) == expected_ret ); - if( expected_ret == 0 ) - { - TEST_ASSERT( result_len == expected_result->len ); - TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 ); - } - else - { - TEST_ASSERT( result_len == 0 ); + TEST_ASSERT(mbedtls_nist_kw_unwrap(&ctx, mode, msg->x, msg->len, + result, &result_len, sizeof(result)) == expected_ret); + if (expected_ret == 0) { + TEST_ASSERT(result_len == expected_result->len); + TEST_ASSERT(memcmp(expected_result->x, result, result_len) == 0); + } else { + TEST_ASSERT(result_len == 0); } /* Check that the function didn't write beyond the end of the buffer. */ - for( i = msg->len - 8; i < sizeof( result ); i++ ) - { - TEST_ASSERT( result[i] == '+' ); + for (i = msg->len - 8; i < sizeof(result); i++) { + TEST_ASSERT(result[i] == '+'); } exit: - mbedtls_nist_kw_free( &ctx ); + mbedtls_nist_kw_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_oid.data b/third_party/mbedtls/repo/tests/suites/test_suite_oid.data index 32619352085..2d331418b0d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_oid.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_oid.data @@ -89,3 +89,51 @@ oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160 OID hash id - invalid oid oid_get_md_alg_id:"2B864886f70d0204":-1 +OID get numeric string - hardware module name +oid_get_numeric_string:"2B06010505070804":0:"1.3.6.1.5.5.7.8.4" + +OID get numeric string - multi-byte subidentifier +oid_get_numeric_string:"29903C":0:"1.1.2108" + +OID get numeric string - second component greater than 39 +oid_get_numeric_string:"81010000863A00":0:"2.49.0.0.826.0" + +OID get numeric string - multi-byte first subidentifier +oid_get_numeric_string:"8837":0:"2.999" + +OID get numeric string - second subidentifier not terminated +oid_get_numeric_string:"0081":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - empty oid buffer +oid_get_numeric_string:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - no final / all bytes have top bit set +oid_get_numeric_string:"818181":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - 0.39 +oid_get_numeric_string:"27":0:"0.39" + +OID get numeric string - 1.0 +oid_get_numeric_string:"28":0:"1.0" + +OID get numeric string - 1.39 +oid_get_numeric_string:"4f":0:"1.39" + +OID get numeric string - 2.0 +oid_get_numeric_string:"50":0:"2.0" + +OID get numeric string - 1 byte first subidentifier beyond 2.39 +oid_get_numeric_string:"7f":0:"2.47" + +# Encodes the number 0x0400000000 as a subidentifier which overflows 32-bits +OID get numeric string - 32-bit overflow +oid_get_numeric_string:"C080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - 32-bit overflow, second subidentifier +oid_get_numeric_string:"2BC080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - overlong encoding +oid_get_numeric_string:"8001":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - overlong encoding, second subidentifier +oid_get_numeric_string:"2B8001":MBEDTLS_ERR_ASN1_INVALID_DATA:"" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_oid.function b/third_party/mbedtls/repo/tests/suites/test_suite_oid.function index 9e8d43739cc..c06e3373e3a 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_oid.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_oid.function @@ -11,7 +11,7 @@ */ /* BEGIN_CASE */ -void oid_get_certificate_policies( data_t *oid, char *result_str ) +void oid_get_certificate_policies(data_t *oid, char *result_str) { mbedtls_asn1_buf asn1_buf = { 0, 0, NULL }; int ret; @@ -21,21 +21,18 @@ void oid_get_certificate_policies( data_t *oid, char *result_str ) asn1_buf.p = oid->x; asn1_buf.len = oid->len; - ret = mbedtls_oid_get_certificate_policies( &asn1_buf, &desc ); - if( strlen( result_str ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strcmp( ( char* )desc, result_str ) == 0 ); + ret = mbedtls_oid_get_certificate_policies(&asn1_buf, &desc); + if (strlen(result_str) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(strcmp((char *) desc, result_str) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_extended_key_usage( data_t *oid, char *result_str ) +void oid_get_extended_key_usage(data_t *oid, char *result_str) { mbedtls_asn1_buf asn1_buf = { 0, 0, NULL }; int ret; @@ -45,21 +42,18 @@ void oid_get_extended_key_usage( data_t *oid, char *result_str ) asn1_buf.p = oid->x; asn1_buf.len = oid->len; - ret = mbedtls_oid_get_extended_key_usage( &asn1_buf, &desc ); - if( strlen( result_str ) == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strcmp( ( char * )desc, result_str ) == 0 ); + ret = mbedtls_oid_get_extended_key_usage(&asn1_buf, &desc); + if (strlen(result_str) == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(strcmp((char *) desc, result_str) == 0); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_x509_extension( data_t *oid, int exp_type ) +void oid_get_x509_extension(data_t *oid, int exp_type) { mbedtls_asn1_buf ext_oid = { 0, 0, NULL }; int ret; @@ -69,21 +63,18 @@ void oid_get_x509_extension( data_t *oid, int exp_type ) ext_oid.p = oid->x; ext_oid.len = oid->len; - ret = mbedtls_oid_get_x509_ext_type( &ext_oid, &ext_type ); - if( exp_type == 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( ext_type == exp_type ); + ret = mbedtls_oid_get_x509_ext_type(&ext_oid, &ext_type); + if (exp_type == 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT(ext_type == exp_type); } } /* END_CASE */ /* BEGIN_CASE */ -void oid_get_md_alg_id( data_t *oid, int exp_md_id ) +void oid_get_md_alg_id(data_t *oid, int exp_md_id) { mbedtls_asn1_buf md_oid = { 0, 0, NULL }; int ret; @@ -93,17 +84,38 @@ void oid_get_md_alg_id( data_t *oid, int exp_md_id ) md_oid.p = oid->x; md_oid.len = oid->len; - ret = mbedtls_oid_get_md_alg( &md_oid, &md_id ); + ret = mbedtls_oid_get_md_alg(&md_oid, &md_id); - if( exp_md_id < 0 ) - { - TEST_ASSERT( ret == MBEDTLS_ERR_OID_NOT_FOUND ); - TEST_ASSERT( md_id == 0); + if (exp_md_id < 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + TEST_ASSERT(md_id == 0); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id); } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( (mbedtls_md_type_t)exp_md_id == md_id ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str) +{ + char buf[256]; + mbedtls_asn1_buf input_oid = { 0, 0, NULL }; + int ret; + + input_oid.tag = MBEDTLS_ASN1_OID; + /* Test that an empty OID is not dereferenced */ + input_oid.p = oid->len ? oid->x : (void *) 1; + input_oid.len = oid->len; + + ret = mbedtls_oid_get_numeric_string(buf, sizeof(buf), &input_oid); + + if (error_ret == 0) { + TEST_EQUAL(ret, strlen(result_str)); + TEST_ASSERT(ret >= 3); + TEST_EQUAL(strcmp(buf, result_str), 0); + } else { + TEST_EQUAL(ret, error_ret); } } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pem.data b/third_party/mbedtls/repo/tests/suites/test_suite_pem.data index 77546c586b9..0f4b6b42a27 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pem.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pem.data @@ -22,7 +22,12 @@ mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3 PEM read (DES-CBC + invalid iv) mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV +PEM read (AES-128-CBC + invalid iv) +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV + PEM read (unknown encryption algorithm) +depends_on:MBEDTLS_AES_C mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG PEM read (malformed PEM DES-CBC) diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pem.function b/third_party/mbedtls/repo/tests/suites/test_suite_pem.function index 947f1fb25d7..8aac3cf9013 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pem.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pem.function @@ -6,48 +6,48 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void mbedtls_pem_write_buffer( char * start, char * end, data_t * buf, - char * result_str ) +void mbedtls_pem_write_buffer(char *start, char *end, data_t *buf, + char *result_str) { unsigned char *check_buf = NULL; int ret; size_t olen = 0, olen2 = 0; - ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, NULL, 0, &olen ); - TEST_ASSERT( ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, NULL, 0, &olen); + TEST_ASSERT(ret == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); - check_buf = (unsigned char *) mbedtls_calloc( 1, olen ); - TEST_ASSERT( check_buf != NULL ); + check_buf = (unsigned char *) mbedtls_calloc(1, olen); + TEST_ASSERT(check_buf != NULL); - ret = mbedtls_pem_write_buffer( start, end, buf->x, buf->len, check_buf, olen, &olen2 ); + ret = mbedtls_pem_write_buffer(start, end, buf->x, buf->len, check_buf, olen, &olen2); - TEST_ASSERT( olen2 <= olen ); - TEST_ASSERT( olen > strlen( (char*) result_str ) ); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( strncmp( (char *) check_buf, (char *) result_str, olen ) == 0 ); + TEST_ASSERT(olen2 <= olen); + TEST_ASSERT(olen > strlen((char *) result_str)); + TEST_ASSERT(ret == 0); + TEST_ASSERT(strncmp((char *) check_buf, (char *) result_str, olen) == 0); exit: - mbedtls_free( check_buf ); + mbedtls_free(check_buf); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_AES_C:MBEDTLS_DES_C:MBEDTLS_MD5_C:MBEDTLS_CIPHER_MODE_CBC */ -void mbedtls_pem_read_buffer( char *header, char *footer, char *data, - char *pwd, int res ) +void mbedtls_pem_read_buffer(char *header, char *footer, char *data, + char *pwd, int res) { mbedtls_pem_context ctx; int ret; size_t use_len = 0; - size_t pwd_len = strlen( pwd ); + size_t pwd_len = strlen(pwd); - mbedtls_pem_init( &ctx ); + mbedtls_pem_init(&ctx); - ret = mbedtls_pem_read_buffer( &ctx, header, footer, (unsigned char *)data, - (unsigned char *)pwd, pwd_len, &use_len ); - TEST_ASSERT( ret == res ); + ret = mbedtls_pem_read_buffer(&ctx, header, footer, (unsigned char *) data, + (unsigned char *) pwd, pwd_len, &use_len); + TEST_ASSERT(ret == res); exit: - mbedtls_pem_free( &ctx ); + mbedtls_pem_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pk.data b/third_party/mbedtls/repo/tests/suites/test_suite_pk.data index 9ebdc7e5f28..52480741a85 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pk.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pk.data @@ -49,11 +49,11 @@ pk_psa_utils: RSA verify test vector #1 (good) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 +pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA verify test vector #2 (bad) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED +pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED ECDSA verify test vector #1 (good) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED @@ -141,15 +141,15 @@ pk_sign_verify:MBEDTLS_PK_RSA:512:0:0 RSA encrypt test vector depends_on:MBEDTLS_PKCS1_V15 -pk_rsa_encrypt_test_vec:"4E636AF98E40F3ADCFCCB698F4E80B9F":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0 +pk_rsa_encrypt_test_vec:"4E636AF98E40F3ADCFCCB698F4E80B9F":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0 RSA decrypt test vector #1 depends_on:MBEDTLS_PKCS1_V15 -pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":0 +pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":0 RSA decrypt test vector #2 depends_on:MBEDTLS_PKCS1_V15 -pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404feb284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_INVALID_PADDING +pk_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404feb284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_INVALID_PADDING EC nocrypt depends_on:MBEDTLS_ECP_C @@ -169,70 +169,70 @@ pk_rsa_alt: Verify ext RSA #1 (PKCS1 v2.1, salt_len = ANY, OK) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0 +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0 Verify ext RSA #2 (PKCS1 v2.1, salt_len = ANY, wrong message) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616766":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED +pk_rsa_verify_ext_test_vec:"54657374206d657373616766":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #3 (PKCS1 v2.1, salt_len = 0, OK) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:0:0 +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:0:0 Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:0 +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:0 Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:MBEDTLS_ERR_RSA_INVALID_PADDING +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:MBEDTLS_ERR_RSA_INVALID_PADDING Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0 +pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:0 Verify ext RSA #7 (PKCS1 v2.1, wrong MGF1 alg != MSG hash alg) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_INVALID_PADDING +pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_INVALID_PADDING Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options) depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA Verify ext RSA #9 (PKCS1 v1.5, RSA with options) depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_BAD_INPUT_DATA Verify ext RSA #10 (PKCS1 v1.5, RSA without options) depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #11 (PKCS1 v2.1, asking for ECDSA) depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C -pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_ECDSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_TYPE_MISMATCH +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_ECDSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_PK_TYPE_MISMATCH Verify ext RSA #12 (PKCS1 v1.5, good) depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:0 +pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:0 Check pair #1 (EC, OK) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0 Check pair #2 (EC, bad) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":MBEDTLS_ERR_ECP_BAD_INPUT_DATA Check pair #3 (RSA, OK) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server1.key":0 Check pair #4 (RSA, bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED Check pair #5 (RSA vs EC) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":MBEDTLS_ERR_PK_TYPE_MISMATCH RSA hash_len overflow (size_t vs unsigned int) @@ -287,7 +287,7 @@ PSA wrapped sign: SECP192K1 depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192 -## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336 +## Currently buggy: https://github.com/Mbed-TLS/mbed-crypto/issues/336 # PSA wrapped sign: SECP224K1 # depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED # pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pk.function b/third_party/mbedtls/repo/tests/suites/test_suite_pk.function index 82d15738db4..c17037f079a 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pk.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pk.function @@ -12,7 +12,7 @@ /* Needed only for test case data under #if defined(MBEDTLS_USE_PSA_CRYPTO), * but the test code generator requires test case data to be valid C code - * unconditionally (https://github.com/ARMmbed/mbedtls/issues/2023). */ + * unconditionally (https://github.com/Mbed-TLS/mbedtls/issues/2023). */ #include "psa/crypto.h" #define RSA_KEY_SIZE 512 @@ -29,59 +29,60 @@ * generation function. * \return -1 if the key type is not recognized. */ -static int pk_genkey( mbedtls_pk_context *pk, int parameter ) +static int pk_genkey(mbedtls_pk_context *pk, int parameter) { ((void) pk); (void) parameter; #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA ) - return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), - mbedtls_test_rnd_std_rand, NULL, - parameter, 3 ); + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) { + return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk), + mbedtls_test_rnd_std_rand, NULL, + parameter, 3); + } #endif #if defined(MBEDTLS_ECP_C) - if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY || - mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH || - mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA ) - { + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY || + mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH || + mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) { int ret; - if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp, - parameter ) ) != 0 ) - return( ret ); - - return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, - &mbedtls_pk_ec( *pk )->d, - &mbedtls_pk_ec( *pk )->Q, - mbedtls_test_rnd_std_rand, NULL ); + if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp, + parameter)) != 0) { + return ret; + } + + return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp, + &mbedtls_pk_ec(*pk)->d, + &mbedtls_pk_ec(*pk)->Q, + mbedtls_test_rnd_std_rand, NULL); } #endif - return( -1 ); + return -1; } #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len) { - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, - olen, input, output, output_max_len ) ); + return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, + mbedtls_test_rnd_std_rand, NULL, mode, + olen, input, output, output_max_len); } -int mbedtls_rsa_sign_func( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +int mbedtls_rsa_sign_func(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig) { ((void) f_rng); ((void) p_rng); - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, - md_alg, hashlen, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, + mbedtls_test_rnd_std_rand, NULL, mode, + md_alg, hashlen, hash, sig); } -size_t mbedtls_rsa_key_len_func( void *ctx ) +size_t mbedtls_rsa_key_len_func(void *ctx) { - return( ((const mbedtls_rsa_context *) ctx)->len ); + return ((const mbedtls_rsa_context *) ctx)->len; } #endif /* MBEDTLS_RSA_C */ @@ -92,22 +93,22 @@ size_t mbedtls_rsa_key_len_func( void *ctx ) * or 0 if the key generation failed. * The key uses NIST P-256 and is usable for signing with SHA-256. */ -mbedtls_svc_key_id_t pk_psa_genkey( void ) +mbedtls_svc_key_id_t pk_psa_genkey(void) { mbedtls_svc_key_id_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const psa_key_type_t type = - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ); + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1); const size_t bits = 256; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256) ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256)); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + PSA_ASSERT(psa_generate_key(&attributes, &key)); exit: - return( key ); + return key; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* END_HEADER */ @@ -118,219 +119,225 @@ exit: */ /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -void pk_psa_utils( ) +void pk_psa_utils() { mbedtls_pk_context pk, pk2; mbedtls_svc_key_id_t key; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; const char * const name = "Opaque"; - const size_t bitlen = 256; /* harcoded in genkey() */ + const size_t bitlen = 256; /* hardcoded in genkey() */ mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; unsigned char b1[1], b2[1]; size_t len; mbedtls_pk_debug_item dbg; - PSA_ASSERT( psa_crypto_init( ) ); - - mbedtls_pk_init( &pk ); - mbedtls_pk_init( &pk2 ); + mbedtls_pk_init(&pk); + mbedtls_pk_init(&pk2); - TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS ); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, MBEDTLS_SVC_KEY_ID_INIT ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); - mbedtls_pk_free( &pk ); - mbedtls_pk_init( &pk ); + mbedtls_pk_free(&pk); + mbedtls_pk_init(&pk); key = pk_psa_genkey(); - if( mbedtls_svc_key_id_is_null( key ) ) + if (mbedtls_svc_key_id_is_null(key)) { goto exit; + } - TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, key) == 0); - TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + TEST_ASSERT(mbedtls_pk_get_type(&pk) == MBEDTLS_PK_OPAQUE); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0); - TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen ); - TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 ); + TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == bitlen); + TEST_ASSERT(mbedtls_pk_get_len(&pk) == bitlen / 8); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECKEY) == 1); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA) == 1); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_RSA) == 0); /* unsupported operations: verify, decrypt, encrypt */ - TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg, - b1, sizeof( b1), b2, sizeof( b2 ) ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ), - b2, &len, sizeof( b2 ), - NULL, NULL ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ), - b2, &len, sizeof( b2 ), - NULL, NULL ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg, + b1, sizeof(b1), b2, sizeof(b2)) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1), + b2, &len, sizeof(b2), + NULL, NULL) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, b1, sizeof(b1), + b2, &len, sizeof(b2), + NULL, NULL) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); /* unsupported functions: check_pair, debug */ - TEST_ASSERT( mbedtls_pk_setup( &pk2, - mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); - TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg ) - == MBEDTLS_ERR_PK_TYPE_MISMATCH ); + TEST_ASSERT(mbedtls_pk_setup(&pk2, + mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); + TEST_ASSERT(mbedtls_pk_check_pair(&pk, &pk2) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + TEST_ASSERT(mbedtls_pk_debug(&pk, &dbg) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); /* test that freeing the context does not destroy the key */ - mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_get_key_attributes( key, &attributes ) ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) ); + mbedtls_pk_free(&pk); + TEST_ASSERT(PSA_SUCCESS == psa_get_key_attributes(key, &attributes)); + TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_pk_free( &pk ); /* redundant except upon error */ - mbedtls_pk_free( &pk2 ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); /* redundant except upon error */ + mbedtls_pk_free(&pk2); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void valid_parameters( ) +void valid_parameters() { mbedtls_pk_context pk; unsigned char buf[1]; size_t len; void *options = NULL; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_VALID_PARAM( mbedtls_pk_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_pk_free(NULL)); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_pk_restart_free(NULL)); #endif - TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_setup(&pk, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); /* In informational functions, we accept NULL where a context pointer * is expected because that's what the library has done forever. * We do not document that NULL is accepted, so we may wish to change * the behavior in a future version. */ - TEST_ASSERT( mbedtls_pk_get_bitlen( NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_get_len( NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_can_do( NULL, MBEDTLS_PK_NONE ) == 0 ); - - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, + TEST_ASSERT(mbedtls_pk_get_bitlen(NULL) == 0); + TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0); + TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0); + + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL, + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL, + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_sign(&pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, &len, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL, - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + buf, sizeof(buf), + NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL, - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_sign( &pk, + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, NULL, 0, - buf, &len, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ), - NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ) ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof( buf ) ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_encrypt( &pk, - NULL, 0, - NULL, &len, 0, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - - TEST_ASSERT( mbedtls_pk_decrypt( &pk, - NULL, 0, - NULL, &len, 0, - mbedtls_test_rnd_std_rand, NULL ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + buf, sizeof(buf)) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, sizeof(buf)) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_encrypt(&pk, + NULL, 0, + NULL, &len, 0, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + + TEST_ASSERT(mbedtls_pk_decrypt(&pk, + NULL, 0, + NULL, &len, 0, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); #if defined(MBEDTLS_PK_PARSE_C) - TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) == - MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, NULL, 0, NULL, 1) == + MBEDTLS_ERR_PK_KEY_INVALID_FORMAT); - TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) == - MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, NULL, 0) == + MBEDTLS_ERR_PK_KEY_INVALID_FORMAT); #endif /* MBEDTLS_PK_PARSE_C */ + +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PK_WRITE_C */ -void valid_parameters_pkwrite( data_t *key_data ) +void valid_parameters_pkwrite(data_t *key_data) { mbedtls_pk_context pk; /* For the write tests to be effective, we need a valid key pair. */ - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_parse_key( &pk, - key_data->x, key_data->len, - NULL, 0 ) == 0 ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) == - MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, + key_data->x, key_data->len, + NULL, 0) == 0); - TEST_ASSERT( mbedtls_pk_write_pubkey_der( &pk, NULL, 0 ) == - MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_key_der(&pk, NULL, 0) == + MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); + + TEST_ASSERT(mbedtls_pk_write_pubkey_der(&pk, NULL, 0) == + MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); #if defined(MBEDTLS_PEM_WRITE_C) - TEST_ASSERT( mbedtls_pk_write_key_pem( &pk, NULL, 0 ) == - MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_key_pem(&pk, NULL, 0) == + MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); - TEST_ASSERT( mbedtls_pk_write_pubkey_pem( &pk, NULL, 0 ) == - MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_pk_write_pubkey_pem(&pk, NULL, 0) == + MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); #endif /* MBEDTLS_PEM_WRITE_C */ exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void invalid_parameters( ) +void invalid_parameters() { size_t len; unsigned char *null_buf = NULL; unsigned char buf[1]; unsigned char *p = buf; - char str[1] = {0}; + char str[1] = { 0 }; mbedtls_pk_context pk; mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; void *options = buf; @@ -339,315 +346,321 @@ void invalid_parameters( ) (void) p; (void) str; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_INVALID_PARAM( mbedtls_pk_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_pk_init(NULL)); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - TEST_INVALID_PARAM( mbedtls_pk_restart_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_pk_restart_init(NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup( NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_setup(NULL, NULL)); #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_setup_rsa_alt( NULL, buf, - NULL, NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_setup_rsa_alt(NULL, buf, + NULL, NULL, NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ), - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_restartable( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ), - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify( &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - NULL, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - valid_md, - NULL, 0, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_verify_ext( MBEDTLS_PK_NONE, options, - &pk, - MBEDTLS_MD_NONE, - buf, sizeof( buf ), - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign_restartable( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), - NULL, &len, mbedtls_test_rnd_std_rand, - NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( NULL, MBEDTLS_MD_NONE, buf, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, NULL, sizeof( buf ), - buf, &len, mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, valid_md, NULL, 0, buf, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, buf, sizeof( buf ), NULL, &len, - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_decrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( NULL, buf, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, NULL, sizeof( buf ), buf, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), NULL, &len, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_encrypt( &pk, buf, sizeof( buf ), buf, NULL, sizeof( buf ), - mbedtls_test_rnd_std_rand, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_check_pair( &pk, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_debug( NULL, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + valid_md, + NULL, 0, + buf, sizeof(buf), + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_restartable(&pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf), + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + valid_md, + NULL, 0, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify(&pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + NULL, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + NULL, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + valid_md, + NULL, 0, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_verify_ext(MBEDTLS_PK_NONE, options, + &pk, + MBEDTLS_MD_NONE, + buf, sizeof(buf), + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, valid_md, NULL, 0, buf, &len, + mbedtls_test_rnd_std_rand, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf), + NULL, &len, mbedtls_test_rnd_std_rand, + NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(NULL, MBEDTLS_MD_NONE, buf, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, NULL, sizeof(buf), + buf, &len, mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, valid_md, NULL, 0, buf, &len, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, buf, sizeof(buf), NULL, &len, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_decrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(NULL, buf, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, NULL, sizeof(buf), buf, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, buf, sizeof(buf), NULL, &len, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_encrypt(&pk, buf, sizeof(buf), buf, NULL, sizeof(buf), + mbedtls_test_rnd_std_rand, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_check_pair(NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_check_pair(&pk, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_debug(NULL, NULL)); #if defined(MBEDTLS_PK_PARSE_C) #if defined(MBEDTLS_FS_IO) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( NULL, &p, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, NULL, &len ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_load_file( str, &p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( NULL, str, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_keyfile( &pk, NULL, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( NULL, str ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_keyfile( &pk, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(NULL, &p, &len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(str, NULL, &len)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_load_file(str, &p, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_keyfile(NULL, str, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_keyfile(&pk, NULL, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_keyfile(NULL, str)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_keyfile(&pk, NULL)); #endif - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( NULL, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &null_buf, buf, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_subpubkey( &p, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( NULL, - buf, sizeof( buf ), - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_key( &pk, - NULL, sizeof( buf ), - buf, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_parse_public_key( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(NULL, buf, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&null_buf, buf, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&p, NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_subpubkey(&p, buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_key(NULL, + buf, sizeof(buf), + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_key(&pk, + NULL, sizeof(buf), + buf, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_key(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_parse_public_key(&pk, + NULL, sizeof(buf))); #endif /* MBEDTLS_PK_PARSE_C */ #if defined(MBEDTLS_PK_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( NULL, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &null_buf, p, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, NULL, &pk ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey( &p, p, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_der( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_der( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(NULL, p, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&null_buf, p, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&p, NULL, &pk)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey(&p, p, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_der(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_der(&pk, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_der(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_der(&pk, + NULL, sizeof(buf))); #if defined(MBEDTLS_PEM_WRITE_C) - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_pubkey_pem( &pk, - NULL, sizeof( buf ) ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( NULL, - buf, sizeof( buf ) ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_PK_BAD_INPUT_DATA, - mbedtls_pk_write_key_pem( &pk, - NULL, sizeof( buf ) ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_pem(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_pubkey_pem(&pk, + NULL, sizeof(buf))); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_pem(NULL, + buf, sizeof(buf))); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_write_key_pem(&pk, + NULL, sizeof(buf))); #endif /* MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */ +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void pk_utils( int type, int parameter, int bitlen, int len, char * name ) +void pk_utils(int type, int parameter, int bitlen, int len, char *name) { mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); + TEST_ASSERT(pk_genkey(&pk, parameter) == 0); - TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type ); - TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) ); - TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) bitlen ); - TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 ); + TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type); + TEST_ASSERT(mbedtls_pk_can_do(&pk, type)); + TEST_ASSERT(mbedtls_pk_get_bitlen(&pk) == (unsigned) bitlen); + TEST_ASSERT(mbedtls_pk_get_len(&pk) == (unsigned) len); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&pk), name) == 0); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */ -void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret ) +void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret) { mbedtls_pk_context pub, prv, alt; - mbedtls_pk_init( &pub ); - mbedtls_pk_init( &prv ); - mbedtls_pk_init( &alt ); + mbedtls_pk_init(&pub); + mbedtls_pk_init(&prv); + mbedtls_pk_init(&alt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&pub, pub_file) == 0); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&prv, prv_file, NULL) == 0); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret ); + TEST_ASSERT(mbedtls_pk_check_pair(&pub, &prv) == ret); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA ) - { - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ), - mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, - mbedtls_rsa_key_len_func ) == 0 ); - TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret ); + if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_RSA) { + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, mbedtls_pk_rsa(prv), + mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); + TEST_ASSERT(mbedtls_pk_check_pair(&pub, &alt) == ret); } #endif - mbedtls_pk_free( &pub ); - mbedtls_pk_free( &prv ); - mbedtls_pk_free( &alt ); +exit: + mbedtls_pk_free(&pub); + mbedtls_pk_free(&prv); + mbedtls_pk_free(&alt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, - int radix_N, char * input_N, int radix_E, - char * input_E, data_t * result_str, - int result ) +void pk_rsa_verify_test_vec(data_t *message_str, int digest, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; @@ -657,46 +670,51 @@ void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod, mbedtls_pk_restart_ctx ctx; rs_ctx = &ctx; - mbedtls_pk_restart_init( rs_ctx ); + mbedtls_pk_restart_init(rs_ctx); // this setting would ensure restart would happen if ECC was used - mbedtls_ecp_set_max_ops( 1 ); + mbedtls_ecp_set_max_ops(1); #endif - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - memset( hash_result, 0x00, MBEDTLS_MD_MAX_SIZE ); + memset(hash_result, 0x00, MBEDTLS_MD_MAX_SIZE); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0, - result_str->x, mbedtls_pk_get_len( &pk ) ) == result ); + TEST_ASSERT(mbedtls_pk_verify(&pk, digest, hash_result, 0, + result_str->x, mbedtls_pk_get_len(&pk)) == result); - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, digest, hash_result, 0, - result_str->x, mbedtls_pk_get_len( &pk ), rs_ctx ) == result ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, digest, hash_result, 0, + result_str->x, mbedtls_pk_get_len( + &pk), rs_ctx) == result); exit: #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_pk_restart_free( rs_ctx ); + mbedtls_pk_restart_free(rs_ctx); #endif - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, - int mod, int radix_N, char * input_N, - int radix_E, char * input_E, - data_t * result_str, int pk_type, - int mgf1_hash_id, int salt_len, int result ) +void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest, + int mod, char *input_N, + char *input_E, data_t *result_str, + int pk_type, int mgf1_hash_id, + int salt_len, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context *rsa; @@ -705,85 +723,81 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest, void *options; size_t hash_len; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - memset( hash_result, 0x00, sizeof( hash_result ) ); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - if( digest != MBEDTLS_MD_NONE ) - { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), - message_str->x, message_str->len, hash_result ) == 0 ); + if (digest != MBEDTLS_MD_NONE) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), + message_str->x, message_str->len, hash_result) == 0); hash_len = 0; - } - else - { - memcpy( hash_result, message_str->x, message_str->len ); + } else { + memcpy(hash_result, message_str->x, message_str->len); hash_len = message_str->len; } - if( mgf1_hash_id < 0 ) - { + if (mgf1_hash_id < 0) { options = NULL; - } - else - { + } else { options = &pss_opts; pss_opts.mgf1_hash_id = mgf1_hash_id; pss_opts.expected_salt_len = salt_len; } - TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk, - digest, hash_result, hash_len, - result_str->x, mbedtls_pk_get_len( &pk ) ) == result ); + TEST_ASSERT(mbedtls_pk_verify_ext(pk_type, options, &pk, + digest, hash_result, hash_len, + result_str->x, mbedtls_pk_get_len(&pk)) == result); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */ -void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash, - data_t * sig, int ret ) +void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash, + data_t *sig, int ret) { mbedtls_pk_context pk; mbedtls_ecp_keypair *eckey; - mbedtls_pk_init( &pk ); - USE_PSA_INIT( ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) ); - eckey = mbedtls_pk_ec( pk ); + TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA)); + eckey = mbedtls_pk_ec(pk); - TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q, - key->x, key->len ) == 0 ); + TEST_ASSERT(mbedtls_ecp_group_load(&eckey->grp, id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q, + key->x, key->len) == 0); // MBEDTLS_MD_NONE is used since it will be ignored. - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, - hash->x, hash->len, sig->x, sig->len ) == ret ); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, + hash->x, hash->len, sig->x, sig->len) == ret); exit: - mbedtls_pk_free( &pk ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */ -void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, - char *QX_str, char *QY_str, - int md_alg, char *msg, data_t *sig_check, - int max_ops, int min_restart, int max_restart ) +void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str, + char *QX_str, char *QY_str, + int md_alg, char *msg, data_t *sig_check, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_pk_restart_ctx rs_ctx; @@ -793,94 +807,95 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str, size_t hlen, slen; const mbedtls_md_info_t *md_info; - mbedtls_pk_restart_init( &rs_ctx ); - mbedtls_pk_init( &prv ); - mbedtls_pk_init( &pub ); - memset( hash, 0, sizeof( hash ) ); - memset( sig, 0, sizeof( sig ) ); + mbedtls_pk_restart_init(&rs_ctx); + mbedtls_pk_init(&prv); + mbedtls_pk_init(&pub); + memset(hash, 0, sizeof(hash)); + memset(sig, 0, sizeof(sig)); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&prv, mbedtls_pk_info_from_type(pk_type)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(prv)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec(prv)->d, d_str) == 0); - TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16, QX_str, QY_str) == 0); - md_info = mbedtls_md_info_from_type( md_alg ); - TEST_ASSERT( md_info != NULL ); + md_info = mbedtls_md_info_from_type(md_alg); + TEST_ASSERT(md_info != NULL); - hlen = mbedtls_md_get_size( md_info ); - TEST_ASSERT( mbedtls_md( md_info, - (const unsigned char *) msg, strlen( msg ), - hash ) == 0 ); + hlen = mbedtls_md_get_size(md_info); + TEST_ASSERT(mbedtls_md(md_info, + (const unsigned char *) msg, strlen(msg), + hash) == 0); - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); - slen = sizeof( sig ); + slen = sizeof(sig); cnt_restart = 0; do { - ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, + sig, &slen, NULL, NULL, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( slen == sig_check->len ); - TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(slen == sig_check->len); + TEST_ASSERT(memcmp(sig, sig_check->x, slen) == 0); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); cnt_restart = 0; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(ret == 0); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); hash[0]++; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret != 0); hash[0]--; sig[0]++; do { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - TEST_ASSERT( ret != 0 ); + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + TEST_ASSERT(ret != 0); sig[0]--; /* Do we leak memory when aborting? try verify then sign * This test only makes sense when we actually restart */ - if( min_restart > 0 ) - { - ret = mbedtls_pk_verify_restartable( &pub, md_alg, - hash, hlen, sig, slen, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); - mbedtls_pk_restart_free( &rs_ctx ); - - slen = sizeof( sig ); - ret = mbedtls_pk_sign_restartable( &prv, md_alg, hash, hlen, - sig, &slen, NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + if (min_restart > 0) { + ret = mbedtls_pk_verify_restartable(&pub, md_alg, + hash, hlen, sig, slen, &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); + mbedtls_pk_restart_free(&rs_ctx); + + slen = sizeof(sig); + ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash, hlen, + sig, &slen, NULL, NULL, &rs_ctx); + TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); } exit: - mbedtls_pk_restart_free( &rs_ctx ); - mbedtls_pk_free( &prv ); - mbedtls_pk_free( &pub ); + mbedtls_pk_restart_free(&rs_ctx); + mbedtls_pk_free(&prv); + mbedtls_pk_free(&pub); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) +void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) { mbedtls_pk_context pk; size_t sig_len, hash_len; @@ -892,88 +907,88 @@ void pk_sign_verify( int type, int parameter, int sign_ret, int verify_ret ) mbedtls_pk_restart_ctx ctx; rs_ctx = &ctx; - mbedtls_pk_restart_init( rs_ctx ); + mbedtls_pk_restart_init(rs_ctx); /* This value is large enough that the operation will complete in one run. * See comments at the top of ecp_test_vect_restart in * test_suite_ecp.function for estimates of operation counts. */ - mbedtls_ecp_set_max_ops( 42000 ); + mbedtls_ecp_set_max_ops(42000); #endif - hash_len = mbedtls_md_get_size( mbedtls_md_info_from_type( md ) ); - ASSERT_ALLOC( hash, hash_len ); + hash_len = mbedtls_md_get_size(mbedtls_md_info_from_type(md)); + TEST_CALLOC(hash, hash_len); - mbedtls_pk_init( &pk ); - USE_PSA_INIT( ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - memset( hash, 0x2a, hash_len ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, hash_len); + memset(sig, 0, sizeof(sig)); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_genkey( &pk, parameter ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); + TEST_ASSERT(pk_genkey(&pk, parameter) == 0); - TEST_ASSERT( mbedtls_pk_sign_restartable( &pk, md, - hash, hash_len, sig, &sig_len, - mbedtls_test_rnd_std_rand, NULL, rs_ctx ) == sign_ret ); - if( sign_ret == 0 ) - TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); - else + TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, md, + hash, hash_len, sig, &sig_len, + mbedtls_test_rnd_std_rand, NULL, rs_ctx) == sign_ret); + if (sign_ret == 0) { + TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE); + } else { sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; + } - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) == verify_ret ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) == verify_ret); - if( verify_ret == 0 ) - { + if (verify_ret == 0) { hash[0]++; - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) != 0); hash[0]--; sig[0]++; - TEST_ASSERT( mbedtls_pk_verify( &pk, md, - hash, hash_len, sig, sig_len ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify(&pk, md, + hash, hash_len, sig, sig_len) != 0); sig[0]--; } - TEST_ASSERT( mbedtls_pk_sign( &pk, md, hash, hash_len, - sig, &sig_len, - mbedtls_test_rnd_std_rand, - NULL ) == sign_ret ); - if( sign_ret == 0 ) - TEST_ASSERT( sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE ); - else + TEST_ASSERT(mbedtls_pk_sign(&pk, md, hash, hash_len, + sig, &sig_len, + mbedtls_test_rnd_std_rand, + NULL) == sign_ret); + if (sign_ret == 0) { + TEST_ASSERT(sig_len <= MBEDTLS_PK_SIGNATURE_MAX_SIZE); + } else { sig_len = MBEDTLS_PK_SIGNATURE_MAX_SIZE; + } - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) == verify_ret ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) == verify_ret); - if( verify_ret == 0 ) - { + if (verify_ret == 0) { hash[0]++; - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) != 0); hash[0]--; sig[0]++; - TEST_ASSERT( mbedtls_pk_verify_restartable( &pk, md, - hash, hash_len, sig, sig_len, rs_ctx ) != 0 ); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, md, + hash, hash_len, sig, sig_len, rs_ctx) != 0); sig[0]--; } exit: #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_pk_restart_free( rs_ctx ); + mbedtls_pk_restart_free(rs_ctx); #endif - mbedtls_pk_free( &pk ); - mbedtls_free( hash ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + mbedtls_free(hash); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N, - char * input_N, int radix_E, char * input_E, - data_t * result, int ret ) +void pk_rsa_encrypt_test_vec(data_t *message, int mod, + char *input_N, char *input_E, + data_t *result, int ret) { unsigned char output[300]; mbedtls_test_rnd_pseudo_info rnd_info; @@ -981,34 +996,35 @@ void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N, mbedtls_pk_context pk; size_t olen; - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( output, 0, sizeof( output ) ); - + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(output, 0, sizeof(output)); - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); rsa->len = mod / 8; - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&rsa->E, input_E) == 0); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len, - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); - TEST_ASSERT( olen == result->len ); - TEST_ASSERT( memcmp( output, result->x, olen ) == 0 ); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, message->x, message->len, + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); + TEST_ASSERT(olen == result->len); + TEST_ASSERT(memcmp(output, result->x, olen) == 0); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P, - char * input_P, int radix_Q, char * input_Q, - int radix_N, char * input_N, int radix_E, - char * input_E, data_t * clear, int ret ) +void pk_rsa_decrypt_test_vec(data_t *cipher, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *clear, int ret) { unsigned char output[256]; mbedtls_test_rnd_pseudo_info rnd_info; @@ -1017,49 +1033,50 @@ void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P, mbedtls_pk_context pk; size_t olen; - mbedtls_pk_init( &pk ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_pk_init(&pk); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + USE_PSA_INIT(); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); /* init pk-rsa context */ - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - rsa = mbedtls_pk_rsa( pk ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + rsa = mbedtls_pk_rsa(pk); /* load public key */ - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); /* load private key */ - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_rsa_import(rsa, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(rsa) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(rsa) == 0); /* decryption test */ - memset( output, 0, sizeof( output ) ); + memset(output, 0, sizeof(output)); olen = 0; - TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len, - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); - if( ret == 0 ) - { - TEST_ASSERT( olen == clear->len ); - TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 ); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, cipher->x, cipher->len, + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); + if (ret == 0) { + TEST_ASSERT(olen == clear->len); + TEST_ASSERT(memcmp(output, clear->x, olen) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_pk_free( &pk ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void pk_ec_nocrypt( int type ) +void pk_ec_nocrypt(int type) { mbedtls_pk_context pk; unsigned char output[100]; @@ -1068,65 +1085,70 @@ void pk_ec_nocrypt( int type ) size_t olen = 0; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - memset( output, 0, sizeof( output ) ); - memset( input, 0, sizeof( input ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + memset(output, 0, sizeof(output)); + memset(input, 0, sizeof(input)); - TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ), - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); + TEST_ASSERT(mbedtls_pk_encrypt(&pk, input, sizeof(input), + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); - TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ), - output, &olen, sizeof( output ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret ); + TEST_ASSERT(mbedtls_pk_decrypt(&pk, input, sizeof(input), + output, &olen, sizeof(output), + mbedtls_test_rnd_pseudo_rand, &rnd_info) == ret); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C */ -void pk_rsa_overflow( ) +void pk_rsa_overflow() { mbedtls_pk_context pk; - size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX; + size_t hash_len = UINT_MAX + 1, sig_len = UINT_MAX + 1; unsigned char hash[50], sig[100]; - if( SIZE_MAX <= UINT_MAX ) + if (SIZE_MAX <= UINT_MAX) { return; + } - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_setup( &pk, - mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); #if defined(MBEDTLS_PKCS1_V21) - TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk, - MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk, + MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* MBEDTLS_PKCS1_V21 */ - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len, - sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, + sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == MBEDTLS_ERR_PK_BAD_INPUT_DATA); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */ -void pk_rsa_alt( ) +void pk_rsa_alt() { /* * An rsa_alt context can only do private operations (decrypt, sign). @@ -1141,74 +1163,79 @@ void pk_rsa_alt( ) size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; - mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); - mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt ); + mbedtls_rsa_init(&raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE); + mbedtls_pk_init(&rsa); + mbedtls_pk_init(&alt); + USE_PSA_INIT(); - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); - memset( msg, 0x2a, sizeof msg ); - memset( ciph, 0, sizeof ciph ); - memset( test, 0, sizeof test ); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); + memset(msg, 0x2a, sizeof(msg)); + memset(ciph, 0, sizeof(ciph)); + memset(test, 0, sizeof(test)); - /* Initiliaze PK RSA context with random key */ - TEST_ASSERT( mbedtls_pk_setup( &rsa, - mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 ); + /* Initialize PK RSA context with random key */ + TEST_ASSERT(mbedtls_pk_setup(&rsa, + mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + TEST_ASSERT(pk_genkey(&rsa, RSA_KEY_SIZE) == 0); /* Extract key to the raw rsa context */ - TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&raw, mbedtls_pk_rsa(rsa)) == 0); /* Initialize PK RSA_ALT context */ - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw, - mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 ); + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&alt, (void *) &raw, + mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); /* Test administrative functions */ - TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) ); - TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE ); - TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN ); - TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT ); - TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&alt, MBEDTLS_PK_RSA)); + TEST_ASSERT(mbedtls_pk_get_bitlen(&alt) == RSA_KEY_SIZE); + TEST_ASSERT(mbedtls_pk_get_len(&alt) == RSA_KEY_LEN); + TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT); + TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0); /* Test signature */ #if SIZE_MAX > UINT_MAX - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* SIZE_MAX > UINT_MAX */ - TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash, sig, - &sig_len, mbedtls_test_rnd_std_rand, NULL ) - == 0 ); - TEST_ASSERT( sig_len == RSA_KEY_LEN ); - TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len ) == 0 ); + TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash), sig, + &sig_len, mbedtls_test_rnd_std_rand, NULL) + == 0); + TEST_ASSERT(sig_len == RSA_KEY_LEN); + TEST_ASSERT(mbedtls_pk_verify(&rsa, MBEDTLS_MD_NONE, + hash, sizeof(hash), sig, sig_len) == 0); /* Test decrypt */ - TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len, - test, &test_len, sizeof test, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); - TEST_ASSERT( test_len == sizeof msg ); - TEST_ASSERT( memcmp( test, msg, test_len ) == 0 ); + TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof(msg), + ciph, &ciph_len, sizeof(ciph), + mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_ASSERT(mbedtls_pk_decrypt(&alt, ciph, ciph_len, + test, &test_len, sizeof(test), + mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_ASSERT(test_len == sizeof(msg)); + TEST_ASSERT(memcmp(test, msg, test_len) == 0); /* Test forbidden operations */ - TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, - mbedtls_test_rnd_std_rand, NULL ) == ret ); - TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len ) == ret ); - TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret ); + TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof(msg), + ciph, &ciph_len, sizeof(ciph), + mbedtls_test_rnd_std_rand, NULL) == ret); + TEST_ASSERT(mbedtls_pk_verify(&alt, MBEDTLS_MD_NONE, + hash, sizeof(hash), sig, sig_len) == ret); + TEST_ASSERT(mbedtls_pk_debug(&alt, dbg_items) == ret); exit: - mbedtls_rsa_free( &raw ); - mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt ); + mbedtls_rsa_free(&raw); + mbedtls_pk_free(&rsa); + mbedtls_pk_free(&alt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C */ -void pk_psa_sign( int grpid_arg, - int psa_curve_arg, int expected_bits_arg ) +void pk_psa_sign(int grpid_arg, + int psa_curve_arg, int expected_bits_arg) { mbedtls_ecp_group_id grpid = grpid_arg; mbedtls_pk_context pk; @@ -1221,7 +1248,7 @@ void pk_psa_sign( int grpid_arg, int ret; mbedtls_svc_key_id_t key_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR( psa_curve_arg ); + psa_key_type_t expected_type = PSA_KEY_TYPE_ECC_KEY_PAIR(psa_curve_arg); size_t expected_bits = expected_bits_arg; /* @@ -1232,69 +1259,69 @@ void pk_psa_sign( int grpid_arg, * - parse it to a PK context and verify the signature this way */ - PSA_ASSERT( psa_crypto_init( ) ); - /* Create legacy EC public/private key in PK context. */ - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_setup( &pk, - mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 ); - TEST_ASSERT( mbedtls_ecp_gen_key( grpid, - (mbedtls_ecp_keypair*) pk.pk_ctx, - mbedtls_test_rnd_std_rand, NULL ) == 0 ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); + TEST_ASSERT(mbedtls_ecp_gen_key(grpid, + (mbedtls_ecp_keypair *) pk.pk_ctx, + mbedtls_test_rnd_std_rand, NULL) == 0); /* Export underlying public key for re-importing in a legacy context. */ - ret = mbedtls_pk_write_pubkey_der( &pk, pkey_legacy, - sizeof( pkey_legacy ) ); - TEST_ASSERT( ret >= 0 ); + ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy, + sizeof(pkey_legacy)); + TEST_ASSERT(ret >= 0); klen_legacy = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ - pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy; + pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy; /* Turn PK context into an opaque one. */ - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id, - PSA_ALG_SHA_256 ) == 0 ); + TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id, + PSA_ALG_SHA_256) == 0); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), expected_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_VOLATILE ); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_type); + TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_VOLATILE); - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); - TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, &sig_len, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, + hash, sizeof(hash), sig, &sig_len, + NULL, NULL) == 0); /* Export underlying public key for re-importing in a psa context. */ - ret = mbedtls_pk_write_pubkey_der( &pk, pkey_psa, - sizeof( pkey_psa ) ); - TEST_ASSERT( ret >= 0 ); + ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa, + sizeof(pkey_psa)); + TEST_ASSERT(ret >= 0); klen_psa = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ - pkey_psa_start = pkey_psa + sizeof( pkey_psa ) - klen_psa; + pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa; - TEST_ASSERT( klen_psa == klen_legacy ); - TEST_ASSERT( memcmp( pkey_psa_start, pkey_legacy_start, klen_psa ) == 0 ); + TEST_ASSERT(klen_psa == klen_legacy); + TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0); - mbedtls_pk_free( &pk ); - TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key_id ) ); + mbedtls_pk_free(&pk); + TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id)); - mbedtls_pk_init( &pk ); - TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey_legacy_start, - klen_legacy ) == 0 ); - TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len ) == 0 ); + mbedtls_pk_init(&pk); + TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start, + klen_legacy) == 0); + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, + hash, sizeof(hash), sig, sig_len) == 0); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_pk_free( &pk ); - USE_PSA_DONE( ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.data b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.data index a8c4bab35ae..d078a68277f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.data @@ -33,3 +33,39 @@ pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"01234567 PKCS#12 derive key: MD5: Valid password and salt depends_on:MBEDTLS_MD5_C pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 + +PBE Encrypt, pad = 7 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A78856E9E662DD27CB" + +PBE Encrypt, pad = 8 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A70F70A3D4EC4004A8" + +PBE Encrypt, pad = 8 (Invalid output size) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"5F2C15056A36F3A70F70A3D4EC4004A8" + +PBE Encrypt, pad = 8 (PKCS7 padding disabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":0:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + +PBE Decrypt, pad = 7 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A78856E9E662DD27CB":16:0:"AAAAAAAAAAAAAAAAAA" + +PBE Decrypt, pad = 8 (Invalid output size) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"AAAAAAAAAAAAAAAA" + +PBE Decrypt, pad = 8 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":16:0:"AAAAAAAAAAAAAAAA" + +PBE Decrypt, (Invalid padding & PKCS7 padding disabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:0:"AAAAAAAAAAAAAAAAAA07070707070708" + +PBE Decrypt, (Invalid padding & PKCS7 padding enabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH:"AAAAAAAAAAAAAAAAAA07070707070708" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.function index a7b01f6df83..a5a9019ac97 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs12.function @@ -1,11 +1,11 @@ /* BEGIN_HEADER */ #include "mbedtls/pkcs12.h" #include "mbedtls/error.h" +#include "common.h" -typedef enum -{ - USE_NULL_INPUT = 0, - USE_GIVEN_INPUT = 1, +typedef enum { + USE_NULL_INPUT = 0, + USE_GIVEN_INPUT = 1, } input_usage_method_t; /* END_HEADER */ @@ -16,54 +16,155 @@ typedef enum */ /* BEGIN_CASE */ -void pkcs12_derive_key( int md_type, int key_size_arg, - data_t *password_arg, int password_usage, - data_t *salt_arg, int salt_usage, - int iterations, - data_t* expected_output, int expected_status ) +void pkcs12_derive_key(int md_type, int key_size_arg, + data_t *password_arg, int password_usage, + data_t *salt_arg, int salt_usage, + int iterations, + data_t *expected_output, int expected_status) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char *output_data = NULL; + unsigned char *output_data = NULL; - unsigned char *password = NULL; - size_t password_len = 0; - unsigned char *salt = NULL; - size_t salt_len = 0; - size_t key_size = key_size_arg; + unsigned char *password = NULL; + size_t password_len = 0; + unsigned char *salt = NULL; + size_t salt_len = 0; + size_t key_size = key_size_arg; - if( password_usage == USE_GIVEN_INPUT ) - password = password_arg->x; + if (password_usage == USE_GIVEN_INPUT) { + password = password_arg->x; + } - password_len = password_arg->len; + password_len = password_arg->len; - if( salt_usage == USE_GIVEN_INPUT ) - salt = salt_arg->x; + if (salt_usage == USE_GIVEN_INPUT) { + salt = salt_arg->x; + } - salt_len = salt_arg->len; + salt_len = salt_arg->len; - ASSERT_ALLOC( output_data, key_size ); + TEST_CALLOC(output_data, key_size); - ret = mbedtls_pkcs12_derivation( output_data, - key_size, - password, - password_len, - salt, - salt_len, - md_type, - MBEDTLS_PKCS12_DERIVE_KEY, - iterations ); + int ret = mbedtls_pkcs12_derivation(output_data, + key_size, + password, + password_len, + salt, + salt_len, + md_type, + MBEDTLS_PKCS12_DERIVE_KEY, + iterations); - TEST_EQUAL( ret, expected_status ); + TEST_EQUAL(ret, expected_status); - if( expected_status == 0 ) - { - ASSERT_COMPARE( expected_output->x, expected_output->len, - output_data, key_size ); - } + if (expected_status == 0) { + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output_data, key_size); + } exit: - mbedtls_free( output_data ); + mbedtls_free(output_data); + +} +/* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf pbe_params; + unsigned char *my_out = NULL; + mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; + mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + ASSERT_ALLOC(my_out, outsize); + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf pbe_params; + unsigned char *my_out = NULL; + mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; + mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + ASSERT_ALLOC(my_out, outsize); + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.data b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.data index b4cf09a57e9..6f161a5ea2f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.data @@ -1,44 +1,44 @@ RSAES-V15 Encryption input=NULL with length=0 -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb3267c6697351ff4aec29cdbaabf2fbe34676cac0":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0 +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb3267c6697351ff4aec29cdbaabf2fbe34676cac0":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0 RSAES-V15 Decryption empty output with NULL buffer -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0 +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0 RSAES-V15 Encryption Test Vector Int -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb32":"6c5ebca6116b1e91316613fbb5e93197270a849122d549122d05815e2626f80d20f7f3f038c98295203c0f7f6bb8c3568455c67dec82bca86be86eff43b56b7ba2d15375f9a42454c2a2c709953a6e4a977462e35fd21a9c2fb3c0ad2a370f7655267bf6f04814784982988e663b869fc8588475af860d499e5a6ffdfc2c6bfd":0 +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb32":"6c5ebca6116b1e91316613fbb5e93197270a849122d549122d05815e2626f80d20f7f3f038c98295203c0f7f6bb8c3568455c67dec82bca86be86eff43b56b7ba2d15375f9a42454c2a2c709953a6e4a977462e35fd21a9c2fb3c0ad2a370f7655267bf6f04814784982988e663b869fc8588475af860d499e5a6ffdfc2c6bfd":0 RSAES-V15 Decryption Test Vector Int -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"28818cb14236ad18f4527e7f1f7633e96cef021bc3234475d7f61e88702b6335b42a352ed3f3267ac7c3e9ba4af17e45096c63eefd8d9a7cb42dfc52fffb2f5b8afb305b46312c2eb50634123b4437a2287ac57b7509d59a583fb741989a49f32625e9267b4641a6607b7303d35c68489db53c8d387b620d0d46a852e72ea43c":0 +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"28818cb14236ad18f4527e7f1f7633e96cef021bc3234475d7f61e88702b6335b42a352ed3f3267ac7c3e9ba4af17e45096c63eefd8d9a7cb42dfc52fffb2f5b8afb305b46312c2eb50634123b4437a2287ac57b7509d59a583fb741989a49f32625e9267b4641a6607b7303d35c68489db53c8d387b620d0d46a852e72ea43c":0 RSAES-V15 Encryption Test Vector Data just fits -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 RSAES-V15 Decryption Test Vector Data just fits -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 RSAES-V15 Encryption Test Vector Data too long 1 -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 7 -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 Encryption Test Vector Data too long 3 -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 5 -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 Encryption Test Vector Data too long 8 -pkcs1_rsaes_v15_encrypt:1024:16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 0 -pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":16:"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":16:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":16:"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-V15 Signing Test Vector Int -pkcs1_rsassa_v15_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 +pkcs1_rsassa_v15_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 RSASSA-V15 Verification Test Vector Int -pkcs1_rsassa_v15_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 +pkcs1_rsassa_v15_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 RSAES-V15 decoding: good, payload=max, tight output buffer pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:117:0 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.function index d3553403a9d..83fc73a7d16 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v15.function @@ -9,10 +9,10 @@ */ /* BEGIN_CASE */ -void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, - int radix_E, char * input_E, int hash, - data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, + char *input_E, int hash, + data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char output[128]; mbedtls_rsa_context ctx; @@ -24,43 +24,41 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( message_str->len == 0 ) + if (message_str->len == 0) { message_str->x = NULL; - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - - if( result == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + } + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + + if (result == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, - int radix_Q, char * input_Q, int radix_N, - char * input_N, int radix_E, char * input_E, - int hash, data_t * result_str, - char * seed, data_t * message_str, - int result ) +void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q, + char *input_N, char *input_E, int hash, + data_t *result_str, char *seed, + data_t *message_str, int result) { unsigned char output[128]; mbedtls_rsa_context ctx; @@ -69,60 +67,56 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, mbedtls_mpi N, P, Q, E; ((void) seed); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( result_str->len == 0 ) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - NULL, 0 ) == result ); - } - else - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - output, 1000 ) == result ); - if( result == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - output_len, - result_str->len) == 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (result_str->len == 0) { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + NULL, 0) == result); + } else { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + output, 1000) == result); + if (result == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + output_len, + result_str->len) == 0); } } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_v15_decode( int mode, - data_t *input, - int expected_plaintext_length_arg, - int output_size_arg, - int expected_result ) +void pkcs1_v15_decode(int mode, + data_t *input, + int expected_plaintext_length_arg, + int output_size_arg, + int expected_result) { size_t expected_plaintext_length = expected_plaintext_length_arg; size_t output_size = output_size_arg; @@ -192,48 +186,46 @@ void pkcs1_v15_decode( int mode, unsigned char final[128]; size_t output_length = 0x7EA0; - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi ); - mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi, - NULL, &Empi ) == 0 ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - - TEST_ASSERT( input->len <= sizeof( N ) ); - memcpy( original, input->x, input->len ); - memset( original + input->len, 'd', sizeof( original ) - input->len ); - if( mode == MBEDTLS_RSA_PRIVATE ) - TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 ); - else - TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, original, - intermediate ) == 0 ); - - memcpy( final, default_content, sizeof( final ) ); - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, mode, &output_length, - intermediate, final, - output_size ) == expected_result ); - if( expected_result == 0 ) - { - TEST_ASSERT( output_length == expected_plaintext_length ); - TEST_ASSERT( memcmp( original + sizeof( N ) - output_length, - final, - output_length ) == 0 ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_mpi_init(&Nmpi); mbedtls_mpi_init(&Empi); + mbedtls_mpi_init(&Pmpi); mbedtls_mpi_init(&Qmpi); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + + TEST_ASSERT(mbedtls_mpi_read_binary(&Nmpi, N, sizeof(N)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Empi, E, sizeof(E)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Pmpi, P, sizeof(P)) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Qmpi, Q, sizeof(Q)) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &Nmpi, &Pmpi, &Qmpi, + NULL, &Empi) == 0); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + + TEST_ASSERT(input->len <= sizeof(N)); + memcpy(original, input->x, input->len); + memset(original + input->len, 'd', sizeof(original) - input->len); + if (mode == MBEDTLS_RSA_PRIVATE) { + TEST_ASSERT(mbedtls_rsa_public(&ctx, original, intermediate) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_private(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, original, + intermediate) == 0); } - else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING || - expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ) - { + + memcpy(final, default_content, sizeof(final)); + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, mode, &output_length, + intermediate, final, + output_size) == expected_result); + if (expected_result == 0) { + TEST_ASSERT(output_length == expected_plaintext_length); + TEST_ASSERT(memcmp(original + sizeof(N) - output_length, + final, + output_length) == 0); + } else if (expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING || + expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) { size_t max_payload_length = - output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size; + output_size > sizeof(N) - 11 ? sizeof(N) - 11 : output_size; size_t i; size_t count = 0; @@ -242,34 +234,36 @@ void pkcs1_v15_decode( int mode, * implementation currently does. Alternative implementations * may produce different output, so we only perform these precise * checks when using the default implementation. */ - TEST_ASSERT( output_length == max_payload_length ); - for( i = 0; i < max_payload_length; i++ ) - TEST_ASSERT( final[i] == 0 ); + TEST_ASSERT(output_length == max_payload_length); + for (i = 0; i < max_payload_length; i++) { + TEST_ASSERT(final[i] == 0); + } #endif /* Even in alternative implementations, the outputs must have * changed, otherwise it indicates at least a timing vulnerability * because no write to the outputs is performed in the bad case. */ - TEST_ASSERT( output_length != 0x7EA0 ); - for( i = 0; i < max_payload_length; i++ ) - count += ( final[i] == default_content[i] ); + TEST_ASSERT(output_length != 0x7EA0); + for (i = 0; i < max_payload_length; i++) { + count += (final[i] == default_content[i]); + } /* If more than 16 bytes are unchanged in final, that's evidence * that final wasn't overwritten. */ - TEST_ASSERT( count < 16 ); + TEST_ASSERT(count < 16); } exit: - mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi ); - mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&Nmpi); mbedtls_mpi_free(&Empi); + mbedtls_mpi_free(&Pmpi); mbedtls_mpi_free(&Qmpi); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, - char * input_Q, int radix_N, char * input_N, - int radix_E, char * input_E, int digest, int hash, - data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsassa_v15_sign(int mod, char *input_P, + char *input_Q, char *input_N, + char *input_E, int digest, int hash, + data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[128]; @@ -282,73 +276,76 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PRIVATE, digest, + 0, hash_result, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, - int radix_E, char * input_E, int digest, - int hash, data_t * message_str, char * salt, - data_t * result_str, int result ) +void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E, + int digest, int hash, data_t *message_str, + char *salt, data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v21.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v21.function index c23a4adea91..0ecd4a7bf77 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v21.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs1_v21.function @@ -9,9 +9,9 @@ */ /* BEGIN_CASE */ -void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, - int hash, data_t * message_str, data_t * rnd_buf, - data_t * result_str, int result ) +void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, + int hash, data_t *message_str, data_t *rnd_buf, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; @@ -23,39 +23,39 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( message_str->len == 0 ) + if (message_str->len == 0) { message_str->x = NULL; - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + } + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, - data_t * input_N, data_t * input_E, int hash, - data_t * result_str, char * seed, data_t * message_str, - int result ) +void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, + data_t *input_N, data_t *input_E, int hash, + data_t *result_str, char *seed, data_t *message_str, + int result) { unsigned char output[64]; mbedtls_rsa_context ctx; @@ -64,61 +64,57 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, mbedtls_mpi N, P, Q, E; ((void) seed); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( result_str->len == 0 ) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - NULL, 0 ) == result ); - } - else - { - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, - MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, - output, - sizeof( output ) ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, output_len, result_str->x, result_str->len ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (result_str->len == 0) { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + NULL, 0) == result); + } else { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, + MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, + output, + sizeof(output)) == result); + if (result == 0) { + TEST_MEMORY_COMPARE(output, output_len, result_str->x, result_str->len); } } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, - data_t * input_N, data_t * input_E, int digest, - int hash, data_t * message_str, data_t * rnd_buf, - data_t * result_str, int fixed_salt_length, - int result ) +void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, + data_t *input_N, data_t *input_E, int digest, + int hash, data_t *message_str, data_t *rnd_buf, + data_t *result_str, int fixed_salt_length, + int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[512]; @@ -131,136 +127,135 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, info.buf = rnd_buf->x; info.length = rnd_buf->len; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); - - TEST_ASSERT( mbedtls_mpi_read_binary( &P, input_P->x, input_P->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &Q, input_Q->x, input_Q->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - - if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) - { - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, 0, - hash_result, output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); + + TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); + + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } + + if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, MBEDTLS_RSA_PRIVATE, digest, 0, + hash_result, output) == result); + if (result == 0) { + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } info.buf = rnd_buf->x; info.length = rnd_buf->len; } - TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, digest, 0, hash_result, - fixed_salt_length, output ) == result ); - if( result == 0 ) - { - ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); + TEST_ASSERT(mbedtls_rsa_rsassa_pss_sign_ext(&ctx, &mbedtls_test_rnd_buffer_rand, + &info, digest, 0, hash_result, + fixed_salt_length, output) == result); + if (result == 0) { + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, - int digest, int hash, data_t * message_str, - char * salt, data_t * result_str, int result ) +void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, + int digest, int hash, data_t *message_str, + char *salt, data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; ((void) salt); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, - int msg_digest_id, int ctx_hash, - int mgf_hash, int salt_len, - data_t * message_str, - data_t * result_str, int result_simple, - int result_full ) +void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, + int msg_digest_id, int ctx_hash, + int mgf_hash, int salt_len, + data_t *message_str, + data_t *result_str, int result_simple, + int result_full) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; size_t hash_len; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_mpi_read_binary( &N, input_N->x, input_N->len ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &E, input_E->x, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); + TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( msg_digest_id != MBEDTLS_MD_NONE ) - { - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ), - message_str->x, message_str->len, hash_result ) == 0 ); + if (msg_digest_id != MBEDTLS_MD_NONE) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(msg_digest_id), + message_str->x, message_str->len, hash_result) == 0); hash_len = 0; - } - else - { - memcpy( hash_result, message_str->x, message_str->len ); + } else { + memcpy(hash_result, message_str->x, message_str->len); hash_len = message_str->len; } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - result_str->x ) == result_simple ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + result_str->x) == result_simple); - TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - mgf_hash, salt_len, - result_str->x ) == result_full ); + TEST_ASSERT(mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + mgf_hash, salt_len, + result_str->x) == result_full); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.data b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.data index e51a7d2681b..76fb0ab604f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.data @@ -106,109 +106,141 @@ PBKDF2 Python hashlib Test Vector #6 (SHA512) depends_on:MBEDTLS_SHA512_C pbkdf2_hmac:MBEDTLS_MD_SHA512:"7061737300776f7264":"7361006c74":4096:16:"9d9e9c4cd21fe4be24d5b8244c759665" +PBES2 Encrypt, pad=6 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":144:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7" + +PBES2 Encrypt, pad=8 (OK) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55":136:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC2262AD99FBD6C3B0AB" + +PBES2 Encrypt, pad=8 (Invalid output size) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":151:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22D8D337E00CB5D1B5B76BE4AE393414050646A102DEF61A9F" + +PBES2 Encrypt, pad=6 (PKCS7 padding disabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + +PBES2 Encrypt, pad=8 (PKCS7 padding disabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + PBES2 Decrypt (OK) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" + +PBES2 Decrypt (Invalid output size) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":143:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" + +PBES2 Decrypt (Invalid padding & PKCS7 padding disabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" + +PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" PBES2 Decrypt (bad params tag) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_SEQUENCE:"":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_SEQUENCE:"":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad KDF AlgId: not a sequence) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad KDF AlgId: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (KDF != PBKDF2) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad PBKDF2 params: not a sequence) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad PBKDF2 params salt: not an octet string) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params salt: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad PBKDF2 params iter: not an int) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params iter: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (OK, PBKDF2 params explicit keylen) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad, PBKDF2 params extra data) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:"" PBES2 Decrypt (bad enc_scheme_alg: not a sequence) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad enc_scheme_alg: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad enc_scheme_alg: unknown oid) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad enc_scheme_alg params: not an octet string) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" PBES2 Decrypt (bad enc_scheme_alg params: overlong) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len) depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" PBES2 Decrypt (bad password) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" PBES2 Decrypt (bad iter value) -depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_SHA1_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" PKCS#5 Selftest pkcs5_selftest: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.function index 0b0c937cf48..7ce88cbc5e5 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkcs5.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/pkcs5.h" +#include "mbedtls/cipher.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -8,59 +9,120 @@ */ /* BEGIN_CASE */ -void pbkdf2_hmac( int hash, data_t * pw_str, data_t * salt_str, - int it_cnt, int key_len, data_t * result_key_string ) +void pbkdf2_hmac(int hash, data_t *pw_str, data_t *salt_str, + int it_cnt, int key_len, data_t *result_key_string) { mbedtls_md_context_t ctx; const mbedtls_md_info_t *info; unsigned char key[100]; - mbedtls_md_init( &ctx ); + mbedtls_md_init(&ctx); - info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( info != NULL ); - TEST_ASSERT( mbedtls_md_setup( &ctx, info, 1 ) == 0 ); - TEST_ASSERT( mbedtls_pkcs5_pbkdf2_hmac( &ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, - it_cnt, key_len, key ) == 0 ); + info = mbedtls_md_info_from_type(hash); + TEST_ASSERT(info != NULL); + TEST_ASSERT(mbedtls_md_setup(&ctx, info, 1) == 0); + TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac(&ctx, pw_str->x, pw_str->len, salt_str->x, salt_str->len, + it_cnt, key_len, key) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( key, result_key_string->x, - key_len, result_key_string->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x, + key_len, result_key_string->len) == 0); exit: - mbedtls_md_free( &ctx ); + mbedtls_md_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ -void mbedtls_pkcs5_pbes2( int params_tag, data_t *params_hex, data_t *pw, - data_t *data, int ref_ret, data_t *ref_out ) +void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, + data_t *ref_out) { int my_ret; mbedtls_asn1_buf params; unsigned char *my_out = NULL; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif params.tag = params_tag; params.p = params_hex->x; params.len = params_hex->len; - my_out = mbedtls_test_zero_alloc( ref_out->len ); + ASSERT_ALLOC(my_out, outsize); - my_ret = mbedtls_pkcs5_pbes2( ¶ms, MBEDTLS_PKCS5_DECRYPT, - pw->x, pw->len, data->x, data->len, my_out ); - TEST_ASSERT( my_ret == ref_ret ); + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_ENCRYPT, + pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } - if( ref_ret == 0 ) - TEST_ASSERT( memcmp( my_out, ref_out->x, ref_out->len ) == 0 ); +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_ENCRYPT, + pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif exit: - mbedtls_free( my_out ); + mbedtls_free(my_out); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pbes2_decrypt(int params_tag, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, + data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf params; + unsigned char *my_out = NULL; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + params.tag = params_tag; + params.p = params_hex->x; + params.len = params_hex->len; + + ASSERT_ALLOC(my_out, outsize); + + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_DECRYPT, + pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_DECRYPT, + pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void pkcs5_selftest( ) +void pkcs5_selftest() { - TEST_ASSERT( mbedtls_pkcs5_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.data b/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.data index 4964bfae10e..9108a215b6c 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.data @@ -1,13 +1,13 @@ Parse RSA Key #1 (No password when required) -depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #2 (Correct password) -depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0 Parse RSA Key #3 (Wrong password) -depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #4 (DES Encrypted) @@ -1033,11 +1033,11 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0 Parse EC Key #6 (PKCS8 encrypted DER) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS12_C pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0 Parse EC Key #7 (PKCS8 encrypted PEM) -depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS12_C pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0 Parse EC Key #8 (SEC1 PEM, secp224r1) diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.function index 4650d331151..d6b698463f6 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkparse.function @@ -10,119 +10,126 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */ -void pk_parse_keyfile_rsa( char * key_file, char * password, int result ) +void pk_parse_keyfile_rsa(char *key_file, char *password, int result) { mbedtls_pk_context ctx; int res; char *pwd = password; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); + USE_PSA_INIT(); - if( strcmp( pwd, "NULL" ) == 0 ) + if (strcmp(pwd, "NULL") == 0) { pwd = NULL; + } - res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd ); + res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_rsa_context *rsa; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) ); - rsa = mbedtls_pk_rsa( ctx ); - TEST_ASSERT( mbedtls_rsa_check_privkey( rsa ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); + rsa = mbedtls_pk_rsa(ctx); + TEST_ASSERT(mbedtls_rsa_check_privkey(rsa) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */ -void pk_parse_public_keyfile_rsa( char * key_file, int result ) +void pk_parse_public_keyfile_rsa(char *key_file, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); + USE_PSA_INIT(); - res = mbedtls_pk_parse_public_keyfile( &ctx, key_file ); + res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_rsa_context *rsa; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_RSA ) ); - rsa = mbedtls_pk_rsa( ctx ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( rsa ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); + rsa = mbedtls_pk_rsa(ctx); + TEST_ASSERT(mbedtls_rsa_check_pubkey(rsa) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ -void pk_parse_public_keyfile_ec( char * key_file, int result ) +void pk_parse_public_keyfile_ec(char *key_file, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); + USE_PSA_INIT(); - res = mbedtls_pk_parse_public_keyfile( &ctx, key_file ); + res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_ecp_keypair *eckey; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) ); - eckey = mbedtls_pk_ec( ctx ); - TEST_ASSERT( mbedtls_ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); + eckey = mbedtls_pk_ec(ctx); + TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ -void pk_parse_keyfile_ec( char * key_file, char * password, int result ) +void pk_parse_keyfile_ec(char *key_file, char *password, int result) { mbedtls_pk_context ctx; int res; - mbedtls_pk_init( &ctx ); + mbedtls_pk_init(&ctx); + USE_PSA_INIT(); - res = mbedtls_pk_parse_keyfile( &ctx, key_file, password ); + res = mbedtls_pk_parse_keyfile(&ctx, key_file, password); - TEST_ASSERT( res == result ); + TEST_ASSERT(res == result); - if( res == 0 ) - { + if (res == 0) { mbedtls_ecp_keypair *eckey; - TEST_ASSERT( mbedtls_pk_can_do( &ctx, MBEDTLS_PK_ECKEY ) ); - eckey = mbedtls_pk_ec( ctx ); - TEST_ASSERT( mbedtls_ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 ); + TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); + eckey = mbedtls_pk_ec(ctx); + TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0); } exit: - mbedtls_pk_free( &ctx ); + mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void pk_parse_key( data_t * buf, int result ) +void pk_parse_key(data_t *buf, int result) { mbedtls_pk_context pk; - mbedtls_pk_init( &pk ); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result ); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0) == result); exit: - mbedtls_pk_free( &pk ); + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.data b/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.data index e0101ccdf55..f10bdd6cfec 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.data @@ -1,47 +1,107 @@ Public key write check RSA -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_pubkey_check:"data_files/server1.pubkey" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_pubkey_check:"data_files/server1.pubkey":TEST_PEM + +Public key write check RSA (DER) +depends_on:MBEDTLS_RSA_C +pk_write_pubkey_check:"data_files/server1.pubkey.der":TEST_DER Public key write check RSA 4096 -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_pubkey_check:"data_files/rsa4096_pub.pem" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_pubkey_check:"data_files/rsa4096_pub.pem":TEST_PEM + +Public key write check RSA 4096 (DER) +depends_on:MBEDTLS_RSA_C +pk_write_pubkey_check:"data_files/rsa4096_pub.der":TEST_DER Public key write check EC 192 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_write_pubkey_check:"data_files/ec_pub.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_write_pubkey_check:"data_files/ec_pub.pem":TEST_PEM + +Public key write check EC 192 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_write_pubkey_check:"data_files/ec_pub.der":TEST_DER Public key write check EC 521 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_pubkey_check:"data_files/ec_521_pub.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_pubkey_check:"data_files/ec_521_pub.pem":TEST_PEM + +Public key write check EC 521 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_pubkey_check:"data_files/ec_521_pub.der":TEST_DER Public key write check EC Brainpool 512 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -pk_write_pubkey_check:"data_files/ec_bp512_pub.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_write_pubkey_check:"data_files/ec_bp512_pub.pem":TEST_PEM + +Public key write check EC Brainpool 512 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_write_pubkey_check:"data_files/ec_bp512_pub.der":TEST_DER Private key write check RSA -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_key_check:"data_files/server1.key" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_key_check:"data_files/server1.key":TEST_PEM + +Private key write check RSA (DER) +depends_on:MBEDTLS_RSA_C +pk_write_key_check:"data_files/server1.key.der":TEST_DER Private key write check RSA 4096 -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_key_check:"data_files/rsa4096_prv.pem" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_key_check:"data_files/rsa4096_prv.pem":TEST_PEM + +Private key write check RSA 4096 (DER) +depends_on:MBEDTLS_RSA_C +pk_write_key_check:"data_files/rsa4096_prv.der":TEST_DER Private key write check EC 192 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_write_key_check:"data_files/ec_prv.sec1.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_write_key_check:"data_files/ec_prv.sec1.pem":TEST_PEM + +Private key write check EC 192 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_write_key_check:"data_files/ec_prv.sec1.der":TEST_DER Private key write check EC 256 bits (top bit set) -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -pk_write_key_check:"data_files/ec_256_long_prv.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_write_key_check:"data_files/ec_256_long_prv.pem":TEST_PEM + +Private key write check EC 256 bits (top bit set) (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_write_key_check:"data_files/ec_256_long_prv.der":TEST_DER Private key write check EC 521 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_key_check:"data_files/ec_521_prv.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_key_check:"data_files/ec_521_prv.pem":TEST_PEM + +Private key write check EC 521 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_key_check:"data_files/ec_521_prv.der":TEST_DER Private key write check EC 521 bits (top byte is 0) -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_key_check:"data_files/ec_521_short_prv.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_key_check:"data_files/ec_521_short_prv.pem":TEST_PEM + +Private key write check EC 521 bits (top byte is 0) (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_key_check:"data_files/ec_521_short_prv.der":TEST_DER Private key write check EC Brainpool 512 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -pk_write_key_check:"data_files/ec_bp512_prv.pem" +depends_on:MBEDTLS_ECP_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_write_key_check:"data_files/ec_bp512_prv.pem":TEST_PEM + +Private key write check EC Brainpool 512 bits (DER) +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_write_key_check:"data_files/ec_bp512_prv.der":TEST_DER + +Derive public key EC 192 bits +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_write_public_from_private:"data_files/ec_prv.sec1.der":"data_files/ec_pub.der" + +Derive public key EC 521 bits +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_write_public_from_private:"data_files/ec_521_prv.der":"data_files/ec_521_pub.der" + +Derive public key EC Brainpool 512 bits +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_write_public_from_private:"data_files/ec_bp512_prv.der":"data_files/ec_bp512_pub.der" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.function b/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.function index 2bad4ed1370..d1f7813b738 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_pkwrite.function @@ -2,89 +2,177 @@ #include "mbedtls/pk.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" -/* END_HEADER */ +#include "psa/crypto_sizes.h" -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO - * END_DEPENDENCIES - */ +typedef enum { + TEST_PEM, + TEST_DER +} pkwrite_file_format_t; + +/* Helper function for removing "\r" chars from a buffer. */ +static void fix_new_lines(unsigned char *in_str, size_t *len) +{ + size_t chars_left; + unsigned int i; + + for (i = 0; (i < *len) && (*len > 0); i++) { + if (in_str[i] == '\r') { + if (i < (*len - 1)) { + chars_left = *len - i - 1; + memmove(&in_str[i], &in_str[i+1], chars_left); + } else { + in_str[i] = '\0'; + } + *len = *len - 1; + } + } +} -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_pubkey_check( char * key_file ) +static void pk_write_check_common(char *key_file, int is_public_key, int is_der) { mbedtls_pk_context key; - unsigned char buf[5000]; - unsigned char check_buf[5000]; + unsigned char *buf = NULL; + unsigned char *check_buf = NULL; + unsigned char *start_buf; + size_t buf_len, check_buf_len; int ret; - FILE *f; - size_t ilen, pem_len, buf_index; - - memset( buf, 0, sizeof( buf ) ); - memset( check_buf, 0, sizeof( check_buf ) ); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &key, key_file ) == 0 ); + mbedtls_pk_init(&key); + USE_PSA_INIT(); + + /* Note: if mbedtls_pk_load_file() successfully reads the file, then + it also allocates check_buf, which should be freed on exit */ + TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0); + TEST_ASSERT(check_buf_len > 0); + + /* Windows' line ending is different from the Linux's one ("\r\n" vs "\n"). + * Git treats PEM files as text, so when on Windows, it replaces new lines + * with "\r\n" on checkout. + * Unfortunately mbedtls_pk_load_file() loads files in binary format, + * while mbedtls_pk_write_pubkey_pem() goes through the I/O layer which + * uses "\n" for newlines in both Windows and Linux. + * Here we remove the extra "\r" so that "buf" and "check_buf" can be + * easily compared later. */ + if (!is_der) { + fix_new_lines(check_buf, &check_buf_len); + } + TEST_ASSERT(check_buf_len > 0); + + TEST_CALLOC(buf, check_buf_len); + + if (is_public_key) { + TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&key, key_file), 0); + if (is_der) { + ret = mbedtls_pk_write_pubkey_der(&key, buf, check_buf_len); + } else { +#if defined(MBEDTLS_PEM_WRITE_C) + ret = mbedtls_pk_write_pubkey_pem(&key, buf, check_buf_len); +#else + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif + } + } else { + TEST_EQUAL(mbedtls_pk_parse_keyfile(&key, key_file, NULL), 0); + if (is_der) { + ret = mbedtls_pk_write_key_der(&key, buf, check_buf_len); + } else { +#if defined(MBEDTLS_PEM_WRITE_C) + ret = mbedtls_pk_write_key_pem(&key, buf, check_buf_len); +#else + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif + } + } - ret = mbedtls_pk_write_pubkey_pem( &key, buf, sizeof( buf )); - TEST_ASSERT( ret == 0 ); + if (is_der) { + TEST_LE_U(1, ret); + buf_len = ret; + start_buf = buf + check_buf_len - buf_len; + } else { + TEST_EQUAL(ret, 0); + buf_len = strlen((char *) buf) + 1; /* +1 takes the string terminator into account */ + start_buf = buf; + } - pem_len = strlen( (char *) buf ); + TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len); - // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); - } +exit: + mbedtls_free(buf); + mbedtls_free(check_buf); + mbedtls_pk_free(&key); + USE_PSA_DONE(); +} +/* END_HEADER */ - f = fopen( key_file, "r" ); - TEST_ASSERT( f != NULL ); - ilen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO + * END_DEPENDENCIES + */ - TEST_ASSERT( ilen == pem_len ); - TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 ); +/* BEGIN_CASE */ +void pk_write_pubkey_check(char *key_file, int is_der) +{ + pk_write_check_common(key_file, 1, is_der); + goto exit; /* make the compiler happy */ +} +/* END_CASE */ -exit: - mbedtls_pk_free( &key ); +/* BEGIN_CASE */ +void pk_write_key_check(char *key_file, int is_der) +{ + pk_write_check_common(key_file, 0, is_der); + goto exit; /* make the compiler happy */ } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_key_check( char * key_file ) +/* BEGIN_CASE */ +void pk_write_public_from_private(char *priv_key_file, char *pub_key_file) { - mbedtls_pk_context key; - unsigned char buf[5000]; - unsigned char check_buf[5000]; - int ret; - FILE *f; - size_t ilen, pem_len, buf_index; + mbedtls_pk_context priv_key; + uint8_t *derived_key_raw = NULL; + size_t derived_key_len = 0; + uint8_t *pub_key_raw = NULL; + size_t pub_key_len = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ - memset( buf, 0, sizeof( buf ) ); - memset( check_buf, 0, sizeof( check_buf ) ); + mbedtls_pk_init(&priv_key); + USE_PSA_INIT(); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_EQUAL(mbedtls_pk_parse_keyfile(&priv_key, priv_key_file, NULL), 0); + TEST_EQUAL(mbedtls_pk_load_file(pub_key_file, &pub_key_raw, + &pub_key_len), 0); - ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf )); - TEST_ASSERT( ret == 0 ); + derived_key_len = pub_key_len; + TEST_CALLOC(derived_key_raw, derived_key_len); - pem_len = strlen( (char *) buf ); + TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw, + derived_key_len), pub_key_len); - // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); - } + TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len, + pub_key_raw, pub_key_len); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_platform_zeroize(derived_key_raw, derived_key_len); + + TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id, + PSA_ALG_NONE), 0); - f = fopen( key_file, "r" ); - TEST_ASSERT( f != NULL ); - ilen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); + TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw, + derived_key_len), pub_key_len); - TEST_ASSERT( ilen == strlen( (char *) buf ) ); - TEST_ASSERT( memcmp( (char *) buf, (char *) check_buf, ilen ) == 0 ); + TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len, + pub_key_raw, pub_key_len); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ exit: - mbedtls_pk_free( &key ); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key(opaque_key_id); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_free(derived_key_raw); + mbedtls_free(pub_key_raw); + mbedtls_pk_free(&priv_key); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.data b/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.data new file mode 100644 index 00000000000..891771b9191 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.data @@ -0,0 +1,114 @@ +# The test cases for printf and integers have two purposes: they exercise +# the printf function family, and they exercise the passing of integers +# and strings through the test framework. + +printf "%d", 0 +printf_int:"%d":0:"0" + +printf "%d", -0 +printf_int:"%d":-0:"0" + +printf "%d", 0x0 +printf_int:"%d":0x0:"0" + +printf "%d", 0x00 +printf_int:"%d":0x00:"0" + +printf "%d", 0x000000000000000000000000000000000000000000 +printf_int:"%d":0x000000000000000000000000000000000000000000:"0" + +printf "%d", -0x0 +printf_int:"%d":-0x0:"0" + +printf "%d", 1 +printf_int:"%d":1:"1" + +printf "%d", 0x1 +printf_int:"%d":0x1:"1" + +printf "%d", 0x0000000000000000000000000000000000000000001 +printf_int:"%d":0x0000000000000000000000000000000000000000001:"1" + +printf "%d", -1 +printf_int:"%d":-1:"-1" + +printf "%d", -0x1 +printf_int:"%d":-0x1:"-1" + +printf "%d", -0x0000000000000000000000000000000000000000001 +printf_int:"%d":-0x0000000000000000000000000000000000000000001:"-1" + +printf "%d", 2147483647 +printf_int:"%d":2147483647:"2147483647" + +printf "%d", 0x7fffffff +printf_int:"%d":0x7fffffff:"2147483647" + +printf "%d", -2147483647 +printf_int:"%d":-2147483647:"-2147483647" + +printf "%d", -0x7fffffff +printf_int:"%d":-0x7fffffff:"-2147483647" + +printf "%d", -2147483648 +printf_int:"%d":-2147483648:"-2147483648" + +printf "%d", -0x80000000 +printf_int:"%d":-0x80000000:"-2147483648" + +# Test that LONG_MAX is coming out untruncated through the test framework. +printf "%lx", LONG_MAX +printf_long_max:"%lx":LONG_MAX + +# The next few test cases exercise how the test framework handles special +# characters in strings. +printf "%c%c", SPACE, SPACE +printf_char2:"%c%c":SPACE_CHAR:SPACE_CHAR:" " + +printf "%c%c", NEWLINE, SPACE +printf_char2:"%c%c":NEWLINE_CHAR:SPACE_CHAR:"\n " + +printf "%c%c", DOUBLE QUOTE, SPACE +printf_char2:"%c%c":DOUBLE_QUOTE_CHAR:SPACE_CHAR:"\" " + +printf "%c%c", COLON, SPACE +printf_char2:"%c%c":COLON_CHAR:SPACE_CHAR:"\: " + +printf "%c%c", QUESTION, SPACE +printf_char2:"%c%c":QUESTION_CHAR:SPACE_CHAR:"? " + +printf "%c%c", BACKSLASH, SPACE +printf_char2:"%c%c":BACKSLASH_CHAR:SPACE_CHAR:"\\ " + +printf "%c%c", SPACE, BACKSLASH +printf_char2:"%c%c":SPACE_CHAR:BACKSLASH_CHAR:" \\" + +printf "%c%c", COLON, COLON +printf_char2:"%c%c":COLON_CHAR:COLON_CHAR:"\:\:" + +printf "%c%c", COLON, NEWLINE +printf_char2:"%c%c":COLON_CHAR:NEWLINE_CHAR:"\:\n" + +printf "%c%c", QUESTION, QUESTION +printf_char2:"%c%c":QUESTION_CHAR:QUESTION_CHAR:"??" + +printf "%c%c", QUESTION, NEWLINE +printf_char2:"%c%c":QUESTION_CHAR:NEWLINE_CHAR:"?\n" + +printf "%c%c", BACKSLASH, NEWLINE +printf_char2:"%c%c":BACKSLASH_CHAR:NEWLINE_CHAR:"\\\n" + +printf "%c%c", BACKSLASH, DOUBLE QUOTE +printf_char2:"%c%c":BACKSLASH_CHAR:DOUBLE_QUOTE_CHAR:"\\\"" + +printf "%c%c", BACKSLASH, COLON +printf_char2:"%c%c":BACKSLASH_CHAR:COLON_CHAR:"\\\:" + +printf "%c%c", BACKSLASH, QUESTION +printf_char2:"%c%c":BACKSLASH_CHAR:QUESTION_CHAR:"\\?" + +printf "%c%c", BACKSLASH, BACKSLASH +printf_char2:"%c%c":BACKSLASH_CHAR:BACKSLASH_CHAR:"\\\\" + +printf "%c%c", BACKSLASH, n +printf_char2:"%c%c":BACKSLASH_CHAR:LOWERCASE_N_CHAR:"\\n" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.function b/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.function new file mode 100644 index 00000000000..643accf1f73 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_platform_printf.function @@ -0,0 +1,89 @@ +/* BEGIN_HEADER */ + +/* The printf test functions take a format argument from the test data + * for several reasons: + * - For some tests, it makes sense to vary the format. + * - For all tests, it means we're testing the actual printf function + * that parses the format at runtime, and not a compiler optimization. + * (It may be useful to add tests that allow compiler optimizations. + * There aren't any yet at the time of writing.) + */ + +#include "mbedtls/platform.h" + +#include +#include +#include + +#define NEWLINE_CHAR '\n' +#define SPACE_CHAR ' ' +#define DOUBLE_QUOTE_CHAR '"' +#define COLON_CHAR ':' +#define QUESTION_CHAR '?' +#define BACKSLASH_CHAR '\\' +#define LOWERCASE_N_CHAR 'n' +/* END_HEADER */ + +/* BEGIN_CASE */ +void printf_int(char *format, /* any format expecting one int argument, e.g. "%d" */ + int x, char *result) +{ + char *output = NULL; + const size_t n = strlen(result); + + /* Nominal case: buffer just large enough */ + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, x)); + TEST_MEMORY_COMPARE(result, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void printf_long_max(const char *format, /* "%lx" or longer type */ + long value) +{ + char *expected = NULL; + char *output = NULL; + /* 2 hex digits per byte */ + const size_t n = sizeof(value) * 2; + + /* We assume that long has no padding bits! */ + TEST_CALLOC(expected, n + 1); + expected[0] = '7'; + memset(expected + 1, 'f', sizeof(value) * 2 - 1); + + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, value)); + TEST_MEMORY_COMPARE(expected, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); + mbedtls_free(expected); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void printf_char2(char *format, /* "%c%c" */ + int arg1, int arg2, char *result) +{ + char *output = NULL; + const size_t n = strlen(result); + + /* Nominal case: buffer just large enough */ + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, arg1, arg2)); + TEST_MEMORY_COMPARE(result, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_poly1305.function b/third_party/mbedtls/repo/tests/suites/test_suite_poly1305.function index 4b8995b6099..c391c8627cf 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_poly1305.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_poly1305.function @@ -9,35 +9,35 @@ */ /* BEGIN_CASE */ -void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str ) +void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) { unsigned char mac[16]; /* size set by the standard */ mbedtls_poly1305_context ctx; - memset( mac, 0x00, sizeof( mac ) ); + memset(mac, 0x00, sizeof(mac)); /* * Test the integrated API */ - TEST_ASSERT( mbedtls_poly1305_mac( key->x, src_str->x, - src_str->len, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_mac(key->x, src_str->x, + src_str->len, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API */ - mbedtls_poly1305_init( &ctx ); + mbedtls_poly1305_init(&ctx); - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, src_str->len ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, src_str->len) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API again, piecewise @@ -45,37 +45,35 @@ void mbedtls_poly1305( data_t *key, data_t *expected_mac, data_t *src_str ) /* Don't free/init the context, in order to test that starts() does the * right thing. */ - if( src_str->len >= 1 ) - { - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + if (src_str->len >= 1) { + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, src_str->len - 1 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, src_str->len - 1) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } /* * Again with more pieces */ - if( src_str->len >= 2 ) - { - TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 ); + if (src_str->len >= 2) { + TEST_ASSERT(mbedtls_poly1305_starts(&ctx, key->x) == 0); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, 1 ) == 0 ); - TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 2, src_str->len - 2 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 1, 1) == 0); + TEST_ASSERT(mbedtls_poly1305_update(&ctx, src_str->x + 2, src_str->len - 2) == 0); - TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE( mac, expected_mac->len, - expected_mac->x, expected_mac->len ); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } - mbedtls_poly1305_free( &ctx ); + mbedtls_poly1305_free(&ctx); } /* END_CASE */ @@ -85,33 +83,33 @@ void poly1305_bad_params() unsigned char src[1]; unsigned char key[32]; unsigned char mac[16]; - size_t src_len = sizeof( src ); + size_t src_len = sizeof(src); mbedtls_poly1305_context ctx; - TEST_INVALID_PARAM( mbedtls_poly1305_init( NULL ) ); - TEST_VALID_PARAM( mbedtls_poly1305_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_poly1305_init(NULL)); + TEST_VALID_PARAM(mbedtls_poly1305_free(NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( NULL, key ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_starts( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_starts(NULL, key)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_starts(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( NULL, src, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_update( &ctx, NULL, src_len ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_update(NULL, src, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_update(&ctx, NULL, src_len)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( NULL, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_finish( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_finish(NULL, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_finish(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( NULL, src, 0, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, NULL, src_len, mac ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, - mbedtls_poly1305_mac( key, src, 0, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(NULL, src, 0, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(key, NULL, src_len, mac)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA, + mbedtls_poly1305_mac(key, src, 0, NULL)); exit: return; @@ -121,6 +119,6 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void poly1305_selftest() { - TEST_ASSERT( mbedtls_poly1305_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_poly1305_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.data index c666d4a14f0..03cc2ffe67e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.data @@ -1541,23 +1541,27 @@ cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf PSA symmetric encrypt: AES-ECB, 0 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" +cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" PSA symmetric encrypt: AES-ECB, 16 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" +cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" PSA symmetric encrypt: AES-ECB, 32 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES -cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" +cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" +cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"c78e2b38139610e3":"5d0652429c5b0ac7" PSA symmetric encrypt: 3-key 3DES-ECB, 8 bytes, good depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES -cipher_encrypt_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" +cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"c78e2b38139610e3":"817ca7d69b80d86a" + +PSA symmetric encrypt: 128-bit ARC4, 16 bytes, good +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +cipher_alg_without_iv:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_ARC4:"0102030405060708090a0b0c0d0e0f10":"00000000000000000000000000000000":"9ac7cc9a609d1ef7b2932899cde41b97" PSA symmetric encrypt validation: AES-CBC-nopad, 16 bytes, good depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES @@ -2424,7 +2428,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20) -depends_on:MBEDTLS_CHACHA20_C +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw @@ -2512,7 +2516,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign hash: deterministic ECDSA SECP384R1 SHA-256 @@ -2780,7 +2784,7 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TY sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548" PSA sign message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066" PSA sign message: deterministic ECDSA SECP384R1 SHA-256 @@ -2900,7 +2904,7 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAI sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.function index eb9458fdeeb..0db5bff79af 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto.function @@ -4,6 +4,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" +#include "common.h" /* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random() * uses mbedtls_ctr_drbg internally. */ @@ -21,8 +22,8 @@ /* Assert that an operation is (not) active. * This serves as a proxy for checking if the operation is aborted. */ -#define ASSERT_OPERATION_IS_ACTIVE( operation ) TEST_ASSERT( operation.id != 0 ) -#define ASSERT_OPERATION_IS_INACTIVE( operation ) TEST_ASSERT( operation.id == 0 ) +#define ASSERT_OPERATION_IS_ACTIVE(operation) TEST_ASSERT(operation.id != 0) +#define ASSERT_OPERATION_IS_INACTIVE(operation) TEST_ASSERT(operation.id == 0) /** An invalid export length that will never be set by psa_export_key(). */ static const size_t INVALID_EXPORT_LENGTH = ~0U; @@ -38,50 +39,54 @@ static const size_t INVALID_EXPORT_LENGTH = ~0U; * \return 1 if the buffer is all-bits-zero. * \return 0 if there is at least one nonzero byte. */ -static int mem_is_char( void *buffer, unsigned char c, size_t size ) +static int mem_is_char(void *buffer, unsigned char c, size_t size) { size_t i; - for( i = 0; i < size; i++ ) - { - if( ( (unsigned char *) buffer )[i] != c ) - return( 0 ); + for (i = 0; i < size; i++) { + if (((unsigned char *) buffer)[i] != c) { + return 0; + } } - return( 1 ); + return 1; } - +#if defined(MBEDTLS_ASN1_WRITE_C) /* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */ -static int asn1_write_10x( unsigned char **p, - unsigned char *start, - size_t bits, - unsigned char x ) +static int asn1_write_10x(unsigned char **p, + unsigned char *start, + size_t bits, + unsigned char x) { int ret; int len = bits / 8 + 1; - if( bits == 0 ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - if( bits <= 8 && x >= 1 << ( bits - 1 ) ) - return( MBEDTLS_ERR_ASN1_INVALID_DATA ); - if( *p < start || *p - start < (ptrdiff_t) len ) - return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + if (bits == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if (bits <= 8 && x >= 1 << (bits - 1)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if (*p < start || *p - start < (ptrdiff_t) len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } *p -= len; - ( *p )[len-1] = x; - if( bits % 8 == 0 ) - ( *p )[1] |= 1; - else - ( *p )[0] |= 1 << ( bits % 8 ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, - MBEDTLS_ASN1_INTEGER ) ); - return( len ); + (*p)[len-1] = x; + if (bits % 8 == 0) { + (*p)[1] |= 1; + } else { + (*p)[0] |= 1 << (bits % 8); + } + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_INTEGER)); + return len; } -static int construct_fake_rsa_key( unsigned char *buffer, - size_t buffer_size, - unsigned char **p, - size_t bits, - int keypair ) +static int construct_fake_rsa_key(unsigned char *buffer, + size_t buffer_size, + unsigned char **p, + size_t bits, + int keypair) { - size_t half_bits = ( bits + 1 ) / 2; + size_t half_bits = (bits + 1) / 2; int ret; int len = 0; /* Construct something that looks like a DER encoding of @@ -102,133 +107,132 @@ static int construct_fake_rsa_key( unsigned char *buffer, * version, modulus and publicExponent. */ *p = buffer + buffer_size; - if( keypair ) - { - MBEDTLS_ASN1_CHK_ADD( len, /* pq */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* dq */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* dp */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* q */ - asn1_write_10x( p, buffer, half_bits, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */ - asn1_write_10x( p, buffer, half_bits, 3 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* d */ - asn1_write_10x( p, buffer, bits, 1 ) ); + if (keypair) { + MBEDTLS_ASN1_CHK_ADD(len, /* pq */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* dq */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* dp */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* q */ + asn1_write_10x(p, buffer, half_bits, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* p != q to pass mbedtls sanity checks */ + asn1_write_10x(p, buffer, half_bits, 3)); + MBEDTLS_ASN1_CHK_ADD(len, /* d */ + asn1_write_10x(p, buffer, bits, 1)); + } + MBEDTLS_ASN1_CHK_ADD(len, /* e = 65537 */ + asn1_write_10x(p, buffer, 17, 1)); + MBEDTLS_ASN1_CHK_ADD(len, /* n */ + asn1_write_10x(p, buffer, bits, 1)); + if (keypair) { + MBEDTLS_ASN1_CHK_ADD(len, /* version = 0 */ + mbedtls_asn1_write_int(p, buffer, 0)); } - MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */ - asn1_write_10x( p, buffer, 17, 1 ) ); - MBEDTLS_ASN1_CHK_ADD( len, /* n */ - asn1_write_10x( p, buffer, bits, 1 ) ); - if( keypair ) - MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */ - mbedtls_asn1_write_int( p, buffer, 0 ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buffer, len)); { const unsigned char tag = MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE; - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) ); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buffer, tag)); } - return( len ); + return len; } - -int exercise_mac_setup( psa_key_type_t key_type, - const unsigned char *key_bytes, - size_t key_length, - psa_algorithm_t alg, - psa_mac_operation_t *operation, - psa_status_t *status ) +#endif /* MBEDTLS_ASN1_WRITE_C */ + +int exercise_mac_setup(psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_mac_operation_t *operation, + psa_status_t *status) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); - *status = psa_mac_sign_setup( operation, key, alg ); + *status = psa_mac_sign_setup(operation, key, alg); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_mac_abort( operation ) ); + PSA_ASSERT(psa_mac_abort(operation)); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ - if( *status != PSA_SUCCESS ) - { - TEST_EQUAL( psa_mac_sign_setup( operation, key, alg ), *status ); + if (*status != PSA_SUCCESS) { + TEST_EQUAL(psa_mac_sign_setup(operation, key, alg), *status); } - psa_destroy_key( key ); - return( 1 ); + psa_destroy_key(key); + return 1; exit: - psa_destroy_key( key ); - return( 0 ); + psa_destroy_key(key); + return 0; } -int exercise_cipher_setup( psa_key_type_t key_type, - const unsigned char *key_bytes, - size_t key_length, - psa_algorithm_t alg, - psa_cipher_operation_t *operation, - psa_status_t *status ) +int exercise_cipher_setup(psa_key_type_t key_type, + const unsigned char *key_bytes, + size_t key_length, + psa_algorithm_t alg, + psa_cipher_operation_t *operation, + psa_status_t *status) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_bytes, key_length, &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_bytes, key_length, &key)); - *status = psa_cipher_encrypt_setup( operation, key, alg ); + *status = psa_cipher_encrypt_setup(operation, key, alg); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_cipher_abort( operation ) ); + PSA_ASSERT(psa_cipher_abort(operation)); /* If setup failed, reproduce the failure, so that the caller can * test the resulting state of the operation object. */ - if( *status != PSA_SUCCESS ) - { - TEST_EQUAL( psa_cipher_encrypt_setup( operation, key, alg ), - *status ); + if (*status != PSA_SUCCESS) { + TEST_EQUAL(psa_cipher_encrypt_setup(operation, key, alg), + *status); } - psa_destroy_key( key ); - return( 1 ); + psa_destroy_key(key); + return 1; exit: - psa_destroy_key( key ); - return( 0 ); + psa_destroy_key(key); + return 0; } -static int test_operations_on_invalid_key( mbedtls_svc_key_id_t key ) +static int test_operations_on_invalid_key(mbedtls_svc_key_id_t key) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 0x6964 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 0x6964); uint8_t buffer[1]; size_t length; int ok = 0; - psa_set_key_id( &attributes, key_id ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, PSA_ALG_CTR ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_AES ); - TEST_EQUAL( psa_get_key_attributes( key, &attributes ), - PSA_ERROR_INVALID_HANDLE ); + psa_set_key_id(&attributes, key_id); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, PSA_ALG_CTR); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + TEST_EQUAL(psa_get_key_attributes(key, &attributes), + PSA_ERROR_INVALID_HANDLE); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - - TEST_EQUAL( psa_export_key( key, buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_export_public_key( key, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_INVALID_HANDLE ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); + + TEST_EQUAL(psa_export_key(key, buffer, sizeof(buffer), &length), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_export_public_key(key, + buffer, sizeof(buffer), &length), + PSA_ERROR_INVALID_HANDLE); ok = 1; @@ -237,34 +241,34 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } /* Assert that a key isn't reported as having a slot number. */ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define ASSERT_NO_SLOT_NUMBER( attributes ) \ +#define ASSERT_NO_SLOT_NUMBER(attributes) \ do \ { \ psa_key_slot_number_t ASSERT_NO_SLOT_NUMBER_slot_number; \ - TEST_EQUAL( psa_get_key_slot_number( \ - attributes, \ - &ASSERT_NO_SLOT_NUMBER_slot_number ), \ - PSA_ERROR_INVALID_ARGUMENT ); \ + TEST_EQUAL(psa_get_key_slot_number( \ + attributes, \ + &ASSERT_NO_SLOT_NUMBER_slot_number), \ + PSA_ERROR_INVALID_ARGUMENT); \ } \ - while( 0 ) + while (0) #else /* MBEDTLS_PSA_CRYPTO_SE_C */ -#define ASSERT_NO_SLOT_NUMBER( attributes ) \ - ( (void) 0 ) +#define ASSERT_NO_SLOT_NUMBER(attributes) \ + ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't * care about the value anyway. */ -#define KEY_BITS_FROM_DATA( type, data ) \ - ( data )->len +#define KEY_BITS_FROM_DATA(type, data) \ + (data)->len typedef enum { IMPORT_KEY = 0, @@ -280,7 +284,7 @@ typedef enum { */ /* BEGIN_CASE */ -void static_checks( ) +void static_checks() { size_t max_truncated_mac_size = PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET; @@ -288,75 +292,75 @@ void static_checks( ) /* Check that the length for a truncated MAC always fits in the algorithm * encoding. The shifted mask is the maximum truncated value. The * untruncated algorithm may be one byte larger. */ - TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size ); + TEST_LE_U(PSA_MAC_MAX_SIZE, 1 + max_truncated_mac_size); #if defined(MBEDTLS_TEST_DEPRECATED) /* Check deprecated constants. */ - TEST_EQUAL( PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR ); - TEST_EQUAL( PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS ); - TEST_EQUAL( PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA ); - TEST_EQUAL( PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED ); - TEST_EQUAL( PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH ); - TEST_EQUAL( PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH ); - TEST_EQUAL( PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE ); - - TEST_EQUAL( PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY ); - TEST_EQUAL( PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY ); - - TEST_EQUAL( PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2 ); - TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); - TEST_EQUAL( PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY ); - - TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919 ); - - TEST_EQUAL( PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM ); + TEST_EQUAL(PSA_ERROR_UNKNOWN_ERROR, PSA_ERROR_GENERIC_ERROR); + TEST_EQUAL(PSA_ERROR_OCCUPIED_SLOT, PSA_ERROR_ALREADY_EXISTS); + TEST_EQUAL(PSA_ERROR_EMPTY_SLOT, PSA_ERROR_DOES_NOT_EXIST); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_CAPACITY, PSA_ERROR_INSUFFICIENT_DATA); + TEST_EQUAL(PSA_ERROR_TAMPERING_DETECTED, PSA_ERROR_CORRUPTION_DETECTED); + TEST_EQUAL(PSA_KEY_USAGE_SIGN, PSA_KEY_USAGE_SIGN_HASH); + TEST_EQUAL(PSA_KEY_USAGE_VERIFY, PSA_KEY_USAGE_VERIFY_HASH); + TEST_EQUAL(PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE, PSA_SIGNATURE_MAX_SIZE); + + TEST_EQUAL(PSA_ECC_CURVE_SECP160K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP192K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP224K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP256K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP160R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP192R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP224R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP256R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP384R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP521R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP160R2, PSA_ECC_FAMILY_SECP_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT163K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT233K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT239K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT283K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT409K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT571K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT163R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT193R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT233R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT283R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT409R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT571R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT163R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT193R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY); + TEST_EQUAL(PSA_ECC_CURVE_CURVE448, PSA_ECC_FAMILY_MONTGOMERY); + + TEST_EQUAL(PSA_ECC_CURVE_SECP_K1, PSA_ECC_FAMILY_SECP_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECP_R1, PSA_ECC_FAMILY_SECP_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECP_R2, PSA_ECC_FAMILY_SECP_R2); + TEST_EQUAL(PSA_ECC_CURVE_SECT_K1, PSA_ECC_FAMILY_SECT_K1); + TEST_EQUAL(PSA_ECC_CURVE_SECT_R1, PSA_ECC_FAMILY_SECT_R1); + TEST_EQUAL(PSA_ECC_CURVE_SECT_R2, PSA_ECC_FAMILY_SECT_R2); + TEST_EQUAL(PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1); + TEST_EQUAL(PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY); + + TEST_EQUAL(PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919); + + TEST_EQUAL(PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919); + TEST_EQUAL(PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM); #endif } /* END_CASE */ /* BEGIN_CASE */ -void import_with_policy( int type_arg, - int usage_arg, int alg_arg, - int expected_status_arg ) +void import_with_policy(int type_arg, + int usage_arg, int alg_arg, + int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -365,48 +369,49 @@ void import_with_policy( int type_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; - const uint8_t key_material[16] = {0}; + const uint8_t key_material[16] = { 0 }; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); - status = psa_import_key( &attributes, - key_material, sizeof( key_material ), - &key ); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + status = psa_import_key(&attributes, + key_material, sizeof(key_material), + &key); + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), - mbedtls_test_update_key_usage_flags( usage ) ); - TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_usage_flags(&got_attributes), + mbedtls_test_update_key_usage_flags(usage)); + TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg); + ASSERT_NO_SLOT_NUMBER(&got_attributes); - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_with_data( data_t *data, int type_arg, - int attr_bits_arg, - int expected_status_arg ) +void import_with_data(data_t *data, int type_arg, + int attr_bits_arg, + int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -416,40 +421,43 @@ void import_with_data( data_t *data, int type_arg, psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, attr_bits ); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, attr_bits); - status = psa_import_key( &attributes, data->x, data->len, &key ); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + status = psa_import_key(&attributes, data->x, data->len, &key); + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - if( attr_bits != 0 ) - TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + if (attr_bits != 0) { + TEST_EQUAL(attr_bits, psa_get_key_bits(&got_attributes)); + } + ASSERT_NO_SLOT_NUMBER(&got_attributes); - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_large_key( int type_arg, int byte_size_arg, - int expected_status_arg ) +/* Construct and attempt to import a large unstructured key. */ +void import_large_key(int type_arg, int byte_size_arg, + int expected_status_arg) { psa_key_type_t type = type_arg; size_t byte_size = byte_size_arg; @@ -462,32 +470,33 @@ void import_large_key( int type_arg, int byte_size_arg, size_t n; /* Skip the test case if the target running the test cannot - * accomodate large keys due to heap size constraints */ - ASSERT_ALLOC_WEAK( buffer, buffer_size ); - memset( buffer, 'K', byte_size ); + * accommodate large keys due to heap size constraints */ + TEST_CALLOC_OR_SKIP(buffer, buffer_size); + memset(buffer, 'K', byte_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Try importing the key */ - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, buffer, byte_size, &key ); - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status, expected_status ); - - if( status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - PSA_BYTES_TO_BITS( byte_size ) ); - ASSERT_NO_SLOT_NUMBER( &attributes ); - memset( buffer, 0, byte_size + 1 ); - PSA_ASSERT( psa_export_key( key, buffer, byte_size, &n ) ); - for( n = 0; n < byte_size; n++ ) - TEST_EQUAL( buffer[n], 'K' ); - for( n = byte_size; n < buffer_size; n++ ) - TEST_EQUAL( buffer[n], 0 ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, type); + status = psa_import_key(&attributes, buffer, byte_size, &key); + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + TEST_EQUAL(status, expected_status); + + if (status == PSA_SUCCESS) { + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), + PSA_BYTES_TO_BITS(byte_size)); + ASSERT_NO_SLOT_NUMBER(&attributes); + memset(buffer, 0, byte_size + 1); + PSA_ASSERT(psa_export_key(key, buffer, byte_size, &n)); + for (n = 0; n < byte_size; n++) { + TEST_EQUAL(buffer[n], 'K'); + } + for (n = byte_size; n < buffer_size; n++) { + TEST_EQUAL(buffer[n], 0); + } } exit: @@ -495,16 +504,19 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( buffer ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(buffer); } /* END_CASE */ -/* BEGIN_CASE */ -void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C */ +/* Import an RSA key with a valid structure (but not valid numbers + * inside, beyond having sensible size and parity). This is expected to + * fail for large keys. */ +void import_rsa_made_up(int bits_arg, int keypair, int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t bits = bits_arg; @@ -513,42 +525,44 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg ) psa_key_type_t type = keypair ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY; size_t buffer_size = /* Slight overapproximations */ - keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; + keypair ? bits * 9 / 16 + 80 : bits / 8 + 20; unsigned char *buffer = NULL; unsigned char *p; int ret; size_t length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( buffer, buffer_size ); + PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(buffer, buffer_size); - TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p, - bits, keypair ) ) >= 0 ); + TEST_ASSERT((ret = construct_fake_rsa_key(buffer, buffer_size, &p, + bits, keypair)) >= 0); length = ret; /* Try importing the key */ - psa_set_key_type( &attributes, type ); - status = psa_import_key( &attributes, p, length, &key ); - TEST_EQUAL( status, expected_status ); + psa_set_key_type(&attributes, type); + status = psa_import_key(&attributes, p, length, &key); + TEST_EQUAL(status, expected_status); - if( status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( key ) ); + if (status == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(key)); + } exit: - mbedtls_free( buffer ); - PSA_DONE( ); + mbedtls_free(buffer); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export( data_t *data, - int type_arg, - int usage_arg, int alg_arg, - int expected_bits, - int export_size_delta, - int expected_export_status_arg, - int canonical_input ) +void import_export(data_t *data, + int type_arg, + int usage_arg, int alg_arg, + int expected_bits, + int export_size_delta, + int expected_export_status_arg, + /*whether reexport must give the original input exactly*/ + int canonical_input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -564,39 +578,39 @@ void import_export( data_t *data, psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; - ASSERT_ALLOC( exported, export_size ); - if( ! canonical_input ) - ASSERT_ALLOC( reexported, export_size ); - PSA_ASSERT( psa_crypto_init( ) ); + TEST_CALLOC(exported, export_size); + if (!canonical_input) { + TEST_CALLOC(reexported, export_size); + } + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage_arg ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, usage_arg); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), (size_t) expected_bits ); - ASSERT_NO_SLOT_NUMBER( &got_attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), (size_t) expected_bits); + ASSERT_NO_SLOT_NUMBER(&got_attributes); /* Export the key */ - status = psa_export_key( key, exported, export_size, &exported_length ); - TEST_EQUAL( status, expected_export_status ); + status = psa_export_key(key, exported, export_size, &exported_length); + TEST_EQUAL(status, expected_export_status); /* The exported length must be set by psa_export_key() to a value between 0 * and export_size. On errors, the exported length must be 0. */ - TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH ); - TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 ); - TEST_ASSERT( exported_length <= export_size ); - - TEST_ASSERT( mem_is_char( exported + exported_length, 0, - export_size - exported_length ) ); - if( status != PSA_SUCCESS ) - { - TEST_EQUAL( exported_length, 0 ); + TEST_ASSERT(exported_length != INVALID_EXPORT_LENGTH); + TEST_ASSERT(status == PSA_SUCCESS || exported_length == 0); + TEST_LE_U(exported_length, export_size); + + TEST_ASSERT(mem_is_char(exported + exported_length, 0, + export_size - exported_length)); + if (status != PSA_SUCCESS) { + TEST_EQUAL(exported_length, 0); goto destroy; } @@ -604,54 +618,54 @@ void import_export( data_t *data, * this validates the canonical representations. For canonical inputs, * this doesn't directly validate the implementation, but it still helps * by cross-validating the test data with the sanity check code. */ - if( ! mbedtls_test_psa_exercise_key( key, usage_arg, 0 ) ) + if (!mbedtls_test_psa_exercise_key(key, usage_arg, 0)) { goto exit; + } - if( canonical_input ) - ASSERT_COMPARE( data->x, data->len, exported, exported_length ); - else - { + if (canonical_input) { + TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length); + } else { mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; - PSA_ASSERT( psa_import_key( &attributes, exported, exported_length, - &key2 ) ); - PSA_ASSERT( psa_export_key( key2, - reexported, - export_size, - &reexported_length ) ); - ASSERT_COMPARE( exported, exported_length, - reexported, reexported_length ); - PSA_ASSERT( psa_destroy_key( key2 ) ); + PSA_ASSERT(psa_import_key(&attributes, exported, exported_length, + &key2)); + PSA_ASSERT(psa_export_key(key2, + reexported, + export_size, + &reexported_length)); + TEST_MEMORY_COMPARE(exported, exported_length, + reexported, reexported_length); + PSA_ASSERT(psa_destroy_key(key2)); } - TEST_ASSERT( exported_length <= - PSA_EXPORT_KEY_OUTPUT_SIZE( type, - psa_get_key_bits( &got_attributes ) ) ); - TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE ); + TEST_ASSERT(exported_length <= + PSA_EXPORT_KEY_OUTPUT_SIZE(type, + psa_get_key_bits(&got_attributes))); + TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); destroy: /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - mbedtls_free( exported ); - mbedtls_free( reexported ); - PSA_DONE( ); + mbedtls_free(exported); + mbedtls_free(reexported); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export_public_key( data_t *data, - int type_arg, - int alg_arg, - int export_size_delta, - int expected_export_status_arg, - data_t *expected_public_key ) +void import_export_public_key(data_t *data, + int type_arg, // key pair or public key + int alg_arg, + int export_size_delta, + int expected_export_status_arg, + data_t *expected_public_key) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -663,35 +677,34 @@ void import_export_public_key( data_t *data, size_t exported_length = INVALID_EXPORT_LENGTH; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Export the public key */ - ASSERT_ALLOC( exported, export_size ); - status = psa_export_public_key( key, - exported, export_size, - &exported_length ); - TEST_EQUAL( status, expected_export_status ); - if( status == PSA_SUCCESS ) - { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); + TEST_CALLOC(exported, export_size); + status = psa_export_public_key(key, + exported, export_size, + &exported_length); + TEST_EQUAL(status, expected_export_status); + if (status == PSA_SUCCESS) { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type); size_t bits; - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - bits = psa_get_key_bits( &attributes ); - TEST_ASSERT( expected_public_key->len <= - PSA_EXPORT_KEY_OUTPUT_SIZE( public_type, bits ) ); - TEST_ASSERT( expected_public_key->len <= - PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE( public_type, bits ) ); - TEST_ASSERT( expected_public_key->len <= - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE ); - ASSERT_COMPARE( expected_public_key->x, expected_public_key->len, - exported, exported_length ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + bits = psa_get_key_bits(&attributes); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_KEY_OUTPUT_SIZE(public_type, bits)); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, bits)); + TEST_LE_U(expected_public_key->len, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + TEST_MEMORY_COMPARE(expected_public_key->x, expected_public_key->len, + exported, exported_length); } exit: @@ -699,67 +712,68 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(exported); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_and_exercise_key( data_t *data, - int type_arg, - int bits_arg, - int alg_arg ) +void import_and_exercise_key(data_t *data, + int type_arg, + int bits_arg, + int alg_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_algorithm_t alg = alg_arg; - psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise( type, alg ); + psa_key_usage_t usage = mbedtls_test_psa_usage_to_exercise(type, alg); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } - PSA_ASSERT( psa_destroy_key( key ) ); - test_operations_on_invalid_key( key ); + PSA_ASSERT(psa_destroy_key(key)); + test_operations_on_invalid_key(key); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void effective_key_attributes( int type_arg, int expected_type_arg, - int bits_arg, int expected_bits_arg, - int usage_arg, int expected_usage_arg, - int alg_arg, int expected_alg_arg ) +void effective_key_attributes(int type_arg, int expected_type_arg, + int bits_arg, int expected_bits_arg, + int usage_arg, int expected_usage_arg, + int alg_arg, int expected_alg_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = type_arg; @@ -772,89 +786,89 @@ void effective_key_attributes( int type_arg, int expected_type_arg, psa_key_usage_t expected_usage = expected_usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); - psa_reset_key_attributes( &attributes ); + PSA_ASSERT(psa_generate_key(&attributes, &key)); + psa_reset_key_attributes(&attributes); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), expected_key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), expected_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), expected_alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void check_key_policy( int type_arg, int bits_arg, - int usage_arg, int alg_arg ) +void check_key_policy(int type_arg, int bits_arg, + int usage_arg, int alg_arg) { - test_effective_key_attributes( type_arg, type_arg, bits_arg, bits_arg, - usage_arg, - mbedtls_test_update_key_usage_flags( usage_arg ), - alg_arg, alg_arg ); + test_effective_key_attributes(type_arg, type_arg, bits_arg, bits_arg, + usage_arg, + mbedtls_test_update_key_usage_flags(usage_arg), + alg_arg, alg_arg); goto exit; } /* END_CASE */ /* BEGIN_CASE */ -void key_attributes_init( ) +void key_attributes_init() { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need - * to supress the Clang warning for the test. */ - psa_key_attributes_t func = psa_key_attributes_init( ); + * to suppress the Clang warning for the test. */ + psa_key_attributes_t func = psa_key_attributes_init(); psa_key_attributes_t init = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); - TEST_EQUAL( psa_get_key_lifetime( &func ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_lifetime( &init ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_lifetime( &zero ), PSA_KEY_LIFETIME_VOLATILE ); + TEST_EQUAL(psa_get_key_lifetime(&func), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_lifetime(&init), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_lifetime(&zero), PSA_KEY_LIFETIME_VOLATILE); - TEST_EQUAL( psa_get_key_type( &func ), 0 ); - TEST_EQUAL( psa_get_key_type( &init ), 0 ); - TEST_EQUAL( psa_get_key_type( &zero ), 0 ); + TEST_EQUAL(psa_get_key_type(&func), 0); + TEST_EQUAL(psa_get_key_type(&init), 0); + TEST_EQUAL(psa_get_key_type(&zero), 0); - TEST_EQUAL( psa_get_key_bits( &func ), 0 ); - TEST_EQUAL( psa_get_key_bits( &init ), 0 ); - TEST_EQUAL( psa_get_key_bits( &zero ), 0 ); + TEST_EQUAL(psa_get_key_bits(&func), 0); + TEST_EQUAL(psa_get_key_bits(&init), 0); + TEST_EQUAL(psa_get_key_bits(&zero), 0); - TEST_EQUAL( psa_get_key_usage_flags( &func ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &init ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &zero ), 0 ); + TEST_EQUAL(psa_get_key_usage_flags(&func), 0); + TEST_EQUAL(psa_get_key_usage_flags(&init), 0); + TEST_EQUAL(psa_get_key_usage_flags(&zero), 0); - TEST_EQUAL( psa_get_key_algorithm( &func ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &init ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &zero ), 0 ); + TEST_EQUAL(psa_get_key_algorithm(&func), 0); + TEST_EQUAL(psa_get_key_algorithm(&init), 0); + TEST_EQUAL(psa_get_key_algorithm(&zero), 0); } /* END_CASE */ /* BEGIN_CASE */ -void mac_key_policy( int policy_usage_arg, - int policy_alg_arg, - int key_type_arg, - data_t *key_data, - int exercise_alg_arg, - int expected_status_sign_arg, - int expected_status_verify_arg ) +void mac_key_policy(int policy_usage_arg, + int policy_alg_arg, + int key_type_arg, + data_t *key_data, + int exercise_alg_arg, + int expected_status_sign_arg, + int expected_status_verify_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -868,57 +882,58 @@ void mac_key_policy( int policy_usage_arg, psa_status_t expected_status_verify = expected_status_verify_arg; unsigned char mac[PSA_MAC_MAX_SIZE]; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( policy_usage ) ); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(policy_usage)); - status = psa_mac_sign_setup( &operation, key, exercise_alg ); - TEST_EQUAL( status, expected_status_sign ); + status = psa_mac_sign_setup(&operation, key, exercise_alg); + TEST_EQUAL(status, expected_status_sign); /* Calculate the MAC, one-shot case. */ - uint8_t input[128] = {0}; + uint8_t input[128] = { 0 }; size_t mac_len; - TEST_EQUAL( psa_mac_compute( key, exercise_alg, - input, 128, - mac, PSA_MAC_MAX_SIZE, &mac_len ), - expected_status_sign ); + TEST_EQUAL(psa_mac_compute(key, exercise_alg, + input, 128, + mac, PSA_MAC_MAX_SIZE, &mac_len), + expected_status_sign); /* Verify correct MAC, one-shot case. */ - status = psa_mac_verify( key, exercise_alg, input, 128, - mac, mac_len ); + status = psa_mac_verify(key, exercise_alg, input, 128, + mac, mac_len); - if( expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, expected_status_verify ); + if (expected_status_sign != PSA_SUCCESS && expected_status_verify == PSA_SUCCESS) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, expected_status_verify); + } - psa_mac_abort( &operation ); + psa_mac_abort(&operation); - memset( mac, 0, sizeof( mac ) ); - status = psa_mac_verify_setup( &operation, key, exercise_alg ); - TEST_EQUAL( status, expected_status_verify ); + memset(mac, 0, sizeof(mac)); + status = psa_mac_verify_setup(&operation, key, exercise_alg); + TEST_EQUAL(status, expected_status_verify); exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void cipher_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -926,115 +941,119 @@ void cipher_key_policy( int policy_usage_arg, psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage flag implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - status = psa_cipher_encrypt_setup( &operation, key, exercise_alg ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - psa_cipher_abort( &operation ); - - status = psa_cipher_decrypt_setup( &operation, key, exercise_alg ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + status = psa_cipher_encrypt_setup(&operation, key, exercise_alg); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + psa_cipher_abort(&operation); + + status = psa_cipher_decrypt_setup(&operation, key, exercise_alg); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: - psa_cipher_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int nonce_length_arg, - int tag_length_arg, - int exercise_alg, - int expected_status_arg ) +void aead_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int nonce_length_arg, + int tag_length_arg, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t policy_usage = policy_usage_arg; psa_status_t status; psa_status_t expected_status = expected_status_arg; - unsigned char nonce[16] = {0}; + unsigned char nonce[16] = { 0 }; size_t nonce_length = nonce_length_arg; unsigned char tag[16]; size_t tag_length = tag_length_arg; size_t output_length; - TEST_ASSERT( nonce_length <= sizeof( nonce ) ); - TEST_ASSERT( tag_length <= sizeof( tag ) ); + TEST_LE_U(nonce_length, sizeof(nonce)); + TEST_LE_U(tag_length, sizeof(tag)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - status = psa_aead_encrypt( key, exercise_alg, - nonce, nonce_length, - NULL, 0, - NULL, 0, - tag, tag_length, - &output_length ); - if( ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - TEST_EQUAL( status, expected_status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( tag, 0, sizeof( tag ) ); - status = psa_aead_decrypt( key, exercise_alg, - nonce, nonce_length, - NULL, 0, - tag, tag_length, - NULL, 0, - &output_length ); - if( ( policy_usage & PSA_KEY_USAGE_DECRYPT ) == 0 ) - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - else if( expected_status == PSA_SUCCESS ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + status = psa_aead_encrypt(key, exercise_alg, + nonce, nonce_length, + NULL, 0, + NULL, 0, + tag, tag_length, + &output_length); + if ((policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + TEST_EQUAL(status, expected_status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(tag, 0, sizeof(tag)); + status = psa_aead_decrypt(key, exercise_alg, + nonce, nonce_length, + NULL, 0, + tag, tag_length, + NULL, 0, + &output_length); + if ((policy_usage & PSA_KEY_USAGE_DECRYPT) == 0) { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } else if (expected_status == PSA_SUCCESS) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, expected_status); + } exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void asymmetric_encryption_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1045,204 +1064,210 @@ void asymmetric_encryption_key_policy( int policy_usage_arg, unsigned char *buffer = NULL; size_t output_length; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Check if no key usage implication is done */ - TEST_EQUAL( policy_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); - buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, - exercise_alg ); - ASSERT_ALLOC( buffer, buffer_length ); - - status = psa_asymmetric_encrypt( key, exercise_alg, - NULL, 0, - NULL, 0, - buffer, buffer_length, - &output_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - if( buffer_length != 0 ) - memset( buffer, 0, buffer_length ); - status = psa_asymmetric_decrypt( key, exercise_alg, - buffer, buffer_length, - NULL, 0, - buffer, buffer_length, - &output_length ); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(policy_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, + exercise_alg); + TEST_CALLOC(buffer, buffer_length); + + status = psa_asymmetric_encrypt(key, exercise_alg, + NULL, 0, + NULL, 0, + buffer, buffer_length, + &output_length); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + if (buffer_length != 0) { + memset(buffer, 0, buffer_length); + } + status = psa_asymmetric_decrypt(key, exercise_alg, + buffer, buffer_length, + NULL, 0, + buffer, buffer_length, + &output_length); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_PADDING); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( buffer ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(buffer); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_key_policy( int policy_usage_arg, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg, - int payload_length_arg, - int expected_usage_arg ) +void asymmetric_signature_key_policy(int policy_usage_arg, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg, + int payload_length_arg, + int expected_usage_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t policy_usage = policy_usage_arg; psa_key_usage_t expected_usage = expected_usage_arg; psa_status_t status; - unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; /* If `payload_length_arg > 0`, `exercise_alg` is supposed to be * compatible with the policy and `payload_length_arg` is supposed to be * a valid input length to sign. If `payload_length_arg <= 0`, * `exercise_alg` is supposed to be forbidden by the policy. */ int compatible_alg = payload_length_arg > 0; size_t payload_length = compatible_alg ? payload_length_arg : 0; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t signature_length; /* Check if all implicit usage flags are deployed in the expected usage flags. */ - TEST_EQUAL( expected_usage, - mbedtls_test_update_key_usage_flags( policy_usage ) ); - - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); - - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), expected_usage ); - - status = psa_sign_hash( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_HASH ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( signature, 0, sizeof( signature ) ); - status = psa_verify_hash( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ) ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_HASH ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - if( PSA_ALG_IS_SIGN_HASH( exercise_alg ) && - PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( exercise_alg ) ) ) - { - status = psa_sign_message( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); - - memset( signature, 0, sizeof( signature ) ); - status = psa_verify_message( key, exercise_alg, - payload, payload_length, - signature, sizeof( signature ) ); - if( compatible_alg && ( expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) != 0 ) - TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(expected_usage, + mbedtls_test_update_key_usage_flags(policy_usage)); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + + status = psa_sign_hash(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_HASH) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(signature, 0, sizeof(signature)); + status = psa_verify_hash(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature)); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + if (PSA_ALG_IS_SIGN_HASH(exercise_alg) && + PSA_ALG_IS_HASH(PSA_ALG_SIGN_GET_HASH(exercise_alg))) { + status = psa_sign_message(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature), + &signature_length); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } + + memset(signature, 0, sizeof(signature)); + status = psa_verify_message(key, exercise_alg, + payload, payload_length, + signature, sizeof(signature)); + if (compatible_alg && (expected_usage & PSA_KEY_USAGE_VERIFY_MESSAGE) != 0) { + TEST_EQUAL(status, PSA_ERROR_INVALID_SIGNATURE); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } } exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_policy( int policy_usage, - int policy_alg, - int key_type, - data_t *key_data, - int exercise_alg ) +void derive_key_policy(int policy_usage, + int policy_alg, + int key_type, + data_t *key_data, + int exercise_alg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg)); - if( PSA_ALG_IS_TLS12_PRF( exercise_alg ) || - PSA_ALG_IS_TLS12_PSK_TO_MS( exercise_alg ) ) - { - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, - PSA_KEY_DERIVATION_INPUT_SEED, - (const uint8_t*) "", 0) ); + if (PSA_ALG_IS_TLS12_PRF(exercise_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(exercise_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, + PSA_KEY_DERIVATION_INPUT_SEED, + (const uint8_t *) "", 0)); } - status = psa_key_derivation_input_key( &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ); + status = psa_key_derivation_input_key(&operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key); - if( policy_alg == exercise_alg && - ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) - PSA_ASSERT( status ); - else - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DERIVE) != 0) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void agreement_key_policy( int policy_usage, - int policy_alg, - int key_type_arg, - data_t *key_data, - int exercise_alg, - int expected_status_arg ) +void agreement_key_policy(int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1251,30 +1276,30 @@ void agreement_key_policy( int policy_usage, psa_status_t status; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); - status = mbedtls_test_psa_key_agreement_with_self( &operation, key ); + PSA_ASSERT(psa_key_derivation_setup(&operation, exercise_alg)); + status = mbedtls_test_psa_key_agreement_with_self(&operation, key); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_policy_alg2( int key_type_arg, data_t *key_data, - int usage_arg, int alg_arg, int alg2_arg ) +void key_policy_alg2(int key_type_arg, data_t *key_data, + int usage_arg, int alg_arg, int alg2_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1284,46 +1309,48 @@ void key_policy_alg2( int key_type_arg, data_t *key_data, psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Update the usage flags to obtain implicit usage flags */ - usage = mbedtls_test_update_key_usage_flags( usage ); - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( &got_attributes ), usage ); - TEST_EQUAL( psa_get_key_algorithm( &got_attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &got_attributes ), alg2 ); + usage = mbedtls_test_update_key_usage_flags(usage); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(&got_attributes), usage); + TEST_EQUAL(psa_get_key_algorithm(&got_attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&got_attributes), alg2); - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; - if( ! mbedtls_test_psa_exercise_key( key, usage, alg2 ) ) + } + if (!mbedtls_test_psa_exercise_key(key, usage, alg2)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void raw_agreement_key_policy( int policy_usage, - int policy_alg, - int key_type_arg, - data_t *key_data, - int exercise_alg, - int expected_status_arg ) +void raw_agreement_key_policy(int policy_usage, + int policy_alg, + int key_type_arg, + data_t *key_data, + int exercise_alg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1332,35 +1359,35 @@ void raw_agreement_key_policy( int policy_usage, psa_status_t status; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, policy_usage ); - psa_set_key_algorithm( &attributes, policy_alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, policy_usage); + psa_set_key_algorithm(&attributes, policy_alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - status = mbedtls_test_psa_raw_key_agreement_with_self( exercise_alg, key ); + status = mbedtls_test_psa_raw_key_agreement_with_self(exercise_alg, key); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void copy_success( int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int copy_attributes, - int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int expected_usage_arg, - int expected_alg_arg, int expected_alg2_arg ) +void copy_success(int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int copy_attributes, + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1371,195 +1398,199 @@ void copy_success( int source_usage_arg, mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *export_buffer = NULL; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Prepare the source key. */ - psa_set_key_usage_flags( &source_attributes, source_usage_arg ); - psa_set_key_algorithm( &source_attributes, source_alg_arg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &source_key ) ); - PSA_ASSERT( psa_get_key_attributes( source_key, &source_attributes ) ); + psa_set_key_usage_flags(&source_attributes, source_usage_arg); + psa_set_key_algorithm(&source_attributes, source_alg_arg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + psa_set_key_type(&source_attributes, type_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &source_key)); + PSA_ASSERT(psa_get_key_attributes(source_key, &source_attributes)); /* Prepare the target attributes. */ - if( copy_attributes ) - { + if (copy_attributes) { target_attributes = source_attributes; /* Set volatile lifetime to reset the key identifier to 0. */ - psa_set_key_lifetime( &target_attributes, PSA_KEY_LIFETIME_VOLATILE ); + psa_set_key_lifetime(&target_attributes, PSA_KEY_LIFETIME_VOLATILE); } - if( target_usage_arg != -1 ) - psa_set_key_usage_flags( &target_attributes, target_usage_arg ); - if( target_alg_arg != -1 ) - psa_set_key_algorithm( &target_attributes, target_alg_arg ); - if( target_alg2_arg != -1 ) - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + if (target_usage_arg != -1) { + psa_set_key_usage_flags(&target_attributes, target_usage_arg); + } + if (target_alg_arg != -1) { + psa_set_key_algorithm(&target_attributes, target_alg_arg); + } + if (target_alg2_arg != -1) { + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); + } /* Copy the key. */ - PSA_ASSERT( psa_copy_key( source_key, - &target_attributes, &target_key ) ); + PSA_ASSERT(psa_copy_key(source_key, + &target_attributes, &target_key)); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( source_key ) ); + PSA_ASSERT(psa_destroy_key(source_key)); /* Test that the target slot has the expected content and policy. */ - PSA_ASSERT( psa_get_key_attributes( target_key, &target_attributes ) ); - TEST_EQUAL( psa_get_key_type( &source_attributes ), - psa_get_key_type( &target_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &source_attributes ), - psa_get_key_bits( &target_attributes ) ); - TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); - TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); - TEST_EQUAL( expected_alg2, - psa_get_key_enrollment_algorithm( &target_attributes ) ); - if( expected_usage & PSA_KEY_USAGE_EXPORT ) - { + PSA_ASSERT(psa_get_key_attributes(target_key, &target_attributes)); + TEST_EQUAL(psa_get_key_type(&source_attributes), + psa_get_key_type(&target_attributes)); + TEST_EQUAL(psa_get_key_bits(&source_attributes), + psa_get_key_bits(&target_attributes)); + TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes)); + TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes)); + TEST_EQUAL(expected_alg2, + psa_get_key_enrollment_algorithm(&target_attributes)); + if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( target_key, export_buffer, - material->len, &length ) ); - ASSERT_COMPARE( material->x, material->len, - export_buffer, length ); + TEST_CALLOC(export_buffer, material->len); + PSA_ASSERT(psa_export_key(target_key, export_buffer, + material->len, &length)); + TEST_MEMORY_COMPARE(material->x, material->len, + export_buffer, length); } - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg ) ) + if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg)) { goto exit; - if( ! mbedtls_test_psa_exercise_key( target_key, expected_usage, expected_alg2 ) ) + } + if (!mbedtls_test_psa_exercise_key(target_key, expected_usage, expected_alg2)) { goto exit; + } - PSA_ASSERT( psa_destroy_key( target_key ) ); + PSA_ASSERT(psa_destroy_key(target_key)); exit: /* * Source and target key attributes may have been returned by * psa_get_key_attributes() thus reset them as required. */ - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void copy_fail( int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int target_type_arg, int target_bits_arg, - int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int target_id_arg, int target_lifetime_arg, - int expected_status_arg ) +void copy_fail(int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int target_type_arg, int target_bits_arg, + int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int target_id_arg, int target_lifetime_arg, + int expected_status_arg) { psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t source_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t target_key = MBEDTLS_SVC_KEY_ID_INIT; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, target_id_arg ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, target_id_arg); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Prepare the source key. */ - psa_set_key_usage_flags( &source_attributes, source_usage_arg ); - psa_set_key_algorithm( &source_attributes, source_alg_arg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - psa_set_key_type( &source_attributes, type_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &source_key ) ); + psa_set_key_usage_flags(&source_attributes, source_usage_arg); + psa_set_key_algorithm(&source_attributes, source_alg_arg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + psa_set_key_type(&source_attributes, type_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &source_key)); /* Prepare the target attributes. */ - psa_set_key_id( &target_attributes, key_id ); - psa_set_key_lifetime( &target_attributes, target_lifetime_arg ); - psa_set_key_type( &target_attributes, target_type_arg ); - psa_set_key_bits( &target_attributes, target_bits_arg ); - psa_set_key_usage_flags( &target_attributes, target_usage_arg ); - psa_set_key_algorithm( &target_attributes, target_alg_arg ); - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + psa_set_key_id(&target_attributes, key_id); + psa_set_key_lifetime(&target_attributes, target_lifetime_arg); + psa_set_key_type(&target_attributes, target_type_arg); + psa_set_key_bits(&target_attributes, target_bits_arg); + psa_set_key_usage_flags(&target_attributes, target_usage_arg); + psa_set_key_algorithm(&target_attributes, target_alg_arg); + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); /* Try to copy the key. */ - TEST_EQUAL( psa_copy_key( source_key, - &target_attributes, &target_key ), - expected_status_arg ); + TEST_EQUAL(psa_copy_key(source_key, + &target_attributes, &target_key), + expected_status_arg); - PSA_ASSERT( psa_destroy_key( source_key ) ); + PSA_ASSERT(psa_destroy_key(source_key)); exit: - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); - PSA_DONE( ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_operation_init( ) +void hash_operation_init() { const uint8_t input[1] = { 0 }; /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need - * to supress the Clang warning for the test. */ - psa_hash_operation_t func = psa_hash_operation_init( ); + * to suppress the Clang warning for the test. */ + psa_hash_operation_t func = psa_hash_operation_init(); psa_hash_operation_t init = PSA_HASH_OPERATION_INIT; psa_hash_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized hash operation should not be usable. */ - TEST_EQUAL( psa_hash_update( &func, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_update( &init, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_update( &zero, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_hash_update(&func, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_update(&init, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_update(&zero, input, sizeof(input)), + PSA_ERROR_BAD_STATE); /* A default hash operation should be abortable without error. */ - PSA_ASSERT( psa_hash_abort( &func ) ); - PSA_ASSERT( psa_hash_abort( &init ) ); - PSA_ASSERT( psa_hash_abort( &zero ) ); + PSA_ASSERT(psa_hash_abort(&func)); + PSA_ASSERT(psa_hash_abort(&init)); + PSA_ASSERT(psa_hash_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void hash_setup( int alg_arg, - int expected_status_arg ) +void hash_setup(int alg_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_setup( &operation, alg ); - TEST_EQUAL( status, expected_status ); + status = psa_hash_setup(&operation, alg); + TEST_EQUAL(status, expected_status); /* Whether setup succeeded or failed, abort must succeed. */ - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_abort(&operation)); /* If setup failed, reproduce the failure, so as to * test the resulting state of the operation object. */ - if( status != PSA_SUCCESS ) - TEST_EQUAL( psa_hash_setup( &operation, alg ), status ); + if (status != PSA_SUCCESS) { + TEST_EQUAL(psa_hash_setup(&operation, alg), status); + } /* Now the operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_HASH_ALG) - PSA_ASSERT( psa_hash_setup( &operation, KNOWN_SUPPORTED_HASH_ALG ) ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, KNOWN_SUPPORTED_HASH_ALG)); + PSA_ASSERT(psa_hash_abort(&operation)); #endif exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute_fail( int alg_arg, data_t *input, - int output_size_arg, int expected_status_arg ) +void hash_compute_fail(int alg_arg, data_t *input, + int output_size_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; uint8_t *output = NULL; @@ -1568,100 +1599,99 @@ void hash_compute_fail( int alg_arg, data_t *input, psa_status_t expected_status = expected_status_arg; psa_status_t status; - ASSERT_ALLOC( output, output_size ); + TEST_CALLOC(output, output_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_compute( alg, input->x, input->len, - output, output_size, &output_length ); - TEST_EQUAL( status, expected_status ); - TEST_ASSERT( output_length <= output_size ); + status = psa_hash_compute(alg, input->x, input->len, + output, output_size, &output_length); + TEST_EQUAL(status, expected_status); + TEST_LE_U(output_length, output_size); exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compare_fail( int alg_arg, data_t *input, - data_t *reference_hash, - int expected_status_arg ) +void hash_compare_fail(int alg_arg, data_t *input, + data_t *reference_hash, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - status = psa_hash_compare( alg, input->x, input->len, - reference_hash->x, reference_hash->len ); - TEST_EQUAL( status, expected_status ); + status = psa_hash_compare(alg, input->x, input->len, + reference_hash->x, reference_hash->len); + TEST_EQUAL(status, expected_status); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute_compare( int alg_arg, data_t *input, - data_t *expected_output ) +void hash_compute_compare(int alg_arg, data_t *input, + data_t *expected_output) { psa_algorithm_t alg = alg_arg; uint8_t output[PSA_HASH_MAX_SIZE + 1]; size_t output_length = INVALID_EXPORT_LENGTH; size_t i; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Compute with tight buffer */ - PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_hash_compute(alg, input->x, input->len, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compute with larger buffer */ - PSA_ASSERT( psa_hash_compute( alg, input->x, input->len, - output, sizeof( output ), - &output_length ) ); - TEST_EQUAL( output_length, PSA_HASH_LENGTH( alg ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); + PSA_ASSERT(psa_hash_compute(alg, input->x, input->len, + output, sizeof(output), + &output_length)); + TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compare with correct hash */ - PSA_ASSERT( psa_hash_compare( alg, input->x, input->len, - output, output_length ) ); + PSA_ASSERT(psa_hash_compare(alg, input->x, input->len, + output, output_length)); /* Compare with trailing garbage */ - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Compare with truncated hash */ - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Compare with corrupted value */ - for( i = 0; i < output_length; i++ ) - { - mbedtls_test_set_step( i ); + for (i = 0; i < output_length; i++) { + mbedtls_test_set_step(i); output[i] ^= 1; - TEST_EQUAL( psa_hash_compare( alg, input->x, input->len, - output, output_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_hash_compare(alg, input->x, input->len, + output, output_length), + PSA_ERROR_INVALID_SIGNATURE); output[i] ^= 1; } exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_bad_order( ) +void hash_bad_order() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char input[] = ""; @@ -1669,103 +1699,104 @@ void hash_bad_order( ) const unsigned char valid_hash[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, - 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 + }; unsigned char hash[sizeof(valid_hash)] = { 0 }; size_t hash_len; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Call setup twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_setup( &operation, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_setup(&operation, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Check that update calls abort on error. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); operation.id = UINT_MAX; - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after finish. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify without calling setup beforehand. */ - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify after finish. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call verify twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - PSA_ASSERT( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - TEST_EQUAL( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + PSA_ASSERT(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash))); + ASSERT_OPERATION_IS_INACTIVE(operation); + TEST_EQUAL(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish without calling setup beforehand. */ - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish twice in a row. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len)); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); /* Call finish after calling verify. */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_verify( &operation, - valid_hash, sizeof( valid_hash ) ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, sizeof( hash ), &hash_len ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_hash_abort( &operation ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_verify(&operation, + valid_hash, sizeof(valid_hash))); + TEST_EQUAL(psa_hash_finish(&operation, + hash, sizeof(hash), &hash_len), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_hash_abort(&operation)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_verify_bad_args( ) +void hash_verify_bad_args() { psa_algorithm_t alg = PSA_ALG_SHA_256; /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb) @@ -1773,60 +1804,61 @@ void hash_verify_bad_args( ) unsigned char hash[] = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, - 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb }; - size_t expected_size = PSA_HASH_LENGTH( alg ); + 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb + }; + size_t expected_size = PSA_HASH_LENGTH(alg); psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* psa_hash_verify with a smaller hash than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_hash_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_hash_verify(&operation, hash, expected_size - 1), + PSA_ERROR_INVALID_SIGNATURE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_hash_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* psa_hash_verify with a non-matching hash */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_verify(&operation, hash + 1, expected_size), + PSA_ERROR_INVALID_SIGNATURE); /* psa_hash_verify with a hash longer than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_verify(&operation, hash, sizeof(hash)), + PSA_ERROR_INVALID_SIGNATURE); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_finish_bad_args( ) +void hash_finish_bad_args() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; - size_t expected_size = PSA_HASH_LENGTH( alg ); + size_t expected_size = PSA_HASH_LENGTH(alg); psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* psa_hash_finish with a smaller hash buffer than expected */ - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( psa_hash_finish( &operation, - hash, expected_size - 1, &hash_len ), - PSA_ERROR_BUFFER_TOO_SMALL ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(psa_hash_finish(&operation, + hash, expected_size - 1, &hash_len), + PSA_ERROR_BUFFER_TOO_SMALL); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_clone_source_state( ) +void hash_clone_source_state() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -1837,41 +1869,41 @@ void hash_clone_source_state( ) psa_hash_operation_t op_aborted = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_hash_setup( &op_source, alg ) ); - - PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); - PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); - PSA_ASSERT( psa_hash_abort( &op_aborted ) ); - - TEST_EQUAL( psa_hash_clone( &op_source, &op_setup ), - PSA_ERROR_BAD_STATE ); - - PSA_ASSERT( psa_hash_clone( &op_source, &op_init ) ); - PSA_ASSERT( psa_hash_finish( &op_init, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_clone( &op_source, &op_finished ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_clone( &op_source, &op_aborted ) ); - PSA_ASSERT( psa_hash_finish( &op_aborted, - hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_hash_setup(&op_source, alg)); + + PSA_ASSERT(psa_hash_setup(&op_setup, alg)); + PSA_ASSERT(psa_hash_setup(&op_finished, alg)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_setup(&op_aborted, alg)); + PSA_ASSERT(psa_hash_abort(&op_aborted)); + + TEST_EQUAL(psa_hash_clone(&op_source, &op_setup), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_hash_clone(&op_source, &op_init)); + PSA_ASSERT(psa_hash_finish(&op_init, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_clone(&op_source, &op_finished)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_clone(&op_source, &op_aborted)); + PSA_ASSERT(psa_hash_finish(&op_aborted, + hash, sizeof(hash), &hash_len)); exit: - psa_hash_abort( &op_source ); - psa_hash_abort( &op_init ); - psa_hash_abort( &op_setup ); - psa_hash_abort( &op_finished ); - psa_hash_abort( &op_aborted ); - PSA_DONE( ); + psa_hash_abort(&op_source); + psa_hash_abort(&op_init); + psa_hash_abort(&op_setup); + psa_hash_abort(&op_finished); + psa_hash_abort(&op_aborted); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256 */ -void hash_clone_target_state( ) +void hash_clone_target_state() { psa_algorithm_t alg = PSA_ALG_SHA_256; unsigned char hash[PSA_HASH_MAX_SIZE]; @@ -1882,73 +1914,73 @@ void hash_clone_target_state( ) psa_hash_operation_t op_target = PSA_HASH_OPERATION_INIT; size_t hash_len; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &op_setup, alg ) ); - PSA_ASSERT( psa_hash_setup( &op_finished, alg ) ); - PSA_ASSERT( psa_hash_finish( &op_finished, - hash, sizeof( hash ), &hash_len ) ); - PSA_ASSERT( psa_hash_setup( &op_aborted, alg ) ); - PSA_ASSERT( psa_hash_abort( &op_aborted ) ); + PSA_ASSERT(psa_hash_setup(&op_setup, alg)); + PSA_ASSERT(psa_hash_setup(&op_finished, alg)); + PSA_ASSERT(psa_hash_finish(&op_finished, + hash, sizeof(hash), &hash_len)); + PSA_ASSERT(psa_hash_setup(&op_aborted, alg)); + PSA_ASSERT(psa_hash_abort(&op_aborted)); - PSA_ASSERT( psa_hash_clone( &op_setup, &op_target ) ); - PSA_ASSERT( psa_hash_finish( &op_target, - hash, sizeof( hash ), &hash_len ) ); + PSA_ASSERT(psa_hash_clone(&op_setup, &op_target)); + PSA_ASSERT(psa_hash_finish(&op_target, + hash, sizeof(hash), &hash_len)); - TEST_EQUAL( psa_hash_clone( &op_init, &op_target ), PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_clone( &op_finished, &op_target ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_hash_clone( &op_aborted, &op_target ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_hash_clone(&op_init, &op_target), PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_clone(&op_finished, &op_target), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_hash_clone(&op_aborted, &op_target), + PSA_ERROR_BAD_STATE); exit: - psa_hash_abort( &op_target ); - psa_hash_abort( &op_init ); - psa_hash_abort( &op_setup ); - psa_hash_abort( &op_finished ); - psa_hash_abort( &op_aborted ); - PSA_DONE( ); + psa_hash_abort(&op_target); + psa_hash_abort(&op_init); + psa_hash_abort(&op_setup); + psa_hash_abort(&op_finished); + psa_hash_abort(&op_aborted); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_operation_init( ) +void mac_operation_init() { const uint8_t input[1] = { 0 }; /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need - * to supress the Clang warning for the test. */ - psa_mac_operation_t func = psa_mac_operation_init( ); + * to suppress the Clang warning for the test. */ + psa_mac_operation_t func = psa_mac_operation_init(); psa_mac_operation_t init = PSA_MAC_OPERATION_INIT; psa_mac_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized MAC operation should not be usable. */ - TEST_EQUAL( psa_mac_update( &func, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_mac_update( &init, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_mac_update( &zero, - input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_mac_update(&func, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_mac_update(&init, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_mac_update(&zero, + input, sizeof(input)), + PSA_ERROR_BAD_STATE); /* A default MAC operation should be abortable without error. */ - PSA_ASSERT( psa_mac_abort( &func ) ); - PSA_ASSERT( psa_mac_abort( &init ) ); - PSA_ASSERT( psa_mac_abort( &zero ) ); + PSA_ASSERT(psa_mac_abort(&func)); + PSA_ASSERT(psa_mac_abort(&init)); + PSA_ASSERT(psa_mac_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void mac_setup( int key_type_arg, - data_t *key, - int alg_arg, - int expected_status_arg ) +void mac_setup(int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg) { psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -1959,31 +1991,33 @@ void mac_setup( int key_type_arg, const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; #endif - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - if( ! exercise_mac_setup( key_type, key->x, key->len, alg, - &operation, &status ) ) + if (!exercise_mac_setup(key_type, key->x, key->len, alg, + &operation, &status)) { goto exit; - TEST_EQUAL( status, expected_status ); + } + TEST_EQUAL(status, expected_status); /* The operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_MAC_ALG) - if( ! exercise_mac_setup( KNOWN_SUPPORTED_MAC_KEY_TYPE, - smoke_test_key_data, - sizeof( smoke_test_key_data ), - KNOWN_SUPPORTED_MAC_ALG, - &operation, &status ) ) + if (!exercise_mac_setup(KNOWN_SUPPORTED_MAC_KEY_TYPE, + smoke_test_key_data, + sizeof(smoke_test_key_data), + KNOWN_SUPPORTED_MAC_ALG, + &operation, &status)) { goto exit; - TEST_EQUAL( status, PSA_SUCCESS ); + } + TEST_EQUAL(status, PSA_SUCCESS); #endif exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_HMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 */ -void mac_bad_order( ) +void mac_bad_order() { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; @@ -1991,7 +2025,8 @@ void mac_bad_order( ) const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; uint8_t sign_mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; @@ -2000,119 +2035,120 @@ void mac_bad_order( ) const uint8_t verify_mac[] = { 0x74, 0x65, 0x93, 0x8c, 0xeb, 0x1d, 0xb3, 0x76, 0x5a, 0x38, 0xe7, 0xdd, 0x85, 0xc5, 0xad, 0x4f, 0x07, 0xe7, 0xd5, 0xb2, 0x64, 0xf0, 0x1a, 0x1a, - 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 }; + 0x2c, 0xf9, 0x18, 0xca, 0x59, 0x7e, 0x5d, 0xf6 + }; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), + &key)); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call sign finish without calling setup beforehand. */ - TEST_EQUAL( psa_mac_sign_finish( &operation, sign_mac, sizeof( sign_mac ), - &sign_mac_length), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_sign_finish(&operation, sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call verify finish without calling setup beforehand. */ - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call setup twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_sign_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_sign_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after sign finish. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ) ); - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length)); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call update after verify finish. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ) ); - TEST_EQUAL( psa_mac_update( &operation, input, sizeof( input ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac))); + TEST_EQUAL(psa_mac_update(&operation, input, sizeof(input)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call sign finish twice in a row. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ) ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length)); + TEST_EQUAL(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Call verify finish twice in a row. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_mac_abort( &operation ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + PSA_ASSERT(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac))); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_mac_abort(&operation)); /* Setup sign but try verify. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - verify_mac, sizeof( verify_mac ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_verify_finish(&operation, + verify_mac, sizeof(verify_mac)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Setup verify but try sign. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, input, sizeof( input ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - sign_mac, sizeof( sign_mac ), - &sign_mac_length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, input, sizeof(input))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_mac_sign_finish(&operation, + sign_mac, sizeof(sign_mac), + &sign_mac_length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_mac_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); + + PSA_ASSERT(psa_destroy_key(key)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_sign( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac ) +void mac_sign(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2121,7 +2157,7 @@ void mac_sign( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_mac = NULL; size_t mac_buffer_size = - PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); + PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg); size_t mac_length = 0; const size_t output_sizes_to_test[] = { 0, @@ -2131,76 +2167,74 @@ void mac_sign( int key_type_arg, expected_mac->len + 1, }; - TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); + TEST_LE_U(mac_buffer_size, PSA_MAC_MAX_SIZE); /* We expect PSA_MAC_LENGTH to be exact. */ - TEST_ASSERT( expected_mac->len == mac_buffer_size ); + TEST_ASSERT(expected_mac->len == mac_buffer_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - for( size_t i = 0; i < ARRAY_LENGTH( output_sizes_to_test ); i++ ) - { + for (size_t i = 0; i < ARRAY_LENGTH(output_sizes_to_test); i++) { const size_t output_size = output_sizes_to_test[i]; psa_status_t expected_status = - ( output_size >= expected_mac->len ? PSA_SUCCESS : - PSA_ERROR_BUFFER_TOO_SMALL ); + (output_size >= expected_mac->len ? PSA_SUCCESS : + PSA_ERROR_BUFFER_TOO_SMALL); - mbedtls_test_set_step( output_size ); - ASSERT_ALLOC( actual_mac, output_size ); + mbedtls_test_set_step(output_size); + TEST_CALLOC(actual_mac, output_size); /* Calculate the MAC, one-shot case. */ - TEST_EQUAL( psa_mac_compute( key, alg, - input->x, input->len, - actual_mac, output_size, &mac_length ), - expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + TEST_EQUAL(psa_mac_compute(key, alg, + input->x, input->len, + actual_mac, output_size, &mac_length), + expected_status); + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - if( output_size > 0 ) - memset( actual_mac, 0, output_size ); + if (output_size > 0) { + memset(actual_mac, 0, output_size); + } /* Calculate the MAC, multi-part case. */ - PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_sign_finish( &operation, - actual_mac, output_size, - &mac_length ), - expected_status ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + PSA_ASSERT(psa_mac_sign_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_sign_finish(&operation, + actual_mac, output_size, + &mac_length), + expected_status); + PSA_ASSERT(psa_mac_abort(&operation)); + + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - mbedtls_free( actual_mac ); + mbedtls_free(actual_mac); actual_mac = NULL; } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( actual_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(actual_mac); } /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac ) +void mac_verify(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2209,93 +2243,92 @@ void mac_verify( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *perturbed_mac = NULL; - TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); + TEST_LE_U(expected_mac->len, PSA_MAC_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Verify correct MAC, one-shot case. */ - PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len, - expected_mac->x, expected_mac->len ) ); + PSA_ASSERT(psa_mac_verify(key, alg, input->x, input->len, + expected_mac->x, expected_mac->len)); /* Verify correct MAC, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - PSA_ASSERT( psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len ) ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + PSA_ASSERT(psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len)); /* Test a MAC that's too short, one-shot case. */ - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - expected_mac->x, - expected_mac->len - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + expected_mac->x, + expected_mac->len - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too short, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len - 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len - 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too long, one-shot case. */ - ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 ); - memcpy( perturbed_mac, expected_mac->x, expected_mac->len ); - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - perturbed_mac, expected_mac->len + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_CALLOC(perturbed_mac, expected_mac->len + 1); + memcpy(perturbed_mac, expected_mac->x, expected_mac->len); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too long, multi-part case. */ - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - perturbed_mac, - expected_mac->len + 1 ), - PSA_ERROR_INVALID_SIGNATURE ); + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + perturbed_mac, + expected_mac->len + 1), + PSA_ERROR_INVALID_SIGNATURE); /* Test changing one byte. */ - for( size_t i = 0; i < expected_mac->len; i++ ) - { - mbedtls_test_set_step( i ); + for (size_t i = 0; i < expected_mac->len; i++) { + mbedtls_test_set_step(i); perturbed_mac[i] ^= 1; - TEST_EQUAL( psa_mac_verify( key, alg, - input->x, input->len, - perturbed_mac, expected_mac->len ), - PSA_ERROR_INVALID_SIGNATURE ); - - PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_mac_update( &operation, - input->x, input->len ) ); - TEST_EQUAL( psa_mac_verify_finish( &operation, - perturbed_mac, - expected_mac->len ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_mac_verify(key, alg, + input->x, input->len, + perturbed_mac, expected_mac->len), + PSA_ERROR_INVALID_SIGNATURE); + + PSA_ASSERT(psa_mac_verify_setup(&operation, key, alg)); + PSA_ASSERT(psa_mac_update(&operation, + input->x, input->len)); + TEST_EQUAL(psa_mac_verify_finish(&operation, + perturbed_mac, + expected_mac->len), + PSA_ERROR_INVALID_SIGNATURE); perturbed_mac[i] ^= 1; } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( perturbed_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(perturbed_mac); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_operation_init( ) +void cipher_operation_init() { const uint8_t input[1] = { 0 }; unsigned char output[1] = { 0 }; @@ -2303,42 +2336,42 @@ void cipher_operation_init( ) /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need - * to supress the Clang warning for the test. */ - psa_cipher_operation_t func = psa_cipher_operation_init( ); + * to suppress the Clang warning for the test. */ + psa_cipher_operation_t func = psa_cipher_operation_init(); psa_cipher_operation_t init = PSA_CIPHER_OPERATION_INIT; psa_cipher_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A freshly-initialized cipher operation should not be usable. */ - TEST_EQUAL( psa_cipher_update( &func, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_cipher_update( &init, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_cipher_update( &zero, - input, sizeof( input ), - output, sizeof( output ), - &output_length ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_cipher_update(&func, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_cipher_update(&init, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_cipher_update(&zero, + input, sizeof(input), + output, sizeof(output), + &output_length), + PSA_ERROR_BAD_STATE); /* A default cipher operation should be abortable without error. */ - PSA_ASSERT( psa_cipher_abort( &func ) ); - PSA_ASSERT( psa_cipher_abort( &init ) ); - PSA_ASSERT( psa_cipher_abort( &zero ) ); + PSA_ASSERT(psa_cipher_abort(&func)); + PSA_ASSERT(psa_cipher_abort(&init)); + PSA_ASSERT(psa_cipher_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_setup( int key_type_arg, - data_t *key, - int alg_arg, - int expected_status_arg ) +void cipher_setup(int key_type_arg, + data_t *key, + int alg_arg, + int expected_status_arg) { psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; @@ -2349,32 +2382,34 @@ void cipher_setup( int key_type_arg, const uint8_t smoke_test_key_data[16] = "kkkkkkkkkkkkkkkk"; #endif - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - if( ! exercise_cipher_setup( key_type, key->x, key->len, alg, - &operation, &status ) ) + if (!exercise_cipher_setup(key_type, key->x, key->len, alg, + &operation, &status)) { goto exit; - TEST_EQUAL( status, expected_status ); + } + TEST_EQUAL(status, expected_status); /* The operation object should be reusable. */ #if defined(KNOWN_SUPPORTED_CIPHER_ALG) - if( ! exercise_cipher_setup( KNOWN_SUPPORTED_CIPHER_KEY_TYPE, - smoke_test_key_data, - sizeof( smoke_test_key_data ), - KNOWN_SUPPORTED_CIPHER_ALG, - &operation, &status ) ) + if (!exercise_cipher_setup(KNOWN_SUPPORTED_CIPHER_KEY_TYPE, + smoke_test_key_data, + sizeof(smoke_test_key_data), + KNOWN_SUPPORTED_CIPHER_ALG, + &operation, &status)) { goto exit; - TEST_EQUAL( status, PSA_SUCCESS ); + } + TEST_EQUAL(status, PSA_SUCCESS); #endif exit: - psa_cipher_abort( &operation ); - PSA_DONE( ); + psa_cipher_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_PKCS7 */ -void cipher_bad_order( ) +void cipher_bad_order() { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = PSA_KEY_TYPE_AES; @@ -2384,173 +2419,175 @@ void cipher_bad_order( ) unsigned char iv[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 }; const uint8_t key_data[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, - 0xaa, 0xaa, 0xaa, 0xaa }; + 0xaa, 0xaa, 0xaa, 0xaa + }; const uint8_t text[] = { 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0xbb, - 0xbb, 0xbb, 0xbb, 0xbb }; + 0xbb, 0xbb, 0xbb, 0xbb + }; uint8_t buffer[PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES)] = { 0 }; size_t length = 0; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), + &key)); /* Call encrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_encrypt_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_encrypt_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call decrypt setup twice in a row. */ - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_decrypt_setup( &operation, key, alg ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_decrypt_setup(&operation, key, alg), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Generate an IV without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Generate an IV twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Generate an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + TEST_EQUAL(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Set an IV without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Set an IV after it's already set. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Set an IV after it's already generated. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_generate_iv( &operation, - buffer, sizeof( buffer ), - &length ) ); - TEST_EQUAL( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_generate_iv(&operation, + buffer, sizeof(buffer), + &length)); + TEST_EQUAL(psa_cipher_set_iv(&operation, + iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call update without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call update without an IV where an IV is required. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call update after finish. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ) ); - TEST_EQUAL( psa_cipher_update( &operation, - text, sizeof( text ), - buffer, sizeof( buffer ), - &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + PSA_ASSERT(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length)); + TEST_EQUAL(psa_cipher_update(&operation, + text, sizeof(text), + buffer, sizeof(buffer), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call finish without calling setup beforehand. */ - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); /* Call finish without an IV where an IV is required. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); /* Not calling update means we are encrypting an empty buffer, which is OK * for cipher modes with padding. */ - ASSERT_OPERATION_IS_ACTIVE( operation ); - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - ASSERT_OPERATION_IS_INACTIVE( operation ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_OPERATION_IS_INACTIVE( operation ); + ASSERT_OPERATION_IS_ACTIVE(operation); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + ASSERT_OPERATION_IS_INACTIVE(operation); + PSA_ASSERT(psa_cipher_abort(&operation)); + ASSERT_OPERATION_IS_INACTIVE(operation); /* Call finish twice in a row. */ - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, - iv, sizeof( iv ) ) ); - PSA_ASSERT( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ) ); - TEST_EQUAL( psa_cipher_finish( &operation, - buffer, sizeof( buffer ), &length ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_abort( &operation ) ); - - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, + iv, sizeof(iv))); + PSA_ASSERT(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length)); + TEST_EQUAL(psa_cipher_finish(&operation, + buffer, sizeof(buffer), &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_abort(&operation)); + + PSA_ASSERT(psa_destroy_key(key)); exit: - psa_cipher_abort( &operation ); - PSA_DONE( ); + psa_cipher_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_fail( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - int expected_status_arg ) +void cipher_encrypt_fail(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2562,90 +2599,151 @@ void cipher_encrypt_fail( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if ( PSA_ERROR_BAD_STATE != expected_status ) - { - PSA_ASSERT( psa_crypto_init( ) ); + if (PSA_ERROR_BAD_STATE != expected_status) { + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, - input->len ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, + input->len); + TEST_CALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); } - status = psa_cipher_encrypt( key, alg, input->x, input->len, output, - output_buffer_size, &output_length ); + status = psa_cipher_encrypt(key, alg, input->x, input->len, output, + output_buffer_size, &output_length); - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); exit: - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_alg_without_iv( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - data_t *expected_output ) +void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data, + data_t *plaintext, data_t *ciphertext) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; uint8_t iv[1] = { 0x5a }; - size_t iv_length; unsigned char *output = NULL; size_t output_buffer_size = 0; - size_t output_length = 0; + size_t output_length, length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - - output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - ASSERT_ALLOC( output, output_buffer_size ); + PSA_ASSERT(psa_crypto_init()); + + /* Validate size macros */ + TEST_LE_U(ciphertext->len, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len)); + TEST_LE_U(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len), + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(plaintext->len)); + TEST_LE_U(plaintext->len, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len)); + TEST_LE_U(PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, ciphertext->len), + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(ciphertext->len)); + + + /* Set up key and output buffer */ + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, + plaintext->len); + TEST_CALLOC(output, output_buffer_size); + + /* set_iv() is not allowed */ + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_set_iv(&operation, iv, sizeof(iv)), + PSA_ERROR_BAD_STATE); + + /* generate_iv() is not allowed */ + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv), + &length), + PSA_ERROR_BAD_STATE); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(psa_cipher_generate_iv(&operation, iv, sizeof(iv), + &length), + PSA_ERROR_BAD_STATE); + + /* Multipart encryption */ + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + output_length = 0; + length = ~0; + PSA_ASSERT(psa_cipher_update(&operation, + plaintext->x, plaintext->len, + output, output_buffer_size, + &length)); + TEST_LE_U(length, output_buffer_size); + output_length += length; + PSA_ASSERT(psa_cipher_finish(&operation, + mbedtls_buffer_offset(output, output_length), + output_buffer_size - output_length, + &length)); + output_length += length; + TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); + + /* Multipart encryption */ + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + output_length = 0; + length = ~0; + PSA_ASSERT(psa_cipher_update(&operation, + ciphertext->x, ciphertext->len, + output, output_buffer_size, + &length)); + TEST_LE_U(length, output_buffer_size); + output_length += length; + PSA_ASSERT(psa_cipher_finish(&operation, + mbedtls_buffer_offset(output, output_length), + output_buffer_size - output_length, + &length)); + output_length += length; + TEST_MEMORY_COMPARE(plaintext->x, plaintext->len, + output, output_length); + + /* One-shot encryption */ + output_length = ~0; + PSA_ASSERT(psa_cipher_encrypt(key, alg, plaintext->x, plaintext->len, + output, output_buffer_size, + &output_length)); + TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); + + /* One-shot decryption */ + output_length = ~0; + PSA_ASSERT(psa_cipher_decrypt(key, alg, ciphertext->x, ciphertext->len, + output, output_buffer_size, + &output_length)); + TEST_MEMORY_COMPARE(plaintext->x, plaintext->len, + output, output_length); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_set_iv( &operation, iv, sizeof( iv ) ), - PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( psa_cipher_generate_iv( &operation, iv, sizeof( iv ), - &iv_length ), - PSA_ERROR_BAD_STATE ); - - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output, - output_buffer_size, &output_length ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); exit: - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data ) +void cipher_bad_key(int alg_arg, int key_type_arg, data_t *key_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -2654,46 +2752,46 @@ void cipher_bad_key( int alg_arg, int key_type_arg, data_t *key_data ) psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Usage of either of these two size macros would cause divide by zero * with incorrect key types previously. Input length should be irrelevant * here. */ - TEST_EQUAL( PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, 16 ), - 0 ); - TEST_EQUAL( PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, 16 ), 0 ); + TEST_EQUAL(PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, 16), + 0); + TEST_EQUAL(PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, 16), 0); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Should fail due to invalid alg type (to support invalid key type). * Encrypt or decrypt will end up in the same place. */ - status = psa_cipher_encrypt_setup( &operation, key, alg ); + status = psa_cipher_encrypt_setup(&operation, key, alg); - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); exit: - psa_cipher_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_validation( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_encrypt_validation(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg); unsigned char *output1 = NULL; size_t output1_buffer_size = 0; size_t output1_length = 0; @@ -2704,74 +2802,74 @@ void cipher_encrypt_validation( int alg_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output1, output1_buffer_size ); - ASSERT_ALLOC( output2, output2_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + TEST_CALLOC(output1, output1_buffer_size); + TEST_CALLOC(output2, output2_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* The one-shot cipher encryption uses generated iv so validating the output is not possible. Validating with multipart encryption. */ - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, - output1_buffer_size, &output1_length ) ); - TEST_ASSERT( output1_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( output1_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); - - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); + + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size)); + + PSA_ASSERT(psa_cipher_update(&operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); - ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, - output2, output2_length ); + PSA_ASSERT(psa_cipher_abort(&operation)); + TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output, - int expected_status_arg ) +void cipher_encrypt_multipart(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, + data_t *expected_output, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2788,92 +2886,89 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + if (iv->len > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); } - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output1_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + TEST_CALLOC(output, output_buffer_size); + + TEST_LE_U(first_part_size, input->len); + PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_ASSERT(function_output_length == output1_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length)); + TEST_ASSERT(function_output_length == output2_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); total_output_length += function_output_length; } - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + status = psa_cipher_finish(&operation, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, int output2_length_arg, - data_t *expected_output, - int expected_status_arg ) +void cipher_decrypt_multipart(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, int output2_length_arg, + data_t *expected_output, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -2890,92 +2985,89 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg, psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); - if( iv->len > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); + if (iv->len > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); } - output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output, output_buffer_size ); - - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output1_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + TEST_CALLOC(output, output_buffer_size); + + TEST_LE_U(first_part_size, input->len); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_ASSERT(function_output_length == output1_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length == output2_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length)); + TEST_ASSERT(function_output_length == output2_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len)); total_output_length += function_output_length; } - status = psa_cipher_finish( &operation, - ( output_buffer_size == 0 ? NULL : - output + total_output_length ), - output_buffer_size - total_output_length, - &function_output_length ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + status = psa_cipher_finish(&operation, + (output_buffer_size == 0 ? NULL : + output + total_output_length), + output_buffer_size - total_output_length, + &function_output_length); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_fail( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - int expected_status_arg ) +void cipher_decrypt_fail(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -2989,49 +3081,47 @@ void cipher_decrypt_fail( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if ( PSA_ERROR_BAD_STATE != expected_status ) - { - PSA_ASSERT( psa_crypto_init( ) ); + if (PSA_ERROR_BAD_STATE != expected_status) { + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); } /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + TEST_CALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + TEST_CALLOC(output, output_buffer_size); - status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ); - TEST_EQUAL( status, expected_status ); + status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length); + TEST_EQUAL(status, expected_status); exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - data_t *expected_output ) +void cipher_decrypt(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3043,49 +3133,48 @@ void cipher_decrypt( int alg_arg, size_t output_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + TEST_CALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + TEST_CALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ) ); - TEST_ASSERT( output_length <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( input_buffer_size ) ); + PSA_ASSERT(psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length)); + TEST_LE_U(output_length, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size)); + TEST_LE_U(output_length, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_buffer_size)); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, output_length); exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_verify_output(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3098,58 +3187,58 @@ void cipher_verify_output( int alg_arg, size_t output2_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - ASSERT_ALLOC( output1, output1_size ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + TEST_CALLOC(output1, output1_size); - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, - output1, output1_size, - &output1_length ) ); - TEST_ASSERT( output1_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ) ); - TEST_ASSERT( output1_length <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, + output1, output1_size, + &output1_length)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len)); + TEST_LE_U(output1_length, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); output2_size = output1_length; - ASSERT_ALLOC( output2, output2_size ); + TEST_CALLOC(output2, output2_size); - PSA_ASSERT( psa_cipher_decrypt( key, alg, output1, output1_length, - output2, output2_size, - &output2_length ) ); - TEST_ASSERT( output2_length <= - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_ASSERT( output2_length <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); + PSA_ASSERT(psa_cipher_decrypt(key, alg, output1, output1_length, + output2, output2_size, + &output2_length)); + TEST_LE_U(output2_length, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length)); + TEST_LE_U(output2_length, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); - ASSERT_COMPARE( input->x, input->len, output2, output2_length ); + TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length); exit: - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_verify_output_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input, - int first_part_size_arg ) +void cipher_verify_output_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input, + int first_part_size_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; size_t first_part_size = first_part_size_arg; - unsigned char iv[16] = {0}; + unsigned char iv[16] = { 0 }; size_t iv_size = 16; size_t iv_length = 0; unsigned char *output1 = NULL; @@ -3163,132 +3252,130 @@ void cipher_verify_output_multipart( int alg_arg, psa_cipher_operation_t operation2 = PSA_CIPHER_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation1, key, alg ) ); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation2, key, alg ) ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation1, key, alg)); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation2, key, alg)); - if( alg != PSA_ALG_ECB_NO_PADDING ) - { - PSA_ASSERT( psa_cipher_generate_iv( &operation1, - iv, iv_size, - &iv_length ) ); + if (alg != PSA_ALG_ECB_NO_PADDING) { + PSA_ASSERT(psa_cipher_generate_iv(&operation1, + iv, iv_size, + &iv_length)); } - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - TEST_ASSERT( output1_buffer_size <= - PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE( input->len ) ); - ASSERT_ALLOC( output1, output1_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + TEST_LE_U(output1_buffer_size, + PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); + TEST_CALLOC(output1, output1_buffer_size); - TEST_ASSERT( first_part_size <= input->len ); + TEST_LE_U(first_part_size, input->len); - PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size, - output1, output1_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation1, input->x, first_part_size, + output1, output1_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation1, - input->x + first_part_size, - input->len - first_part_size, - output1, output1_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - input->len - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( input->len - first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation1, + input->x + first_part_size, + input->len - first_part_size, + output1, output1_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + input->len - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(input->len - first_part_size)); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation1, - output1 + output1_length, - output1_buffer_size - output1_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation1, + output1 + output1_length, + output1_buffer_size - output1_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output1_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation1 ) ); + PSA_ASSERT(psa_cipher_abort(&operation1)); output2_buffer_size = output1_length; - TEST_ASSERT( output2_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, output1_length ) ); - TEST_ASSERT( output2_buffer_size <= - PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE( output1_length ) ); - ASSERT_ALLOC( output2, output2_buffer_size ); - - if( iv_length > 0 ) - { - PSA_ASSERT( psa_cipher_set_iv( &operation2, - iv, iv_length ) ); + TEST_LE_U(output2_buffer_size, + PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length)); + TEST_LE_U(output2_buffer_size, + PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); + TEST_CALLOC(output2, output2_buffer_size); + + if (iv_length > 0) { + PSA_ASSERT(psa_cipher_set_iv(&operation2, + iv, iv_length)); } - PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation2, output1, first_part_size, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(first_part_size)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_update( &operation2, - output1 + first_part_size, - output1_length - first_part_size, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, - alg, - output1_length - first_part_size ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE( output1_length - first_part_size ) ); + PSA_ASSERT(psa_cipher_update(&operation2, + output1 + first_part_size, + output1_length - first_part_size, + output2, output2_buffer_size, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, + alg, + output1_length - first_part_size)); + TEST_LE_U(function_output_length, + PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE(output1_length - first_part_size)); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation2, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ) ); - TEST_ASSERT( function_output_length <= - PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_cipher_finish(&operation2, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg)); + TEST_LE_U(function_output_length, + PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE); output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation2 ) ); + PSA_ASSERT(psa_cipher_abort(&operation2)); - ASSERT_COMPARE( input->x, input->len, output2, output2_length ); + TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length); exit: - psa_cipher_abort( &operation1 ); - psa_cipher_abort( &operation2 ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation1); + psa_cipher_abort(&operation2); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - int expected_result_arg ) +void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + int expected_result_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3303,90 +3390,87 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data, psa_status_t expected_result = expected_result_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - if( expected_result != PSA_ERROR_INVALID_ARGUMENT && - expected_result != PSA_ERROR_NOT_SUPPORTED ) - { - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + if (expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED) { + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC( output_data, output_size ); + TEST_CALLOC(output_data, output_size); - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * encryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - TEST_EQUAL( status, expected_result ); + TEST_EQUAL(status, expected_result); - if( PSA_SUCCESS == expected_result ) - { - ASSERT_ALLOC( output_data2, output_length ); + if (PSA_SUCCESS == expected_result) { + TEST_CALLOC(output_data2, output_length); /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( input_data->len, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, output_length ) ); - - TEST_ASSERT( input_data->len <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( output_length ) ); - - TEST_EQUAL( psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - output_data, output_length, - output_data2, output_length, - &output_length2 ), - expected_result ); - - ASSERT_COMPARE( input_data->x, input_data->len, - output_data2, output_length2 ); + TEST_EQUAL(input_data->len, + PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, output_length)); + + TEST_ASSERT(input_data->len <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(output_length)); + + TEST_EQUAL(psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + output_data, output_length, + output_data2, output_length, + &output_length2), + expected_result); + + TEST_MEMORY_COMPARE(input_data->x, input_data->len, + output_data2, output_length2); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - mbedtls_free( output_data2 ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + mbedtls_free(output_data2); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_result ) +void aead_encrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_result) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3398,62 +3482,61 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); - - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); + TEST_CALLOC(output_data, output_size); + + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * encryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - PSA_ASSERT( status ); - ASSERT_COMPARE( expected_result->x, expected_result->len, - output_data, output_length ); + PSA_ASSERT(status); + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_data, - int expected_result_arg ) +void aead_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_data, + int expected_result_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3466,75 +3549,74 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_status_t expected_result = expected_result_arg; psa_status_t status = PSA_ERROR_GENERIC_ERROR; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); - if( expected_result != PSA_ERROR_INVALID_ARGUMENT && - expected_result != PSA_ERROR_NOT_SUPPORTED ) - { + output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); + if (expected_result != PSA_ERROR_INVALID_ARGUMENT && + expected_result != PSA_ERROR_NOT_SUPPORTED) { /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_DECRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); + TEST_EQUAL(output_size, + PSA_AEAD_DECRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC( output_data, output_size ); + TEST_CALLOC(output_data, output_size); - status = psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); + status = psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); /* If the operation is not supported, just skip and not fail in case the * decryption involves a common limitation of cryptography hardwares and * an alternative implementation. */ - if( status == PSA_ERROR_NOT_SUPPORTED ) - { - MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192( key_type, key_data->len * 8 ); - MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE( alg, nonce->len ); + if (status == PSA_ERROR_NOT_SUPPORTED) { + MBEDTLS_TEST_PSA_SKIP_IF_ALT_AES_192(key_type, key_data->len * 8); + MBEDTLS_TEST_PSA_SKIP_IF_ALT_GCM_NOT_12BYTES_NONCE(alg, nonce->len); } - TEST_EQUAL( status, expected_result ); + TEST_EQUAL(status, expected_result); - if( expected_result == PSA_SUCCESS ) - ASSERT_COMPARE( expected_data->x, expected_data->len, - output_data, output_length ); + if (expected_result == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); + } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void signature_size( int type_arg, - int bits, - int alg_arg, - int expected_size_arg ) +void signature_size(int type_arg, + int bits, + int alg_arg, + int expected_size_arg) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; - size_t actual_size = PSA_SIGN_OUTPUT_SIZE( type, bits, alg ); + size_t actual_size = PSA_SIGN_OUTPUT_SIZE(type, bits, alg); - TEST_EQUAL( actual_size, (size_t) expected_size_arg ); + TEST_EQUAL(actual_size, (size_t) expected_size_arg); #if defined(MBEDTLS_TEST_DEPRECATED) - TEST_EQUAL( actual_size, - PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg ) ); + TEST_EQUAL(actual_size, + PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg)); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: @@ -3543,9 +3625,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_hash_deterministic( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - data_t *output_data ) +void sign_hash_deterministic(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *output_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3556,43 +3638,43 @@ void sign_hash_deterministic( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - /* Allocate a buffer which has the size advertized by the + /* Allocate a buffer which has the size advertised by the * library. */ - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, - key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); /* Verify that the signature is what is expected. */ - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); #if defined(MBEDTLS_TEST_DEPRECATED) - memset( signature, 0, signature_size ); + memset(signature, 0, signature_size); signature_length = INVALID_EXPORT_LENGTH; - PSA_ASSERT( psa_asymmetric_sign( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + PSA_ASSERT(psa_asymmetric_sign(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: @@ -3600,18 +3682,18 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_hash_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int signature_size_arg, int expected_status_arg ) +void sign_hash_fail(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + int signature_size_arg, int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3623,49 +3705,49 @@ void sign_hash_fail( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( signature, signature_size ); + TEST_CALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that * if the caller tries to read *signature_length bytes without * checking the error code then they don't overflow a buffer. */ - TEST_ASSERT( signature_length <= signature_size ); + TEST_LE_U(signature_length, signature_size); #if defined(MBEDTLS_TEST_DEPRECATED) signature_length = INVALID_EXPORT_LENGTH; - TEST_EQUAL( psa_asymmetric_sign( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ), - expected_status ); - TEST_ASSERT( signature_length <= signature_size ); + TEST_EQUAL(psa_asymmetric_sign(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length), + expected_status); + TEST_LE_U(signature_length, signature_size); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify_hash( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data ) +void sign_verify_hash(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3676,49 +3758,48 @@ void sign_verify_hash( int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - /* Allocate a buffer which has the size advertized by the + /* Allocate a buffer which has the size advertised by the * library. */ - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, - key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); /* Perform the signature. */ - PSA_ASSERT( psa_sign_hash( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); /* Check that the signature length looks sensible. */ - TEST_ASSERT( signature_length <= signature_size ); - TEST_ASSERT( signature_length > 0 ); + TEST_LE_U(signature_length, signature_size); + TEST_ASSERT(signature_length > 0); /* Use the library to verify that the signature is correct. */ - PSA_ASSERT( psa_verify_hash( key, alg, - input_data->x, input_data->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_hash(key, alg, + input_data->x, input_data->len, + signature, signature_length)); - if( input_data->len != 0 ) - { + if (input_data->len != 0) { /* Flip a bit in the input and verify that the signature is now * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_verify_hash( key, alg, - input_data->x, input_data->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_hash(key, alg, + input_data->x, input_data->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); } exit: @@ -3726,59 +3807,59 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_hash( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data ) +void verify_hash(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE ); + TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_verify_hash( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ) ); + PSA_ASSERT(psa_verify_hash(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len)); #if defined(MBEDTLS_TEST_DEPRECATED) - PSA_ASSERT( psa_asymmetric_verify( key, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ) ); + PSA_ASSERT(psa_asymmetric_verify(key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len)); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_hash_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data, - int expected_status_arg ) +void verify_hash_fail(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3787,40 +3868,40 @@ void verify_hash_fail( int key_type_arg, data_t *key_data, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_verify_hash( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_hash(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len); + TEST_EQUAL(actual_status, expected_status); #if defined(MBEDTLS_TEST_DEPRECATED) - TEST_EQUAL( psa_asymmetric_verify( key, alg, - hash_data->x, hash_data->len, - signature_data->x, signature_data->len ), - expected_status ); + TEST_EQUAL(psa_asymmetric_verify(key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len), + expected_status); #endif /* MBEDTLS_TEST_DEPRECATED */ exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_message_deterministic( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *output_data ) +void sign_message_deterministic(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *output_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3831,47 +3912,47 @@ void sign_message_deterministic( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); - PSA_ASSERT( psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); + PSA_ASSERT(psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); - ASSERT_COMPARE( output_data->x, output_data->len, - signature, signature_length ); + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); exit: - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_message_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - int signature_size_arg, - int expected_status_arg ) +void sign_message_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + int signature_size_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3883,41 +3964,41 @@ void sign_message_fail( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( signature, signature_size ); + TEST_CALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); /* The value of *signature_length is unspecified on error, but * whatever it is, it should be less than signature_size, so that * if the caller tries to read *signature_length bytes without * checking the error code then they don't overflow a buffer. */ - TEST_ASSERT( signature_length <= signature_size ); + TEST_LE_U(signature_length, signature_size); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify_message( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data ) +void sign_verify_message(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3928,96 +4009,95 @@ void sign_verify_message( int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( signature_size != 0 ); - TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); - ASSERT_ALLOC( signature, signature_size ); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); - PSA_ASSERT( psa_sign_message( key, alg, - input_data->x, input_data->len, - signature, signature_size, - &signature_length ) ); - TEST_ASSERT( signature_length <= signature_size ); - TEST_ASSERT( signature_length > 0 ); + PSA_ASSERT(psa_sign_message(key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length)); + TEST_LE_U(signature_length, signature_size); + TEST_ASSERT(signature_length > 0); - PSA_ASSERT( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature, signature_length)); - if( input_data->len != 0 ) - { + if (input_data->len != 0) { /* Flip a bit in the input and verify that the signature is now * detected as invalid. Flip a bit at the beginning, not at the end, * because ECDSA may ignore the last few bits of the input. */ input_data->x[0] ^= 1; - TEST_EQUAL( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); } exit: - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( signature ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_message( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *signature_data ) +void verify_message(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *signature_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE ); + TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_verify_message( key, alg, - input_data->x, input_data->len, - signature_data->x, signature_data->len ) ); + PSA_ASSERT(psa_verify_message(key, alg, + input_data->x, input_data->len, + signature_data->x, signature_data->len)); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void verify_message_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *hash_data, - data_t *signature_data, - int expected_status_arg ) +void verify_message_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *hash_data, + data_t *signature_data, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4026,36 +4106,36 @@ void verify_message_fail( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_verify_message( key, alg, - hash_data->x, hash_data->len, - signature_data->x, - signature_data->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_message(key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len); + TEST_EQUAL(actual_status, expected_status); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - int expected_output_length_arg, - int expected_status_arg ) +void asymmetric_encrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + int expected_output_length_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4069,46 +4149,54 @@ void asymmetric_encrypt( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Import the key */ - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Determine the maximum output length */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); + TEST_CALLOC(output, output_size); /* Encrypt the input */ - actual_status = psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_length, expected_output_length ); + actual_status = psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + if (actual_status == PSA_SUCCESS) { + TEST_EQUAL(output_length, expected_output_length); + } else { + TEST_LE_U(output_length, output_size); + } /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - actual_status = psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_length, expected_output_length ); + if (output_size != 0) { + memset(output, 0, output_size); + } + actual_status = psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + if (actual_status == PSA_SUCCESS) { + TEST_EQUAL(output_length, expected_output_length); + } else { + TEST_LE_U(output_length, output_size); + } } exit: @@ -4116,20 +4204,20 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encrypt_decrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label ) +void asymmetric_encrypt_decrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4143,70 +4231,70 @@ void asymmetric_encrypt_decrypt( int key_type_arg, size_t output2_length = ~0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* Determine the maximum ciphertext length */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); + output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); + TEST_CALLOC(output, output_size); output2_size = input_data->len; - TEST_ASSERT( output2_size <= - PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ) ); - TEST_ASSERT( output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output2, output2_size ); + TEST_LE_U(output2_size, + PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)); + TEST_LE_U(output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); + TEST_CALLOC(output2, output2_size); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random * part of encryption process which prevents using fixed vectors. */ - PSA_ASSERT( psa_asymmetric_encrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ) ); + PSA_ASSERT(psa_asymmetric_encrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length)); /* We don't know what ciphertext length to expect, but check that * it looks sensible. */ - TEST_ASSERT( output_length <= output_size ); + TEST_LE_U(output_length, output_size); - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - output, output_length, - label->x, label->len, - output2, output2_size, - &output2_length ) ); - ASSERT_COMPARE( input_data->x, input_data->len, - output2, output2_length ); + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + output, output_length, + label->x, label->len, + output2, output2_size, + &output2_length)); + TEST_MEMORY_COMPARE(input_data->x, input_data->len, + output2, output2_length); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - mbedtls_free( output ); - mbedtls_free( output2 ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output); + mbedtls_free(output2); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - data_t *expected_data ) +void asymmetric_decrypt(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + data_t *expected_data) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4217,65 +4305,65 @@ void asymmetric_decrypt( int key_type_arg, size_t output_length = ~0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); /* Determine the maximum ciphertext length */ - output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE( key_type, key_bits, alg ); - TEST_ASSERT( output_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE ); - ASSERT_ALLOC( output, output_size ); - - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, - output_size, - &output_length ) ); - ASSERT_COMPARE( expected_data->x, expected_data->len, - output, output_length ); + output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg); + TEST_LE_U(output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); + TEST_CALLOC(output, output_size); + + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, + output_size, + &output_length)); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output, output_length); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - PSA_ASSERT( psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, - output_size, - &output_length ) ); - ASSERT_COMPARE( expected_data->x, expected_data->len, - output, output_length ); + if (output_size != 0) { + memset(output, 0, output_size); + } + PSA_ASSERT(psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, + output_size, + &output_length)); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output, output_length); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_decrypt_fail( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input_data, - data_t *label, - int output_size_arg, - int expected_status_arg ) +void asymmetric_decrypt_fail(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *label, + int output_size_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -4287,135 +4375,135 @@ void asymmetric_decrypt_fail( int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( output, output_size ); + TEST_CALLOC(output, output_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - actual_status = psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - label->x, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_ASSERT( output_length <= output_size ); + actual_status = psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + label->x, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_LE_U(output_length, output_size); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ - if( label->len == 0 ) - { + if (label->len == 0) { output_length = ~0; - if( output_size != 0 ) - memset( output, 0, output_size ); - actual_status = psa_asymmetric_decrypt( key, alg, - input_data->x, input_data->len, - NULL, label->len, - output, output_size, - &output_length ); - TEST_EQUAL( actual_status, expected_status ); - TEST_ASSERT( output_length <= output_size ); + if (output_size != 0) { + memset(output, 0, output_size); + } + actual_status = psa_asymmetric_decrypt(key, alg, + input_data->x, input_data->len, + NULL, label->len, + output, output_size, + &output_length); + TEST_EQUAL(actual_status, expected_status); + TEST_LE_U(output_length, output_size); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - mbedtls_free( output ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_derivation_init( ) +void key_derivation_init() { /* Test each valid way of initializing the object, except for `= {0}`, as * Clang 5 complains when `-Wmissing-field-initializers` is used, even * though it's OK by the C standard. We could test for this, but we'd need - * to supress the Clang warning for the test. */ + * to suppress the Clang warning for the test. */ size_t capacity; - psa_key_derivation_operation_t func = psa_key_derivation_operation_init( ); + psa_key_derivation_operation_t func = psa_key_derivation_operation_init(); psa_key_derivation_operation_t init = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_derivation_operation_t zero; - memset( &zero, 0, sizeof( zero ) ); + memset(&zero, 0, sizeof(zero)); /* A default operation should not be able to report its capacity. */ - TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_key_derivation_get_capacity(&func, &capacity), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_key_derivation_get_capacity(&init, &capacity), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(psa_key_derivation_get_capacity(&zero, &capacity), + PSA_ERROR_BAD_STATE); /* A default operation should be abortable without error. */ - PSA_ASSERT( psa_key_derivation_abort(&func) ); - PSA_ASSERT( psa_key_derivation_abort(&init) ); - PSA_ASSERT( psa_key_derivation_abort(&zero) ); + PSA_ASSERT(psa_key_derivation_abort(&func)); + PSA_ASSERT(psa_key_derivation_abort(&init)); + PSA_ASSERT(psa_key_derivation_abort(&zero)); } /* END_CASE */ /* BEGIN_CASE */ -void derive_setup( int alg_arg, int expected_status_arg ) +void derive_setup(int alg_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), - expected_status ); + TEST_EQUAL(psa_key_derivation_setup(&operation, alg), + expected_status); exit: - psa_key_derivation_abort( &operation ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_set_capacity( int alg_arg, int capacity_arg, - int expected_status_arg ) +void derive_set_capacity(int alg_arg, int capacity_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; size_t capacity = capacity_arg; psa_status_t expected_status = expected_status_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); - TEST_EQUAL( psa_key_derivation_set_capacity( &operation, capacity ), - expected_status ); + TEST_EQUAL(psa_key_derivation_set_capacity(&operation, capacity), + expected_status); exit: - psa_key_derivation_abort( &operation ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_input( int alg_arg, - int step_arg1, int key_type_arg1, data_t *input1, - int expected_status_arg1, - int step_arg2, int key_type_arg2, data_t *input2, - int expected_status_arg2, - int step_arg3, int key_type_arg3, data_t *input3, - int expected_status_arg3, - int output_key_type_arg, int expected_output_status_arg ) +void derive_input(int alg_arg, + int step_arg1, int key_type_arg1, data_t *input1, + int expected_status_arg1, + int step_arg2, int key_type_arg2, data_t *input2, + int expected_status_arg2, + int step_arg3, int key_type_arg3, data_t *input3, + int expected_status_arg3, + int output_key_type_arg, int expected_output_status_arg) { psa_algorithm_t alg = alg_arg; - psa_key_derivation_step_t steps[] = {step_arg1, step_arg2, step_arg3}; - psa_key_type_t key_types[] = {key_type_arg1, key_type_arg2, key_type_arg3}; - psa_status_t expected_statuses[] = {expected_status_arg1, - expected_status_arg2, - expected_status_arg3}; - data_t *inputs[] = {input1, input2, input3}; + psa_key_derivation_step_t steps[] = { step_arg1, step_arg2, step_arg3 }; + psa_key_type_t key_types[] = { key_type_arg1, key_type_arg2, key_type_arg3 }; + psa_status_t expected_statuses[] = { expected_status_arg1, + expected_status_arg2, + expected_status_arg3 }; + data_t *inputs[] = { input1, input2, input3 }; mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT }; @@ -4427,179 +4515,169 @@ void derive_input( int alg_arg, psa_status_t expected_output_status = expected_output_status_arg; psa_status_t actual_output_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); - for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) - { - mbedtls_test_set_step( i ); - if( steps[i] == 0 ) - { + for (i = 0; i < ARRAY_LENGTH(steps); i++) { + mbedtls_test_set_step(i); + if (steps[i] == 0) { /* Skip this step */ - } - else if( key_types[i] != PSA_KEY_TYPE_NONE ) - { - psa_set_key_type( &attributes, key_types[i] ); - PSA_ASSERT( psa_import_key( &attributes, - inputs[i]->x, inputs[i]->len, - &keys[i] ) ); - if( PSA_KEY_TYPE_IS_KEY_PAIR( key_types[i] ) && - steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET ) - { + } else if (key_types[i] != PSA_KEY_TYPE_NONE) { + psa_set_key_type(&attributes, key_types[i]); + PSA_ASSERT(psa_import_key(&attributes, + inputs[i]->x, inputs[i]->len, + &keys[i])); + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_types[i]) && + steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET) { // When taking a private key as secret input, use key agreement // to add the shared secret to the derivation - TEST_EQUAL( mbedtls_test_psa_key_agreement_with_self( - &operation, keys[i] ), - expected_statuses[i] ); - } - else - { - TEST_EQUAL( psa_key_derivation_input_key( &operation, steps[i], - keys[i] ), - expected_statuses[i] ); + TEST_EQUAL(mbedtls_test_psa_key_agreement_with_self( + &operation, keys[i]), + expected_statuses[i]); + } else { + TEST_EQUAL(psa_key_derivation_input_key(&operation, steps[i], + keys[i]), + expected_statuses[i]); } - } - else - { - TEST_EQUAL( psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len ), - expected_statuses[i] ); + } else { + TEST_EQUAL(psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len), + expected_statuses[i]); } } - if( output_key_type != PSA_KEY_TYPE_NONE ) - { - psa_reset_key_attributes( &attributes ); - psa_set_key_type( &attributes, output_key_type ); - psa_set_key_bits( &attributes, 8 ); + if (output_key_type != PSA_KEY_TYPE_NONE) { + psa_reset_key_attributes(&attributes); + psa_set_key_type(&attributes, output_key_type); + psa_set_key_bits(&attributes, 8); actual_output_status = - psa_key_derivation_output_key( &attributes, &operation, - &output_key ); - } - else - { + psa_key_derivation_output_key(&attributes, &operation, + &output_key); + } else { uint8_t buffer[1]; actual_output_status = - psa_key_derivation_output_bytes( &operation, - buffer, sizeof( buffer ) ); + psa_key_derivation_output_bytes(&operation, + buffer, sizeof(buffer)); } - TEST_EQUAL( actual_output_status, expected_output_status ); + TEST_EQUAL(actual_output_status, expected_output_status); exit: - psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) - psa_destroy_key( keys[i] ); - psa_destroy_key( output_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + for (i = 0; i < ARRAY_LENGTH(keys); i++) { + psa_destroy_key(keys[i]); + } + psa_destroy_key(output_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_over_capacity( int alg_arg ) +void derive_over_capacity(int alg_arg) { psa_algorithm_t alg = alg_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t key_type = PSA_KEY_TYPE_DERIVE; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char input1[] = "Input 1"; - size_t input1_length = sizeof( input1 ); + size_t input1_length = sizeof(input1); unsigned char input2[] = "Input 2"; - size_t input2_length = sizeof( input2 ); + size_t input2_length = sizeof(input2); uint8_t buffer[42]; - size_t capacity = sizeof( buffer ); + size_t capacity = sizeof(buffer); const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, - key_data, sizeof( key_data ), - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_data, sizeof(key_data), + &key)); /* valid key derivation */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1, input1_length, - input2, input2_length, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1, input1_length, + input2, input2_length, + capacity)) { goto exit; + } /* state of operation shouldn't allow additional generation */ - TEST_EQUAL( psa_key_derivation_setup( &operation, alg ), - PSA_ERROR_BAD_STATE ); + TEST_EQUAL(psa_key_derivation_setup(&operation, alg), + PSA_ERROR_BAD_STATE); - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, buffer, capacity)); - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, buffer, capacity ), - PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, buffer, capacity), + PSA_ERROR_INSUFFICIENT_DATA); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_actions_without_setup( ) +void derive_actions_without_setup() { uint8_t output_buffer[16]; size_t buffer_size = 16; size_t capacity = 0; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, buffer_size ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, buffer_size) + == PSA_ERROR_BAD_STATE); - TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity) + == PSA_ERROR_BAD_STATE); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); - TEST_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, buffer_size ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, buffer_size) + == PSA_ERROR_BAD_STATE); - TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) - == PSA_ERROR_BAD_STATE ); + TEST_ASSERT(psa_key_derivation_get_capacity(&operation, &capacity) + == PSA_ERROR_BAD_STATE); exit: - psa_key_derivation_abort( &operation ); + psa_key_derivation_abort(&operation); } /* END_CASE */ /* BEGIN_CASE */ -void derive_output( int alg_arg, - int step1_arg, data_t *input1, - int step2_arg, data_t *input2, - int step3_arg, data_t *input3, - int requested_capacity_arg, - data_t *expected_output1, - data_t *expected_output2 ) +void derive_output(int alg_arg, + int step1_arg, data_t *input1, + int step2_arg, data_t *input2, + int step3_arg, data_t *input3, + int requested_capacity_arg, + data_t *expected_output1, + data_t *expected_output2) { psa_algorithm_t alg = alg_arg; - psa_key_derivation_step_t steps[] = {step1_arg, step2_arg, step3_arg}; - data_t *inputs[] = {input1, input2, input3}; + psa_key_derivation_step_t steps[] = { step1_arg, step2_arg, step3_arg }; + data_t *inputs[] = { input1, input2, input3 }; mbedtls_svc_key_id_t keys[] = { MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT, MBEDTLS_SVC_KEY_ID_INIT }; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = - {expected_output1->x, expected_output2->x}; + { expected_output1->x, expected_output2->x }; size_t output_sizes[2] = - {expected_output1->len, expected_output2->len}; + { expected_output1->len, expected_output2->len }; size_t output_buffer_size = 0; uint8_t *output_buffer = NULL; size_t expected_capacity; @@ -4608,107 +4686,103 @@ void derive_output( int alg_arg, psa_status_t status; size_t i; - for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) - { - if( output_sizes[i] > output_buffer_size ) + for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) { + if (output_sizes[i] > output_buffer_size) { output_buffer_size = output_sizes[i]; - if( output_sizes[i] == 0 ) + } + if (output_sizes[i] == 0) { expected_outputs[i] = NULL; + } } - ASSERT_ALLOC( output_buffer, output_buffer_size ); - PSA_ASSERT( psa_crypto_init( ) ); + TEST_CALLOC(output_buffer, output_buffer_size); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); /* Extraction phase. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &operation, - requested_capacity ) ); - for( i = 0; i < ARRAY_LENGTH( steps ); i++ ) - { - switch( steps[i] ) - { + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_set_capacity(&operation, + requested_capacity)); + for (i = 0; i < ARRAY_LENGTH(steps); i++) { + switch (steps[i]) { case 0: break; case PSA_KEY_DERIVATION_INPUT_SECRET: - PSA_ASSERT( psa_import_key( &attributes, - inputs[i]->x, inputs[i]->len, - &keys[i] ) ); - - if ( PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) ) - { - PSA_ASSERT( psa_get_key_attributes( keys[i], &attributes ) ); - TEST_ASSERT( PSA_BITS_TO_BYTES( psa_get_key_bits( &attributes ) ) <= - PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE ); + PSA_ASSERT(psa_import_key(&attributes, + inputs[i]->x, inputs[i]->len, + &keys[i])); + + if (PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { + PSA_ASSERT(psa_get_key_attributes(keys[i], &attributes)); + TEST_ASSERT(PSA_BITS_TO_BYTES(psa_get_key_bits(&attributes)) <= + PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE); } - PSA_ASSERT( psa_key_derivation_input_key( - &operation, steps[i], keys[i] ) ); + PSA_ASSERT(psa_key_derivation_input_key( + &operation, steps[i], keys[i])); break; default: - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len ) ); + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len)); break; } } - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, requested_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, requested_capacity); expected_capacity = requested_capacity; /* Expansion phase. */ - for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) - { + for (i = 0; i < ARRAY_LENGTH(expected_outputs); i++) { /* Read some bytes. */ - status = psa_key_derivation_output_bytes( &operation, - output_buffer, output_sizes[i] ); - if( expected_capacity == 0 && output_sizes[i] == 0 ) - { + status = psa_key_derivation_output_bytes(&operation, + output_buffer, output_sizes[i]); + if (expected_capacity == 0 && output_sizes[i] == 0) { /* Reading 0 bytes when 0 bytes are available can go either way. */ - TEST_ASSERT( status == PSA_SUCCESS || - status == PSA_ERROR_INSUFFICIENT_DATA ); + TEST_ASSERT(status == PSA_SUCCESS || + status == PSA_ERROR_INSUFFICIENT_DATA); continue; - } - else if( expected_capacity == 0 || - output_sizes[i] > expected_capacity ) - { + } else if (expected_capacity == 0 || + output_sizes[i] > expected_capacity) { /* Capacity exceeded. */ - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_DATA); expected_capacity = 0; continue; } /* Success. Check the read data. */ - PSA_ASSERT( status ); - if( output_sizes[i] != 0 ) - ASSERT_COMPARE( output_buffer, output_sizes[i], - expected_outputs[i], output_sizes[i] ); + PSA_ASSERT(status); + if (output_sizes[i] != 0) { + TEST_MEMORY_COMPARE(output_buffer, output_sizes[i], + expected_outputs[i], output_sizes[i]); + } /* Check the operation status. */ expected_capacity -= output_sizes[i]; - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( expected_capacity, current_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(expected_capacity, current_capacity); } - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); exit: - mbedtls_free( output_buffer ); - psa_key_derivation_abort( &operation ); - for( i = 0; i < ARRAY_LENGTH( keys ); i++ ) - psa_destroy_key( keys[i] ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_key_derivation_abort(&operation); + for (i = 0; i < ARRAY_LENGTH(keys); i++) { + psa_destroy_key(keys[i]); + } + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_full( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int requested_capacity_arg ) +void derive_full(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int requested_capacity_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -4719,62 +4793,63 @@ void derive_full( int alg_arg, size_t current_capacity; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, key, alg, - input1->x, input1->len, - input2->x, input2->len, - requested_capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, key, alg, + input1->x, input1->len, + input2->x, input2->len, + requested_capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, expected_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, expected_capacity); /* Expansion phase. */ - while( current_capacity > 0 ) - { - size_t read_size = sizeof( output_buffer ); - if( read_size > current_capacity ) + while (current_capacity > 0) { + size_t read_size = sizeof(output_buffer); + if (read_size > current_capacity) { read_size = current_capacity; - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - read_size ) ); + } + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, + read_size)); expected_capacity -= read_size; - PSA_ASSERT( psa_key_derivation_get_capacity( &operation, - ¤t_capacity ) ); - TEST_EQUAL( current_capacity, expected_capacity ); + PSA_ASSERT(psa_key_derivation_get_capacity(&operation, + ¤t_capacity)); + TEST_EQUAL(current_capacity, expected_capacity); } /* Check that the operation refuses to go over capacity. */ - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output_buffer, 1 ), - PSA_ERROR_INSUFFICIENT_DATA ); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output_buffer, 1), + PSA_ERROR_INSUFFICIENT_DATA); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_abort(&operation)); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_exercise( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int derived_type_arg, - int derived_bits_arg, - int derived_usage_arg, - int derived_alg_arg ) +void derive_key_exercise(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int derived_type_arg, + int derived_bits_arg, + int derived_usage_arg, + int derived_alg_arg) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4783,63 +4858,65 @@ void derive_key_exercise( int alg_arg, size_t derived_bits = derived_bits_arg; psa_key_usage_t derived_usage = derived_usage_arg; psa_algorithm_t derived_alg = derived_alg_arg; - size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); + size_t capacity = PSA_BITS_TO_BYTES(derived_bits); psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &base_key)); /* Derive a key. */ - if ( mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - psa_set_key_usage_flags( &attributes, derived_usage ); - psa_set_key_algorithm( &attributes, derived_alg ); - psa_set_key_type( &attributes, derived_type ); - psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, - &derived_key ) ); + psa_set_key_usage_flags(&attributes, derived_usage); + psa_set_key_algorithm(&attributes, derived_alg); + psa_set_key_type(&attributes, derived_type); + psa_set_key_bits(&attributes, derived_bits); + PSA_ASSERT(psa_key_derivation_output_key(&attributes, &operation, + &derived_key)); /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( derived_key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), derived_type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), derived_bits ); + PSA_ASSERT(psa_get_key_attributes(derived_key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), derived_type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), derived_bits); /* Exercise the derived key. */ - if( ! mbedtls_test_psa_exercise_key( derived_key, derived_usage, derived_alg ) ) + if (!mbedtls_test_psa_exercise_key(derived_key, derived_usage, derived_alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key_export( int alg_arg, - data_t *key_data, - data_t *input1, - data_t *input2, - int bytes1_arg, - int bytes2_arg ) +void derive_key_export(int alg_arg, + data_t *key_data, + data_t *input1, + data_t *input2, + int bytes1_arg, + int bytes2_arg) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4854,74 +4931,76 @@ void derive_key_export( int alg_arg, psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; size_t length; - ASSERT_ALLOC( output_buffer, capacity ); - ASSERT_ALLOC( export_buffer, capacity ); - PSA_ASSERT( psa_crypto_init( ) ); + TEST_CALLOC(output_buffer, capacity); + TEST_CALLOC(export_buffer, capacity); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len, + &base_key)); /* Derive some material and output it. */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output_buffer, - capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output_buffer, + capacity)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); /* Derive the same output again, but this time store it in key objects. */ - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - capacity ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + capacity)) { goto exit; + } - psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &derived_attributes, 0 ); - psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_key ) ); - PSA_ASSERT( psa_export_key( derived_key, - export_buffer, bytes1, - &length ) ); - TEST_EQUAL( length, bytes1 ); - PSA_ASSERT( psa_destroy_key( derived_key ) ); - psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, - &derived_key ) ); - PSA_ASSERT( psa_export_key( derived_key, - export_buffer + bytes1, bytes2, - &length ) ); - TEST_EQUAL( length, bytes2 ); + psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&derived_attributes, 0); + psa_set_key_type(&derived_attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes1)); + PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation, + &derived_key)); + PSA_ASSERT(psa_export_key(derived_key, + export_buffer, bytes1, + &length)); + TEST_EQUAL(length, bytes1); + PSA_ASSERT(psa_destroy_key(derived_key)); + psa_set_key_bits(&derived_attributes, PSA_BYTES_TO_BITS(bytes2)); + PSA_ASSERT(psa_key_derivation_output_key(&derived_attributes, &operation, + &derived_key)); + PSA_ASSERT(psa_export_key(derived_key, + export_buffer + bytes1, bytes2, + &length)); + TEST_EQUAL(length, bytes2); /* Compare the outputs from the two runs. */ - ASSERT_COMPARE( output_buffer, bytes1 + bytes2, - export_buffer, capacity ); + TEST_MEMORY_COMPARE(output_buffer, bytes1 + bytes2, + export_buffer, capacity); exit: - mbedtls_free( output_buffer ); - mbedtls_free( export_buffer ); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + mbedtls_free(export_buffer); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void derive_key( int alg_arg, - data_t *key_data, data_t *input1, data_t *input2, - int type_arg, int bits_arg, - int expected_status_arg, - int is_large_output ) +void derive_key(int alg_arg, + data_t *key_data, data_t *input1, data_t *input2, + int type_arg, int bits_arg, + int expected_status_arg, + int is_large_output) { mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t derived_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -4933,46 +5012,48 @@ void derive_key( int alg_arg, psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &base_attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, key_data->x, key_data->len, - &base_key ) ); + psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, key_data->x, key_data->len, + &base_key)); - if( !mbedtls_test_psa_setup_key_derivation_wrap( &operation, base_key, alg, - input1->x, input1->len, - input2->x, input2->len, - SIZE_MAX ) ) + if (!mbedtls_test_psa_setup_key_derivation_wrap(&operation, base_key, alg, + input1->x, input1->len, + input2->x, input2->len, + SIZE_MAX)) { goto exit; + } - psa_set_key_usage_flags( &derived_attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &derived_attributes, 0 ); - psa_set_key_type( &derived_attributes, type ); - psa_set_key_bits( &derived_attributes, bits ); + psa_set_key_usage_flags(&derived_attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&derived_attributes, 0); + psa_set_key_type(&derived_attributes, type); + psa_set_key_bits(&derived_attributes, bits); psa_status_t status = - psa_key_derivation_output_key( &derived_attributes, - &operation, - &derived_key ); - if( is_large_output > 0 ) - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status, expected_status ); + psa_key_derivation_output_key(&derived_attributes, + &operation, + &derived_key); + if (is_large_output > 0) { + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + } + TEST_EQUAL(status, expected_status); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( derived_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(derived_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_setup( int alg_arg, - int our_key_type_arg, int our_key_alg_arg, - data_t *our_key_data, data_t *peer_key_data, - int expected_status_arg ) +void key_agreement_setup(int alg_arg, + int our_key_type_arg, int our_key_alg_arg, + data_t *our_key_data, data_t *peer_key_data, + int expected_status_arg) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -4983,45 +5064,42 @@ void key_agreement_setup( int alg_arg, psa_status_t expected_status = expected_status_arg; psa_status_t status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, our_key_alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, our_key_alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); /* The tests currently include inputs that should fail at either step. * Test cases that fail at the setup step should be changed to call * key_derivation_setup instead, and this function should be renamed * to key_agreement_fail. */ - status = psa_key_derivation_setup( &operation, alg ); - if( status == PSA_SUCCESS ) - { - TEST_EQUAL( psa_key_derivation_key_agreement( - &operation, PSA_KEY_DERIVATION_INPUT_SECRET, - our_key, - peer_key_data->x, peer_key_data->len ), - expected_status ); - } - else - { - TEST_ASSERT( status == expected_status ); + status = psa_key_derivation_setup(&operation, alg); + if (status == PSA_SUCCESS) { + TEST_EQUAL(psa_key_derivation_key_agreement( + &operation, PSA_KEY_DERIVATION_INPUT_SECRET, + our_key, + peer_key_data->x, peer_key_data->len), + expected_status); + } else { + TEST_ASSERT(status == expected_status); } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void raw_key_agreement( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - data_t *expected_output ) +void raw_key_agreement(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5031,42 +5109,72 @@ void raw_key_agreement( int alg_arg, size_t output_length = ~0; size_t key_bits; - ASSERT_ALLOC( output, expected_output->len ); - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); - - PSA_ASSERT( psa_get_key_attributes( our_key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); - - PSA_ASSERT( psa_raw_key_agreement( alg, our_key, - peer_key_data->x, peer_key_data->len, - output, expected_output->len, - &output_length ) ); - ASSERT_COMPARE( output, output_length, - expected_output->x, expected_output->len ); - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE( our_key_type, key_bits ) ); - TEST_ASSERT( output_length <= - PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE ); + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); + + PSA_ASSERT(psa_get_key_attributes(our_key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Validate size macros */ + TEST_LE_U(expected_output->len, + PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits)); + TEST_LE_U(PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(our_key_type, key_bits), + PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); + + /* Good case with exact output size */ + TEST_CALLOC(output, expected_output->len); + PSA_ASSERT(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len, + &output_length)); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); + mbedtls_free(output); + output = NULL; + output_length = ~0; + + /* Larger buffer */ + TEST_CALLOC(output, expected_output->len + 1); + PSA_ASSERT(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len + 1, + &output_length)); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); + mbedtls_free(output); + output = NULL; + output_length = ~0; + + /* Buffer too small */ + TEST_CALLOC(output, expected_output->len - 1); + TEST_EQUAL(psa_raw_key_agreement(alg, our_key, + peer_key_data->x, peer_key_data->len, + output, expected_output->len - 1, + &output_length), + PSA_ERROR_BUFFER_TOO_SMALL); + /* Not required by the spec, but good robustness */ + TEST_LE_U(output_length, expected_output->len - 1); + mbedtls_free(output); + output = NULL; exit: - mbedtls_free( output ); - psa_destroy_key( our_key ); - PSA_DONE( ); + mbedtls_free(output); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_capacity( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - int expected_capacity_arg ) +void key_agreement_capacity(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + int expected_capacity_arg) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5076,57 +5184,55 @@ void key_agreement_capacity( int alg_arg, size_t actual_capacity; unsigned char output[16]; - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); - - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, our_key, - peer_key_data->x, peer_key_data->len ) ); - if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) - { + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); + + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len)); + if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_ASSERT(psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); } - /* Test the advertized capacity. */ - PSA_ASSERT( psa_key_derivation_get_capacity( - &operation, &actual_capacity ) ); - TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); + /* Test the advertised capacity. */ + PSA_ASSERT(psa_key_derivation_get_capacity( + &operation, &actual_capacity)); + TEST_EQUAL(actual_capacity, (size_t) expected_capacity_arg); /* Test the actual capacity by reading the output. */ - while( actual_capacity > sizeof( output ) ) - { - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, sizeof( output ) ) ); - actual_capacity -= sizeof( output ); + while (actual_capacity > sizeof(output)) { + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, sizeof(output))); + actual_capacity -= sizeof(output); } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - output, actual_capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ), - PSA_ERROR_INSUFFICIENT_DATA ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + output, actual_capacity)); + TEST_EQUAL(psa_key_derivation_output_bytes(&operation, output, 1), + PSA_ERROR_INSUFFICIENT_DATA); exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_output( int alg_arg, - int our_key_type_arg, data_t *our_key_data, - data_t *peer_key_data, - data_t *expected_output1, data_t *expected_output2 ) +void key_agreement_output(int alg_arg, + int our_key_type_arg, data_t *our_key_data, + data_t *peer_key_data, + data_t *expected_output1, data_t *expected_output2) { mbedtls_svc_key_id_t our_key = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t alg = alg_arg; @@ -5135,55 +5241,53 @@ void key_agreement_output( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; - ASSERT_ALLOC( actual_output, MAX( expected_output1->len, - expected_output2->len ) ); + TEST_CALLOC(actual_output, MAX(expected_output1->len, + expected_output2->len)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, our_key_type ); - PSA_ASSERT( psa_import_key( &attributes, - our_key_data->x, our_key_data->len, - &our_key ) ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, our_key_type); + PSA_ASSERT(psa_import_key(&attributes, + our_key_data->x, our_key_data->len, + &our_key)); - PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, our_key, - peer_key_data->x, peer_key_data->len ) ); - if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) - { + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + PSA_ASSERT(psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, our_key, + peer_key_data->x, peer_key_data->len)); + if (PSA_ALG_IS_HKDF(PSA_ALG_KEY_AGREEMENT_GET_KDF(alg))) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &operation, - PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); + PSA_ASSERT(psa_key_derivation_input_bytes(&operation, + PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); } - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output1->len ) ); - ASSERT_COMPARE( actual_output, expected_output1->len, - expected_output1->x, expected_output1->len ); - if( expected_output2->len != 0 ) - { - PSA_ASSERT( psa_key_derivation_output_bytes( &operation, - actual_output, - expected_output2->len ) ); - ASSERT_COMPARE( actual_output, expected_output2->len, - expected_output2->x, expected_output2->len ); + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + actual_output, + expected_output1->len)); + TEST_MEMORY_COMPARE(actual_output, expected_output1->len, + expected_output1->x, expected_output1->len); + if (expected_output2->len != 0) { + PSA_ASSERT(psa_key_derivation_output_bytes(&operation, + actual_output, + expected_output2->len)); + TEST_MEMORY_COMPARE(actual_output, expected_output2->len, + expected_output2->x, expected_output2->len); } exit: - psa_key_derivation_abort( &operation ); - psa_destroy_key( our_key ); - PSA_DONE( ); - mbedtls_free( actual_output ); + psa_key_derivation_abort(&operation); + psa_destroy_key(our_key); + PSA_DONE(); + mbedtls_free(actual_output); } /* END_CASE */ /* BEGIN_CASE */ -void generate_random( int bytes_arg ) +void generate_random(int bytes_arg) { size_t bytes = bytes_arg; unsigned char *output = NULL; @@ -5191,51 +5295,50 @@ void generate_random( int bytes_arg ) size_t i; unsigned run; - TEST_ASSERT( bytes_arg >= 0 ); + TEST_ASSERT(bytes_arg >= 0); - ASSERT_ALLOC( output, bytes ); - ASSERT_ALLOC( changed, bytes ); + TEST_CALLOC(output, bytes); + TEST_CALLOC(changed, bytes); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Run several times, to ensure that every output byte will be * nonzero at least once with overwhelming probability * (2^(-8*number_of_runs)). */ - for( run = 0; run < 10; run++ ) - { - if( bytes != 0 ) - memset( output, 0, bytes ); - PSA_ASSERT( psa_generate_random( output, bytes ) ); + for (run = 0; run < 10; run++) { + if (bytes != 0) { + memset(output, 0, bytes); + } + PSA_ASSERT(psa_generate_random(output, bytes)); - for( i = 0; i < bytes; i++ ) - { - if( output[i] != 0 ) + for (i = 0; i < bytes; i++) { + if (output[i] != 0) { ++changed[i]; + } } } /* Check that every byte was changed to nonzero at least once. This * validates that psa_generate_random is overwriting every byte of * the output buffer. */ - for( i = 0; i < bytes; i++ ) - { - TEST_ASSERT( changed[i] != 0 ); + for (i = 0; i < bytes; i++) { + TEST_ASSERT(changed[i] != 0); } exit: - PSA_DONE( ); - mbedtls_free( output ); - mbedtls_free( changed ); + PSA_DONE(); + mbedtls_free(output); + mbedtls_free(changed); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key( int type_arg, - int bits_arg, - int usage_arg, - int alg_arg, - int expected_status_arg, - int is_large_key ) +void generate_key(int type_arg, + int bits_arg, + int usage_arg, + int alg_arg, + int expected_status_arg, + int is_large_key) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = type_arg; @@ -5246,47 +5349,50 @@ void generate_key( int type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); /* Generate a key */ - psa_status_t status = psa_generate_key( &attributes, &key ); + psa_status_t status = psa_generate_key(&attributes, &key); - if( is_large_key > 0 ) - TEST_ASSUME( status != PSA_ERROR_INSUFFICIENT_MEMORY ); - TEST_EQUAL( status , expected_status ); - if( expected_status != PSA_SUCCESS ) + if (is_large_key > 0) { + TEST_ASSUME(status != PSA_ERROR_INSUFFICIENT_MEMORY); + } + TEST_EQUAL(status, expected_status); + if (expected_status != PSA_SUCCESS) { goto exit; + } /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &got_attributes ) ); - TEST_EQUAL( psa_get_key_type( &got_attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &got_attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); + TEST_EQUAL(psa_get_key_type(&got_attributes), type); + TEST_EQUAL(psa_get_key_bits(&got_attributes), bits); /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &got_attributes ); + psa_reset_key_attributes(&got_attributes); - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_GENPRIME */ -void generate_key_rsa( int bits_arg, - data_t *e_arg, - int expected_status_arg ) +void generate_key_rsa(int bits_arg, + data_t *e_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t type = PSA_KEY_TYPE_RSA_KEY_PAIR; @@ -5297,56 +5403,58 @@ void generate_key_rsa( int bits_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *exported = NULL; size_t exported_size = - PSA_EXPORT_KEY_OUTPUT_SIZE( PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits ); + PSA_EXPORT_KEY_OUTPUT_SIZE(PSA_KEY_TYPE_RSA_PUBLIC_KEY, bits); size_t exported_length = SIZE_MAX; uint8_t *e_read_buffer = NULL; int is_default_public_exponent = 0; - size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE( type, bits ); + size_t e_read_size = PSA_KEY_DOMAIN_PARAMETERS_SIZE(type, bits); size_t e_read_length = SIZE_MAX; - if( e_arg->len == 0 || - ( e_arg->len == 3 && - e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1 ) ) - { + if (e_arg->len == 0 || + (e_arg->len == 3 && + e_arg->x[0] == 1 && e_arg->x[1] == 0 && e_arg->x[2] == 1)) { is_default_public_exponent = 1; e_read_size = 0; } - ASSERT_ALLOC( e_read_buffer, e_read_size ); - ASSERT_ALLOC( exported, exported_size ); + TEST_CALLOC(e_read_buffer, e_read_size); + TEST_CALLOC(exported, exported_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - PSA_ASSERT( psa_set_key_domain_parameters( &attributes, type, - e_arg->x, e_arg->len ) ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_set_key_domain_parameters(&attributes, type, + e_arg->x, e_arg->len)); + psa_set_key_bits(&attributes, bits); /* Generate a key */ - TEST_EQUAL( psa_generate_key( &attributes, &key ), expected_status ); - if( expected_status != PSA_SUCCESS ) + TEST_EQUAL(psa_generate_key(&attributes, &key), expected_status); + if (expected_status != PSA_SUCCESS) { goto exit; + } /* Test the key information */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - PSA_ASSERT( psa_get_key_domain_parameters( &attributes, - e_read_buffer, e_read_size, - &e_read_length ) ); - if( is_default_public_exponent ) - TEST_EQUAL( e_read_length, 0 ); - else - ASSERT_COMPARE( e_read_buffer, e_read_length, e_arg->x, e_arg->len ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + PSA_ASSERT(psa_get_key_domain_parameters(&attributes, + e_read_buffer, e_read_size, + &e_read_length)); + if (is_default_public_exponent) { + TEST_EQUAL(e_read_length, 0); + } else { + TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); + } /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { goto exit; + } /* Export the key and check the public exponent. */ - PSA_ASSERT( psa_export_public_key( key, - exported, exported_size, - &exported_length ) ); + PSA_ASSERT(psa_export_public_key(key, + exported, exported_size, + &exported_length)); { uint8_t *p = exported; uint8_t *end = exported + exported_length; @@ -5355,26 +5463,24 @@ void generate_key_rsa( int bits_arg, * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ - TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_SEQUENCE | - MBEDTLS_ASN1_CONSTRUCTED ) ); - TEST_ASSERT( mbedtls_test_asn1_skip_integer( &p, end, bits, bits, 1 ) ); - TEST_EQUAL( 0, mbedtls_asn1_get_tag( &p, end, &len, - MBEDTLS_ASN1_INTEGER ) ); - if( len >= 1 && p[0] == 0 ) - { + TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_SEQUENCE | + MBEDTLS_ASN1_CONSTRUCTED)); + TEST_ASSERT(mbedtls_test_asn1_skip_integer(&p, end, bits, bits, 1)); + TEST_EQUAL(0, mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_INTEGER)); + if (len >= 1 && p[0] == 0) { ++p; --len; } - if( e_arg->len == 0 ) - { - TEST_EQUAL( len, 3 ); - TEST_EQUAL( p[0], 1 ); - TEST_EQUAL( p[1], 0 ); - TEST_EQUAL( p[2], 1 ); + if (e_arg->len == 0) { + TEST_EQUAL(len, 3); + TEST_EQUAL(p[0], 1); + TEST_EQUAL(p[1], 0); + TEST_EQUAL(p[2], 1); + } else { + TEST_MEMORY_COMPARE(p, len, e_arg->x, e_arg->len); } - else - ASSERT_COMPARE( p, len, e_arg->x, e_arg->len ); } exit: @@ -5382,22 +5488,22 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() or * set by psa_set_key_domain_parameters() thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( e_read_buffer ); - mbedtls_free( exported ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(e_read_buffer); + mbedtls_free(exported); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void persistent_key_load_key_from_storage( data_t *data, - int type_arg, int bits_arg, - int usage_flags_arg, int alg_arg, - int generation_method ) +void persistent_key_load_key_from_storage(data_t *data, + int type_arg, int bits_arg, + int usage_flags_arg, int alg_arg, + int generation_method) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 1); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t base_key = MBEDTLS_SVC_KEY_ID_INIT; @@ -5408,130 +5514,128 @@ void persistent_key_load_key_from_storage( data_t *data, psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; - size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE( type, bits ); + size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits); size_t first_exported_length; size_t second_exported_length; - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - ASSERT_ALLOC( first_export, export_size ); - ASSERT_ALLOC( second_export, export_size ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + TEST_CALLOC(first_export, export_size); + TEST_CALLOC(second_export, export_size); } - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); + psa_set_key_id(&attributes, key_id); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); - switch( generation_method ) - { + switch (generation_method) { case IMPORT_KEY: /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, + &key)); break; case GENERATE_KEY: /* Generate a key */ - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); + PSA_ASSERT(psa_generate_key(&attributes, &key)); break; case DERIVE_KEY: #if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256) - { - /* Create base key */ - psa_algorithm_t derive_alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); - psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_usage_flags( &base_attributes, - PSA_KEY_USAGE_DERIVE ); - psa_set_key_algorithm( &base_attributes, derive_alg ); - psa_set_key_type( &base_attributes, PSA_KEY_TYPE_DERIVE ); - PSA_ASSERT( psa_import_key( &base_attributes, - data->x, data->len, - &base_key ) ); - /* Derive a key. */ - PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); - PSA_ASSERT( psa_key_derivation_input_key( - &operation, - PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( - &operation, PSA_KEY_DERIVATION_INPUT_INFO, - NULL, 0 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, - &operation, - &key ) ); - PSA_ASSERT( psa_key_derivation_abort( &operation ) ); - PSA_ASSERT( psa_destroy_key( base_key ) ); - base_key = MBEDTLS_SVC_KEY_ID_INIT; - } + { + /* Create base key */ + psa_algorithm_t derive_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); + psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_usage_flags(&base_attributes, + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&base_attributes, derive_alg); + psa_set_key_type(&base_attributes, PSA_KEY_TYPE_DERIVE); + PSA_ASSERT(psa_import_key(&base_attributes, + data->x, data->len, + &base_key)); + /* Derive a key. */ + PSA_ASSERT(psa_key_derivation_setup(&operation, derive_alg)); + PSA_ASSERT(psa_key_derivation_input_key( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, base_key)); + PSA_ASSERT(psa_key_derivation_input_bytes( + &operation, PSA_KEY_DERIVATION_INPUT_INFO, + NULL, 0)); + PSA_ASSERT(psa_key_derivation_output_key(&attributes, + &operation, + &key)); + PSA_ASSERT(psa_key_derivation_abort(&operation)); + PSA_ASSERT(psa_destroy_key(base_key)); + base_key = MBEDTLS_SVC_KEY_ID_INIT; + } #else - TEST_ASSUME( ! "KDF not supported in this configuration" ); + TEST_ASSUME(!"KDF not supported in this configuration"); #endif break; default: - TEST_ASSERT( ! "generation_method not implemented in test" ); + TEST_FAIL("generation_method not implemented in test"); break; } - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); /* Export the key if permitted by the key policy. */ - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( key, - first_export, export_size, - &first_exported_length ) ); - if( generation_method == IMPORT_KEY ) - ASSERT_COMPARE( data->x, data->len, - first_export, first_exported_length ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(key, + first_export, export_size, + &first_exported_length)); + if (generation_method == IMPORT_KEY) { + TEST_MEMORY_COMPARE(data->x, data->len, + first_export, first_exported_length); + } } /* Shutdown and restart */ - PSA_ASSERT( psa_purge_key( key ) ); + PSA_ASSERT(psa_purge_key(key)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); /* Check key slot still contains key data */ - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); /* Export the key again if permitted by the key policy. */ - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( key, - second_export, export_size, - &second_exported_length ) ); - ASSERT_COMPARE( first_export, first_exported_length, - second_export, second_exported_length ); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(key, + second_export, export_size, + &second_exported_length)); + TEST_MEMORY_COMPARE(first_export, first_exported_length, + second_export, second_exported_length); } /* Do something with the key according to its type and permitted usage. */ - if( ! mbedtls_test_psa_exercise_key( key, usage_flags, alg ) ) + if (!mbedtls_test_psa_exercise_key(key, usage_flags, alg)) { goto exit; + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( first_export ); - mbedtls_free( second_export ); - psa_key_derivation_abort( &operation ); - psa_destroy_key( base_key ); - psa_destroy_key( key ); + mbedtls_free(first_export); + mbedtls_free(second_export); + psa_key_derivation_abort(&operation); + psa_destroy_key(base_key); + psa_destroy_key(key); PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_attributes.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_attributes.function index ce34fae74ba..c933cb72425 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_attributes.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_attributes.function @@ -8,12 +8,12 @@ */ /* BEGIN_CASE */ -void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg, - int usage_flags_arg, int alg_arg, - int type_arg, int bits_arg ) +void attributes_set_get(int owner_id_arg, int id_arg, int lifetime_arg, + int usage_flags_arg, int alg_arg, + int type_arg, int bits_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_key_lifetime_t lifetime = lifetime_arg; psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; @@ -21,109 +21,112 @@ void attributes_set_get( int owner_id_arg, int id_arg, int lifetime_arg, size_t bits = bits_arg; TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), usage_flags ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); - - psa_reset_key_attributes( &attributes ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), usage_flags); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + + psa_reset_key_attributes(&attributes); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( psa_get_key_id( &attributes ) ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(psa_get_key_id(&attributes)), 0); TEST_EQUAL( - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( psa_get_key_id( &attributes ) ), 0 ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), 0 ); + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(psa_get_key_id(&attributes)), 0); + TEST_EQUAL(psa_get_key_lifetime(&attributes), 0); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), 0); + TEST_EQUAL(psa_get_key_bits(&attributes), 0); } /* END_CASE */ /* BEGIN_CASE */ -void persistence_attributes( int id1_arg, int owner_id1_arg, int lifetime_arg, - int id2_arg, int owner_id2_arg, - int expected_id_arg, int expected_owner_id_arg, - int expected_lifetime_arg ) +void persistence_attributes(int id1_arg, int owner_id1_arg, int lifetime_arg, + int id2_arg, int owner_id2_arg, + int expected_id_arg, int expected_owner_id_arg, + int expected_lifetime_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t id1 = - mbedtls_svc_key_id_make( owner_id1_arg, id1_arg ); + mbedtls_svc_key_id_make(owner_id1_arg, id1_arg); psa_key_lifetime_t lifetime = lifetime_arg; mbedtls_svc_key_id_t id2 = - mbedtls_svc_key_id_make( owner_id2_arg, id2_arg ); + mbedtls_svc_key_id_make(owner_id2_arg, id2_arg); mbedtls_svc_key_id_t expected_id = - mbedtls_svc_key_id_make( expected_owner_id_arg, expected_id_arg ); + mbedtls_svc_key_id_make(expected_owner_id_arg, expected_id_arg); psa_key_lifetime_t expected_lifetime = expected_lifetime_arg; - if( id1_arg != -1 ) - psa_set_key_id( &attributes, id1 ); - if( lifetime_arg != -1 ) - psa_set_key_lifetime( &attributes, lifetime ); - if( id2_arg != -1 ) - psa_set_key_id( &attributes, id2 ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), expected_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), expected_lifetime ); + if (id1_arg != -1) { + psa_set_key_id(&attributes, id1); + } + if (lifetime_arg != -1) { + psa_set_key_lifetime(&attributes, lifetime); + } + if (id2_arg != -1) { + psa_set_key_id(&attributes, id2); + } + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), expected_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), expected_lifetime); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_SE_C */ -void slot_number_attribute( ) +void slot_number_attribute() { psa_key_slot_number_t slot_number = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; /* Initially, there is no slot number. */ - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Test setting a slot number. */ - psa_set_key_slot_number( &attributes, 0 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 0 ); + psa_set_key_slot_number(&attributes, 0); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 0); /* Test changing the slot number. */ - psa_set_key_slot_number( &attributes, 42 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 42 ); + psa_set_key_slot_number(&attributes, 42); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 42); /* Test clearing the slot number. */ - psa_clear_key_slot_number( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_clear_key_slot_number(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Clearing again should have no effect. */ - psa_clear_key_slot_number( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_clear_key_slot_number(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); /* Test that reset clears the slot number. */ - psa_set_key_slot_number( &attributes, 42 ); - PSA_ASSERT( psa_get_key_slot_number( &attributes, &slot_number ) ); - TEST_EQUAL( slot_number, 42 ); - psa_reset_key_attributes( &attributes ); - TEST_EQUAL( psa_get_key_slot_number( &attributes, &slot_number ), - PSA_ERROR_INVALID_ARGUMENT ); + psa_set_key_slot_number(&attributes, 42); + PSA_ASSERT(psa_get_key_slot_number(&attributes, &slot_number)); + TEST_EQUAL(slot_number, 42); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(psa_get_key_slot_number(&attributes, &slot_number), + PSA_ERROR_INVALID_ARGUMENT); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.data index ea6c9b32c4c..e14516b0f78 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -1,68 +1,238 @@ -sign_hash through transparent driver: calculate in driver -ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS +sign_hash transparent driver: in driver ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS -sign_hash through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_sign_hash:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS +sign_hash transparent driver: fallback ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS -sign_hash through transparent driver: error -ecdsa_sign_hash:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR +sign_hash transparent driver: error ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR -sign_hash through transparent driver: fake -ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS +sign_hash transparent driver: fake ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS -verify_hash using private key through transparent driver: calculate in driver -ecdsa_verify_hash:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +sign_hash transparent driver: in driver RSA PKCS#1 v1.5, raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS -verify_hash using private key through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +sign_hash transparent driver: fallback RSA PKCS#1 v1.5, raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS -verify_hash using private key through transparent driver: error -ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR +sign_hash transparent driver: error RSA PKCS#1 v1.5, raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_ERROR_GENERIC_ERROR -verify_hash using public key through transparent driver: calculate in driver -ecdsa_verify_hash:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +sign_hash transparent driver: fake RSA PKCS#1 v1.5, raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":1:PSA_SUCCESS -verify_hash using public key through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +sign_hash transparent driver: in driver RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS -verify_hash using public key through transparent driver: error -ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR +sign_hash transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS -sign_message through transparent driver: calculate in driver -ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS +sign_hash transparent driver: error RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR -sign_message through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_sign_message:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS +sign_hash transparent driver: fake RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS -sign_message through transparent driver: error -ecdsa_sign_message:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR +verify_hash transparent driver: in driver ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS -sign_message through transparent driver: fake -ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS +verify_hash transparent driver: fallback ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS -verify_message using private key through transparent driver: calculate in driver -ecdsa_verify_message:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS +verify_hash transparent driver: error ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR -verify_message using private key through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS +verify_hash transparent driver: in driver Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS -verify_message using private key through transparent driver: error -ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR +verify_hash transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS -verify_message using public key through transparent driver: calculate in driver -ecdsa_verify_message:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS +verify_hash transparent driver: error Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR -verify_message using public key through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS +verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS -verify_message using public key through transparent driver: error -ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR +verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS + +verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 raw +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_ERROR_GENERIC_ERROR + +verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR + +verify_hash transparent driver: in driver Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_hash transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_hash transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR + +verify_hash transparent driver: in driver Public Key RSA-1024 PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS + +verify_hash transparent driver: fallback Public Key RSA-1024 PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS + +verify_hash transparent driver: error Public Key RSA-1024 PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR + +verify_hash transparent driver: in driver Public Key RSA-1024 PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS + +verify_hash transparent driver: fallback Public Key RSA-1024 PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS + +verify_hash transparent driver: error Public Key RSA-1024 PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR + +sign_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS + +sign_message transparent driver: fallback ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS + +sign_message transparent driver: error ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR + +sign_message transparent driver: fake ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS + +sign_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS + +sign_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS + +sign_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR + +sign_message transparent driver: fake RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS + +verify_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message transparent driver: fallback ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message transparent driver: error ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR + +verify_message transparent driver: calculate in driver Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message transparent driver: error Public Key ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR + +verify_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR + +verify_message transparent driver: calculate in driver Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_message transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS + +verify_message transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR + +verify_message transparent driver: calculate in driver Public Key RSA PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS + +verify_message transparent driver: fallback Public Key RSA PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS + +verify_message transparent driver: error Public Key RSA PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_ERROR_GENERIC_ERROR + +verify_message transparent driver: calculate in driver Public Key RSA PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS + +verify_message transparent driver: fallback Public Key RSA PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS + +verify_message transparent driver: error Public Key RSA PSS-any-salt SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_ERROR_GENERIC_ERROR generate_key through transparent driver: fake generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS @@ -83,23 +253,23 @@ generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR validate key through transparent driver: good private key depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS +validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: good public key depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 -validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS +validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: fallback private key depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 -validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS +validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: fallback public key depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 -validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS +validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: error depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR +validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR export_key private to public through driver: fake depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 38c154e0226..b789908d0f5 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -7,317 +7,346 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ -void ecdsa_sign_hash( int force_status_arg, - data_t *key_input, - data_t *data_input, - data_t *expected_output, - int fake_output, - int expected_status_arg ) +/* BEGIN_CASE */ +void sign_hash(int key_type_arg, + int alg_arg, + int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); - uint8_t signature[64]; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + psa_key_type_t key_type = key_type_arg; + unsigned char *signature = NULL; + size_t signature_size; size_t signature_length = 0xdeadbeef; psa_status_t actual_status; mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, + key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; - if( fake_output == 1 ) - { + if (fake_output == 1) { mbedtls_test_driver_signature_sign_hooks.forced_output = expected_output->x; mbedtls_test_driver_signature_sign_hooks.forced_output_length = expected_output->len; } - actual_status = psa_sign_hash( key, alg, - data_input->x, data_input->len, - signature, sizeof( signature ), - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( signature, signature_length, - expected_output->x, expected_output->len ); + /* Allocate a buffer which has the size advertized by the + * library. */ + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + + TEST_ASSERT(signature_size != 0); + TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + actual_status = psa_sign_hash(key, alg, + data_input->x, data_input->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } - TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ -void ecdsa_verify_hash( int force_status_arg, - int register_public_key, - data_t *key_input, - data_t *data_input, - data_t *signature_input, - int expected_status_arg ) +/* BEGIN_CASE */ +void verify_hash(int key_type_arg, + int key_type_public_arg, + int alg_arg, + int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; + psa_algorithm_t alg = alg_arg; + psa_key_type_t key_type = key_type_arg; + psa_key_type_t key_type_public = key_type_public_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - if( register_public_key ) - { - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); - } - else - { - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + if (register_public_key) { + psa_set_key_type(&attributes, key_type_public); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); + } else { + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); } mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; - actual_status = psa_verify_hash( key, alg, - data_input->x, data_input->len, - signature_input->x, signature_input->len ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); + actual_status = psa_verify_hash(key, alg, + data_input->x, data_input->len, + signature_input->x, signature_input->len); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits, 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ -void ecdsa_sign_message( int force_status_arg, - data_t *key_input, - data_t *data_input, - data_t *expected_output, - int fake_output, - int expected_status_arg ) +/* BEGIN_CASE */ +void sign_message(int key_type_arg, + int alg_arg, + int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); - uint8_t signature[64]; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + psa_key_type_t key_type = key_type_arg; + unsigned char *signature = NULL; + size_t signature_size; size_t signature_length = 0xdeadbeef; psa_status_t actual_status; mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; - if( fake_output == 1 ) - { + if (fake_output == 1) { mbedtls_test_driver_signature_sign_hooks.forced_output = expected_output->x; mbedtls_test_driver_signature_sign_hooks.forced_output_length = expected_output->len; } - actual_status = psa_sign_message( key, alg, - data_input->x, data_input->len, - signature, sizeof( signature ), - &signature_length ); - TEST_EQUAL( actual_status, expected_status ); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( signature, signature_length, - expected_output->x, expected_output->len ); + /* Allocate a buffer which has the size advertized by the + * library. */ + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + + TEST_ASSERT(signature_size != 0); + TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + actual_status = psa_sign_message(key, alg, + data_input->x, data_input->len, + signature, signature_size, + &signature_length); + TEST_EQUAL(actual_status, expected_status); + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } /* In the builtin algorithm the driver is called twice. */ - TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, - force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); mbedtls_test_driver_signature_sign_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ -void ecdsa_verify_message( int force_status_arg, - int register_public_key, - data_t *key_input, - data_t *data_input, - data_t *signature_input, - int expected_status_arg ) +/* BEGIN_CASE */ +void verify_message(int key_type_arg, + int key_type_public_arg, + int alg_arg, + int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; + psa_algorithm_t alg = alg_arg; + psa_key_type_t key_type = key_type_arg; + psa_key_type_t key_type_public = key_type_public_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); - if( register_public_key ) - { - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); - } - else - { - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); - psa_set_key_algorithm( &attributes, alg ); - psa_import_key( &attributes, - key_input->x, key_input->len, - &key ); + PSA_ASSERT(psa_crypto_init()); + if (register_public_key) { + psa_set_key_type(&attributes, key_type_public); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); + } else { + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_import_key(&attributes, + key_input->x, key_input->len, + &key); } mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; - actual_status = psa_verify_message( key, alg, - data_input->x, data_input->len, - signature_input->x, signature_input->len ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_verify_message(key, alg, + data_input->x, data_input->len, + signature_input->x, signature_input->len); + TEST_EQUAL(actual_status, expected_status); /* In the builtin algorithm the driver is called twice. */ - TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, - force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); + TEST_EQUAL(mbedtls_test_driver_signature_verify_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ -void generate_key( int force_status_arg, - data_t *fake_output, - int expected_status_arg ) +void generate_key(int force_status_arg, + data_t *fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); + psa_algorithm_t alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256); const uint8_t *expected_output = NULL; size_t expected_output_length = 0; psa_status_t actual_status; - uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0}; + uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = { 0 }; size_t actual_output_length; mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); - psa_set_key_bits( &attributes, 256 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); + psa_set_key_bits(&attributes, 256); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); - if( fake_output->len > 0 ) - { + if (fake_output->len > 0) { expected_output = mbedtls_test_driver_key_management_hooks.forced_output = - fake_output->x; + fake_output->x; expected_output_length = mbedtls_test_driver_key_management_hooks.forced_output_length = - fake_output->len; + fake_output->len; } mbedtls_test_driver_key_management_hooks.hits = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - actual_status = psa_generate_key( &attributes, &key ); - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_generate_key(&attributes, &key); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + TEST_EQUAL(actual_status, expected_status); - if( actual_status == PSA_SUCCESS ) - { - psa_export_key( key, actual_output, sizeof(actual_output), &actual_output_length ); + if (actual_status == PSA_SUCCESS) { + psa_export_key(key, actual_output, sizeof(actual_output), &actual_output_length); - if( fake_output->len > 0 ) - { - ASSERT_COMPARE( actual_output, actual_output_length, - expected_output, expected_output_length ); - } - else - { + if (fake_output->len > 0) { + TEST_MEMORY_COMPARE(actual_output, actual_output_length, + expected_output, expected_output_length); + } else { size_t zeroes = 0; - for( size_t i = 0; i < sizeof(actual_output); i++ ) - { - if( actual_output[i] == 0) + for (size_t i = 0; i < sizeof(actual_output); i++) { + if (actual_output[i] == 0) { zeroes++; + } } - TEST_ASSERT( zeroes != sizeof(actual_output) ); + TEST_ASSERT(zeroes != sizeof(actual_output)); } } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void validate_key( int force_status_arg, - int key_type_arg, - data_t *key_input, - int expected_status_arg ) +void validate_key(int force_status_arg, + int location, + int owner_id_arg, + int id_arg, + int key_type_arg, + data_t *key_input, + int expected_status_arg) { + psa_key_lifetime_t lifetime = + PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, location); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; psa_key_type_t key_type = key_type_arg; @@ -327,35 +356,38 @@ void validate_key( int force_status_arg, mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_type( &attributes, - key_type ); - psa_set_key_bits( &attributes, 0 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_id(&attributes, id); + psa_set_key_type(&attributes, + key_type); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_bits(&attributes, 0); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); mbedtls_test_driver_key_management_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &key ); - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); - TEST_EQUAL( actual_status, expected_status ); + actual_status = psa_import_key(&attributes, key_input->x, key_input->len, &key); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.location, location); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void export_key( int force_status_arg, - data_t *fake_output, - int key_in_type_arg, - data_t *key_in, - int key_out_type_arg, - data_t *expected_output, - int expected_status_arg ) +void export_key(int force_status_arg, + data_t *fake_output, + int key_in_type_arg, + data_t *key_in, + int key_out_type_arg, + data_t *expected_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -366,30 +398,27 @@ void export_key( int force_status_arg, const uint8_t *expected_output_ptr = NULL; size_t expected_output_length = 0; psa_status_t actual_status; - uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = {0}; + uint8_t actual_output[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(256)] = { 0 }; size_t actual_output_length; mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); - psa_set_key_type( &attributes, input_key_type ); - psa_set_key_bits( &attributes, 256 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_type(&attributes, input_key_type); + psa_set_key_bits(&attributes, 256); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_import_key( &attributes, key_in->x, key_in->len, &handle ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_import_key(&attributes, key_in->x, key_in->len, &handle)); - if( fake_output->len > 0 ) - { + if (fake_output->len > 0) { expected_output_ptr = mbedtls_test_driver_key_management_hooks.forced_output = - fake_output->x; + fake_output->x; expected_output_length = mbedtls_test_driver_key_management_hooks.forced_output_length = - fake_output->len; - } - else - { + fake_output->len; + } else { expected_output_ptr = expected_output->x; expected_output_length = expected_output->len; } @@ -397,40 +426,47 @@ void export_key( int force_status_arg, mbedtls_test_driver_key_management_hooks.hits = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) ) - actual_status = psa_export_public_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); - else - actual_status = psa_export_key( handle, actual_output, sizeof(actual_output), &actual_output_length ); - TEST_EQUAL( actual_status, expected_status ); + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) { + actual_status = psa_export_public_key(handle, + actual_output, + sizeof(actual_output), + &actual_output_length); + } else { + actual_status = psa_export_key(handle, + actual_output, + sizeof(actual_output), + &actual_output_length); + } + TEST_EQUAL(actual_status, expected_status); - if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( output_key_type ) && - !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( input_key_type ) ) - TEST_EQUAL( mbedtls_test_driver_key_management_hooks.hits, 1 ); + if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) && + !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) { + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + } - if( actual_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( actual_output, actual_output_length, - expected_output_ptr, expected_output_length ); + if (actual_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(actual_output, actual_output_length, + expected_output_ptr, expected_output_length); } exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( handle ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(handle); + PSA_DONE(); mbedtls_test_driver_key_management_hooks = mbedtls_test_driver_key_management_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_validation( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *input ) +void cipher_encrypt_validation(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; psa_algorithm_t alg = alg_arg; - size_t iv_size = PSA_CIPHER_IV_LENGTH ( key_type, alg ); + size_t iv_size = PSA_CIPHER_IV_LENGTH(key_type, alg); unsigned char *output1 = NULL; size_t output1_buffer_size = 0; size_t output1_length = 0; @@ -442,81 +478,81 @@ void cipher_encrypt_validation( int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE( key_type, alg, input->len ); - output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE( key_type, alg, input->len ) + - PSA_CIPHER_FINISH_OUTPUT_SIZE( key_type, alg ); - ASSERT_ALLOC( output1, output1_buffer_size ); - ASSERT_ALLOC( output2, output2_buffer_size ); + output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); + output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); + TEST_CALLOC(output1, output1_buffer_size); + TEST_CALLOC(output2, output2_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt( key, alg, input->x, input->len, output1, - output1_buffer_size, &output1_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, + output1_buffer_size, &output1_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, output1, iv_size ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_set_iv(&operation, output1, iv_size)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_update( &operation, - input->x, input->len, - output2, output2_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, input->len, + output2, output2_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; output2_length += function_output_length; - PSA_ASSERT( psa_cipher_finish( &operation, - output2 + output2_length, - output2_buffer_size - output2_length, - &function_output_length ) ); + PSA_ASSERT(psa_cipher_finish(&operation, + output2 + output2_length, + output2_buffer_size - output2_length, + &function_output_length)); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); mbedtls_test_driver_cipher_hooks.hits = 0; output2_length += function_output_length; - PSA_ASSERT( psa_cipher_abort( &operation ) ); + PSA_ASSERT(psa_cipher_abort(&operation)); // driver function should've been called as part of the finish() core routine - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - ASSERT_COMPARE( output1 + iv_size, output1_length - iv_size, - output2, output2_length ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output1 ); - mbedtls_free( output2 ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output1); + mbedtls_free(output2); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_encrypt_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, - int output2_length_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_encrypt_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -538,117 +574,113 @@ void cipher_encrypt_multipart( int alg_arg, /* Test operation initialization */ mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; + MBEDTLS_PSA_CIPHER_OPERATION_INIT; - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_encrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = ((size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + TEST_CALLOC(output, output_buffer_size); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + TEST_ASSERT(first_part_size <= input->len); + PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output1_length ); + TEST_ASSERT(function_output_length == output1_length); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT(function_output_length == output2_length); total_output_length += function_output_length; } - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); - mbedtls_test_driver_cipher_hooks.hits = 0 ; + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0)); + mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt_multipart( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input, - int first_part_size_arg, - int output1_length_arg, - int output2_length_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_decrypt_multipart(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input, + int first_part_size_arg, + int output1_length_arg, + int output2_length_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -670,115 +702,111 @@ void cipher_decrypt_multipart( int alg_arg, /* Test operation initialization */ mbedtls_psa_cipher_operation_t mbedtls_operation = - MBEDTLS_PSA_CIPHER_OPERATION_INIT; + MBEDTLS_PSA_CIPHER_OPERATION_INIT; - mbedtls_transparent_test_driver_cipher_operation_t tranparent_operation = - MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; + mbedtls_transparent_test_driver_cipher_operation_t transparent_operation = + MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT; mbedtls_opaque_test_driver_cipher_operation_t opaque_operation = - MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; + MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT; operation.ctx.mbedtls_ctx = mbedtls_operation; - operation.ctx.transparent_test_driver_ctx = tranparent_operation; + operation.ctx.transparent_test_driver_ctx = transparent_operation; operation.ctx.opaque_test_driver_ctx = opaque_operation; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - PSA_ASSERT( psa_cipher_decrypt_setup( &operation, key, alg ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - PSA_ASSERT( psa_cipher_set_iv( &operation, iv->x, iv->len ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + PSA_ASSERT(psa_cipher_set_iv(&operation, iv->x, iv->len)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - output_buffer_size = ( (size_t) input->len + - PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = ((size_t) input->len + + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); + TEST_CALLOC(output, output_buffer_size); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - TEST_ASSERT( first_part_size <= input->len ); - PSA_ASSERT( psa_cipher_update( &operation, - input->x, first_part_size, - output, output_buffer_size, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + TEST_ASSERT(first_part_size <= input->len); + PSA_ASSERT(psa_cipher_update(&operation, + input->x, first_part_size, + output, output_buffer_size, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output1_length ); + TEST_ASSERT(function_output_length == output1_length); total_output_length += function_output_length; - if( first_part_size < input->len ) - { - PSA_ASSERT( psa_cipher_update( &operation, - input->x + first_part_size, - input->len - first_part_size, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 1 : 0 ) ); + if (first_part_size < input->len) { + PSA_ASSERT(psa_cipher_update(&operation, + input->x + first_part_size, + input->len - first_part_size, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 1 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_ASSERT( function_output_length == output2_length ); + TEST_ASSERT(function_output_length == output2_length); total_output_length += function_output_length; } - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = NULL; mbedtls_test_driver_cipher_hooks.forced_output_length = 0; } - status = psa_cipher_finish( &operation, - output + total_output_length, - output_buffer_size - total_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + total_output_length, + output_buffer_size - total_output_length, + &function_output_length); /* Finish will have called abort as well, so expecting two hits here */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, ( force_status == PSA_SUCCESS ? 2 : 0 ) ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, (force_status == PSA_SUCCESS ? 2 : 0)); mbedtls_test_driver_cipher_hooks.hits = 0; total_output_length += function_output_length; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_cipher_abort( &operation ) ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_cipher_abort(&operation)); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, total_output_length ); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_decrypt( int alg_arg, - int key_type_arg, - data_t *key_data, - data_t *iv, - data_t *input_arg, - data_t *expected_output, - int mock_output_arg, - int force_status_arg, - int expected_status_arg ) +void cipher_decrypt(int alg_arg, + int key_type_arg, + data_t *key_data, + data_t *iv, + data_t *input_arg, + data_t *expected_output, + int mock_output_arg, + int force_status_arg, + int expected_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -795,59 +823,56 @@ void cipher_decrypt( int alg_arg, mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); mbedtls_test_driver_cipher_hooks.forced_status = force_status; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); /* Allocate input buffer and copy the iv and the plaintext */ - input_buffer_size = ( (size_t) input_arg->len + (size_t) iv->len ); - if ( input_buffer_size > 0 ) - { - ASSERT_ALLOC( input, input_buffer_size ); - memcpy( input, iv->x, iv->len ); - memcpy( input + iv->len, input_arg->x, input_arg->len ); + input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); + if (input_buffer_size > 0) { + TEST_CALLOC(input, input_buffer_size); + memcpy(input, iv->x, iv->len); + memcpy(input + iv->len, input_arg->x, input_arg->len); } - output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE( key_type, alg, input_buffer_size ); - ASSERT_ALLOC( output, output_buffer_size ); + output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); + TEST_CALLOC(output, output_buffer_size); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - if( mock_output_arg ) - { + if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } - status = psa_cipher_decrypt( key, alg, input, input_buffer_size, output, - output_buffer_size, &output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); + status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, + output_buffer_size, &output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; - TEST_EQUAL( status, expected_status ); + TEST_EQUAL(status, expected_status); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_output->x, expected_output->len, - output, output_length ); + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, output_length); } exit: - mbedtls_free( input ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(input); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void cipher_entry_points( int alg_arg, int key_type_arg, - data_t *key_data, data_t *iv, - data_t *input ) +void cipher_entry_points(int alg_arg, int key_type_arg, + data_t *key_data, data_t *iv, + data_t *input) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; @@ -860,214 +885,214 @@ void cipher_entry_points( int alg_arg, int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - ASSERT_ALLOC( output, input->len + 16 ); + TEST_CALLOC(output, input->len + 16); output_buffer_size = input->len + 16; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); /* * Test encrypt failure * First test that if we don't force a driver error, encryption is - * successfull, then force driver error. + * successful, then force driver error. */ status = psa_cipher_encrypt( key, alg, input->x, input->len, - output, output_buffer_size, &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, PSA_SUCCESS ); + output, output_buffer_size, &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, PSA_SUCCESS); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ - for( size_t i = 0; i < output_buffer_size; i++ ) + for (size_t i = 0; i < output_buffer_size; i++) { output[i] = 0xa5; + } status = psa_cipher_encrypt( key, alg, input->x, input->len, - output, output_buffer_size, &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, PSA_ERROR_GENERIC_ERROR ); + output, output_buffer_size, &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* * Check that the output buffer is still in the same state. * This will fail if the output buffer is used by the core to pass the IV * it generated to the driver (and is not restored). */ - for( size_t i = 0; i < output_buffer_size; i++ ) - { - TEST_EQUAL( output[i], 0xa5 ); + for (size_t i = 0; i < output_buffer_size; i++) { + TEST_EQUAL(output[i], 0xa5); } mbedtls_test_driver_cipher_hooks.hits = 0; /* Test setup call, encrypt */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_encrypt_setup( &operation, key, alg ); + status = psa_cipher_encrypt_setup(&operation, key, alg); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); /* Test setup call failure, decrypt */ - status = psa_cipher_decrypt_setup( &operation, key, alg ); + status = psa_cipher_decrypt_setup(&operation, key, alg); /* When setup fails, it shouldn't call any further entry points */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); /* Test IV setting failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); /* When setting the IV fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test IV generation failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ - for( size_t i = 0; i < 16; i++ ) + for (size_t i = 0; i < 16; i++) { output[i] = 0xa5; + } - status = psa_cipher_generate_iv( &operation, output, 16, &function_output_length ); + status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length); /* When generating the IV fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* * Check that the output buffer is still in the same state. * This will fail if the output buffer is used by the core to pass the IV * it generated to the driver (and is not restored). */ - for( size_t i = 0; i < 16; i++ ) - { - TEST_EQUAL( output[i], 0xa5 ); + for (size_t i = 0; i < 16; i++) { + TEST_EQUAL(output[i], 0xa5); } /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test update failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); /* When the update call fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); /* Test finish failure */ mbedtls_test_driver_cipher_hooks.forced_status = PSA_SUCCESS; - status = psa_cipher_encrypt_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_encrypt_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_set_iv( &operation, iv->x, iv->len ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_set_iv(&operation, iv->x, iv->len); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 1 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; - status = psa_cipher_finish( &operation, - output + function_output_length, - output_buffer_size - function_output_length, - &function_output_length ); + status = psa_cipher_finish(&operation, + output + function_output_length, + output_buffer_size - function_output_length, + &function_output_length); /* When the finish call fails, it should call abort too */ - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 2 ); - TEST_EQUAL( status, mbedtls_test_driver_cipher_hooks.forced_status ); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* Failure should prevent further operations from executing on the driver */ mbedtls_test_driver_cipher_hooks.hits = 0; - status = psa_cipher_update( &operation, - input->x, input->len, - output, output_buffer_size, - &function_output_length ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_cipher_hooks.hits, 0 ); - psa_cipher_abort( &operation ); + status = psa_cipher_update(&operation, + input->x, input->len, + output, output_buffer_size, + &function_output_length); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); + psa_cipher_abort(&operation); exit: - psa_cipher_abort( &operation ); - mbedtls_free( output ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_cipher_abort(&operation); + mbedtls_free(output); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_encrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_result, - int forced_status_arg ) +void aead_encrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_result, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1081,62 +1106,61 @@ void aead_encrypt( int key_type_arg, data_t *key_data, psa_status_t status = PSA_ERROR_GENERIC_ERROR; mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_ENCRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len + PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); + output_size = input_data->len + PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); /* For all currently defined algorithms, PSA_AEAD_ENCRYPT_OUTPUT_SIZE * should be exact. */ - TEST_EQUAL( output_size, - PSA_AEAD_ENCRYPT_OUTPUT_SIZE( key_type, alg, input_data->len ) ); - TEST_ASSERT( output_size <= - PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE( input_data->len ) ); - ASSERT_ALLOC( output_data, output_size ); + TEST_EQUAL(output_size, + PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); + TEST_ASSERT(output_size <= + PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); + TEST_CALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; - status = psa_aead_encrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); - - TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? - PSA_SUCCESS : forced_status ); - - if( status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_result->x, expected_result->len, - output_data, output_length ); + status = psa_aead_encrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status); + + TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ? + PSA_SUCCESS : forced_status); + + if (status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void aead_decrypt( int key_type_arg, data_t *key_data, - int alg_arg, - data_t *nonce, - data_t *additional_data, - data_t *input_data, - data_t *expected_data, - int forced_status_arg ) +void aead_decrypt(int key_type_arg, data_t *key_data, + int alg_arg, + data_t *nonce, + data_t *additional_data, + data_t *input_data, + data_t *expected_data, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1150,56 +1174,55 @@ void aead_decrypt( int key_type_arg, data_t *key_data, psa_status_t status = PSA_ERROR_GENERIC_ERROR; mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_DECRYPT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - key_bits = psa_get_key_bits( &attributes ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); - output_size = input_data->len - PSA_AEAD_TAG_LENGTH( key_type, key_bits, - alg ); - ASSERT_ALLOC( output_data, output_size ); + output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits, + alg); + TEST_CALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; - status = psa_aead_decrypt( key, alg, - nonce->x, nonce->len, - additional_data->x, - additional_data->len, - input_data->x, input_data->len, - output_data, output_size, - &output_length ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_aead_hooks.driver_status, forced_status ); - - TEST_EQUAL( status, ( forced_status == PSA_ERROR_NOT_SUPPORTED ) ? - PSA_SUCCESS : forced_status ); - - if( status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_data->x, expected_data->len, - output_data, output_length ); + status = psa_aead_decrypt(key, alg, + nonce->x, nonce->len, + additional_data->x, + additional_data->len, + input_data->x, input_data->len, + output_data, output_size, + &output_length); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_aead_hooks.driver_status, forced_status); + + TEST_EQUAL(status, (forced_status == PSA_ERROR_NOT_SUPPORTED) ? + PSA_SUCCESS : forced_status); + + if (status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); } exit: - psa_destroy_key( key ); - mbedtls_free( output_data ); - PSA_DONE( ); + psa_destroy_key(key); + mbedtls_free(output_data); + PSA_DONE(); mbedtls_test_driver_aead_hooks = mbedtls_test_driver_aead_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_sign( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac, - int forced_status_arg ) +void mac_sign(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1208,125 +1231,124 @@ void mac_sign( int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_mac = NULL; size_t mac_buffer_size = - PSA_MAC_LENGTH( key_type, PSA_BYTES_TO_BITS( key_data->len ), alg ); + PSA_MAC_LENGTH(key_type, PSA_BYTES_TO_BITS(key_data->len), alg); size_t mac_length = 0; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t forced_status = forced_status_arg; mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); - TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT(mac_buffer_size <= PSA_MAC_MAX_SIZE); /* We expect PSA_MAC_LENGTH to be exact. */ - TEST_ASSERT( expected_mac->len == mac_buffer_size ); + TEST_ASSERT(expected_mac->len == mac_buffer_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); - ASSERT_ALLOC( actual_mac, mac_buffer_size ); + TEST_CALLOC(actual_mac, mac_buffer_size); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Calculate the MAC, one-shot case. */ - status = psa_mac_compute( key, alg, - input->x, input->len, - actual_mac, mac_buffer_size, - &mac_length ); - - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_compute(key, alg, + input->x, input->len, + actual_mac, mac_buffer_size, + &mac_length); + + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); } - else - TEST_EQUAL( forced_status, status ); - if( mac_buffer_size > 0 ) - memset( actual_mac, 0, mac_buffer_size ); + if (mac_buffer_size > 0) { + memset(actual_mac, 0, mac_buffer_size); + } mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Calculate the MAC, multipart case. */ - status = psa_mac_sign_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + status = psa_mac_sign_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); + } + + status = psa_mac_update(&operation, + input->x, input->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); + } - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_sign_finish(&operation, + actual_mac, mac_buffer_size, + &mac_length); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( forced_status, status ); - - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - status = psa_mac_sign_finish( &operation, - actual_mac, mac_buffer_size, - &mac_length ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + PSA_ASSERT(psa_mac_abort(&operation)); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - PSA_ASSERT( psa_mac_abort( &operation ) ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( expected_mac->x, expected_mac->len, - actual_mac, mac_length ); + + if (forced_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } - mbedtls_free( actual_mac ); + mbedtls_free(actual_mac); actual_mac = NULL; exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( actual_mac ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(actual_mac); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void mac_verify( int key_type_arg, - data_t *key_data, - int alg_arg, - data_t *input, - data_t *expected_mac, - int forced_status_arg ) +void mac_verify(int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input, + data_t *expected_mac, + int forced_status_arg) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -1337,33 +1359,32 @@ void mac_verify( int key_type_arg, psa_status_t forced_status = forced_status_arg; mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); - TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE ); + TEST_ASSERT(expected_mac->len <= PSA_MAC_MAX_SIZE); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, key_type ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* * Verify the MAC, one-shot case. */ - status = psa_mac_verify( key, alg, - input->x, input->len, - expected_mac->x, expected_mac->len ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + status = psa_mac_verify(key, alg, + input->x, input->len, + expected_mac->x, expected_mac->len); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); } - else - TEST_EQUAL( forced_status, status ); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); mbedtls_test_driver_mac_hooks.forced_status = forced_status; @@ -1371,70 +1392,70 @@ void mac_verify( int key_type_arg, /* * Verify the MAC, multi-part case. */ - status = psa_mac_verify_setup( &operation, key, alg ); - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + status = psa_mac_verify_setup(&operation, key, alg); + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(forced_status, status); + } + + status = psa_mac_update(&operation, + input->x, input->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 2); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( forced_status, status ); - - status = psa_mac_update( &operation, - input->x, input->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 2 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + status = psa_mac_verify_finish(&operation, + expected_mac->x, + expected_mac->len); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - - status = psa_mac_verify_finish( &operation, - expected_mac->x, - expected_mac->len ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); - - if( forced_status == PSA_SUCCESS || - forced_status == PSA_ERROR_NOT_SUPPORTED ) - { - PSA_ASSERT( status ); + + if (forced_status == PSA_SUCCESS || + forced_status == PSA_ERROR_NOT_SUPPORTED) { + PSA_ASSERT(status); + } else { + TEST_EQUAL(PSA_ERROR_BAD_STATE, status); } - else - TEST_EQUAL( PSA_ERROR_BAD_STATE, status ); - PSA_ASSERT( psa_mac_abort( &operation ) ); - if( forced_status == PSA_SUCCESS ) - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 4 ); - else - TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 ); + PSA_ASSERT(psa_mac_abort(&operation)); + if (forced_status == PSA_SUCCESS) { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 4); + } else { + TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); + } exit: - psa_mac_abort( &operation ); - psa_destroy_key( key ); - PSA_DONE( ); + psa_mac_abort(&operation); + psa_destroy_key(key); + PSA_DONE(); mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -void builtin_key_export( int builtin_key_id_arg, - int builtin_key_type_arg, - int builtin_key_bits_arg, - int builtin_key_algorithm_arg, - data_t *expected_output, - int expected_status_arg ) +void builtin_key_export(int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg) { psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; @@ -1443,51 +1464,49 @@ void builtin_key_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); - uint8_t* output_buffer = NULL; + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t *output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output_buffer, expected_output->len ); + PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output_buffer, expected_output->len); - actual_status = psa_export_key( key, output_buffer, expected_output->len, &output_size ); + actual_status = psa_export_key(key, output_buffer, expected_output->len, &output_size); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( actual_status ); - TEST_EQUAL( output_size, expected_output->len ); - ASSERT_COMPARE( output_buffer, output_size, - expected_output->x, expected_output->len ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(actual_status); + TEST_EQUAL(output_size, expected_output->len); + TEST_MEMORY_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); - TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); - } - else - { - if( actual_status != expected_status ) - fprintf( stderr, "Expected %d but got %d\n", expected_status, actual_status ); - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_size, 0 ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); + TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type); + TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg); + } else { + if (actual_status != expected_status) { + fprintf(stderr, "Expected %d but got %d\n", expected_status, actual_status); + } + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_size, 0); } exit: - mbedtls_free( output_buffer ); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -void builtin_pubkey_export( int builtin_key_id_arg, - int builtin_key_type_arg, - int builtin_key_bits_arg, - int builtin_key_algorithm_arg, - data_t *expected_output, - int expected_status_arg ) +void builtin_pubkey_export(int builtin_key_id_arg, + int builtin_key_type_arg, + int builtin_key_bits_arg, + int builtin_key_algorithm_arg, + data_t *expected_output, + int expected_status_arg) { psa_key_id_t builtin_key_id = (psa_key_id_t) builtin_key_id_arg; psa_key_type_t builtin_key_type = (psa_key_type_t) builtin_key_type_arg; @@ -1496,47 +1515,44 @@ void builtin_pubkey_export( int builtin_key_id_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0, builtin_key_id ); - uint8_t* output_buffer = NULL; + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0, builtin_key_id); + uint8_t *output_buffer = NULL; size_t output_size = 0; psa_status_t actual_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output_buffer, expected_output->len ); + PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output_buffer, expected_output->len); - actual_status = psa_export_public_key( key, output_buffer, expected_output->len, &output_size ); + actual_status = psa_export_public_key(key, output_buffer, expected_output->len, &output_size); - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( actual_status ); - TEST_EQUAL( output_size, expected_output->len ); - ASSERT_COMPARE( output_buffer, output_size, - expected_output->x, expected_output->len ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(actual_status); + TEST_EQUAL(output_size, expected_output->len); + TEST_MEMORY_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), builtin_key_bits ); - TEST_EQUAL( psa_get_key_type( &attributes ), builtin_key_type ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), builtin_key_alg ); - } - else - { - TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( output_size, 0 ); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); + TEST_EQUAL(psa_get_key_type(&attributes), builtin_key_type); + TEST_EQUAL(psa_get_key_algorithm(&attributes), builtin_key_alg); + } else { + TEST_EQUAL(actual_status, expected_status); + TEST_EQUAL(output_size, 0); } exit: - mbedtls_free( output_buffer ); - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key ); - PSA_DONE( ); + mbedtls_free(output_buffer); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_compute( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg, - int expected_status_arg ) +void hash_compute(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1547,32 +1563,31 @@ void hash_compute( int alg_arg, mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); - TEST_EQUAL( psa_hash_compute( alg, input->x, input->len, - output, PSA_HASH_LENGTH( alg ), - &output_length ), expected_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(psa_hash_compute(alg, input->x, input->len, + output, PSA_HASH_LENGTH(alg), + &output_length), expected_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( expected_status == PSA_SUCCESS ) - { - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + if (expected_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_setup( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg, - int expected_status_arg ) +void hash_multipart_setup(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg, + int expected_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1582,44 +1597,43 @@ void hash_multipart_setup( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_setup( &operation, alg ), expected_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( expected_status == PSA_SUCCESS ) - { - PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - PSA_ASSERT( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + TEST_EQUAL(psa_hash_setup(&operation, alg), expected_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_hash_update(&operation, input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + PSA_ASSERT(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_update( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_multipart_update(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1628,54 +1642,53 @@ void hash_multipart_update( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Update inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_update(&operation, input->x, input->len), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_update( &operation, input->x, input->len ), - forced_status ); + TEST_EQUAL(psa_hash_update(&operation, input->x, input->len), + forced_status); /* One or two more calls to the driver interface: update or update + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_SUCCESS ? 2 : 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( forced_status == PSA_SUCCESS ) - { + if (forced_status == PSA_SUCCESS) { mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); + PSA_ASSERT(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); /* Two calls to the driver interface: update + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multipart_finish( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_multipart_finish(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1684,50 +1697,51 @@ void hash_multipart_finish( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Finish inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_finish( &operation, output, PSA_HASH_LENGTH( alg ), - &output_length ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_finish(&operation, output, PSA_HASH_LENGTH(alg), + &output_length), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - PSA_ASSERT( psa_hash_update( &operation, input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 2 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_update(&operation, input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_finish( &operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ), - forced_status ); + TEST_EQUAL(psa_hash_finish(&operation, + output, PSA_HASH_LENGTH(alg), + &output_length), + forced_status); /* Two more calls to the driver interface: finish + abort */ - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 4 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 4); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - if( forced_status == PSA_SUCCESS ) - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + if (forced_status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); + } exit: - psa_hash_abort( &operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_clone( int alg_arg, - data_t *input, data_t *hash, - int forced_status_arg ) +void hash_clone(int alg_arg, + data_t *input, data_t *hash, + int forced_status_arg) { psa_algorithm_t alg = alg_arg; psa_status_t forced_status = forced_status_arg; @@ -1737,50 +1751,49 @@ void hash_clone( int alg_arg, size_t output_length; mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC( output, PSA_HASH_LENGTH( alg ) ); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* * Clone inactive operation, the driver shouldn't be called. */ - TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), - PSA_ERROR_BAD_STATE ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 0 ); + TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation), + PSA_ERROR_BAD_STATE); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 0); - PSA_ASSERT( psa_hash_setup( &source_operation, alg ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); + PSA_ASSERT(psa_hash_setup(&source_operation, alg)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); mbedtls_test_driver_hash_hooks.forced_status = forced_status; - TEST_EQUAL( psa_hash_clone( &source_operation, &target_operation ), - forced_status ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, - forced_status == PSA_SUCCESS ? 2 : 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, forced_status ); - - if( forced_status == PSA_SUCCESS ) - { + TEST_EQUAL(psa_hash_clone(&source_operation, &target_operation), + forced_status); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, + forced_status == PSA_SUCCESS ? 2 : 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); + + if (forced_status == PSA_SUCCESS) { mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - PSA_ASSERT( psa_hash_update( &target_operation, - input->x, input->len ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 1 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - PSA_ASSERT( psa_hash_finish( &target_operation, - output, PSA_HASH_LENGTH( alg ), - &output_length ) ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.hits, 3 ); - TEST_EQUAL( mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS ); - - ASSERT_COMPARE( output, output_length, hash->x, hash->len ); + PSA_ASSERT(psa_hash_update(&target_operation, + input->x, input->len)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); + + PSA_ASSERT(psa_hash_finish(&target_operation, + output, PSA_HASH_LENGTH(alg), + &output_length)); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 3); + TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); + + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: - psa_hash_abort( &source_operation ); - psa_hash_abort( &target_operation ); - mbedtls_free( output ); - PSA_DONE( ); + psa_hash_abort(&source_operation); + psa_hash_abort(&target_operation); + mbedtls_free(output); + PSA_DONE(); mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.data index 49d3f69e570..322363d2594 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.data @@ -7,7 +7,7 @@ external_rng_failure_generate: # randomization for (e.g.) blinding. An external implementation could use # its own randomness source which is not affected by the forced failure of # the RNG driver. -# Key types and non-randomized auxilary algorithms (in practice, hashes) can +# Key types and non-randomized auxiliary algorithms (in practice, hashes) can # use an external implementation. PSA external RNG failure: randomized ECDSA depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.function index 4dcbb36a686..362b3da42ad 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_entropy.function @@ -8,30 +8,60 @@ #include "mbedtls/entropy_poll.h" /* Calculating the minimum allowed entropy size in bytes */ -#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE) +#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, \ + MBEDTLS_ENTROPY_BLOCK_SIZE) #if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include + +/* Check the entropy seed file. + * + * \param expected_size Expected size in bytes. + * If 0, the file must not exist. + * + * \retval 1 Either \p expected_size is nonzero and + * the entropy seed file exists and has exactly this size, + * or \p expected_size is zero and the file does not exist. + * \retval 0 Either \p expected_size is nonzero but + * the entropy seed file does not exist or has a different size, + * or \p expected_size is zero but the file exists. + * In this case, the test case is marked as failed. + * + * \note We enforce that the seed is in a specific ITS file. + * This must not change, otherwise we break backward compatibility if + * the library is upgraded on a device with an existing seed. + */ +int check_random_seed_file(size_t expected_size) +{ + /* The value of the random seed UID must not change. Otherwise that would + * break upgrades of the library on devices that already contain a seed + * file. If this test assertion fails, you've presumably broken backward + * compatibility! */ + TEST_EQUAL(PSA_CRYPTO_ITS_RANDOM_SEED_UID, 0xFFFFFF52); + + struct psa_storage_info_t info = { 0, 0 }; + psa_status_t status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + &info); + + if (expected_size == 0) { + TEST_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST); + } else { + TEST_EQUAL(status, PSA_SUCCESS); + TEST_EQUAL(info.size, expected_size); + } + return 1; + +exit: + return 0; +} -#if defined(MBEDTLS_PSA_ITS_FILE_C) -#include -#else -#include -#endif - -/* Remove the entropy seed file. Since the library does not expose a way - * to do this (it would be a security risk if such a function was ever - * accessible in production), implement this functionality in a white-box - * manner. */ -psa_status_t remove_seed_file( void ) +/* Remove the entropy seed file. + * + * See check_random_seed_file() regarding abstraction boundaries. + */ +psa_status_t remove_seed_file(void) { -#if defined(MBEDTLS_PSA_ITS_FILE_C) - if( remove( "00000000ffffff52.psa_its" ) == 0 ) - return( PSA_SUCCESS ); - else - return( PSA_ERROR_DOES_NOT_EXIST ); -#else - return( psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID ) ); -#endif + return psa_its_remove(PSA_CRYPTO_ITS_RANDOM_SEED_UID); } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ @@ -39,44 +69,44 @@ psa_status_t remove_seed_file( void ) /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void external_rng_failure_generate( ) +void external_rng_failure_generate() { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, PSA_KEY_TYPE_DERIVE ); - psa_set_key_bits( &attributes, 128 ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); + psa_set_key_bits(&attributes, 128); mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; uint8_t output[1]; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_generate_random( output, sizeof( output ) ) ); - PSA_ASSERT( psa_generate_key( &attributes, &key ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_generate_random(output, sizeof(output))); + PSA_ASSERT(psa_generate_key(&attributes, &key)); + PSA_ASSERT(psa_destroy_key(key)); - mbedtls_test_disable_insecure_external_rng( ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_generate_random( output, sizeof( output ) ) ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_generate_key( &attributes, &key ) ); + mbedtls_test_disable_insecure_external_rng(); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_generate_random(output, sizeof(output))); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_generate_key(&attributes, &key)); exit: - psa_destroy_key( key ); - PSA_DONE( ); + psa_destroy_key(key); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void external_rng_failure_sign( int key_type, data_t *key_data, int alg, - int input_size_arg ) +void external_rng_failure_sign(int key_type, data_t *key_data, int alg, + int input_size_arg) { /* This test case is only expected to pass if the signature mechanism * requires randomness, either because it is a randomized signature * or because the implementation uses blinding. */ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_type( &attributes, key_type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; size_t input_size = input_size_arg; uint8_t *input = NULL; @@ -84,43 +114,43 @@ void external_rng_failure_sign( int key_type, data_t *key_data, int alg, size_t signature_size = PSA_SIGNATURE_MAX_SIZE; size_t signature_length; - ASSERT_ALLOC( input, input_size ); - ASSERT_ALLOC( signature, signature_size ); + TEST_CALLOC(input, input_size); + TEST_CALLOC(signature, signature_size); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - PSA_ASSERT( psa_sign_hash( key, alg, - input, input_size, - signature, signature_size, - &signature_length ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_sign_hash(key, alg, + input, input_size, + signature, signature_size, + &signature_length)); + PSA_ASSERT(psa_destroy_key(key)); - mbedtls_test_disable_insecure_external_rng( ); + mbedtls_test_disable_insecure_external_rng(); /* Import the key again, because for RSA Mbed TLS caches blinding values * in the key object and this could perturb the test. */ - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - TEST_EQUAL( PSA_ERROR_INSUFFICIENT_ENTROPY, - psa_sign_hash( key, alg, - input, input_size, - signature, signature_size, - &signature_length ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + TEST_EQUAL(PSA_ERROR_INSUFFICIENT_ENTROPY, + psa_sign_hash(key, alg, + input, input_size, + signature, signature_size, + &signature_length)); + PSA_ASSERT(psa_destroy_key(key)); exit: - psa_destroy_key( key ); - PSA_DONE( ); - mbedtls_free( input ); - mbedtls_free( signature ); + psa_destroy_key(key); + PSA_DONE(); + mbedtls_free(input); + mbedtls_free(signature); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */ -void validate_entropy_seed_injection( int seed_length_a, - int expected_status_a, - int seed_length_b, - int expected_status_b ) +void validate_entropy_seed_injection(int seed_length_a, + int expected_status_a, + int seed_length_b, + int expected_status_b) { psa_status_t status; uint8_t output[32] = { 0 }; @@ -128,68 +158,94 @@ void validate_entropy_seed_injection( int seed_length_a, uint8_t *seed = NULL; int i; int seed_size; - if( seed_length_a > seed_length_b ) - { + if (seed_length_a > seed_length_b) { seed_size = seed_length_a; - } - else - { + } else { seed_size = seed_length_b; } - ASSERT_ALLOC( seed, seed_size ); + TEST_CALLOC(seed, seed_size); /* fill seed with some data */ - for( i = 0; i < seed_size; ++i ) - { + for (i = 0; i < seed_size; ++i) { seed[i] = i; } - status = remove_seed_file( ); - TEST_ASSERT( ( status == PSA_SUCCESS ) || - ( status == PSA_ERROR_DOES_NOT_EXIST ) ); - status = mbedtls_psa_inject_entropy( seed, seed_length_a ); - TEST_EQUAL( status, expected_status_a ); - status = mbedtls_psa_inject_entropy( seed, seed_length_b ); - TEST_EQUAL( status, expected_status_b ); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output, - sizeof( output ) ) ); - TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 ); + status = remove_seed_file(); + TEST_ASSERT((status == PSA_SUCCESS) || + (status == PSA_ERROR_DOES_NOT_EXIST)); + if (!check_random_seed_file(0)) { + goto exit; + } + + status = mbedtls_psa_inject_entropy(seed, seed_length_a); + TEST_EQUAL(status, expected_status_a); + if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a : + 0)) { + goto exit; + } + + status = mbedtls_psa_inject_entropy(seed, seed_length_b); + TEST_EQUAL(status, expected_status_b); + if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a : + expected_status_b == PSA_SUCCESS ? seed_length_b : + 0)) { + goto exit; + } + + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output, + sizeof(output))); + TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0); + exit: - mbedtls_free( seed ); - remove_seed_file( ); - PSA_DONE( ); + mbedtls_free(seed); + PSA_DONE(); + mbedtls_test_inject_entropy_restore(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_INJECT_ENTROPY */ -void run_entropy_inject_with_crypto_init( ) +void run_entropy_inject_with_crypto_init() { psa_status_t status; size_t i; uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 }; /* fill seed with some data */ - for( i = 0; i < sizeof( seed ); ++i ) - { + for (i = 0; i < sizeof(seed); ++i) { seed[i] = i; } - status = remove_seed_file( ); - TEST_ASSERT( ( status == PSA_SUCCESS ) || - ( status == PSA_ERROR_DOES_NOT_EXIST ) ); - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - PSA_ASSERT( status ); - status = remove_seed_file( ); - TEST_EQUAL( status, PSA_SUCCESS ); - status = psa_crypto_init( ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY ); - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - PSA_ASSERT( status ); - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + + status = remove_seed_file(); + TEST_ASSERT((status == PSA_SUCCESS) || + (status == PSA_ERROR_DOES_NOT_EXIST)); + if (!check_random_seed_file(0)) { + goto exit; + } + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + PSA_ASSERT(status); + TEST_ASSERT(check_random_seed_file(sizeof(seed))); + status = remove_seed_file(); + TEST_EQUAL(status, PSA_SUCCESS); + if (!check_random_seed_file(0)) { + goto exit; + } + + status = psa_crypto_init(); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_ENTROPY); + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + PSA_ASSERT(status); + if (!check_random_seed_file(sizeof(seed))) { + goto exit; + } + + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); + /* The seed is written by nv_seed callback functions therefore the injection will fail */ - status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) ); - TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); + status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); + TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + exit: - remove_seed_file( ); - PSA_DONE( ); + PSA_DONE(); + mbedtls_test_inject_entropy_restore(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_generate_key.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_generate_key.function index dbe9a0ecf9a..366e09b0145 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_generate_key.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_generate_key.function @@ -3,7 +3,7 @@ #include "psa/crypto.h" #include "test/psa_crypto_helpers.h" -#define INVALID_KEY_ID mbedtls_svc_key_id_make( 0, 0xfedcba98 ) +#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98) /* END_HEADER */ @@ -13,37 +13,36 @@ */ /* BEGIN_CASE */ -void generate_key( int key_type_arg, int bits_arg, int expected_status_arg) +void generate_key(int key_type_arg, int bits_arg, int expected_status_arg) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - // key lifetiem, usage flags, algorithm are irrelevant for this test + // key lifetime, usage flags, algorithm are irrelevant for this test psa_key_type_t key_type = key_type_arg; size_t bits = bits_arg; psa_status_t expected_status = expected_status_arg; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &key_id ), - expected_status ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &key_id), + expected_status); // Verify attributes of the created key on success - if ( expected_status == PSA_SUCCESS ) - { + if (expected_status == PSA_SUCCESS) { psa_reset_key_attributes(&attributes); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), PSA_KEY_LIFETIME_VOLATILE ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_type( &attributes ), key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits ); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + TEST_EQUAL(psa_get_key_type(&attributes), key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); } exit: psa_reset_key_attributes(&attributes); - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_hash.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_hash.function index b0da2bf30e9..0405c1de9e6 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_hash.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_hash.function @@ -10,54 +10,54 @@ */ /* BEGIN_CASE */ -void hash_finish( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_finish(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; size_t actual_hash_length; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x, input->len ) ); - PSA_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_update(&operation, + input->x, input->len)); + PSA_ASSERT(psa_hash_finish(&operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); exit: - psa_hash_abort( &operation ); - PSA_DONE( ); + psa_hash_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_verify( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_verify(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x, - input->len ) ); - PSA_ASSERT( psa_hash_verify( &operation, - expected_hash->x, - expected_hash->len ) ); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + PSA_ASSERT(psa_hash_update(&operation, + input->x, + input->len)); + PSA_ASSERT(psa_hash_verify(&operation, + expected_hash->x, + expected_hash->len)); exit: - psa_hash_abort( &operation ); - PSA_DONE( ); + psa_hash_abort(&operation); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) +void hash_multi_part(int alg_arg, data_t *input, data_t *expected_hash) { psa_algorithm_t alg = alg_arg; unsigned char actual_hash[PSA_HASH_MAX_SIZE]; @@ -66,37 +66,36 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash ) psa_hash_operation_t operation2 = PSA_HASH_OPERATION_INIT; uint32_t len = 0; - PSA_ASSERT( psa_crypto_init( ) ); - - do - { - memset( actual_hash, 0, sizeof( actual_hash ) ); - PSA_ASSERT( psa_hash_setup( &operation, alg ) ); - - PSA_ASSERT( psa_hash_update( &operation, - input->x, len ) ); - PSA_ASSERT( psa_hash_clone( &operation, &operation2 ) ); - PSA_ASSERT( psa_hash_update( &operation, - input->x + len, input->len - len ) ); - PSA_ASSERT( psa_hash_update( &operation2, - input->x + len, input->len - len ) ); - - PSA_ASSERT( psa_hash_finish( &operation, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - - PSA_ASSERT( psa_hash_finish( &operation2, - actual_hash, sizeof( actual_hash ), - &actual_hash_length ) ); - ASSERT_COMPARE( expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length ); - } while( len++ != input->len ); + PSA_ASSERT(psa_crypto_init()); + + do { + memset(actual_hash, 0, sizeof(actual_hash)); + PSA_ASSERT(psa_hash_setup(&operation, alg)); + + PSA_ASSERT(psa_hash_update(&operation, + input->x, len)); + PSA_ASSERT(psa_hash_clone(&operation, &operation2)); + PSA_ASSERT(psa_hash_update(&operation, + input->x + len, input->len - len)); + PSA_ASSERT(psa_hash_update(&operation2, + input->x + len, input->len - len)); + + PSA_ASSERT(psa_hash_finish(&operation, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); + + PSA_ASSERT(psa_hash_finish(&operation2, + actual_hash, sizeof(actual_hash), + &actual_hash_length)); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); + } while (len++ != input->len); exit: - psa_hash_abort( &operation ); - psa_hash_abort( &operation2 ); - PSA_DONE( ); + psa_hash_abort(&operation); + psa_hash_abort(&operation2); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.data index 9620a642a0d..8c5b41d6cba 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.data @@ -25,7 +25,10 @@ validate_module_init_key_based:1 Custom entropy sources: all standard custom_entropy_sources:0x0000ffff:PSA_SUCCESS +# MBEDTLS_PSA_INJECT_ENTROPY means that a source of entropy (the seed file) +# is effectively always available. Custom entropy sources: none +depends_on:!MBEDTLS_PSA_INJECT_ENTROPY custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY Fake entropy: never returns anything diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.function index 40efb87cb28..63767f02021 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_init.function @@ -17,7 +17,7 @@ * half the entropy length. For SHA-256, SHA-384 or SHA-512, the * entropy length is 256 per the documentation of mbedtls_hmac_drbg_seed(), * and PSA crypto doesn't support other hashes for HMAC_DRBG. */ -#define ENTROPY_NONCE_LEN ( 256 / 2 ) +#define ENTROPY_NONCE_LEN (256 / 2) #else /* PSA crypto uses the CTR_DRBG module. In some configurations, it needs * to read from the entropy source twice: once for the initial entropy @@ -28,28 +28,29 @@ #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -typedef struct -{ +typedef struct { size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */ size_t max_steps; size_t *length_sequence; size_t step; } fake_entropy_state_t; -static int fake_entropy_source( void *state_arg, - unsigned char *output, size_t len, - size_t *olen ) +static int fake_entropy_source(void *state_arg, + unsigned char *output, size_t len, + size_t *olen) { fake_entropy_state_t *state = state_arg; size_t i; - if( state->step >= state->max_steps ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + if (state->step >= state->max_steps) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - *olen = MIN( len, state->length_sequence[state->step] ); - for( i = 0; i < *olen; i++ ) + *olen = MIN(len, state->length_sequence[state->step]); + for (i = 0; i < *olen; i++) { output[i] = i; + } ++state->step; - return( 0 ); + return 0; } #define ENTROPY_SOURCE_PLATFORM 0x00000001 @@ -64,69 +65,71 @@ static fake_entropy_state_t fake_entropy_state; /* This is a modified version of mbedtls_entropy_init() from entropy.c * which chooses entropy sources dynamically. */ -static void custom_entropy_init( mbedtls_entropy_context *ctx ) +static void custom_entropy_init(mbedtls_entropy_context *ctx) { ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); + memset(ctx->source, 0, sizeof(ctx->source)); #if defined(MBEDTLS_THREADING_C) - mbedtls_mutex_init( &ctx->mutex ); + mbedtls_mutex_init(&ctx->mutex); #endif ctx->accumulator_started = 0; #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init( &ctx->accumulator ); + mbedtls_sha512_init(&ctx->accumulator); #else - mbedtls_sha256_init( &ctx->accumulator ); + mbedtls_sha256_init(&ctx->accumulator); #endif #if defined(MBEDTLS_HAVEGE_C) - mbedtls_havege_init( &ctx->havege_data ); + mbedtls_havege_init(&ctx->havege_data); #endif #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM ) - mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, - MBEDTLS_ENTROPY_MIN_PLATFORM, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { + mbedtls_entropy_add_source(ctx, mbedtls_platform_entropy_poll, NULL, + MBEDTLS_ENTROPY_MIN_PLATFORM, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_TIMING_C) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING ) - mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDCLOCK, - MBEDTLS_ENTROPY_SOURCE_WEAK ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING) { + mbedtls_entropy_add_source(ctx, mbedtls_hardclock_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDCLOCK, + MBEDTLS_ENTROPY_SOURCE_WEAK); + } #endif #if defined(MBEDTLS_HAVEGE_C) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE ) - mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data, - MBEDTLS_ENTROPY_MIN_HAVEGE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE) { + mbedtls_entropy_add_source(ctx, mbedtls_havege_poll, &ctx->havege_data, + MBEDTLS_ENTROPY_MIN_HAVEGE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE ) - mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, - MBEDTLS_ENTROPY_MIN_HARDWARE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE) { + mbedtls_entropy_add_source(ctx, mbedtls_hardware_poll, NULL, + MBEDTLS_ENTROPY_MIN_HARDWARE, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } #endif #if defined(MBEDTLS_ENTROPY_NV_SEED) - if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED ) - { - mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL, - MBEDTLS_ENTROPY_BLOCK_SIZE, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED) { + mbedtls_entropy_add_source(ctx, mbedtls_nv_seed_poll, NULL, + MBEDTLS_ENTROPY_BLOCK_SIZE, + MBEDTLS_ENTROPY_SOURCE_STRONG); ctx->initial_entropy_run = 0; - } - else - { + } else { /* Skip the NV seed even though it's compiled in. */ ctx->initial_entropy_run = 1; } #endif - if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE ) - mbedtls_entropy_add_source( ctx, - fake_entropy_source, &fake_entropy_state, - fake_entropy_state.threshold, - MBEDTLS_ENTROPY_SOURCE_STRONG ); + if (custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE) { + mbedtls_entropy_add_source(ctx, + fake_entropy_source, &fake_entropy_state, + fake_entropy_state.threshold, + MBEDTLS_ENTROPY_SOURCE_STRONG); + } } #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ @@ -139,109 +142,106 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx ) */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void create_nv_seed( ) +void create_nv_seed() { static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE]; - TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 ); + TEST_ASSERT(mbedtls_nv_seed_write(seed, sizeof(seed)) >= 0); } /* END_CASE */ /* BEGIN_CASE */ -void init_deinit( int count ) +void init_deinit(int count) { psa_status_t status; int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } } /* END_CASE */ /* BEGIN_CASE */ -void deinit_without_init( int count ) +void deinit_without_init(int count) { int i; - for( i = 0; i < count; i++ ) - { - PSA_ASSERT( psa_crypto_init( ) ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + PSA_ASSERT(psa_crypto_init()); + PSA_DONE(); } - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_generate_random( int count ) +void validate_module_init_generate_random(int count) { psa_status_t status; uint8_t random[10] = { 0 }; int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } - status = psa_generate_random( random, sizeof( random ) ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); + status = psa_generate_random(random, sizeof(random)); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); } /* END_CASE */ /* BEGIN_CASE */ -void validate_module_init_key_based( int count ) +void validate_module_init_key_based(int count) { psa_status_t status; uint8_t data[10] = { 0 }; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + mbedtls_svc_key_id_t key = mbedtls_svc_key_id_make(0xdead, 0xdead); int i; - for( i = 0; i < count; i++ ) - { - status = psa_crypto_init( ); - PSA_ASSERT( status ); - PSA_DONE( ); + for (i = 0; i < count; i++) { + status = psa_crypto_init(); + PSA_ASSERT(status); + PSA_DONE(); } - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - status = psa_import_key( &attributes, data, sizeof( data ), &key ); - TEST_EQUAL( status, PSA_ERROR_BAD_STATE ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( key ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + status = psa_import_key(&attributes, data, sizeof(data), &key); + TEST_EQUAL(status, PSA_ERROR_BAD_STATE); + TEST_ASSERT(mbedtls_svc_key_id_is_null(key)); } /* END_CASE */ /* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void custom_entropy_sources( int sources_arg, int expected_init_status_arg ) +void custom_entropy_sources(int sources_arg, int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; custom_entropy_sources_mask = sources_arg; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void fake_entropy_source( int threshold, - int amount1, - int amount2, - int amount3, - int amount4, - int expected_init_status_arg ) +void fake_entropy_source(int threshold, + int amount1, + int amount2, + int amount3, + int amount4, + int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; @@ -250,55 +250,61 @@ void fake_entropy_source( int threshold, fake_entropy_state.threshold = threshold; fake_entropy_state.step = 0; fake_entropy_state.max_steps = 0; - if( amount1 >= 0 ) + if (amount1 >= 0) { lengths[fake_entropy_state.max_steps++] = amount1; - if( amount2 >= 0 ) + } + if (amount2 >= 0) { lengths[fake_entropy_state.max_steps++] = amount2; - if( amount3 >= 0 ) + } + if (amount3 >= 0) { lengths[fake_entropy_state.max_steps++] = amount3; - if( amount4 >= 0 ) + } + if (amount4 >= 0) { lengths[fake_entropy_state.max_steps++] = amount4; + } fake_entropy_state.length_sequence = lengths; custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void entropy_from_nv_seed( int seed_size_arg, - int expected_init_status_arg ) +void entropy_from_nv_seed(int seed_size_arg, + int expected_init_status_arg) { psa_status_t expected_init_status = expected_init_status_arg; uint8_t random[10] = { 0 }; uint8_t *seed = NULL; size_t seed_size = seed_size_arg; - ASSERT_ALLOC( seed, seed_size ); - TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 ); + TEST_CALLOC(seed, seed_size); + TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0); custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; - PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources( - custom_entropy_init, mbedtls_entropy_free ) ); + PSA_ASSERT(mbedtls_psa_crypto_configure_entropy_sources( + custom_entropy_init, mbedtls_entropy_free)); - TEST_EQUAL( psa_crypto_init( ), expected_init_status ); - if( expected_init_status != PSA_SUCCESS ) + TEST_EQUAL(psa_crypto_init(), expected_init_status); + if (expected_init_status != PSA_SUCCESS) { goto exit; + } - PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) ); + PSA_ASSERT(psa_generate_random(random, sizeof(random))); exit: - mbedtls_free( seed ); - PSA_DONE( ); + mbedtls_free(seed); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_metadata.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_metadata.function index f2ba16a28da..47d60c1c0e3 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_metadata.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_metadata.function @@ -16,56 +16,56 @@ * category test macros, which are hard-coded in each * category-specific function. The name of the flag is the name of the * classification macro without the PSA_ prefix. */ -#define ALG_IS_VENDOR_DEFINED ( 1u << 0 ) -#define ALG_IS_HMAC ( 1u << 1 ) -#define ALG_IS_BLOCK_CIPHER_MAC ( 1u << 2 ) -#define ALG_IS_STREAM_CIPHER ( 1u << 3 ) -#define ALG_IS_RSA_PKCS1V15_SIGN ( 1u << 4 ) -#define ALG_IS_RSA_PSS ( 1u << 5 ) -#define ALG_IS_RSA_PSS_ANY_SALT ( 1u << 6 ) -#define ALG_IS_RSA_PSS_STANDARD_SALT ( 1u << 7 ) -#define ALG_IS_DSA ( 1u << 8 ) -#define ALG_DSA_IS_DETERMINISTIC ( 1u << 9 ) -#define ALG_IS_DETERMINISTIC_DSA ( 1u << 10 ) -#define ALG_IS_RANDOMIZED_DSA ( 1u << 11 ) -#define ALG_IS_ECDSA ( 1u << 12 ) -#define ALG_ECDSA_IS_DETERMINISTIC ( 1u << 13 ) -#define ALG_IS_DETERMINISTIC_ECDSA ( 1u << 14 ) -#define ALG_IS_RANDOMIZED_ECDSA ( 1u << 15 ) -#define ALG_IS_HASH_EDDSA ( 1u << 16 ) -#define ALG_IS_SIGN_HASH ( 1u << 17 ) -#define ALG_IS_HASH_AND_SIGN ( 1u << 18 ) -#define ALG_IS_RSA_OAEP ( 1u << 19 ) -#define ALG_IS_HKDF ( 1u << 20 ) -#define ALG_IS_FFDH ( 1u << 21 ) -#define ALG_IS_ECDH ( 1u << 22 ) -#define ALG_IS_WILDCARD ( 1u << 23 ) -#define ALG_IS_RAW_KEY_AGREEMENT ( 1u << 24 ) -#define ALG_IS_AEAD_ON_BLOCK_CIPHER ( 1u << 25 ) -#define ALG_IS_TLS12_PRF ( 1u << 26 ) -#define ALG_IS_TLS12_PSK_TO_MS ( 1u << 27 ) -#define ALG_FLAG_MASK_PLUS_ONE ( 1u << 28 ) /* must be last! */ +#define ALG_IS_VENDOR_DEFINED (1u << 0) +#define ALG_IS_HMAC (1u << 1) +#define ALG_IS_BLOCK_CIPHER_MAC (1u << 2) +#define ALG_IS_STREAM_CIPHER (1u << 3) +#define ALG_IS_RSA_PKCS1V15_SIGN (1u << 4) +#define ALG_IS_RSA_PSS (1u << 5) +#define ALG_IS_RSA_PSS_ANY_SALT (1u << 6) +#define ALG_IS_RSA_PSS_STANDARD_SALT (1u << 7) +#define ALG_IS_DSA (1u << 8) +#define ALG_DSA_IS_DETERMINISTIC (1u << 9) +#define ALG_IS_DETERMINISTIC_DSA (1u << 10) +#define ALG_IS_RANDOMIZED_DSA (1u << 11) +#define ALG_IS_ECDSA (1u << 12) +#define ALG_ECDSA_IS_DETERMINISTIC (1u << 13) +#define ALG_IS_DETERMINISTIC_ECDSA (1u << 14) +#define ALG_IS_RANDOMIZED_ECDSA (1u << 15) +#define ALG_IS_HASH_EDDSA (1u << 16) +#define ALG_IS_SIGN_HASH (1u << 17) +#define ALG_IS_HASH_AND_SIGN (1u << 18) +#define ALG_IS_RSA_OAEP (1u << 19) +#define ALG_IS_HKDF (1u << 20) +#define ALG_IS_FFDH (1u << 21) +#define ALG_IS_ECDH (1u << 22) +#define ALG_IS_WILDCARD (1u << 23) +#define ALG_IS_RAW_KEY_AGREEMENT (1u << 24) +#define ALG_IS_AEAD_ON_BLOCK_CIPHER (1u << 25) +#define ALG_IS_TLS12_PRF (1u << 26) +#define ALG_IS_TLS12_PSK_TO_MS (1u << 27) +#define ALG_FLAG_MASK_PLUS_ONE (1u << 28) /* must be last! */ /* Flags for key type classification macros. There is a flag for every * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that * are tested as derived from other macros. The name of the flag is * the name of the classification macro without the PSA_ prefix. */ -#define KEY_TYPE_IS_VENDOR_DEFINED ( 1u << 0 ) -#define KEY_TYPE_IS_UNSTRUCTURED ( 1u << 1 ) -#define KEY_TYPE_IS_PUBLIC_KEY ( 1u << 2 ) -#define KEY_TYPE_IS_KEY_PAIR ( 1u << 3 ) -#define KEY_TYPE_IS_RSA ( 1u << 4 ) -#define KEY_TYPE_IS_DSA ( 1u << 5 ) -#define KEY_TYPE_IS_ECC ( 1u << 6 ) -#define KEY_TYPE_IS_DH ( 1u << 7 ) -#define KEY_TYPE_FLAG_MASK_PLUS_ONE ( 1u << 8 ) /* must be last! */ +#define KEY_TYPE_IS_VENDOR_DEFINED (1u << 0) +#define KEY_TYPE_IS_UNSTRUCTURED (1u << 1) +#define KEY_TYPE_IS_PUBLIC_KEY (1u << 2) +#define KEY_TYPE_IS_KEY_PAIR (1u << 3) +#define KEY_TYPE_IS_RSA (1u << 4) +#define KEY_TYPE_IS_DSA (1u << 5) +#define KEY_TYPE_IS_ECC (1u << 6) +#define KEY_TYPE_IS_DH (1u << 7) +#define KEY_TYPE_FLAG_MASK_PLUS_ONE (1u << 8) /* must be last! */ /* Flags for lifetime classification macros. There is a flag for every * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the * flag is the name of the classification macro without the PSA_ prefix. */ -#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 ) -#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 ) -#define KEY_LIFETIME_FLAG_MASK_PLUS_ONE ( 1u << 2 ) /* must be last! */ +#define KEY_LIFETIME_IS_VOLATILE (1u << 0) +#define KEY_LIFETIME_IS_READ_ONLY (1u << 1) +#define KEY_LIFETIME_FLAG_MASK_PLUS_ONE (1u << 2) /* must be last! */ /* Check that in the value of flags, the bit flag (which should be a macro * expanding to a number of the form 1 << k) is set if and only if @@ -78,19 +78,19 @@ * Unconditionally mask flag into the ambient variable * classification_flags_tested. */ -#define TEST_CLASSIFICATION_MACRO( cond, flag, alg, flags ) \ +#define TEST_CLASSIFICATION_MACRO(cond, flag, alg, flags) \ do \ { \ - if( cond ) \ + if (cond) \ { \ - if( ( flags ) & ( flag ) ) \ - TEST_ASSERT( PSA_##flag( alg ) ); \ + if ((flags) & (flag)) \ + TEST_ASSERT(PSA_##flag(alg)); \ else \ - TEST_ASSERT( ! PSA_##flag( alg ) ); \ + TEST_ASSERT(!PSA_##flag(alg)); \ } \ - classification_flags_tested |= ( flag ); \ + classification_flags_tested |= (flag); \ } \ - while( 0 ) + while (0) /* Check the parity of value. * @@ -104,134 +104,134 @@ * The expected parity is even so that 0 is considered a valid encoding. * * Return a nonzero value if value has even parity and 0 otherwise. */ -int has_even_parity( uint32_t value ) +int has_even_parity(uint32_t value) { value ^= value >> 16; value ^= value >> 8; value ^= value >> 4; - return( 0x9669 & 1 << ( value & 0xf ) ); + return 0x9669 & 1 << (value & 0xf); } -#define TEST_PARITY( value ) \ - TEST_ASSERT( has_even_parity( value ) ) +#define TEST_PARITY(value) \ + TEST_ASSERT(has_even_parity(value)) -void algorithm_classification( psa_algorithm_t alg, unsigned flags ) +void algorithm_classification(psa_algorithm_t alg, unsigned flags) { unsigned classification_flags_tested = 0; - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_VENDOR_DEFINED, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HMAC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_BLOCK_CIPHER_MAC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_STREAM_CIPHER, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PKCS1V15_SIGN, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS_ANY_SALT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_PSS_STANDARD_SALT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( PSA_ALG_IS_DSA( alg ), - ALG_DSA_IS_DETERMINISTIC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DETERMINISTIC_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RANDOMIZED_DSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( PSA_ALG_IS_ECDSA( alg ), - ALG_ECDSA_IS_DETERMINISTIC, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_DETERMINISTIC_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RANDOMIZED_ECDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HASH_EDDSA, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_SIGN_HASH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HASH_AND_SIGN, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RSA_OAEP, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_HKDF, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_WILDCARD, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_ECDH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_FFDH, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_RAW_KEY_AGREEMENT, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_TLS12_PRF, alg, flags ); - TEST_CLASSIFICATION_MACRO( 1, ALG_IS_TLS12_PSK_TO_MS, alg, flags ); - TEST_EQUAL( classification_flags_tested, ALG_FLAG_MASK_PLUS_ONE - 1 ); -exit: ; + TEST_CLASSIFICATION_MACRO(1, ALG_IS_VENDOR_DEFINED, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HMAC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_BLOCK_CIPHER_MAC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_STREAM_CIPHER, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PKCS1V15_SIGN, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_ANY_SALT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_PSS_STANDARD_SALT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_DSA(alg), + ALG_DSA_IS_DETERMINISTIC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_DSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(PSA_ALG_IS_ECDSA(alg), + ALG_ECDSA_IS_DETERMINISTIC, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_DETERMINISTIC_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RANDOMIZED_ECDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_EDDSA, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_SIGN_HASH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HASH_AND_SIGN, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RSA_OAEP, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_HKDF, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_WILDCARD, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_ECDH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_FFDH, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_RAW_KEY_AGREEMENT, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_AEAD_ON_BLOCK_CIPHER, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PRF, alg, flags); + TEST_CLASSIFICATION_MACRO(1, ALG_IS_TLS12_PSK_TO_MS, alg, flags); + TEST_EQUAL(classification_flags_tested, ALG_FLAG_MASK_PLUS_ONE - 1); +exit:; } -void key_type_classification( psa_key_type_t type, unsigned flags ) +void key_type_classification(psa_key_type_t type, unsigned flags) { unsigned classification_flags_tested = 0; /* Macros tested based on the test case parameter */ - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_VENDOR_DEFINED, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_UNSTRUCTURED, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_PUBLIC_KEY, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_KEY_PAIR, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_RSA, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_DSA, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_ECC, type, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_TYPE_IS_DH, type, flags ); - TEST_EQUAL( classification_flags_tested, KEY_TYPE_FLAG_MASK_PLUS_ONE - 1 ); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_VENDOR_DEFINED, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_UNSTRUCTURED, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_PUBLIC_KEY, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_KEY_PAIR, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_RSA, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DSA, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_ECC, type, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_TYPE_IS_DH, type, flags); + TEST_EQUAL(classification_flags_tested, KEY_TYPE_FLAG_MASK_PLUS_ONE - 1); /* Macros with derived semantics */ - TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ), - ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) || - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ), - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ), - ( PSA_KEY_TYPE_IS_ECC( type ) && - PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_DH_KEY_PAIR( type ), - ( PSA_KEY_TYPE_IS_DH( type ) && - PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) ); - TEST_EQUAL( PSA_KEY_TYPE_IS_DH_PUBLIC_KEY( type ), - ( PSA_KEY_TYPE_IS_DH( type ) && - PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) ); - - TEST_PARITY( type ); - -exit: ; + TEST_EQUAL(PSA_KEY_TYPE_IS_ASYMMETRIC(type), + (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) || + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type), + (PSA_KEY_TYPE_IS_ECC(type) && + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type), + (PSA_KEY_TYPE_IS_ECC(type) && + PSA_KEY_TYPE_IS_PUBLIC_KEY(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_DH_KEY_PAIR(type), + (PSA_KEY_TYPE_IS_DH(type) && + PSA_KEY_TYPE_IS_KEY_PAIR(type))); + TEST_EQUAL(PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type), + (PSA_KEY_TYPE_IS_DH(type) && + PSA_KEY_TYPE_IS_PUBLIC_KEY(type))); + + TEST_PARITY(type); + +exit:; } -void mac_algorithm_core( psa_algorithm_t alg, int classification_flags, - psa_key_type_t key_type, size_t key_bits, - size_t length ) +void mac_algorithm_core(psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, + size_t length) { /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Length */ - TEST_EQUAL( length, PSA_MAC_LENGTH( key_type, key_bits, alg ) ); + TEST_EQUAL(length, PSA_MAC_LENGTH(key_type, key_bits, alg)); #if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_PSA_CRYPTO_C) - PSA_ASSERT( psa_mac_key_can_do( alg, key_type ) ); + PSA_ASSERT(psa_mac_key_can_do(alg, key_type)); #endif -exit: ; +exit:; } -void aead_algorithm_core( psa_algorithm_t alg, int classification_flags, - psa_key_type_t key_type, size_t key_bits, - size_t tag_length ) +void aead_algorithm_core(psa_algorithm_t alg, int classification_flags, + psa_key_type_t key_type, size_t key_bits, + size_t tag_length) { /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Tag length */ - TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( key_type, key_bits, alg ) ); + TEST_EQUAL(tag_length, PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg)); -exit: ; +exit:; } /* END_HEADER */ @@ -242,52 +242,52 @@ exit: ; */ /* BEGIN_CASE */ -void hash_algorithm( int alg_arg, int length_arg ) +void hash_algorithm(int alg_arg, int length_arg) { psa_algorithm_t alg = alg_arg; size_t length = length_arg; - psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg ); - psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg ); - psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg ); - psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg ); - psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg ); - psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg ); - psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg ); - psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg ); - psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg ); + psa_algorithm_t hmac_alg = PSA_ALG_HMAC(alg); + psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN(alg); + psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS(alg); + psa_algorithm_t dsa_alg = PSA_ALG_DSA(alg); + psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA(alg); + psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA(alg); + psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA(alg); + psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP(alg); + psa_algorithm_t hkdf_alg = PSA_ALG_HKDF(alg); /* Algorithm classification */ - TEST_ASSERT( PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, 0 ); + TEST_ASSERT(PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, 0); /* Dependent algorithms */ - TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg ); - TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg ); - TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg ); + TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(hmac_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pkcs1v15_sign_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(rsa_pss_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(dsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_dsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(ecdsa_alg), alg); + TEST_EQUAL(PSA_ALG_SIGN_GET_HASH(deterministic_ecdsa_alg), alg); + TEST_EQUAL(PSA_ALG_RSA_OAEP_GET_HASH(rsa_oaep_alg), alg); + TEST_EQUAL(PSA_ALG_HKDF_GET_HASH(hkdf_alg), alg); /* Hash length */ - TEST_EQUAL( length, PSA_HASH_LENGTH( alg ) ); - TEST_ASSERT( length <= PSA_HASH_MAX_SIZE ); + TEST_EQUAL(length, PSA_HASH_LENGTH(alg)); + TEST_ASSERT(length <= PSA_HASH_MAX_SIZE); } /* END_CASE */ /* BEGIN_CASE */ -void mac_algorithm( int alg_arg, int classification_flags, - int length_arg, - int key_type_arg, int key_bits_arg ) +void mac_algorithm(int alg_arg, int classification_flags, + int length_arg, + int key_type_arg, int key_bits_arg) { psa_algorithm_t alg = alg_arg; size_t length = length_arg; @@ -295,127 +295,124 @@ void mac_algorithm( int alg_arg, int classification_flags, size_t key_type = key_type_arg; size_t key_bits = key_bits_arg; - mac_algorithm_core( alg, classification_flags, - key_type, key_bits, length ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg ); - TEST_ASSERT( length <= PSA_MAC_MAX_SIZE ); + mac_algorithm_core(alg, classification_flags, + key_type, key_bits, length); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(alg), alg); + TEST_ASSERT(length <= PSA_MAC_MAX_SIZE); /* Truncated versions */ - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); - mac_algorithm_core( truncated_alg, classification_flags, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n); + mac_algorithm_core(truncated_alg, classification_flags, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(truncated_alg), alg); /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length * of the outer truncation (even if the outer length is smaller than * the inner length). */ - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ), - PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ), - PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ), - PSA_ALG_TRUNCATED_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, 1), + PSA_ALG_TRUNCATED_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length - 1), + PSA_ALG_TRUNCATED_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC(truncated_alg, length), + PSA_ALG_TRUNCATED_MAC(alg, length)); /* Check that calling PSA_ALG_TRUNCATED_MAC on an algorithm * earlier constructed with PSA_ALG_AT_LEAST_THIS_LENGTH_MAC gives the * length of the outer truncation (even if the outer length is smaller * than the inner length). */ - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), 1 ), - PSA_ALG_TRUNCATED_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length - 1 ), - PSA_ALG_TRUNCATED_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( truncated_alg, n ), length ), - PSA_ALG_TRUNCATED_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), 1), + PSA_ALG_TRUNCATED_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length - 1), + PSA_ALG_TRUNCATED_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_TRUNCATED_MAC( + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(truncated_alg, n), length), + PSA_ALG_TRUNCATED_MAC(alg, length)); } /* At-leat-this-length versions */ - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, n ); - mac_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( policy_alg ), alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t policy_alg = PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, n); + mac_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_FULL_LENGTH_MAC(policy_alg), alg); /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC twice gives the * length of the outer truncation (even if the outer length is smaller * than the inner length). */ - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length - 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( policy_alg, length ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length - 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(policy_alg, length), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length)); /* Check that calling PSA_ALG_AT_LEAST_THIS_LENGTH_MAC on an algorithm * earlier constructed with PSA_ALG_TRUNCATED_MAC gives the length of * the outer truncation (even if the outer length is smaller than the * inner length). */ - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), 1), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length - 1 ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length - 1) ); - TEST_EQUAL( PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( - PSA_ALG_TRUNCATED_MAC( policy_alg, n ), length ), - PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( alg, length ) ); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), length - 1), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length - 1)); + TEST_EQUAL(PSA_ALG_AT_LEAST_THIS_LENGTH_MAC( + PSA_ALG_TRUNCATED_MAC(policy_alg, n), length), + PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(alg, length)); } } /* END_CASE */ /* BEGIN_CASE */ -void hmac_algorithm( int alg_arg, - int length_arg, - int block_size_arg ) +void hmac_algorithm(int alg_arg, + int length_arg, + int block_size_arg) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg ); + psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH(alg); size_t block_size = block_size_arg; size_t length = length_arg; size_t n; - TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) ); - TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg ); + TEST_ASSERT(PSA_ALG_IS_HASH(hash_alg)); + TEST_EQUAL(PSA_ALG_HMAC(hash_alg), alg); - TEST_ASSERT( block_size == PSA_HASH_BLOCK_LENGTH( alg ) ); - TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE ); + TEST_ASSERT(block_size == PSA_HASH_BLOCK_LENGTH(alg)); + TEST_ASSERT(block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE); - test_mac_algorithm( alg_arg, ALG_IS_HMAC, length, - PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) ); + test_mac_algorithm(alg_arg, ALG_IS_HMAC, length, + PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS(length)); - for( n = 1; n <= length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n ); - TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg ); + for (n = 1; n <= length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC(alg, n); + TEST_EQUAL(PSA_ALG_HMAC_GET_HASH(truncated_alg), hash_alg); } } /* END_CASE */ /* BEGIN_CASE */ -void cipher_algorithm( int alg_arg, int classification_flags ) +void cipher_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void aead_algorithm( int alg_arg, int classification_flags, - int tag_length_arg, - int key_type_arg, int key_bits_arg ) +void aead_algorithm(int alg_arg, int classification_flags, + int tag_length_arg, + int key_type_arg, int key_bits_arg) { psa_algorithm_t alg = alg_arg; size_t tag_length = tag_length_arg; @@ -423,102 +420,101 @@ void aead_algorithm( int alg_arg, int classification_flags, psa_key_type_t key_type = key_type_arg; size_t key_bits = key_bits_arg; - aead_algorithm_core( alg, classification_flags, - key_type, key_bits, tag_length ); + aead_algorithm_core(alg, classification_flags, + key_type, key_bits, tag_length); /* Truncated versions */ - for( n = 1; n <= tag_length; n++ ) - { - psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, n ); - aead_algorithm_core( truncated_alg, classification_flags, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( truncated_alg ), - alg ); + for (n = 1; n <= tag_length; n++) { + psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, n); + aead_algorithm_core(truncated_alg, classification_flags, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(truncated_alg), + alg); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG twice gives * the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length - 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( truncated_alg, tag_length ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length - 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG(truncated_alg, tag_length), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length)); /* Check that calling PSA_ALG_AEAD_WITH_SHORTENED_TAG on an algorithm * earlier constructed with PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length - 1 ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_SHORTENED_TAG( - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( truncated_alg, n ), tag_length ), - PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, + n), tag_length - 1), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_SHORTENED_TAG( + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(truncated_alg, n), tag_length), + PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, tag_length)); } /* At-leat-this-length versions */ - for( n = 1; n <= tag_length; n++ ) - { - psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, n ); - aead_algorithm_core( policy_alg, classification_flags | ALG_IS_WILDCARD, - key_type, key_bits, n ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG( policy_alg ), - alg ); + for (n = 1; n <= tag_length; n++) { + psa_algorithm_t policy_alg = PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, n); + aead_algorithm_core(policy_alg, classification_flags | ALG_IS_WILDCARD, + key_type, key_bits, n); + TEST_EQUAL(PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(policy_alg), + alg); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG twice * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length - 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( policy_alg, tag_length ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length - 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(policy_alg, tag_length), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length)); /* Check that calling PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG on an * algorithm earlier constructed with PSA_ALG_AEAD_WITH_SHORTENED_TAG * gives the length of the outer truncation (even if the outer length is * smaller than the inner length). */ - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), 1), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, 1 ) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length - 1 ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length - 1) ); - TEST_EQUAL( PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( - PSA_ALG_AEAD_WITH_SHORTENED_TAG( policy_alg, n ), tag_length ), - PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( alg, tag_length ) ); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length - 1), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length - 1)); + TEST_EQUAL(PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG( + PSA_ALG_AEAD_WITH_SHORTENED_TAG(policy_alg, n), tag_length), + PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(alg, tag_length)); } } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_algorithm( int alg_arg, int classification_flags ) +void asymmetric_signature_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) +void asymmetric_signature_wildcard(int alg_arg, int classification_flags) { classification_flags |= ALG_IS_WILDCARD; classification_flags |= ALG_IS_SIGN_HASH; classification_flags |= ALG_IS_HASH_AND_SIGN; - test_asymmetric_signature_algorithm( alg_arg, classification_flags ); + test_asymmetric_signature_algorithm(alg_arg, classification_flags); /* Any failure of this test function comes from * asymmetric_signature_algorithm. Pacify -Werror=unused-label. */ goto exit; @@ -526,175 +522,173 @@ void asymmetric_signature_wildcard( int alg_arg, int classification_flags ) /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_encryption_algorithm( int alg_arg, int classification_flags ) +void asymmetric_encryption_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); } /* END_CASE */ /* BEGIN_CASE */ -void key_derivation_algorithm( int alg_arg, int classification_flags ) +void key_derivation_algorithm(int alg_arg, int classification_flags) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, alg ); - psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT( PSA_ALG_FFDH, alg ); + psa_algorithm_t ecdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, alg); + psa_algorithm_t ffdh_alg = PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, alg); /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Check combinations with key agreements */ - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ecdh_alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( ffdh_alg ) ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ecdh_alg ), alg ); - TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( ffdh_alg ), alg ); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ecdh_alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(ffdh_alg)); + TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ecdh_alg), alg); + TEST_EQUAL(PSA_ALG_KEY_AGREEMENT_GET_KDF(ffdh_alg), alg); } /* END_CASE */ /* BEGIN_CASE */ -void key_agreement_algorithm( int alg_arg, int classification_flags, - int ka_alg_arg, int kdf_alg_arg ) +void key_agreement_algorithm(int alg_arg, int classification_flags, + int ka_alg_arg, int kdf_alg_arg) { psa_algorithm_t alg = alg_arg; - psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ); + psa_algorithm_t actual_ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(alg); psa_algorithm_t expected_ka_alg = ka_alg_arg; - psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); + psa_algorithm_t actual_kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); psa_algorithm_t expected_kdf_alg = kdf_alg_arg; /* Algorithm classification */ - TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ); - TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) ); - TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) ); - algorithm_classification( alg, classification_flags ); + TEST_ASSERT(!PSA_ALG_IS_HASH(alg)); + TEST_ASSERT(!PSA_ALG_IS_MAC(alg)); + TEST_ASSERT(!PSA_ALG_IS_CIPHER(alg)); + TEST_ASSERT(!PSA_ALG_IS_AEAD(alg)); + TEST_ASSERT(!PSA_ALG_IS_SIGN(alg)); + TEST_ASSERT(!PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)); + TEST_ASSERT(PSA_ALG_IS_KEY_AGREEMENT(alg)); + TEST_ASSERT(!PSA_ALG_IS_KEY_DERIVATION(alg)); + algorithm_classification(alg, classification_flags); /* Shared secret derivation properties */ - TEST_EQUAL( actual_ka_alg, expected_ka_alg ); - TEST_EQUAL( actual_kdf_alg, expected_kdf_alg ); + TEST_EQUAL(actual_ka_alg, expected_ka_alg); + TEST_EQUAL(actual_kdf_alg, expected_kdf_alg); } /* END_CASE */ /* BEGIN_CASE */ -void key_type( int type_arg, int classification_flags ) +void key_type(int type_arg, int classification_flags) { psa_key_type_t type = type_arg; - key_type_classification( type, classification_flags ); + key_type_classification(type, classification_flags); /* For asymmetric types, check the corresponding pair/public type */ - if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY ) - { - psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( pair_type ), type ); - key_type_classification( pair_type, - ( classification_flags - & ~KEY_TYPE_IS_PUBLIC_KEY ) - | KEY_TYPE_IS_KEY_PAIR ); - TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ), type ); + if (classification_flags & KEY_TYPE_IS_PUBLIC_KEY) { + psa_key_type_t pair_type = PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type); + TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(pair_type), type); + key_type_classification(pair_type, + (classification_flags + & ~KEY_TYPE_IS_PUBLIC_KEY) + | KEY_TYPE_IS_KEY_PAIR); + TEST_EQUAL(PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type), type); } - if( classification_flags & KEY_TYPE_IS_KEY_PAIR ) - { - psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ); - TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( public_type ), type ); - key_type_classification( public_type, - ( classification_flags - & ~KEY_TYPE_IS_KEY_PAIR ) - | KEY_TYPE_IS_PUBLIC_KEY ); - TEST_EQUAL( PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY( type ), type ); + if (classification_flags & KEY_TYPE_IS_KEY_PAIR) { + psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type); + TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(public_type), type); + key_type_classification(public_type, + (classification_flags + & ~KEY_TYPE_IS_KEY_PAIR) + | KEY_TYPE_IS_PUBLIC_KEY); + TEST_EQUAL(PSA_KEY_TYPE_KEY_PAIR_OF_PUBLIC_KEY(type), type); } } /* END_CASE */ /* BEGIN_CASE */ -void block_cipher_key_type( int type_arg, int block_size_arg ) +void block_cipher_key_type(int type_arg, int block_size_arg) { psa_key_type_t type = type_arg; size_t block_size = block_size_arg; - test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED); - TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), block_size ); + TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC); + TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), block_size); /* Check that the block size is a power of 2. This is required, at least, - for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ - TEST_ASSERT( ( ( block_size - 1 ) & block_size ) == 0 ); + for PSA_ROUND_UP_TO_MULTIPLE(block_size, length) in crypto_sizes.h. */ + TEST_ASSERT(((block_size - 1) & block_size) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void stream_cipher_key_type( int type_arg ) +void stream_cipher_key_type(int type_arg) { psa_key_type_t type = type_arg; - test_key_type( type_arg, KEY_TYPE_IS_UNSTRUCTURED ); + test_key_type(type_arg, KEY_TYPE_IS_UNSTRUCTURED); - TEST_EQUAL( type & PSA_KEY_TYPE_CATEGORY_MASK, - PSA_KEY_TYPE_CATEGORY_SYMMETRIC ); - TEST_EQUAL( PSA_BLOCK_CIPHER_BLOCK_LENGTH( type ), 1 ); + TEST_EQUAL(type & PSA_KEY_TYPE_CATEGORY_MASK, + PSA_KEY_TYPE_CATEGORY_SYMMETRIC); + TEST_EQUAL(PSA_BLOCK_CIPHER_BLOCK_LENGTH(type), 1); } /* END_CASE */ /* BEGIN_CASE depends_on:PSA_KEY_TYPE_ECC_PUBLIC_KEY:PSA_KEY_TYPE_ECC_KEY_PAIR */ -void ecc_key_family( int curve_arg ) +void ecc_key_family(int curve_arg) { psa_ecc_family_t curve = curve_arg; - psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve ); - psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve ); + psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve); + psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve); - TEST_PARITY( curve ); + TEST_PARITY(curve); - test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR ); + test_key_type(public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY); + test_key_type(pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEY_PAIR); - TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( public_type ), curve ); - TEST_EQUAL( PSA_KEY_TYPE_ECC_GET_FAMILY( pair_type ), curve ); + TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(public_type), curve); + TEST_EQUAL(PSA_KEY_TYPE_ECC_GET_FAMILY(pair_type), curve); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ -void dh_key_family( int group_arg ) +void dh_key_family(int group_arg) { psa_dh_family_t group = group_arg; - psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); - psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); + psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY(group); + psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR(group); - TEST_PARITY( group ); + TEST_PARITY(group); - test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); - test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR ); + test_key_type(public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY); + test_key_type(pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR); - TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( public_type ), group ); - TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group ); + TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(public_type), group); + TEST_EQUAL(PSA_KEY_TYPE_DH_GET_FAMILY(pair_type), group); } /* END_CASE */ /* BEGIN_CASE */ -void lifetime( int lifetime_arg, int classification_flags, - int persistence_arg, int location_arg ) +void lifetime(int lifetime_arg, int classification_flags, + int persistence_arg, int location_arg) { psa_key_lifetime_t lifetime = lifetime_arg; psa_key_persistence_t persistence = persistence_arg; @@ -702,12 +696,12 @@ void lifetime( int lifetime_arg, int classification_flags, unsigned flags = classification_flags; unsigned classification_flags_tested = 0; - TEST_CLASSIFICATION_MACRO( 1, KEY_LIFETIME_IS_VOLATILE, lifetime, flags ); - TEST_CLASSIFICATION_MACRO( 1, KEY_LIFETIME_IS_READ_ONLY, lifetime, flags ); - TEST_EQUAL( classification_flags_tested, - KEY_LIFETIME_FLAG_MASK_PLUS_ONE - 1 ); + TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_VOLATILE, lifetime, flags); + TEST_CLASSIFICATION_MACRO(1, KEY_LIFETIME_IS_READ_ONLY, lifetime, flags); + TEST_EQUAL(classification_flags_tested, + KEY_LIFETIME_FLAG_MASK_PLUS_ONE - 1); - TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence ); - TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location ); + TEST_EQUAL(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime), persistence); + TEST_EQUAL(PSA_KEY_LIFETIME_GET_LOCATION(lifetime), location); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_not_supported.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_not_supported.function index e3253d84059..e5e66f482e3 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_not_supported.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_not_supported.function @@ -3,7 +3,7 @@ #include "psa/crypto.h" #include "test/psa_crypto_helpers.h" -#define INVALID_KEY_ID mbedtls_svc_key_id_make( 0, 0xfedcba98 ) +#define INVALID_KEY_ID mbedtls_svc_key_id_make(0, 0xfedcba98) /* END_HEADER */ @@ -13,40 +13,40 @@ */ /* BEGIN_CASE */ -void import_not_supported( int key_type, data_t *key_material ) +void import_not_supported(int key_type, data_t *key_material) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - TEST_EQUAL( psa_import_key( &attributes, - key_material->x, key_material->len, - &key_id ), - PSA_ERROR_NOT_SUPPORTED ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + TEST_EQUAL(psa_import_key(&attributes, + key_material->x, key_material->len, + &key_id), + PSA_ERROR_NOT_SUPPORTED); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT)); exit: - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_not_supported( int key_type, int bits ) +void generate_not_supported(int key_type, int bits) { psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = INVALID_KEY_ID; - PSA_ASSERT( psa_crypto_init( ) ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &key_id ), - PSA_ERROR_NOT_SUPPORTED ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, MBEDTLS_SVC_KEY_ID_INIT ) ); + PSA_ASSERT(psa_crypto_init()); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &key_id), + PSA_ERROR_NOT_SUPPORTED); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, MBEDTLS_SVC_KEY_ID_INIT)); exit: - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.function new file mode 100644 index 00000000000..0d5d53890fc --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.function @@ -0,0 +1,381 @@ +/* BEGIN_HEADER */ + +#include "psa/crypto.h" +#include "test/psa_crypto_helpers.h" + +static int test_equal_status(const char *test, + int line_no, const char *filename, + psa_status_t value1, + psa_status_t value2) +{ + if ((value1 == PSA_ERROR_INVALID_ARGUMENT && + value2 == PSA_ERROR_NOT_SUPPORTED) || + (value1 == PSA_ERROR_NOT_SUPPORTED && + value2 == PSA_ERROR_INVALID_ARGUMENT)) { + return 1; + } + return mbedtls_test_equal(test, line_no, filename, value1, value2); +} + +/** Like #TEST_EQUAL, but expects #psa_status_t values and treats + * #PSA_ERROR_INVALID_ARGUMENT and #PSA_ERROR_NOT_SUPPORTED as + * interchangeable. + * + * This test suite currently allows NOT_SUPPORTED and INVALID_ARGUMENT + * to be interchangeable in places where the library's behavior does not + * match the strict expectations of the test case generator. In the long + * run, it would be better to clarify the expectations and reconcile the + * library and the test case generator. + */ +#define TEST_STATUS(expr1, expr2) \ + do { \ + if (!test_equal_status( #expr1 " == " #expr2, __LINE__, __FILE__, \ + expr1, expr2)) \ + goto exit; \ + } while (0) + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void hash_fail(int alg_arg, int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_algorithm_t alg = alg_arg; + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_HASH_MAX_SIZE] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + TEST_EQUAL(expected_status, + psa_hash_setup(&operation, alg)); + TEST_EQUAL(expected_status, + psa_hash_compute(alg, input, sizeof(input), + output, sizeof(output), &length)); + TEST_EQUAL(expected_status, + psa_hash_compare(alg, input, sizeof(input), + output, sizeof(output))); + +exit: + psa_hash_abort(&operation); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mac_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_MAC_MAX_SIZE] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_mac_sign_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_mac_verify_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_mac_compute(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_mac_verify(key_id, alg, + input, sizeof(input), + output, sizeof(output))); + +exit: + psa_mac_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void cipher_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t input[1] = { 'A' }; + uint8_t output[64] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_cipher_encrypt_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_cipher_decrypt_setup(&operation, key_id, alg)); + TEST_STATUS(expected_status, + psa_cipher_encrypt(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_cipher_decrypt(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + +exit: + psa_cipher_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void aead_fail(int key_type_arg, data_t *key_data, + int alg_arg, int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t input[16] = "ABCDEFGHIJKLMNO"; + uint8_t output[64] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_aead_encrypt(key_id, alg, + input, sizeof(input), + NULL, 0, input, sizeof(input), + output, sizeof(output), &length)); + TEST_STATUS(expected_status, + psa_aead_decrypt(key_id, alg, + input, sizeof(input), + NULL, 0, input, sizeof(input), + output, sizeof(output), &length)); + +exit: + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t input[1] = { 'A' }; + uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + TEST_STATUS(expected_status, + psa_sign_hash(key_id, alg, + input, sizeof(input), + output, sizeof(output), &length)); + if (!private_only) { + /* Determine a plausible signature size to avoid an INVALID_SIGNATURE + * error based on this. */ + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + size_t key_bits = psa_get_key_bits(&attributes); + size_t output_length = sizeof(output); + if (PSA_KEY_TYPE_IS_RSA(key_type)) { + output_length = PSA_BITS_TO_BYTES(key_bits); + } else if (PSA_KEY_TYPE_IS_ECC(key_type)) { + output_length = 2 * PSA_BITS_TO_BYTES(key_bits); + } + TEST_ASSERT(output_length <= sizeof(output)); + TEST_STATUS(expected_status, + psa_verify_hash(key_id, alg, + input, sizeof(input), + output, output_length)); + } + +exit: + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void asymmetric_encryption_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t plaintext[PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE] = { 0 }; + uint8_t ciphertext[PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE] = { 0 }; + size_t length = SIZE_MAX; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_ENCRYPT | + PSA_KEY_USAGE_DECRYPT); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + + if (!private_only) { + TEST_STATUS(expected_status, + psa_asymmetric_encrypt(key_id, alg, + plaintext, 1, + NULL, 0, + ciphertext, sizeof(ciphertext), + &length)); + } + TEST_STATUS(expected_status, + psa_asymmetric_decrypt(key_id, alg, + ciphertext, sizeof(ciphertext), + NULL, 0, + plaintext, sizeof(plaintext), + &length)); + +exit: + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_derivation_fail(int alg_arg, int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_algorithm_t alg = alg_arg; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + + PSA_INIT(); + + TEST_EQUAL(expected_status, + psa_key_derivation_setup(&operation, alg)); + +exit: + psa_key_derivation_abort(&operation); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void key_agreement_fail(int key_type_arg, data_t *key_data, + int alg_arg, int private_only, + int expected_status_arg) +{ + psa_status_t expected_status = expected_status_arg; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 }; + size_t public_key_length = SIZE_MAX; + uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + size_t length = SIZE_MAX; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + + PSA_INIT(); + + psa_set_key_type(&attributes, key_type); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + PSA_ASSERT(psa_import_key(&attributes, + key_data->x, key_data->len, + &key_id)); + if (PSA_KEY_TYPE_IS_KEY_PAIR(key_type) || + PSA_KEY_TYPE_IS_PUBLIC_KEY(key_type)) { + PSA_ASSERT(psa_export_public_key(key_id, + public_key, sizeof(public_key), + &public_key_length)); + } + + TEST_STATUS(expected_status, + psa_raw_key_agreement(alg, key_id, + public_key, public_key_length, + output, sizeof(output), &length)); + +#if defined(PSA_WANT_ALG_HKDF) && defined(PSA_WANT_ALG_SHA_256) + PSA_ASSERT(psa_key_derivation_setup(&operation, + PSA_ALG_HKDF(PSA_ALG_SHA_256))); + TEST_STATUS(expected_status, + psa_key_derivation_key_agreement( + &operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key_id, + public_key, public_key_length)); +#endif + + /* There are no public-key operations. */ + (void) private_only; + +exit: + psa_key_derivation_abort(&operation); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + PSA_DONE(); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.generated.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.generated.data new file mode 100644 index 00000000000..1c674a617a0 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.generated.data @@ -0,0 +1,32526 @@ +# Automatically generated by generate_psa_tests.py. Do not edit! + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with AES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with DES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1): invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): invalid +depends_on:PSA_WANT_ALG_GCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with DES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1): invalid +depends_on:PSA_WANT_ALG_GCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,1): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,1): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with AES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with DES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305,1): invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(GCM,1): invalid +depends_on:PSA_WANT_ALG_GCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with DES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(GCM,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(GCM,1): invalid +depends_on:PSA_WANT_ALG_GCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,4): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with AES +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with ARIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): !CCM with CAMELLIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,4): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,13): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,13): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,13): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,13):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,14): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with AES +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with ARIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): !CCM with CAMELLIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,14): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,14): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,16): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with AES +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with ARIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): !CCM with CAMELLIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_NOT_SUPPORTED + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,16): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,16): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement AEAD_WITH_SHORTENED_TAG(CCM,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash AEAD_WITH_SHORTENED_TAG(CCM,63): invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA aead AEAD_WITH_SHORTENED_TAG(CCM,63): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AEAD_WITH_SHORTENED_TAG(CCM,63): invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,63):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ANY_HASH: invalid +key_derivation_fail:PSA_ALG_ANY_HASH:PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CMAC,1): invalid +depends_on:PSA_WANT_ALG_CMAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with DES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CMAC,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CMAC,1): invalid +depends_on:PSA_WANT_ALG_CMAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA hash AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA hash CBC_MAC: invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: !CBC_MAC with AES +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED + +PSA mac CBC_MAC: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: !CBC_MAC with ARIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED + +PSA mac CBC_MAC: !CBC_MAC with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_NOT_SUPPORTED + +PSA mac CBC_MAC: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_MAC: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_MAC: invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_MAC: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_MAC: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_MAC: invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_MAC: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_MAC: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_MAC: invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_MAC: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_MAC: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_MAC: invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_MAC: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_MAC: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CBC_MAC: invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_CBC_MAC:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_MAC: invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_MAC: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_MAC: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_MAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CBC_NO_PADDING: invalid +depends_on:PSA_WANT_ALG_CBC_NO_PADDING +hash_fail:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with AES +depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_NO_PADDING: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with ARIA +depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_NO_PADDING: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: !CBC_NO_PADDING with DES +depends_on:!PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_NO_PADDING: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CBC_NO_PADDING: invalid +depends_on:PSA_WANT_ALG_CBC_NO_PADDING +key_derivation_fail:PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CBC_PKCS7: invalid +depends_on:PSA_WANT_ALG_CBC_PKCS7 +hash_fail:PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_PKCS7: invalid with AES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_PKCS7: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_PKCS7: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CBC_PKCS7: invalid with DES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: !CBC_PKCS7 with AES +depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_PKCS7: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: !CBC_PKCS7 with ARIA +depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_PKCS7: !CBC_PKCS7 with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_PKCS7: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: !CBC_PKCS7 with DES +depends_on:!PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CBC_PKCS7: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_PKCS7: invalid with AES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_PKCS7: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_PKCS7: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CBC_PKCS7: invalid with DES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_PKCS7: invalid with AES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_PKCS7: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_PKCS7: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CBC_PKCS7: invalid with DES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_PKCS7: invalid with AES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_PKCS7: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_PKCS7: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CBC_PKCS7: invalid with DES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CBC_PKCS7: invalid +depends_on:PSA_WANT_ALG_CBC_PKCS7 +key_derivation_fail:PSA_ALG_CBC_PKCS7:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_PKCS7: invalid with AES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_PKCS7: invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_PKCS7: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CBC_PKCS7: invalid with DES +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CBC_PKCS7:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CCM: invalid +depends_on:PSA_WANT_ALG_CCM +hash_fail:PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CCM: invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CCM: invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CCM: invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CCM: invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: !CCM with AES +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead CCM: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: !CCM with ARIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead CCM: !CCM with CAMELLIA +depends_on:!PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead CCM: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with DES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with HMAC +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CCM: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CCM: invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CCM: invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CCM: invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CCM: invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CCM: invalid +depends_on:PSA_WANT_ALG_CCM +key_derivation_fail:PSA_ALG_CCM:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CCM: invalid with AES +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CCM: invalid with ARIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CFB: invalid +depends_on:PSA_WANT_ALG_CFB +hash_fail:PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CFB: invalid with AES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CFB: invalid with ARIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CFB: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: !CFB with AES +depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CFB: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: !CFB with ARIA +depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CFB: !CFB with CAMELLIA +depends_on:!PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CFB: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with DES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with HMAC +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CFB: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CFB: invalid with AES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CFB: invalid with ARIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CFB: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CFB: invalid with AES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CFB: invalid with ARIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CFB: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CFB: invalid with AES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CFB: invalid with ARIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CFB: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CFB: invalid +depends_on:PSA_WANT_ALG_CFB +key_derivation_fail:PSA_ALG_CFB:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CFB: invalid with AES +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CFB: invalid with ARIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CFB: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CHACHA20_POLY1305: invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +hash_fail:PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CHACHA20_POLY1305: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CHACHA20_POLY1305: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with AES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ARIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: !CHACHA20_POLY1305 with CHACHA20 +depends_on:!PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_NOT_SUPPORTED + +PSA aead CHACHA20_POLY1305: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with DES +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with HMAC +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CHACHA20_POLY1305: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CHACHA20_POLY1305: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CHACHA20_POLY1305: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CHACHA20_POLY1305: invalid +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 +key_derivation_fail:PSA_ALG_CHACHA20_POLY1305:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CHACHA20_POLY1305: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CHACHA20_POLY1305:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CMAC: invalid +depends_on:PSA_WANT_ALG_CMAC +hash_fail:PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: !CMAC with AES +depends_on:!PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED + +PSA mac CMAC: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ARIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with DES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with HMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CMAC: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CMAC: invalid with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CMAC: invalid with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CMAC: invalid with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CMAC: invalid with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CMAC: invalid +depends_on:PSA_WANT_ALG_CMAC +key_derivation_fail:PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CMAC: invalid with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CMAC:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash CTR: invalid +depends_on:PSA_WANT_ALG_CTR +hash_fail:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CTR: invalid with AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CTR: invalid with ARIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA mac CTR: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: !CTR with AES +depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CTR: incompatible with ARC4 +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: !CTR with ARIA +depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CTR: !CTR with CAMELLIA +depends_on:!PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED + +PSA cipher CTR: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with DERIVE +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with DES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with HMAC +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher CTR: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CTR: invalid with AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CTR: invalid with ARIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA aead CTR: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CTR: invalid with AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CTR: invalid with ARIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign CTR: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CTR: invalid with AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CTR: invalid with ARIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption CTR: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation CTR: invalid +depends_on:PSA_WANT_ALG_CTR +key_derivation_fail:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CTR: invalid with AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CTR: invalid with ARIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement CTR: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_CTR:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(MD2): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD2): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(MD2): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(MD4): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(MD4): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(MD5): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(MD5): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(MD5): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_224): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_256): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_384): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_DSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_DSA(SHA_512): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_DSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(MD2): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD2): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(MD2): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(MD4): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(MD4): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(MD5): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(MD5): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(MD5): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_224): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_256): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_384): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !DETERMINISTIC_ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign DETERMINISTIC_ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(SHA_512): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement DETERMINISTIC_ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash DETERMINISTIC_ECDSA(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA +hash_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with AES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ARIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with DES +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with HMAC +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DETERMINISTIC_ECDSA(ANY_HASH): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DETERMINISTIC_ECDSA(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA +key_derivation_fail:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(MD2): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD2): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(MD2): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(MD4): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(MD4): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(MD5): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(MD5): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(MD5): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_224): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_256): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_384): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA hash DSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign DSA(SHA_512): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation DSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_DSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECB_NO_PADDING: invalid +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +hash_fail:PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECB_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECB_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECB_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECB_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with AES +depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher ECB_NO_PADDING: incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with ARIA +depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with CAMELLIA +depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher ECB_NO_PADDING: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: !ECB_NO_PADDING with DES +depends_on:!PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_NOT_SUPPORTED + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with HMAC +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECB_NO_PADDING: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECB_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECB_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECB_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECB_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECB_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECB_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECB_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECB_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECB_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECB_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECB_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECB_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECB_NO_PADDING: invalid +depends_on:PSA_WANT_ALG_ECB_NO_PADDING +key_derivation_fail:PSA_ALG_ECB_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECB_NO_PADDING: invalid with AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECB_NO_PADDING: invalid with ARIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECB_NO_PADDING: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECB_NO_PADDING: invalid with DES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECB_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDH: invalid +depends_on:PSA_WANT_ALG_ECDH +hash_fail:PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDH: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDH: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDH: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDH: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDH: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDH: invalid +depends_on:PSA_WANT_ALG_ECDH +key_derivation_fail:PSA_ALG_ECDH:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDH:0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement ECDH: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDH: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(MD2): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): !MD2 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD2): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD2): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(MD2): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD2): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(MD4): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): !MD4 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD4): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(MD4): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD4): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(MD5): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): !MD5 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(MD5): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(MD5): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(MD5): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(MD5): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): !RIPEMD160 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(RIPEMD160): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(RIPEMD160): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(RIPEMD160): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): !SHA_1 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_1): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(SHA_1): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_1): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): !SHA_224 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_224): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_224): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(SHA_224): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_224): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): !SHA_256 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_256): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_256): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(SHA_256): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_256): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): !SHA_384 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_384): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_384): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(SHA_384): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_384): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): !ECDSA with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): !SHA_512 with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:!PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA(SHA_512): public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(SHA_512): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(SHA_512): invalid +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA(SHA_512): invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_ECDSA +hash_fail:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA(ANY_HASH): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_ECDSA +key_derivation_fail:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA hash ECDSA_ANY: invalid +depends_on:PSA_WANT_ALG_ECDSA_ANY +hash_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with AES +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with DES +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: !ECDSA_ANY with ECC_PUBLIC_KEY(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ECDSA_ANY: public with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ECDSA_ANY: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ECDSA_ANY: invalid +depends_on:PSA_WANT_ALG_ECDSA_ANY +key_derivation_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ECDSA_ANY: invalid with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ECDSA_ANY:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ED25519PH: invalid +depends_on:PSA_WANT_ALG_ED25519PH +hash_fail:PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with AES +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ARC4 +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ARIA +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with DERIVE +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with DES +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: !ED25519PH with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: !ED25519PH with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ED25519PH: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with HMAC +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED25519PH: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ED25519PH: invalid +depends_on:PSA_WANT_ALG_ED25519PH +key_derivation_fail:PSA_ALG_ED25519PH:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ED25519PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ED25519PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED25519PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash ED448PH: invalid +depends_on:PSA_WANT_ALG_ED448PH +hash_fail:PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA mac ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA aead ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with AES +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ARC4 +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ARIA +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with DERIVE +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with DES +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: !ED448PH with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: !ED448PH with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign ED448PH: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with HMAC +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign ED448PH: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation ED448PH: invalid +depends_on:PSA_WANT_ALG_ED448PH +key_derivation_fail:PSA_ALG_ED448PH:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ED448PH: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement ED448PH: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_ED448PH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash FFDH: invalid +depends_on:PSA_WANT_ALG_FFDH +hash_fail:PSA_ALG_FFDH:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation FFDH: invalid +depends_on:PSA_WANT_ALG_FFDH +key_derivation_fail:PSA_ALG_FFDH:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with AES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ARC4 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ARIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with DERIVE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with DES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with HMAC +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement FFDH: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_FFDH:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash GCM: invalid +depends_on:PSA_WANT_ALG_GCM +hash_fail:PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac GCM: invalid with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac GCM: invalid with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA mac GCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher GCM: invalid with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher GCM: invalid with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher GCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: !GCM with AES +depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead GCM: incompatible with ARC4 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: !GCM with ARIA +depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead GCM: !GCM with CAMELLIA +depends_on:!PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_NOT_SUPPORTED + +PSA aead GCM: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with DERIVE +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DERIVE +aead_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with DES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_DES +aead_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with HMAC +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA +aead_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA aead GCM: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA sign GCM: invalid with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign GCM: invalid with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign GCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption GCM: invalid with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption GCM: invalid with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption GCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation GCM: invalid +depends_on:PSA_WANT_ALG_GCM +key_derivation_fail:PSA_ALG_GCM:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement GCM: invalid with AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement GCM: invalid with ARIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement GCM: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_GCM:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HKDF(MD2): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(MD2): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(MD2): !MD2 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(MD4): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(MD4): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(MD4): !MD4 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(MD5): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(MD5): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(MD5): !MD5 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(RIPEMD160): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(RIPEMD160): !RIPEMD160 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(SHA_1): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(SHA_1): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(SHA_1): !SHA_1 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(SHA_224): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(SHA_224): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(SHA_224): !SHA_224 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(SHA_256): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(SHA_256): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(SHA_256): !SHA_256 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(SHA_384): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(SHA_384): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(SHA_384): !SHA_384 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA hash HKDF(SHA_512): invalid +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HKDF(SHA_512): !HKDF +depends_on:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation HKDF(SHA_512): !SHA_512 +depends_on:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA hash HMAC(MD2): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD2): !MD2 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD2): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(MD2): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(MD2): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(MD2): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(MD2): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(MD2): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(MD2): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(MD4): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD4): !MD4 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(MD4): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(MD4): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(MD4): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(MD4): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(MD4): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(MD4): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(MD5): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD5): !MD5 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(MD5): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(MD5): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(MD5): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(MD5): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(MD5): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(MD5): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(MD5): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(RIPEMD160): !RIPEMD160 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(RIPEMD160): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(RIPEMD160): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(RIPEMD160): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(RIPEMD160): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(RIPEMD160): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(RIPEMD160): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(SHA_1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_1): !SHA_1 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(SHA_1): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(SHA_1): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(SHA_1): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(SHA_1): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(SHA_1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(SHA_1): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(SHA_224): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_224): !SHA_224 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_224): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(SHA_224): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(SHA_224): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(SHA_224): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(SHA_224): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(SHA_224): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(SHA_224): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(SHA_256): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_256): !SHA_256 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_256): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(SHA_256): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(SHA_256): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(SHA_256): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(SHA_256): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(SHA_256): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(SHA_256): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(SHA_384): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_384): !SHA_384 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_384): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(SHA_384): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(SHA_384): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(SHA_384): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(SHA_384): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(SHA_384): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(SHA_384): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash HMAC(SHA_512): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): !HMAC with HMAC +depends_on:!PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_512): !SHA_512 with HMAC +depends_on:PSA_WANT_ALG_HMAC:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA mac HMAC(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac HMAC(SHA_512): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher HMAC(SHA_512): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead HMAC(SHA_512): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +aead_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign HMAC(SHA_512): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption HMAC(SHA_512): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation HMAC(SHA_512): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_HMAC(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement HMAC(SHA_512): invalid with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_HMAC(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !HKDF with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_256)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(FFDH,HKDF(SHA_256)): invalid +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !FFDH +depends_on:!PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !HKDF +depends_on:PSA_WANT_ALG_FFDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_256)): !SHA_256 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with AES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ARIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with DES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with HMAC +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_256)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,HKDF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !HKDF with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,HKDF(SHA_384)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_256)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): !TLS12_PRF with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PRF(SHA_384)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !SHA_256 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_256)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA mac KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA aead KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): invalid with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with AES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ARIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with DES +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(MONTGOMERY) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECP_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_K1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R1) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !ECDH with ECC_KEY_PAIR(SECT_R2) +depends_on:!PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !SHA_384 with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): !TLS12_PSK_TO_MS with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with HMAC +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(ECDH,TLS12_PSK_TO_MS(SHA_384)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash KEY_AGREEMENT(FFDH,HKDF(SHA_384)): invalid +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !FFDH +depends_on:!PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !HKDF +depends_on:PSA_WANT_ALG_FFDH:!PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation KEY_AGREEMENT(FFDH,HKDF(SHA_384)): !SHA_384 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:!PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):PSA_ERROR_NOT_SUPPORTED + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with AES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ARC4 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ARIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with DERIVE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +key_agreement_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with DES +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +key_agreement_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with HMAC +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_agreement_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +key_agreement_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement KEY_AGREEMENT(FFDH,HKDF(SHA_384)): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash MD2: !MD2 +depends_on:!PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_MD2:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation MD2: invalid +depends_on:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_MD2:PSA_ERROR_INVALID_ARGUMENT + +PSA hash MD4: !MD4 +depends_on:!PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_MD4:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation MD4: invalid +depends_on:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_MD4:PSA_ERROR_INVALID_ARGUMENT + +PSA hash MD5: !MD5 +depends_on:!PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_MD5:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation MD5: invalid +depends_on:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_MD5:PSA_ERROR_INVALID_ARGUMENT + +PSA hash OFB: invalid +depends_on:PSA_WANT_ALG_OFB +hash_fail:PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA mac OFB: invalid with AES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: !OFB with AES +depends_on:!PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_NOT_SUPPORTED + +PSA cipher OFB: incompatible with ARC4 +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ARIA +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with DERIVE +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with DES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with HMAC +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher OFB: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA aead OFB: invalid with AES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA sign OFB: invalid with AES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption OFB: invalid with AES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation OFB: invalid +depends_on:PSA_WANT_ALG_OFB +key_derivation_fail:PSA_ALG_OFB:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement OFB: invalid with AES +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_OFB:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash PURE_EDDSA: invalid +depends_on:PSA_WANT_ALG_PURE_EDDSA +hash_fail:PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA mac PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA mac PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA aead PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +aead_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA aead PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with AES +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ARC4 +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ARIA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with DERIVE +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with DES +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: !PURE_EDDSA with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: !PURE_EDDSA with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:!PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign PURE_EDDSA: public with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:1:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with HMAC +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign PURE_EDDSA: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation PURE_EDDSA: invalid +depends_on:PSA_WANT_ALG_PURE_EDDSA +key_derivation_fail:PSA_ALG_PURE_EDDSA:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement PURE_EDDSA: invalid with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement PURE_EDDSA: invalid with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_PURE_EDDSA:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RIPEMD160: !RIPEMD160 +depends_on:!PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_RIPEMD160:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation RIPEMD160: invalid +depends_on:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_RIPEMD160:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD2): !MD2 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD2): !RSA_OAEP with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD2): !MD2 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD2): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD2): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD4): !MD4 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD4): !RSA_OAEP with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD4): !MD4 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD4): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD4): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(MD5): !MD5 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD5): !RSA_OAEP with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD5): !MD5 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD5): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(MD5): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RSA_OAEP with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(RIPEMD160): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_1): !RSA_OAEP with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_1): !SHA_1 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_1): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_1): !SHA_1 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_1): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_224): !RSA_OAEP with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_224): !SHA_224 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_224): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_224): !SHA_224 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_224): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_256): !RSA_OAEP with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_256): !SHA_256 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_256): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_256): !SHA_256 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_256): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_384): !RSA_OAEP with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_384): !SHA_384 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_384): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_384): !SHA_384 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_384): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_OAEP(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_OAEP(SHA_512): !RSA_OAEP with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_512): !SHA_512 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_512): !RSA_OAEP with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_512): !SHA_512 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_OAEP(SHA_512): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_OAEP(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_OAEP(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_CRYPT: invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT +hash_fail:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_DERIVE +asymmetric_encryption_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_DES +asymmetric_encryption_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_HMAC +asymmetric_encryption_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA +asymmetric_encryption_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: !RSA_PKCS1V15_CRYPT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: !RSA_PKCS1V15_CRYPT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_NOT_SUPPORTED + +PSA asymmetric_encryption RSA_PKCS1V15_CRYPT: public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:1:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_CRYPT: invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_CRYPT: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_CRYPT: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD2): !MD2 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD2): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD2): !MD2 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD2): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD2): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD4): !MD4 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD4): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD4): !MD4 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD4): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD4): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(MD5): !MD5 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD5): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD5): !MD5 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD5): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(MD5): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(RIPEMD160): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): !SHA_1 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): !SHA_1 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_1): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): !SHA_224 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): !SHA_224 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_224): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): !SHA_256 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): !SHA_256 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_256): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): !SHA_384 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): !SHA_384 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_384): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): !RSA_PKCS1V15_SIGN with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): !SHA_512 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): !RSA_PKCS1V15_SIGN with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): !SHA_512 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN(SHA_512): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN(ANY_HASH): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PKCS1V15_SIGN_RAW: invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW +hash_fail:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PKCS1V15_SIGN_RAW: !RSA_PKCS1V15_SIGN_RAW with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN_RAW: !RSA_PKCS1V15_SIGN_RAW with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PKCS1V15_SIGN_RAW: public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PKCS1V15_SIGN_RAW: invalid +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW +key_derivation_fail:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN_RAW: invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PKCS1V15_SIGN_RAW: invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD2): !MD2 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD2): !RSA_PSS with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD2): !MD2 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD2): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD2): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD4): !MD4 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD4): !RSA_PSS with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD4): !MD4 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD4): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD4): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(MD5): !MD5 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD5): !RSA_PSS with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD5): !MD5 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD5): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(MD5): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(RIPEMD160): !RSA_PSS with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(RIPEMD160): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(RIPEMD160): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_1): !RSA_PSS with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_1): !SHA_1 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_1): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_1): !SHA_1 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_1): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_224): !RSA_PSS with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_224): !SHA_224 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_224): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_224): !SHA_224 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_224): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_256): !RSA_PSS with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_256): !SHA_256 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_256): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_256): !SHA_256 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_256): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_384): !RSA_PSS with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_384): !SHA_384 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_384): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_384): !SHA_384 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_384): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(SHA_512): !RSA_PSS with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_512): !SHA_512 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_512): !RSA_PSS with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_512): !SHA_512 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS(SHA_512): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PSS +hash_fail:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS(ANY_HASH): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PSS +key_derivation_fail:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with AES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with DES +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD2): !MD2 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD2): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD2): !MD2 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD2): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD2): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD2): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD2): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with AES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with DES +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD4): !MD4 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD4): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD4): !MD4 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD4): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD4): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD4): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD4): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with AES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ARC4 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ARIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with DERIVE +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with DES +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with HMAC +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(MD5): !MD5 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD5): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD5): !MD5 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD5): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(MD5): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD5): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(MD5): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with AES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ARIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with DES +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with HMAC +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RIPEMD160 with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RIPEMD160 with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(RIPEMD160): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(RIPEMD160): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_1): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_1): !SHA_1 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_1): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_1): !SHA_1 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_1): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(SHA_1): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_1): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_224): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_224): !SHA_224 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_224): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_224): !SHA_224 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_224): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(SHA_224): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_224): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_256): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_256): !SHA_256 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_256): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_256): !SHA_256 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_256): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(SHA_256): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_256): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_384): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_384): !SHA_384 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_384): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_384): !SHA_384 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_384): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(SHA_384): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_384): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA mac RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +aead_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA aead RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +aead_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(SHA_512): !RSA_PSS_ANY_SALT with RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_512): !SHA_512 with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_512): !RSA_PSS_ANY_SALT with RSA_PUBLIC_KEY +depends_on:!PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_512): !SHA_512 with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:!PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_NOT_SUPPORTED + +PSA sign RSA_PSS_ANY_SALT(SHA_512): public with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):1:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +asymmetric_encryption_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(SHA_512): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_agreement_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement RSA_PSS_ANY_SALT(SHA_512): invalid with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_agreement_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash RSA_PSS_ANY_SALT(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT +hash_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with AES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ARC4 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ARIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with DERIVE +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DERIVE +sign_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with DES +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_DES +sign_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with HMAC +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_HMAC +sign_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA +sign_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign RSA_PSS_ANY_SALT(ANY_HASH): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation RSA_PSS_ANY_SALT(ANY_HASH): invalid +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT +key_derivation_fail:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA3_224: !SHA3_224 +depends_on:!PSA_WANT_ALG_SHA3_224 +hash_fail:PSA_ALG_SHA3_224:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA3_224: invalid +depends_on:PSA_WANT_ALG_SHA3_224 +key_derivation_fail:PSA_ALG_SHA3_224:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA3_256: !SHA3_256 +depends_on:!PSA_WANT_ALG_SHA3_256 +hash_fail:PSA_ALG_SHA3_256:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA3_256: invalid +depends_on:PSA_WANT_ALG_SHA3_256 +key_derivation_fail:PSA_ALG_SHA3_256:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA3_384: !SHA3_384 +depends_on:!PSA_WANT_ALG_SHA3_384 +hash_fail:PSA_ALG_SHA3_384:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA3_384: invalid +depends_on:PSA_WANT_ALG_SHA3_384 +key_derivation_fail:PSA_ALG_SHA3_384:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA3_512: !SHA3_512 +depends_on:!PSA_WANT_ALG_SHA3_512 +hash_fail:PSA_ALG_SHA3_512:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA3_512: invalid +depends_on:PSA_WANT_ALG_SHA3_512 +key_derivation_fail:PSA_ALG_SHA3_512:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHAKE256_512: !SHAKE256_512 +depends_on:!PSA_WANT_ALG_SHAKE256_512 +hash_fail:PSA_ALG_SHAKE256_512:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHAKE256_512: invalid +depends_on:PSA_WANT_ALG_SHAKE256_512 +key_derivation_fail:PSA_ALG_SHAKE256_512:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_1: !SHA_1 +depends_on:!PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_SHA_1:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_1: invalid +depends_on:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_SHA_1:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_224: !SHA_224 +depends_on:!PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_SHA_224:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_224: invalid +depends_on:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_SHA_224:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_256: !SHA_256 +depends_on:!PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_256: invalid +depends_on:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_SHA_256:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_384: !SHA_384 +depends_on:!PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_SHA_384:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_384: invalid +depends_on:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_SHA_384:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_512: !SHA_512 +depends_on:!PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_SHA_512:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_512: invalid +depends_on:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_SHA_512:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_512_224: !SHA_512_224 +depends_on:!PSA_WANT_ALG_SHA_512_224 +hash_fail:PSA_ALG_SHA_512_224:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_512_224: invalid +depends_on:PSA_WANT_ALG_SHA_512_224 +key_derivation_fail:PSA_ALG_SHA_512_224:PSA_ERROR_INVALID_ARGUMENT + +PSA hash SHA_512_256: !SHA_512_256 +depends_on:!PSA_WANT_ALG_SHA_512_256 +hash_fail:PSA_ALG_SHA_512_256:PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation SHA_512_256: invalid +depends_on:PSA_WANT_ALG_SHA_512_256 +key_derivation_fail:PSA_ALG_SHA_512_256:PSA_ERROR_INVALID_ARGUMENT + +PSA hash STREAM_CIPHER: invalid +depends_on:PSA_WANT_ALG_STREAM_CIPHER +hash_fail:PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA mac STREAM_CIPHER: invalid with ARC4 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA mac STREAM_CIPHER: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with AES +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: !STREAM_CIPHER with ARC4 +depends_on:!PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: incompatible with ARIA +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: !STREAM_CIPHER with CHACHA20 +depends_on:!PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: incompatible with DERIVE +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with DES +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with HMAC +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher STREAM_CIPHER: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA aead STREAM_CIPHER: invalid with ARC4 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +aead_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA aead STREAM_CIPHER: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +aead_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA sign STREAM_CIPHER: invalid with ARC4 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +sign_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign STREAM_CIPHER: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +sign_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption STREAM_CIPHER: invalid with ARC4 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +asymmetric_encryption_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption STREAM_CIPHER: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +asymmetric_encryption_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation STREAM_CIPHER: invalid +depends_on:PSA_WANT_ALG_STREAM_CIPHER +key_derivation_fail:PSA_ALG_STREAM_CIPHER:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement STREAM_CIPHER: invalid with ARC4 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_agreement_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement STREAM_CIPHER: invalid with CHACHA20 +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +key_agreement_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_STREAM_CIPHER:0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash TLS12_PRF(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(MD2): !MD2 +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(MD2): !TLS12_PRF +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(MD4): !MD4 +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(MD4): !TLS12_PRF +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(MD5): !MD5 +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(MD5): !TLS12_PRF +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(RIPEMD160): !RIPEMD160 +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(RIPEMD160): !TLS12_PRF +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(SHA_1): invalid +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(SHA_1): !SHA_1 +depends_on:!PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(SHA_1): !TLS12_PRF +depends_on:PSA_WANT_ALG_SHA_1:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(SHA_224): invalid +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(SHA_224): !SHA_224 +depends_on:!PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(SHA_224): !TLS12_PRF +depends_on:PSA_WANT_ALG_SHA_224:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(SHA_256): invalid +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(SHA_256): !SHA_256 +depends_on:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(SHA_256): !TLS12_PRF +depends_on:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(SHA_384): invalid +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(SHA_384): !SHA_384 +depends_on:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(SHA_384): !TLS12_PRF +depends_on:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PRF(SHA_512): invalid +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF +hash_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PRF(SHA_512): !SHA_512 +depends_on:!PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PRF(SHA_512): !TLS12_PRF +depends_on:PSA_WANT_ALG_SHA_512:!PSA_WANT_ALG_TLS12_PRF +key_derivation_fail:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(MD2): invalid +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(MD2): !MD2 +depends_on:!PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(MD2): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_MD2:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(MD4): invalid +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(MD4): !MD4 +depends_on:!PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(MD4): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_MD4:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(MD5): invalid +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(MD5): !MD5 +depends_on:!PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(MD5): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_MD5:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(RIPEMD160): invalid +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(RIPEMD160): !RIPEMD160 +depends_on:!PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(RIPEMD160): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_RIPEMD160:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(SHA_1): invalid +depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(SHA_1): !SHA_1 +depends_on:!PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(SHA_1): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_1:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(SHA_224): invalid +depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(SHA_224): !SHA_224 +depends_on:!PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(SHA_224): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_224:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(SHA_256): invalid +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(SHA_256): !SHA_256 +depends_on:!PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(SHA_256): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_256:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(SHA_384): invalid +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(SHA_384): !SHA_384 +depends_on:!PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(SHA_384): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_384:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_ERROR_NOT_SUPPORTED + +PSA hash TLS12_PSK_TO_MS(SHA_512): invalid +depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS +hash_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TLS12_PSK_TO_MS(SHA_512): !SHA_512 +depends_on:!PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA key_derivation TLS12_PSK_TO_MS(SHA_512): !TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_512:!PSA_WANT_ALG_TLS12_PSK_TO_MS +key_derivation_fail:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):PSA_ERROR_NOT_SUPPORTED + +PSA hash TRUNCATED_MAC(CBC_MAC,1): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,1): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CMAC,1): invalid +depends_on:PSA_WANT_ALG_CMAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ARIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with DES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with HMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CMAC,1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CMAC,1): invalid +depends_on:PSA_WANT_ALG_CMAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC,1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(MD2),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD2),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(MD2),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(MD4),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD4),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(MD4),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(MD5),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(MD5),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(MD5),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(RIPEMD160),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(RIPEMD160),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(RIPEMD160),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(SHA_1),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_1),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(SHA_1),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(SHA_224),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_224),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(SHA_224),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(SHA_256),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_256),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(SHA_256),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(SHA_384),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_384),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(SHA_384),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(HMAC(SHA_512),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with AES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ARC4 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ARIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with DERIVE +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with DES +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with HMAC +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(HMAC(SHA_512),1): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(HMAC(SHA_512),1): invalid +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512),1):PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CBC_MAC,4): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with AES +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with ARIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,4): !CBC_MAC with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,4): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,4): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,4): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CBC_MAC,13): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with AES +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with ARIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,13): !CBC_MAC with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,13): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,13): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,13): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CBC_MAC,14): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with AES +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with ARIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,14): !CBC_MAC with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,14): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,14): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,14): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CBC_MAC,16): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with AES +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with ARIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,16): !CBC_MAC with CAMELLIA +depends_on:!PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_NOT_SUPPORTED + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,16): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA cipher TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA aead TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,16): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement TRUNCATED_MAC(CBC_MAC,16): invalid with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0:PSA_ERROR_INVALID_ARGUMENT + +PSA hash TRUNCATED_MAC(CBC_MAC,63): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +hash_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with AES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ARC4 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARC4 +mac_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ARIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with CAMELLIA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CHACHA20 +mac_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with DERIVE +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DERIVE +mac_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with DES +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES +mac_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +mac_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with HMAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_HMAC +mac_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +mac_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +mac_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA mac TRUNCATED_MAC(CBC_MAC,63): incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +mac_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation TRUNCATED_MAC(CBC_MAC,63): invalid +depends_on:PSA_WANT_ALG_CBC_MAC +key_derivation_fail:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,63):PSA_ERROR_INVALID_ARGUMENT + +PSA hash XTS: invalid +depends_on:PSA_WANT_ALG_XTS +hash_fail:PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA mac XTS: invalid with AES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +mac_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA mac XTS: invalid with ARIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +mac_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA mac XTS: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +mac_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: !XTS with AES +depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +cipher_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED + +PSA cipher XTS: incompatible with ARC4 +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"48":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: !XTS with ARIA +depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +cipher_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED + +PSA cipher XTS: !XTS with CAMELLIA +depends_on:!PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +cipher_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_NOT_SUPPORTED + +PSA cipher XTS: incompatible with CHACHA20 +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CHACHA20 +cipher_fail:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with DERIVE +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_DERIVE +cipher_fail:PSA_KEY_TYPE_DERIVE:"48657265006973206b6579a0646174":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with DES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_DES +cipher_fail:PSA_KEY_TYPE_DES:"644573206b457901":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(MONTGOMERY) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_K1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECP_R2) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_K1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(SECT_R2) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_KEY_PAIR(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(BRAINPOOL_P_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_BRAINPOOL_P_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(MONTGOMERY) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_MONTGOMERY:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_K1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECP_R2) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECP_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_K1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_K1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_R1) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R1:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(SECT_R2) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_SECT_R2:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with ECC_PUBLIC_KEY(TWISTED_EDWARDS) +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_ECC_FAMILY_TWISTED_EDWARDS:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with HMAC +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_HMAC +cipher_fail:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with RAW_DATA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA +cipher_fail:PSA_KEY_TYPE_RAW_DATA:"48":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +cipher_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA cipher XTS: incompatible with RSA_PUBLIC_KEY +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +cipher_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA aead XTS: invalid with AES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +aead_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA aead XTS: invalid with ARIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +aead_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA aead XTS: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +aead_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA sign XTS: invalid with AES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign XTS: invalid with ARIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +sign_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA sign XTS: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +sign_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption XTS: invalid with AES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +asymmetric_encryption_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption XTS: invalid with ARIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +asymmetric_encryption_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA asymmetric_encryption XTS: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +asymmetric_encryption_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_derivation XTS: invalid +depends_on:PSA_WANT_ALG_XTS +key_derivation_fail:PSA_ALG_XTS:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement XTS: invalid with AES +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_agreement_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement XTS: invalid with ARIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_agreement_fail:PSA_KEY_TYPE_ARIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +PSA key_agreement XTS: invalid with CAMELLIA +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_agreement_fail:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461":PSA_ALG_XTS:0:PSA_ERROR_INVALID_ARGUMENT + +# End of automatically generated file. diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.misc.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.misc.data new file mode 100644 index 00000000000..a8ab7489699 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_op_fail.misc.data @@ -0,0 +1,45 @@ +# Most operation failure test cases are automatically generated in +# test_suite_psa_crypto_op_fail.generated.data. The manually written +# test cases in this file cover some edge cases, plus a few to help with +# with debugging the test code. + +# Redundant, to help debugging the test code +PSA hash: invalid algorithm +hash_fail:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT + +# For ARC4, Mbed TLS only supports 128-bit keys. PSA allows 40 to 2048 bits. +# The ARC4 construction allows any whole number of bytes from 1 to 256 bytes +# (8 to 2048 bits). +PSA cipher STREAM_CIPHER: 8-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"41":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: 40-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"4152433420":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: 120-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b65":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: 136-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: 256-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941524334206b657941524334206b6579":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +PSA cipher STREAM_CIPHER: 2048-bit ARC4 never supported +depends_on:PSA_WANT_KEY_TYPE_ARC4 +cipher_fail:PSA_KEY_TYPE_ARC4:"41524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b657941524334206b6579":PSA_ALG_STREAM_CIPHER:PSA_ERROR_NOT_SUPPORTED + +# Redundant, to help debugging the test code +PSA sign RSA_PSS(SHA_256): incompatible key type +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT + +# Redundant, to help debugging the test code +PSA sign RSA_PSS(SHA_256): RSA_PSS not enabled, key pair +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.data index b25063465bd..6d208e9e61d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -1,3 +1,8 @@ +# Note that if you need to make a change that affects how keys are +# stored, this may indicate that the key store is changing in a +# backward-incompatible way! Think carefully about backward compatibility +# before changing how test data is constructed or validated. + Format for storage: RSA private key format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000700000006620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.function index bd9b9c97f79..8f6a57f55f7 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -5,6 +5,11 @@ * on the the storage format. On the other hand, these tests treat the storage * subsystem as a black box, and in particular have no reliance on the * internals of the ITS implementation. + * + * Note that if you need to make a change that affects how files are + * stored, this may indicate that the key store is changing in a + * backward-incompatible way! Think carefully about backward compatibility + * before changing how test data is constructed or validated. */ #include @@ -15,7 +20,7 @@ #include "mbedtls/md.h" #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" -#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) ) +#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) /* Enforce the storage format for keys. The storage format is not a public * documented interface, but it must be preserved between versions so that @@ -24,9 +29,9 @@ typedef struct { uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH]; uint8_t version[4]; - uint8_t lifetime[sizeof( psa_key_lifetime_t )]; + uint8_t lifetime[sizeof(psa_key_lifetime_t)]; uint8_t type[4]; - uint8_t policy[sizeof( psa_key_policy_t )]; + uint8_t policy[sizeof(psa_key_policy_t)]; uint8_t data_len[4]; uint8_t key_data[]; } psa_persistent_key_storage_format; @@ -39,223 +44,222 @@ typedef struct { */ /* BEGIN_CASE */ -void format_storage_data_check( data_t *key_data, - data_t *expected_file_data, - int key_lifetime, int key_type, int key_bits, - int key_usage, int key_alg, int key_alg2 ) +void format_storage_data_check(data_t *key_data, + data_t *expected_file_data, + int key_lifetime, int key_type, int key_bits, + int key_usage, int key_alg, int key_alg2) { uint8_t *file_data = NULL; size_t file_data_length = - key_data->len + sizeof( psa_persistent_key_storage_format ); + key_data->len + sizeof(psa_persistent_key_storage_format); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_set_key_lifetime( &attributes, key_lifetime ); - psa_set_key_type( &attributes, key_type ); - psa_set_key_bits( &attributes, key_bits ); - psa_set_key_usage_flags( &attributes, key_usage ); - psa_set_key_algorithm( &attributes, key_alg ); - psa_set_key_enrollment_algorithm( &attributes, key_alg2 ); + psa_set_key_lifetime(&attributes, key_lifetime); + psa_set_key_type(&attributes, key_type); + psa_set_key_bits(&attributes, key_bits); + psa_set_key_usage_flags(&attributes, key_usage); + psa_set_key_algorithm(&attributes, key_alg); + psa_set_key_enrollment_algorithm(&attributes, key_alg2); - ASSERT_ALLOC( file_data, file_data_length ); - psa_format_key_data_for_storage( key_data->x, key_data->len, - &attributes.core, - file_data ); + TEST_CALLOC(file_data, file_data_length); + psa_format_key_data_for_storage(key_data->x, key_data->len, + &attributes.core, + file_data); - ASSERT_COMPARE( expected_file_data->x, expected_file_data->len, - file_data, file_data_length ); + TEST_MEMORY_COMPARE(expected_file_data->x, expected_file_data->len, + file_data, file_data_length); exit: - mbedtls_free( file_data ); + mbedtls_free(file_data); } /* END_CASE */ /* BEGIN_CASE */ -void parse_storage_data_check( data_t *file_data, - data_t *expected_key_data, - int expected_key_lifetime, - int expected_key_type, - int expected_key_bits, - int expected_key_usage, - int expected_key_alg, - int expected_key_alg2, - int expected_status ) +void parse_storage_data_check(data_t *file_data, + data_t *expected_key_data, + int expected_key_lifetime, + int expected_key_type, + int expected_key_bits, + int expected_key_usage, + int expected_key_alg, + int expected_key_alg2, + int expected_status) { uint8_t *key_data = NULL; size_t key_data_length = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; - status = psa_parse_key_data_from_storage( file_data->x, file_data->len, - &key_data, &key_data_length, - &attributes.core ); + status = psa_parse_key_data_from_storage(file_data->x, file_data->len, + &key_data, &key_data_length, + &attributes.core); - TEST_EQUAL( status, expected_status ); - if( status != PSA_SUCCESS ) + TEST_EQUAL(status, expected_status); + if (status != PSA_SUCCESS) { goto exit; + } - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - (psa_key_type_t) expected_key_lifetime ); - TEST_EQUAL( psa_get_key_type( &attributes ), - (psa_key_type_t) expected_key_type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - (psa_key_bits_t) expected_key_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - (uint32_t) expected_key_usage ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), - (uint32_t) expected_key_alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), - (uint32_t) expected_key_alg2 ); - ASSERT_COMPARE( expected_key_data->x, expected_key_data->len, - key_data, key_data_length ); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + (psa_key_type_t) expected_key_lifetime); + TEST_EQUAL(psa_get_key_type(&attributes), + (psa_key_type_t) expected_key_type); + TEST_EQUAL(psa_get_key_bits(&attributes), + (psa_key_bits_t) expected_key_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + (uint32_t) expected_key_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), + (uint32_t) expected_key_alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), + (uint32_t) expected_key_alg2); + TEST_MEMORY_COMPARE(expected_key_data->x, expected_key_data->len, + key_data, key_data_length); exit: - mbedtls_free( key_data ); + mbedtls_free(key_data); } /* END_CASE */ /* BEGIN_CASE */ -void save_large_persistent_key( int data_length_arg, int expected_status ) +void save_large_persistent_key(int data_length_arg, int expected_status) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42); uint8_t *data = NULL; size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( data, data_length ); + TEST_CALLOC(data, data_length); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - TEST_EQUAL( psa_import_key( &attributes, data, data_length, &key_id ), - expected_status ); + TEST_EQUAL(psa_import_key(&attributes, data, data_length, &key_id), + expected_status); - if( expected_status == PSA_SUCCESS ) - PSA_ASSERT( psa_destroy_key( key_id ) ); + if (expected_status == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(key_id)); + } exit: - mbedtls_free( data ); + mbedtls_free(data); PSA_DONE(); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_destroy( int owner_id_arg, int key_id_arg, int restart, - int first_type_arg, data_t *first_data, - int second_type_arg, data_t *second_data ) +void persistent_key_destroy(int owner_id_arg, int key_id_arg, int restart, + int first_type_arg, data_t *first_data, + int second_type_arg, data_t *second_data) { mbedtls_svc_key_id_t key_id = - mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); + mbedtls_svc_key_id_make(owner_id_arg, key_id_arg); mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t first_type = (psa_key_type_t) first_type_arg; psa_key_type_t second_type = (psa_key_type_t) second_type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, first_type ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, first_type); - PSA_ASSERT( psa_import_key( &attributes, first_data->x, first_data->len, - &returned_key_id ) ); + PSA_ASSERT(psa_import_key(&attributes, first_data->x, first_data->len, + &returned_key_id)); - if( restart ) - { - psa_close_key( key_id ); + if (restart) { + psa_close_key(key_id); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); /* Check key slot storage is removed */ - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); /* Shutdown and restart */ PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); /* Create another key in the same slot */ - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, second_type ); - PSA_ASSERT( psa_import_key( &attributes, second_data->x, second_data->len, - &returned_key_id ) ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, second_type); + PSA_ASSERT(psa_import_key(&attributes, second_data->x, second_data->len, + &returned_key_id)); - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); exit: PSA_DONE(); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void persistent_key_import( int owner_id_arg, int key_id_arg, int type_arg, - data_t *data, int restart, int expected_status ) +void persistent_key_import(int owner_id_arg, int key_id_arg, int type_arg, + data_t *data, int restart, int expected_status) { mbedtls_svc_key_id_t key_id = - mbedtls_svc_key_id_make( owner_id_arg, key_id_arg ); + mbedtls_svc_key_id_make(owner_id_arg, key_id_arg); mbedtls_svc_key_id_t returned_key_id; psa_key_type_t type = (psa_key_type_t) type_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - TEST_EQUAL( psa_import_key( &attributes, data->x, data->len, &returned_key_id ), - expected_status ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + TEST_EQUAL(psa_import_key(&attributes, data->x, data->len, &returned_key_id), + expected_status); - if( expected_status != PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_key_id ) ); - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + if (expected_status != PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_key_id)); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); goto exit; } - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key_id ) ); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key_id)); - if( restart ) - { - PSA_ASSERT( psa_purge_key( key_id ) ); + if (restart) { + PSA_ASSERT(psa_purge_key(key_id)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( &attributes ), - key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), 0 ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes), + key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), 0); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); - PSA_ASSERT( psa_destroy_key( key_id ) ); + PSA_ASSERT(psa_destroy_key(key_id)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_persistent_key( key_id ); + psa_destroy_persistent_key(key_id); PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void import_export_persistent_key( data_t *data, int type_arg, - int expected_bits, - int restart, int key_not_exist ) +void import_export_persistent_key(data_t *data, int type_arg, + int expected_bits, + int restart, int key_not_exist) { - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 1, 42 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(1, 42); psa_key_type_t type = (psa_key_type_t) type_arg; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; unsigned char *exported = NULL; @@ -263,78 +267,76 @@ void import_export_persistent_key( data_t *data, int type_arg, size_t exported_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC( exported, export_size ); + TEST_CALLOC(exported, export_size); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); /* Import the key */ - PSA_ASSERT( psa_import_key( &attributes, data->x, data->len, - &returned_key_id ) ); + PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, + &returned_key_id)); - if( restart ) - { - PSA_ASSERT( psa_purge_key( key_id ) ); + if (restart) { + PSA_ASSERT(psa_purge_key(key_id)); PSA_DONE(); - PSA_ASSERT( psa_crypto_init() ); + PSA_ASSERT(psa_crypto_init()); } /* Test the key information */ - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), key_id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - PSA_KEY_LIFETIME_PERSISTENT ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - TEST_EQUAL( psa_get_key_bits( &attributes ), (size_t) expected_bits ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 ); - - if( key_not_exist ) - { - psa_destroy_persistent_key( key_id ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), key_id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + PSA_KEY_LIFETIME_PERSISTENT); + TEST_EQUAL(psa_get_key_type(&attributes), type); + TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 1); + + if (key_not_exist) { + psa_destroy_persistent_key(key_id); } /* Export the key */ - PSA_ASSERT( psa_export_key( key_id, exported, export_size, - &exported_length ) ); + PSA_ASSERT(psa_export_key(key_id, exported, export_size, + &exported_length)); - ASSERT_COMPARE( data->x, data->len, exported, exported_length ); + TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length); /* Destroy the key */ - PSA_ASSERT( psa_destroy_key( key_id ) ); - TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 ); + PSA_ASSERT(psa_destroy_key(key_id)); + TEST_EQUAL(psa_is_key_present_in_storage(key_id), 0); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - mbedtls_free( exported ); - PSA_DONE( ); - psa_destroy_persistent_key( key_id ); + mbedtls_free(exported); + PSA_DONE(); + psa_destroy_persistent_key(key_id); } /* END_CASE */ /* BEGIN_CASE */ -void destroy_nonexistent( int id_arg, int expected_status_arg ) +void destroy_nonexistent(int id_arg, int expected_status_arg) { - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_status_t expected_status = expected_status_arg; - PSA_INIT( ); + PSA_INIT(); - TEST_EQUAL( expected_status, psa_destroy_key( id ) ); + TEST_EQUAL(expected_status, psa_destroy_key(id)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 79d658fd0ac..15232a44f7e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -24,16 +24,16 @@ /** The location and lifetime used for tests that use a single driver. */ #define TEST_DRIVER_LOCATION 1 #define TEST_SE_PERSISTENT_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION)) #define TEST_SE_VOLATILE_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION)) /** The driver detected a condition that shouldn't happen. * This is probably a bug in the library. */ -#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 )) +#define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t) (-500)) /** Like #TEST_ASSERT for use in a driver method, with no cleanup. * @@ -41,14 +41,14 @@ * * Use this macro to assert on guarantees provided by the core. */ -#define DRIVER_ASSERT_RETURN( TEST ) \ +#define DRIVER_ASSERT_RETURN(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - return( PSA_ERROR_DETECTED_BY_DRIVER ); \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + return PSA_ERROR_DETECTED_BY_DRIVER; \ + } \ + } while (0) /** Like #TEST_ASSERT for use in a driver method, with cleanup. * @@ -57,15 +57,15 @@ * * Use this macro to assert on guarantees provided by the core. */ -#define DRIVER_ASSERT( TEST ) \ +#define DRIVER_ASSERT(TEST) \ do { \ - if( ! (TEST) ) \ - { \ - mbedtls_test_fail( #TEST, __LINE__, __FILE__ ); \ - status = PSA_ERROR_DETECTED_BY_DRIVER; \ - goto exit; \ - } \ - } while( 0 ) + if (!(TEST)) \ + { \ + mbedtls_test_fail( #TEST, __LINE__, __FILE__); \ + status = PSA_ERROR_DETECTED_BY_DRIVER; \ + goto exit; \ + } \ + } while (0) /** Like #PSA_ASSERT for a PSA API call that calls a driver underneath. * @@ -78,17 +78,17 @@ * case, the test driver code is expected to have called mbedtls_test_fail() * already, so we make sure not to overwrite the failure information. */ -#define PSA_ASSERT_VIA_DRIVER( expr, expected_status ) \ +#define PSA_ASSERT_VIA_DRIVER(expr, expected_status) \ do { \ - psa_status_t PSA_ASSERT_VIA_DRIVER_status = ( expr ); \ - if( PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER ) \ - goto exit; \ - if( PSA_ASSERT_VIA_DRIVER_status != ( expected_status ) ) \ + psa_status_t PSA_ASSERT_VIA_DRIVER_status = (expr); \ + if (PSA_ASSERT_VIA_DRIVER_status == PSA_ERROR_DETECTED_BY_DRIVER) \ + goto exit; \ + if (PSA_ASSERT_VIA_DRIVER_status != (expected_status)) \ { \ - mbedtls_test_fail( #expr, __LINE__, __FILE__ ); \ + mbedtls_test_fail( #expr, __LINE__, __FILE__); \ goto exit; \ } \ - } while( 0 ) + } while (0) @@ -97,20 +97,21 @@ /****************************************************************/ /* Return the exact bit size given a curve family and a byte length. */ -static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length ) +static size_t ecc_curve_bits(psa_ecc_family_t curve, size_t data_length) { - switch( curve ) - { + switch (curve) { case PSA_ECC_FAMILY_SECP_R1: - if( data_length == PSA_BYTES_TO_BITS( 521 ) ) - return( 521 ); + if (data_length == PSA_BYTES_TO_BITS(521)) { + return 521; + } break; case PSA_ECC_FAMILY_MONTGOMERY: - if( data_length == PSA_BYTES_TO_BITS( 255 ) ) - return( 255 ); + if (data_length == PSA_BYTES_TO_BITS(255)) { + return 255; + } } /* If not listed above, assume a multiple of 8 bits. */ - return( PSA_BYTES_TO_BITS( data_length ) ); + return PSA_BYTES_TO_BITS(data_length); } @@ -118,8 +119,7 @@ static size_t ecc_curve_bits( psa_ecc_family_t curve, size_t data_length ) /* Miscellaneous driver methods */ /****************************************************************/ -typedef struct -{ +typedef struct { psa_key_slot_number_t slot_number; psa_key_creation_method_t method; psa_status_t status; @@ -132,50 +132,52 @@ static psa_status_t validate_slot_number_as_directed( void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) attributes; - DRIVER_ASSERT_RETURN( slot_number == - validate_slot_number_directions.slot_number ); - DRIVER_ASSERT_RETURN( method == - validate_slot_number_directions.method ); - return( validate_slot_number_directions.status ); + DRIVER_ASSERT_RETURN(slot_number == + validate_slot_number_directions.slot_number); + DRIVER_ASSERT_RETURN(method == + validate_slot_number_directions.method); + return validate_slot_number_directions.status; } /* Allocate slot numbers with a monotonic counter. */ static psa_key_slot_number_t shadow_counter; -static void counter_reset( void ) +static void counter_reset(void) { shadow_counter = 0; } -static psa_status_t counter_allocate( psa_drv_se_context_t *context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *slot_number ) +static psa_status_t counter_allocate(psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *slot_number) { psa_key_slot_number_t *p_counter = persistent_data; (void) attributes; (void) method; - if( context->persistent_data_size != sizeof( psa_key_slot_number_t ) ) - return( PSA_ERROR_DETECTED_BY_DRIVER ); + if (context->persistent_data_size != sizeof(psa_key_slot_number_t)) { + return PSA_ERROR_DETECTED_BY_DRIVER; + } ++*p_counter; - if( *p_counter == 0 ) - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + if (*p_counter == 0) { + return PSA_ERROR_INSUFFICIENT_STORAGE; + } shadow_counter = *p_counter; *slot_number = *p_counter; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Null import: do nothing, but pretend it worked. */ -static psa_status_t null_import( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t null_import(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { (void) context; (void) slot_number; @@ -183,41 +185,40 @@ static psa_status_t null_import( psa_drv_se_context_t *context, (void) data; /* We're supposed to return a key size. Return one that's correct for * plain data keys. */ - *bits = PSA_BYTES_TO_BITS( data_length ); - return( PSA_SUCCESS ); + *bits = PSA_BYTES_TO_BITS(data_length); + return PSA_SUCCESS; } /* Null generate: do nothing, but pretend it worked. */ -static psa_status_t null_generate( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t null_generate(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { (void) context; (void) slot_number; (void) attributes; - DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { - DRIVER_ASSERT_RETURN( pubkey == NULL ); - DRIVER_ASSERT_RETURN( pubkey_size == 0 ); + DRIVER_ASSERT_RETURN(*pubkey_length == 0); + if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { + DRIVER_ASSERT_RETURN(pubkey == NULL); + DRIVER_ASSERT_RETURN(pubkey_size == 0); } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* Null destroy: do nothing, but pretend it worked. */ -static psa_status_t null_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +static psa_status_t null_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) slot_number; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } @@ -227,8 +228,7 @@ static psa_status_t null_destroy( psa_drv_se_context_t *context, /****************************************************************/ #define RAM_MAX_KEY_SIZE 64 -typedef struct -{ +typedef struct { psa_key_lifetime_t lifetime; psa_key_type_t type; size_t bits; @@ -244,9 +244,9 @@ static ram_slot_usage_t ram_shadow_slot_usage; static uint8_t ram_min_slot = 0; -static void ram_slots_reset( void ) +static void ram_slots_reset(void) { - memset( ram_slots, 0, sizeof( ram_slots ) ); + memset(ram_slots, 0, sizeof(ram_slots)); ram_min_slot = 0; ram_shadow_slot_usage = 0; } @@ -259,168 +259,165 @@ static void ram_slots_reset( void ) * in the test case function's cleanup code) and it might be wrong * (if slot_number is invalid). */ -static psa_status_t ram_create_common( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - size_t required_storage ) +static psa_status_t ram_create_common(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + size_t required_storage) { (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); - ram_slots[slot_number].lifetime = psa_get_key_lifetime( attributes ); - ram_slots[slot_number].type = psa_get_key_type( attributes ); - ram_slots[slot_number].bits = psa_get_key_bits( attributes ); + ram_slots[slot_number].lifetime = psa_get_key_lifetime(attributes); + ram_slots[slot_number].type = psa_get_key_type(attributes); + ram_slots[slot_number].bits = psa_get_key_bits(attributes); - if( required_storage > sizeof( ram_slots[slot_number].content ) ) - { - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + if (required_storage > sizeof(ram_slots[slot_number].content)) { + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + return PSA_ERROR_INSUFFICIENT_STORAGE; } - return( PSA_SUCCESS ); + return PSA_SUCCESS; } /* This function does everything except actually generating key material. * After calling it, you must copy the desired key material to * ram_slots[slot_number].content. */ -static psa_status_t ram_fake_generate( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t ram_fake_generate(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { psa_status_t status; size_t required_storage = - PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type( attributes ), - psa_get_key_bits( attributes ) ); + PSA_EXPORT_KEY_OUTPUT_SIZE(psa_get_key_type(attributes), + psa_get_key_bits(attributes)); - DRIVER_ASSERT_RETURN( *pubkey_length == 0 ); - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) ) - { - DRIVER_ASSERT_RETURN( pubkey == NULL ); - DRIVER_ASSERT_RETURN( pubkey_size == 0 ); + DRIVER_ASSERT_RETURN(*pubkey_length == 0); + if (!PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { + DRIVER_ASSERT_RETURN(pubkey == NULL); + DRIVER_ASSERT_RETURN(pubkey_size == 0); } - status = ram_create_common( context, slot_number, attributes, - required_storage ); - return( status ); + status = ram_create_common(context, slot_number, attributes, + required_storage); + return status; } -static psa_status_t ram_import( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t ram_import(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { - psa_key_type_t type = psa_get_key_type( attributes ); - psa_status_t status = ram_create_common( context, slot_number, attributes, - data_length ); - if( status != PSA_SUCCESS ) - return( status ); + psa_key_type_t type = psa_get_key_type(attributes); + psa_status_t status = ram_create_common(context, slot_number, attributes, + data_length); + if (status != PSA_SUCCESS) { + return status; + } /* The RAM driver only works for certain key types: raw keys, * and ECC key pairs. This is true in particular of the bit-size * calculation here. */ - if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) ) - *bits = PSA_BYTES_TO_BITS( data_length ); - else if ( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) ) - { - *bits = ecc_curve_bits( PSA_KEY_TYPE_ECC_GET_FAMILY( type ), data_length ); - if( *bits == 0 ) - return( PSA_ERROR_DETECTED_BY_DRIVER ); - } - else - { - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - return( PSA_ERROR_NOT_SUPPORTED ); + if (PSA_KEY_TYPE_IS_UNSTRUCTURED(type)) { + *bits = PSA_BYTES_TO_BITS(data_length); + } else if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { + *bits = ecc_curve_bits(PSA_KEY_TYPE_ECC_GET_FAMILY(type), data_length); + if (*bits == 0) { + return PSA_ERROR_DETECTED_BY_DRIVER; + } + } else { + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + return PSA_ERROR_NOT_SUPPORTED; } ram_slots[slot_number].bits = *bits; - memcpy( ram_slots[slot_number].content, data, data_length ); + memcpy(ram_slots[slot_number].content, data, data_length); - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t ram_export( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t ram_export(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *data, + size_t data_size, + size_t *data_length) { size_t actual_size; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); - actual_size = PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ); - if( actual_size > data_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); + actual_size = PSA_BITS_TO_BYTES(ram_slots[slot_number].bits); + if (actual_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } *data_length = actual_size; - memcpy( data, ram_slots[slot_number].content, actual_size ); - return( PSA_SUCCESS ); + memcpy(data, ram_slots[slot_number].content, actual_size); + return PSA_SUCCESS; } -static psa_status_t ram_export_public( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *data, - size_t data_size, - size_t *data_length ) +static psa_status_t ram_export_public(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *data, + size_t data_size, + size_t *data_length) { psa_status_t status; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); DRIVER_ASSERT_RETURN( - PSA_KEY_TYPE_IS_KEY_PAIR( ram_slots[slot_number].type ) ); - - psa_set_key_type( &attributes, ram_slots[slot_number].type ); - status = psa_import_key( &attributes, - ram_slots[slot_number].content, - PSA_BITS_TO_BYTES( ram_slots[slot_number].bits ), - &key ); - if( status != PSA_SUCCESS ) - return( status ); - status = psa_export_public_key( key, data, data_size, data_length ); - psa_destroy_key( key ); - return( PSA_SUCCESS ); + PSA_KEY_TYPE_IS_KEY_PAIR(ram_slots[slot_number].type)); + + psa_set_key_type(&attributes, ram_slots[slot_number].type); + status = psa_import_key(&attributes, + ram_slots[slot_number].content, + PSA_BITS_TO_BYTES(ram_slots[slot_number].bits), + &key); + if (status != PSA_SUCCESS) { + return status; + } + status = psa_export_public_key(key, data, data_size, data_length); + psa_destroy_key(key); + return PSA_SUCCESS; } -static psa_status_t ram_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +static psa_status_t ram_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { ram_slot_usage_t *slot_usage = persistent_data; - DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); - memset( &ram_slots[slot_number], 0, sizeof( ram_slots[slot_number] ) ); - *slot_usage &= ~(ram_slot_usage_t)( 1 << slot_number ); + DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t)); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); + memset(&ram_slots[slot_number], 0, sizeof(ram_slots[slot_number])); + *slot_usage &= ~(ram_slot_usage_t) (1 << slot_number); ram_shadow_slot_usage = *slot_usage; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } -static psa_status_t ram_allocate( psa_drv_se_context_t *context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *slot_number ) +static psa_status_t ram_allocate(psa_drv_se_context_t *context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *slot_number) { ram_slot_usage_t *slot_usage = persistent_data; (void) attributes; (void) method; - DRIVER_ASSERT_RETURN( context->persistent_data_size == sizeof( ram_slot_usage_t ) ); - for( *slot_number = ram_min_slot; - *slot_number < ARRAY_LENGTH( ram_slots ); - ++( *slot_number ) ) - { - if( ! ( *slot_usage & 1 << *slot_number ) ) - { + DRIVER_ASSERT_RETURN(context->persistent_data_size == sizeof(ram_slot_usage_t)); + for (*slot_number = ram_min_slot; + *slot_number < ARRAY_LENGTH(ram_slots); + ++(*slot_number)) { + if (!(*slot_usage & 1 << *slot_number)) { ram_shadow_slot_usage = *slot_usage; - return( PSA_SUCCESS ); + return PSA_SUCCESS; } } - return( PSA_ERROR_INSUFFICIENT_STORAGE ); + return PSA_ERROR_INSUFFICIENT_STORAGE; } static psa_status_t ram_validate_slot_number( @@ -428,25 +425,26 @@ static psa_status_t ram_validate_slot_number( void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, - psa_key_slot_number_t slot_number ) + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; (void) attributes; (void) method; - if( slot_number >= ARRAY_LENGTH( ram_slots ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - return( PSA_SUCCESS ); + if (slot_number >= ARRAY_LENGTH(ram_slots)) { + return PSA_ERROR_INVALID_ARGUMENT; + } + return PSA_SUCCESS; } -static psa_status_t ram_sign( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length ) +static psa_status_t ram_sign(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -454,32 +452,32 @@ static psa_status_t ram_sign( psa_drv_se_context_t *context, psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, slot->type ); - DRIVER_ASSERT( psa_import_key( &attributes, - slot->content, - PSA_BITS_TO_BYTES( slot->bits ), - &key ) == PSA_SUCCESS ); - status = psa_sign_hash( key, alg, - hash, hash_length, - signature, signature_size, signature_length ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, slot->type); + DRIVER_ASSERT(psa_import_key(&attributes, + slot->content, + PSA_BITS_TO_BYTES(slot->bits), + &key) == PSA_SUCCESS); + status = psa_sign_hash(key, alg, + hash, hash_length, + signature, signature_size, signature_length); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } -static psa_status_t ram_verify( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - psa_algorithm_t alg, - const uint8_t *hash, - size_t hash_length, - const uint8_t *signature, - size_t signature_length ) +static psa_status_t ram_verify(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) { ram_slot_t *slot; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -487,24 +485,24 @@ static psa_status_t ram_verify( psa_drv_se_context_t *context, psa_status_t status = PSA_ERROR_GENERIC_ERROR; (void) context; - DRIVER_ASSERT_RETURN( slot_number < ARRAY_LENGTH( ram_slots ) ); + DRIVER_ASSERT_RETURN(slot_number < ARRAY_LENGTH(ram_slots)); slot = &ram_slots[slot_number]; - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, slot->type ); - DRIVER_ASSERT( psa_import_key( &attributes, - slot->content, - PSA_BITS_TO_BYTES( slot->bits ), - &key ) == - PSA_SUCCESS ); - status = psa_verify_hash( key, alg, - hash, hash_length, - signature, signature_length ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, slot->type); + DRIVER_ASSERT(psa_import_key(&attributes, + slot->content, + PSA_BITS_TO_BYTES(slot->bits), + &key) == + PSA_SUCCESS); + status = psa_verify_hash(key, alg, + hash, hash_length, + signature, signature_length); exit: - psa_destroy_key( key ); - return( status ); + psa_destroy_key(key); + return status; } @@ -512,8 +510,7 @@ exit: /* Other test helper functions */ /****************************************************************/ -typedef enum -{ +typedef enum { SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION, SIGN_IN_DRIVER_AND_PARALLEL_CREATION, SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC, @@ -523,54 +520,49 @@ typedef enum * are consistent with the attributes used when creating the key. */ static int check_key_attributes( mbedtls_svc_key_id_t key, - const psa_key_attributes_t *reference_attributes ) + const psa_key_attributes_t *reference_attributes) { int ok = 0; psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT( psa_get_key_attributes( key, &actual_attributes ) ); - - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &actual_attributes ), - psa_get_key_id( reference_attributes ) ) ); - TEST_EQUAL( psa_get_key_lifetime( &actual_attributes ), - psa_get_key_lifetime( reference_attributes ) ); - TEST_EQUAL( psa_get_key_type( &actual_attributes ), - psa_get_key_type( reference_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( &actual_attributes ), - psa_get_key_usage_flags( reference_attributes ) ); - TEST_EQUAL( psa_get_key_algorithm( &actual_attributes ), - psa_get_key_algorithm( reference_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &actual_attributes ), - psa_get_key_enrollment_algorithm( reference_attributes ) ); - if( psa_get_key_bits( reference_attributes ) != 0 ) - { - TEST_EQUAL( psa_get_key_bits( &actual_attributes ), - psa_get_key_bits( reference_attributes ) ); + PSA_ASSERT(psa_get_key_attributes(key, &actual_attributes)); + + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&actual_attributes), + psa_get_key_id(reference_attributes))); + TEST_EQUAL(psa_get_key_lifetime(&actual_attributes), + psa_get_key_lifetime(reference_attributes)); + TEST_EQUAL(psa_get_key_type(&actual_attributes), + psa_get_key_type(reference_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(&actual_attributes), + psa_get_key_usage_flags(reference_attributes)); + TEST_EQUAL(psa_get_key_algorithm(&actual_attributes), + psa_get_key_algorithm(reference_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&actual_attributes), + psa_get_key_enrollment_algorithm(reference_attributes)); + if (psa_get_key_bits(reference_attributes) != 0) { + TEST_EQUAL(psa_get_key_bits(&actual_attributes), + psa_get_key_bits(reference_attributes)); } { psa_key_slot_number_t actual_slot_number = 0xdeadbeef; psa_key_slot_number_t desired_slot_number = 0xb90cc011; psa_key_lifetime_t lifetime = - psa_get_key_lifetime( &actual_attributes ); - psa_status_t status = psa_get_key_slot_number( &actual_attributes, - &actual_slot_number ); - if( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ) < MIN_DRIVER_LOCATION ) - { + psa_get_key_lifetime(&actual_attributes); + psa_status_t status = psa_get_key_slot_number(&actual_attributes, + &actual_slot_number); + if (PSA_KEY_LIFETIME_GET_LOCATION(lifetime) < MIN_DRIVER_LOCATION) { /* The key is not in a secure element. */ - TEST_EQUAL( status, PSA_ERROR_INVALID_ARGUMENT ); - } - else - { + TEST_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT); + } else { /* The key is in a secure element. If it had been created * in a specific slot, check that it is reported there. */ - PSA_ASSERT( status ); - status = psa_get_key_slot_number( reference_attributes, - &desired_slot_number ); - if( status == PSA_SUCCESS ) - { - TEST_EQUAL( desired_slot_number, actual_slot_number ); + PSA_ASSERT(status); + status = psa_get_key_slot_number(reference_attributes, + &desired_slot_number); + if (status == PSA_SUCCESS) { + TEST_EQUAL(desired_slot_number, actual_slot_number); } } } @@ -581,64 +573,64 @@ exit: * Actual key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &actual_attributes ); + psa_reset_key_attributes(&actual_attributes); - return( ok ); + return ok; } /* Get the file UID corresponding to the specified location. * If this changes, the storage format version must change. * See psa_get_se_driver_its_file_uid() in psa_crypto_se.c. */ -psa_storage_uid_t file_uid_for_location( psa_key_location_t location ) +psa_storage_uid_t file_uid_for_location(psa_key_location_t location) { - if( location > PSA_MAX_SE_LOCATION ) - return( 0 ); - return( 0xfffffe00 + location ); + if (location > PSA_MAX_SE_LOCATION) { + return 0; + } + return 0xfffffe00 + location; } /* Check that the persistent data of a driver has its expected content. */ -static int check_persistent_data( psa_key_location_t location, - const void *expected_data, - size_t size ) +static int check_persistent_data(psa_key_location_t location, + const void *expected_data, + size_t size) { - psa_storage_uid_t uid = file_uid_for_location( location ); + psa_storage_uid_t uid = file_uid_for_location(location); struct psa_storage_info_t info; uint8_t *loaded = NULL; int ok = 0; - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - ASSERT_ALLOC( loaded, info.size ); - PSA_ASSERT( psa_its_get( uid, 0, info.size, loaded, NULL ) ); - ASSERT_COMPARE( expected_data, size, loaded, info.size ); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_CALLOC(loaded, info.size); + PSA_ASSERT(psa_its_get(uid, 0, info.size, loaded, NULL)); + TEST_MEMORY_COMPARE(expected_data, size, loaded, info.size); ok = 1; exit: - mbedtls_free( loaded ); - return( ok ); + mbedtls_free(loaded); + return ok; } /* Check that no persistent data exists for the given location. */ -static int check_no_persistent_data( psa_key_location_t location ) +static int check_no_persistent_data(psa_key_location_t location) { - psa_storage_uid_t uid = file_uid_for_location( location ); + psa_storage_uid_t uid = file_uid_for_location(location); struct psa_storage_info_t info; int ok = 0; - TEST_EQUAL( psa_its_get_info( uid, &info ), PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_its_get_info(uid, &info), PSA_ERROR_DOES_NOT_EXIST); ok = 1; exit: - return( ok ); + return ok; } /* Check that a function's return status is "smoke-free", i.e. that * it's an acceptable error code when calling an API function that operates * on a key with potentially bogus parameters. */ -static int is_status_smoke_free( psa_status_t status ) +static int is_status_smoke_free(psa_status_t status) { - switch( status ) - { + switch (status) { case PSA_SUCCESS: case PSA_ERROR_NOT_SUPPORTED: case PSA_ERROR_NOT_PERMITTED: @@ -646,112 +638,114 @@ static int is_status_smoke_free( psa_status_t status ) case PSA_ERROR_INVALID_ARGUMENT: case PSA_ERROR_INVALID_SIGNATURE: case PSA_ERROR_INVALID_PADDING: - return( 1 ); + return 1; default: - return( 0 ); + return 0; } } -#define SMOKE_ASSERT( expr ) \ - TEST_ASSERT( is_status_smoke_free( expr ) ) +#define SMOKE_ASSERT(expr) \ + TEST_ASSERT(is_status_smoke_free(expr)) /* Smoke test a key. There are mostly no wrong answers here since we pass * mostly bogus parameters: the goal is to ensure that there is no memory * corruption or crash. This test function is most useful when run under * an environment with sanity checks such as ASan or MSan. */ -static int smoke_test_key( mbedtls_svc_key_id_t key ) +static int smoke_test_key(mbedtls_svc_key_id_t key) { int ok = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT; psa_cipher_operation_t cipher_operation = PSA_CIPHER_OPERATION_INIT; +#if defined(MBEDTLS_SHA256_C) psa_key_derivation_operation_t derivation_operation = PSA_KEY_DERIVATION_OPERATION_INIT; +#endif uint8_t buffer[80]; /* large enough for a public key for ECDH */ size_t length; mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; - SMOKE_ASSERT( psa_get_key_attributes( key, &attributes ) ); - - SMOKE_ASSERT( psa_export_key( key, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_export_public_key( key, - buffer, sizeof( buffer ), &length ) ); - - SMOKE_ASSERT( psa_copy_key( key, &attributes, &key2 ) ); - if( ! mbedtls_svc_key_id_is_null( key2 ) ) - PSA_ASSERT( psa_destroy_key( key2 ) ); - - SMOKE_ASSERT( psa_mac_sign_setup( &mac_operation, key, PSA_ALG_CMAC ) ); - PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - SMOKE_ASSERT( psa_mac_verify_setup( &mac_operation, key, - PSA_ALG_HMAC( PSA_ALG_SHA_256 ) ) ); - PSA_ASSERT( psa_mac_abort( &mac_operation ) ); - - SMOKE_ASSERT( psa_cipher_encrypt_setup( &cipher_operation, key, - PSA_ALG_CTR ) ); - PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - SMOKE_ASSERT( psa_cipher_decrypt_setup( &cipher_operation, key, - PSA_ALG_CTR ) ); - PSA_ASSERT( psa_cipher_abort( &cipher_operation ) ); - - SMOKE_ASSERT( psa_aead_encrypt( key, PSA_ALG_CCM, - buffer, sizeof( buffer ), - NULL, 0, - buffer, sizeof( buffer), - buffer, sizeof( buffer), &length ) ); - SMOKE_ASSERT( psa_aead_decrypt( key, PSA_ALG_CCM, - buffer, sizeof( buffer ), - NULL, 0, - buffer, sizeof( buffer), - buffer, sizeof( buffer), &length ) ); - - SMOKE_ASSERT( psa_sign_hash( key, PSA_ALG_ECDSA_ANY, + SMOKE_ASSERT(psa_get_key_attributes(key, &attributes)); + + SMOKE_ASSERT(psa_export_key(key, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_export_public_key(key, + buffer, sizeof(buffer), &length)); + + SMOKE_ASSERT(psa_copy_key(key, &attributes, &key2)); + if (!mbedtls_svc_key_id_is_null(key2)) { + PSA_ASSERT(psa_destroy_key(key2)); + } + + SMOKE_ASSERT(psa_mac_sign_setup(&mac_operation, key, PSA_ALG_CMAC)); + PSA_ASSERT(psa_mac_abort(&mac_operation)); + SMOKE_ASSERT(psa_mac_verify_setup(&mac_operation, key, + PSA_ALG_HMAC(PSA_ALG_SHA_256))); + PSA_ASSERT(psa_mac_abort(&mac_operation)); + + SMOKE_ASSERT(psa_cipher_encrypt_setup(&cipher_operation, key, + PSA_ALG_CTR)); + PSA_ASSERT(psa_cipher_abort(&cipher_operation)); + SMOKE_ASSERT(psa_cipher_decrypt_setup(&cipher_operation, key, + PSA_ALG_CTR)); + PSA_ASSERT(psa_cipher_abort(&cipher_operation)); + + SMOKE_ASSERT(psa_aead_encrypt(key, PSA_ALG_CCM, + buffer, sizeof(buffer), + NULL, 0, + buffer, sizeof(buffer), + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_aead_decrypt(key, PSA_ALG_CCM, + buffer, sizeof(buffer), + NULL, 0, + buffer, sizeof(buffer), + buffer, sizeof(buffer), &length)); + + SMOKE_ASSERT(psa_sign_hash(key, PSA_ALG_ECDSA_ANY, + buffer, 32, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_verify_hash(key, PSA_ALG_ECDSA_ANY, buffer, 32, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_verify_hash( key, PSA_ALG_ECDSA_ANY, - buffer, 32, - buffer, sizeof( buffer ) ) ); - - SMOKE_ASSERT( psa_asymmetric_encrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, - buffer, 10, NULL, 0, - buffer, sizeof( buffer ), &length ) ); - SMOKE_ASSERT( psa_asymmetric_decrypt( key, PSA_ALG_RSA_PKCS1V15_CRYPT, - buffer, sizeof( buffer ), NULL, 0, - buffer, sizeof( buffer ), &length ) ); + buffer, sizeof(buffer))); + + SMOKE_ASSERT(psa_asymmetric_encrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, 10, NULL, 0, + buffer, sizeof(buffer), &length)); + SMOKE_ASSERT(psa_asymmetric_decrypt(key, PSA_ALG_RSA_PKCS1V15_CRYPT, + buffer, sizeof(buffer), NULL, 0, + buffer, sizeof(buffer), &length)); #if defined(MBEDTLS_SHA256_C) /* Try the key in a plain key derivation. */ - PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, - PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SALT, - NULL, 0 ) ); - SMOKE_ASSERT( psa_key_derivation_input_key( &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key ) ); - PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); + PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, + PSA_ALG_HKDF(PSA_ALG_SHA_256))); + PSA_ASSERT(psa_key_derivation_input_bytes(&derivation_operation, + PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0)); + SMOKE_ASSERT(psa_key_derivation_input_key(&derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_abort(&derivation_operation)); /* If the key is asymmetric, try it in a key agreement, both as * part of a derivation operation and standalone. */ - if( psa_export_public_key( key, buffer, sizeof( buffer ), &length ) == - PSA_SUCCESS ) - { + if (psa_export_public_key(key, buffer, sizeof(buffer), &length) == + PSA_SUCCESS) { psa_algorithm_t alg = - PSA_ALG_KEY_AGREEMENT( PSA_ALG_ECDH, - PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ); - PSA_ASSERT( psa_key_derivation_setup( &derivation_operation, alg ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( - &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT, - NULL, 0 ) ); - SMOKE_ASSERT( psa_key_derivation_key_agreement( - &derivation_operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - key, buffer, length ) ); - PSA_ASSERT( psa_key_derivation_abort( &derivation_operation ) ); - - SMOKE_ASSERT( psa_raw_key_agreement( - alg, key, buffer, length, - buffer, sizeof( buffer ), &length ) ); + PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, + PSA_ALG_HKDF(PSA_ALG_SHA_256)); + PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, alg)); + PSA_ASSERT(psa_key_derivation_input_bytes( + &derivation_operation, PSA_KEY_DERIVATION_INPUT_SALT, + NULL, 0)); + SMOKE_ASSERT(psa_key_derivation_key_agreement( + &derivation_operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key, buffer, length)); + PSA_ASSERT(psa_key_derivation_abort(&derivation_operation)); + + SMOKE_ASSERT(psa_raw_key_agreement( + alg, key, buffer, length, + buffer, sizeof(buffer), &length)); } #endif /* MBEDTLS_SHA256_C */ @@ -762,22 +756,23 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - return( ok ); + return ok; } -static void psa_purge_storage( void ) +static void psa_purge_storage(void) { /* The generic code in mbedtls_test_psa_purge_key_storage() * (which is called by PSA_DONE()) doesn't take care of things that are * specific to dynamic secure elements. */ psa_key_location_t location; /* Purge the transaction file. */ - psa_crypto_stop_transaction( ); + psa_crypto_stop_transaction(); /* Purge driver persistent data. */ - for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) - psa_destroy_se_persistent_data( location ); + for (location = 0; location < PSA_MAX_SE_LOCATION; location++) { + psa_destroy_se_persistent_data(location); + } } /* END_HEADER */ @@ -788,205 +783,207 @@ static void psa_purge_storage( void ) */ /* BEGIN_CASE */ -void register_one( int location, int version, int expected_status_arg ) +void register_one(int location, int version, int expected_status_arg) { psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = version; - TEST_EQUAL( psa_register_se_driver( location, &driver ), - expected_status ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + expected_status); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void register_twice( int count ) +void register_twice(int count) { psa_drv_se_t driver; psa_key_location_t location; psa_key_location_t max = MIN_DRIVER_LOCATION + count; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - TEST_EQUAL( psa_register_se_driver( location, &driver ), - PSA_ERROR_ALREADY_EXISTS ); + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + PSA_ASSERT(psa_register_se_driver(location, &driver)); + } + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + TEST_EQUAL(psa_register_se_driver(location, &driver), + PSA_ERROR_ALREADY_EXISTS); + } - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void register_max( ) +void register_max() { psa_drv_se_t driver; psa_key_location_t location; psa_key_location_t max = MIN_DRIVER_LOCATION + PSA_MAX_SE_DRIVERS; - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - for( location = MIN_DRIVER_LOCATION; location < max; location++ ) - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); + for (location = MIN_DRIVER_LOCATION; location < max; location++) { + PSA_ASSERT(psa_register_se_driver(location, &driver)); + } - TEST_EQUAL( psa_register_se_driver( location, &driver ), - PSA_ERROR_INSUFFICIENT_MEMORY ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + PSA_ERROR_INSUFFICIENT_MEMORY); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_creation_import_export( int lifetime_arg, int min_slot, int restart ) +void key_creation_import_export(int lifetime_arg, int min_slot, int restart) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_allocate = ram_allocate; key_management.p_import = ram_import; key_management.p_destroy = ram_destroy; key_management.p_export = ram_export; ram_min_slot = min_slot; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); - - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); + + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* For volatile keys, check no persistent data was created */ - if( ! check_no_persistent_data( location ) ) + if (!check_no_persistent_data(location)) { goto exit; - } - else - { + } + } else { /* For persistent keys, check persistent data */ - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Maybe restart, to check that the information is saved correctly. */ - if( restart ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + if (restart) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* Check that the PSA core has no knowledge of the volatile key */ - TEST_ASSERT( psa_open_key( returned_id, &handle ) == - PSA_ERROR_DOES_NOT_EXIST ); + TEST_ASSERT(psa_open_key(returned_id, &handle) == + PSA_ERROR_DOES_NOT_EXIST); /* Drop data from our mockup driver */ ram_slots_reset(); ram_min_slot = min_slot; /* Re-import key */ - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); - } - else - { + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); + } else { /* Check the persistent key file */ - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Test the key attributes, including the reported slot number. */ - psa_set_key_bits( &attributes, - PSA_BYTES_TO_BITS( sizeof( key_material ) ) ); - psa_set_key_slot_number( &attributes, min_slot ); + psa_set_key_bits(&attributes, + PSA_BYTES_TO_BITS(sizeof(key_material))); + psa_set_key_slot_number(&attributes, min_slot); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { attributes.core.id = returned_id; - else - psa_set_key_id( &attributes, returned_id ); + } else { + psa_set_key_id(&attributes, returned_id); + } - if( ! check_key_attributes( returned_id, &attributes ) ) + if (!check_key_attributes(returned_id, &attributes)) { goto exit; + } /* Test the key data. */ - PSA_ASSERT( psa_export_key( returned_id, - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( key_material, sizeof( key_material ), - exported, exported_length ); - - PSA_ASSERT( psa_destroy_key( returned_id ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + PSA_ASSERT(psa_export_key(returned_id, + exported, sizeof(exported), + &exported_length)); + TEST_MEMORY_COMPARE(key_material, sizeof(key_material), + exported, exported_length); + + PSA_ASSERT(psa_destroy_key(returned_id)); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; - TEST_EQUAL( psa_open_key( returned_id, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(returned_id, &handle), + PSA_ERROR_DOES_NOT_EXIST); /* Test that the key has been erased from the designated slot. */ - TEST_EQUAL( ram_slots[min_slot].type, 0 ); + TEST_EQUAL(ram_slots[min_slot].type, 0); exit: - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void key_creation_in_chosen_slot( int slot_arg, - int restart, - int expected_status_arg ) +void key_creation_in_chosen_slot(int slot_arg, + int restart, + int expected_status_arg) { psa_key_slot_number_t wanted_slot = slot_arg; psa_status_t expected_status = expected_status_arg; @@ -994,200 +991,208 @@ void key_creation_in_chosen_slot( int slot_arg, psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_validate_slot_number = ram_validate_slot_number; key_management.p_import = ram_import; key_management.p_destroy = ram_destroy; key_management.p_export = ram_export; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_slot_number( &attributes, wanted_slot ); - status = psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ); - TEST_EQUAL( status, expected_status ); - - if( status != PSA_SUCCESS ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_slot_number(&attributes, wanted_slot); + status = psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id); + TEST_EQUAL(status, expected_status); + + if (status != PSA_SUCCESS) { goto exit; - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + } + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } /* Maybe restart, to check that the information is saved correctly. */ - if( restart ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + if (restart) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; + } } /* Test that the key was created in the expected slot. */ - TEST_EQUAL( ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA ); + TEST_EQUAL(ram_slots[wanted_slot].type, PSA_KEY_TYPE_RAW_DATA); /* Test that the key is reported with the correct attributes, * including the expected slot. */ - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &ram_shadow_slot_usage, - sizeof( ram_shadow_slot_usage ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &ram_shadow_slot_usage, + sizeof(ram_shadow_slot_usage))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void import_key_smoke( int type_arg, int alg_arg, - data_t *key_material ) +void import_key_smoke(int type_arg, int alg_arg, + data_t *key_material) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; key_management.p_import = null_import; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, - key_material->x, key_material->len, - &returned_id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + PSA_ASSERT(psa_import_key(&attributes, + key_material->x, key_material->len, + &returned_id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; + } /* Do stuff with the key. */ - if( ! smoke_test_key( id ) ) + if (!smoke_test_key(id)) { goto exit; + } /* Restart and try again. */ - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - if( ! smoke_test_key( id ) ) + } + if (!smoke_test_key(id)) { goto exit; + } /* We're done. */ - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key_not_supported( int type_arg, int bits_arg ) +void generate_key_not_supported(int type_arg, int bits_arg) { psa_key_type_t type = type_arg; size_t bits = bits_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; /* No p_generate method */ - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - TEST_EQUAL( psa_generate_key( &attributes, &returned_id ), - PSA_ERROR_NOT_SUPPORTED ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + TEST_EQUAL(psa_generate_key(&attributes, &returned_id), + PSA_ERROR_NOT_SUPPORTED); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) +void generate_key_smoke(int type_arg, int bits_arg, int alg_arg) { psa_key_type_t type = type_arg; psa_key_bits_t bits = bits_arg; @@ -1195,88 +1200,93 @@ void generate_key_smoke( int type_arg, int bits_arg, int alg_arg ) psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_handle_t handle; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; - driver.persistent_data_size = sizeof( psa_key_slot_number_t ); + driver.persistent_data_size = sizeof(psa_key_slot_number_t); key_management.p_allocate = counter_allocate; key_management.p_generate = null_generate; key_management.p_destroy = null_destroy; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | - PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | - PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - PSA_ASSERT( psa_generate_key( &attributes, &returned_id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + PSA_ASSERT(psa_generate_key(&attributes, &returned_id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; + } /* Do stuff with the key. */ - if( ! smoke_test_key( id ) ) + if (!smoke_test_key(id)) { goto exit; + } /* Restart and try again. */ - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - if( ! smoke_test_key( id ) ) + } + if (!smoke_test_key(id)) { goto exit; + } /* We're done. */ - PSA_ASSERT( psa_destroy_key( id ) ); - if( ! check_persistent_data( location, - &shadow_counter, sizeof( shadow_counter ) ) ) + PSA_ASSERT(psa_destroy_key(id)); + if (!check_persistent_data(location, + &shadow_counter, sizeof(shadow_counter))) { goto exit; - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + } + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - PSA_DONE( ); - counter_reset( ); - psa_purge_storage( ); + PSA_DONE(); + counter_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void sign_verify( int flow, - int type_arg, int alg_arg, - int bits_arg, data_t *key_material, - data_t *input ) +void sign_verify(int flow, + int type_arg, int alg_arg, + int bits_arg, data_t *key_material, + data_t *input) { psa_key_type_t type = type_arg; psa_algorithm_t alg = alg_arg; size_t bits = bits_arg; /* Pass bits=0 to import, bits>0 to fake-generate */ - int generating = ( bits != 0 ); + int generating = (bits != 0); psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -1284,23 +1294,23 @@ void sign_verify( int flow, uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; size_t signature_length; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; driver.asymmetric = &asymmetric; - driver.persistent_data_size = sizeof( ram_slot_usage_t ); + driver.persistent_data_size = sizeof(ram_slot_usage_t); key_management.p_allocate = ram_allocate; key_management.p_destroy = ram_destroy; - if( generating ) + if (generating) { key_management.p_generate = ram_fake_generate; - else + } else { key_management.p_import = ram_import; - switch( flow ) - { + } + switch (flow) { case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: break; case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: @@ -1311,208 +1321,206 @@ void sign_verify( int flow, key_management.p_export_public = ram_export_public; break; default: - TEST_ASSERT( ! "unsupported flow (should be SIGN_IN_xxx)" ); + TEST_FAIL("unsupported flow (should be SIGN_IN_xxx)"); break; } asymmetric.p_verify = ram_verify; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); /* Prepare to create two keys with the same key material: a transparent * key, and one that goes through the driver. */ - psa_set_key_usage_flags( &sw_attributes, - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &sw_attributes, alg ); - psa_set_key_type( &sw_attributes, type ); + psa_set_key_usage_flags(&sw_attributes, + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&sw_attributes, alg); + psa_set_key_type(&sw_attributes, type); drv_attributes = sw_attributes; - psa_set_key_id( &drv_attributes, id ); - psa_set_key_lifetime( &drv_attributes, lifetime ); + psa_set_key_id(&drv_attributes, id); + psa_set_key_lifetime(&drv_attributes, lifetime); /* Create the key in the driver. */ - if( generating ) - { - psa_set_key_bits( &drv_attributes, bits ); - PSA_ASSERT( psa_generate_key( &drv_attributes, &returned_id ) ); + if (generating) { + psa_set_key_bits(&drv_attributes, bits); + PSA_ASSERT(psa_generate_key(&drv_attributes, &returned_id)); /* Since we called a generate method that does not actually * generate material, store the desired result of generation in * the mock secure element storage. */ - PSA_ASSERT( psa_get_key_attributes( id, &drv_attributes ) ); - TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) ); - memcpy( ram_slots[ram_min_slot].content, key_material->x, - key_material->len ); - } - else - { - PSA_ASSERT( psa_import_key( &drv_attributes, - key_material->x, key_material->len, - &returned_id ) ); + PSA_ASSERT(psa_get_key_attributes(id, &drv_attributes)); + TEST_EQUAL(key_material->len, PSA_BITS_TO_BYTES(bits)); + memcpy(ram_slots[ram_min_slot].content, key_material->x, + key_material->len); + } else { + PSA_ASSERT(psa_import_key(&drv_attributes, + key_material->x, key_material->len, + &returned_id)); } /* Either import the same key in software, or export the driver's * public key and import that. */ - switch( flow ) - { + switch (flow) { case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_import_key( &sw_attributes, - key_material->x, key_material->len, - &sw_key ) ); + PSA_ASSERT(psa_import_key(&sw_attributes, + key_material->x, key_material->len, + &sw_key)); break; case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: { - uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE( PSA_VENDOR_ECC_MAX_CURVE_BITS )]; + uint8_t public_key[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + ]; size_t public_key_length; - PSA_ASSERT( psa_export_public_key( id, - public_key, sizeof( public_key ), - &public_key_length ) ); - psa_set_key_type( &sw_attributes, - PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR( type ) ); - PSA_ASSERT( psa_import_key( &sw_attributes, - public_key, public_key_length, - &sw_key ) ); + PSA_ASSERT(psa_export_public_key(id, + public_key, sizeof(public_key), + &public_key_length)); + psa_set_key_type(&sw_attributes, + PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(type)); + PSA_ASSERT(psa_import_key(&sw_attributes, + public_key, public_key_length, + &sw_key)); break; } } /* Sign with the chosen key. */ - switch( flow ) - { + switch (flow) { case SIGN_IN_DRIVER_AND_PARALLEL_CREATION: case SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC: PSA_ASSERT_VIA_DRIVER( - psa_sign_hash( id, alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ), - PSA_SUCCESS ); + psa_sign_hash(id, alg, + input->x, input->len, + signature, sizeof(signature), + &signature_length), + PSA_SUCCESS); break; case SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION: - PSA_ASSERT( psa_sign_hash( sw_key, alg, - input->x, input->len, - signature, sizeof( signature ), - &signature_length ) ); + PSA_ASSERT(psa_sign_hash(sw_key, alg, + input->x, input->len, + signature, sizeof(signature), + &signature_length)); break; } /* Verify with both keys. */ - PSA_ASSERT( psa_verify_hash( sw_key, alg, - input->x, input->len, - signature, signature_length ) ); + PSA_ASSERT(psa_verify_hash(sw_key, alg, + input->x, input->len, + signature, signature_length)); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( id, alg, - input->x, input->len, - signature, signature_length ), - PSA_SUCCESS ); + psa_verify_hash(id, alg, + input->x, input->len, + signature, signature_length), + PSA_SUCCESS); /* Change the signature and verify again. */ signature[0] ^= 1; - TEST_EQUAL( psa_verify_hash( sw_key, alg, - input->x, input->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL(psa_verify_hash(sw_key, alg, + input->x, input->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); PSA_ASSERT_VIA_DRIVER( - psa_verify_hash( id, alg, - input->x, input->len, - signature, signature_length ), - PSA_ERROR_INVALID_SIGNATURE ); + psa_verify_hash(id, alg, + input->x, input->len, + signature, signature_length), + PSA_ERROR_INVALID_SIGNATURE); exit: /* * Driver key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &drv_attributes ); + psa_reset_key_attributes(&drv_attributes); - psa_destroy_key( id ); - psa_destroy_key( sw_key ); - PSA_DONE( ); - ram_slots_reset( ); - psa_purge_storage( ); + psa_destroy_key(id); + psa_destroy_key(sw_key); + PSA_DONE(); + ram_slots_reset(); + psa_purge_storage(); } /* END_CASE */ /* BEGIN_CASE */ -void register_key_smoke_test( int lifetime_arg, - int owner_id_arg, - int id_arg, - int validate, - int expected_status_arg ) +void register_key_smoke_test(int lifetime_arg, + int owner_id_arg, + int id_arg, + int validate, + int expected_status_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); psa_status_t expected_status = expected_status_arg; psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_key_handle_t handle; size_t bit_size = 48; psa_key_slot_number_t wanted_slot = 0x123456789; psa_status_t status; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - memset( &driver, 0, sizeof( driver ) ); + memset(&driver, 0, sizeof(driver)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; - memset( &key_management, 0, sizeof( key_management ) ); + memset(&key_management, 0, sizeof(key_management)); driver.key_management = &key_management; key_management.p_destroy = null_destroy; - if( validate >= 0 ) - { + if (validate >= 0) { key_management.p_validate_slot_number = validate_slot_number_as_directed; validate_slot_number_directions.slot_number = wanted_slot; validate_slot_number_directions.method = PSA_KEY_CREATION_REGISTER; validate_slot_number_directions.status = - ( validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED ); + (validate > 0 ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED); } - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_register_se_driver( MIN_DRIVER_LOCATION, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_register_se_driver(MIN_DRIVER_LOCATION, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &attributes, bit_size ); - psa_set_key_slot_number( &attributes, wanted_slot ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&attributes, bit_size); + psa_set_key_slot_number(&attributes, wanted_slot); - status = mbedtls_psa_register_se_key( &attributes ); - TEST_EQUAL( status, expected_status ); + status = mbedtls_psa_register_se_key(&attributes); + TEST_EQUAL(status, expected_status); - if( status != PSA_SUCCESS ) + if (status != PSA_SUCCESS) { goto exit; + } /* Test that the key exists and has the expected attributes. */ - if( ! check_key_attributes( id, &attributes ) ) + if (!check_key_attributes(id, &attributes)) { goto exit; + } #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t invalid_id = - mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); - TEST_EQUAL( psa_open_key( invalid_id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg); + TEST_EQUAL(psa_open_key(invalid_id, &handle), PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_purge_key( id ) ); + PSA_ASSERT(psa_purge_key(id)); /* Restart and try again. */ - mbedtls_test_set_step( 2 ); - PSA_SESSION_DONE( ); - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - if( ! check_key_attributes( id, &attributes ) ) + mbedtls_test_set_step(2); + PSA_SESSION_DONE(); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + if (!check_key_attributes(id, &attributes)) { goto exit; + } /* This time, destroy the key. */ - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_EQUAL( psa_open_key( id, &handle ), PSA_ERROR_DOES_NOT_EXIST ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_EQUAL(psa_open_key(id, &handle), PSA_ERROR_DOES_NOT_EXIST); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( id ); - PSA_DONE( ); - psa_purge_storage( ); - memset( &validate_slot_number_directions, 0, - sizeof( validate_slot_number_directions ) ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(id); + PSA_DONE(); + psa_purge_storage(); + memset(&validate_slot_number_directions, 0, + sizeof(validate_slot_number_directions)); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function index 12c58ebbbad..6f28f93e579 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function @@ -7,18 +7,16 @@ /** The location and lifetime used for tests that use a single driver. */ #define TEST_DRIVER_LOCATION 1 #define TEST_SE_PERSISTENT_LIFETIME \ - ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ - PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) ) + (PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( \ + PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION)) -static struct -{ +static struct { uint16_t called; psa_key_location_t location; psa_status_t return_value; } mock_init_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; @@ -26,8 +24,7 @@ static struct psa_status_t return_value; } mock_generate_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_key_attributes_t attributes; @@ -36,24 +33,21 @@ static struct psa_status_t return_value; } mock_import_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; psa_status_t return_value; } mock_export_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; size_t data_size; psa_status_t return_value; } mock_export_public_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_algorithm_t alg; @@ -62,8 +56,7 @@ static struct psa_status_t return_value; } mock_sign_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t key_slot; psa_algorithm_t alg; @@ -72,21 +65,19 @@ static struct psa_status_t return_value; } mock_verify_data; -static struct -{ +static struct { uint16_t called; psa_status_t return_value; } mock_allocate_data; -static struct -{ +static struct { uint16_t called; psa_key_slot_number_t slot_number; psa_status_t return_value; } mock_destroy_data; #define MAX_KEY_ID_FOR_TEST 10 -static void psa_purge_storage( void ) +static void psa_purge_storage(void) { psa_key_id_t id; psa_key_location_t location; @@ -94,48 +85,50 @@ static void psa_purge_storage( void ) /* The tests may have potentially created key ids from 1 to * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id * 0, which file-based storage uses as a temporary file. */ - for( id = 0; id <= MAX_KEY_ID_FOR_TEST; id++ ) - psa_destroy_persistent_key( mbedtls_svc_key_id_make( 1, id ) ); + for (id = 0; id <= MAX_KEY_ID_FOR_TEST; id++) { + psa_destroy_persistent_key(mbedtls_svc_key_id_make(1, id)); + } /* Purge the transaction file. */ - psa_crypto_stop_transaction( ); + psa_crypto_stop_transaction(); /* Purge driver persistent data. */ - for( location = 0; location < PSA_MAX_SE_LOCATION; location++ ) - psa_destroy_se_persistent_data( location ); + for (location = 0; location < PSA_MAX_SE_LOCATION; location++) { + psa_destroy_se_persistent_data(location); + } } -static void mock_teardown( void ) +static void mock_teardown(void) { - memset( &mock_init_data, 0, sizeof( mock_init_data ) ); - memset( &mock_import_data, 0, sizeof( mock_import_data ) ); - memset( &mock_export_data, 0, sizeof( mock_export_data ) ); - memset( &mock_export_public_data, 0, sizeof( mock_export_public_data ) ); - memset( &mock_sign_data, 0, sizeof( mock_sign_data ) ); - memset( &mock_verify_data, 0, sizeof( mock_verify_data ) ); - memset( &mock_allocate_data, 0, sizeof( mock_allocate_data ) ); - memset( &mock_destroy_data, 0, sizeof( mock_destroy_data ) ); - memset( &mock_generate_data, 0, sizeof( mock_generate_data ) ); - psa_purge_storage( ); + memset(&mock_init_data, 0, sizeof(mock_init_data)); + memset(&mock_import_data, 0, sizeof(mock_import_data)); + memset(&mock_export_data, 0, sizeof(mock_export_data)); + memset(&mock_export_public_data, 0, sizeof(mock_export_public_data)); + memset(&mock_sign_data, 0, sizeof(mock_sign_data)); + memset(&mock_verify_data, 0, sizeof(mock_verify_data)); + memset(&mock_allocate_data, 0, sizeof(mock_allocate_data)); + memset(&mock_destroy_data, 0, sizeof(mock_destroy_data)); + memset(&mock_generate_data, 0, sizeof(mock_generate_data)); + psa_purge_storage(); } -static psa_status_t mock_init( psa_drv_se_context_t *drv_context, - void *persistent_data, - psa_key_location_t location ) +static psa_status_t mock_init(psa_drv_se_context_t *drv_context, + void *persistent_data, + psa_key_location_t location) { (void) drv_context; (void) persistent_data; mock_init_data.called++; mock_init_data.location = location; - return( mock_init_data.return_value ); + return mock_init_data.return_value; } -static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - const psa_key_attributes_t *attributes, - uint8_t *pubkey, - size_t pubkey_size, - size_t *pubkey_length ) +static psa_status_t mock_generate(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + uint8_t *pubkey, + size_t pubkey_size, + size_t *pubkey_length) { (void) drv_context; (void) pubkey; @@ -146,15 +139,15 @@ static psa_status_t mock_generate( psa_drv_se_context_t *drv_context, mock_generate_data.attributes = *attributes; mock_generate_data.pubkey_size = pubkey_size; - return( mock_generate_data.return_value ); + return mock_generate_data.return_value; } -static psa_status_t mock_import( psa_drv_se_context_t *drv_context, - psa_key_slot_number_t key_slot, - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *bits ) +static psa_status_t mock_import(psa_drv_se_context_t *drv_context, + psa_key_slot_number_t key_slot, + const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + size_t *bits) { (void) drv_context; (void) data; @@ -166,14 +159,14 @@ static psa_status_t mock_import( psa_drv_se_context_t *drv_context, mock_import_data.attributes = *attributes; mock_import_data.data_length = data_length; - return( mock_import_data.return_value ); + return mock_import_data.return_value; } -psa_status_t mock_export( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ) +psa_status_t mock_export(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length) { (void) context; (void) p_data; @@ -183,14 +176,14 @@ psa_status_t mock_export( psa_drv_se_context_t *context, mock_export_data.slot_number = slot_number; mock_export_data.data_size = data_size; - return( mock_export_data.return_value ); + return mock_export_data.return_value; } -psa_status_t mock_export_public( psa_drv_se_context_t *context, - psa_key_slot_number_t slot_number, - uint8_t *p_data, - size_t data_size, - size_t *p_data_length ) +psa_status_t mock_export_public(psa_drv_se_context_t *context, + psa_key_slot_number_t slot_number, + uint8_t *p_data, + size_t data_size, + size_t *p_data_length) { (void) context; (void) p_data; @@ -200,17 +193,17 @@ psa_status_t mock_export_public( psa_drv_se_context_t *context, mock_export_public_data.slot_number = slot_number; mock_export_public_data.data_size = data_size; - return( mock_export_public_data.return_value ); + return mock_export_public_data.return_value; } -psa_status_t mock_sign( psa_drv_se_context_t *context, - psa_key_slot_number_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - uint8_t *p_signature, - size_t signature_size, - size_t *p_signature_length ) +psa_status_t mock_sign(psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + uint8_t *p_signature, + size_t signature_size, + size_t *p_signature_length) { (void) context; (void) p_hash; @@ -226,13 +219,13 @@ psa_status_t mock_sign( psa_drv_se_context_t *context, return mock_sign_data.return_value; } -psa_status_t mock_verify( psa_drv_se_context_t *context, - psa_key_slot_number_t key_slot, - psa_algorithm_t alg, - const uint8_t *p_hash, - size_t hash_length, - const uint8_t *p_signature, - size_t signature_length ) +psa_status_t mock_verify(psa_drv_se_context_t *context, + psa_key_slot_number_t key_slot, + psa_algorithm_t alg, + const uint8_t *p_hash, + size_t hash_length, + const uint8_t *p_signature, + size_t signature_length) { (void) context; (void) p_hash; @@ -247,11 +240,11 @@ psa_status_t mock_verify( psa_drv_se_context_t *context, return mock_verify_data.return_value; } -psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, - void *persistent_data, - const psa_key_attributes_t *attributes, - psa_key_creation_method_t method, - psa_key_slot_number_t *key_slot ) +psa_status_t mock_allocate(psa_drv_se_context_t *drv_context, + void *persistent_data, + const psa_key_attributes_t *attributes, + psa_key_creation_method_t method, + psa_key_slot_number_t *key_slot) { (void) drv_context; (void) persistent_data; @@ -262,12 +255,12 @@ psa_status_t mock_allocate( psa_drv_se_context_t *drv_context, mock_allocate_data.called++; *key_slot = 0; - return( mock_allocate_data.return_value ); + return mock_allocate_data.return_value; } -psa_status_t mock_destroy( psa_drv_se_context_t *context, - void *persistent_data, - psa_key_slot_number_t slot_number ) +psa_status_t mock_destroy(psa_drv_se_context_t *context, + void *persistent_data, + psa_key_slot_number_t slot_number) { (void) context; (void) persistent_data; @@ -275,7 +268,7 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, mock_destroy_data.called++; mock_destroy_data.slot_number = slot_number; - return( mock_destroy_data.return_value ); + return mock_destroy_data.return_value; } /* END_HEADER */ @@ -286,11 +279,11 @@ psa_status_t mock_destroy( psa_drv_se_context_t *context, */ /* BEGIN_CASE */ -void mock_init( int location_arg, - int expected_register_status_arg, - int driver_status_arg, - int expected_psa_status_arg, - int expected_called ) +void mock_init(int location_arg, + int expected_register_status_arg, + int driver_status_arg, + int expected_psa_status_arg, + int expected_called) { psa_key_location_t location = location_arg; psa_status_t expected_register_status = expected_register_status_arg; @@ -304,112 +297,110 @@ void mock_init( int location_arg, mock_init_data.return_value = driver_status; - TEST_EQUAL( psa_register_se_driver( location, &driver ), - expected_register_status ); + TEST_EQUAL(psa_register_se_driver(location, &driver), + expected_register_status); psa_crypto_init_called = 1; - TEST_EQUAL( psa_crypto_init( ), expected_psa_status ); + TEST_EQUAL(psa_crypto_init(), expected_psa_status); - TEST_EQUAL( mock_init_data.called, expected_called ); - if( expected_called ) - TEST_EQUAL( mock_init_data.location, location ); + TEST_EQUAL(mock_init_data.called, expected_called); + if (expected_called) { + TEST_EQUAL(mock_init_data.location, location); + } exit: - if( psa_crypto_init_called ) - PSA_DONE( ); - mock_teardown( ); + if (psa_crypto_init_called) { + PSA_DONE(); + } + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_import( int mock_alloc_return_value, - int mock_import_return_value, - int bits, - int expected_result ) +void mock_import(int mock_alloc_return_value, + int mock_import_return_value, + int bits, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; mock_allocate_data.return_value = mock_alloc_return_value; mock_import_data.return_value = mock_import_return_value; mock_import_data.bits = bits; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_import = mock_import; key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) == expected_result ); - - TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_import_data.called == - ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); - - if( mock_alloc_return_value == PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - mock_import_data.attributes.core.id, id ) ); - } - else - { - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - mock_import_data.attributes.core.id ) == 0 ); - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( - mock_import_data.attributes.core.id ) == 0 ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + TEST_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id) == expected_result); + + TEST_ASSERT(mock_allocate_data.called == 1); + TEST_ASSERT(mock_import_data.called == + (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0)); + + if (mock_alloc_return_value == PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + mock_import_data.attributes.core.id, id)); + } else { + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + mock_import_data.attributes.core.id) == 0); + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( + mock_import_data.attributes.core.id) == 0); } - TEST_ASSERT( mock_import_data.attributes.core.lifetime == - ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); - TEST_ASSERT( mock_import_data.attributes.core.policy.usage == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); - TEST_ASSERT( mock_import_data.attributes.core.type == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); - - if( expected_result == PSA_SUCCESS ) - { - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_import_data.attributes.core.lifetime == + (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0)); + TEST_ASSERT(mock_import_data.attributes.core.policy.usage == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0)); + TEST_ASSERT(mock_import_data.attributes.core.type == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0)); + + if (expected_result == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); } exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_export( int mock_export_return_value, int expected_result ) +void mock_export(int mock_export_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; mock_export_data.return_value = mock_export_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; driver.p_init = mock_init; @@ -418,119 +409,115 @@ void mock_export( int mock_export_return_value, int expected_result ) key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_export_key( id, - exported, sizeof( exported ), - &exported_length ) == expected_result ); + TEST_ASSERT(psa_export_key(id, + exported, sizeof(exported), + &exported_length) == expected_result); - TEST_ASSERT( mock_export_data.called == 1 ); + TEST_ASSERT(mock_export_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); + PSA_ASSERT(psa_destroy_key(id)); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_generate( int mock_alloc_return_value, - int mock_generate_return_value, - int expected_result ) +void mock_generate(int mock_alloc_return_value, + int mock_generate_return_value, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mock_allocate_data.return_value = mock_alloc_return_value; mock_generate_data.return_value = mock_generate_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_generate = mock_generate; key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); - - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_bits( &attributes, 8 ); - TEST_ASSERT( psa_generate_key( &attributes, &returned_id) == expected_result ); - TEST_ASSERT( mock_allocate_data.called == 1 ); - TEST_ASSERT( mock_generate_data.called == - ( mock_alloc_return_value == PSA_SUCCESS? 1 : 0 ) ); - - if( mock_alloc_return_value == PSA_SUCCESS ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - mock_generate_data.attributes.core.id, id ) ); - } - else - { - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - mock_generate_data.attributes.core.id ) == 0 ); - TEST_ASSERT( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( - mock_generate_data.attributes.core.id ) == 0 ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_bits(&attributes, 8); + TEST_ASSERT(psa_generate_key(&attributes, &returned_id) == expected_result); + TEST_ASSERT(mock_allocate_data.called == 1); + TEST_ASSERT(mock_generate_data.called == + (mock_alloc_return_value == PSA_SUCCESS ? 1 : 0)); + + if (mock_alloc_return_value == PSA_SUCCESS) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + mock_generate_data.attributes.core.id, id)); + } else { + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + mock_generate_data.attributes.core.id) == 0); + TEST_ASSERT(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( + mock_generate_data.attributes.core.id) == 0); } - TEST_ASSERT( mock_generate_data.attributes.core.lifetime == - ( mock_alloc_return_value == PSA_SUCCESS? lifetime : 0 ) ); - TEST_ASSERT( mock_generate_data.attributes.core.policy.usage == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_USAGE_EXPORT : 0 ) ); - TEST_ASSERT( mock_generate_data.attributes.core.type == - ( mock_alloc_return_value == PSA_SUCCESS? PSA_KEY_TYPE_RAW_DATA : 0 ) ); - - if( expected_result == PSA_SUCCESS ) - { - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + TEST_ASSERT(mock_generate_data.attributes.core.lifetime == + (mock_alloc_return_value == PSA_SUCCESS ? lifetime : 0)); + TEST_ASSERT(mock_generate_data.attributes.core.policy.usage == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_USAGE_EXPORT : 0)); + TEST_ASSERT(mock_generate_data.attributes.core.type == + (mock_alloc_return_value == PSA_SUCCESS ? PSA_KEY_TYPE_RAW_DATA : 0)); + + if (expected_result == PSA_SUCCESS) { + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); } exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_export_public( int mock_export_public_return_value, - int expected_result ) +void mock_export_public(int mock_export_public_return_value, + int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; - uint8_t exported[sizeof( key_material )]; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; + uint8_t exported[sizeof(key_material)]; size_t exported_length; mock_export_public_data.return_value = mock_export_public_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; driver.key_management = &key_management; key_management.p_import = mock_import; @@ -538,52 +525,52 @@ void mock_export_public( int mock_export_public_return_value, key_management.p_destroy = mock_destroy; key_management.p_allocate = mock_allocate; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_PUBLIC_KEY); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_export_public_key( id, exported, sizeof(exported), - &exported_length ) == expected_result ); - TEST_ASSERT( mock_export_public_data.called == 1 ); + TEST_ASSERT(psa_export_public_key(id, exported, sizeof(exported), + &exported_length) == expected_result); + TEST_ASSERT(mock_export_public_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_sign( int mock_sign_return_value, int expected_result ) +void mock_sign(int mock_sign_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); - const uint8_t hash[1] = {'H'}; - uint8_t signature[1] = {'S'}; + const uint8_t hash[1] = { 'H' }; + uint8_t signature[1] = { 'S' }; size_t signature_length; mock_sign_data.return_value = mock_sign_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -595,55 +582,55 @@ void mock_sign( int mock_sign_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_sign = mock_sign; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); - psa_set_key_algorithm( &attributes, algorithm ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, algorithm); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_sign_hash( id, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ), - &signature_length) - == expected_result ); - TEST_ASSERT( mock_sign_data.called == 1 ); + TEST_ASSERT(psa_sign_hash(id, algorithm, + hash, sizeof(hash), + signature, sizeof(signature), + &signature_length) + == expected_result); + TEST_ASSERT(mock_sign_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ /* BEGIN_CASE */ -void mock_verify( int mock_verify_return_value, int expected_result ) +void mock_verify(int mock_verify_return_value, int expected_result) { psa_drv_se_t driver; psa_drv_se_key_management_t key_management; psa_drv_se_asymmetric_t asymmetric; psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime ); - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, 1 ); + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION(lifetime); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, 1); mbedtls_svc_key_id_t returned_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const uint8_t key_material[3] = {0xfa, 0xca, 0xde}; + const uint8_t key_material[3] = { 0xfa, 0xca, 0xde }; psa_algorithm_t algorithm = PSA_ALG_ECDSA(PSA_ALG_SHA_256); - const uint8_t hash[1] = {'H'}; - const uint8_t signature[1] = {'S'}; + const uint8_t hash[1] = { 'H' }; + const uint8_t signature[1] = { 'S' }; mock_verify_data.return_value = mock_verify_return_value; - memset( &driver, 0, sizeof( driver ) ); - memset( &key_management, 0, sizeof( key_management ) ); - memset( &asymmetric, 0, sizeof( asymmetric ) ); + memset(&driver, 0, sizeof(driver)); + memset(&key_management, 0, sizeof(key_management)); + memset(&asymmetric, 0, sizeof(asymmetric)); driver.hal_version = PSA_DRV_SE_HAL_VERSION; @@ -655,30 +642,30 @@ void mock_verify( int mock_verify_return_value, int expected_result ) driver.asymmetric = &asymmetric; asymmetric.p_verify = mock_verify; - PSA_ASSERT( psa_register_se_driver( location, &driver ) ); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_register_se_driver(location, &driver)); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_HASH ); - psa_set_key_algorithm( &attributes, algorithm ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, algorithm); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - PSA_ASSERT( psa_import_key( &attributes, - key_material, sizeof( key_material ), - &returned_id ) ); + PSA_ASSERT(psa_import_key(&attributes, + key_material, sizeof(key_material), + &returned_id)); - TEST_ASSERT( psa_verify_hash( id, algorithm, - hash, sizeof( hash ), - signature, sizeof( signature ) ) - == expected_result ); - TEST_ASSERT( mock_verify_data.called == 1 ); + TEST_ASSERT(psa_verify_hash(id, algorithm, + hash, sizeof(hash), + signature, sizeof(signature)) + == expected_result); + TEST_ASSERT(mock_verify_data.called == 1); - PSA_ASSERT( psa_destroy_key( id ) ); - TEST_ASSERT( mock_destroy_data.called == 1 ); + PSA_ASSERT(psa_destroy_key(id)); + TEST_ASSERT(mock_destroy_data.called == 1); exit: - PSA_DONE( ); - mock_teardown( ); + PSA_DONE(); + mock_teardown(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_slot_management.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_slot_management.function index aa3ce28f241..5bd12eb09ee 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_slot_management.function @@ -4,8 +4,7 @@ #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" -typedef enum -{ +typedef enum { /**< Close key(s) */ INVALIDATE_BY_CLOSING, @@ -28,15 +27,13 @@ typedef enum INVALIDATE_BY_PURGING_WITH_SHUTDOWN, } invalidate_method_t; -typedef enum -{ +typedef enum { KEEP_OPEN, CLOSE_BEFORE, CLOSE_AFTER, } reopen_policy_t; -typedef enum -{ +typedef enum { INVALID_HANDLE_0, INVALID_HANDLE_UNOPENED, INVALID_HANDLE_CLOSED, @@ -46,61 +43,59 @@ typedef enum /** Apply \p invalidate_method to invalidate the specified key: * close it, destroy it, or do nothing; */ -static int invalidate_key( invalidate_method_t invalidate_method, - mbedtls_svc_key_id_t key ) +static int invalidate_key(invalidate_method_t invalidate_method, + mbedtls_svc_key_id_t key) { - switch( invalidate_method ) - { + switch (invalidate_method) { /* Closing the key invalidate only volatile keys, not persistent ones. */ case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: - PSA_ASSERT( psa_close_key( key ) ); + PSA_ASSERT(psa_close_key(key)); break; case INVALIDATE_BY_DESTROYING: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: - PSA_ASSERT( psa_destroy_key( key ) ); + PSA_ASSERT(psa_destroy_key(key)); break; /* Purging the key just purges RAM data of persistent keys. */ case INVALIDATE_BY_PURGING: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: - PSA_ASSERT( psa_purge_key( key ) ); + PSA_ASSERT(psa_purge_key(key)); break; case INVALIDATE_BY_SHUTDOWN: break; } - return( 1 ); + return 1; exit: - return( 0 ); + return 0; } /** Restart the PSA subsystem if \p invalidate_method says so. */ -static int invalidate_psa( invalidate_method_t invalidate_method ) +static int invalidate_psa(invalidate_method_t invalidate_method) { - switch( invalidate_method ) - { + switch (invalidate_method) { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_DESTROYING: case INVALIDATE_BY_PURGING: - return( 1 ); + return 1; case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: /* All keys must have been closed. */ - PSA_SESSION_DONE( ); + PSA_SESSION_DONE(); break; case INVALIDATE_BY_SHUTDOWN: /* Some keys may remain behind, and we're testing that this * properly closes them. */ - mbedtls_psa_crypto_free( ); + mbedtls_psa_crypto_free(); break; } - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_PSA_PRISTINE( ); - return( 1 ); + PSA_ASSERT(psa_crypto_init()); + ASSERT_PSA_PRISTINE(); + return 1; exit: - return( 0 ); + return 0; } /* END_HEADER */ @@ -111,10 +106,10 @@ exit: */ /* BEGIN_CASE */ -void transient_slot_lifecycle( int owner_id_arg, - int usage_arg, int alg_arg, - int type_arg, data_t *key_data, - int invalidate_method_arg ) +void transient_slot_lifecycle(int owner_id_arg, + int usage_arg, int alg_arg, + int type_arg, data_t *key_data, + int invalidate_method_arg) { psa_algorithm_t alg = alg_arg; psa_key_usage_t usage_flags = usage_arg; @@ -123,40 +118,40 @@ void transient_slot_lifecycle( int owner_id_arg, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_crypto_init()); /* Import a key. */ #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_key_owner_id_t owner_id = owner_id_arg; - mbedtls_set_key_owner_id( &attributes, owner_id ); + mbedtls_set_key_owner_id(&attributes, owner_id); #else - (void)owner_id_arg; + (void) owner_id_arg; #endif - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_type( &attributes, type ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &key ) ); - TEST_ASSERT( ! mbedtls_svc_key_id_is_null( key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - psa_reset_key_attributes( &attributes ); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, type); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + TEST_ASSERT(!mbedtls_svc_key_id_is_null(key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + psa_reset_key_attributes(&attributes); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) { psa_key_handle_t handle; mbedtls_svc_key_id_t key_with_invalid_owner = - mbedtls_svc_key_id_make( owner_id + 1, - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) ); - - TEST_ASSERT( mbedtls_key_owner_id_equal( - owner_id, - MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( key ) ) ); - TEST_EQUAL( psa_open_key( key_with_invalid_owner, &handle ), - PSA_ERROR_DOES_NOT_EXIST ); + mbedtls_svc_key_id_make(owner_id + 1, + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key)); + + TEST_ASSERT(mbedtls_key_owner_id_equal( + owner_id, + MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key))); + TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle), + PSA_ERROR_DOES_NOT_EXIST); } #endif @@ -164,42 +159,44 @@ void transient_slot_lifecycle( int owner_id_arg, * Purge the key and make sure that it is still valid, as purging a * volatile key shouldn't invalidate/destroy it. */ - PSA_ASSERT( psa_purge_key( key ) ); - PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); - psa_reset_key_attributes( &attributes ); + PSA_ASSERT(psa_purge_key(key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), type); + psa_reset_key_attributes(&attributes); /* Do something that invalidates the key. */ - mbedtls_test_set_step( 2 ); - if( ! invalidate_key( invalidate_method, key ) ) + mbedtls_test_set_step(2); + if (!invalidate_key(invalidate_method, key)) { goto exit; - if( ! invalidate_psa( invalidate_method ) ) + } + if (!invalidate_psa(invalidate_method)) { goto exit; + } /* Test that the key is now invalid. */ - TEST_EQUAL( psa_get_key_attributes( key, &attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( key ), PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL(psa_get_key_attributes(key, &attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(key), PSA_ERROR_INVALID_HANDLE); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, - int usage_arg, int alg_arg, int alg2_arg, - int type_arg, data_t *key_data, - int invalidate_method_arg ) +void persistent_slot_lifecycle(int lifetime_arg, int owner_id_arg, int id_arg, + int usage_arg, int alg_arg, int alg2_arg, + int type_arg, data_t *key_data, + int invalidate_method_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; psa_key_usage_t usage_flags = usage_arg; @@ -214,125 +211,123 @@ void persistent_slot_lifecycle( int lifetime_arg, int owner_id_arg, int id_arg, #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) mbedtls_svc_key_id_t wrong_owner_id = - mbedtls_svc_key_id_make( owner_id_arg + 1, id_arg ); + mbedtls_svc_key_id_make(owner_id_arg + 1, id_arg); mbedtls_svc_key_id_t invalid_svc_key_id = MBEDTLS_SVC_KEY_ID_INIT; #endif - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - mbedtls_test_set_step( 1 ); - PSA_ASSERT( psa_crypto_init( ) ); + mbedtls_test_set_step(1); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type ); - psa_set_key_usage_flags( &attributes, usage_flags ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); - PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, - &returned_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type); + psa_set_key_usage_flags(&attributes, usage_flags); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &returned_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id)); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id), + PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2); + TEST_EQUAL(psa_get_key_type(&attributes), type); /* Close the key and then open it. */ - PSA_ASSERT( psa_close_key( id ) ); + PSA_ASSERT(psa_close_key(id)); #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( psa_open_key( wrong_owner_id, &invalid_svc_key_id ), - PSA_ERROR_DOES_NOT_EXIST ); + TEST_EQUAL(psa_open_key(wrong_owner_id, &invalid_svc_key_id), + PSA_ERROR_DOES_NOT_EXIST); #endif - PSA_ASSERT( psa_open_key( id, &handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( handle ) ); - PSA_ASSERT( psa_get_key_attributes( handle, &attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), alg ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), alg2 ); - TEST_EQUAL( psa_get_key_type( &attributes ), type ); + PSA_ASSERT(psa_open_key(id, &handle)); + TEST_ASSERT(!psa_key_handle_is_null(handle)); + PSA_ASSERT(psa_get_key_attributes(handle, &attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), alg2); + TEST_EQUAL(psa_get_key_type(&attributes), type); /* * Do something that wipes key data in volatile memory or destroy the * key. */ - mbedtls_test_set_step( 2 ); - if( ! invalidate_key( invalidate_method, id ) ) + mbedtls_test_set_step(2); + if (!invalidate_key(invalidate_method, id)) { goto exit; - if( ! invalidate_psa( invalidate_method ) ) + } + if (!invalidate_psa(invalidate_method)) { goto exit; + } /* Try to reaccess the key. If we destroyed it, check that it doesn't * exist. Otherwise check that it still exists and has the expected * content. */ - switch( invalidate_method ) - { + switch (invalidate_method) { case INVALIDATE_BY_CLOSING: case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN: case INVALIDATE_BY_PURGING: case INVALIDATE_BY_PURGING_WITH_SHUTDOWN: case INVALIDATE_BY_SHUTDOWN: - PSA_ASSERT( psa_open_key( id, &handle ) ); - PSA_ASSERT( psa_get_key_attributes( id, &read_attributes ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), - psa_get_key_lifetime( &read_attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), - psa_get_key_id( &read_attributes ) ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), - mbedtls_test_update_key_usage_flags( usage_flags ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), - psa_get_key_algorithm( &read_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( &attributes ), - psa_get_key_enrollment_algorithm( &read_attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), - psa_get_key_type( &read_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - psa_get_key_bits( &read_attributes ) ); - ASSERT_ALLOC( reexported, key_data->len ); - if( usage_flags & PSA_KEY_USAGE_EXPORT ) - { - PSA_ASSERT( psa_export_key( id, reexported, key_data->len, - &reexported_length ) ); - ASSERT_COMPARE( key_data->x, key_data->len, - reexported, reexported_length ); - } - else - { - TEST_EQUAL( psa_export_key( id, reexported, - key_data->len, &reexported_length ), - PSA_ERROR_NOT_PERMITTED ); + PSA_ASSERT(psa_open_key(id, &handle)); + PSA_ASSERT(psa_get_key_attributes(id, &read_attributes)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), + psa_get_key_lifetime(&read_attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), + psa_get_key_id(&read_attributes))); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), + mbedtls_test_update_key_usage_flags(usage_flags)); + TEST_EQUAL(psa_get_key_algorithm(&attributes), + psa_get_key_algorithm(&read_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), + psa_get_key_enrollment_algorithm(&read_attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), + psa_get_key_type(&read_attributes)); + TEST_EQUAL(psa_get_key_bits(&attributes), + psa_get_key_bits(&read_attributes)); + TEST_CALLOC(reexported, key_data->len); + if (usage_flags & PSA_KEY_USAGE_EXPORT) { + PSA_ASSERT(psa_export_key(id, reexported, key_data->len, + &reexported_length)); + TEST_MEMORY_COMPARE(key_data->x, key_data->len, + reexported, reexported_length); + } else { + TEST_EQUAL(psa_export_key(id, reexported, + key_data->len, &reexported_length), + PSA_ERROR_NOT_PERMITTED); } - PSA_ASSERT( psa_close_key( handle ) ); + PSA_ASSERT(psa_close_key(handle)); break; case INVALIDATE_BY_DESTROYING: case INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN: /* - * Test that the key handle and identifier are now not refering to an + * Test that the key handle and identifier are now not referring to an * existing key. */ - TEST_EQUAL( psa_get_key_attributes( handle, &read_attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_get_key_attributes( id, &read_attributes ), - PSA_ERROR_INVALID_HANDLE ); + TEST_EQUAL(psa_get_key_attributes(handle, &read_attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(handle), PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_get_key_attributes(id, &read_attributes), + PSA_ERROR_INVALID_HANDLE); break; } @@ -341,158 +336,159 @@ exit: * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); - psa_reset_key_attributes( &read_attributes ); + psa_reset_key_attributes(&attributes); + psa_reset_key_attributes(&read_attributes); - PSA_DONE( ); - mbedtls_free( reexported ); + PSA_DONE(); + mbedtls_free(reexported); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void create_existent( int lifetime_arg, int owner_id_arg, int id_arg, - int reopen_policy_arg ) +void create_existent(int lifetime_arg, int owner_id_arg, int id_arg, + int reopen_policy_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( owner_id_arg, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(owner_id_arg, id_arg); mbedtls_svc_key_id_t returned_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA; const uint8_t material1[5] = "a key"; const uint8_t material2[5] = "b key"; - size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) ); - uint8_t reexported[sizeof( material1 )]; + size_t bits1 = PSA_BYTES_TO_BITS(sizeof(material1)); + uint8_t reexported[sizeof(material1)]; size_t reexported_length; reopen_policy_t reopen_policy = reopen_policy_arg; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Create a key. */ - psa_set_key_id( &attributes, id ); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_type( &attributes, type1 ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, material1, sizeof( material1 ), - &returned_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( id, returned_id ) ); - - if( reopen_policy == CLOSE_BEFORE ) - PSA_ASSERT( psa_close_key( id ) ); + psa_set_key_id(&attributes, id); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_type(&attributes, type1); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + PSA_ASSERT(psa_import_key(&attributes, material1, sizeof(material1), + &returned_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(id, returned_id)); + + if (reopen_policy == CLOSE_BEFORE) { + PSA_ASSERT(psa_close_key(id)); + } /* Attempt to create a new key in the same slot. */ - TEST_EQUAL( psa_import_key( &attributes, material2, sizeof( material2 ), - &returned_id ), - PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); + TEST_EQUAL(psa_import_key(&attributes, material2, sizeof(material2), + &returned_id), + PSA_ERROR_ALREADY_EXISTS); + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id)); - if( reopen_policy == CLOSE_AFTER ) - PSA_ASSERT( psa_close_key( id ) ); + if (reopen_policy == CLOSE_AFTER) { + PSA_ASSERT(psa_close_key(id)); + } /* Check that the original key hasn't changed. */ - psa_reset_key_attributes( &attributes ); - PSA_ASSERT( psa_get_key_attributes( id, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes ), id ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes ), lifetime ); - TEST_EQUAL( psa_get_key_type( &attributes ), type1 ); - TEST_EQUAL( psa_get_key_bits( &attributes ), bits1 ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes ), PSA_KEY_USAGE_EXPORT ); - TEST_EQUAL( psa_get_key_algorithm( &attributes ), 0 ); - - PSA_ASSERT( psa_export_key( id, - reexported, sizeof( reexported ), - &reexported_length ) ); - ASSERT_COMPARE( material1, sizeof( material1 ), - reexported, reexported_length ); - - PSA_ASSERT( psa_close_key( id ) ); + psa_reset_key_attributes(&attributes); + PSA_ASSERT(psa_get_key_attributes(id, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes), id)); + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_EQUAL(psa_get_key_type(&attributes), type1); + TEST_EQUAL(psa_get_key_bits(&attributes), bits1); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), PSA_KEY_USAGE_EXPORT); + TEST_EQUAL(psa_get_key_algorithm(&attributes), 0); + + PSA_ASSERT(psa_export_key(id, + reexported, sizeof(reexported), + &reexported_length)); + TEST_MEMORY_COMPARE(material1, sizeof(material1), + reexported, reexported_length); + + PSA_ASSERT(psa_close_key(id)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void open_fail( int id_arg, - int expected_status_arg ) +void open_fail(int id_arg, + int expected_status_arg) { - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_status_t expected_status = expected_status_arg; - psa_key_handle_t handle = mbedtls_svc_key_id_make( 0xdead, 0xdead ); + psa_key_handle_t handle = mbedtls_svc_key_id_make(0xdead, 0xdead); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - TEST_EQUAL( psa_open_key( id, &handle ), expected_status ); - TEST_ASSERT( psa_key_handle_is_null( handle ) ); + TEST_EQUAL(psa_open_key(id, &handle), expected_status); + TEST_ASSERT(psa_key_handle_is_null(handle)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void create_fail( int lifetime_arg, int id_arg, - int expected_status_arg ) +void create_fail(int lifetime_arg, int id_arg, + int expected_status_arg) { psa_key_lifetime_t lifetime = lifetime_arg; - mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg ); + mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make(1, id_arg); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t returned_id = - mbedtls_svc_key_id_make( 0xdead, 0xdead ); - uint8_t material[1] = {'k'}; + mbedtls_svc_key_id_make(0xdead, 0xdead); + uint8_t material[1] = { 'k' }; - TEST_USES_KEY_ID( id ); + TEST_USES_KEY_ID(id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_lifetime( &attributes, lifetime ); - if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) - { + psa_set_key_lifetime(&attributes, lifetime); + if (PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)) { /* * Not possible to set a key identifier different from 0 through * PSA key attributes APIs thus accessing to the attributes * directly. */ attributes.core.id = id; + } else { + psa_set_key_id(&attributes, id); } - else - psa_set_key_id( &attributes, id ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_import_key( &attributes, material, sizeof( material ), - &returned_id ), - expected_status ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( returned_id ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + TEST_EQUAL(psa_import_key(&attributes, material, sizeof(material), + &returned_id), + expected_status); + TEST_ASSERT(mbedtls_svc_key_id_is_null(returned_id)); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, - int source_id_arg, int source_usage_arg, - int source_alg_arg, int source_alg2_arg, - int type_arg, data_t *material, - int target_lifetime_arg, int target_owner_id_arg, - int target_id_arg, int target_usage_arg, - int target_alg_arg, int target_alg2_arg, - int expected_usage_arg, - int expected_alg_arg, int expected_alg2_arg ) +void copy_across_lifetimes(int source_lifetime_arg, int source_owner_id_arg, + int source_id_arg, int source_usage_arg, + int source_alg_arg, int source_alg2_arg, + int type_arg, data_t *material, + int target_lifetime_arg, int target_owner_id_arg, + int target_id_arg, int target_usage_arg, + int target_alg_arg, int target_alg2_arg, + int expected_usage_arg, + int expected_alg_arg, int expected_alg2_arg) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; mbedtls_svc_key_id_t source_id = - mbedtls_svc_key_id_make( source_owner_id_arg, source_id_arg ); + mbedtls_svc_key_id_make(source_owner_id_arg, source_id_arg); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_attributes_t source_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -500,7 +496,7 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = - mbedtls_svc_key_id_make( target_owner_id_arg, target_id_arg ); + mbedtls_svc_key_id_make(target_owner_id_arg, target_id_arg); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_attributes_t target_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -511,127 +507,120 @@ void copy_across_lifetimes( int source_lifetime_arg, int source_owner_id_arg, psa_algorithm_t expected_alg2 = expected_alg2_arg; uint8_t *export_buffer = NULL; - TEST_USES_KEY_ID( source_id ); - TEST_USES_KEY_ID( target_id ); + TEST_USES_KEY_ID(source_id); + TEST_USES_KEY_ID(target_id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Populate the source slot. */ - psa_set_key_id( &source_attributes, source_id ); - psa_set_key_lifetime( &source_attributes, source_lifetime ); - - psa_set_key_type( &source_attributes, source_type ); - psa_set_key_usage_flags( &source_attributes, source_usage ); - psa_set_key_algorithm( &source_attributes, source_alg ); - psa_set_key_enrollment_algorithm( &source_attributes, source_alg2_arg ); - PSA_ASSERT( psa_import_key( &source_attributes, - material->x, material->len, - &returned_source_id ) ); + psa_set_key_id(&source_attributes, source_id); + psa_set_key_lifetime(&source_attributes, source_lifetime); + + psa_set_key_type(&source_attributes, source_type); + psa_set_key_usage_flags(&source_attributes, source_usage); + psa_set_key_algorithm(&source_attributes, source_alg); + psa_set_key_enrollment_algorithm(&source_attributes, source_alg2_arg); + PSA_ASSERT(psa_import_key(&source_attributes, + material->x, material->len, + &returned_source_id)); /* Update the attributes with the bit size. */ - PSA_ASSERT( psa_get_key_attributes( returned_source_id, - &source_attributes ) ); + PSA_ASSERT(psa_get_key_attributes(returned_source_id, + &source_attributes)); /* Prepare the target slot. */ - psa_set_key_id( &target_attributes, target_id ); - psa_set_key_lifetime( &target_attributes, target_lifetime ); + psa_set_key_id(&target_attributes, target_id); + psa_set_key_lifetime(&target_attributes, target_lifetime); - psa_set_key_usage_flags( &target_attributes, target_usage ); - psa_set_key_algorithm( &target_attributes, target_alg ); - psa_set_key_enrollment_algorithm( &target_attributes, target_alg2_arg ); + psa_set_key_usage_flags(&target_attributes, target_usage); + psa_set_key_algorithm(&target_attributes, target_alg); + psa_set_key_enrollment_algorithm(&target_attributes, target_alg2_arg); /* Copy the key. */ - PSA_ASSERT( psa_copy_key( returned_source_id, - &target_attributes, &returned_target_id ) ); + PSA_ASSERT(psa_copy_key(returned_source_id, + &target_attributes, &returned_target_id)); /* Destroy the source to ensure that this doesn't affect the target. */ - PSA_ASSERT( psa_destroy_key( returned_source_id ) ); + PSA_ASSERT(psa_destroy_key(returned_source_id)); /* If the target key is persistent, restart the system to make * sure that the material is still alive. */ - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) - { - mbedtls_psa_crypto_free( ); - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_open_key( target_id, &target_handle ) ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) { + mbedtls_psa_crypto_free(); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_open_key(target_id, &target_handle)); } /* Test that the target slot has the expected content. */ - psa_reset_key_attributes( &target_attributes ); - PSA_ASSERT( psa_get_key_attributes( returned_target_id, - &target_attributes ) ); - - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( target_lifetime ) ) - { - TEST_ASSERT( mbedtls_svc_key_id_equal( - target_id, psa_get_key_id( &target_attributes ) ) ); - } - else - { + psa_reset_key_attributes(&target_attributes); + PSA_ASSERT(psa_get_key_attributes(returned_target_id, + &target_attributes)); + + if (!PSA_KEY_LIFETIME_IS_VOLATILE(target_lifetime)) { + TEST_ASSERT(mbedtls_svc_key_id_equal( + target_id, psa_get_key_id(&target_attributes))); + } else { #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - TEST_EQUAL( MBEDTLS_SVC_KEY_ID_GET_OWNER_ID( returned_target_id ), - target_owner_id_arg ); + TEST_EQUAL(MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(returned_target_id), + target_owner_id_arg); #endif } - TEST_EQUAL( target_lifetime, psa_get_key_lifetime( &target_attributes ) ); - TEST_EQUAL( source_type, psa_get_key_type( &target_attributes ) ); - TEST_EQUAL( psa_get_key_bits( &source_attributes ), - psa_get_key_bits( &target_attributes ) ); - TEST_EQUAL( expected_usage, psa_get_key_usage_flags( &target_attributes ) ); - TEST_EQUAL( expected_alg, psa_get_key_algorithm( &target_attributes ) ); - TEST_EQUAL( expected_alg2, - psa_get_key_enrollment_algorithm( &target_attributes ) ); - if( expected_usage & PSA_KEY_USAGE_EXPORT ) - { + TEST_EQUAL(target_lifetime, psa_get_key_lifetime(&target_attributes)); + TEST_EQUAL(source_type, psa_get_key_type(&target_attributes)); + TEST_EQUAL(psa_get_key_bits(&source_attributes), + psa_get_key_bits(&target_attributes)); + TEST_EQUAL(expected_usage, psa_get_key_usage_flags(&target_attributes)); + TEST_EQUAL(expected_alg, psa_get_key_algorithm(&target_attributes)); + TEST_EQUAL(expected_alg2, + psa_get_key_enrollment_algorithm(&target_attributes)); + if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, material->len ); - PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, - material->len, &length ) ); - ASSERT_COMPARE( material->x, material->len, - export_buffer, length ); - } - else - { + TEST_CALLOC(export_buffer, material->len); + PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, + material->len, &length)); + TEST_MEMORY_COMPARE(material->x, material->len, + export_buffer, length); + } else { size_t length; /* Check that the key is actually non-exportable. */ - TEST_EQUAL( psa_export_key( returned_target_id, export_buffer, - material->len, &length ), - PSA_ERROR_NOT_PERMITTED ); + TEST_EQUAL(psa_export_key(returned_target_id, export_buffer, + material->len, &length), + PSA_ERROR_NOT_PERMITTED); } - PSA_ASSERT( psa_destroy_key( returned_target_id ) ); + PSA_ASSERT(psa_destroy_key(returned_target_id)); exit: /* * Source and target key attributes may have been returned by * psa_get_key_attributes() thus reset them as required. */ - psa_reset_key_attributes( &source_attributes ); - psa_reset_key_attributes( &target_attributes ); + psa_reset_key_attributes(&source_attributes); + psa_reset_key_attributes(&target_attributes); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void copy_to_occupied( int source_lifetime_arg, int source_id_arg, - int source_usage_arg, int source_alg_arg, - int source_type_arg, data_t *source_material, - int target_lifetime_arg, int target_id_arg, - int target_usage_arg, int target_alg_arg, - int target_type_arg, data_t *target_material ) +void copy_to_occupied(int source_lifetime_arg, int source_id_arg, + int source_usage_arg, int source_alg_arg, + int source_type_arg, data_t *source_material, + int target_lifetime_arg, int target_id_arg, + int target_usage_arg, int target_alg_arg, + int target_type_arg, data_t *target_material) { psa_key_lifetime_t source_lifetime = source_lifetime_arg; mbedtls_svc_key_id_t source_id = - mbedtls_svc_key_id_make( 1, source_id_arg ); + mbedtls_svc_key_id_make(1, source_id_arg); psa_key_usage_t source_usage = source_usage_arg; psa_algorithm_t source_alg = source_alg_arg; psa_key_type_t source_type = source_type_arg; mbedtls_svc_key_id_t returned_source_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_lifetime_t target_lifetime = target_lifetime_arg; mbedtls_svc_key_id_t target_id = - mbedtls_svc_key_id_make( 1, target_id_arg ); + mbedtls_svc_key_id_make(1, target_id_arg); psa_key_usage_t target_usage = target_usage_arg; psa_algorithm_t target_alg = target_alg_arg; psa_key_type_t target_type = target_type_arg; @@ -642,96 +631,92 @@ void copy_to_occupied( int source_lifetime_arg, int source_id_arg, psa_key_attributes_t attributes1 = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes2 = PSA_KEY_ATTRIBUTES_INIT; - TEST_USES_KEY_ID( source_id ); - TEST_USES_KEY_ID( target_id ); + TEST_USES_KEY_ID(source_id); + TEST_USES_KEY_ID(target_id); - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Populate the source slot. */ - if( ! PSA_KEY_LIFETIME_IS_VOLATILE( source_lifetime ) ) - { - psa_set_key_id( &attributes, source_id ); - psa_set_key_lifetime( &attributes, source_lifetime ); + if (!PSA_KEY_LIFETIME_IS_VOLATILE(source_lifetime)) { + psa_set_key_id(&attributes, source_id); + psa_set_key_lifetime(&attributes, source_lifetime); } - psa_set_key_type( &attributes, source_type ); - psa_set_key_usage_flags( &attributes, source_usage ); - psa_set_key_algorithm( &attributes, source_alg ); - PSA_ASSERT( psa_import_key( &attributes, - source_material->x, source_material->len, - &returned_source_id ) ); + psa_set_key_type(&attributes, source_type); + psa_set_key_usage_flags(&attributes, source_usage); + psa_set_key_algorithm(&attributes, source_alg); + PSA_ASSERT(psa_import_key(&attributes, + source_material->x, source_material->len, + &returned_source_id)); /* Populate the target slot. */ - if( mbedtls_svc_key_id_equal( target_id, source_id ) ) - { + if (mbedtls_svc_key_id_equal(target_id, source_id)) { returned_target_id = returned_source_id; - } - else - { - psa_set_key_id( &attributes1, target_id ); - psa_set_key_lifetime( &attributes1, target_lifetime ); - psa_set_key_type( &attributes1, target_type ); - psa_set_key_usage_flags( &attributes1, target_usage ); - psa_set_key_algorithm( &attributes1, target_alg ); - PSA_ASSERT( psa_import_key( &attributes1, - target_material->x, target_material->len, - &returned_target_id ) ); + } else { + psa_set_key_id(&attributes1, target_id); + psa_set_key_lifetime(&attributes1, target_lifetime); + psa_set_key_type(&attributes1, target_type); + psa_set_key_usage_flags(&attributes1, target_usage); + psa_set_key_algorithm(&attributes1, target_alg); + PSA_ASSERT(psa_import_key(&attributes1, + target_material->x, target_material->len, + &returned_target_id)); } - PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes1 ) ); + PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes1)); /* Make a copy attempt. */ - psa_set_key_id( &attributes, target_id ); - psa_set_key_lifetime( &attributes, target_lifetime ); - TEST_EQUAL( psa_copy_key( returned_source_id, - &attributes, &new_key ), - PSA_ERROR_ALREADY_EXISTS ); - TEST_ASSERT( mbedtls_svc_key_id_is_null( new_key ) ); + psa_set_key_id(&attributes, target_id); + psa_set_key_lifetime(&attributes, target_lifetime); + TEST_EQUAL(psa_copy_key(returned_source_id, + &attributes, &new_key), + PSA_ERROR_ALREADY_EXISTS); + TEST_ASSERT(mbedtls_svc_key_id_is_null(new_key)); /* Test that the target slot is unaffected. */ - PSA_ASSERT( psa_get_key_attributes( returned_target_id, &attributes2 ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( - psa_get_key_id( &attributes1 ), - psa_get_key_id( &attributes2 ) ) ); - TEST_EQUAL( psa_get_key_lifetime( &attributes1 ), - psa_get_key_lifetime( &attributes2 ) ); - TEST_EQUAL( psa_get_key_type( &attributes1 ), - psa_get_key_type( &attributes2 ) ); - TEST_EQUAL( psa_get_key_bits( &attributes1 ), - psa_get_key_bits( &attributes2 ) ); - TEST_EQUAL( psa_get_key_usage_flags( &attributes1 ), - psa_get_key_usage_flags( &attributes2 ) ); - TEST_EQUAL( psa_get_key_algorithm( &attributes1 ), - psa_get_key_algorithm( &attributes2 ) ); - if( target_usage & PSA_KEY_USAGE_EXPORT ) - { + PSA_ASSERT(psa_get_key_attributes(returned_target_id, &attributes2)); + TEST_ASSERT(mbedtls_svc_key_id_equal( + psa_get_key_id(&attributes1), + psa_get_key_id(&attributes2))); + TEST_EQUAL(psa_get_key_lifetime(&attributes1), + psa_get_key_lifetime(&attributes2)); + TEST_EQUAL(psa_get_key_type(&attributes1), + psa_get_key_type(&attributes2)); + TEST_EQUAL(psa_get_key_bits(&attributes1), + psa_get_key_bits(&attributes2)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes1), + psa_get_key_usage_flags(&attributes2)); + TEST_EQUAL(psa_get_key_algorithm(&attributes1), + psa_get_key_algorithm(&attributes2)); + if (target_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC( export_buffer, target_material->len ); - PSA_ASSERT( psa_export_key( returned_target_id, export_buffer, - target_material->len, &length ) ); - ASSERT_COMPARE( target_material->x, target_material->len, - export_buffer, length ); + TEST_CALLOC(export_buffer, target_material->len); + PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, + target_material->len, &length)); + TEST_MEMORY_COMPARE(target_material->x, target_material->len, + export_buffer, length); } - PSA_ASSERT( psa_destroy_key( returned_source_id ) ); - if( ! mbedtls_svc_key_id_equal( target_id, source_id ) ) - PSA_ASSERT( psa_destroy_key( returned_target_id ) ); + PSA_ASSERT(psa_destroy_key(returned_source_id)); + if (!mbedtls_svc_key_id_equal(target_id, source_id)) { + PSA_ASSERT(psa_destroy_key(returned_target_id)); + } exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes1 ); - psa_reset_key_attributes( &attributes2 ); + psa_reset_key_attributes(&attributes1); + psa_reset_key_attributes(&attributes2); - PSA_DONE( ); - mbedtls_free( export_buffer ); + PSA_DONE(); + mbedtls_free(export_buffer); } /* END_CASE */ /* BEGIN_CASE */ -void invalid_handle( int handle_construction, - int close_status_arg ) +void invalid_handle(int handle_construction, + int close_status_arg) { psa_key_handle_t valid_handle = PSA_KEY_HANDLE_INIT; psa_key_handle_t invalid_handle = PSA_KEY_HANDLE_INIT; @@ -740,20 +725,19 @@ void invalid_handle( int handle_construction, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t material[1] = "a"; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); /* Allocate a handle and store a key in it. */ - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); - psa_set_key_usage_flags( &attributes, 0 ); - psa_set_key_algorithm( &attributes, 0 ); - PSA_ASSERT( psa_import_key( &attributes, - material, sizeof( material ), - &valid_handle ) ); - TEST_ASSERT( ! psa_key_handle_is_null( valid_handle ) ); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); + psa_set_key_usage_flags(&attributes, 0); + psa_set_key_algorithm(&attributes, 0); + PSA_ASSERT(psa_import_key(&attributes, + material, sizeof(material), + &valid_handle)); + TEST_ASSERT(!psa_key_handle_is_null(valid_handle)); /* Construct an invalid handle as specified in the test case data. */ - switch( handle_construction ) - { + switch (handle_construction) { case INVALID_HANDLE_0: invalid_handle = PSA_KEY_HANDLE_INIT; break; @@ -770,129 +754,129 @@ void invalid_handle( int handle_construction, * unopened and thus invalid identifier. */ - if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) == - PSA_KEY_ID_VOLATILE_MIN ) + if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) == + PSA_KEY_ID_VOLATILE_MIN) { key_id = PSA_KEY_ID_VOLATILE_MIN + 1; - else - key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) - 1; + } else { + key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) - 1; + } invalid_handle = - mbedtls_svc_key_id_make( 0, key_id ); + mbedtls_svc_key_id_make(0, key_id); break; case INVALID_HANDLE_CLOSED: - PSA_ASSERT( psa_import_key( &attributes, - material, sizeof( material ), - &invalid_handle ) ); - PSA_ASSERT( psa_destroy_key( invalid_handle ) ); + PSA_ASSERT(psa_import_key(&attributes, + material, sizeof(material), + &invalid_handle)); + PSA_ASSERT(psa_destroy_key(invalid_handle)); break; case INVALID_HANDLE_HUGE: invalid_handle = - mbedtls_svc_key_id_make( 0, PSA_KEY_ID_VENDOR_MAX + 1 ); + mbedtls_svc_key_id_make(0, PSA_KEY_ID_VENDOR_MAX + 1); break; default: - TEST_ASSERT( ! "unknown handle construction" ); + TEST_FAIL("unknown handle construction"); } /* Attempt to use the invalid handle. */ - TEST_EQUAL( psa_get_key_attributes( invalid_handle, &attributes ), - PSA_ERROR_INVALID_HANDLE ); - TEST_EQUAL( psa_close_key( invalid_handle ), close_status ); - TEST_EQUAL( psa_destroy_key( invalid_handle ), close_status ); + TEST_EQUAL(psa_get_key_attributes(invalid_handle, &attributes), + PSA_ERROR_INVALID_HANDLE); + TEST_EQUAL(psa_close_key(invalid_handle), close_status); + TEST_EQUAL(psa_destroy_key(invalid_handle), close_status); /* After all this, check that the original handle is intact. */ - PSA_ASSERT( psa_get_key_attributes( valid_handle, &attributes ) ); - TEST_EQUAL( psa_get_key_type( &attributes ), PSA_KEY_TYPE_RAW_DATA ); - TEST_EQUAL( psa_get_key_bits( &attributes ), - PSA_BYTES_TO_BITS( sizeof( material ) ) ); - PSA_ASSERT( psa_close_key( valid_handle ) ); + PSA_ASSERT(psa_get_key_attributes(valid_handle, &attributes)); + TEST_EQUAL(psa_get_key_type(&attributes), PSA_KEY_TYPE_RAW_DATA); + TEST_EQUAL(psa_get_key_bits(&attributes), + PSA_BYTES_TO_BITS(sizeof(material))); + PSA_ASSERT(psa_close_key(valid_handle)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void many_transient_keys( int max_keys_arg ) +void many_transient_keys(int max_keys_arg) { mbedtls_svc_key_id_t *keys = NULL; size_t max_keys = max_keys_arg; size_t i, j; psa_status_t status; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; - ASSERT_ALLOC( keys, max_keys ); - PSA_ASSERT( psa_crypto_init( ) ); + TEST_CALLOC(keys, max_keys); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); - for( i = 0; i < max_keys; i++ ) - { - status = psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &keys[i] ); - if( status == PSA_ERROR_INSUFFICIENT_MEMORY ) + for (i = 0; i < max_keys; i++) { + status = psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &keys[i]); + if (status == PSA_ERROR_INSUFFICIENT_MEMORY) { break; - PSA_ASSERT( status ); - TEST_ASSERT( ! mbedtls_svc_key_id_is_null( keys[i] ) ); - for( j = 0; j < i; j++ ) - TEST_ASSERT( ! mbedtls_svc_key_id_equal( keys[i], keys[j] ) ); + } + PSA_ASSERT(status); + TEST_ASSERT(!mbedtls_svc_key_id_is_null(keys[i])); + for (j = 0; j < i; j++) { + TEST_ASSERT(!mbedtls_svc_key_id_equal(keys[i], keys[j])); + } } max_keys = i; - for( i = 1; i < max_keys; i++ ) - { - PSA_ASSERT( psa_close_key( keys[i - 1] ) ); - PSA_ASSERT( psa_export_key( keys[i], - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); + for (i = 1; i < max_keys; i++) { + PSA_ASSERT(psa_close_key(keys[i - 1])); + PSA_ASSERT(psa_export_key(keys[i], + exported, sizeof(exported), + &exported_length)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); } - PSA_ASSERT( psa_close_key( keys[i - 1] ) ); + PSA_ASSERT(psa_close_key(keys[i - 1])); exit: - PSA_DONE( ); - mbedtls_free( keys ); + PSA_DONE(); + mbedtls_free(keys); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void key_slot_eviction_to_import_new_key( int lifetime_arg ) +void key_slot_eviction_to_import_new_key(int lifetime_arg) { - psa_key_lifetime_t lifetime = (psa_key_lifetime_t)lifetime_arg; + psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg; size_t i; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; mbedtls_svc_key_id_t key, returned_key_id; - PSA_ASSERT( psa_crypto_init( ) ); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); /* * Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys. */ - for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - key = mbedtls_svc_key_id_make( i, i + 1 ); - psa_set_key_id( &attributes, key ); - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &returned_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); + for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + key = mbedtls_svc_key_id_make(i, i + 1); + psa_set_key_id(&attributes, key); + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &returned_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key)); } /* @@ -902,18 +886,19 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) * description in RAM. */ i = MBEDTLS_PSA_KEY_SLOT_COUNT; - key = mbedtls_svc_key_id_make( i, i + 1 ); - psa_set_key_id( &attributes, key ); - psa_set_key_lifetime( &attributes, lifetime ); - - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &returned_key_id ) ); - if( lifetime != PSA_KEY_LIFETIME_VOLATILE ) - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, key ) ); - else - TEST_ASSERT( psa_key_id_is_volatile( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) ); + key = mbedtls_svc_key_id_make(i, i + 1); + psa_set_key_id(&attributes, key); + psa_set_key_lifetime(&attributes, lifetime); + + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &returned_key_id)); + if (lifetime != PSA_KEY_LIFETIME_VOLATILE) { + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, key)); + } else { + TEST_ASSERT(psa_key_id_is_volatile( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID(returned_key_id))); + } /* * Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys, @@ -922,120 +907,118 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg ) * slots when creating the last key is restored in a RAM slot to export * its value. */ - for( i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - if( i < MBEDTLS_PSA_KEY_SLOT_COUNT ) - key = mbedtls_svc_key_id_make( i, i + 1 ); - else + for (i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + if (i < MBEDTLS_PSA_KEY_SLOT_COUNT) { + key = mbedtls_svc_key_id_make(i, i + 1); + } else { key = returned_key_id; - - PSA_ASSERT( psa_export_key( key, - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( key ) ); + } + + PSA_ASSERT(psa_export_key(key, + exported, sizeof(exported), + &exported_length)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(key)); } exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */ -void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) +void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() { psa_status_t status; size_t i; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t exported[sizeof( size_t )]; + uint8_t exported[sizeof(size_t)]; size_t exported_length; mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t *keys = NULL; - TEST_ASSERT( MBEDTLS_PSA_KEY_SLOT_COUNT >= 1 ); + TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1); - ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT ); - PSA_ASSERT( psa_crypto_init( ) ); + TEST_CALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT); + PSA_ASSERT(psa_crypto_init()); - psa_set_key_usage_flags( &attributes, - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY ); - psa_set_key_algorithm( &attributes, 0 ); - psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA ); + psa_set_key_usage_flags(&attributes, + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY); + psa_set_key_algorithm(&attributes, 0); + psa_set_key_type(&attributes, PSA_KEY_TYPE_RAW_DATA); /* * Create a persistent key */ - persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 ); - psa_set_key_id( &attributes, persistent_key ); - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &persistent_key, - sizeof( persistent_key ), - &returned_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) ); + persistent_key = mbedtls_svc_key_id_make(0x100, 0x205); + psa_set_key_id(&attributes, persistent_key); + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &persistent_key, + sizeof(persistent_key), + &returned_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, persistent_key)); /* * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys */ - psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE ); - for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ ) - { - PSA_ASSERT( psa_import_key( &attributes, - (uint8_t *) &i, sizeof( i ), - &keys[i]) ); + psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE); + for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + PSA_ASSERT(psa_import_key(&attributes, + (uint8_t *) &i, sizeof(i), + &keys[i])); } - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); /* * Check that we cannot access the persistent key as all slots are * occupied by volatile keys and the implementation needs to load the * persistent key description in a slot to be able to access it. */ - status = psa_get_key_attributes( persistent_key, &attributes ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + status = psa_get_key_attributes(persistent_key, &attributes); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY); /* * Check we can export the volatile key created last and that it has the * expected value. Then, destroy it. */ - PSA_ASSERT( psa_export_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1], - exported, sizeof( exported ), - &exported_length ) ); + PSA_ASSERT(psa_export_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1], + exported, sizeof(exported), + &exported_length)); i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1; - ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1] ) ); + TEST_MEMORY_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1])); /* * Check that we can now access the persistent key again. */ - PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id, - persistent_key ) ); + PSA_ASSERT(psa_get_key_attributes(persistent_key, &attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(attributes.core.id, + persistent_key)); /* * Check that we cannot copy the persistent key as all slots are occupied * by the persistent key and the volatile keys and the slot containing the * persistent key cannot be reclaimed as it contains the key to copy. */ - persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 ); - psa_set_key_id( &attributes, persistent_key2 ); - status = psa_copy_key( persistent_key, &attributes, &returned_key_id ); - TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY ); + persistent_key2 = mbedtls_svc_key_id_make(0x100, 0x204); + psa_set_key_id(&attributes, persistent_key2); + status = psa_copy_key(persistent_key, &attributes, &returned_key_id); + TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY); /* * Check we can export the remaining volatile keys and that they have the * expected values. */ - for( i = 0; i < ( MBEDTLS_PSA_KEY_SLOT_COUNT - 1 ); i++ ) - { - PSA_ASSERT( psa_export_key( keys[i], - exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &i, sizeof( i ) ); - PSA_ASSERT( psa_destroy_key( keys[i] ) ); + for (i = 0; i < (MBEDTLS_PSA_KEY_SLOT_COUNT - 1); i++) { + PSA_ASSERT(psa_export_key(keys[i], + exported, sizeof(exported), + &exported_length)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); + PSA_ASSERT(psa_destroy_key(keys[i])); } /* @@ -1043,19 +1026,19 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( ) * value. */ - PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ), - &exported_length ) ); - ASSERT_COMPARE( exported, exported_length, - (uint8_t *) &persistent_key, sizeof( persistent_key ) ); + PSA_ASSERT(psa_export_key(persistent_key, exported, sizeof(exported), + &exported_length)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &persistent_key, sizeof(persistent_key)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() * thus reset them as required. */ - psa_reset_key_attributes( &attributes ); + psa_reset_key_attributes(&attributes); - psa_destroy_key( persistent_key ); - PSA_DONE( ); - mbedtls_free( keys ); + psa_destroy_key(persistent_key); + PSA_DONE(); + mbedtls_free(keys); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.current.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.current.data index 737b4a77c13..c12900d418d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.current.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.current.data @@ -1,1998 +1,8570 @@ # Automatically generated by generate_psa_tests.py. Do not edit! -PSA storage save: lifetime: (DEFAULT, LOCAL_STORAGE) +save lifetime: (DEFAULT,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" -PSA storage save: lifetime: (2, LOCAL_STORAGE) +save lifetime: (2,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c" -PSA storage save: lifetime: (254, LOCAL_STORAGE) +save lifetime: (254,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c" -PSA storage save: lifetime: PERSISTENT +save lifetime: PERSISTENT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c" -PSA storage save: usage: 0 +save usage without implication: 0 depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b" -PSA storage save: usage: COPY +save usage without implication: COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b" -PSA storage save: usage: DECRYPT +save usage without implication: DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b" -PSA storage save: usage: DERIVE +save usage without implication: DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b" -PSA storage save: usage: ENCRYPT +save usage without implication: ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b" -PSA storage save: usage: EXPORT +save usage without implication: EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b" -PSA storage save: usage: SIGN_HASH +save usage without implication: SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" -PSA storage save: usage: SIGN_MESSAGE +save usage without implication: SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b" -PSA storage save: usage: VERIFY_HASH +save usage without implication: VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" -PSA storage save: usage: VERIFY_MESSAGE +save usage without implication: VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b" -PSA storage save: usage: COPY | DECRYPT +save usage without implication: COPY|DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b" -PSA storage save: usage: DECRYPT | DERIVE +save usage without implication: DECRYPT|DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b" -PSA storage save: usage: DERIVE | ENCRYPT +save usage without implication: DERIVE|ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b" -PSA storage save: usage: ENCRYPT | EXPORT +save usage without implication: ENCRYPT|EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b" -PSA storage save: usage: EXPORT | SIGN_HASH +save usage without implication: EXPORT|SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b" -PSA storage save: usage: SIGN_HASH | SIGN_MESSAGE +save usage without implication: SIGN_HASH|SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b" -PSA storage save: usage: SIGN_MESSAGE | VERIFY_HASH +save usage without implication: SIGN_MESSAGE|VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b" -PSA storage save: usage: VERIFY_HASH | VERIFY_MESSAGE +save usage without implication: VERIFY_HASH|VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b" -PSA storage save: usage: VERIFY_MESSAGE | COPY +save usage without implication: VERIFY_MESSAGE|COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b" -PSA storage save: usage: all known +save usage without implication: all known depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b" -PSA storage save: type: AES 128-bit +save type: AES 128-bit depends_on:PSA_WANT_KEY_TYPE_AES key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461" -PSA storage save: type: AES 192-bit +save type: AES 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014405000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014e05000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c003000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000404004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000414004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000011c004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000002c003000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000010c004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000444004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000025005000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000012c004000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c403000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001cd03000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001ce03000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001d003000000001000000048657265006973206b6579a064617461" + +save type: AES 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000ff4004000000001000000048657265006973206b6579a064617461" + +save type: AES 192-bit depends_on:PSA_WANT_KEY_TYPE_AES key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" -PSA storage save: type: AES 256-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: AES 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000002c003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000012c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: AES 256-bit +depends_on:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000002c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000012c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: AES 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARC4 8-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048" + +save type: ARC4 8-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48":"505341004b4559000000000001000000022008000103000000018004000000000100000048" + +save type: ARC4 128-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: ARC4 128-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000103000000018004000000001000000048657265006973206b6579a064617461" + +save type: ARC4 2048-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARC4 2048-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080103000000018004000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014405000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014e05000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c003000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000404004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000414004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000011c004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000010c004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000444004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000025005000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c403000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001cd03000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001ce03000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001d003000000001000000048657265006973206b6579a064617461" + +save type: ARIA 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000ff4004000000001000000048657265006973206b6579a064617461" + +save type: ARIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: ARIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: ARIA 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014405000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014e05000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c003000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000404004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000414004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000011c004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000010c004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000444004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000025005000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c403000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001cd03000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001ce03000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001d003000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000ff4004000000001000000048657265006973206b6579a064617461" + +save type: CAMELLIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320" + +save type: CAMELLIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CAMELLIA 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CHACHA20 256-bit +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CHACHA20 256-bit, CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000051005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: CHACHA20 256-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000018004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: DERIVE 120-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174" + +save type: DERIVE 128-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: DES 64-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901" + +save type: DES 64-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004040040000000008000000644573206b457901" + +save type: DES 64-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004140040000000008000000644573206b457901" + +save type: DES 64-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004440040000000008000000644573206b457901" + +save type: DES 128-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902" + +save type: DES 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004040040000000010000000644573206b457901644573206b457902" + +save type: DES 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004140040000000010000000644573206b457901644573206b457902" + +save type: DES 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004440040000000010000000644573206b457901644573206b457902" + +save type: DES 192-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904" + +save type: DES 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004040040000000018000000644573206b457901644573206b457902644573206b457904" + +save type: DES 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004140040000000018000000644573206b457901644573206b457902644573206b457904" + +save type: DES 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004440040000000018000000644573206b457901644573206b457902644573206b457904" + +save type: ECC_PAIR(BP_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000000000209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000000060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" + +save type: ECC_PAIR(BP_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000107000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000207000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000307000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000407000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000507000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000807000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000907000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000000020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000106000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000206000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000306000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000406000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000506000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000806000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000906000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000006000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000901020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a01020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000902020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a02020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000903020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a03020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" + +save type: ECC_PAIR(BP_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000000000209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000000060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" + +save type: ECC_PAIR(BP_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000107000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000207000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000307000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000407000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000507000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000807000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000907000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000000020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000106000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000206000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000306000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000406000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000506000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000806000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000906000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000006000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000901020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a01020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000902020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a02020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000903020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a03020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" + +save type: ECC_PAIR(BP_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000000000209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000000060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" + +save type: ECC_PAIR(BP_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000107000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000207000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000307000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000407000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000507000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000807000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000907000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000000020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000106000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000206000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000306000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000406000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000506000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000806000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000906000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000006000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000901020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a01020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000902020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a02020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000903020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a03020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" + +save type: ECC_PAIR(BP_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000000002090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000000600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" + +save type: ECC_PAIR(MGM) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000000000209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" + +save type: ECC_PAIR(MGM) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000000002090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" + +save type: ECC_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000000002090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000000600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" + +save type: ECC_PAIR(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000000000209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000000060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" + +save type: ECC_PAIR(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000107000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000207000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000307000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000407000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000507000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000807000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000907000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000000020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000106000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000206000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000306000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000406000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000506000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000806000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000906000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000006000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000901020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a01020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000902020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a02020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000903020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a03020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" + +save type: ECC_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000000000209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000000060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" + +save type: ECC_PAIR(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000000000209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000000060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" + +save type: ECC_PAIR(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000107000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000207000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000307000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000407000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000507000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000807000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000907000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000000020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000106000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000206000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000306000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000406000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000506000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000806000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000906000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000006000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000901020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a01020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000902020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a02020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000903020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a03020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" + +save type: ECC_PAIR(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000000000209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000000060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" + +save type: ECC_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000000000209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000000060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" + +save type: ECC_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000000000209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000000060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" + +save type: ECC_PAIR(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000000000209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000000060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" + +save type: ECC_PAIR(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000000000209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000000060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" + +save type: ECC_PAIR(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000000002090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000000600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" + +save type: ECC_PAIR(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000107000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000207000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000307000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000407000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000507000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000807000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000907000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000000020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000106000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000206000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000306000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000406000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000506000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000806000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000906000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000006000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000901020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a01020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000902020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a02020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000903020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a03020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" + +save type: ECC_PAIR(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000000002090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000000600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" + +save type: ECC_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000000002090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000000600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" + +save type: ECC_PAIR(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000000000209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000000060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" + +save type: ECC_PAIR(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000000002090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000000600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" + +save type: ECC_PAIR(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000000000209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000000060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" + +save type: ECC_PAIR(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000000002090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000000600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" + +save type: ECC_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000107000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000207000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000307000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000407000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000507000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000807000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000000020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000106000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000206000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000306000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000406000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000506000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000806000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000006000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000901020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a01020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000902020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a02020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000903020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a03020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" + +save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +save type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000008000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" + +save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000b09000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00001509000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +save type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000008000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" + +save type: ECC_PUB(BP_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000000060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" + +save type: ECC_PUB(BP_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000000600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" + +save type: ECC_PUB(BP_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000000600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" + +save type: ECC_PUB(BP_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000000060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" + +save type: ECC_PUB(BP_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 320-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000000600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" + +save type: ECC_PUB(BP_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000000060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" + +save type: ECC_PUB(BP_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000107000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000207000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000307000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000407000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000507000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000807000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000907000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000106000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000206000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000306000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000406000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000506000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000806000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000906000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(BP_R1) 512-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000006000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" + +save type: ECC_PUB(MGM) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +save type: ECC_PUB(MGM) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" + +save type: ECC_PUB(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000107000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000207000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000307000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000407000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000507000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000807000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000106000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000206000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000306000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000406000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000506000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000806000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000006000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" + +save type: ECC_PUB(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000000600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" + +save type: ECC_PUB(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_K1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000000600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" + +save type: ECC_PUB(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 225-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000000600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" + +save type: ECC_PUB(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000000600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" + +save type: ECC_PUB(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000000060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" + +save type: ECC_PUB(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R1) 521-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000000060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" + +save type: ECC_PUB(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECP_R2) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000000600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" + +save type: ECC_PUB(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000000060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" + +save type: ECC_PUB(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000000060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" + +save type: ECC_PUB(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 239-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000000060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" + +save type: ECC_PUB(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000107000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000207000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000307000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000407000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000507000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000807000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000907000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000106000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000206000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000306000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000406000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000506000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000806000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000906000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000006000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" + +save type: ECC_PUB(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000000060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" + +save type: ECC_PUB(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_K1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000000060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" + +save type: ECC_PUB(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000000060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" + +save type: ECC_PUB(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000000060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" + +save type: ECC_PUB(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000000060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" + +save type: ECC_PUB(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000107000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000207000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000307000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000407000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000507000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000807000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000907000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000106000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000206000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000306000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000406000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000506000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000806000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000906000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000006000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" + +save type: ECC_PUB(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000000600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" + +save type: ECC_PUB(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(SECT_R2) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000000060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" + +save type: ECC_PUB(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012800000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +save type: ECC_PUB(TWISTED_EDWARDS) 255-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000000800060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" + +save type: ECC_PUB(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000b09000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800001509000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +save type: ECC_PUB(TWISTED_EDWARDS) 448-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000008000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" + +save type: HMAC 128-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000001008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000002008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000003008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000004008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000005008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000008008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000009008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000a008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 128-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000b008003000000001000000048657265006973206b6579a064617461" + +save type: HMAC 160-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000001008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000002008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000003008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000004008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000005008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000008008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000009008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000a008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 160-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000b008003000000001400000048657265006973206b6579a06461746148657265" + +save type: HMAC 224-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000001008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000002008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000003008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000004008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000005008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000008008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000009008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000a008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 224-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000b008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" + +save type: HMAC 256-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000001008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000002008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000003008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000004008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000005008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000008008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000009008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000a008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 256-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000b008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000001008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000002008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000003008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000004008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000005008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000008008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000009008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000a008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 384-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000b008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000001008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000002008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000003008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000004008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000005008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000008008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000009008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000a008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: HMAC 512-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000b008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" + +save type: RAW_DATA 8-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048" + +save type: RAW_DATA 40-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500" + +save type: RAW_DATA 128-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461" + +save type: RSA_PAIR 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000103000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000203000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000303000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000403000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000503000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000803000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000903000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000a03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000b03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000002000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000102000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000202000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000302000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000402000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000502000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000802000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000002000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000103000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000203000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000303000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000403000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000503000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000803000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000113000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000213000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000313000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000413000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000513000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000813000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000913000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" + +save type: RSA_PAIR 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000001030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000002030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000003030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000004030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000005030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000008030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000009030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000a030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000b030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000000020007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" + +save type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000000020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARC4 8-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048" +save type: RSA_PAIR 1536-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARC4 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARC4 2048-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" +save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ARIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_save:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" +save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" +save type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" +save type: RSA_PUB 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" +save type: RSA_PUB 1024-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000001030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" +save type: RSA_PUB 1024-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000002030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" +save type: RSA_PUB 1024-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000003030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" +save type: RSA_PUB 1024-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000004030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" +save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000005030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" +save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000008030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" +save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000009030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" +save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000a030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" +save type: RSA_PUB 1024-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000b030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000000020007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" +save type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000000020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" +save type: RSA_PUB 1024-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" +save type: RSA_PUB 1024-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" +save type: RSA_PUB 1024-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" +save type: RSA_PUB 1024-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" +save type: RSA_PUB 1024-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" +save type: RSA_PUB 1024-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" +save type: RSA_PUB 1024-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" +save type: RSA_PUB 1024-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" +save type: RSA_PUB 1024-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" +save type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" +save type: RSA_PUB 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" +save type: RSA_PUB 1536-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000103000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" +save type: RSA_PUB 1536-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000203000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" +save type: RSA_PUB 1536-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000303000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" +save type: RSA_PUB 1536-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000403000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" +save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000503000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" +save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000803000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" +save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000903000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" +save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000a03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" +save type: RSA_PUB 1536-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000b03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000002000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000102000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000202000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000302000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000402000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000502000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000802000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000902000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000002000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265" +save type: RSA_PUB 1536-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000103000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" +save type: RSA_PUB 1536-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000203000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PUB 1536-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000303000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PUB 1536-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000403000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" +save type: RSA_PUB 1536-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000503000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048" +save type: RSA_PUB 1536-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000803000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500" +save type: RSA_PUB 1536-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000903000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461" +save type: RSA_PUB 1536-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" +save type: RSA_PUB 1536-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000113000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000213000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000313000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000413000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000513000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000813000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000913000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" + +save type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b" -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c" -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b" -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c" -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b" -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c" -PSA storage save: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081440500000000010000004b" + +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000814405010000004c" + +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814d0500000000010000004b" + +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000814d05010000004c" + +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814e0500000000010000004b" + +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000814e05010000004c" + +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081500500000000010000004b" + +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000815005010000004c" + +save alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b" -PSA storage save: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +save alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c" -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) +save alg: AEAD_SHORT(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b" -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) +save alg2: AEAD_SHORT(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c" -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +save alg: AEAD_SHORT(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b" -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +save alg2: AEAD_SHORT(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c" -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) +save alg: AEAD_SHORT(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b" -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) +save alg2: AEAD_SHORT(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c" -PSA storage save: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) +save alg: AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001440500000000010000004b" + +save alg2: AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000014405010000004c" + +save alg: AEAD_SHORT(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014d0500000000010000004b" + +save alg2: AEAD_SHORT(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000014d05010000004c" + +save alg: AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014e0500000000010000004b" + +save alg2: AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000014e05010000004c" + +save alg: AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b" + +save alg2: AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c" + +save alg: AEAD_SHORT(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b" -PSA storage save: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) +save alg2: AEAD_SHORT(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c" -PSA storage save: alg: ANY_HASH +save alg: ANY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b" -PSA storage save: alg2: ANY_HASH +save alg2: ANY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +save alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +save alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c" -PSA storage save: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c40300000000010000004b" + +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000081c403010000004c" + +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000081cd0300000000010000004b" + +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000081cd03010000004c" + +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ce0300000000010000004b" + +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000081ce03010000004c" + +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081d00300000000010000004b" + +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000081d003010000004c" + +save alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b" -PSA storage save: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +save alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c" -PSA storage save: alg: CBC_MAC +save alg: CBC_MAC depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b" -PSA storage save: alg2: CBC_MAC +save alg2: CBC_MAC depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c" -PSA storage save: alg: CBC_NO_PADDING +save alg: CBC_NO_PADDING depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b" -PSA storage save: alg2: CBC_NO_PADDING +save alg2: CBC_NO_PADDING depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c" -PSA storage save: alg: CBC_PKCS7 +save alg: CBC_PKCS7 depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b" -PSA storage save: alg2: CBC_PKCS7 +save alg2: CBC_PKCS7 depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c" -PSA storage save: alg: CCM +save alg: CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b" -PSA storage save: alg2: CCM +save alg2: CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c" -PSA storage save: alg: CFB +save alg: CFB depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b" -PSA storage save: alg2: CFB +save alg2: CFB depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c" -PSA storage save: alg: CHACHA20_POLY1305 +save alg: CHACHA20_POLY1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b" -PSA storage save: alg2: CHACHA20_POLY1305 +save alg2: CHACHA20_POLY1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c" -PSA storage save: alg: CMAC +save alg: CMAC depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b" -PSA storage save: alg2: CMAC +save alg2: CMAC depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c" -PSA storage save: alg: CTR +save alg: CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b" -PSA storage save: alg2: CTR +save alg2: CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(MD2) +save alg: DET_DSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(MD2) +save alg2: DET_DSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(MD4) +save alg: DET_DSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(MD4) +save alg2: DET_DSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(MD5) +save alg: DET_DSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(MD5) +save alg2: DET_DSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(RIPEMD160) +save alg: DET_DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(RIPEMD160) +save alg2: DET_DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(SHA_1) +save alg: DET_DSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_1) +save alg2: DET_DSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(SHA_224) +save alg: DET_DSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_224) +save alg2: DET_DSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(SHA_256) +save alg: DET_DSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_256) +save alg2: DET_DSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(SHA_384) +save alg: DET_DSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_384) +save alg2: DET_DSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c" -PSA storage save: alg: DETERMINISTIC_DSA(SHA_512) +save alg: DET_DSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_DSA(SHA_512) +save alg2: DET_DSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(MD2) +save alg: DET_ECDSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(MD2) +save alg2: DET_ECDSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(MD4) +save alg: DET_ECDSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(MD4) +save alg2: DET_ECDSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(MD5) +save alg: DET_ECDSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(MD5) +save alg2: DET_ECDSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(RIPEMD160) +save alg: DET_ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(RIPEMD160) +save alg2: DET_ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_1) +save alg: DET_ECDSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_1) +save alg2: DET_ECDSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_224) +save alg: DET_ECDSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_224) +save alg2: DET_ECDSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_256) +save alg: DET_ECDSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_256) +save alg2: DET_ECDSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_384) +save alg: DET_ECDSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_384) +save alg2: DET_ECDSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(SHA_512) +save alg: DET_ECDSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(SHA_512) +save alg2: DET_ECDSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c" -PSA storage save: alg: DETERMINISTIC_ECDSA(ANY_HASH) +save alg: DET_ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b" -PSA storage save: alg2: DETERMINISTIC_ECDSA(ANY_HASH) +save alg2: DET_ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c" -PSA storage save: alg: DSA(MD2) +save alg: DSA(MD2) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b" -PSA storage save: alg2: DSA(MD2) +save alg2: DSA(MD2) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c" -PSA storage save: alg: DSA(MD4) +save alg: DSA(MD4) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b" -PSA storage save: alg2: DSA(MD4) +save alg2: DSA(MD4) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c" -PSA storage save: alg: DSA(MD5) +save alg: DSA(MD5) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b" -PSA storage save: alg2: DSA(MD5) +save alg2: DSA(MD5) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c" -PSA storage save: alg: DSA(RIPEMD160) +save alg: DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b" -PSA storage save: alg2: DSA(RIPEMD160) +save alg2: DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c" -PSA storage save: alg: DSA(SHA_1) +save alg: DSA(SHA_1) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b" -PSA storage save: alg2: DSA(SHA_1) +save alg2: DSA(SHA_1) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c" -PSA storage save: alg: DSA(SHA_224) +save alg: DSA(SHA_224) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b" -PSA storage save: alg2: DSA(SHA_224) +save alg2: DSA(SHA_224) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c" -PSA storage save: alg: DSA(SHA_256) +save alg: DSA(SHA_256) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b" -PSA storage save: alg2: DSA(SHA_256) +save alg2: DSA(SHA_256) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c" -PSA storage save: alg: DSA(SHA_384) +save alg: DSA(SHA_384) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b" -PSA storage save: alg2: DSA(SHA_384) +save alg2: DSA(SHA_384) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c" -PSA storage save: alg: DSA(SHA_512) +save alg: DSA(SHA_512) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b" -PSA storage save: alg2: DSA(SHA_512) +save alg2: DSA(SHA_512) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c" -PSA storage save: alg: ECB_NO_PADDING +save alg: ECB_NO_PADDING depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b" -PSA storage save: alg2: ECB_NO_PADDING +save alg2: ECB_NO_PADDING depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c" -PSA storage save: alg: ECDH +save alg: ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b" -PSA storage save: alg2: ECDH +save alg2: ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c" -PSA storage save: alg: ECDSA(MD2) +save alg: ECDSA(MD2) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b" -PSA storage save: alg2: ECDSA(MD2) +save alg2: ECDSA(MD2) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c" -PSA storage save: alg: ECDSA(MD4) +save alg: ECDSA(MD4) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b" -PSA storage save: alg2: ECDSA(MD4) +save alg2: ECDSA(MD4) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c" -PSA storage save: alg: ECDSA(MD5) +save alg: ECDSA(MD5) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b" -PSA storage save: alg2: ECDSA(MD5) +save alg2: ECDSA(MD5) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c" -PSA storage save: alg: ECDSA(RIPEMD160) +save alg: ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b" -PSA storage save: alg2: ECDSA(RIPEMD160) +save alg2: ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c" -PSA storage save: alg: ECDSA(SHA_1) +save alg: ECDSA(SHA_1) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b" -PSA storage save: alg2: ECDSA(SHA_1) +save alg2: ECDSA(SHA_1) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c" -PSA storage save: alg: ECDSA(SHA_224) +save alg: ECDSA(SHA_224) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b" -PSA storage save: alg2: ECDSA(SHA_224) +save alg2: ECDSA(SHA_224) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c" -PSA storage save: alg: ECDSA(SHA_256) +save alg: ECDSA(SHA_256) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b" -PSA storage save: alg2: ECDSA(SHA_256) +save alg2: ECDSA(SHA_256) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c" -PSA storage save: alg: ECDSA(SHA_384) +save alg: ECDSA(SHA_384) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b" -PSA storage save: alg2: ECDSA(SHA_384) +save alg2: ECDSA(SHA_384) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c" -PSA storage save: alg: ECDSA(SHA_512) +save alg: ECDSA(SHA_512) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b" -PSA storage save: alg2: ECDSA(SHA_512) +save alg2: ECDSA(SHA_512) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c" -PSA storage save: alg: ECDSA(ANY_HASH) +save alg: ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b" -PSA storage save: alg2: ECDSA(ANY_HASH) +save alg2: ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c" -PSA storage save: alg: ECDSA_ANY +save alg: ECDSA_ANY depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b" -PSA storage save: alg2: ECDSA_ANY +save alg2: ECDSA_ANY depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c" -PSA storage save: alg: ED25519PH +save alg: ED25519PH depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b" -PSA storage save: alg2: ED25519PH +save alg2: ED25519PH depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c" -PSA storage save: alg: ED448PH +save alg: ED448PH depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b" -PSA storage save: alg2: ED448PH +save alg2: ED448PH depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c" -PSA storage save: alg: FFDH +save alg: FFDH depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b" -PSA storage save: alg2: FFDH +save alg2: FFDH depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c" -PSA storage save: alg: GCM +save alg: GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b" -PSA storage save: alg2: GCM +save alg2: GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c" -PSA storage save: alg: HKDF(MD2) +save alg: HKDF(MD2) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b" -PSA storage save: alg2: HKDF(MD2) +save alg2: HKDF(MD2) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c" -PSA storage save: alg: HKDF(MD4) +save alg: HKDF(MD4) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b" -PSA storage save: alg2: HKDF(MD4) +save alg2: HKDF(MD4) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c" -PSA storage save: alg: HKDF(MD5) +save alg: HKDF(MD5) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b" -PSA storage save: alg2: HKDF(MD5) +save alg2: HKDF(MD5) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c" -PSA storage save: alg: HKDF(RIPEMD160) +save alg: HKDF(RIPEMD160) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b" -PSA storage save: alg2: HKDF(RIPEMD160) +save alg2: HKDF(RIPEMD160) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c" -PSA storage save: alg: HKDF(SHA_1) +save alg: HKDF(SHA_1) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b" -PSA storage save: alg2: HKDF(SHA_1) +save alg2: HKDF(SHA_1) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c" -PSA storage save: alg: HKDF(SHA_224) +save alg: HKDF(SHA_224) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b" -PSA storage save: alg2: HKDF(SHA_224) +save alg2: HKDF(SHA_224) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c" -PSA storage save: alg: HKDF(SHA_256) +save alg: HKDF(SHA_256) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b" -PSA storage save: alg2: HKDF(SHA_256) +save alg2: HKDF(SHA_256) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c" -PSA storage save: alg: HKDF(SHA_384) +save alg: HKDF(SHA_384) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b" -PSA storage save: alg2: HKDF(SHA_384) +save alg2: HKDF(SHA_384) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c" -PSA storage save: alg: HKDF(SHA_512) +save alg: HKDF(SHA_512) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b" -PSA storage save: alg2: HKDF(SHA_512) +save alg2: HKDF(SHA_512) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c" -PSA storage save: alg: HMAC(MD2) +save alg: HMAC(MD2) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b" -PSA storage save: alg2: HMAC(MD2) +save alg2: HMAC(MD2) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c" -PSA storage save: alg: HMAC(MD4) +save alg: HMAC(MD4) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b" -PSA storage save: alg2: HMAC(MD4) +save alg2: HMAC(MD4) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c" -PSA storage save: alg: HMAC(MD5) +save alg: HMAC(MD5) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b" -PSA storage save: alg2: HMAC(MD5) +save alg2: HMAC(MD5) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c" -PSA storage save: alg: HMAC(RIPEMD160) +save alg: HMAC(RIPEMD160) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b" -PSA storage save: alg2: HMAC(RIPEMD160) +save alg2: HMAC(RIPEMD160) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c" -PSA storage save: alg: HMAC(SHA_1) +save alg: HMAC(SHA_1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b" -PSA storage save: alg2: HMAC(SHA_1) +save alg2: HMAC(SHA_1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c" -PSA storage save: alg: HMAC(SHA_224) +save alg: HMAC(SHA_224) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b" -PSA storage save: alg2: HMAC(SHA_224) +save alg2: HMAC(SHA_224) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c" -PSA storage save: alg: HMAC(SHA_256) +save alg: HMAC(SHA_256) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b" -PSA storage save: alg2: HMAC(SHA_256) +save alg2: HMAC(SHA_256) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c" -PSA storage save: alg: HMAC(SHA_384) +save alg: HMAC(SHA_384) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b" -PSA storage save: alg2: HMAC(SHA_384) +save alg2: HMAC(SHA_384) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c" -PSA storage save: alg: HMAC(SHA_512) +save alg: HMAC(SHA_512) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b" -PSA storage save: alg2: HMAC(SHA_512) +save alg2: HMAC(SHA_512) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +save alg: KA(ECDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +save alg2: KA(ECDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c" -PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +save alg: KA(FFDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +save alg2: KA(FFDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +save alg: KA(ECDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +save alg2: KA(ECDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +save alg: KA(ECDH,TLS12_PRF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +save alg2: KA(ECDH,TLS12_PRF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +save alg: KA(ECDH,TLS12_PRF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +save alg2: KA(ECDH,TLS12_PRF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +save alg: KA(ECDH,TLS12_PSK2MS(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +save alg2: KA(ECDH,TLS12_PSK2MS(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c" -PSA storage save: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +save alg: KA(ECDH,TLS12_PSK2MS(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +save alg2: KA(ECDH,TLS12_PSK2MS(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c" -PSA storage save: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +save alg: KA(FFDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b" -PSA storage save: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +save alg2: KA(FFDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c" -PSA storage save: alg: MD2 +save alg: MD2 depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b" -PSA storage save: alg2: MD2 +save alg2: MD2 depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c" -PSA storage save: alg: MD4 +save alg: MD4 depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b" -PSA storage save: alg2: MD4 +save alg2: MD4 depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c" -PSA storage save: alg: MD5 +save alg: MD5 depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b" -PSA storage save: alg2: MD5 +save alg2: MD5 depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c" -PSA storage save: alg: OFB +save alg: OFB depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b" -PSA storage save: alg2: OFB +save alg2: OFB depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c" -PSA storage save: alg: PURE_EDDSA +save alg: PURE_EDDSA depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b" -PSA storage save: alg2: PURE_EDDSA +save alg2: PURE_EDDSA depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c" -PSA storage save: alg: RIPEMD160 +save alg: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b" -PSA storage save: alg2: RIPEMD160 +save alg2: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c" -PSA storage save: alg: RSA_OAEP(MD2) +save alg: RSA_OAEP(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(MD2) +save alg2: RSA_OAEP(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c" -PSA storage save: alg: RSA_OAEP(MD4) +save alg: RSA_OAEP(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(MD4) +save alg2: RSA_OAEP(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c" -PSA storage save: alg: RSA_OAEP(MD5) +save alg: RSA_OAEP(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(MD5) +save alg2: RSA_OAEP(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c" -PSA storage save: alg: RSA_OAEP(RIPEMD160) +save alg: RSA_OAEP(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(RIPEMD160) +save alg2: RSA_OAEP(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c" -PSA storage save: alg: RSA_OAEP(SHA_1) +save alg: RSA_OAEP(SHA_1) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(SHA_1) +save alg2: RSA_OAEP(SHA_1) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c" -PSA storage save: alg: RSA_OAEP(SHA_224) +save alg: RSA_OAEP(SHA_224) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(SHA_224) +save alg2: RSA_OAEP(SHA_224) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c" -PSA storage save: alg: RSA_OAEP(SHA_256) +save alg: RSA_OAEP(SHA_256) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(SHA_256) +save alg2: RSA_OAEP(SHA_256) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c" -PSA storage save: alg: RSA_OAEP(SHA_384) +save alg: RSA_OAEP(SHA_384) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(SHA_384) +save alg2: RSA_OAEP(SHA_384) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c" -PSA storage save: alg: RSA_OAEP(SHA_512) +save alg: RSA_OAEP(SHA_512) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b" -PSA storage save: alg2: RSA_OAEP(SHA_512) +save alg2: RSA_OAEP(SHA_512) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c" -PSA storage save: alg: RSA_PKCS1V15_CRYPT +save alg: RSA_PKCS1V15_CRYPT depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_CRYPT +save alg2: RSA_PKCS1V15_CRYPT depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(MD2) +save alg: RSA_PKCS1V15_SIGN(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD2) +save alg2: RSA_PKCS1V15_SIGN(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(MD4) +save alg: RSA_PKCS1V15_SIGN(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD4) +save alg2: RSA_PKCS1V15_SIGN(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(MD5) +save alg: RSA_PKCS1V15_SIGN(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(MD5) +save alg2: RSA_PKCS1V15_SIGN(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(RIPEMD160) +save alg: RSA_PKCS1V15_SIGN(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) +save alg2: RSA_PKCS1V15_SIGN(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_1) +save alg: RSA_PKCS1V15_SIGN(SHA_1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_1) +save alg2: RSA_PKCS1V15_SIGN(SHA_1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_224) +save alg: RSA_PKCS1V15_SIGN(SHA_224) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_224) +save alg2: RSA_PKCS1V15_SIGN(SHA_224) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_256) +save alg: RSA_PKCS1V15_SIGN(SHA_256) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_256) +save alg2: RSA_PKCS1V15_SIGN(SHA_256) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_384) +save alg: RSA_PKCS1V15_SIGN(SHA_384) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_384) +save alg2: RSA_PKCS1V15_SIGN(SHA_384) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(SHA_512) +save alg: RSA_PKCS1V15_SIGN(SHA_512) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(SHA_512) +save alg2: RSA_PKCS1V15_SIGN(SHA_512) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN(ANY_HASH) +save alg: RSA_PKCS1V15_SIGN(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) +save alg2: RSA_PKCS1V15_SIGN(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c" -PSA storage save: alg: RSA_PKCS1V15_SIGN_RAW +save alg: RSA_PKCS1V15_SIGN_RAW depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b" -PSA storage save: alg2: RSA_PKCS1V15_SIGN_RAW +save alg2: RSA_PKCS1V15_SIGN_RAW depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c" -PSA storage save: alg: RSA_PSS(MD2) +save alg: RSA_PSS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b" -PSA storage save: alg2: RSA_PSS(MD2) +save alg2: RSA_PSS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c" -PSA storage save: alg: RSA_PSS(MD4) +save alg: RSA_PSS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b" -PSA storage save: alg2: RSA_PSS(MD4) +save alg2: RSA_PSS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c" -PSA storage save: alg: RSA_PSS(MD5) +save alg: RSA_PSS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b" -PSA storage save: alg2: RSA_PSS(MD5) +save alg2: RSA_PSS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c" -PSA storage save: alg: RSA_PSS(RIPEMD160) +save alg: RSA_PSS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b" -PSA storage save: alg2: RSA_PSS(RIPEMD160) +save alg2: RSA_PSS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c" -PSA storage save: alg: RSA_PSS(SHA_1) +save alg: RSA_PSS(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b" -PSA storage save: alg2: RSA_PSS(SHA_1) +save alg2: RSA_PSS(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c" -PSA storage save: alg: RSA_PSS(SHA_224) +save alg: RSA_PSS(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b" -PSA storage save: alg2: RSA_PSS(SHA_224) +save alg2: RSA_PSS(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c" -PSA storage save: alg: RSA_PSS(SHA_256) +save alg: RSA_PSS(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b" -PSA storage save: alg2: RSA_PSS(SHA_256) +save alg2: RSA_PSS(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c" -PSA storage save: alg: RSA_PSS(SHA_384) +save alg: RSA_PSS(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b" -PSA storage save: alg2: RSA_PSS(SHA_384) +save alg2: RSA_PSS(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c" -PSA storage save: alg: RSA_PSS(SHA_512) +save alg: RSA_PSS(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b" -PSA storage save: alg2: RSA_PSS(SHA_512) +save alg2: RSA_PSS(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c" -PSA storage save: alg: RSA_PSS(ANY_HASH) +save alg: RSA_PSS(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b" -PSA storage save: alg2: RSA_PSS(ANY_HASH) +save alg2: RSA_PSS(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(MD2) +save alg: RSA_PSS_ANY_SALT(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000113000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(MD2) +save alg2: RSA_PSS_ANY_SALT(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(MD4) +save alg: RSA_PSS_ANY_SALT(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000213000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(MD4) +save alg2: RSA_PSS_ANY_SALT(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(MD5) +save alg: RSA_PSS_ANY_SALT(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000313000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(MD5) +save alg2: RSA_PSS_ANY_SALT(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(RIPEMD160) +save alg: RSA_PSS_ANY_SALT(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000413000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(RIPEMD160) +save alg2: RSA_PSS_ANY_SALT(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(SHA_1) +save alg: RSA_PSS_ANY_SALT(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000513000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(SHA_1) +save alg2: RSA_PSS_ANY_SALT(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(SHA_224) +save alg: RSA_PSS_ANY_SALT(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000813000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(SHA_224) +save alg2: RSA_PSS_ANY_SALT(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(SHA_256) +save alg: RSA_PSS_ANY_SALT(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000913000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(SHA_256) +save alg2: RSA_PSS_ANY_SALT(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(SHA_384) +save alg: RSA_PSS_ANY_SALT(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a13000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(SHA_384) +save alg2: RSA_PSS_ANY_SALT(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(SHA_512) +save alg: RSA_PSS_ANY_SALT(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b13000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(SHA_512) +save alg2: RSA_PSS_ANY_SALT(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b130006010000004c" -PSA storage save: alg: RSA_PSS_ANY_SALT(ANY_HASH) +save alg: RSA_PSS_ANY_SALT(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff13000600000000010000004b" -PSA storage save: alg2: RSA_PSS_ANY_SALT(ANY_HASH) +save alg2: RSA_PSS_ANY_SALT(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff130006010000004c" -PSA storage save: alg: SHA3_224 +save alg: SHA3_224 depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b" -PSA storage save: alg2: SHA3_224 +save alg2: SHA3_224 depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c" -PSA storage save: alg: SHA3_256 +save alg: SHA3_256 depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b" -PSA storage save: alg2: SHA3_256 +save alg2: SHA3_256 depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c" -PSA storage save: alg: SHA3_384 +save alg: SHA3_384 depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b" -PSA storage save: alg2: SHA3_384 +save alg2: SHA3_384 depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c" -PSA storage save: alg: SHA3_512 +save alg: SHA3_512 depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b" -PSA storage save: alg2: SHA3_512 +save alg2: SHA3_512 depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c" -PSA storage save: alg: SHAKE256_512 +save alg: SHAKE256_512 depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b" -PSA storage save: alg2: SHAKE256_512 +save alg2: SHAKE256_512 depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c" -PSA storage save: alg: SHA_1 +save alg: SHA_1 depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b" -PSA storage save: alg2: SHA_1 +save alg2: SHA_1 depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c" -PSA storage save: alg: SHA_224 +save alg: SHA_224 depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b" -PSA storage save: alg2: SHA_224 +save alg2: SHA_224 depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c" -PSA storage save: alg: SHA_256 +save alg: SHA_256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b" -PSA storage save: alg2: SHA_256 +save alg2: SHA_256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c" -PSA storage save: alg: SHA_384 +save alg: SHA_384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b" -PSA storage save: alg2: SHA_384 +save alg2: SHA_384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c" -PSA storage save: alg: SHA_512 +save alg: SHA_512 depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b" -PSA storage save: alg2: SHA_512 +save alg2: SHA_512 depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c" -PSA storage save: alg: SHA_512_224 +save alg: SHA_512_224 depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b" -PSA storage save: alg2: SHA_512_224 +save alg2: SHA_512_224 depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c" -PSA storage save: alg: SHA_512_256 +save alg: SHA_512_256 depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b" -PSA storage save: alg2: SHA_512_256 +save alg2: SHA_512_256 depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c" -PSA storage save: alg: STREAM_CIPHER +save alg: STREAM_CIPHER depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b" -PSA storage save: alg2: STREAM_CIPHER +save alg2: STREAM_CIPHER depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c" -PSA storage save: alg: TLS12_PRF(MD2) +save alg: TLS12_PRF(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(MD2) +save alg2: TLS12_PRF(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c" -PSA storage save: alg: TLS12_PRF(MD4) +save alg: TLS12_PRF(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(MD4) +save alg2: TLS12_PRF(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c" -PSA storage save: alg: TLS12_PRF(MD5) +save alg: TLS12_PRF(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(MD5) +save alg2: TLS12_PRF(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c" -PSA storage save: alg: TLS12_PRF(RIPEMD160) +save alg: TLS12_PRF(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(RIPEMD160) +save alg2: TLS12_PRF(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c" -PSA storage save: alg: TLS12_PRF(SHA_1) +save alg: TLS12_PRF(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(SHA_1) +save alg2: TLS12_PRF(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c" -PSA storage save: alg: TLS12_PRF(SHA_224) +save alg: TLS12_PRF(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(SHA_224) +save alg2: TLS12_PRF(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c" -PSA storage save: alg: TLS12_PRF(SHA_256) +save alg: TLS12_PRF(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(SHA_256) +save alg2: TLS12_PRF(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c" -PSA storage save: alg: TLS12_PRF(SHA_384) +save alg: TLS12_PRF(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(SHA_384) +save alg2: TLS12_PRF(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c" -PSA storage save: alg: TLS12_PRF(SHA_512) +save alg: TLS12_PRF(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b" -PSA storage save: alg2: TLS12_PRF(SHA_512) +save alg2: TLS12_PRF(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(MD2) +save alg: TLS12_PSK2MS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(MD2) +save alg2: TLS12_PSK2MS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(MD4) +save alg: TLS12_PSK2MS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(MD4) +save alg2: TLS12_PSK2MS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(MD5) +save alg: TLS12_PSK2MS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(MD5) +save alg2: TLS12_PSK2MS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(RIPEMD160) +save alg: TLS12_PSK2MS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(RIPEMD160) +save alg2: TLS12_PSK2MS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_1) +save alg: TLS12_PSK2MS(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_1) +save alg2: TLS12_PSK2MS(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_224) +save alg: TLS12_PSK2MS(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_224) +save alg2: TLS12_PSK2MS(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_256) +save alg: TLS12_PSK2MS(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_256) +save alg2: TLS12_PSK2MS(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_384) +save alg: TLS12_PSK2MS(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_384) +save alg2: TLS12_PSK2MS(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c" -PSA storage save: alg: TLS12_PSK_TO_MS(SHA_512) +save alg: TLS12_PSK2MS(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b" -PSA storage save: alg2: TLS12_PSK_TO_MS(SHA_512) +save alg2: TLS12_PSK2MS(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c" -PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 1) +save alg: TRUNCATED_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 1) +save alg2: TRUNCATED_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c" -PSA storage save: alg: TRUNCATED_MAC(CMAC, 1) +save alg: TRUNCATED_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(CMAC, 1) +save alg2: TRUNCATED_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(MD2), 1) +save alg: TRUNCATED_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD2), 1) +save alg2: TRUNCATED_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(MD4), 1) +save alg: TRUNCATED_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD4), 1) +save alg2: TRUNCATED_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(MD5), 1) +save alg: TRUNCATED_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(MD5), 1) +save alg2: TRUNCATED_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +save alg: TRUNCATED_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +save alg2: TRUNCATED_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) +save alg: TRUNCATED_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) +save alg2: TRUNCATED_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) +save alg: TRUNCATED_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) +save alg2: TRUNCATED_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) +save alg: TRUNCATED_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) +save alg2: TRUNCATED_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) +save alg: TRUNCATED_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) +save alg2: TRUNCATED_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) +save alg: TRUNCATED_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) +save alg2: TRUNCATED_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c" -PSA storage save: alg: TRUNCATED_MAC(CBC_MAC, 63) +save alg: TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c40300000000010000004b" + +save alg2: TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000001c403010000004c" + +save alg: TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000001cd0300000000010000004b" + +save alg2: TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000001cd03010000004c" + +save alg: TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ce0300000000010000004b" + +save alg2: TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000001ce03010000004c" + +save alg: TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001d00300000000010000004b" + +save alg2: TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000001d003010000004c" + +save alg: TRUNCATED_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b" -PSA storage save: alg2: TRUNCATED_MAC(CBC_MAC, 63) +save alg2: TRUNCATED_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c" -PSA storage save: alg: XTS +save alg: XTS depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b" -PSA storage save: alg2: XTS +save alg2: XTS depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c" diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.function index b90ef6efcb0..2f68409e9da 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.function @@ -16,10 +16,10 @@ * On error, including if the key representation in storage differs, * mark the test case as failed and return 0. On success, return 1. */ -static int test_written_key( const psa_key_attributes_t *attributes, - const data_t *material, - psa_storage_uid_t uid, - const data_t *expected_representation ) +static int test_written_key(const psa_key_attributes_t *attributes, + const data_t *material, + psa_storage_uid_t uid, + const data_t *expected_representation) { mbedtls_svc_key_id_t created_key_id = MBEDTLS_SVC_KEY_ID_INIT; uint8_t *actual_representation = NULL; @@ -28,36 +28,205 @@ static int test_written_key( const psa_key_attributes_t *attributes, int ok = 0; /* Create a key with the given parameters. */ - PSA_ASSERT( psa_import_key( attributes, material->x, material->len, - &created_key_id ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( psa_get_key_id( attributes ), - created_key_id ) ); + PSA_ASSERT(psa_import_key(attributes, material->x, material->len, + &created_key_id)); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(attributes), + created_key_id)); /* Check that the key is represented as expected. */ - PSA_ASSERT( psa_its_get_info( uid, &storage_info ) ); - TEST_EQUAL( storage_info.size, expected_representation->len ); - ASSERT_ALLOC( actual_representation, storage_info.size ); - PSA_ASSERT( psa_its_get( uid, 0, storage_info.size, - actual_representation, &length ) ); - ASSERT_COMPARE( expected_representation->x, expected_representation->len, - actual_representation, length ); + PSA_ASSERT(psa_its_get_info(uid, &storage_info)); + TEST_EQUAL(storage_info.size, expected_representation->len); + TEST_CALLOC(actual_representation, storage_info.size); + PSA_ASSERT(psa_its_get(uid, 0, storage_info.size, + actual_representation, &length)); + TEST_MEMORY_COMPARE(expected_representation->x, expected_representation->len, + actual_representation, length); ok = 1; exit: - mbedtls_free( actual_representation ); - return( ok ); + mbedtls_free(actual_representation); + return ok; } /** Check if a key is exportable. */ -static int can_export( const psa_key_attributes_t *attributes ) +static int can_export(const psa_key_attributes_t *attributes) { - if( psa_get_key_usage_flags( attributes ) & PSA_KEY_USAGE_EXPORT ) - return( 1 ); - else if( PSA_KEY_TYPE_IS_PUBLIC_KEY( psa_get_key_type( attributes ) ) ) - return( 1 ); - else - return( 0 ); + if (psa_get_key_usage_flags(attributes) & PSA_KEY_USAGE_EXPORT) { + return 1; + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(attributes))) { + return 1; + } else { + return 0; + } +} + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +static int is_accelerated_rsa(psa_algorithm_t alg) +{ +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) + if (PSA_ALG_IS_RSA_PSS(alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) + if (PSA_ALG_IS_RSA_OAEP(alg)) { + return 1; + } +#endif + (void) alg; + return 0; +} + +/* Whether the algorithm is implemented as a builtin, i.e. not accelerated, + * and calls mbedtls_md() functions that require the hash algorithm to + * also be built-in. */ +static int is_builtin_calling_md(psa_algorithm_t alg) +{ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) + if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) + if (PSA_ALG_IS_RSA_PSS(alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) + if (PSA_ALG_IS_RSA_OAEP(alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + return 1; + } +#endif + (void) alg; + return 0; +} + +static int has_builtin_hash(psa_algorithm_t alg) +{ +#if !defined(MBEDTLS_MD2_C) + if (alg == PSA_ALG_MD2) { + return 0; + } +#endif +#if !defined(MBEDTLS_MD4_C) + if (alg == PSA_ALG_MD4) { + return 0; + } +#endif +#if !defined(MBEDTLS_MD5_C) + if (alg == PSA_ALG_MD5) { + return 0; + } +#endif +#if !defined(MBEDTLS_RIPEMD160_C) + if (alg == PSA_ALG_RIPEMD160) { + return 0; + } +#endif +#if !defined(MBEDTLS_SHA1_C) + if (alg == PSA_ALG_SHA_1) { + return 0; + } +#endif +#if !defined(MBEDTLS_SHA224_C) + if (alg == PSA_ALG_SHA_224) { + return 0; + } +#endif +#if !defined(MBEDTLS_SHA256_C) + if (alg == PSA_ALG_SHA_256) { + return 0; + } +#endif +#if !defined(MBEDTLS_SHA384_C) + if (alg == PSA_ALG_SHA_384) { + return 0; + } +#endif +#if !defined(MBEDTLS_SHA512_C) + if (alg == PSA_ALG_SHA_512) { + return 0; + } +#endif + (void) alg; + return 1; +} +#endif + +/* Mbed TLS doesn't support certain combinations of key type and algorithm + * in certain configurations. */ +static int can_exercise(const psa_key_attributes_t *attributes) +{ + psa_key_type_t key_type = psa_get_key_type(attributes); + psa_algorithm_t alg = psa_get_key_algorithm(attributes); + psa_algorithm_t hash_alg = + PSA_ALG_IS_HASH_AND_SIGN(alg) ? PSA_ALG_SIGN_GET_HASH(alg) : + PSA_ALG_IS_RSA_OAEP(alg) ? PSA_ALG_RSA_OAEP_GET_HASH(alg) : + PSA_ALG_NONE; + psa_key_usage_t usage = psa_get_key_usage_flags(attributes); + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) + /* We test some configurations using drivers where the driver doesn't + * support certain hash algorithms, but declares that it supports + * compound algorithms that use those hashes. Until this is fixed, + * in those configurations, don't try to actually perform operations. + * + * Hash-and-sign algorithms where the asymmetric part doesn't use + * a hash operation are ok. So randomized ECDSA signature is fine, + * ECDSA verification is fine, but deterministic ECDSA signature is + * affected. All RSA signatures are affected except raw PKCS#1v1.5. + * OAEP is also affected. + */ + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) && + !(usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE))) { + /* Verification only. Verification doesn't use the hash algorithm. */ + return 1; + } + +#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) && + (hash_alg == PSA_ALG_MD5 || + hash_alg == PSA_ALG_RIPEMD160 || + hash_alg == PSA_ALG_SHA_1)) { + return 0; + } +#endif + if (is_accelerated_rsa(alg) && + (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { + return 0; + } +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) + if (PSA_ALG_IS_RSA_OAEP(alg) && + (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { + return 0; + } +#endif + + /* The built-in implementation of asymmetric algorithms that use a + * hash internally only dispatch to the internal md module, not to + * PSA. Until this is supported, don't try to actually perform + * operations when the operation is built-in and the hash isn't. */ + if (is_builtin_calling_md(alg) && !has_builtin_hash(hash_alg)) { + return 0; + } +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ + + (void) key_type; + (void) alg; + (void) hash_alg; + (void) usage; + return 1; } /** Write a key with the given representation to storage, then check @@ -66,78 +235,73 @@ static int can_export( const psa_key_attributes_t *attributes ) * On error, including if the key representation in storage differs, * mark the test case as failed and return 0. On success, return 1. */ -static int test_read_key( const psa_key_attributes_t *expected_attributes, - const data_t *expected_material, - psa_storage_uid_t uid, - const data_t *representation, - int flags ) +static int test_read_key(const psa_key_attributes_t *expected_attributes, + const data_t *expected_material, + psa_storage_uid_t uid, + const data_t *representation, + int flags) { psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t key_id = psa_get_key_id( expected_attributes ); + mbedtls_svc_key_id_t key_id = psa_get_key_id(expected_attributes); struct psa_storage_info_t storage_info; int ok = 0; uint8_t *exported_material = NULL; size_t length; /* Prime the storage with a key file. */ - PSA_ASSERT( psa_its_set( uid, representation->len, representation->x, 0 ) ); + PSA_ASSERT(psa_its_set(uid, representation->len, representation->x, 0)); /* Check that the injected key exists and looks as expected. */ - PSA_ASSERT( psa_get_key_attributes( key_id, &actual_attributes ) ); - TEST_ASSERT( mbedtls_svc_key_id_equal( key_id, - psa_get_key_id( &actual_attributes ) ) ); - TEST_EQUAL( psa_get_key_lifetime( expected_attributes ), - psa_get_key_lifetime( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_type( expected_attributes ), - psa_get_key_type( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_bits( expected_attributes ), - psa_get_key_bits( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_usage_flags( expected_attributes ), - psa_get_key_usage_flags( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_algorithm( expected_attributes ), - psa_get_key_algorithm( &actual_attributes ) ); - TEST_EQUAL( psa_get_key_enrollment_algorithm( expected_attributes ), - psa_get_key_enrollment_algorithm( &actual_attributes ) ); - if( can_export( expected_attributes ) ) - { - ASSERT_ALLOC( exported_material, expected_material->len ); - PSA_ASSERT( psa_export_key( key_id, - exported_material, expected_material->len, - &length ) ); - ASSERT_COMPARE( expected_material->x, expected_material->len, - exported_material, length ); - } - - if( flags & TEST_FLAG_EXERCISE ) - { - TEST_ASSERT( mbedtls_test_psa_exercise_key( - key_id, - psa_get_key_usage_flags( expected_attributes ), - psa_get_key_algorithm( expected_attributes ) ) ); - } - - - if( flags & TEST_FLAG_READ_ONLY ) - { + PSA_ASSERT(psa_get_key_attributes(key_id, &actual_attributes)); + TEST_ASSERT(mbedtls_svc_key_id_equal(key_id, + psa_get_key_id(&actual_attributes))); + TEST_EQUAL(psa_get_key_lifetime(expected_attributes), + psa_get_key_lifetime(&actual_attributes)); + TEST_EQUAL(psa_get_key_type(expected_attributes), + psa_get_key_type(&actual_attributes)); + TEST_EQUAL(psa_get_key_bits(expected_attributes), + psa_get_key_bits(&actual_attributes)); + TEST_EQUAL(psa_get_key_usage_flags(expected_attributes), + psa_get_key_usage_flags(&actual_attributes)); + TEST_EQUAL(psa_get_key_algorithm(expected_attributes), + psa_get_key_algorithm(&actual_attributes)); + TEST_EQUAL(psa_get_key_enrollment_algorithm(expected_attributes), + psa_get_key_enrollment_algorithm(&actual_attributes)); + if (can_export(expected_attributes)) { + TEST_CALLOC(exported_material, expected_material->len); + PSA_ASSERT(psa_export_key(key_id, + exported_material, expected_material->len, + &length)); + TEST_MEMORY_COMPARE(expected_material->x, expected_material->len, + exported_material, length); + } + + if ((flags & TEST_FLAG_EXERCISE) && can_exercise(&actual_attributes)) { + TEST_ASSERT(mbedtls_test_psa_exercise_key( + key_id, + psa_get_key_usage_flags(expected_attributes), + psa_get_key_algorithm(expected_attributes))); + } + + + if (flags & TEST_FLAG_READ_ONLY) { /* Read-only keys cannot be removed through the API. * The key will be removed through ITS in the cleanup code below. */ - TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) ); - } - else - { + TEST_EQUAL(PSA_ERROR_NOT_PERMITTED, psa_destroy_key(key_id)); + } else { /* Destroy the key. Confirm through direct access to the storage. */ - PSA_ASSERT( psa_destroy_key( key_id ) ); - TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST, - psa_its_get_info( uid, &storage_info ) ); + PSA_ASSERT(psa_destroy_key(key_id)); + TEST_EQUAL(PSA_ERROR_DOES_NOT_EXIST, + psa_its_get_info(uid, &storage_info)); } ok = 1; exit: - psa_reset_key_attributes( &actual_attributes ); - psa_its_remove( uid ); - mbedtls_free( exported_material ); - return( ok ); + psa_reset_key_attributes(&actual_attributes); + psa_its_remove(uid); + mbedtls_free(exported_material); + return ok; } /* END_HEADER */ @@ -148,10 +312,10 @@ exit: */ /* BEGIN_CASE */ -void key_storage_save( int lifetime_arg, int type_arg, int bits_arg, - int usage_arg, int alg_arg, int alg2_arg, - data_t *material, - data_t *representation ) +void key_storage_save(int lifetime_arg, int type_arg, int bits_arg, + int usage_arg, int alg_arg, int alg2_arg, + data_t *material, + data_t *representation) { /* Forward compatibility: save a key in the current format and * check that it has the expected format so that future versions @@ -163,40 +327,40 @@ void key_storage_save( int lifetime_arg, int type_arg, int bits_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1); psa_storage_uid_t uid = 1; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_INIT( ); - TEST_USES_KEY_ID( key_id ); + PSA_INIT(); + TEST_USES_KEY_ID(key_id); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); /* This is the current storage format. Test that we know exactly how * the key is stored. The stability of the test data in future * versions of Mbed TLS will guarantee that future versions * can read back what this version wrote. */ - TEST_ASSERT( test_written_key( &attributes, material, - uid, representation ) ); + TEST_ASSERT(test_written_key(&attributes, material, + uid, representation)); exit: - psa_reset_key_attributes( &attributes ); - psa_destroy_key( key_id ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + psa_destroy_key(key_id); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, - int usage_arg, int alg_arg, int alg2_arg, - data_t *material, - data_t *representation, int flags ) +void key_storage_read(int lifetime_arg, int type_arg, int bits_arg, + int usage_arg, int alg_arg, int alg2_arg, + data_t *material, + data_t *representation, int flags) { /* Backward compatibility: read a key in the format of a past version * and check that this version can use it. */ @@ -207,29 +371,29 @@ void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, psa_key_usage_t usage = usage_arg; psa_algorithm_t alg = alg_arg; psa_algorithm_t alg2 = alg2_arg; - mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make( 0, 1 ); + mbedtls_svc_key_id_t key_id = mbedtls_svc_key_id_make(0, 1); psa_storage_uid_t uid = 1; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_INIT( ); - TEST_USES_KEY_ID( key_id ); + PSA_INIT(); + TEST_USES_KEY_ID(key_id); - psa_set_key_lifetime( &attributes, lifetime ); - psa_set_key_id( &attributes, key_id ); - psa_set_key_type( &attributes, type ); - psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, usage ); - psa_set_key_algorithm( &attributes, alg ); - psa_set_key_enrollment_algorithm( &attributes, alg2 ); + psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_id(&attributes, key_id); + psa_set_key_type(&attributes, type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, alg2); /* Test that we can use a key with the given representation. This * guarantees backward compatibility with keys that were stored by * past versions of Mbed TLS. */ - TEST_ASSERT( test_read_key( &attributes, material, - uid, representation, flags ) ); + TEST_ASSERT(test_read_key(&attributes, material, + uid, representation, flags)); exit: - psa_reset_key_attributes( &attributes ); - PSA_DONE( ); + psa_reset_key_attributes(&attributes); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.v0.data index c6be0a9e076..0be106666fc 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.v0.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_crypto_storage_format.v0.data @@ -1,2330 +1,8938 @@ # Automatically generated by generate_psa_tests.py. Do not edit! -PSA storage read: lifetime: (DEFAULT, LOCAL_STORAGE) +read lifetime: (DEFAULT,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 -PSA storage read: lifetime: (READ_ONLY, LOCAL_STORAGE) +read lifetime: (READ_ONLY,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000ff00000001100800010000000000000000000000010000004c":TEST_FLAG_READ_ONLY -PSA storage read: lifetime: (2, LOCAL_STORAGE) +read lifetime: (2,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000200000001100800010000000000000000000000010000004c":0 -PSA storage read: lifetime: (254, LOCAL_STORAGE) +read lifetime: (254,LOCAL_STORAGE) depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b45590000000000fe00000001100800010000000000000000000000010000004c":0 -PSA storage read: lifetime: PERSISTENT +read lifetime: PERSISTENT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4c":"505341004b455900000000000100000001100800010000000000000000000000010000004c":0 -PSA storage read: usage with implication: 0 +read usage without implication: 0 depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 -PSA storage read: usage without implication: 0 +read usage without implication: COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 -PSA storage read: usage with implication: COPY +read usage without implication: DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 -PSA storage read: usage without implication: COPY +read usage without implication: DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 -PSA storage read: usage with implication: DECRYPT +read usage without implication: ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 -PSA storage read: usage without implication: DECRYPT +read usage without implication: EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 -PSA storage read: usage with implication: DERIVE +read usage without implication: SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 -PSA storage read: usage without implication: DERIVE +read usage without implication: SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 -PSA storage read: usage with implication: ENCRYPT +read usage without implication: VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 -PSA storage read: usage without implication: ENCRYPT +read usage without implication: VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 -PSA storage read: usage with implication: EXPORT +read usage without implication: COPY|DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 -PSA storage read: usage without implication: EXPORT +read usage without implication: DECRYPT|DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 -PSA storage read: usage with implication: SIGN_HASH +read usage without implication: DERIVE|ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 -PSA storage read: usage without implication: SIGN_HASH +read usage without implication: ENCRYPT|EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 -PSA storage read: usage with implication: SIGN_MESSAGE +read usage without implication: EXPORT|SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0 -PSA storage read: usage without implication: SIGN_MESSAGE +read usage without implication: SIGN_HASH|SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 -PSA storage read: usage with implication: VERIFY_HASH +read usage without implication: SIGN_MESSAGE|VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b":0 -PSA storage read: usage without implication: VERIFY_HASH +read usage without implication: VERIFY_HASH|VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 -PSA storage read: usage with implication: VERIFY_MESSAGE +read usage without implication: VERIFY_MESSAGE|COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 -PSA storage read: usage without implication: VERIFY_MESSAGE +read usage without implication: all known depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b":0 -PSA storage read: usage with implication: COPY | DECRYPT +read usage: 0 depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 -PSA storage read: usage without implication: COPY | DECRYPT +read usage: COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 -PSA storage read: usage with implication: DECRYPT | DERIVE +read usage: DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 -PSA storage read: usage without implication: DECRYPT | DERIVE +read usage: DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 -PSA storage read: usage with implication: DERIVE | ENCRYPT +read usage: ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 -PSA storage read: usage without implication: DERIVE | ENCRYPT +read usage: EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 -PSA storage read: usage with implication: ENCRYPT | EXPORT +read usage: SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0 -PSA storage read: usage without implication: ENCRYPT | EXPORT +read usage: SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000400000000000000000000010000004b":0 -PSA storage read: usage with implication: EXPORT | SIGN_HASH +read usage: VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0 -PSA storage read: usage without implication: EXPORT | SIGN_HASH +read usage: VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000800000000000000000000010000004b":0 -PSA storage read: usage with implication: SIGN_HASH | SIGN_MESSAGE +read usage: COPY|DECRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 -PSA storage read: usage without implication: SIGN_HASH | SIGN_MESSAGE +read usage: DECRYPT|DERIVE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 -PSA storage read: usage with implication: SIGN_MESSAGE | VERIFY_HASH +read usage: DERIVE|ENCRYPT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002c00000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 -PSA storage read: usage without implication: SIGN_MESSAGE | VERIFY_HASH +read usage: ENCRYPT|EXPORT depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 -PSA storage read: usage with implication: VERIFY_HASH | VERIFY_MESSAGE +read usage: EXPORT|SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0 -PSA storage read: usage without implication: VERIFY_HASH | VERIFY_MESSAGE +read usage: SIGN_HASH|SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001400000000000000000000010000004b":0 -PSA storage read: usage with implication: VERIFY_MESSAGE | COPY +read usage: SIGN_MESSAGE|VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002400000000000000000000010000004b":0 -PSA storage read: usage without implication: VERIFY_MESSAGE | COPY +read usage: VERIFY_HASH|VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002800000000000000000000010000004b":0 -PSA storage read: usage: all known +read usage: VERIFY_MESSAGE|COPY depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800037f00000000000000000000010000004b":0 +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020800000000000000000000010000004b":0 -PSA storage read: type: AES 128-bit +read type: AES 128-bit depends_on:PSA_WANT_KEY_TYPE_AES key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: type: AES 192-bit +read type: AES 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000002c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000010300000012c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 192-bit depends_on:PSA_WANT_KEY_TYPE_AES key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE -PSA storage read: type: AES 256-bit +read type: AES 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000002c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000010300000012c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: AES 256-bit depends_on:PSA_WANT_KEY_TYPE_AES key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: type: ARC4 8-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048":TEST_FLAG_EXERCISE +read type: AES 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CMAC +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CMAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000002c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, OFB +depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001010300000012c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: AES 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_AES +key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARC4 8-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048":0 + +read type: ARC4 8-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48":"505341004b4559000000000001000000022008000103000000018004000000000100000048":0 + +read type: ARC4 128-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARC4 128-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000103000000018004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARC4 2048-bit +depends_on:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":0 + +read type: ARC4 2048-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_ARC4 +key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080103000000018004000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":0 + +read type: ARIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000006248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000006240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: ARIA 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_ARIA +key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014405000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000014e05000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000404004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000414004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000015005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000011c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000010300000010c004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000444004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000025005000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001c403000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001cd03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001ce03000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000003248000013c00000001d003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 128-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000103000000ff4004000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014405000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000014e05000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000404004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000414004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000015005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000011c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000010300000010c004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000444004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000025005000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001c403000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001cd03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001ce03000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c000013c00000001d003000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 192-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000103000000ff4004000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit +depends_on:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014405000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000014e05000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CBC_MAC +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_CBC_MAC:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000404004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000414004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CCM +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000015005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CFB +depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000011c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001010300000010c004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000444004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, GCM +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000025005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001c403000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,13):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001cd03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,14):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001ce03000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC,16):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000003240001013c00000001d003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CAMELLIA 256-bit, XTS +depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_CAMELLIA +key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010103000000ff4004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CHACHA20 256-bit +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CHACHA20 256-bit, CHACHA20_POLY1305 +depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000051005000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: CHACHA20 256-bit, STREAM_CIPHER +depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 +key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010103000000018004000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: DERIVE 120-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE + +read type: DERIVE 128-bit +depends_on:PSA_WANT_KEY_TYPE_DERIVE +key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: DES 64-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE + +read type: DES 64-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004040040000000008000000644573206b457901":TEST_FLAG_EXERCISE + +read type: DES 64-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004140040000000008000000644573206b457901":TEST_FLAG_EXERCISE + +read type: DES 64-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001030000004440040000000008000000644573206b457901":TEST_FLAG_EXERCISE + +read type: DES 128-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE + +read type: DES 128-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004040040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE + +read type: DES 128-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004140040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE + +read type: DES 128-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001030000004440040000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE + +read type: DES 192-bit +depends_on:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE + +read type: DES 192-bit, CBC_NO_PADDING +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004040040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE + +read type: DES 192-bit, CBC_PKCS7 +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004140040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE + +read type: DES 192-bit, ECB_NO_PADDING +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_DES +key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001030000004440040000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000000000209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000001060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000002060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000003060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000004060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000005060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000008060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000a060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c00000b060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000013c000000060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a010209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a020209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000140000009030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a000014000000a030209000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 + +read type: ECC_PAIR(BP_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000107000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000207000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000307000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000407000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000507000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000807000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000907000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b07000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000000020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000106000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000206000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000306000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000406000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000506000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000806000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000906000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000a06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000b06000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000013c00000006000600000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000901020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a01020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000902020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a02020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000903020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000014000000a03020900000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":0 + +read type: ECC_PAIR(BP_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b070006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000000000209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000001060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000002060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000003060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000004060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000005060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000008060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000009060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000a060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c00000b060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000013c000000060006000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a010209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a020209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000140000009030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e000014000000a030209000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":0 + +read type: ECC_PAIR(BP_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000107000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000207000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000307000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000407000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000507000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000807000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000907000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b07000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000000020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000106000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000206000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000306000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000406000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000506000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000806000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000906000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000a06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000b06000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001013c00000006000600000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000901020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a01020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000902020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a02020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000903020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001014000000a03020900000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":0 + +read type: ECC_PAIR(BP_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b070006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000000000209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000001060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000002060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000003060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000004060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000005060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000008060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000009060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000a060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c00000b060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001013c000000060006000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a010209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a020209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010140000009030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 320-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b455900000000000100000030714001014000000a030209000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":0 + +read type: ECC_PAIR(BP_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000107000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000207000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000307000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000407000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000507000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000807000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000907000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b07000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000000020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000106000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000206000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000306000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000406000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000506000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000806000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000906000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000a06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000b06000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001013c00000006000600000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000901020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a01020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000902020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a02020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000903020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001014000000a03020900000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":0 + +read type: ECC_PAIR(BP_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0700060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000000002090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000010600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000020600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000030600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000040600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000050600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000080600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000090600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000a0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c00000b0600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002013c0000000600060000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0102090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0202090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201400000090302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(BP_R1) 512-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b455900000000000100000030710002014000000a0302090000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":0 + +read type: ECC_PAIR(MGM) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000000000209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a010209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a020209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000140000009030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 255-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff00014000000a030209000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000000002090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0102090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0202090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101400000090302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(MGM) 448-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c001014000000a0302090000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000000002090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000010600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000020600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000030600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000040600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000050600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000080600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000a0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c00000b0600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000013c0000000600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0102090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0202090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001400000090302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 192-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c000014000000a0302090000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b070006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000000000209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000001060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000002060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000003060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000004060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000005060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000008060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000009060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000a060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c00000b060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000013c000000060006000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a010209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a020209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000140000009030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 224-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e000014000000a030209000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000107000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000207000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000307000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000407000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000507000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000807000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000907000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b07000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000000020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000106000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000206000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000306000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000406000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000506000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000806000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000906000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000a06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000b06000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001013c00000006000600000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000901020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a01020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000902020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a02020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000903020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_K1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001014000000a03020900000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000000000209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000001060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000002060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000003060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000004060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000005060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000008060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000a060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c00000b060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100013c000000060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a010209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a020209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000140000009030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 225-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e100014000000a030209000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b070006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000000000209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000001060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000002060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000003060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000004060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000005060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000008060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000009060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000a060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c00000b060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001013c000000060006000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a010209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a020209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010140000009030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 256-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b455900000000000100000012710001014000000a030209000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000107000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000207000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000307000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000407000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000507000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000807000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000907000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b07000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000000020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000106000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000206000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000306000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000406000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000506000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000806000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000906000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000a06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000b06000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001013c00000006000600000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000901020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a01020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000902020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a02020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000903020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 384-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001014000000a03020900000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b070006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000000000209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000001060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000002060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000003060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000004060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000005060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000008060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000009060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000a060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c00000b060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902013c000000060006000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a010209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a020209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020140000009030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R1) 521-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b455900000000000100000012710902014000000a030209000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000000000209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000001060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000002060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000003060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000004060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000005060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000008060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000a060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c00000b060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000013c000000060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a010209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a020209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000140000009030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECP_R2) 160-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a000014000000a030209000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000000000209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000001060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000002060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000003060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000004060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000005060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000008060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000a060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c00000b060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300013c000000060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a010209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a020209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000140000009030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a300014000000a030209000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b070006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000000000209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000001060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000002060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000003060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000004060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000005060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000008060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000009060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000a060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c00000b060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900013c000000060006000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a010209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a020209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000140000009030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e900014000000a030209000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b070006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000000000209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000001060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000002060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000003060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000004060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000005060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000008060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000009060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000a060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c00000b060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00013c000000060006000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a010209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a020209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000140000009030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 239-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef00014000000a030209000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0700060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000000002090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000010600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000020600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000030600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000040600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000050600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000080600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000090600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000a0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c00000b0600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01013c0000000600060000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0102090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0202090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101400000090302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b01014000000a0302090000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000107000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000207000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000307000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000407000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000507000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000807000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000907000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b07000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000000020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000106000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000206000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000306000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000406000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000506000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000806000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000906000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000a06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000b06000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901013c00000006000600000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000901020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a01020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000902020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a02020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000903020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901014000000a03020900000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0700060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000000002090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000010600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000020600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000030600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000040600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000050600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000080600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000090600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000a0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c00000b0600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02013c0000000600060000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0102090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0202090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201400000090302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_K1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b02014000000a0302090000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000000002090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000010600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000020600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000030600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000040600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000050600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000080600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000a0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c00000b0600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300013c0000000600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0102090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0202090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001400000090302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a300014000000a0302090000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b070006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000000000209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000001060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000002060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000003060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000004060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000005060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000008060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000009060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000a060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c00000b060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900013c000000060006000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a010209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a020209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000140000009030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 233-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e900014000000a030209000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0700060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000000002090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000010600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000020600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000030600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000040600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000050600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000080600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000090600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000a0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c00000b0600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01013c0000000600060000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0102090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0202090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101400000090302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 283-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b01014000000a0302090000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b070006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000000000209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000001060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000002060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000003060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000004060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000005060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000008060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000009060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000a060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c00000b060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901013c000000060006000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a010209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a020209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010140000009030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 409-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b455900000000000100000022719901014000000a030209000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0700060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000000002090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000010600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000020600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000030600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000040600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000050600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000080600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000090600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000a0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c00000b0600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02013c0000000600060000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0102090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0202090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201400000090302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R1) 571-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b02014000000a0302090000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000107000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000207000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000307000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000407000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000507000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000807000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b07000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000000020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000106000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000206000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000306000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000406000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000506000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000806000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000a06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000b06000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300013c00000006000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000901020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,HKDF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a01020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000902020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PRF(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a02020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_256)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000903020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(SECT_R2) 163-bit, KA(ECDH,TLS12_PSK2MS(SHA_384)) +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH,PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300014000000a03020900000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 255-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00013c00000008000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000b09000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00001509000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE + +read type: ECC_PAIR(TWISTED_EDWARDS) 448-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001013c00000008000600000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 160-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000001060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000002060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000003060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000004060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000005060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000008060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000a060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a000012800000b060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 + +read type: ECC_PUB(BP_R1) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000128000000060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 192-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0700060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000010600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000020600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000030600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000040600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000050600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000080600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000090600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000a0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c000012800000b0600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":0 + +read type: ECC_PUB(BP_R1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001280000000600060000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 224-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0700060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000010600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000020600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000030600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000040600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000050600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000080600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000090600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000a0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e000012800000b0600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":0 + +read type: ECC_PUB(BP_R1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001280000000600060000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 256-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b070006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000001060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000002060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000003060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000004060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000005060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000008060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000009060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000a060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b455900000000000100000030410001012800000b060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":0 + +read type: ECC_PUB(BP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010128000000060006000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 320-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0700060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000010600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000020600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000030600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000040600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000050600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000080600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000090600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000a0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b455900000000000100000030414001012800000b0600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":0 + +read type: ECC_PUB(BP_R1) 320-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101280000000600060000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 384-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b070006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000001060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000002060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000003060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000004060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000005060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000008060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000009060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000a060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b455900000000000100000030418001012800000b060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":0 + +read type: ECC_PUB(BP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010128000000060006000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(BP_R1) 512-bit +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000107000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000207000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000307000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000407000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000507000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000807000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000907000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b07000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000106000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000206000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000306000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000406000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000506000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000806000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000906000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000a06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000b06000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":0 + +read type: ECC_PUB(BP_R1) 512-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002012800000006000600000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(MGM) 255-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(MGM) 448-bit +depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit +depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000107000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000207000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000307000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000407000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000507000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000807000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b07000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000106000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000206000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000306000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000406000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000506000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000806000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000a06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000b06000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 192-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012800000006000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit +depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0700060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000010600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000020600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000030600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000040600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000050600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000080600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000090600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000a0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e000012800000b0600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 224-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001280000000600060000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit +depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0700060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000010600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000020600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000030600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000040600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000050600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000080600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000090600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000a0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b455900000000000100000017410001012800000b0600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_K1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101280000000600060000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit +depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000010600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000020600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000030600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000040600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000050600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000080600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000a0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e100012800000b0600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 225-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001280000000600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit +depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0700060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000010600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000020600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000030600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000040600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000050600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000080600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000090600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000a0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b455900000000000100000012410001012800000b0600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 256-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101280000000600060000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit +depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b070006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000001060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000002060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000003060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000004060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000005060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000008060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000009060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000a060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b455900000000000100000012418001012800000b060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 384-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010128000000060006000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit +depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b070006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000001060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000002060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000003060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000004060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000005060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000008060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000009060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000a060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b455900000000000100000012410902012800000b060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R1) 521-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020128000000060006000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit +depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000010600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000020600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000030600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000040600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000050600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000080600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000a0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a000012800000b0600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECP_R2) 160-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001280000000600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit +depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000001060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000002060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000003060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000004060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000005060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000008060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000a060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a300012800000b060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000128000000060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit +depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b070006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000001060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000002060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000003060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000004060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000005060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000008060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000009060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000a060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e900012800000b060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000128000000060006000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit +depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b070006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000001060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000002060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000003060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000004060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000005060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000008060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000009060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000a060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef00012800000b060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 239-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000128000000060006000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit +depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000107000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000207000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000307000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000407000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000507000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000807000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000907000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b07000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000106000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000206000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000306000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000406000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000506000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000806000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000906000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000a06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000b06000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01012800000006000600000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit +depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b070006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000001060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000002060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000003060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000004060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000005060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000008060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000009060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000a060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b455900000000000100000027419901012800000b060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010128000000060006000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit +depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b070006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000001060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000002060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000003060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000004060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000005060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000008060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000009060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000a060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b02012800000b060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_K1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020128000000060006000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit +depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000001060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000002060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000003060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000004060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000005060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000008060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000a060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a300012800000b060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000128000000060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit +depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b070006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000001060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000002060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000003060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000004060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000005060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000008060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000009060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000a060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e900012800000b060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 233-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000128000000060006000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit +depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b070006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000001060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000002060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000003060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000004060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000005060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000008060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000009060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000a060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b01012800000b060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 283-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010128000000060006000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit +depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000107000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000207000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000307000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000407000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000507000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000807000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000907000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b07000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000106000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000206000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000306000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000406000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000506000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000806000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000906000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000a06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000b06000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 409-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901012800000006000600000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit +depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0700060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000010600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000020600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000030600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000040600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000050600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000080600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000090600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000a0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b02012800000b0600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R1) 571-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201280000000600060000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit +depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD2) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD4) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(MD5) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, DET_ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD2) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000001060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD4) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000002060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(MD5) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000003060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(RIPEMD160) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000004060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_1) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000005060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_224) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000008060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_256) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_384) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000a060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA(SHA_512) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a300012800000b060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(SECT_R2) 163-bit, ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000128000000060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 255-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012800000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 255-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001280000000800060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 448-bit +depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED25519PH +depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000b09000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, ED448PH +depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800001509000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE + +read type: ECC_PUB(TWISTED_EDWARDS) 448-bit, PURE_EDDSA +depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_PURE_EDDSA:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001012800000008000600000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 128-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000013c00000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000001008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000002008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000003008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000004008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000005008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000008008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c000009008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000a008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 160-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a000013c00000b008003000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000001008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000002008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000003008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000004008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000005008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000008008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c000009008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000a008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 224-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e000013c00000b008003000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000001008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000002008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000003008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000004008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000005008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000008008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c000009008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000a008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 256-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110001013c00000b008003000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000001008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000002008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000003008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000004008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000005008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000008008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c000009008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000a008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 384-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000118001013c00000b008003000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit +depends_on:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(MD2) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000001008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(MD4) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000002008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(MD5) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000003008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(RIPEMD160) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000004008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(SHA_1) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000005008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(SHA_224) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000008008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(SHA_256) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c000009008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(SHA_384) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000a008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: HMAC 512-bit, HMAC(SHA_512) +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b455900000000000100000000110002013c00000b008003000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read type: RAW_DATA 8-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0 + +read type: RAW_DATA 40-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0 + +read type: RAW_DATA 128-bit +depends_on:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0 + +read type: RSA_PAIR 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000103000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000203000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000303000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000403000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000503000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000803000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000903000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000a03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000b03000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0 + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010300000002000700000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000102000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000202000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000302000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000402000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000502000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000802000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b02000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000002000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000103000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000203000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000303000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000403000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000503000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000803000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b03000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000113000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000213000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000313000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000413000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000513000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000813000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000913000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000a13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1024-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004013c00000b13000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000001030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000002030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000003030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000004030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000005030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000008030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000009030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000a030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006010300000b030007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060103000000020007000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000000020006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE + +read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: ARC4 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: ARC4 2048-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: ARIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000062480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b030006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: ARIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000624c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000001130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: ARIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_ARIA -key_storage_read:0x0001:PSA_KEY_TYPE_ARIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000062400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000002130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000003130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000004130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000005130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000008130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c000009130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000a130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":TEST_FLAG_EXERCISE +read type: RSA_PAIR 1536-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b455900000000000100000001700006013c00000b130006000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE -PSA storage read: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000001030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000002030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000003030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000004030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000005030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000008030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000009030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000a030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004010100000b030007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":0 -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040101000000020007000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000000020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000001130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000002130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000003130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000004130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000005130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000008130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040128000009130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000a130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1024-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b455900000000000100000001400004012800000b130006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000103000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000203000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000303000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000403000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_1) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000503000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_224) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000803000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_256) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000903000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_384) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000a03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_OAEP(SHA_512) +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000b03000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010100000002000700000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000102000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000202000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000302000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000402000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000502000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000802000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000902000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b02000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PKCS1V15_SIGN_RAW +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000002000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000103000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000203000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000303000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000403000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000503000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000803000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000903000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b03000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD2) +depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000113000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0 +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD4) +depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000213000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0 +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(MD5) +depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000313000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0 +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(RIPEMD160) +depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000413000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_1) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000513000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_224) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000813000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_256) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000913000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_384) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000a13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE + +read type: RSA_PUB 1536-bit, RSA_PSS_ANY_SALT(SHA_512) +depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY +key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006012800000b13000600000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":TEST_FLAG_EXERCISE -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081410500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 1) +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000814105010000004c":0 -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000085010500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305, 1) +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000850105010000004c":0 -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082410500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM, 1) +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000824105010000004c":0 -PSA storage read: alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081440500000000010000004b":0 + +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000814405010000004c":0 + +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814d0500000000010000004b":0 + +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000814d05010000004c":0 + +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000814e0500000000010000004b":0 + +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000814e05010000004c":0 + +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081500500000000010000004b":0 + +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000815005010000004c":0 + +read alg: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000817f0500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM, 63) +read alg2: AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000817f05010000004c":0 -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 1) +read alg: AEAD_SHORT(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001410500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 1) +read alg2: AEAD_SHORT(CCM,1) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000014105010000004c":0 -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +read alg: AEAD_SHORT(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000005010500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CHACHA20_POLY1305, 1) +read alg2: AEAD_SHORT(CHACHA20_POLY1305,1) depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 1):"4c":"505341004b455900000000000100000001100800010000000000000000050105010000004c":0 -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(GCM, 1) +read alg: AEAD_SHORT(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002410500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(GCM, 1) +read alg2: AEAD_SHORT(GCM,1) depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 1):"4c":"505341004b455900000000000100000001100800010000000000000000024105010000004c":0 -PSA storage read: alg: AEAD_WITH_SHORTENED_TAG(CCM, 63) +read alg: AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001440500000000010000004b":0 + +read alg2: AEAD_SHORT(CCM,4) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):"4c":"505341004b455900000000000100000001100800010000000000000000014405010000004c":0 + +read alg: AEAD_SHORT(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014d0500000000010000004b":0 + +read alg2: AEAD_SHORT(CCM,13) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 13):"4c":"505341004b455900000000000100000001100800010000000000000000014d05010000004c":0 + +read alg: AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):0x0000:"4b":"505341004b4559000000000001000000011008000100000000014e0500000000010000004b":0 + +read alg2: AEAD_SHORT(CCM,14) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 14):"4c":"505341004b455900000000000100000001100800010000000000000000014e05010000004c":0 + +read alg: AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0 + +read alg2: AEAD_SHORT(CCM,16) +depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 16):"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0 + +read alg: AEAD_SHORT(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):0x0000:"4b":"505341004b4559000000000001000000011008000100000000017f0500000000010000004b":0 -PSA storage read: alg2: AEAD_WITH_SHORTENED_TAG(CCM, 63) +read alg2: AEAD_SHORT(CCM,63) depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 63):"4c":"505341004b455900000000000100000001100800010000000000000000017f05010000004c":0 -PSA storage read: alg: ANY_HASH +read alg: ANY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0 -PSA storage read: alg2: ANY_HASH +read alg2: ANY_HASH depends_on:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c10300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000081c103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000082c10300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC, 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000082c103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000180810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000280810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000380810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000480810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000580810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000880810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000980810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a80810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +read alg: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b80810300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512), 1) +read alg2: AT_LEAST_THIS_LENGTH_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b808103010000004c":0 -PSA storage read: alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000081c40300000000010000004b":0 + +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000081c403010000004c":0 + +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000081cd0300000000010000004b":0 + +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000081cd03010000004c":0 + +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ce0300000000010000004b":0 + +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000081ce03010000004c":0 + +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000081d00300000000010000004b":0 + +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000081d003010000004c":0 + +read alg: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000081ff0300000000010000004b":0 -PSA storage read: alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC, 63) +read alg2: AT_LEAST_THIS_LENGTH_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000081ff03010000004c":0 -PSA storage read: alg: CBC_MAC +read alg: CBC_MAC depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0 -PSA storage read: alg2: CBC_MAC +read alg2: CBC_MAC depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0 -PSA storage read: alg: CBC_NO_PADDING +read alg: CBC_NO_PADDING depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0 -PSA storage read: alg2: CBC_NO_PADDING +read alg2: CBC_NO_PADDING depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0 -PSA storage read: alg: CBC_PKCS7 +read alg: CBC_PKCS7 depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0 -PSA storage read: alg2: CBC_PKCS7 +read alg2: CBC_PKCS7 depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0 -PSA storage read: alg: CCM +read alg: CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0 -PSA storage read: alg2: CCM +read alg2: CCM depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0 -PSA storage read: alg: CFB +read alg: CFB depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0 -PSA storage read: alg2: CFB +read alg2: CFB depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0 -PSA storage read: alg: CHACHA20_POLY1305 +read alg: CHACHA20_POLY1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0 -PSA storage read: alg2: CHACHA20_POLY1305 +read alg2: CHACHA20_POLY1305 depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0 -PSA storage read: alg: CMAC +read alg: CMAC depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0 -PSA storage read: alg2: CMAC +read alg2: CMAC depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0 -PSA storage read: alg: CTR +read alg: CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0 -PSA storage read: alg2: CTR +read alg2: CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(MD2) +read alg: DET_DSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000105000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(MD2) +read alg2: DET_DSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(MD4) +read alg: DET_DSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000205000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(MD4) +read alg2: DET_DSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(MD5) +read alg: DET_DSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000305000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(MD5) +read alg2: DET_DSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(RIPEMD160) +read alg: DET_DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000405000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(RIPEMD160) +read alg2: DET_DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(SHA_1) +read alg: DET_DSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000505000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_1) +read alg2: DET_DSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(SHA_224) +read alg: DET_DSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000805000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_224) +read alg2: DET_DSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(SHA_256) +read alg: DET_DSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000905000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_256) +read alg2: DET_DSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(SHA_384) +read alg: DET_DSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a05000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_384) +read alg2: DET_DSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_DSA(SHA_512) +read alg: DET_DSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b05000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_DSA(SHA_512) +read alg2: DET_DSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b050006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(MD2) +read alg: DET_ECDSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000107000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(MD2) +read alg2: DET_ECDSA(MD2) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(MD4) +read alg: DET_ECDSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000207000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(MD4) +read alg2: DET_ECDSA(MD4) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(MD5) +read alg: DET_ECDSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000307000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(MD5) +read alg2: DET_ECDSA(MD5) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(RIPEMD160) +read alg: DET_ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000407000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(RIPEMD160) +read alg2: DET_ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_1) +read alg: DET_ECDSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000507000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_1) +read alg2: DET_ECDSA(SHA_1) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_224) +read alg: DET_ECDSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000807000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_224) +read alg2: DET_ECDSA(SHA_224) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_256) +read alg: DET_ECDSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000907000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_256) +read alg2: DET_ECDSA(SHA_256) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_384) +read alg: DET_ECDSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a07000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_384) +read alg2: DET_ECDSA(SHA_384) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(SHA_512) +read alg: DET_ECDSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b07000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(SHA_512) +read alg2: DET_ECDSA(SHA_512) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b070006010000004c":0 -PSA storage read: alg: DETERMINISTIC_ECDSA(ANY_HASH) +read alg: DET_ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff07000600000000010000004b":0 -PSA storage read: alg2: DETERMINISTIC_ECDSA(ANY_HASH) +read alg2: DET_ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff070006010000004c":0 -PSA storage read: alg: DSA(MD2) +read alg: DSA(MD2) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000104000600000000010000004b":0 -PSA storage read: alg2: DSA(MD2) +read alg2: DSA(MD2) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001040006010000004c":0 -PSA storage read: alg: DSA(MD4) +read alg: DSA(MD4) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000204000600000000010000004b":0 -PSA storage read: alg2: DSA(MD4) +read alg2: DSA(MD4) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002040006010000004c":0 -PSA storage read: alg: DSA(MD5) +read alg: DSA(MD5) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000304000600000000010000004b":0 -PSA storage read: alg2: DSA(MD5) +read alg2: DSA(MD5) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003040006010000004c":0 -PSA storage read: alg: DSA(RIPEMD160) +read alg: DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000404000600000000010000004b":0 -PSA storage read: alg2: DSA(RIPEMD160) +read alg2: DSA(RIPEMD160) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004040006010000004c":0 -PSA storage read: alg: DSA(SHA_1) +read alg: DSA(SHA_1) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000504000600000000010000004b":0 -PSA storage read: alg2: DSA(SHA_1) +read alg2: DSA(SHA_1) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005040006010000004c":0 -PSA storage read: alg: DSA(SHA_224) +read alg: DSA(SHA_224) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000804000600000000010000004b":0 -PSA storage read: alg2: DSA(SHA_224) +read alg2: DSA(SHA_224) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008040006010000004c":0 -PSA storage read: alg: DSA(SHA_256) +read alg: DSA(SHA_256) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000904000600000000010000004b":0 -PSA storage read: alg2: DSA(SHA_256) +read alg2: DSA(SHA_256) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009040006010000004c":0 -PSA storage read: alg: DSA(SHA_384) +read alg: DSA(SHA_384) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a04000600000000010000004b":0 -PSA storage read: alg2: DSA(SHA_384) +read alg2: DSA(SHA_384) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a040006010000004c":0 -PSA storage read: alg: DSA(SHA_512) +read alg: DSA(SHA_512) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_DSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b04000600000000010000004b":0 -PSA storage read: alg2: DSA(SHA_512) +read alg2: DSA(SHA_512) depends_on:PSA_WANT_ALG_DSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_DSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b040006010000004c":0 -PSA storage read: alg: ECB_NO_PADDING +read alg: ECB_NO_PADDING depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0 -PSA storage read: alg2: ECB_NO_PADDING +read alg2: ECB_NO_PADDING depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0 -PSA storage read: alg: ECDH +read alg: ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0 -PSA storage read: alg2: ECDH +read alg2: ECDH depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0 -PSA storage read: alg: ECDSA(MD2) +read alg: ECDSA(MD2) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000106000600000000010000004b":0 -PSA storage read: alg2: ECDSA(MD2) +read alg2: ECDSA(MD2) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001060006010000004c":0 -PSA storage read: alg: ECDSA(MD4) +read alg: ECDSA(MD4) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000206000600000000010000004b":0 -PSA storage read: alg2: ECDSA(MD4) +read alg2: ECDSA(MD4) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002060006010000004c":0 -PSA storage read: alg: ECDSA(MD5) +read alg: ECDSA(MD5) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000306000600000000010000004b":0 -PSA storage read: alg2: ECDSA(MD5) +read alg2: ECDSA(MD5) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003060006010000004c":0 -PSA storage read: alg: ECDSA(RIPEMD160) +read alg: ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000406000600000000010000004b":0 -PSA storage read: alg2: ECDSA(RIPEMD160) +read alg2: ECDSA(RIPEMD160) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004060006010000004c":0 -PSA storage read: alg: ECDSA(SHA_1) +read alg: ECDSA(SHA_1) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000506000600000000010000004b":0 -PSA storage read: alg2: ECDSA(SHA_1) +read alg2: ECDSA(SHA_1) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005060006010000004c":0 -PSA storage read: alg: ECDSA(SHA_224) +read alg: ECDSA(SHA_224) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000806000600000000010000004b":0 -PSA storage read: alg2: ECDSA(SHA_224) +read alg2: ECDSA(SHA_224) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008060006010000004c":0 -PSA storage read: alg: ECDSA(SHA_256) +read alg: ECDSA(SHA_256) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000906000600000000010000004b":0 -PSA storage read: alg2: ECDSA(SHA_256) +read alg2: ECDSA(SHA_256) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009060006010000004c":0 -PSA storage read: alg: ECDSA(SHA_384) +read alg: ECDSA(SHA_384) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a06000600000000010000004b":0 -PSA storage read: alg2: ECDSA(SHA_384) +read alg2: ECDSA(SHA_384) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a060006010000004c":0 -PSA storage read: alg: ECDSA(SHA_512) +read alg: ECDSA(SHA_512) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b06000600000000010000004b":0 -PSA storage read: alg2: ECDSA(SHA_512) +read alg2: ECDSA(SHA_512) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b060006010000004c":0 -PSA storage read: alg: ECDSA(ANY_HASH) +read alg: ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff06000600000000010000004b":0 -PSA storage read: alg2: ECDSA(ANY_HASH) +read alg2: ECDSA(ANY_HASH) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff060006010000004c":0 -PSA storage read: alg: ECDSA_ANY +read alg: ECDSA_ANY depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0 -PSA storage read: alg2: ECDSA_ANY +read alg2: ECDSA_ANY depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0 -PSA storage read: alg: ED25519PH +read alg: ED25519PH depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0 -PSA storage read: alg2: ED25519PH +read alg2: ED25519PH depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0 -PSA storage read: alg: ED448PH +read alg: ED448PH depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0 -PSA storage read: alg2: ED448PH +read alg2: ED448PH depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0 -PSA storage read: alg: FFDH +read alg: FFDH depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0 -PSA storage read: alg2: FFDH +read alg2: FFDH depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0 -PSA storage read: alg: GCM +read alg: GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0 -PSA storage read: alg2: GCM +read alg2: GCM depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0 -PSA storage read: alg: HKDF(MD2) +read alg: HKDF(MD2) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000101000800000000010000004b":0 -PSA storage read: alg2: HKDF(MD2) +read alg2: HKDF(MD2) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001010008010000004c":0 -PSA storage read: alg: HKDF(MD4) +read alg: HKDF(MD4) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000201000800000000010000004b":0 -PSA storage read: alg2: HKDF(MD4) +read alg2: HKDF(MD4) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002010008010000004c":0 -PSA storage read: alg: HKDF(MD5) +read alg: HKDF(MD5) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000301000800000000010000004b":0 -PSA storage read: alg2: HKDF(MD5) +read alg2: HKDF(MD5) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003010008010000004c":0 -PSA storage read: alg: HKDF(RIPEMD160) +read alg: HKDF(RIPEMD160) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000401000800000000010000004b":0 -PSA storage read: alg2: HKDF(RIPEMD160) +read alg2: HKDF(RIPEMD160) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004010008010000004c":0 -PSA storage read: alg: HKDF(SHA_1) +read alg: HKDF(SHA_1) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000501000800000000010000004b":0 -PSA storage read: alg2: HKDF(SHA_1) +read alg2: HKDF(SHA_1) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005010008010000004c":0 -PSA storage read: alg: HKDF(SHA_224) +read alg: HKDF(SHA_224) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000801000800000000010000004b":0 -PSA storage read: alg2: HKDF(SHA_224) +read alg2: HKDF(SHA_224) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008010008010000004c":0 -PSA storage read: alg: HKDF(SHA_256) +read alg: HKDF(SHA_256) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000901000800000000010000004b":0 -PSA storage read: alg2: HKDF(SHA_256) +read alg2: HKDF(SHA_256) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009010008010000004c":0 -PSA storage read: alg: HKDF(SHA_384) +read alg: HKDF(SHA_384) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01000800000000010000004b":0 -PSA storage read: alg2: HKDF(SHA_384) +read alg2: HKDF(SHA_384) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a010008010000004c":0 -PSA storage read: alg: HKDF(SHA_512) +read alg: HKDF(SHA_512) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HKDF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b01000800000000010000004b":0 -PSA storage read: alg2: HKDF(SHA_512) +read alg2: HKDF(SHA_512) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HKDF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b010008010000004c":0 -PSA storage read: alg: HMAC(MD2) +read alg: HMAC(MD2) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000100800300000000010000004b":0 -PSA storage read: alg2: HMAC(MD2) +read alg2: HMAC(MD2) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001008003010000004c":0 -PSA storage read: alg: HMAC(MD4) +read alg: HMAC(MD4) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000200800300000000010000004b":0 -PSA storage read: alg2: HMAC(MD4) +read alg2: HMAC(MD4) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002008003010000004c":0 -PSA storage read: alg: HMAC(MD5) +read alg: HMAC(MD5) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000300800300000000010000004b":0 -PSA storage read: alg2: HMAC(MD5) +read alg2: HMAC(MD5) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003008003010000004c":0 -PSA storage read: alg: HMAC(RIPEMD160) +read alg: HMAC(RIPEMD160) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000400800300000000010000004b":0 -PSA storage read: alg2: HMAC(RIPEMD160) +read alg2: HMAC(RIPEMD160) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004008003010000004c":0 -PSA storage read: alg: HMAC(SHA_1) +read alg: HMAC(SHA_1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500800300000000010000004b":0 -PSA storage read: alg2: HMAC(SHA_1) +read alg2: HMAC(SHA_1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005008003010000004c":0 -PSA storage read: alg: HMAC(SHA_224) +read alg: HMAC(SHA_224) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000800800300000000010000004b":0 -PSA storage read: alg2: HMAC(SHA_224) +read alg2: HMAC(SHA_224) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008008003010000004c":0 -PSA storage read: alg: HMAC(SHA_256) +read alg: HMAC(SHA_256) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000900800300000000010000004b":0 -PSA storage read: alg2: HMAC(SHA_256) +read alg2: HMAC(SHA_256) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009008003010000004c":0 -PSA storage read: alg: HMAC(SHA_384) +read alg: HMAC(SHA_384) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00800300000000010000004b":0 -PSA storage read: alg2: HMAC(SHA_384) +read alg2: HMAC(SHA_384) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a008003010000004c":0 -PSA storage read: alg: HMAC(SHA_512) +read alg: HMAC(SHA_512) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00800300000000010000004b":0 -PSA storage read: alg2: HMAC(SHA_512) +read alg2: HMAC(SHA_512) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_HMAC(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b008003010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +read alg: KA(ECDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_256)) +read alg2: KA(ECDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +read alg: KA(FFDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000901010900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_256)) +read alg2: KA(FFDH,HKDF(SHA_256)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009010109010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +read alg: KA(ECDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, HKDF(SHA_384)) +read alg2: KA(ECDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +read alg: KA(ECDH,TLS12_PRF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000902020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_256)) +read alg2: KA(ECDH,TLS12_PRF(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009020209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +read alg: KA(ECDH,TLS12_PRF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PRF(SHA_384)) +read alg2: KA(ECDH,TLS12_PRF(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a020209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +read alg: KA(ECDH,TLS12_PSK2MS(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):0x0000:"4b":"505341004b455900000000000100000001100800010000000903020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_256)) +read alg2: KA(ECDH,TLS12_PSK2MS(SHA_256)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):"4c":"505341004b455900000000000100000001100800010000000000000009030209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +read alg: KA(ECDH,TLS12_PSK2MS(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03020900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(ECDH, TLS12_PSK_TO_MS(SHA_384)) +read alg2: KA(ECDH,TLS12_PSK2MS(SHA_384)) depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a030209010000004c":0 -PSA storage read: alg: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +read alg: KA(FFDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):0x0000:"4b":"505341004b455900000000000100000001100800010000000a01010900000000010000004b":0 -PSA storage read: alg2: KEY_AGREEMENT(FFDH, HKDF(SHA_384)) +read alg2: KA(FFDH,HKDF(SHA_384)) depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_384)):"4c":"505341004b45590000000000010000000110080001000000000000000a010109010000004c":0 -PSA storage read: alg: MD2 +read alg: MD2 depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b":0 -PSA storage read: alg2: MD2 +read alg2: MD2 depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c":0 -PSA storage read: alg: MD4 +read alg: MD4 depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b":0 -PSA storage read: alg2: MD4 +read alg2: MD4 depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c":0 -PSA storage read: alg: MD5 +read alg: MD5 depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0 -PSA storage read: alg2: MD5 +read alg2: MD5 depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0 -PSA storage read: alg: OFB +read alg: OFB depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0 -PSA storage read: alg2: OFB +read alg2: OFB depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0 -PSA storage read: alg: PURE_EDDSA +read alg: PURE_EDDSA depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0 -PSA storage read: alg2: PURE_EDDSA +read alg2: PURE_EDDSA depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0 -PSA storage read: alg: RIPEMD160 +read alg: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0 -PSA storage read: alg2: RIPEMD160 +read alg2: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0 -PSA storage read: alg: RSA_OAEP(MD2) +read alg: RSA_OAEP(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(MD2) +read alg2: RSA_OAEP(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030007010000004c":0 -PSA storage read: alg: RSA_OAEP(MD4) +read alg: RSA_OAEP(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(MD4) +read alg2: RSA_OAEP(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030007010000004c":0 -PSA storage read: alg: RSA_OAEP(MD5) +read alg: RSA_OAEP(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(MD5) +read alg2: RSA_OAEP(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030007010000004c":0 -PSA storage read: alg: RSA_OAEP(RIPEMD160) +read alg: RSA_OAEP(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(RIPEMD160) +read alg2: RSA_OAEP(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030007010000004c":0 -PSA storage read: alg: RSA_OAEP(SHA_1) +read alg: RSA_OAEP(SHA_1) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(SHA_1) +read alg2: RSA_OAEP(SHA_1) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030007010000004c":0 -PSA storage read: alg: RSA_OAEP(SHA_224) +read alg: RSA_OAEP(SHA_224) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(SHA_224) +read alg2: RSA_OAEP(SHA_224) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030007010000004c":0 -PSA storage read: alg: RSA_OAEP(SHA_256) +read alg: RSA_OAEP(SHA_256) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(SHA_256) +read alg2: RSA_OAEP(SHA_256) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030007010000004c":0 -PSA storage read: alg: RSA_OAEP(SHA_384) +read alg: RSA_OAEP(SHA_384) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(SHA_384) +read alg2: RSA_OAEP(SHA_384) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030007010000004c":0 -PSA storage read: alg: RSA_OAEP(SHA_512) +read alg: RSA_OAEP(SHA_512) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000700000000010000004b":0 -PSA storage read: alg2: RSA_OAEP(SHA_512) +read alg2: RSA_OAEP(SHA_512) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030007010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_CRYPT +read alg: RSA_PKCS1V15_CRYPT depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_CRYPT +read alg2: RSA_PKCS1V15_CRYPT depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(MD2) +read alg: RSA_PKCS1V15_SIGN(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD2) +read alg2: RSA_PKCS1V15_SIGN(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(MD4) +read alg: RSA_PKCS1V15_SIGN(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD4) +read alg2: RSA_PKCS1V15_SIGN(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(MD5) +read alg: RSA_PKCS1V15_SIGN(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(MD5) +read alg2: RSA_PKCS1V15_SIGN(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(RIPEMD160) +read alg: RSA_PKCS1V15_SIGN(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(RIPEMD160) +read alg2: RSA_PKCS1V15_SIGN(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_1) +read alg: RSA_PKCS1V15_SIGN(SHA_1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_1) +read alg2: RSA_PKCS1V15_SIGN(SHA_1) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_224) +read alg: RSA_PKCS1V15_SIGN(SHA_224) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_224) +read alg2: RSA_PKCS1V15_SIGN(SHA_224) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_256) +read alg: RSA_PKCS1V15_SIGN(SHA_256) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_256) +read alg2: RSA_PKCS1V15_SIGN(SHA_256) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_384) +read alg: RSA_PKCS1V15_SIGN(SHA_384) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_384) +read alg2: RSA_PKCS1V15_SIGN(SHA_384) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(SHA_512) +read alg: RSA_PKCS1V15_SIGN(SHA_512) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(SHA_512) +read alg2: RSA_PKCS1V15_SIGN(SHA_512) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN(ANY_HASH) +read alg: RSA_PKCS1V15_SIGN(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff02000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN(ANY_HASH) +read alg2: RSA_PKCS1V15_SIGN(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff020006010000004c":0 -PSA storage read: alg: RSA_PKCS1V15_SIGN_RAW +read alg: RSA_PKCS1V15_SIGN_RAW depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0 -PSA storage read: alg2: RSA_PKCS1V15_SIGN_RAW +read alg2: RSA_PKCS1V15_SIGN_RAW depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0 -PSA storage read: alg: RSA_PSS(MD2) +read alg: RSA_PSS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(MD2) +read alg2: RSA_PSS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030006010000004c":0 -PSA storage read: alg: RSA_PSS(MD4) +read alg: RSA_PSS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(MD4) +read alg2: RSA_PSS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030006010000004c":0 -PSA storage read: alg: RSA_PSS(MD5) +read alg: RSA_PSS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(MD5) +read alg2: RSA_PSS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030006010000004c":0 -PSA storage read: alg: RSA_PSS(RIPEMD160) +read alg: RSA_PSS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(RIPEMD160) +read alg2: RSA_PSS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030006010000004c":0 -PSA storage read: alg: RSA_PSS(SHA_1) +read alg: RSA_PSS(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(SHA_1) +read alg2: RSA_PSS(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030006010000004c":0 -PSA storage read: alg: RSA_PSS(SHA_224) +read alg: RSA_PSS(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(SHA_224) +read alg2: RSA_PSS(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030006010000004c":0 -PSA storage read: alg: RSA_PSS(SHA_256) +read alg: RSA_PSS(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(SHA_256) +read alg2: RSA_PSS(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030006010000004c":0 -PSA storage read: alg: RSA_PSS(SHA_384) +read alg: RSA_PSS(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(SHA_384) +read alg2: RSA_PSS(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030006010000004c":0 -PSA storage read: alg: RSA_PSS(SHA_512) +read alg: RSA_PSS(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(SHA_512) +read alg2: RSA_PSS(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030006010000004c":0 -PSA storage read: alg: RSA_PSS(ANY_HASH) +read alg: RSA_PSS(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff03000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS(ANY_HASH) +read alg2: RSA_PSS(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff030006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(MD2) +read alg: RSA_PSS_ANY_SALT(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000113000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(MD2) +read alg2: RSA_PSS_ANY_SALT(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(MD4) +read alg: RSA_PSS_ANY_SALT(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000213000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(MD4) +read alg2: RSA_PSS_ANY_SALT(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(MD5) +read alg: RSA_PSS_ANY_SALT(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000313000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(MD5) +read alg2: RSA_PSS_ANY_SALT(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(RIPEMD160) +read alg: RSA_PSS_ANY_SALT(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000413000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(RIPEMD160) +read alg2: RSA_PSS_ANY_SALT(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(SHA_1) +read alg: RSA_PSS_ANY_SALT(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000513000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(SHA_1) +read alg2: RSA_PSS_ANY_SALT(SHA_1) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(SHA_224) +read alg: RSA_PSS_ANY_SALT(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000813000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(SHA_224) +read alg2: RSA_PSS_ANY_SALT(SHA_224) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(SHA_256) +read alg: RSA_PSS_ANY_SALT(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000913000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(SHA_256) +read alg2: RSA_PSS_ANY_SALT(SHA_256) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(SHA_384) +read alg: RSA_PSS_ANY_SALT(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a13000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(SHA_384) +read alg2: RSA_PSS_ANY_SALT(SHA_384) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(SHA_512) +read alg: RSA_PSS_ANY_SALT(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b13000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(SHA_512) +read alg2: RSA_PSS_ANY_SALT(SHA_512) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b130006010000004c":0 -PSA storage read: alg: RSA_PSS_ANY_SALT(ANY_HASH) +read alg: RSA_PSS_ANY_SALT(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):0x0000:"4b":"505341004b45590000000000010000000110080001000000ff13000600000000010000004b":0 -PSA storage read: alg2: RSA_PSS_ANY_SALT(ANY_HASH) +read alg2: RSA_PSS_ANY_SALT(ANY_HASH) depends_on:PSA_WANT_ALG_RSA_PSS_ANY_SALT:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH):"4c":"505341004b4559000000000001000000011008000100000000000000ff130006010000004c":0 -PSA storage read: alg: SHA3_224 +read alg: SHA3_224 depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0 -PSA storage read: alg2: SHA3_224 +read alg2: SHA3_224 depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0 -PSA storage read: alg: SHA3_256 +read alg: SHA3_256 depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0 -PSA storage read: alg2: SHA3_256 +read alg2: SHA3_256 depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0 -PSA storage read: alg: SHA3_384 +read alg: SHA3_384 depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0 -PSA storage read: alg2: SHA3_384 +read alg2: SHA3_384 depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0 -PSA storage read: alg: SHA3_512 +read alg: SHA3_512 depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0 -PSA storage read: alg2: SHA3_512 +read alg2: SHA3_512 depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0 -PSA storage read: alg: SHAKE256_512 +read alg: SHAKE256_512 depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0 -PSA storage read: alg2: SHAKE256_512 +read alg2: SHAKE256_512 depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0 -PSA storage read: alg: SHA_1 +read alg: SHA_1 depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0 -PSA storage read: alg2: SHA_1 +read alg2: SHA_1 depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0 -PSA storage read: alg: SHA_224 +read alg: SHA_224 depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0 -PSA storage read: alg2: SHA_224 +read alg2: SHA_224 depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0 -PSA storage read: alg: SHA_256 +read alg: SHA_256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0 -PSA storage read: alg2: SHA_256 +read alg2: SHA_256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0 -PSA storage read: alg: SHA_384 +read alg: SHA_384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0 -PSA storage read: alg2: SHA_384 +read alg2: SHA_384 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0 -PSA storage read: alg: SHA_512 +read alg: SHA_512 depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0 -PSA storage read: alg2: SHA_512 +read alg2: SHA_512 depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0 -PSA storage read: alg: SHA_512_224 +read alg: SHA_512_224 depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0 -PSA storage read: alg2: SHA_512_224 +read alg2: SHA_512_224 depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0 -PSA storage read: alg: SHA_512_256 +read alg: SHA_512_256 depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0 -PSA storage read: alg2: SHA_512_256 +read alg2: SHA_512_256 depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0 -PSA storage read: alg: STREAM_CIPHER +read alg: STREAM_CIPHER depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0 -PSA storage read: alg2: STREAM_CIPHER +read alg2: STREAM_CIPHER depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0 -PSA storage read: alg: TLS12_PRF(MD2) +read alg: TLS12_PRF(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000102000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(MD2) +read alg2: TLS12_PRF(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001020008010000004c":0 -PSA storage read: alg: TLS12_PRF(MD4) +read alg: TLS12_PRF(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000202000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(MD4) +read alg2: TLS12_PRF(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002020008010000004c":0 -PSA storage read: alg: TLS12_PRF(MD5) +read alg: TLS12_PRF(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000302000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(MD5) +read alg2: TLS12_PRF(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003020008010000004c":0 -PSA storage read: alg: TLS12_PRF(RIPEMD160) +read alg: TLS12_PRF(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000402000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(RIPEMD160) +read alg2: TLS12_PRF(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004020008010000004c":0 -PSA storage read: alg: TLS12_PRF(SHA_1) +read alg: TLS12_PRF(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000502000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(SHA_1) +read alg2: TLS12_PRF(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005020008010000004c":0 -PSA storage read: alg: TLS12_PRF(SHA_224) +read alg: TLS12_PRF(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000802000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(SHA_224) +read alg2: TLS12_PRF(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008020008010000004c":0 -PSA storage read: alg: TLS12_PRF(SHA_256) +read alg: TLS12_PRF(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000902000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(SHA_256) +read alg2: TLS12_PRF(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009020008010000004c":0 -PSA storage read: alg: TLS12_PRF(SHA_384) +read alg: TLS12_PRF(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a02000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(SHA_384) +read alg2: TLS12_PRF(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a020008010000004c":0 -PSA storage read: alg: TLS12_PRF(SHA_512) +read alg: TLS12_PRF(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b02000800000000010000004b":0 -PSA storage read: alg2: TLS12_PRF(SHA_512) +read alg2: TLS12_PRF(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b020008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(MD2) +read alg: TLS12_PSK2MS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):0x0000:"4b":"505341004b455900000000000100000001100800010000000103000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(MD2) +read alg2: TLS12_PSK2MS(MD2) depends_on:PSA_WANT_ALG_MD2:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD2):"4c":"505341004b455900000000000100000001100800010000000000000001030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(MD4) +read alg: TLS12_PSK2MS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):0x0000:"4b":"505341004b455900000000000100000001100800010000000203000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(MD4) +read alg2: TLS12_PSK2MS(MD4) depends_on:PSA_WANT_ALG_MD4:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD4):"4c":"505341004b455900000000000100000001100800010000000000000002030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(MD5) +read alg: TLS12_PSK2MS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):0x0000:"4b":"505341004b455900000000000100000001100800010000000303000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(MD5) +read alg2: TLS12_PSK2MS(MD5) depends_on:PSA_WANT_ALG_MD5:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_MD5):"4c":"505341004b455900000000000100000001100800010000000000000003030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(RIPEMD160) +read alg: TLS12_PSK2MS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):0x0000:"4b":"505341004b455900000000000100000001100800010000000403000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(RIPEMD160) +read alg2: TLS12_PSK2MS(RIPEMD160) depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_RIPEMD160):"4c":"505341004b455900000000000100000001100800010000000000000004030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_1) +read alg: TLS12_PSK2MS(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):0x0000:"4b":"505341004b455900000000000100000001100800010000000503000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_1) +read alg2: TLS12_PSK2MS(SHA_1) depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_1):"4c":"505341004b455900000000000100000001100800010000000000000005030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_224) +read alg: TLS12_PSK2MS(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):0x0000:"4b":"505341004b455900000000000100000001100800010000000803000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_224) +read alg2: TLS12_PSK2MS(SHA_224) depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_224):"4c":"505341004b455900000000000100000001100800010000000000000008030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_256) +read alg: TLS12_PSK2MS(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):0x0000:"4b":"505341004b455900000000000100000001100800010000000903000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_256) +read alg2: TLS12_PSK2MS(SHA_256) depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"4c":"505341004b455900000000000100000001100800010000000000000009030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_384) +read alg: TLS12_PSK2MS(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):0x0000:"4b":"505341004b455900000000000100000001100800010000000a03000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_384) +read alg2: TLS12_PSK2MS(SHA_384) depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"4c":"505341004b45590000000000010000000110080001000000000000000a030008010000004c":0 -PSA storage read: alg: TLS12_PSK_TO_MS(SHA_512) +read alg: TLS12_PSK2MS(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):0x0000:"4b":"505341004b455900000000000100000001100800010000000b03000800000000010000004b":0 -PSA storage read: alg2: TLS12_PSK_TO_MS(SHA_512) +read alg2: TLS12_PSK2MS(SHA_512) depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_512):"4c":"505341004b45590000000000010000000110080001000000000000000b030008010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 1) +read alg: TRUNCATED_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c10300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 1) +read alg2: TRUNCATED_MAC(CBC_MAC,1) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000001c103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(CMAC, 1) +read alg: TRUNCATED_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000002c10300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(CMAC, 1) +read alg2: TRUNCATED_MAC(CMAC,1) depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 1):"4c":"505341004b45590000000000010000000110080001000000000000000002c103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(MD2), 1) +read alg: TRUNCATED_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000100810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD2), 1) +read alg2: TRUNCATED_MAC(HMAC(MD2),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD2), 1):"4c":"505341004b455900000000000100000001100800010000000000000001008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(MD4), 1) +read alg: TRUNCATED_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000200810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD4), 1) +read alg2: TRUNCATED_MAC(HMAC(MD4),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD4), 1):"4c":"505341004b455900000000000100000001100800010000000000000002008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(MD5), 1) +read alg: TRUNCATED_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000300810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(MD5), 1) +read alg2: TRUNCATED_MAC(HMAC(MD5),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_MD5), 1):"4c":"505341004b455900000000000100000001100800010000000000000003008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +read alg: TRUNCATED_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000400810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(RIPEMD160), 1) +read alg2: TRUNCATED_MAC(HMAC(RIPEMD160),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_RIPEMD160), 1):"4c":"505341004b455900000000000100000001100800010000000000000004008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_1), 1) +read alg: TRUNCATED_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000500810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_1), 1) +read alg2: TRUNCATED_MAC(HMAC(SHA_1),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_1), 1):"4c":"505341004b455900000000000100000001100800010000000000000005008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_224), 1) +read alg: TRUNCATED_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000800810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_224), 1) +read alg2: TRUNCATED_MAC(HMAC(SHA_224),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 1):"4c":"505341004b455900000000000100000001100800010000000000000008008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_256), 1) +read alg: TRUNCATED_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000900810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_256), 1) +read alg2: TRUNCATED_MAC(HMAC(SHA_256),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1):"4c":"505341004b455900000000000100000001100800010000000000000009008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_384), 1) +read alg: TRUNCATED_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000a00810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_384), 1) +read alg2: TRUNCATED_MAC(HMAC(SHA_384),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_384), 1):"4c":"505341004b45590000000000010000000110080001000000000000000a008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(HMAC(SHA_512), 1) +read alg: TRUNCATED_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):0x0000:"4b":"505341004b455900000000000100000001100800010000000b00810300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(HMAC(SHA_512), 1) +read alg2: TRUNCATED_MAC(HMAC(SHA_512),1) depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 1):"4c":"505341004b45590000000000010000000110080001000000000000000b008103010000004c":0 -PSA storage read: alg: TRUNCATED_MAC(CBC_MAC, 63) +read alg: TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):0x0000:"4b":"505341004b455900000000000100000001100800010000000001c40300000000010000004b":0 + +read alg2: TRUNCATED_MAC(CBC_MAC,4) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 4):"4c":"505341004b45590000000000010000000110080001000000000000000001c403010000004c":0 + +read alg: TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):0x0000:"4b":"505341004b455900000000000100000001100800010000000001cd0300000000010000004b":0 + +read alg2: TRUNCATED_MAC(CBC_MAC,13) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 13):"4c":"505341004b45590000000000010000000110080001000000000000000001cd03010000004c":0 + +read alg: TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ce0300000000010000004b":0 + +read alg2: TRUNCATED_MAC(CBC_MAC,14) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 14):"4c":"505341004b45590000000000010000000110080001000000000000000001ce03010000004c":0 + +read alg: TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):0x0000:"4b":"505341004b455900000000000100000001100800010000000001d00300000000010000004b":0 + +read alg2: TRUNCATED_MAC(CBC_MAC,16) +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA +key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 16):"4c":"505341004b45590000000000010000000110080001000000000000000001d003010000004c":0 + +read alg: TRUNCATED_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):0x0000:"4b":"505341004b455900000000000100000001100800010000000001ff0300000000010000004b":0 -PSA storage read: alg2: TRUNCATED_MAC(CBC_MAC, 63) +read alg2: TRUNCATED_MAC(CBC_MAC,63) depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_TRUNCATED_MAC(PSA_ALG_CBC_MAC, 63):"4c":"505341004b45590000000000010000000110080001000000000000000001ff03010000004c":0 -PSA storage read: alg: XTS +read alg: XTS depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0 -PSA storage read: alg2: XTS +read alg2: XTS depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0 -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +read implied by SIGN_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000110000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001100000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000110000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000110000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000110000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001100000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +read implied by SIGN_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300011000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +read implied by SIGN_HASH: ED25519PH ECC_PAIR(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +read implied by SIGN_HASH: ED448PH ECC_PAIR(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00011000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit +read implied by SIGN_HASH: HMAC(MD2) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(MD4) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(MD5) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(RIPEMD160) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(SHA_1) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(SHA_224) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(SHA_256) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000110000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(SHA_384) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000011000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: HMAC(SHA_512) HMAC 128-bit +depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC +key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000011000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE + +read implied by SIGN_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PAIR 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE -PSA storage read: implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit +read implied by SIGN_HASH: RSA_PSS(SHA_256) RSA_PAIR 1024-bit depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004011000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009070006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090700060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009070006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009070006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009070006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090700060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000907000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(BP_R1) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009070006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000907000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090700060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090700060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009070006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009070006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: DETERMINISTIC_ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit +read implied by VERIFY_HASH: DET_ECDSA(SHA_256) ECC_PUB(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009070006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(BP_R1) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000120000009060006000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":0 -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_K1) 192-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001200000090600060000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R1) 225-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000120000009060006000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECP_R2) 160-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000120000009060006000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_K1) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000120000009060006000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R1) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001200000090600060000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_KEY_PAIR(SECT_R2) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PAIR(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300012000000906000600000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(BP_R1) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":TEST_FLAG_EXERCISE +key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000120000009060006000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":0 -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_K1) 192-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_K1) 192-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000012000000906000600000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R1) 225-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_R1) 225-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001200000090600060000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECP_R2) 160-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECP_R2) 160-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001200000090600060000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_K1) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_K1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000120000009060006000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R1) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_R1) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000120000009060006000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUBLIC_KEY(SECT_R2) 163-bit +read implied by VERIFY_HASH: ECDSA(SHA_256) ECC_PUB(SECT_R2) 163-bit depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000120000009060006000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +read implied by VERIFY_HASH: ED25519PH ECC_PAIR(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000000b09000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ED25519PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +read implied by VERIFY_HASH: ED25519PH ECC_PUB(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED25519PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff00012000000b0900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ED448PH ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit +read implied by VERIFY_HASH: ED448PH ECC_PAIR(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00012000001509000600000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: ED448PH ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit +read implied by VERIFY_HASH: ED448PH ECC_PUB(TWISTED_EDWARDS) 255-bit depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ED448PH:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001200000150900060000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(MD2) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(MD2) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD2):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000001008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(MD4) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(MD4) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD4):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000002008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(MD5) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_MD5):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000003008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(RIPEMD160) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_RIPEMD160):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000004008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(SHA_1) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_1):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000005008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(SHA_224) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_224):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000008008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(SHA_256) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_256):0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000120000009008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(SHA_384) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_384):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000a008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit +read implied by VERIFY_HASH: HMAC(SHA_512) HMAC 128-bit depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_HMAC key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_HMAC(PSA_ALG_SHA_512):0x0000:"48657265006973206b6579a064617461":"505341004b455900000000000100000000118000012000000b008003000000001000000048657265006973206b6579a064617461":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_KEY_PAIR 1024-bit +read implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PAIR 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000902000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUBLIC_KEY 1024-bit +read implied by VERIFY_HASH: RSA_PKCS1V15_SIGN(SHA_256) RSA_PUB 1024-bit depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009020006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_KEY_PAIR 1024-bit +read implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PAIR 1024-bit depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004012000000903000600000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":TEST_FLAG_EXERCISE -PSA storage read: implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUBLIC_KEY 1024-bit +read implied by VERIFY_HASH: RSA_PSS(SHA_256) RSA_PUB 1024-bit depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040120000009030006000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":TEST_FLAG_EXERCISE diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.data b/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.data index 9057a1ae121..06aed07d800 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.data @@ -1,71 +1,74 @@ Set/get/remove 0 bytes -set_get_remove:0:0:"" +set_get_remove:1:0:"" Set/get/remove 42 bytes -set_get_remove:0:0:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223242526272829" +set_get_remove:1:0:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f20212223242526272829" Set/get/remove 1000 bytes -set_get_remove:0:0:"6a07ecfcc7c7bfe0129d56d2dcf2955a12845b9e6e0034b0ed7226764261c6222a07b9f654deb682130eb1cd07ed298324e60a46f9c76c8a5a0be000c69e93dd81054ca21fbc6190cef7745e9d5436f70e20e10cbf111d1d40c9ceb83be108775199d81abaf0fecfe30eaa08e7ed82517cba939de4449f7ac5c730fcbbf56e691640b0129db0e178045dd2034262de9138873d9bdca57685146a3d516ff13c29e6628a00097435a8e10fef7faff62d2963c303a93793e2211d8604556fec08cd59c0f5bd1f22eea64be13e88b3f454781e83fe6e771d3d81eb2fbe2021e276f42a93db5343d767d854115e74f5e129a8036b1e81aced9872709d515e00bcf2098ccdee23006b0e836b27dc8aaf30f53fe58a31a6408abb79b13098c22e262a98040f9b09809a3b43bd42eb01cf1d17bbc8b4dfe51fa6573d4d8741943e3ae71a649e194c1218f2e20556c7d8cfe8c64d8cc1aa94531fbf638768c7d19b3c079299cf4f26ed3f964efb8fd23d82b4157a51f46da11156c74e2d6e2fd788869ebb52429e12a82da2ba083e2e74565026162f29ca22582da72a2698e7c5d958b919bc2cdfe12f50364ccfed30efd5cd120a7d5f196b2bd7f911bb44d5871eb3dedcd70ece7faf464988f9fe361f23d7244b1e08bee921d0f28bdb4912675809d099876d4d15b7d13ece356e1f2a5dce64feb3d6749a07a4f2b7721190e17a9ab2966e48b6d25187070b81eb45b1c44608b2f0e175958ba57fcf1b2cd145eea5fd4de858d157ddac69dfbb5d5d6f0c1691b0fae5a143b6e58cdf5000f28d74b3322670ed11e740c828c7bfad4e2f392012da3ac931ea26ed15fd003e604071f5900c6e1329d021805d50da9f1e732a49bcc292d9f8e07737cfd59442e8d7aaa813b18183a68e22bf6b4519545dd7d2d519db3652be4131bad4f4b0625dbaa749e979f6ee8c1b97803cb50a2fa20dc883eac932a824b777b226e15294de6a80be3ddef41478fe18172d64407a004de6bae18bc60e90c902c1cbb0e1633395b42391f5011be0d480541987609b0cd8d902ea29f86f73e7362340119323eb0ea4f672b70d6e9a9df5235f9f1965f5cb0c2998c5a7f4754e83eeda5d95fefbbaaa0875fe37b7ca461e7281cc5479162627c5a709b45fd9ddcde4dfb40659e1d70fa7361d9fc7de24f9b8b13259423fdae4dbb98d691db687467a5a7eb027a4a0552a03e430ac8a32de0c30160ba60a036d6b9db2d6182193283337b92e7438dc5d6eb4fa00200d8efa9127f1c3a32ac8e202262773aaa5a965c6b8035b2e5706c32a55511560429ddf1df4ac34076b7eedd9cf94b6915a894fdd9084ffe3db0e7040f382c3cd04f0484595de95865c36b6bf20f46a78cdfb37228acbeb218de798b9586f6d99a0cbae47e80d" +set_get_remove:1:0:"6a07ecfcc7c7bfe0129d56d2dcf2955a12845b9e6e0034b0ed7226764261c6222a07b9f654deb682130eb1cd07ed298324e60a46f9c76c8a5a0be000c69e93dd81054ca21fbc6190cef7745e9d5436f70e20e10cbf111d1d40c9ceb83be108775199d81abaf0fecfe30eaa08e7ed82517cba939de4449f7ac5c730fcbbf56e691640b0129db0e178045dd2034262de9138873d9bdca57685146a3d516ff13c29e6628a00097435a8e10fef7faff62d2963c303a93793e2211d8604556fec08cd59c0f5bd1f22eea64be13e88b3f454781e83fe6e771d3d81eb2fbe2021e276f42a93db5343d767d854115e74f5e129a8036b1e81aced9872709d515e00bcf2098ccdee23006b0e836b27dc8aaf30f53fe58a31a6408abb79b13098c22e262a98040f9b09809a3b43bd42eb01cf1d17bbc8b4dfe51fa6573d4d8741943e3ae71a649e194c1218f2e20556c7d8cfe8c64d8cc1aa94531fbf638768c7d19b3c079299cf4f26ed3f964efb8fd23d82b4157a51f46da11156c74e2d6e2fd788869ebb52429e12a82da2ba083e2e74565026162f29ca22582da72a2698e7c5d958b919bc2cdfe12f50364ccfed30efd5cd120a7d5f196b2bd7f911bb44d5871eb3dedcd70ece7faf464988f9fe361f23d7244b1e08bee921d0f28bdb4912675809d099876d4d15b7d13ece356e1f2a5dce64feb3d6749a07a4f2b7721190e17a9ab2966e48b6d25187070b81eb45b1c44608b2f0e175958ba57fcf1b2cd145eea5fd4de858d157ddac69dfbb5d5d6f0c1691b0fae5a143b6e58cdf5000f28d74b3322670ed11e740c828c7bfad4e2f392012da3ac931ea26ed15fd003e604071f5900c6e1329d021805d50da9f1e732a49bcc292d9f8e07737cfd59442e8d7aaa813b18183a68e22bf6b4519545dd7d2d519db3652be4131bad4f4b0625dbaa749e979f6ee8c1b97803cb50a2fa20dc883eac932a824b777b226e15294de6a80be3ddef41478fe18172d64407a004de6bae18bc60e90c902c1cbb0e1633395b42391f5011be0d480541987609b0cd8d902ea29f86f73e7362340119323eb0ea4f672b70d6e9a9df5235f9f1965f5cb0c2998c5a7f4754e83eeda5d95fefbbaaa0875fe37b7ca461e7281cc5479162627c5a709b45fd9ddcde4dfb40659e1d70fa7361d9fc7de24f9b8b13259423fdae4dbb98d691db687467a5a7eb027a4a0552a03e430ac8a32de0c30160ba60a036d6b9db2d6182193283337b92e7438dc5d6eb4fa00200d8efa9127f1c3a32ac8e202262773aaa5a965c6b8035b2e5706c32a55511560429ddf1df4ac34076b7eedd9cf94b6915a894fdd9084ffe3db0e7040f382c3cd04f0484595de95865c36b6bf20f46a78cdfb37228acbeb218de798b9586f6d99a0cbae47e80d" Set/get/remove with flags -set_get_remove:0:0x12345678:"abcdef" +set_get_remove:1:0x12345678:"abcdef" Overwrite 0 -> 3 -set_overwrite:0:0x12345678:"":0x01020304:"abcdef" +set_overwrite:1:0x12345678:"":0x01020304:"abcdef" Overwrite 3 -> 0 -set_overwrite:0:0x12345678:"abcdef":0x01020304:"" +set_overwrite:1:0x12345678:"abcdef":0x01020304:"" Overwrite 3 -> 3 -set_overwrite:0:0x12345678:"123456":0x01020304:"abcdef" +set_overwrite:1:0x12345678:"123456":0x01020304:"abcdef" Overwrite 3 -> 18 -set_overwrite:0:0x12345678:"abcdef":0x01020304:"404142434445464748494a4b4c4d4e4f5051" +set_overwrite:1:0x12345678:"abcdef":0x01020304:"404142434445464748494a4b4c4d4e4f5051" Overwrite 18 -> 3 -set_overwrite:0:0x12345678:"404142434445464748494a4b4c4d4e4f5051":0x01020304:"abcdef" +set_overwrite:1:0x12345678:"404142434445464748494a4b4c4d4e4f5051":0x01020304:"abcdef" Multiple files -set_multiple:0:5 +set_multiple:1:5 + +Set UID 0 +set_fail:0:"40414243444546474849":PSA_ERROR_INVALID_HANDLE Non-existent file -nonexistent:0:0 +nonexistent:1:0 Removed file -nonexistent:0:1 +nonexistent:1:1 Get 0 bytes of 10 at 10 -get_at:0:"40414243444546474849":10:0:PSA_SUCCESS +get_at:1:"40414243444546474849":10:0:PSA_SUCCESS Get 1 byte of 10 at 9 -get_at:0:"40414243444546474849":9:1:PSA_SUCCESS +get_at:1:"40414243444546474849":9:1:PSA_SUCCESS Get 0 bytes of 10 at 0 -get_at:0:"40414243444546474849":0:0:PSA_SUCCESS +get_at:1:"40414243444546474849":0:0:PSA_SUCCESS Get 1 byte of 10 at 0 -get_at:0:"40414243444546474849":0:1:PSA_SUCCESS +get_at:1:"40414243444546474849":0:1:PSA_SUCCESS Get 2 bytes of 10 at 1 -get_at:0:"40414243444546474849":1:2:PSA_SUCCESS +get_at:1:"40414243444546474849":1:2:PSA_SUCCESS Get 1 byte of 10 at 10: out of range -get_at:0:"40414243444546474849":10:1:PSA_ERROR_INVALID_ARGUMENT +get_at:1:"40414243444546474849":10:1:PSA_ERROR_INVALID_ARGUMENT Get 1 byte of 10 at 11: out of range -get_at:0:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT +get_at:1:"40414243444546474849":11:1:PSA_ERROR_INVALID_ARGUMENT Get 0 bytes of 10 at 11: out of range -get_at:0:"40414243444546474849":11:0:PSA_ERROR_INVALID_ARGUMENT +get_at:1:"40414243444546474849":11:0:PSA_ERROR_INVALID_ARGUMENT Get -1 byte of 10 at 10: out of range -get_at:0:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT +get_at:1:"40414243444546474849":10:-1:PSA_ERROR_INVALID_ARGUMENT Get 1 byte of 10 at -1: out of range -get_at:0:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT +get_at:1:"40414243444546474849":-1:1:PSA_ERROR_INVALID_ARGUMENT Overwrite ITS header magic -get_fail:0:"40414243444546474849":1:0:PSA_ERROR_DATA_CORRUPT +get_fail:1:"40414243444546474849":1:0:PSA_ERROR_DATA_CORRUPT Truncate ITS header -get_fail:0:"40414243444546474849":0:1:PSA_ERROR_DATA_CORRUPT +get_fail:1:"40414243444546474849":0:1:PSA_ERROR_DATA_CORRUPT diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.function b/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.function index fb9ce070366..0f66c79517e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_psa_its.function @@ -3,9 +3,14 @@ /* This test file is specific to the ITS implementation in PSA Crypto * on top of stdio. It expects to know what the stdio name of a file is * based on its keystore name. + * + * Note that if you need to make a change that affects how files are + * stored, this may indicate that the key store is changing in a + * backward-incompatible way! Think carefully about backward compatibility + * before changing how test data is constructed or validated. */ -#include "../library/psa_crypto_its.h" +#include "psa_crypto_its.h" #include "test/psa_helpers.h" @@ -15,23 +20,23 @@ #define PSA_ITS_STORAGE_FILENAME_PATTERN "%08lx%08lx" #define PSA_ITS_STORAGE_SUFFIX ".psa_its" #define PSA_ITS_STORAGE_FILENAME_LENGTH \ - ( sizeof( PSA_ITS_STORAGE_PREFIX ) - 1 + /*prefix without terminating 0*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - 16 + /*UID (64-bit number in hex)*/ \ - sizeof( PSA_ITS_STORAGE_SUFFIX ) - 1 + /*suffix without terminating 0*/ \ - 1 /*terminating null byte*/ ) + (sizeof(PSA_ITS_STORAGE_PREFIX) - 1 + /*prefix without terminating 0*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + 16 + /*UID (64-bit number in hex)*/ \ + sizeof(PSA_ITS_STORAGE_SUFFIX) - 1 + /*suffix without terminating 0*/ \ + 1 /*terminating null byte*/) #define PSA_ITS_STORAGE_TEMP \ PSA_ITS_STORAGE_PREFIX "tempfile" PSA_ITS_STORAGE_SUFFIX -static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) +static void psa_its_fill_filename(psa_storage_uid_t uid, char *filename) { /* Break up the UID into two 32-bit pieces so as not to rely on * long long support in snprintf. */ - mbedtls_snprintf( filename, PSA_ITS_STORAGE_FILENAME_LENGTH, - "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", - PSA_ITS_STORAGE_PREFIX, - (unsigned long) ( uid >> 32 ), - (unsigned long) ( uid & 0xffffffff ), - PSA_ITS_STORAGE_SUFFIX ); + mbedtls_snprintf(filename, PSA_ITS_STORAGE_FILENAME_LENGTH, + "%s" PSA_ITS_STORAGE_FILENAME_PATTERN "%s", + PSA_ITS_STORAGE_PREFIX, + (unsigned long) (uid >> 32), + (unsigned long) (uid & 0xffffffff), + PSA_ITS_STORAGE_SUFFIX); } /* Maximum uid used by the test, recorded so that cleanup() can delete @@ -39,7 +44,7 @@ static void psa_its_fill_filename( psa_storage_uid_t uid, char *filename ) * need to and should not be taken into account for uid_max. */ static psa_storage_uid_t uid_max = 0; -static void cleanup( void ) +static void cleanup(void) { /* Call remove() on all the files that a test might have created. * We ignore the error if the file exists but remove() fails because @@ -50,25 +55,25 @@ static void cleanup( void ) * test case. */ char filename[PSA_ITS_STORAGE_FILENAME_LENGTH]; psa_storage_uid_t uid; - for( uid = 0; uid < uid_max; uid++ ) - { - psa_its_fill_filename( uid, filename ); - (void) remove( filename ); + for (uid = 0; uid < uid_max; uid++) { + psa_its_fill_filename(uid, filename); + (void) remove(filename); } - psa_its_fill_filename( (psa_storage_uid_t)( -1 ), filename ); - (void) remove( filename ); - (void) remove( PSA_ITS_STORAGE_TEMP ); + psa_its_fill_filename((psa_storage_uid_t) (-1), filename); + (void) remove(filename); + (void) remove(PSA_ITS_STORAGE_TEMP); uid_max = 0; } -static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid, - uint32_t data_length, - const void *p_data, - psa_storage_create_flags_t create_flags ) +static psa_status_t psa_its_set_wrap(psa_storage_uid_t uid, + uint32_t data_length, + const void *p_data, + psa_storage_create_flags_t create_flags) { - if( uid_max != (psa_storage_uid_t)( -1 ) && uid_max < uid ) + if (uid_max != (psa_storage_uid_t) (-1) && uid_max < uid) { uid_max = uid; - return( psa_its_set( uid, data_length, p_data, create_flags ) ); + } + return psa_its_set(uid, data_length, p_data, create_flags); } /* END_HEADER */ @@ -79,7 +84,7 @@ static psa_status_t psa_its_set_wrap( psa_storage_uid_t uid, */ /* BEGIN_CASE */ -void set_get_remove( int uid_arg, int flags_arg, data_t *data ) +void set_get_remove(int uid_arg, int flags_arg, data_t *data) { psa_storage_uid_t uid = uid_arg; uint32_t flags = flags_arg; @@ -87,28 +92,28 @@ void set_get_remove( int uid_arg, int flags_arg, data_t *data ) unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC( buffer, data->len ); + TEST_CALLOC(buffer, data->len); - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, flags ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, flags)); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data->len ); - TEST_ASSERT( info.flags == flags ); - PSA_ASSERT( psa_its_get( uid, 0, data->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data->x, data->len, buffer, ret_len ); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data->len); + TEST_ASSERT(info.flags == flags); + PSA_ASSERT(psa_its_get(uid, 0, data->len, buffer, &ret_len)); + TEST_MEMORY_COMPARE(data->x, data->len, buffer, ret_len); - PSA_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void set_overwrite( int uid_arg, - int flags1_arg, data_t *data1, - int flags2_arg, data_t *data2 ) +void set_overwrite(int uid_arg, + int flags1_arg, data_t *data1, + int flags2_arg, data_t *data2) { psa_storage_uid_t uid = uid_arg; uint32_t flags1 = flags1_arg; @@ -117,33 +122,33 @@ void set_overwrite( int uid_arg, unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC( buffer, MAX( data1->len, data2->len ) ); + TEST_CALLOC(buffer, MAX(data1->len, data2->len)); - PSA_ASSERT( psa_its_set_wrap( uid, data1->len, data1->x, flags1 ) ); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data1->len ); - TEST_ASSERT( info.flags == flags1 ); - PSA_ASSERT( psa_its_get( uid, 0, data1->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data1->x, data1->len, buffer, ret_len ); + PSA_ASSERT(psa_its_set_wrap(uid, data1->len, data1->x, flags1)); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data1->len); + TEST_ASSERT(info.flags == flags1); + PSA_ASSERT(psa_its_get(uid, 0, data1->len, buffer, &ret_len)); + TEST_MEMORY_COMPARE(data1->x, data1->len, buffer, ret_len); - PSA_ASSERT( psa_its_set_wrap( uid, data2->len, data2->x, flags2 ) ); - PSA_ASSERT( psa_its_get_info( uid, &info ) ); - TEST_ASSERT( info.size == data2->len ); - TEST_ASSERT( info.flags == flags2 ); + PSA_ASSERT(psa_its_set_wrap(uid, data2->len, data2->x, flags2)); + PSA_ASSERT(psa_its_get_info(uid, &info)); + TEST_ASSERT(info.size == data2->len); + TEST_ASSERT(info.flags == flags2); ret_len = 0; - PSA_ASSERT( psa_its_get( uid, 0, data2->len, buffer, &ret_len ) ); - ASSERT_COMPARE( data2->x, data2->len, buffer, ret_len ); + PSA_ASSERT(psa_its_get(uid, 0, data2->len, buffer, &ret_len)); + TEST_MEMORY_COMPARE(data2->x, data2->len, buffer, ret_len); - PSA_ASSERT( psa_its_remove( uid ) ); + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void set_multiple( int first_id, int count ) +void set_multiple(int first_id, int count) { psa_storage_uid_t uid0 = first_id; psa_storage_uid_t uid; @@ -151,58 +156,55 @@ void set_multiple( int first_id, int count ) char retrieved[40]; size_t ret_len = 0; - memset( stored, '.', sizeof( stored ) ); - for( uid = uid0; uid < uid0 + count; uid++ ) - { - mbedtls_snprintf( stored, sizeof( stored ), - "Content of file 0x%08lx", (unsigned long) uid ); - PSA_ASSERT( psa_its_set_wrap( uid, sizeof( stored ), stored, 0 ) ); + memset(stored, '.', sizeof(stored)); + for (uid = uid0; uid < uid0 + count; uid++) { + mbedtls_snprintf(stored, sizeof(stored), + "Content of file 0x%08lx", (unsigned long) uid); + PSA_ASSERT(psa_its_set_wrap(uid, sizeof(stored), stored, 0)); } - for( uid = uid0; uid < uid0 + count; uid++ ) - { - mbedtls_snprintf( stored, sizeof( stored ), - "Content of file 0x%08lx", (unsigned long) uid ); - PSA_ASSERT( psa_its_get( uid, 0, sizeof( stored ), retrieved, &ret_len ) ); - ASSERT_COMPARE( retrieved, ret_len, - stored, sizeof( stored ) ); - PSA_ASSERT( psa_its_remove( uid ) ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == - PSA_ERROR_DOES_NOT_EXIST ); + for (uid = uid0; uid < uid0 + count; uid++) { + mbedtls_snprintf(stored, sizeof(stored), + "Content of file 0x%08lx", (unsigned long) uid); + PSA_ASSERT(psa_its_get(uid, 0, sizeof(stored), retrieved, &ret_len)); + TEST_MEMORY_COMPARE(retrieved, ret_len, + stored, sizeof(stored)); + PSA_ASSERT(psa_its_remove(uid)); + TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) == + PSA_ERROR_DOES_NOT_EXIST); } exit: - cleanup( ); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void nonexistent( int uid_arg, int create_and_remove ) +void nonexistent(int uid_arg, int create_and_remove) { psa_storage_uid_t uid = uid_arg; struct psa_storage_info_t info; - if( create_and_remove ) - { - PSA_ASSERT( psa_its_set_wrap( uid, 0, NULL, 0 ) ); - PSA_ASSERT( psa_its_remove( uid ) ); + if (create_and_remove) { + PSA_ASSERT(psa_its_set_wrap(uid, 0, NULL, 0)); + PSA_ASSERT(psa_its_remove(uid)); } - TEST_ASSERT( psa_its_remove( uid ) == PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_its_get_info( uid, &info ) == - PSA_ERROR_DOES_NOT_EXIST ); - TEST_ASSERT( psa_its_get( uid, 0, 0, NULL, NULL ) == - PSA_ERROR_DOES_NOT_EXIST ); + TEST_ASSERT(psa_its_remove(uid) == PSA_ERROR_DOES_NOT_EXIST); + TEST_ASSERT(psa_its_get_info(uid, &info) == + PSA_ERROR_DOES_NOT_EXIST); + TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) == + PSA_ERROR_DOES_NOT_EXIST); exit: - cleanup( ); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void get_at( int uid_arg, data_t *data, - int offset, int length_arg, - int expected_status ) +void get_at(int uid_arg, data_t *data, + int offset, int length_arg, + int expected_status) { psa_storage_uid_t uid = uid_arg; unsigned char *buffer = NULL; @@ -212,31 +214,33 @@ void get_at( int uid_arg, data_t *data, size_t i; size_t ret_len = 0; - ASSERT_ALLOC( buffer, length + 16 ); + TEST_CALLOC(buffer, length + 16); trailer = buffer + length; - memset( trailer, '-', 16 ); + memset(trailer, '-', 16); - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0)); - status = psa_its_get( uid, offset, length_arg, buffer, &ret_len ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - if( status == PSA_SUCCESS ) - ASSERT_COMPARE( data->x + offset, (size_t) length_arg, - buffer, ret_len ); - for( i = 0; i < 16; i++ ) - TEST_ASSERT( trailer[i] == '-' ); - PSA_ASSERT( psa_its_remove( uid ) ); + status = psa_its_get(uid, offset, length_arg, buffer, &ret_len); + TEST_ASSERT(status == (psa_status_t) expected_status); + if (status == PSA_SUCCESS) { + TEST_MEMORY_COMPARE(data->x + offset, (size_t) length_arg, + buffer, ret_len); + } + for (i = 0; i < 16; i++) { + TEST_ASSERT(trailer[i] == '-'); + } + PSA_ASSERT(psa_its_remove(uid)); exit: - mbedtls_free( buffer ); - cleanup( ); + mbedtls_free(buffer); + cleanup(); } /* END_CASE */ /* BEGIN_CASE */ -void get_fail( int uid_arg, data_t *data, - int overwrite_magic, int cut_header, - int expected_status ) +void get_fail(int uid_arg, data_t *data, + int overwrite_magic, int cut_header, + int expected_status) { psa_storage_uid_t uid = uid_arg; unsigned char *buffer = NULL; @@ -247,41 +251,53 @@ void get_fail( int uid_arg, data_t *data, FILE *stream = NULL; char bad_char = 'X'; - PSA_ASSERT( psa_its_set_wrap( uid, data->len, data->x, 0 ) ); + PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0)); - psa_its_fill_filename( uid, filename ); - stream = fopen( filename, "rb+" ); - TEST_ASSERT( NULL != stream ); - if( 0 != overwrite_magic ) - { + psa_its_fill_filename(uid, filename); + stream = fopen(filename, "rb+"); + TEST_ASSERT(NULL != stream); + if (0 != overwrite_magic) { /* Overwrite the 1st byte of the file, the ITS magic number */ - TEST_ASSERT( fseek( stream, 0, SEEK_SET ) == 0 ); - n = fwrite( &bad_char, 1, 1, stream ); - TEST_ASSERT( 1 == n ); + TEST_ASSERT(fseek(stream, 0, SEEK_SET) == 0); + n = fwrite(&bad_char, 1, 1, stream); + TEST_ASSERT(1 == n); } - if( 0 != cut_header ) - { + if (0 != cut_header) { /* Reopen file and truncate it to 0 byte by specifying the 'w' flag */ - stream = freopen( filename, "wb", stream ); - TEST_ASSERT( NULL != stream ); + stream = freopen(filename, "wb", stream); + TEST_ASSERT(NULL != stream); } - fclose( stream ); + fclose(stream); stream = NULL; - status = psa_its_get( uid, 0, 0, buffer, &ret_len ); - TEST_ASSERT( status == (psa_status_t) expected_status ); - TEST_ASSERT( 0 == ret_len ); - PSA_ASSERT( psa_its_remove( uid ) ); + status = psa_its_get(uid, 0, 0, buffer, &ret_len); + TEST_ASSERT(status == (psa_status_t) expected_status); + TEST_ASSERT(0 == ret_len); + PSA_ASSERT(psa_its_remove(uid)); /* Check if the file is really deleted. */ - stream = fopen( filename, "rb" ); - TEST_ASSERT( NULL == stream ); + stream = fopen(filename, "rb"); + TEST_ASSERT(NULL == stream); exit: - if( stream != NULL ) - fclose( stream ); + if (stream != NULL) { + fclose(stream); + } + + mbedtls_free(buffer); + cleanup(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void set_fail(int uid_arg, data_t *data, + int expected_status) +{ + psa_storage_uid_t uid = uid_arg; + TEST_ASSERT(psa_its_set_wrap(uid, data->len, data->x, 0) == + (psa_status_t) expected_status); - mbedtls_free( buffer ); - cleanup( ); +exit: + cleanup(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_random.function b/third_party/mbedtls/repo/tests/suites/test_suite_random.function index 37fa36ecd42..dfc4e853b6d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_random.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_random.function @@ -18,8 +18,8 @@ /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */ -void random_twice_with_ctr_drbg( ) +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C */ +void random_twice_with_ctr_drbg() { mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context drbg; @@ -27,176 +27,176 @@ void random_twice_with_ctr_drbg( ) unsigned char output2[OUTPUT_SIZE]; /* First round */ - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg, - output1, sizeof( output1 ) ) ); - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, + output1, sizeof(output1))); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* Second round */ - mbedtls_entropy_init( &entropy ); - mbedtls_ctr_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_seed( &drbg, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_ctr_drbg_random( &drbg, - output2, sizeof( output2 ) ) ); - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_ctr_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_ctr_drbg_seed(&drbg, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_ctr_drbg_random(&drbg, + output2, sizeof(output2))); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - mbedtls_ctr_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */ -void random_twice_with_hmac_drbg( int md_type ) +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_HMAC_DRBG_C */ +void random_twice_with_hmac_drbg(int md_type) { mbedtls_entropy_context entropy; mbedtls_hmac_drbg_context drbg; unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; - const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type ); + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); /* First round */ - mbedtls_entropy_init( &entropy ); - mbedtls_hmac_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg, - output1, sizeof( output1 ) ) ); - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_hmac_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, + output1, sizeof(output1))); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* Second round */ - mbedtls_entropy_init( &entropy ); - mbedtls_hmac_drbg_init( &drbg ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_seed( &drbg, md_info, - mbedtls_entropy_func, &entropy, - NULL, 0 ) ); - TEST_EQUAL( 0, mbedtls_hmac_drbg_random( &drbg, - output2, sizeof( output2 ) ) ); - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_entropy_init(&entropy); + mbedtls_hmac_drbg_init(&drbg); + TEST_EQUAL(0, mbedtls_hmac_drbg_seed(&drbg, md_info, + mbedtls_entropy_func, &entropy, + NULL, 0)); + TEST_EQUAL(0, mbedtls_hmac_drbg_random(&drbg, + output2, sizeof(output2))); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - mbedtls_hmac_drbg_free( &drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_hmac_drbg_free(&drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void random_twice_with_psa_from_classic( ) +void random_twice_with_psa_from_classic() { unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; /* First round */ - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output1, sizeof( output1 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output1, sizeof(output1))); + PSA_DONE(); /* Second round */ - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output2, sizeof( output2 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output2, sizeof(output2))); + PSA_DONE(); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -void random_twice_with_psa_from_psa( ) +void random_twice_with_psa_from_psa() { unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; /* First round */ - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output1, sizeof( output1 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output1, sizeof(output1))); + PSA_DONE(); /* Second round */ - PSA_ASSERT( psa_crypto_init( ) ); - PSA_ASSERT( psa_generate_random( output2, sizeof( output2 ) ) ); - PSA_DONE( ); + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_generate_random(output2, sizeof(output2))); + PSA_DONE(); /* The two rounds must generate different random data. */ - TEST_ASSERT( memcmp( output1, output2, OUTPUT_SIZE ) != 0 ); + TEST_ASSERT(memcmp(output1, output2, OUTPUT_SIZE) != 0); exit: - PSA_DONE( ); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void mbedtls_psa_get_random_no_init( ) +void mbedtls_psa_get_random_no_init() { unsigned char output[1]; - TEST_ASSERT( mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, sizeof( output ) ) != 0 ); + TEST_ASSERT(mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, sizeof(output)) != 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void mbedtls_psa_get_random_length( int n ) +void mbedtls_psa_get_random_length(int n) { unsigned char *output = NULL; - PSA_ASSERT( psa_crypto_init( ) ); - ASSERT_ALLOC( output, n ); + PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, n); - TEST_EQUAL( 0, mbedtls_psa_get_random( MBEDTLS_PSA_RANDOM_STATE, - output, n ) ); + TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, + output, n)); exit: - mbedtls_free( output ); - PSA_DONE( ); + mbedtls_free(output); + PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ECDSA_C */ -void mbedtls_psa_get_random_ecdsa_sign( int curve ) +void mbedtls_psa_get_random_ecdsa_sign(int curve) { mbedtls_ecp_group grp; mbedtls_mpi d, r, s; unsigned char buf[] = "This is not a hash."; - mbedtls_ecp_group_init( &grp ); - mbedtls_mpi_init( &d ); - mbedtls_mpi_init( &r ); - mbedtls_mpi_init( &s ); - - TEST_EQUAL( 0, mbedtls_mpi_lset( &d, 123456789 ) ); - TEST_EQUAL( 0, mbedtls_ecp_group_load( &grp, curve ) ); - PSA_ASSERT( psa_crypto_init( ) ); - TEST_EQUAL( 0, mbedtls_ecdsa_sign( &grp, &r, &s, &d, - buf, sizeof( buf ), - mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE ) ); + mbedtls_ecp_group_init(&grp); + mbedtls_mpi_init(&d); + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + TEST_EQUAL(0, mbedtls_mpi_lset(&d, 123456789)); + TEST_EQUAL(0, mbedtls_ecp_group_load(&grp, curve)); + PSA_ASSERT(psa_crypto_init()); + TEST_EQUAL(0, mbedtls_ecdsa_sign(&grp, &r, &s, &d, + buf, sizeof(buf), + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); exit: - mbedtls_mpi_free( &d ); - mbedtls_mpi_free( &r ); - mbedtls_mpi_free( &s ); - mbedtls_ecp_group_free( &grp ); - PSA_DONE( ); + mbedtls_mpi_free(&d); + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + mbedtls_ecp_group_free(&grp); + PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_rsa.data b/third_party/mbedtls/repo/tests/suites/test_suite_rsa.data index 2da814db5d2..5ad5da21f0f 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_rsa.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_rsa.data @@ -10,144 +10,144 @@ rsa_init_free:1 RSA PKCS1 Verify v1.5 CAVS #1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 # Good padding but wrong hash -mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #2 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 +mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA PKCS1 Verify v1.5 CAVS #3 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 +mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA PKCS1 Verify v1.5 CAVS #4 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0 +mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0 RSA PKCS1 Verify v1.5 CAVS #5 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 +mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 RSA PKCS1 Verify v1.5 CAVS #6 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 +mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 RSA PKCS1 Verify v1.5 CAVS #7 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 # Bad padding after performing the public key operation -mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #8 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1":0 +mbedtls_rsa_pkcs1_verify:"b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1":0 RSA PKCS1 Verify v1.5 CAVS #9 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171":0 +mbedtls_rsa_pkcs1_verify:"647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171":0 RSA PKCS1 Verify v1.5 CAVS #10 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #11 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0 +mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0 RSA PKCS1 Verify v1.5 CAVS #12 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 +mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 RSA PKCS1 Verify v1.5 CAVS #13 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 +mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 RSA PKCS1 Verify v1.5 CAVS #14 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9":0 +mbedtls_rsa_pkcs1_verify:"4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9":0 RSA PKCS1 Verify v1.5 CAVS #15 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0 +mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0 RSA PKCS1 Verify v1.5 CAVS #16 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0 +mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0 RSA PKCS1 Verify v1.5 CAVS #17 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 +mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 RSA PKCS1 Verify v1.5 CAVS #18 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 +mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 RSA PKCS1 Verify v1.5 CAVS #19 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a":0 +mbedtls_rsa_pkcs1_verify:"4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a":0 RSA PKCS1 Verify v1.5 CAVS #20 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3":0 +mbedtls_rsa_pkcs1_verify:"a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3":0 RSA PKCS1 Verify v1.5 CAVS #21 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #22 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #23 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0 +mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0 RSA PKCS1 Verify v1.5 CAVS #24 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 +mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 RSA PKCS1 Verify v1.5 CAVS #25 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 +mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 RSA PKCS1 Verify v1.5 CAVS #26 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40":0 +mbedtls_rsa_pkcs1_verify:"1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40":0 RSA PKCS1 Verify v1.5 CAVS #27 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0 +mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0 RSA PKCS1 Verify v1.5 CAVS #28 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0 +mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0 RSA PKCS1 Verify v1.5 CAVS #29 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493":0 +mbedtls_rsa_pkcs1_verify:"f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493":0 RSA PKCS1 Verify v1.5 CAVS #30 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #31 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #32 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 +mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 RSA PKCS1 Verify v1.5 CAVS #33 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #34 depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b":0 RSA PKCS1 Verify v1.5 padding too short depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"AABBCC03020100FFFFFFFFFF1122330A0B0CCCDDDDDDDDDD":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"9292758453063D803DD603D5E777D7888ED1D5BF35786190FA2F23EBC0848AEADDA92CA6C3D80B32C4D109BE0F36D6AE7130B9CED7ACDF54CFC7555AC14EEBAB93A89813FBF3C4F8066D2D800F7C38A81AE31942917403FF4946B0A83D3D3E05EE57C6F5F5606FB5D4BC6CD34EE0801A5E94BB77B07507233A0BC7BAC8F90F79":16:"10001":"6edd56f397d9bc6d176bbe3d80946fc352ad6127b85b1d67d849c0a38cbde7222c5fafbb18dcef791178a8e15f5c8cd91869f8ca4b758c46ce3e229bf666d2e3e296544351bcb5db7e0004f6c0800f76a432071297e405759d4324d1cf1c412758be93a39f834e03dee59e28ac571ce2b0b3c8fe639979f516223b54027340a5":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"AABBCC03020100FFFFFFFFFF1122330A0B0CCCDDDDDDDDDD":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"9292758453063D803DD603D5E777D7888ED1D5BF35786190FA2F23EBC0848AEADDA92CA6C3D80B32C4D109BE0F36D6AE7130B9CED7ACDF54CFC7555AC14EEBAB93A89813FBF3C4F8066D2D800F7C38A81AE31942917403FF4946B0A83D3D3E05EE57C6F5F5606FB5D4BC6CD34EE0801A5E94BB77B07507233A0BC7BAC8F90F79":"10001":"6edd56f397d9bc6d176bbe3d80946fc352ad6127b85b1d67d849c0a38cbde7222c5fafbb18dcef791178a8e15f5c8cd91869f8ca4b758c46ce3e229bf666d2e3e296544351bcb5db7e0004f6c0800f76a432071297e405759d4324d1cf1c412758be93a39f834e03dee59e28ac571ce2b0b3c8fe639979f516223b54027340a5":MBEDTLS_ERR_RSA_VERIFY_FAILED # The following tests check whether the use of reduced length encodings (as mandated for DER in contrast to BER) is enforced in # the verification of PKCS1 v1.5 signatures - this is relevant to prevent Bleichenbacher signature forgery attacks. @@ -157,249 +157,249 @@ mbedtls_rsa_pkcs1_verify:"AABBCC03020100FFFFFFFFFF1122330A0B0CCCDDDDDDDDDD":MBED # Correct signature with DER-compliant reduced length encodings RSA PKCS1 Verify v1.5 reduced length encoding depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"5B56096ECADA4DAC299FD3D6091C1BE4D7C4210086E61ADA6FFC267A690034DAFB3734035880B9E71CEB0331C32C8DE1A254D777DFE3C848AC7764907602452EC16FD8EB3664E2E682DB3AA8979059BFADFE6192D9029844C8CAF310552717DD5B5B36A9910CFABE5C54AC16F3A3461DEE730060981BD9B47EE8D6644963B7CA":0 +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"5B56096ECADA4DAC299FD3D6091C1BE4D7C4210086E61ADA6FFC267A690034DAFB3734035880B9E71CEB0331C32C8DE1A254D777DFE3C848AC7764907602452EC16FD8EB3664E2E682DB3AA8979059BFADFE6192D9029844C8CAF310552717DD5B5B36A9910CFABE5C54AC16F3A3461DEE730060981BD9B47EE8D6644963B7CA":0 # Non-reduced 1-byte length encoding in `DigestInfo` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #1 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"2FCF7FC1B60B3C083872B1BD9C666745921951A8A9E099FD629675F620B670713519C4A97B870591B97FE5C5DB2FC2A0A3FCB0016536D1205AA32BA8BFCF54ABD542C02F7FCEA3C3531D7A87C82ED5B151A9599F1BDB070A905F5B721DE3C22F8AC35034C607920CE0699D7F79E5913915F3A01856B5D30F9E68F0CD7856D40F":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"2FCF7FC1B60B3C083872B1BD9C666745921951A8A9E099FD629675F620B670713519C4A97B870591B97FE5C5DB2FC2A0A3FCB0016536D1205AA32BA8BFCF54ABD542C02F7FCEA3C3531D7A87C82ED5B151A9599F1BDB070A905F5B721DE3C22F8AC35034C607920CE0699D7F79E5913915F3A01856B5D30F9E68F0CD7856D40F":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 2-byte length encoding for `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #2 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"3C27512A8FDC973D856C0F288BE27D00D54FC0B359C520DA73A05156D98CDD6A83E6657BFA81D7B9716EEDFD98C08CD82F399298782782AE341D9AABCBB6B5F9C6552DE1D8B93047E1135032653F4F65A8937352E903864E008429E049680E3AA80F5DE1C7408C403011CEF4A3ECA549C027C8954BFBCA21F2A41C3EB0278029":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"3C27512A8FDC973D856C0F288BE27D00D54FC0B359C520DA73A05156D98CDD6A83E6657BFA81D7B9716EEDFD98C08CD82F399298782782AE341D9AABCBB6B5F9C6552DE1D8B93047E1135032653F4F65A8937352E903864E008429E049680E3AA80F5DE1C7408C403011CEF4A3ECA549C027C8954BFBCA21F2A41C3EB0278029":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 3-byte length encoding for optional parameters in `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #3 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"24BEB8502F24E0D11D9C10CEE4435EA972CEC93C23936E815ED2DF41BECEDDE889AF85BBEAF1B8C6928913AC523EA1D6653832E9D4E74F55B76771EA84F5A607342C341A14AB258019F38DBAEE4B967C8C8D26D6AF2583D32988471BA38751B6A67BA3D1147619C266A9AAC34244740BB59CD9DB3AFF19438B04C619AB719123":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"24BEB8502F24E0D11D9C10CEE4435EA972CEC93C23936E815ED2DF41BECEDDE889AF85BBEAF1B8C6928913AC523EA1D6653832E9D4E74F55B76771EA84F5A607342C341A14AB258019F38DBAEE4B967C8C8D26D6AF2583D32988471BA38751B6A67BA3D1147619C266A9AAC34244740BB59CD9DB3AFF19438B04C619AB719123":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 4-byte length encoding in `digest` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #4 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"13172EF7362CF421103FE1893429FAE85F83636BA8AF545252599A39892E62CEC317DC47C1D6B19328B63CDFD02FA0B49CE7980504635251FF08C0A1308C64D6466DFBF1EF2BA49EFDD6C2C888A30870EC2DC0FA4D67FDE6631C85ED2CEF8EEBF5578C974CBA4A04034D9B579B420D6CA93E4BFC09E014542A0EFB902AF90C5E":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"13172EF7362CF421103FE1893429FAE85F83636BA8AF545252599A39892E62CEC317DC47C1D6B19328B63CDFD02FA0B49CE7980504635251FF08C0A1308C64D6466DFBF1EF2BA49EFDD6C2C888A30870EC2DC0FA4D67FDE6631C85ED2CEF8EEBF5578C974CBA4A04034D9B579B420D6CA93E4BFC09E014542A0EFB902AF90C5E":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 3-byte length encoding for OID in `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #5 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":16:"10001":"65DD518F63A2E289C035E9F2A9927BF5A6A74FF6FEFFF61AFCC52ED4A8A5B93534A3AD1709136306EE1379B47A4863BC6ED879E92CD6F99AA5B5F106102BDAE8DAFB15CF6EF00CB5FA63967706528DEE8876F3D04E8D75533009C73DA4C5744D20FFDB18EA78EE4D5D9D6F7BD3AFC2AD9A0EDDD56AA40AAEF789E6FB12AB6DE7":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"7369676e617475726520746573740a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"65DD518F63A2E289C035E9F2A9927BF5A6A74FF6FEFFF61AFCC52ED4A8A5B93534A3AD1709136306EE1379B47A4863BC6ED879E92CD6F99AA5B5F106102BDAE8DAFB15CF6EF00CB5FA63967706528DEE8876F3D04E8D75533009C73DA4C5744D20FFDB18EA78EE4D5D9D6F7BD3AFC2AD9A0EDDD56AA40AAEF789E6FB12AB6DE7":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA) depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db":16:"f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051":16:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":16:"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db":"f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051":"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 RSA PKCS1 Sign #1 Verify depends_on:MBEDTLS_SHA512_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:16:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":16:"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 RSA PKCS1 Sign #2 (SHA256, 2048 bits RSA) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 RSA PKCS1 Sign #2 Verify depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 RSA PKCS1 Sign #2 Verify (Fail) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA) depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #3 Verify depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #4 Verify depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #5 (MD2, 2048 bits RSA) depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 RSA PKCS1 Sign #5 Verify depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0 RSA PKCS1 Sign #6 (MD4, 2048 bits RSA) depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 RSA PKCS1 Sign #6 Verify depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0 RSA PKCS1 Sign #7 (MD5, 2048 bits RSA) depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 RSA PKCS1 Sign #7 Verify depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 RSA PKCS1 Sign #8 (RAW, 2048 bits RSA) depends_on:MBEDTLS_PKCS1_V15 -rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" +rsa_pkcs1_sign_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" RSA PKCS1 Sign #8 Verify depends_on:MBEDTLS_PKCS1_V15 -rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0 +rsa_pkcs1_verify_raw:"1234567890deadbeef":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":0 RSA PKCS1 Sign #8 Verify (Wrong raw hash) depends_on:MBEDTLS_PKCS1_V15 -rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED +rsa_pkcs1_verify_raw:"1234567890deadcafe":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #9 (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA PKCS1 Sign #9 Verify (Invalid Digest type) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 +mbedtls_rsa_pkcs1_sign:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA) depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 +mbedtls_rsa_pkcs1_verify:"616263":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 RSA PKCS1 Encrypt #1 depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0 +mbedtls_rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c":0 RSA PKCS1 Decrypt #1 (Verify) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 +mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":0 RSA PKCS1 Encrypt #2 (Data too large) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_encrypt:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA PKCS1 Decrypt #2 (Data too small) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_pkcs1_decrypt:"deadbeafcafedeadbeeffedcba9876":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":32:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA PKCS1 Decrypt #4 (Output buffer too small) depends_on:MBEDTLS_PKCS1_V15 -mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":15:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE +mbedtls_rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_RSA_PKCS_V15:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":15:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE RSA Check empty private key rsa_check_privkey_null: RSA Check Private key #1 (Correct) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0 +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0 RSA Check Private key #2 (No P) -mbedtls_rsa_check_privkey:2048:16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #3 (No Q) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #4 (No N) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #5 (No E) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #6 (No D) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #7 (No DP) depends_on:!MBEDTLS_RSA_NO_CRT -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #8 (No DQ) depends_on:!MBEDTLS_RSA_NO_CRT -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #9 (No QP) depends_on:!MBEDTLS_RSA_NO_CRT -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Private key #10 (Incorrect) -mbedtls_rsa_check_privkey:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_privkey:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #1 (Correct) -mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":0 +mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":0 RSA Check Public key #2 (Even N) -mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":16:"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #3 (Even E) -mbedtls_rsa_check_pubkey:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":16:"65536":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340":"65536":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #4 (N exactly 128 bits) -mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"3":0 +mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"3":0 RSA Check Public key #5 (N smaller than 128 bits) -mbedtls_rsa_check_pubkey:16:"7edcba9876543210deadbeefcafe4321":16:"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"7edcba9876543210deadbeefcafe4321":"3":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #6 (N exactly 8192 bits) depends_on:MBEDTLS_MPI_MAX_SIZE>=1024 -mbedtls_rsa_check_pubkey:16:"88F48075BF29E95C1C6AE8716678B74E957B69CC2E49708C160C6343AAD2F076D25397ACE74220311ED18AEEB681F463611B3340C3945CAAEAD3ACC616E08A25A55683A32979BD55EA5DAB7630AF393886896F11DDC5F07E15EDF949324CF0F0B2A5C0E85DFA23167193182D1A43079DC8645F6C2C029629F475575802F7D326DE5BD891A9C5F84A433D45154181EC05685A4B368A5B6434775A00ABC6B0A04647D4598CEEE566B552230F691C98CA30B402A76C686A94B373CCD2F60EFA3878A867BB5F585D088E27C507937262D098A477B9218BE7C03B2E4C102D244CA701645F1827CD947E5E796446378B848862E689F0D1773F752056841A1F0EECE7CAB74921A42DBF2EF264ADCF4ABE05A1242E5F629A657A2D67958A2DAC9A2245074A37099B45064723ABE21241058252632C2BA6FE85AB1C75FF310891B84C9C40AB646FE1D90BC716FB3A4B56DA3EA25CA397C04B994F7C6AD1DD0CB9E994CA6B835F7830F4F4E0F976BBEA5AE8556BC7C90B3E50E21C19AD1F6BC4A8FF15F2909D9CC5F3DA533BADFF50F487869D631C3E34D69636B4C25A55127EF5B715F2FC0565734B38DF996D1970E56F7F64EBECB9D00A587AAEC608F2D3AAA51E66BF53E92C3096BF78D1DCBCE1A645FA4F0542E6F68E5A94AAA6E839F75620FABED5D2BCF40AB8EAF95F838BFA962429F281578882DF0F2721C27C8905C9E776B1D3251FC066A8BC64C0CE7FBA2B8E21F65EF6739AB6F19EC2AB07817DFF03DAB7C846AB5CC86C103642D7664A85DC2D846A8004CD6A144C72CCCAC86DB5901A047324927B80E281F5F7315FA2F9083BDE0DB7AA46DC055E36BB73FB6DBD3A14759D06CBBE8D57CBC213C4D55DE4478679E0A5902C8655BE1391C0E88D2B1FBD57E9232A2CEBC67569ECD94E4BF0FCC6C003F9AA51A2A5E6EE084A46DAE65E52400A727F9713D29E92CD6CA37FD599598B3F677624A2A484A8B36B98EFEAD662C0A23BC1D9280EF2A31F887065EB20A93B41F7A264ECFA65B3555F3E400927018186EAA2D4F00C6B7AB1BCED5F893D64478177592C7F2B945307AB474D7EC7FF2E7E55834CC763BEF81DA9BD70FB3D423AE5ADB86B336734C8A3BEC90CEB05438B5BA030D0D30DEC1442D2EB08450480FBAE090FFA1A5ADD748A415BDCDE45094E792420F0AF94BCA0A80A2096D1A478D3428A214A7E68C0F07F58C6FB232ECC3D8B821AE29AE76E13EB751193F6ECA670016D54F3D796937DDBB8900062EF116CCA3F5B3AECA618272875336C9C050FBC0FC7EDD5B88D85DA0061D21E176E1419CF573629BE7B0496E761EAD45FE32B59EB00D47CDD178AC8F8EC8D6F26DED34F7576CD938422E18E936F16A704B483A48EE3BEA59D95F688136119894930EC8E9282E5974740CF031DF8DBB07EB08F2DA0ACCADECE15A6A57502890F4A03740E60BD":16:"010001":0 +mbedtls_rsa_check_pubkey:"88F48075BF29E95C1C6AE8716678B74E957B69CC2E49708C160C6343AAD2F076D25397ACE74220311ED18AEEB681F463611B3340C3945CAAEAD3ACC616E08A25A55683A32979BD55EA5DAB7630AF393886896F11DDC5F07E15EDF949324CF0F0B2A5C0E85DFA23167193182D1A43079DC8645F6C2C029629F475575802F7D326DE5BD891A9C5F84A433D45154181EC05685A4B368A5B6434775A00ABC6B0A04647D4598CEEE566B552230F691C98CA30B402A76C686A94B373CCD2F60EFA3878A867BB5F585D088E27C507937262D098A477B9218BE7C03B2E4C102D244CA701645F1827CD947E5E796446378B848862E689F0D1773F752056841A1F0EECE7CAB74921A42DBF2EF264ADCF4ABE05A1242E5F629A657A2D67958A2DAC9A2245074A37099B45064723ABE21241058252632C2BA6FE85AB1C75FF310891B84C9C40AB646FE1D90BC716FB3A4B56DA3EA25CA397C04B994F7C6AD1DD0CB9E994CA6B835F7830F4F4E0F976BBEA5AE8556BC7C90B3E50E21C19AD1F6BC4A8FF15F2909D9CC5F3DA533BADFF50F487869D631C3E34D69636B4C25A55127EF5B715F2FC0565734B38DF996D1970E56F7F64EBECB9D00A587AAEC608F2D3AAA51E66BF53E92C3096BF78D1DCBCE1A645FA4F0542E6F68E5A94AAA6E839F75620FABED5D2BCF40AB8EAF95F838BFA962429F281578882DF0F2721C27C8905C9E776B1D3251FC066A8BC64C0CE7FBA2B8E21F65EF6739AB6F19EC2AB07817DFF03DAB7C846AB5CC86C103642D7664A85DC2D846A8004CD6A144C72CCCAC86DB5901A047324927B80E281F5F7315FA2F9083BDE0DB7AA46DC055E36BB73FB6DBD3A14759D06CBBE8D57CBC213C4D55DE4478679E0A5902C8655BE1391C0E88D2B1FBD57E9232A2CEBC67569ECD94E4BF0FCC6C003F9AA51A2A5E6EE084A46DAE65E52400A727F9713D29E92CD6CA37FD599598B3F677624A2A484A8B36B98EFEAD662C0A23BC1D9280EF2A31F887065EB20A93B41F7A264ECFA65B3555F3E400927018186EAA2D4F00C6B7AB1BCED5F893D64478177592C7F2B945307AB474D7EC7FF2E7E55834CC763BEF81DA9BD70FB3D423AE5ADB86B336734C8A3BEC90CEB05438B5BA030D0D30DEC1442D2EB08450480FBAE090FFA1A5ADD748A415BDCDE45094E792420F0AF94BCA0A80A2096D1A478D3428A214A7E68C0F07F58C6FB232ECC3D8B821AE29AE76E13EB751193F6ECA670016D54F3D796937DDBB8900062EF116CCA3F5B3AECA618272875336C9C050FBC0FC7EDD5B88D85DA0061D21E176E1419CF573629BE7B0496E761EAD45FE32B59EB00D47CDD178AC8F8EC8D6F26DED34F7576CD938422E18E936F16A704B483A48EE3BEA59D95F688136119894930EC8E9282E5974740CF031DF8DBB07EB08F2DA0ACCADECE15A6A57502890F4A03740E60BD":"010001":0 RSA Check Public key #7 (N larger than 8192 bits) -mbedtls_rsa_check_pubkey:16:"01631CD83F3F2D67FA52E13B44416EA65043A322ECD65467558EACD4C6B6D92DA7471D2DBD58E6921F9465C4900E92DFC6EB35C90637285A7E1F3D27C1C32FD6A5CB324D8253C6B2E480B63F66E3B09F4300C3E683011C7803BDEAD682F0F55473FC8A187734573A11ECDCE802022F539BC2074E94703C23E48FF8AE35702352E70AF921B42E6A143A3EFEE20DF77A97AA703AA271CE96EB78062452D87A4ADCACF83FFB9683818BF2ED234D0ECFB1B935827708050C4D007215D7A028152798045AF6A0B741A7B22F3FCCEBC26D285B9AA22CEF858858702BAE7D945FA0C45E2D8AADFF2FD0A64DF02C241F871C799AD73738E626D9A6D4BFFBCE000C4087F0CE74EF21526402FDCD07649175122697FD01041B84AD0A3FEDABD5C25E953686B2272F8C8B748A486F54CB767A1C79CA499B2C9A300AC8A214A0BFA06280A9235D5B7AFB8A76FFDD78FC72038C5B809569A6125D6A588684A16D222EF93F2469EA78948037957DE9B449AB722044FDFF3B6AC89367D72F0CF3ED1F85EDFD0DE3EEEDD39F6EFD68A0368F83B389B7A7B9C7713F4148F53E82CDF6D9CC002A3A16F1E6A1D78C48CE7849584164661664153A499ACAE5927728B2F1A2E911648676DF316DFCBF5E44F393B7B296A4A21ED59744E3855FCD4A21F2B42CFE5C52860B244D467103107E3DC40A82077269897528CCBF80B2F216A535C52A6A2643E64B53276A1B63348038706328FE369AE2409568160481C07A3ED5B0198EC6CC07F8F250B1DE0D97110F834AA3D1C0862FB719393EA08D530225CE0647FD5488F483FA065196D1160FAFA54CD3FF63B6ADDBE84D09F3CFF98F22CC71DE2FC19735126C3BBA9A2C293D1DB118F0512C144C1C616492BE0D19BFD245955840F640EBE6FCFF2830C683852046F36C3CDA4F4460ABA4B2FEEB700C9DD80418C42673858CDD11E70682D5A41ED7D8010EC7DD5B57B4E206F84DB8A430B246002FEA49AFF45940B1F18AE28863F5AA41D3B42ABCD3D1BAB7644B86E060865997E1BA23A768F233D8A859332F8B9D5D1633F9C462328C17E2B07D6DFD813C94D675873592E5CBB001C112A790B10B9F9E07BE105C4FD328C7E3887C3EF13E8ECE6106B73A3341AF200D8663BDF96FFDB6F794FBB04D976B87423A868882F15CAE8DC9F6CAF4917EFC844E74BAD48F21E34530CB4E20006444706FC95658735553CA99E18F0E820D78DEF8FB84034B10CE44B1AE36B50147558415E5E78A77E2FC7C8C580B54CCC40EE3904C04950846A6D51BF5C80E0B6E2ADC4989DA1D3DD01F99AA369C2E6B53394BA0CB5E6E811BFA004A5B3B3C34C60433AB5EB0EC8050246B9AF10B49EAA51487CCE0C4C8F4CDAF926D582D7E4924C33765E00AC952A38669150EA322CDF886B46DE4D0970A060B670D50C9BF3D2020B529838E192EF92BFE2F06FDF1D5":16:"010001":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"01631CD83F3F2D67FA52E13B44416EA65043A322ECD65467558EACD4C6B6D92DA7471D2DBD58E6921F9465C4900E92DFC6EB35C90637285A7E1F3D27C1C32FD6A5CB324D8253C6B2E480B63F66E3B09F4300C3E683011C7803BDEAD682F0F55473FC8A187734573A11ECDCE802022F539BC2074E94703C23E48FF8AE35702352E70AF921B42E6A143A3EFEE20DF77A97AA703AA271CE96EB78062452D87A4ADCACF83FFB9683818BF2ED234D0ECFB1B935827708050C4D007215D7A028152798045AF6A0B741A7B22F3FCCEBC26D285B9AA22CEF858858702BAE7D945FA0C45E2D8AADFF2FD0A64DF02C241F871C799AD73738E626D9A6D4BFFBCE000C4087F0CE74EF21526402FDCD07649175122697FD01041B84AD0A3FEDABD5C25E953686B2272F8C8B748A486F54CB767A1C79CA499B2C9A300AC8A214A0BFA06280A9235D5B7AFB8A76FFDD78FC72038C5B809569A6125D6A588684A16D222EF93F2469EA78948037957DE9B449AB722044FDFF3B6AC89367D72F0CF3ED1F85EDFD0DE3EEEDD39F6EFD68A0368F83B389B7A7B9C7713F4148F53E82CDF6D9CC002A3A16F1E6A1D78C48CE7849584164661664153A499ACAE5927728B2F1A2E911648676DF316DFCBF5E44F393B7B296A4A21ED59744E3855FCD4A21F2B42CFE5C52860B244D467103107E3DC40A82077269897528CCBF80B2F216A535C52A6A2643E64B53276A1B63348038706328FE369AE2409568160481C07A3ED5B0198EC6CC07F8F250B1DE0D97110F834AA3D1C0862FB719393EA08D530225CE0647FD5488F483FA065196D1160FAFA54CD3FF63B6ADDBE84D09F3CFF98F22CC71DE2FC19735126C3BBA9A2C293D1DB118F0512C144C1C616492BE0D19BFD245955840F640EBE6FCFF2830C683852046F36C3CDA4F4460ABA4B2FEEB700C9DD80418C42673858CDD11E70682D5A41ED7D8010EC7DD5B57B4E206F84DB8A430B246002FEA49AFF45940B1F18AE28863F5AA41D3B42ABCD3D1BAB7644B86E060865997E1BA23A768F233D8A859332F8B9D5D1633F9C462328C17E2B07D6DFD813C94D675873592E5CBB001C112A790B10B9F9E07BE105C4FD328C7E3887C3EF13E8ECE6106B73A3341AF200D8663BDF96FFDB6F794FBB04D976B87423A868882F15CAE8DC9F6CAF4917EFC844E74BAD48F21E34530CB4E20006444706FC95658735553CA99E18F0E820D78DEF8FB84034B10CE44B1AE36B50147558415E5E78A77E2FC7C8C580B54CCC40EE3904C04950846A6D51BF5C80E0B6E2ADC4989DA1D3DD01F99AA369C2E6B53394BA0CB5E6E811BFA004A5B3B3C34C60433AB5EB0EC8050246B9AF10B49EAA51487CCE0C4C8F4CDAF926D582D7E4924C33765E00AC952A38669150EA322CDF886B46DE4D0970A060B670D50C9BF3D2020B529838E192EF92BFE2F06FDF1D5":"010001":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #8 (E exactly 2 bits) -mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"3":0 +mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"3":0 RSA Check Public key #8 (E exactly 1 bits) -mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"1":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"1":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public key #8 (E exactly 64 bits) -mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"00fedcba9876543213":0 +mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"00fedcba9876543213":0 RSA Check Public key #8 (E larger than 64 bits) -mbedtls_rsa_check_pubkey:16:"fedcba9876543210deadbeefcafe4321":16:"01fedcba9876543213":0 +mbedtls_rsa_check_pubkey:"fedcba9876543210deadbeefcafe4321":"01fedcba9876543213":0 RSA Check Public key #9 (E has size N-2) -mbedtls_rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034d":0 +mbedtls_rsa_check_pubkey:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034d":0 RSA Check Public key #10 (E has size N) -mbedtls_rsa_check_pubkey:16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_check_pubkey:"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public-Private key #1 (Correct) -rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0 +rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":0 RSA Check Public-Private key #2 (Public no N) -rsa_check_pubpriv:2048:16:"":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +rsa_check_pubpriv:2048:"":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public-Private key #3 (Private no N) -rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public-Private key #4 (N mismatch) -rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034e":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034e":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Check Public-Private key #5 (E mismatch) -rsa_check_pubpriv:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"17":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":16:"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":16:"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +rsa_check_pubpriv:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"17":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F":"844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B":"4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Private (Correct) -mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0 +mbedtls_rsa_private:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67":0 RSA Private (Data larger than N) -mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA Private (Data = 0 ) -mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 +mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 RSA Public (Correct) -mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0 +mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0 RSA Public (Data larger than N) -mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA Public (Data = 0) -mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 +mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 RSA Generate Key - 128bit key mbedtls_rsa_gen_key:128:3:0 @@ -421,115 +421,115 @@ RSA Generate Key - 1025 bit key mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Validate Params, toy example -mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"3":0:0 +mbedtls_rsa_validate_params:"f":"3":"5":"3":"3":0:0 RSA Validate Params, toy example, N missing -mbedtls_rsa_validate_params:10:"":10:"3":10:"5":10:"3":10:"3":0:0 +mbedtls_rsa_validate_params:"":"3":"5":"3":"3":0:0 RSA Validate Params, toy example, E missing -mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"":0:0 +mbedtls_rsa_validate_params:"f":"3":"5":"3":"":0:0 RSA Validate Params, toy example, corrupted -mbedtls_rsa_validate_params:10:"16":10:"3":10:"5":10:"3":10:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_validate_params:"10":"3":"5":"3":"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Validate Params, toy example, non-primes, no PRNG -mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":0:0 +mbedtls_rsa_validate_params:"2d":"9":"5":"7":"17":0:0 RSA Validate Params, toy example, non-primes, PRNG -mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_validate_params:"2d":"9":"5":"7":"17":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Validate Params -mbedtls_rsa_validate_params:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0 +mbedtls_rsa_validate_params:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:0 RSA Validate Params, N missing -mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0 +mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:0 RSA Validate Params, bad N -mbedtls_rsa_validate_params:16:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_validate_params:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Validate Params, non-prime, no PRNG -mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":0:0 +mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"":0:0 RSA Validate Params, non-prime, PRNG -mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +mbedtls_rsa_validate_params:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA Deduce Private, toy example -mbedtls_rsa_deduce_private_exponent:10:"7":10:"11":10:"7":10:"13":0:0 +mbedtls_rsa_deduce_private_exponent:"7":"b":"7":"d":0:0 RSA Deduce Private, toy example, corrupted -mbedtls_rsa_deduce_private_exponent:10:"3":10:"5":10:"3":10:"3":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +mbedtls_rsa_deduce_private_exponent:"3":"5":"3":"3":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE RSA Deduce Private -mbedtls_rsa_deduce_private_exponent:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":0:0 +mbedtls_rsa_deduce_private_exponent:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":0:0 RSA Deduce Private, corrupted -mbedtls_rsa_deduce_private_exponent:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"3":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE +mbedtls_rsa_deduce_private_exponent:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"3":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE RSA Deduce Primes, toy example -mbedtls_rsa_deduce_primes:10:"35":10:"5":10:"5":10:"5":10:"7":0:0 +mbedtls_rsa_deduce_primes:"23":"5":"5":"5":"7":0:0 RSA Deduce Primes, toy example, corrupted -mbedtls_rsa_deduce_primes:10:"35":10:"5":10:"5":10:"5":10:"7":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_deduce_primes:"23":"5":"5":"5":"7":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA Deduce Moduli -mbedtls_rsa_deduce_primes:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":0:0 +mbedtls_rsa_deduce_primes:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":0:0 RSA Deduce Moduli, corrupted -mbedtls_rsa_deduce_primes:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA +mbedtls_rsa_deduce_primes:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":1:MBEDTLS_ERR_MPI_BAD_INPUT_DATA RSA Import (N,P,Q,D,E) -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0 RSA Import (N,P,Q,D,E), inconsistent -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 RSA Import (N,P,Q,D,E), successive -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0 RSA Import (N,P,Q,D,E), successive, inconsistent -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC3672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 RSA Import (-,P,Q,D,E) -mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0 +mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0 RSA Import (-,P,Q,D,E), successive -mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0 +mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0 RSA Import (N,-,-,D,E) -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":0:1:0:0 RSA Import (N,-,-,D,E), successive -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1:0:0 RSA Import (N,P,Q,-,E) -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:0 RSA Import (N,P,Q,-,E), successive -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:0 RSA Import (-,P,Q,-,E) -mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:0 +mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:0 RSA Import (-,P,Q,-,E), successive -mbedtls_rsa_import:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:0 +mbedtls_rsa_import:"":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:0 RSA Import (N,-,Q,-,E) -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":0:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Import (N,-,Q,-,E), successive -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Import (N,-,-,-,E), complete public key -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":0:0:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":0:0:0:0 RSA Import (N,-,-,-,E), complete public key, successive -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":1:0:0:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":1:0:0:0 RSA Import (N,-,-,-,E), complete public key, corrupted -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"4":0:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"4":0:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 RSA Import (N,-,-,-,E), complete public key, successive, corrupted -mbedtls_rsa_import:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"4":1:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 +mbedtls_rsa_import:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"4":1:0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:0 RSA Import Raw (N,P,Q,D,E), complete private key mbedtls_rsa_import_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":0:1:0:0 @@ -577,25 +577,25 @@ RSA Import Raw (-,-,-,-,-) mbedtls_rsa_import_raw:"":"":"":"":"":0:0:0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Export (N,P,Q,D,E) -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:0 RSA Export (N,P,Q,D,E), successive -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1 RSA Export (N,-,-,D,E) -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:0 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:0 RSA Export (N,-,-,D,E), successive -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":1:1 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"3":1:1 RSA Export (N,P,Q,-,E) -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:0 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:0 RSA Export (N,P,Q,-,E), successive -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"3":1:1 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"":"3":1:1 RSA Export (N,-,-,-,E) -mbedtls_rsa_export:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"":16:"":16:"":16:"3":0:0 +mbedtls_rsa_export:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"":"":"":"3":0:0 RSA Export Raw (N,P,Q,D,E) mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":"03":1:0 @@ -620,7 +620,7 @@ mbedtls_rsa_export_raw:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f RSA PKCS1 Encrypt Bad RNG depends_on:MBEDTLS_PKCS1_V15 -rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED +rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V15:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":MBEDTLS_ERR_RSA_RNG_FAILED RSA Selftest depends_on:MBEDTLS_SELF_TEST diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_rsa.function b/third_party/mbedtls/repo/tests/suites/test_suite_rsa.function index 2d7fb8ef670..fa7fa958634 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_rsa.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_rsa.function @@ -18,7 +18,7 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void rsa_invalid_param( ) +void rsa_invalid_param() { mbedtls_rsa_context ctx; const int valid_padding = MBEDTLS_RSA_PKCS_V21; @@ -28,460 +28,460 @@ void rsa_invalid_param( ) unsigned char buf[42] = { 0 }; size_t olen; - TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) ); - TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) ); + TEST_INVALID_PARAM(mbedtls_rsa_init(NULL, valid_padding, 0)); + TEST_INVALID_PARAM(mbedtls_rsa_init(&ctx, invalid_padding, 0)); + TEST_VALID_PARAM(mbedtls_rsa_free(NULL)); /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_import_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_complete( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_import(NULL, NULL, NULL, + NULL, NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_import_raw(NULL, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_complete(NULL)); /* No more variants because only the first argument must be non-NULL. */ - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export( NULL, NULL, NULL, - NULL, NULL, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_raw( NULL, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0, - NULL, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) ); - - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL, - valid_padding, 0 ) ); - TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx, - invalid_padding, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( NULL, - mbedtls_test_rnd_std_rand, - NULL, 0, 0 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_gen_key( &ctx, NULL, - NULL, 0, 0 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pubkey( NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_privkey( NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_check_pub_priv( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( NULL, buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_public( &ctx, buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( NULL, NULL, NULL, - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_private( &ctx, NULL, NULL, - buf, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL, + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export(NULL, NULL, NULL, + NULL, NULL, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export_raw(NULL, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0, + NULL, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_export_crt(NULL, NULL, NULL, NULL)); + + TEST_INVALID_PARAM(mbedtls_rsa_set_padding(NULL, + valid_padding, 0)); + TEST_INVALID_PARAM(mbedtls_rsa_set_padding(&ctx, + invalid_padding, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_gen_key(NULL, + mbedtls_test_rnd_std_rand, + NULL, 0, 0)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_gen_key(&ctx, NULL, + NULL, 0, 0)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pubkey(NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_privkey(NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pub_priv(NULL, &ctx)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_check_pub_priv(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(NULL, buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(&ctx, NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_public(&ctx, buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(NULL, NULL, NULL, + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(&ctx, NULL, NULL, + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_private(&ctx, NULL, NULL, + buf, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(NULL, NULL, NULL, + valid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + invalid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + valid_mode, + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_encrypt(&ctx, NULL, NULL, + valid_mode, + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(NULL, NULL, + NULL, + valid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + invalid_mode, + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + valid_mode, + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, NULL, + NULL, + valid_mode, + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(NULL, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + invalid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + NULL, sizeof(buf), + sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_encrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + sizeof(buf), buf, + NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(NULL, NULL, NULL, + valid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + invalid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_decrypt(&ctx, NULL, NULL, + valid_mode, &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(NULL, NULL, + NULL, + valid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + invalid_mode, &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, NULL, + NULL, + valid_mode, &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(NULL, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + invalid_mode, + buf, sizeof(buf), + &olen, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + NULL, sizeof(buf), + NULL, + buf, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + NULL, buf, 42)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsaes_oaep_decrypt(&ctx, NULL, NULL, + valid_mode, + buf, sizeof(buf), + &olen, + buf, NULL, 42)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_sign(&ctx, NULL, NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(NULL, NULL, NULL, valid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, valid_mode, - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign(&ctx, NULL, NULL, valid_mode, - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, - NULL, - valid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - valid_mode, - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - valid_mode, - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - NULL, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL, - valid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - invalid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL, - NULL, - valid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - invalid_mode, &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - NULL, sizeof( buf ), - NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - NULL, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, - buf, sizeof( buf ), - &olen, - buf, NULL, 42 ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(NULL, NULL, NULL, + 0, sizeof(buf), buf, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + 0, sizeof(buf), NULL, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + 0, sizeof(buf), buf, + MBEDTLS_RSA_SALT_LEN_ANY, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_sign_ext(&ctx, NULL, NULL, + MBEDTLS_MD_SHA1, + 0, NULL, + MBEDTLS_RSA_SALT_LEN_ANY, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(NULL, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), NULL, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, + MBEDTLS_MD_SHA1, 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(NULL, NULL, + NULL, + valid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + invalid_mode, + 0, sizeof(buf), buf, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + 0, sizeof(buf), + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + 0, sizeof(buf), buf, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pkcs1_v15_verify(&ctx, NULL, + NULL, + valid_mode, + MBEDTLS_MD_SHA1, + 0, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(NULL, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, + 0, sizeof(buf), + buf, NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify(&ctx, NULL, NULL, valid_mode, MBEDTLS_MD_SHA1, 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, - 0, sizeof( buf ), buf, - MBEDTLS_RSA_SALT_LEN_ANY, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL, + buf)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(NULL, NULL, NULL, + valid_mode, + 0, sizeof(buf), + buf, + 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + invalid_mode, + 0, sizeof(buf), + buf, + 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), + NULL, 0, 0, + buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, + 0, sizeof(buf), + buf, 0, 0, + NULL)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_rsassa_pss_verify_ext(&ctx, NULL, NULL, + valid_mode, MBEDTLS_MD_SHA1, 0, NULL, - MBEDTLS_RSA_SALT_LEN_ANY, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), NULL, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - 0, sizeof( buf ), buf, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - buf ) ); + 0, 0, + buf)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - NULL, 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - 0, sizeof( buf ), - buf, 0, 0, - NULL ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, - MBEDTLS_MD_SHA1, - 0, NULL, - 0, 0, - buf ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( NULL, &ctx ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_copy( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_copy(NULL, &ctx)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_RSA_BAD_INPUT_DATA, + mbedtls_rsa_copy(&ctx, NULL)); exit: return; @@ -489,7 +489,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void rsa_init_free( int reinit ) +void rsa_init_free(int reinit) { mbedtls_rsa_context ctx; @@ -498,12 +498,13 @@ void rsa_init_free( int reinit ) * unconditionally on an error path without checking whether it has * already been called in the success path. */ - mbedtls_rsa_init( &ctx, 0, 0 ); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_init(&ctx, 0, 0); + mbedtls_rsa_free(&ctx); - if( reinit ) - mbedtls_rsa_init( &ctx, 0, 0 ); - mbedtls_rsa_free( &ctx ); + if (reinit) { + mbedtls_rsa_init(&ctx, 0, 0); + } + mbedtls_rsa_free(&ctx); /* This test case always succeeds, functionally speaking. A plausible * bug might trigger an invalid pointer dereference or a memory leak. */ @@ -512,11 +513,10 @@ void rsa_init_free( int reinit ) /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, - int digest, int mod, int radix_P, char * input_P, - int radix_Q, char * input_Q, int radix_N, - char * input_N, int radix_E, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_sign(data_t *message_str, int padding_mode, + int digest, int mod, char *input_P, + char *input_Q, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; unsigned char output[256]; @@ -524,306 +524,304 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); - memset( hash_result, 0x00, sizeof( hash_result ) ); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(hash_result, 0x00, sizeof(hash_result)); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, digest, + 0, hash_result, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, - int digest, int mod, int radix_N, - char * input_N, int radix_E, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_verify(data_t *message_str, int padding_mode, + int digest, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( hash_result, 0x00, sizeof( hash_result ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(hash_result, 0x00, sizeof(hash_result)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - if( mbedtls_md_info_from_type( digest ) != NULL ) - TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); + if (mbedtls_md_info_from_type(digest) != NULL) { + TEST_ASSERT(mbedtls_md(mbedtls_md_info_from_type(digest), message_str->x, message_str->len, + hash_result) == 0); + } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, + hash_result, result_str->x) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_sign_raw( data_t * hash_result, - int padding_mode, int mod, int radix_P, - char * input_P, int radix_Q, char * input_Q, - int radix_N, char * input_N, int radix_E, - char * input_E, data_t * result_str ) +void rsa_pkcs1_sign_raw(data_t *hash_result, + int padding_mode, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *result_str) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, P, Q, E; mbedtls_test_rnd_pseudo_info rnd_info; - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_NONE, hash_result->len, - hash_result->x, output ) == 0 ); + TEST_ASSERT(mbedtls_rsa_pkcs1_sign(&ctx, &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + MBEDTLS_MD_NONE, hash_result->len, + hash_result->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); #if defined(MBEDTLS_PKCS1_V15) /* For PKCS#1 v1.5, there is an alternative way to generate signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { + if (padding_mode == MBEDTLS_RSA_PKCS_V15) { int res; - memset( output, 0x00, sizeof( output) ); + memset(output, 0x00, sizeof(output)); - res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, hash_result->len, - hash_result->x, output ); + res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, &rnd_info, + MBEDTLS_RSA_PRIVATE, hash_result->len, + hash_result->x, output); #if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); + TEST_ASSERT(res == 0); #else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + TEST_ASSERT((res == 0) || + (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION)); #endif - if( res == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, - result_str->len ) == 0 ); + if (res == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, + result_str->len) == 0); } } #endif /* MBEDTLS_PKCS1_V15 */ exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_verify_raw( data_t * hash_result, - int padding_mode, int mod, int radix_N, - char * input_N, int radix_E, char * input_E, - data_t * result_str, int correct ) +void rsa_pkcs1_verify_raw(data_t *hash_result, + int padding_mode, int mod, + char *input_N, char *input_E, + data_t *result_str, int correct) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); + TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, + hash_result->len, hash_result->x, + result_str->x) == correct); #if defined(MBEDTLS_PKCS1_V15) /* For PKCS#1 v1.5, there is an alternative way to verify signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { + if (padding_mode == MBEDTLS_RSA_PKCS_V15) { int res; int ok; size_t olen; - res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, - NULL, NULL, MBEDTLS_RSA_PUBLIC, - &olen, result_str->x, output, sizeof( output ) ); + res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(&ctx, + NULL, NULL, MBEDTLS_RSA_PUBLIC, + &olen, result_str->x, output, sizeof(output)); #if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); + TEST_ASSERT(res == 0); #else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) ); + TEST_ASSERT((res == 0) || + (res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION)); #endif - if( res == 0 ) - { - ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0; - if( correct == 0 ) - TEST_ASSERT( ok == 1 ); - else - TEST_ASSERT( ok == 0 ); + if (res == 0) { + ok = olen == hash_result->len && memcmp(output, hash_result->x, olen) == 0; + if (correct == 0) { + TEST_ASSERT(ok == 1); + } else { + TEST_ASSERT(ok == 0); + } } } #endif /* MBEDTLS_PKCS1_V15 */ exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, - int mod, int radix_N, char * input_N, - int radix_E, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_pkcs1_encrypt(data_t *message_str, int padding_mode, + int mod, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, + &mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, - int mod, int radix_N, char * input_N, - int radix_E, char * input_E, - data_t * result_str, int result ) +void rsa_pkcs1_encrypt_bad_rng(data_t *message_str, int padding_mode, + int mod, char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, padding_mode, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand, - NULL, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, - output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, &mbedtls_test_rnd_zero_rand, + NULL, MBEDTLS_RSA_PUBLIC, + message_str->len, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, - int mod, int radix_P, char * input_P, - int radix_Q, char * input_Q, int radix_N, - char * input_N, int radix_E, char * input_E, - int max_output, data_t * result_str, - int result ) +void mbedtls_rsa_pkcs1_decrypt(data_t *message_str, int padding_mode, + int mod, char *input_P, + char *input_Q, char *input_N, + char *input_E, int max_output, + data_t *result_str, int result) { unsigned char output[32]; mbedtls_rsa_context ctx; @@ -831,108 +829,104 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, mbedtls_test_rnd_pseudo_info rnd_info; mbedtls_mpi N, P, Q, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); - mbedtls_rsa_init( &ctx, padding_mode, 0 ); + mbedtls_rsa_init(&ctx, padding_mode, 0); - memset( output, 0x00, sizeof( output ) ); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(output, 0x00, sizeof(output)); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); output_len = 0; - TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - &output_len, message_str->x, output, - max_output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, mbedtls_test_rnd_pseudo_rand, + &rnd_info, MBEDTLS_RSA_PRIVATE, + &output_len, message_str->x, output, + max_output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - output_len, - result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + output_len, + result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N, - char * input_N, int radix_E, char * input_E, - data_t * result_str, int result ) +void mbedtls_rsa_public(data_t *message_str, int mod, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); - memset( output, 0x00, sizeof( output ) ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); /* Check test data consistency */ - TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); + TEST_ASSERT(message_str->len == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); - TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result ); - if( result == 0 ) - { + TEST_ASSERT(mbedtls_rsa_public(&ctx, message_str->x, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } /* And now with the copy */ - TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0); /* clear the original to be sure */ - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx2) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result ); - if( result == 0 ) - { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_public(&ctx2, message_str->x, output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); - mbedtls_rsa_free( &ctx2 ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); + mbedtls_rsa_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, - char * input_P, int radix_Q, char * input_Q, - int radix_N, char * input_N, int radix_E, - char * input_E, data_t * result_str, - int result ) +void mbedtls_rsa_private(data_t *message_str, int mod, + char *input_P, char *input_Q, + char *input_N, char *input_E, + data_t *result_str, int result) { unsigned char output[256]; mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */ @@ -940,382 +934,349 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P, mbedtls_test_rnd_pseudo_info rnd_info; int i; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); - mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); + mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&ctx2, MBEDTLS_RSA_PKCS_V15, 0); - memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); /* Check test data consistency */ - TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) ); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); + TEST_ASSERT(message_str->len == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) (mod / 8)); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); /* repeat three times to test updating of blinding values */ - for( i = 0; i < 3; i++ ) - { - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand, - &rnd_info, message_str->x, - output ) == result ); - if( result == 0 ) - { - - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, - result_str->len ) == 0 ); + for (i = 0; i < 3; i++) { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_test_rnd_pseudo_rand, + &rnd_info, message_str->x, + output) == result); + if (result == 0) { + + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx.len, + result_str->len) == 0); } } /* And now one more time with the copy */ - TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_copy(&ctx2, &ctx) == 0); /* clear the original to be sure */ - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx2) == 0); - memset( output, 0x00, sizeof( output ) ); - TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand, - &rnd_info, message_str->x, - output ) == result ); - if( result == 0 ) - { + memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_private(&ctx2, mbedtls_test_rnd_pseudo_rand, + &rnd_info, message_str->x, + output) == result); + if (result == 0) { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx2.len, - result_str->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + ctx2.len, + result_str->len) == 0); } exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); - mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); + mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); - mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 ); + mbedtls_rsa_free(&ctx); mbedtls_rsa_free(&ctx2); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_check_privkey_null( ) +void rsa_check_privkey_null() { mbedtls_rsa_context ctx; - memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) ); + memset(&ctx, 0x00, sizeof(mbedtls_rsa_context)); - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E, - char * input_E, int result ) +void mbedtls_rsa_check_pubkey(char *input_N, char *input_E, int result) { mbedtls_rsa_context ctx; mbedtls_mpi N, E; - mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); } - TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == result); exit: - mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); - mbedtls_rsa_free( &ctx ); + mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P, - int radix_Q, char * input_Q, int radix_N, - char * input_N, int radix_E, char * input_E, - int radix_D, char * input_D, int radix_DP, - char * input_DP, int radix_DQ, - char * input_DQ, int radix_QP, - char * input_QP, int result ) +void mbedtls_rsa_check_privkey(int mod, char *input_P, char *input_Q, + char *input_N, char *input_E, char *input_D, + char *input_DP, char *input_DQ, char *input_QP, + int result) { mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0); ctx.len = mod / 8; - if( strlen( input_P ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 ); + if (strlen(input_P)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.P, input_P) == 0); } - if( strlen( input_Q ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 ); + if (strlen(input_Q)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.Q, input_Q) == 0); } - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.E, input_E) == 0); } - if( strlen( input_D ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 ); + if (strlen(input_D)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.D, input_D) == 0); } #if !defined(MBEDTLS_RSA_NO_CRT) - if( strlen( input_DP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 ); + if (strlen(input_DP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DP, input_DP) == 0); } - if( strlen( input_DQ ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 ); + if (strlen(input_DQ)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.DQ, input_DQ) == 0); } - if( strlen( input_QP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 ); + if (strlen(input_QP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&ctx.QP, input_QP) == 0); } #else - ((void) radix_DP); ((void) input_DP); - ((void) radix_DQ); ((void) input_DQ); - ((void) radix_QP); ((void) input_QP); + ((void) input_DP); + ((void) input_DQ); + ((void) input_QP); #endif - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result ); + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == result); exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE */ -void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub, - int radix_Epub, char * input_Epub, int radix_P, - char * input_P, int radix_Q, char * input_Q, - int radix_N, char * input_N, int radix_E, - char * input_E, int radix_D, char * input_D, - int radix_DP, char * input_DP, int radix_DQ, - char * input_DQ, int radix_QP, char * input_QP, - int result ) +void rsa_check_pubpriv(int mod, char *input_Npub, char *input_Epub, + char *input_P, char *input_Q, char *input_N, + char *input_E, char *input_D, char *input_DP, + char *input_DQ, char *input_QP, int result) { mbedtls_rsa_context pub, prv; - mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 ); - mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 ); + mbedtls_rsa_init(&pub, MBEDTLS_RSA_PKCS_V15, 0); + mbedtls_rsa_init(&prv, MBEDTLS_RSA_PKCS_V15, 0); pub.len = mod / 8; prv.len = mod / 8; - if( strlen( input_Npub ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 ); + if (strlen(input_Npub)) { + TEST_ASSERT(mbedtls_test_read_mpi(&pub.N, input_Npub) == 0); } - if( strlen( input_Epub ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 ); + if (strlen(input_Epub)) { + TEST_ASSERT(mbedtls_test_read_mpi(&pub.E, input_Epub) == 0); } - if( strlen( input_P ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 ); + if (strlen(input_P)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.P, input_P) == 0); } - if( strlen( input_Q ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 ); + if (strlen(input_Q)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.Q, input_Q) == 0); } - if( strlen( input_N ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 ); + if (strlen(input_N)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.N, input_N) == 0); } - if( strlen( input_E ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 ); + if (strlen(input_E)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.E, input_E) == 0); } - if( strlen( input_D ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 ); + if (strlen(input_D)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.D, input_D) == 0); } #if !defined(MBEDTLS_RSA_NO_CRT) - if( strlen( input_DP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 ); + if (strlen(input_DP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.DP, input_DP) == 0); } - if( strlen( input_DQ ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 ); + if (strlen(input_DQ)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.DQ, input_DQ) == 0); } - if( strlen( input_QP ) ) - { - TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 ); + if (strlen(input_QP)) { + TEST_ASSERT(mbedtls_test_read_mpi(&prv.QP, input_QP) == 0); } #else - ((void) radix_DP); ((void) input_DP); - ((void) radix_DQ); ((void) input_DQ); - ((void) radix_QP); ((void) input_QP); + ((void) input_DP); + ((void) input_DQ); + ((void) input_QP); #endif - TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result ); + TEST_ASSERT(mbedtls_rsa_check_pub_priv(&pub, &prv) == result); exit: - mbedtls_rsa_free( &pub ); - mbedtls_rsa_free( &prv ); + mbedtls_rsa_free(&pub); + mbedtls_rsa_free(&prv); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_gen_key( int nrbits, int exponent, int result) +void mbedtls_rsa_gen_key(int nrbits, int exponent, int result) { mbedtls_rsa_context ctx; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init ( &ctx, 0, 0 ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); - TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result ); - if( result == 0 ) - { - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 ); + TEST_ASSERT(mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, + exponent) == result); + if (result == 0) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&ctx.P, &ctx.Q) > 0); } exit: - mbedtls_rsa_free( &ctx ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_rsa_free(&ctx); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */ -void mbedtls_rsa_deduce_primes( int radix_N, char *input_N, - int radix_D, char *input_D, - int radix_E, char *input_E, - int radix_P, char *output_P, - int radix_Q, char *output_Q, - int corrupt, int result ) +void mbedtls_rsa_deduce_primes(char *input_N, + char *input_D, + char *input_E, + char *output_P, + char *output_Q, + int corrupt, int result) { mbedtls_mpi N, P, Pp, Q, Qp, D, E; - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&Pp); mbedtls_mpi_init(&Qp); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Qp, output_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Pp, output_Q) == 0); - if( corrupt ) - TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 ); + if (corrupt) { + TEST_ASSERT(mbedtls_mpi_add_int(&D, &D, 2) == 0); + } /* Try to deduce P, Q from N, D, E only. */ - TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result ); + TEST_ASSERT(mbedtls_rsa_deduce_primes(&N, &D, &E, &P, &Q) == result); - if( !corrupt ) - { + if (!corrupt) { /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */ - TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) || - ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) ); + TEST_ASSERT((mbedtls_mpi_cmp_mpi(&P, &Pp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Qp) == 0) || + (mbedtls_mpi_cmp_mpi(&P, &Qp) == 0 && mbedtls_mpi_cmp_mpi(&Q, &Pp) == 0)); } exit: - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&Pp); mbedtls_mpi_free(&Qp); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P, - int radix_Q, char *input_Q, - int radix_E, char *input_E, - int radix_D, char *output_D, - int corrupt, int result ) +void mbedtls_rsa_deduce_private_exponent(char *input_P, + char *input_Q, + char *input_E, + char *output_D, + int corrupt, int result) { mbedtls_mpi P, Q, D, Dp, E, R, Rp; - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp ); - mbedtls_mpi_init( &E ); - mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp ); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&Dp); + mbedtls_mpi_init(&E); + mbedtls_mpi_init(&R); mbedtls_mpi_init(&Rp); - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); - TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&Dp, output_D) == 0); - if( corrupt ) - { + if (corrupt) { /* Make E even */ - TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_set_bit(&E, 0, 0) == 0); } /* Try to deduce D from N, P, Q, E. */ - TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q, - &E, &D ) == result ); + TEST_ASSERT(mbedtls_rsa_deduce_private_exponent(&P, &Q, + &E, &D) == result); - if( !corrupt ) - { + if (!corrupt) { /* * Check that D and Dp agree modulo LCM(P-1, Q-1). */ /* Replace P,Q by P-1, Q-1 */ - TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 ); - TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 ); + TEST_ASSERT(mbedtls_mpi_sub_int(&P, &P, 1) == 0); + TEST_ASSERT(mbedtls_mpi_sub_int(&Q, &Q, 1) == 0); /* Check D == Dp modulo P-1 */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &P) == 0); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &P) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0); /* Check D == Dp modulo Q-1 */ - TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 ); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&R, &D, &Q) == 0); + TEST_ASSERT(mbedtls_mpi_mod_mpi(&Rp, &Dp, &Q) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &Rp) == 0); } exit: - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp ); - mbedtls_mpi_free( &E ); - mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp ); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&Dp); + mbedtls_mpi_free(&E); + mbedtls_mpi_free(&R); mbedtls_mpi_free(&Rp); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_import( int radix_N, char *input_N, - int radix_P, char *input_P, - int radix_Q, char *input_Q, - int radix_D, char *input_D, - int radix_E, char *input_E, - int successive, - int is_priv, - int res_check, - int res_complete ) +void mbedtls_rsa_import(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int successive, + int is_priv, + int res_check, + int res_complete) { mbedtls_mpi N, P, Q, D, E; mbedtls_rsa_context ctx; @@ -1329,140 +1290,143 @@ void mbedtls_rsa_import( int radix_N, char *input_N, mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); - - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, strlen( pers ) ) == 0 ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, + (const unsigned char *) pers, strlen(pers)) == 0); - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_import( &ctx, - have_N ? &N : NULL, - have_P ? &P : NULL, - have_Q ? &Q : NULL, - have_D ? &D : NULL, - have_E ? &E : NULL ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); } - else - { + + if (!successive) { + TEST_ASSERT(mbedtls_rsa_import(&ctx, + have_N ? &N : NULL, + have_P ? &P : NULL, + have_Q ? &Q : NULL, + have_D ? &D : NULL, + have_E ? &E : NULL) == 0); + } else { /* Import N, P, Q, D, E separately. * This should make no functional difference. */ - TEST_ASSERT( mbedtls_rsa_import( &ctx, - have_N ? &N : NULL, - NULL, NULL, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + have_N ? &N : NULL, + NULL, NULL, NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, - have_P ? &P : NULL, - NULL, NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, + have_P ? &P : NULL, + NULL, NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, - have_Q ? &Q : NULL, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, + have_Q ? &Q : NULL, + NULL, NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, NULL, - have_D ? &D : NULL, - NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, NULL, + have_D ? &D : NULL, + NULL) == 0); - TEST_ASSERT( mbedtls_rsa_import( &ctx, - NULL, NULL, NULL, NULL, - have_E ? &E : NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + NULL, NULL, NULL, NULL, + have_E ? &E : NULL) == 0); } - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete); /* On expected success, perform some public and private * key operations to check if the key is working properly. */ - if( res_complete == 0 ) - { - if( is_priv ) - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check ); - else - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check ); - - if( res_check != 0 ) + if (res_complete == 0) { + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check); + } else { + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check); + } + + if (res_check != 0) { goto exit; + } - buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL ) + buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) { goto exit; + } - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg, - buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, + buf_orig, mbedtls_rsa_get_len(&ctx)) == 0); /* Make sure the number we're generating is smaller than the modulus */ buf_orig[0] = 0x00; - TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 ); + TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0); - if( is_priv ) - { - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random, - &ctr_drbg, buf_enc, - buf_dec ) == 0 ); + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random, + &ctr_drbg, buf_enc, + buf_dec) == 0); - TEST_ASSERT( memcmp( buf_orig, buf_dec, - mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(memcmp(buf_orig, buf_dec, + mbedtls_rsa_get_len(&ctx)) == 0); } } exit: - mbedtls_free( buf_orig ); - mbedtls_free( buf_enc ); - mbedtls_free( buf_dec ); + mbedtls_free(buf_orig); + mbedtls_free(buf_enc); + mbedtls_free(buf_dec); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE */ -void mbedtls_rsa_export( int radix_N, char *input_N, - int radix_P, char *input_P, - int radix_Q, char *input_Q, - int radix_D, char *input_D, - int radix_E, char *input_E, - int is_priv, - int successive ) +void mbedtls_rsa_export(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int is_priv, + int successive) { /* Original MPI's with which we set up the RSA context */ mbedtls_mpi N, P, Q, D, E; @@ -1470,184 +1434,190 @@ void mbedtls_rsa_export( int radix_N, char *input_N, /* Exported MPI's */ mbedtls_mpi Ne, Pe, Qe, De, Ee; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init(&ctx, 0, 0); - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - mbedtls_mpi_init( &Ne ); - mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe ); - mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee ); + mbedtls_mpi_init(&Ne); + mbedtls_mpi_init(&Pe); mbedtls_mpi_init(&Qe); + mbedtls_mpi_init(&De); mbedtls_mpi_init(&Ee); /* Setup RSA context */ - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + } - TEST_ASSERT( mbedtls_rsa_import( &ctx, - strlen( input_N ) ? &N : NULL, - strlen( input_P ) ? &P : NULL, - strlen( input_Q ) ? &Q : NULL, - strlen( input_D ) ? &D : NULL, - strlen( input_E ) ? &E : NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import(&ctx, + strlen(input_N) ? &N : NULL, + strlen(input_P) ? &P : NULL, + strlen(input_Q) ? &Q : NULL, + strlen(input_D) ? &D : NULL, + strlen(input_E) ? &E : NULL) == 0); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); /* * Export parameters and compare to original ones. */ /* N and E must always be present. */ - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 ); + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, &Ee) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export(&ctx, &Ne, NULL, NULL, NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, NULL, &Ee) == 0); } - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 ); - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 ); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&N, &Ne) == 0); + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&E, &Ee) == 0); /* If we were providing enough information to setup a complete private context, * we expect to be able to export all core parameters. */ - if( is_priv ) - { - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe, - &De, NULL ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL, - NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe, - NULL, NULL ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, - &De, NULL ) == 0 ); + if (is_priv) { + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, &Qe, + &De, NULL) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, &Pe, NULL, + NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, &Qe, + NULL, NULL) == 0); + TEST_ASSERT(mbedtls_rsa_export(&ctx, NULL, NULL, NULL, + &De, NULL) == 0); } - if( have_P ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&P, &Pe) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Q, &Qe) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_mpi_cmp_mpi(&D, &De) == 0); + } /* While at it, perform a sanity check */ - TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee, - NULL, NULL ) == 0 ); + TEST_ASSERT(mbedtls_rsa_validate_params(&Ne, &Pe, &Qe, &De, &Ee, + NULL, NULL) == 0); } exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); - mbedtls_mpi_free( &Ne ); - mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe ); - mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee ); + mbedtls_mpi_free(&Ne); + mbedtls_mpi_free(&Pe); mbedtls_mpi_free(&Qe); + mbedtls_mpi_free(&De); mbedtls_mpi_free(&Ee); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void mbedtls_rsa_validate_params( int radix_N, char *input_N, - int radix_P, char *input_P, - int radix_Q, char *input_Q, - int radix_D, char *input_D, - int radix_E, char *input_E, - int prng, int result ) +void mbedtls_rsa_validate_params(char *input_N, + char *input_P, + char *input_Q, + char *input_D, + char *input_E, + int prng, int result) { /* Original MPI's with which we set up the RSA context */ mbedtls_mpi N, P, Q, D, E; - const int have_N = ( strlen( input_N ) > 0 ); - const int have_P = ( strlen( input_P ) > 0 ); - const int have_Q = ( strlen( input_Q ) > 0 ); - const int have_D = ( strlen( input_D ) > 0 ); - const int have_E = ( strlen( input_E ) > 0 ); + const int have_N = (strlen(input_N) > 0); + const int have_P = (strlen(input_P) > 0); + const int have_Q = (strlen(input_Q) > 0); + const int have_D = (strlen(input_D) > 0); + const int have_E = (strlen(input_E) > 0); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "test_suite_rsa"; - mbedtls_mpi_init( &N ); - mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q ); - mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); + mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); - if( have_N ) - TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); + if (have_N) { + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); + } - if( have_P ) - TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); + if (have_P) { + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); + } - if( have_Q ) - TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); + if (have_Q) { + TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); + } - if( have_D ) - TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 ); + if (have_D) { + TEST_ASSERT(mbedtls_test_read_mpi(&D, input_D) == 0); + } - if( have_E ) - TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); + if (have_E) { + TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); + } - TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL, - have_P ? &P : NULL, - have_Q ? &Q : NULL, - have_D ? &D : NULL, - have_E ? &E : NULL, - prng ? mbedtls_ctr_drbg_random : NULL, - prng ? &ctr_drbg : NULL ) == result ); + TEST_ASSERT(mbedtls_rsa_validate_params(have_N ? &N : NULL, + have_P ? &P : NULL, + have_Q ? &Q : NULL, + have_D ? &D : NULL, + have_E ? &E : NULL, + prng ? mbedtls_ctr_drbg_random : NULL, + prng ? &ctr_drbg : NULL) == result); exit: - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); - mbedtls_mpi_free( &N ); - mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); - mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); + mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */ -void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, - data_t *input_Q, data_t *input_D, - data_t *input_E, int is_priv, - int successive ) +void mbedtls_rsa_export_raw(data_t *input_N, data_t *input_P, + data_t *input_Q, data_t *input_D, + data_t *input_E, int is_priv, + int successive) { /* Exported buffers */ unsigned char bufNe[256]; @@ -1658,94 +1628,90 @@ void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P, mbedtls_rsa_context ctx; - mbedtls_rsa_init( &ctx, 0, 0 ); + mbedtls_rsa_init(&ctx, 0, 0); /* Setup RSA context */ - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - input_N->len ? input_N->x : NULL, input_N->len, - input_P->len ? input_P->x : NULL, input_P->len, - input_Q->len ? input_Q->x : NULL, input_Q->len, - input_D->len ? input_D->x : NULL, input_D->len, - input_E->len ? input_E->x : NULL, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + input_N->len ? input_N->x : NULL, input_N->len, + input_P->len ? input_P->x : NULL, input_P->len, + input_Q->len ? input_Q->x : NULL, input_Q->len, + input_D->len ? input_D->x : NULL, input_D->len, + input_E->len ? input_E->x : NULL, input_E->len) == 0); - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); /* * Export parameters and compare to original ones. */ /* N and E must always be present. */ - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len, - NULL, 0, NULL, 0, NULL, 0, - bufEe, input_E->len ) == 0 ); + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, + NULL, 0, NULL, 0, NULL, 0, + bufEe, input_E->len) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, bufNe, input_N->len, + NULL, 0, NULL, 0, NULL, 0, + NULL, 0) == 0); + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + NULL, 0, NULL, 0, NULL, 0, + bufEe, input_E->len) == 0); } - else - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len, - NULL, 0, NULL, 0, NULL, 0, - NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - NULL, 0, NULL, 0, NULL, 0, - bufEe, input_E->len ) == 0 ); - } - TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 ); - TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 ); + TEST_ASSERT(memcmp(input_N->x, bufNe, input_N->len) == 0); + TEST_ASSERT(memcmp(input_E->x, bufEe, input_E->len) == 0); /* If we were providing enough information to setup a complete private context, * we expect to be able to export all core parameters. */ - if( is_priv ) - { - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - bufPe, input_P->len ? input_P->len : sizeof( bufPe ), - bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ), - bufDe, input_D->len ? input_D->len : sizeof( bufDe ), - NULL, 0 ) == 0 ); - } - else - { - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, - bufPe, input_P->len ? input_P->len : sizeof( bufPe ), - NULL, 0, NULL, 0, - NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, - bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ), - NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0, - bufDe, input_D->len ? input_D->len : sizeof( bufDe ), - NULL, 0 ) == 0 ); + if (is_priv) { + if (!successive) { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + bufPe, input_P->len ? input_P->len : sizeof(bufPe), + bufQe, input_Q->len ? input_Q->len : sizeof(bufQe), + bufDe, input_D->len ? input_D->len : sizeof(bufDe), + NULL, 0) == 0); + } else { + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, + bufPe, input_P->len ? input_P->len : sizeof(bufPe), + NULL, 0, NULL, 0, + NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, + bufQe, input_Q->len ? input_Q->len : sizeof(bufQe), + NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_export_raw(&ctx, NULL, 0, NULL, 0, NULL, 0, + bufDe, input_D->len ? input_D->len : sizeof(bufDe), + NULL, 0) == 0); } - if( input_P->len ) - TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 ); + if (input_P->len) { + TEST_ASSERT(memcmp(input_P->x, bufPe, input_P->len) == 0); + } - if( input_Q->len ) - TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 ); + if (input_Q->len) { + TEST_ASSERT(memcmp(input_Q->x, bufQe, input_Q->len) == 0); + } - if( input_D->len ) - TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 ); + if (input_D->len) { + TEST_ASSERT(memcmp(input_D->x, bufDe, input_D->len) == 0); + } } exit: - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */ -void mbedtls_rsa_import_raw( data_t *input_N, - data_t *input_P, data_t *input_Q, - data_t *input_D, data_t *input_E, - int successive, - int is_priv, - int res_check, - int res_complete ) +void mbedtls_rsa_import_raw(data_t *input_N, + data_t *input_P, data_t *input_Q, + data_t *input_D, data_t *input_E, + int successive, + int is_priv, + int res_check, + int res_complete) { /* Buffers used for encryption-decryption test */ unsigned char *buf_orig = NULL; @@ -1758,108 +1724,108 @@ void mbedtls_rsa_import_raw( data_t *input_N, const char *pers = "test_suite_rsa"; - mbedtls_ctr_drbg_init( &ctr_drbg ); - mbedtls_entropy_init( &entropy ); - mbedtls_rsa_init( &ctx, 0, 0 ); - - TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, - &entropy, (const unsigned char *) pers, - strlen( pers ) ) == 0 ); - - if( !successive ) - { - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len, - ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len, - ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len, - ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len, - ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 ); - } - else - { + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + mbedtls_rsa_init(&ctx, 0, 0); + + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, + &entropy, (const unsigned char *) pers, + strlen(pers)) == 0); + + if (!successive) { + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + (input_N->len > 0) ? input_N->x : NULL, input_N->len, + (input_P->len > 0) ? input_P->x : NULL, input_P->len, + (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len, + (input_D->len > 0) ? input_D->x : NULL, input_D->len, + (input_E->len > 0) ? input_E->x : NULL, + input_E->len) == 0); + } else { /* Import N, P, Q, D, E separately. * This should make no functional difference. */ - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len, - NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, - ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len, - NULL, 0, NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, - ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len, - NULL, 0, NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, NULL, 0, - ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len, - NULL, 0 ) == 0 ); - - TEST_ASSERT( mbedtls_rsa_import_raw( &ctx, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 ); + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + (input_N->len > 0) ? input_N->x : NULL, input_N->len, + NULL, 0, NULL, 0, NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, + (input_P->len > 0) ? input_P->x : NULL, input_P->len, + NULL, 0, NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, + (input_Q->len > 0) ? input_Q->x : NULL, input_Q->len, + NULL, 0, NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, NULL, 0, + (input_D->len > 0) ? input_D->x : NULL, input_D->len, + NULL, 0) == 0); + + TEST_ASSERT(mbedtls_rsa_import_raw(&ctx, + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + (input_E->len > 0) ? input_E->x : NULL, + input_E->len) == 0); } - TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete ); + TEST_ASSERT(mbedtls_rsa_complete(&ctx) == res_complete); /* On expected success, perform some public and private * key operations to check if the key is working properly. */ - if( res_complete == 0 ) - { - if( is_priv ) - TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check ); - else - TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check ); - - if( res_check != 0 ) + if (res_complete == 0) { + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == res_check); + } else { + TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == res_check); + } + + if (res_check != 0) { goto exit; + } - buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) ); - if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL ) + buf_orig = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_enc = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + buf_dec = mbedtls_calloc(1, mbedtls_rsa_get_len(&ctx)); + if (buf_orig == NULL || buf_enc == NULL || buf_dec == NULL) { goto exit; + } - TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg, - buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(mbedtls_ctr_drbg_random(&ctr_drbg, + buf_orig, mbedtls_rsa_get_len(&ctx)) == 0); /* Make sure the number we're generating is smaller than the modulus */ buf_orig[0] = 0x00; - TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 ); + TEST_ASSERT(mbedtls_rsa_public(&ctx, buf_orig, buf_enc) == 0); - if( is_priv ) - { - TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random, - &ctr_drbg, buf_enc, - buf_dec ) == 0 ); + if (is_priv) { + TEST_ASSERT(mbedtls_rsa_private(&ctx, mbedtls_ctr_drbg_random, + &ctr_drbg, buf_enc, + buf_dec) == 0); - TEST_ASSERT( memcmp( buf_orig, buf_dec, - mbedtls_rsa_get_len( &ctx ) ) == 0 ); + TEST_ASSERT(memcmp(buf_orig, buf_dec, + mbedtls_rsa_get_len(&ctx)) == 0); } } exit: - mbedtls_free( buf_orig ); - mbedtls_free( buf_enc ); - mbedtls_free( buf_dec ); + mbedtls_free(buf_orig); + mbedtls_free(buf_enc); + mbedtls_free(buf_dec); - mbedtls_rsa_free( &ctx ); + mbedtls_rsa_free(&ctx); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void rsa_selftest( ) +void rsa_selftest() { - TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_rsa_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_shax.function b/third_party/mbedtls/repo/tests/suites/test_suite_shax.function index f3477ec78ec..02c410eac6c 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_shax.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_shax.function @@ -5,46 +5,46 @@ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ -void sha1_valid_param( ) +void sha1_valid_param() { - TEST_VALID_PARAM( mbedtls_sha1_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha1_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha1_invalid_param( ) +void sha1_invalid_param() { mbedtls_sha1_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); - TEST_INVALID_PARAM( mbedtls_sha1_init( NULL ) ); + TEST_INVALID_PARAM(mbedtls_sha1_init(NULL)); - TEST_INVALID_PARAM( mbedtls_sha1_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha1_clone( &ctx, NULL ) ); + TEST_INVALID_PARAM(mbedtls_sha1_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha1_clone(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_starts_ret( NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_starts_ret(NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_update_ret( &ctx, NULL, buflen ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_update_ret(&ctx, NULL, buflen)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_finish_ret( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_finish_ret(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_internal_sha1_process( &ctx, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_internal_sha1_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_internal_sha1_process(&ctx, NULL)); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( NULL, buflen, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, - mbedtls_sha1_ret( buf, buflen, NULL ) ); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_ret(NULL, buflen, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA, + mbedtls_sha1_ret(buf, buflen, NULL)); exit: return; @@ -52,69 +52,69 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ -void mbedtls_sha1( data_t * src_str, data_t * hash ) +void mbedtls_sha1(data_t *src_str, data_t *hash) { unsigned char output[41]; memset(output, 0x00, 41); - TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 ); + TEST_ASSERT(mbedtls_sha1_ret(src_str->x, src_str->len, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 20, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 20, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void sha256_valid_param( ) +void sha256_valid_param() { - TEST_VALID_PARAM( mbedtls_sha256_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha256_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha256_invalid_param( ) +void sha256_invalid_param() { mbedtls_sha256_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha256_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha256_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha256_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_starts_ret( &ctx, invalid_type ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_internal_sha256_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, - mbedtls_sha256_ret( buf, buflen, - buf, invalid_type ) ); + TEST_INVALID_PARAM(mbedtls_sha256_init(NULL)); + + TEST_INVALID_PARAM(mbedtls_sha256_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha256_clone(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_starts_ret(NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_starts_ret(&ctx, invalid_type)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_update_ret(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_finish_ret(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_internal_sha256_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_internal_sha256_process(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(NULL, buflen, + buf, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(buf, buflen, + NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA, + mbedtls_sha256_ret(buf, buflen, + buf, invalid_type)); exit: return; @@ -122,83 +122,83 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void sha224( data_t * src_str, data_t * hash ) +void sha224(data_t *src_str, data_t *hash) { unsigned char output[57]; memset(output, 0x00, 57); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 1) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 28, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ -void mbedtls_sha256( data_t * src_str, data_t * hash ) +void mbedtls_sha256(data_t *src_str, data_t *hash) { unsigned char output[65]; memset(output, 0x00, 65); - TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_ret(src_str->x, src_str->len, output, 0) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 32, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void sha512_valid_param( ) +void sha512_valid_param() { - TEST_VALID_PARAM( mbedtls_sha512_free( NULL ) ); + TEST_VALID_PARAM(mbedtls_sha512_free(NULL)); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */ -void sha512_invalid_param( ) +void sha512_invalid_param() { mbedtls_sha512_context ctx; unsigned char buf[64] = { 0 }; - size_t const buflen = sizeof( buf ); + size_t const buflen = sizeof(buf); int valid_type = 0; int invalid_type = 42; - TEST_INVALID_PARAM( mbedtls_sha512_init( NULL ) ); - - TEST_INVALID_PARAM( mbedtls_sha512_clone( NULL, &ctx ) ); - TEST_INVALID_PARAM( mbedtls_sha512_clone( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_starts_ret( &ctx, invalid_type ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( NULL, buf, buflen ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_update_ret( &ctx, NULL, buflen ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_finish_ret( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( NULL, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_internal_sha512_process( &ctx, NULL ) ); - - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( NULL, buflen, - buf, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, - NULL, valid_type ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, - mbedtls_sha512_ret( buf, buflen, - buf, invalid_type ) ); + TEST_INVALID_PARAM(mbedtls_sha512_init(NULL)); + + TEST_INVALID_PARAM(mbedtls_sha512_clone(NULL, &ctx)); + TEST_INVALID_PARAM(mbedtls_sha512_clone(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_starts_ret(NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_starts_ret(&ctx, invalid_type)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_update_ret(NULL, buf, buflen)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_update_ret(&ctx, NULL, buflen)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_finish_ret(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_finish_ret(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_internal_sha512_process(NULL, buf)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_internal_sha512_process(&ctx, NULL)); + + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(NULL, buflen, + buf, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(buf, buflen, + NULL, valid_type)); + TEST_INVALID_PARAM_RET(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA, + mbedtls_sha512_ret(buf, buflen, + buf, invalid_type)); exit: return; @@ -206,50 +206,50 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void sha384( data_t * src_str, data_t * hash ) +void sha384(data_t *src_str, data_t *hash) { unsigned char output[97]; memset(output, 0x00, 97); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 1) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 48, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ -void mbedtls_sha512( data_t * src_str, data_t * hash ) +void mbedtls_sha512(data_t *src_str, data_t *hash) { unsigned char output[129]; memset(output, 0x00, 129); - TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_ret(src_str->x, src_str->len, output, 0) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, 64, hash->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C:MBEDTLS_SELF_TEST */ -void sha1_selftest( ) +void sha1_selftest() { - TEST_ASSERT( mbedtls_sha1_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha1_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_SELF_TEST */ -void sha256_selftest( ) +void sha256_selftest() { - TEST_ASSERT( mbedtls_sha256_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha256_self_test(1) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SHA512_C:MBEDTLS_SELF_TEST */ -void sha512_selftest( ) +void sha512_selftest() { - TEST_ASSERT( mbedtls_sha512_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_sha512_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ssl.data b/third_party/mbedtls/repo/tests/suites/test_suite_ssl.data index fe7d978257d..c238642d70d 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ssl.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ssl.data @@ -101,45 +101,59 @@ Test moving clients handshake to state: SERVER_HELLO move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO:1 Test moving clients handshake to state: SERVER_CERTIFICATE +depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CERTIFICATE:1 Test moving clients handshake to state: SERVER_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 Test moving clients handshake to state: CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 Test moving clients handshake to state: SERVER_HELLO_DONE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_DONE:1 Test moving clients handshake to state: CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 Test moving clients handshake to state: CLIENT_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 Test moving clients handshake to state: CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 Test moving clients handshake to state: CLIENT_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 Test moving clients handshake to state: CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_FINISHED:1 Test moving clients handshake to state: SERVER_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 Test moving clients handshake to state: SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_FINISHED:1 Test moving clients handshake to state: FLUSH_BUFFERS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_FLUSH_BUFFERS:1 Test moving clients handshake to state: HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 Test moving clients handshake to state: HANDSHAKE_OVER +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_OVER:1 Test moving servers handshake to state: HELLO_REQUEST @@ -149,48 +163,63 @@ Test moving servers handshake to state: CLIENT_HELLO move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_HELLO:1 Test moving servers handshake to state: SERVER_HELLO +depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO:1 Test moving servers handshake to state: SERVER_CERTIFICATE +depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CERTIFICATE:1 Test moving servers handshake to state: SERVER_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 Test moving servers handshake to state: CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 Test moving servers handshake to state: SERVER_HELLO_DONE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO_DONE:1 Test moving servers handshake to state: CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 Test moving servers handshake to state: CLIENT_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 Test moving servers handshake to state: CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 Test moving servers handshake to state: CLIENT_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 Test moving servers handshake to state: CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_FINISHED:1 Test moving servers handshake to state: SERVER_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 Test moving servers handshake to state: SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_FINISHED:1 Test moving servers handshake to state: FLUSH_BUFFERS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_FLUSH_BUFFERS:1 Test moving servers handshake to state: HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 Test moving servers handshake to state: HANDSHAKE_OVER +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_OVER:1 Negative test moving clients ssl to state: VERIFY_REQUEST_SENT @@ -200,19 +229,19 @@ Negative test moving servers ssl to state: NEW_SESSION_TICKET move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:0 Handshake, SSL3 -depends_on:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_SSL_MINOR_VERSION_0 Handshake, tls1 -depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_SSL_MINOR_VERSION_1 Handshake, tls1_1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2 Handshake, tls1_2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 @@ -220,31 +249,31 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_ handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_1 -depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_SSL_MINOR_VERSION_2 DTLS Handshake, tls1_2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 @@ -252,23 +281,23 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_ handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 DTLS Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 @@ -282,7 +311,7 @@ DTLS Handshake fragmentation, MFL=1024 handshake_fragmentation:MBEDTLS_SSL_MAX_FRAG_LEN_1024:0:1 Handshake min/max version check, all -> 1.2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:TEST_SSL_MINOR_VERSION_NONE:MBEDTLS_SSL_MINOR_VERSION_3 Handshake min/max version check, cli max 1.1 -> 1.1 @@ -495,99 +524,99 @@ depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_ resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" SSL DTLS replay: initial state, seqnum 0 @@ -617,7 +646,7 @@ ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12350000":0 SSL DTLS replay: delayed ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340002":0 -SSL DTLS replay: lastest replayed +SSL DTLS replay: last replayed ssl_dtls_replay:"abcd12340000abcd12340001abcd12340003":"abcd12340003":-1 SSL DTLS replay: older replayed @@ -3830,358 +3859,6 @@ Record crypt, CAMELLIA-256-CBC, SSL3, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 -Record crypt, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, BLOWFISH-CBC, SSL3, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - Record crypt, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -8262,358 +7939,6 @@ Record crypt, little space, CAMELLIA-256-CBC, SSL3, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 - -Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, SHA-1, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - -Record crypt, little space, BLOWFISH-CBC, SSL3, MD5, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC -ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 - Record crypt, little space, AES-128-GCM, 1.2 depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 @@ -9374,1110 +8699,100 @@ Record crypt, little space, NULL cipher, SSL3, MD5, short tag, EtM depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_0:0:0 -Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-1 - -Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-2 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:240 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:241 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:15 - -Decrypt CBC !EtM, AES MD5 trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:255 - -Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-1 - -Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-2 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:240 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:241 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:15 - -Decrypt CBC !EtM, AES SHA1 trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:255 - -Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-1 - -Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-2 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:240 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:241 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:15 - -Decrypt CBC !EtM, AES SHA256 trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:255 - -Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-1 - -Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-2 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:240 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:241 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:15 - -Decrypt CBC !EtM, AES SHA384 trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:255 - -Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-1 - -Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-2 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:240 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:241 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:15 - -Decrypt CBC !EtM, ARIA MD5 trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:255 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-1 - -Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-2 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:240 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:241 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:15 - -Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:255 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-1 - -Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-2 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:240 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:241 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:15 - -Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:255 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 - -Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:240 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:241 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:15 - -Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:255 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-1 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-2 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:240 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:241 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:15 - -Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:255 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-1 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-2 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:240 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:241 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:15 - -Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:255 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-1 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-2 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:240 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:241 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:15 - -Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:255 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:240 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:241 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:15 - -Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255 - -Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-1 - -Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-2 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:248 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:0 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:248 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:249 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:1 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:249 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:7 - -Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:7 - -Decrypt CBC !EtM, 3DES MD5 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:255 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-1 - -Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-2 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:248 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:0 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:248 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:249 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:1 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:249 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:7 - -Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:7 - -Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:255 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-1 - -Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-2 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:248 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:0 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:248 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:249 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:1 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:249 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:7 - -Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:7 - -Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1 - -Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7 - -Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7 - -Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255 - SSL TLS 1.3 Key schedule: Secret evolution #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Initial secret to Early Secret -depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL +depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL:MBEDTLS_SHA256_C ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"":"":"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a" SSL TLS 1.3 Key schedule: Secret evolution #2 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Early secret to Handshake Secret +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECP_C ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":"df4a291baa1eb7cfa6934b29b474baad2697e29f1f920dcc77c8a0a088447624":"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a" SSL TLS 1.3 Key schedule: Secret evolution #3 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Handshake secret to Master Secret +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECP_C ssl_tls1_3_key_evolution:MBEDTLS_MD_SHA256:"fb9fc80689b3a5d02c33243bf69a1b1b20705588a794304a6e7120155edf149a":"":"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d" SSL TLS 1.3 Key schedule: HKDF Expand Label #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Server handshake traffic secret -> Server traffic key # HKDF-Expand-Label(server_handshake_secret, "key", "", 16) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_key:"":16:"844780a7acad9f980fa25c114e43402a" SSL TLS 1.3 Key schedule: HKDF Expand Label #2 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Server handshake traffic secret -> Server traffic IV # HKDF-Expand-Label(server_handshake_secret, "iv", "", 12) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":tls1_3_label_iv:"":12:"4c042ddc120a38d1417fc815" SSL TLS 1.3 Key schedule: HKDF Expand Label #3 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Client handshake traffic secret -> Client traffic key # HKDF-Expand-Label(client_handshake_secret, "key", "", 16) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_key:"":16:"7154f314e6be7dc008df2c832baa1d39" SSL TLS 1.3 Key schedule: HKDF Expand Label #4 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Client handshake traffic secret -> Client traffic IV # HKDF-Expand-Label(client_handshake_secret, "iv", "", 12) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":tls1_3_label_iv:"":12:"71abc2cae4c699d47c600268" SSL TLS 1.3 Key schedule: HKDF Expand Label #5 (RFC 8448) # Vector from RFC 8448 # Server handshake traffic secret -> Server traffic IV # HKDF-Expand-Label(server_handshake_secret, "iv", "", 12) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_iv:"":12:"5d313eb2671276ee13000b30" SSL TLS 1.3 Key schedule: HKDF Expand Label #6 (RFC 8448) # Vector from RFC 8448 # Server handshake traffic secret -> Server traffic Key # HKDF-Expand-Label(server_handshake_secret, "key", "", 16) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b67b7d690cc16c4e75e54213cb2d37b4e9c912bcded9105d42befd59d391ad38":tls1_3_label_key:"":16:"3fce516009c21727d0f2e4e86ee403bc" SSL TLS 1.3 Key schedule: HKDF Expand Label #7 (RFC 8448) # Vector from RFC 8448 # Client handshake traffic secret -> Client traffic IV # HKDF-Expand-Label(client_handshake_secret, "iv", "", 12) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_iv:"":12:"5bd3c71b836e0b76bb73265f" SSL TLS 1.3 Key schedule: HKDF Expand Label #8 (RFC 8448) # Vector from RFC 8448 # Client handshake traffic secret -> Client traffic Key # HKDF-Expand-Label(client_handshake_secret, "key", "", 16) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"b3eddb126e067f35a780b3abf45e2d8f3b1a950738f52e9600746a0e27a55a21":tls1_3_label_key:"":16:"dbfaa693d1762c5b666af5d950258d01" SSL TLS 1.3 Key schedule: HKDF Expand Label #9 (RFC 8448) # Calculation of finished_key +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f":tls1_3_label_finished:"":32:"5ace394c26980d581243f627d1150ae27e37fa52364e0a7f20ac686d09cd0e8e" SSL TLS 1.3 Key schedule: HKDF Expand Label #10 (RFC 8448) # Calculation of resumption key +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_hkdf_expand_label:MBEDTLS_MD_SHA256:"7df235f2031d2a051287d02b0241b0bfdaf86cc856231f2d5aba46c434ec196c":tls1_3_label_resumption:"0000":32:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3" SSL TLS 1.3 Key schedule: Traffic key generation #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV} +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268" SSL TLS 1.3 Key schedule: Traffic key generation #2 (RFC 8448) # Vector RFC 8448 # Client/Server handshake traffic secrets -> Client/Server traffic {Key,IV} +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_traffic_key_generation:MBEDTLS_MD_SHA256:"a2067265e7f0652a923d5d72ab0467c46132eeb968b6a32d311c805868548814":"ff0e5b965291c608c1e8cd267eefc0afcc5e98a2786373f0db47b04786d72aea":12:16:"844780a7acad9f980fa25c114e43402a":"4c042ddc120a38d1417fc815":"7154f314e6be7dc008df2c832baa1d39":"71abc2cae4c699d47c600268" SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "") @@ -10485,44 +8800,54 @@ SSL TLS 1.3 Key schedule: Derive-Secret( ., "derived", "") # Derive-Secret( Early-Secret, "derived", "") # Tests the case where context isn't yet hashed (empty string here, # but still needs to be hashed) +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"33ad0a1c607ec03b09e6cd9893680ce210adf300aa1f2660e1b22e10f170f92a":tls1_3_label_derived:"":32:MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED:"6f2615a108c702c5678f54fc9dbab69716c076189c48250cebeac3576c3611ba" SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Derive-Secret( MasterSecret, "s ap traffic", hash) # Tests the case where context is already hashed +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"7f2882bb9b9a46265941653e9c2f19067118151e21d12e57a7b6aca1f8150c8d":tls1_3_label_s_ap_traffic:"22844b930e5e0a59a09d5ac35fc032fc91163b193874a265236e568077378d8b":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fc35ea70693069a277956afa23b8f4543ce68ac595f2aace05cd7a1c92023d5" SSL TLS 1.3 Key schedule: Derive-Secret( ., "c e traffic", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_c_e_traffic:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fbbe6a60deb66c30a32795aba0eff7eaa10105586e7be5c09678d63b6caab62" SSL TLS 1.3 Key schedule: Derive-Secret( ., "e exp master", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"9b2188e9b2fc6d64d71dc329900e20bb41915000f678aa839cbb797cb7d8332c":tls1_3_label_e_exp_master:"08ad0fa05d7c7233b1775ba2ff9f4c5b8b59276b7f227f13a976245f5d960913":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"b2026866610937d7423e5be90862ccf24c0e6091186d34f812089ff5be2ef7df" SSL TLS 1.3 Key schedule: Derive-Secret( ., "c hs traffic", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_c_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2faac08f851d35fea3604fcb4de82dc62c9b164a70974d0462e27f1ab278700f" SSL TLS 1.3 Key schedule: Derive-Secret( ., "s hs traffic", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"005cb112fd8eb4ccc623bb88a07c64b3ede1605363fc7d0df8c7ce4ff0fb4ae6":tls1_3_label_s_hs_traffic:"f736cb34fe25e701551bee6fd24c1cc7102a7daf9405cb15d97aafe16f757d03":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"fe927ae271312e8bf0275b581c54eef020450dc4ecffaa05a1a35d27518e7803" SSL TLS 1.3 Key schedule: Derive-Secret( ., "c ap traffic", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_c_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1" SSL TLS 1.3 Key schedule: Derive-Secret( ., "s ap traffic", hash) #2 # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_s_ap_traffic:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691" SSL TLS 1.3 Key schedule: Derive-Secret( ., "exp master", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_exp_master:"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" SSL TLS 1.3 Key schedule: Derive-Secret( ., "res master", hash) # Vector from RFC 8448 +depends_on:MBEDTLS_SHA256_C ssl_tls1_3_derive_secret:MBEDTLS_MD_SHA256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":tls1_3_label_res_master:"c3c122e0bd907a4a3ff6112d8fd53dbf89c773d9552e8b6b9d56d361b3a97bf6":32:MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED:"5e95bdf1f89005ea2e9aa0ba85e728e3c19c5fe0c699e3f5bee59faebd0b5406" SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE @@ -10656,30 +8981,28 @@ Session serialization, load buffer size: large ticket, cert depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_FS_IO ssl_serialize_session_load_buf_size:1023:"data_files/server5.crt" -Constant-flow HMAC: MD5 -depends_on:MBEDTLS_MD5_C -ssl_cf_hmac:MBEDTLS_MD_MD5 +Raw key agreement: nominal +depends_on:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +raw_key_agreement_fail:0 -Constant-flow HMAC: SHA1 -depends_on:MBEDTLS_SHA1_C -ssl_cf_hmac:MBEDTLS_MD_SHA1 +Raw key agreement: bad server key +depends_on:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +raw_key_agreement_fail:1 -Constant-flow HMAC: SHA256 -depends_on:MBEDTLS_SHA256_C -ssl_cf_hmac:MBEDTLS_MD_SHA256 +Cookie parsing: nominal run +cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d00200000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_SSL_INTERNAL_ERROR + +Cookie parsing: cookie_len overflow +cookie_parsing:"16fefd000000000000000000ea010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727db97b7373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737373737db963":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -Constant-flow HMAC: SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -ssl_cf_hmac:MBEDTLS_MD_SHA384 +Cookie parsing: non-zero fragment offset +cookie_parsing:"16fefd00000000000000000032010000de000072000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d01730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -# these are the numbers we'd get with an empty plaintext and truncated HMAC -Constant-flow memcpy from offset: small -ssl_cf_memcpy_offset:0:5:10 +Cookie parsing: sid_len overflow +cookie_parsing:"16fefd00000000000000000032010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF730143":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -# we could get this with 255-bytes plaintext and untruncated SHA-256 -Constant-flow memcpy from offset: medium -ssl_cf_memcpy_offset:0:255:32 +Cookie parsing: record too short +cookie_parsing:"16fefd0000000000000000002f010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727dFF":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -# we could get this with 255-bytes plaintext and untruncated SHA-384 -Constant-flow memcpy from offset: large -ssl_cf_memcpy_offset:100:339:48 +Cookie parsing: one byte overread +cookie_parsing:"16fefd0000000000000000002F010000de000000000000011efefd7b7272727272727272727272727272727272727272727272727272727272727d0001":MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ssl.function b/third_party/mbedtls/repo/tests/suites/test_suite_ssl.function index 74e60ae0844..0a35aa97342 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_ssl.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ssl.function @@ -1,2058 +1,11 @@ /* BEGIN_HEADER */ -#include -#include -#include -#include -#include -#include -#include -#include +#include #include #include -enum -{ -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - tls1_3_label_ ## name, -MBEDTLS_SSL_TLS1_3_LABEL_LIST -#undef MBEDTLS_SSL_TLS1_3_LABEL -}; - -typedef struct log_pattern -{ - const char *pattern; - size_t counter; -} log_pattern; - -/* - * This function can be passed to mbedtls to receive output logs from it. In - * this case, it will count the instances of a log_pattern in the received - * logged messages. - */ -void log_analyzer( void *ctx, int level, - const char *file, int line, - const char *str ) -{ - log_pattern *p = (log_pattern *) ctx; - - (void) level; - (void) line; - (void) file; - - if( NULL != p && - NULL != p->pattern && - NULL != strstr( str, p->pattern ) ) - { - p->counter++; - } -} - -/* Invalid minor version used when not specifying a min/max version or expecting a test to fail */ -#define TEST_SSL_MINOR_VERSION_NONE -1 - -typedef struct handshake_test_options -{ - const char *cipher; - int client_min_version; - int client_max_version; - int server_min_version; - int server_max_version; - int expected_negotiated_version; - int pk_alg; - data_t *psk_str; - int dtls; - int srv_auth_mode; - int serialize; - int mfl; - int cli_msg_len; - int srv_msg_len; - int expected_cli_fragments; - int expected_srv_fragments; - int renegotiate; - int legacy_renegotiation; - void *srv_log_obj; - void *cli_log_obj; - void (*srv_log_fun)(void *, int, const char *, int, const char *); - void (*cli_log_fun)(void *, int, const char *, int, const char *); - int resize_buffers; -} handshake_test_options; - -void init_handshake_options( handshake_test_options *opts ) -{ - opts->cipher = ""; - opts->client_min_version = TEST_SSL_MINOR_VERSION_NONE; - opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; - opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; - opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; - opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; - opts->pk_alg = MBEDTLS_PK_RSA; - opts->psk_str = NULL; - opts->dtls = 0; - opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; - opts->serialize = 0; - opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; - opts->cli_msg_len = 100; - opts->srv_msg_len = 100; - opts->expected_cli_fragments = 1; - opts->expected_srv_fragments = 1; - opts->renegotiate = 0; - opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; - opts->srv_log_obj = NULL; - opts->srv_log_obj = NULL; - opts->srv_log_fun = NULL; - opts->cli_log_fun = NULL; - opts->resize_buffers = 1; -} -/* - * Buffer structure for custom I/O callbacks. - */ - -typedef struct mbedtls_test_buffer -{ - size_t start; - size_t content_length; - size_t capacity; - unsigned char *buffer; -} mbedtls_test_buffer; - -/* - * Initialises \p buf. After calling this function it is safe to call - * `mbedtls_test_buffer_free()` on \p buf. - */ -void mbedtls_test_buffer_init( mbedtls_test_buffer *buf ) -{ - memset( buf, 0, sizeof( *buf ) ); -} - -/* - * Sets up \p buf. After calling this function it is safe to call - * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf. - */ -int mbedtls_test_buffer_setup( mbedtls_test_buffer *buf, size_t capacity ) -{ - buf->buffer = (unsigned char*) mbedtls_calloc( capacity, - sizeof(unsigned char) ); - if( NULL == buf->buffer ) - return MBEDTLS_ERR_SSL_ALLOC_FAILED; - buf->capacity = capacity; - - return 0; -} - -void mbedtls_test_buffer_free( mbedtls_test_buffer *buf ) -{ - if( buf->buffer != NULL ) - mbedtls_free( buf->buffer ); - - memset( buf, 0, sizeof( *buf ) ); -} - -/* - * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. - * - * \p buf must have been initialized and set up by calling - * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. - * - * \retval \p input_len, if the data fits. - * \retval 0 <= value < \p input_len, if the data does not fit. - * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not - * zero and \p input is NULL. - */ -int mbedtls_test_buffer_put( mbedtls_test_buffer *buf, - const unsigned char *input, size_t input_len ) -{ - size_t overflow = 0; - - if( ( buf == NULL ) || ( buf->buffer == NULL ) ) - return -1; - - /* Reduce input_len to a number that fits in the buffer. */ - if ( ( buf->content_length + input_len ) > buf->capacity ) - { - input_len = buf->capacity - buf->content_length; - } - - if( input == NULL ) - { - return ( input_len == 0 ) ? 0 : -1; - } - - /* Check if the buffer has not come full circle and free space is not in - * the middle */ - if( buf->start + buf->content_length < buf->capacity ) - { - - /* Calculate the number of bytes that need to be placed at lower memory - * address */ - if( buf->start + buf->content_length + input_len - > buf->capacity ) - { - overflow = ( buf->start + buf->content_length + input_len ) - % buf->capacity; - } - - memcpy( buf->buffer + buf->start + buf->content_length, input, - input_len - overflow ); - memcpy( buf->buffer, input + input_len - overflow, overflow ); - - } - else - { - /* The buffer has come full circle and free space is in the middle */ - memcpy( buf->buffer + buf->start + buf->content_length - buf->capacity, - input, input_len ); - } - - buf->content_length += input_len; - return input_len; -} - -/* - * Gets \p output_len bytes from the ring buffer \p buf into the - * \p output buffer. The output buffer can be NULL, in this case a part of the - * ring buffer will be dropped, if the requested length is available. - * - * \p buf must have been initialized and set up by calling - * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. - * - * \retval \p output_len, if the data is available. - * \retval 0 <= value < \p output_len, if the data is not available. - * \retval -1, if \buf is NULL or it hasn't been set up. - */ -int mbedtls_test_buffer_get( mbedtls_test_buffer *buf, - unsigned char* output, size_t output_len ) -{ - size_t overflow = 0; - - if( ( buf == NULL ) || ( buf->buffer == NULL ) ) - return -1; - - if( output == NULL && output_len == 0 ) - return 0; - - if( buf->content_length < output_len ) - output_len = buf->content_length; - - /* Calculate the number of bytes that need to be drawn from lower memory - * address */ - if( buf->start + output_len > buf->capacity ) - { - overflow = ( buf->start + output_len ) % buf->capacity; - } - - if( output != NULL ) - { - memcpy( output, buf->buffer + buf->start, output_len - overflow ); - memcpy( output + output_len - overflow, buf->buffer, overflow ); - } - - buf->content_length -= output_len; - buf->start = ( buf->start + output_len ) % buf->capacity; - - return output_len; -} - -/* - * Errors used in the message transport mock tests - */ - #define MBEDTLS_TEST_ERROR_ARG_NULL -11 - #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 - -/* - * Context for a message metadata queue (fifo) that is on top of the ring buffer. - */ -typedef struct mbedtls_test_message_queue -{ - size_t *messages; - int pos; - int num; - int capacity; -} mbedtls_test_message_queue; - -/* - * Setup and free functions for the message metadata queue. - * - * \p capacity describes the number of message metadata chunks that can be held - * within the queue. - * - * \retval 0, if a metadata queue of a given length can be allocated. - * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. - */ -int mbedtls_test_message_queue_setup( mbedtls_test_message_queue *queue, - size_t capacity ) -{ - queue->messages = (size_t*) mbedtls_calloc( capacity, sizeof(size_t) ); - if( NULL == queue->messages ) - return MBEDTLS_ERR_SSL_ALLOC_FAILED; - - queue->capacity = capacity; - queue->pos = 0; - queue->num = 0; - - return 0; -} - -void mbedtls_test_message_queue_free( mbedtls_test_message_queue *queue ) -{ - if( queue == NULL ) - return; - - if( queue->messages != NULL ) - mbedtls_free( queue->messages ); - - memset( queue, 0, sizeof( *queue ) ); -} - -/* - * Push message length information onto the message metadata queue. - * This will become the last element to leave it (fifo). - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. - * \retval \p len, if the push was successful. - */ -int mbedtls_test_message_queue_push_info( mbedtls_test_message_queue *queue, - size_t len ) -{ - int place; - if( queue == NULL ) - return MBEDTLS_TEST_ERROR_ARG_NULL; - - if( queue->num >= queue->capacity ) - return MBEDTLS_ERR_SSL_WANT_WRITE; - - place = ( queue->pos + queue->num ) % queue->capacity; - queue->messages[place] = len; - queue->num++; - return len; -} - -/* - * Pop information about the next message length from the queue. This will be - * the oldest inserted message length(fifo). \p msg_len can be null, in which - * case the data will be popped from the queue but not copied anywhere. - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. - * \retval message length, if the pop was successful, up to the given - \p buf_len. - */ -int mbedtls_test_message_queue_pop_info( mbedtls_test_message_queue *queue, - size_t buf_len ) -{ - size_t message_length; - if( queue == NULL ) - return MBEDTLS_TEST_ERROR_ARG_NULL; - if( queue->num == 0 ) - return MBEDTLS_ERR_SSL_WANT_READ; - - message_length = queue->messages[queue->pos]; - queue->messages[queue->pos] = 0; - queue->num--; - queue->pos++; - queue->pos %= queue->capacity; - if( queue->pos < 0 ) - queue->pos += queue->capacity; - - return ( message_length > buf_len ) ? buf_len : message_length; -} - -/* - * Take a peek on the info about the next message length from the queue. - * This will be the oldest inserted message length(fifo). - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. - * \retval 0, if the peek was successful. - * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is - * too small to fit the message. In this case the \p msg_len will be - * set to the full message length so that the - * caller knows what portion of the message can be dropped. - */ -int mbedtls_test_message_queue_peek_info( mbedtls_test_message_queue *queue, - size_t buf_len, size_t* msg_len ) -{ - if( queue == NULL || msg_len == NULL ) - return MBEDTLS_TEST_ERROR_ARG_NULL; - if( queue->num == 0 ) - return MBEDTLS_ERR_SSL_WANT_READ; - - *msg_len = queue->messages[queue->pos]; - return ( *msg_len > buf_len ) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; -} -/* - * Context for the I/O callbacks simulating network connection. - */ - -#define MBEDTLS_MOCK_SOCKET_CONNECTED 1 - -typedef struct mbedtls_mock_socket -{ - int status; - mbedtls_test_buffer *input; - mbedtls_test_buffer *output; - struct mbedtls_mock_socket *peer; -} mbedtls_mock_socket; - -/* - * Setup and teardown functions for mock sockets. - */ -void mbedtls_mock_socket_init( mbedtls_mock_socket *socket ) -{ - memset( socket, 0, sizeof( *socket ) ); -} - -/* - * Closes the socket \p socket. - * - * \p socket must have been previously initialized by calling - * mbedtls_mock_socket_init(). - * - * This function frees all allocated resources and both sockets are aware of the - * new connection state. - * - * That is, this function does not simulate half-open TCP connections and the - * phenomenon that when closing a UDP connection the peer is not aware of the - * connection having been closed. - */ -void mbedtls_mock_socket_close( mbedtls_mock_socket* socket ) -{ - if( socket == NULL ) - return; - - if( socket->input != NULL ) - { - mbedtls_test_buffer_free( socket->input ); - mbedtls_free( socket->input ); - } - - if( socket->output != NULL ) - { - mbedtls_test_buffer_free( socket->output ); - mbedtls_free( socket->output ); - } - - if( socket->peer != NULL ) - memset( socket->peer, 0, sizeof( *socket->peer ) ); - - memset( socket, 0, sizeof( *socket ) ); -} - -/* - * Establishes a connection between \p peer1 and \p peer2. - * - * \p peer1 and \p peer2 must have been previously initialized by calling - * mbedtls_mock_socket_init(). - * - * The capacites of the internal buffers are set to \p bufsize. Setting this to - * the correct value allows for simulation of MTU, sanity testing the mock - * implementation and mocking TCP connections with lower memory cost. - */ -int mbedtls_mock_socket_connect( mbedtls_mock_socket* peer1, - mbedtls_mock_socket* peer2, - size_t bufsize ) -{ - int ret = -1; - - peer1->output = - (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) ); - if( peer1->output == NULL ) - { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - mbedtls_test_buffer_init( peer1->output ); - if( 0 != ( ret = mbedtls_test_buffer_setup( peer1->output, bufsize ) ) ) - { - goto exit; - } - - peer2->output = - (mbedtls_test_buffer*) mbedtls_calloc( 1, sizeof(mbedtls_test_buffer) ); - if( peer2->output == NULL ) - { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - mbedtls_test_buffer_init( peer2->output ); - if( 0 != ( ret = mbedtls_test_buffer_setup( peer2->output, bufsize ) ) ) - { - goto exit; - } - - peer1->peer = peer2; - peer2->peer = peer1; - peer1->input = peer2->output; - peer2->input = peer1->output; - - peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; - ret = 0; - -exit: - - if( ret != 0 ) - { - mbedtls_mock_socket_close( peer1 ); - mbedtls_mock_socket_close( peer2 ); - } - - return ret; -} - -/* - * Callbacks for simulating blocking I/O over connection-oriented transport. - */ - -int mbedtls_mock_tcp_send_b( void *ctx, const unsigned char *buf, size_t len ) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; - - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) - return -1; - - return mbedtls_test_buffer_put( socket->output, buf, len ); -} - -int mbedtls_mock_tcp_recv_b( void *ctx, unsigned char *buf, size_t len ) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; - - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) - return -1; - - return mbedtls_test_buffer_get( socket->input, buf, len ); -} - -/* - * Callbacks for simulating non-blocking I/O over connection-oriented transport. - */ - -int mbedtls_mock_tcp_send_nb( void *ctx, const unsigned char *buf, size_t len ) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; - - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) - return -1; - - if( socket->output->capacity == socket->output->content_length ) - { - return MBEDTLS_ERR_SSL_WANT_WRITE; - } - - return mbedtls_test_buffer_put( socket->output, buf, len ); -} - -int mbedtls_mock_tcp_recv_nb( void *ctx, unsigned char *buf, size_t len ) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket*) ctx; - - if( socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED ) - return -1; - - if( socket->input->content_length == 0 ) - { - return MBEDTLS_ERR_SSL_WANT_READ; - } - - return mbedtls_test_buffer_get( socket->input, buf, len ); -} - -/* Errors used in the message socket mocks */ - -#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 -#define MBEDTLS_TEST_ERROR_SEND_FAILED -66 -#define MBEDTLS_TEST_ERROR_RECV_FAILED -77 - -/* - * Structure used as an addon, or a wrapper, around the mocked sockets. - * Contains an input queue, to which the other socket pushes metadata, - * and an output queue, to which this one pushes metadata. This context is - * considered as an owner of the input queue only, which is initialized and - * freed in the respective setup and free calls. - */ -typedef struct mbedtls_test_message_socket_context -{ - mbedtls_test_message_queue* queue_input; - mbedtls_test_message_queue* queue_output; - mbedtls_mock_socket* socket; -} mbedtls_test_message_socket_context; - -void mbedtls_message_socket_init( mbedtls_test_message_socket_context *ctx ) -{ - ctx->queue_input = NULL; - ctx->queue_output = NULL; - ctx->socket = NULL; -} - -/* - * Setup a given mesasge socket context including initialization of - * input/output queues to a chosen capacity of messages. Also set the - * corresponding mock socket. - * - * \retval 0, if everything succeeds. - * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message - * queue failed. - */ -int mbedtls_message_socket_setup( mbedtls_test_message_queue* queue_input, - mbedtls_test_message_queue* queue_output, - size_t queue_capacity, - mbedtls_mock_socket* socket, - mbedtls_test_message_socket_context* ctx ) -{ - int ret = mbedtls_test_message_queue_setup( queue_input, queue_capacity ); - if( ret != 0 ) - return ret; - ctx->queue_input = queue_input; - ctx->queue_output = queue_output; - ctx->socket = socket; - mbedtls_mock_socket_init( socket ); - - return 0; -} - -/* - * Close a given message socket context, along with the socket itself. Free the - * memory allocated by the input queue. - */ -void mbedtls_message_socket_close( mbedtls_test_message_socket_context* ctx ) -{ - if( ctx == NULL ) - return; - - mbedtls_test_message_queue_free( ctx->queue_input ); - mbedtls_mock_socket_close( ctx->socket ); - memset( ctx, 0, sizeof( *ctx ) ); -} - -/* - * Send one message through a given message socket context. - * - * \retval \p len, if everything succeeds. - * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context - * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_mock_tcp_send_b failed. - * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. - * - * This function will also return any error from - * mbedtls_test_message_queue_push_info. - */ -int mbedtls_mock_tcp_send_msg( void *ctx, const unsigned char *buf, size_t len ) -{ - mbedtls_test_message_queue* queue; - mbedtls_mock_socket* socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; - - if( context == NULL || context->socket == NULL - || context->queue_output == NULL ) - { - return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; - } - - queue = context->queue_output; - socket = context->socket; - - if( queue->num >= queue->capacity ) - return MBEDTLS_ERR_SSL_WANT_WRITE; - - if( mbedtls_mock_tcp_send_b( socket, buf, len ) != (int) len ) - return MBEDTLS_TEST_ERROR_SEND_FAILED; - - return mbedtls_test_message_queue_push_info( queue, len ); -} - -/* - * Receive one message from a given message socket context and return message - * length or an error. - * - * \retval message length, if everything succeeds. - * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context - * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_mock_tcp_recv_b failed. - * - * This function will also return any error other than - * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. - */ -int mbedtls_mock_tcp_recv_msg( void *ctx, unsigned char *buf, size_t buf_len ) -{ - mbedtls_test_message_queue* queue; - mbedtls_mock_socket* socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context*) ctx; - size_t drop_len = 0; - size_t msg_len; - int ret; - - if( context == NULL || context->socket == NULL - || context->queue_input == NULL ) - { - return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; - } - - queue = context->queue_input; - socket = context->socket; - - /* Peek first, so that in case of a socket error the data remains in - * the queue. */ - ret = mbedtls_test_message_queue_peek_info( queue, buf_len, &msg_len ); - if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) - { - /* Calculate how much to drop */ - drop_len = msg_len - buf_len; - - /* Set the requested message len to be buffer length */ - msg_len = buf_len; - } else if( ret != 0 ) - { - return ret; - } - - if( mbedtls_mock_tcp_recv_b( socket, buf, msg_len ) != (int) msg_len ) - return MBEDTLS_TEST_ERROR_RECV_FAILED; - - if( ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED ) - { - /* Drop the remaining part of the message */ - if( mbedtls_mock_tcp_recv_b( socket, NULL, drop_len ) != (int) drop_len ) - { - /* Inconsistent state - part of the message was read, - * and a part couldn't. Not much we can do here, but it should not - * happen in test environment, unless forced manually. */ - } - } - mbedtls_test_message_queue_pop_info( queue, buf_len ); - - return msg_len; -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_CTR_DRBG_C) - -/* - * Structure with endpoint's certificates for SSL communication tests. - */ -typedef struct mbedtls_endpoint_certificate -{ - mbedtls_x509_crt ca_cert; - mbedtls_x509_crt cert; - mbedtls_pk_context pkey; -} mbedtls_endpoint_certificate; - -/* - * Endpoint structure for SSL communication tests. - */ -typedef struct mbedtls_endpoint -{ - const char *name; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_entropy_context entropy; - mbedtls_mock_socket socket; - mbedtls_endpoint_certificate cert; -} mbedtls_endpoint; - -/* - * Initializes \p ep_cert structure and assigns it to endpoint - * represented by \p ep. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_endpoint_certificate_init( mbedtls_endpoint *ep, int pk_alg ) -{ - int i = 0; - int ret = -1; - mbedtls_endpoint_certificate *cert; - - if( ep == NULL ) - { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - cert = &( ep->cert ); - mbedtls_x509_crt_init( &( cert->ca_cert ) ); - mbedtls_x509_crt_init( &( cert->cert ) ); - mbedtls_pk_init( &( cert->pkey ) ); - - /* Load the trusted CA */ - - for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ ) - { - ret = mbedtls_x509_crt_parse_der( &( cert->ca_cert ), - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i] ); - TEST_ASSERT( ret == 0 ); - } - - /* Load own certificate and private key */ - - if( ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER ) - { - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = mbedtls_x509_crt_parse( &( cert->cert ), - (const unsigned char*) mbedtls_test_srv_crt_rsa_sha256_der, - mbedtls_test_srv_crt_rsa_sha256_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( &( cert->pkey ), - (const unsigned char*) mbedtls_test_srv_key_rsa_der, - mbedtls_test_srv_key_rsa_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - else - { - ret = mbedtls_x509_crt_parse( &( cert->cert ), - (const unsigned char*) mbedtls_test_srv_crt_ec_der, - mbedtls_test_srv_crt_ec_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( &( cert->pkey ), - (const unsigned char*) mbedtls_test_srv_key_ec_der, - mbedtls_test_srv_key_ec_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - } - else - { - if( pk_alg == MBEDTLS_PK_RSA ) - { - ret = mbedtls_x509_crt_parse( &( cert->cert ), - (const unsigned char *) mbedtls_test_cli_crt_rsa_der, - mbedtls_test_cli_crt_rsa_der_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( &( cert->pkey ), - (const unsigned char *) mbedtls_test_cli_key_rsa_der, - mbedtls_test_cli_key_rsa_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - else - { - ret = mbedtls_x509_crt_parse( &( cert->cert ), - (const unsigned char *) mbedtls_test_cli_crt_ec_der, - mbedtls_test_cli_crt_ec_len ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_pk_parse_key( &( cert->pkey ), - (const unsigned char *) mbedtls_test_cli_key_ec_der, - mbedtls_test_cli_key_ec_der_len, NULL, 0 ); - TEST_ASSERT( ret == 0 ); - } - } - - mbedtls_ssl_conf_ca_chain( &( ep->conf ), &( cert->ca_cert ), NULL ); - - ret = mbedtls_ssl_conf_own_cert( &( ep->conf ), &( cert->cert ), - &( cert->pkey ) ); - TEST_ASSERT( ret == 0 ); - -exit: - if( ret != 0 ) - { - mbedtls_x509_crt_free( &( cert->ca_cert ) ); - mbedtls_x509_crt_free( &( cert->cert ) ); - mbedtls_pk_free( &( cert->pkey ) ); - } - - return ret; -} - -/* - * Initializes \p ep structure. It is important to call `mbedtls_endpoint_free()` - * after calling this function even if it fails. - * - * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or - * MBEDTLS_SSL_IS_CLIENT. - * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and - * MBEDTLS_PK_ECDSA are supported. - * \p dtls_context - in case of DTLS - this is the context handling metadata. - * \p input_queue - used only in case of DTLS. - * \p output_queue - used only in case of DTLS. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_endpoint_init( mbedtls_endpoint *ep, int endpoint_type, int pk_alg, - mbedtls_test_message_socket_context *dtls_context, - mbedtls_test_message_queue *input_queue, - mbedtls_test_message_queue *output_queue ) -{ - int ret = -1; - - if( dtls_context != NULL && ( input_queue == NULL || output_queue == NULL ) ) - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - - if( ep == NULL ) - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - - memset( ep, 0, sizeof( *ep ) ); - - ep->name = ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? "Server" : "Client"; - - mbedtls_ssl_init( &( ep->ssl ) ); - mbedtls_ssl_config_init( &( ep->conf ) ); - mbedtls_ctr_drbg_init( &( ep->ctr_drbg ) ); - mbedtls_ssl_conf_rng( &( ep->conf ), - mbedtls_ctr_drbg_random, - &( ep->ctr_drbg ) ); - mbedtls_entropy_init( &( ep->entropy ) ); - if( dtls_context != NULL ) - { - TEST_ASSERT( mbedtls_message_socket_setup( input_queue, output_queue, - 100, &( ep->socket ), - dtls_context ) == 0 ); - } - else - { - mbedtls_mock_socket_init( &( ep->socket ) ); - } - - ret = mbedtls_ctr_drbg_seed( &( ep->ctr_drbg ), mbedtls_entropy_func, - &( ep->entropy ), (const unsigned char *) ( ep->name ), - strlen( ep->name ) ); - TEST_ASSERT( ret == 0 ); - - /* Non-blocking callbacks without timeout */ - if( dtls_context != NULL ) - { - mbedtls_ssl_set_bio( &( ep->ssl ), dtls_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL ); - } - else - { - mbedtls_ssl_set_bio( &( ep->ssl ), &( ep->socket ), - mbedtls_mock_tcp_send_nb, - mbedtls_mock_tcp_recv_nb, - NULL ); - } - - ret = mbedtls_ssl_config_defaults( &( ep->conf ), endpoint_type, - ( dtls_context != NULL ) ? - MBEDTLS_SSL_TRANSPORT_DATAGRAM : - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_ssl_setup( &( ep->ssl ), &( ep->conf ) ); - TEST_ASSERT( ret == 0 ); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) - if( endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL ) - mbedtls_ssl_conf_dtls_cookies( &( ep->conf ), NULL, NULL, NULL ); -#endif - - ret = mbedtls_endpoint_certificate_init( ep, pk_alg ); - TEST_ASSERT( ret == 0 ); - -exit: - return ret; -} - -/* - * Deinitializes certificates from endpoint represented by \p ep. - */ -void mbedtls_endpoint_certificate_free( mbedtls_endpoint *ep ) -{ - mbedtls_endpoint_certificate *cert = &( ep->cert ); - mbedtls_x509_crt_free( &( cert->ca_cert ) ); - mbedtls_x509_crt_free( &( cert->cert ) ); - mbedtls_pk_free( &( cert->pkey ) ); -} - -/* - * Deinitializes endpoint represented by \p ep. - */ -void mbedtls_endpoint_free( mbedtls_endpoint *ep, - mbedtls_test_message_socket_context *context ) -{ - mbedtls_endpoint_certificate_free( ep ); - - mbedtls_ssl_free( &( ep->ssl ) ); - mbedtls_ssl_config_free( &( ep->conf ) ); - mbedtls_ctr_drbg_free( &( ep->ctr_drbg ) ); - mbedtls_entropy_free( &( ep->entropy ) ); - - if( context != NULL ) - { - mbedtls_message_socket_close( context ); - } - else - { - mbedtls_mock_socket_close( &( ep->socket ) ); - } -} - -/* - * This function moves ssl handshake from \p ssl to prescribed \p state. - * /p second_ssl is used as second endpoint and their sockets have to be - * connected before calling this function. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl, - mbedtls_ssl_context *second_ssl, - int state ) -{ - enum { BUFFSIZE = 1024 }; - int max_steps = 1000; - int ret = 0; - - if( ssl == NULL || second_ssl == NULL ) - { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - /* Perform communication via connected sockets */ - while( ( ssl->state != state ) && ( --max_steps >= 0 ) ) - { - /* If /p second_ssl ends the handshake procedure before /p ssl then - * there is no need to call the next step */ - if( second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) - { - ret = mbedtls_ssl_handshake_step( second_ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - return ret; - } - } - - /* We only care about the \p ssl state and returns, so we call it last, - * to leave the iteration as soon as the state is as expected. */ - ret = mbedtls_ssl_handshake_step( ssl ); - if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE ) - { - return ret; - } - } - - return ( max_steps >= 0 ) ? ret : -1; -} - -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ - -/* - * Write application data. Increase write counter if necessary. - */ -int mbedtls_ssl_write_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *written, - const int expected_fragments ) -{ - int ret = mbedtls_ssl_write( ssl, buf + *written, buf_len - *written ); - if( ret > 0 ) - { - *written += ret; - } - - if( expected_fragments == 0 ) - { - /* Used for DTLS and the message size larger than MFL. In that case - * the message can not be fragmented and the library should return - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned - * to prevent a dead loop inside mbedtls_exchange_data(). */ - return ret; - } - else if( expected_fragments == 1 ) - { - /* Used for TLS/DTLS and the message size lower than MFL */ - TEST_ASSERT( ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - else - { - /* Used for TLS and the message size larger than MFL */ - TEST_ASSERT( expected_fragments > 1 ); - TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - - return 0; - -exit: - /* Some of the tests failed */ - return -1; -} - -/* - * Read application data and increase read counter and fragments counter if necessary. - */ -int mbedtls_ssl_read_fragment( mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *read, - int *fragments, const int expected_fragments ) -{ - int ret = mbedtls_ssl_read( ssl, buf + *read, buf_len - *read ); - if( ret > 0 ) - { - ( *fragments )++; - *read += ret; - } - - if( expected_fragments == 0 ) - { - TEST_ASSERT( ret == 0 ); - } - else if( expected_fragments == 1 ) - { - TEST_ASSERT( ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - else - { - TEST_ASSERT( expected_fragments > 1 ); - TEST_ASSERT( ( ret >= 0 && ret <= buf_len ) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - } - - return 0; - -exit: - /* Some of the tests failed */ - return -1; -} - -/* - * Helper function setting up inverse record transformations - * using given cipher, hash, EtM mode, authentication tag length, - * and version. - */ - -#define CHK( x ) \ - do \ - { \ - if( !( x ) ) \ - { \ - ret = -1; \ - goto cleanup; \ - } \ - } while( 0 ) - -void set_ciphersuite( mbedtls_ssl_config *conf, const char *cipher, - int* forced_ciphersuite ) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id( cipher ); - forced_ciphersuite[1] = 0; - - ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id( forced_ciphersuite[0] ); - - TEST_ASSERT( ciphersuite_info != NULL ); - TEST_ASSERT( ciphersuite_info->min_minor_ver <= conf->max_minor_ver ); - TEST_ASSERT( ciphersuite_info->max_minor_ver >= conf->min_minor_ver ); - - if( conf->max_minor_ver > ciphersuite_info->max_minor_ver ) - { - conf->max_minor_ver = ciphersuite_info->max_minor_ver; - } - if( conf->min_minor_ver < ciphersuite_info->min_minor_ver ) - { - conf->min_minor_ver = ciphersuite_info->min_minor_ver; - } - - mbedtls_ssl_conf_ciphersuites( conf, forced_ciphersuite ); - -exit: - return; -} - -int psk_dummy_callback( void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len ) -{ - (void) p_info; - (void) ssl; - (void) name; - (void) name_len; - - return ( 0 ); -} - -#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX -#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX -#else -#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX -#endif - -static int build_transforms( mbedtls_ssl_transform *t_in, - mbedtls_ssl_transform *t_out, - int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - size_t cid0_len, - size_t cid1_len ) -{ - mbedtls_cipher_info_t const *cipher_info; - int ret = 0; - - size_t keylen, maclen, ivlen; - unsigned char *key0 = NULL, *key1 = NULL; - unsigned char *md0 = NULL, *md1 = NULL; - unsigned char iv_enc[16], iv_dec[16]; - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned char cid0[ SSL_CID_LEN_MIN ]; - unsigned char cid1[ SSL_CID_LEN_MIN ]; - - mbedtls_test_rnd_std_rand( NULL, cid0, sizeof( cid0 ) ); - mbedtls_test_rnd_std_rand( NULL, cid1, sizeof( cid1 ) ); -#else - ((void) cid0_len); - ((void) cid1_len); -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - - maclen = 0; - - /* Pick cipher */ - cipher_info = mbedtls_cipher_info_from_type( cipher_type ); - CHK( cipher_info != NULL ); - CHK( cipher_info->iv_size <= 16 ); - CHK( cipher_info->key_bitlen % 8 == 0 ); - - /* Pick keys */ - keylen = cipher_info->key_bitlen / 8; - /* Allocate `keylen + 1` bytes to ensure that we get - * a non-NULL pointers from `mbedtls_calloc` even if - * `keylen == 0` in the case of the NULL cipher. */ - CHK( ( key0 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); - CHK( ( key1 = mbedtls_calloc( 1, keylen + 1 ) ) != NULL ); - memset( key0, 0x1, keylen ); - memset( key1, 0x2, keylen ); - - /* Setup cipher contexts */ - CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_enc, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_in->cipher_ctx_dec, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_enc, cipher_info ) == 0 ); - CHK( mbedtls_cipher_setup( &t_out->cipher_ctx_dec, cipher_info ) == 0 ); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - if( cipher_info->mode == MBEDTLS_MODE_CBC ) - { - CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_in->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_enc, - MBEDTLS_PADDING_NONE ) == 0 ); - CHK( mbedtls_cipher_set_padding_mode( &t_out->cipher_ctx_dec, - MBEDTLS_PADDING_NONE ) == 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - - CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_enc, key0, - keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_in->cipher_ctx_dec, key1, - keylen << 3, MBEDTLS_DECRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_enc, key1, - keylen << 3, MBEDTLS_ENCRYPT ) == 0 ); - CHK( mbedtls_cipher_setkey( &t_out->cipher_ctx_dec, key0, - keylen << 3, MBEDTLS_DECRYPT ) == 0 ); - - /* Setup MAC contexts */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - if( cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_STREAM ) - { - mbedtls_md_info_t const *md_info; - - /* Pick hash */ - md_info = mbedtls_md_info_from_type( hash_id ); - CHK( md_info != NULL ); - - /* Pick hash keys */ - maclen = mbedtls_md_get_size( md_info ); - CHK( ( md0 = mbedtls_calloc( 1, maclen ) ) != NULL ); - CHK( ( md1 = mbedtls_calloc( 1, maclen ) ) != NULL ); - memset( md0, 0x5, maclen ); - memset( md1, 0x6, maclen ); - - CHK( mbedtls_md_setup( &t_out->md_ctx_enc, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_out->md_ctx_dec, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_in->md_ctx_enc, md_info, 1 ) == 0 ); - CHK( mbedtls_md_setup( &t_in->md_ctx_dec, md_info, 1 ) == 0 ); - - if( ver > MBEDTLS_SSL_MINOR_VERSION_0 ) - { - CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_enc, - md0, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_in->md_ctx_dec, - md1, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_enc, - md1, maclen ) == 0 ); - CHK( mbedtls_md_hmac_starts( &t_out->md_ctx_dec, - md0, maclen ) == 0 ); - } -#if defined(MBEDTLS_SSL_PROTO_SSL3) - else - { - memcpy( &t_in->mac_enc, md0, maclen ); - memcpy( &t_in->mac_dec, md1, maclen ); - memcpy( &t_out->mac_enc, md1, maclen ); - memcpy( &t_out->mac_dec, md0, maclen ); - } -#endif - } -#else - ((void) hash_id); -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ - - - /* Pick IV's (regardless of whether they - * are being used by the transform). */ - ivlen = cipher_info->iv_size; - memset( iv_enc, 0x3, sizeof( iv_enc ) ); - memset( iv_dec, 0x4, sizeof( iv_dec ) ); - - /* - * Setup transforms - */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) - t_out->encrypt_then_mac = etm; - t_in->encrypt_then_mac = etm; -#else - ((void) etm); -#endif - - t_out->minor_ver = ver; - t_in->minor_ver = ver; - t_out->ivlen = ivlen; - t_in->ivlen = ivlen; - - switch( cipher_info->mode ) - { - case MBEDTLS_MODE_GCM: - case MBEDTLS_MODE_CCM: -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { - t_out->fixed_ivlen = 12; - t_in->fixed_ivlen = 12; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - { - t_out->fixed_ivlen = 4; - t_in->fixed_ivlen = 4; - } - t_out->maclen = 0; - t_in->maclen = 0; - switch( tag_mode ) - { - case 0: /* Full tag */ - t_out->taglen = 16; - t_in->taglen = 16; - break; - case 1: /* Partial tag */ - t_out->taglen = 8; - t_in->taglen = 8; - break; - default: - ret = 1; - goto cleanup; - } - break; - - case MBEDTLS_MODE_CHACHAPOLY: - t_out->fixed_ivlen = 12; - t_in->fixed_ivlen = 12; - t_out->maclen = 0; - t_in->maclen = 0; - switch( tag_mode ) - { - case 0: /* Full tag */ - t_out->taglen = 16; - t_in->taglen = 16; - break; - case 1: /* Partial tag */ - t_out->taglen = 8; - t_in->taglen = 8; - break; - default: - ret = 1; - goto cleanup; - } - break; - - case MBEDTLS_MODE_STREAM: - case MBEDTLS_MODE_CBC: - t_out->fixed_ivlen = 0; /* redundant, must be 0 */ - t_in->fixed_ivlen = 0; /* redundant, must be 0 */ - t_out->taglen = 0; - t_in->taglen = 0; - switch( tag_mode ) - { - case 0: /* Full tag */ - t_out->maclen = maclen; - t_in->maclen = maclen; - break; - case 1: /* Partial tag */ - t_out->maclen = 10; - t_in->maclen = 10; - break; - default: - ret = 1; - goto cleanup; - } - break; - default: - ret = 1; - goto cleanup; - break; - } - - /* Setup IV's */ - - memcpy( &t_in->iv_dec, iv_dec, sizeof( iv_dec ) ); - memcpy( &t_in->iv_enc, iv_enc, sizeof( iv_enc ) ); - memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) ); - memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) ); - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - /* Add CID */ - memcpy( &t_in->in_cid, cid0, cid0_len ); - memcpy( &t_in->out_cid, cid1, cid1_len ); - t_in->in_cid_len = cid0_len; - t_in->out_cid_len = cid1_len; - memcpy( &t_out->in_cid, cid1, cid1_len ); - memcpy( &t_out->out_cid, cid0, cid0_len ); - t_out->in_cid_len = cid1_len; - t_out->out_cid_len = cid0_len; -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - -cleanup: - - mbedtls_free( key0 ); - mbedtls_free( key1 ); - - mbedtls_free( md0 ); - mbedtls_free( md1 ); - - return( ret ); -} - -/* - * Populate a session structure for serialization tests. - * Choose dummy values, mostly non-0 to distinguish from the init default. - */ -static int ssl_populate_session( mbedtls_ssl_session *session, - int ticket_len, - const char *crt_file ) -{ -#if defined(MBEDTLS_HAVE_TIME) - session->start = mbedtls_time( NULL ) - 42; -#endif - session->ciphersuite = 0xabcd; - session->compression = 1; - session->id_len = sizeof( session->id ); - memset( session->id, 66, session->id_len ); - memset( session->master, 17, sizeof( session->master ) ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_FS_IO) - if( strlen( crt_file ) != 0 ) - { - mbedtls_x509_crt tmp_crt; - int ret; - - mbedtls_x509_crt_init( &tmp_crt ); - ret = mbedtls_x509_crt_parse_file( &tmp_crt, crt_file ); - if( ret != 0 ) - return( ret ); - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* Move temporary CRT. */ - session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) ); - if( session->peer_cert == NULL ) - return( -1 ); - *session->peer_cert = tmp_crt; - memset( &tmp_crt, 0, sizeof( tmp_crt ) ); -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - /* Calculate digest of temporary CRT. */ - session->peer_cert_digest = - mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ); - if( session->peer_cert_digest == NULL ) - return( -1 ); - ret = mbedtls_md( mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ), - tmp_crt.raw.p, tmp_crt.raw.len, - session->peer_cert_digest ); - if( ret != 0 ) - return( ret ); - session->peer_cert_digest_type = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; - session->peer_cert_digest_len = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - mbedtls_x509_crt_free( &tmp_crt ); - } -#else /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */ - (void) crt_file; -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_FS_IO */ - session->verify_result = 0xdeadbeef; - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if( ticket_len != 0 ) - { - session->ticket = mbedtls_calloc( 1, ticket_len ); - if( session->ticket == NULL ) - return( -1 ); - memset( session->ticket, 33, ticket_len ); - } - session->ticket_len = ticket_len; - session->ticket_lifetime = 86401; -#else - (void) ticket_len; -#endif - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - session->mfl_code = 1; -#endif -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - session->trunc_hmac = 1; -#endif -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - session->encrypt_then_mac = 1; -#endif - - return( 0 ); -} - -/* - * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the - * message was sent in the correct number of fragments. - * - * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both - * of them must be initialized and connected beforehand. - * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. - * /p expected_fragments_1 and /p expected_fragments_2 determine in how many - * fragments the message should be sent. - * expected_fragments is 0: can be used for DTLS testing while the message - * size is larger than MFL. In that case the message - * cannot be fragmented and sent to the second endpoint. - * This value can be used for negative tests. - * expected_fragments is 1: can be used for TLS/DTLS testing while the - * message size is below MFL - * expected_fragments > 1: can be used for TLS testing while the message - * size is larger than MFL - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_exchange_data( mbedtls_ssl_context *ssl_1, - int msg_len_1, const int expected_fragments_1, - mbedtls_ssl_context *ssl_2, - int msg_len_2, const int expected_fragments_2 ) -{ - unsigned char *msg_buf_1 = malloc( msg_len_1 ); - unsigned char *msg_buf_2 = malloc( msg_len_2 ); - unsigned char *in_buf_1 = malloc( msg_len_2 ); - unsigned char *in_buf_2 = malloc( msg_len_1 ); - int msg_type, ret = -1; - - /* Perform this test with two message types. At first use a message - * consisting of only 0x00 for the client and only 0xFF for the server. - * At the second time use message with generated data */ - for( msg_type = 0; msg_type < 2; msg_type++ ) - { - int written_1 = 0; - int written_2 = 0; - int read_1 = 0; - int read_2 = 0; - int fragments_1 = 0; - int fragments_2 = 0; - - if( msg_type == 0 ) - { - memset( msg_buf_1, 0x00, msg_len_1 ); - memset( msg_buf_2, 0xff, msg_len_2 ); - } - else - { - int i, j = 0; - for( i = 0; i < msg_len_1; i++ ) - { - msg_buf_1[i] = j++ & 0xFF; - } - for( i = 0; i < msg_len_2; i++ ) - { - msg_buf_2[i] = ( j -= 5 ) & 0xFF; - } - } - - while( read_1 < msg_len_2 || read_2 < msg_len_1 ) - { - /* ssl_1 sending */ - if( msg_len_1 > written_1 ) - { - ret = mbedtls_ssl_write_fragment( ssl_1, msg_buf_1, - msg_len_1, &written_1, - expected_fragments_1 ); - if( expected_fragments_1 == 0 ) - { - /* This error is expected when the message is too large and - * cannot be fragmented */ - TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - msg_len_1 = 0; - } - else - { - TEST_ASSERT( ret == 0 ); - } - } - - /* ssl_2 sending */ - if( msg_len_2 > written_2 ) - { - ret = mbedtls_ssl_write_fragment( ssl_2, msg_buf_2, - msg_len_2, &written_2, - expected_fragments_2 ); - if( expected_fragments_2 == 0 ) - { - /* This error is expected when the message is too large and - * cannot be fragmented */ - TEST_ASSERT( ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - msg_len_2 = 0; - } - else - { - TEST_ASSERT( ret == 0 ); - } - } - - /* ssl_1 reading */ - if( read_1 < msg_len_2 ) - { - ret = mbedtls_ssl_read_fragment( ssl_1, in_buf_1, - msg_len_2, &read_1, - &fragments_2, - expected_fragments_2 ); - TEST_ASSERT( ret == 0 ); - } - - /* ssl_2 reading */ - if( read_2 < msg_len_1 ) - { - ret = mbedtls_ssl_read_fragment( ssl_2, in_buf_2, - msg_len_1, &read_2, - &fragments_1, - expected_fragments_1 ); - TEST_ASSERT( ret == 0 ); - } - } - - ret = -1; - TEST_ASSERT( 0 == memcmp( msg_buf_1, in_buf_2, msg_len_1 ) ); - TEST_ASSERT( 0 == memcmp( msg_buf_2, in_buf_1, msg_len_2 ) ); - TEST_ASSERT( fragments_1 == expected_fragments_1 ); - TEST_ASSERT( fragments_2 == expected_fragments_2 ); - } - - ret = 0; - -exit: - free( msg_buf_1 ); - free( in_buf_1 ); - free( msg_buf_2 ); - free( in_buf_2 ); - - return ret; -} - -/* - * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints - * must be initialized and connected beforehand. - * - * \retval 0 on success, otherwise error code. - */ -int exchange_data( mbedtls_ssl_context *ssl_1, - mbedtls_ssl_context *ssl_2 ) -{ - return mbedtls_exchange_data( ssl_1, 256, 1, - ssl_2, 256, 1 ); -} - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_CTR_DRBG_C) -void perform_handshake( handshake_test_options* options ) -{ - /* forced_ciphersuite needs to last until the end of the handshake */ - int forced_ciphersuite[2]; - enum { BUFFSIZE = 17000 }; - mbedtls_endpoint client, server; -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - const char *psk_identity = "foo"; -#endif -#if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context timer_client, timer_server; -#endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - unsigned char *context_buf = NULL; - size_t context_buf_len; -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int ret = -1; -#endif - int expected_handshake_result = 0; - - mbedtls_test_message_queue server_queue, client_queue; - mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - - /* Client side */ - if( options->dtls != 0 ) - { - TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, &client_context, - &client_queue, - &server_queue ) == 0 ); -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); -#endif - } - else - { - TEST_ASSERT( mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, - options->pk_alg, NULL, NULL, - NULL ) == 0 ); - } - - if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->client_min_version ); - } - - if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->client_max_version ); - } - - if( strlen( options->cipher ) > 0 ) - { - set_ciphersuite( &client.conf, options->cipher, forced_ciphersuite ); - } - -#if defined (MBEDTLS_DEBUG_C) - if( options->cli_log_fun ) - { - mbedtls_debug_set_threshold( 4 ); - mbedtls_ssl_conf_dbg( &client.conf, options->cli_log_fun, - options->cli_log_obj ); - } -#endif - - /* Server side */ - if( options->dtls != 0 ) - { - TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, &server_context, - &server_queue, - &client_queue) == 0 ); -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); -#endif - } - else - { - TEST_ASSERT( mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, - options->pk_alg, NULL, NULL, NULL ) == 0 ); - } - - mbedtls_ssl_conf_authmode( &server.conf, options->srv_auth_mode ); - - if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->server_min_version ); - } - - if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE ) - { - mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, - options->server_max_version ); - } - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(server.conf), - (unsigned char) options->mfl ) == 0 ); - TEST_ASSERT( mbedtls_ssl_conf_max_frag_len( &(client.conf), - (unsigned char) options->mfl ) == 0 ); -#else - TEST_ASSERT( MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl ); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) - if( options->psk_str != NULL && options->psk_str->len > 0 ) - { - TEST_ASSERT( mbedtls_ssl_conf_psk( &client.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen( psk_identity ) ) == 0 ); - - TEST_ASSERT( mbedtls_ssl_conf_psk( &server.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen( psk_identity ) ) == 0 ); - - mbedtls_ssl_conf_psk_cb( &server.conf, psk_dummy_callback, NULL ); - } -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( options->renegotiate ) - { - mbedtls_ssl_conf_renegotiation( &(server.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED ); - mbedtls_ssl_conf_renegotiation( &(client.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED ); - - mbedtls_ssl_conf_legacy_renegotiation( &(server.conf), - options->legacy_renegotiation ); - mbedtls_ssl_conf_legacy_renegotiation( &(client.conf), - options->legacy_renegotiation ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined (MBEDTLS_DEBUG_C) - if( options->srv_log_fun ) - { - mbedtls_debug_set_threshold( 4 ); - mbedtls_ssl_conf_dbg( &server.conf, options->srv_log_fun, - options->srv_log_obj ); - } -#endif - - TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket), - &(server.socket), - BUFFSIZE ) == 0 ); - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); - TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); - } -#endif - - if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE ) - { - expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; - } - - TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER ) - == expected_handshake_result ); - - if( expected_handshake_result != 0 ) - { - /* Connection will have failed by this point, skip to cleanup */ - goto exit; - } - - TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); - TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER ); - - /* Check that we agree on the version... */ - TEST_ASSERT( client.ssl.minor_ver == server.ssl.minor_ver ); - - /* And check that the version negotiated is the expected one. */ - TEST_EQUAL( client.ssl.minor_ver, options->expected_negotiated_version ); - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { - if( options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_0 && - options->expected_negotiated_version != MBEDTLS_SSL_MINOR_VERSION_1 ) - { - /* A server, when using DTLS, might delay a buffer resize to happen - * after it receives a message, so we force it. */ - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - - TEST_ASSERT( client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &client.ssl ) ); - TEST_ASSERT( client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &client.ssl ) ); - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); - } - } -#endif - - if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) - { - /* Start data exchanging test */ - TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), options->srv_msg_len, - options->expected_srv_fragments ) - == 0 ); - } -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( options->serialize == 1 ) - { - TEST_ASSERT( options->dtls == 1 ); - - TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL, - 0, &context_buf_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - - context_buf = mbedtls_calloc( 1, context_buf_len ); - TEST_ASSERT( context_buf != NULL ); - - TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf, - context_buf_len, - &context_buf_len ) == 0 ); - - mbedtls_ssl_free( &(server.ssl) ); - mbedtls_ssl_init( &(server.ssl) ); - - TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 ); - - mbedtls_ssl_set_bio( &( server.ssl ), &server_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL ); - -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay ); -#endif -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); - } -#endif - TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf, - context_buf_len ) == 0 ); - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - /* Validate buffer sizes after context deserialization */ - if( options->resize_buffers != 0 ) - { - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); - } -#endif - /* Retest writing/reading */ - if( options->cli_msg_len != 0 || options->srv_msg_len != 0 ) - { - TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), - options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), - options->srv_msg_len, - options->expected_srv_fragments ) - == 0 ); - } - } -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( options->renegotiate ) - { - /* Start test with renegotiation */ - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); - - /* After calling this function for the server, it only sends a handshake - * request. All renegotiation should happen during data exchanging */ - TEST_ASSERT( mbedtls_ssl_renegotiate( &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_PENDING ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE ); - - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - - /* After calling mbedtls_ssl_renegotiate for the client all renegotiation - * should happen inside this function. However in this test, we cannot - * perform simultaneous communication betwen client and server so this - * function will return waiting error on the socket. All rest of - * renegotiation should happen during data exchanging */ - ret = mbedtls_ssl_renegotiate( &(client.ssl) ); -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( options->resize_buffers != 0 ) - { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT( client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN ); - TEST_ASSERT( client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN ); - } -#endif - TEST_ASSERT( ret == 0 || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS ); - - TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 ); - TEST_ASSERT( server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); - TEST_ASSERT( client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE ); -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - /* Validate buffer sizes after renegotiation */ - if( options->resize_buffers != 0 ) - { - TEST_ASSERT( client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &client.ssl ) ); - TEST_ASSERT( client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &client.ssl ) ); - TEST_ASSERT( server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen( &server.ssl ) ); - TEST_ASSERT( server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen( &server.ssl ) ); - } -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -exit: - mbedtls_endpoint_free( &client, options->dtls != 0 ? &client_context : NULL ); - mbedtls_endpoint_free( &server, options->dtls != 0 ? &server_context : NULL ); -#if defined (MBEDTLS_DEBUG_C) - if( options->cli_log_fun || options->srv_log_fun ) - { - mbedtls_debug_set_threshold( 0 ); - } -#endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( context_buf != NULL ) - mbedtls_free( context_buf ); -#endif -} -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ +#define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } /* END_HEADER */ @@ -2065,65 +18,70 @@ exit: void test_callback_buffer_sanity() { enum { MSGLEN = 10 }; - mbedtls_test_buffer buf; + mbedtls_test_ssl_buffer buf; unsigned char input[MSGLEN]; unsigned char output[MSGLEN]; - memset( input, 0, sizeof(input) ); + USE_PSA_INIT(); + memset(input, 0, sizeof(input)); /* Make sure calling put and get on NULL buffer results in error. */ - TEST_ASSERT( mbedtls_test_buffer_put( NULL, input, sizeof( input ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( NULL, output, sizeof( output ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, sizeof( input ) ) == -1 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, input, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)) + == -1); - TEST_ASSERT( mbedtls_test_buffer_put( NULL, NULL, 0 ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( NULL, NULL, 0 ) == -1 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1); /* Make sure calling put and get on a buffer that hasn't been set up results - * in eror. */ - mbedtls_test_buffer_init( &buf ); + * in error. */ + mbedtls_test_ssl_buffer_init(&buf); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, sizeof( output ) ) - == -1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) + == -1); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == -1 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1); /* Make sure calling put and get on NULL input only results in * error if the length is not zero, and that a NULL output is valid for data * dropping. */ - TEST_ASSERT( mbedtls_test_buffer_setup( &buf, sizeof( input ) ) == 0 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, sizeof( input ) ) == -1 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, sizeof( output ) ) - == 0 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, NULL, 0 ) == 0 ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, NULL, 0 ) == 0 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output)) + == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == 0); /* Make sure calling put several times in the row is safe */ - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, sizeof( input ) ) - == sizeof( input ) ); - TEST_ASSERT( mbedtls_test_buffer_get( &buf, output, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 1 ); - TEST_ASSERT( mbedtls_test_buffer_put( &buf, input, 2 ) == 0 ); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) + == sizeof(input)); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 0); exit: - - mbedtls_test_buffer_free( &buf ); + mbedtls_test_ssl_buffer_free(&buf); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_test_buffer` related functions is + * Test if the implementation of `mbedtls_test_ssl_buffer` related functions is * correct and works as expected. * * That is @@ -2136,269 +94,249 @@ exit: */ /* BEGIN_CASE */ -void test_callback_buffer( int size, int put1, int put1_ret, - int get1, int get1_ret, int put2, int put2_ret, - int get2, int get2_ret ) +void test_callback_buffer(int size, int put1, int put1_ret, + int get1, int get1_ret, int put2, int put2_ret, + int get2, int get2_ret) { enum { ROUNDS = 2 }; size_t put[ROUNDS]; int put_ret[ROUNDS]; size_t get[ROUNDS]; int get_ret[ROUNDS]; - mbedtls_test_buffer buf; - unsigned char* input = NULL; + mbedtls_test_ssl_buffer buf; + unsigned char *input = NULL; size_t input_len; - unsigned char* output = NULL; + unsigned char *output = NULL; size_t output_len; size_t i, j, written, read; - mbedtls_test_buffer_init( &buf ); - TEST_ASSERT( mbedtls_test_buffer_setup( &buf, size ) == 0 ); + mbedtls_test_ssl_buffer_init(&buf); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, size) == 0); /* Check the sanity of input parameters and initialise local variables. That * is, ensure that the amount of data is not negative and that we are not * expecting more to put or get than we actually asked for. */ - TEST_ASSERT( put1 >= 0 ); + TEST_ASSERT(put1 >= 0); put[0] = put1; put_ret[0] = put1_ret; - TEST_ASSERT( put1_ret <= put1 ); - TEST_ASSERT( put2 >= 0 ); + TEST_ASSERT(put1_ret <= put1); + TEST_ASSERT(put2 >= 0); put[1] = put2; put_ret[1] = put2_ret; - TEST_ASSERT( put2_ret <= put2 ); + TEST_ASSERT(put2_ret <= put2); - TEST_ASSERT( get1 >= 0 ); + TEST_ASSERT(get1 >= 0); get[0] = get1; get_ret[0] = get1_ret; - TEST_ASSERT( get1_ret <= get1 ); - TEST_ASSERT( get2 >= 0 ); + TEST_ASSERT(get1_ret <= get1); + TEST_ASSERT(get2 >= 0); get[1] = get2; get_ret[1] = get2_ret; - TEST_ASSERT( get2_ret <= get2 ); + TEST_ASSERT(get2_ret <= get2); input_len = 0; /* Calculate actual input and output lengths */ - for( j = 0; j < ROUNDS; j++ ) - { - if( put_ret[j] > 0 ) - { + for (j = 0; j < ROUNDS; j++) { + if (put_ret[j] > 0) { input_len += put_ret[j]; } } /* In order to always have a valid pointer we always allocate at least 1 * byte. */ - if( input_len == 0 ) + if (input_len == 0) { input_len = 1; - ASSERT_ALLOC( input, input_len ); + } + TEST_CALLOC(input, input_len); output_len = 0; - for( j = 0; j < ROUNDS; j++ ) - { - if( get_ret[j] > 0 ) - { + for (j = 0; j < ROUNDS; j++) { + if (get_ret[j] > 0) { output_len += get_ret[j]; } } - TEST_ASSERT( output_len <= input_len ); + TEST_ASSERT(output_len <= input_len); /* In order to always have a valid pointer we always allocate at least 1 * byte. */ - if( output_len == 0 ) + if (output_len == 0) { output_len = 1; - ASSERT_ALLOC( output, output_len ); + } + TEST_CALLOC(output, output_len); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < input_len; i++ ) - { + for (i = 0; i < input_len; i++) { input[i] = i & 0xFF; } written = read = 0; - for( j = 0; j < ROUNDS; j++ ) - { - TEST_ASSERT( put_ret[j] == mbedtls_test_buffer_put( &buf, - input + written, put[j] ) ); + for (j = 0; j < ROUNDS; j++) { + TEST_ASSERT(put_ret[j] == mbedtls_test_ssl_buffer_put(&buf, + input + written, put[j])); written += put_ret[j]; - TEST_ASSERT( get_ret[j] == mbedtls_test_buffer_get( &buf, - output + read, get[j] ) ); + TEST_ASSERT(get_ret[j] == mbedtls_test_ssl_buffer_get(&buf, + output + read, get[j])); read += get_ret[j]; - TEST_ASSERT( read <= written ); - if( get_ret[j] > 0 ) - { - TEST_ASSERT( memcmp( output + read - get_ret[j], - input + read - get_ret[j], get_ret[j] ) - == 0 ); + TEST_ASSERT(read <= written); + if (get_ret[j] > 0) { + TEST_ASSERT(memcmp(output + read - get_ret[j], + input + read - get_ret[j], get_ret[j]) + == 0); } } exit: - - mbedtls_free( input ); - mbedtls_free( output ); - mbedtls_test_buffer_free( &buf ); + mbedtls_free(input); + mbedtls_free(output); + mbedtls_test_ssl_buffer_free(&buf); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related I/O functions is - * correct and works as expected on unconnected sockets. + * Test if the implementation of `mbedtls_test_mock_socket` related + * I/O functions is correct and works as expected on unconnected sockets. */ /* BEGIN_CASE */ -void ssl_mock_sanity( ) +void ssl_mock_sanity() { enum { MSGLEN = 105 }; unsigned char message[MSGLEN] = { 0 }; unsigned char received[MSGLEN] = { 0 }; - mbedtls_mock_socket socket; - - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_send_b( &socket, message, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_recv_b( &socket, received, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); - - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_send_nb( &socket, message, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); - mbedtls_mock_socket_init( &socket ); - TEST_ASSERT( mbedtls_mock_tcp_recv_nb( &socket, received, MSGLEN ) < 0 ); - mbedtls_mock_socket_close( &socket ); + mbedtls_test_mock_socket socket; + + mbedtls_test_mock_socket_init(&socket); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_mock_tcp_send_b(&socket, message, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_b(&socket, received, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); + + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_send_nb(&socket, message, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_nb(&socket, received, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); exit: - - mbedtls_mock_socket_close( &socket ); + mbedtls_test_mock_socket_close(&socket); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related functions can - * send a single message from the client to the server. + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send a single message from the client to the server. */ /* BEGIN_CASE */ -void ssl_mock_tcp( int blocking ) +void ssl_mock_tcp(int blocking) { enum { MSGLEN = 105 }; enum { BUFLEN = MSGLEN / 5 }; unsigned char message[MSGLEN]; unsigned char received[MSGLEN]; - mbedtls_mock_socket client; - mbedtls_mock_socket server; + mbedtls_test_mock_socket client; + mbedtls_test_mock_socket server; size_t written, read; int send_ret, recv_ret; mbedtls_ssl_send_t *send; mbedtls_ssl_recv_t *recv; unsigned i; - if( blocking == 0 ) - { - send = mbedtls_mock_tcp_send_nb; - recv = mbedtls_mock_tcp_recv_nb; - } - else - { - send = mbedtls_mock_tcp_send_b; - recv = mbedtls_mock_tcp_recv_b; + if (blocking == 0) { + send = mbedtls_test_mock_tcp_send_nb; + recv = mbedtls_test_mock_tcp_recv_nb; + } else { + send = mbedtls_test_mock_tcp_send_b; + recv = mbedtls_test_mock_tcp_recv_b; } - mbedtls_mock_socket_init( &client ); - mbedtls_mock_socket_init( &server ); + mbedtls_test_mock_socket_init(&client); + mbedtls_test_mock_socket_init(&server); + USE_PSA_INIT(); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, BUFLEN)); /* Send the message to the server */ send_ret = recv_ret = 1; written = read = 0; - while( send_ret != 0 || recv_ret != 0 ) - { - send_ret = send( &client, message + written, MSGLEN - written ); + while (send_ret != 0 || recv_ret != 0) { + send_ret = send(&client, message + written, MSGLEN - written); - TEST_ASSERT( send_ret >= 0 ); - TEST_ASSERT( send_ret <= BUFLEN ); + TEST_ASSERT(send_ret >= 0); + TEST_ASSERT(send_ret <= BUFLEN); written += send_ret; /* If the buffer is full we can test blocking and non-blocking send */ - if ( send_ret == BUFLEN ) - { - int blocking_ret = send( &client, message , 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + if (send_ret == BUFLEN) { + int blocking_ret = send(&client, message, 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE); } } - recv_ret = recv( &server, received + read, MSGLEN - read ); + recv_ret = recv(&server, received + read, MSGLEN - read); /* The result depends on whether any data was sent */ - if ( send_ret > 0 ) - { - TEST_ASSERT( recv_ret > 0 ); - TEST_ASSERT( recv_ret <= BUFLEN ); + if (send_ret > 0) { + TEST_ASSERT(recv_ret > 0); + TEST_ASSERT(recv_ret <= BUFLEN); read += recv_ret; - } - else if( blocking ) - { - TEST_ASSERT( recv_ret == 0 ); - } - else - { - TEST_ASSERT( recv_ret == MBEDTLS_ERR_SSL_WANT_READ ); + } else if (blocking) { + TEST_ASSERT(recv_ret == 0); + } else { + TEST_ASSERT(recv_ret == MBEDTLS_ERR_SSL_WANT_READ); recv_ret = 0; } /* If the buffer is empty we can test blocking and non-blocking read */ - if ( recv_ret == BUFLEN ) - { - int blocking_ret = recv( &server, received, 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); + if (recv_ret == BUFLEN) { + int blocking_ret = recv(&server, received, 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ); } } } - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - - mbedtls_mock_socket_close( &client ); - mbedtls_mock_socket_close( &server ); + mbedtls_test_mock_socket_close(&client); + mbedtls_test_mock_socket_close(&server); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related functions can - * send messages in both direction at the same time (with the I/O calls + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send messages in both direction at the same time (with the I/O calls * interleaving). */ /* BEGIN_CASE */ -void ssl_mock_tcp_interleaving( int blocking ) +void ssl_mock_tcp_interleaving(int blocking) { enum { ROUNDS = 2 }; enum { MSGLEN = 105 }; enum { BUFLEN = MSGLEN / 5 }; unsigned char message[ROUNDS][MSGLEN]; unsigned char received[ROUNDS][MSGLEN]; - mbedtls_mock_socket client; - mbedtls_mock_socket server; + mbedtls_test_mock_socket client; + mbedtls_test_mock_socket server; size_t written[ROUNDS]; size_t read[ROUNDS]; int send_ret[ROUNDS]; @@ -2407,773 +345,821 @@ void ssl_mock_tcp_interleaving( int blocking ) mbedtls_ssl_send_t *send; mbedtls_ssl_recv_t *recv; - if( blocking == 0 ) - { - send = mbedtls_mock_tcp_send_nb; - recv = mbedtls_mock_tcp_recv_nb; - } - else - { - send = mbedtls_mock_tcp_send_b; - recv = mbedtls_mock_tcp_recv_b; + if (blocking == 0) { + send = mbedtls_test_mock_tcp_send_nb; + recv = mbedtls_test_mock_tcp_recv_nb; + } else { + send = mbedtls_test_mock_tcp_send_b; + recv = mbedtls_test_mock_tcp_recv_b; } - mbedtls_mock_socket_init( &client ); - mbedtls_mock_socket_init( &server ); + mbedtls_test_mock_socket_init(&client); + mbedtls_test_mock_socket_init(&server); + USE_PSA_INIT(); /* Fill up the buffers with structured data so that unwanted changes * can be detected */ - for( i = 0; i < ROUNDS; i++ ) - { - for( j = 0; j < MSGLEN; j++ ) - { - message[i][j] = ( i * MSGLEN + j ) & 0xFF; + for (i = 0; i < ROUNDS; i++) { + for (j = 0; j < MSGLEN; j++) { + message[i][j] = (i * MSGLEN + j) & 0xFF; } } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, BUFLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + BUFLEN)); /* Send the message from both sides, interleaving. */ progress = 1; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { written[i] = 0; read[i] = 0; } /* This loop does not stop as long as there was a successful write or read * of at least one byte on either side. */ - while( progress != 0 ) - { - mbedtls_mock_socket *socket; + while (progress != 0) { + mbedtls_test_mock_socket *socket; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { /* First sending is from the client */ - socket = ( i % 2 == 0 ) ? ( &client ) : ( &server ); + socket = (i % 2 == 0) ? (&client) : (&server); - send_ret[i] = send( socket, message[i] + written[i], - MSGLEN - written[i] ); - TEST_ASSERT( send_ret[i] >= 0 ); - TEST_ASSERT( send_ret[i] <= BUFLEN ); + send_ret[i] = send(socket, message[i] + written[i], + MSGLEN - written[i]); + TEST_ASSERT(send_ret[i] >= 0); + TEST_ASSERT(send_ret[i] <= BUFLEN); written[i] += send_ret[i]; /* If the buffer is full we can test blocking and non-blocking * send */ - if ( send_ret[i] == BUFLEN ) - { - int blocking_ret = send( socket, message[i] , 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE ); + if (send_ret[i] == BUFLEN) { + int blocking_ret = send(socket, message[i], 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_WRITE); } } } - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { /* First receiving is from the server */ - socket = ( i % 2 == 0 ) ? ( &server ) : ( &client ); + socket = (i % 2 == 0) ? (&server) : (&client); - recv_ret[i] = recv( socket, received[i] + read[i], - MSGLEN - read[i] ); + recv_ret[i] = recv(socket, received[i] + read[i], + MSGLEN - read[i]); /* The result depends on whether any data was sent */ - if ( send_ret[i] > 0 ) - { - TEST_ASSERT( recv_ret[i] > 0 ); - TEST_ASSERT( recv_ret[i] <= BUFLEN ); + if (send_ret[i] > 0) { + TEST_ASSERT(recv_ret[i] > 0); + TEST_ASSERT(recv_ret[i] <= BUFLEN); read[i] += recv_ret[i]; - } - else if( blocking ) - { - TEST_ASSERT( recv_ret[i] == 0 ); - } - else - { - TEST_ASSERT( recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ ); + } else if (blocking) { + TEST_ASSERT(recv_ret[i] == 0); + } else { + TEST_ASSERT(recv_ret[i] == MBEDTLS_ERR_SSL_WANT_READ); recv_ret[i] = 0; } /* If the buffer is empty we can test blocking and non-blocking * read */ - if ( recv_ret[i] == BUFLEN ) - { - int blocking_ret = recv( socket, received[i], 1 ); - if ( blocking ) - { - TEST_ASSERT( blocking_ret == 0 ); - } - else - { - TEST_ASSERT( blocking_ret == MBEDTLS_ERR_SSL_WANT_READ ); + if (recv_ret[i] == BUFLEN) { + int blocking_ret = recv(socket, received[i], 1); + if (blocking) { + TEST_ASSERT(blocking_ret == 0); + } else { + TEST_ASSERT(blocking_ret == MBEDTLS_ERR_SSL_WANT_READ); } } } progress = 0; - for( i = 0; i < ROUNDS; i++ ) - { + for (i = 0; i < ROUNDS; i++) { progress += send_ret[i] + recv_ret[i]; } } - for( i = 0; i < ROUNDS; i++ ) - TEST_ASSERT( memcmp( message[i], received[i], MSGLEN ) == 0 ); + for (i = 0; i < ROUNDS; i++) { + TEST_ASSERT(memcmp(message[i], received[i], MSGLEN) == 0); + } exit: - - mbedtls_mock_socket_close( &client ); - mbedtls_mock_socket_close( &server ); + mbedtls_test_mock_socket_close(&client); + mbedtls_test_mock_socket_close(&server); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_sanity( ) +void ssl_message_queue_sanity() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; + USE_PSA_INIT(); /* Trying to push/pull to an empty queue */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( NULL, 1 ) - == MBEDTLS_TEST_ERROR_ARG_NULL ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( NULL, 1 ) - == MBEDTLS_TEST_ERROR_ARG_NULL ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(NULL, 1) + == MBEDTLS_TEST_ERROR_ARG_NULL); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(NULL, 1) + == MBEDTLS_TEST_ERROR_ARG_NULL); - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 0 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 0); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_basic( ) +void ssl_message_queue_basic() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* Sanity test - 3 pushes and 3 pops with sufficient space */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( queue.capacity == 3 ); - TEST_ASSERT( queue.num == 3 ); - - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(queue.capacity == 3); + TEST_ASSERT(queue.num == 3); + + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_overflow_underflow( ) +void ssl_message_queue_overflow_underflow() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* 4 pushes (last one with an error), 4 pops (last one with an error) */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) - == MBEDTLS_ERR_SSL_WANT_WRITE ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) + == MBEDTLS_ERR_SSL_WANT_WRITE); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) + == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_interleaved( ) +void ssl_message_queue_interleaved() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 3 ) == 0 ); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops * (to wrap around the buffer) */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 1 ) == 1 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 2 ) == 2 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 3 ) == 3 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) == 3); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 1 ) == 1 ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 2 ) == 2 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 5 ) == 5 ); - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, 8 ) == 8 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 5) == 5); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 8) == 8); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 3 ) == 3 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 3) == 3); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 5 ) == 5 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 5) == 5); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, 8 ) == 8 ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 8) == 8); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_queue_insufficient_buffer( ) +void ssl_message_queue_insufficient_buffer() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; size_t message_len = 10; size_t buffer_len = 5; - TEST_ASSERT( mbedtls_test_message_queue_setup( &queue, 1 ) == 0 ); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 1) == 0); /* Popping without a sufficient buffer */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &queue, message_len ) - == (int) message_len ); - TEST_ASSERT( mbedtls_test_message_queue_pop_info( &queue, buffer_len ) - == (int) buffer_len ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, message_len) + == (int) message_len); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, buffer_len) + == (int) buffer_len); exit: - mbedtls_test_message_queue_free( &queue ); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_uninitialized( ) +void ssl_message_mock_uninitialized() { enum { MSGLEN = 10 }; - unsigned char message[MSGLEN] = {0}, received[MSGLEN]; - mbedtls_mock_socket client, server; - mbedtls_test_message_queue server_queue, client_queue; + unsigned char message[MSGLEN] = { 0 }, received[MSGLEN]; + mbedtls_test_mock_socket client, server; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); /* Send with a NULL context */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( NULL, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(NULL, message, MSGLEN) + == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( NULL, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_CONTEXT_ERROR ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN) + == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, MSGLEN ) - == MBEDTLS_TEST_ERROR_SEND_FAILED ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MBEDTLS_TEST_ERROR_SEND_FAILED); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); /* Push directly to a queue to later simulate a disconnected behavior */ - TEST_ASSERT( mbedtls_test_message_queue_push_info( &server_queue, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue, + MSGLEN) + == MSGLEN); /* Test if there's an error when trying to read from a disconnected * socket */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_TEST_ERROR_RECV_FAILED ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_TEST_ERROR_RECV_FAILED); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_basic( ) +void ssl_message_mock_basic() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); /* Send the message to the server */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); /* Read from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, MSGLEN ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, MSGLEN); /* Send the message to the client */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); /* Read from the client */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) - == MSGLEN ); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) + == MSGLEN); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_queue_overflow_underflow( ) +void ssl_message_mock_queue_overflow_underflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*2 ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*2)); /* Send three message to the server, last one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN - 1 ) == MSGLEN - 1 ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN - 1) + == MSGLEN - 1); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_WRITE ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_WRITE); /* Read three messages from the server, last one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN - 1 ) == MSGLEN - 1 ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN - 1) + == MSGLEN - 1); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_socket_overflow( ) +void ssl_message_mock_socket_overflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); /* Send two message to the server, second one with an error */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) - == MBEDTLS_TEST_ERROR_SEND_FAILED ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MBEDTLS_TEST_ERROR_SEND_FAILED); /* Read the only message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_truncated( ) +void ssl_message_mock_truncated() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 2, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 2, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); - memset( received, 0, MSGLEN ); + memset(received, 0, MSGLEN); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - 2 * MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + 2 * MSGLEN)); /* Send two messages to the server, the second one small enough to fit in the * receiver's buffer. */ - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN / 2 ) == MSGLEN / 2 ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN / 2) + == MSGLEN / 2); /* Read a truncated message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) - == MSGLEN/2 ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) + == MSGLEN/2); /* Test that the first half of the message is valid, and second one isn't */ - TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); - TEST_ASSERT( memcmp( message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2 ) - != 0 ); - memset( received, 0, MSGLEN ); + TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0); + TEST_ASSERT(memcmp(message + MSGLEN/2, received + MSGLEN/2, MSGLEN/2) + != 0); + memset(received, 0, MSGLEN); /* Read a full message from the server */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN/2 ) - == MSGLEN / 2 ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) + == MSGLEN / 2); /* Test that the first half of the message is valid */ - TEST_ASSERT( memcmp( message, received, MSGLEN/2 ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_socket_read_error( ) +void ssl_message_mock_socket_read_error() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 1, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 1, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); /* Force a read error by disconnecting the socket by hand */ server.status = 0; - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_TEST_ERROR_RECV_FAILED ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_TEST_ERROR_RECV_FAILED); /* Return to a valid state */ server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); /* Test that even though the server tried to read once disconnected, the * continuity is preserved */ - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_interleaved_one_way( ) +void ssl_message_mock_interleaved_one_way() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*3 ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, and then two reads * (to wrap around the buffer) */ - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); - - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); - - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); + + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); + + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); } - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); } - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_message_mock_interleaved_two_ways( ) +void ssl_message_mock_interleaved_two_ways() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init( &server_context ); - mbedtls_message_socket_init( &client_context ); - TEST_ASSERT( mbedtls_message_socket_setup( &server_queue, &client_queue, 3, - &server, - &server_context ) == 0 ); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, + &server, + &server_context) == 0); - TEST_ASSERT( mbedtls_message_socket_setup( &client_queue, &server_queue, 3, - &client, - &client_context ) == 0 ); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ - for( i = 0; i < MSGLEN; i++ ) - { + for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT( 0 == mbedtls_mock_socket_connect( &client, &server, - MSGLEN*3 ) ); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads * (to wrap around the buffer) both ways. */ - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &client_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_send_msg( &server_context, message, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - memset( received, 0, sizeof( received ) ); + memset(received, 0, sizeof(received)); } - for( i = 0; i < 2; i++ ) - { - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, - MSGLEN ) == MSGLEN ); + for (i = 0; i < 2; i++) { + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, - MSGLEN ) == MSGLEN ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); - TEST_ASSERT( memcmp( message, received, MSGLEN ) == 0 ); - memset( received, 0, sizeof( received ) ); + TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); + memset(received, 0, sizeof(received)); } - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &server_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); - TEST_ASSERT( mbedtls_mock_tcp_recv_msg( &client_context, received, MSGLEN ) - == MBEDTLS_ERR_SSL_WANT_READ ); - exit: - mbedtls_message_socket_close( &server_context ); - mbedtls_message_socket_close( &client_context ); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) + == MBEDTLS_ERR_SSL_WANT_READ); +exit: + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -void ssl_dtls_replay( data_t * prevs, data_t * new, int ret ) +void ssl_dtls_replay(data_t *prevs, data_t *new, int ret) { uint32_t len = 0; mbedtls_ssl_context ssl; mbedtls_ssl_config conf; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_config_init( &conf ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_ssl_config_defaults( &conf, - MBEDTLS_SSL_IS_CLIENT, - MBEDTLS_SSL_TRANSPORT_DATAGRAM, - MBEDTLS_SSL_PRESET_DEFAULT ) == 0 ); - TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 ); + TEST_ASSERT(mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT) == 0); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); /* Read previous record numbers */ - for( len = 0; len < prevs->len; len += 6 ) - { - memcpy( ssl.in_ctr + 2, prevs->x + len, 6 ); - mbedtls_ssl_dtls_replay_update( &ssl ); + for (len = 0; len < prevs->len; len += 6) { + memcpy(ssl.in_ctr + 2, prevs->x + len, 6); + mbedtls_ssl_dtls_replay_update(&ssl); } /* Check new number */ - memcpy( ssl.in_ctr + 2, new->x, 6 ); - TEST_ASSERT( mbedtls_ssl_dtls_replay_check( &ssl ) == ret ); + memcpy(ssl.in_ctr + 2, new->x, 6); + TEST_ASSERT(mbedtls_ssl_dtls_replay_check(&ssl) == ret); - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_config_free( &conf ); +exit: + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void ssl_set_hostname_twice( char *hostname0, char *hostname1 ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C */ +void ssl_set_hostname_twice(char *hostname0, char *hostname1) { mbedtls_ssl_context ssl; - mbedtls_ssl_init( &ssl ); - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname0 ) == 0 ); - TEST_ASSERT( mbedtls_ssl_set_hostname( &ssl, hostname1 ) == 0 ); + mbedtls_ssl_init(&ssl); + USE_PSA_INIT(); - mbedtls_ssl_free( &ssl ); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0); + +exit: + mbedtls_ssl_free(&ssl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_crypt_record( int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - int cid0_len, int cid1_len ) +void ssl_crypt_record(int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + int cid0_len, int cid1_len) { /* * Test several record encryptions and decryptions @@ -3190,27 +1176,25 @@ void ssl_crypt_record( int cipher_type, int hash_id, size_t const buflen = 512; mbedtls_record rec, rec_backup; - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len ) == 0 ); + mbedtls_ssl_init(&ssl); + USE_PSA_INIT(); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len) == 0); - while( num_records-- > 0 ) - { + TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); + + while (num_records-- > 0) { mbedtls_ssl_transform *t_dec, *t_enc; /* Take turns in who's sending and who's receiving. */ - if( num_records % 3 == 0 ) - { + if (num_records % 3 == 0) { t_dec = &t0; t_enc = &t1; - } - else - { + } else { t_dec = &t1; t_enc = &t0; } @@ -3227,7 +1211,7 @@ void ssl_crypt_record( int cipher_type, int hash_id, * type is sensible. */ - memset( rec.ctr, num_records, sizeof( rec.ctr ) ); + memset(rec.ctr, num_records, sizeof(rec.ctr)); rec.type = 42; rec.ver[0] = num_records; rec.ver[1] = num_records; @@ -3242,71 +1226,68 @@ void ssl_crypt_record( int cipher_type, int hash_id, * paddings. */ rec.data_len = 1 + num_records; - memset( rec.buf + rec.data_offset, 42, rec.data_len ); + memset(rec.buf + rec.data_offset, 42, rec.data_len); /* Make a copy for later comparison */ rec_backup = rec; /* Encrypt record */ - ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, - mbedtls_test_rnd_std_rand, NULL ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - if( ret != 0 ) - { + ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + if (ret != 0) { continue; } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec.cid_len != 0 ) - { + if (rec.cid_len != 0) { /* DTLS 1.2 + CID hides the real content type and * uses a special CID content type in the protected * record. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* TLS 1.3 hides the real content type and * always uses Application Data as the content type * for protected records. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* Decrypt record with t_dec */ - ret = mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec); + TEST_ASSERT(ret == 0); /* Compare results */ - TEST_ASSERT( rec.type == rec_backup.type ); - TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); - TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); - TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); - TEST_ASSERT( rec.data_len == rec_backup.data_len ); - TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); - TEST_ASSERT( memcmp( rec.buf + rec.data_offset, - rec_backup.buf + rec_backup.data_offset, - rec.data_len ) == 0 ); + TEST_ASSERT(rec.type == rec_backup.type); + TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0); + TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]); + TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]); + TEST_ASSERT(rec.data_len == rec_backup.data_len); + TEST_ASSERT(rec.data_offset == rec_backup.data_offset); + TEST_ASSERT(memcmp(rec.buf + rec.data_offset, + rec_backup.buf + rec_backup.data_offset, + rec.data_len) == 0); } exit: /* Cleanup */ - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); - - mbedtls_free( buf ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); + mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_crypt_record_small( int cipher_type, int hash_id, - int etm, int tag_mode, int ver, - int cid0_len, int cid1_len ) +void ssl_crypt_record_small(int cipher_type, int hash_id, + int etm, int tag_mode, int ver, + int cid0_len, int cid1_len) { /* * Test pairs of encryption and decryption with an increasing @@ -3346,26 +1327,25 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, int seen_success; /* Indicates if in the current mode we've * already seen a successful test. */ - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len ) == 0 ); + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len) == 0); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, buflen ) ) != NULL ); + TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); - for( mode=1; mode <= 3; mode++ ) - { + for (mode = 1; mode <= 3; mode++) { seen_success = 0; - for( offset=0; offset <= threshold; offset++ ) - { + for (offset = 0; offset <= threshold; offset++) { mbedtls_ssl_transform *t_dec, *t_enc; t_dec = &t0; t_enc = &t1; - memset( rec.ctr, offset, sizeof( rec.ctr ) ); + memset(rec.ctr, offset, sizeof(rec.ctr)); rec.type = 42; rec.ver[0] = offset; rec.ver[1] = offset; @@ -3375,8 +1355,7 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, rec.cid_len = 0; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - switch( mode ) - { + switch (mode) { case 1: /* Space in the beginning */ rec.data_offset = offset; rec.data_len = buflen - offset - default_post_padding; @@ -3393,469 +1372,252 @@ void ssl_crypt_record_small( int cipher_type, int hash_id, break; default: - TEST_ASSERT( 0 ); + TEST_ASSERT(0); break; } - memset( rec.buf + rec.data_offset, 42, rec.data_len ); + memset(rec.buf + rec.data_offset, 42, rec.data_len); /* Make a copy for later comparison */ rec_backup = rec; /* Encrypt record */ - ret = mbedtls_ssl_encrypt_buf( &ssl, t_enc, &rec, - mbedtls_test_rnd_std_rand, NULL ); + ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec, + mbedtls_test_rnd_std_rand, NULL); - if( ( mode == 1 || mode == 2 ) && seen_success ) - { - TEST_ASSERT( ret == 0 ); - } - else - { - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - if( ret == 0 ) - seen_success = 1; + if (ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + /* It's ok if the output buffer is too small. We do insist + * on at least one mode succeeding; this is tracked by + * seen_success. */ + continue; } - if( ret != 0 ) - continue; + TEST_EQUAL(ret, 0); + seen_success = 1; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( rec.cid_len != 0 ) - { + if (rec.cid_len != 0) { /* DTLS 1.2 + CID hides the real content type and * uses a special CID content type in the protected * record. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_CID ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_CID); } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 ) - { + if (t_enc->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4) { /* TLS 1.3 hides the real content type and * always uses Application Data as the content type * for protected records. Double-check this. */ - TEST_ASSERT( rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA ); + TEST_ASSERT(rec.type == MBEDTLS_SSL_MSG_APPLICATION_DATA); } #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ /* Decrypt record with t_dec */ - TEST_ASSERT( mbedtls_ssl_decrypt_buf( &ssl, t_dec, &rec ) == 0 ); + TEST_ASSERT(mbedtls_ssl_decrypt_buf(&ssl, t_dec, &rec) == 0); /* Compare results */ - TEST_ASSERT( rec.type == rec_backup.type ); - TEST_ASSERT( memcmp( rec.ctr, rec_backup.ctr, 8 ) == 0 ); - TEST_ASSERT( rec.ver[0] == rec_backup.ver[0] ); - TEST_ASSERT( rec.ver[1] == rec_backup.ver[1] ); - TEST_ASSERT( rec.data_len == rec_backup.data_len ); - TEST_ASSERT( rec.data_offset == rec_backup.data_offset ); - TEST_ASSERT( memcmp( rec.buf + rec.data_offset, - rec_backup.buf + rec_backup.data_offset, - rec.data_len ) == 0 ); + TEST_ASSERT(rec.type == rec_backup.type); + TEST_ASSERT(memcmp(rec.ctr, rec_backup.ctr, 8) == 0); + TEST_ASSERT(rec.ver[0] == rec_backup.ver[0]); + TEST_ASSERT(rec.ver[1] == rec_backup.ver[1]); + TEST_ASSERT(rec.data_len == rec_backup.data_len); + TEST_ASSERT(rec.data_offset == rec_backup.data_offset); + TEST_ASSERT(memcmp(rec.buf + rec.data_offset, + rec_backup.buf + rec_backup.data_offset, + rec.data_len) == 0); } - TEST_ASSERT( seen_success == 1 ); + TEST_ASSERT(seen_success == 1); } exit: /* Cleanup */ - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); - - mbedtls_free( buf ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ -void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, - int length_selector ) -{ - /* - * Test record decryption for CBC without EtM, focused on the verification - * of padding and MAC. - * - * Actually depends on TLS >= 1.0 (SSL 3.0 computes the MAC differently), - * and either AES, ARIA, Camellia or DES, but since the test framework - * doesn't support alternation in dependency statements, just depend on - * TLS 1.2 and AES. - * - * The length_selector argument is interpreted as follows: - * - if it's -1, the plaintext length is 0 and minimal padding is applied - * - if it's -2, the plaintext length is 0 and maximal padding is applied - * - otherwise it must be in [0, 255] and is padding_length from RFC 5246: - * it's the length of the rest of the padding, that is, excluding the - * byte that encodes the length. The minimal non-zero plaintext length - * that gives this padding_length is automatically selected. - */ - mbedtls_ssl_context ssl; /* ONLY for debugging */ - mbedtls_ssl_transform t0, t1; - mbedtls_record rec, rec_save; - unsigned char *buf = NULL, *buf_save = NULL; - size_t buflen, olen = 0; - size_t plaintext_len, block_size, i; - unsigned char padlen; /* excluding the padding_length byte */ - unsigned char add_data[13]; - unsigned char mac[MBEDTLS_MD_MAX_SIZE]; - int exp_ret; - const unsigned char pad_max_len = 255; /* Per the standard */ - - mbedtls_ssl_init( &ssl ); - mbedtls_ssl_transform_init( &t0 ); - mbedtls_ssl_transform_init( &t1 ); - - /* Set up transforms with dummy keys */ - TEST_ASSERT( build_transforms( &t0, &t1, cipher_type, hash_id, - 0, trunc_hmac, - MBEDTLS_SSL_MINOR_VERSION_3, - 0 , 0 ) == 0 ); - - /* Determine padding/plaintext length */ - TEST_ASSERT( length_selector >= -2 && length_selector <= 255 ); - block_size = t0.ivlen; - if( length_selector < 0 ) - { - plaintext_len = 0; - - /* Minimal padding - * The +1 is for the padding_length byte, not counted in padlen. */ - padlen = block_size - ( t0.maclen + 1 ) % block_size; - - /* Maximal padding? */ - if( length_selector == -2 ) - padlen += block_size * ( ( pad_max_len - padlen ) / block_size ); - } - else - { - padlen = length_selector; - - /* Minimal non-zero plaintext_length giving desired padding. - * The +1 is for the padding_length byte, not counted in padlen. */ - plaintext_len = block_size - ( padlen + t0.maclen + 1 ) % block_size; - } - - /* Prepare a buffer for record data */ - buflen = block_size - + plaintext_len - + t0.maclen - + padlen + 1; - ASSERT_ALLOC( buf, buflen ); - ASSERT_ALLOC( buf_save, buflen ); - - /* Prepare a dummy record header */ - memset( rec.ctr, 0, sizeof( rec.ctr ) ); - rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; - rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3; - rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3; -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - rec.cid_len = 0; -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - - /* Prepare dummy record content */ - rec.buf = buf; - rec.buf_len = buflen; - rec.data_offset = block_size; - rec.data_len = plaintext_len; - memset( rec.buf + rec.data_offset, 42, rec.data_len ); - - /* Serialized version of record header for MAC purposes */ - memcpy( add_data, rec.ctr, 8 ); - add_data[8] = rec.type; - add_data[9] = rec.ver[0]; - add_data[10] = rec.ver[1]; - add_data[11] = ( rec.data_len >> 8 ) & 0xff; - add_data[12] = ( rec.data_len >> 0 ) & 0xff; - - /* Set dummy IV */ - memset( t0.iv_enc, 0x55, t0.ivlen ); - memcpy( rec.buf, t0.iv_enc, t0.ivlen ); - - /* - * Prepare a pre-encryption record (with MAC and padding), and save it. - */ - - /* MAC with additional data */ - TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, add_data, 13 ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_update( &t0.md_ctx_enc, - rec.buf + rec.data_offset, - rec.data_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_finish( &t0.md_ctx_enc, mac ) ); - - memcpy( rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen ); - rec.data_len += t0.maclen; - - /* Pad */ - memset( rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1 ); - rec.data_len += padlen + 1; - - /* Save correct pre-encryption record */ - rec_save = rec; - rec_save.buf = buf_save; - memcpy( buf_save, buf, buflen ); - - /* - * Encrypt and decrypt the correct record, expecting success - */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - TEST_EQUAL( 0, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); - - /* - * Modify each byte of the pre-encryption record before encrypting and - * decrypting it, expecting failure every time. - */ - for( i = block_size; i < buflen; i++ ) - { - mbedtls_test_set_step( i ); - - /* Restore correct pre-encryption record */ - rec = rec_save; - rec.buf = buf; - memcpy( buf, buf_save, buflen ); - - /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ - rec.buf[i] ^= 0x01; - - /* Encrypt */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - /* Decrypt and expect failure */ - TEST_EQUAL( MBEDTLS_ERR_SSL_INVALID_MAC, - mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); - } - - /* - * Use larger values of the padding bytes - with small buffers, this tests - * the case where the announced padlen would be larger than the buffer - * (and before that, than the buffer minus the size of the MAC), to make - * sure our padding checking code does not perform any out-of-bounds reads - * in this case. (With larger buffers, ie when the plaintext is long or - * maximal length padding is used, this is less relevant but still doesn't - * hurt to test.) - * - * (Start the loop with correct padding, just to double-check that record - * saving did work, and that we're overwriting the correct bytes.) - */ - for( i = padlen; i <= pad_max_len; i++ ) - { - mbedtls_test_set_step( i ); - - /* Restore correct pre-encryption record */ - rec = rec_save; - rec.buf = buf; - memcpy( buf, buf_save, buflen ); - - /* Set padding bytes to new value */ - memset( buf + buflen - padlen - 1, i, padlen + 1 ); - - /* Encrypt */ - TEST_EQUAL( 0, mbedtls_cipher_crypt( &t0.cipher_ctx_enc, - t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen ) ); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - /* Decrypt and expect failure except the first time */ - exp_ret = ( i == padlen ) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; - TEST_EQUAL( exp_ret, mbedtls_ssl_decrypt_buf( &ssl, &t1, &rec ) ); - } - -exit: - mbedtls_ssl_free( &ssl ); - mbedtls_ssl_transform_free( &t0 ); - mbedtls_ssl_transform_free( &t1 ); - mbedtls_free( buf ); - mbedtls_free( buf_save ); + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); + mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_hkdf_expand_label( int hash_alg, - data_t *secret, - int label_idx, - data_t *ctx, - int desired_length, - data_t *expected ) +void ssl_tls1_3_hkdf_expand_label(int hash_alg, + data_t *secret, + int label_idx, + data_t *ctx, + int desired_length, + data_t *expected) { - unsigned char dst[ 100 ]; + unsigned char dst[100]; unsigned char const *lbl = NULL; size_t lbl_len; -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - if( label_idx == (int) tls1_3_label_ ## name ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + if (label_idx == (int) tls1_3_label_ ## name) \ { \ lbl = mbedtls_ssl_tls1_3_labels.name; \ - lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ + lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name); \ } -MBEDTLS_SSL_TLS1_3_LABEL_LIST + MBEDTLS_SSL_TLS1_3_LABEL_LIST #undef MBEDTLS_SSL_TLS1_3_LABEL - TEST_ASSERT( lbl != NULL ); + TEST_ASSERT(lbl != NULL); /* Check sanity of test parameters. */ - TEST_ASSERT( (size_t) desired_length <= sizeof(dst) ); - TEST_ASSERT( (size_t) desired_length == expected->len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_hkdf_expand_label( - (mbedtls_md_type_t) hash_alg, - secret->x, secret->len, - lbl, lbl_len, - ctx->x, ctx->len, - dst, desired_length ) == 0 ); - - ASSERT_COMPARE( dst, (size_t) desired_length, - expected->x, (size_t) expected->len ); + TEST_ASSERT((size_t) desired_length <= sizeof(dst)); + TEST_ASSERT((size_t) desired_length == expected->len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_hkdf_expand_label( + (mbedtls_md_type_t) hash_alg, + secret->x, secret->len, + lbl, lbl_len, + ctx->x, ctx->len, + dst, desired_length) == 0); + + TEST_MEMORY_COMPARE(dst, (size_t) desired_length, + expected->x, (size_t) expected->len); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_traffic_key_generation( int hash_alg, - data_t *server_secret, - data_t *client_secret, - int desired_iv_len, - int desired_key_len, - data_t *expected_server_write_key, - data_t *expected_server_write_iv, - data_t *expected_client_write_key, - data_t *expected_client_write_iv ) +void ssl_tls1_3_traffic_key_generation(int hash_alg, + data_t *server_secret, + data_t *client_secret, + int desired_iv_len, + int desired_key_len, + data_t *expected_server_write_key, + data_t *expected_server_write_iv, + data_t *expected_client_write_key, + data_t *expected_client_write_iv) { mbedtls_ssl_key_set keys; /* Check sanity of test parameters. */ - TEST_ASSERT( client_secret->len == server_secret->len ); - TEST_ASSERT( expected_client_write_iv->len == expected_server_write_iv->len && - expected_client_write_iv->len == (size_t) desired_iv_len ); - TEST_ASSERT( expected_client_write_key->len == expected_server_write_key->len && - expected_client_write_key->len == (size_t) desired_key_len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_make_traffic_keys( - (mbedtls_md_type_t) hash_alg, - client_secret->x, - server_secret->x, - client_secret->len /* == server_secret->len */, - desired_key_len, desired_iv_len, - &keys ) == 0 ); - - ASSERT_COMPARE( keys.client_write_key, - keys.key_len, - expected_client_write_key->x, - (size_t) desired_key_len ); - ASSERT_COMPARE( keys.server_write_key, - keys.key_len, - expected_server_write_key->x, - (size_t) desired_key_len ); - ASSERT_COMPARE( keys.client_write_iv, - keys.iv_len, - expected_client_write_iv->x, - (size_t) desired_iv_len ); - ASSERT_COMPARE( keys.server_write_iv, - keys.iv_len, - expected_server_write_iv->x, - (size_t) desired_iv_len ); + TEST_ASSERT(client_secret->len == server_secret->len); + TEST_ASSERT( + expected_client_write_iv->len == expected_server_write_iv->len && + expected_client_write_iv->len == (size_t) desired_iv_len); + TEST_ASSERT( + expected_client_write_key->len == expected_server_write_key->len && + expected_client_write_key->len == (size_t) desired_key_len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_make_traffic_keys( + (mbedtls_md_type_t) hash_alg, + client_secret->x, + server_secret->x, + client_secret->len /* == server_secret->len */, + desired_key_len, desired_iv_len, + &keys) == 0); + + TEST_MEMORY_COMPARE(keys.client_write_key, + keys.key_len, + expected_client_write_key->x, + (size_t) desired_key_len); + TEST_MEMORY_COMPARE(keys.server_write_key, + keys.key_len, + expected_server_write_key->x, + (size_t) desired_key_len); + TEST_MEMORY_COMPARE(keys.client_write_iv, + keys.iv_len, + expected_client_write_iv->x, + (size_t) desired_iv_len); + TEST_MEMORY_COMPARE(keys.server_write_iv, + keys.iv_len, + expected_server_write_iv->x, + (size_t) desired_iv_len); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_derive_secret( int hash_alg, - data_t *secret, - int label_idx, - data_t *ctx, - int desired_length, - int already_hashed, - data_t *expected ) +void ssl_tls1_3_derive_secret(int hash_alg, + data_t *secret, + int label_idx, + data_t *ctx, + int desired_length, + int already_hashed, + data_t *expected) { - unsigned char dst[ 100 ]; + unsigned char dst[100]; unsigned char const *lbl = NULL; size_t lbl_len; -#define MBEDTLS_SSL_TLS1_3_LABEL( name, string ) \ - if( label_idx == (int) tls1_3_label_ ## name ) \ +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + if (label_idx == (int) tls1_3_label_ ## name) \ { \ lbl = mbedtls_ssl_tls1_3_labels.name; \ - lbl_len = sizeof( mbedtls_ssl_tls1_3_labels.name ); \ + lbl_len = sizeof(mbedtls_ssl_tls1_3_labels.name); \ } -MBEDTLS_SSL_TLS1_3_LABEL_LIST + MBEDTLS_SSL_TLS1_3_LABEL_LIST #undef MBEDTLS_SSL_TLS1_3_LABEL - TEST_ASSERT( lbl != NULL ); + TEST_ASSERT(lbl != NULL); /* Check sanity of test parameters. */ - TEST_ASSERT( (size_t) desired_length <= sizeof(dst) ); - TEST_ASSERT( (size_t) desired_length == expected->len ); - - TEST_ASSERT( mbedtls_ssl_tls1_3_derive_secret( - (mbedtls_md_type_t) hash_alg, - secret->x, secret->len, - lbl, lbl_len, - ctx->x, ctx->len, - already_hashed, - dst, desired_length ) == 0 ); - - ASSERT_COMPARE( dst, desired_length, - expected->x, desired_length ); + TEST_ASSERT((size_t) desired_length <= sizeof(dst)); + TEST_ASSERT((size_t) desired_length == expected->len); + + TEST_ASSERT(mbedtls_ssl_tls1_3_derive_secret( + (mbedtls_md_type_t) hash_alg, + secret->x, secret->len, + lbl, lbl_len, + ctx->x, ctx->len, + already_hashed, + dst, desired_length) == 0); + + TEST_MEMORY_COMPARE(dst, desired_length, + expected->x, desired_length); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -void ssl_tls1_3_key_evolution( int hash_alg, - data_t *secret, - data_t *input, - data_t *expected ) +void ssl_tls1_3_key_evolution(int hash_alg, + data_t *secret, + data_t *input, + data_t *expected) { - unsigned char secret_new[ MBEDTLS_MD_MAX_SIZE ]; + unsigned char secret_new[MBEDTLS_MD_MAX_SIZE]; - TEST_ASSERT( mbedtls_ssl_tls1_3_evolve_secret( - (mbedtls_md_type_t) hash_alg, - secret->len ? secret->x : NULL, - input->len ? input->x : NULL, input->len, - secret_new ) == 0 ); + TEST_ASSERT(mbedtls_ssl_tls1_3_evolve_secret( + (mbedtls_md_type_t) hash_alg, + secret->len ? secret->x : NULL, + input->len ? input->x : NULL, input->len, + secret_new) == 0); - ASSERT_COMPARE( secret_new, (size_t) expected->len, - expected->x, (size_t) expected->len ); + TEST_MEMORY_COMPARE(secret_new, (size_t) expected->len, + expected->x, (size_t) expected->len); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_tls_prf( int type, data_t * secret, data_t * random, - char *label, data_t *result_str, int exp_ret ) +void ssl_tls_prf(int type, data_t *secret, data_t *random, + char *label, data_t *result_str, int exp_ret) { unsigned char *output; - output = mbedtls_calloc( 1, result_str->len ); - if( output == NULL ) + output = mbedtls_calloc(1, result_str->len); + if (output == NULL) { goto exit; + } - USE_PSA_INIT( ); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_ssl_tls_prf( type, secret->x, secret->len, - label, random->x, random->len, - output, result_str->len ) == exp_ret ); + TEST_ASSERT(mbedtls_ssl_tls_prf(type, secret->x, secret->len, + label, random->x, random->len, + output, result_str->len) == exp_ret); - if( exp_ret == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - result_str->len, result_str->len ) == 0 ); + if (exp_ret == 0) { + TEST_ASSERT(mbedtls_test_hexcmp(output, result_str->x, + result_str->len, result_str->len) == 0); } exit: - mbedtls_free( output ); - USE_PSA_DONE( ); + mbedtls_free(output); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) +void ssl_serialize_session_save_load(int ticket_len, char *crt_file) { mbedtls_ssl_session original, restored; unsigned char *buf = NULL; @@ -3864,99 +1626,99 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) /* * Test that a save-load pair is the identity */ - - mbedtls_ssl_session_init( &original ); - mbedtls_ssl_session_init( &restored ); + mbedtls_ssl_session_init(&original); + mbedtls_ssl_session_init(&restored); + USE_PSA_INIT(); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &original, ticket_len, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_test_ssl_populate_session( + &original, ticket_len, crt_file) == 0); /* Serialize it */ - TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &original, buf, len, &len ) - == 0 ); + TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT((buf = mbedtls_calloc(1, len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len) + == 0); /* Restore session from serialized data */ - TEST_ASSERT( mbedtls_ssl_session_load( &restored, buf, len) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_load(&restored, buf, len) == 0); /* * Make sure both session structures are identical */ #if defined(MBEDTLS_HAVE_TIME) - TEST_ASSERT( original.start == restored.start ); + TEST_ASSERT(original.start == restored.start); #endif - TEST_ASSERT( original.ciphersuite == restored.ciphersuite ); - TEST_ASSERT( original.compression == restored.compression ); - TEST_ASSERT( original.id_len == restored.id_len ); - TEST_ASSERT( memcmp( original.id, - restored.id, sizeof( original.id ) ) == 0 ); - TEST_ASSERT( memcmp( original.master, - restored.master, sizeof( original.master ) ) == 0 ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) + TEST_ASSERT(original.ciphersuite == restored.ciphersuite); + TEST_ASSERT(original.compression == restored.compression); + TEST_ASSERT(original.id_len == restored.id_len); + TEST_ASSERT(memcmp(original.id, + restored.id, sizeof(original.id)) == 0); + TEST_ASSERT(memcmp(original.master, + restored.master, sizeof(original.master)) == 0); + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_CERTS_C) #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - TEST_ASSERT( ( original.peer_cert == NULL ) == - ( restored.peer_cert == NULL ) ); - if( original.peer_cert != NULL ) - { - TEST_ASSERT( original.peer_cert->raw.len == - restored.peer_cert->raw.len ); - TEST_ASSERT( memcmp( original.peer_cert->raw.p, - restored.peer_cert->raw.p, - original.peer_cert->raw.len ) == 0 ); + TEST_ASSERT((original.peer_cert == NULL) == + (restored.peer_cert == NULL)); + if (original.peer_cert != NULL) { + TEST_ASSERT(original.peer_cert->raw.len == + restored.peer_cert->raw.len); + TEST_ASSERT(memcmp(original.peer_cert->raw.p, + restored.peer_cert->raw.p, + original.peer_cert->raw.len) == 0); } #else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - TEST_ASSERT( original.peer_cert_digest_type == - restored.peer_cert_digest_type ); - TEST_ASSERT( original.peer_cert_digest_len == - restored.peer_cert_digest_len ); - TEST_ASSERT( ( original.peer_cert_digest == NULL ) == - ( restored.peer_cert_digest == NULL ) ); - if( original.peer_cert_digest != NULL ) - { - TEST_ASSERT( memcmp( original.peer_cert_digest, - restored.peer_cert_digest, - original.peer_cert_digest_len ) == 0 ); + TEST_ASSERT(original.peer_cert_digest_type == + restored.peer_cert_digest_type); + TEST_ASSERT(original.peer_cert_digest_len == + restored.peer_cert_digest_len); + TEST_ASSERT((original.peer_cert_digest == NULL) == + (restored.peer_cert_digest == NULL)); + if (original.peer_cert_digest != NULL) { + TEST_ASSERT(memcmp(original.peer_cert_digest, + restored.peer_cert_digest, + original.peer_cert_digest_len) == 0); } #endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - TEST_ASSERT( original.verify_result == restored.verify_result ); +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED && MBEDTLS_CERTS_C */ + TEST_ASSERT(original.verify_result == restored.verify_result); #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - TEST_ASSERT( original.ticket_len == restored.ticket_len ); - if( original.ticket_len != 0 ) - { - TEST_ASSERT( original.ticket != NULL ); - TEST_ASSERT( restored.ticket != NULL ); - TEST_ASSERT( memcmp( original.ticket, - restored.ticket, original.ticket_len ) == 0 ); - } - TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime ); + TEST_ASSERT(original.ticket_len == restored.ticket_len); + if (original.ticket_len != 0) { + TEST_ASSERT(original.ticket != NULL); + TEST_ASSERT(restored.ticket != NULL); + TEST_ASSERT(memcmp(original.ticket, + restored.ticket, original.ticket_len) == 0); + } + TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime); #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - TEST_ASSERT( original.mfl_code == restored.mfl_code ); + TEST_ASSERT(original.mfl_code == restored.mfl_code); #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac ); + TEST_ASSERT(original.trunc_hmac == restored.trunc_hmac); #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac ); + TEST_ASSERT(original.encrypt_then_mac == restored.encrypt_then_mac); #endif exit: - mbedtls_ssl_session_free( &original ); - mbedtls_ssl_session_free( &restored ); - mbedtls_free( buf ); + mbedtls_ssl_session_free(&original); + mbedtls_ssl_session_free(&restored); + mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) +void ssl_serialize_session_load_save(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *buf1 = NULL, *buf2 = NULL; @@ -3965,48 +1727,50 @@ void ssl_serialize_session_load_save( int ticket_len, char *crt_file ) /* * Test that a load-save pair is the identity */ - - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare a dummy session to work on */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); + TEST_ASSERT(mbedtls_test_ssl_populate_session( + &session, ticket_len, crt_file) == 0); /* Get desired buffer size for serializing */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &len0 ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); /* Allocate first buffer */ - buf1 = mbedtls_calloc( 1, len0 ); - TEST_ASSERT( buf1 != NULL ); + buf1 = mbedtls_calloc(1, len0); + TEST_ASSERT(buf1 != NULL); /* Serialize to buffer and free live session */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf1, len0, &len1 ) - == 0 ); - TEST_ASSERT( len0 == len1 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf1, len0, &len1) + == 0); + TEST_ASSERT(len0 == len1); + mbedtls_ssl_session_free(&session); /* Restore session from serialized data */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, buf1, len1 ) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, buf1, len1) == 0); /* Allocate second buffer and serialize to it */ - buf2 = mbedtls_calloc( 1, len0 ); - TEST_ASSERT( buf2 != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf2, len0, &len2 ) - == 0 ); + buf2 = mbedtls_calloc(1, len0); + TEST_ASSERT(buf2 != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf2, len0, &len2) + == 0); /* Make sure both serialized versions are identical */ - TEST_ASSERT( len1 == len2 ); - TEST_ASSERT( memcmp( buf1, buf2, len1 ) == 0 ); + TEST_ASSERT(len1 == len2); + TEST_ASSERT(memcmp(buf1, buf2, len1) == 0); exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( buf1 ); - mbedtls_free( buf2 ); + mbedtls_ssl_session_free(&session); + mbedtls_free(buf1); + mbedtls_free(buf2); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) +void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *buf = NULL; @@ -4015,34 +1779,35 @@ void ssl_serialize_session_save_buf_size( int ticket_len, char *crt_file ) /* * Test that session_save() fails cleanly on small buffers */ - - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare dummy session and get serialized size */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); + TEST_ASSERT(mbedtls_test_ssl_populate_session( + &session, ticket_len, crt_file) == 0); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); /* Try all possible bad lengths */ - for( bad_len = 1; bad_len < good_len; bad_len++ ) - { + for (bad_len = 1; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overwrite */ - mbedtls_free( buf ); - TEST_ASSERT( ( buf = mbedtls_calloc( 1, bad_len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, buf, bad_len, - &test_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( test_len == good_len ); + mbedtls_free(buf); + TEST_ASSERT((buf = mbedtls_calloc(1, bad_len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len, + &test_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT(test_len == good_len); } exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( buf ); + mbedtls_ssl_session_free(&session); + mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) +void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file) { mbedtls_ssl_session session; unsigned char *good_buf = NULL, *bad_buf = NULL; @@ -4051,45 +1816,46 @@ void ssl_serialize_session_load_buf_size( int ticket_len, char *crt_file ) /* * Test that session_load() fails cleanly on small buffers */ - - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare serialized session data */ - TEST_ASSERT( ssl_populate_session( &session, ticket_len, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, NULL, 0, &good_len ) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - TEST_ASSERT( ( good_buf = mbedtls_calloc( 1, good_len ) ) != NULL ); - TEST_ASSERT( mbedtls_ssl_session_save( &session, good_buf, good_len, - &good_len ) == 0 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(mbedtls_test_ssl_populate_session( + &session, ticket_len, crt_file) == 0); + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + TEST_ASSERT((good_buf = mbedtls_calloc(1, good_len)) != NULL); + TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len, + &good_len) == 0); + mbedtls_ssl_session_free(&session); /* Try all possible bad lengths */ - for( bad_len = 0; bad_len < good_len; bad_len++ ) - { + for (bad_len = 0; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overread */ - mbedtls_free( bad_buf ); - bad_buf = mbedtls_calloc( 1, bad_len ? bad_len : 1 ); - TEST_ASSERT( bad_buf != NULL ); - memcpy( bad_buf, good_buf, bad_len ); + mbedtls_free(bad_buf); + bad_buf = mbedtls_calloc(1, bad_len ? bad_len : 1); + TEST_ASSERT(bad_buf != NULL); + memcpy(bad_buf, good_buf, bad_len); - TEST_ASSERT( mbedtls_ssl_session_load( &session, bad_buf, bad_len ) - == MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len) + == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); } exit: - mbedtls_ssl_session_free( &session ); - mbedtls_free( good_buf ); - mbedtls_free( bad_buf ); + mbedtls_ssl_session_free(&session); + mbedtls_free(good_buf); + mbedtls_free(bad_buf); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void ssl_session_serialize_version_check( int corrupt_major, - int corrupt_minor, - int corrupt_patch, - int corrupt_config ) +void ssl_session_serialize_version_check(int corrupt_major, + int corrupt_minor, + int corrupt_patch, + int corrupt_config) { - unsigned char serialized_session[ 2048 ]; + unsigned char serialized_session[2048]; size_t serialized_session_len; unsigned cur_byte; mbedtls_ssl_session session; @@ -4099,125 +1865,132 @@ void ssl_session_serialize_version_check( int corrupt_major, corrupt_config == 1, corrupt_config == 1 }; - mbedtls_ssl_session_init( &session ); + mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Infer length of serialized session. */ - TEST_ASSERT( mbedtls_ssl_session_save( &session, - serialized_session, - sizeof( serialized_session ), - &serialized_session_len ) == 0 ); + TEST_ASSERT(mbedtls_ssl_session_save(&session, + serialized_session, + sizeof(serialized_session), + &serialized_session_len) == 0); - mbedtls_ssl_session_free( &session ); + mbedtls_ssl_session_free(&session); /* Without any modification, we should be able to successfully * de-serialize the session - double-check that. */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, - serialized_session, - serialized_session_len ) == 0 ); - mbedtls_ssl_session_free( &session ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, + serialized_session, + serialized_session_len) == 0); + mbedtls_ssl_session_free(&session); /* Go through the bytes in the serialized session header and * corrupt them bit-by-bit. */ - for( cur_byte = 0; cur_byte < sizeof( should_corrupt_byte ); cur_byte++ ) - { + for (cur_byte = 0; cur_byte < sizeof(should_corrupt_byte); cur_byte++) { int cur_bit; - unsigned char * const byte = &serialized_session[ cur_byte ]; + unsigned char * const byte = &serialized_session[cur_byte]; - if( should_corrupt_byte[ cur_byte ] == 0 ) + if (should_corrupt_byte[cur_byte] == 0) { continue; + } - for( cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++ ) - { + for (cur_bit = 0; cur_bit < CHAR_BIT; cur_bit++) { unsigned char const corrupted_bit = 0x1u << cur_bit; /* Modify a single bit in the serialized session. */ *byte ^= corrupted_bit; /* Attempt to deserialize */ - TEST_ASSERT( mbedtls_ssl_session_load( &session, - serialized_session, - serialized_session_len ) == - MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + TEST_ASSERT(mbedtls_ssl_session_load(&session, + serialized_session, + serialized_session_len) == + MBEDTLS_ERR_SSL_VERSION_MISMATCH); /* Undo the change */ *byte ^= corrupted_bit; } } - + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void mbedtls_endpoint_sanity( int endpoint_type ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ +void mbedtls_endpoint_sanity(int endpoint_type) { enum { BUFFSIZE = 1024 }; - mbedtls_endpoint ep; + mbedtls_test_ssl_endpoint ep; int ret = -1; - ret = mbedtls_endpoint_init( NULL, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL ); - TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); + USE_PSA_INIT(); + ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_certificate_init( NULL, MBEDTLS_PK_RSA ); - TEST_ASSERT( MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret ); + ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, MBEDTLS_PK_RSA); + TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_init( &ep, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); exit: - mbedtls_endpoint_free( &ep, NULL ); + mbedtls_test_ssl_endpoint_free(&ep, NULL); + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C */ void move_handshake_to_state(int endpoint_type, int state, int need_pass) { enum { BUFFSIZE = 1024 }; - mbedtls_endpoint base_ep, second_ep; + mbedtls_test_ssl_endpoint base_ep, second_ep; int ret = -1; - ret = mbedtls_endpoint_init( &base_ep, endpoint_type, MBEDTLS_PK_RSA, - NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_endpoint_init( &second_ep, - ( endpoint_type == MBEDTLS_SSL_IS_SERVER ) ? - MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - MBEDTLS_PK_RSA, NULL, NULL, NULL ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_mock_socket_connect( &(base_ep.socket), - &(second_ep.socket), - BUFFSIZE ); - TEST_ASSERT( ret == 0 ); - - ret = mbedtls_move_handshake_to_state( &(base_ep.ssl), - &(second_ep.ssl), - state ); - if( need_pass ) - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( base_ep.ssl.state == state ); - } - else - { - TEST_ASSERT( ret != 0 ); - TEST_ASSERT( base_ep.ssl.state != state ); + mbedtls_platform_zeroize(&base_ep, sizeof(base_ep)); + mbedtls_platform_zeroize(&second_ep, sizeof(second_ep)); + + ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, + MBEDTLS_PK_RSA, + NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); + + ret = mbedtls_test_ssl_endpoint_init( + &second_ep, + (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, + MBEDTLS_PK_RSA, NULL, NULL, NULL, NULL); + TEST_ASSERT(ret == 0); + + USE_PSA_INIT(); + + ret = mbedtls_test_mock_socket_connect(&(base_ep.socket), + &(second_ep.socket), + BUFFSIZE); + TEST_ASSERT(ret == 0); + + ret = mbedtls_test_move_handshake_to_state(&(base_ep.ssl), + &(second_ep.ssl), + state); + if (need_pass) { + TEST_ASSERT(ret == 0); + TEST_ASSERT(base_ep.ssl.state == state); + } else { + TEST_ASSERT(ret != 0); + TEST_ASSERT(base_ep.ssl.state != state); } exit: - mbedtls_endpoint_free( &base_ep, NULL ); - mbedtls_endpoint_free( &second_ep, NULL ); + mbedtls_test_ssl_endpoint_free(&base_ep, NULL); + mbedtls_test_ssl_endpoint_free(&second_ep, NULL); + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_version( int dtls, int client_min_version, int client_max_version, - int server_min_version, int server_max_version, - int expected_negotiated_version ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void handshake_version(int dtls, int client_min_version, int client_max_version, + int server_min_version, int server_max_version, + int expected_negotiated_version) { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.client_min_version = client_min_version; options.client_max_version = client_max_version; @@ -4229,54 +2002,53 @@ void handshake_version( int dtls, int client_min_version, int client_max_version options.dtls = dtls; /* By default, SSLv3.0 and TLSv1.0 use 1/n-1 splitting when sending data, so * the number of fragments will be twice as big. */ - if( expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 || - expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1 ) - { + if (expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_0 || + expected_negotiated_version == MBEDTLS_SSL_MINOR_VERSION_1) { options.expected_cli_fragments = 2; options.expected_srv_fragments = 2; } - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_psk_cipher( char* cipher, int pk_alg, data_t *psk_str, int dtls ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ +void handshake_psk_cipher(char *cipher, int pk_alg, data_t *psk_str, int dtls) { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.cipher = cipher; options.dtls = dtls; options.psk_str = psk_str; options.pk_alg = pk_alg; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_cipher( char* cipher, int pk_alg, int dtls ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ +void handshake_cipher(char *cipher, int pk_alg, int dtls) { - test_handshake_psk_cipher( cipher, pk_alg, NULL, dtls ); + test_handshake_psk_cipher(cipher, pk_alg, NULL, dtls); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void app_data( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments, int dtls ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ +void app_data(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments, int dtls) { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.mfl = mfl; options.cli_msg_len = cli_msg_len; @@ -4285,61 +2057,63 @@ void app_data( int mfl, int cli_msg_len, int srv_msg_len, options.expected_srv_fragments = expected_srv_fragments; options.dtls = dtls; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void app_data_tls( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments) { - test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, - expected_srv_fragments, 0 ); + test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, + expected_srv_fragments, 0); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void app_data_dtls( int mfl, int cli_msg_len, int srv_msg_len, - int expected_cli_fragments, - int expected_srv_fragments ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len, + int expected_cli_fragments, + int expected_srv_fragments) { - test_app_data( mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, - expected_srv_fragments, 1 ); + test_app_data(mfl, cli_msg_len, srv_msg_len, expected_cli_fragments, + expected_srv_fragments, 1); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_serialization( ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void handshake_serialization() { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.serialize = 1; options.dtls = 1; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED*/ +void handshake_fragmentation(int mfl, + int expected_srv_hs_fragmentation, + int expected_cli_hs_fragmentation) { - handshake_test_options options; - log_pattern srv_pattern, cli_pattern; + mbedtls_test_handshake_test_options options; + mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern; srv_pattern.pattern = cli_pattern.pattern = "found fragmented DTLS handshake"; srv_pattern.counter = 0; cli_pattern.counter = 0; - init_handshake_options( &options ); + mbedtls_test_init_handshake_options(&options); options.dtls = 1; options.mfl = mfl; /* Set cipher to one using CBC so that record splitting can be tested */ @@ -4347,46 +2121,44 @@ void handshake_fragmentation( int mfl, int expected_srv_hs_fragmentation, int ex options.srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; options.srv_log_obj = &srv_pattern; options.cli_log_obj = &cli_pattern; - options.srv_log_fun = log_analyzer; - options.cli_log_fun = log_analyzer; + options.srv_log_fun = mbedtls_test_ssl_log_analyzer; + options.cli_log_fun = mbedtls_test_ssl_log_analyzer; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* Test if the server received a fragmented handshake */ - if( expected_srv_hs_fragmentation ) - { - TEST_ASSERT( srv_pattern.counter >= 1 ); + if (expected_srv_hs_fragmentation) { + TEST_ASSERT(srv_pattern.counter >= 1); } /* Test if the client received a fragmented handshake */ - if( expected_cli_hs_fragmentation ) - { - TEST_ASSERT( cli_pattern.counter >= 1 ); + if (expected_cli_hs_fragmentation) { + TEST_ASSERT(cli_pattern.counter >= 1); } } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void renegotiation( int legacy_renegotiation ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void renegotiation(int legacy_renegotiation) { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.renegotiate = 1; options.legacy_renegotiation = legacy_renegotiation; options.dtls = 1; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation, - int serialize, int dtls, char *cipher ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C */ +void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, + int serialize, int dtls, char *cipher) { - handshake_test_options options; - init_handshake_options( &options ); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.mfl = mfl; options.cipher = cipher; @@ -4396,157 +2168,127 @@ void resize_buffers( int mfl, int renegotiation, int legacy_renegotiation, options.dtls = dtls; options.resize_buffers = 1; - perform_handshake( &options ); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void resize_buffers_serialize_mfl( int mfl ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void resize_buffers_serialize_mfl(int mfl) { - test_resize_buffers( mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, - (char *) "" ); - + test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, + (char *) ""); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ -void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation, - char *cipher ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C:MBEDTLS_SHA256_C:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ +void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, + char *cipher) { - test_resize_buffers( mfl, 1, legacy_renegotiation, 0, 1, cipher ); - + test_resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ -void ssl_cf_hmac( int hash ) +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED:MBEDTLS_CERTS_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CTR_DRBG_C:MBEDTLS_ECP_C:MBEDTLS_ECDSA_C */ +void raw_key_agreement_fail(int bad_server_ecdhe_key) { - /* - * Test the function mbedtls_ct_hmac() against a reference - * implementation. - */ - mbedtls_md_context_t ctx, ref_ctx; - const mbedtls_md_info_t *md_info; - size_t out_len, block_size; - size_t min_in_len, in_len, max_in_len, i; - /* TLS additional data is 13 bytes (hence the "lucky 13" name) */ - unsigned char add_data[13]; - unsigned char ref_out[MBEDTLS_MD_MAX_SIZE]; - unsigned char *data = NULL; - unsigned char *out = NULL; - unsigned char rec_num = 0; - - mbedtls_md_init( &ctx ); - mbedtls_md_init( &ref_ctx ); - - md_info = mbedtls_md_info_from_type( hash ); - TEST_ASSERT( md_info != NULL ); - out_len = mbedtls_md_get_size( md_info ); - TEST_ASSERT( out_len != 0 ); - block_size = hash == MBEDTLS_MD_SHA384 ? 128 : 64; - - /* Use allocated out buffer to catch overwrites */ - ASSERT_ALLOC( out, out_len ); - - /* Set up contexts with the given hash and a dummy key */ - TEST_EQUAL( 0, mbedtls_md_setup( &ctx, md_info, 1 ) ); - TEST_EQUAL( 0, mbedtls_md_setup( &ref_ctx, md_info, 1 ) ); - memset( ref_out, 42, sizeof( ref_out ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ctx, ref_out, out_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_starts( &ref_ctx, ref_out, out_len ) ); - memset( ref_out, 0, sizeof( ref_out ) ); + enum { BUFFSIZE = 17000 }; + mbedtls_test_ssl_endpoint client, server; + mbedtls_psa_stats_t stats; + size_t free_slots_before = -1; - /* - * Test all possible lengths up to a point. The difference between - * max_in_len and min_in_len is at most 255, and make sure they both vary - * by at least one block size. - */ - for( max_in_len = 0; max_in_len <= 255 + block_size; max_in_len++ ) - { - mbedtls_test_set_step( max_in_len * 10000 ); - - /* Use allocated in buffer to catch overreads */ - ASSERT_ALLOC( data, max_in_len ); - - min_in_len = max_in_len > 255 ? max_in_len - 255 : 0; - for( in_len = min_in_len; in_len <= max_in_len; in_len++ ) - { - mbedtls_test_set_step( max_in_len * 10000 + in_len ); - - /* Set up dummy data and add_data */ - rec_num++; - memset( add_data, rec_num, sizeof( add_data ) ); - for( i = 0; i < in_len; i++ ) - data[i] = ( i & 0xff ) ^ rec_num; - - /* Get the function's result */ - TEST_CF_SECRET( &in_len, sizeof( in_len ) ); - TEST_EQUAL( 0, mbedtls_ct_hmac( &ctx, add_data, sizeof( add_data ), - data, in_len, - min_in_len, max_in_len, - out ) ); - TEST_CF_PUBLIC( &in_len, sizeof( in_len ) ); - TEST_CF_PUBLIC( out, out_len ); - - /* Compute the reference result */ - TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, add_data, - sizeof( add_data ) ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_update( &ref_ctx, data, in_len ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_finish( &ref_ctx, ref_out ) ); - TEST_EQUAL( 0, mbedtls_md_hmac_reset( &ref_ctx ) ); - - /* Compare */ - ASSERT_COMPARE( out, out_len, ref_out, out_len ); - } + mbedtls_ecp_group_id curve_list[] = { MBEDTLS_ECP_DP_SECP256R1, + MBEDTLS_ECP_DP_NONE }; - mbedtls_free( data ); - data = NULL; - } + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); -exit: - mbedtls_md_free( &ref_ctx ); - mbedtls_md_free( &ctx ); + /* Client side, force SECP256R1 to make one key bitflip fail + * the raw key agreement. Flipping the first byte makes the + * required 0x04 identifier invalid. */ + TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_PK_ECDSA, NULL, NULL, + NULL, curve_list), 0); - mbedtls_free( data ); - mbedtls_free( out ); -} -/* END_CASE */ + /* Server side */ + TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + MBEDTLS_PK_ECDSA, NULL, NULL, + NULL, NULL), 0); -/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ -void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len ) -{ - unsigned char *dst = NULL; - unsigned char *src = NULL; - size_t src_len = offset_max + len; - size_t secret; + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE), 0); + + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE) + , 0); - ASSERT_ALLOC( dst, len ); - ASSERT_ALLOC( src, src_len ); + mbedtls_psa_get_stats(&stats); + /* Save the number of slots in use up to this point. + * With PSA, one can be used for the ECDH private key. */ + free_slots_before = stats.empty_slots; - /* Fill src in a way that we can detect if we copied the right bytes */ - mbedtls_test_rnd_std_rand( NULL, src, src_len ); + if (bad_server_ecdhe_key) { + /* Force a simulated bitflip in the server key. to make the + * raw key agreement in ssl_write_client_key_exchange fail. */ + (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02; + } - for( secret = offset_min; secret <= (size_t) offset_max; secret++ ) - { - mbedtls_test_set_step( (int) secret ); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER), + bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0); - TEST_CF_SECRET( &secret, sizeof( secret ) ); - mbedtls_ct_memcpy_offset( dst, src, secret, - offset_min, offset_max, len ); - TEST_CF_PUBLIC( &secret, sizeof( secret ) ); - TEST_CF_PUBLIC( dst, len ); + mbedtls_psa_get_stats(&stats); - ASSERT_COMPARE( dst, len, src + secret, len ); + /* Make sure that the key slot is already destroyed in case of failure, + * without waiting to close the connection. */ + if (bad_server_ecdhe_key) { + TEST_EQUAL(free_slots_before, stats.empty_slots); } exit: - mbedtls_free( dst ); - mbedtls_free( src ); + mbedtls_test_ssl_endpoint_free(&client, NULL); + mbedtls_test_ssl_endpoint_free(&server, NULL); + + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE:MBEDTLS_TEST_HOOKS */ +void cookie_parsing(data_t *cookie, int exp_ret) +{ + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + size_t len; + + mbedtls_ssl_init(&ssl); + USE_PSA_INIT(); + mbedtls_ssl_config_init(&conf); + TEST_EQUAL(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, + MBEDTLS_SSL_TRANSPORT_DATAGRAM, + MBEDTLS_SSL_PRESET_DEFAULT), + 0); + + TEST_EQUAL(mbedtls_ssl_setup(&ssl, &conf), 0); + TEST_EQUAL(mbedtls_ssl_check_dtls_clihlo_cookie(&ssl, ssl.cli_id, + ssl.cli_id_len, + cookie->x, cookie->len, + ssl.out_buf, + MBEDTLS_SSL_OUT_CONTENT_LEN, + &len), + exp_ret); + +exit: + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.function b/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.function new file mode 100644 index 00000000000..39c92ce1e98 --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.function @@ -0,0 +1,328 @@ +/* BEGIN_HEADER */ +/* Testing of mbedtls_ssl_decrypt_buf() specifically, focusing on negative + * testing (using malformed inputs). */ + +#include +#include +#include + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_SSL_TLS_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SOME_MODES_USE_MAC */ +void ssl_decrypt_stream(int cipher_type, int hash_id, int trunc_hmac) +{ + mbedtls_ssl_transform transform_in, transform_out; + mbedtls_ssl_transform_init(&transform_in); + mbedtls_ssl_transform_init(&transform_out); + mbedtls_record rec_good = { + .ctr = { 0 }, + .type = MBEDTLS_SSL_MSG_APPLICATION_DATA, + /* For simplicity, we only test one protocol version (TLS 1.2). + * For stream ciphers (unlike CBC), there are no changes in the + * data record format between SSL 3.0 and TLS 1.2 inclusive, so + * testing a single version should be good enough. */ + .ver = { MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3 }, + .buf = NULL, + .buf_len = 0, + .data_offset = 0, + .data_len = 0, +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + .cid_len = 0, + .cid = { 0 }, +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + }; + const char sample_plaintext[3] = "ABC"; + mbedtls_cipher_context_t cipher; + mbedtls_cipher_init(&cipher); + mbedtls_ssl_context ssl; + mbedtls_ssl_init(&ssl); + uint8_t *buf = NULL; + + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_test_ssl_build_transforms(&transform_in, &transform_out, + cipher_type, hash_id, + 0, trunc_hmac, + rec_good.ver[1], + 0, 0), 0); + + const size_t plaintext_length = sizeof(sample_plaintext); + rec_good.buf_len = plaintext_length + transform_in.maclen; + rec_good.data_len = plaintext_length; + TEST_CALLOC(rec_good.buf, rec_good.buf_len); + memcpy(rec_good.buf, sample_plaintext, plaintext_length); + TEST_EQUAL(mbedtls_test_ssl_prepare_record_mac(&rec_good, + &transform_out), 0); + + /* Encrypt in place */ + size_t len; + TEST_EQUAL(mbedtls_cipher_crypt(&transform_out.cipher_ctx_enc, + transform_out.iv_enc, transform_out.ivlen, + rec_good.buf + rec_good.data_offset, + rec_good.data_len, + rec_good.buf + rec_good.data_offset, + &len), 0); + /* This function only supports stream ciphers, which should preserve + * the length. */ + TEST_EQUAL(len, rec_good.data_len); + + /* Good case */ + mbedtls_record rec = rec_good; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), 0); + + /* Change any one byte of the plaintext or MAC. The MAC will be wrong. */ + TEST_CALLOC(buf, rec.buf_len); + for (size_t i = 0; i < rec.buf_len; i++) { + mbedtls_test_set_step(i); + rec = rec_good; + rec.buf = buf; + memcpy(buf, rec_good.buf, rec.buf_len); + buf[i] ^= 1; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INVALID_MAC); + } + mbedtls_free(buf); + buf = NULL; + + /* Shorter input buffer. Either the MAC will be wrong, or there isn't + * enough room for a MAC. */ + for (size_t n = 1; n < rec.buf_len; n++) { + mbedtls_test_set_step(n); + rec = rec_good; + TEST_CALLOC(buf, n); + rec.buf = buf; + rec.buf_len = n; + rec.data_len = n; + memcpy(buf, rec_good.buf, n); + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INVALID_MAC); + mbedtls_free(buf); + buf = NULL; + } + + /* For robustness, check a 0-length buffer (non-null, then null). + * This should not reach mbedtls_ssl_decrypt_buf() as used in the library, + * so the exact error doesn't matter, but we don't want a crash. */ + { + const uint8_t buf1[1] = { 'a' }; + rec = rec_good; + /* We won't write to buf1[0] since it's out of range, so we can cast + * the const away. */ + rec.buf = (uint8_t *) buf1; + rec.buf_len = 0; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INTERNAL_ERROR); + } + rec = rec_good; + rec.buf = NULL; + rec.buf_len = 0; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INTERNAL_ERROR); + +exit: + USE_PSA_DONE(); + mbedtls_ssl_transform_free(&transform_in); + mbedtls_ssl_transform_free(&transform_out); + mbedtls_free(rec_good.buf); + mbedtls_ssl_free(&ssl); + mbedtls_cipher_free(&cipher); + mbedtls_free(buf); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ +void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, + int length_selector) +{ + /* + * Test record decryption for CBC without EtM, focused on the verification + * of padding and MAC. + * + * Actually depends on TLS >= 1.0 (SSL 3.0 computes the MAC differently), + * and either AES, ARIA, Camellia or DES, but since the test framework + * doesn't support alternation in dependency statements, just depend on + * TLS 1.2 and AES. + * + * The length_selector argument is interpreted as follows: + * - if it's -1, the plaintext length is 0 and minimal padding is applied + * - if it's -2, the plaintext length is 0 and maximal padding is applied + * - otherwise it must be in [0, 255] and is padding_length from RFC 5246: + * it's the length of the rest of the padding, that is, excluding the + * byte that encodes the length. The minimal non-zero plaintext length + * that gives this padding_length is automatically selected. + */ + mbedtls_ssl_context ssl; /* ONLY for debugging */ + mbedtls_ssl_transform t0, t1; + mbedtls_record rec, rec_save; + unsigned char *buf = NULL, *buf_save = NULL; + size_t buflen, olen = 0; + size_t plaintext_len, block_size, i; + unsigned char padlen; /* excluding the padding_length byte */ + int exp_ret; + const unsigned char pad_max_len = 255; /* Per the standard */ + + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + USE_PSA_INIT(); + + /* Set up transforms with dummy keys */ + TEST_ASSERT(mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + 0, trunc_hmac, + MBEDTLS_SSL_MINOR_VERSION_3, + 0, 0) == 0); + + /* Determine padding/plaintext length */ + TEST_ASSERT(length_selector >= -2 && length_selector <= 255); + block_size = t0.ivlen; + if (length_selector < 0) { + plaintext_len = 0; + + /* Minimal padding + * The +1 is for the padding_length byte, not counted in padlen. */ + padlen = block_size - (t0.maclen + 1) % block_size; + + /* Maximal padding? */ + if (length_selector == -2) { + padlen += block_size * ((pad_max_len - padlen) / block_size); + } + } else { + padlen = length_selector; + + /* Minimal non-zero plaintext_length giving desired padding. + * The +1 is for the padding_length byte, not counted in padlen. */ + plaintext_len = block_size - (padlen + t0.maclen + 1) % block_size; + } + + /* Prepare a buffer for record data */ + buflen = block_size + + plaintext_len + + t0.maclen + + padlen + 1; + TEST_CALLOC(buf, buflen); + TEST_CALLOC(buf_save, buflen); + + /* Prepare a dummy record header */ + memset(rec.ctr, 0, sizeof(rec.ctr)); + rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3; + rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + rec.cid_len = 0; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + /* Prepare dummy record content */ + rec.buf = buf; + rec.buf_len = buflen; + rec.data_offset = block_size; + rec.data_len = plaintext_len; + memset(rec.buf + rec.data_offset, 42, rec.data_len); + + /* Set dummy IV */ + memset(t0.iv_enc, 0x55, t0.ivlen); + memcpy(rec.buf, t0.iv_enc, t0.ivlen); + + /* + * Prepare a pre-encryption record (with MAC and padding), and save it. + */ + TEST_EQUAL(0, mbedtls_test_ssl_prepare_record_mac(&rec, &t0)); + + /* Pad */ + memset(rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1); + rec.data_len += padlen + 1; + + /* Save correct pre-encryption record */ + rec_save = rec; + rec_save.buf = buf_save; + memcpy(buf_save, buf, buflen); + + /* + * Encrypt and decrypt the correct record, expecting success + */ + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + TEST_EQUAL(0, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + + /* + * Modify each byte of the pre-encryption record before encrypting and + * decrypting it, expecting failure every time. + */ + for (i = block_size; i < buflen; i++) { + mbedtls_test_set_step(i); + + /* Restore correct pre-encryption record */ + rec = rec_save; + rec.buf = buf; + memcpy(buf, buf_save, buflen); + + /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ + rec.buf[i] ^= 0x01; + + /* Encrypt */ + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + /* Decrypt and expect failure */ + TEST_EQUAL(MBEDTLS_ERR_SSL_INVALID_MAC, + mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + } + + /* + * Use larger values of the padding bytes - with small buffers, this tests + * the case where the announced padlen would be larger than the buffer + * (and before that, than the buffer minus the size of the MAC), to make + * sure our padding checking code does not perform any out-of-bounds reads + * in this case. (With larger buffers, ie when the plaintext is long or + * maximal length padding is used, this is less relevant but still doesn't + * hurt to test.) + * + * (Start the loop with correct padding, just to double-check that record + * saving did work, and that we're overwriting the correct bytes.) + */ + for (i = padlen; i <= pad_max_len; i++) { + mbedtls_test_set_step(i); + + /* Restore correct pre-encryption record */ + rec = rec_save; + rec.buf = buf; + memcpy(buf, buf_save, buflen); + + /* Set padding bytes to new value */ + memset(buf + buflen - padlen - 1, i, padlen + 1); + + /* Encrypt */ + TEST_EQUAL(0, mbedtls_cipher_crypt(&t0.cipher_ctx_enc, + t0.iv_enc, t0.ivlen, + rec.buf + rec.data_offset, rec.data_len, + rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + /* Decrypt and expect failure except the first time */ + exp_ret = (i == padlen) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; + TEST_EQUAL(exp_ret, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + } + +exit: + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); + mbedtls_free(buf); + mbedtls_free(buf_save); + USE_PSA_DONE(); +} +/* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.misc.data b/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.misc.data new file mode 100644 index 00000000000..770ca6f217e --- /dev/null +++ b/third_party/mbedtls/repo/tests/suites/test_suite_ssl_decrypt.misc.data @@ -0,0 +1,1087 @@ +Decrypt null cipher, MD5 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_MD5_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0 + +Decrypt null cipher, MD5 trunc +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_MD5_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1 + +Decrypt null cipher, SHA-1 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA1_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0 + +Decrypt null cipher, SHA-1 trunc +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA1_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1 + +Decrypt null cipher, SHA-256 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA256_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0 + +Decrypt null cipher, SHA-256 trunc +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA256_C +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1 + +Decrypt null cipher, SHA-384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0 + +Decrypt null cipher, SHA-384 trunc +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_stream:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1 + +Decrypt RC4, MD5 +depends_on:MBEDTLS_ARC4_C:MBEDTLS_MD5_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_MD5:0 + +Decrypt RC4, MD5 trunc +depends_on:MBEDTLS_ARC4_C:MBEDTLS_MD5_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_MD5:1 + +Decrypt RC4, SHA-1 +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA1:0 + +Decrypt RC4, SHA-1 trunc +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA1:1 + +Decrypt RC4, SHA-256 +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA256_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA256:0 + +Decrypt RC4, SHA-256 trunc +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA256_C +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA256:1 + +Decrypt RC4, SHA-384 +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA384:0 + +Decrypt RC4, SHA-384 trunc +depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_stream:MBEDTLS_CIPHER_ARC4_128:MBEDTLS_MD_SHA384:1 + +Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-1 + +Decrypt CBC !EtM, AES MD5 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:-2 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:240 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:241 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:15 + +Decrypt CBC !EtM, AES MD5 trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:255 + +Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-1 + +Decrypt CBC !EtM, AES SHA1 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:-2 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:240 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:1 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:241 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:15 + +Decrypt CBC !EtM, AES SHA1 trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:255 + +Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-1 + +Decrypt CBC !EtM, AES SHA256 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:-2 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:240 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:1 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:241 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:15 + +Decrypt CBC !EtM, AES SHA256 trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:255 + +Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-1 + +Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-2 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:240 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:241 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:15 + +Decrypt CBC !EtM, AES SHA384 trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:255 + +Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-1 + +Decrypt CBC !EtM, ARIA MD5 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:-2 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:240 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:241 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:15 + +Decrypt CBC !EtM, ARIA MD5 trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:255 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-1 + +Decrypt CBC !EtM, ARIA SHA1 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:-2 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:240 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:1 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:241 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:15 + +Decrypt CBC !EtM, ARIA SHA1 trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:255 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-1 + +Decrypt CBC !EtM, ARIA SHA256 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:-2 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:240 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:1 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:241 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:15 + +Decrypt CBC !EtM, ARIA SHA256 trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:255 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 + +Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:240 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:241 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:15 + +Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:255 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-1 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:-2 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:240 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:241 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:15 + +Decrypt CBC !EtM, CAMELLIA MD5 trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:255 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-1 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:-2 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:240 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:1 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:241 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:15 + +Decrypt CBC !EtM, CAMELLIA SHA1 trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:255 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-1 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:-2 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:240 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:1 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:241 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:15 + +Decrypt CBC !EtM, CAMELLIA SHA256 trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:255 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:240 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:241 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:15 + +Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255 + +Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-1 + +Decrypt CBC !EtM, 3DES MD5 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:-2 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:248 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:0 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:248 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:249 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:1 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:249 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:7 + +Decrypt CBC !EtM, 3DES MD5 !trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:7 + +Decrypt CBC !EtM, 3DES MD5 trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD5_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_MD5:1:255 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-1 + +Decrypt CBC !EtM, 3DES SHA1 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:-2 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:248 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:0 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:248 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:249 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:1 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:249 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:7 + +Decrypt CBC !EtM, 3DES SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:7 + +Decrypt CBC !EtM, 3DES SHA1 trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:1:255 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-1 + +Decrypt CBC !EtM, 3DES SHA256 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:-2 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:248 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:0 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:248 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:249 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:1 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:249 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:7 + +Decrypt CBC !EtM, 3DES SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:7 + +Decrypt CBC !EtM, 3DES SHA256 trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1 + +Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7 + +Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7 + +Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_timing.function b/third_party/mbedtls/repo/tests/suites/test_suite_timing.function index 74dc8231712..269922d975e 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_timing.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_timing.function @@ -17,7 +17,7 @@ */ /* BEGIN_CASE */ -void timing_hardclock( ) +void timing_hardclock() { (void) mbedtls_timing_hardclock(); /* This goto is added to avoid warnings from the generated code. */ @@ -26,49 +26,55 @@ void timing_hardclock( ) /* END_CASE */ /* BEGIN_CASE */ -void timing_get_timer( ) +void timing_get_timer() { struct mbedtls_timing_hr_time time; - (void) mbedtls_timing_get_timer( &time, 1 ); - (void) mbedtls_timing_get_timer( &time, 0 ); + + memset(&time, 0, sizeof(time)); + + (void) mbedtls_timing_get_timer(&time, 1); + + /* Check that a non-zero time was written back */ + int all_zero = 1; + for (size_t i = 0; i < sizeof(time); i++) { + all_zero &= ((unsigned char *) &time)[i] == 0; + } + TEST_ASSERT(!all_zero); + + (void) mbedtls_timing_get_timer(&time, 0); + /* This goto is added to avoid warnings from the generated code. */ goto exit; } /* END_CASE */ /* BEGIN_CASE */ -void timing_set_alarm( int seconds ) +void timing_set_alarm(int seconds) { - if( seconds == 0 ) - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 1 ); - } - else - { - mbedtls_set_alarm( seconds ); - TEST_ASSERT( mbedtls_timing_alarmed == 0 || - mbedtls_timing_alarmed == 1 ); + if (seconds == 0) { + mbedtls_set_alarm(seconds); + TEST_ASSERT(mbedtls_timing_alarmed == 1); + } else { + mbedtls_set_alarm(seconds); + TEST_ASSERT(mbedtls_timing_alarmed == 0 || + mbedtls_timing_alarmed == 1); } } /* END_CASE */ /* BEGIN_CASE */ -void timing_delay( int fin_ms ) +void timing_delay(int fin_ms) { mbedtls_timing_delay_context ctx; int result; - if( fin_ms == 0 ) - { - mbedtls_timing_set_delay( &ctx, 0, 0 ); - result = mbedtls_timing_get_delay( &ctx ); - TEST_ASSERT( result == -1 ); - } - else - { - mbedtls_timing_set_delay( &ctx, fin_ms / 2, fin_ms ); - result = mbedtls_timing_get_delay( &ctx ); - TEST_ASSERT( result >= 0 && result <= 2 ); + if (fin_ms == 0) { + mbedtls_timing_set_delay(&ctx, 0, 0); + result = mbedtls_timing_get_delay(&ctx); + TEST_ASSERT(result == -1); + } else { + mbedtls_timing_set_delay(&ctx, fin_ms / 2, fin_ms); + result = mbedtls_timing_get_delay(&ctx); + TEST_ASSERT(result >= 0 && result <= 2); } } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_version.data b/third_party/mbedtls/repo/tests/suites/test_suite_version.data index 60bd1b9d40d..7d8f252ccef 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_version.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ -Check compiletime library version -check_compiletime_version:"2.28.0" +Check compile time library version +check_compiletime_version:"2.28.7" Check runtime library version -check_runtime_version:"2.28.0" +check_runtime_version:"2.28.7" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_version.function b/third_party/mbedtls/repo/tests/suites/test_suite_version.function index 7d59794bd38..eeae5126265 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_version.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_version.function @@ -8,34 +8,34 @@ */ /* BEGIN_CASE */ -void check_compiletime_version( char * version_str ) +void check_compiletime_version(char *version_str) { char build_str[100]; char build_str_full[100]; unsigned int build_int; - memset( build_str, 0, 100 ); - memset( build_str_full, 0, 100 ); + memset(build_str, 0, 100); + memset(build_str_full, 0, 100); - mbedtls_snprintf( build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, - MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH ); + mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, + MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); - mbedtls_snprintf( build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, - MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH ); + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, + MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); build_int = MBEDTLS_VERSION_MAJOR << 24 | - MBEDTLS_VERSION_MINOR << 16 | - MBEDTLS_VERSION_PATCH << 8; + MBEDTLS_VERSION_MINOR << 16 | + MBEDTLS_VERSION_PATCH << 8; - TEST_ASSERT( build_int == MBEDTLS_VERSION_NUMBER ); - TEST_ASSERT( strcmp( build_str, MBEDTLS_VERSION_STRING ) == 0 ); - TEST_ASSERT( strcmp( build_str_full, MBEDTLS_VERSION_STRING_FULL ) == 0 ); - TEST_ASSERT( strcmp( version_str, MBEDTLS_VERSION_STRING ) == 0 ); + TEST_ASSERT(build_int == MBEDTLS_VERSION_NUMBER); + TEST_ASSERT(strcmp(build_str, MBEDTLS_VERSION_STRING) == 0); + TEST_ASSERT(strcmp(build_str_full, MBEDTLS_VERSION_STRING_FULL) == 0); + TEST_ASSERT(strcmp(version_str, MBEDTLS_VERSION_STRING) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void check_runtime_version( char * version_str ) +void check_runtime_version(char *version_str) { char build_str[100]; char get_str[100]; @@ -43,31 +43,31 @@ void check_runtime_version( char * version_str ) char get_str_full[100]; unsigned int get_int; - memset( build_str, 0, 100 ); - memset( get_str, 0, 100 ); - memset( build_str_full, 0, 100 ); - memset( get_str_full, 0, 100 ); + memset(build_str, 0, 100); + memset(get_str, 0, 100); + memset(build_str_full, 0, 100); + memset(get_str_full, 0, 100); get_int = mbedtls_version_get_number(); - mbedtls_version_get_string( get_str ); - mbedtls_version_get_string_full( get_str_full ); + mbedtls_version_get_string(get_str); + mbedtls_version_get_string_full(get_str_full); - mbedtls_snprintf( build_str, 100, "%u.%u.%u", - (get_int >> 24) & 0xFF, - (get_int >> 16) & 0xFF, - (get_int >> 8) & 0xFF ); - mbedtls_snprintf( build_str_full, 100, "mbed TLS %s", version_str ); + mbedtls_snprintf(build_str, 100, "%u.%u.%u", + (get_int >> 24) & 0xFF, + (get_int >> 16) & 0xFF, + (get_int >> 8) & 0xFF); + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %s", version_str); - TEST_ASSERT( strcmp( build_str, version_str ) == 0 ); - TEST_ASSERT( strcmp( build_str_full, get_str_full ) == 0 ); - TEST_ASSERT( strcmp( version_str, get_str ) == 0 ); + TEST_ASSERT(strcmp(build_str, version_str) == 0); + TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0); + TEST_ASSERT(strcmp(version_str, get_str) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_VERSION_FEATURES */ -void check_feature( char *feature, int result ) +void check_feature(char *feature, int result) { - int check = mbedtls_version_check_feature( feature ); - TEST_ASSERT( check == result ); + int check = mbedtls_version_check_feature(feature); + TEST_ASSERT(check == result); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.data b/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.data index 7ac91f641cc..406a06385a1 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.data @@ -1,366 +1,378 @@ X509 CRT information #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #1 (DER) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.crt.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server1.crt.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #2 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #2 (DER) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server2.crt.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server2.crt.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #3 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +x509_cert_info:"data_files/parse_input/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 CRT information #3 (DER) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +x509_cert_info:"data_files/parse_input/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 CRT information MD2 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C -x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information MD4 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C -x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information MD5 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C -x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C -x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -x509_cert_info:"data_files/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -x509_cert_info:"data_files/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA256 Digest, hardware module name SAN depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5-othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued on \: 2019-03-24 09\:06\:02\nexpires on \: 2029-03-21 09\:06\:02\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 123456\n" +x509_cert_info:"data_files/parse_input/server5-othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued on \: 2019-03-24 09\:06\:02\nexpires on \: 2029-03-21 09\:06\:02\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n" + +X509 CRT information EC, SHA256 Digest, binary hardware module name SAN +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_cert_info:"data_files/parse_input/server5-nonprintable_othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued on \: 2022-09-06 15\:56\:47\nexpires on \: 2032-09-03 15\:56\:47\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\n" X509 CRT information EC, SHA256 Digest, Wisun Fan device depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server5-fan.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued on \: 2019-03-25 09\:03\:46\nexpires on \: 2029-03-22 09\:03\:46\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\next key usage \: Wi-SUN Alliance Field Area Network (FAN)\n" +x509_cert_info:"data_files/parse_input/server5-fan.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued on \: 2019-03-25 09\:03\:46\nexpires on \: 2029-03-22 09\:03\:46\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\next key usage \: Wi-SUN Alliance Field Area Network (FAN)\n" X509 CRT information, NS Cert Type depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" +x509_cert_info:"data_files/parse_input/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" X509 CRT information, Key Usage depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +x509_cert_info:"data_files/parse_input/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, Key Usage with decipherOnly depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" +x509_cert_info:"data_files/parse_input/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" X509 CRT information, Subject Alt Name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2019-07-10 11\:27\:52\nexpires on \: 2029-07-10 11\:27\:52\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n" +x509_cert_info:"data_files/parse_input/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2019-07-10 11\:27\:52\nexpires on \: 2029-07-10 11\:27\:52\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n" X509 CRT information, Multiple different Subject Alt Name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/multiple_san.crt":"cert. version \: 3\nserial number \: 04\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued on \: 2019-04-22 16\:10\:48\nexpires on \: 2029-04-19 16\:10\:48\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n dNSName \: example.com\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 123456\n dNSName \: example.net\n dNSName \: *.example.org\n" +x509_cert_info:"data_files/parse_input/multiple_san.crt":"cert. version \: 3\nserial number \: 04\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued on \: 2019-04-22 16\:10\:48\nexpires on \: 2029-04-19 16\:10\:48\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n dNSName \: example.com\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n dNSName \: example.net\n dNSName \: *.example.org\n" X509 CRT information, Subject Alt Name + Key Usage depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \:\n dNSName \: www.shotokan-braunschweig.de\n dNSName \: www.massimo-abate.eu\n \n \nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +x509_cert_info:"data_files/parse_input/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \:\n dNSName \: www.shotokan-braunschweig.de\n dNSName \: www.massimo-abate.eu\n \n \nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, RSA Certificate Policy any depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-any_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-03-21 16\:40\:59\nexpires on \: 2029-03-21 16\:40\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-any_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-03-21 16\:40\:59\nexpires on \: 2029-03-21 16\:40\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, ECDSA Certificate Policy any depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-any_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-03-25 09\:02\:45\nexpires on \: 2029-03-25 09\:02\:45\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-any_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-03-25 09\:02\:45\nexpires on \: 2029-03-25 09\:02\:45\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, RSA Certificate Policy any with qualifier depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-any_policy_with_qualifier.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:14\:31\nexpires on \: 2029-04-28 13\:14\:31\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:14\:31\nexpires on \: 2029-04-28 13\:14\:31\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, ECDSA Certificate Policy any with qualifier depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-any_policy_with_qualifier_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 10\:16\:05\nexpires on \: 2029-04-28 10\:16\:05\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 10\:16\:05\nexpires on \: 2029-04-28 10\:16\:05\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, RSA Certificate multiple Policies depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-multi_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 12\:59\:19\nexpires on \: 2029-04-28 12\:59\:19\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-multi_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 12\:59\:19\nexpires on \: 2029-04-28 12\:59\:19\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" X509 CRT information, ECDSA Certificate multiple Policies depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-multi_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 12\:59\:51\nexpires on \: 2029-04-28 12\:59\:51\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" +x509_cert_info:"data_files/parse_input/test-ca-multi_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 12\:59\:51\nexpires on \: 2029-04-28 12\:59\:51\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" X509 CRT information, RSA Certificate unsupported policy depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-unsupported_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:00\:13\nexpires on \: 2029-04-28 13\:00\:13\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" +x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:00\:13\nexpires on \: 2029-04-28 13\:00\:13\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" X509 CRT information, ECDSA Certificate unsupported policy depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C -x509_cert_info:"data_files/test-ca-unsupported_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 13\:00\:19\nexpires on \: 2029-04-28 13\:00\:19\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" +x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 13\:00\:19\nexpires on \: 2029-04-28 13\:00\:19\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" X509 CRT information, Key Usage + Extended Key Usage depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" +x509_cert_info:"data_files/parse_input/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" X509 CRT information RSA signed by EC depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information EC signed by RSA depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/parse_input/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" X509 CRT information Bitstring in subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n \next key usage \: TLS Web Client Authentication\n" +x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n \next key usage \: TLS Web Client Authentication\n" X509 CRT information Non-ASCII string in issuer name and subject name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_cert_info:"data_files/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +x509_cert_info:"data_files/parse_input/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 certificate v1 with extension depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_SHA1_C -x509_cert_info:"data_files/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \:\n dNSName \: identity-check.org\n dNSName \: www.identity-check.org\n \n" +x509_cert_info:"data_files/parse_input/cert_v1_with_ext.crt":"cert. version \: 1\nserial number \: BD\:ED\:44\:C7\:D2\:3E\:C2\:A4\nissuer name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nsubject name \: C=XX, ST=XX, L=XX, O=XX, OU=XX, emailAddress=admin@identity-check.org, CN=identity-check.org\nissued on \: 2013-07-04 16\:17\:02\nexpires on \: 2014-07-04 16\:17\:02\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nsubject alt name \:\n dNSName \: identity-check.org\n dNSName \: www.identity-check.org\n \n" X509 SAN parsing otherName depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\n" +x509_parse_san:"data_files/parse_input/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n" + +X509 SAN parsing binary otherName +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509_parse_san:"data_files/parse_input/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n" X509 SAN parsing dNSName depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" +x509_parse_san:"data_files/parse_input/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" X509 SAN parsing Multiple different types depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 123456\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" +x509_parse_san:"data_files/parse_input/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" X509 SAN parsing, no subject alt name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -x509_parse_san:"data_files/server4.crt":"" +x509_parse_san:"data_files/parse_input/server4.crt":"" X509 SAN parsing, unsupported otherName name depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -x509_parse_san:"data_files/server5-unsupported_othername.crt":"" +x509_parse_san:"data_files/parse_input/server5-unsupported_othername.crt":"" X509 CRL information #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information MD2 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n" X509 CRL Information MD4 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n" X509 CRL Information MD5 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" X509 CRL Information SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" X509 CRL Malformed Input (trailing spaces at end of file) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_SHA512_C:MBEDTLS_ECDSA_C -mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT +mbedtls_x509_crl_parse:"data_files/parse_input/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT X509 CRL Unsupported critical extension (issuingDistributionPoint) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -mbedtls_x509_crl_parse:"data_files/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +mbedtls_x509_crl_parse:"data_files/parse_input/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL Unsupported non-critical extension (issuingDistributionPoint) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C -mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 +mbedtls_x509_crl_parse:"data_files/parse_input/crl-idpnc.pem":0 X509 CSR Information RSA with MD4 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with MD5 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA-256, containing commas +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTS_X509_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.commas.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information EC with SHA1 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C -mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA224 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA256 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA384 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA512 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" X509 CSR Information RSA-PSS with SHA1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C -mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C -mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 -mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C -mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA with SHA-256 - Microsoft header depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" +mbedtls_x509_csr_info:"data_files/parse_input/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 Verify Information: empty x509_verify_info:0:"":"" @@ -399,6 +411,70 @@ X509 Get Distinguished Name #4 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" +X509 Get Distinguished Name #5 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets:"data_files/server1.commas.crt":"subject":"C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1" + +X509 Get Modified DN #1 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"Modified":"C=NL, O=Modified, CN=PolarSSL Server 1":0 + +X509 Get Modified DN #2 Name exactly 255 bytes +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, CN=PolarSSL Server 1":0 + +X509 Get Modified DN #3 Name exceeds 255 bytes +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL + +X509 Get Modified DN #4 Name exactly 255 bytes, with comma requiring escaping +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890,1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL + +X509 Get Modified DN #5 Name exactly 255 bytes, ending with comma requiring escaping +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C +mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234,":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL + +# Parse the following valid DN: +# +# 31 0B <- Set of +# 30 09 <- Sequence of +# 06 03 55 04 06 <- OID 2.5.4.6 countryName (C) +# 13 02 4E 4C <- PrintableString "NL" +# 31 11 <- Set of +# 30 0F <- Sequence of +# 06 03 55 04 0A <- OID 2.5.4.10 organizationName (O) +# 0C 08 50 6F 6C 61 72 53 53 4C <- UTF8String "PolarSSL" +# 31 19 <- Set of +# 30 17 <- Sequence of +# 06 03 55 04 03 <- OID 2.5.4.3 commonName (CN) +# 0C 10 50 6F 6C 61 72 53 53 4C 20 54 65 73 74 20 43 41 <- UTF8String "PolarSSL Test CA" +# +X509 Get Name Valid DN +mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3119301706035504030C10506F6C617253534C2054657374204341":0 + +# Parse the following corrupted DN: +# +# 31 0B <- Set of +# 30 09 <- Sequence of +# 06 03 55 04 06 <- OID 2.5.4.6 countryName (C) +# 13 02 4E 4C <- PrintableString "NL" +# 31 11 <- Set of +# 30 0F <- Sequence of +# 06 03 55 04 0A <- OID 2.5.4.10 organizationName (O) +# 0C 08 50 6F 6C 61 72 53 53 4C <- UTF8String "PolarSSL" +# 30 19 <- Sequence of (corrupted) +# 30 17 <- Sequence of +# 06 03 55 04 03 <- OID 2.5.4.3 commonName (CN) +# 0C 10 50 6F 6C 61 72 53 53 4C 20 54 65 73 74 20 43 41 <- UTF8String "PolarSSL Test CA" +# +# The third 'Set of' is corrupted to instead be a 'Sequence of', causing an +# error and forcing mbedtls_x509_get_name() to clean up the names it has +# already allocated. +# +X509 Get Name Corrupted DN Mem Leak +mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3019301706035504030C10506F6C617253534C2054657374204341":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + X509 Time Expired #1 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_SHA1_C mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1 @@ -1582,10 +1658,6 @@ X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag) depends_on:!MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C -x509parse_crt:"30820220308201ffa0030201020209202020202020202020300d06092a864886f70d01010505003045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c18202020202020202020202020202020202020202020202020301e170d3134303432333230353034305a170d3137303432323230353034305a3045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c1820202020202020202020202020202020202020202020202030819f300d06092a864886f70d010101050003818d003081890281812020202020202020ff20202020202020202020202020202020202020ff202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff020320ffffa350304e301d0603202020041620202020202020202020202020202020202020202020301f0603551d11041830169104202020208000be002020202020202020202020202020202020202020202020202020202020202020ff20202020202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff2020ff202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length missing) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"308199308183a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA @@ -1824,11 +1896,11 @@ x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b05003 X509 CRT ASN1 (inv extBasicConstraint, pathlen is INT_MAX) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509parse_crt_file:"data_files/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH +mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH:0 X509 CRT ASN1 (pathlen is INT_MAX-1) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C -x509parse_crt_file:"data_files/server1_pathlen_int_max-1.crt":0 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max-1.crt":0:1 X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen inv length encoding) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C @@ -1850,6 +1922,158 @@ X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage bad second tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d250416301406082b0601050507030107082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +X509 CRT ASN1 (TBS, inv SubjectAltName, empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d110400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, inv tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d11040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, data remaining after name SEQUENCE) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300180300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component unexpected tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430024000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName component empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d1104043002a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName invalid OID tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d1104053003a00106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName EXPLICIT tag missing +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b530819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a319301730150603551d11040e300ca00a06082b06010505070804300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected EXPLICIT tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b060105050708040500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b63081a0a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31a301830160603551d11040f300da00b06082b06010505070804a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inv outer length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length 0) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner tag invalid) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b83081a2a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31c301a30180603551d110411300fa00d06082b06010505070804a00130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length inv encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected OID tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID no length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081ba3081a4a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31e301c301a0603551d1104133011a00f06082b06010505070804a003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data invalid tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bc3081a6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a320301e301c0603551d1104153013a01106082b06010505070804a0053003060004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #1) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083006060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #2) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #3) +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0063004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS @@ -2204,15 +2428,29 @@ X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 -X509 CRT parse path #2 (one cert) +X509 CRT parse file dir3/Readme +mbedtls_x509_crt_parse_file:"data_files/dir3/Readme":MBEDTLS_ERR_X509_INVALID_FORMAT:0 + +X509 CRT parse file dir3/test-ca.crt +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca.crt":0:1 + +X509 CRT parse file dir3/test-ca2.crt +depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca2.crt":0:1 + +# The parse_path tests are known to fail when compiled for a 32-bit architecture +# and run via qemu-user on Linux on a 64-bit host. This is due to a known +# bug in Qemu: https://gitlab.com/qemu-project/qemu/-/issues/263 +X509 CRT parse path #1 (one cert) depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C mbedtls_x509_crt_parse_path:"data_files/dir1":0:1 -X509 CRT parse path #3 (two certs) +X509 CRT parse path #2 (two certs) depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED mbedtls_x509_crt_parse_path:"data_files/dir2":0:2 -X509 CRT parse path #4 (two certs, one non-cert) +X509 CRT parse path #3 (two certs, one non-cert) depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED mbedtls_x509_crt_parse_path:"data_files/dir3":1:2 @@ -2354,7 +2592,7 @@ X509 OID numstring #4 (larger number) x509_oid_numstr:"2a864886f70d":"1.2.840.113549":15:14 X509 OID numstring #5 (arithmetic overflow) -x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL +x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT keyUsage #1 (no extension, expected KU) depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C @@ -2634,23 +2872,31 @@ mbedtls_x509_csr_parse:"3008300602047fffffff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSIO X509 File parse (no issues) depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_int-ca.crt":0 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_int-ca.crt":0:2 X509 File parse (extra space in one certificate) depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_pem_space.crt":1 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_pem_space.crt":1:1 X509 File parse (all certificates fail) depends_on:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER:0 X509 File parse (trailing spaces, OK) depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_trailing_space.crt":0 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_trailing_space.crt":0:2 X509 File parse (Algorithm Params Tag mismatch) depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH +mbedtls_x509_crt_parse_file:"data_files/parse_input/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH:0 + +X509 File parse (does not conform to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field is present, mbedTLS generated before bugfix, OK) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509parse_crt_file:"data_files/parse_input/server5-non-compliant.crt":0 + +X509 File parse (conforms to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field must be absent for ECDSA) +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +x509parse_crt_file:"data_files/parse_input/server5.crt":0 X509 Get time (UTC no issues) depends_on:MBEDTLS_X509_USE_C @@ -2726,7 +2972,7 @@ x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212+0300":MBEDTLS_ERR_X509_INVALID_D X509 Get time (UTC invalid character in year) depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 X509 Get time (UTC invalid character in month) depends_on:MBEDTLS_X509_USE_C diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.function b/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.function index 29d28f7800a..6e327924c52 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_x509parse.function @@ -12,8 +12,8 @@ #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 #error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ -than the current threshold 19. To test larger values, please \ -adapt the script tests/data_files/dir-max/long.sh." + than the current threshold 19. To test larger values, please \ + adapt the script tests/data_files/dir-max/long.sh." #endif /* Test-only profile allowing all digests, PK algorithms, and curves. */ @@ -29,36 +29,36 @@ const mbedtls_x509_crt_profile profile_all = profile. */ const mbedtls_x509_crt_profile compat_profile = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), + 0xFFFFFFFF, /* Any PK alg */ + 0xFFFFFFFF, /* Any curve */ 1024, }; const mbedtls_x509_crt_profile profile_rsa3072 = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), + MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_RSA), 0, 3072, }; const mbedtls_x509_crt_profile profile_sha512 = { - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), - 0xFFFFFFF, /* Any PK alg */ - 0xFFFFFFF, /* Any curve */ + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), + 0xFFFFFFFF, /* Any PK alg */ + 0xFFFFFFFF, /* Any curve */ 1024, }; -int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { ((void) data); ((void) crt); @@ -68,7 +68,7 @@ int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint3 return 0; } -int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { ((void) data); ((void) crt); @@ -79,7 +79,7 @@ int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32 } #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) -int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates ) +int ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates) { ((void) data); ((void) child); @@ -88,8 +88,8 @@ int ca_callback_fail( void *data, mbedtls_x509_crt const *child, mbedtls_x509_cr return -1; } -int ca_callback( void *data, mbedtls_x509_crt const *child, - mbedtls_x509_crt **candidates ) +int ca_callback(void *data, mbedtls_x509_crt const *child, + mbedtls_x509_crt **candidates) { int ret = 0; mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; @@ -105,25 +105,21 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, * and parent `Subject` field. */ ((void) child); - first = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); - if( first == NULL ) - { + first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); + if (first == NULL) { ret = -1; goto exit; } - mbedtls_x509_crt_init( first ); + mbedtls_x509_crt_init(first); - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } - while( ca->next != NULL ) - { + while (ca->next != NULL) { ca = ca->next; - if( mbedtls_x509_crt_parse_der( first, ca->raw.p, ca->raw.len ) != 0 ) - { + if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { ret = -1; goto exit; } @@ -131,19 +127,18 @@ int ca_callback( void *data, mbedtls_x509_crt const *child, exit: - if( ret != 0 ) - { - mbedtls_x509_crt_free( first ); - mbedtls_free( first ); + if (ret != 0) { + mbedtls_x509_crt_free(first); + mbedtls_free(first); first = NULL; } *candidates = first; - return( ret ); + return ret; } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { int *levels = (int *) data; @@ -151,13 +146,12 @@ int verify_fatal( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint ((void) certificate_depth); /* Simulate a fatal error in the callback */ - if( *levels & ( 1 << certificate_depth ) ) - { - *flags |= ( 1 << certificate_depth ); - return( -1 - certificate_depth ); + if (*levels & (1 << certificate_depth)) { + *flags |= (1 << certificate_depth); + return -1 - certificate_depth; } - return( 0 ); + return 0; } /* strsep() not available on Windows */ @@ -166,28 +160,27 @@ char *mystrsep(char **stringp, const char *delim) const char *p; char *ret = *stringp; - if( *stringp == NULL ) - return( NULL ); + if (*stringp == NULL) { + return NULL; + } - for( ; ; (*stringp)++ ) - { - if( **stringp == '\0' ) - { + for (;; (*stringp)++) { + if (**stringp == '\0') { *stringp = NULL; goto done; } - for( p = delim; *p != '\0'; p++ ) - if( **stringp == *p ) - { + for (p = delim; *p != '\0'; p++) { + if (**stringp == *p) { **stringp = '\0'; (*stringp)++; goto done; } + } } done: - return( ret ); + return ret; } #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -196,201 +189,204 @@ typedef struct { char *p; } verify_print_context; -void verify_print_init( verify_print_context *ctx ) +void verify_print_init(verify_print_context *ctx) { - memset( ctx, 0, sizeof( verify_print_context ) ); + memset(ctx, 0, sizeof(verify_print_context)); ctx->p = ctx->buf; } -int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) +int verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) { int ret; verify_print_context *ctx = (verify_print_context *) data; char *p = ctx->p; - size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; + size_t n = ctx->buf + sizeof(ctx->buf) - ctx->p; ((void) flags); - ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth ); + ret = mbedtls_snprintf(p, n, "depth %d - serial ", certificate_depth); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); + ret = mbedtls_x509_serial_gets(p, n, &crt->serial); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " - subject " ); + ret = mbedtls_snprintf(p, n, " - subject "); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); + ret = mbedtls_x509_dn_gets(p, n, &crt->subject); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " - flags 0x%08x\n", *flags ); + ret = mbedtls_snprintf(p, n, " - flags 0x%08x\n", *flags); MBEDTLS_X509_SAFE_SNPRINTF; ctx->p = p; - return( 0 ); + return 0; } -int verify_parse_san( mbedtls_x509_subject_alternative_name *san, - char **buf, size_t *size ) +int verify_parse_san(mbedtls_x509_subject_alternative_name *san, + char **buf, size_t *size) { int ret; size_t i; char *p = *buf; size_t n = *size; - ret = mbedtls_snprintf( p, n, "type : %d", san->type ); + ret = mbedtls_snprintf(p, n, "type : %d", san->type); MBEDTLS_X509_SAFE_SNPRINTF; - switch( san->type ) - { - case( MBEDTLS_X509_SAN_OTHER_NAME ): - ret = mbedtls_snprintf( p, n, "\notherName :"); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( MBEDTLS_OID_CMP( MBEDTLS_OID_ON_HW_MODULE_NAME, - &san->san.other_name.value.hardware_module_name.oid ) != 0 ) - { - ret = mbedtls_snprintf( p, n, " hardware module name :" ); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_snprintf( p, n, " hardware type : " ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_oid_get_numeric_string( p, n, - &san->san.other_name.value.hardware_module_name.oid ); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_snprintf( p, n, ", hardware serial number : " ); - MBEDTLS_X509_SAFE_SNPRINTF; - - if( san->san.other_name.value.hardware_module_name.val.len >= n ) - { - *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); - } - - for( i=0; i < san->san.other_name.value.hardware_module_name.val.len; i++ ) - { - *p++ = san->san.other_name.value.hardware_module_name.val.p[i]; - } - n -= san->san.other_name.value.hardware_module_name.val.len; + switch (san->type) { + case (MBEDTLS_X509_SAN_OTHER_NAME): + ret = mbedtls_snprintf(p, n, "\notherName :"); + MBEDTLS_X509_SAFE_SNPRINTF; + + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, + &san->san.other_name.type_id) == 0) { + ret = mbedtls_snprintf(p, n, " hardware module name :"); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_snprintf(p, n, " hardware type : "); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_oid_get_numeric_string(p, + n, + &san->san.other_name.value.hardware_module_name.oid); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_snprintf(p, n, ", hardware serial number : "); + MBEDTLS_X509_SAFE_SNPRINTF; + + for (i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++) { + ret = mbedtls_snprintf(p, + n, + "%02X", + san->san.other_name.value.hardware_module_name.val.p[i]); + MBEDTLS_X509_SAFE_SNPRINTF; + } } - break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */ - case( MBEDTLS_X509_SAN_DNS_NAME ): - ret = mbedtls_snprintf( p, n, "\ndNSName : " ); + break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */ + case (MBEDTLS_X509_SAN_DNS_NAME): + ret = mbedtls_snprintf(p, n, "\ndNSName : "); MBEDTLS_X509_SAFE_SNPRINTF; - if( san->san.unstructured_name.len >= n ) - { + if (san->san.unstructured_name.len >= n) { *p = '\0'; - return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL ); + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } n -= san->san.unstructured_name.len; - for( i = 0; i < san->san.unstructured_name.len; i++ ) + for (i = 0; i < san->san.unstructured_name.len; i++) { *p++ = san->san.unstructured_name.p[i]; - break;/* MBEDTLS_X509_SAN_DNS_NAME */ + } + break;/* MBEDTLS_X509_SAN_DNS_NAME */ default: - /* - * Should not happen. - */ - return( -1 ); + /* + * Should not happen. + */ + return -1; } - ret = mbedtls_snprintf( p, n, "\n" ); + ret = mbedtls_snprintf(p, n, "\n"); MBEDTLS_X509_SAFE_SNPRINTF; *size = n; *buf = p; - return( 0 ); + return 0; } -int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, - int critical, const unsigned char *cp, const unsigned char *end ) +int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, + int critical, const unsigned char *cp, const unsigned char *end) { - ( void ) crt; - ( void ) critical; - mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *)p_ctx; - if( oid->tag == MBEDTLS_ASN1_OID && - MBEDTLS_OID_CMP( MBEDTLS_OID_CERTIFICATE_POLICIES, oid ) == 0 ) - { + (void) crt; + (void) critical; + mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *) p_ctx; + if (oid->tag == MBEDTLS_ASN1_OID && + MBEDTLS_OID_CMP(MBEDTLS_OID_CERTIFICATE_POLICIES, oid) == 0) { /* Handle unknown certificate policy */ int ret, parse_ret = 0; size_t len; - unsigned char **p = (unsigned char **)&cp; + unsigned char **p = (unsigned char **) &cp; /* Get main sequence tag */ - ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ); - if( ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } - if( *p + len != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* * Cannot be an empty sequence. */ - if( len == 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (len == 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - while( *p < end ) - { + while (*p < end) { const unsigned char *policy_end; /* * Get the policy sequence */ - if( ( ret = mbedtls_asn1_get_tag( p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } policy_end = *p + len; - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_OID ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Recognize exclusively the policy with OID 1 */ - if( len != 1 || *p[0] != 1 ) + if (len != 1 || *p[0] != 1) { parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } *p += len; - /* - * If there is an optional qualifier, then *p < policy_end - * Check the Qualifier len to verify it doesn't exceed policy_end. - */ - if( *p < policy_end ) - { - if( ( ret = mbedtls_asn1_get_tag( p, policy_end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) ); + /* + * If there is an optional qualifier, then *p < policy_end + * Check the Qualifier len to verify it doesn't exceed policy_end. + */ + if (*p < policy_end) { + if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* * Skip the optional policy qualifiers. */ *p += len; } - if( *p != policy_end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != policy_end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } } - if( *p != end ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) ); + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } - return( parse_ret ); + return parse_ret; + } else if (new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len && + memcmp(new_oid->p, oid->p, oid->len) == 0) { + return 0; + } else { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } - else if( new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len && - memcmp( new_oid->p, oid->p, oid->len ) == 0 ) - return( 0 ); - else - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ); } #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ @@ -401,7 +397,7 @@ int parse_crt_ext_cb( void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_parse_san( char * crt_file, char * result_str ) +void x509_parse_san(char *crt_file, char *result_str) { int ret; mbedtls_x509_crt crt; @@ -409,142 +405,155 @@ void x509_parse_san( char * crt_file, char * result_str ) mbedtls_x509_sequence *cur = NULL; char buf[2000]; char *p = buf; - size_t n = sizeof( buf ); + size_t n = sizeof(buf); - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - if( crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) - { + if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { cur = &crt.subject_alt_names; - while( cur != NULL ) - { - ret = mbedtls_x509_parse_subject_alt_name( &cur->buf, &san ); - TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE ); + while (cur != NULL) { + ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); + TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE); /* * If san type not supported, ignore. */ - if( ret == 0) - TEST_ASSERT( verify_parse_san( &san, &p, &n ) == 0 ); + if (ret == 0) { + TEST_EQUAL(verify_parse_san(&san, &p, &n), 0); + } cur = cur->next; } } - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_cert_info( char * crt_file, char * result_str ) +void x509_cert_info(char *crt_file, char *result_str) { mbedtls_x509_crt crt; char buf[2000]; int res; - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - res = mbedtls_x509_crt_info( buf, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + res = mbedtls_x509_crt_info(buf, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_info( char * crl_file, char * result_str ) +void mbedtls_x509_crl_info(char *crl_file, char *result_str) { mbedtls_x509_crl crl; char buf[2000]; int res; - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); + mbedtls_x509_crl_init(&crl); + memset(buf, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); - res = mbedtls_x509_crl_info( buf, 2000, "", &crl ); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); + res = mbedtls_x509_crl_info(buf, 2000, "", &crl); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ -void mbedtls_x509_crl_parse( char * crl_file, int result ) +void mbedtls_x509_crl_parse(char *crl_file, int result) { mbedtls_x509_crl crl; char buf[2000]; - mbedtls_x509_crl_init( &crl ); - memset( buf, 0, 2000 ); + mbedtls_x509_crl_init(&crl); + memset(buf, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == result ); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), result); exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_info( char * csr_file, char * result_str ) +void mbedtls_x509_csr_info(char *csr_file, char *result_str) { mbedtls_x509_csr csr; char buf[2000]; int res; - mbedtls_x509_csr_init( &csr ); - memset( buf, 0, 2000 ); + mbedtls_x509_csr_init(&csr); + memset(buf, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 ); - res = mbedtls_x509_csr_info( buf, 2000, "", &csr ); + TEST_EQUAL(mbedtls_x509_csr_parse_file(&csr, csr_file), 0); + res = mbedtls_x509_csr_info(buf, 2000, "", &csr); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_info( int flags, char * prefix, char * result_str ) +void x509_verify_info(int flags, char *prefix, char *result_str) { char buf[2000]; int res; - memset( buf, 0, sizeof( buf ) ); + USE_PSA_INIT(); + memset(buf, 0, sizeof(buf)); - res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags ); + res = mbedtls_x509_crt_verify_info(buf, sizeof(buf), prefix, flags); - TEST_ASSERT( res >= 0 ); + TEST_ASSERT(res >= 0); - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + TEST_EQUAL(strcmp(buf, result_str), 0); + +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */ -void x509_verify_restart( char *crt_file, char *ca_file, - int result, int flags_result, - int max_ops, int min_restart, int max_restart ) +void x509_verify_restart(char *crt_file, char *ca_file, + int result, int flags_result, + int max_ops, int min_restart, int max_restart) { int ret, cnt_restart; mbedtls_x509_crt_restart_ctx rs_ctx; @@ -555,53 +564,54 @@ void x509_verify_restart( char *crt_file, char *ca_file, /* * See comments on ecp_test_vect_restart() for op count precision. * - * For reference, with mbed TLS 2.6 and default settings: + * For reference, with Mbed TLS 2.6 and default settings: * - ecdsa_verify() for P-256: ~ 6700 * - ecdsa_verify() for P-384: ~ 18800 * - x509_verify() for server5 -> test-ca2: ~ 18800 * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 */ + mbedtls_x509_crt_restart_init(&rs_ctx); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + USE_PSA_INIT(); - mbedtls_x509_crt_restart_init( &rs_ctx ); - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - - mbedtls_ecp_set_max_ops( max_ops ); + mbedtls_ecp_set_max_ops(max_ops); cnt_restart = 0; do { - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart ); + ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx); + } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT( ret == result ); - TEST_ASSERT( flags == (uint32_t) flags_result ); + TEST_EQUAL(ret, result); + TEST_EQUAL(flags, (uint32_t) flags_result); - TEST_ASSERT( cnt_restart >= min_restart ); - TEST_ASSERT( cnt_restart <= max_restart ); + TEST_ASSERT(cnt_restart >= min_restart); + TEST_ASSERT(cnt_restart <= max_restart); /* Do we leak memory when aborting? */ - ret = mbedtls_x509_crt_verify_restartable( &crt, &ca, NULL, - &mbedtls_x509_crt_profile_default, NULL, &flags, - NULL, NULL, &rs_ctx ); - TEST_ASSERT( ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS ); + ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, + &mbedtls_x509_crt_profile_default, NULL, &flags, + NULL, NULL, &rs_ctx); + TEST_ASSERT(ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS); exit: - mbedtls_x509_crt_restart_free( &rs_ctx ); - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_restart_free(&rs_ctx); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ -void x509_verify( char *crt_file, char *ca_file, char *crl_file, - char *cn_name_str, int result, int flags_result, - char *profile_str, - char *verify_callback ) +void x509_verify(char *crt_file, char *ca_file, char *crl_file, + char *cn_name_str, int result, int flags_result, + char *profile_str, + char *verify_callback) { mbedtls_x509_crt crt; mbedtls_x509_crt ca; @@ -609,103 +619,122 @@ void x509_verify( char *crt_file, char *ca_file, char *crl_file, uint32_t flags = 0; int res; int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; - char * cn_name = NULL; + char *cn_name = NULL; const mbedtls_x509_crt_profile *profile; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - mbedtls_x509_crl_init( &crl ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + mbedtls_x509_crl_init(&crl); - USE_PSA_INIT( ); + USE_PSA_INIT(); - if( strcmp( cn_name_str, "NULL" ) != 0 ) + if (strcmp(cn_name_str, "NULL") != 0) { cn_name = cn_name_str; + } - if( strcmp( profile_str, "" ) == 0 ) + if (strcmp(profile_str, "") == 0) { profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_str, "next" ) == 0 ) + } else if (strcmp(profile_str, "next") == 0) { profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_str, "suite_b" ) == 0 ) + } else if (strcmp(profile_str, "suite_b") == 0) { profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_str, "compat" ) == 0 ) + } else if (strcmp(profile_str, "compat") == 0) { profile = &compat_profile; - else if( strcmp( profile_str, "all" ) == 0 ) + } else if (strcmp(profile_str, "all") == 0) { profile = &profile_all; - else - TEST_ASSERT( "Unknown algorithm profile" == 0 ); + } else { + TEST_ASSERT("Unknown algorithm profile" == 0); + } - if( strcmp( verify_callback, "NULL" ) == 0 ) + if (strcmp(verify_callback, "NULL") == 0) { f_vrfy = NULL; - else if( strcmp( verify_callback, "verify_none" ) == 0 ) + } else if (strcmp(verify_callback, "verify_none") == 0) { f_vrfy = verify_none; - else if( strcmp( verify_callback, "verify_all" ) == 0 ) + } else if (strcmp(verify_callback, "verify_all") == 0) { f_vrfy = verify_all; - else - TEST_ASSERT( "No known verify callback selected" == 0 ); + } else { + TEST_ASSERT("No known verify callback selected" == 0); + } - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); - res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, profile, cn_name, &flags, f_vrfy, NULL ); + res = mbedtls_x509_crt_verify_with_profile(&crt, + &ca, + &crl, + profile, + cn_name, + &flags, + f_vrfy, + NULL); - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + TEST_EQUAL(res, (result)); + TEST_EQUAL(flags, (uint32_t) (flags_result)); #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /* CRLs aren't supported with CA callbacks, so skip the CA callback * version of the test if CRLs are in use. */ - if( crl_file == NULL || strcmp( crl_file, "" ) == 0 ) - { + if (crl_file == NULL || strcmp(crl_file, "") == 0) { flags = 0; - res = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback, &ca, profile, cn_name, &flags, f_vrfy, NULL ); - - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + res = mbedtls_x509_crt_verify_with_ca_cb(&crt, + ca_callback, + &ca, + profile, + cn_name, + &flags, + f_vrfy, + NULL); + + TEST_EQUAL(res, result); + TEST_EQUAL(flags, (uint32_t) (flags_result)); } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); - mbedtls_x509_crl_free( &crl ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -void x509_verify_ca_cb_failure( char *crt_file, char *ca_file, char *name, - int exp_ret ) +void x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name, + int exp_ret) { int ret; mbedtls_x509_crt crt; mbedtls_x509_crt ca; uint32_t flags = 0; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); - if( strcmp( name, "NULL" ) == 0 ) + if (strcmp(name, "NULL") == 0) { name = NULL; + } - ret = mbedtls_x509_crt_verify_with_ca_cb( &crt, ca_callback_fail, &ca, - &compat_profile, name, &flags, - NULL, NULL ); + ret = mbedtls_x509_crt_verify_with_ca_cb(&crt, ca_callback_fail, &ca, + &compat_profile, name, &flags, + NULL, NULL); - TEST_ASSERT( ret == exp_ret ); - TEST_ASSERT( flags == (uint32_t)( -1 ) ); + TEST_EQUAL(ret, exp_ret); + TEST_EQUAL(flags, (uint32_t) (-1)); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_verify_callback( char *crt_file, char *ca_file, char *name, - int exp_ret, char *exp_vrfy_out ) +void x509_verify_callback(char *crt_file, char *ca_file, char *name, + int exp_ret, char *exp_vrfy_out) { int ret; mbedtls_x509_crt crt; @@ -713,190 +742,272 @@ void x509_verify_callback( char *crt_file, char *ca_file, char *name, uint32_t flags = 0; verify_print_context vrfy_ctx; - mbedtls_x509_crt_init( &crt ); - mbedtls_x509_crt_init( &ca ); - verify_print_init( &vrfy_ctx ); + mbedtls_x509_crt_init(&crt); + mbedtls_x509_crt_init(&ca); + verify_print_init(&vrfy_ctx); - USE_PSA_INIT( ); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); - if( strcmp( name, "NULL" ) == 0 ) + if (strcmp(name, "NULL") == 0) { name = NULL; + } - ret = mbedtls_x509_crt_verify_with_profile( &crt, &ca, NULL, - &compat_profile, - name, &flags, - verify_print, &vrfy_ctx ); + ret = mbedtls_x509_crt_verify_with_profile(&crt, &ca, NULL, + &compat_profile, + name, &flags, + verify_print, &vrfy_ctx); - TEST_ASSERT( ret == exp_ret ); - TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 ); + TEST_EQUAL(ret, exp_ret); + TEST_EQUAL(strcmp(vrfy_ctx.buf, exp_vrfy_out), 0); exit: - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_free( &ca ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_free(&ca); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_dn_gets( char * crt_file, char * entity, char * result_str ) +void mbedtls_x509_dn_gets(char *crt_file, char *entity, char *result_str) +{ + mbedtls_x509_crt crt; + char buf[2000]; + int res = 0; + + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + if (strcmp(entity, "subject") == 0) { + res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); + } else if (strcmp(entity, "issuer") == 0) { + res = mbedtls_x509_dn_gets(buf, 2000, &crt.issuer); + } else { + TEST_ASSERT("Unknown entity" == 0); + } + + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); + + TEST_EQUAL(strcmp(buf, result_str), 0); + +exit: + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ +void mbedtls_x509_dn_gets_subject_replace(char *crt_file, + char *new_subject_ou, + char *result_str, + int ret) { mbedtls_x509_crt crt; char buf[2000]; int res = 0; - mbedtls_x509_crt_init( &crt ); - memset( buf, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(buf, 0, 2000); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + crt.subject.next->val.p = (unsigned char *) new_subject_ou; + crt.subject.next->val.len = strlen(new_subject_ou); + + res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); + + if (ret != 0) { + TEST_EQUAL(res, ret); + } else { + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); + TEST_EQUAL(strcmp(buf, result_str), 0); + } +exit: + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_get_name(char *rdn_sequence, int exp_ret) +{ + unsigned char *name = NULL; + unsigned char *p; + size_t name_len; + mbedtls_x509_name head; + mbedtls_x509_name *allocated, *prev; + int ret; + + USE_PSA_INIT(); + memset(&head, 0, sizeof(head)); + + name = mbedtls_test_unhexify_alloc(rdn_sequence, &name_len); + p = name; - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); - if( strcmp( entity, "subject" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); - else if( strcmp( entity, "issuer" ) == 0 ) - res = mbedtls_x509_dn_gets( buf, 2000, &crt.issuer ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + ret = mbedtls_x509_get_name(&p, (name + name_len), &head); + if (ret == 0) { + allocated = head.next; - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + while (allocated != NULL) { + prev = allocated; + allocated = allocated->next; - TEST_ASSERT( strcmp( buf, result_str ) == 0 ); + mbedtls_free(prev); + } + } + + TEST_EQUAL(ret, exp_ret); + + mbedtls_free(name); exit: - mbedtls_x509_crt_free( &crt ); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_past( char * crt_file, char * entity, int result ) +void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + if (strcmp(entity, "valid_from") == 0) { + TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_from), result); + } else if (strcmp(entity, "valid_to") == 0) { + TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_to), result); + } else { + TEST_ASSERT("Unknown entity" == 0); + } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_time_is_future( char * crt_file, char * entity, int result ) +void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - if( strcmp( entity, "valid_from" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result ); - else if( strcmp( entity, "valid_to" ) == 0 ) - TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result ); - else - TEST_ASSERT( "Unknown entity" == 0 ); + if (strcmp(entity, "valid_from") == 0) { + TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_from), result); + } else if (strcmp(entity, "valid_to") == 0) { + TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_to), result); + } else { + TEST_ASSERT("Unknown entity" == 0); + } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ -void x509parse_crt_file( char * crt_file, int result ) +void x509parse_crt_file(char *crt_file, int result) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), result); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509parse_crt( data_t * buf, char * result_str, int result ) +void x509parse_crt(data_t *buf, char *result_str, int result) { mbedtls_x509_crt crt; unsigned char output[2000]; int res; - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_der( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_nocopy( &crt, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, NULL, NULL ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL), + result); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, NULL, NULL ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL), + result); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ -void x509parse_crt_cb( data_t * buf, char * result_str, int result ) +void x509parse_crt_cb(data_t *buf, char *result_str, int result) { mbedtls_x509_crt crt; mbedtls_x509_buf oid; @@ -905,119 +1016,152 @@ void x509parse_crt_cb( data_t * buf, char * result_str, int result ) oid.tag = MBEDTLS_ASN1_OID; oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"); - oid.p = (unsigned char *)MBEDTLS_OID_PKIX "\x01\x1F"; + oid.p = (unsigned char *) MBEDTLS_OID_PKIX "\x01\x1F"; - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 0, parse_crt_ext_cb, &oid ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb, + &oid), result); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } - mbedtls_x509_crt_free( &crt ); - mbedtls_x509_crt_init( &crt ); - memset( output, 0, 2000 ); + mbedtls_x509_crt_free(&crt); + mbedtls_x509_crt_init(&crt); + memset(output, 0, 2000); - TEST_ASSERT( mbedtls_x509_crt_parse_der_with_ext_cb( &crt, buf->x, buf->len, 1, parse_crt_ext_cb, &oid ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb, + &oid), (result)); + if ((result) == 0) { + res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ -void x509parse_crl( data_t * buf, char * result_str, int result ) +void x509parse_crl(data_t *buf, char *result_str, int result) { mbedtls_x509_crl crl; unsigned char output[2000]; int res; - mbedtls_x509_crl_init( &crl ); - memset( output, 0, 2000 ); - + mbedtls_x509_crl_init(&crl); + memset(output, 0, 2000); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf->x, buf->len ) == ( result ) ); - if( ( result ) == 0 ) - { - res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl ); + TEST_EQUAL(mbedtls_x509_crl_parse(&crl, buf->x, buf->len), (result)); + if ((result) == 0) { + res = mbedtls_x509_crl_info((char *) output, 2000, "", &crl); - TEST_ASSERT( res != -1 ); - TEST_ASSERT( res != -2 ); + TEST_ASSERT(res != -1); + TEST_ASSERT(res != -2); - TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } exit: - mbedtls_x509_crl_free( &crl ); + mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ -void mbedtls_x509_csr_parse( data_t * csr_der, char * ref_out, int ref_ret ) +void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) { mbedtls_x509_csr csr; char my_out[1000]; int my_ret; - mbedtls_x509_csr_init( &csr ); - memset( my_out, 0, sizeof( my_out ) ); + mbedtls_x509_csr_init(&csr); + memset(my_out, 0, sizeof(my_out)); + USE_PSA_INIT(); - my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der->x, csr_der->len ); - TEST_ASSERT( my_ret == ref_ret ); + my_ret = mbedtls_x509_csr_parse_der(&csr, csr_der->x, csr_der->len); + TEST_EQUAL(my_ret, ref_ret); - if( ref_ret == 0 ) - { - size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr ); - TEST_ASSERT( my_out_len == strlen( ref_out ) ); - TEST_ASSERT( strcmp( my_out, ref_out ) == 0 ); + if (ref_ret == 0) { + size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); + TEST_EQUAL(my_out_len, strlen(ref_out)); + TEST_EQUAL(strcmp(my_out, ref_out), 0); } exit: - mbedtls_x509_csr_free( &csr ); + mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_parse_path( char * crt_path, int ret, int nb_crt ) +void mbedtls_x509_crt_parse_file(char *crt_path, int ret, int nb_crt) { mbedtls_x509_crt chain, *cur; int i; - mbedtls_x509_crt_init( &chain ); + mbedtls_x509_crt_init(&chain); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, crt_path), ret); /* Check how many certs we got */ - for( i = 0, cur = &chain; cur != NULL; cur = cur->next ) - if( cur->raw.p != NULL ) + for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { + if (cur->raw.p != NULL) { i++; + } + } - TEST_ASSERT( i == nb_crt ); + TEST_EQUAL(i, nb_crt); exit: - mbedtls_x509_crt_free( &chain ); + mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, - int ret_chk, int flags_chk ) +void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) +{ + mbedtls_x509_crt chain, *cur; + int i; + + mbedtls_x509_crt_init(&chain); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_x509_crt_parse_path(&chain, crt_path), ret); + + /* Check how many certs we got */ + for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { + if (cur->raw.p != NULL) { + i++; + } + } + + TEST_EQUAL(i, nb_crt); + +exit: + mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_verify_max(char *ca_file, char *chain_dir, int nb_int, + int ret_chk, int flags_chk) { char file_buf[128]; int ret; @@ -1028,229 +1172,243 @@ void mbedtls_x509_crt_verify_max( char *ca_file, char *chain_dir, int nb_int, * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. * with NN.crt signed by NN-1.crt */ - - mbedtls_x509_crt_init( &trusted ); - mbedtls_x509_crt_init( &chain ); - - USE_PSA_INIT( ); + mbedtls_x509_crt_init(&trusted); + mbedtls_x509_crt_init(&chain); + USE_PSA_INIT(); /* Load trusted root */ - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, ca_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, ca_file), 0); /* Load a chain with nb_int intermediates (from 01 to nb_int), * plus one "end-entity" cert (nb_int + 1) */ - ret = mbedtls_snprintf( file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, - nb_int + 1 ); - TEST_ASSERT( ret > 0 && (size_t) ret < sizeof file_buf ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, file_buf ) == 0 ); + ret = mbedtls_snprintf(file_buf, sizeof(file_buf), "%s/c%02d.pem", chain_dir, + nb_int + 1); + TEST_ASSERT(ret > 0 && (size_t) ret < sizeof(file_buf)); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, file_buf), 0); /* Try to verify that chain */ - ret = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, - NULL, NULL ); - TEST_ASSERT( ret == ret_chk ); - TEST_ASSERT( flags == (uint32_t) flags_chk ); + ret = mbedtls_x509_crt_verify(&chain, &trusted, NULL, NULL, &flags, + NULL, NULL); + TEST_EQUAL(ret, ret_chk); + TEST_EQUAL(flags, (uint32_t) flags_chk); exit: - mbedtls_x509_crt_free( &chain ); - mbedtls_x509_crt_free( &trusted ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&chain); + mbedtls_x509_crt_free(&trusted); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, - int flags_result, int result, - char *profile_name, int vrfy_fatal_lvls ) +void mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca, + int flags_result, int result, + char *profile_name, int vrfy_fatal_lvls) { - char* act; + char *act; uint32_t flags; int res; mbedtls_x509_crt trusted, chain; const mbedtls_x509_crt_profile *profile = NULL; - mbedtls_x509_crt_init( &chain ); - mbedtls_x509_crt_init( &trusted ); + mbedtls_x509_crt_init(&chain); + mbedtls_x509_crt_init(&trusted); + USE_PSA_INIT(); - USE_PSA_INIT( ); - - while( ( act = mystrsep( &chain_paths, " " ) ) != NULL ) - TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 ); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 ); + while ((act = mystrsep(&chain_paths, " ")) != NULL) { + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, act), 0); + } + TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, trusted_ca), 0); - if( strcmp( profile_name, "" ) == 0 ) + if (strcmp(profile_name, "") == 0) { profile = &mbedtls_x509_crt_profile_default; - else if( strcmp( profile_name, "next" ) == 0 ) + } else if (strcmp(profile_name, "next") == 0) { profile = &mbedtls_x509_crt_profile_next; - else if( strcmp( profile_name, "suiteb" ) == 0 ) + } else if (strcmp(profile_name, "suiteb") == 0) { profile = &mbedtls_x509_crt_profile_suiteb; - else if( strcmp( profile_name, "rsa3072" ) == 0 ) + } else if (strcmp(profile_name, "rsa3072") == 0) { profile = &profile_rsa3072; - else if( strcmp( profile_name, "sha512" ) == 0 ) + } else if (strcmp(profile_name, "sha512") == 0) { profile = &profile_sha512; + } - res = mbedtls_x509_crt_verify_with_profile( &chain, &trusted, NULL, profile, - NULL, &flags, verify_fatal, &vrfy_fatal_lvls ); + res = mbedtls_x509_crt_verify_with_profile(&chain, &trusted, NULL, profile, + NULL, &flags, verify_fatal, &vrfy_fatal_lvls); - TEST_ASSERT( res == ( result ) ); - TEST_ASSERT( flags == (uint32_t)( flags_result ) ); + TEST_EQUAL(res, (result)); + TEST_EQUAL(flags, (uint32_t) (flags_result)); exit: - mbedtls_x509_crt_free( &trusted ); - mbedtls_x509_crt_free( &chain ); - USE_PSA_DONE( ); + mbedtls_x509_crt_free(&trusted); + mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_desc( data_t * buf, char * ref_desc ) +void x509_oid_desc(data_t *buf, char *ref_desc) { mbedtls_x509_buf oid; const char *desc = NULL; int ret; - + USE_PSA_INIT(); oid.tag = MBEDTLS_ASN1_OID; oid.p = buf->x; oid.len = buf->len; - ret = mbedtls_oid_get_extended_key_usage( &oid, &desc ); + ret = mbedtls_oid_get_extended_key_usage(&oid, &desc); - if( strcmp( ref_desc, "notfound" ) == 0 ) - { - TEST_ASSERT( ret != 0 ); - TEST_ASSERT( desc == NULL ); - } - else - { - TEST_ASSERT( ret == 0 ); - TEST_ASSERT( desc != NULL ); - TEST_ASSERT( strcmp( desc, ref_desc ) == 0 ); + if (strcmp(ref_desc, "notfound") == 0) { + TEST_ASSERT(ret != 0); + TEST_ASSERT(desc == NULL); + } else { + TEST_EQUAL(ret, 0); + TEST_ASSERT(desc != NULL); + TEST_EQUAL(strcmp(desc, ref_desc), 0); } + +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_oid_numstr( data_t * oid_buf, char * numstr, int blen, int ret ) +void x509_oid_numstr(data_t *oid_buf, char *numstr, int blen, int ret) { mbedtls_x509_buf oid; char num_buf[100]; - memset( num_buf, 0x2a, sizeof num_buf ); + USE_PSA_INIT(); + memset(num_buf, 0x2a, sizeof(num_buf)); oid.tag = MBEDTLS_ASN1_OID; oid.p = oid_buf->x; oid.len = oid_buf->len; - TEST_ASSERT( (size_t) blen <= sizeof num_buf ); + TEST_ASSERT((size_t) blen <= sizeof(num_buf)); - TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret ); + TEST_EQUAL(mbedtls_oid_get_numeric_string(num_buf, blen, &oid), ret); - if( ret >= 0 ) - { - TEST_ASSERT( num_buf[ret] == 0 ); - TEST_ASSERT( strcmp( num_buf, numstr ) == 0 ); + if (ret >= 0) { + TEST_EQUAL(num_buf[ret], 0); + TEST_EQUAL(strcmp(num_buf, numstr), 0); } + +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ -void x509_check_key_usage( char * crt_file, int usage, int ret ) +void x509_check_key_usage(char *crt_file, int usage, int ret) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret ); + TEST_EQUAL(mbedtls_x509_crt_check_key_usage(&crt, usage), ret); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -void x509_check_extended_key_usage( char * crt_file, data_t * oid, int ret - ) +void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret + ) { mbedtls_x509_crt crt; - mbedtls_x509_crt_init( &crt ); - + mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, (const char *)oid->x, oid->len ) == ret ); + TEST_EQUAL(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, oid->len), + ret); exit: - mbedtls_x509_crt_free( &crt ); + mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ -void x509_get_time( int tag, char * time_str, int ret, int year, int mon, - int day, int hour, int min, int sec ) +void x509_get_time(int tag, char *time_str, int ret, int year, int mon, + int day, int hour, int min, int sec) { mbedtls_x509_time time; unsigned char buf[21]; - unsigned char* start = buf; - unsigned char* end = buf; - - memset( &time, 0x00, sizeof( time ) ); - *end = (unsigned char)tag; end++; - *end = strlen( time_str ); - TEST_ASSERT( *end < 20 ); + unsigned char *start = buf; + unsigned char *end = buf; + + USE_PSA_INIT(); + memset(&time, 0x00, sizeof(time)); + *end = (unsigned char) tag; end++; + *end = strlen(time_str); + TEST_ASSERT(*end < 20); end++; - memcpy( end, time_str, (size_t)*(end - 1) ); + memcpy(end, time_str, (size_t) *(end - 1)); end += *(end - 1); - TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret ); - if( ret == 0 ) - { - TEST_ASSERT( year == time.year ); - TEST_ASSERT( mon == time.mon ); - TEST_ASSERT( day == time.day ); - TEST_ASSERT( hour == time.hour ); - TEST_ASSERT( min == time.min ); - TEST_ASSERT( sec == time.sec ); + TEST_EQUAL(mbedtls_x509_get_time(&start, end, &time), ret); + if (ret == 0) { + TEST_EQUAL(year, time.year); + TEST_EQUAL(mon, time.mon); + TEST_EQUAL(day, time.day); + TEST_EQUAL(hour, time.hour); + TEST_EQUAL(min, time.min); + TEST_EQUAL(sec, time.sec); } + +exit: + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -void x509_parse_rsassa_pss_params( data_t * params, int params_tag, - int ref_msg_md, int ref_mgf_md, - int ref_salt_len, int ref_ret ) +void x509_parse_rsassa_pss_params(data_t *params, int params_tag, + int ref_msg_md, int ref_mgf_md, + int ref_salt_len, int ref_ret) { int my_ret; mbedtls_x509_buf buf; mbedtls_md_type_t my_msg_md, my_mgf_md; int my_salt_len; + USE_PSA_INIT(); + buf.p = params->x; buf.len = params->len; buf.tag = params_tag; - my_ret = mbedtls_x509_get_rsassa_pss_params( &buf, &my_msg_md, &my_mgf_md, - &my_salt_len ); + my_ret = mbedtls_x509_get_rsassa_pss_params(&buf, &my_msg_md, &my_mgf_md, + &my_salt_len); - TEST_ASSERT( my_ret == ref_ret ); + TEST_EQUAL(my_ret, ref_ret); - if( ref_ret == 0 ) - { - TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md ); - TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md ); - TEST_ASSERT( my_salt_len == ref_salt_len ); + if (ref_ret == 0) { + TEST_EQUAL(my_msg_md, (mbedtls_md_type_t) ref_msg_md); + TEST_EQUAL(my_mgf_md, (mbedtls_md_type_t) ref_mgf_md); + TEST_EQUAL(my_salt_len, ref_salt_len); } exit: - ;; + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */ -void x509_selftest( ) +void x509_selftest() { - TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 ); + USE_PSA_INIT(); + TEST_EQUAL(mbedtls_x509_self_test(1), 0); + +exit: + USE_PSA_DONE(); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_x509write.data b/third_party/mbedtls/repo/tests/suites/test_suite_x509write.data index e0f80be943f..6bb81c7e786 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_x509write.data +++ b/third_party/mbedtls/repo/tests/suites/test_suite_x509write.data @@ -1,102 +1,122 @@ Certificate Request check Server1 SHA1 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0:0 Certificate Request check Server1 SHA224 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0:0 Certificate Request check Server1 SHA256 depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0:0 Certificate Request check Server1 SHA384 depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0:0 Certificate Request check Server1 SHA512 depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0:0 Certificate Request check Server1 MD4 depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0:0 Certificate Request check Server1 MD5 depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0:0 Certificate Request check Server1 key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0 Certificate Request check Server1 key_usage empty depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0:0 Certificate Request check Server1 ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0 Certificate Request check Server1 ns_cert_type empty depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1:0 Certificate Request check Server1 key_usage + ns_cert_type depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 -x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0 Certificate Request check Server5 ECDSA, key_usage depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0 +x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0:0 + +Certificate Request check Server1, set_extension +depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256.ext":MBEDTLS_MD_SHA256:0:0:0:0:1 Certificate Request check opaque Server5 ECDSA, key_usage depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate write check Server1 SHA1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.crt":0:0 +Certificate write check Server1 SHA1, not before 1970 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0 + +Certificate write check Server1 SHA1, not after 2050 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0 + +Certificate write check Server1 SHA1, not before 1970, not after 2050 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0 + +Certificate write check Server1 SHA1, not before 2050, not after 2059 +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"":0:0 + Certificate write check Server1 SHA1, key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:1:-1:"data_files/server1.key_usage.crt":0:0 Certificate write check Server1 SHA1, ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0 Certificate write check Server1 SHA1, version 1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0 Certificate write check Server1 SHA1, CA -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:1:-1:"data_files/server1.ca.crt":0:1 Certificate write check Server1 SHA1, RSA_ALT -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.noauthid.crt":1:0 Certificate write check Server1 SHA1, RSA_ALT, key_usage -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0 Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0 Certificate write check Server1 SHA1, RSA_ALT, version 1 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0 Certificate write check Server1 SHA1, RSA_ALT, CA -depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C +depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1 X509 String to Names #1 -mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark, Inc., OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0 X509 String to Names #2 mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID @@ -108,7 +128,16 @@ X509 String to Names #4 (Name larger than 255 bytes) mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME X509 String to Names #5 (Escape non-allowed characters) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME X509 String to Names #6 (Escape at end) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME + +X509 String to Names #6 (Invalid, no '=' or ',') +mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME + +Check max serial length +x509_set_serial_check: + +Check max extension length +x509_set_extension_length_check: diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_x509write.function b/third_party/mbedtls/repo/tests/suites/test_suite_x509write.function index ce475e61391..039690be1ca 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_x509write.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_x509write.function @@ -5,69 +5,120 @@ #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/rsa.h" +#include "mbedtls/asn1write.h" #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, - const unsigned char *input, unsigned char *output, - size_t output_max_len ) +int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len) { - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, - input, output, output_max_len ) ); + return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, + input, output, output_max_len); } -int mbedtls_rsa_sign_func( void *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, - const unsigned char *hash, unsigned char *sig ) +int mbedtls_rsa_sign_func(void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig) { - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, - md_alg, hashlen, hash, sig ) ); + return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, sig); } -size_t mbedtls_rsa_key_len_func( void *ctx ) +size_t mbedtls_rsa_key_len_func(void *ctx) { - return( ((const mbedtls_rsa_context *) ctx)->len ); + return ((const mbedtls_rsa_context *) ctx)->len; } #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C) -static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen ) +static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) { unsigned char hash[MBEDTLS_MD_MAX_SIZE]; const mbedtls_md_info_t *md_info; mbedtls_x509_csr csr; int ret = 0; - mbedtls_x509_csr_init( &csr ); + mbedtls_x509_csr_init(&csr); - if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 ) - { + if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) { ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto cleanup; } - md_info = mbedtls_md_info_from_type( csr.sig_md ); - if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 ) - { + md_info = mbedtls_md_info_from_type(csr.sig_md); + if (mbedtls_md(md_info, csr.cri.p, csr.cri.len, hash) != 0) { /* Note: this can't happen except after an internal error */ ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; goto cleanup; } - if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk, - csr.sig_md, hash, mbedtls_md_get_size( md_info ), - csr.sig.p, csr.sig.len ) != 0 ) - { + if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, + csr.sig_md, hash, mbedtls_md_get_size(md_info), + csr.sig.p, csr.sig.len) != 0) { ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; goto cleanup; } cleanup: - mbedtls_x509_csr_free( &csr ); - return( ret ); + mbedtls_x509_csr_free(&csr); + return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */ +#if defined(MBEDTLS_X509_CSR_WRITE_C) + +/* + * The size of this temporary buffer is given by the sequence of functions + * called hereinafter: + * - mbedtls_asn1_write_oid() + * - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value + * - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length + * - 1 byte for MBEDTLS_ASN1_OID tag + * - mbedtls_asn1_write_len() + * - 1 byte since we're dealing with sizes which are less than 0x80 + * - mbedtls_asn1_write_tag() + * - 1 byte + * + * This length is fine as long as this function is called using the + * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this + * buffer's length should be adjusted accordingly. + * Unfortunately there's no predefined max size for OIDs which can be used + * to set an overall upper boundary which is always guaranteed. + */ +#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12 + +static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, + const char *oid, size_t oid_len) +{ + unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; + unsigned char *p = buf + sizeof(buf); + int ret; + size_t len = 0; + + /* + * Following functions fail anyway if the temporary buffer is not large, + * but we set an extra check here to emphasize a possible source of errors + */ + if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + ret = mbedtls_x509write_csr_set_extension(ctx, + MBEDTLS_OID_EXTENDED_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), + p, + len); + + return ret; +} +#endif /* MBEDTLS_X509_CSR_WRITE_C */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -76,9 +127,9 @@ cleanup: */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ -void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, - int key_usage, int set_key_usage, int cert_type, - int set_cert_type ) +void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, + int key_usage, int set_key_usage, int cert_type, + int set_cert_type, int set_extension) { mbedtls_pk_context key; mbedtls_x509write_csr req; @@ -91,60 +142,69 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type, const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); + + mbedtls_x509write_csr_init(&req); + mbedtls_pk_init(&key); + USE_PSA_INIT(); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); - mbedtls_x509write_csr_init( &req ); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + mbedtls_x509write_csr_set_md_alg(&req, md_type); + mbedtls_x509write_csr_set_key(&req, &key); + TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); + if (set_key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); + } + if (set_cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); + } + if (set_extension != 0) { + TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); + } - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - f = fopen( cert_req_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); + f = fopen(cert_req_check_file, "r"); + TEST_ASSERT(f != NULL); + olen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + TEST_ASSERT(olen >= pem_len - 1); + TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); - der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, - &rnd_info ); - TEST_ASSERT( der_len >= 0 ); + der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, + &rnd_info); + TEST_ASSERT(der_len >= 0); - if( der_len == 0 ) + if (der_len == 0) { goto exit; + } - ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len - 1), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ -void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, - int cert_type ) +void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, + int cert_type) { mbedtls_pk_context key; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -156,51 +216,54 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage, const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; - PSA_INIT( ); - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); + + mbedtls_x509write_csr_init(&req); + + USE_PSA_INIT(); - md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type ); - TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE ); + md_alg_psa = mbedtls_psa_translate_md((mbedtls_md_type_t) md_type); + TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); - mbedtls_pk_init( &key ); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); - TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 ); + mbedtls_pk_init(&key); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); + TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, md_alg_psa) == 0); - mbedtls_x509write_csr_init( &req ); - mbedtls_x509write_csr_set_md_alg( &req, md_type ); - mbedtls_x509write_csr_set_key( &req, &key ); - TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); - if( key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); - if( cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); + mbedtls_x509write_csr_set_md_alg(&req, md_type); + mbedtls_x509write_csr_set_key(&req, &key); + TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); + if (key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); + } + if (cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); + } - ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1, - mbedtls_test_rnd_pseudo_rand, &rnd_info ); + ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1, + mbedtls_test_rnd_pseudo_rand, &rnd_info); - TEST_ASSERT( ret == 0 ); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); buf[pem_len] = '\0'; - TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 ); - + TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); exit: - mbedtls_x509write_csr_free( &req ); - mbedtls_pk_free( &key ); - psa_destroy_key( key_id ); - PSA_DONE( ); + mbedtls_x509write_csr_free(&req); + mbedtls_pk_free(&key); + psa_destroy_key(key_id); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ -void x509_crt_check( char *subject_key_file, char *subject_pwd, - char *subject_name, char *issuer_key_file, - char *issuer_pwd, char *issuer_name, - char *serial_str, char *not_before, char *not_after, - int md_type, int key_usage, int set_key_usage, - int cert_type, int set_cert_type, int auth_ident, - int ver, char *cert_check_file, int rsa_alt, int is_ca ) +void x509_crt_check(char *subject_key_file, char *subject_pwd, + char *subject_name, char *issuer_key_file, + char *issuer_pwd, char *issuer_name, + char *serial_str, char *not_before, char *not_after, + int md_type, int key_usage, int set_key_usage, + int cert_type, int set_cert_type, int auth_ident, + int ver, char *cert_check_file, int rsa_alt, int is_ca) { mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; mbedtls_pk_context *key = &issuer_key; @@ -208,37 +271,39 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, mbedtls_x509write_cert crt; unsigned char buf[4096]; unsigned char check_buf[5000]; + unsigned char *p, *end; + unsigned char tag, sz; mbedtls_mpi serial; - int ret; + int ret, before_tag, after_tag; size_t olen = 0, pem_len = 0, buf_index = 0; int der_len = -1; FILE *f; mbedtls_test_rnd_pseudo_info rnd_info; - memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) ); - mbedtls_mpi_init( &serial ); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); + mbedtls_mpi_init(&serial); - mbedtls_pk_init( &subject_key ); - mbedtls_pk_init( &issuer_key ); - mbedtls_pk_init( &issuer_key_alt ); + mbedtls_pk_init(&subject_key); + mbedtls_pk_init(&issuer_key); + mbedtls_pk_init(&issuer_key_alt); - mbedtls_x509write_crt_init( &crt ); + mbedtls_x509write_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, - subject_pwd ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, + subject_pwd) == 0); - TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, - issuer_pwd ) == 0 ); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file, + issuer_pwd) == 0); -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* For RSA PK contexts, create a copy as an alternative RSA context. */ - if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA ) - { - TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt, - mbedtls_pk_rsa( issuer_key ), - mbedtls_rsa_decrypt_func, - mbedtls_rsa_sign_func, - mbedtls_rsa_key_len_func ) == 0 ); + if (rsa_alt == 1 && mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_RSA) { + TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, + mbedtls_pk_rsa(issuer_key), + mbedtls_rsa_decrypt_func, + mbedtls_rsa_sign_func, + mbedtls_rsa_key_len_func) == 0); key = &issuer_key_alt; } @@ -246,80 +311,148 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd, (void) rsa_alt; #endif - TEST_ASSERT( mbedtls_test_read_mpi( &serial, 10, serial_str ) == 0 ); + TEST_ASSERT(mbedtls_test_read_mpi(&serial, serial_str) == 0); - if( ver != -1 ) - mbedtls_x509write_crt_set_version( &crt, ver ); + if (ver != -1) { + mbedtls_x509write_crt_set_version(&crt, ver); + } - TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before, - not_after ) == 0 ); - mbedtls_x509write_crt_set_md_alg( &crt, md_type ); - TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); - mbedtls_x509write_crt_set_subject_key( &crt, &subject_key ); + TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, + not_after) == 0); + mbedtls_x509write_crt_set_md_alg(&crt, md_type); + TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0); + mbedtls_x509write_crt_set_subject_key(&crt, &subject_key); - mbedtls_x509write_crt_set_issuer_key( &crt, key ); + mbedtls_x509write_crt_set_issuer_key(&crt, key); - if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 ) - { + if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) { /* For the CA case, a path length of -1 means unlimited. */ - TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, is_ca, - (is_ca ? -1 : 0) ) == 0 ); - TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); - if( auth_ident ) - TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); - if( set_key_usage != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); - if( set_cert_type != 0 ) - TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); + TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca, + (is_ca ? -1 : 0)) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0); + if (auth_ident) { + TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0); + } + if (set_key_usage != 0) { + TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0); + } + if (set_cert_type != 0) { + TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0); + } } - ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == 0 ); + ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == 0); - pem_len = strlen( (char *) buf ); + pem_len = strlen((char *) buf); // check that the rest of the buffer remains clear - for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index ) - { - TEST_ASSERT( buf[buf_index] == 0 ); + for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { + TEST_ASSERT(buf[buf_index] == 0); } - f = fopen( cert_check_file, "r" ); - TEST_ASSERT( f != NULL ); - olen = fread( check_buf, 1, sizeof( check_buf ), f ); - fclose( f ); - TEST_ASSERT( olen < sizeof( check_buf ) ); - - TEST_ASSERT( olen >= pem_len - 1 ); - TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); + if (*cert_check_file != '\0') { + f = fopen(cert_check_file, "r"); + TEST_ASSERT(f != NULL); + olen = fread(check_buf, 1, sizeof(check_buf), f); + fclose(f); + TEST_ASSERT(olen < sizeof(check_buf)); + TEST_ASSERT(olen >= pem_len - 1); + TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); + } - der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ), - mbedtls_test_rnd_pseudo_rand, - &rnd_info ); - TEST_ASSERT( der_len >= 0 ); + der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf), + mbedtls_test_rnd_pseudo_rand, + &rnd_info); + TEST_ASSERT(der_len >= 0); - if( der_len == 0 ) + if (der_len == 0) { goto exit; + } - ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ), - mbedtls_test_rnd_pseudo_rand, &rnd_info ); - TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + // Not testing against file, check date format + if (*cert_check_file == '\0') { + // UTC tag if before 2050, 2 digits less for year + if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) { + before_tag = MBEDTLS_ASN1_GENERALIZED_TIME; + } else { + before_tag = MBEDTLS_ASN1_UTC_TIME; + not_before += 2; + } + if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) { + after_tag = MBEDTLS_ASN1_GENERALIZED_TIME; + } else { + after_tag = MBEDTLS_ASN1_UTC_TIME; + not_after += 2; + } + end = buf + sizeof(buf); + for (p = end - der_len; p < end;) { + tag = *p++; + sz = *p++; + if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) { + // Check correct tag and time written + TEST_ASSERT(before_tag == tag); + TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0); + p += sz; + tag = *p++; + sz = *p++; + TEST_ASSERT(after_tag == tag); + TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0); + break; + } + // Increment if long form ASN1 length + if (sz & 0x80) { + p += sz & 0x0F; + } + if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { + p += sz; + } + } + TEST_ASSERT(p < end); + } + + ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len - 1), + mbedtls_test_rnd_pseudo_rand, &rnd_info); + TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: - mbedtls_x509write_crt_free( &crt ); - mbedtls_pk_free( &issuer_key_alt ); - mbedtls_pk_free( &subject_key ); - mbedtls_pk_free( &issuer_key ); - mbedtls_mpi_free( &serial ); + mbedtls_x509write_crt_free(&crt); + mbedtls_pk_free(&issuer_key_alt); + mbedtls_pk_free(&subject_key); + mbedtls_pk_free(&issuer_key); + mbedtls_mpi_free(&serial); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */ +void x509_set_serial_check() +{ + mbedtls_x509write_cert ctx; + mbedtls_mpi serial_mpi; + uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; + + USE_PSA_INIT(); + memset(invalid_serial, 0x01, sizeof(invalid_serial)); + + mbedtls_mpi_init(&serial_mpi); + TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, + sizeof(invalid_serial)), 0); + TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), + MBEDTLS_ERR_X509_BAD_INPUT_DATA); + +exit: + mbedtls_mpi_free(&serial_mpi); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ -void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result - ) +void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result + ) { int ret; size_t len = 0; @@ -327,38 +460,62 @@ void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; unsigned char buf[1024], out[1024], *c; - memset( &parsed, 0, sizeof( parsed ) ); - memset( out, 0, sizeof( out ) ); - memset( buf, 0, sizeof( buf ) ); - c = buf + sizeof( buf ); + USE_PSA_INIT(); + + memset(&parsed, 0, sizeof(parsed)); + memset(out, 0, sizeof(out)); + memset(buf, 0, sizeof(buf)); + c = buf + sizeof(buf); - ret = mbedtls_x509_string_to_names( &names, name ); - TEST_ASSERT( ret == result ); + ret = mbedtls_x509_string_to_names(&names, name); + TEST_ASSERT(ret == result); - if( ret != 0 ) + if (ret != 0) { goto exit; + } - ret = mbedtls_x509_write_names( &c, buf, names ); - TEST_ASSERT( ret > 0 ); + ret = mbedtls_x509_write_names(&c, buf, names); + TEST_ASSERT(ret > 0); - TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 ); - TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 ); + TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0); + TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0); - ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed ); - TEST_ASSERT( ret > 0 ); + ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); + TEST_ASSERT(ret > 0); - TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 ); + TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); exit: - mbedtls_asn1_free_named_data_list( &names ); + mbedtls_asn1_free_named_data_list(&names); parsed_cur = parsed.next; - while( parsed_cur != 0 ) - { + while (parsed_cur != 0) { parsed_prv = parsed_cur; parsed_cur = parsed_cur->next; - mbedtls_free( parsed_prv ); + mbedtls_free(parsed_prv); } + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */ +void x509_set_extension_length_check() +{ + int ret = 0; + + mbedtls_x509write_csr ctx; + mbedtls_x509write_csr_init(&ctx); + + unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; + unsigned char *p = buf + sizeof(buf); + + ret = mbedtls_x509_set_extension(&(ctx.extensions), + MBEDTLS_OID_EXTENDED_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), + 0, + p, + SIZE_MAX); + TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/tests/suites/test_suite_xtea.function b/third_party/mbedtls/repo/tests/suites/test_suite_xtea.function index 1d5b29b8ab2..7e06e309e23 100644 --- a/third_party/mbedtls/repo/tests/suites/test_suite_xtea.function +++ b/third_party/mbedtls/repo/tests/suites/test_suite_xtea.function @@ -8,8 +8,8 @@ */ /* BEGIN_CASE */ -void xtea_encrypt_ecb( data_t * key_str, data_t * src_str, - data_t * dst ) +void xtea_encrypt_ecb(data_t *key_str, data_t *src_str, + data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -17,15 +17,15 @@ void xtea_encrypt_ecb( data_t * key_str, data_t * src_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE */ -void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) +void xtea_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -33,16 +33,16 @@ void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst ) memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_ecb(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, 8, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void xtea_encrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -50,18 +50,18 @@ void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */ -void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str, - data_t * src_str, data_t * dst ) +void xtea_decrypt_cbc(data_t *key_str, data_t *iv_str, + data_t *src_str, data_t *dst) { unsigned char output[100]; mbedtls_xtea_context ctx; @@ -69,18 +69,18 @@ void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str, memset(output, 0x00, 100); - mbedtls_xtea_setup( &ctx, key_str->x ); - TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x, - src_str->x, output ) == 0 ); + mbedtls_xtea_setup(&ctx, key_str->x); + TEST_ASSERT(mbedtls_xtea_crypt_cbc(&ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x, + src_str->x, output) == 0); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); + TEST_ASSERT(mbedtls_test_hexcmp(output, dst->x, + src_str->len, dst->len) == 0); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ -void xtea_selftest( ) +void xtea_selftest() { - TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 ); + TEST_ASSERT(mbedtls_xtea_self_test(1) == 0); } /* END_CASE */ diff --git a/third_party/mbedtls/repo/visualc/VS2010/mbedTLS.vcxproj b/third_party/mbedtls/repo/visualc/VS2010/mbedTLS.vcxproj index 88ffe1b2ee2..e36a7b5706e 100644 --- a/third_party/mbedtls/repo/visualc/VS2010/mbedTLS.vcxproj +++ b/third_party/mbedtls/repo/visualc/VS2010/mbedTLS.vcxproj @@ -237,6 +237,7 @@ + @@ -246,6 +247,7 @@ + @@ -256,6 +258,7 @@ + From 905a22e0c7ea2a50fd3b935c24eb200f83721455 Mon Sep 17 00:00:00 2001 From: Piotr Jasinski Date: Wed, 7 Feb 2024 22:13:12 +0100 Subject: [PATCH 104/121] [tools] add tcat ble client (#9739) Adds TCAT client implementation for BLE transport. Signed-off-by: Piotr Jasinski Co-authored-by: Przemyslaw Bida --- .../GENERATING_CERTIFICATES.md | 91 ++++ tools/tcat_ble_client/README.md | 56 ++ tools/tcat_ble_client/auth/ca_cert.pem | 13 + tools/tcat_ble_client/auth/ca_key.pem | 5 + .../auth/commissioner_cert.pem | 11 + .../tcat_ble_client/auth/commissioner_key.pem | 8 + tools/tcat_ble_client/bbtc.py | 112 ++++ .../ble/ble_connection_constants.py | 32 ++ tools/tcat_ble_client/ble/ble_scanner.py | 52 ++ tools/tcat_ble_client/ble/ble_stream.py | 93 ++++ .../tcat_ble_client/ble/ble_stream_secure.py | 121 +++++ tools/tcat_ble_client/cli/base_commands.py | 165 ++++++ tools/tcat_ble_client/cli/cli.py | 97 ++++ tools/tcat_ble_client/cli/command.py | 101 ++++ tools/tcat_ble_client/cli/dataset_commands.py | 221 ++++++++ tools/tcat_ble_client/dataset/dataset.py | 64 +++ .../dataset/dataset_entries.py | 502 ++++++++++++++++++ tools/tcat_ble_client/poetry.lock | 318 +++++++++++ tools/tcat_ble_client/pyproject.toml | 16 + tools/tcat_ble_client/tlv/dataset_tlv.py | 79 +++ tools/tcat_ble_client/tlv/tcat_tlv.py | 45 ++ 21 files changed, 2202 insertions(+) create mode 100644 tools/tcat_ble_client/GENERATING_CERTIFICATES.md create mode 100644 tools/tcat_ble_client/README.md create mode 100644 tools/tcat_ble_client/auth/ca_cert.pem create mode 100644 tools/tcat_ble_client/auth/ca_key.pem create mode 100644 tools/tcat_ble_client/auth/commissioner_cert.pem create mode 100644 tools/tcat_ble_client/auth/commissioner_key.pem create mode 100644 tools/tcat_ble_client/bbtc.py create mode 100644 tools/tcat_ble_client/ble/ble_connection_constants.py create mode 100644 tools/tcat_ble_client/ble/ble_scanner.py create mode 100644 tools/tcat_ble_client/ble/ble_stream.py create mode 100644 tools/tcat_ble_client/ble/ble_stream_secure.py create mode 100644 tools/tcat_ble_client/cli/base_commands.py create mode 100644 tools/tcat_ble_client/cli/cli.py create mode 100644 tools/tcat_ble_client/cli/command.py create mode 100644 tools/tcat_ble_client/cli/dataset_commands.py create mode 100644 tools/tcat_ble_client/dataset/dataset.py create mode 100644 tools/tcat_ble_client/dataset/dataset_entries.py create mode 100644 tools/tcat_ble_client/poetry.lock create mode 100644 tools/tcat_ble_client/pyproject.toml create mode 100644 tools/tcat_ble_client/tlv/dataset_tlv.py create mode 100644 tools/tcat_ble_client/tlv/tcat_tlv.py diff --git a/tools/tcat_ble_client/GENERATING_CERTIFICATES.md b/tools/tcat_ble_client/GENERATING_CERTIFICATES.md new file mode 100644 index 00000000000..1eb1b79768c --- /dev/null +++ b/tools/tcat_ble_client/GENERATING_CERTIFICATES.md @@ -0,0 +1,91 @@ +# BBTC X.509 certificates generation + +--- + +TCAT uses X.509 Certificate Extensions to provide permissions with certificates. + +## Extensions + +Extensions were introduced in version 3 of the X.509 standard for certificates. They allow certificates to be customised to applications by supporting the addition of arbitrary fields in the certificate. Each extension, identified by its OID (Object Identifier), is marked as "Critical" or "Non-Critical", and includes the extension-specific data. + +## Certificates generation + +Thread uses Elliptic Curve Cryptography (ECC), so we use the `ecparam` `openssl` argument to generate the keys. + +### Root certificate + +1. Generate the private key: + +``` +openssl ecparam -genkey -name prime256v1 -out ca_key.pem +``` + +1. We can then generate the **.csr** (certificate signing request) file, which will contain all the parameters of our final certificate: + +``` +openssl req -new -sha256 -key ca_key.pem -out ca.csr +``` + +1. Finally, we can generate the certificate itself: + +``` +openssl req -x509 -sha256 -days 365 -key ca_key.pem -in ca.csr -out ca_cert.pem +``` + +1. See the generated certificate using + +``` +openssl x509 -in ca_cert.pem -text -noout +``` + +### Commissioner (client) certificate + +1. Generate the key: + +``` +openssl ecparam -genkey -name prime256v1 -out commissioner_key.pem +``` + +1. Specify additional extensions when generating the .csr (see [sample configuration](#Configurations)): + +``` +openssl req -new -sha256 -key commissioner_key.pem -out commissioner.csr -config commissioner.cnf +``` + +1. Generate the certificate: + +``` +openssl x509 -req -in commissioner.csr -CA ca_cert.pem -CAkey ca_key.pem -out commissioner_cert.pem -days 365 -sha256 -copy_extensions copy +``` + +1. View the generated certificate using: + +``` +openssl x509 -in commissioner_cert.pem -text -noout +``` + +1. View parsed certificate extensions using: + +``` +openssl asn1parse -inform PEM -in commissioner_cert.pem +``` + +## Configurations + +file: `commissioner.cnf` (line `1.3.6.1.4.1.44970.3 = DER:21:01:01:01:01` specifies permissions (all)) + +``` +[ req ] +default_bits = 2048 +distinguished_name = req_distinguished_name +prompt = no +req_extensions = v3_req + +[ req_distinguished_name ] +CN = Commissioner + +[v3_req] +1.3.6.1.4.1.44970.3 = DER:21:01:01:01:01 +authorityKeyIdentifier = none +subjectKeyIdentifier = none +``` diff --git a/tools/tcat_ble_client/README.md b/tools/tcat_ble_client/README.md new file mode 100644 index 00000000000..3af2fead02f --- /dev/null +++ b/tools/tcat_ble_client/README.md @@ -0,0 +1,56 @@ +# BBTC Client + +## Overview + +This is a Python implementation of Bluetooth-Based Thread Commissioning client, based on Thread's TCAT (Thread Commissioning over Authenticated TLS) functionality. + +## Installation + +If you don't have the poetry module installed (check with `poetry --version`), install it first using: + +```bash +python3 -m pip install poetry +``` + +Thread uses Elliptic Curve Cryptography (ECC), so we use the `ecparam` `openssl` argument to generate the keys. + +``` +poetry install +``` + +This will install all the required modules to a virtual environment, which can be used by calling `poetry run ` from the project directory. + +## Usage + +In order to connect to a TCAT device, enter the project directory and run: + +```bash +poetry run python3 bbtc.py { | --scan} +``` + +where `` can be: + +- `--name ` - name advertised by the device +- `--mac
` - physical address of the device's Bluetooth interface + +Using the `--scan` option will scan for every TCAT device and display them in a list, to allow selection of the target. + +For example: + +``` +poetry run python3 bbtc.py --name 'Thread BLE' +``` + +The application will connect to the first matching device discovered and set up a secure TLS channel. The user is then presented with the CLI. + +## Commands + +The application supports the following interactive CLI commands: + +- `help` - Display available commands. +- `commission` - Commission the device with current dataset. +- `thread start` - Enable Thread interface. +- `thread stop` - Disable Thread interface. +- `hello` - Send "hello world" application data and read the response. +- `exit` - Close the connection and exit. +- `dataset` - View and manipulate current dataset. See `dataset help` for more information. diff --git a/tools/tcat_ble_client/auth/ca_cert.pem b/tools/tcat_ble_client/auth/ca_cert.pem new file mode 100644 index 00000000000..e9994c122d1 --- /dev/null +++ b/tools/tcat_ble_client/auth/ca_cert.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIICCDCCAa2gAwIBAgIJAIKxygBXoH+5MAoGCCqGSM49BAMCMG8xCzAJBgNVBAYT +AlhYMRAwDgYDVQQIEwdNeVN0YXRlMQ8wDQYDVQQHEwZNeUNpdHkxDzANBgNVBAsT +Bk15VW5pdDERMA8GA1UEChMITXlWZW5kb3IxGTAXBgNVBAMTEHd3dy5teXZlbmRv +ci5jb20wHhcNMjMxMDE2MTAzMzE1WhcNMjYxMDE2MTAzMzE1WjBvMQswCQYDVQQG +EwJYWDEQMA4GA1UECBMHTXlTdGF0ZTEPMA0GA1UEBxMGTXlDaXR5MQ8wDQYDVQQL +EwZNeVVuaXQxETAPBgNVBAoTCE15VmVuZG9yMRkwFwYDVQQDExB3d3cubXl2ZW5k +b3IuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWdyzPAXGKeZY94OhHAWX +HzJfQIjGSyaOzlgL9OEFw2SoUDncLKPGwfPAUSfuMyEkzszNDM0HHkBsDLqu4n25 +/6MyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU4EynoSw9eDKZEVPkums2 +IWLAJCowCgYIKoZIzj0EAwIDSQAwRgIhAMYGGL9xShyE6P9wEU+MAYF6W3CzdrwV +kuerX1encIH2AiEA5rq490NUobM1Au43roxJq1T6Z43LscPVbGZfULD1Jq0= +-----END CERTIFICATE----- diff --git a/tools/tcat_ble_client/auth/ca_key.pem b/tools/tcat_ble_client/auth/ca_key.pem new file mode 100644 index 00000000000..f75c9173f41 --- /dev/null +++ b/tools/tcat_ble_client/auth/ca_key.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEII/jxkoUczPvlYM3ayhneif63B64lan3SubrXiVEbhoVoAoGCCqGSM49 +AwEHoUQDQgAEWdyzPAXGKeZY94OhHAWXHzJfQIjGSyaOzlgL9OEFw2SoUDncLKPG +wfPAUSfuMyEkzszNDM0HHkBsDLqu4n25/w== +-----END EC PRIVATE KEY----- diff --git a/tools/tcat_ble_client/auth/commissioner_cert.pem b/tools/tcat_ble_client/auth/commissioner_cert.pem new file mode 100644 index 00000000000..3f40dc8d4d2 --- /dev/null +++ b/tools/tcat_ble_client/auth/commissioner_cert.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBnzCCAUSgAwIBAgIUQ5RUJMc95ssHQybR6pcx7LXSBzcwCgYIKoZIzj0EAwIw +bzELMAkGA1UEBhMCWFgxEDAOBgNVBAgTB015U3RhdGUxDzANBgNVBAcTBk15Q2l0 +eTEPMA0GA1UECxMGTXlVbml0MREwDwYDVQQKEwhNeVZlbmRvcjEZMBcGA1UEAxMQ +d3d3Lm15dmVuZG9yLmNvbTAeFw0yMzEwMTgxNTIyMTZaFw0zMzEwMTUxNTIyMTZa +MBcxFTATBgNVBAMMDENvbW1pc3Npb25lcjBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABDU90Qpae5c+5Diou072S6MMHNv9+Ah9Kmo+mZTT6gQUyRScFey3+6wE08o7 +wl6/8EKRgS8TFSihK4mYGxYoN06jFjAUMBIGCSsGAQQBgt8qAwQFIQEBAQEwCgYI +KoZIzj0EAwIDSQAwRgIhAOgQH8wFSe3JtGSmEFLy4fbMhOg+5Mfhqoq95vu2ML/u +AiEAt4BjuFo7GTxQxXl1e8TvMGESPGBKnR7cIT/BCnn2fto= +-----END CERTIFICATE----- diff --git a/tools/tcat_ble_client/auth/commissioner_key.pem b/tools/tcat_ble_client/auth/commissioner_key.pem new file mode 100644 index 00000000000..57b68392022 --- /dev/null +++ b/tools/tcat_ble_client/auth/commissioner_key.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIFOGszqvbs62fRwd3Rnd79wf6fpWxkXLO5YzhEuJ9EV1oAoGCCqGSM49 +AwEHoUQDQgAENT3RClp7lz7kOKi7TvZLowwc2/34CH0qaj6ZlNPqBBTJFJwV7Lf7 +rATTyjvCXr/wQpGBLxMVKKEriZgbFig3Tg== +-----END EC PRIVATE KEY----- diff --git a/tools/tcat_ble_client/bbtc.py b/tools/tcat_ble_client/bbtc.py new file mode 100644 index 00000000000..fa2ebbb2490 --- /dev/null +++ b/tools/tcat_ble_client/bbtc.py @@ -0,0 +1,112 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +import asyncio +import argparse +from os import path +import logging + +from ble.ble_connection_constants import BBTC_SERVICE_UUID, BBTC_TX_CHAR_UUID, \ + BBTC_RX_CHAR_UUID, SERVER_COMMON_NAME +from ble.ble_stream import BleStream +from ble.ble_stream_secure import BleStreamSecure +from ble import ble_scanner +from cli.cli import CLI +from dataset.dataset import ThreadDataset +from cli.command import CommandResult +from utils import select_device_by_user_input + + +async def main(): + logging.basicConfig(level=logging.WARNING) + + parser = argparse.ArgumentParser(description='Device parameters') + parser.add_argument('--debug', help='Enable debug logs', action='store_true') + group = parser.add_mutually_exclusive_group() + group.add_argument('--mac', type=str, help='Device MAC address', action='store') + group.add_argument('--name', type=str, help='Device name', action='store') + group.add_argument('--scan', help='Scan all available devices', action='store_true') + args = parser.parse_args() + + if args.debug: + logging.getLogger('ble_stream').setLevel(logging.DEBUG) + logging.getLogger('ble_stream_secure').setLevel(logging.DEBUG) + + device = await get_device_by_args(args) + + ble_sstream = None + + if not (device is None): + print(f'Connecting to {device}') + ble_stream = await BleStream.create(device.address, BBTC_SERVICE_UUID, BBTC_TX_CHAR_UUID, BBTC_RX_CHAR_UUID) + ble_sstream = BleStreamSecure(ble_stream) + ble_sstream.load_cert( + certfile=path.join('auth', 'commissioner_cert.pem'), + keyfile=path.join('auth', 'commissioner_key.pem'), + cafile=path.join('auth', 'ca_cert.pem'), + ) + + print('Setting up secure channel...') + await ble_sstream.do_handshake(hostname=SERVER_COMMON_NAME) + print('Done') + + ds = ThreadDataset() + cli = CLI(ds, ble_sstream) + loop = asyncio.get_running_loop() + print('Enter \'help\' to see available commands' ' or \'exit\' to exit the application.') + while True: + user_input = await loop.run_in_executor(None, lambda: input('> ')) + if user_input.lower() == 'exit': + print('Disconnecting...') + break + try: + result: CommandResult = await cli.evaluate_input(user_input) + if result: + result.pretty_print() + except Exception as e: + print(e) + + +async def get_device_by_args(args): + device = None + if args.mac: + device = await ble_scanner.find_first_by_mac(args.mac) + elif args.name: + device = await ble_scanner.find_first_by_name(args.name) + elif args.scan: + tcat_devices = await ble_scanner.scan_tcat_devices() + device = select_device_by_user_input(tcat_devices) + + return device + + +if __name__ == '__main__': + try: + asyncio.run(main()) + except asyncio.CancelledError: + pass # device disconnected diff --git a/tools/tcat_ble_client/ble/ble_connection_constants.py b/tools/tcat_ble_client/ble/ble_connection_constants.py new file mode 100644 index 00000000000..f1064c635a8 --- /dev/null +++ b/tools/tcat_ble_client/ble/ble_connection_constants.py @@ -0,0 +1,32 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +BBTC_SERVICE_UUID = 'FFFB' +BBTC_RX_CHAR_UUID = '6BD10D8B-85A7-4E5A-BA2D-C83558A5F220' +BBTC_TX_CHAR_UUID = '7FDDF61F-280A-4773-B448-BA1B8FE0DD69' +SERVER_COMMON_NAME = 'myvendor.com/tcat/mydev' diff --git a/tools/tcat_ble_client/ble/ble_scanner.py b/tools/tcat_ble_client/ble/ble_scanner.py new file mode 100644 index 00000000000..f8dc55e7363 --- /dev/null +++ b/tools/tcat_ble_client/ble/ble_scanner.py @@ -0,0 +1,52 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from bleak import BleakScanner +from bbtc import BBTC_SERVICE_UUID + + +async def find_first_by_name(name): + match_name = lambda dev, adv_data: name == dev.name + device = await BleakScanner.find_device_by_filter(match_name) + return device + + +async def find_first_by_mac(mac): + match_mac = lambda dev, adv_data: mac.upper() == dev.address + device = await BleakScanner.find_device_by_filter(match_mac) + return device + + +async def scan_tcat_devices(): + scanner = BleakScanner() + tcat_devices = [] + devices_dict = await scanner.discover(return_adv=True, service_uuids=[BBTC_SERVICE_UUID.lower()]) + for _, (device, _) in devices_dict.items(): + tcat_devices.append(device) + + return tcat_devices diff --git a/tools/tcat_ble_client/ble/ble_stream.py b/tools/tcat_ble_client/ble/ble_stream.py new file mode 100644 index 00000000000..3e22da8f49a --- /dev/null +++ b/tools/tcat_ble_client/ble/ble_stream.py @@ -0,0 +1,93 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from itertools import count, takewhile +from typing import Iterator +import logging +import time +from asyncio import sleep + +from bleak import BleakClient +from bleak.backends.characteristic import BleakGATTCharacteristic + +logger = logging.getLogger(__name__) + + +class BleStream: + + def __init__(self, client, service_uuid, tx_char_uuid, rx_char_uuid): + self.__receive_buffer = b'' + self.__last_recv_time = None + self.client = client + self.service_uuid = service_uuid + self.tx_char_uuid = tx_char_uuid + self.rx_char_uuid = rx_char_uuid + + async def __aenter__(self): + return self + + async def __aexit__(self, exc_type, exc_value, traceback): + if self.client.is_connected: + await self.client.disconnect() + + def __handle_rx(self, _: BleakGATTCharacteristic, data: bytearray): + logger.debug(f'received {len(data)} bytes') + self.__receive_buffer += data + self.__last_recv_time = time.time() + + @staticmethod + def __sliced(data: bytes, n: int) -> Iterator[bytes]: + return takewhile(len, (data[i:i + n] for i in count(0, n))) + + @classmethod + async def create(cls, address, service_uuid, tx_char_uuid, rx_char_uuid): + client = BleakClient(address) + await client.connect() + self = cls(client, service_uuid, tx_char_uuid, rx_char_uuid) + await client.start_notify(self.tx_char_uuid, self.__handle_rx) + return self + + async def send(self, data): + logger.debug(f'sending {data}') + services = self.client.services.get_service(self.service_uuid) + rx_char = services.get_characteristic(self.rx_char_uuid) + for s in BleStream.__sliced(data, rx_char.max_write_without_response_size): + await self.client.write_gatt_char(rx_char, s) + return len(data) + + async def recv(self, bufsize, recv_timeout=0.2): + if not self.__receive_buffer: + return b'' + + while time.time() - self.__last_recv_time <= recv_timeout: + await sleep(0.1) + + message = self.__receive_buffer[:bufsize] + self.__receive_buffer = self.__receive_buffer[bufsize:] + logger.debug(f'retrieved {message}') + return message diff --git a/tools/tcat_ble_client/ble/ble_stream_secure.py b/tools/tcat_ble_client/ble/ble_stream_secure.py new file mode 100644 index 00000000000..9d15b794536 --- /dev/null +++ b/tools/tcat_ble_client/ble/ble_stream_secure.py @@ -0,0 +1,121 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +import asyncio +import ssl +import logging + +from .ble_stream import BleStream + +logger = logging.getLogger(__name__) + + +class BleStreamSecure: + + def __init__(self, ble_stream: BleStream): + self.ble_stream = ble_stream + self.ssl_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH) + self.incoming = ssl.MemoryBIO() + self.outgoing = ssl.MemoryBIO() + self.ssl_object = None + + def load_cert(self, certfile='', keyfile='', cafile=''): + if certfile and keyfile: + self.ssl_context.load_cert_chain(certfile=certfile, keyfile=keyfile) + elif certfile: + self.ssl_context.load_cert_chain(certfile=certfile) + + if cafile: + self.ssl_context.load_verify_locations(cafile=cafile) + + async def do_handshake(self, hostname): + self.ssl_object = self.ssl_context.wrap_bio( + incoming=self.incoming, + outgoing=self.outgoing, + server_side=False, + server_hostname=hostname, + ) + while True: + try: + self.ssl_object.do_handshake() + break + # SSLWantWrite means ssl wants to send data over the link, + # but might need a receive first + except ssl.SSLWantWriteError: + output = await self.ble_stream.recv(4096) + if output: + self.incoming.write(output) + data = self.outgoing.read() + if data: + await self.ble_stream.send(data) + await asyncio.sleep(0.1) + + # SSLWantRead means ssl wants to receive data from the link, + # but might need to send first + except ssl.SSLWantReadError: + data = self.outgoing.read() + if data: + await self.ble_stream.send(data) + output = await self.ble_stream.recv(4096) + if output: + self.incoming.write(output) + await asyncio.sleep(0.1) + + async def send(self, bytes): + self.ssl_object.write(bytes) + encode = self.outgoing.read(4096) + await self.ble_stream.send(encode) + + async def recv(self, buffersize, timeout=1): + end_time = asyncio.get_event_loop().time() + timeout + data = await self.ble_stream.recv(buffersize) + while not data and asyncio.get_event_loop().time() < end_time: + await asyncio.sleep(0.1) + data = await self.ble_stream.recv(buffersize) + if not data: + logger.warning('No response when response expected.') + return b'' + + self.incoming.write(data) + while True: + try: + decode = self.ssl_object.read(4096) + break + # if recv called before entire message was received from the link + except ssl.SSLWantReadError: + more = await self.ble_stream.recv(buffersize) + while not more: + await asyncio.sleep(0.1) + more = await self.ble_stream.recv(buffersize) + self.incoming.write(more) + return decode + + async def send_with_resp(self, bytes): + await self.send(bytes) + res = await self.recv(buffersize=4096, timeout=5) + return res diff --git a/tools/tcat_ble_client/cli/base_commands.py b/tools/tcat_ble_client/cli/base_commands.py new file mode 100644 index 00000000000..bd4c1dbea87 --- /dev/null +++ b/tools/tcat_ble_client/cli/base_commands.py @@ -0,0 +1,165 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from ble.ble_connection_constants import BBTC_SERVICE_UUID, BBTC_TX_CHAR_UUID, \ + BBTC_RX_CHAR_UUID, SERVER_COMMON_NAME +from ble.ble_stream import BleStream +from ble.ble_stream_secure import BleStreamSecure +from ble import ble_scanner +from tlv.tlv import TLV +from tlv.tcat_tlv import TcatTLVType +from cli.command import Command, CommandResultNone, CommandResultTLV +from dataset.dataset import ThreadDataset +from utils import select_device_by_user_input +from os import path + + +class HelpCommand(Command): + + def get_help_string(self) -> str: + return 'Display help and return.' + + async def execute_default(self, args, context): + commands = context['commands'] + for name, command in commands.items(): + print(f'{name}') + command.print_help(indent=1) + return CommandResultNone() + + +class HelloCommand(Command): + + def get_help_string(self) -> str: + return 'Send round trip "Hello world!" message.' + + async def execute_default(self, args, context): + bless: BleStreamSecure = context['ble_sstream'] + print('Sending hello world...') + data = TLV(TcatTLVType.APPLICATION.value, bytes('Hello world!', 'ascii')).to_bytes() + response = await bless.send_with_resp(data) + if not response: + return + tlv_response = TLV.from_bytes(response) + return CommandResultTLV(tlv_response) + + +class CommissionCommand(Command): + + def get_help_string(self) -> str: + return 'Update the connected device with current dataset.' + + async def execute_default(self, args, context): + bless: BleStreamSecure = context['ble_sstream'] + dataset: ThreadDataset = context['dataset'] + + print('Commissioning...') + dataset_bytes = dataset.to_bytes() + data = TLV(TcatTLVType.ACTIVE_DATASET.value, dataset_bytes).to_bytes() + response = await bless.send_with_resp(data) + if not response: + return + tlv_response = TLV.from_bytes(response) + return CommandResultTLV(tlv_response) + + +class ThreadStartCommand(Command): + + def get_help_string(self) -> str: + return 'Enable thread interface.' + + async def execute_default(self, args, context): + bless: BleStreamSecure = context['ble_sstream'] + + print('Enabling Thread...') + data = TLV(TcatTLVType.THREAD_START.value, bytes()).to_bytes() + response = await bless.send_with_resp(data) + if not response: + return + tlv_response = TLV.from_bytes(response) + return CommandResultTLV(tlv_response) + + +class ThreadStopCommand(Command): + + def get_help_string(self) -> str: + return 'Disable thread interface.' + + async def execute_default(self, args, context): + bless: BleStreamSecure = context['ble_sstream'] + print('Disabling Thread...') + data = TLV(TcatTLVType.THREAD_STOP.value, bytes()).to_bytes() + response = await bless.send_with_resp(data) + if not response: + return + tlv_response = TLV.from_bytes(response) + return CommandResultTLV(tlv_response) + + +class ThreadStateCommand(Command): + + def __init__(self): + self._subcommands = {'start': ThreadStartCommand(), 'stop': ThreadStopCommand()} + + def get_help_string(self) -> str: + return 'Manipulate state of the Thread interface of the connected device.' + + async def execute_default(self, args, context): + print('Invalid usage. Provide a subcommand.') + return CommandResultNone() + + +class ScanCommand(Command): + + def get_help_string(self) -> str: + return 'Perform scan for TCAT devices.' + + async def execute_default(self, args, context): + if not (context['ble_sstream'] is None): + del context['ble_sstream'] + + tcat_devices = await ble_scanner.scan_tcat_devices() + device = select_device_by_user_input(tcat_devices) + + if device is None: + return CommandResultNone() + + ble_sstream = None + + print(f'Connecting to {device}') + ble_stream = await BleStream.create(device.address, BBTC_SERVICE_UUID, BBTC_TX_CHAR_UUID, BBTC_RX_CHAR_UUID) + ble_sstream = BleStreamSecure(ble_stream) + ble_sstream.load_cert( + certfile=path.join('auth', 'commissioner_cert.pem'), + keyfile=path.join('auth', 'commissioner_key.pem'), + cafile=path.join('auth', 'ca_cert.pem'), + ) + + print('Setting up secure channel...') + await ble_sstream.do_handshake(hostname=SERVER_COMMON_NAME) + print('Done') + context['ble_sstream'] = ble_sstream diff --git a/tools/tcat_ble_client/cli/cli.py b/tools/tcat_ble_client/cli/cli.py new file mode 100644 index 00000000000..bfe6cd3d1f2 --- /dev/null +++ b/tools/tcat_ble_client/cli/cli.py @@ -0,0 +1,97 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +import readline +import shlex +from ble.ble_stream_secure import BleStreamSecure +from cli.base_commands import (HelpCommand, HelloCommand, CommissionCommand, ThreadStateCommand, ScanCommand) +from cli.dataset_commands import (DatasetCommand) +from dataset.dataset import ThreadDataset +from typing import Optional + + +class CLI: + + def __init__(self, dataset: ThreadDataset, ble_sstream: Optional[BleStreamSecure] = None): + self._commands = { + 'help': HelpCommand(), + 'hello': HelloCommand(), + 'commission': CommissionCommand(), + 'dataset': DatasetCommand(), + 'thread': ThreadStateCommand(), + 'scan': ScanCommand(), + } + self._context = {'ble_sstream': ble_sstream, 'dataset': dataset, 'commands': self._commands} + readline.set_completer(self.completer) + readline.parse_and_bind('tab: complete') + + def completer(self, text, state): + command_pool = self._commands.keys() + full_line = readline.get_line_buffer().lstrip() + words = full_line.split() + + should_suggest_subcommands = len(words) > 1 or (len(words) == 1 and full_line[-1].isspace()) + if should_suggest_subcommands: + if words[0] not in self._commands.keys(): + return None + + current_command = self._commands[words[0]] + if full_line[-1].isspace(): + subcommands = words[1:] + else: + subcommands = words[1:-1] + for nextarg in subcommands: + if nextarg in current_command._subcommands.keys(): + current_command = current_command._subcommands[nextarg] + else: + return None + + if len(current_command._subcommands) == 0: + return None + + command_pool = current_command._subcommands.keys() + + options = [c for c in command_pool if c.startswith(text)] + if state < len(options): + return options[state] + else: + return None + + async def evaluate_input(self, user_input): + # do not parse empty commands + if not user_input.strip(): + return + + command_parts = shlex.split(user_input) + command = command_parts[0] + args = command_parts[1:] + + if command not in self._commands.keys(): + raise Exception('Invalid command: {}'.format(command)) + + return await self._commands[command].execute(args, self._context) diff --git a/tools/tcat_ble_client/cli/command.py b/tools/tcat_ble_client/cli/command.py new file mode 100644 index 00000000000..f494a3e7d67 --- /dev/null +++ b/tools/tcat_ble_client/cli/command.py @@ -0,0 +1,101 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from tlv.tlv import TLV +from tlv.tcat_tlv import TcatTLVType + +from abc import ABC, abstractmethod + + +class CommandResult(ABC): + + def __init__(self, value=None): + self.value = value + + @abstractmethod + def pretty_print(self): + pass + + +class Command(ABC): + + def __init__(self): + self._subcommands = {} + + async def execute(self, args, context) -> CommandResult: + if len(args) > 0 and args[0] in self._subcommands.keys(): + return await self.execute_subcommand(args, context) + + return await self.execute_default(args, context) + + async def execute_subcommand(self, args, context) -> CommandResult: + return await self._subcommands[args[0]].execute(args[1:], context) + + @abstractmethod + async def execute_default(self, args, context) -> CommandResult: + pass + + @abstractmethod + def get_help_string(self) -> str: + pass + + def print_help(self, indent=0): + indent_width = 4 + indentation = ' ' * indent_width * indent + print(f'{indentation}{self.get_help_string()}') + + if 'help' in self._subcommands.keys(): + print(f'{indentation}"help" command available.') + elif len(self._subcommands) != 0: + print(f'{indentation}Subcommands:') + for name, sc in self._subcommands.items(): + print(f'{indentation}{" " * indent_width}{name}\t- ', end='') + sc.print_help() + + +class CommandResultTLV(CommandResult): + + def pretty_print(self): + tlv: TLV = self.value + tlv_type = TcatTLVType.from_value(tlv.type) + print('Result: TLV:') + if tlv_type is not None: + print(f'\tTYPE:\t{TcatTLVType.from_value(tlv.type).name}') + else: + print(f'\tTYPE:\tunknown: {hex(tlv.type)} ({tlv.type})') + print(f'\tLEN:\t{len(tlv.value)}') + if tlv_type == TcatTLVType.APPLICATION: + print(f'\tVALUE:\t{tlv.value.decode("ascii")}') + else: + print(f'\tVALUE:\t0x{tlv.value.hex()}') + + +class CommandResultNone(CommandResult): + + def pretty_print(self): + pass diff --git a/tools/tcat_ble_client/cli/dataset_commands.py b/tools/tcat_ble_client/cli/dataset_commands.py new file mode 100644 index 00000000000..aa54c82d74a --- /dev/null +++ b/tools/tcat_ble_client/cli/dataset_commands.py @@ -0,0 +1,221 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from cli.command import Command, CommandResultNone +from dataset.dataset import ThreadDataset, initial_dataset +from tlv.dataset_tlv import MeshcopTlvType + + +def handle_dataset_entry_command(type: MeshcopTlvType, args, context): + ds: ThreadDataset = context['dataset'] + if len(args) == 0: + ds.get_entry(type).print_content() + return CommandResultNone() + + ds.set_entry(type, args) + print('Done.') + return CommandResultNone() + + +class DatasetHelpCommand(Command): + + def get_help_string(self) -> str: + return 'Display help message and return.' + + async def execute_default(self, args, context): + indent_width = 4 + indentation = ' ' * indent_width + commands: ThreadDataset = context['commands'] + ds_command: Command = commands['dataset'] + print(ds_command.get_help_string()) + print('Subcommands:') + for name, subcommand in ds_command._subcommands.items(): + print(f'{indentation}{name}') + print(f'{indentation}{" " * indent_width}{subcommand.get_help_string()}') + return CommandResultNone() + + +class PrintDatasetHexCommand(Command): + + def get_help_string(self) -> str: + return 'Print current dataset as a hexadecimal string.' + + async def execute_default(self, args, context): + ds: ThreadDataset = context['dataset'] + print(ds.to_bytes().hex()) + return CommandResultNone() + + +class ReloadDatasetCommand(Command): + + def get_help_string(self) -> str: + return 'Reset dataset to the initial value.' + + async def execute_default(self, args, context): + context['dataset'].set_from_bytes(initial_dataset) + return CommandResultNone() + + +class ActiveTimestampCommand(Command): + + def get_help_string(self) -> str: + return 'View and set ActiveTimestamp seconds. Arguments: [seconds (int)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.ACTIVETIMESTAMP, args, context) + + +class PendingTimestampCommand(Command): + + def get_help_string(self) -> str: + return 'View and set PendingTimestamp seconds. Arguments: [seconds (int)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.PENDINGTIMESTAMP, args, context) + + +class NetworkKeyCommand(Command): + + def get_help_string(self) -> str: + return 'View and set NetworkKey. Arguments: [nk (hexstring, len=32)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.NETWORKKEY, args, context) + + +class NetworkNameCommand(Command): + + def get_help_string(self) -> str: + return 'View and set NetworkName. Arguments: [nn (string, maxlen=16)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.NETWORKNAME, args, context) + + +class ExtPanIDCommand(Command): + + def get_help_string(self) -> str: + return 'View and set ExtPanID. Arguments: [extpanid (hexstring, len=16)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.EXTPANID, args, context) + + +class MeshLocalPrefixCommand(Command): + + def get_help_string(self) -> str: + return 'View and set MeshLocalPrefix. Arguments: [mlp (hexstring, len=16)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.MESHLOCALPREFIX, args, context) + + +class DelayTimerCommand(Command): + + def get_help_string(self) -> str: + return 'View and set DelayTimer delay. Arguments: [delay (int)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.DELAYTIMER, args, context) + + +class PanIDCommand(Command): + + def get_help_string(self) -> str: + return 'View and set PanID. Arguments: [panid (hexstring, len=4)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.PANID, args, context) + + +class ChannelCommand(Command): + + def get_help_string(self) -> str: + return 'View and set Channel. Arguments: [channel (int)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.CHANNEL, args, context) + + +class ChannelMaskCommand(Command): + + def get_help_string(self) -> str: + return 'View and set ChannelMask. Arguments: [mask (hexstring)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.CHANNELMASK, args, context) + + +class PskcCommand(Command): + + def get_help_string(self) -> str: + return 'View and set Pskc. Arguments: [pskc (hexstring, maxlen=32)]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.PSKC, args, context) + + +class SecurityPolicyCommand(Command): + + def get_help_string(self) -> str: + return 'View and set SecurityPolicy. Arguments: '\ + '[ [flags (string)] [version_threshold (int)]]' + + async def execute_default(self, args, context): + return handle_dataset_entry_command(MeshcopTlvType.SECURITYPOLICY, args, context) + + +class DatasetCommand(Command): + + def __init__(self): + self._subcommands = { + 'help': DatasetHelpCommand(), + 'hex': PrintDatasetHexCommand(), + 'reload': ReloadDatasetCommand(), + 'activetimestamp': ActiveTimestampCommand(), + 'pendingtimestamp': PendingTimestampCommand(), + 'networkkey': NetworkKeyCommand(), + 'networkname': NetworkNameCommand(), + 'extpanid': ExtPanIDCommand(), + 'meshlocalprefix': MeshLocalPrefixCommand(), + 'delay': DelayTimerCommand(), + 'panid': PanIDCommand(), + 'channel': ChannelCommand(), + 'channelmask': ChannelMaskCommand(), + 'pskc': PskcCommand(), + 'securitypolicy': SecurityPolicyCommand() + } + + def get_help_string(self) -> str: + return 'View and manipulate current dataset. ' \ + 'Call without parameters to show current dataset.' + + async def execute_default(self, args, context): + ds: ThreadDataset = context['dataset'] + ds.print_content() + return CommandResultNone() diff --git a/tools/tcat_ble_client/dataset/dataset.py b/tools/tcat_ble_client/dataset/dataset.py new file mode 100644 index 00000000000..2ec4cdda8cd --- /dev/null +++ b/tools/tcat_ble_client/dataset/dataset.py @@ -0,0 +1,64 @@ +""" + Copyright (c) 2023 Nordic Semiconductor ASA + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +""" + +from typing import Dict, List + +from tlv.tlv import TLV +from tlv.dataset_tlv import MeshcopTlvType +from dataset.dataset_entries import DatasetEntry, create_dataset_entry + +initial_dataset = bytes([ + 0x0E, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x12, 0x35, 0x06, 0x00, 0x04, + 0x00, 0x1F, 0xFF, 0xE0, 0x02, 0x08, 0xEF, 0x13, 0x98, 0xC2, 0xFD, 0x50, 0x4B, 0x67, 0x07, 0x08, 0xFD, 0x35, 0x34, + 0x41, 0x33, 0xD1, 0xD7, 0x3E, 0x05, 0x10, 0xFD, 0xA7, 0xC7, 0x71, 0xA2, 0x72, 0x02, 0xE2, 0x32, 0xEC, 0xD0, 0x4C, + 0xF9, 0x34, 0xF4, 0x76, 0x03, 0x0F, 0x4F, 0x70, 0x65, 0x6E, 0x54, 0x68, 0x72, 0x65, 0x61, 0x64, 0x2D, 0x63, 0x36, + 0x34, 0x65, 0x01, 0x02, 0xC6, 0x4E, 0x04, 0x10, 0x5E, 0x9B, 0x9B, 0x36, 0x0F, 0x80, 0xB8, 0x8B, 0xE2, 0x60, 0x3F, + 0xB0, 0x13, 0x5C, 0x8D, 0x65, 0x0C, 0x04, 0x02, 0xA0, 0xF7, 0xF8 +]) + + +class ThreadDataset: + + def __init__(self): + self.entries: Dict[MeshcopTlvType, DatasetEntry] = {} + self.set_from_bytes(initial_dataset) + + def print_content(self): + for type, entry in self.entries.items(): + print(f'{type.name}:') + entry.print_content(indent=1) + print() + + def set_from_bytes(self, bytes): + for tlv in TLV.parse_tlvs(bytes): + type = MeshcopTlvType.from_value(tlv.type) + self.entries[type] = create_dataset_entry(type) + self.entries[type].set_from_tlv(tlv) + + def to_bytes(self): + res = bytes() + for entry in self.entries.values(): + res += entry.to_tlv().to_bytes() + return res + + def get_entry(self, type: MeshcopTlvType): + return self.entries[type] + + def set_entry(self, type: MeshcopTlvType, args: List[str]): + if type in self.entries: + self.entries[type].set(args) + return + raise KeyError(f'Key {type} not available in the dataset.') diff --git a/tools/tcat_ble_client/dataset/dataset_entries.py b/tools/tcat_ble_client/dataset/dataset_entries.py new file mode 100644 index 00000000000..20d470e36d6 --- /dev/null +++ b/tools/tcat_ble_client/dataset/dataset_entries.py @@ -0,0 +1,502 @@ +""" + Copyright (c) 2023 Nordic Semiconductor ASA + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +""" + +import struct +import inspect +from typing import List +from abc import ABC, abstractmethod + +from tlv.dataset_tlv import MeshcopTlvType +from tlv.tlv import TLV + + +class DatasetEntry(ABC): + + def __init__(self, type: MeshcopTlvType): + self.type = type + self.length = None + self.maxlen = None + + def print_content(self, indent: int = 0, excluded_fields: List[str] = []): + excluded_fields += ['length', 'maxlen', 'type'] + indentation = " " * 4 * indent + for attr_name in dir(self): + if not attr_name.startswith('_') and attr_name not in excluded_fields: + value = getattr(self, attr_name) + if not inspect.ismethod(value): + if isinstance(value, bytes): + value = value.hex() + print(f'{indentation}{attr_name}: {value}') + + @abstractmethod + def to_tlv(self) -> TLV: + pass + + @abstractmethod + def set_from_tlv(self, tlv: TLV): + pass + + @abstractmethod + def set(self, args: List[str]): + pass + + +class ActiveTimestamp(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.ACTIVETIMESTAMP) + self.length = 8 # spec defined + self.seconds = 0 + self.ubit = 0 + self.ticks = 0 + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for ActiveTimestamp') + self._seconds = int(args[0]) + + def set_from_tlv(self, tlv: TLV): + (value,) = struct.unpack('>Q', tlv.value) + self.ubit = value & 0x1 + self.ticks = (value >> 1) & 0x7FFF + self.seconds = (value >> 16) & 0xFFFF + + def to_tlv(self): + value = (self.seconds << 16) | (self.ticks << 1) | self.ubit + tlv = struct.pack('>BBQ', self.type.value, self.length, value) + return TLV.from_bytes(tlv) + + +class PendingTimestamp(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.PENDINGTIMESTAMP) + self.length = 8 # spec defined + self.seconds = 0 + self.ubit = 0 + self.ticks = 0 + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for PendingTimestamp') + self._seconds = int(args[0]) + + def set_from_tlv(self, tlv: TLV): + (value,) = struct.unpack('>Q', tlv.value) + self.ubit = value & 0x1 + self.ticks = (value >> 1) & 0x7FFF + self.seconds = (value >> 16) & 0xFFFF + + def to_tlv(self): + value = (self.seconds << 16) | (self.ticks << 1) | self.ubit + tlv = struct.pack('>BBQ', self.type.value, self.length, value) + return TLV.from_bytes(tlv) + + +class NetworkKey(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.NETWORKKEY) + self.length = 16 # spec defined + self.data: str = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for NetworkKey') + if args[0].startswith('0x'): + args[0] = args[0][2:] + nk = args[0] + if len(nk) != self.length * 2: # need length * 2 hex characters + raise ValueError('Invalid length of NetworkKey') + self.data = nk + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.hex() + + def to_tlv(self): + if len(self.data) != self.length * 2: # need length * 2 hex characters + raise ValueError('Invalid length of NetworkKey') + value = bytes.fromhex(self.data) + tlv = struct.pack('>BB', self.type.value, self.length) + value + return TLV.from_bytes(tlv) + + +class NetworkName(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.NETWORKNAME) + self.maxlen = 16 + self.data: str = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for NetworkName') + nn = args[0] + if len(nn) > self.maxlen: + raise ValueError('Invalid length of NetworkName') + self.data = nn + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.decode('utf-8') + + def to_tlv(self): + length_value = len(self.data) + value = self.data.encode('utf-8') + tlv = struct.pack('>BB', self.type.value, length_value) + value + return TLV.from_bytes(tlv) + + +class ExtPanID(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.EXTPANID) + self.length = 8 # spec defined + self.data: str = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for ExtPanID') + if args[0].startswith('0x'): + args[0] = args[0][2:] + epid = args[0] + if len(epid) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of ExtPanID') + self.data = epid + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.hex() + + def to_tlv(self): + if len(self.data) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of ExtPanID') + + value = bytes.fromhex(self.data) + tlv = struct.pack('>BB', self.type.value, self.length) + value + return TLV.from_bytes(tlv) + + +class MeshLocalPrefix(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.MESHLOCALPREFIX) + self.length = 8 # spec defined + self.data = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for MeshLocalPrefix') + if args[0].startswith('0x'): + args[0] = args[0][2:] + mlp = args[0] + if len(mlp) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of MeshLocalPrefix') + self.data = mlp + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.hex() + + def to_tlv(self): + if len(self.data) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of MeshLocalPrefix') + + value = bytes.fromhex(self.data) + tlv = struct.pack('>BB', self.type.value, self.length) + value + return TLV.from_bytes(tlv) + + +class DelayTimer(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.DELAYTIMER) + self.length = 4 # spec defined + self.time_remaining = 0 + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for DelayTimer') + dt = int(args[0]) + self.time_remaining = dt + + def set_from_tlv(self, tlv: TLV): + self.time_remaining = tlv.value + + def to_tlv(self): + value = self.time_remaining + tlv = struct.pack('>BBI', self.type.value, self.length, value) + return TLV.from_bytes(tlv) + + +class PanID(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.PANID) + self.length = 2 # spec defined + self.data: str = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for PanID') + if args[0].startswith('0x'): + args[0] = args[0][2:] + pid = args[0] + if len(pid) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of PanID') + self.data = pid + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.hex() + + def to_tlv(self): + if len(self.data) != self.length * 2: # need length*2 hex characters + raise ValueError('Invalid length of PanID') + + value = bytes.fromhex(self.data) + tlv = struct.pack('>BB', self.type.value, self.length) + value + return TLV.from_bytes(tlv) + + +class Channel(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.CHANNEL) + self.length = 3 # spec defined + self.channel_page = 0 + self.channel = 0 + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for Channel') + channel = int(args[0]) + self.channel = channel + + def set_from_tlv(self, tlv: TLV): + self.channel = int.from_bytes(tlv.value[1:3], byteorder='big') + self.channel_page = tlv.value[0] + + def to_tlv(self): + tlv = struct.pack('>BBB', self.type.value, self.length, self.channel_page) + tlv += struct.pack('>H', self.channel) + return TLV.from_bytes(tlv) + + +class Pskc(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.PSKC) + self.maxlen = 16 + self.data = '' + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for Pskc') + if args[0].startswith('0x'): + args[0] = args[0][2:] + pskc = args[0] + if (len(pskc) > self.maxlen * 2): + raise ValueError('Invalid length of Pskc. Can be max ' f'{self.length * 2} hex characters.') + self.data = pskc + + def set_from_tlv(self, tlv: TLV): + self.data = tlv.value.hex() + + def to_tlv(self): + # should not exceed max length*2 hex characters + if (len(self.data) > self.maxlen * 2): + raise ValueError('Invalid length of Pskc') + + length_value = len(self.data) // 2 + value = bytes.fromhex(self.data) + tlv = struct.pack('>BB', self.type.value, length_value) + value + return TLV.from_bytes(tlv) + + +class SecurityPolicy(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.SECURITYPOLICY) + self.length = 4 # spec defined + self.rotation_time = 0 + self.out_of_band = 0 # o + self.native = 0 # n + self.routers_1_2 = 0 # r + self.external_commissioners = 0 # c + self.reserved = 0 + self.commercial_commissioning_off = 0 # C + self.autonomous_enrollment_off = 0 # e + self.networkkey_provisioning_off = 0 # p + self.thread_over_ble = 0 + self.non_ccm_routers_off = 0 # R + self.rsv = 0b111 + self.version_threshold = 0 + + def set(self, args: List[str]): + if len(args) == 0: + raise ValueError('No argument for SecurityPolicy') + rotation_time, flags, version_threshold = args + [None] * (3 - len(args)) + self.rotation_time = int(rotation_time) & 0xffff + + if flags: + self.out_of_band = 1 if 'o' in flags else 0 + self.native = 1 if 'n' in flags else 0 + self.routers_1_2 = 1 if 'r' in flags else 0 + self.external_commissioners = 1 if 'c' in flags else 0 + self.commercial_commissioning_off = 0 if 'C' in flags else 1 + self.autonomous_enrollment_off = 0 if 'e' in flags else 1 + self.networkkey_provisioning_off = 0 if 'p' in flags else 1 + self.non_ccm_routers_off = 0 if 'R' in flags else 1 + + if version_threshold: + self.version_threshold = int(version_threshold) & 0b111 + + def set_from_tlv(self, tlv: TLV): + value = int.from_bytes(tlv.value, byteorder='big') + + self.rotation_time = (value >> 16) & 0xFFFF + self.out_of_band = (value >> 15) & 0x1 + self.native = (value >> 14) & 0x1 + self.routers_1_2 = (value >> 13) & 0x1 + self.external_commissioners = (value >> 12) & 0x1 + self.reserved = (value >> 11) & 0x1 + self.commercial_commissioning_off = (value >> 10) & 0x1 + self.autonomous_enrollment_off = (value >> 9) & 0x1 + self.networkkey_provisioning_off = (value >> 8) & 0x1 + self.thread_over_ble = (value >> 7) & 0x1 + self.non_ccm_routers_off = (value >> 6) & 0x1 + self.rsv = (value >> 3) & 0x7 + self.version_threshold = value & 0x7 + + def to_tlv(self): + value = self.rotation_time << 16 + value |= self.out_of_band << 15 + value |= self.native << 14 + value |= self.routers_1_2 << 13 + value |= self.external_commissioners << 12 + value |= self.reserved << 11 + value |= self.commercial_commissioning_off << 10 + value |= self.autonomous_enrollment_off << 9 + value |= self.networkkey_provisioning_off << 8 + value |= self.thread_over_ble << 7 + value |= self.non_ccm_routers_off << 6 + value |= self.rsv << 3 + value |= self.version_threshold + tlv = struct.pack('>BBI', self.type.value, self.length, value) + return TLV.from_bytes(tlv) + + def print_content(self, indent: int = 0): + flags = '' + if self.out_of_band: + flags += 'o' + if self.native: + flags += 'n' + if self.routers_1_2: + flags += 'r' + if self.external_commissioners: + flags += 'c' + if not self.commercial_commissioning_off: + flags += 'C' + if not self.autonomous_enrollment_off: + flags += 'e' + if not self.networkkey_provisioning_off: + flags += 'p' + if not self.non_ccm_routers_off: + flags += 'R' + indentation = " " * 4 * indent + print(f'{indentation}rotation_time: {self.rotation_time}') + print(f'{indentation}flags: {flags}') + print(f'{indentation}version_threshold: {self.version_threshold}') + + +class ChannelMask(DatasetEntry): + + def __init__(self): + super().__init__(MeshcopTlvType.CHANNELMASK) + self.entries: List[ChannelMaskEntry] = [] + + def set(self, args: List[str]): + # to remain consistent with the OpenThread CLI API, + # provided hex string is value of the first channel mask entry + if len(args) == 0: + raise ValueError('No argument for ChannelMask') + if args[0].startswith('0x'): + args[0] = args[0][2:] + channelmsk = bytes.fromhex(args[0]) + self.entries = [ChannelMaskEntry()] + self.entries[0].channel_mask = channelmsk + + def print_content(self, indent: int = 0): + super().print_content(indent=indent, excluded_fields=['entries']) + indentation = " " * 4 * indent + for i, entry in enumerate(self.entries): + print(f'{indentation}ChannelMaskEntry {i}') + entry.print_content(indent=indent + 1) + + def set_from_tlv(self, tlv: TLV): + self.entries = [] + for mask_entry_tlv in TLV.parse_tlvs(tlv.value): + new_entry = ChannelMaskEntry() + new_entry.set_from_tlv(mask_entry_tlv) + self.entries.append(new_entry) + + def to_tlv(self): + tlv_value = b''.join(mask_entry.to_tlv().to_bytes() for mask_entry in self.entries) + tlv = struct.pack('>BB', self.type.value, len(tlv_value)) + tlv_value + return TLV.from_bytes(tlv) + + +class ChannelMaskEntry(DatasetEntry): + + def __init__(self): + self.channel_page = 0 + self.channel_mask: bytes = None + + def set(self, args: List[str]): + pass + + def set_from_tlv(self, tlv: TLV): + self.channel_page = tlv.type + self.mask_length = len(tlv.value) + self.channel_mask = tlv.value + + def to_tlv(self): + mask_len = len(self.channel_mask) + tlv = struct.pack('>BB', self.channel_page, mask_len) + self.channel_mask + return TLV.from_bytes(tlv) + + +def create_dataset_entry(type: MeshcopTlvType, args=None): + entry_classes = { + MeshcopTlvType.ACTIVETIMESTAMP: ActiveTimestamp, + MeshcopTlvType.PENDINGTIMESTAMP: PendingTimestamp, + MeshcopTlvType.NETWORKKEY: NetworkKey, + MeshcopTlvType.NETWORKNAME: NetworkName, + MeshcopTlvType.EXTPANID: ExtPanID, + MeshcopTlvType.MESHLOCALPREFIX: MeshLocalPrefix, + MeshcopTlvType.DELAYTIMER: DelayTimer, + MeshcopTlvType.PANID: PanID, + MeshcopTlvType.CHANNEL: Channel, + MeshcopTlvType.PSKC: Pskc, + MeshcopTlvType.SECURITYPOLICY: SecurityPolicy, + MeshcopTlvType.CHANNELMASK: ChannelMask + } + + entry_class = entry_classes.get(type) + if not entry_class: + raise ValueError(f"Invalid configuration type: {type}") + + res = entry_class() + if args: + res.set(args) + return res diff --git a/tools/tcat_ble_client/poetry.lock b/tools/tcat_ble_client/poetry.lock new file mode 100644 index 00000000000..72a06109ff3 --- /dev/null +++ b/tools/tcat_ble_client/poetry.lock @@ -0,0 +1,318 @@ +# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand. + +[[package]] +name = "async-timeout" +version = "4.0.2" +description = "Timeout context manager for asyncio programs" +optional = false +python-versions = ">=3.6" +files = [ + {file = "async-timeout-4.0.2.tar.gz", hash = "sha256:2163e1640ddb52b7a8c80d0a67a08587e5d245cc9c553a74a847056bc2976b15"}, + {file = "async_timeout-4.0.2-py3-none-any.whl", hash = "sha256:8ca1e4fcf50d07413d66d1a5e416e42cfdf5851c981d679a09851a6853383b3c"}, +] + +[package.dependencies] +typing-extensions = {version = ">=3.6.5", markers = "python_version < \"3.8\""} + +[[package]] +name = "bleak" +version = "0.20.2" +description = "Bluetooth Low Energy platform Agnostic Klient" +optional = false +python-versions = ">=3.7,<4.0" +files = [ + {file = "bleak-0.20.2-py3-none-any.whl", hash = "sha256:ce3106b7258212d92bb77be06f9301774f51f5bbc9f7cd50976ad794e9514dba"}, + {file = "bleak-0.20.2.tar.gz", hash = "sha256:6c92a47abe34e6dea8ffc5cea9457cbff6e1be966854839dbc25cddb36b79ee4"}, +] + +[package.dependencies] +async-timeout = {version = ">=3.0.0,<5", markers = "python_version < \"3.11\""} +bleak-winrt = {version = ">=1.2.0,<2.0.0", markers = "platform_system == \"Windows\""} +dbus-fast = {version = ">=1.83.0,<2.0.0", markers = "platform_system == \"Linux\""} +pyobjc-core = {version = ">=9.0.1,<10.0.0", markers = "platform_system == \"Darwin\""} +pyobjc-framework-CoreBluetooth = {version = ">=9.0.1,<10.0.0", markers = "platform_system == \"Darwin\""} +pyobjc-framework-libdispatch = {version = ">=9.0.1,<10.0.0", markers = "platform_system == \"Darwin\""} +typing-extensions = {version = ">=4.2.0,<5.0.0", markers = "python_version < \"3.8\""} + +[[package]] +name = "bleak-winrt" +version = "1.2.0" +description = "Python WinRT bindings for Bleak" +optional = false +python-versions = "*" +files = [ + {file = "bleak-winrt-1.2.0.tar.gz", hash = "sha256:0577d070251b9354fc6c45ffac57e39341ebb08ead014b1bdbd43e211d2ce1d6"}, + {file = "bleak_winrt-1.2.0-cp310-cp310-win32.whl", hash = "sha256:a2ae3054d6843ae0cfd3b94c83293a1dfd5804393977dd69bde91cb5099fc47c"}, + {file = "bleak_winrt-1.2.0-cp310-cp310-win_amd64.whl", hash = "sha256:677df51dc825c6657b3ae94f00bd09b8ab88422b40d6a7bdbf7972a63bc44e9a"}, + {file = "bleak_winrt-1.2.0-cp311-cp311-win32.whl", hash = "sha256:9449cdb942f22c9892bc1ada99e2ccce9bea8a8af1493e81fefb6de2cb3a7b80"}, + {file = "bleak_winrt-1.2.0-cp311-cp311-win_amd64.whl", hash = "sha256:98c1b5a6a6c431ac7f76aa4285b752fe14a1c626bd8a1dfa56f66173ff120bee"}, + {file = "bleak_winrt-1.2.0-cp37-cp37m-win32.whl", hash = "sha256:623ac511696e1f58d83cb9c431e32f613395f2199b3db7f125a3d872cab968a4"}, + {file = "bleak_winrt-1.2.0-cp37-cp37m-win_amd64.whl", hash = "sha256:13ab06dec55469cf51a2c187be7b630a7a2922e1ea9ac1998135974a7239b1e3"}, + {file = "bleak_winrt-1.2.0-cp38-cp38-win32.whl", hash = "sha256:5a36ff8cd53068c01a795a75d2c13054ddc5f99ce6de62c1a97cd343fc4d0727"}, + {file = "bleak_winrt-1.2.0-cp38-cp38-win_amd64.whl", hash = "sha256:810c00726653a962256b7acd8edf81ab9e4a3c66e936a342ce4aec7dbd3a7263"}, + {file = "bleak_winrt-1.2.0-cp39-cp39-win32.whl", hash = "sha256:dd740047a08925bde54bec357391fcee595d7b8ca0c74c87170a5cbc3f97aa0a"}, + {file = "bleak_winrt-1.2.0-cp39-cp39-win_amd64.whl", hash = "sha256:63130c11acfe75c504a79c01f9919e87f009f5e742bfc7b7a5c2a9c72bf591a7"}, +] + +[[package]] +name = "colorama" +version = "0.4.6" +description = "Cross-platform colored terminal text." +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +files = [ + {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, + {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, +] + +[[package]] +name = "dbus-fast" +version = "1.90.1" +description = "A faster version of dbus-next" +optional = false +python-versions = ">=3.7,<4.0" +files = [ + {file = "dbus_fast-1.90.1-cp310-cp310-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:657f9f292f770b50c755bc9cc3607ec0901a607d6d6e31c67aa953b73b31d66a"}, + {file = "dbus_fast-1.90.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:229cb2dc0942dfe36ce4f5a49cacb7f39ae05527c6ccec66b9a670ca7a02129a"}, + {file = "dbus_fast-1.90.1-cp310-cp310-manylinux_2_31_x86_64.whl", hash = "sha256:4978d6dca49b778c426f279f014554e29ece6bfc7530fa8ab9d258f068e5954e"}, + {file = "dbus_fast-1.90.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:2161851a1f90a1c2fe064d1870b04bdca0033b42fdc97cc7d5132637227ac915"}, + {file = "dbus_fast-1.90.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:0012799b154fb6b066ff6948f5edd0c6bf8655fca6f3578fc78598334f9f978b"}, + {file = "dbus_fast-1.90.1-cp311-cp311-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:0b97748928e3e56bc98f292be894d1d3c2a4acc58555795a3aa3b74769b96542"}, + {file = "dbus_fast-1.90.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f2baa2e1053ded0a5ccdefc651ee8fcd09d6f4f864b9f301363dbf0545f95a89"}, + {file = "dbus_fast-1.90.1-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:0262ab1d3d07ac892645d4cec54daabd3ba4a096ca4c4b2e9f09abd1819ca663"}, + {file = "dbus_fast-1.90.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:c39a352a893923d255031d15fa005ac5f5df2d1195729f206fc79a95b219daed"}, + {file = "dbus_fast-1.90.1-cp37-cp37m-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:bd012a0ed7e6479bcc5b0efe91a45c3abb3e0e4e371a28c0f3c347cb9baffe8a"}, + {file = "dbus_fast-1.90.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a3e895adfa89a6c08d23fd22707bd5ea8a301579f3a6ff8bd33df1e94ea16e8a"}, + {file = "dbus_fast-1.90.1-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:a94806e9990b6a7fd4896ee2a979c20af4e5ba76bfddda55a7a79f4da268b51f"}, + {file = "dbus_fast-1.90.1-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:ae0b95a08db0a7e38452926c8d5964d41e5f20d8c89fd00b8913ec4f1908f7bd"}, + {file = "dbus_fast-1.90.1-cp38-cp38-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:3ce5153accbbb7fc2aeab055f46d5611c4c57978d43feba9257fba53c338ebbe"}, + {file = "dbus_fast-1.90.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f3b05b68a7be76df3e4833c72d9fadf1b934359ed3fabd69ed205eaa18d132a6"}, + {file = "dbus_fast-1.90.1-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:d407eb9a3581ee5cc047a664d3d15e9846e5a1c0b3565922c72ffe15fea590f2"}, + {file = "dbus_fast-1.90.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:85f06e4cbf560e682930f0d23ea93b1887c40db00b98ee4d6a207aa2a616851e"}, + {file = "dbus_fast-1.90.1-cp39-cp39-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:28a4ee863b4a42351afb38ce9432850922dc2f0d9d9863f98fcb47e23b710572"}, + {file = "dbus_fast-1.90.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2fd6090c794ca3404702b59cb4dc92f674e26a15bb79a9d5ae0236658c10cac5"}, + {file = "dbus_fast-1.90.1-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:9e7be16e96bcad521f2c045561799fc486047b6e1ce071c35a5cea36a9ed19f4"}, + {file = "dbus_fast-1.90.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:01f582d9c3f24e1721f3dd9a62c7a558c7c8406752eb042738623b9d89f454e9"}, + {file = "dbus_fast-1.90.1-pp310-pypy310_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:085fd80c7ea3e41a2ac32e419611036a042593778fecb4d92526a22fd2be2c0b"}, + {file = "dbus_fast-1.90.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux_2_5_x86_64.manylinux1_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8e0dbffd42875d31d0c7e2407eff685d5cb2dfa7c0448079c96ef2cec0afe8be"}, + {file = "dbus_fast-1.90.1-pp37-pypy37_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:04eaaea336059909b5cb51c897fc343e038e80f698a049b1bf3002d162d4fec7"}, + {file = "dbus_fast-1.90.1-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7fc215dbccb798df07ee6104b984ae09c159ed3a633df915c3c6dd9df97af753"}, + {file = "dbus_fast-1.90.1-pp38-pypy38_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:74f7afaf780fbbc7f39cc8167ec585f8e7ce140d214768f5c296c2b03d23e571"}, + {file = "dbus_fast-1.90.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3f12c7bcec416e28ba1f741e43ad2eef7eb3c677838208cf6a801ced711b508c"}, + {file = "dbus_fast-1.90.1-pp39-pypy39_pp73-manylinux_2_17_i686.manylinux_2_5_i686.manylinux1_i686.manylinux2014_i686.whl", hash = "sha256:c0811b7bdfdce40072fd7c29f0c7e0145982b981bb068efd79a5e43ef14150e5"}, + {file = "dbus_fast-1.90.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e1f00197e08c7c5837861624fd1afb8e1d8331d4e28e8d2ff01dc17ac2305ae2"}, + {file = "dbus_fast-1.90.1.tar.gz", hash = "sha256:eff98b45443681bd8876bbb1444b35112d62e8d12157f004d88ebe5f0481d5b7"}, +] + +[[package]] +name = "exceptiongroup" +version = "1.1.2" +description = "Backport of PEP 654 (exception groups)" +optional = false +python-versions = ">=3.7" +files = [ + {file = "exceptiongroup-1.1.2-py3-none-any.whl", hash = "sha256:e346e69d186172ca7cf029c8c1d16235aa0e04035e5750b4b95039e65204328f"}, + {file = "exceptiongroup-1.1.2.tar.gz", hash = "sha256:12c3e887d6485d16943a309616de20ae5582633e0a2eda17f4e10fd61c1e8af5"}, +] + +[package.extras] +test = ["pytest (>=6)"] + +[[package]] +name = "importlib-metadata" +version = "6.7.0" +description = "Read metadata from Python packages" +optional = false +python-versions = ">=3.7" +files = [ + {file = "importlib_metadata-6.7.0-py3-none-any.whl", hash = "sha256:cb52082e659e97afc5dac71e79de97d8681de3aa07ff18578330904a9d18e5b5"}, + {file = "importlib_metadata-6.7.0.tar.gz", hash = "sha256:1aaf550d4f73e5d6783e7acb77aec43d49da8017410afae93822cc9cca98c4d4"}, +] + +[package.dependencies] +typing-extensions = {version = ">=3.6.4", markers = "python_version < \"3.8\""} +zipp = ">=0.5" + +[package.extras] +docs = ["furo", "jaraco.packaging (>=9)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"] +perf = ["ipython"] +testing = ["flufl.flake8", "importlib-resources (>=1.3)", "packaging", "pyfakefs", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=1.3)", "pytest-mypy (>=0.9.1)", "pytest-perf (>=0.9.2)", "pytest-ruff"] + +[[package]] +name = "iniconfig" +version = "2.0.0" +description = "brain-dead simple config-ini parsing" +optional = false +python-versions = ">=3.7" +files = [ + {file = "iniconfig-2.0.0-py3-none-any.whl", hash = "sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374"}, + {file = "iniconfig-2.0.0.tar.gz", hash = "sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3"}, +] + +[[package]] +name = "packaging" +version = "23.1" +description = "Core utilities for Python packages" +optional = false +python-versions = ">=3.7" +files = [ + {file = "packaging-23.1-py3-none-any.whl", hash = "sha256:994793af429502c4ea2ebf6bf664629d07c1a9fe974af92966e4b8d2df7edc61"}, + {file = "packaging-23.1.tar.gz", hash = "sha256:a392980d2b6cffa644431898be54b0045151319d1e7ec34f0cfed48767dd334f"}, +] + +[[package]] +name = "pluggy" +version = "1.2.0" +description = "plugin and hook calling mechanisms for python" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pluggy-1.2.0-py3-none-any.whl", hash = "sha256:c2fd55a7d7a3863cba1a013e4e2414658b1d07b6bc57b3919e0c63c9abb99849"}, + {file = "pluggy-1.2.0.tar.gz", hash = "sha256:d12f0c4b579b15f5e054301bb226ee85eeeba08ffec228092f8defbaa3a4c4b3"}, +] + +[package.dependencies] +importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} + +[package.extras] +dev = ["pre-commit", "tox"] +testing = ["pytest", "pytest-benchmark"] + +[[package]] +name = "pyobjc-core" +version = "9.2" +description = "Python<->ObjC Interoperability Module" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pyobjc-core-9.2.tar.gz", hash = "sha256:d734b9291fec91ff4e3ae38b9c6839debf02b79c07314476e87da8e90b2c68c3"}, + {file = "pyobjc_core-9.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:fa674a39949f5cde8e5c7bbcd24496446bfc67592b028aedbec7f81dc5fc4daa"}, + {file = "pyobjc_core-9.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:bbc8de304ee322a1ee530b4d2daca135a49b4a49aa3cedc6b2c26c43885f4842"}, + {file = "pyobjc_core-9.2-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:0fa950f092673883b8bd28bc18397415cabb457bf410920762109b411789ade9"}, + {file = "pyobjc_core-9.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:586e4cae966282eaa61b21cae66ccdcee9d69c036979def26eebdc08ddebe20f"}, + {file = "pyobjc_core-9.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:41189c2c680931c0395a55691763c481fc681f454f21bb4f1644f98c24a45954"}, + {file = "pyobjc_core-9.2-cp38-cp38-macosx_11_0_universal2.whl", hash = "sha256:2d23ee539f2ba5e9f5653d75a13f575c7e36586fc0086792739e69e4c2617eda"}, + {file = "pyobjc_core-9.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b9809cf96678797acb72a758f34932fe8e2602d5ab7abec15c5ac68ddb481720"}, +] + +[[package]] +name = "pyobjc-framework-cocoa" +version = "9.2" +description = "Wrappers for the Cocoa frameworks on macOS" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pyobjc-framework-Cocoa-9.2.tar.gz", hash = "sha256:efd78080872d8c8de6c2b97e0e4eac99d6203a5d1637aa135d071d464eb2db53"}, + {file = "pyobjc_framework_Cocoa-9.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:9e02d8a7cc4eb7685377c50ba4f17345701acf4c05b1e7480d421bff9e2f62a4"}, + {file = "pyobjc_framework_Cocoa-9.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:3b1e6287b3149e4c6679cdbccd8e9ef6557a4e492a892e80a77df143f40026d2"}, + {file = "pyobjc_framework_Cocoa-9.2-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:312977ce2e3989073c6b324c69ba24283de206fe7acd6dbbbaf3e29238a22537"}, + {file = "pyobjc_framework_Cocoa-9.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:aae7841cf40c26dd915f4dd828f91c6616e6b7998630b72e704750c09e00f334"}, + {file = "pyobjc_framework_Cocoa-9.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:739a421e14382a46cbeb9a883f192dceff368ad28ec34d895c48c0ad34cf2c1d"}, + {file = "pyobjc_framework_Cocoa-9.2-cp38-cp38-macosx_11_0_universal2.whl", hash = "sha256:32d9ac1033fac1b821ddee8c68f972a7074ad8c50bec0bea9a719034c1c2fb94"}, + {file = "pyobjc_framework_Cocoa-9.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b236bb965e41aeb2e215d4e98a5a230d4b63252c6d26e00924ea2e69540a59d6"}, +] + +[package.dependencies] +pyobjc-core = ">=9.2" + +[[package]] +name = "pyobjc-framework-corebluetooth" +version = "9.2" +description = "Wrappers for the framework CoreBluetooth on macOS" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pyobjc-framework-CoreBluetooth-9.2.tar.gz", hash = "sha256:cb2481b1dfe211ae9ce55f36537dc8155dbf0dc8ff26e0bc2e13f7afb0a291d1"}, + {file = "pyobjc_framework_CoreBluetooth-9.2-cp36-abi3-macosx_10_9_universal2.whl", hash = "sha256:53d888742119d0f0c725d0b0c2389f68e8f21f0cba6d6aec288c53260a0196b6"}, + {file = "pyobjc_framework_CoreBluetooth-9.2-cp36-abi3-macosx_10_9_x86_64.whl", hash = "sha256:179532882126526e38fe716a50fb0ee8f440e0b838d290252c515e622b5d0e49"}, + {file = "pyobjc_framework_CoreBluetooth-9.2-cp36-abi3-macosx_11_0_universal2.whl", hash = "sha256:256a5031ea9d8a7406541fa1b0dfac549b1de93deae8284605f9355b13fb58be"}, +] + +[package.dependencies] +pyobjc-core = ">=9.2" +pyobjc-framework-Cocoa = ">=9.2" + +[[package]] +name = "pyobjc-framework-libdispatch" +version = "9.2" +description = "Wrappers for libdispatch on macOS" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pyobjc-framework-libdispatch-9.2.tar.gz", hash = "sha256:542e7f7c2b041939db5ed6f3119c1d67d73ec14a996278b92485f8513039c168"}, + {file = "pyobjc_framework_libdispatch-9.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:88d4091d4bcb5702783d6e86b4107db973425a17d1de491543f56bd348909b60"}, + {file = "pyobjc_framework_libdispatch-9.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:1a67b007113328538b57893cc7829a722270764cdbeae6d5e1460a1d911314df"}, + {file = "pyobjc_framework_libdispatch-9.2-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:6fccea1a57436cf1ac50d9ebc6e3e725bcf77f829ba6b118e62e6ed7866d359d"}, + {file = "pyobjc_framework_libdispatch-9.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:6eba747b7ad91b0463265a7aee59235bb051fb97687f35ca2233690369b5e4e4"}, + {file = "pyobjc_framework_libdispatch-9.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:2e835495860d04f63c2d2f73ae3dd79da4222864c107096dc0f99e8382700026"}, + {file = "pyobjc_framework_libdispatch-9.2-cp38-cp38-macosx_11_0_universal2.whl", hash = "sha256:1b107e5c3580b09553030961ea6b17abad4a5132101eab1af3ad2cb36d0f08bb"}, + {file = "pyobjc_framework_libdispatch-9.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:83cdb672acf722717b5ecf004768f215f02ac02d7f7f2a9703da6e921ab02222"}, +] + +[package.dependencies] +pyobjc-core = ">=9.2" + +[[package]] +name = "pytest" +version = "7.4.0" +description = "pytest: simple powerful testing with Python" +optional = false +python-versions = ">=3.7" +files = [ + {file = "pytest-7.4.0-py3-none-any.whl", hash = "sha256:78bf16451a2eb8c7a2ea98e32dc119fd2aa758f1d5d66dbf0a59d69a3969df32"}, + {file = "pytest-7.4.0.tar.gz", hash = "sha256:b4bf8c45bd59934ed84001ad51e11b4ee40d40a1229d2c79f9c592b0a3f6bd8a"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "sys_platform == \"win32\""} +exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""} +importlib-metadata = {version = ">=0.12", markers = "python_version < \"3.8\""} +iniconfig = "*" +packaging = "*" +pluggy = ">=0.12,<2.0" +tomli = {version = ">=1.0.0", markers = "python_version < \"3.11\""} + +[package.extras] +testing = ["argcomplete", "attrs (>=19.2.0)", "hypothesis (>=3.56)", "mock", "nose", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] + +[[package]] +name = "tomli" +version = "2.0.1" +description = "A lil' TOML parser" +optional = false +python-versions = ">=3.7" +files = [ + {file = "tomli-2.0.1-py3-none-any.whl", hash = "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc"}, + {file = "tomli-2.0.1.tar.gz", hash = "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"}, +] + +[[package]] +name = "typing-extensions" +version = "4.7.1" +description = "Backported and Experimental Type Hints for Python 3.7+" +optional = false +python-versions = ">=3.7" +files = [ + {file = "typing_extensions-4.7.1-py3-none-any.whl", hash = "sha256:440d5dd3af93b060174bf433bccd69b0babc3b15b1a8dca43789fd7f61514b36"}, + {file = "typing_extensions-4.7.1.tar.gz", hash = "sha256:b75ddc264f0ba5615db7ba217daeb99701ad295353c45f9e95963337ceeeffb2"}, +] + +[[package]] +name = "zipp" +version = "3.15.0" +description = "Backport of pathlib-compatible object wrapper for zip files" +optional = false +python-versions = ">=3.7" +files = [ + {file = "zipp-3.15.0-py3-none-any.whl", hash = "sha256:48904fc76a60e542af151aded95726c1a5c34ed43ab4134b597665c86d7ad556"}, + {file = "zipp-3.15.0.tar.gz", hash = "sha256:112929ad649da941c23de50f356a2b5570c954b65150642bccdd66bf194d224b"}, +] + +[package.extras] +docs = ["furo", "jaraco.packaging (>=9)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"] +testing = ["big-O", "flake8 (<5)", "jaraco.functools", "jaraco.itertools", "more-itertools", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-checkdocs (>=2.4)", "pytest-cov", "pytest-enabler (>=1.3)", "pytest-flake8", "pytest-mypy (>=0.9.1)"] + +[metadata] +lock-version = "2.0" +python-versions = "^3.7" +content-hash = "488001f322904181b097ee8c0dd489ad81af39c4378d76f5945de9832077a315" diff --git a/tools/tcat_ble_client/pyproject.toml b/tools/tcat_ble_client/pyproject.toml new file mode 100644 index 00000000000..c28ac724db3 --- /dev/null +++ b/tools/tcat_ble_client/pyproject.toml @@ -0,0 +1,16 @@ +[build-system] +requires = ["poetry-core>=1.0.0"] +build-backend = "poetry.core.masonry.api" + +[tool.poetry] +name = "bbtc client" +version = "0.1.0" +description = "BBTC client for TCAT devices" +authors = ["Piotr Jasinski "] + +[tool.poetry.dependencies] +python = "^3.7" +bleak = "^0.20.2" +pytest ="^7.1.2" + +[tool.poetry.dev-dependencies] diff --git a/tools/tcat_ble_client/tlv/dataset_tlv.py b/tools/tcat_ble_client/tlv/dataset_tlv.py new file mode 100644 index 00000000000..4bd020c8db8 --- /dev/null +++ b/tools/tcat_ble_client/tlv/dataset_tlv.py @@ -0,0 +1,79 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from enum import Enum + + +class MeshcopTlvType(Enum): + CHANNEL = 0 + PANID = 1 + EXTPANID = 2 + NETWORKNAME = 3 + PSKC = 4 + NETWORKKEY = 5 + NETWORK_KEY_SEQUENCE = 6 + MESHLOCALPREFIX = 7 + STEERING_DATA = 8 + BORDER_AGENT_RLOC = 9 + COMMISSIONER_ID = 10 + COMM_SESSION_ID = 11 + SECURITYPOLICY = 12 + GET = 13 + ACTIVETIMESTAMP = 14 + COMMISSIONER_UDP_PORT = 15 + STATE = 16 + JOINER_DTLS = 17 + JOINER_UDP_PORT = 18 + JOINER_IID = 19 + JOINER_RLOC = 20 + JOINER_ROUTER_KEK = 21 + PROVISIONING_URL = 32 + VENDOR_NAME_TLV = 33 + VENDOR_MODEL_TLV = 34 + VENDOR_SW_VERSION_TLV = 35 + VENDOR_DATA_TLV = 36 + VENDOR_STACK_VERSION_TLV = 37 + UDP_ENCAPSULATION_TLV = 48 + IPV6_ADDRESS_TLV = 49 + PENDINGTIMESTAMP = 51 + DELAYTIMER = 52 + CHANNELMASK = 53 + COUNT = 54 + PERIOD = 55 + SCAN_DURATION = 56 + ENERGY_LIST = 57 + DISCOVERYREQUEST = 128 + DISCOVERYRESPONSE = 129 + JOINERADVERTISEMENT = 241 + + @classmethod + def from_value(cls, value: int): + return cls._value2member_map_.get(value) + + def to_bytes(self): + return bytes([self.value]) diff --git a/tools/tcat_ble_client/tlv/tcat_tlv.py b/tools/tcat_ble_client/tlv/tcat_tlv.py new file mode 100644 index 00000000000..cb5b49e0c7a --- /dev/null +++ b/tools/tcat_ble_client/tlv/tcat_tlv.py @@ -0,0 +1,45 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" +from enum import Enum + + +class TcatTLVType(Enum): + RESPONSE_W_STATUS = 0x01 + RESPONSE_W_PAYLOAD = 0x02 + ACTIVE_DATASET = 0x20 + DECOMMISSION = 0x60 + APPLICATION = 0x82 + THREAD_START = 0x27 + THREAD_STOP = 0x28 + + @classmethod + def from_value(cls, value: int): + return cls._value2member_map_.get(value) + + def to_bytes(self): + return bytes([self.value]) From b212a0a748070ccbda765c3ebed2aab8b6b08fce Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Fri, 9 Feb 2024 10:43:47 -0800 Subject: [PATCH 105/121] [srp] implement `AdvertisingProxy` and define `Dnssd` platform APIs (#9268) This commit adds a generic SRP Advertising Proxy implementation to OpenThread core, which uses a set of newly defined `otPlatDnssd` platform APIs for DNS-SD (mDNS) support on infrastructure network on a Border Router. `Srp::Server` provides `ServiceUpdateHandler` callback mechanism that allows platforms to implement their own advertising proxy function. While this is still supported, the new generic advertising proxy implementation makes it easier to port and support the proxy function on new platforms. The platform needs to provide the DNS-SD platform APIs, which are designed to be simple and easy to implement. The `AdvertisingProxy` directly interacts with `Srp::Server` and its registered `Host` and `Service` entries, tracking whether an entry has been successfully advertised, is currently being advertised, or has been replaced by a new registration. The `AdvertisingProxy` ensures that consecutive SRP updates for the same host or service are committed on the server in the order they are received, even if their advertisements are finished in a different order. This is important for SRP Replication support, as the server may receive a large number of SRP updates back-to-back for the same host. The `AdvertisingProxy` will also register key records for SRP host and service instance names. This will keep the claim on the name of a removed entry while its key lease is not expired. It is also used when an SRP host registration has no off-mesh routable address. This commit adds a detailed unit test `test_srp_adv_proxy` that validates the `AdvertisingProxy` under many scenarios. The test covers a range of cases, including delayed registration callbacks and timeouts, new registrations replacing outstanding advertisements, platform DNS-SD state changes and failures, host address changes adding/removing OMR addresses. --- doc/ot_api_doc.h | 3 +- etc/cmake/options.cmake | 1 + examples/platforms/simulation/CMakeLists.txt | 1 + examples/platforms/simulation/dnssd.c | 107 + include/openthread/BUILD.gn | 1 + include/openthread/instance.h | 2 +- include/openthread/platform/dnssd.h | 427 +++ script/check-scan-build | 1 + script/make-pretty | 1 + src/core/BUILD.gn | 4 + src/core/CMakeLists.txt | 2 + src/core/border_router/infra_if.cpp | 4 + src/core/common/heap_data.hpp | 11 + src/core/config/platform.h | 12 + src/core/config/srp_server.h | 10 + src/core/instance/instance.cpp | 8 + src/core/instance/instance.hpp | 20 +- src/core/net/dns_types.hpp | 10 +- src/core/net/dnssd.cpp | 158 + src/core/net/dnssd.hpp | 282 ++ src/core/net/srp_advertising_proxy.cpp | 1393 +++++++++ src/core/net/srp_advertising_proxy.hpp | 322 ++ src/core/net/srp_server.cpp | 107 +- src/core/net/srp_server.hpp | 32 +- tests/fuzz/oss-fuzz-build | 1 + ...openthread-core-toranj-config-simulation.h | 4 + tests/unit/CMakeLists.txt | 21 + tests/unit/test_platform.cpp | 77 + tests/unit/test_platform.h | 1 + tests/unit/test_srp_adv_proxy.cpp | 2781 +++++++++++++++++ 30 files changed, 5788 insertions(+), 16 deletions(-) create mode 100644 examples/platforms/simulation/dnssd.c create mode 100644 include/openthread/platform/dnssd.h create mode 100644 src/core/net/dnssd.cpp create mode 100644 src/core/net/dnssd.hpp create mode 100644 src/core/net/srp_advertising_proxy.cpp create mode 100644 src/core/net/srp_advertising_proxy.hpp create mode 100644 tests/unit/test_srp_adv_proxy.cpp diff --git a/doc/ot_api_doc.h b/doc/ot_api_doc.h index 3863a5a73ea..ac6ec5a8359 100644 --- a/doc/ot_api_doc.h +++ b/doc/ot_api_doc.h @@ -172,8 +172,10 @@ * @defgroup plat-ble BLE * @defgroup plat-crypto Crypto - Platform * @defgroup plat-dns DNS - Platform + * @defgroup plat-dns-sd DNS-SD (mDNS) * @defgroup plat-entropy Entropy * @defgroup plat-factory-diagnostics Factory Diagnostics - Platform + * @defgroup plat-infra-if Infrastructure Interface * @defgroup plat-logging Logging - Platform * @defgroup plat-memory Memory * @defgroup plat-messagepool Message Pool @@ -186,7 +188,6 @@ * @defgroup plat-time Time Service * @defgroup plat-toolchain Toolchain * @defgroup plat-trel TREL - Platform - * @defgroup plat-infra-if Infrastructure Interface * * @} * diff --git a/etc/cmake/options.cmake b/etc/cmake/options.cmake index 05176dea26f..bad9193d797 100644 --- a/etc/cmake/options.cmake +++ b/etc/cmake/options.cmake @@ -238,6 +238,7 @@ ot_option(OT_SERVICE OPENTHREAD_CONFIG_TMF_NETDATA_SERVICE_ENABLE "Network Data ot_option(OT_SETTINGS_RAM OPENTHREAD_SETTINGS_RAM "volatile-only storage of settings") ot_option(OT_SLAAC OPENTHREAD_CONFIG_IP6_SLAAC_ENABLE "SLAAC address") ot_option(OT_SNTP_CLIENT OPENTHREAD_CONFIG_SNTP_CLIENT_ENABLE "SNTP client") +ot_option(OT_SRP_ADV_PROXY OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE "SRP advertising proxy") ot_option(OT_SRP_CLIENT OPENTHREAD_CONFIG_SRP_CLIENT_ENABLE "SRP client") ot_option(OT_SRP_SERVER OPENTHREAD_CONFIG_SRP_SERVER_ENABLE "SRP server") ot_option(OT_TCP OPENTHREAD_CONFIG_TCP_ENABLE "TCP") diff --git a/examples/platforms/simulation/CMakeLists.txt b/examples/platforms/simulation/CMakeLists.txt index 945583d70db..41a1dbff6e9 100644 --- a/examples/platforms/simulation/CMakeLists.txt +++ b/examples/platforms/simulation/CMakeLists.txt @@ -63,6 +63,7 @@ add_library(openthread-simulation crypto.c diag.c dns.c + dnssd.c dso_transport.c entropy.c flash.c diff --git a/examples/platforms/simulation/dnssd.c b/examples/platforms/simulation/dnssd.c new file mode 100644 index 00000000000..7967dd48715 --- /dev/null +++ b/examples/platforms/simulation/dnssd.c @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "platform-simulation.h" + +#include + +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE +otPlatDnssdState otPlatDnssdGetState(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + + return OT_PLAT_DNSSD_STOPPED; +} + +void otPlatDnssdRegisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aService); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +void otPlatDnssdUnregisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aService); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +void otPlatDnssdRegisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHost); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +void otPlatDnssdUnregisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHost); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +void otPlatDnssdRegisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aKey); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +void otPlatDnssdUnregisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aKey); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +#endif // OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE diff --git a/include/openthread/BUILD.gn b/include/openthread/BUILD.gn index f779443aab9..5948fb73a39 100644 --- a/include/openthread/BUILD.gn +++ b/include/openthread/BUILD.gn @@ -91,6 +91,7 @@ source_set("openthread") { "platform/debug_uart.h", "platform/diag.h", "platform/dns.h", + "platform/dnssd.h", "platform/dso_transport.h", "platform/entropy.h", "platform/flash.h", diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 8eeb08f431a..3351997079a 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (394) +#define OPENTHREAD_API_VERSION (395) /** * @addtogroup api-instance diff --git a/include/openthread/platform/dnssd.h b/include/openthread/platform/dnssd.h new file mode 100644 index 00000000000..e7a2a7f0b0f --- /dev/null +++ b/include/openthread/platform/dnssd.h @@ -0,0 +1,427 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * @brief + * This file includes the platform abstraction for DNS-SD (e.g., mDNS) on the infrastructure network. + * + */ + +#ifndef OPENTHREAD_PLATFORM_DNSSD_H_ +#define OPENTHREAD_PLATFORM_DNSSD_H_ + +#include + +#include +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @addtogroup plat-dns-sd + * + * @brief + * This module includes the platform abstraction for DNS-SD (e.g., mDNS) on the infrastructure network. + * + * @{ + * + * The DNS-SD platform APIs are used only when `OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE` is enabled. + * + */ + +/** + * Represents the state of the DNS-SD platform. + * + */ +typedef enum otPlatDnssdState +{ + OT_PLAT_DNSSD_STOPPED, ///< Stopped and unable to register any service or host. + OT_PLAT_DNSSD_READY, ///< Running and ready to register service or host. +} otPlatDnssdState; + +/** + * Represents a request ID for registering/unregistering a service or host. + * + */ +typedef uint32_t otPlatDnssdRequestId; + +/** + * Represents the callback function used when registering/unregistering a host or service. + * + * See `otPlatDnssdRegisterService()`, `otPlatDnssdUnregisterService()`, `otPlatDnssdRegisterHost()`, and + * `otPlatDnssdUnregisterHost()` for more details about when to invoke the callback and the `aError` values that can + * be returned in each case. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aRequestId The request ID. + * @param[in] aError Error indicating the outcome of request. + * + */ +typedef void (*otPlatDnssdRegisterCallback)(otInstance *aInstance, otPlatDnssdRequestId aRequestId, otError aError); + +/** + * Represents a DNS-SD service. + * + * See `otPlatDnssdRegisterService()`, `otPlatDnssdUnregisterService()` for more details about fields in each case. + * + */ +typedef struct otPlatDnssdService +{ + const char *mHostName; ///< The host name (does not include domain name). + const char *mServiceInstance; ///< The service instance name label (not the full name). + const char *mServiceType; ///< The service type (e.g., "_mt._udp", does not include domain name). + const char *const *mSubTypeLabels; ///< Array of sub-type labels (can be NULL if no label). + uint16_t mSubTypeLabelsLength; ///< Length of array of sub-type labels. + const uint8_t *mTxtData; ///< Encoded TXT data bytes. + uint16_t mTxtDataLength; ///< Length of TXT data. + uint16_t mPort; ///< The service port number. + uint16_t mPriority; ///< The service priority. + uint16_t mWeight; ///< The service weight. + uint32_t mTtl; ///< The service TTL in seconds. + uint32_t mInfraIfIndex; ///< The infrastructure network interface index. +} otPlatDnssdService; + +/** + * Represents a DNS-SD host. + * + * See `otPlatDnssdRegisterHost()`, `otPlatDnssdUnregisterHost()` for more details about fields in each case. + * + */ +typedef struct otPlatDnssdHost +{ + const char *mHostName; ///< The host name (does not include domain name). + const otIp6Address *mAddresses; ///< Array of IPv6 host addresses. + uint16_t mAddressesLength; ///< Number of entries in @p mAddresses array. + uint32_t mTtl; ///< The host TTL in seconds. + uint32_t mInfraIfIndex; ///< The infrastructure network interface index. +} otPlatDnssdHost; + +/** + * Represents a DNS-SD key record. + * + * See `otPlatDnssdRegisterKey()`, `otPlatDnssdUnregisterKey()` for more details about fields in each case. + * + */ +typedef struct otPlatDnssdKey +{ + const char *mName; ///< A host or a service instance name (does not include domain name). + const char *mServiceType; ///< The service type if key is for a service (does not include domain name). + const uint8_t *mKeyData; ///< Byte array containing the key record data. + uint16_t mKeyDataLength; ///< Length of @p mKeyData in bytes. + uint16_t mClass; ///< The resource record class. + uint32_t mTtl; ///< The TTL in seconds. + uint32_t mInfraIfIndex; ///< The infrastructure network interface index. +} otPlatDnssdKey; + +/** + * Callback to notify state changes of the DNS-SD platform. + * + * The OpenThread stack will call `otPlatDnssdGetState()` (from this callback or later) to get the new state. The + * platform MUST therefore ensure that the returned state from `otPlatDnssdGetState()` is updated before calling this. + * + * @param[in] aInstance The OpenThread instance structure. + * + */ +extern void otPlatDnssdStateHandleStateChange(otInstance *aInstance); + +/** + * Gets the current state of the DNS-SD module. + * + * The platform MUST notify the OpenThread stack whenever its state gets changed by invoking + * `otPlatDnssdStateHandleStateChange()`. + * + * @param[in] aInstance The OpenThread instance. + * + * @returns The current state of the DNS-SD module. + * + */ +otPlatDnssdState otPlatDnssdGetState(otInstance *aInstance); + +/** + * Registers or updates a service on the infrastructure network's DNS-SD module. + * + * The @p aService and all its contained information (strings and buffers) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aService follow these rules: + * + * - The `mServiceInstance` and `mServiceType` fields specify the service instance label and service type name, + * respectively. They are never NULL. + * - The `mHostName` field specifies the host name of the service if it is not NULL. Otherwise, if it is NULL, it + * indicates that this service is for the device itself and leaves the host name selection to DNS-SD platform. + * - The `mSubTypeLabels` is an array of strings representing sub-types associated with the service. It can be NULL + * if there are no sub-types. Otherwise, the array length is specified by `mSubTypeLabelsLength`. + * - The `mTxtData` and `mTxtDataLength` fields specify the encoded TXT data. + * - The `mPort`, `mWeight`, and `mPriority` fields specify the service's parameters (as specified in DNS SRV record). + * - The `mTtl` field specifies the TTL if non-zero. If zero, the platform can choose the TTL to use. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * + * When the `mHostName` field in @p aService is not NULL (indicating that this registration is on behalf of another + * host), the OpenThread stack will ensure that `otPlatDnssdRegisterHost()` is also called for the same host before any + * service registration requests for the same host. + * + * Once the registration request is finished, either successfully or failed, the platform reports the outcome by + * invoking the @p aCallback and passing the same @p aRequestId in the callback. The @p aCallback function pointer can + * be NULL, which indicates that the OpenThread stack does not need to be notified of the outcome of the request. + * If the outcome is determined, the platform implementation may invoke the @p aCallback before returning from this + * function. The OpenThread stack will ensure to handle such a situation. + * + * On success, the @p aCallback MUST be called (if non-NULL) with `OT_ERROR_NONE` as the `aError` input parameter. If + * the registration causes a name conflict on DNS-SD domain (the service instance name is already claimed by another + * host), the `OT_ERROR_DUPLICATED` error MUST be used. The platform implementation can use other `OT_ERROR` types for + * other types of errors. + * + * The platform implementation MUST not assume that the @p aRequestId used in subsequent requests will be different. + * OpenThread may reuse the same request ID again for a different request. + * + * The OpenThread stack will not register the same service (with no changes) that was registered successfully earlier. + * Therefore, the platform implementation does not need to check for duplicate/same service and can assume that calls + * to this function are either registering a new entry or changing some parameter in a previously registered item. As + * a result, these changes always need to be synced on the infrastructure DNS-SD module. + * + * The OpenThread stack does not require the platform implementation to always invoke the @p aCallback function. + * The OpenThread stack has its own mechanism to time out an aged request with no response. This relaxes the + * requirement for platform implementations. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aService Information about the service to register. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdRegisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * Unregisters a service on the infrastructure network's DNS-SD module. + * + * The @p aService and all its contained information (strings and buffers) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aService follow these rules: + * + * - The `mServiceInstance` and `mServiceType` fields specify the service instance label and service type name, + * respectively. They are never NULL. + * - The `mHostName` field specifies the host name of the service if it is not NULL. Otherwise, if it is NULL, it + * indicates that this service is for the device itself and leaves the host name selection to DNS-SD platform. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * - The rest of the fields in @p aService structure MUST be ignored in `otPlatDnssdUnregisterService()` call and may + * be set to zero by the OpenThread stack. + * + * Regarding the invocation of the @p aCallback and the reuse of the @p aRequestId, this function follows the same + * rules as described in `otPlatDnssdRegisterService()`. + * + * The OpenThread stack may request the unregistration of a service that was not previously registered, and the + * platform implementation MUST handle this case. In such a case, the platform can use either `OT_ERROR_NOT_FOUND` to + * indicate that there was no such registration, or `OT_ERROR_NONE` when invoking the @p aCallback function. The + * OpenThread stack will handle either case correctly. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aService Information about the service to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdUnregisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * Registers or updates a host on the infrastructure network's DNS-SD module. + * + * The @p aHost and all its contained information (strings and arrays) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aHost follow these rules: + * + * - The `mHostName` field specifies the host name to register. It is never NULL. + * - The `mAddresses` field is an array of IPv6 addresses to register with the host. `mAddressesLength` field provides + * the number of entries in `mAddresses` array. The platform implementation MUST not filter or remove any of + * addresses in the list. + * The OpenThread stack will already ensure that the given addresses are externally reachable. For example, when + * registering host from an SRP registration, link-local or mesh-local addresses associated with the host which are + * intended for use within Thread mesh are not included in `mAddresses` array passed to this API. The `mAddresses` + * array can be empty with zero `mAddressesLength`. In such a case, the platform MUST stop advertising any addresses + * for this host name on the infrastructure DNS-SD. + * - The `mTtl` field specifies the TTL if non-zero. If zero, the platform can choose the TTL to use. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * + * Regarding the invocation of the @p aCallback and the reuse of the @p aRequestId, this function follows the same + * rules as described in `otPlatDnssdRegisterService()`. + * + * The OpenThread stack will not register the same host (with no changes) that was registered successfully earlier. + * Therefore, the platform implementation does not need to check for duplicate/same host and can assume that calls + * to this function are either registering a new entry or changing some parameter in a previously registered item. As + * a result, these changes always need to be synced on the infrastructure DNS-SD module. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aHost Information about the host to register. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdRegisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * Unregisters a host on the infrastructure network's DNS-SD module. + * + * The @p aHost and all its contained information (strings and arrays) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aHost follow these rules: + * + * - The `mHostName` field specifies the host name to unregister. It is never NULL. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * - The rest of the fields in @p aHost structure MUST be ignored in `otPlatDnssdUnregisterHost()` call and may + * be set to zero by the OpenThread stack. + * + * Regarding the invocation of the @p aCallback and the reuse of the @p aRequestId, this function follows the same + * rules as described in `otPlatDnssdRegisterService()`. + * + * The OpenThread stack may request the unregistration of a host that was not previously registered, and the platform + * implementation MUST handle this case. In such a case, the platform can use either `OT_ERROR_NOT_FOUND` to indicate + * that there was no such registration, or `OT_ERROR_NONE` when invoking the @p aCallback function. OpenThread stack + * will handle either case correctly. + * + * When unregistering a host, the OpenThread stack will also unregister any previously registered services + * associated with the same host (by calling `otPlatDnssdUnregisterService()`). However, the platform implementation + * MAY assume that unregistering a host also unregisters all its associated services. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aHost Information about the host to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdUnregisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * Registers or updates a key record on the infrastructure network's DNS-SD module. + * + * The @p aKey and all its contained information (strings and arrays) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aKey follow these rules: + * + * - If the key is associated with a host, `mName` field specifies the host name and `mServiceType` will be NULL. + * - If the key is associated with a service, `mName` field specifies the service instance label and `mServiceType` + * field specifies the service type. In this case the DNS name for key record is `{mName}.{mServiceTye}`. + * - The `mKeyData` field contains the key record's data with `mKeyDataLength` as its length in byes. It is never NULL. + * - The `mClass` fields specifies the resource record class to use when registering key record. + * - The `mTtl` field specifies the TTL if non-zero. If zero, the platform can choose the TTL to use. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * + * Regarding the invocation of the @p aCallback and the reuse of the @p aRequestId, this function follows the same + * rules as described in `otPlatDnssdRegisterService()`. + * + * The OpenThread stack will not register the same key (with no changes) that was registered successfully earlier. + * Therefore, the platform implementation does not need to check for duplicate/same name and can assume that calls + * to this function are either registering a new key or changing the key data in a previously registered one. As + * a result, these changes always need to be synced on the infrastructure DNS-SD module. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aHost Information about the key record to register. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdRegisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * Unregisters a key record on the infrastructure network's DNS-SD module. + * + * The @p aKey and all its contained information (strings and arrays) are only valid during this call. The + * platform MUST save a copy of the information if it wants to retain the information after returning from this + * function. + * + * The fields in @p aKey follow these rules: + * + * - If the key is associated with a host, `mName` field specifies the host name and `mServiceType` will be NULL. + * - If the key is associated with a service, `mName` field specifies the service instance label and `mServiceType` + * field specifies the service type. In this case the DNS name for key record is `{mName}.{mServiceTye}`. + * - The `mInfraIfIndex` field, if non-zero, specifies the infrastructure network interface index to use for this + * request. If zero, the platform implementation can decided the interface. + * - The rest of the fields in @p aKey structure MUST be ignored in `otPlatDnssdUnregisterKey()` call and may + * be set to zero by the OpenThread stack. + * + * Regarding the invocation of the @p aCallback and the reuse of the @p aRequestId, this function follows the same + * rules as described in `otPlatDnssdRegisterService()`. + * + * The OpenThread stack may request the unregistration of a key that was not previously registered, and the platform + * implementation MUST handle this case. In such a case, the platform can use either `OT_ERROR_NOT_FOUND` to indicate + * that there was no such registration, or `OT_ERROR_NONE` when invoking the @p aCallback function. the OpenThread + * stack will handle either case correctly. + * + * @param[in] aInstance The OpenThread instance. + * @param[in] aKey Information about the key to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ +void otPlatDnssdUnregisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback); + +/** + * @} + * + */ + +#ifdef __cplusplus +} // extern "C" +#endif + +#endif // OPENTHREAD_PLATFORM_DNSSD_H_ diff --git a/script/check-scan-build b/script/check-scan-build index 7e6ad30ff55..2e1463c9443 100755 --- a/script/check-scan-build +++ b/script/check-scan-build @@ -74,6 +74,7 @@ OT_BUILD_OPTIONS=( "-DOT_SERVICE=ON" "-DOT_SLAAC=ON" "-DOT_SNTP_CLIENT=ON" + "-DOT_SRP_ADV_PROXY=ON" "-DOT_SRP_CLIENT=ON" "-DOT_SRP_SERVER=ON" "-DOT_VENDOR_NAME=OpenThread" diff --git a/script/make-pretty b/script/make-pretty index 086ba4c04ce..491d4acb91f 100755 --- a/script/make-pretty +++ b/script/make-pretty @@ -131,6 +131,7 @@ OT_CLANG_TIDY_BUILD_OPTS=( '-DOT_SERVICE=ON' '-DOT_SLAAC=ON' '-DOT_SNTP_CLIENT=ON' + '-DOT_SRP_ADV_PROXY=ON' '-DOT_SRP_CLIENT=ON' '-DOT_SRP_SERVER=ON' '-DOT_THREAD_VERSION=1.3' diff --git a/src/core/BUILD.gn b/src/core/BUILD.gn index f4fa5db94a5..a866cd0d4ba 100644 --- a/src/core/BUILD.gn +++ b/src/core/BUILD.gn @@ -553,6 +553,8 @@ openthread_core_files = [ "net/dns_platform.cpp", "net/dns_types.cpp", "net/dns_types.hpp", + "net/dnssd.cpp", + "net/dnssd.hpp", "net/dnssd_server.cpp", "net/dnssd_server.hpp", "net/icmp6.cpp", @@ -582,6 +584,8 @@ openthread_core_files = [ "net/sntp_client.hpp", "net/socket.cpp", "net/socket.hpp", + "net/srp_advertising_proxy.cpp", + "net/srp_advertising_proxy.hpp", "net/srp_client.cpp", "net/srp_client.hpp", "net/srp_server.cpp", diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt index 24ceb22715b..5e6cee13567 100644 --- a/src/core/CMakeLists.txt +++ b/src/core/CMakeLists.txt @@ -168,6 +168,7 @@ set(COMMON_SOURCES net/dns_dso.cpp net/dns_platform.cpp net/dns_types.cpp + net/dnssd.cpp net/dnssd_server.cpp net/icmp6.cpp net/ip4_types.cpp @@ -182,6 +183,7 @@ set(COMMON_SOURCES net/netif.cpp net/sntp_client.cpp net/socket.cpp + net/srp_advertising_proxy.cpp net/srp_client.cpp net/srp_server.cpp net/tcp6.cpp diff --git a/src/core/border_router/infra_if.cpp b/src/core/border_router/infra_if.cpp index 07b5dc50931..a152e620468 100644 --- a/src/core/border_router/infra_if.cpp +++ b/src/core/border_router/infra_if.cpp @@ -152,6 +152,10 @@ Error InfraIf::HandleStateChanged(uint32_t aIfIndex, bool aIsRunning) Get().HandleInfraIfStateChanged(); +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + Get().HandleInfraIfStateChanged(); +#endif + exit: return error; } diff --git a/src/core/common/heap_data.hpp b/src/core/common/heap_data.hpp index f0b0823ed22..2e3118ffbc7 100644 --- a/src/core/common/heap_data.hpp +++ b/src/core/common/heap_data.hpp @@ -181,6 +181,17 @@ class Data */ bool Matches(const uint8_t *aBuffer, uint16_t aLength) const; + /** + * Overloads operator `==` to compare the `Data` content with the content from another one. + * + * @param[in] aOtherData The other `Data` to compare with. + * + * @retval TRUE The two `Data` instances have matching content (same length and same bytes). + * @retval FALSE The two `Data` instances do not have matching content. + * + */ + bool operator==(const Data &aOtherData) const { return mData == aOtherData.mData; } + /** * Frees any buffer allocated by the `Heap::Data`. * diff --git a/src/core/config/platform.h b/src/core/config/platform.h index 927abb0864b..a3ebf231c8f 100644 --- a/src/core/config/platform.h +++ b/src/core/config/platform.h @@ -35,6 +35,8 @@ #ifndef CONFIG_PLATFORM_H_ #define CONFIG_PLATFORM_H_ +#include "config/srp_server.h" + /** * @addtogroup config-platform * @@ -107,6 +109,16 @@ #define OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE 0 #endif +/** + * @def OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + * + * Define as 1 to enable DNSSD (mDNS) platform module. + * + */ +#ifndef OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE +#define OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE +#endif + /** * @def OPENTHREAD_CONFIG_PLATFORM_RADIO_COEX_ENABLE * diff --git a/src/core/config/srp_server.h b/src/core/config/srp_server.h index 0ae6ef9a946..7e6cd18d2ec 100644 --- a/src/core/config/srp_server.h +++ b/src/core/config/srp_server.h @@ -119,6 +119,16 @@ #define OPENTHREAD_CONFIG_SRP_SERVER_SERVICE_UPDATE_TIMEOUT ((4 * 250u) + 250u) #endif +/** + * @def OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + * + * Define to 1 to enable Advertising Proxy for SRP Sever. + * + */ +#ifndef OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE +#define OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE 0 +#endif + /** * @} * diff --git a/src/core/instance/instance.cpp b/src/core/instance/instance.cpp index 81e3324a1e1..667741b7bef 100644 --- a/src/core/instance/instance.cpp +++ b/src/core/instance/instance.cpp @@ -87,6 +87,11 @@ Instance::Instance(void) , mSettings(*this) , mSettingsDriver(*this) , mMessagePool(*this) +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + // DNS-SD (mDNS) platform is initialized early to + // allow other modules to use it. + , mDnssd(*this) +#endif , mIp6(*this) , mThreadNetif(*this) , mTmfAgent(*this) @@ -185,6 +190,9 @@ Instance::Instance(void) #endif #if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE , mSrpServer(*this) +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + , mSrpAdvertisingProxy(*this) +#endif #endif #if OPENTHREAD_FTD , mChildSupervisor(*this) diff --git a/src/core/instance/instance.hpp b/src/core/instance/instance.hpp index efde7fffbc1..b98b8d8ed23 100644 --- a/src/core/instance/instance.hpp +++ b/src/core/instance/instance.hpp @@ -88,6 +88,7 @@ #include "net/dhcp6_server.hpp" #include "net/dns_client.hpp" #include "net/dns_dso.hpp" +#include "net/dnssd.hpp" #include "net/dnssd_server.hpp" #include "net/ip6.hpp" #include "net/ip6_filter.hpp" @@ -95,6 +96,7 @@ #include "net/nd_agent.hpp" #include "net/netif.hpp" #include "net/sntp_client.hpp" +#include "net/srp_advertising_proxy.hpp" #include "net/srp_client.hpp" #include "net/srp_server.hpp" #include "radio/ble_secure.hpp" @@ -458,6 +460,12 @@ class Instance : public otInstance, private NonCopyable SettingsDriver mSettingsDriver; MessagePool mMessagePool; +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + // DNS-SD (mDNS) platform is initialized early to + // allow other modules to use it. + Dnssd mDnssd; +#endif + Ip6::Ip6 mIp6; ThreadNetif mThreadNetif; Tmf::Agent mTmfAgent; @@ -584,6 +592,9 @@ class Instance : public otInstance, private NonCopyable #if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE Srp::Server mSrpServer; +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + Srp::AdvertisingProxy mSrpAdvertisingProxy; +#endif #endif #if OPENTHREAD_FTD @@ -861,6 +872,10 @@ template <> inline EnergyScanClient &Instance::Get(void) { return mCommissioner. template <> inline PanIdQueryClient &Instance::Get(void) { return mCommissioner.GetPanIdQueryClient(); } #endif +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE +template <> inline Dnssd &Instance::Get(void) { return mDnssd; } +#endif + #if OPENTHREAD_CONFIG_JOINER_ENABLE template <> inline MeshCoP::Joiner &Instance::Get(void) { return mJoiner; } #endif @@ -1012,7 +1027,7 @@ template <> inline Utils::Otns &Instance::Get(void) { return mOtns; } template <> inline BorderRouter::RoutingManager &Instance::Get(void) { return mRoutingManager; } template <> inline BorderRouter::InfraIf &Instance::Get(void) { return mRoutingManager.mInfraIf; } -#endif // OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE +#endif #if OPENTHREAD_CONFIG_NAT64_TRANSLATOR_ENABLE template <> inline Nat64::Translator &Instance::Get(void) { return mNat64Translator; } @@ -1020,7 +1035,10 @@ template <> inline Nat64::Translator &Instance::Get(void) { return mNat64Transla #if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE template <> inline Srp::Server &Instance::Get(void) { return mSrpServer; } +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE +template <> inline Srp::AdvertisingProxy &Instance::Get(void) { return mSrpAdvertisingProxy; } #endif +#endif // OPENTHREAD_CONFIG_SRP_SERVER_ENABLE #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE template <> inline Ble::BleSecure &Instance::Get(void) { return mApplicationBleSecure; } diff --git a/src/core/net/dns_types.hpp b/src/core/net/dns_types.hpp index 5428713aa27..e590a4831ce 100644 --- a/src/core/net/dns_types.hpp +++ b/src/core/net/dns_types.hpp @@ -2254,13 +2254,21 @@ class Ecdsa256KeyRecord : public KeyRecord, public Clearable, bool IsValid(void) const; /** - * Returns the ECDSA P-256 public kek. + * Returns the ECDSA P-256 public key. * * @returns A reference to the public key. * */ const Crypto::Ecdsa::P256::PublicKey &GetKey(void) const { return mKey; } + /** + * Sets the ECDSA P-256 public key. + * + * @param[in] aKey The public key. + * + */ + void SetKey(const Crypto::Ecdsa::P256::PublicKey &aKey) { mKey = aKey; } + private: Crypto::Ecdsa::P256::PublicKey mKey; } OT_TOOL_PACKED_END; diff --git a/src/core/net/dnssd.cpp b/src/core/net/dnssd.cpp new file mode 100644 index 00000000000..c795fa830b0 --- /dev/null +++ b/src/core/net/dnssd.cpp @@ -0,0 +1,158 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file implements infrastructure DNS-SD (mDNS) platform APIs. + */ + +#include "dnssd.hpp" + +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + +#include "common/code_utils.hpp" +#include "common/locator_getters.hpp" +#include "instance/instance.hpp" + +namespace ot { + +//--------------------------------------------------------------------------------------------------------------------- +// Dnssd::RequestIdRange + +void Dnssd::RequestIdRange::Add(RequestId aId) +{ + if (IsEmpty()) + { + mStart = aId; + mEnd = aId + 1; + } + else if (SerialNumber::IsLess(aId, mStart)) // Equivalent to (aId < mStart) + { + mStart = aId; + } + else if (!SerialNumber::IsLess(aId, mEnd)) // Equivalent to !(aId < mEd) -> (aId >= mEnd) + { + mEnd = aId + 1; + } +} + +void Dnssd::RequestIdRange::Remove(RequestId aId) +{ + if (!IsEmpty()) + { + if (aId == mStart) + { + mStart++; + } + else if (aId + 1 == mEnd) + { + mEnd--; + } + } +} + +bool Dnssd::RequestIdRange::Contains(RequestId aId) const +{ + // Equivalent to `(aId >= mStart) && (aId < mEnd)` + + return (!SerialNumber::IsLess(aId, mStart) && SerialNumber::IsLess(aId, mEnd)); +} + +//--------------------------------------------------------------------------------------------------------------------- +// Dnssd + +Dnssd::Dnssd(Instance &aInstance) + : InstanceLocator(aInstance) +{ +} + +Dnssd::State Dnssd::GetState(void) const { return MapEnum(otPlatDnssdGetState(&GetInstance())); } + +void Dnssd::RegisterService(const Service &aService, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdRegisterService(&GetInstance(), &aService, aRequestId, aCallback); + } +} + +void Dnssd::UnregisterService(const Service &aService, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdUnregisterService(&GetInstance(), &aService, aRequestId, aCallback); + } +} + +void Dnssd::RegisterHost(const Host &aHost, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdRegisterHost(&GetInstance(), &aHost, aRequestId, aCallback); + } +} + +void Dnssd::UnregisterHost(const Host &aHost, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdUnregisterHost(&GetInstance(), &aHost, aRequestId, aCallback); + } +} + +void Dnssd::RegisterKey(const Key &aKey, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdRegisterKey(&GetInstance(), &aKey, aRequestId, aCallback); + } +} + +void Dnssd::UnregisterKey(const Key &aKey, RequestId aRequestId, RegisterCallback aCallback) +{ + if (IsReady()) + { + otPlatDnssdUnregisterKey(&GetInstance(), &aKey, aRequestId, aCallback); + } +} + +void Dnssd::HandleStateChange(void) +{ +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + Get().HandleDnssdPlatformStateChange(); +#endif +} + +extern "C" void otPlatDnssdStateHandleStateChange(otInstance *aInstance) +{ + AsCoreType(aInstance).Get().HandleStateChange(); +} + +} // namespace ot + +#endif // OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE diff --git a/src/core/net/dnssd.hpp b/src/core/net/dnssd.hpp new file mode 100644 index 00000000000..dc6f6b6cad2 --- /dev/null +++ b/src/core/net/dnssd.hpp @@ -0,0 +1,282 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file includes definitions for infrastructure DNS-SD (mDNS) platform. + */ + +#ifndef DNSSD_HPP_ +#define DNSSD_HPP_ + +#include "openthread-core-config.h" + +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + +#include + +#include "common/clearable.hpp" +#include "common/locator.hpp" +#include "common/non_copyable.hpp" +#include "net/ip6_address.hpp" + +namespace ot { + +/** + * @addtogroup core-dns + * + * @brief + * This module includes definitions for DNS-SD (mDNS) platform. + * + * @{ + * + */ + +extern "C" void otPlatDnssdStateHandleStateChange(otInstance *aInstance); + +/** + * Represents DNS-SD (mDNS) platform. + * + */ +class Dnssd : public InstanceLocator, private NonCopyable +{ + friend void otPlatDnssdStateHandleStateChange(otInstance *aInstance); + +public: + /** + * Represents state of DNS-SD platform. + * + */ + enum State : uint8_t + { + kStopped = OT_PLAT_DNSSD_STOPPED, ///< Stopped and unable to register any service or host. + kReady = OT_PLAT_DNSSD_READY ///< Running and ready to register service or host. + }; + + typedef otPlatDnssdRequestId RequestId; ///< A request ID. + typedef otPlatDnssdRegisterCallback RegisterCallback; ///< The registration request callback + + class Host : public otPlatDnssdHost, public Clearable ///< Host information. + { + }; + + class Service : public otPlatDnssdService, public Clearable ///< Service information. + { + }; + + class Key : public otPlatDnssdKey, public Clearable ///< Key information + { + }; + + /** + * Represents a range of `RequestId` values. + * + * The range is stored using start and end ID values. The implementation handles the case when ID values roll over. + * + */ + struct RequestIdRange : public Clearable + { + /** + * Initializes a range as empty. + * + */ + RequestIdRange(void) + : mStart(0) + , mEnd(0) + { + } + + /** + * Adds a request ID to the range. + * + * @param[in] aId The ID to add to the range. + * + */ + void Add(RequestId aId); + + /** + * Removes a request ID from the range. + * + * @param[in] aId The ID to remove from the range. + * + */ + void Remove(RequestId aId); + + /** + * Indicates whether or not a given ID is contained within the range. + * + * @param[in] aId The ID to check. + * + * @retval TRUE The @p aID is contained within the range. + * @retval FALSE The @p aId is not contained within the range. + * + */ + bool Contains(RequestId aId) const; + + /** + * Indicates whether or not the range is empty. + * + * @retval TRUE The range is empty. + * @retval FALSE The range is not empty. + * + */ + bool IsEmpty(void) const { return (mStart == mEnd); } + + private: + // The range is represented as all `RequestId` values from + // `mStart` up to, but not including, `mEnd`. It uses serial + // number arithmetic logic when comparing `RequestId` values, + // so `Contains()` and other methods work correctly even when + // the ID value rolls over. + + RequestId mStart; + RequestId mEnd; + }; + + /** + * Initializes `Dnssd` object. + * + * @param[in] aInstance The OpenThread instance. + * + */ + explicit Dnssd(Instance &aInstance); + + /** + * Gets the current state of DNS-SD platform module. + * + * @returns The current state of DNS-SD platform. + * + */ + State GetState(void) const; + + /** + * Indicates whether or not DNS-SD platform is ready (in `kReady` state). + * + * @retval TRUE The DNS-SD platform is ready. + * @retval FALSE The DNS-SD platform is not ready. + * + */ + bool IsReady(void) const { return GetState() == kReady; } + + /** + * Registers or updates a service on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdRegisterService()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aService Information about service to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be `nullptr`). + * + */ + void RegisterService(const Service &aService, RequestId aRequestId, RegisterCallback aCallback); + + /** + * Unregisters a service on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdUnregisterService()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aService Information about service to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be `nullptr`). + * + */ + void UnregisterService(const Service &aService, RequestId aRequestId, RegisterCallback aCallback); + + /** + * Registers or updates a host on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdRegisterHost()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aHost Information about host to register. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be `nullptr`). + * + */ + void RegisterHost(const Host &aHost, RequestId aRequestId, RegisterCallback aCallback); + + /** + * Unregisters a host on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdUnregisterHost()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aHost Information about the host to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ + void UnregisterHost(const Host &aHost, RequestId aRequestId, RegisterCallback aCallback); + + /** + * Registers or updates a key record on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdRegisterKey()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aKey Information about the key to register. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be `nullptr`). + * + */ + void RegisterKey(const Key &aKey, RequestId aRequestId, RegisterCallback aCallback); + + /** + * Unregisters a key record on the infrastructure network's DNS-SD module. + * + * Refer to the documentation for `otPlatDnssdUnregisterKey()`, for a more detailed description of the behavior + * of this method. + * + * @param[in] aKey Information about the key to unregister. + * @param[in] aRequestId The ID associated with this request. + * @param[in] aCallback The callback function pointer to report the outcome (may be NULL if no callback needed). + * + */ + void UnregisterKey(const Key &aKey, RequestId aRequestId, RegisterCallback aCallback); + +private: + void HandleStateChange(void); +}; + +/** + * @} + * + */ + +DefineMapEnum(otPlatDnssdState, Dnssd::State); +DefineCoreType(otPlatDnssdService, Dnssd::Service); +DefineCoreType(otPlatDnssdHost, Dnssd::Host); +DefineCoreType(otPlatDnssdKey, Dnssd::Key); + +} // namespace ot + +#endif // OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + +#endif // DNSSD_HPP_ diff --git a/src/core/net/srp_advertising_proxy.cpp b/src/core/net/srp_advertising_proxy.cpp new file mode 100644 index 00000000000..8a2451d1f0b --- /dev/null +++ b/src/core/net/srp_advertising_proxy.cpp @@ -0,0 +1,1393 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file includes implementation of SRP Advertising Proxy. + */ + +#include "srp_advertising_proxy.hpp" + +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + +#include "common/as_core_type.hpp" +#include "common/debug.hpp" +#include "common/locator_getters.hpp" +#include "common/log.hpp" +#include "common/serial_number.hpp" +#include "common/type_traits.hpp" +#include "instance/instance.hpp" + +namespace ot { +namespace Srp { + +RegisterLogModule("SrpAdvProxy"); + +//--------------------------------------------------------------------------------------------------------------------- +// AdvertisingProxy + +AdvertisingProxy::AdvertisingProxy(Instance &aInstance) + : InstanceLocator(aInstance) + , mState(kStateStopped) + , mCurrentRequestId(0) + , mAdvTimeout(kAdvTimeout) + , mTimer(aInstance) + , mTasklet(aInstance) +{ + mCounters.Clear(); +} + +void AdvertisingProxy::Start(void) +{ + VerifyOrExit(mState != kStateRunning); + + mState = kStateRunning; + mCounters.mStateChanges++; + LogInfo("Started"); + + // Advertise all existing and committed entries on SRP sever. + + for (Host &host : Get().mHosts) + { + LogInfo("Adv existing host '%s'", host.GetFullName()); + Advertise(host); + } + +exit: + return; +} + +void AdvertisingProxy::Stop(void) +{ + VerifyOrExit(mState != kStateStopped); + + mState = kStateStopped; + mCounters.mStateChanges++; + + while (true) + { + OwnedPtr advPtr = mAdvInfoList.Pop(); + + if (advPtr.IsNull()) + { + break; + } + + mCounters.mAdvRejected++; + + UnregisterHostAndItsServicesAndKeys(advPtr->mHost); + + advPtr->mError = kErrorAbort; + advPtr->mHost.mAdvIdRange.Clear(); + advPtr->mBlockingAdv = nullptr; + advPtr->SignalServerToCommit(); + } + + for (Host &host : Get().GetHosts()) + { + UnregisterHostAndItsServicesAndKeys(host); + + host.mAdvIdRange.Clear(); + host.mAdvId = kInvalidRequestId; + host.mIsRegistered = false; + + for (Service &service : host.mServices) + { + service.mAdvId = kInvalidRequestId; + service.mIsRegistered = false; + } + } + + LogInfo("Stopped"); + +exit: + return; +} + +void AdvertisingProxy::UpdateState(void) +{ + if (!Get().IsReady() || !Get().IsRunning()) + { + Stop(); + ExitNow(); + } + + switch (Get().GetState()) + { + case Server::kStateDisabled: + case Server::kStateStopped: + Stop(); + break; + + case Server::kStateRunning: + Start(); + break; + } + +exit: + return; +} + +AdvertisingProxy::RequestId AdvertisingProxy::AllocateNextRequestId(void) +{ + mCurrentRequestId++; + + if (kInvalidRequestId == mCurrentRequestId) + { + mCurrentRequestId++; + } + + return mCurrentRequestId; +} + +// NOLINTNEXTLINE(readability-inconsistent-declaration-parameter-name) +template <> void AdvertisingProxy::UpdateAdvIdRangeOn(Host &aHost) +{ + // Determine and update `mAdvIdRange` on `aHost` based on + // `mAdvId` and `mKeyAdvId` of host and its services. + + aHost.mAdvIdRange.Clear(); + + for (const Service &service : aHost.mServices) + { + if (service.mKeyAdvId != kInvalidRequestId) + { + aHost.mAdvIdRange.Add(service.mKeyAdvId); + } + + if (service.mAdvId != kInvalidRequestId) + { + aHost.mAdvIdRange.Add(service.mAdvId); + } + } + + if (aHost.mKeyAdvId != kInvalidRequestId) + { + aHost.mAdvIdRange.Add(aHost.mKeyAdvId); + } + + if (aHost.mAdvId != kInvalidRequestId) + { + aHost.mAdvIdRange.Add(aHost.mAdvId); + } + + if (aHost.mAdvIdRange.IsEmpty()) + { + mTasklet.Post(); + } +} + +// NOLINTNEXTLINE(readability-inconsistent-declaration-parameter-name) +template <> void AdvertisingProxy::UpdateAdvIdRangeOn(Service &aService) +{ + // Updates `mAdvIdRange` on the `Host` associated with + // `aService`. + + UpdateAdvIdRangeOn(*aService.mHost); +} + +void AdvertisingProxy::AdvertiseRemovalOf(Host &aHost) +{ + LogInfo("Adv removal of host '%s'", aHost.GetFullName()); + mCounters.mAdvHostRemovals++; + + VerifyOrExit(mState == kStateRunning); + VerifyOrExit(aHost.IsDeleted()); + + aHost.mShouldAdvertise = aHost.mIsRegistered; + + for (Service &service : aHost.mServices) + { + if (!service.mIsDeleted) + { + service.mIsDeleted = true; + } + + service.mShouldAdvertise = service.mIsRegistered; + } + + // Reject any outstanding `AdvInfo` that matches `aHost` that is + // being removed. + + for (AdvInfo &adv : mAdvInfoList) + { + Host &advHost = adv.mHost; + + if (!aHost.Matches(advHost.GetFullName()) || advHost.IsDeleted()) + { + continue; + } + + for (Service &advService : advHost.mServices) + { + Service *service; + + service = aHost.FindService(advService.GetInstanceName()); + + if (service == nullptr) + { + // `AdvInfo` contains a service that is not present in + // `aHost`, we unregister the service and its key. + + if (!advService.IsDeleted()) + { + UnregisterService(advService); + } + + UnregisterKey(advService); + } + else + { + service->mShouldAdvertise = true; + + if (aHost.mKeyLease == 0) + { + advService.mIsKeyRegistered = false; + } + } + + advService.mAdvId = kInvalidRequestId; + advService.mKeyAdvId = kInvalidRequestId; + advService.mIsReplaced = true; + } + + if (aHost.mKeyLease == 0) + { + advHost.mIsKeyRegistered = false; + } + + advHost.mAdvId = kInvalidRequestId; + advHost.mKeyAdvId = kInvalidRequestId; + advHost.mIsReplaced = true; + advHost.mAdvIdRange.Clear(); + + adv.mError = kErrorAbort; + mTasklet.Post(); + } + + for (Service &service : aHost.mServices) + { + if (service.mShouldAdvertise) + { + UnregisterService(service); + } + + if (aHost.mKeyLease == 0) + { + UnregisterKey(service); + } + } + + if (aHost.mShouldAdvertise) + { + UnregisterHost(aHost); + } + + if (aHost.mKeyLease == 0) + { + UnregisterKey(aHost); + } + +exit: + return; +} + +void AdvertisingProxy::AdvertiseRemovalOf(Service &aService) +{ + LogInfo("Adv removal of service '%s' '%s'", aService.GetInstanceLabel(), aService.GetServiceName()); + mCounters.mAdvServiceRemovals++; + + VerifyOrExit(mState == kStateRunning); + + aService.mShouldAdvertise = aService.mIsRegistered; + + // Check if any outstanding `AdvInfo` is re-adding the `aService` + // (which is being removed), and if so, skip unregistering the + // service and its key. + + for (const AdvInfo &adv : mAdvInfoList) + { + const Host &advHost = adv.mHost; + const Service *advService; + + if (!aService.mHost->Matches(advHost.GetFullName())) + { + continue; + } + + if (advHost.IsDeleted()) + { + break; + } + + advService = advHost.FindService(aService.GetInstanceName()); + + if ((advService != nullptr) && !advService->IsDeleted()) + { + ExitNow(); + } + } + + if (aService.mShouldAdvertise) + { + UnregisterService(aService); + } + + if (aService.mKeyLease == 0) + { + UnregisterKey(aService); + } + +exit: + return; +} + +void AdvertisingProxy::Advertise(Host &aHost, const Server::MessageMetadata &aMetadata) +{ + AdvInfo *advPtr = nullptr; + Host *existingHost; + + LogInfo("Adv update for '%s'", aHost.GetFullName()); + + mCounters.mAdvTotal++; + + VerifyOrExit(mState == kStateRunning); + + advPtr = AdvInfo::Allocate(aHost, aMetadata, mAdvTimeout); + VerifyOrExit(advPtr != nullptr); + mAdvInfoList.Push(*advPtr); + + // Compare the new `aHost` with outstanding advertisements and + // already committed entries on server. + + for (AdvInfo &adv : mAdvInfoList) + { + if (!aHost.Matches(adv.mHost.GetFullName())) + { + continue; + } + + if (CompareAndUpdateHostAndServices(aHost, adv.mHost)) + { + // If the new `aHost` replaces an entry in the outstanding + // `adv`, we mark the new advertisement as blocked so + // that it is not committed before the earlier one. This + // ensures that SRP Updates are committed in the order + // they are advertised, avoiding issues such as re-adding + // a removed entry due to a delay in registration on + // infra DNS-SD. + + if (advPtr->mBlockingAdv == nullptr) + { + mCounters.mAdvReplaced++; + advPtr->mBlockingAdv = &adv; + } + } + } + + existingHost = Get().mHosts.FindMatching(aHost.GetFullName()); + + if (existingHost != nullptr) + { + CompareAndUpdateHostAndServices(aHost, *existingHost); + } + + Advertise(aHost); + +exit: + if (advPtr != nullptr) + { + if (advPtr->IsCompleted()) + { + mTasklet.Post(); + } + else + { + mTimer.FireAtIfEarlier(advPtr->mExpireTime); + } + } + else + { + LogInfo("Adv skipped '%s'", aHost.GetFullName()); + mCounters.mAdvSkipped++; + Get().CommitSrpUpdate(kErrorNone, aHost, aMetadata); + } +} + +template bool AdvertisingProxy::IsKeyRegisteredOrRegistering(const Entry &aEntry) const +{ + return (aEntry.mIsKeyRegistered || (aEntry.mKeyAdvId != kInvalidRequestId)); +} + +template bool AdvertisingProxy::IsRegisteredOrRegistering(const Entry &aEntry) const +{ + return (aEntry.mIsRegistered || (aEntry.mAdvId != kInvalidRequestId)); +} + +template +void AdvertisingProxy::DecideToAdvertise(Entry &aEntry, bool aUnregisterEntry, bool aUnregisterKey) +{ + // Decides whether to advertise `aEntry` or register its key. + + if (!aUnregisterKey && !IsKeyRegisteredOrRegistering(aEntry)) + { + aEntry.mShouldRegisterKey = true; + aEntry.mKeyAdvId = AllocateNextRequestId(); + } + + VerifyOrExit(!aEntry.mShouldAdvertise); + + if (aUnregisterEntry || aEntry.IsDeleted()) + { + aEntry.mShouldAdvertise = aEntry.mIsRegistered; + } + else if (!IsRegisteredOrRegistering(aEntry)) + { + aEntry.mShouldAdvertise = true; + aEntry.mAdvId = AllocateNextRequestId(); + } + +exit: + return; +} + +void AdvertisingProxy::Advertise(Host &aHost) +{ + bool shouldUnregisterHostAndServices = aHost.IsDeleted(); + bool shouldUnregisterKeys = (aHost.mKeyLease == 0); + + DecideToAdvertise(aHost, shouldUnregisterHostAndServices, shouldUnregisterKeys); + + for (Service &service : aHost.mServices) + { + DecideToAdvertise(service, shouldUnregisterHostAndServices, shouldUnregisterKeys); + } + + // We call `UpdateAdvIdRangeOn()` to determine the `mAdvIdRange` + // on `aHost` before we call any of `UnregisterHost()`, + // `UnregisterService()`, or `UnregisterKey()` methods, and + // and receive any `HandleRegistered()` callbacks. The DNS-SD + // platform may invoke `HandleRegistered()` callbacks from within + // the `Register{Host/Service/Key}()` calls. + + UpdateAdvIdRangeOn(aHost); + + if (shouldUnregisterKeys) + { + UnregisterKey(aHost); + } + else if (aHost.mShouldRegisterKey) + { + RegisterKey(aHost); + } + + // We register host first before any of its services. + // But if we need to unregister host, it is done after + // all services. + + if (aHost.mShouldAdvertise && !shouldUnregisterHostAndServices) + { + RegisterHost(aHost); + } + + for (Service &service : aHost.mServices) + { + if (shouldUnregisterKeys) + { + UnregisterKey(service); + } + else if (service.mShouldRegisterKey) + { + RegisterKey(service); + } + + if (service.mShouldAdvertise) + { + if (shouldUnregisterHostAndServices || service.IsDeleted()) + { + UnregisterService(service); + } + else + { + RegisterService(service); + } + } + } + + if (aHost.mShouldAdvertise && shouldUnregisterHostAndServices) + { + UnregisterHost(aHost); + } +} + +void AdvertisingProxy::UnregisterHostAndItsServicesAndKeys(Host &aHost) +{ + for (Service &service : aHost.mServices) + { + if (service.mIsKeyRegistered) + { + UnregisterKey(service); + } + + if (!service.mIsReplaced && IsRegisteredOrRegistering(service)) + { + UnregisterService(service); + } + } + + if (aHost.mIsKeyRegistered) + { + UnregisterKey(aHost); + } + + if (!aHost.mIsReplaced && IsRegisteredOrRegistering(aHost)) + { + UnregisterHost(aHost); + } +} + +bool AdvertisingProxy::CompareAndUpdateHostAndServices(Host &aHost, Host &aExistingHost) +{ + // This method compares and updates flags used by `AdvertisingProxy` + // on new `aHost` and `aExistingHost` and their services. + // + // It returns a boolean indicating whether the new `aHost` replaced + // any of the entries on the `aExistingHost`. + // + // The `AdvertisingProxy` uses the following flags and variables + // on `Host` and `Service` entries: + // + // - `mIsRegistered` indicates whether or not the entry has been + // successfully registered by the proxy. + // + // - `mIsKeyRegistered` indicates whether or not a key record + // associated with the entry name has been successfully + // registered by the proxy on infrastructure DNS-SD. + // + // - `mAdvId` specifies the ongoing registration request ID + // associated with this entry by the proxy. A value of zero or + // `kInvalidRequestId` indicates that there is no ongoing + // registration for this entry. + // + // - `mKeyAdvId` is similar to `mAdvId` but for registering the + // key record. + // + // - `mIsReplaced` tracks whether this entry has been replaced by + // a newer advertisement request that changes some of its + // parameters. For example, the address list could have been + // changed on a `Host`, or TXT Data, or the list of sub-types, + // or port number could have been changed on a `Service`. + // + // - `mShouldAdvertise` is only used in the `Advertise()` call + // chain to track whether we need to advertise the entry. + // + // - `mShouldRegisterKey` is similar to `mShouldAdvertise` and + // only used in `Advertise()` call chain. + + bool replaced = false; + + VerifyOrExit(&aHost != &aExistingHost); + + replaced = CompareAndUpdateHost(aHost, aExistingHost); + + // Compare services of `aHost` against services of + // `aExistingHost`. + + for (Service &service : aHost.mServices) + { + Service *existingService = aExistingHost.mServices.FindMatching(service.GetInstanceName()); + + if (existingService != nullptr) + { + replaced |= CompareAndUpdateService(service, *existingService); + } + } + +exit: + return replaced; +} + +template void AdvertisingProxy::UpdateKeyRegistrationStatus(Entry &aEntry, const Entry &aExistingEntry) +{ + // Updates key registration status on `aEntry` based + // on its state on `aExistingEntry`. + + static_assert(TypeTraits::IsSame::kValue || TypeTraits::IsSame::kValue, + "`Entry` must be `Host` or `Service` types"); + + // If the new `aEntry` has a zero key lease, we always unregister + // it, just to be safe. Therefore, there is no need to check the + // key registration status of the existing `aExistingEntry`. + + VerifyOrExit(aEntry.GetKeyLease() != 0); + + VerifyOrExit(!IsKeyRegisteredOrRegistering(aEntry)); + + if (aExistingEntry.mIsKeyRegistered) + { + aEntry.mIsKeyRegistered = true; + } + else + { + // Use the key registration request ID by `aExistingEntry` for + // the new `aEntry` if there is any. If there is none the + // `mKeyAdvId` remains as `kInvalidRequestId`. + + aEntry.mKeyAdvId = aExistingEntry.mKeyAdvId; + } + +exit: + return; +} + +// NOLINTNEXTLINE(readability-inconsistent-declaration-parameter-name) +template <> bool AdvertisingProxy::EntriesMatch(const Host &aFirstHost, const Host &aSecondHost) +{ + bool match = false; + + VerifyOrExit(aFirstHost.IsDeleted() == aSecondHost.IsDeleted()); + + if (aFirstHost.IsDeleted()) + { + match = true; + ExitNow(); + } + + VerifyOrExit(aFirstHost.mAddresses.GetLength() == aSecondHost.mAddresses.GetLength()); + + for (const Ip6::Address &address : aFirstHost.mAddresses) + { + VerifyOrExit(aSecondHost.mAddresses.Contains(address)); + } + + match = true; + +exit: + return match; +} + +// NOLINTNEXTLINE(readability-inconsistent-declaration-parameter-name) +template <> bool AdvertisingProxy::EntriesMatch(const Service &aFirstService, const Service &aSecondService) +{ + bool match = false; + + VerifyOrExit(aFirstService.IsDeleted() == aSecondService.IsDeleted()); + + if (aFirstService.IsDeleted()) + { + match = true; + ExitNow(); + } + + VerifyOrExit(aFirstService.GetPort() == aSecondService.GetPort()); + VerifyOrExit(aFirstService.GetWeight() == aSecondService.GetWeight()); + VerifyOrExit(aFirstService.GetPriority() == aSecondService.GetPriority()); + VerifyOrExit(aFirstService.GetTtl() == aSecondService.GetTtl()); + + VerifyOrExit(aFirstService.GetNumberOfSubTypes() == aSecondService.GetNumberOfSubTypes()); + + for (uint16_t index = 0; index < aFirstService.GetNumberOfSubTypes(); index++) + { + VerifyOrExit(aSecondService.HasSubTypeServiceName(aFirstService.GetSubTypeServiceNameAt(index))); + } + + VerifyOrExit(aFirstService.GetTxtDataLength() == aSecondService.GetTxtDataLength()); + VerifyOrExit(!memcmp(aFirstService.GetTxtData(), aSecondService.GetTxtData(), aFirstService.GetTxtDataLength())); + + match = true; + +exit: + return match; +} + +template bool AdvertisingProxy::CompareAndUpdate(Entry &aEntry, Entry &aExistingEntry) +{ + // This is called when the new `aEntry` is not deleted. + + bool replaced = false; + + // If we previously determined that `aEntry` is registered, + // nothing else to do. + + VerifyOrExit(!aEntry.mIsRegistered); + + if (aEntry.mShouldAdvertise || aExistingEntry.mIsReplaced || !EntriesMatch(aEntry, aExistingEntry)) + { + // If we previously determined that we should advertise the + // new `aEntry`, we enter this block to mark `aExistingEntry` + // as being replaced. + // + // If `aExistingEntry` was already marked as replaced, we + // cannot compare it to the new `aEntry`. Therefore, we assume + // that there may be a change and always advertise the new + // `aEntry`. Otherwise, we compare it to the new `aEntry` using + // `EntriesMatch()` and only if there are any differences, we + // mark that `aEntry` needs to be advertised. + + aExistingEntry.mIsReplaced = true; + replaced = true; + + if (aEntry.mAdvId == kInvalidRequestId) + { + aEntry.mShouldAdvertise = true; + aEntry.mAdvId = AllocateNextRequestId(); + } + + // If there is an outstanding registration request for + // `aExistingEntry` we replace it with the request ID of the + // new `aEntry` registration. + + if (aExistingEntry.mAdvId != kInvalidRequestId) + { + aExistingEntry.mAdvId = aEntry.mAdvId; + UpdateAdvIdRangeOn(aExistingEntry); + } + + ExitNow(); + } + + // `aEntry` fully matches `aExistingEntry` and `aExistingEntry` was + // not replaced. + + VerifyOrExit(aEntry.mAdvId == kInvalidRequestId); + + if (aExistingEntry.mIsRegistered) + { + aEntry.mIsRegistered = true; + } + else if (aExistingEntry.mAdvId != kInvalidRequestId) + { + // There is an outstanding registration request for + // `aExistingEntry`. We use the same ID for the new `aEntry`. + + aEntry.mAdvId = aExistingEntry.mAdvId; + } + else + { + // The earlier advertisement of `aExistingEntry` seems to have + // failed since there is no outstanding registration request + // (no ID) and it is not marked as registered. We mark the + // new `aEntry` to be advertised (to try again). + + aEntry.mShouldAdvertise = true; + aEntry.mAdvId = AllocateNextRequestId(); + aExistingEntry.mIsReplaced = true; + } + +exit: + return replaced; +} + +bool AdvertisingProxy::CompareAndUpdateHost(Host &aHost, Host &aExistingHost) +{ + bool replaced = false; + + UpdateKeyRegistrationStatus(aHost, aExistingHost); + + if (!aHost.IsDeleted()) + { + replaced = CompareAndUpdate(aHost, aExistingHost); + ExitNow(); + } + + // The new `aHost` is removing the host and all its services. + + if (aExistingHost.IsDeleted()) + { + // If `aHost` has zero key-lease (fully removed), + // we need to unregister keys for any services on + // existing host that are not present in `aHost`. + + if (aHost.mKeyLease == 0) + { + for (Service &existingService : aExistingHost.mServices) + { + if (!aHost.HasService(existingService.GetInstanceName())) + { + UnregisterKey(existingService); + } + } + } + + ExitNow(); + } + + // `aExistingHost` is updating the same host that is being + // removed by the new `aHost` update. We need to advertise + // the new `aHost` to make sure it is unregistered. + + aHost.mShouldAdvertise = true; + + // We unregister any services that were registered by + // `aExistingHost` but are not included in the now being + // removed `aHost`, and unregister any registered keys when + // `aHost` has zero key lease. + + for (Service &existingService : aExistingHost.mServices) + { + if (existingService.IsDeleted()) + { + if (aHost.GetKeyLease() == 0) + { + existingService.mIsReplaced = true; + UnregisterKey(existingService); + } + + continue; + } + + if (aHost.HasService(existingService.GetInstanceName())) + { + // The `existingService` that are contained in `aHost` + // are updated in `CompareAndUpdateService()`. + continue; + } + + UnregisterService(existingService); + + existingService.mIsReplaced = true; + + if (aHost.GetKeyLease() == 0) + { + UnregisterKey(existingService); + } + } + + aExistingHost.mAdvId = kInvalidRequestId; + aExistingHost.mIsReplaced = true; + replaced = true; + + if (aHost.GetKeyLease() == 0) + { + UnregisterKey(aExistingHost); + } + + UpdateAdvIdRangeOn(aExistingHost); + +exit: + return replaced; +} + +bool AdvertisingProxy::CompareAndUpdateService(Service &aService, Service &aExistingService) +{ + bool replaced = false; + + UpdateKeyRegistrationStatus(aService, aExistingService); + + if (!aService.IsDeleted()) + { + replaced = CompareAndUpdate(aService, aExistingService); + ExitNow(); + } + + if (aExistingService.IsDeleted()) + { + ExitNow(); + } + + aService.mShouldAdvertise = true; + + aExistingService.mIsReplaced = true; + replaced = true; + + if (aExistingService.mAdvId != kInvalidRequestId) + { + // If there is an outstanding registration request for the + // existing service, clear its request ID. + + aExistingService.mAdvId = kInvalidRequestId; + + UpdateAdvIdRangeOn(*aExistingService.mHost); + } + +exit: + return replaced; +} + +void AdvertisingProxy::RegisterHost(Host &aHost) +{ + Error error = kErrorNone; + Dnssd::Host hostInfo; + DnsName hostName; + Heap::Array hostAddresses; + + aHost.mShouldAdvertise = false; + + CopyNameAndRemoveDomain(hostName, aHost.GetFullName()); + + SuccessOrExit(error = hostAddresses.ReserveCapacity(aHost.mAddresses.GetLength())); + + for (const Ip6::Address &address : aHost.mAddresses) + { + if (!address.IsLinkLocal() && !Get().IsMeshLocalAddress(address)) + { + IgnoreError(hostAddresses.PushBack(address)); + } + } + + LogInfo("Registering host '%s', id:%lu", hostName, ToUlong(aHost.mAdvId)); + + hostInfo.Clear(); + hostInfo.mHostName = hostName; + hostInfo.mAddresses = hostAddresses.AsCArray(); + hostInfo.mAddressesLength = hostAddresses.GetLength(); + hostInfo.mTtl = aHost.GetTtl(); + hostInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().RegisterHost(hostInfo, aHost.mAdvId, HandleRegistered); + +exit: + if (error != kErrorNone) + { + LogWarn("Error %s registering host '%s'", ErrorToString(error), hostName); + } +} + +void AdvertisingProxy::UnregisterHost(Host &aHost) +{ + Dnssd::Host hostInfo; + DnsName hostName; + + aHost.mShouldAdvertise = false; + aHost.mIsRegistered = false; + aHost.mAdvId = false; + + CopyNameAndRemoveDomain(hostName, aHost.GetFullName()); + + LogInfo("Unregistering host '%s'", hostName); + + hostInfo.Clear(); + hostInfo.mHostName = hostName; + hostInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().UnregisterHost(hostInfo, 0, nullptr); +} + +void AdvertisingProxy::RegisterService(Service &aService) +{ + Error error = kErrorNone; + Dnssd::Service serviceInfo; + DnsName hostName; + DnsName serviceName; + Heap::Array subTypeHeapStrings; + Heap::Array subTypeLabels; + + aService.mShouldAdvertise = false; + + CopyNameAndRemoveDomain(hostName, aService.GetHost().GetFullName()); + CopyNameAndRemoveDomain(serviceName, aService.GetServiceName()); + + SuccessOrExit(error = subTypeHeapStrings.ReserveCapacity(aService.mSubTypes.GetLength())); + SuccessOrExit(error = subTypeLabels.ReserveCapacity(aService.mSubTypes.GetLength())); + + for (const Heap::String &subTypeName : aService.mSubTypes) + { + char label[Dns::Name::kMaxLabelSize]; + Heap::String labelString; + + IgnoreError(Server::Service::ParseSubTypeServiceName(subTypeName.AsCString(), label, sizeof(label))); + SuccessOrExit(error = labelString.Set(label)); + IgnoreError(subTypeHeapStrings.PushBack(static_cast(labelString))); + IgnoreError(subTypeLabels.PushBack(subTypeHeapStrings.Back()->AsCString())); + } + + LogInfo("Registering service '%s' '%s' on '%s', id:%lu", aService.GetInstanceLabel(), serviceName, hostName, + ToUlong(aService.mAdvId)); + + serviceInfo.Clear(); + serviceInfo.mHostName = hostName; + serviceInfo.mServiceInstance = aService.GetInstanceLabel(); + serviceInfo.mServiceType = serviceName; + serviceInfo.mSubTypeLabels = subTypeLabels.AsCArray(); + serviceInfo.mSubTypeLabelsLength = subTypeLabels.GetLength(); + serviceInfo.mTxtData = aService.GetTxtData(); + serviceInfo.mTxtDataLength = aService.GetTxtDataLength(); + serviceInfo.mPort = aService.GetPort(); + serviceInfo.mWeight = aService.GetWeight(); + serviceInfo.mPriority = aService.GetPriority(); + serviceInfo.mTtl = aService.GetTtl(); + serviceInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().RegisterService(serviceInfo, aService.mAdvId, HandleRegistered); + +exit: + if (error != kErrorNone) + { + LogWarn("Error %s registering service '%s' '%s'", ErrorToString(error), aService.GetInstanceLabel(), + serviceName); + } +} + +void AdvertisingProxy::UnregisterService(Service &aService) +{ + Dnssd::Service serviceInfo; + DnsName hostName; + DnsName serviceName; + + aService.mShouldAdvertise = false; + aService.mIsRegistered = false; + aService.mAdvId = kInvalidRequestId; + + CopyNameAndRemoveDomain(hostName, aService.GetHost().GetFullName()); + CopyNameAndRemoveDomain(serviceName, aService.GetServiceName()); + + LogInfo("Unregistering service '%s' '%s' on '%s'", aService.GetInstanceLabel(), serviceName, hostName); + + serviceInfo.Clear(); + serviceInfo.mHostName = hostName; + serviceInfo.mServiceInstance = aService.GetInstanceLabel(); + serviceInfo.mServiceType = serviceName; + serviceInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().UnregisterService(serviceInfo, 0, nullptr); +} + +void AdvertisingProxy::RegisterKey(Host &aHost) +{ + DnsName hostName; + + aHost.mShouldRegisterKey = false; + + CopyNameAndRemoveDomain(hostName, aHost.GetFullName()); + + LogInfo("Registering key for host '%s', id:%lu", hostName, ToUlong(aHost.mKeyAdvId)); + + RegisterKey(hostName, /* aServiceType */ nullptr, aHost.mKey, aHost.mKeyAdvId, aHost.GetTtl()); +} + +void AdvertisingProxy::RegisterKey(Service &aService) +{ + DnsName serviceType; + + aService.mShouldRegisterKey = false; + + CopyNameAndRemoveDomain(serviceType, aService.GetServiceName()); + + LogInfo("Registering key for service '%s' '%s', id:%lu", aService.GetInstanceLabel(), serviceType, + ToUlong(aService.mKeyAdvId)); + + RegisterKey(aService.GetInstanceLabel(), serviceType, aService.mHost->mKey, aService.mKeyAdvId, aService.GetTtl()); +} + +void AdvertisingProxy::RegisterKey(const char *aName, + const char *aServiceType, + const Host::Key &aKey, + RequestId aRequestId, + uint32_t aTtl) +{ + Dnssd::Key keyInfo; + Dns::Ecdsa256KeyRecord keyRecord; + + keyRecord.Init(); + keyRecord.SetFlags(Dns::KeyRecord::kAuthConfidPermitted, Dns::KeyRecord::kOwnerNonZone, + Dns::KeyRecord::kSignatoryFlagGeneral); + keyRecord.SetProtocol(Dns::KeyRecord::kProtocolDnsSec); + keyRecord.SetAlgorithm(Dns::KeyRecord::kAlgorithmEcdsaP256Sha256); + keyRecord.SetLength(sizeof(Dns::Ecdsa256KeyRecord) - sizeof(Dns::ResourceRecord)); + keyRecord.SetKey(aKey); + + keyInfo.Clear(); + keyInfo.mName = aName; + keyInfo.mServiceType = aServiceType; + keyInfo.mKeyData = reinterpret_cast(&keyRecord) + sizeof(Dns::ResourceRecord); + keyInfo.mKeyDataLength = keyRecord.GetLength(); + keyInfo.mClass = Dns::ResourceRecord::kClassInternet; + keyInfo.mTtl = aTtl; + keyInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().RegisterKey(keyInfo, aRequestId, HandleRegistered); +} + +void AdvertisingProxy::UnregisterKey(Host &aHost) +{ + DnsName hostName; + + aHost.mIsKeyRegistered = false; + aHost.mKeyAdvId = kInvalidRequestId; + + CopyNameAndRemoveDomain(hostName, aHost.GetFullName()); + + LogInfo("Unregistering key for host '%s'", hostName); + + UnregisterKey(hostName, /* aServiceType */ nullptr); +} + +void AdvertisingProxy::UnregisterKey(Service &aService) +{ + DnsName serviceType; + + aService.mIsKeyRegistered = false; + aService.mKeyAdvId = kInvalidRequestId; + + CopyNameAndRemoveDomain(serviceType, aService.GetServiceName()); + + LogInfo("Unregistering key for service '%s' '%s'", aService.GetInstanceLabel(), serviceType); + + UnregisterKey(aService.GetInstanceLabel(), serviceType); +} + +void AdvertisingProxy::UnregisterKey(const char *aName, const char *aServiceType) +{ + Dnssd::Key keyInfo; + + keyInfo.Clear(); + keyInfo.mName = aName; + keyInfo.mServiceType = aServiceType; + keyInfo.mInfraIfIndex = Get().GetIfIndex(); + + Get().UnregisterKey(keyInfo, 0, nullptr); +} + +void AdvertisingProxy::CopyNameAndRemoveDomain(DnsName &aName, const char *aFullName) +{ + IgnoreError(Dns::Name::ExtractLabels(aFullName, Get().GetDomain(), aName, sizeof(aName))); +} + +void AdvertisingProxy::HandleRegistered(otInstance *aInstance, otPlatDnssdRequestId aRequestId, otError aError) +{ + AsCoreType(aInstance).Get().HandleRegistered(aRequestId, aError); +} + +void AdvertisingProxy::HandleRegistered(RequestId aRequestId, Error aError) +{ + LogInfo("Register callback, id:%lu, error:%s", ToUlong(aRequestId), ErrorToString(aError)); + + VerifyOrExit(mState == kStateRunning); + + for (Host &host : Get().mHosts) + { + HandleRegisteredRequestIdOn(host, aRequestId, aError); + } + + for (AdvInfo &adv : mAdvInfoList) + { + if (HandleRegisteredRequestIdOn(adv.mHost, aRequestId, aError)) + { + if (adv.mError == kErrorNone) + { + adv.mError = aError; + } + + if (adv.IsCompleted()) + { + mTasklet.Post(); + } + } + } + +exit: + return; +} + +bool AdvertisingProxy::HandleRegisteredRequestIdOn(Host &aHost, RequestId aRequestId, Error aError) +{ + // Handles "registration request callback" for `aRequestId` on a + // given `aHost`. Returns `true`, if the ID matched an entry + // on `aHost` and `aHost` was updated, `false` otherwise. + + bool didUpdate = false; + + VerifyOrExit(aHost.mAdvIdRange.Contains(aRequestId)); + + if (aHost.mAdvId == aRequestId) + { + aHost.mAdvId = kInvalidRequestId; + aHost.mIsRegistered = (aError == kErrorNone); + didUpdate = true; + } + + if (aHost.mKeyAdvId == aRequestId) + { + aHost.mKeyAdvId = kInvalidRequestId; + aHost.mIsKeyRegistered = true; + didUpdate = true; + } + + for (Service &service : aHost.mServices) + { + if (service.mAdvId == aRequestId) + { + service.mAdvId = kInvalidRequestId; + service.mIsRegistered = (aError == kErrorNone); + didUpdate = true; + } + + if (service.mKeyAdvId == aRequestId) + { + service.mKeyAdvId = kInvalidRequestId; + service.mIsKeyRegistered = true; + didUpdate = true; + } + } + + UpdateAdvIdRangeOn(aHost); + +exit: + return didUpdate; +} + +void AdvertisingProxy::HandleTimer(void) +{ + TimeMilli now = TimerMilli::GetNow(); + TimeMilli nextTime = now.GetDistantFuture(); + OwningList expiredList; + + VerifyOrExit(mState == kStateRunning); + + mAdvInfoList.RemoveAllMatching(AdvInfo::ExpirationChecker(now), expiredList); + + for (AdvInfo &adv : mAdvInfoList) + { + nextTime = Min(adv.mExpireTime, nextTime); + } + + if (nextTime != now.GetDistantFuture()) + { + mTimer.FireAtIfEarlier(nextTime); + } + + for (AdvInfo &adv : expiredList) + { + adv.mError = kErrorResponseTimeout; + adv.mBlockingAdv = nullptr; + adv.mHost.mAdvIdRange.Clear(); + SignalAdvCompleted(adv); + } + +exit: + return; +} + +void AdvertisingProxy::HandleTasklet(void) +{ + VerifyOrExit(mState == kStateRunning); + + while (true) + { + OwningList completedList; + + mAdvInfoList.RemoveAllMatching(AdvInfo::CompletionChecker(), completedList); + + VerifyOrExit(!completedList.IsEmpty()); + + // `RemoveAllMatching()` reverses the order of removed entries + // from `mAdvInfoList` (which itself keeps the later requests + // towards the head of the list). This means that the + // `completedList` will be sorted from earliest request to + // latest and this is the order that we want to notify + // `Srp::Server`. + + for (AdvInfo &adv : completedList) + { + SignalAdvCompleted(adv); + } + + completedList.Clear(); + } + +exit: + return; +} + +void AdvertisingProxy::SignalAdvCompleted(AdvInfo &aAdvInfo) +{ + // Check if any outstanding advertisements in the list + // is blocked by `aAdvInfo` and unblock. + + for (AdvInfo &adv : mAdvInfoList) + { + if (adv.mBlockingAdv == &aAdvInfo) + { + adv.mBlockingAdv = nullptr; + + if (adv.IsCompleted()) + { + mTasklet.Post(); + } + } + } + + switch (aAdvInfo.mError) + { + case kErrorNone: + mCounters.mAdvSuccessful++; + break; + case kErrorResponseTimeout: + mCounters.mAdvTimeout++; + break; + default: + mCounters.mAdvRejected++; + break; + } + + aAdvInfo.SignalServerToCommit(); +} + +//--------------------------------------------------------------------------------------------------------------------- +// AdvertisingProxy::AdvInfo + +AdvertisingProxy::AdvInfo::AdvInfo(Host &aHost, const Server::MessageMetadata &aMetadata, uint32_t aTimeout) + : mNext(nullptr) + , mBlockingAdv(nullptr) + , mHost(aHost) + , mExpireTime(TimerMilli::GetNow() + aTimeout) + , mMessageMetadata(aMetadata) + , mError(kErrorNone) +{ + if (aMetadata.mMessageInfo != nullptr) + { + // If `mMessageInfo` is not null in the given `aMetadata` keep + // a copy of it in `AdvInfo` structure and update the + // `mMessageMetadata` to point to the local copy instead. + + mMessageInfo = *aMetadata.mMessageInfo; + mMessageMetadata.mMessageInfo = &mMessageInfo; + } +} + +void AdvertisingProxy::AdvInfo::SignalServerToCommit(void) +{ + LogInfo("Adv done '%s', error:%s", mHost.GetFullName(), ErrorToString(mError)); + Get().CommitSrpUpdate(mError, mHost, mMessageMetadata); +} + +bool AdvertisingProxy::AdvInfo::IsCompleted(void) const +{ + bool isCompleted = false; + + VerifyOrExit(mBlockingAdv == nullptr); + isCompleted = (mError != kErrorNone) || mHost.mAdvIdRange.IsEmpty(); + +exit: + return isCompleted; +} + +} // namespace Srp +} // namespace ot + +#endif // OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE diff --git a/src/core/net/srp_advertising_proxy.hpp b/src/core/net/srp_advertising_proxy.hpp new file mode 100644 index 00000000000..19fa82dbe34 --- /dev/null +++ b/src/core/net/srp_advertising_proxy.hpp @@ -0,0 +1,322 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * @file + * This file includes definitions for Advertising Proxy. + */ + +#ifndef SRP_ADVERTISING_PROXY_HPP_ +#define SRP_ADVERTISING_PROXY_HPP_ + +#include "openthread-core-config.h" + +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + +#if !OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE +#error "OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE requires OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE" +#endif + +#if !OPENTHREAD_CONFIG_SRP_SERVER_ENABLE +#error "OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE requires OPENTHREAD_CONFIG_SRP_SERVER_ENABLE" +#endif + +#if !OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE +#error "OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE requires OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE" +#endif + +#include "common/clearable.hpp" +#include "common/heap_allocatable.hpp" +#include "common/locator.hpp" +#include "common/non_copyable.hpp" +#include "common/owning_list.hpp" +#include "common/tasklet.hpp" +#include "common/timer.hpp" +#include "net/dnssd.hpp" +#include "net/srp_server.hpp" + +namespace ot { +namespace Srp { + +/** + * Implements SRP Advertising Proxy. + * + */ +class AdvertisingProxy : public InstanceLocator, private NonCopyable +{ +public: + typedef Server::Host Host; ///< An SRP server host registration. + typedef Server::Service Service; ///< An SRP server service registration. + + /** + * Represents counters for Advertising Proxy. + * + */ + struct Counters : public Clearable + { + uint32_t mAdvTotal; ///< Total number of advertisement requests, i.e., calls to `Advertise()`. + uint32_t mAdvReplaced; ///< Number of advertisements that were replaced by a newer one. + uint32_t mAdvSkipped; ///< Number of advertisement that were skipped (DNS-SD platform not yet ready). + uint32_t mAdvSuccessful; ///< Number of successful adv (all requests registered successfully). + uint32_t mAdvRejected; ///< Number of rejected adv (at least one request was rejected by DNS-SD plat). + uint32_t mAdvTimeout; ///< Number of advertisements that timed out (no response from DNS-SD platform). + uint32_t mAdvHostRemovals; ///< Number of host removal adv, i.e., calls to `AdvertiseRemovalOf(Host &)` + uint32_t mAdvServiceRemovals; ///< Number of service removal adv, i.e., calls to `AdvertiseRemovalOf(Service &)` + uint32_t mStateChanges; ///< Number of state changes of Advertising Proxy. + }; + + /** + * Initializes the `AdvertisingProxy` object. + * + * @param[in] aInstance The OpenThread instance + * + */ + explicit AdvertisingProxy(Instance &aInstance); + + /** + * Indicates whether or not the Advertising Proxy is running. + * + * @retval TRUE The Advertising Proxy is running. + * @retval FALSE The Advertising Proxy is not running (it is stopped). + * + */ + bool IsRunning(void) const { return mState == kStateRunning; } + + /** + * Requests advertisement of a newly received SRP Update message. + * + * Once advertisement is completed, `AdvertisingProxy` notifies server by invoking `Server::CommitSrpUpdate()` + * using the same `aHost` and `aMetadata` as input parameters along with an `Error` indicating the outcome of the + * advertisement. + * + * The `aHost` instance ownership is passed to `AdvertisingProxy` until it is passed back to the `Server` in the + * `CommitSrpUpdate()` call. The call to `CommitSrpUpdate()` may happen before this method returns, for example, + * if the proxy is not running and therefore the advertisement is skipped. + * + * @param[in] aHost The `aHost` instance constructed from processing a newly received SRP Update message. + * @param[in] aMetadata The `MessageMetadata` associated with the received SRP Update message by server. + * + */ + void Advertise(Host &aHost, const Server::MessageMetadata &aMetadata); + + /** + * Requests advertisement of removal of an already committed host and all its services, for example, due to its + * lease expiration. + * + * The removal does not use any callback to notify the SRP server since the server always immediately commits the + * removed entries. + * + * If there is an outstanding advertisement request (an earlier call to `Advertise()` that has not yet completed) + * that is registering the same host name as @p aHost that is being removed, the outstanding advertisement is + * rejected using the `kErrorAbort` error. This situation can happen if the client tries to refresh or update its + * registration close to its lease expiration time. By rejecting any outstanding advertisements, we ensure that an + * expired host is not re-added by mistake due to a delay in registration by the DNS-SD platform. The error is + * passed back to the client, triggering it to retry its registration. + * + * @param[in] aHost The host which is being removed. + * + */ + void AdvertiseRemovalOf(Host &aHost); + + /** + * Requests advertisement of removal of an already committed service, for example, due to its lease expiration. + * + * The removal does not use any callback to notify the SRP server since the server always immediately commits the + * removed services. + * + * If there is an outstanding advertisement request (an earlier call to `Advertise()` that has not yet completed) + * that is registering the same service as @p aService that is being removed, we skip the advertisement of service + * removal (do not unregister the service on infrastructure DNS-SD). This ensures that when the outstanding + * advertisement is completed, the service is re-added successfully (and it is still being advertised by proxy). + * This behavior is different from `AdvertiseRemovalOf(Host &)`, where the outstanding advertisement is rejected + * because service removals are individual, compared to when removing a host where the host and all its associated + * services are removed. + * + * @param[in] aHost The host which is being removed. + * + */ + void AdvertiseRemovalOf(Service &aService); + + /** + * Gets the set of counters. + * + * @returns The `AdvertisingProxy` counter. + * + */ + const Counters &GetCounters(void) const { return mCounters; } + + /** + * Resets the counters + * + */ + void ResetCounters(void) { mCounters.Clear(); } + + /** + * Gets the advertisement timeout (in msec). + * + * The default value of `OPENTHREAD_CONFIG_SRP_SERVER_SERVICE_UPDATE_TIMEOUT` is used when not explicitly set. + * + * @returns The advertisement timeout (in msec). + * + */ + uint32_t GetAdvTimeout(void) const { return mAdvTimeout; } + + /** + * Sets the advertisement timeout. + * + * Changing the timeout is intended for testing purposes only. This allows tests to use a long timeout to validate + * the behavior of `AdvertisingProxy` when new `Advertise()` requests replace entries in earlier requests. + * + * @param[in] aTimeout The advertisement timeout (in msec). + * + */ + void SetAdvTimeout(uint32_t aTimeout) { mAdvTimeout = Max(aTimeout, kAdvTimeout); } + + /** + * Notifies `AdvertisingProxy` that SRP sever state changed. + * + */ + void HandleServerStateChange(void) { UpdateState(); } + + /** + * Notifies `AdvertisingProxy` that DND-SD platform state changed. + * + */ + void HandleDnssdPlatformStateChange(void) { UpdateState(); } + + /** + * Notifies `AdvertisingProxy` that `InfraIf` state changed. + * + */ + void HandleInfraIfStateChanged(void) { UpdateState(); } + +private: + typedef Dnssd::RequestId RequestId; + typedef char DnsName[Dns::Name::kMaxNameSize]; + + static constexpr RequestId kInvalidRequestId = Server::kInvalidRequestId; + + static constexpr uint32_t kAdvTimeout = OPENTHREAD_CONFIG_SRP_SERVER_SERVICE_UPDATE_TIMEOUT; // in msec + + enum State : uint8_t + { + kStateStopped, + kStateRunning, + }; + + struct AdvInfo : public Heap::Allocatable, public LinkedListEntry, public GetProvider + { + struct CompletionChecker + { + // Used in `Matches()` to check if advertisement is + // completed (successfully or failed). + }; + + struct ExpirationChecker + { + explicit ExpirationChecker(TimeMilli aNow) + : mNow(aNow) + { + } + + TimeMilli mNow; + }; + + AdvInfo(Host &aHost, const Server::MessageMetadata &aMetadata, uint32_t aTimeout); + void SignalServerToCommit(void); + bool IsCompleted(void) const; + bool Matches(const CompletionChecker &) const { return IsCompleted(); } + bool Matches(const ExpirationChecker &aChecker) const { return (mExpireTime <= aChecker.mNow); } + Instance &GetInstance(void) const { return mHost.GetInstance(); } + + AdvInfo *mNext; + AdvInfo *mBlockingAdv; + Host &mHost; + TimeMilli mExpireTime; + Server::MessageMetadata mMessageMetadata; + Ip6::MessageInfo mMessageInfo; + Error mError; + }; + + template void UpdateAdvIdRangeOn(Entry &aEntry); + template bool IsRegisteredOrRegistering(const Entry &aEntry) const; + template bool IsKeyRegisteredOrRegistering(const Entry &aEntry) const; + template void DecideToAdvertise(Entry &aEntry, bool aUnregisterEntry, bool aUnregisterKey); + template void UpdateKeyRegistrationStatus(Entry &aEntry, const Entry &aExistingEntry); + template bool CompareAndUpdate(Entry &aEntry, Entry &aExistingEntry); + template bool EntriesMatch(const Entry &aFirstEntry, const Entry &aSecondEntry); + + void Start(void); + void Stop(void); + void UpdateState(void); + RequestId AllocateNextRequestId(void); + void Advertise(Host &aHost); + void UnregisterHostAndItsServicesAndKeys(Host &aHost); + bool CompareAndUpdateHostAndServices(Host &aHost, Host &aExistingHost); + bool CompareAndUpdateHost(Host &aHost, Host &aExistingHost); + bool CompareAndUpdateService(Service &aService, Service &aExistingService); + void RegisterHost(Host &aHost); + void UnregisterHost(Host &aHost); + void RegisterService(Service &aService); + void UnregisterService(Service &aService); + void RegisterKey(Host &aHost); + void RegisterKey(Service &aService); + void RegisterKey(const char *aName, + const char *aServiceType, + const Host::Key &aKey, + RequestId aRequestId, + uint32_t aTtl); + void UnregisterKey(Service &aService); + void UnregisterKey(Host &aHost); + void UnregisterKey(const char *aName, const char *aServiceType); + void CopyNameAndRemoveDomain(DnsName &aName, const char *aFullName); + static void HandleRegistered(otInstance *aInstance, otPlatDnssdRequestId aRequestId, otError aError); + void HandleRegistered(RequestId aRequestId, Error aError); + bool HandleRegisteredRequestIdOn(Host &aHost, RequestId aRequestId, Error aError); + void HandleTimer(void); + void HandleTasklet(void); + void SignalAdvCompleted(AdvInfo &aAdvInfo); + + using AdvTimer = TimerMilliIn; + using AdvTasklet = TaskletIn; + + State mState; + RequestId mCurrentRequestId; + uint32_t mAdvTimeout; + OwningList mAdvInfoList; + AdvTimer mTimer; + AdvTasklet mTasklet; + Counters mCounters; +}; + +} // namespace Srp +} // namespace ot + +#endif // OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + +#endif // SRP_ADVERTISING_PROXY_HPP_ diff --git a/src/core/net/srp_server.cpp b/src/core/net/srp_server.cpp index 946b84163e6..3d6550daed3 100644 --- a/src/core/net/srp_server.cpp +++ b/src/core/net/srp_server.cpp @@ -329,7 +329,7 @@ void Server::RemoveHost(Host *aHost, RetainName aRetainName) if (mServiceUpdateHandler.IsSet()) { - uint32_t updateId = AllocateId(); + uint32_t updateId = AllocateServiceUpdateId(); LogInfo("SRP update handler is notified (updatedId = %lu)", ToUlong(updateId)); mServiceUpdateHandler.Invoke(updateId, aHost, static_cast(kDefaultEventsHandlerTimeout)); @@ -339,6 +339,12 @@ void Server::RemoveHost(Host *aHost, RetainName aRetainName) // only when there is system failure of the platform mDNS implementation // and in which case the host is not expected to be still registered. } +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + else + { + Get().AdvertiseRemovalOf(*aHost); + } +#endif if (!aRetainName) { @@ -456,7 +462,7 @@ void Server::CommitSrpUpdate(Error aError, uint32_t grantedKeyLease = 0; bool useShortLease = aHost.ShouldUseShortLeaseOption(); - if (aError != kErrorNone) + if (aError != kErrorNone || (mState != kStateRunning)) { aHost.Free(); ExitNow(); @@ -525,7 +531,27 @@ void Server::CommitSrpUpdate(Error aError, if (!aHost.HasService(existingService->GetInstanceName())) { aHost.AddService(*existingService); - existingService->Log(Service::kKeepUnchanged); + + // If host is deleted we make sure to add any existing + // service that is not already included as deleted. + // When processing an SRP update message that removes + // a host, we construct `aHost` and add any existing + // services that we have for the same host name as + // deleted. However, due to asynchronous nature + // of "update handler" (advertising proxy), by the + // time we get the callback to commit `aHost`, there + // may be new services added that were not included + // when constructing `aHost`. + + if (aHost.IsDeleted() && !existingService->IsDeleted()) + { + existingService->mIsDeleted = true; + existingService->Log(Service::kRemoveButRetainName); + } + else + { + existingService->Log(Service::kKeepUnchanged); + } } else { @@ -599,6 +625,10 @@ void Server::Start(void) PrepareSocket(); LogInfo("Start listening on port %u", mPort); +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + Get().HandleServerStateChange(); +#endif + exit: return; } @@ -708,6 +738,10 @@ void Server::Stop(void) IgnoreError(mSocket.Close()); mHasRegisteredAnyService = false; +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + Get().HandleServerStateChange(); +#endif + exit: return; } @@ -1202,18 +1236,25 @@ Error Server::ProcessAdditionalSection(Host *aHost, const Message &aMessage, Mes aHost->SetLease(leaseOption.GetLeaseInterval()); aHost->SetKeyLease(leaseOption.GetKeyLeaseInterval()); + for (Service &service : aHost->mServices) + { + if (aHost->GetLease() == 0) + { + service.mIsDeleted = true; + } + + service.mLease = service.mIsDeleted ? 0 : leaseOption.GetLeaseInterval(); + service.mKeyLease = leaseOption.GetKeyLeaseInterval(); + } + // If the client included the short variant of Lease Option, // server must also use the short variant in its response. aHost->SetUseShortLeaseOption(leaseOption.IsShortVariant()); if (aHost->GetLease() > 0) { - uint8_t hostAddressesNum; - - aHost->GetAddresses(hostAddressesNum); - // There MUST be at least one valid address if we have nonzero lease. - VerifyOrExit(hostAddressesNum > 0, error = kErrorFailed); + VerifyOrExit(aHost->mAddresses.GetLength() > 0, error = kErrorFailed); } // SIG(0). @@ -1340,6 +1381,7 @@ void Server::HandleUpdate(Host &aHost, const MessageMetadata &aMetadata) SuccessOrExit(error = service->mServiceName.Set(existingService.GetServiceName())); service->mIsDeleted = true; + service->mKeyLease = existingService.mKeyLease; } exit: @@ -1410,6 +1452,17 @@ void Server::InformUpdateHandlerOrCommit(Error aError, Host &aHost, const Messag aError = kErrorNoBufs; } +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + else if (aError == kErrorNone) + { + // Ask `AdvertisingProxy` to advertise the new update. + // Proxy will report the outcome by calling + // `Server::CommitSrpUpdate()` directly. + + Get().Advertise(aHost, aMetadata); + ExitNow(); + } +#endif CommitSrpUpdate(aError, aHost, aMetadata); @@ -1421,10 +1474,12 @@ void Server::SendResponse(const Dns::UpdateHeader &aHeader, Dns::UpdateHeader::Response aResponseCode, const Ip6::MessageInfo &aMessageInfo) { - Error error; + Error error = kErrorNone; Message *response = nullptr; Dns::UpdateHeader header; + VerifyOrExit(mState == kStateRunning, error = kErrorInvalidState); + response = GetSocket().NewMessage(); VerifyOrExit(response != nullptr, error = kErrorNoBufs); @@ -1752,6 +1807,15 @@ Error Server::Service::Init(const char *aInstanceName, const char *aInstanceLabe mUpdateTime = aUpdateTime; mIsDeleted = false; mIsCommitted = false; +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + mIsRegistered = false; + mIsKeyRegistered = false; + mIsReplaced = false; + mShouldAdvertise = false; + mShouldRegisterKey = false; + mAdvId = kInvalidRequestId; + mKeyAdvId = kInvalidRequestId; +#endif mParsedDeleteAllRrset = false; mParsedSrv = false; @@ -1930,6 +1994,15 @@ Server::Host::Host(Instance &aInstance, TimeMilli aUpdateTime) , mUpdateTime(aUpdateTime) , mParsedKey(false) , mUseShortLeaseOption(false) +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + , mIsRegistered(false) + , mIsKeyRegistered(false) + , mIsReplaced(false) + , mShouldAdvertise(false) + , mShouldRegisterKey(false) + , mAdvId(kInvalidRequestId) + , mKeyAdvId(kInvalidRequestId) +#endif { } @@ -2041,12 +2114,18 @@ void Server::Host::RemoveService(Service *aService, RetainName aRetainName, Noti VerifyOrExit(aService != nullptr); aService->mIsDeleted = true; + aService->mLease = 0; + + if (!aRetainName) + { + aService->mKeyLease = 0; + } aService->Log(aRetainName ? Service::kRemoveButRetainName : Service::kFullyRemove); if (aNotifyServiceHandler && server.mServiceUpdateHandler.IsSet()) { - uint32_t updateId = server.AllocateId(); + uint32_t updateId = server.AllocateServiceUpdateId(); LogInfo("SRP update handler is notified (updatedId = %lu)", ToUlong(updateId)); server.mServiceUpdateHandler.Invoke(updateId, this, static_cast(kDefaultEventsHandlerTimeout)); @@ -2056,6 +2135,12 @@ void Server::Host::RemoveService(Service *aService, RetainName aRetainName, Noti // failure of the platform mDNS implementation and in which case the // service is not expected to be still registered. } +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + else if (aNotifyServiceHandler) + { + Get().AdvertiseRemovalOf(*aService); + } +#endif if (!aRetainName) { @@ -2119,7 +2204,7 @@ Server::UpdateMetadata::UpdateMetadata(Instance &aInstance, Host &aHost, const M , mNext(nullptr) , mExpireTime(TimerMilli::GetNow() + kDefaultEventsHandlerTimeout) , mDnsHeader(aMessageMetadata.mDnsHeader) - , mId(Get().AllocateId()) + , mId(Get().AllocateServiceUpdateId()) , mTtlConfig(aMessageMetadata.mTtlConfig) , mLeaseConfig(aMessageMetadata.mLeaseConfig) , mHost(aHost) diff --git a/src/core/net/srp_server.hpp b/src/core/net/srp_server.hpp index c506416eca4..6b5556d4ef0 100644 --- a/src/core/net/srp_server.hpp +++ b/src/core/net/srp_server.hpp @@ -72,6 +72,7 @@ #include "common/timer.hpp" #include "crypto/ecdsa.hpp" #include "net/dns_types.hpp" +#include "net/dnssd.hpp" #include "net/ip6.hpp" #include "net/ip6_address.hpp" #include "net/udp6.hpp" @@ -101,6 +102,8 @@ class RoutingManager; namespace Srp { +class AdvertisingProxy; + /** * Implements the SRP server. * @@ -112,6 +115,7 @@ class Server : public InstanceLocator, private NonCopyable friend class Service; friend class Host; friend class Dns::ServiceDiscovery::Server; + friend class AdvertisingProxy; #if OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE friend class BorderRouter::RoutingManager; #endif @@ -128,6 +132,10 @@ class Server : public InstanceLocator, private NonCopyable kNotifyServiceHandler = true, }; +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + static constexpr Dnssd::RequestId kInvalidRequestId = 0; +#endif + public: static constexpr uint16_t kUdpPortMin = OPENTHREAD_CONFIG_SRP_SERVER_UDP_PORT_MIN; ///< The reserved min port. static constexpr uint16_t kUdpPortMax = OPENTHREAD_CONFIG_SRP_SERVER_UDP_PORT_MAX; ///< The reserved max port. @@ -185,6 +193,7 @@ class Server : public InstanceLocator, private NonCopyable friend class LinkedList; friend class LinkedListEntry; friend class Heap::Allocatable; + friend class AdvertisingProxy; public: /** @@ -432,6 +441,15 @@ class Server : public InstanceLocator, private NonCopyable bool mParsedDeleteAllRrset : 1; bool mParsedSrv : 1; bool mParsedTxt : 1; +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + bool mIsRegistered : 1; + bool mIsKeyRegistered : 1; + bool mIsReplaced : 1; + bool mShouldAdvertise : 1; + bool mShouldRegisterKey : 1; + Dnssd::RequestId mAdvId; + Dnssd::RequestId mKeyAdvId; +#endif }; /** @@ -447,6 +465,7 @@ class Server : public InstanceLocator, private NonCopyable friend class Server; friend class LinkedListEntry; friend class Heap::Allocatable; + friend class AdvertisingProxy; public: typedef Crypto::Ecdsa::P256::PublicKey Key; ///< Host key (public ECDSA P256 key). @@ -603,6 +622,16 @@ class Server : public InstanceLocator, private NonCopyable LinkedList mServices; bool mParsedKey : 1; bool mUseShortLeaseOption : 1; // Use short lease option (lease only 4 bytes). +#if OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE + bool mIsRegistered : 1; + bool mIsKeyRegistered : 1; + bool mIsReplaced : 1; + bool mShouldAdvertise : 1; + bool mShouldRegisterKey : 1; + Dnssd::RequestId mAdvId; + Dnssd::RequestId mKeyAdvId; + Dnssd::RequestIdRange mAdvIdRange; +#endif }; /** @@ -945,6 +974,7 @@ class Server : public InstanceLocator, private NonCopyable void SelectPort(void); void PrepareSocket(void); Ip6::Udp::Socket &GetSocket(void); + LinkedList &GetHosts(void) { return mHosts; } #if OPENTHREAD_CONFIG_DNSSD_SERVER_ENABLE void HandleDnssdServerStateChange(void); @@ -953,7 +983,7 @@ class Server : public InstanceLocator, private NonCopyable void HandleNetDataPublisherEvent(NetworkData::Publisher::Event aEvent); - ServiceUpdateId AllocateId(void) { return mServiceUpdateId++; } + ServiceUpdateId AllocateServiceUpdateId(void) { return mServiceUpdateId++; } void InformUpdateHandlerOrCommit(Error aError, Host &aHost, const MessageMetadata &aMetadata); void CommitSrpUpdate(Error aError, Host &aHost, const MessageMetadata &aMessageMetadata); diff --git a/tests/fuzz/oss-fuzz-build b/tests/fuzz/oss-fuzz-build index c8bb40789b7..e83c5c80976 100755 --- a/tests/fuzz/oss-fuzz-build +++ b/tests/fuzz/oss-fuzz-build @@ -68,6 +68,7 @@ set -euxo pipefail -DOT_SERVICE=ON \ -DOT_SLAAC=ON \ -DOT_SNTP_CLIENT=ON \ + -DOT_SRN_ADV_PROXY=ON \ -DOT_SRP_CLIENT=ON \ -DOT_SRP_SERVER=ON \ -DOT_THREAD_VERSION=1.3 \ diff --git a/tests/toranj/openthread-core-toranj-config-simulation.h b/tests/toranj/openthread-core-toranj-config-simulation.h index facfce9de0b..bc933d17f11 100644 --- a/tests/toranj/openthread-core-toranj-config-simulation.h +++ b/tests/toranj/openthread-core-toranj-config-simulation.h @@ -61,6 +61,10 @@ #define OPENTHREAD_CONFIG_DNS_DSO_ENABLE 1 +#define OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE 1 + +#define OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE 1 + #define OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE 1 #define OPENTHREAD_CONFIG_BORDER_ROUTING_USE_HEAP_ENABLE 1 diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index f44ffaeea73..1a9b1822832 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -1116,6 +1116,27 @@ target_link_libraries(ot-test-serial-number add_test(NAME ot-test-serial-number COMMAND ot-test-serial-number) +add_executable(ot-test-srp-adv-proxy + test_srp_adv_proxy.cpp +) + +target_include_directories(ot-test-srp-adv-proxy + PRIVATE + ${COMMON_INCLUDES} +) + +target_compile_options(ot-test-srp-adv-proxy + PRIVATE + ${COMMON_COMPILE_OPTIONS} +) + +target_link_libraries(ot-test-srp-adv-proxy + PRIVATE + ${COMMON_LIBS} +) + +add_test(NAME ot-test-srp-adv-proxy COMMAND ot-test-srp-adv-proxy) + add_executable(ot-test-srp-server test_srp_server.cpp ) diff --git a/tests/unit/test_platform.cpp b/tests/unit/test_platform.cpp index 43f6224cbeb..40e23ceb462 100644 --- a/tests/unit/test_platform.cpp +++ b/tests/unit/test_platform.cpp @@ -738,4 +738,81 @@ otError otPlatBleGattServerIndicate(otInstance *aInstance, uint16_t aHandle, con } #endif // OPENTHREAD_CONFIG_BLE_TCAT_ENABLE +#if OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + +OT_TOOL_WEAK otPlatDnssdState otPlatDnssdGetState(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + + return OT_PLAT_DNSSD_STOPPED; +} + +OT_TOOL_WEAK void otPlatDnssdRegisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aService); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +OT_TOOL_WEAK void otPlatDnssdUnregisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aService); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +OT_TOOL_WEAK void otPlatDnssdRegisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHost); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +OT_TOOL_WEAK void otPlatDnssdUnregisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aHost); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +OT_TOOL_WEAK void otPlatDnssdRegisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aKey); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +OT_TOOL_WEAK void otPlatDnssdUnregisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + OT_UNUSED_VARIABLE(aInstance); + OT_UNUSED_VARIABLE(aKey); + OT_UNUSED_VARIABLE(aRequestId); + OT_UNUSED_VARIABLE(aCallback); +} + +#endif // OPENTHREAD_CONFIG_PLATFORM_DNSSD_ENABLE + } // extern "C" diff --git a/tests/unit/test_platform.h b/tests/unit/test_platform.h index 7197feb7e35..f1c7eb4f47d 100644 --- a/tests/unit/test_platform.h +++ b/tests/unit/test_platform.h @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include diff --git a/tests/unit/test_srp_adv_proxy.cpp b/tests/unit/test_srp_adv_proxy.cpp new file mode 100644 index 00000000000..9fe8809bf2d --- /dev/null +++ b/tests/unit/test_srp_adv_proxy.cpp @@ -0,0 +1,2781 @@ +/* + * Copyright (c) 2023, The OpenThread Authors. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +#include "test_platform.h" +#include "test_util.hpp" + +#include +#include +#include +#include + +#include "common/arg_macros.hpp" +#include "common/array.hpp" +#include "common/string.hpp" +#include "common/time.hpp" +#include "instance/instance.hpp" + +#if OPENTHREAD_CONFIG_SRP_SERVER_ENABLE && OPENTHREAD_CONFIG_SRP_CLIENT_ENABLE && \ + OPENTHREAD_CONFIG_SRP_SERVER_ADVERTISING_PROXY_ENABLE && !OPENTHREAD_CONFIG_TIME_SYNC_ENABLE && \ + !OPENTHREAD_PLATFORM_POSIX +#define ENABLE_ADV_PROXY_TEST 1 +#else +#define ENABLE_ADV_PROXY_TEST 0 +#endif + +#if ENABLE_ADV_PROXY_TEST + +using namespace ot; + +// Logs a message and adds current time (sNow) as "::." +#define Log(...) \ + printf("%02u:%02u:%02u.%03u " OT_FIRST_ARG(__VA_ARGS__) "\n", (sNow / 36000000), (sNow / 60000) % 60, \ + (sNow / 1000) % 60, sNow % 1000 OT_REST_ARGS(__VA_ARGS__)) + +static constexpr uint16_t kMaxRaSize = 800; + +static ot::Instance *sInstance; + +static uint32_t sNow = 0; +static uint32_t sAlarmTime; +static bool sAlarmOn = false; + +static otRadioFrame sRadioTxFrame; +static uint8_t sRadioTxFramePsdu[OT_RADIO_FRAME_MAX_SIZE]; +static bool sRadioTxOngoing = false; + +//---------------------------------------------------------------------------------------------------------------------- +// Function prototypes + +void ProcessRadioTxAndTasklets(void); +void AdvanceTime(uint32_t aDuration); + +//---------------------------------------------------------------------------------------------------------------------- +// `otPlatRadio` + +extern "C" { + +otRadioCaps otPlatRadioGetCaps(otInstance *) { return OT_RADIO_CAPS_ACK_TIMEOUT | OT_RADIO_CAPS_CSMA_BACKOFF; } + +otError otPlatRadioTransmit(otInstance *, otRadioFrame *) +{ + sRadioTxOngoing = true; + + return OT_ERROR_NONE; +} + +otRadioFrame *otPlatRadioGetTransmitBuffer(otInstance *) { return &sRadioTxFrame; } + +//---------------------------------------------------------------------------------------------------------------------- +// `otPlatAlarm` + +void otPlatAlarmMilliStop(otInstance *) { sAlarmOn = false; } + +void otPlatAlarmMilliStartAt(otInstance *, uint32_t aT0, uint32_t aDt) +{ + sAlarmOn = true; + sAlarmTime = aT0 + aDt; +} + +uint32_t otPlatAlarmMilliGetNow(void) { return sNow; } + +//---------------------------------------------------------------------------------------------------------------------- +// `otPlatDnssd` + +static constexpr uint16_t kDnssdArraySize = 128; + +struct DnssdRequest +{ + DnssdRequest(void) = default; + + DnssdRequest(otPlatDnssdRequestId aId, otPlatDnssdRegisterCallback aCallback) + : mId(aId) + , mCallback(aCallback) + { + } + + otPlatDnssdRequestId mId; + otPlatDnssdRegisterCallback mCallback; +}; + +static Array sDnssdRegHostRequests; +static Array sDnssdUnregHostRequests; +static Array sDnssdRegServiceRequests; +static Array sDnssdUnregServiceRequests; +static Array sDnssdRegKeyRequests; +static Array sDnssdUnregKeyRequests; + +static bool sDnssdShouldCheckWithClient = true; +static Error sDnssdCallbackError = kErrorPending; +static otPlatDnssdState sDnssdState = OT_PLAT_DNSSD_READY; +static uint16_t sDnssdNumHostAddresses = 0; + +constexpr uint32_t kInfraIfIndex = 1; + +otPlatDnssdState otPlatDnssdGetState(otInstance *aInstance) +{ + OT_UNUSED_VARIABLE(aInstance); + + return sDnssdState; +} + +void otPlatDnssdRegisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdRegisterService(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" hostName : %s", aService->mHostName); + Log(" serviceInstance: %s", aService->mServiceInstance); + Log(" serviceType : %s", aService->mServiceType); + Log(" num sub-types : %u", aService->mSubTypeLabelsLength); + + for (uint16_t index = 0; index < aService->mSubTypeLabelsLength; index++) + { + Log(" sub-type %-4u : %s", index, aService->mSubTypeLabels[index]); + } + + Log(" TXT data len : %u", aService->mTxtDataLength); + Log(" port : %u", aService->mPort); + Log(" priority : %u", aService->mPriority); + Log(" weight : %u", aService->mWeight); + Log(" TTL : %u", aService->mTtl); + Log(" Infra-if index : %u", aService->mInfraIfIndex); + + VerifyOrQuit(aInstance == sInstance); + VerifyOrQuit(aService->mInfraIfIndex == kInfraIfIndex); + + if (sDnssdShouldCheckWithClient) + { + Srp::Client &srpClient = AsCoreType(aInstance).Get(); + bool didFind = false; + + VerifyOrQuit(StringMatch(srpClient.GetHostInfo().GetName(), aService->mHostName)); + + didFind = false; + + for (const Srp::Client::Service &service : srpClient.GetServices()) + { + if (StringMatch(service.GetInstanceName(), aService->mServiceInstance)) + { + didFind = true; + VerifyOrQuit(StringMatch(service.GetName(), aService->mServiceType)); + VerifyOrQuit(service.GetPort() == aService->mPort); + VerifyOrQuit(service.GetWeight() == aService->mWeight); + VerifyOrQuit(service.GetPriority() == aService->mPriority); + VerifyOrQuit(service.HasSubType() == (aService->mSubTypeLabelsLength != 0)); + } + } + + VerifyOrQuit(didFind); + } + + SuccessOrQuit(sDnssdRegServiceRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +void otPlatDnssdUnregisterService(otInstance *aInstance, + const otPlatDnssdService *aService, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdUnregisterService(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" hostName : %s", aService->mHostName); + Log(" serviceInstance: %s", aService->mServiceInstance); + Log(" serviceName : %s", aService->mServiceType); + Log(" Infra-if index : %u", aService->mInfraIfIndex); + + VerifyOrQuit(aInstance == sInstance); + VerifyOrQuit(aService->mInfraIfIndex == kInfraIfIndex); + + if (sDnssdShouldCheckWithClient) + { + // Validate the received service info matches one of the services + // on SRP client. + + Srp::Client &srpClient = AsCoreType(aInstance).Get(); + bool didFind = false; + + VerifyOrQuit(StringMatch(srpClient.GetHostInfo().GetName(), aService->mHostName)); + + for (const Srp::Client::Service &service : srpClient.GetServices()) + { + if (StringMatch(service.GetInstanceName(), aService->mServiceInstance)) + { + didFind = true; + VerifyOrQuit(StringMatch(service.GetName(), aService->mServiceType)); + } + } + + VerifyOrQuit(didFind); + } + + SuccessOrQuit(sDnssdUnregServiceRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +void otPlatDnssdRegisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdRegisterHost(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" hostName : %s", aHost->mHostName); + Log(" numAddresses : %u", aHost->mAddressesLength); + + for (uint16_t index = 0; index < aHost->mAddressesLength; index++) + { + Log(" Address %-4u : %s", index, AsCoreType(&aHost->mAddresses[index]).ToString().AsCString()); + } + + Log(" TTL : %u", aHost->mTtl); + Log(" Infra-if index : %u", aHost->mInfraIfIndex); + + VerifyOrQuit(aInstance == sInstance); + VerifyOrQuit(aHost->mInfraIfIndex == kInfraIfIndex); + + sDnssdNumHostAddresses = aHost->mAddressesLength; + + if (sDnssdShouldCheckWithClient) + { + VerifyOrQuit(StringMatch(AsCoreType(aInstance).Get().GetHostInfo().GetName(), aHost->mHostName)); + } + + SuccessOrQuit(sDnssdRegHostRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +void otPlatDnssdUnregisterHost(otInstance *aInstance, + const otPlatDnssdHost *aHost, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdUnregisterHost(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" hostName : %s", aHost->mHostName); + Log(" Infra-if index : %u", aHost->mInfraIfIndex); + + VerifyOrQuit(sInstance == aInstance); + VerifyOrQuit(aHost->mInfraIfIndex == kInfraIfIndex); + + if (sDnssdShouldCheckWithClient) + { + VerifyOrQuit(StringMatch(AsCoreType(aInstance).Get().GetHostInfo().GetName(), aHost->mHostName)); + } + + SuccessOrQuit(sDnssdUnregHostRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +void otPlatDnssdRegisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdRegisterKey(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" name : %s", aKey->mName); + Log(" serviceType : %s", aKey->mServiceType == nullptr ? "(null)" : aKey->mServiceType); + Log(" key data-len : %u", aKey->mKeyDataLength); + Log(" TTL : %u", aKey->mTtl); + + VerifyOrQuit(aInstance == sInstance); + VerifyOrQuit(aKey->mInfraIfIndex == kInfraIfIndex); + + if (sDnssdShouldCheckWithClient) + { + if (aKey->mServiceType == nullptr) + { + VerifyOrQuit(StringMatch(AsCoreType(aInstance).Get().GetHostInfo().GetName(), aKey->mName)); + } + else + { + bool didFind = false; + + for (const Srp::Client::Service &service : AsCoreType(aInstance).Get().GetServices()) + { + if (StringMatch(service.GetInstanceName(), aKey->mName)) + { + didFind = true; + VerifyOrQuit(StringMatch(service.GetName(), aKey->mServiceType)); + } + } + + VerifyOrQuit(didFind); + } + } + + SuccessOrQuit(sDnssdRegKeyRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +void otPlatDnssdUnregisterKey(otInstance *aInstance, + const otPlatDnssdKey *aKey, + otPlatDnssdRequestId aRequestId, + otPlatDnssdRegisterCallback aCallback) +{ + Log("otPlatDnssdUnregisterKey(aRequestId: %lu)", ToUlong(aRequestId)); + Log(" name : %s", aKey->mName); + + VerifyOrQuit(aInstance == sInstance); + VerifyOrQuit(aKey->mInfraIfIndex == kInfraIfIndex); + + if (sDnssdShouldCheckWithClient) + { + if (aKey->mServiceType == nullptr) + { + VerifyOrQuit(StringMatch(AsCoreType(aInstance).Get().GetHostInfo().GetName(), aKey->mName)); + } + else + { + bool didFind = false; + + for (const Srp::Client::Service &service : AsCoreType(aInstance).Get().GetServices()) + { + if (StringMatch(service.GetInstanceName(), aKey->mName)) + { + didFind = true; + VerifyOrQuit(StringMatch(service.GetName(), aKey->mServiceType)); + } + } + + VerifyOrQuit(didFind); + } + } + + SuccessOrQuit(sDnssdUnregKeyRequests.PushBack(DnssdRequest(aRequestId, aCallback))); + + if ((sDnssdCallbackError != kErrorPending) && (aCallback != nullptr)) + { + aCallback(aInstance, aRequestId, sDnssdCallbackError); + } +} + +// Number of times we expect each `otPlatDnssd` request to be called +struct DnssdRequestCounts : public Clearable +{ + DnssdRequestCounts(void) { Clear(); } + + uint16_t mKeyReg; + uint16_t mHostReg; + uint16_t mServiceReg; + uint16_t mKeyUnreg; + uint16_t mHostUnreg; + uint16_t mServiceUnreg; +}; + +void VerifyDnnsdRequests(const DnssdRequestCounts &aRequestCounts, bool aAllowMoreUnregs = false) +{ + VerifyOrQuit(sDnssdRegKeyRequests.GetLength() == aRequestCounts.mKeyReg); + VerifyOrQuit(sDnssdRegHostRequests.GetLength() == aRequestCounts.mHostReg); + VerifyOrQuit(sDnssdRegServiceRequests.GetLength() == aRequestCounts.mServiceReg); + + if (aAllowMoreUnregs) + { + VerifyOrQuit(sDnssdUnregKeyRequests.GetLength() >= aRequestCounts.mKeyUnreg); + VerifyOrQuit(sDnssdUnregHostRequests.GetLength() >= aRequestCounts.mHostUnreg); + VerifyOrQuit(sDnssdUnregServiceRequests.GetLength() >= aRequestCounts.mServiceUnreg); + } + else + { + VerifyOrQuit(sDnssdUnregKeyRequests.GetLength() == aRequestCounts.mKeyUnreg); + VerifyOrQuit(sDnssdUnregHostRequests.GetLength() == aRequestCounts.mHostUnreg); + VerifyOrQuit(sDnssdUnregServiceRequests.GetLength() == aRequestCounts.mServiceUnreg); + } +} + +//---------------------------------------------------------------------------------------------------------------------- + +Array sHeapAllocatedPtrs; + +#if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE +void *otPlatCAlloc(size_t aNum, size_t aSize) +{ + void *ptr = calloc(aNum, aSize); + + SuccessOrQuit(sHeapAllocatedPtrs.PushBack(ptr)); + + return ptr; +} + +void otPlatFree(void *aPtr) +{ + if (aPtr != nullptr) + { + void **entry = sHeapAllocatedPtrs.Find(aPtr); + + VerifyOrQuit(entry != nullptr, "A heap allocated item is freed twice"); + sHeapAllocatedPtrs.Remove(*entry); + } + + free(aPtr); +} +#endif + +#if OPENTHREAD_CONFIG_LOG_OUTPUT == OPENTHREAD_CONFIG_LOG_OUTPUT_PLATFORM_DEFINED +void otPlatLog(otLogLevel aLogLevel, otLogRegion aLogRegion, const char *aFormat, ...) +{ + OT_UNUSED_VARIABLE(aLogLevel); + OT_UNUSED_VARIABLE(aLogRegion); + + va_list args; + + printf(" "); + va_start(args, aFormat); + vprintf(aFormat, args); + va_end(args); + printf("\n"); +} +#endif + +} // extern "C" + +//--------------------------------------------------------------------------------------------------------------------- + +void ProcessRadioTxAndTasklets(void) +{ + do + { + if (sRadioTxOngoing) + { + sRadioTxOngoing = false; + otPlatRadioTxStarted(sInstance, &sRadioTxFrame); + otPlatRadioTxDone(sInstance, &sRadioTxFrame, nullptr, OT_ERROR_NONE); + } + + otTaskletsProcess(sInstance); + } while (otTaskletsArePending(sInstance)); +} + +void AdvanceTime(uint32_t aDuration) +{ + uint32_t time = sNow + aDuration; + + Log("AdvanceTime for %u.%03u", aDuration / 1000, aDuration % 1000); + + while (TimeMilli(sAlarmTime) <= TimeMilli(time)) + { + ProcessRadioTxAndTasklets(); + sNow = sAlarmTime; + otPlatAlarmMilliFired(sInstance); + } + + ProcessRadioTxAndTasklets(); + sNow = time; +} + +void InitTest(void) +{ + //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + // Initialize OT instance. + + sNow = 0; + sAlarmOn = false; + sInstance = static_cast(testInitInstance()); + + memset(&sRadioTxFrame, 0, sizeof(sRadioTxFrame)); + sRadioTxFrame.mPsdu = sRadioTxFramePsdu; + sRadioTxOngoing = false; + + sDnssdShouldCheckWithClient = true; + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdCallbackError = kErrorPending; + sDnssdRegHostRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + + //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + // Initialize Border Router and start Thread operation. + + otOperationalDataset dataset; + otOperationalDatasetTlvs datasetTlvs; + + SuccessOrQuit(otDatasetCreateNewNetwork(sInstance, &dataset)); + SuccessOrQuit(otDatasetConvertToTlvs(&dataset, &datasetTlvs)); + SuccessOrQuit(otDatasetSetActiveTlvs(sInstance, &datasetTlvs)); + + SuccessOrQuit(otIp6SetEnabled(sInstance, true)); + SuccessOrQuit(otThreadSetEnabled(sInstance, true)); + + //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + // Ensure device starts as leader. + + AdvanceTime(10000); + + VerifyOrQuit(otThreadGetDeviceRole(sInstance) == OT_DEVICE_ROLE_LEADER); +} + +void FinalizeTest(void) +{ + SuccessOrQuit(otIp6SetEnabled(sInstance, false)); + SuccessOrQuit(otThreadSetEnabled(sInstance, false)); + SuccessOrQuit(otInstanceErasePersistentInfo(sInstance)); + testFreeInstance(sInstance); +} + +//--------------------------------------------------------------------------------------------------------------------- +// SRP Client callback + +static bool sProcessedClientCallback = false; +static Error sLastClientCallbackError = kErrorNone; + +void HandleSrpClientCallback(otError aError, + const otSrpClientHostInfo *aHostInfo, + const otSrpClientService *aServices, + const otSrpClientService *aRemovedServices, + void *aContext) +{ + Log("HandleSrpClientCallback() called with error %s", ErrorToString(aError)); + + VerifyOrQuit(aContext == sInstance); + + sProcessedClientCallback = true; + sLastClientCallbackError = aError; + + OT_UNUSED_VARIABLE(aHostInfo); + OT_UNUSED_VARIABLE(aServices); + OT_UNUSED_VARIABLE(aRemovedServices); +} + +static const char kHostName[] = "awesomehost"; + +void PrepareService1(Srp::Client::Service &aService) +{ + static const char kServiceName[] = "_srv1._udp"; + static const char kInstanceLabel[] = "service1"; + static const char kSub1[] = "_sub1"; + static const char kSub2[] = "_sub2"; + static const char kSub3[] = "_sub3"; + static const char *kSubLabels[] = {kSub1, kSub2, kSub3, nullptr}; + static const char kTxtKey1[] = "ABCD"; + static const uint8_t kTxtValue1[] = {'a', '0'}; + static const char kTxtKey2[] = "Z0"; + static const uint8_t kTxtValue2[] = {'1', '2', '3'}; + static const char kTxtKey3[] = "D"; + static const uint8_t kTxtValue3[] = {0}; + static const otDnsTxtEntry kTxtEntries[] = { + {kTxtKey1, kTxtValue1, sizeof(kTxtValue1)}, + {kTxtKey2, kTxtValue2, sizeof(kTxtValue2)}, + {kTxtKey3, kTxtValue3, sizeof(kTxtValue3)}, + }; + + memset(&aService, 0, sizeof(aService)); + aService.mName = kServiceName; + aService.mInstanceName = kInstanceLabel; + aService.mSubTypeLabels = kSubLabels; + aService.mTxtEntries = kTxtEntries; + aService.mNumTxtEntries = 3; + aService.mPort = 777; + aService.mWeight = 1; + aService.mPriority = 2; +} + +void PrepareService2(Srp::Client::Service &aService) +{ + static const char kService2Name[] = "_matter._udp"; + static const char kInstance2Label[] = "service2"; + static const char kSub4[] = "_44444444"; + static const char *kSubLabels2[] = {kSub4, nullptr}; + + memset(&aService, 0, sizeof(aService)); + aService.mName = kService2Name; + aService.mInstanceName = kInstance2Label; + aService.mSubTypeLabels = kSubLabels2; + aService.mTxtEntries = nullptr; + aService.mNumTxtEntries = 0; + aService.mPort = 555; + aService.mWeight = 0; + aService.mPriority = 3; +} + +//---------------------------------------------------------------------------------------------------------------------- + +typedef Dnssd::RequestId RequestId; +typedef Dnssd::RequestIdRange RequestIdRange; + +void ValidateRequestIdRange(const RequestIdRange &aIdRange, RequestId aStart, RequestId aEnd) +{ + RequestId maxId = NumericLimits::kMax; + bool shouldContain = false; + + VerifyOrQuit(!aIdRange.IsEmpty()); + + for (RequestId id = aStart - 5; id != aEnd + 6; id++) + { + // `idRange` should contain IDs within range `[aStart, aEnd]` + + if (id == aStart) + { + shouldContain = true; + } + + if (id == aEnd + 1) + { + shouldContain = false; + } + + VerifyOrQuit(aIdRange.Contains(id) == shouldContain); + } + + // Test values that half the range apart + + for (RequestId id = aStart + maxId / 2 - 10; id != aEnd + maxId / 2 + 10; id++) + { + VerifyOrQuit(!aIdRange.Contains(id)); + } +} + +void TestDnssdRequestIdRange(void) +{ + RequestId maxId = NumericLimits::kMax; + RequestIdRange idRange; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestDnssdRequestIdRange"); + + VerifyOrQuit(idRange.IsEmpty()); + + idRange.Add(5); + ValidateRequestIdRange(idRange, 5, 5); + + idRange.Remove(4); + ValidateRequestIdRange(idRange, 5, 5); + + idRange.Remove(6); + ValidateRequestIdRange(idRange, 5, 5); + + idRange.Remove(5); + VerifyOrQuit(idRange.IsEmpty()); + VerifyOrQuit(!idRange.Contains(5)); + + // Adding and removing multiple IDs + + idRange.Add(10); + idRange.Add(15); + ValidateRequestIdRange(idRange, 10, 15); + + idRange.Add(12); + ValidateRequestIdRange(idRange, 10, 15); + idRange.Add(15); + ValidateRequestIdRange(idRange, 10, 15); + idRange.Add(10); + ValidateRequestIdRange(idRange, 10, 15); + + idRange.Add(9); + ValidateRequestIdRange(idRange, 9, 15); + idRange.Add(16); + ValidateRequestIdRange(idRange, 9, 16); + + idRange.Remove(10); + ValidateRequestIdRange(idRange, 9, 16); + idRange.Remove(15); + ValidateRequestIdRange(idRange, 9, 16); + + idRange.Remove(8); + ValidateRequestIdRange(idRange, 9, 16); + idRange.Remove(17); + ValidateRequestIdRange(idRange, 9, 16); + + idRange.Remove(9); + ValidateRequestIdRange(idRange, 10, 16); + idRange.Remove(16); + ValidateRequestIdRange(idRange, 10, 15); + + idRange.Clear(); + VerifyOrQuit(idRange.IsEmpty()); + VerifyOrQuit(!idRange.Contains(10)); + + // Ranges close to roll-over max value + + idRange.Add(maxId); + ValidateRequestIdRange(idRange, maxId, maxId); + + idRange.Remove(0); + ValidateRequestIdRange(idRange, maxId, maxId); + idRange.Remove(maxId - 1); + ValidateRequestIdRange(idRange, maxId, maxId); + + idRange.Add(0); + ValidateRequestIdRange(idRange, maxId, 0); + + idRange.Add(maxId - 2); + ValidateRequestIdRange(idRange, maxId - 2, 0); + + idRange.Add(3); + ValidateRequestIdRange(idRange, maxId - 2, 3); + idRange.Add(3); + ValidateRequestIdRange(idRange, maxId - 2, 3); + + idRange.Remove(4); + ValidateRequestIdRange(idRange, maxId - 2, 3); + idRange.Remove(maxId - 3); + ValidateRequestIdRange(idRange, maxId - 2, 3); + + idRange.Remove(3); + ValidateRequestIdRange(idRange, maxId - 2, 2); + + idRange.Remove(maxId - 2); + ValidateRequestIdRange(idRange, maxId - 1, 2); + + Log("End of TestDnssdRequestIdRange"); +} + +void TestSrpAdvProxy(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxy"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorNone; // Invoke callback directly from dnssd APIs + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + srpClient->SetLeaseInterval(180); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a service"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + dnssdCounts.mKeyReg += 2; + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a second service"); + + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // This time we should only see the new service and its key being + // registered as the host is same as before and already registered + + dnssdCounts.mKeyReg++; + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Wait for longer than lease interval for client to refresh"); + + sProcessedClientCallback = false; + + AdvanceTime(181 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + + // Validate that adv-proxy does not update any of registration on + // DNS-SD platform since there is no change. + + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal >= 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == advProxy->GetCounters().mAdvTotal); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add a new on-mesh prefix so to get a new host address"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:abba::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + sProcessedClientCallback = false; + + AdvanceTime(5 * 1000); + + // This time we should only see new host registration + // since that's the only thing that changes + + dnssdCounts.mHostReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove the first service on client"); + + SuccessOrQuit(srpClient->RemoveService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // We should see the service being unregistered + // by advertising proxy on DNS-SD platform but its key + // remains registered. + + dnssdCounts.mServiceUnreg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + // Wait for more than lease interval again and make sure + // there is no change in DNS-SD platform API calls. + + sProcessedClientCallback = false; + + AdvanceTime(181 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Change service 2 on client, remove its sub-type"); + + SuccessOrQuit(srpClient->ClearService(service2)); + PrepareService2(service2); + service2.mSubTypeLabels = nullptr; + + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // Since the service is now changed, advertising proxy + // should update it (re-register it) on DNS-SD APIs. + + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove the host on client"); + + SuccessOrQuit(srpClient->RemoveHostAndServices(/* aShouldRemoveKeyLease */ false)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // We should see the host and service being unregistered + // on DNS-SD APIs but keys remain unchanged. + + dnssdCounts.mHostUnreg++; + dnssdCounts.mServiceUnreg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + VerifyOrQuit(service2.GetState() == Srp::Client::kRemoved); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove the host on client again and force an update to be sent to server"); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->RemoveHostAndServices(/* aShouldRemoveKeyLease */ false, /* aSendUnregToServer */ true)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // We should see no changes (no calls) to DNS-SD APIs. + + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Re-add service 1 on client and register with server"); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + PrepareService1(service1); + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + // We should see one host register and one service register + // on DNS-SD APIs. Keys are already registered. + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + // Wait for more than lease interval again and make sure + // there is no change in DNS-SD platform API calls. + + sProcessedClientCallback = false; + + AdvanceTime(181 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP client and wait for lease time to expire"); + + srpClient->ClearHostAndServices(); // does not signal removal to server + + // Since we clear everything on SRP client, we disable + // matching the services with client from `otPlatDnssd` + // APIs. + sDnssdShouldCheckWithClient = false; + + AdvanceTime(181 * 1000); + + // Make sure host and service are unregistered. + + dnssdCounts.mHostUnreg++; + dnssdCounts.mServiceUnreg++; + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + VerifyOrQuit(!advProxy->IsRunning()); + + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == advProxy->GetCounters().mAdvTotal); + VerifyOrQuit(advProxy->GetCounters().mAdvTimeout == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvSkipped == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + dnssdCounts.mKeyUnreg += 3; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxy"); +} + +void TestSrpAdvProxyDnssdStateChange(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyDnssdStateChange"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_STOPPED; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorNone; // Invoke callback directly + + VerifyOrQuit(!advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(!advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + srpClient->SetLeaseInterval(180); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a services"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a second service"); + + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + // None of the DNS-SD APIs should be called since its state + // `OT_PLAT_DNSSD_STOPPED` (`dnssdCounts` is all zeros). + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Update DNS-SD state and signal that state is changed"); + + sDnssdState = OT_PLAT_DNSSD_READY; + otPlatDnssdStateHandleStateChange(sInstance); + + AdvanceTime(5); + + VerifyOrQuit(advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 1); + + // Now the host and two services should be registered on + // DNS-SD platform + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg += 2; + dnssdCounts.mKeyReg += 3; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Wait for longer than lease interval for client to refresh"); + + sProcessedClientCallback = false; + + AdvanceTime(181 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + + // Validate that adv-proxy does not update any of registration on + // DNS-SD platform since there is no change. + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Update DNS-SD state to `STOPPED` and signal its change"); + + sDnssdState = OT_PLAT_DNSSD_STOPPED; + otPlatDnssdStateHandleStateChange(sInstance); + + AdvanceTime(5); + + VerifyOrQuit(!advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 2); + + // Since DNS-SD platform signal that it is stopped, + // there should be no calls to any of APIs. + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Wait for longer than lease interval for client to refresh"); + + sProcessedClientCallback = false; + + AdvanceTime(181 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + // The DNS-SD API counters should remain unchanged + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Update DNS-SD state to `READY` and signal its change"); + + sDnssdState = OT_PLAT_DNSSD_READY; + otPlatDnssdStateHandleStateChange(sInstance); + + AdvanceTime(5); + + VerifyOrQuit(advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 3); + + // Check that the host and two services are again registered + // on DNS-SD platform by advertising proxy. + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg += 2; + dnssdCounts.mKeyReg += 3; + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Update DNS-SD state to `STOPPED` and signal its change"); + + sDnssdState = OT_PLAT_DNSSD_STOPPED; + otPlatDnssdStateHandleStateChange(sInstance); + + AdvanceTime(5); + + VerifyOrQuit(!advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 4); + + // Since DNS-SD platform signal that it is stopped, + // there should be no calls to any of APIs. + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove the first service on client"); + + SuccessOrQuit(srpClient->RemoveService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + // No changes to DNS-SD API counters (since it is stopped) + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Update DNS-SD state to `READY` and signal its change #2"); + + // Since the already removed `service1` is no longer available + // on SRP client, we disable checking the services with client + // from `otPlatDnssd` APIs. + sDnssdShouldCheckWithClient = false; + + sDnssdState = OT_PLAT_DNSSD_READY; + otPlatDnssdStateHandleStateChange(sInstance); + + AdvanceTime(5); + + VerifyOrQuit(advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 5); + + // We should see the host and `service2` registered again. + // And all 3 keys (even for removed `service1`) to be + // registered. + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 3; + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + + VerifyOrQuit(!advProxy->IsRunning()); + VerifyOrQuit(advProxy->GetCounters().mStateChanges == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvSkipped > 0); + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == + (advProxy->GetCounters().mAdvSuccessful + advProxy->GetCounters().mAdvSkipped)); + VerifyOrQuit(advProxy->GetCounters().mAdvTimeout == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + dnssdCounts.mHostUnreg++; + dnssdCounts.mServiceUnreg++; + dnssdCounts.mKeyUnreg += 3; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyDnssdStateChange"); +} + +void TestSrpAdvProxyDelayedCallback(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + const DnssdRequest *request; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyDelayedCallback"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorPending; // Do not call the callbacks directly + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + srpClient->SetLeaseInterval(180); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a service, invoke the registration callback after some delay"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 2; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + + VerifyOrQuit(!sProcessedClientCallback); + VerifyOrQuit(srpServer->GetNextHost(nullptr) == nullptr); + + // Invoke the service and key callbacks first + request = &sDnssdRegServiceRequests[0]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegKeyRequests[0]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegKeyRequests[1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(10); + VerifyOrQuit(!sProcessedClientCallback); + VerifyOrQuit(srpServer->GetNextHost(nullptr) == nullptr); + + // Invoke the host registration callback next + request = &sDnssdRegHostRequests[0]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(10); + VerifyOrQuit(srpServer->GetNextHost(nullptr) != nullptr); + + AdvanceTime(100); + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a second service, invoke registration callback with `kErrorDuplicated`"); + + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + VerifyOrQuit(!sProcessedClientCallback); + + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + + // Invoke the service callback with kErrorDuplicated + + request = &sDnssdRegServiceRequests[1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorDuplicated); + + AdvanceTime(100); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorDuplicated); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Try registering service again from client, invoke callback with success"); + + SuccessOrQuit(srpClient->ClearService(service2)); + PrepareService2(service2); + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + VerifyOrQuit(!sProcessedClientCallback); + + // We should see a new service registration request. + + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 1); + + // Invoked the service and key callback with success. + + request = &sDnssdRegKeyRequests[sDnssdRegKeyRequests.GetLength() - 1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegServiceRequests[sDnssdRegServiceRequests.GetLength() - 1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Change the service and register again, but ignore the registration callback"); + + SuccessOrQuit(srpClient->ClearService(service2)); + PrepareService2(service2); + service2.mSubTypeLabels = nullptr; + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + VerifyOrQuit(!sProcessedClientCallback); + + // We should see a new service registration request. + + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + // Wait for advertising proxy timeout (there will be no callback from + // platform) so validate that registration failure is reported to + // the SRP client. + + AdvanceTime(2 * 1000); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError != kErrorNone); + + VerifyOrQuit(advProxy->GetCounters().mAdvTimeout == 1); + + // Wait for longer than client retry time. + + AdvanceTime(3 * 1000); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + + // Make sure the host and two services are unregistered + // (even though the second service was not successfully + // registered yet). + + VerifyOrQuit(sDnssdRegHostRequests.GetLength() == 1); + VerifyOrQuit(sDnssdRegServiceRequests.GetLength() >= 4); + VerifyOrQuit(sDnssdRegKeyRequests.GetLength() >= 3); + VerifyOrQuit(sDnssdUnregHostRequests.GetLength() == 1); + VerifyOrQuit(sDnssdUnregServiceRequests.GetLength() == 2); + VerifyOrQuit(sDnssdUnregKeyRequests.GetLength() == 3); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyDelayedCallback"); +} + +void TestSrpAdvProxyReplacedEntries(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + const DnssdRequest *request; + uint16_t numServices; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyReplacedEntries"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorPending; // Do not call the callbacks directly + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Set AdvTimeout to 5 minutes on AdvProxy"); + + // Change the timeout on AvdertisingProxy to 5 minutes + // so that we can send multiple SRP updates and create + // situations where previous advertisement are replaced. + + advProxy->SetAdvTimeout(5 * 60 * 1000); + VerifyOrQuit(advProxy->GetAdvTimeout() == 5 * 60 * 1000); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a service and do not invoke the registration request callbacks"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(1200); + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 2; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(!sProcessedClientCallback); + VerifyOrQuit(srpServer->GetNextHost(nullptr) == nullptr); + + // SRP client min retry is 1800 msec, we wait for longer + // to make sure client retries. + + AdvanceTime(2000); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + // We should see no new service or host registrations on + // DNS-SD platform APIs as the requests should be same + // and fully matching the outstanding ones. + + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the DNS-SD API callbacks"); + + request = &sDnssdRegServiceRequests[0]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegHostRequests[0]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + for (uint16_t index = 0; index < 2; index++) + { + request = &sDnssdRegKeyRequests[index]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + } + + AdvanceTime(100); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + VerifyOrQuit(srpServer->GetNextHost(nullptr) != nullptr); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Check outstanding Adv being replaced"); + + // Change service 1 + SuccessOrQuit(srpClient->ClearService(service1)); + PrepareService1(service1); + service1.mSubTypeLabels = nullptr; // No sub-types + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(1200); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + // We should see the changed service registered on DNS-SD + // platform APIs. + + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + // Change service 1 again (add sub-types back). + SuccessOrQuit(srpClient->ClearService(service1)); + PrepareService1(service1); + SuccessOrQuit(srpClient->AddService(service1)); + + AdvanceTime(1200); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + // We should see the changed service registered on DNS-SD + // platform APIs again. + + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the replaced entry DNS-SD API callback"); + + request = &sDnssdRegServiceRequests[1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + // Since adv is replaced invoking the old registration callback + // should not complete it. + + VerifyOrQuit(!sProcessedClientCallback); + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the new entry DNS-SD API callback"); + + request = &sDnssdRegServiceRequests[2]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + // Make sure the service entry on the SRP server is the + // last (most recent) request with three sub-types + + VerifyOrQuit(srpServer->GetNextHost(nullptr)->GetServices().GetHead() != nullptr); + VerifyOrQuit(srpServer->GetNextHost(nullptr)->GetServices().GetHead()->GetNumberOfSubTypes() == 3); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Check replacing Adv being blocked till old Adv is completed"); + + // Change service 1 and add service 2 + SuccessOrQuit(srpClient->ClearService(service1)); + PrepareService1(service1); + service1.mSubTypeLabels = nullptr; // No sub-types + SuccessOrQuit(srpClient->AddService(service1)); + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1200); + + // We should see a new Adv with two new service registrations + // on DNS-SD APIs. + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 5); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + dnssdCounts.mServiceReg += 2; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + // Invoke the key registration callback + + request = &sDnssdRegKeyRequests[sDnssdRegKeyRequests.GetLength() - 1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + // Now have SRP client send a new SRP update message + // just changing `service2`. We clear `servcie1` on client + // so it is not included in new SRP update message. + + SuccessOrQuit(srpClient->ClearService(service1)); + SuccessOrQuit(srpClient->ClearService(service2)); + PrepareService2(service2); + service2.mPort = 2222; // Use a different port number + SuccessOrQuit(srpClient->AddService(service2)); + + AdvanceTime(1200); + + // We should see the new Adv (total increasing) and + // also replacing the outstanding one + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 2); + + // We should see new registration for the changed `service2` + + dnssdCounts.mServiceReg++; + VerifyDnnsdRequests(dnssdCounts); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the callback for new registration replacing old one first"); + + request = &sDnssdRegServiceRequests[5]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + // This should not change anything, since the new Avd should + // be still blocked by the earlier Adv that it replaced. + + VerifyOrQuit(!sProcessedClientCallback); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 4); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the callback for replaced Adv services"); + + request = &sDnssdRegServiceRequests[4]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegServiceRequests[3]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + // This should trigger both Adv to complete. + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 2); + + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + // Make sure the `service2` entry on the SRP server is the + // last (most recent) request with new port number. + + VerifyOrQuit(srpServer->GetNextHost(nullptr)->GetServices().GetHead() != nullptr); + + numServices = 0; + + for (const Srp::Server::Service &service : srpServer->GetNextHost(nullptr)->GetServices()) + { + numServices++; + + if (StringMatch(service.GetInstanceLabel(), service2.GetInstanceName(), kStringCaseInsensitiveMatch)) + { + VerifyOrQuit(service.GetPort() == service2.GetPort()); + } + else if (StringMatch(service.GetInstanceLabel(), service1.GetInstanceName(), kStringCaseInsensitiveMatch)) + { + // Service 1 was changed to have no sub-types + VerifyOrQuit(service.GetPort() == service1.GetPort()); + VerifyOrQuit(service.GetNumberOfSubTypes() == 0); + } + else + { + VerifyOrQuit(false); // Unexpected extra service on SRP server. + } + } + + VerifyOrQuit(numServices == 2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Check replacing Adv being blocked till old Adv is completed when removing services"); + + // Change and re-add both services so they are both + // included in a new SRP update message from client. + + SuccessOrQuit(srpClient->ClearService(service2)); + PrepareService1(service1); + PrepareService2(service2); + SuccessOrQuit(srpClient->AddService(service1)); + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1200); + + // We should see a new Adv with two new service registrations + // on DNS-SD APIs. + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 7); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 2); + + dnssdCounts.mServiceReg += 2; + VerifyDnnsdRequests(dnssdCounts); + + // Now have SRP client send a new SRP update message + // just removing `service1`. We clear `servcie2` on client + // so it is not included in new SRP update message. + + SuccessOrQuit(srpClient->RemoveService(service1)); + SuccessOrQuit(srpClient->ClearService(service2)); + + AdvanceTime(1200); + + // We should see a new Adv added replacing the outstanding + // one. + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 8); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 6); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 3); + + dnssdCounts.mServiceUnreg++; + VerifyDnnsdRequests(dnssdCounts); + + // Even though the new SRP update which removed `servcie2` + // is already unregistered, it should be blocked by the + // earlier Adv. + + VerifyOrQuit(!sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke the callback for replaced Adv services"); + + request = &sDnssdRegServiceRequests[6]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + request = &sDnssdRegServiceRequests[7]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(100); + + // This should trigger both Adv to complete, and first one + // should be committed before the second one removing the + // `service2`. + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 8); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 8); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 3); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRemoved); + + // Check services on server and make sure `service2` + // is marked as deleted. + + VerifyOrQuit(srpServer->GetNextHost(nullptr)->GetServices().GetHead() != nullptr); + + numServices = 0; + + for (const Srp::Server::Service &service : srpServer->GetNextHost(nullptr)->GetServices()) + { + numServices++; + + if (StringMatch(service.GetInstanceLabel(), service1.GetInstanceName(), kStringCaseInsensitiveMatch)) + { + VerifyOrQuit(service.IsDeleted()); + } + else if (StringMatch(service.GetInstanceLabel(), service2.GetInstanceName(), kStringCaseInsensitiveMatch)) + { + VerifyOrQuit(!service.IsDeleted()); + } + else + { + VerifyOrQuit(false); // Unexpected extra service on SRP server. + } + } + + VerifyOrQuit(numServices == 2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + sDnssdShouldCheckWithClient = false; + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyReplacedEntries"); +} + +void TestSrpAdvProxyHostWithOffMeshRoutableAddress(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + const DnssdRequest *request; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyHostWithOffMeshRoutableAddress"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorNone; // Invoke callback directly from dnssd APIs + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + srpClient->SetLeaseInterval(400); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a service"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 2; + + VerifyDnnsdRequests(dnssdCounts); + VerifyOrQuit(sDnssdNumHostAddresses == 0); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register a second service"); + + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(2 * 1000); + + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + VerifyOrQuit(service2.GetState() == Srp::Client::kRegistered); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + VerifyOrQuit(!advProxy->IsRunning()); + + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == advProxy->GetCounters().mAdvTotal); + VerifyOrQuit(advProxy->GetCounters().mAdvTimeout == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvRejected == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvSkipped == 0); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyHostWithOffMeshRoutableAddress"); +} + +void TestSrpAdvProxyRemoveBeforeCommitted(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + const DnssdRequest *request; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyRemoveBeforeCommitted"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorNone; // Do not call the callbacks directly + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register host and one service"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2000); + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 2; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Set AdvTimeout to 5 minutes on AdvProxy"); + + // Change the timeout on AvdertisingProxy to 5 minutes + // so that we can send multiple SRP updates and create + // situations where previous advertisement are replaced. + + advProxy->SetAdvTimeout(5 * 60 * 1000); + VerifyOrQuit(advProxy->GetAdvTimeout() == 5 * 60 * 1000); + + sDnssdCallbackError = kErrorPending; // Do not invoke callback + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove service1 while adding a new service2 and do not invoke callback from DNSSD plat"); + + SuccessOrQuit(srpClient->RemoveService(service1)); + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + dnssdCounts.mServiceReg++; + dnssdCounts.mServiceUnreg++; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(!sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove host and its services without removing key-lease"); + + SuccessOrQuit(srpClient->RemoveHostAndServices(/* aShouldRemoveKeyLease */ false)); + + AdvanceTime(1000); + + // Proxy will unregister both services again + // (to be safe). + + dnssdCounts.mHostUnreg++; + dnssdCounts.mServiceUnreg++; + VerifyDnnsdRequests(dnssdCounts, /* aAllowMoreUnregs */ true); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + VerifyOrQuit(!sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Invoke callback for last key registration"); + + // This should be enough for all `AdvInfo` entries to be finished. + + request = &sDnssdRegKeyRequests[sDnssdRegKeyRequests.GetLength() - 1]; + VerifyOrQuit(request->mCallback != nullptr); + request->mCallback(sInstance, request->mId, kErrorNone); + + AdvanceTime(50); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + VerifyOrQuit(sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + sDnssdShouldCheckWithClient = false; + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyRemoveBeforeCommitted"); +} + +void TestSrpAdvProxyFullyRemoveBeforeCommitted(void) +{ + NetworkData::OnMeshPrefixConfig prefixConfig; + Srp::Server *srpServer; + Srp::Client *srpClient; + Srp::AdvertisingProxy *advProxy; + Srp::Client::Service service1; + Srp::Client::Service service2; + DnssdRequestCounts dnssdCounts; + uint16_t heapAllocations; + const DnssdRequest *request; + + Log("--------------------------------------------------------------------------------------------"); + Log("TestSrpAdvProxyFullyRemoveBeforeCommitted"); + + InitTest(); + + srpServer = &sInstance->Get(); + srpClient = &sInstance->Get(); + advProxy = &sInstance->Get(); + + heapAllocations = sHeapAllocatedPtrs.GetLength(); + + PrepareService1(service1); + PrepareService2(service2); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Add an on-mesh prefix (with SLAAC) to network data"); + + prefixConfig.Clear(); + SuccessOrQuit(AsCoreType(&prefixConfig.mPrefix.mPrefix).FromString("fd00:cafe:beef::")); + prefixConfig.mPrefix.mLength = 64; + prefixConfig.mStable = true; + prefixConfig.mSlaac = true; + prefixConfig.mPreferred = true; + prefixConfig.mOnMesh = true; + prefixConfig.mDefaultRoute = false; + prefixConfig.mPreference = NetworkData::kRoutePreferenceMedium; + + SuccessOrQuit(otBorderRouterAddOnMeshPrefix(sInstance, &prefixConfig)); + SuccessOrQuit(otBorderRouterRegister(sInstance)); + + // Configure Dnssd platform API behavior + + sDnssdRegHostRequests.Clear(); + sDnssdRegServiceRequests.Clear(); + sDnssdUnregHostRequests.Clear(); + sDnssdUnregServiceRequests.Clear(); + sDnssdRegKeyRequests.Clear(); + sDnssdUnregKeyRequests.Clear(); + + sDnssdState = OT_PLAT_DNSSD_READY; + sDnssdShouldCheckWithClient = true; + sDnssdCallbackError = kErrorNone; // Do not call the callbacks directly + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP server"); + + SuccessOrQuit(otBorderRoutingInit(sInstance, /* aInfraIfIndex */ kInfraIfIndex, /* aInfraIfIsRunning */ true)); + + SuccessOrQuit(srpServer->SetAddressMode(Srp::Server::kAddressModeUnicast)); + VerifyOrQuit(srpServer->GetAddressMode() == Srp::Server::kAddressModeUnicast); + + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateDisabled); + + srpServer->SetServiceHandler(nullptr, sInstance); + + srpServer->SetEnabled(true); + VerifyOrQuit(srpServer->GetState() != Srp::Server::kStateDisabled); + + AdvanceTime(10000); + VerifyOrQuit(srpServer->GetState() == Srp::Server::kStateRunning); + VerifyOrQuit(advProxy->IsRunning()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Start SRP client"); + + srpClient->SetCallback(HandleSrpClientCallback, sInstance); + + srpClient->EnableAutoStartMode(nullptr, nullptr); + VerifyOrQuit(srpClient->IsAutoStartModeEnabled()); + + AdvanceTime(2000); + VerifyOrQuit(srpClient->IsRunning()); + + SuccessOrQuit(srpClient->SetHostName(kHostName)); + SuccessOrQuit(srpClient->EnableAutoHostAddress()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Register host and one service"); + + SuccessOrQuit(srpClient->AddService(service1)); + + sProcessedClientCallback = false; + + AdvanceTime(2000); + + dnssdCounts.mHostReg++; + dnssdCounts.mServiceReg++; + dnssdCounts.mKeyReg += 2; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(sProcessedClientCallback); + VerifyOrQuit(sLastClientCallbackError == kErrorNone); + + VerifyOrQuit(service1.GetState() == Srp::Client::kRegistered); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Set AdvTimeout to 5 minutes on AdvProxy"); + + // Change the timeout on AvdertisingProxy to 5 minutes + // so that we can send multiple SRP updates and create + // situations where previous advertisement are replaced. + + advProxy->SetAdvTimeout(5 * 60 * 1000); + VerifyOrQuit(advProxy->GetAdvTimeout() == 5 * 60 * 1000); + + sDnssdCallbackError = kErrorPending; // Do not invoke callback + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove service1 while adding a new service2 and do not invoke callback from DNSSD plat"); + + SuccessOrQuit(srpClient->RemoveService(service1)); + SuccessOrQuit(srpClient->AddService(service2)); + + sProcessedClientCallback = false; + + AdvanceTime(1000); + + dnssdCounts.mServiceReg++; + dnssdCounts.mServiceUnreg++; + dnssdCounts.mKeyReg++; + VerifyDnnsdRequests(dnssdCounts); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 2); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 1); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 0); + + VerifyOrQuit(!sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Remove host and its services and remove key-lease"); + + SuccessOrQuit(srpClient->RemoveHostAndServices(/* aShouldRemoveKeyLease */ true)); + + AdvanceTime(1000); + + // Proxy should unregister everything. + // Keys may be unregistered multiple times. + + dnssdCounts.mHostUnreg++; + dnssdCounts.mServiceUnreg++; + dnssdCounts.mKeyUnreg += 3; + VerifyDnnsdRequests(dnssdCounts, /* aAllowMoreUnregs */ true); + + VerifyOrQuit(advProxy->GetCounters().mAdvTotal == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvSuccessful == 3); + VerifyOrQuit(advProxy->GetCounters().mAdvReplaced == 1); + + VerifyOrQuit(sProcessedClientCallback); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Disable SRP server"); + + sDnssdShouldCheckWithClient = false; + + // Verify that all heap allocations by SRP server + // and Advertising Proxy are freed. + + srpServer->SetEnabled(false); + AdvanceTime(100); + + VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength()); + + Log("- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "); + Log("Finalize OT instance and validate all heap allocations are freed"); + + FinalizeTest(); + + VerifyOrQuit(sHeapAllocatedPtrs.IsEmpty()); + + Log("End of TestSrpAdvProxyFullyRemoveBeforeCommitted"); +} + +#endif // ENABLE_ADV_PROXY_TEST + +int main(void) +{ +#if ENABLE_ADV_PROXY_TEST + TestDnssdRequestIdRange(); + TestSrpAdvProxy(); + TestSrpAdvProxyDnssdStateChange(); + TestSrpAdvProxyDelayedCallback(); + TestSrpAdvProxyReplacedEntries(); + TestSrpAdvProxyHostWithOffMeshRoutableAddress(); + TestSrpAdvProxyRemoveBeforeCommitted(); + TestSrpAdvProxyFullyRemoveBeforeCommitted(); + + printf("All tests passed\n"); +#else + printf("SRP_ADV_PROXY feature is not enabled\n"); +#endif + + return 0; +} From f94f8249888ac452ccaec1c951da12de181bb8a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 08:57:11 -0800 Subject: [PATCH 106/121] Bump grpcio from 1.53.0 to 1.53.2 in /tools/harness-simulation/harness (#9842) Bumps [grpcio](https://github.com/grpc/grpc) from 1.53.0 to 1.53.2. - [Release notes](https://github.com/grpc/grpc/releases) - [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md) - [Commits](https://github.com/grpc/grpc/compare/v1.53.0...v1.53.2) --- updated-dependencies: - dependency-name: grpcio dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tools/harness-simulation/harness/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/harness-simulation/harness/requirements.txt b/tools/harness-simulation/harness/requirements.txt index 73fba920649..df58b42e3a5 100644 --- a/tools/harness-simulation/harness/requirements.txt +++ b/tools/harness-simulation/harness/requirements.txt @@ -1,3 +1,3 @@ -grpcio==1.53.0 +grpcio==1.53.2 grpcio-tools==1.20.1 PyYAML==5.4.1 From a756481c3b87939e0ada7a5423addd5cc1755c03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 09:20:39 -0800 Subject: [PATCH 107/121] github-actions: bump actions/setup-python from 4.7.1 to 5.0.0 (#9845) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236...0a5c61591373683505ea898e09a3ea4f39ef2b9c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/otns.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/otns.yml b/.github/workflows/otns.yml index 5cf5f786874..4b46095d871 100644 --- a/.github/workflows/otns.yml +++ b/.github/workflows/otns.yml @@ -67,7 +67,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.9" - name: Bootstrap @@ -107,7 +107,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.9" - name: Bootstrap @@ -169,7 +169,7 @@ jobs: with: go-version: "1.20" - name: Set up Python - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.9" - name: Bootstrap From e092a1785a93109875b276eafa064008947f1bac Mon Sep 17 00:00:00 2001 From: Lorenzo Rai Date: Mon, 12 Feb 2024 18:25:34 +0100 Subject: [PATCH 108/121] [csl] reset data poll timer after successful csl transmission (#9840) Currently the the data poll timer is used to maintain synchronization with the parent. It sends a data poll once per csl timeout. However often this is not necessary as other packets that are sent cause synchronization to be maintained. This commit resets the data poll timer each time a frame containing the csl ie is successfully transmitted. --- src/core/mac/mac.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/core/mac/mac.cpp b/src/core/mac/mac.cpp index 04e235cc5dd..243db1d8a4a 100644 --- a/src/core/mac/mac.cpp +++ b/src/core/mac/mac.cpp @@ -1310,6 +1310,12 @@ void Mac::HandleTransmitDone(TxFrame &aFrame, RxFrame *aAckFrame, Error aError) #endif #if OPENTHREAD_FTD && OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE ProcessCsl(*aAckFrame, dstAddr); +#endif +#if OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE + if (!GetRxOnWhenIdle() && aFrame.GetHeaderIe(CslIe::kHeaderIeId) != nullptr) + { + Get().ResetKeepAliveTimer(); + } #endif } } From 91acbdd0152d0efa3e688a81ce7d63016440aeb3 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Mon, 12 Feb 2024 09:37:33 -0800 Subject: [PATCH 109/121] [instance] init `BackboneRouter::Local` before `Mle` (#9843) This commit moves the `mBackboneRouterLocal` before `mMleRouter` in `Instance` class to ensure that it is initialized and its constructor is called before. This ensures when `Mle()` constructor invokes the `ApplyNewMeshLocalPrefix()` method on `BackboneRouter::Local`, it is already initialized. --- src/core/instance/instance.cpp | 4 +++- src/core/instance/instance.hpp | 5 ++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/core/instance/instance.cpp b/src/core/instance/instance.cpp index 667741b7bef..4735ce325fa 100644 --- a/src/core/instance/instance.cpp +++ b/src/core/instance/instance.cpp @@ -124,6 +124,9 @@ Instance::Instance(void) #endif #if OPENTHREAD_CONFIG_SNTP_CLIENT_ENABLE , mSntpClient(*this) +#endif +#if OPENTHREAD_FTD && OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE + , mBackboneRouterLocal(*this) #endif , mActiveDataset(*this) , mPendingDataset(*this) @@ -178,7 +181,6 @@ Instance::Instance(void) , mBackboneRouterLeader(*this) #endif #if OPENTHREAD_FTD && OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE - , mBackboneRouterLocal(*this) , mBackboneRouterManager(*this) #endif #if OPENTHREAD_CONFIG_MLR_ENABLE || (OPENTHREAD_FTD && OPENTHREAD_CONFIG_TMF_PROXY_MLR_ENABLE) diff --git a/src/core/instance/instance.hpp b/src/core/instance/instance.hpp index b98b8d8ed23..1ebc01c8d00 100644 --- a/src/core/instance/instance.hpp +++ b/src/core/instance/instance.hpp @@ -510,6 +510,10 @@ class Instance : public otInstance, private NonCopyable Sntp::Client mSntpClient; #endif +#if OPENTHREAD_FTD && OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE + BackboneRouter::Local mBackboneRouterLocal; +#endif + MeshCoP::ActiveDatasetManager mActiveDataset; MeshCoP::PendingDatasetManager mPendingDataset; MeshCoP::ExtendedPanIdManager mExtendedPanIdManager; @@ -578,7 +582,6 @@ class Instance : public otInstance, private NonCopyable #endif #if OPENTHREAD_FTD && OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE - BackboneRouter::Local mBackboneRouterLocal; BackboneRouter::Manager mBackboneRouterManager; #endif From 0f00846e7d88fdd9bd49cc443f7252b8bc0e7cdb Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Tue, 13 Feb 2024 09:00:28 -0800 Subject: [PATCH 110/121] [cli] add Doxygen tags for coaps commands (#9837) --- src/cli/cli_coap_secure.cpp | 262 ++++++++++++++++++++++++++++++++++++ 1 file changed, 262 insertions(+) diff --git a/src/cli/cli_coap_secure.cpp b/src/cli/cli_coap_secure.cpp index d977443d152..c1bacdb62a5 100644 --- a/src/cli/cli_coap_secure.cpp +++ b/src/cli/cli_coap_secure.cpp @@ -90,6 +90,22 @@ void CoapSecure::PrintPayload(otMessage *aMessage) OutputNewLine(); } +/** + * @cli coaps resource (get,set) + * @code + * coaps resource test-resource + * Done + * @endcode + * @code + * coaps resource + * test-resource + * Done + * @endcode + * @cparam coaps resource [@ca{uri-path}] + * @par + * Gets or sets the URI path of the CoAPS server resource. + * @sa otCoapSecureAddBlockWiseResource + */ template <> otError CoapSecure::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -128,6 +144,16 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return error; } +/** + * @cli coaps set + * @code + * coaps set Testing123 + * Done + * @endcode + * @cparam coaps set @ca{new-content} + * @par + * Sets the content sent by the resource on the CoAPS server. + */ template <> otError CoapSecure::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -147,6 +173,45 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return error; } +/** + * @cli coaps start + * @code + * coaps start + * Done + * @endcode + * @code + * coaps start false + * Done + * @endcode + * @code + * coaps start 8 + * Done + * @endcode + * @cparam coaps start [@ca{check-peer-cert} | @ca{max-conn-attempts}] + * The `check-peer-cert` parameter determines if the peer-certificate check is + * enabled (default) or disabled. + * The `max-conn-attempts` parameter sets the maximum number of allowed + * attempts, successful or failed, to connect to the CoAP Secure server. + * The default value of this parameter is `0`, which means that there is + * no limit to the number of attempts. + * The `check-peer-cert` and `max-conn-attempts` parameters work + * together in the following combinations, even though you can only specify + * one argument: + * * No argument specified: Defaults are used. + * * Setting `check-peer-cert` to `true`: + * Has the same effect as omitting the argument, which is that the + * `check-peer-cert` value is `true`, and the `max-conn-attempts` value is 0. + * * Setting `check-peer-cert` to `false`: + * `check-peer-cert` value is `false`, and the `max-conn-attempts` value is 0. + * * Specifying a number: + * `check-peer-cert` is `true`, and the `max-conn-attempts` value is the + * number specified in the argument. + * @par + * Starts the CoAP Secure service. + * @sa otCoapSecureStart + * @sa otCoapSecureSetSslAuthMode + * @sa otCoapSecureSetClientConnectedCallback + */ template <> otError CoapSecure::Process(Arg aArgs[]) { otError error = OT_ERROR_NONE; @@ -183,6 +248,16 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return error; } +/** + * @cli coaps stop + * @code + * coaps stop + * Done + * @endcode + * @par + * Stops the CoAP Secure service. + * @sa otCoapSecureStop + */ template <> otError CoapSecure::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -206,16 +281,50 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return OT_ERROR_NONE; } +/** + * @cli coaps isclosed + * @code + * coaps isclosed + * no + * Done + * @endcode + * @par + * Indicates if the CoAP Secure service is closed. + * @sa otCoapSecureIsClosed + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessIsRequest(aArgs, otCoapSecureIsClosed); } +/** + * @cli coaps isconnected + * @code + * coaps isconnected + * yes + * Done + * @endcode + * @par + * Indicates if the CoAP Secure service is connected. + * @sa otCoapSecureIsConnected + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessIsRequest(aArgs, otCoapSecureIsConnected); } +/** + * @cli coaps isconnactive + * @code + * coaps isconnactive + * yes + * Done + * @endcode + * @par + * Indicates if the CoAP Secure service connection is active + * (either already connected or in the process of establishing a connection). + * @sa otCoapSecureIsConnectionActive + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessIsRequest(aArgs, otCoapSecureIsConnectionActive); @@ -232,12 +341,109 @@ otError CoapSecure::ProcessIsRequest(Arg aArgs[], bool (*IsChecker)(otInstance * return error; } +/** + * @cli coaps get + * @code + * coaps get test-resource + * Done + * @endcode + * @code + * coaps get test-resource block-1024 + * Done + * @endcode + * @cparam coaps get @ca{uri-path} [@ca{type}] + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * if the response should be transferred block-wise. + * Valid values are: `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * @par + * Gets information about the specified CoAPS resource on the CoAPS server. + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_GET); } +/** + * @cli coaps post + * @code + * coaps post test-resource con hellothere + * Done + * @endcode + * @code + * coaps post test-resource block-1024 10 + * Done + * @endcode + * @cparam @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * to send blocks with a randomly generated number of bytes for the payload. + * Valid values are: `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * * `payload`: CoAPS payload request, which if used is either a string + * or an integer, depending on the `type`. If the `type` is `con` or `non-con`, + * the payload parameter is optional. If you leave out the payload + * parameter, an empty payload is sent. However, If you use the payload + * parameter, its value must be a string, such as `hellothere`. If the + * `type` is `block-`, the value of the payload parameter must be an + * integer that specifies the number of blocks to send. The `block-` type + * requires `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. + * @par + * Creates the specified CoAPS resource. + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_POST); } +/** + * @cli coaps put + * @code + * coaps put test-resource con hellothere + * Done + * @endcode + * @code + * coaps put test-resource block-1024 10 + * Done + * @endcode + * @cparam @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `block-`: Use this option, followed by the block-wise value, + * to send blocks with a randomly generated number of bytes for the payload. + * Valid values are: `block-16`, `block-32`, `block-64`, `block-128`, + * `block-256`, `block-512`, or `block-1024`. + * * `payload`: CoAPS payload request, which if used is either a string + * or an integer, depending on the `type`. If the `type` is `con` or `non-con`, + * the payload parameter is optional. If you leave out the payload + * parameter, an empty payload is sent. However, If you use the payload + * parameter, its value must be a string, such as `hellothere`. If the + * `type` is `block-`, the value of the payload parameter must be an + * integer that specifies the number of blocks to send. The `block-` type + * requires `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. + * @par + * Modifies the specified CoAPS resource. + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_PUT); } +/** + * @cli coaps delete + * @code + * coaps delete test-resource con hellothere + * Done + * @endcode + * @cparam coaps delete @ca{uri-path} [@ca{type}] [@ca{payload}] + * * `uri-path`: URI path of the resource. + * * `type`: + * * `con`: Confirmable + * * `non-con`: Non-confirmable (default) + * * `payload`: CoAPS payload request. + * @par + * The CoAPS payload string to delete. + */ template <> otError CoapSecure::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_DELETE); @@ -393,6 +599,19 @@ otError CoapSecure::ProcessRequest(Arg aArgs[], otCoapCode aCoapCode) return error; } +/** + * @cli coaps connect + * @code + * coaps connect fdde:ad00:beef:0:9903:14b:27e0:5744 + * Done + * coaps connected + * @endcode + * @cparam coaps connect @ca{address} + * The `address` parameter is the IPv6 address of the peer. + * @par + * Initializes a Datagram Transport Layer Security (DTLS) session with a peer. + * @sa otCoapSecureConnect + */ template <> otError CoapSecure::Process(Arg aArgs[]) { otError error; @@ -413,6 +632,17 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return error; } +/** + * @cli coaps disconnect + * @code + * coaps disconnect + * coaps disconnected + * Done + * @endcode + * @par + * Stops the DTLS session. + * @sa otCoapSecureDisconnect + */ template <> otError CoapSecure::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); @@ -422,6 +652,22 @@ template <> otError CoapSecure::Process(Arg aArgs[]) return OT_ERROR_NONE; } +/** + * + * @cli coaps psk + * @code + * coaps psk 1234 key1 + * Done + * @endcode + * @cparam coaps psk @ca{psk-value} @ca{psk-id} + * * `psk-value`: The pre-shared key + * * `psk-id`: The pre-shared key identifier. + * @par + * Sets the pre-shared key (PSK) and cipher suite DTLS_PSK_WITH_AES_128_CCM_8. + * @note This command requires the build-time feature + * `MBEDTLS_KEY_EXCHANGE_PSK_ENABLED` to be enabled. + * @sa #otCoapSecureSetPsk + */ #ifdef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED template <> otError CoapSecure::Process(Arg aArgs[]) { @@ -448,6 +694,22 @@ template <> otError CoapSecure::Process(Arg aArgs[]) } #endif // MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +/** + * + * @cli coaps x509 + * @code + * coaps x509 + * Done + * @endcode + * @par + * Sets the X509 certificate of the local device with the corresponding private key for + * the DTLS session with `DTLS_ECDHE_ECDSA_WITH_AES_128_CCM_8`. + * @note This command requires `MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED=1` + * to be enabled. + * The X.509 certificate is stored in the location: `src/cli/x509_cert_key.hpp`. + * @sa otCoapSecureSetCertificate + * @sa otCoapSecureSetCaCertificateChain + */ #ifdef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED template <> otError CoapSecure::Process(Arg aArgs[]) { From e0294176c151134f7bea784ad1557b531808fef0 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 13 Feb 2024 14:40:55 -0800 Subject: [PATCH 111/121] [slaac] implement address deprecation mechanism (#9585) This commit implements address deprecation mechanism in `Slaac` class. When a prefix is removed from Network Data, its corresponding SLAAC address is not removed immediately. Instead, it is marked as deprecated and its "preferred" flag is set to false. After a deprecation interval (300 seconds), the deprecated address is removed. If the prefix is re-added to Network Data before the deprecation time elapses, the SLAAC address is also reinstated. Since the number of SLAAC address entries is limited, non-deprecated addresses are prioritized. This means that if a new entry is required for a new prefix, the earliest deprecating entry can be evicted to accommodate the new entry. The `Slaac` module keeps track of the associated Domain IDs for deprecating SLAAC prefixes, even if the related Prefix TLV has already been removed from the Network Data. This information is used during external route lookup in `NetworkData::Leader::RouteLookup()` if a deprecating SLAAC address is used as the source address in an outbound message, ensuring that the message is not dropped and can be delivered. This commit also adds a detailed test `test-027-slaac-address.py` validating various behaviors of SLAAC module. --- src/core/config/ip6.h | 14 + src/core/thread/network_data.cpp | 12 + src/core/thread/network_data.hpp | 12 + src/core/thread/network_data_leader.cpp | 16 + src/core/utils/slaac_address.cpp | 195 +++++++-- src/core/utils/slaac_address.hpp | 75 +++- .../Cert_5_6_06_NetworkDataExpiration.py | 2 +- .../test_multi_border_routers.py | 2 +- .../test_single_border_router.py | 2 +- .../thread-cert/test_srp_auto_host_address.py | 11 +- tests/toranj/cli/cli.py | 4 +- tests/toranj/cli/test-027-slaac-address.py | 381 ++++++++++++++++++ tests/toranj/openthread-core-toranj-config.h | 6 + tests/toranj/start.sh | 3 +- 14 files changed, 683 insertions(+), 52 deletions(-) create mode 100755 tests/toranj/cli/test-027-slaac-address.py diff --git a/src/core/config/ip6.h b/src/core/config/ip6.h index 26319003312..2e8e982c20a 100644 --- a/src/core/config/ip6.h +++ b/src/core/config/ip6.h @@ -140,6 +140,20 @@ #define OPENTHREAD_CONFIG_IP6_SLAAC_NUM_ADDRESSES 4 #endif +/** + * @def OPENTHREAD_CONFIG_IP6_SLAAC_DEPRECATION_INTERVAL + * + * Specifies the deprecating time of SLAAC addresses in seconds. + * + * Applicable only if OPENTHREAD_CONFIG_IP6_SLAAC_ENABLE is enabled. + * + * Deprecating interval is used once an on-mesh prefix is removed from Network Data before removing the SLAAC address. + * + */ +#ifndef OPENTHREAD_CONFIG_IP6_SLAAC_DEPRECATION_INTERVAL +#define OPENTHREAD_CONFIG_IP6_SLAAC_DEPRECATION_INTERVAL 300 +#endif + /** * @def OPENTHREAD_CONFIG_MPL_SEED_SET_ENTRIES * diff --git a/src/core/thread/network_data.cpp b/src/core/thread/network_data.cpp index 2599d653bab..30ebe003871 100644 --- a/src/core/thread/network_data.cpp +++ b/src/core/thread/network_data.cpp @@ -848,5 +848,17 @@ bool NetworkData::ContainsBorderRouterWithRloc(uint16_t aRloc16) const return contains; } +Error NetworkData::FindDomainIdFor(const Ip6::Prefix &aPrefix, uint8_t &aDomainId) const +{ + Error error = kErrorNone; + const PrefixTlv *prefixTlv = FindPrefix(aPrefix); + + VerifyOrExit(prefixTlv != nullptr, error = kErrorNotFound); + aDomainId = prefixTlv->GetDomainId(); + +exit: + return error; +} + } // namespace NetworkData } // namespace ot diff --git a/src/core/thread/network_data.hpp b/src/core/thread/network_data.hpp index 40294cf07af..17c5151424d 100644 --- a/src/core/thread/network_data.hpp +++ b/src/core/thread/network_data.hpp @@ -336,6 +336,18 @@ class NetworkData : public InstanceLocator */ Error GetNextServer(Iterator &aIterator, uint16_t &aRloc16) const; + /** + * Finds and returns Domain ID associated with a given prefix in the Thread Network data. + * + * @param[in] aPrefix The prefix to search for. + * @param[out] aDomainId A reference to return the Domain ID. + * + * @retval kErrorNone Successfully found @p aPrefix in the Network Data and updated @p aDomainId. + * @retval kErrorNotFound Could not find @p aPrefix in the Network Data. + * + */ + Error FindDomainIdFor(const Ip6::Prefix &aPrefix, uint8_t &aDomainId) const; + /** * Finds and returns the list of RLOCs of border routers providing external IP connectivity. * diff --git a/src/core/thread/network_data_leader.cpp b/src/core/thread/network_data_leader.cpp index 66a29a84647..0c08a6175b1 100644 --- a/src/core/thread/network_data_leader.cpp +++ b/src/core/thread/network_data_leader.cpp @@ -279,6 +279,22 @@ Error Leader::RouteLookup(const Ip6::Address &aSource, const Ip6::Address &aDest } } +#if OPENTHREAD_CONFIG_IP6_SLAAC_ENABLE + { + // The `Slaac` module keeps track of the associated Domain IDs + // for deprecating SLAAC prefixes, even if the related + // Prefix TLV has already been removed from the Network + // Data. + + uint8_t domainId; + + if (Get().FindDomainIdFor(aSource, domainId) == kErrorNone) + { + error = ExternalRouteLookup(domainId, aDestination, aRloc16); + } + } +#endif + exit: return error; } diff --git a/src/core/utils/slaac_address.cpp b/src/core/utils/slaac_address.cpp index f7870ee9cb7..95478e3f086 100644 --- a/src/core/utils/slaac_address.cpp +++ b/src/core/utils/slaac_address.cpp @@ -55,8 +55,9 @@ Slaac::Slaac(Instance &aInstance) : InstanceLocator(aInstance) , mEnabled(true) , mFilter(nullptr) + , mTimer(aInstance) { - ClearAllBytes(mAddresses); + ClearAllBytes(mSlaacAddresses); } void Slaac::Enable(void) @@ -77,6 +78,8 @@ void Slaac::Disable(void) VerifyOrExit(mEnabled); RemoveAllAddresses(); + mTimer.Stop(); + LogInfo("Disabled"); mEnabled = false; @@ -92,29 +95,43 @@ void Slaac::SetFilter(PrefixFilter aFilter) LogInfo("Filter %s", (mFilter != nullptr) ? "updated" : "disabled"); VerifyOrExit(mEnabled); - RemoveAddresses(); + RemoveOrDeprecateAddresses(); AddAddresses(); exit: return; } -bool Slaac::ShouldUseForSlaac(const NetworkData::OnMeshPrefixConfig &aConfig) const +Error Slaac::FindDomainIdFor(const Ip6::Address &aAddress, uint8_t &aDomainId) const { - bool shouldUse = false; - - VerifyOrExit(aConfig.mSlaac && !aConfig.mDp); - VerifyOrExit(aConfig.GetPrefix().GetLength() == Ip6::NetworkPrefix::kLength); + Error error = kErrorNotFound; - if (mFilter != nullptr) + for (const SlaacAddress &slaacAddr : mSlaacAddresses) { - VerifyOrExit(!mFilter(&GetInstance(), &aConfig.GetPrefix())); + if (!slaacAddr.IsInUse() || !slaacAddr.IsDeprecating()) + { + continue; + } + + if (aAddress.PrefixMatch(slaacAddr.GetAddress()) >= Ip6::NetworkPrefix::kLength) + { + aDomainId = slaacAddr.GetDomainId(); + error = kErrorNone; + break; + } } - shouldUse = true; + return error; +} -exit: - return shouldUse; +bool Slaac::IsSlaac(const NetworkData::OnMeshPrefixConfig &aConfig) const +{ + return aConfig.mSlaac && !aConfig.mDp && (aConfig.GetPrefix().GetLength() == Ip6::NetworkPrefix::kLength); +} + +bool Slaac::IsFiltered(const NetworkData::OnMeshPrefixConfig &aConfig) const +{ + return (mFilter != nullptr) ? mFilter(&GetInstance(), &aConfig.GetPrefix()) : false; } void Slaac::HandleNotifierEvents(Events aEvents) @@ -123,7 +140,7 @@ void Slaac::HandleNotifierEvents(Events aEvents) if (aEvents.Contains(kEventThreadNetdataChanged)) { - RemoveAddresses(); + RemoveOrDeprecateAddresses(); AddAddresses(); ExitNow(); } @@ -154,17 +171,18 @@ bool Slaac::DoesConfigMatchNetifAddr(const NetworkData::OnMeshPrefixConfig &aCon (aAddr.GetAddress().MatchesPrefix(aConfig.GetPrefix()))); } -void Slaac::RemoveAddresses(void) +void Slaac::RemoveOrDeprecateAddresses(void) { - // Remove any SLAAC addresses with no matching on-mesh prefix. + // Remove or deprecate any SLAAC addresses with no matching on-mesh + // prefix in Network Data. - for (Ip6::Netif::UnicastAddress &slaacAddr : mAddresses) + for (SlaacAddress &slaacAddr : mSlaacAddresses) { NetworkData::Iterator iterator; NetworkData::OnMeshPrefixConfig config; bool found = false; - if (!slaacAddr.mValid) + if (!slaacAddr.IsInUse()) { continue; } @@ -173,37 +191,61 @@ void Slaac::RemoveAddresses(void) while (Get().GetNextOnMeshPrefix(iterator, config) == kErrorNone) { - if (ShouldUseForSlaac(config) && DoesConfigMatchNetifAddr(config, slaacAddr)) + if (IsSlaac(config) && DoesConfigMatchNetifAddr(config, slaacAddr)) { found = true; break; } } - if (!found) + if (found) { - RemoveAddress(slaacAddr); + if (IsFiltered(config)) + { + RemoveAddress(slaacAddr); + } + } + else if (!slaacAddr.IsDeprecating()) + { + if (slaacAddr.mPreferred) + { + DeprecateAddress(slaacAddr); + } + else + { + RemoveAddress(slaacAddr); + } } } } +void Slaac::DeprecateAddress(SlaacAddress &aAddress) +{ + LogAddress(kDeprecating, aAddress); + + aAddress.SetExpirationTime(TimerMilli::GetNow() + kDeprecationInterval); + mTimer.FireAtIfEarlier(aAddress.GetExpirationTime()); + + Get().UpdatePreferredFlagOn(aAddress, false); +} + void Slaac::RemoveAllAddresses(void) { - for (Ip6::Netif::UnicastAddress &slaacAddr : mAddresses) + for (SlaacAddress &slaacAddr : mSlaacAddresses) { - if (slaacAddr.mValid) + if (slaacAddr.IsInUse()) { RemoveAddress(slaacAddr); } } } -void Slaac::RemoveAddress(Ip6::Netif::UnicastAddress &aAddress) +void Slaac::RemoveAddress(SlaacAddress &aAddress) { - LogInfo("Removing %s", aAddress.GetAddress().ToString().AsCString()); + LogAddress(kRemoving, aAddress); Get().RemoveUnicastAddress(aAddress); - aAddress.mValid = false; + aAddress.MarkAsNotInUse(); } void Slaac::AddAddresses(void) @@ -219,7 +261,27 @@ void Slaac::AddAddresses(void) { bool found = false; - if (!ShouldUseForSlaac(config)) + if (!IsSlaac(config) || IsFiltered(config)) + { + continue; + } + + for (SlaacAddress &slaacAddr : mSlaacAddresses) + { + if (slaacAddr.IsInUse() && DoesConfigMatchNetifAddr(config, slaacAddr)) + { + if (slaacAddr.IsDeprecating() && config.mPreferred) + { + slaacAddr.MarkAsNotDeprecating(); + Get().UpdatePreferredFlagOn(slaacAddr, true); + } + + found = true; + break; + } + } + + if (found) { continue; } @@ -242,30 +304,52 @@ void Slaac::AddAddresses(void) void Slaac::AddAddressFor(const NetworkData::OnMeshPrefixConfig &aConfig) { - Ip6::Netif::UnicastAddress *newAddress = nullptr; - uint8_t dadCounter = 0; + SlaacAddress *newAddress = nullptr; + uint8_t dadCounter = 0; + uint8_t domainId = 0; - for (Ip6::Netif::UnicastAddress &slaacAddr : mAddresses) + for (SlaacAddress &slaacAddr : mSlaacAddresses) { - if (!slaacAddr.mValid) + // If all address entries are in-use, and we have any + // deprecating addresses, we select one with earliest + // expiration time. + + if (!slaacAddr.IsInUse()) { newAddress = &slaacAddr; break; } + + if (slaacAddr.IsDeprecating()) + { + if ((newAddress == nullptr) || slaacAddr.GetExpirationTime() < newAddress->GetExpirationTime()) + { + newAddress = &slaacAddr; + } + } } if (newAddress == nullptr) { - LogWarn("Failed to add - already have max %u addresses", kNumAddresses); + LogWarn("Failed to add - already have max %u addresses", kNumSlaacAddresses); ExitNow(); } + if (newAddress->IsInUse()) + { + RemoveAddress(*newAddress); + } + + newAddress->MarkAsNotDeprecating(); newAddress->InitAsSlaacOrigin(aConfig.mOnMesh ? aConfig.GetPrefix().mLength : 128, aConfig.mPreferred); newAddress->GetAddress().SetPrefix(aConfig.GetPrefix()); + IgnoreError(Get().FindDomainIdFor(aConfig.GetPrefix(), domainId)); + newAddress->SetDomainId(domainId); + IgnoreError(GenerateIid(*newAddress, dadCounter)); - LogInfo("Adding address %s", newAddress->GetAddress().ToString().AsCString()); + LogAddress(kAdding, *newAddress); Get().AddUnicastAddress(*newAddress); @@ -273,6 +357,34 @@ void Slaac::AddAddressFor(const NetworkData::OnMeshPrefixConfig &aConfig) return; } +void Slaac::HandleTimer(void) +{ + TimeMilli now = TimerMilli::GetNow(); + TimeMilli nextTime = now.GetDistantFuture(); + + for (SlaacAddress &slaacAddr : mSlaacAddresses) + { + if (!slaacAddr.IsInUse() || !slaacAddr.IsDeprecating()) + { + continue; + } + + if (slaacAddr.GetExpirationTime() <= now) + { + RemoveAddress(slaacAddr); + } + else + { + nextTime = Min(nextTime, slaacAddr.GetExpirationTime()); + } + } + + if (nextTime != now.GetDistantFuture()) + { + mTimer.FireAtIfEarlier(nextTime); + } +} + Error Slaac::GenerateIid(Ip6::Netif::UnicastAddress &aAddress, uint8_t &aDadCounter) const { /* @@ -329,6 +441,25 @@ Error Slaac::GenerateIid(Ip6::Netif::UnicastAddress &aAddress, uint8_t &aDadCoun return error; } +#if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_INFO) +void Slaac::LogAddress(Action aAction, const SlaacAddress &aAddress) +{ + static const char *const kActionStrings[] = { + "Adding", // (0) kAdding + "Removing", // (1) kRemoving + "Deprecating", // (2) kDeprecating + }; + + static_assert(kAdding == 0, "kAdding value is incorrect"); + static_assert(kRemoving == 1, "kRemoving value is incorrect"); + static_assert(kDeprecating == 2, "kDeprecating value is incorrect"); + + LogInfo("%s %s", kActionStrings[aAction], aAddress.GetAddress().ToString().AsCString()); +} +#else +void Slaac::LogAddress(Action, const SlaacAddress &) {} +#endif + void Slaac::GetIidSecretKey(IidSecretKey &aKey) const { Error error; diff --git a/src/core/utils/slaac_address.hpp b/src/core/utils/slaac_address.hpp index 99feca2fc7f..f741ee2e8f8 100644 --- a/src/core/utils/slaac_address.hpp +++ b/src/core/utils/slaac_address.hpp @@ -142,25 +142,86 @@ class Slaac : public InstanceLocator, private NonCopyable */ Error GenerateIid(Ip6::Netif::UnicastAddress &aAddress, uint8_t &aDadCounter) const; + /** + * Searches in the list of deprecating SLAAC prefixes for a match to a given address and if found, returns the + * Domain ID from the Prefix TLV in the Network Data for this SLAAC prefix. + * + * The `Slaac` module keeps track of the associated Domain IDs for deprecating SLAAC prefixes, even if the related + * Prefix TLV has already been removed from the Network Data. This information is used during external route lookup + * if a deprecating SLAAC address is used as the source address in an outbound message. + * + * @param[in] aAddress The address to search for. + * @param[out] aDomainId A reference to return the Domain ID. + * + * @retval kErrorNone Found a match for @p aAddress and updated @p aDomainId. + * @retval kErrorNotFound Could not find a match for @p aAddress in deprecating SLAAC prefixes. + * + */ + Error FindDomainIdFor(const Ip6::Address &aAddress, uint8_t &aDomainId) const; + private: - static constexpr uint16_t kNumAddresses = OPENTHREAD_CONFIG_IP6_SLAAC_NUM_ADDRESSES; + static constexpr uint16_t kNumSlaacAddresses = OPENTHREAD_CONFIG_IP6_SLAAC_NUM_ADDRESSES; static constexpr uint16_t kMaxIidCreationAttempts = 256; // Maximum number of attempts when generating IID. - bool ShouldUseForSlaac(const NetworkData::OnMeshPrefixConfig &aConfig) const; - void RemoveAddresses(void); + static constexpr uint32_t kDeprecationInterval = + TimeMilli::SecToMsec(OPENTHREAD_CONFIG_IP6_SLAAC_DEPRECATION_INTERVAL); + + enum Action : uint8_t + { + kAdding, + kRemoving, + kDeprecating, + }; + + class SlaacAddress : public Ip6::Netif::UnicastAddress + { + public: + bool IsInUse(void) const { return mValid; } + void MarkAsNotInUse(void) { mValid = false; } + uint8_t GetDomainId(void) const { return mDomainId; } + void SetDomainId(uint8_t aDomainId) { mDomainId = aDomainId; } + bool IsDeprecating(void) const { return (mExpirationTime.GetValue() != kNotDeprecated); }; + void MarkAsNotDeprecating(void) { mExpirationTime.SetValue(kNotDeprecated); } + TimeMilli GetExpirationTime(void) const { return mExpirationTime; } + void SetExpirationTime(TimeMilli aTime) + { + mExpirationTime = aTime; + + if (mExpirationTime.GetValue() == kNotDeprecated) + { + mExpirationTime.SetValue(kNotDeprecated + 1); + } + } + + private: + static constexpr uint32_t kNotDeprecated = 0; // Special `mExpirationTime` value to indicate not deprecated. + + uint8_t mDomainId; + TimeMilli mExpirationTime; + }; + + bool IsSlaac(const NetworkData::OnMeshPrefixConfig &aConfig) const; + bool IsFiltered(const NetworkData::OnMeshPrefixConfig &aConfig) const; + void RemoveOrDeprecateAddresses(void); void RemoveAllAddresses(void); void AddAddresses(void); - void RemoveAddress(Ip6::Netif::UnicastAddress &aAddress); + void DeprecateAddress(SlaacAddress &aAddress); + void RemoveAddress(SlaacAddress &aAddress); void AddAddressFor(const NetworkData::OnMeshPrefixConfig &aConfig); + void HandleTimer(void); void GetIidSecretKey(IidSecretKey &aKey) const; void HandleNotifierEvents(Events aEvents); + void LogAddress(Action aAction, const SlaacAddress &aAddress); static bool DoesConfigMatchNetifAddr(const NetworkData::OnMeshPrefixConfig &aConfig, const Ip6::Netif::UnicastAddress &aAddr); - bool mEnabled; - PrefixFilter mFilter; - Ip6::Netif::UnicastAddress mAddresses[kNumAddresses]; + using ExpireTimer = TimerMilliIn; + + bool mEnabled; + PrefixFilter mFilter; + ExpireTimer mTimer; + SlaacAddress mSlaacAddresses[kNumSlaacAddresses]; }; /** diff --git a/tests/scripts/thread-cert/Cert_5_6_06_NetworkDataExpiration.py b/tests/scripts/thread-cert/Cert_5_6_06_NetworkDataExpiration.py index 5452f20513a..d29640a4838 100755 --- a/tests/scripts/thread-cert/Cert_5_6_06_NetworkDataExpiration.py +++ b/tests/scripts/thread-cert/Cert_5_6_06_NetworkDataExpiration.py @@ -118,7 +118,7 @@ def test(self): self.nodes[ROUTER].remove_prefix('2001:2:0:3::/64') self.nodes[ROUTER].register_netdata() - self.simulator.go(10) + self.simulator.go(310) addrs = self.nodes[ED1].get_addrs() self.assertTrue(any('2001:2:0:1' in addr[0:10] for addr in addrs)) diff --git a/tests/scripts/thread-cert/border_router/test_multi_border_routers.py b/tests/scripts/thread-cert/border_router/test_multi_border_routers.py index b176b89155e..201222f4364 100755 --- a/tests/scripts/thread-cert/border_router/test_multi_border_routers.py +++ b/tests/scripts/thread-cert/border_router/test_multi_border_routers.py @@ -170,7 +170,7 @@ def test(self): br1.disable_br() - self.simulator.go(15) + self.simulator.go(315) self.collect_ipaddrs() logging.info("BR1 addrs: %r", br1.get_addrs()) diff --git a/tests/scripts/thread-cert/border_router/test_single_border_router.py b/tests/scripts/thread-cert/border_router/test_single_border_router.py index fea02fa97d2..e72e5571855 100755 --- a/tests/scripts/thread-cert/border_router/test_single_border_router.py +++ b/tests/scripts/thread-cert/border_router/test_single_border_router.py @@ -162,7 +162,7 @@ def test(self): br.remove_prefix(ON_MESH_PREFIX2) br.register_netdata() - self.simulator.go(10) + self.simulator.go(310) self.collect_ipaddrs() logging.info("BR addrs: %r", br.get_addrs()) diff --git a/tests/scripts/thread-cert/test_srp_auto_host_address.py b/tests/scripts/thread-cert/test_srp_auto_host_address.py index 88d0718aa59..1612a30cff5 100755 --- a/tests/scripts/thread-cert/test_srp_auto_host_address.py +++ b/tests/scripts/thread-cert/test_srp_auto_host_address.py @@ -167,16 +167,14 @@ def test(self): self.check_registered_addresses(client, server) #------------------------------------------------------------------- - # Remove the on-mesh prefix (which will trigger an address to be - # removed) and check that the SRP client re-registered and updated - # server with the remaining address. + # Remove the on-mesh prefix and check that the SRP client + # re-registered and updated server with the remaining address. client.remove_prefix('fd00:abba:cafe:bee::/64') client.register_netdata() + self.simulator.go(5) - slaac_addr = [addr.strip() for addr in client.get_addrs() if addr.strip().startswith('fd00:abba:cafe:bee:')] - self.assertEqual(len(slaac_addr), 0) self.check_registered_addresses(client, server) #------------------------------------------------------------------- @@ -185,10 +183,9 @@ def test(self): client.remove_prefix('fd00:9:8:7::/64') client.register_netdata() + self.simulator.go(5) - slaac_addr = [addr.strip() for addr in client.get_addrs() if addr.strip().startswith('fd00:9:8:7:')] - self.assertEqual(len(slaac_addr), 0) self.check_registered_addresses(client, server) #------------------------------------------------------------------- diff --git a/tests/toranj/cli/cli.py b/tests/toranj/cli/cli.py index e5533ad1a4c..6bda0839ea8 100644 --- a/tests/toranj/cli/cli.py +++ b/tests/toranj/cli/cli.py @@ -301,8 +301,8 @@ def thread_stop(self): def get_rloc16(self): return self._cli_single_output('rloc16') - def get_ip_addrs(self): - return self.cli('ipaddr') + def get_ip_addrs(self, verbose=None): + return self.cli('ipaddr', verbose) def add_ip_addr(self, address): self._cli_no_output('ipaddr add', address) diff --git a/tests/toranj/cli/test-027-slaac-address.py b/tests/toranj/cli/test-027-slaac-address.py new file mode 100755 index 00000000000..7d42623d056 --- /dev/null +++ b/tests/toranj/cli/test-027-slaac-address.py @@ -0,0 +1,381 @@ +#!/usr/bin/env python3 +# +# Copyright (c) 2023, The OpenThread Authors. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. Neither the name of the copyright holder nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +from cli import verify +from cli import verify_within +import cli +import time + +# ----------------------------------------------------------------------------------------------------------------------- +# Test description: Validate SLAAC module, addition/deprecation/removal of SLAAC addresses. +# +# Network topology +# +# r1 ---- r2 +# + +test_name = __file__[:-3] if __file__.endswith('.py') else __file__ +print('-' * 120) +print('Starting \'{}\''.format(test_name)) + +# ----------------------------------------------------------------------------------------------------------------------- +# Creating `cli.Node` instances + +speedup = 40 +cli.Node.set_time_speedup_factor(speedup) + +r1 = cli.Node() +r2 = cli.Node() +c2 = cli.Node() + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + +def verify_slaac_address_for_prefix(prefix, preferred, nodes=[r1, r2], origin='slaac'): + # Verify that both nodes have SLAAC address based on `prefix`. + for node in nodes: + ip_addrs = node.get_ip_addrs('-v') + matched_addrs = [addr for addr in ip_addrs if addr.startswith(prefix)] + verify(len(matched_addrs) == 1) + addr = matched_addrs[0] + verify('origin:' + origin in addr) + verify('plen:64' in addr) + verify('valid:1' in addr) + if (preferred): + verify('preferred:1' in addr) + else: + verify('preferred:0' in addr) + + +def verify_no_slaac_address_for_prefix(prefix): + for node in [r1, r2]: + ip_addrs = node.get_ip_addrs('-v') + matched_addrs = [addr for addr in ip_addrs if addr.startswith(prefix)] + verify(len(matched_addrs) == 0) + + +def check_num_netdata_prefixes(num_prefixes): + for node in [r1, r2]: + verify(len(node.get_netdata_prefixes()) == num_prefixes) + + +def check_num_netdata_routes(num_routes): + for node in [r1, r2]: + verify(len(node.get_netdata_routes()) == num_routes) + + +# ----------------------------------------------------------------------------------------------------------------------- +# Form topology + +r1.allowlist_node(r2) +r2.allowlist_node(r1) +r2.allowlist_node(c2) +c2.allowlist_node(r2) + +r1.form('slaac') +r2.join(r1) +c2.join(r2, cli.JOIN_TYPE_END_DEVICE) + +verify(r1.get_state() == 'leader') +verify(r2.get_state() == 'router') +verify(c2.get_state() == 'child') + +# Ensure `c2` is attached to `r2` as its parent +verify(int(c2.get_parent_info()['Rloc'], 16) == int(r2.get_rloc16(), 16)) + +# ----------------------------------------------------------------------------------------------------------------------- +# Test Implementation + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Add first prefix `fd00:11::/64` and check that SLAAC +# addressed are added based on it on all nodes. + +r1.add_prefix("fd00:11:0:0::/64", "paos") +r1.register_netdata() +verify_within(check_num_netdata_prefixes, 100, 1) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Add `fd00:22::/64` and check its related SLAAC addresses. + +r2.add_prefix("fd00:22:0:0::/64", "paos") +r2.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 2) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Add prefix `fd00:11::/64` now from `r2`, and since this was +# previously added by `r1`, there should not change to SLAAC +# addresses. + +r2.add_prefix("fd00:11:0:0::/64", "paos") +r2.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 3) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Remove prefix `fd00:11::/64` from `r2`, and since this is +# also added by `r1`, there should not change to SLAAC addresses. + +r2.remove_prefix("fd00:11:0:0::/64") +r2.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 2) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Remove all prefixes and validate that all SLAAC addresses +# start deprecating. + +r1.remove_prefix("fd00:11:0:0::/64") +r1.register_netdata() +r2.remove_prefix("fd00:22:0:0::/64") +r2.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 0) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=False) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=False) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Validate that the deprecating address can still be used +# and proper route look up happens when it is used. + +# Add an off-mesh route `::/0` (default route) on `r1`. + +r1.add_route('::/0', 's', 'med') +r1.register_netdata() + +verify_within(check_num_netdata_routes, 10, 1) + +# Now we ping from `r2` an off-mesh address, `r2` should pick one of +# its deprecating addresses as the source address for this message. +# Since the SLAAC module tracks the associated Domain ID from the +# original Prefix TLV, the route lookup for this message should +# successfully match to `r1` off-mesh route. We validate that the +# message is indeed delivered to `r1` and passed to host. + +r1_counter = r1.get_br_counter_unicast_outbound_packets() + +r2.ping('fd00:ee::1', verify_success=False) + +verify(r1_counter + 1 == r1.get_br_counter_unicast_outbound_packets()) + +# Repeat the same process but now ping from `c2` which is an +# MTD child. `c2` would send the message to its parent `r2` which +# should be able to successfully do route look up for the deprecating +# prefix. The message should be delivered to `r1` and passed to host. + +r1_counter = r1.get_br_counter_unicast_outbound_packets() + +c2.ping('fd00:ff::1', verify_success=False) + +verify(r1_counter + 1 == r1.get_br_counter_unicast_outbound_packets()) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Before the address is expired, re-add ``fd00:11::/64` prefix +# and check that the address is added back as preferred. + +r2.add_prefix("fd00:11:0:0::/64", "paors") +r2.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 1) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=False) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Make sure prefix 2 is expired and removed + + +def check_prefix_2_addr_expire(): + verify_no_slaac_address_for_prefix('fd00:22:0:0:') + + +verify_within(check_prefix_2_addr_expire, 100) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Manually add an address for prefix `fd00:33::/64` on `r1` +# and `r2` before adding a related on-mesh prefix. Validate that +# the SLAAC module does not add addresses. + +r1.add_ip_addr('fd00:33::1') +r2.add_ip_addr('fd00:33::2') + +r1.add_prefix("fd00:33:0:0::/64", "paos") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 2) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True, origin='manual') + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Remove the manually added address on `r2` which should trigger +# SLAAC module to add its own SLAAC address based on the prefix. + +r2.remove_ip_addr('fd00:33::2') +time.sleep(0.1) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True, nodes=[r2], origin='slaac') +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True, nodes=[r1], origin='manual') + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Remove the prefix and make sure the manually added address +# is not impacted, but the one added by SLAAC on `r2` should +# be deprecating. + +r1.remove_prefix("fd00:33:0:0::/64") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 1) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=False, nodes=[r2], origin='slaac') +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True, nodes=[r1], origin='manual') + +r1.remove_ip_addr('fd00:33::1') + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Toranj config sets the max number of SLAAC addresses to 4 +# Check that the max limit is applied by adding 5 prefixes. + +r1.add_prefix("fd00:22:0:0::/64", "paos") +r1.add_prefix("fd00:33:0:0::/64", "paos") +r1.add_prefix("fd00:44:0:0::/64", "paos") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 4) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:44:0:0:', preferred=True) + +r1.add_prefix("fd00:55:0:0::/64", "paos") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 5) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:44:0:0:', preferred=True) +verify_no_slaac_address_for_prefix('fd00:55:0:0::/64') + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Remove one of the prefixes which should deprecate an +# existing SLAAC address which should then be evicted to +# add address for the new `fd00:55::/64` prefix. + +r1.remove_prefix("fd00:44:0:0::/64") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 4) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:55:0:0:', preferred=True) +verify_no_slaac_address_for_prefix('fd00:44:0:0::/64') + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Validate oldest entry is evicted when multiple addresses are deprecating +# and new prefix is added. + +r1.remove_prefix("fd00:33:0:0::/64") +r1.register_netdata() +time.sleep(0.05) +r1.remove_prefix("fd00:22:0:0::/64") +r1.register_netdata() +time.sleep(0.05) +r1.remove_prefix("fd00:55:0:0::/64") +r1.register_netdata() +time.sleep(0.05) + +verify_within(check_num_netdata_prefixes, 100, 1) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=False) +verify_slaac_address_for_prefix('fd00:33:0:0:', preferred=False) +verify_slaac_address_for_prefix('fd00:55:0:0:', preferred=False) + +# Now add a new prefix `fd00:66::/64`, the `fd00:33::` address +# which was removed first should be evicted to make room for +# the SLAAC address for the new prefix. + +r1.add_prefix("fd00:66:0:0::/64", "paos") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 2) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=False) +verify_no_slaac_address_for_prefix('fd00:33:0:0:') +verify_slaac_address_for_prefix('fd00:55:0:0:', preferred=False) +verify_slaac_address_for_prefix('fd00:66:0:0:', preferred=True) + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Validate re-adding of a prefix before its address is deprecated. + +r1.add_prefix("fd00:22:0:0::/64", "paos") +r1.register_netdata() + +verify_within(check_num_netdata_prefixes, 100, 3) + +verify_slaac_address_for_prefix('fd00:11:0:0:', preferred=True) +verify_slaac_address_for_prefix('fd00:22:0:0:', preferred=True) +verify_no_slaac_address_for_prefix('fd00:33:0:0:') +verify_slaac_address_for_prefix('fd00:55:0:0:', preferred=False) +verify_slaac_address_for_prefix('fd00:66:0:0:', preferred=True) + + +def check_prefix_5_addr_expire(): + verify_no_slaac_address_for_prefix('fd00:55:0:0:') + + +verify_within(check_prefix_5_addr_expire, 100) + +# ----------------------------------------------------------------------------------------------------------------------- +# Test finished + +cli.Node.finalize_all_nodes() + +print('\'{}\' passed.'.format(test_name)) diff --git a/tests/toranj/openthread-core-toranj-config.h b/tests/toranj/openthread-core-toranj-config.h index 7e2d4c7d4b0..f2bcbb80c8a 100644 --- a/tests/toranj/openthread-core-toranj-config.h +++ b/tests/toranj/openthread-core-toranj-config.h @@ -107,6 +107,12 @@ #define OPENTHREAD_CONFIG_IP6_MAX_EXT_MCAST_ADDRS 4 +#define OPENTHREAD_CONFIG_IP6_SLAAC_ENABLE 1 + +#define OPENTHREAD_CONFIG_IP6_SLAAC_NUM_ADDRESSES 4 + +#define OPENTHREAD_CONFIG_IP6_SLAAC_DEPRECATION_INTERVAL 30 + #define OPENTHREAD_CONFIG_MAC_FILTER_ENABLE 1 #define OPENTHREAD_CONFIG_MAC_FILTER_SIZE 80 diff --git a/tests/toranj/start.sh b/tests/toranj/start.sh index 742a0498a68..5915459af36 100755 --- a/tests/toranj/start.sh +++ b/tests/toranj/start.sh @@ -191,6 +191,7 @@ if [ "$TORANJ_CLI" = 1 ]; then run cli/test-024-mle-adv-imax-change.py run cli/test-025-mesh-local-prefix-change.py run cli/test-026-coaps-conn-limit.py + run cli/test-027-slaac-address.py run cli/test-400-srp-client-server.py run cli/test-601-channel-manager-channel-change.py # Skip the "channel-select" test on a TREL only radio link, since it @@ -241,7 +242,7 @@ run ncp/test-026-slaac-address-wpantund.py run ncp/test-027-child-mode-change.py run ncp/test-028-router-leader-reset-recovery.py run ncp/test-029-data-poll-interval.py -run ncp/test-030-slaac-address-ncp.py +# run ncp/test-030-slaac-address-ncp.py run ncp/test-031-meshcop-joiner-commissioner.py run ncp/test-032-child-attach-with-multiple-ip-addresses.py run ncp/test-033-mesh-local-prefix-change.py From 9b36a426e1da678aee28af819a8bff37f9de5069 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Wed, 14 Feb 2024 10:47:44 -0800 Subject: [PATCH 112/121] [cli] update coaps readme (#9849) --- src/cli/README_COAPS.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/cli/README_COAPS.md b/src/cli/README_COAPS.md index 6316fb496dc..c0dce815884 100644 --- a/src/cli/README_COAPS.md +++ b/src/cli/README_COAPS.md @@ -236,11 +236,16 @@ Sets the content sent by the test resource. Done ``` -### start +### start \[check-peer-cert\|max-conn-attempts\] Starts the application coaps service. -- checkPeerCert: Peer Certificate Check can be disabled by typing false. +The `check-peer-cert` parameter determines if the peer-certificate check is enabled (default) or disabled. The `max-conn-attempts` parameter sets the maximum number of allowed attempts, successful or failed, to connect to the CoAP Secure server. The default value of this parameter is 0, which means that there is no limit to the number of attempts. The `check-peer-cert` and `max-conn-attempts` parameters work together in the following combinations, even though you can only specify one argument: + +- No argument specified: Defaults are used. +- Setting `check-peer-cert` to `true`: Has the same effect as as omitting the argument, which is that the `check-peer-cert` value is `true`, and the `max-conn-attempts` value is 0. +- Setting `check-peer-cert` to `false`: `check-peer-cert` value is `false`, and the `max-conn-attempts` value is `0`. +- Specifying a number: `check-peer-cert` is `true`, and the `max-conn-attempts` value is the number specified in the argument. ```bash > coaps start From 49c59ec519cc8b49dd58978d1bc80b7ae7ba88d0 Mon Sep 17 00:00:00 2001 From: Thomas Date: Wed, 14 Feb 2024 20:03:17 +0100 Subject: [PATCH 113/121] [mbedtls] make debug logging independent from builtin (#9848) Currently mbedtls debug logging can only be set for builtin mbedtls. With an external mbedtls the log level does not get configured. This commit removes the builtin requirement. --- src/core/crypto/mbedtls.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto/mbedtls.cpp b/src/core/crypto/mbedtls.cpp index f8c1c531948..dc18949213f 100644 --- a/src/core/crypto/mbedtls.cpp +++ b/src/core/crypto/mbedtls.cpp @@ -53,11 +53,11 @@ namespace Crypto { MbedTls::MbedTls(void) { -#if OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT #ifdef MBEDTLS_DEBUG_C // mbedTLS's debug level is almost the same as OpenThread's mbedtls_debug_set_threshold(OPENTHREAD_CONFIG_LOG_LEVEL); #endif +#if OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT mbedtls_platform_set_calloc_free(Heap::CAlloc, Heap::Free); #endif // OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT } From 5a4fe05cb6f134a5bec6f7036afdb5c50a8b44f9 Mon Sep 17 00:00:00 2001 From: sarveshkumarv3 <86755931+sarveshkumarv3@users.noreply.github.com> Date: Fri, 16 Feb 2024 10:11:12 -0800 Subject: [PATCH 114/121] [mle] generate challenge for "Child Update Request" early (#9850) This commit updates how random challenge is generated for "Child Update Request" message sent by a parent during child restoration (after parent reset/re-attach). A random challenge is now generated and saved in the `Child` entry when it is first initialized in `kRestoredState`. The `SendChildUpdateRequest()` will use the saved challenge rather than generating a new one. This change prevents overwriting the saved challenge when the child is also detached and happens to send a "Parent Request" in the window where the parent transitions to the router/leader role and before the parent sends the "Child Update Request". It ensures that the same random challenge is included in both "Parent Response" and "Child Update Response," guaranteeing proper acceptance of the child's "Child ID request". Co-authored-by: Abtin Keshavarzian --- src/core/thread/child_table.cpp | 1 + src/core/thread/mle_router.cpp | 20 ++++++++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/src/core/thread/child_table.cpp b/src/core/thread/child_table.cpp index cd9cb65492e..7fb557dbda6 100644 --- a/src/core/thread/child_table.cpp +++ b/src/core/thread/child_table.cpp @@ -245,6 +245,7 @@ void ChildTable::Restore(void) child->SetTimeout(childInfo.GetTimeout()); child->SetDeviceMode(Mle::DeviceMode(childInfo.GetMode())); child->SetState(Neighbor::kStateRestored); + child->GenerateChallenge(); child->SetLastHeard(TimerMilli::GetNow()); child->SetVersion(childInfo.GetVersion()); Get().SetChildUseShortAddress(*child, true); diff --git a/src/core/thread/mle_router.cpp b/src/core/thread/mle_router.cpp index b97a7ec3359..76b8dc370be 100644 --- a/src/core/thread/mle_router.cpp +++ b/src/core/thread/mle_router.cpp @@ -1727,7 +1727,6 @@ void MleRouter::SendParentResponse(Child *aChild, const RxChallenge &aChallenge, SuccessOrExit(error = message->AppendCslClockAccuracyTlv()); } #endif - aChild->GenerateChallenge(); SuccessOrExit(error = message->AppendChallengeTlv(aChild->GetChallenge())); SuccessOrExit(error = message->AppendLinkMarginTlv(aChild->GetLinkInfo().GetLinkMargin())); @@ -2962,7 +2961,24 @@ Error MleRouter::SendChildUpdateRequest(Child &aChild) if (!aChild.IsStateValid()) { SuccessOrExit(error = message->AppendTlvRequestTlv(kTlvs)); - aChild.GenerateChallenge(); + + if (!aChild.IsStateRestored()) + { + // A random challenge is generated and saved when `aChild` + // is first initialized in `kStateRestored`. We will use + // the saved challenge here. This prevents overwriting + // the saved challenge when the child is also detached + // and happens to send a "Parent Request" in the window + // where the parent transitions to the router/leader role + // and before the parent sends the "Child Update Request". + // This ensures that the same random challenge is + // included in both "Parent Response" and "Child Update + // Response," guaranteeing proper acceptance of the + // child's "Child ID request". + + aChild.GenerateChallenge(); + } + SuccessOrExit(error = message->AppendChallengeTlv(aChild.GetChallenge())); } From 33574ad4175ffb088bcca047f4c8d5fb240d1495 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Baczma=C5=84ski?= Date: Fri, 16 Feb 2024 20:12:57 +0100 Subject: [PATCH 115/121] [tools] add missing tcat ble client files (#9857) Some files were missing during repo migration, this commit adds them. Signed-off-by: Maciej Baczmanski Co-authored-by: Piotr Jasinski Co-authored-by: Przemyslaw Bida --- tools/tcat_ble_client/tlv/tlv.py | 71 +++++++++++++++++++++++++ tools/tcat_ble_client/utils/__init__.py | 63 ++++++++++++++++++++++ 2 files changed, 134 insertions(+) create mode 100644 tools/tcat_ble_client/tlv/tlv.py create mode 100644 tools/tcat_ble_client/utils/__init__.py diff --git a/tools/tcat_ble_client/tlv/tlv.py b/tools/tcat_ble_client/tlv/tlv.py new file mode 100644 index 00000000000..75657c41a9a --- /dev/null +++ b/tools/tcat_ble_client/tlv/tlv.py @@ -0,0 +1,71 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + +from __future__ import annotations +from typing import List + + +class TLV(): + + def __init__(self, type: int = None, value: bytes = None): + self.type: int = type + self.value: bytes = value + + def __str__(self): + return f'TLV\n\tTYPE:\t0x{self.type:02x}\n\tVALUE:\t{self.value}' + + @staticmethod + def parse_tlvs(data: bytes) -> List[TLV]: + res: List[TLV] = [] + while data: + next_tlv = TLV.from_bytes(data) + next_tlv_size = len(next_tlv.to_bytes()) + data = data[next_tlv_size:] + res.append(next_tlv) + return res + + @staticmethod + def from_bytes(data: bytes) -> TLV: + res = TLV() + res.set_from_bytes(data) + return res + + def set_from_bytes(self, data: bytes): + self.type = data[0] + header_len = 2 + if data[1] == 0xFF: + header_len = 4 + length = int.from_bytes(data[1:header_len], byteorder='big') + self.value = data[header_len:header_len + length] + + def to_bytes(self) -> bytes: + has_long_header = len(self.value) >= 255 + header_len = 4 if has_long_header else 2 + len_bytes = len(self.value).to_bytes(header_len - 1, byteorder='big') + header = bytes([self.type]) + len_bytes + return header + self.value diff --git a/tools/tcat_ble_client/utils/__init__.py b/tools/tcat_ble_client/utils/__init__.py new file mode 100644 index 00000000000..d6d40bae9f3 --- /dev/null +++ b/tools/tcat_ble_client/utils/__init__.py @@ -0,0 +1,63 @@ +""" + Copyright (c) 2024, The OpenThread Authors. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the copyright holder nor the + names of its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +""" + + +def get_int_in_range(min_value, max_value): + while True: + try: + user_input = int(input('> ')) + if min_value <= user_input <= max_value: + return user_input + else: + print('The value is out of range. Try again.') + except ValueError: + print('The value is not an integer. Try again.') + except KeyboardInterrupt: + quit_with_reason('Program interrupted by user. Quitting.') + + +def quit_with_reason(reason): + print(reason) + exit(1) + + +def select_device_by_user_input(tcat_devices): + if tcat_devices: + print('Found devices:\n') + for i, device in enumerate(tcat_devices): + print(f'{i + 1}: {device.name} - {device.address}') + else: + print('\nNo devices found.') + return None + + print('\nSelect the target number to connect to it.') + selected = get_int_in_range(1, len(tcat_devices)) + device = tcat_devices[selected - 1] + print('Selected ', device) + + return device From 08d21f1f0718b7ff680022731d5f48253a3a0d91 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Tue, 20 Feb 2024 12:49:42 -0800 Subject: [PATCH 116/121] [netdiag] add support for Vendor App URL TLV (#9816) This commit contains the following: - Adds support for the Vendor App URL TLV. - Includes new public OT APIs and configurations to get and set the TLV value. - Enables use of the TLV in the CLI `networkdiagnostic` command. - Updates `test-020-net-diag-vendor-info.py` to validate the new TLV. --- include/openthread/instance.h | 2 +- include/openthread/netdiag.h | 31 +++++++++++++- src/cli/cli.cpp | 40 +++++++++++++++++-- src/core/api/netdiag_api.cpp | 10 +++++ src/core/config/network_diagnostic.h | 10 +++++ src/core/thread/network_diagnostic.cpp | 16 ++++++++ src/core/thread/network_diagnostic.hpp | 22 ++++++++++ src/core/thread/network_diagnostic_tlvs.hpp | 13 ++++++ tests/toranj/cli/cli.py | 6 +++ .../cli/test-020-net-diag-vendor-info.py | 18 ++++++++- 10 files changed, 161 insertions(+), 7 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index 3351997079a..fd5704ab67f 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (395) +#define OPENTHREAD_API_VERSION (396) /** * @addtogroup api-instance diff --git a/include/openthread/netdiag.h b/include/openthread/netdiag.h index 95559525715..8485475a541 100644 --- a/include/openthread/netdiag.h +++ b/include/openthread/netdiag.h @@ -95,13 +95,14 @@ enum OT_NETWORK_DIAGNOSTIC_TLV_ANSWER = 32, ///< Answer TLV OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID = 33, ///< Query ID TLV OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS = 34, ///< MLE Counters TLV - + OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_APP_URL = 35, ///< Vendor App URL TLV }; #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_NAME_TLV_LENGTH 32 ///< Max length of Vendor Name TLV. #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_MODEL_TLV_LENGTH 32 ///< Max length of Vendor Model TLV. #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_SW_VERSION_TLV_LENGTH 16 ///< Max length of Vendor SW Version TLV. #define OT_NETWORK_DIAGNOSTIC_MAX_THREAD_STACK_VERSION_TLV_LENGTH 64 ///< Max length of Thread Stack Version TLV. +#define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_APP_URL_TLV_LENGTH 96 ///< Max length of Vendor App URL TLV. typedef uint16_t otNetworkDiagIterator; ///< Used to iterate through Network Diagnostic TLV. @@ -294,6 +295,7 @@ typedef struct otNetworkDiagTlv char mVendorModel[OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_MODEL_TLV_LENGTH + 1]; char mVendorSwVersion[OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_SW_VERSION_TLV_LENGTH + 1]; char mThreadStackVersion[OT_NETWORK_DIAGNOSTIC_MAX_THREAD_STACK_VERSION_TLV_LENGTH + 1]; + char mVendorAppUrl[OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_APP_URL_TLV_LENGTH + 1]; struct { uint8_t mCount; @@ -428,6 +430,16 @@ const char *otThreadGetVendorModel(otInstance *aInstance); */ const char *otThreadGetVendorSwVersion(otInstance *aInstance); +/** + * Get the vendor app URL string. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * + * @returns The vendor app URL string. + * + */ +const char *otThreadGetVendorAppUrl(otInstance *aInstance); + /** * Set the vendor name string. * @@ -479,6 +491,23 @@ otError otThreadSetVendorModel(otInstance *aInstance, const char *aVendorModel); */ otError otThreadSetVendorSwVersion(otInstance *aInstance, const char *aVendorSwVersion); +/** + * Set the vendor app URL string. + * + * Requires `OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE`. + * + * @p aVendorAppUrl should be UTF8 with max length of 64 chars (`MAX_VENDOR_APPL_URL_TLV_LENGTH`). Maximum length + * does not include the null `\0` character. + * + * @param[in] aInstance A pointer to an OpenThread instance. + * @param[in] aVendorAppUrl The vendor app URL string. + * + * @retval OT_ERROR_NONE Successfully set the vendor app URL string. + * @retval OT_ERROR_INVALID_ARGS @p aVendorAppUrl is not valid (too long or not UTF8). + * + */ +otError otThreadSetVendorAppUrl(otInstance *aInstance, const char *aVendorAppUrl); + /** * @} * diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index 45403340947..570ac1af157 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -7682,7 +7682,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) error = ProcessGet(aArgs, otThreadGetVendorName); #else /** - * @cli vendor name (name) + * @cli vendor name (set) * @code * vendor name nest * Done @@ -7712,7 +7712,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) error = ProcessGet(aArgs, otThreadGetVendorModel); #else /** - * @cli vendor model (name) + * @cli vendor model (set) * @code * vendor model Hub\ Max * Done @@ -7742,7 +7742,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) error = ProcessGet(aArgs, otThreadGetVendorSwVersion); #else /** - * @cli vendor swversion (version) + * @cli vendor swversion (set) * @code * vendor swversion Marble3.5.1 * Done @@ -7754,6 +7754,36 @@ template <> otError Interpreter::Process(Arg aArgs[]) error = ProcessGetSet(aArgs, otThreadGetVendorSwVersion, otThreadSetVendorSwVersion); #endif } + /** + * @cli vendor appurl + * @code + * vendor appurl + * http://www.example.com + * Done + * @endcode + * @par api_copy + * #otThreadGetVendorAppUrl + */ + else if (aArgs[0] == "appurl") + { + aArgs++; + +#if !OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE + error = ProcessGet(aArgs, otThreadGetVendorAppUrl); +#else + /** + * @cli vendor appurl (set) + * @code + * vendor appurl http://www.example.com + * Done + * @endcode + * @par api_copy + * #otThreadSetVendorAppUrl + * @cparam vendor appurl @ca{url} + */ + error = ProcessGetSet(aArgs, otThreadGetVendorAppUrl, otThreadSetVendorAppUrl); +#endif + } return error; } @@ -7829,6 +7859,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) * - `28`: Thread Stack Version TLV (version identifier as UTF-8 string for Thread stack codebase/commit/version) * - `29`: Child TLV * - `34`: MLE Counters TLV + * - `35`: Vendor App URL TLV * @par * Sends a network diagnostic request to retrieve specified Type Length Values (TLVs) * for the specified addresses(es). @@ -7996,6 +8027,9 @@ void Interpreter::HandleDiagnosticGetResponse(otError aError, case OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_SW_VERSION: OutputLine("Vendor SW Version: %s", diagTlv.mData.mVendorSwVersion); break; + case OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_APP_URL: + OutputLine("Vendor App URL: %s", diagTlv.mData.mVendorAppUrl); + break; case OT_NETWORK_DIAGNOSTIC_TLV_THREAD_STACK_VERSION: OutputLine("Thread Stack Version: %s", diagTlv.mData.mThreadStackVersion); break; diff --git a/src/core/api/netdiag_api.cpp b/src/core/api/netdiag_api.cpp index ffcc4c12114..36c084d40b2 100644 --- a/src/core/api/netdiag_api.cpp +++ b/src/core/api/netdiag_api.cpp @@ -89,6 +89,11 @@ const char *otThreadGetVendorSwVersion(otInstance *aInstance) return AsCoreType(aInstance).Get().GetVendorSwVersion(); } +const char *otThreadGetVendorAppUrl(otInstance *aInstance) +{ + return AsCoreType(aInstance).Get().GetVendorAppUrl(); +} + #if OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE otError otThreadSetVendorName(otInstance *aInstance, const char *aVendorName) { @@ -104,4 +109,9 @@ otError otThreadSetVendorSwVersion(otInstance *aInstance, const char *aVendorSwV { return AsCoreType(aInstance).Get().SetVendorSwVersion(aVendorSwVersion); } + +otError otThreadSetVendorAppUrl(otInstance *aInstance, const char *aVendorAppUrl) +{ + return AsCoreType(aInstance).Get().SetVendorAppUrl(aVendorAppUrl); +} #endif diff --git a/src/core/config/network_diagnostic.h b/src/core/config/network_diagnostic.h index ccf128d3832..6f670efc7fb 100644 --- a/src/core/config/network_diagnostic.h +++ b/src/core/config/network_diagnostic.h @@ -75,6 +75,16 @@ #define OPENTHREAD_CONFIG_NET_DIAG_VENDOR_SW_VERSION "" #endif +/** + * @def OPENTHREAD_CONFIG_NET_DIAG_VENDOR_APP_URL + * + * Specifies the default Vendor App URL string. + * + */ +#ifndef OPENTHREAD_CONFIG_NET_DIAG_VENDOR_APP_URL +#define OPENTHREAD_CONFIG_NET_DIAG_VENDOR_APP_URL "" +#endif + /** * @def OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE * diff --git a/src/core/thread/network_diagnostic.cpp b/src/core/thread/network_diagnostic.cpp index 43c1ea736d8..f32e7813e80 100644 --- a/src/core/thread/network_diagnostic.cpp +++ b/src/core/thread/network_diagnostic.cpp @@ -61,6 +61,7 @@ namespace NetworkDiagnostic { const char Server::kVendorName[] = OPENTHREAD_CONFIG_NET_DIAG_VENDOR_NAME; const char Server::kVendorModel[] = OPENTHREAD_CONFIG_NET_DIAG_VENDOR_MODEL; const char Server::kVendorSwVersion[] = OPENTHREAD_CONFIG_NET_DIAG_VENDOR_SW_VERSION; +const char Server::kVendorAppUrl[] = OPENTHREAD_CONFIG_NET_DIAG_VENDOR_APP_URL; //--------------------------------------------------------------------------------------------------------------------- // Server @@ -71,11 +72,13 @@ Server::Server(Instance &aInstance) static_assert(sizeof(kVendorName) <= sizeof(VendorNameTlv::StringType), "VENDOR_NAME is too long"); static_assert(sizeof(kVendorModel) <= sizeof(VendorModelTlv::StringType), "VENDOR_MODEL is too long"); static_assert(sizeof(kVendorSwVersion) <= sizeof(VendorSwVersionTlv::StringType), "VENDOR_SW_VERSION is too long"); + static_assert(sizeof(kVendorAppUrl) <= sizeof(VendorAppUrlTlv::StringType), "VENDOR_APP_URL is too long"); #if OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE memcpy(mVendorName, kVendorName, sizeof(kVendorName)); memcpy(mVendorModel, kVendorModel, sizeof(kVendorModel)); memcpy(mVendorSwVersion, kVendorSwVersion, sizeof(kVendorSwVersion)); + memcpy(mVendorAppUrl, kVendorAppUrl, sizeof(kVendorAppUrl)); #endif } @@ -96,6 +99,11 @@ Error Server::SetVendorSwVersion(const char *aVendorSwVersion) return StringCopy(mVendorSwVersion, aVendorSwVersion, kStringCheckUtf8Encoding); } +Error Server::SetVendorAppUrl(const char *aVendorAppUrl) +{ + return StringCopy(mVendorAppUrl, aVendorAppUrl, kStringCheckUtf8Encoding); +} + #endif void Server::PrepareMessageInfoForDest(const Ip6::Address &aDestination, Tmf::MessageInfo &aMessageInfo) const @@ -329,6 +337,10 @@ Error Server::AppendDiagTlv(uint8_t aTlvType, Message &aMessage) error = Tlv::Append(aMessage, GetVendorSwVersion()); break; + case Tlv::kVendorAppUrl: + error = Tlv::Append(aMessage, GetVendorAppUrl()); + break; + case Tlv::kThreadStackVersion: error = Tlv::Append(aMessage, otGetVersionString()); break; @@ -1225,6 +1237,10 @@ Error Client::GetNextDiagTlv(const Coap::Message &aMessage, Iterator &aIterator, SuccessOrExit(error = Tlv::Read(aMessage, offset, aTlvInfo.mData.mVendorSwVersion)); break; + case Tlv::kVendorAppUrl: + SuccessOrExit(error = Tlv::Read(aMessage, offset, aTlvInfo.mData.mVendorAppUrl)); + break; + case Tlv::kThreadStackVersion: SuccessOrExit(error = Tlv::Read(aMessage, offset, aTlvInfo.mData.mThreadStackVersion)); diff --git a/src/core/thread/network_diagnostic.hpp b/src/core/thread/network_diagnostic.hpp index de16b7c70be..fb9d2b844fa 100644 --- a/src/core/thread/network_diagnostic.hpp +++ b/src/core/thread/network_diagnostic.hpp @@ -141,10 +141,30 @@ class Server : public InstanceLocator, private NonCopyable */ Error SetVendorSwVersion(const char *aVendorSwVersion); + /** + * Returns the vendor app URL string. + * + * @returns the vendor app URL string. + * + */ + const char *GetVendorAppUrl(void) const { return mVendorAppUrl; } + + /** + * Sets the vendor app URL string. + * + * @param[in] aVendorAppUrl The vendor app URL string + * + * @retval kErrorNone Successfully set the vendor app URL. + * @retval kErrorInvalidArgs @p aVendorAppUrl is not valid (too long or not UTF8). + * + */ + Error SetVendorAppUrl(const char *aVendorAppUrl); + #else const char *GetVendorName(void) const { return kVendorName; } const char *GetVendorModel(void) const { return kVendorModel; } const char *GetVendorSwVersion(void) const { return kVendorSwVersion; } + const char *GetVendorAppUrl(void) const { return kVendorAppUrl; } #endif // OPENTHREAD_CONFIG_NET_DIAG_VENDOR_INFO_SET_API_ENABLE private: @@ -173,6 +193,7 @@ class Server : public InstanceLocator, private NonCopyable static const char kVendorName[]; static const char kVendorModel[]; static const char kVendorSwVersion[]; + static const char kVendorAppUrl[]; Error AppendDiagTlv(uint8_t aTlvType, Message &aMessage); Error AppendIp6AddressList(Message &aMessage); @@ -211,6 +232,7 @@ class Server : public InstanceLocator, private NonCopyable VendorNameTlv::StringType mVendorName; VendorModelTlv::StringType mVendorModel; VendorSwVersionTlv::StringType mVendorSwVersion; + VendorAppUrlTlv::StringType mVendorAppUrl; #endif #if OPENTHREAD_FTD diff --git a/src/core/thread/network_diagnostic_tlvs.hpp b/src/core/thread/network_diagnostic_tlvs.hpp index 2efa744f469..acbaf5cf3fd 100644 --- a/src/core/thread/network_diagnostic_tlvs.hpp +++ b/src/core/thread/network_diagnostic_tlvs.hpp @@ -96,6 +96,7 @@ class Tlv : public ot::Tlv kAnswer = OT_NETWORK_DIAGNOSTIC_TLV_ANSWER, kQueryId = OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID, kMleCounters = OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS, + kVendorAppUrl = OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_APP_URL, }; /** @@ -122,6 +123,12 @@ class Tlv : public ot::Tlv */ static constexpr uint8_t kMaxThreadStackVersionLength = OT_NETWORK_DIAGNOSTIC_MAX_THREAD_STACK_VERSION_TLV_LENGTH; + /** + * Maximum length of Vendor SW Version TLV. + * + */ + static constexpr uint8_t kMaxVendorAppUrlLength = OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_APP_URL_TLV_LENGTH; + /** * Returns the Type value. * @@ -236,6 +243,12 @@ typedef StringTlvInfo Ven */ typedef StringTlvInfo ThreadStackVersionTlv; +/** + * Defines Vendor App URL TLV constants and types. + * + */ +typedef StringTlvInfo VendorAppUrlTlv; + /** * Defines Child IPv6 Address List TLV constants and types. * diff --git a/tests/toranj/cli/cli.py b/tests/toranj/cli/cli.py index 6bda0839ea8..385d8e584a6 100644 --- a/tests/toranj/cli/cli.py +++ b/tests/toranj/cli/cli.py @@ -378,6 +378,12 @@ def get_vendor_sw_version(self): def set_vendor_sw_version(self, version): return self._cli_no_output('vendor swversion', version) + def get_vendor_app_url(self): + return self._cli_single_output('vendor appurl') + + def set_vendor_app_url(self, url): + return self._cli_no_output('vendor appurl', url) + #- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # netdata diff --git a/tests/toranj/cli/test-020-net-diag-vendor-info.py b/tests/toranj/cli/test-020-net-diag-vendor-info.py index f923dde1941..a8bb7daaa91 100755 --- a/tests/toranj/cli/test-020-net-diag-vendor-info.py +++ b/tests/toranj/cli/test-020-net-diag-vendor-info.py @@ -69,6 +69,7 @@ VENDOR_SW_VERSION_TLV = 27 THREAD_STACK_VERSION_TLV = 28 MLE_COUNTERS_TLV = 34 +VENDOR_APP_URL = 35 #- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Check setting vendor name, model, ans sw version @@ -76,10 +77,12 @@ r1.set_vendor_name('nest') r1.set_vendor_model('marble') r1.set_vendor_sw_version('ot-1.3.1') +r1.set_vendor_app_url('https://example.com/vendor-app') verify(r1.get_vendor_name() == 'nest') verify(r1.get_vendor_model() == 'marble') verify(r1.get_vendor_sw_version() == 'ot-1.3.1') +verify(r1.get_vendor_app_url() == 'https://example.com/vendor-app') #- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Check invalid names (too long) @@ -126,6 +129,8 @@ verify(errored) +r2.set_vendor_app_url("https://example.com/vendor-app") + #- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Perform net diag query @@ -153,6 +158,13 @@ verify(result[1].startswith("Vendor SW Version:")) verify(result[1].split(':')[1].strip() == r1.get_vendor_sw_version()) +# Get vendor app URL (TLV 35) + +result = r2.cli('networkdiagnostic get', r1_rloc, VENDOR_APP_URL) +verify(len(result) == 2) +verify(result[1].startswith("Vendor App URL:")) +verify(result[1].split(':', 1)[1].strip() == r1.get_vendor_app_url()) + # Get thread stack version (TLV 30) result = r2.cli('networkdiagnostic get', r1_rloc, THREAD_STACK_VERSION_TLV) @@ -163,8 +175,8 @@ # Get all three TLVs (now from `r1`) result = r1.cli('networkdiagnostic get', r2_rloc, VENDOR_NAME_TLV, VENDOR_MODEL_TLV, VENDOR_SW_VERSION_TLV, - THREAD_STACK_VERSION_TLV) -verify(len(result) == 5) + THREAD_STACK_VERSION_TLV, VENDOR_APP_URL) +verify(len(result) == 6) for line in result[1:]: if line.startswith("Vendor Name:"): verify(line.split(':')[1].strip() == r2.get_vendor_name()) @@ -172,6 +184,8 @@ verify(line.split(':')[1].strip() == r2.get_vendor_model()) elif line.startswith("Vendor SW Version:"): verify(line.split(':')[1].strip() == r2.get_vendor_sw_version()) + elif line.startswith("Vendor App URL:"): + verify(line.split(':', 1)[1].strip() == r2.get_vendor_app_url()) elif line.startswith("Thread Stack Version:"): verify(r2.get_version().startswith(line.split(':', 1)[1].strip())) else: From 6cfe14c941aeec2dc80c28f1a437735da52c5031 Mon Sep 17 00:00:00 2001 From: jrhodie <139580534+jrhodie@users.noreply.github.com> Date: Tue, 20 Feb 2024 12:50:22 -0800 Subject: [PATCH 117/121] [cli] add references to CoAP concepts guide from CLI (#9856) --- src/cli/cli_coap.cpp | 9 +++++---- src/cli/cli_srp_client.cpp | 27 +++++++++++---------------- src/cli/cli_srp_server.cpp | 13 ++++++------- src/cli/cli_tcp.cpp | 12 ++++-------- src/cli/cli_udp.cpp | 8 +++----- 5 files changed, 29 insertions(+), 40 deletions(-) diff --git a/src/cli/cli_coap.cpp b/src/cli/cli_coap.cpp index f3b966f31bd..9464dff073e 100644 --- a/src/cli/cli_coap.cpp +++ b/src/cli/cli_coap.cpp @@ -298,8 +298,9 @@ template <> otError Coap::Process(Arg aArgs[]) * coap start * Done * @endcode - * @par api_copy - * #otCoapStart + * @par + * Starts the CoAP server. @moreinfo{@coap}. + * @sa otCoapStart */ template <> otError Coap::Process(Arg aArgs[]) { @@ -491,7 +492,7 @@ template <> otError Coap::Process(Arg aArgs[]) { return ProcessReque * the number of blocks to send. The `block-` type requires * `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. * @par - * Creates the specified CoAP resource. + * Creates the specified CoAP resource. @moreinfo{@coap}. */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_POST); } @@ -526,7 +527,7 @@ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequ * the number of blocks to send. The `block-` type requires * `OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE` to be set. * @par - * Modifies the specified CoAP resource. + * Modifies the specified CoAP resource. @moreinfo{@coap}. */ template <> otError Coap::Process(Arg aArgs[]) { return ProcessRequest(aArgs, OT_COAP_CODE_PUT); } diff --git a/src/cli/cli_srp_client.cpp b/src/cli/cli_srp_client.cpp index 30ed8d9143f..d90947bc1ca 100644 --- a/src/cli/cli_srp_client.cpp +++ b/src/cli/cli_srp_client.cpp @@ -80,8 +80,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @endcode * @par * Indicates the current state of auto-start mode (enabled or disabled). + * @moreinfo{@srp}. * @sa otSrpClientIsAutoStartModeEnabled - * @sa @srp */ if (aArgs[0].IsEmpty()) { @@ -160,8 +160,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @cparam srp client callback [@ca{enable}|@ca{disable}] * @par * Gets or enables/disables printing callback events from the SRP client. + * @moreinfo{@srp}. * @sa otSrpClientSetCallback - * @sa @srp */ template <> otError SrpClient::Process(Arg aArgs[]) { @@ -212,9 +212,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * To set the client host name when the host has either been removed or not yet * registered with the server, use the `name` parameter. * @par - * Gets or sets the host name of the SRP client. + * Gets or sets the host name of the SRP client. @moreinfo{@srp}. * @sa otSrpClientSetHostName - * @sa @srp */ else if (aArgs[0] == "name") { @@ -288,8 +287,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Indicates whether auto address mode is enabled. If auto address mode is not * enabled, then the list of SRP client host addresses is returned. + * @moreinfo{@srp}. * @sa otSrpClientGetHostInfo - * @sa @srp */ if (aArgs[1].IsEmpty()) { @@ -330,10 +329,9 @@ template <> otError SrpClient::Process(Arg aArgs[]) * running. This will also disable auto host address mode. * @par * Enable auto host address mode or explicitly set the list of host - * addresses. + * addresses. @moreinfo{@srp}. * @sa otSrpClientEnableAutoHostAddress * @sa otSrpClientSetHostAddresses - * @sa @srp */ else if (aArgs[1] == "auto") { @@ -388,9 +386,9 @@ template <> otError SrpClient::Process(Arg aArgs[]) * `removekeylease` parameter is specified first in the command. * @par * Removes SRP client host information and all services from the SRP server. + * @moreinfo{@srp}. * @sa otSrpClientRemoveHostAndServices * @sa otSrpClientSetHostName - * @sa @srp */ else if (aArgs[0] == "remove") { @@ -496,9 +494,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Gets the socket address (IPv6 address and port number) of the SRP server * that is being used by the SRP client. If the client is not running, the address - * is unspecified (all zeros) with a port number of 0. + * is unspecified (all zeros) with a port number of 0. @moreinfo{@srp}. * @sa otSrpClientGetServerAddress - * @sa @srp */ if (aArgs[0].IsEmpty()) { @@ -585,8 +582,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * TXT data byte sequence. * @par * Adds a service with a given instance name, service name, and port number. + * @moreinfo{@srp}. * @sa otSrpClientAddService - * @sa @srp */ else if (aArgs[0] == "add") { @@ -660,9 +657,8 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @par * Gets or sets the service key record inclusion mode in the SRP client. * This command is intended for testing only, and requires that - * `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` be enabled. + * `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` be enabled. @moreinfo{@srp}. * @sa otSrpClientIsServiceKeyRecordEnabled - * @sa @srp */ else if (aArgs[0] == "key") { @@ -853,9 +849,8 @@ void SrpClient::OutputService(uint8_t aIndentSize, const otSrpClientService &aSe * @endcode * @cparam srp client start @ca{serveraddr} @ca{serverport} * @par - * Starts the SRP client operation. + * Starts the SRP client operation. @moreinfo{@srp}. * @sa otSrpClientStart - * @sa @srp */ template <> otError SrpClient::Process(Arg aArgs[]) { @@ -881,7 +876,7 @@ template <> otError SrpClient::Process(Arg aArgs[]) * @endcode * @par api_copy * #otSrpClientIsRunning - * @sa @srp + * @moreinfo{@srp}. */ template <> otError SrpClient::Process(Arg aArgs[]) { diff --git a/src/cli/cli_srp_server.cpp b/src/cli/cli_srp_server.cpp index 1dc6d43c719..ee61a339fe8 100644 --- a/src/cli/cli_srp_server.cpp +++ b/src/cli/cli_srp_server.cpp @@ -115,9 +115,9 @@ template <> otError SrpServer::Process(Arg aArgs[]) * to enable or disable the SRP server. * @par * This command requires that `OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE` be enabled. + * @moreinfo{@srp}. * @sa otSrpServerIsAutoEnableMode * @sa otSrpServerSetAutoEnableMode - * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -174,8 +174,9 @@ template <> otError SrpServer::Process(Arg aArgs[]) * The SRP server may become active when the existing * SRP servers are no longer active within the Thread network. * * `running`: The SRP server is active and can handle service registrations. + * @par + * @moreinfo{@srp}. * @sa otSrpServerGetState - * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -213,9 +214,8 @@ template <> otError SrpServer::Process(Arg aArgs[]) * @endcode * @cparam srp server [@ca{enable}|@ca{disable}] * @par - * Enables or disables the SRP server. + * Enables or disables the SRP server. @moreinfo{@srp}. * @sa otSrpServerSetEnabled - * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -311,11 +311,10 @@ template <> otError SrpServer::Process(Arg aArgs[]) * Done * @endcode * @par - * Returns information about all registered hosts. + * Returns information about all registered hosts. @moreinfo{@srp}. * @sa otSrpServerGetNextHost * @sa otSrpServerHostGetAddresses * @sa otSrpServerHostGetFullName - * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { @@ -415,10 +414,10 @@ void SrpServer::OutputHostAddresses(const otSrpServerHost *aHost) * The `TXT` record is displayed * as an array of entries. If an entry contains a key, the key is printed in * ASCII format. The value portion is printed in hexadecimal bytes. + * @moreinfo{@srp}. * @sa otSrpServerServiceGetInstanceName * @sa otSrpServerServiceGetServiceName * @sa otSrpServerServiceGetSubTypeServiceNameAt - * @sa @srp */ template <> otError SrpServer::Process(Arg aArgs[]) { diff --git a/src/cli/cli_tcp.cpp b/src/cli/cli_tcp.cpp index eadb27bb8cb..ebf6a37b676 100644 --- a/src/cli/cli_tcp.cpp +++ b/src/cli/cli_tcp.cpp @@ -322,9 +322,8 @@ template <> otError TcpExample::Process(Arg aArgs[]) * Associates an IPv6 address and a port to the example TCP endpoint provided by * the `tcp` CLI. Associating the TCP endpoint to an IPv6 * address and port is referred to as "naming the TCP endpoint." This binds the - * endpoint for communication. + * endpoint for communication. @moreinfo{@tcp}. * @sa otTcpBind - * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -368,9 +367,8 @@ template <> otError TcpExample::Process(Arg aArgs[]) * Establishes a connection with the specified peer. * @par * If the connection establishment is successful, the resulting TCP connection - * is associated with the example TCP endpoint. + * is associated with the example TCP endpoint. @moreinfo{@tcp}. * @sa otTcpConnect - * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -450,8 +448,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) * remote TCP endpoint. * @par * Sends data over the TCP connection associated with the example TCP endpoint - * that is provided with the `tcp` CLI. - * @sa @tcp + * that is provided with the `tcp` CLI. @moreinfo{@tcp}. */ template <> otError TcpExample::Process(Arg aArgs[]) { @@ -684,9 +681,8 @@ template <> otError TcpExample::Process(Arg aArgs[]) * and are associated with the example TCP endpoint. * @par * Uses the example TCP listener to listen for incoming connections on the - * specified IPv6 address and port. + * specified IPv6 address and port. @moreinfo{@tcp}. * @sa otTcpListen - * @sa @tcp */ template <> otError TcpExample::Process(Arg aArgs[]) { diff --git a/src/cli/cli_udp.cpp b/src/cli/cli_udp.cpp index 7114564168d..d9b9dc6c8c2 100644 --- a/src/cli/cli_udp.cpp +++ b/src/cli/cli_udp.cpp @@ -76,9 +76,8 @@ UdpExample::UdpExample(otInstance *aInstance, OutputImplementer &aOutputImplemen * - `port`: UDP port number to bind to. Each of the examples is using port number 1234. * @par * Assigns an IPv6 address and a port to an open socket, which binds the socket for communication. - * Assigning the IPv6 address and port is referred to as naming the socket. + * Assigning the IPv6 address and port is referred to as naming the socket. @moreinfo{@udp}. * @sa otUdpBind - * @sa @udp */ template <> otError UdpExample::Process(Arg aArgs[]) { @@ -127,7 +126,7 @@ template <> otError UdpExample::Process(Arg aArgs[]) * `InvalidState` when the preferred NAT64 prefix is unavailable. * @par api_copy * #otUdpConnect - * @sa @udp + * @moreinfo{@udp}. */ template <> otError UdpExample::Process(Arg aArgs[]) { @@ -244,12 +243,11 @@ template <> otError UdpExample::Process(Arg aArgs[]) * - `-s`: Auto-generated payload with the specified length given in the `value` parameter. * - `-x`: Binary data in hexadecimal representation given in the `value` parameter. * @par - * Sends a UDP message using the socket. + * Sends a UDP message using the socket. @moreinfo{@udp}. * @csa{udp open} * @csa{udp bind} * @csa{udp connect} * @sa otUdpSend - * @sa @udp */ template <> otError UdpExample::Process(Arg aArgs[]) { From 00f22b52c9057f3590c3be7ad8b1d94060db08d0 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Wed, 21 Feb 2024 10:42:33 -0800 Subject: [PATCH 118/121] [netdiag] update comments and fix style (#9866) This commit contains smaller enhancements in `netdiag.h`: - Changes TLV type constants to use `#define`. - Removed unused definitions/constants. - Move constants used by CLI module to related CLI method. - Update comments and fix style. --- include/openthread/instance.h | 2 +- include/openthread/netdiag.h | 190 ++++++++++------------------------ src/cli/cli.cpp | 4 +- 3 files changed, 58 insertions(+), 138 deletions(-) diff --git a/include/openthread/instance.h b/include/openthread/instance.h index fd5704ab67f..546b5d17d79 100644 --- a/include/openthread/instance.h +++ b/include/openthread/instance.h @@ -53,7 +53,7 @@ extern "C" { * @note This number versions both OpenThread platform and user APIs. * */ -#define OPENTHREAD_API_VERSION (396) +#define OPENTHREAD_API_VERSION (397) /** * @addtogroup api-instance diff --git a/include/openthread/netdiag.h b/include/openthread/netdiag.h index 8485475a541..ff99b3850d1 100644 --- a/include/openthread/netdiag.h +++ b/include/openthread/netdiag.h @@ -49,54 +49,35 @@ extern "C" { * */ -/** - * Maximum Number of Network Diagnostic TLV Types to Request or Reset. - */ -#define OT_NETWORK_DIAGNOSTIC_TYPELIST_MAX_ENTRIES 19 - -/** - * Size of Network Diagnostic Child Table entry. - */ -#define OT_NETWORK_DIAGNOSTIC_CHILD_TABLE_ENTRY_SIZE 3 - -/** - * Initializer for otNetworkDiagIterator. - */ -#define OT_NETWORK_DIAGNOSTIC_ITERATOR_INIT 0 - -enum -{ - OT_NETWORK_DIAGNOSTIC_TLV_EXT_ADDRESS = 0, ///< MAC Extended Address TLV - OT_NETWORK_DIAGNOSTIC_TLV_SHORT_ADDRESS = 1, ///< Address16 TLV - OT_NETWORK_DIAGNOSTIC_TLV_MODE = 2, ///< Mode TLV - OT_NETWORK_DIAGNOSTIC_TLV_TIMEOUT = 3, ///< Timeout TLV (the maximum polling time period for SEDs) - OT_NETWORK_DIAGNOSTIC_TLV_CONNECTIVITY = 4, ///< Connectivity TLV - OT_NETWORK_DIAGNOSTIC_TLV_ROUTE = 5, ///< Route64 TLV - OT_NETWORK_DIAGNOSTIC_TLV_LEADER_DATA = 6, ///< Leader Data TLV - OT_NETWORK_DIAGNOSTIC_TLV_NETWORK_DATA = 7, ///< Network Data TLV - OT_NETWORK_DIAGNOSTIC_TLV_IP6_ADDR_LIST = 8, ///< IPv6 Address List TLV - OT_NETWORK_DIAGNOSTIC_TLV_MAC_COUNTERS = 9, ///< MAC Counters TLV - OT_NETWORK_DIAGNOSTIC_TLV_BATTERY_LEVEL = 14, ///< Battery Level TLV - OT_NETWORK_DIAGNOSTIC_TLV_SUPPLY_VOLTAGE = 15, ///< Supply Voltage TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHILD_TABLE = 16, ///< Child Table TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHANNEL_PAGES = 17, ///< Channel Pages TLV - OT_NETWORK_DIAGNOSTIC_TLV_TYPE_LIST = 18, ///< Type List TLV - OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT = 19, ///< Max Child Timeout TLV - OT_NETWORK_DIAGNOSTIC_TLV_EUI64 = 23, ///< EUI64 TLV - OT_NETWORK_DIAGNOSTIC_TLV_VERSION = 24, ///< Version TLV (version number for the protocols and features) - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME = 25, ///< Vendor Name TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_MODEL = 26, ///< Vendor Model TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_SW_VERSION = 27, ///< Vendor SW Version TLV - OT_NETWORK_DIAGNOSTIC_TLV_THREAD_STACK_VERSION = - 28, ///< Thread Stack Version TLV (version identifier as UTF-8 string for Thread stack codebase/commit/version) - OT_NETWORK_DIAGNOSTIC_TLV_CHILD = 29, ///< Child TLV - OT_NETWORK_DIAGNOSTIC_TLV_CHILD_IP6_ADDR_LIST = 30, ///< Child IPv6 Address List TLV - OT_NETWORK_DIAGNOSTIC_TLV_ROUTER_NEIGHBOR = 31, ///< Router Neighbor TLV - OT_NETWORK_DIAGNOSTIC_TLV_ANSWER = 32, ///< Answer TLV - OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID = 33, ///< Query ID TLV - OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS = 34, ///< MLE Counters TLV - OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_APP_URL = 35, ///< Vendor App URL TLV -}; +#define OT_NETWORK_DIAGNOSTIC_TLV_EXT_ADDRESS 0 ///< MAC Extended Address TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_SHORT_ADDRESS 1 ///< Address16 TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_MODE 2 ///< Mode TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_TIMEOUT 3 ///< Timeout TLV (max polling time period for SEDs) +#define OT_NETWORK_DIAGNOSTIC_TLV_CONNECTIVITY 4 ///< Connectivity TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_ROUTE 5 ///< Route64 TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_LEADER_DATA 6 ///< Leader Data TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_NETWORK_DATA 7 ///< Network Data TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_IP6_ADDR_LIST 8 ///< IPv6 Address List TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_MAC_COUNTERS 9 ///< MAC Counters TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_BATTERY_LEVEL 14 ///< Battery Level TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_SUPPLY_VOLTAGE 15 ///< Supply Voltage TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_CHILD_TABLE 16 ///< Child Table TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_CHANNEL_PAGES 17 ///< Channel Pages TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_TYPE_LIST 18 ///< Type List TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_MAX_CHILD_TIMEOUT 19 ///< Max Child Timeout TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_EUI64 23 ///< EUI64 TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_VERSION 24 ///< Thread Version TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_NAME 25 ///< Vendor Name TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_MODEL 26 ///< Vendor Model TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_SW_VERSION 27 ///< Vendor SW Version TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_THREAD_STACK_VERSION 28 ///< Thread Stack Version TLV (codebase/commit version) +#define OT_NETWORK_DIAGNOSTIC_TLV_CHILD 29 ///< Child TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_CHILD_IP6_ADDR_LIST 30 ///< Child IPv6 Address List TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_ROUTER_NEIGHBOR 31 ///< Router Neighbor TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_ANSWER 32 ///< Answer TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_QUERY_ID 33 ///< Query ID TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_MLE_COUNTERS 34 ///< MLE Counters TLV +#define OT_NETWORK_DIAGNOSTIC_TLV_VENDOR_APP_URL 35 ///< Vendor App URL TLV #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_NAME_TLV_LENGTH 32 ///< Max length of Vendor Name TLV. #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_MODEL_TLV_LENGTH 32 ///< Max length of Vendor Model TLV. @@ -104,6 +85,8 @@ enum #define OT_NETWORK_DIAGNOSTIC_MAX_THREAD_STACK_VERSION_TLV_LENGTH 64 ///< Max length of Thread Stack Version TLV. #define OT_NETWORK_DIAGNOSTIC_MAX_VENDOR_APP_URL_TLV_LENGTH 96 ///< Max length of Vendor App URL TLV. +#define OT_NETWORK_DIAGNOSTIC_ITERATOR_INIT 0 ///< Initializer for `otNetworkDiagIterator`. + typedef uint16_t otNetworkDiagIterator; ///< Used to iterate through Network Diagnostic TLV. /** @@ -112,50 +95,15 @@ typedef uint16_t otNetworkDiagIterator; ///< Used to iterate through Network Dia */ typedef struct otNetworkDiagConnectivity { - /** - * The priority of the sender as a parent. - */ - int8_t mParentPriority; - - /** - * The number of neighboring devices with which the sender shares a link of quality 3. - */ - uint8_t mLinkQuality3; - - /** - * The number of neighboring devices with which the sender shares a link of quality 2. - */ - uint8_t mLinkQuality2; - - /** - * The number of neighboring devices with which the sender shares a link of quality 1. - */ - uint8_t mLinkQuality1; - - /** - * The sender's routing cost to the Leader. - */ - uint8_t mLeaderCost; - - /** - * The most recent ID sequence number received by the sender. - */ - uint8_t mIdSequence; - - /** - * The number of active Routers in the sender's Thread Network Partition. - */ - uint8_t mActiveRouters; - - /** - * The guaranteed buffer capacity in octets for all IPv6 datagrams destined to a given SED. Optional. - */ - uint16_t mSedBufferSize; - - /** - * The guaranteed queue capacity in number of IPv6 datagrams destined to a given SED. Optional. - */ - uint8_t mSedDatagramCount; + int8_t mParentPriority; ///< The priority of the sender as a parent. + uint8_t mLinkQuality3; ///< Number of neighbors with link of quality 3. + uint8_t mLinkQuality2; ///< Number of neighbors with link of quality 2. + uint8_t mLinkQuality1; ///< Number of neighbors with link of quality 1. + uint8_t mLeaderCost; ///< Cost to the Leader. + uint8_t mIdSequence; ///< Most recent received ID seq number. + uint8_t mActiveRouters; ///< Number of active routers. + uint16_t mSedBufferSize; ///< Buffer capacity in bytes for SEDs. Optional. + uint8_t mSedDatagramCount; ///< Queue capacity (number of IPv6 datagrams) per SED. Optional. } otNetworkDiagConnectivity; /** @@ -171,7 +119,7 @@ typedef struct otNetworkDiagRouteData } otNetworkDiagRouteData; /** - * Represents a Network Diagnostic Route TLV value. + * Represents a Network Diagnostic Route64 TLV value. * */ typedef struct otNetworkDiagRoute @@ -179,17 +127,9 @@ typedef struct otNetworkDiagRoute /** * The sequence number associated with the set of Router ID assignments in #mRouteData. */ - uint8_t mIdSequence; - - /** - * Number of elements in #mRouteData. - */ - uint8_t mRouteCount; - - /** - * Link Quality and Routing Cost data. - */ - otNetworkDiagRouteData mRouteData[OT_NETWORK_MAX_ROUTER_ID + 1]; + uint8_t mIdSequence; ///< Sequence number for Router ID assignments. + uint8_t mRouteCount; ///< Number of routes. + otNetworkDiagRouteData mRouteData[OT_NETWORK_MAX_ROUTER_ID + 1]; ///< Link Quality and Routing Cost data. } otNetworkDiagRoute; /** @@ -240,28 +180,10 @@ typedef struct otNetworkDiagMleCounters */ typedef struct otNetworkDiagChildEntry { - /** - * Expected poll time expressed as 2^(Timeout-4) seconds. - */ - uint16_t mTimeout : 5; - - /** - * Link Quality In value in [0,3]. - * - * Value 0 indicates that sender does not support the feature to provide link quality info. - * - */ - uint8_t mLinkQuality : 2; - - /** - * Child ID from which an RLOC can be generated. - */ - uint16_t mChildId : 9; - - /** - * Link mode bits. - */ - otLinkModeConfig mMode; + uint16_t mTimeout : 5; ///< Expected poll timeout expressed as 2^(Timeout-4) seconds. + uint8_t mLinkQuality : 2; ///< Link Quality In value [0,3]. Zero indicate sender cannot provide link quality info. + uint16_t mChildId : 9; ///< Child ID (derived from child RLOC) + otLinkModeConfig mMode; ///< Link mode. } otNetworkDiagChildEntry; /** @@ -270,10 +192,7 @@ typedef struct otNetworkDiagChildEntry */ typedef struct otNetworkDiagTlv { - /** - * The Network Diagnostic TLV type. - */ - uint8_t mType; + uint8_t mType; ///< The Network Diagnostic TLV type. union { @@ -304,13 +223,12 @@ typedef struct otNetworkDiagTlv struct { uint8_t mCount; - otIp6Address mList[OT_NETWORK_BASE_TLV_MAX_LENGTH / OT_IP6_ADDRESS_SIZE]; + otIp6Address mList[OT_NETWORK_BASE_TLV_MAX_LENGTH / sizeof(otIp6Address)]; } mIp6AddrList; struct { - uint8_t mCount; - otNetworkDiagChildEntry - mTable[OT_NETWORK_BASE_TLV_MAX_LENGTH / OT_NETWORK_DIAGNOSTIC_CHILD_TABLE_ENTRY_SIZE]; + uint8_t mCount; + otNetworkDiagChildEntry mTable[OT_NETWORK_BASE_TLV_MAX_LENGTH / sizeof(otNetworkDiagChildEntry)]; } mChildTable; struct { @@ -421,11 +339,11 @@ const char *otThreadGetVendorName(otInstance *aInstance); const char *otThreadGetVendorModel(otInstance *aInstance); /** - * Get the vendor sw version string. + * Get the vendor software version string. * * @param[in] aInstance A pointer to an OpenThread instance. * - * @returns The vendor sw version string. + * @returns The vendor software version string. * */ const char *otThreadGetVendorSwVersion(otInstance *aInstance); diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index 570ac1af157..f063293f0af 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -7792,9 +7792,11 @@ template <> otError Interpreter::Process(Arg aArgs[]) template <> otError Interpreter::Process(Arg aArgs[]) { + static constexpr uint16_t kMaxTlvs = 35; + otError error = OT_ERROR_NONE; otIp6Address address; - uint8_t tlvTypes[OT_NETWORK_DIAGNOSTIC_TYPELIST_MAX_ENTRIES]; + uint8_t tlvTypes[kMaxTlvs]; uint8_t count = 0; SuccessOrExit(error = aArgs[1].ParseAsIp6Address(address)); From 3aa3cbc341c18a221ec77fe073bd3f665990f9b4 Mon Sep 17 00:00:00 2001 From: Yang Sun Date: Thu, 22 Feb 2024 02:44:33 +0800 Subject: [PATCH 119/121] [ip6] add multicast forwarding restrictions to host (#9863) On Android, the platform doesn't restrict link-local/mesh-local source addresses when forwarding multicast packets. For multicast packets sent from link-local/mesh-local address to scope larger than realm-local, set the hoplimit to 1 so the packet can be delivered to host, and will not be forwarded to infrastructure link. The feature is guarded by OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC, set as 1 to enable. --- src/core/config/ip6.h | 10 ++++++++++ src/core/net/ip6.cpp | 13 +++++++++++++ 2 files changed, 23 insertions(+) diff --git a/src/core/config/ip6.h b/src/core/config/ip6.h index 2e8e982c20a..f16f8a3dd48 100644 --- a/src/core/config/ip6.h +++ b/src/core/config/ip6.h @@ -227,6 +227,16 @@ #define OPENTHREAD_CONFIG_IP6_BR_COUNTERS_ENABLE OPENTHREAD_CONFIG_BORDER_ROUTING_ENABLE #endif +/** + * @def OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC + * + * Define as 1 to restrict multicast forwarding to larger scope from local sources. + * + */ +#ifndef OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC +#define OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC 0 +#endif + /** * @} * diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp index 3a6472a3fb1..0c0bf5abd02 100644 --- a/src/core/net/ip6.cpp +++ b/src/core/net/ip6.cpp @@ -1037,6 +1037,19 @@ Error Ip6::PassToHost(OwnedPtr &aMessagePtr, } #endif +#if OPENTHREAD_CONFIG_IP6_RESTRICT_FORWARDING_LARGER_SCOPE_MCAST_WITH_LOCAL_SRC + // Some platforms (e.g. Android) currently doesn't restrict link-local/mesh-local source + // addresses when forwarding multicast packets. + // For a multicast packet sent from link-local/mesh-local address to scope larger + // than realm-local, set the hop limit to 1 before sending to host, so this packet + // will not be forwarded by host. + if (aMessageInfo.GetSockAddr().IsMulticastLargerThanRealmLocal() && + (aMessageInfo.GetPeerAddr().IsLinkLocal() || (Get().IsMeshLocalAddress(aMessageInfo.GetPeerAddr())))) + { + messagePtr->Write(Header::kHopLimitFieldOffset, 1); + } +#endif + // Pass message to callback transferring its ownership. mReceiveIp6DatagramCallback.Invoke(messagePtr.Release()); From a0d805c8f001da9f9827963d3a35bf4f9958673c Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 22 Feb 2024 11:29:38 -0800 Subject: [PATCH 120/121] [cli] style fixes & remove core defined error constants (#9868) This commit contains small changes in the CLI modules: - Replace use of core-internal `kError` with `OT_ERROR` constants. - Remove `#endif` comments when the corresponding `#if` is less than 20 lines away adhering to OT style guide. - Adhere to single `return` policy (use `ExitNow()`). - Avoid calling `static` method `ParseToIp6Address()` with an object. - Smaller style fixes: New lines after variable declaration, use shorter local variable names, etc. --- src/cli/cli.cpp | 13 +++++---- src/cli/cli.hpp | 8 +++--- src/cli/cli_dns.cpp | 6 ++-- src/cli/cli_ping.cpp | 8 +++--- src/cli/cli_tcat.cpp | 9 +++--- src/cli/cli_tcp.cpp | 67 ++++++++++++++++++++++++++++++++++---------- src/cli/cli_udp.cpp | 17 +++++------ 7 files changed, 84 insertions(+), 44 deletions(-) diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp index f063293f0af..4d1ab027849 100644 --- a/src/cli/cli.cpp +++ b/src/cli/cli.cpp @@ -504,12 +504,13 @@ otError Interpreter::ParseToIp6Address(otInstance *aInstance, otIp6Address &aAddress, bool &aSynthesized) { - Error error = kErrorNone; + Error error = OT_ERROR_NONE; VerifyOrExit(!aArg.IsEmpty(), error = OT_ERROR_INVALID_ARGS); error = aArg.ParseAsIp6Address(aAddress); aSynthesized = false; - if (error != kErrorNone) + + if (error != OT_ERROR_NONE) { // It might be an IPv4 address, let's have a try. otIp4Address ip4Address; @@ -758,9 +759,6 @@ template <> otError Interpreter::Process(Arg aArgs[]) */ else if (aArgs[0] == "mappings") { - otNat64AddressMappingIterator iterator; - otNat64AddressMapping mapping; - static const char *const kNat64StatusLevel1Title[] = {"", "Address", "", "4 to 6", "6 to 4"}; static const uint8_t kNat64StatusLevel1ColumnWidths[] = { @@ -775,6 +773,9 @@ template <> otError Interpreter::Process(Arg aArgs[]) 18, 42, 18, 8, 10, 14, 10, 14, }; + otNat64AddressMappingIterator iterator; + otNat64AddressMapping mapping; + OutputTableHeader(kNat64StatusLevel1Title, kNat64StatusLevel1ColumnWidths); OutputTableHeader(kNat64StatusTableHeader, kNat64StatusTableColumnWidths); @@ -7563,7 +7564,7 @@ template <> otError Interpreter::Process(Arg aArgs[]) } else { - VerifyOrExit(aArgs[1].IsEmpty(), error = kErrorInvalidArgs); + VerifyOrExit(aArgs[1].IsEmpty(), error = OT_ERROR_INVALID_ARGS); } if (isTable) diff --git a/src/cli/cli.hpp b/src/cli/cli.hpp index f69807110cc..142f02c3387 100644 --- a/src/cli/cli.hpp +++ b/src/cli/cli.hpp @@ -258,14 +258,14 @@ class Interpreter : public OutputImplementer, public Output * If the argument string is an IPv4 address, this method will try to synthesize an IPv6 address using preferred * NAT64 prefix in the network data. * - * @param[in] aInstance A pointer to openthread instance. + * @param[in] aInstance A pointer to OpenThread instance. * @param[in] aArg The argument string to parse. * @param[out] aAddress A reference to an `otIp6Address` to output the parsed IPv6 address. * @param[out] aSynthesized Whether @p aAddress is synthesized from an IPv4 address. * - * @retval OT_ERROR_NONE The argument was parsed successfully. - * @retval OT_ERROR_INVALID_ARGS The argument is empty or does not contain valid IP address. - * @retval OT_ERROR_INVALID_STATE No valid NAT64 prefix in the network data. + * @retval OT_ERROR_NONE The argument was parsed successfully. + * @retval OT_ERROR_INVALID_ARGS The argument is empty or does not contain a valid IP address. + * @retval OT_ERROR_INVALID_STATE No valid NAT64 prefix in the network data. * */ static otError ParseToIp6Address(otInstance *aInstance, diff --git a/src/cli/cli_dns.cpp b/src/cli/cli_dns.cpp index 7aef47976ca..e5dff9a130b 100644 --- a/src/cli/cli_dns.cpp +++ b/src/cli/cli_dns.cpp @@ -416,15 +416,15 @@ otError Dns::GetDnsConfig(Arg aArgs[], otDnsQueryConfig *&aConfig) otError error = OT_ERROR_NONE; bool recursionDesired; - bool nat64SynthesizedAddress; + bool nat64Synth; ClearAllBytes(*aConfig); VerifyOrExit(!aArgs[0].IsEmpty(), aConfig = nullptr); SuccessOrExit(error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], aConfig->mServerSockAddr.mAddress, - nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) + nat64Synth)); + if (nat64Synth) { OutputFormat("Synthesized IPv6 DNS server address: "); OutputIp6AddressLine(aConfig->mServerSockAddr.mAddress); diff --git a/src/cli/cli_ping.cpp b/src/cli/cli_ping.cpp index e8e76215788..7d882590844 100644 --- a/src/cli/cli_ping.cpp +++ b/src/cli/cli_ping.cpp @@ -55,7 +55,7 @@ otError PingSender::Process(Arg aArgs[]) otError error = OT_ERROR_NONE; otPingSenderConfig config; bool async = false; - bool nat64SynthesizedAddress; + bool nat64Synth; /** * @cli ping stop @@ -96,9 +96,9 @@ otError PingSender::Process(Arg aArgs[]) aArgs++; } - SuccessOrExit(error = Interpreter::GetInterpreter().ParseToIp6Address( - GetInstancePtr(), aArgs[0], config.mDestination, nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) + SuccessOrExit(error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], config.mDestination, nat64Synth)); + + if (nat64Synth) { OutputFormat("Pinging synthesized IPv6 address: "); OutputIp6AddressLine(config.mDestination); diff --git a/src/cli/cli_tcat.cpp b/src/cli/cli_tcat.cpp index e754bca93ae..491aaf6c03e 100644 --- a/src/cli/cli_tcat.cpp +++ b/src/cli/cli_tcat.cpp @@ -93,10 +93,12 @@ static void HandleBleSecureReceive(otInstance *aInstance, OT_UNUSED_VARIABLE(aContext); OT_UNUSED_VARIABLE(aTcatApplicationProtocol); OT_UNUSED_VARIABLE(aServiceName); + static constexpr int kTextMaxLen = 100; static constexpr uint8_t kBufPrefixLen = 5; - uint16_t nLen; - uint8_t buf[kTextMaxLen]; + + uint16_t nLen; + uint8_t buf[kTextMaxLen]; nLen = otMessageRead(aMessage, (uint16_t)aOffset, buf + kBufPrefixLen, sizeof(buf) - kBufPrefixLen - 1); @@ -137,11 +139,10 @@ template <> otError Tcat::Process(Arg aArgs[]) template <> otError Tcat::Process(Arg aArgs[]) { OT_UNUSED_VARIABLE(aArgs); - otError error = OT_ERROR_NONE; otBleSecureStop(GetInstancePtr()); - return error; + return OT_ERROR_NONE; } otError Tcat::Process(Arg aArgs[]) diff --git a/src/cli/cli_tcp.cpp b/src/cli/cli_tcp.cpp index ebf6a37b676..90ce1aaeffb 100644 --- a/src/cli/cli_tcp.cpp +++ b/src/cli/cli_tcp.cpp @@ -81,9 +81,10 @@ TcpExample::TcpExample(otInstance *aInstance, OutputImplementer &aOutputImplemen void TcpExample::MbedTlsDebugOutput(void *ctx, int level, const char *file, int line, const char *str) { TcpExample &tcpExample = *static_cast(ctx); + tcpExample.OutputLine("%s:%d:%d: %s", file, line, level, str); } -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif /** * @cli tcp init @@ -221,6 +222,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) ClearAllBytes(endpointArgs); endpointArgs.mEstablishedCallback = HandleTcpEstablishedCallback; + if (mUseCircularSendBuffer) { endpointArgs.mForwardProgressCallback = HandleTcpForwardProgressCallback; @@ -229,6 +231,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) { endpointArgs.mSendDoneCallback = HandleTcpSendDoneCallback; } + endpointArgs.mReceiveAvailableCallback = HandleTcpReceiveAvailableCallback; endpointArgs.mDisconnectedCallback = HandleTcpDisconnectedCallback; endpointArgs.mContext = this; @@ -247,6 +250,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) listenerArgs.mContext = this; error = otTcpListenerInitialize(GetInstancePtr(), &mListener, &listenerArgs); + if (error != OT_ERROR_NONE) { IgnoreReturnValue(otTcpEndpointDeinitialize(&mEndpoint)); @@ -289,7 +293,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) mbedtls_pk_free(&mPKey); mbedtls_x509_crt_free(&mSrvCert); } -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif endpointError = otTcpEndpointDeinitialize(&mEndpoint); mSendBusy = false; @@ -374,20 +378,21 @@ template <> otError TcpExample::Process(Arg aArgs[]) { otError error; otSockAddr sockaddr; - bool nat64SynthesizedAddress; + bool nat64Synth; uint32_t flags; VerifyOrExit(mInitialized, error = OT_ERROR_INVALID_STATE); - SuccessOrExit( - error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], sockaddr.mAddress, nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) + SuccessOrExit(error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], sockaddr.mAddress, nat64Synth)); + + if (nat64Synth) { OutputFormat("Connecting to synthesized IPv6 address: "); OutputIp6AddressLine(sockaddr.mAddress); } SuccessOrExit(error = aArgs[1].ParseAsUint16(sockaddr.mPort)); + if (aArgs[2].IsEmpty()) { flags = OT_TCP_CONNECT_NO_FAST_OPEN; @@ -406,6 +411,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) { ExitNow(error = OT_ERROR_INVALID_ARGS); } + VerifyOrExit(aArgs[3].IsEmpty(), error = OT_ERROR_INVALID_ARGS); } @@ -419,7 +425,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) OutputLine("mbedtls_ssl_config_defaults returned %d", rv); } } -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif SuccessOrExit(error = otTcpConnect(&mEndpoint, &sockaddr, flags)); mEndpointConnected = true; @@ -466,16 +472,19 @@ template <> otError TcpExample::Process(Arg aArgs[]) { int rv = mbedtls_ssl_write(&mSslContext, reinterpret_cast(aArgs[0].GetCString()), aArgs[0].GetLength()); + if (rv < 0 && rv != MBEDTLS_ERR_SSL_WANT_WRITE && rv != MBEDTLS_ERR_SSL_WANT_READ) { - ExitNow(error = kErrorFailed); + ExitNow(error = OT_ERROR_FAILED); } - error = kErrorNone; + + error = OT_ERROR_NONE; } else -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif { size_t written; + SuccessOrExit(error = otTcpCircularSendBufferWrite(&mEndpoint, &mSendBuffer, aArgs[0].GetCString(), aArgs[0].GetLength(), &written, 0)); } @@ -526,6 +535,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) if (aArgs[0] == "result") { OutputFormat("TCP Benchmark Status: "); + if (mBenchmarkBytesTotal != 0) { OutputLine("Ongoing"); @@ -571,6 +581,7 @@ template <> otError TcpExample::Process(Arg aArgs[]) SuccessOrExit(error = aArgs[1].ParseAsUint32(mBenchmarkBytesTotal)); VerifyOrExit(mBenchmarkBytesTotal != 0, error = OT_ERROR_INVALID_ARGS); } + VerifyOrExit(aArgs[2].IsEmpty(), error = OT_ERROR_INVALID_ARGS); mBenchmarkStart = TimerMilli::GetNow(); @@ -594,10 +605,12 @@ template <> otError TcpExample::Process(Arg aArgs[]) mBenchmarkLinks[i].mNext = nullptr; mBenchmarkLinks[i].mData = mSendBufferBytes; mBenchmarkLinks[i].mLength = sizeof(mSendBufferBytes); + if (i == 0 && mBenchmarkBytesTotal % sizeof(mSendBufferBytes) != 0) { mBenchmarkLinks[i].mLength = mBenchmarkBytesTotal % sizeof(mSendBufferBytes); } + error = otTcpSendByReference(&mEndpoint, &mBenchmarkLinks[i], i == toSendOut - 1 ? 0 : OT_TCP_SEND_MORE_TO_COME); VerifyOrExit(error == OT_ERROR_NONE, mBenchmarkBytesTotal = 0); @@ -812,7 +825,7 @@ void TcpExample::HandleTcpEstablished(otTcpEndpoint *aEndpoint) PrepareTlsHandshake(); ContinueTlsHandshake(); } -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif } void TcpExample::HandleTcpSendDone(otTcpEndpoint *aEndpoint, otLinkedBuffer *aData) @@ -834,10 +847,13 @@ void TcpExample::HandleTcpSendDone(otTcpEndpoint *aEndpoint, otLinkedBuffer *aDa { OT_ASSERT(aData != &mSendLink); OT_ASSERT(mBenchmarkBytesUnsent >= aData->mLength); + mBenchmarkBytesUnsent -= aData->mLength; // could be less than sizeof(mSendBufferBytes) for the first link + if (mBenchmarkBytesUnsent >= OT_ARRAY_LENGTH(mBenchmarkLinks) * sizeof(mSendBufferBytes)) { aData->mLength = sizeof(mSendBufferBytes); + if (otTcpSendByReference(&mEndpoint, aData, 0) != OT_ERROR_NONE) { OutputLine("TCP Benchmark Failed"); @@ -907,7 +923,7 @@ void TcpExample::HandleTcpReceiveAvailable(otTcpEndpoint *aEndpoint, #if OPENTHREAD_CONFIG_TLS_ENABLE if (mUseTls && ContinueTlsHandshake()) { - return; + ExitNow(); } #endif @@ -917,15 +933,18 @@ void TcpExample::HandleTcpReceiveAvailable(otTcpEndpoint *aEndpoint, if (mUseTls) { uint8_t buffer[500]; + for (;;) { int rv = mbedtls_ssl_read(&mSslContext, buffer, sizeof(buffer)); + if (rv < 0) { if (rv == MBEDTLS_ERR_SSL_WANT_READ) { break; } + OutputLine("TLS receive failure: %d", rv); } else @@ -941,13 +960,16 @@ void TcpExample::HandleTcpReceiveAvailable(otTcpEndpoint *aEndpoint, { const otLinkedBuffer *data; size_t totalReceived = 0; + IgnoreError(otTcpReceiveByReference(aEndpoint, &data)); + for (; data != nullptr; data = data->mNext) { OutputLine("TCP: Received %u bytes: %.*s", static_cast(data->mLength), static_cast(data->mLength), reinterpret_cast(data->mData)); totalReceived += data->mLength; } + OT_ASSERT(aBytesAvailable == totalReceived); IgnoreReturnValue(otTcpCommitReceive(aEndpoint, totalReceived, 0)); } @@ -957,6 +979,11 @@ void TcpExample::HandleTcpReceiveAvailable(otTcpEndpoint *aEndpoint, { OutputLine("TCP: Reached end of stream"); } + + ExitNow(); + +exit: + return; } void TcpExample::HandleTcpDisconnected(otTcpEndpoint *aEndpoint, otTcpDisconnectedReason aReason) @@ -1035,8 +1062,10 @@ otTcpIncomingConnectionAction TcpExample::HandleTcpAcceptReady(otTcpListener { OutputLine("mbedtls_ssl_config_defaults returned %d", rv); } + mbedtls_ssl_conf_ca_chain(&mSslConfig, mSrvCert.next, nullptr); rv = mbedtls_ssl_conf_own_cert(&mSslConfig, &mSrvCert, &mPKey); + if (rv != 0) { OutputLine("mbedtls_ssl_conf_own_cert returned %d", rv); @@ -1076,6 +1105,7 @@ otError TcpExample::ContinueBenchmarkCircularSend(void) { int rv = mbedtls_ssl_write(&mSslContext, reinterpret_cast(sBenchmarkData), toSendThisIteration); + if (rv > 0) { written = static_cast(rv); @@ -1083,12 +1113,13 @@ otError TcpExample::ContinueBenchmarkCircularSend(void) } else if (rv != MBEDTLS_ERR_SSL_WANT_WRITE && rv != MBEDTLS_ERR_SSL_WANT_READ) { - ExitNow(error = kErrorFailed); + ExitNow(error = OT_ERROR_FAILED); } - error = kErrorNone; + + error = OT_ERROR_NONE; } else -#endif // OPENTHREAD_CONFIG_TLS_ENABLE +#endif { SuccessOrExit(error = otTcpCircularSendBufferWrite(&mEndpoint, &mSendBuffer, sBenchmarkData, toSendThisIteration, &written, flag)); @@ -1132,17 +1163,21 @@ void TcpExample::CompleteBenchmark(void) void TcpExample::PrepareTlsHandshake(void) { int rv; + rv = mbedtls_ssl_set_hostname(&mSslContext, "localhost"); + if (rv != 0) { OutputLine("mbedtls_ssl_set_hostname returned %d", rv); } + rv = mbedtls_ssl_set_hs_ecjpake_password(&mSslContext, reinterpret_cast(sEcjpakePassword), sEcjpakePasswordLength); if (rv != 0) { OutputLine("mbedtls_ssl_set_hs_ecjpake_password returned %d", rv); } + mbedtls_ssl_set_bio(&mSslContext, &mEndpointAndCircularSendBuffer, otTcpMbedTlsSslSendCallback, otTcpMbedTlsSslRecvCallback, nullptr); mTlsHandshakeComplete = false; @@ -1156,6 +1191,7 @@ bool TcpExample::ContinueTlsHandshake(void) if (!mTlsHandshakeComplete) { rv = mbedtls_ssl_handshake(&mSslContext); + if (rv == 0) { OutputLine("TLS Handshake Complete"); @@ -1165,6 +1201,7 @@ bool TcpExample::ContinueTlsHandshake(void) { OutputLine("TLS Handshake Failed: %d", rv); } + wasNotAlreadyDone = true; } diff --git a/src/cli/cli_udp.cpp b/src/cli/cli_udp.cpp index d9b9dc6c8c2..9f8afdf2a2c 100644 --- a/src/cli/cli_udp.cpp +++ b/src/cli/cli_udp.cpp @@ -132,11 +132,11 @@ template <> otError UdpExample::Process(Arg aArgs[]) { otError error; otSockAddr sockaddr; - bool nat64SynthesizedAddress; + bool nat64Synth; - SuccessOrExit( - error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], sockaddr.mAddress, nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) + SuccessOrExit(error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], sockaddr.mAddress, nat64Synth)); + + if (nat64Synth) { OutputFormat("Connecting to synthesized IPv6 address: "); OutputIp6AddressLine(sockaddr.mAddress); @@ -267,11 +267,12 @@ template <> otError UdpExample::Process(Arg aArgs[]) if (!aArgs[2].IsEmpty()) { - bool nat64SynthesizedAddress; + bool nat64Synth; + + SuccessOrExit( + error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], messageInfo.mPeerAddr, nat64Synth)); - SuccessOrExit(error = Interpreter::ParseToIp6Address(GetInstancePtr(), aArgs[0], messageInfo.mPeerAddr, - nat64SynthesizedAddress)); - if (nat64SynthesizedAddress) + if (nat64Synth) { OutputFormat("Sending to synthesized IPv6 address: "); OutputIp6AddressLine(messageInfo.mPeerAddr); From f0b6fcea6ef77c9a54ab11767593f9a8798e3662 Mon Sep 17 00:00:00 2001 From: Abtin Keshavarzian Date: Thu, 22 Feb 2024 11:30:23 -0800 Subject: [PATCH 121/121] [cli-tcat] define `VendorInfo` as a member variable (#9869) Changes `mVendorInfo` to be a member variable of `Tcat` class instead of a static variable. --- src/cli/cli_tcat.cpp | 12 ++++++------ src/cli/cli_tcat.hpp | 4 ++++ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/cli/cli_tcat.cpp b/src/cli/cli_tcat.cpp index 491aaf6c03e..7845be89bdd 100644 --- a/src/cli/cli_tcat.cpp +++ b/src/cli/cli_tcat.cpp @@ -79,9 +79,8 @@ namespace ot { namespace Cli { -otTcatVendorInfo sVendorInfo; -const char kPskdVendor[] = "J01NM3"; -const char kUrl[] = "dummy_url"; +const char kPskdVendor[] = "J01NM3"; +const char kUrl[] = "dummy_url"; static void HandleBleSecureReceive(otInstance *aInstance, const otMessage *aMessage, @@ -116,8 +115,9 @@ template <> otError Tcat::Process(Arg aArgs[]) otError error = OT_ERROR_NONE; - sVendorInfo.mPskdString = kPskdVendor; - sVendorInfo.mProvisioningUrl = kUrl; + ClearAllBytes(mVendorInfo); + mVendorInfo.mPskdString = kPskdVendor; + mVendorInfo.mProvisioningUrl = kUrl; otBleSecureSetCertificate(GetInstancePtr(), reinterpret_cast(OT_CLI_TCAT_X509_CERT), sizeof(OT_CLI_TCAT_X509_CERT), reinterpret_cast(OT_CLI_TCAT_PRIV_KEY), @@ -130,7 +130,7 @@ template <> otError Tcat::Process(Arg aArgs[]) otBleSecureSetSslAuthMode(GetInstancePtr(), true); SuccessOrExit(error = otBleSecureStart(GetInstancePtr(), nullptr, HandleBleSecureReceive, true, nullptr)); - SuccessOrExit(error = otBleSecureTcatStart(GetInstancePtr(), &sVendorInfo, nullptr)); + SuccessOrExit(error = otBleSecureTcatStart(GetInstancePtr(), &mVendorInfo, nullptr)); exit: return error; diff --git a/src/cli/cli_tcat.hpp b/src/cli/cli_tcat.hpp index 3f1d0be6e6e..91b36cc4b6e 100644 --- a/src/cli/cli_tcat.hpp +++ b/src/cli/cli_tcat.hpp @@ -31,6 +31,8 @@ #include "openthread-core-config.h" +#include + #include "cli/cli_output.hpp" #if OPENTHREAD_CONFIG_BLE_TCAT_ENABLE && OPENTHREAD_CONFIG_CLI_BLE_SECURE_ENABLE @@ -78,6 +80,8 @@ class Tcat : private Output using Command = CommandEntry; template otError Process(Arg aArgs[]); + + otTcatVendorInfo mVendorInfo; }; } // namespace Cli